Disabling Spectre V2 Mitigations Is What Can Impair AMD Ryzen 7000 Series Performance

Written by Michael Larabel in Software on 4 October 2022 at 06:42 AM EDT. Page 1 of 4. 43 Comments.

Last week I shared some initial numbers how surprisingly when disabling Zen 4 CPU security mitigations can actually *hurt* the Ryzen 7000 series CPU performance. While conventional wisdom and with past Intel/AMD processors yield better performance when disabling the CPU security mitigations, with the Ryzen 9 7950X it was found to be basically the opposite. I have since conducted more tests and using an AMD Ryzen 5 7600X to confirm the earlier results and dig deeper into the data.

The data shared last week showed that for most tests, it was actually faster keeping the AMD Ryzen 9 7950X in its default and secure mitigated state with still having some software controls pertaining to Spectre V1/V2/V4. That's the out-of-the-box Linux state for the Ryzen 7000 "Zen 4" processors where booting the kernel with "mitigations=off" was actually leading to worse performance - the opposite compared to what we've seen out of earlier x86_64 processors.

Using an AMD Ryzen 5 7600X along with some other slight hardware/software differences and mostly the same benchmarks, I repeated the testing just to confirm last week's finding. And sure, enough, the Ryzen 5 7600X was clearly performing better with the default mitigations than in the mitigations=off state. Here is the side-by-side on the Ryzen 5 7600X with the defaults versus mitigations=off on Linux 6.0:

AMD Ryzen 5 7600X CPU Security Mitigations

For the vast majority of the benchmarks, keeping to the default state was faster than mitigations=off. Disabling the mitigations did help in a small subset of tests, mostly the various synthetic kernel benchmarks. OpenJDK Java workloads, database workloads, web browser tests, and many other workloads normally negatively impacted by the Spectre mitigations were actually running better on this Ryzen 5 7600X system than when disabling the mitigations.

AMD Ryzen 5 7600X CPU Security Mitigations

As a reminder, Zen 4 is not affected by most of the known CPU security vulnerabilities. What is still relevant from a software perspective based on the CPU MSRs and applied with Linux 6.0 is Speculative Store Bypass disabled via prctl for the SSBD / Spectre V4 mitigation and Spectre V1 mitigations of usercopy/SWAPGS barriers and __user pointer sanitization. Then for Spectre V2 there are Retpolines, conditional Indirect Branch Predictor Barriers (IBPB), IBRS firmware, always-on Single Threaded Indirect Branch Predictors (STIBP), and Return Stack Buffer (RSB) filling.

So to dig deeper and being curious, I was trying out some of the more targeting kernel options for these mitigations to see what in particular is causing Zen 4 to run slower when disabled.

Related Articles