Good and bad news from Intel regarding the Meltdown and Spectre vulnerabilities; firmware updates are being pushed through for the vast majority of CPUs issued by the company in the past five years, but patches are impacting data centre performance.
According to an update published yesterday, impacts in performance have ranged from 0% to 2% on industry-standard measures, including integer and floating point throughput, and server-side Java – in other words, common workloads for enterprise and cloud customers. For a benchmark simulating different types of I/O loads, however, testing to stress the CPU in a 100% write case saw an 18% decrease in throughput performance.
Navin Shenoy, Intel EVP and general manager of the Data Center Group, stressed the importance of these being guidelines, with customer-specific workloads likely to differ.
“As expected, our testing results to date show performance impact that ranges depending on specific workloads and configurations,” wrote Shenoy. “Generally speaking, the workloads that incorporate a larger number of user/kernel privilege changes and spend a significant amount of time in privileged mode will be more adversely impacted.”
Intel added that it was “working hard” with partners and customers in the more serious cases of performance degradation. The company recommends Retpoline, a project headed by Google, as a potential mitigation. Retpoline – a portmanteau of ‘return’ and ‘trampoline’ – aims to attack speculative execution by ‘bouncing’ endlessly, in the process allowing indirect branches to be isolated. The company also recommends options that can be found in a more detailed whitepaper.
According to a report from Bridgeway earlier this week, only 4% of enterprise mobile devices have been protected against Meltdown and Spectre vulnerabilities. The company added that at least 72% of the 100,000 mobile devices analysed were still exposed to the threats.