Announcement

Collapse
No announcement yet.

The Spectre Mitigation Performance Impact On AMD Ryzen 5000 "Zen 3" Processors

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • kobblestown
    replied
    Originally posted by Alex/AT View Post

    Actually it is better to be off without need for these obscure and intrusive bloated MM and core context switches changes.
    You don't install a pacemaker when your heart is in good health, and that's it.
    Yeah, but it's also better to be safe than sorry :P

    The unified address space was considered safe--the healthy heart in your analogy--until it no longer was. It turns out the heart was sick for at least a decade.

    If the performance impact is small, I'd rather keep KPTI as e precaution even on Ryzen. INVPCID would help in this respect so it's interesting to see by how much. Furthermore, it should also help with virtual machines if the hypervisor can make use of it. I don't understand why you don't want to have the data that would help us make informed decisions. But I surely do.

    Leave a comment:


  • Alex/AT
    replied

    Originally posted by kobblestown View Post
    I'd be curious to see what is the impact of Kernel Page Tables Isolation on Zen processors
    Actually it is better to be off without need for these obscure and intrusive bloated MM and core context switches changes.
    You don't install a pacemaker when your heart is in good health, and that's it.

    Leave a comment:


  • andre30correia
    replied
    does not make much a difference, in desktop is almost useless

    Leave a comment:


  • duby229
    replied
    Originally posted by vsteel View Post

    Designs take years to get out from the first concept to in the consumer hands. What you are seeing now is what the designers knew 5 or so years ago.
    More like 2-3years, but yeah you're totally right it takes time.

    Leave a comment:


  • vsteel
    replied
    Originally posted by Danny3 View Post
    Disappointing that these new processors still need software mitigations!
    Designs take years to get out from the first concept to in the consumer hands. What you are seeing now is what the designers knew 5 or so years ago.

    Leave a comment:


  • torsionbar28
    replied
    Originally posted by Danny3 View Post
    Disappointing that these new processors still need software mitigations!
    The situation is markedly better on the AMD side, as it has been since these hardware vulnerabilities were first discovered. The two machines I have handy at the moment are a Zen2 Ryzen 5 3600 and a Coffee Lake Xeon E-2278G. The vulnerabilities listed in 'lscpu' output are below, for comparison:

    Ryzen 5 3600:
    Vulnerability Itlb multihit: Not affected
    Vulnerability L1tf: Not affected
    Vulnerability Mds: Not affected
    Vulnerability Meltdown: Not affected

    Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
    Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization
    Vulnerability Spectre v2: Mitigation; Full AMD retpoline, IBPB conditional, STIBP conditional, RSB filling
    Vulnerability Srbds: Not affected
    Vulnerability Tsx async abort: Not affected


    Xeon E-2278G:
    Vulnerability Itlb multihit: KVM: Mitigation: VMX disabled
    Vulnerability L1tf: Not affected
    Vulnerability Mds: Not affected
    Vulnerability Meltdown: Not affected

    Vulnerability Spec store bypass: Mitigation; Speculative Store Bypass disabled via prctl and seccomp
    Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization
    Vulnerability Spectre v2: Mitigation; Enhanced IBRS, IBPB conditional, RSB filling
    Vulnerability Srbds: Mitigation; TSX disabled
    Vulnerability Tsx async abort: Mitigation; TSX disabled


    Leave a comment:


  • Danny3
    replied
    Disappointing that these new processors still need software mitigations!

    Leave a comment:


  • kobblestown
    replied
    I'd be curious to see what is the impact of Kernel Page Tables Isolation on Zen processors. Zen3 is the first that supports INVPCID which should bring the impact down. Sure, Zen doesn't suffer from Meltdown an therefore doesn't require KPTI but (1) KPTI might be a good safeguard against future vulnerabilities of the kind and (2) INVPCID can be used by hypervisors to improve performance so it might be good proxy for how much that would improve.

    Leave a comment:


  • The Spectre Mitigation Performance Impact On AMD Ryzen 5000 "Zen 3" Processors

    Phoronix: The Spectre Mitigation Performance Impact On AMD Ryzen 5000 "Zen 3" Processors

    For those wondering what the current cost is to the default Spectre mitigation protections on the new AMD Ryzen 5000 series "Zen 3" processors, here are a set of performance tests looking at that overhead with the still relevant mitigations applied by default and then if forcing them off. The Zen 3 mitigation overhead was compared then to similar AMD Zen 2 and Zen+ processors.

    http://www.phoronix.com/vr.php?view=29755
Working...
X