Intel's Mitigation For CVE-2019-14615 Graphics Vulnerability Obliterates Gen7 iGPU Performance
Written by Michael Larabel in Display Drivers on 15 January 2020. Page 4 of 4. 63 Comments

GLMark2 also saw large hits to the performance. Basically, all OpenGL test cases ran saw measurable differences on Gen7/Gen7.5 graphics. (Of course, OpenGL is the focus for this Linux testing with Vulkan not being of relevance here due to the vintage of the hardware.)

The Java j2dbench results for stressing the Java graphics pipeline shows that even for workloads much simpler than games there still is a significant hit from this mitigation that causes an EU kernel to clear EU/URB resources prior to every context restore.

Basic OpenGL test cases with GPUtest also illustrate quite a hit.

When taking the geometric mean of all graphics tests ran, the Core i7 3770K was 18% lower from this lone mitigation while the Core i7 4790K fell by 42%! The mitigated i7-4790K HD Graphics 4600 performance basically put the performance in line with the pre-mitigated i7-3770K graphics performance. Haswell (or at least the Core i7 4790K) appears to get hit particularly hard, more so than the Core i7 3770K. But even the Core i7 3770K performance penalty introduced by yesterday's mitigation patches is very significant. But to reiterate, those not using Gen7 graphics but newer Gen9 (or Gen8) graphics should see minimal difference from the already mainlined mitigation on that front. It's for Ivybridge/Haswell era systems along with the likes of Valley View that are much more impacted by this vulnerability's mitigation.

Many readers have already asked, but no, the current Intel graphics driver patches do not respond to the generic "mitigations=off" kernel parameter that is used for disabling other mitigations. Hopefully before the Gen7 mitigation is mainlined there will be a kernel module parameter to disable this mitigated behavior or some other means of turning it off short of reverting a Git commit and recompiling the Linux kernel. Or ideally Intel is able to devise a new means of mitigation for CVE-2019-14615 on Gen7 that incurs less of a performance hit, but so far there has been no indication of an alternative mitigation. It looks like Intel was made aware of this vulnerability back in August and so they've already had months to work on a solution and given the age of Gen7 graphics hardware today, we'll be surprised if there is much more in the way of improving the Gen7 mitigated behavior.

If you enjoyed this article consider joining Phoronix Premium to view this site ad-free, multi-page articles on a single page, and other benefits. PayPal tips are also graciously accepted. Thanks for your support.


Related Articles
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.


Trending Linux News