Benchmarking Clear Linux With KPTI + Retpoline Support

Written by Michael Larabel in Operating Systems on 9 January 2018 at 08:39 AM EST. Page 1 of 5. 22 Comments.

Yesterday Intel landed KPTI page table isolation and Retpoline support in their Clear Linux distribution. Given that one of the pillars of this Intel Open-Source Technology Center platform is on delivering optimal Linux performance, I was curious to see how its performance was impacted. Here are before/after benchmarks on seven different systems ranging from low-end Pentium hardware to Xeon servers.

Since yesterday's debut of the rolling-release Clear Linux 20240, this Linux distribution using Linux 4.14.12 is patched with Kernel Page Table Isolation (KPTI) to safeguard against the Meltdown vulnerability. Additionally, this build adds in the (currently out-of-tree patches) for Retpoline support for fighting Spectre. There is not only the kernel Retpoline patches now in Clear Linux but its GCC 7.2 compiler was also patched with its respective Retpoline patches for offering full protection.

These tests today are comparing Clear Linux 20190 from Sunday's state to Clear Linux 20240 on Monday. Thus this is a comparison without any Spectre/Meltdown supprot now going to the "full protection" as is currently available right now for both these CPU vulnerabilities. But keep in mind now that the basic support is in place, developers do plan on optimizing the code to try to offset at least some of the performance losses. With the Clear focus on performance, we look forward to benchmarking it over the weeks ahead to see how the performance evolves.

Clear Linux KPTI + Retpoline Patches

Seven systems in our lab that benchmark Clear Linux on a daily basis at were used for testing. These distinctly different systems were built around a Pentium G4400, Core i5 6500, Core i7 4770K, Core i7 7700K, Xeon E3-1235L v5, Xeon E3-1245 v5, and Xeon Silver 4108. Keep in mind there is varying amounts of RAM and different storage devices, etc, benchmarking each system. This testing isn't meant for comparing the performance of these different systems but just the before/after impact of the Meltdown+Spectre patches for Linux as available right now.

All of these benchmarks were done in a fully-automated and standardized manner using the Phoronix Test Suite benchmarking software.

Related Articles