Announcement

Collapse
No announcement yet.

Toggling Spectre Mitigations On Xeon Scalable Ice Lake Show Little Runtime Difference

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Toggling Spectre Mitigations On Xeon Scalable Ice Lake Show Little Runtime Difference

    Phoronix: Toggling Spectre Mitigations On Xeon Scalable Ice Lake Show Little Runtime Difference

    As usual when getting my hands on a new processor family, I was curious about the performance difference if booting the Xeon Platinum 8380 "Ice Lake" processors with the Spectre security mitigations disabled at run-time. Ultimately there was very little difference when using the standard "mitigations=off" option for these new Intel server processors...

    https://www.phoronix.com/scan.php?pa...igation-Toggle

  • #2
    Boring!

    But that's a good thing in this case.

    Comment


    • #3
      Yet it is only a matter of time before someone will find a bunch of new issues and the mitigations will start to pile on, affecting performance.

      Comment


      • #4
        Originally posted by brad0 View Post
        Yet it is only a matter of time before someone will find a bunch of new issues and the mitigations will start to pile on, affecting performance.
        The reality of security is that the attacks only get better and time is not your friend. There will always be new issues.

        That said, now that the major vendors are aware of the attacks they are going to have their best engineers working to look for related vulnerabilities and will work to eliminate issues when possible, and minimize the impact of required mitigation when necessary.

        Given the lead times for significant design changes is measured in years means that some improvements take time to be seen, but these benchmark results suggest that Ice Lake does address some impacts.

        Comment


        • #5
          Michael : did you actually check that the microcode was vulnerable? If the processor was already 'crippled' with a microcode update that achieve the same as the mitigations=on option, then I can't imagine that you would get much out of mitigations=off at all.

          http://www.dirtcellar.net

          Comment


          • #6
            Originally posted by waxhead View Post
            Michael : did you actually check that the microcode was vulnerable? If the processor was already 'crippled' with a microcode update that achieve the same as the mitigations=on option, then I can't imagine that you would get much out of mitigations=off at all.
            True. I think a comparison with a "firmware downgraded" CPU would be necessary to get realistic results to show performance differences.
            Would purging the firmware-package (Debian: intel-microcode) do this - or is a physically older CPU, that never saw any updates, necessary?

            Comment

            Working...
            X