Intel absolutely destroyed by new Spectre patch

The new Spectre patches in Linux 4.20 absolutely destroys Intel. As usual AMD is mostly unaffected because they didn't trick consumers by sacrificing security for speed for over 20 years. Interestingly this is while Stress-NG socket activity for Intel increased by 40% and context switching increased by 7% compared to 4.19. AMD got a 6% increase in socket activity and a 55% increase in context switching compared to 4.19.
Will the onslaught of new Spectre vulnerability discoveries every month finally be the death blow to Intel we've been hoping for? I'm sure even the enterprise is starting to wake up to this and will be buying loads of Zen 2 servers.


phoronix.com/scan.php?page=news_item&px=Linux-4.20-Initial-Slowdowns
phoronix.com/scan.php?page=article&item=linux-420-bisect

Attached: Screenshot_2018-11-17_01-15-05.png (611x494 40.56 KB, 39.68K)

Other urls found in this thread:

phoronix.com/scan.php?page=article&item=power9-spectre-benchmarks&num=1
phoronix.com/scan.php?page=news_item&px=Linux-Stable-Dropping-STIBP
lkml.iu.edu/hypermail/linux/kernel/1811.2/01328.html
twitter.com/SFWRedditGifs

The Stress-NG benchmarks.

Attached: Screenshot_2018-11-17_01-19-40.png (607x489 48.01 KB, 43.18K)

Pathetic... what else can I say?

More like
Wanglows, BSD, and OSX all have Spectre patches but they didn't suffer nearly the performance impact, this is more a Linux issue than anything else. Monolithic kernels tend to require a lot of memory access from usermode to kernel mode.

Attached: computerheppy.jpg (418x299, 16.84K)

anyone know what kernel configs these are so you can turn this shit off?

Very interesting. Quality post.

I know that you know that BSD is just shorthand for modern BSDs

Wew.
Do you think Judensoft and Goyple fully patched the flaws or do you think they applied simple bandaids?
Do you think FagBSD has enough technical contributors to fully patch the flaws since taking the CoC?


I've heard from numerous Jewtel fanboys that they bought Jewtel chips because supposedly Jewtel was hiring the top dawgs to hand design every aspect of their processors where as AMD used cookie cutter software wizards to populate their chips.

I wasn't referring to that. I'm not that autistic. It's just interesting how BSD is also one of the better offs because of the kernel.

BSDs don't share their entire kernel. Each implementation is still pretty different. BSDs are whole OSs.
Unlike Linuxdistros which are all the same kernel slapped together with different default software and repos.

IIRC they were already half-protected from Meltdown/Spectre because they had Page Table Isolation enabled by default and their system was already designed around its potential performance impact. Windows was a similar story

The performance impact comes purely from usermode programs that need to access kernel mode memory. If a usermode program only wants to access usermode memory, then there is no issues, if kernel mode programs need to access kernel memory, then there are also no issues generally speaking. This is largely a design problem as far as performance impact is concerned.

Terry was right again.

Aren't Intel's 2019 CPUs said to ship with hyper-advanced Spectre+Meltdown software mitigations instead of fixed hardware?
Did they take notes from Lockheeb's F-35 project management when designing consumer ASICs?

Attached: animu_jews.png (768x768, 567.32K)

the patches are the mitigation, unless they do some management engine fuckery (which would annoy people even more)

Year of the rsic-v cpu!!!!!!

more like never. Haven't even seen a proper RISC-V pc yet. More like tons of shitty binary blob SoCs

BSD is monolithic, retard.

BSD doesn't have this issue because they're 1-10 years behind on patches. It's probably still vulnerable.

Good job revealing you don't know what a BSD is

Good job revealing you don't know what a BSD is

Good job revealing you don't know what a BSD is

More lije YEAR OF THE POWER9 TALOS SYSTEM when?

Also, ttanks to Lord Theo's prescient foresight, OpenBSD is arguably the most secure in the face of Intelaviv vulnerabilities.

Most Zig Forums people already said that OpenBSD is more secure than other popular OSs.

I'm not a Intel shill but obviously the performance impact will be improved before release

No, there are endless gov't contracts for new, horrifically insecure computers.

Power9 would be the answer if Talos wasn't acting like kikes and trying to rip off would-be buyers.

I hate Jews too but your speech is becoming cryptic

Agreed. Seems like fud with no purpose

Intel is an American company that actually fabs in the USA still. There are hundreds of fabs in America but they're mostly owned by non-American companies. As long as this remains Intel will have a monopoly in the Federal sector.

Holy shit you have not seen the before and after Spectre patches on POWER.
phoronix.com/scan.php?page=article&item=power9-spectre-benchmarks&num=1

These vulnerabilities are really getting out of hand. Are modern CPU architectures really that much of a mess?

Yes, many modern architectures, regardless of ISA, are total clusterfucks. ARM and x86 architectures seem to be the worst offenders. POWER has had very few problems. SPARC, MIPS, and m68k based processors are still clean as fuck.

The older ARM stuff is fine. I have a dual core Cortex-A7 that by design is not vulnerable to any of the Meltdown/Spectre bugs. It's also a lot cleaner and open than x86 (u-boot firmware, no blobs anywhere), and it's much less expensive than POWER (which itself was affected by those bugs). I don't see anything else actually *good* on the market that makes me want to buy it. Even the POWER stuff has made compormises for speed, and that's not a place I want to go.

