Intel admits data centre performance slowdown after Meltdown and Spectre updates
Good and bad news from Intel regarding the Meltdown and Spectre vulnerabilities; firmware updates are being pushed through for the vast majority of CPUs issued by the company in the past five years, but patches are impacting data centre performance.
According to an update published yesterday, impacts in performance have ranged from 0% to 2% on industry-standard measures, including integer and floating point throughput, and server-side Java – in other words, common workloads for enterprise and cloud customers. For a benchmark simulating different types of I/O loads, however, testing to stress the CPU in a 100% write case saw an 18% decrease in throughput performance.
Navin Shenoy, Intel EVP and general manager of the Data Center Group, stressed the importance of these being guidelines, with customer-specific workloads likely to differ.
“As expected, our testing results to date show performance impact that ranges depending on specific workloads and configurations,” wrote Shenoy. “Generally speaking, the workloads that incorporate a larger number of user/kernel privilege changes and spend a significant amount of time in privileged mode will be more adversely impacted.”
Intel added that it was “working hard” with partners and customers in the more serious cases of performance degradation. The company recommends Retpoline, a project headed by Google, as a potential mitigation. Retpoline – a portmanteau of ‘return’ and ‘trampoline’ – aims to attack speculative execution by ‘bouncing’ endlessly, in the process allowing indirect branches to be isolated. The company also recommends options that can be found in a more detailed whitepaper.
According to a report from Bridgeway earlier this week, only 4% of enterprise mobile devices have been protected against Meltdown and Spectre vulnerabilities. The company added that at least 72% of the 100,000 mobile devices analysed were still exposed to the threats.
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.
- » More sensitive data moves to the enterprise cloud – but the security risk widens with it
- » Human error and misconfigurations primary source of Kubernetes security snafus, report says
- » Security versus productivity: Exploring the double-edged sword of the cloud
- » Spotting the elephant in the room: Why cloud will not burst colo’s bubble just yet
- » How financial services can stay secure in the cloud: A guide