Impact tests on spectral attenuation performance on AMD Ryzen 3700X / 3900X compared to Intel



[ad_1]

The AMD Zen 2 processors offer hardware solutions for Specter V2 and Specter V4 SSBD, while staying safe from Meltdown and Zombieload attacks. Here are some pointers to the possibility of switching speculative processor run-time mitigation measures on various Intel and AMD processors.

For this series of tests, attenuation comparison tests are performed on Core i7 8700K, Core i9 9900K, Core i9 7960X, Ryzen 7 2700X, Ryzen 9 2950X, Ryzen 9 2990WX, Ryzen 7 3700X and Ryzen 9 3900X. On each processor, the tests were performed when starting the Linux kernel 5.2 with default / off-the-shelf mitigation for Spectrum / Meltdown / Foreshadow / Zombieload (all CPU speculative mitigation measures). to date), then again when using the kernel parameter "mitigations = off" to disable these executable mitigation measures at runtime. Basically, the tests are the equivalent of a comparison of attenuation = attenuation = attenuation = auto (default).

All systems were tested with a Crucial MX500 SATA 3.0 SSD with Ubuntu 18.04 on Linux 5.2 Git at the time, and all systems had memory at their optimum nominal frequencies and satisfied the maximum number of memory channels supported. These tests are not used to compare raw performance between systems, but to analyze the relative mitigation costs in different workloads affected by these different mitigations. Check out our benchmarks last week (and still others) if you're interested in the raw performance of Linux Intel / AMD processors.

The results of Zen 2 are a little surprising. With Zen 2 and its speculative spectral and speculative speculative bypass mitigation solutions, it is reasonable to assume that the relative impact on performance is lower than that of the original Zen / Zen + processors, but at least in our tests in Linux, it was not quite the case. It is possible that the current software solutions are over-applied to Zen 2 processors, but that's the current experience. I contacted AMD last week with my first results, but have not yet heard what they recommend for software remediation if the existing defaults are what they expect or expect. if kernel updates will be needed to check some MSR or processor models to mitigate some kernel attenuations when running on these new AMD zen 2 processors.

The default Intel mitigation measures are as follows: "l1tf: PTE mitigation invert + mds: empty buffer mitigation; vulnerable SMT + merge: PTI mitigation + spec_store_bypass: SSB mitigation disabled via prctl and seccomp + day_v1: pointer suppression __user + spectrum_v2: attenuation of the complete generic retina IBPB: conditional IBRS_FW STIBP: conditional RSB fill. "In the case of AMD Zen / Zen + processors, the default software solutions are "l1tf: not concerned + mds: not concerned + merge: not concerned + spec_store_bypass: attenuation of SSB disabled via prctl and seccomp + content_v1: attenuation of __user pointer sanit + spectrum_v2: attenuation of complete AMD retina IBPB: conditional STIBP: RSB padding disabled. "And then, in the case of Zen 2 with Linux 5.2," l1tf: unassigned + mds: not concerned + collapse: not concerned + spec_store_by pass: attenuation of SSB disabled via prctl and seccomp + spectrum_v1: attenuation of __user pointer sanitization + filter_v2: attenuation IBPB retinal AMD total: STIBP conditional: RSB filling always active. "

Between Zen + and Zen 2 on Linux at present, all software solutions indicate that it is still active and beyond that, RSB charging goes from disabled to always active with Zen 2. This filling RSB is even stricter with "still active" than Intel processors currently relying on a "conditional" fill. Return Stack Buffer (RSB) is one of the Retpoline mitigation measures to ensure that the user space's malicious code is not used speculatively when there is insufficient RSB fill.

Here's how to compare mitigation solutions from the Intel / AMD processor using the Linux 5.2 kernel on these different processors. Tests via the Phoronix test suite.

[ad_2]

Source link