That's a whole different degree of mitigation. So far on x86 it's not possible to enable full kernel+user mitigation - the best they can do is kernel mitigation. If kernel+user mitigation was added to x86 microcode you'd see a similar (probably worse) performance impact.

pti=off spectre_v2=off l1tf=off nospec_store_bypass_disable no_stf_barrier
Only add this to your kernel cmdline if you like your computer's anus stretched extra wide.

How much do you think it costs to design and start production of such complex hardware? They don't have the customer numbers of ASUS or Supermicro to amortize it over, faggot.

Not fine

Who the fuck do you think Intel makes most of their money from? The server market. Guess how much of the server market is running Linux.


I physically fucking laughed. Thank you, user.

This is what I expect from every OS, and I will assume that each OS which performs better than this with compromised hardware is in fact still compromised.

Eh, at least I'm only out $350. This might be okay if I'm able to disable a few of the security fixes.

Attached: angerie.jpg (326x319, 18.37K)

...

The only AMD equivalent I know of is Epyc workstations and they're expensive as fuck, and I'm a poorfag.

Fair points, but
I got mine for 50$. I used Craigslist, I'm guessing eBay and the like are more expensive.

Bought a used xeon server just last year. at least it's still a decent NAS

Yeah, but did yours come with 32GB RAM and an almost new 1TB SSD? Mine did. I bought it from a guy I know who cleans out old office buildings. Most of the time they're told to throw these machines in the trash so he sticks a few in his truck. Machines with similar specs go for like $800+ on ebay, so it wasn't a bad deal at all, aside from the Intel bugs of course.


How's that on your electricity bill? I'm using a Core2 Duo laptop for that myself.

Very specific hardware and software combination benchmark is what you expect for the two operating systems which work on it. Mkay do you work for IBM by any chance?

I mean more like the pre-Cortex chips, like those in the NDS for example. Even those are good enough to do interesting things with (pic related).
I bought the Cortex-A7 board specifically because it's one of the few of those that doesn't do out-of-order execution and speculation. I'm probably going to get another board with four A7 cores, or maybe even an octacore, although the downside with those is they need big heatsink and/or fan in order to run at max clockspeed.

Attached: Inferno-(operating-system)-pic.gif (800x600, 66.73K)

hahahaha

Not for Ryzen though, and OpenBSD disables SMT on Ryzen systems... the AMD implementation is always encrypted (Intel's HT was a hack that got around the IBM patents).

??????????

You can easily re-enable it though.

Bump, should I get AMD for my datacenter? it's looking like even Gartner is suggesting it.

So how do we disable these patches in ganoonix and windows?

In GNU/Linux it can be disabled with a kernel boot param in grub. On Windows you can either edit the registry manually or use a tool called "InSpectre" to check if its enabled and have it disable it for you if you want.

If you have some clout, you should look into the possibility of getting early Zen2 based EPYC CPUs, probably mid 2019, if it fits your project schedule. They'll go in the same SP3 motherboards so you can effectively do all the hard work ahead of time. If you're just a small fry or looking into building a datacenter tomorrow, the gains are far less significant.
EPYC 7000s will be cheaper than Intel's offering for sure both in initial costs and performance/$ over time, but if you want to do HPC stuff they're practically useless. They excel at distributed independent mid-range workloads. So things like hosting VPCs or serving webshit.

Awesome, and what about in BIOS? Probably none?

You can flash an older bios revision if one exists for your board. There are also forums out there dedicated to making patched BIOS' for various options not included by default on many different boards, including shit like overclocking on unsupported processors if you really want to go there.

This patch has been disabled in all stable kernels offically.

phoronix.com/scan.php?page=news_item&px=Linux-Stable-Dropping-STIBP

What a clever post, I see what you did there. 10/10

Try using a non-n00b OS, faggot.
Intel even on bloated Windoze still obliterates AMD post-patch.

Imagine being this mentally crippled. Can't find your big boy words?

Interesting. I guess on the newer CPUs there's no going back to pre-patch.

lkml.iu.edu/hypermail/linux/kernel/1811.2/01328.html
"This was marked for stable, and honestly, nowhere in the discussion did I see any mention of just *how* bad the performance impact of this was.

When performance goes down by 50% on some loads, people need to start asking themselves whether it was worth it. It's apparently better to just disable SMT entirely, which is what security-conscious people do anyway.

So why do that STIBP slow-down by default when the people who *really* care already disabled SMT?

I think we should use the same logic as for L1TF: we default to something that doesn't kill performance. Warn once about it, and let the crazy people say "I'd rather take a 50% performance hit than worry about a theoretical issue".

Linus"

For most workloads SMT actually hinders performance anyway, at least on Windows.

...

They all use microkernels

This. The issue is that Linux is a shitfest coded by trannies and homosexual communists. The chip made by high agency whites and asians is not the problem.

Kernel protection seems decent and kernel/user protection isn't even enabled on x86 yet. Hell, in some places, that's better than x86

Sad!

MS is literally on the board of the Linux Foundation now.

Got my new kernel boiz, it is slower when doing certain tasks, by a lot.

Well those high agency whites and asians better learn how to start submitting kernel patches to the most important server os out there if they want their chips to perform what they promise

They're working on fixing the ME exploits first. National security and all that.