Reworked STIBP Code Lands In Linux 4.20 To Fix The Performance
The big Linux 4.20 performance slowdown is now corrected by tonight's Linux 4.20 Git code while still providing reasonable security for cross-hyperthread Spectre V2 mitigation.
Spectre/Meltdown kernel patch wrangler Thomas Gleixner sent in his patch series this afternoon with a subject line of "Cure the STIBP fallout" and started the message with, "The performance destruction department finally got it's act together and came up with a cure for the STIPB regression." That cure is the reworked code around "Single Thread Indirect Branch Predictors."
Rather than enabling STIBP for all processes, which had been done at the start of the Linux 4.20 kernel merge window and was a wreck for performance across many workloads as Phoronix was first to shine the light on this problem, by default it now just applies STIBP to processes opting into that functionality via the prctl interface and additionally for sandboxed processes by means of SECCOMP.
I've tested these patches and they indeed return Linux 4.20 to performing appropriately. More details on the background to these patches, the new tunables, and the performance change, see my recent article: Benchmarking The Work-In-Progress Spectre/STIBP Code On The Way For Linux 4.20.
Linus Torvalds quickly honored the pull request and the code is now in Git. The code is in place in time for tomorrow's Linux 4.20-rc5 kernel to offer much better performance.
STIBP had been back-ported to the Linux stable branches only to be reverted due to the performance fallout. We'll see how quickly now these revised STIBP implementation gets brought back to the stable series for cross-hyperthread Spectre V2 protection for processes needing it.
Spectre/Meltdown kernel patch wrangler Thomas Gleixner sent in his patch series this afternoon with a subject line of "Cure the STIBP fallout" and started the message with, "The performance destruction department finally got it's act together and came up with a cure for the STIPB regression." That cure is the reworked code around "Single Thread Indirect Branch Predictors."
Rather than enabling STIBP for all processes, which had been done at the start of the Linux 4.20 kernel merge window and was a wreck for performance across many workloads as Phoronix was first to shine the light on this problem, by default it now just applies STIBP to processes opting into that functionality via the prctl interface and additionally for sandboxed processes by means of SECCOMP.
I've tested these patches and they indeed return Linux 4.20 to performing appropriately. More details on the background to these patches, the new tunables, and the performance change, see my recent article: Benchmarking The Work-In-Progress Spectre/STIBP Code On The Way For Linux 4.20.
Linus Torvalds quickly honored the pull request and the code is now in Git. The code is in place in time for tomorrow's Linux 4.20-rc5 kernel to offer much better performance.
STIBP had been back-ported to the Linux stable branches only to be reverted due to the performance fallout. We'll see how quickly now these revised STIBP implementation gets brought back to the stable series for cross-hyperthread Spectre V2 protection for processes needing it.
3 Comments