The Performance Impact Of MDS / Zombieload Plus The Overall Cost Now Of Spectre/Meltdown/L1TF/MDS
The past few days I've begun exploring the performance implications of the new Microarchitectural Data Sampling "MDS" vulnerabilities now known more commonly as Zombieload. As I shared in some initial results, there is a real performance hit to these mitigations. In this article are more MDS/Zombieload mitigation benchmarks on multiple systems as well as comparing the overall performance impact of the Meltdown/Spectre/Foreshadow/Zombieload mitigations on various Intel CPUs and also AMD CPUs where relevant.
While disabling Hyper Threading now is recommended by multiple parties if running untrusted code on the system, even if keeping HT/SMT active, the MDS mitigations do provide a very noticeable performance hit in many real and synthetic workloads with the updated Linux kernel patches paired with the newest Intel CPU microcode. Like the other mitigations to this point, the workloads affected most are those with lots of context switches / high interactivity between kernel and user-space.
Before getting to the benchmarks looking at the overall impact of the mitigations to date, first is looking at the MDS on/off costs on various systems while keeping Hyper Threading active. These tests were done on Ubuntu 19.04 using its newest stable release updates bringing a patched Linux 5.0 kernel and the new Intel CPU microcode images.
I tested the MDS on/off tests with a few distinctly different systems for seeing the mitigation cost for Zombieload. Following this batch of tests is a larger set of tests looking at no mitigations for the CPU vulnerabilities, the default mitigations, and then the default mitigations with Hyper Threading disabled. All of these benchmarks were carried out using the Phoronix Test Suite.