VMware: ESXi VM Performance Tanks Up To 70% Due To Intel Retbleed Mitigation

Written by Michael Larabel in Linux Kernel on 9 September 2022 at 11:18 AM EDT. 18 Comments
LINUX KERNEL
VMware's performance engineering team today announced a performance regression in Linux 5.19 affecting compute performance up to -70%, networking up to -30%, and storage up to -13%. But the unfortunate thing is the heavy hitting regressions are known and a side effect of the Intel Retbleed mitigation for older processors.

VMware engineers were concerned by the performance regression when running Linux virtual machines with VMware ESXi and bisected it down to the Intel Retbleed vulnerability handling. They confirmed the performance regression dropped by disabling the mitigation using the spectre_v2=off option.


Ouch...


The hardware they were testing was an Intel Xeon "Skylake" server with 112 threads and 2TB of RAM. Retbleed on the Intel side is known to affect Intel Core 6th through 8th Gen client CPUs and associated Xeon processors. For the very popular Skylake Xeons and there still being many out there in use, Retbleed further impacts the performance especially for VMs with additional performance cost beyond Spectre, Meltdown, and the other CPU speculative execution vulnerabilities of recent years. Due to Retbleed, Intel Indirect Branch Restricted Speculation (IBRS) is flipped on by default for affected CPUs.

Most severe in VMware's tests was thread creation times dropping from 16 to 27 ms while also kernel build times taking seconds longer, longer start-up and shutdown times for VMs, VM networking performance dropping from ~11.932 Gbps to ~8.56 Gbps, and storage also being hit noticeably too.

See this kernel mailing list post for the notes from VMware.

So far the only response was from an Intel engineer commenting on it and the spectre_v2=off comparison as, "Well, duh.. :-)" (Peter previously referred to the Retbleed/IBRS situation as a "performance horror show" and has been working on call depth tracking as a possible alternative mitigation technique.)

I haven't ran any Retbleed VM-impact comparison benchmarks yet but those wondering about bare metal performance impact on affected Intel and AMD CPUs can see my other Retbleed articles for those benchmarks.
18 Comments
Related News
Linux 6.11 Is Looking Good In Early Benchmarks On AMD Ryzen Threadripper
Rust Is Ready With Robust Toolchain Handling For Linux 6.11
Linux 6.11 Lands Support For getrandom() In The vDSO
Linux 6.11 "MM" Patches Include Many Improvements, A 10x Speedup For One Optimization
XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer
AVX-512/AVX10 & VAES Optimized AES-GCM Implementation Lands In Linux 6.11
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
EXT4 Has A Very Nice Performance Optimization For Linux 6.11
Microsoft's WSL 2.3.11 Brings "Hundreds Of New Kernel Modules" & New Features
systemd Talks Up Automatic Boot Assessment In Light Of The Crowdstrike-Microsoft Outage
XZ Patches For The Linux Kernel Updated, Drops "Jia Tan" As A Maintainer
New Linux Patches Enable The Snapdragon X1 Elite Powered Lenovo ThinkPad T14s Gen 6
KDE Developers Tackle The Five Most Common Plasma Crashes
USB & Thunderbolt Improvements Land In Linux 6.11
NVIDIA 560 Linux Driver Beta Released - Defaults To Open GPU Kernel Modules