Linux 6.2's Call Depth Tracking Helps Recover Lost Performance On Intel Skylake CPUs

Written by Michael Larabel in Software on 28 December 2022 at 08:00 PM EST. Page 1 of 6. 21 Comments.

When the Retbleed security vulnerability was introduced earlier this year mitigating it for Intel Skylake and Skylake-derived CPU cores required imposing Indirect Branch Restricted Speculation (IBRS) that further tanked the out-of-the-box performance for these aging Intel CPUs. But being introduced now with Linux 6.2 is a new mitigation technique named Call Depth Tracking that is helping recover some of that lost performance and in turn extending the usefulness of the Skylake-derived processors still in service.

Call Depth Tracking was worked on the past several months by Intel and Linux kernel developers for avoiding the necessity of IBRS for Skylake/Skylake-based CPU designs in mitigating Retbleed. Kernel developers called IBRS a "performance horror show", VMware engineers complained over the lost performance, and was just another painful performance hit to the out-of-the-box speed for these prior generation Intel processors.

Call Depth Tracking was merged for the Linux 6.2 kernel cycle currently under development. Though with Linux 6.2 the IBRS mitigation is still the default for Skylake CPUs, but Call Depth Tracking when built into the kernel can be easily enabled with the "retbleed=stuff" boot option.

Retbleed Call Depth Tracking Skylake

For seeing how Call Depth Tracking (retbleed=stuff) affects the Skylake Linux performance, I ran some fresh mitigation benchmarks on the Linux 6.2 Git kernel. From the Linux 6.2 Git kernel on a Xeon E3-1280 v5 (Skylake) server, I tested the following kernel configurations:

Defaults - The E3-1280 v5 Skylake server running its stock out-of-the-box configuration with all default mitigations. Mitigating Retbleed by default is still activating IBRS.

retbleeed=stuff - Mitigating Retbleed using the new stuffing mechanism (Call Depth Tracking).

retbleed=off - Just disabling the Retbleed mitigations but leaving all other CPU security mitigations at their defaults.

mitigations=off - No CPU security mitigations at all activated at run-time for this Skylake server.

From there a variety of Linux benchmarks were carried out for seeing what this means about the Linux performance on Intel Skylake era hardware now that Call Depth Tracking is available for still mitigating against Retbleed but at lower cost.

Related Articles