Announcement

Collapse
No announcement yet.

The Brutal Performance Impact From Mitigating The LVI Vulnerability

Collapse
X
Collapse
 
  • Page of 8
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 3 4 8 template Next
  • #1

    The Brutal Performance Impact From Mitigating The LVI Vulnerability

    Phoronix: The Brutal Performance Impact From Mitigating The LVI Vulnerability

    On Tuesday the Load Value Injection (LVI) attack was disclosed by Intel and security researchers as a new class of transient-execution attacks and could lead to injecting data into a victim program and in turn stealing data, including from within SGX enclaves. While Intel has publicly stated they don't believe the LVI attack to be practical, one of their open-source compiler wizards did go ahead and add mitigation options to the GNU Assembler as part of the GCC toolchain. Here are benchmarks showing the performance impact of enabling those new LVI mitigation options and the significant impact they can cause on run-time performance in real-world workloads.

    The Brutal Performance Impact From Mitigating The LVI Vulnerability - Phoronix
    http://www.phoronix.com/vr.php?view=28950
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
    • Likes 1
  • #2
    • Likes 20

    Comment

    • #3
      With these performance numbers, everyone who is dependant on the security and does use workloads like shown here, they shouldn't re-compiler their software with these mitigations but kick these Intel systems out the door and get something from the competition instead.
      • Likes 35

      Comment

      • #4
        Can someone explain the difference between the mitigations? i.e. would indirect branch & before RET alone help or is the after load necessary?
        • Likes 2

        Comment

        • #5
          Originally posted by gabber View Post
          Can someone explain the difference between the mitigations? i.e. would indirect branch & before RET alone help or is the after load necessary?
          All of them are needed for complete protection, basically adding fences to different areas of the code where the LVI attack could theoretically happen.
          Michael Larabel
          https://www.michaellarabel.com/
          • Likes 4

          Comment

          • #6
            Ooh, now my raspberry pi can compete with my laptop
            • Likes 43

            Comment

            • #7
              Mitigations seems like i80486SX performance emulator for Core i9
              • Likes 11

              Comment

              • #8
                And this is it, guys. We are traveling 20 years in the past to the Pentium era.
                • Likes 21

                Comment

                • #9
                  Originally posted by tildearrow View Post
                  And this is it, guys. We are traveling 20 years in the past to the Pentium era.
                  I don't normally make these kinds of suggestions, but the results of random quad core x86_64 Intel processors from the past 20 years would be interesting.

                  Would be funny if core2quads started getting wins again.
                  • Likes 12

                  Comment

                  • #10
                    Basically, this puts to shame all the other vulnerabilities combined.
                    • Likes 14

                    Comment

                    Previous 1 2 3 4 8 template Next
                    Working...
                    X