Show Your Support: Did you know that you can get Phoronix Premium for under $4 per month? Try it today to view our site ad-free, multi-page articles on a single page, and more while the proceeds allow us to write more Linux hardware reviews. At the very least, please disable your ad-blocker.
A Global Switch To Kill Linux's CPU Spectre/Meltdown Workarounds?
With many of the mitigation patches for these speculative execution vulnerabilities hitting many processors these days, there's often a measurable "performance tax" associated with them. Fortunately, for most of the mitigations they can be disabled at run-time via various options.
But unfortunately there isn't one global option for easily disabling all of these mitigations... This was recently asked on the LKML but unfortunately no commentary from the upstream kernel developers if they would accept and mainline such an option, "Disabling is a good option for strictly confined environments where no 3d party untrusted code is ever to be run, e.g. a rendering farm, a supercomputer, or even a home server which runs Samba/SSH server and nothing else." That individual was also hoping for a Kconfig switch to be able to build kernels easily that permanently disable (or don't include) the mitigated work.
For now the closest way to making an unmitigated kernel for not losing out on CPU performance would be booting the kernel with pti=off spectre_v2=off l1tf=off nospec_store_bypass_disable no_stf_barrier. Of course, that's not recommended unless you really trust the code running on your system and the overall system security. Some fresh kernel mitigation benchmarks will be coming up soon on Phoronix.