No announcement yet.

The Downfall Mitigation Impact For Xeon E-2300 Series On Linux 6.5

  • Filter
  • Time
  • Show
Clear All
new posts

  • The Downfall Mitigation Impact For Xeon E-2300 Series On Linux 6.5

    Phoronix: The Downfall Mitigation Impact For Xeon E-2300 Series On Linux 6.5

    Last month the Downfall CPU security vulnerability was disclosed that impacts various AVX/AVX-512 workloads. Now that there's been a few weeks for the Linux kernel code to settle around the mitigation and the latest Intel CPU microcode becoming more broadly available, here is a fresh look at the performance impact of the Downfall mitigation on affected AVX workloads.

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    These intel cpu vulns are painful. Thanks for running these. As these Xeon's are often in an edge server role, it would be helpful to see web server, sql, ssl, etc. type of benchmarks. I have some E-2200 and E-2300 Xeons, but not doing any kind of ray tracing or image manipulation on them, they are small hypervisors (128 GB memory) running a dozen or so database and web app VM's.


    • #3
      "No microcode" ... there's no such thing. The platform loads a microcode version before the BIOS runs, and the BIOS loads another version before the OS is bootstrapped. Even if you flash back to the oldest supported BIOS, you still have the platform microcode. The CPU can't run without it.


      • #4
        I think the the reason there are so few comments on this article, especially from people that love to rag on Intel and/or show love to AMD is because people in general are starting to understand what a nothing burger these supposed vulnerabilities actually are, and it doesn't whether it's an Intel, AMD, ARM, SPARC, RISC-V or whatever CPU, even if you don't use software limitations, the actual potential danger is incredibly minuscule.

        I can sit someone in front of a computer running any OS they want, with full root/admin access and so long as the network is properly constructed and configured, the best that person will be able to do is delete local files, including rendering that OS inoperable.