Announcement

Collapse
No announcement yet.

The Performance Impact To POWER9's Eager L1d Cache Flushing Fix

Collapse
X
Collapse
 
  • Page of 2
  • Filter
  • Time
  • Show
Clear All
new posts
Previous 1 2 template Next
  • #1

    The Performance Impact To POWER9's Eager L1d Cache Flushing Fix

    Phoronix: The Performance Impact To POWER9's Eager L1d Cache Flushing Fix

    Last week a new vulnerability was made public for IBM POWER9 processors resulting in a mitigation of the processor's L1 data cache needing to be flushed between privilege boundaries. Due to the possibility of local users being able to obtain data from the L1 cache improperly when this CVE is paired with other side channels, the Linux kernel for POWER9 hardware is flushing the L1d on entering the kernel and on user accesses. Here are some preliminary benchmarks looking at how this security change impacts the overall system performance.

    The Performance Impact To POWER9's Eager L1d Cache Flushing Fix - Phoronix
    http://www.phoronix.com/vr.php?view=29731
    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite
    Tags: None
    • Likes 1
  • #2
    Not the best of news, but it could've been worse.
    • Likes 10

    Comment

    • #3
      At least they moved quickly and fixed this very soon.
      People bash intel for the security flaws but intel did move quite fast to fix them.
      For a server I don't value raw performance as much as I do value security, patches and being a responsible company.
      • Likes 3

      Comment

      • #4
        Originally posted by ezekrb5 View Post
        At least they moved quickly and fixed this very soon.
        People bash intel for the security flaws but intel did move quite fast to fix them.
        For a server I don't value raw performance as much as I do value security, patches and being a responsible company.
        True but in the other Hand x% performance hit means x% less powereficiency. If it is an hpc cluster this is raw money. Vor lets say the otherway around some people in the desktop market want to pay 40%+ to geht the last 5-10% possible.
        • Likes 3

        Comment

        • #5
          I was expecting the performance drop to be even worse. That is pretty bad, but not catastrophically bad.

          Plus many syscall-light workloads are not impacted, as expected.
          • Likes 4

          Comment

          • #6
            I remember that Michael once did a benchmark shootout between comparable Server-CPUs across all relevant ISA's - a follow-on could be interesting as performance enhancements and new security patches emerged and new CPU generations became available.
            • Likes 2

            Comment

            • #7
              It's not that bad for the fix. This is L1 data flushing, I would have imagined 30%+ problems.
              • Likes 2

              Comment

              • #8
                Originally posted by AndyChow View Post
                It's not that bad for the fix. This is L1 data flushing, I would have imagined 30%+ problems.
                I'll be honest, I was expecting to see anything in the range of 20-50% impact, depending on workload. To see, what, 0-5% impact is far less painful.
                • Likes 2

                Comment

                • #9
                  Based on this test set it appears that reads and seeks are most impacted which makes sense. Would be interesting to know if the POWER10 design caught this or if a new stepping will be needed.
                  • Likes 1

                  Comment

                  • #10
                    Originally posted by ezekrb5 View Post
                    At least they moved quickly and fixed this very soon.
                    People bash intel for the security flaws but intel did move quite fast to fix them.
                    [...]
                    You have probably not read about information embargo right? If not, google for it. It's common for security researchers to report vulnerability with proof of concept code and then wait months till manufacturer react, fix their issues and is ready to go to open public with report. So far the longest embargo I've seen was nearly 2 years IIRC! And that was Intel involved...
                    • Likes 2

                    Comment

                    Previous 1 2 template Next
                    Working...
                    X