Announcement

Collapse
No announcement yet.

AMD Zen 5 Not Affected By Inception/SRSO, mitigations=off Yields No Benefit On Ryzen 9000 Series

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • AMD Zen 5 Not Affected By Inception/SRSO, mitigations=off Yields No Benefit On Ryzen 9000 Series

    Phoronix: AMD Zen 5 Not Affected By Inception/SRSO, mitigations=off Yields No Benefit On Ryzen 9000 Series

    One of the security changes with AMD Zen 5 processors that I haven't seen AMD publicly mention at least not prominently is that the new cores are not vulnerable to Speculative Return Stack Overflow (SRSO). Unlike Zen 4 and prior, under Linux I noticed that Zen 5 is no longer affected by the SRSO "INCEPTION" vulnerability. But of course there does remain other CPU security mitigations in place carried over from Zen 4. For those wondering about the mitigation costs or if it's worthwhile running Zen 5 with the "mitigations=off" insane mode, here are some benchmarks.

    Phoronix, Linux Hardware Reviews, Linux hardware benchmarks, Linux server benchmarks, Linux benchmarking, Desktop Linux, Linux performance, Open Source graphics, Linux How To, Ubuntu benchmarks, Ubuntu hardware, Phoronix Test Suite

  • #2
    Michael, have you considered building a custom kernel with CONFIG_CPU_MITIGATIONS=n and doing a three-way comparison, just for kicks?

    Comment


    • #3
      No matter how much you disable mitigations in the kernel, if you are using the latest microcode/AGESA many of them cannot be avoided.

      Comment


      • #4
        Plus the latest microcode and kernel are optimized for the mitigations, so in many cases disabling them will lead to lower performance

        Comment


        • #5
          This reminds me of (outdated) initial benchmarks with mitigations=off in Zen4

          Disabling Spectre V2 Mitigations Is What Can Impair AMD Ryzen 7000 Series Performance

          www.phoronix.com/review/amd-zen4-spectrev2
          The mitigations are definitely hardcoded in the microcode with Zen5
          Last edited by Kjell; 06 September 2024, 02:11 PM.

          Comment


          • #6
            Originally posted by aerospace View Post
            Plus the latest microcode and kernel are optimized for the mitigations, so in many cases disabling them will lead to lower performance
            Not really? Zen 4 had better perf with mitigations left active initially, not so now with the introduction of new vulnerabilities over the past year.

            Comment


            • #7
              So while there isn't much in the way of software mitigations needed for AMD Zen 5, with Phoronix readers ultimately always asking "what about running mitigations=off performance?!?!", (...)
              Does Michael know us or what 😆

              Comment


              • #8
                Originally posted by eomanis View Post

                Does Michael know us or what 😆
                Yup. There is a small crowd on Moronix that cannot read and does not pay attention to anything ... unless it is their phone or a viddie game.

                Comment


                • #9
                  Originally posted by NotMine999 View Post

                  Yup. There is a small crowd on Moronix that cannot read and does not pay attention to anything ... unless it is their phone or a viddie game.
                  i run mitigations=off, but that's because I have a twelve year old cpu, where there's certainly more to mitigate. and for the first few years of mitigations they were provably terrible. i'm sure there's still some google engineer reducing their overhead as we speak.

                  I certainly don't plan on running mitigations off when I get a new chip. honestly though I'm not really sure what the exploit vector I'm supposed to be worried about. something about javascript reading my bank account or something like that?

                  Comment

                  Working...
                  X