[Beowulf] Intel CPU design bug & security flaw - kernel fix imposes performance penalty
Lux, Jim (337K)
james.p.lux at jpl.nasa.gov
Wed Jan 3 09:47:42 PST 2018
I should think that in a "dedicated cluster" application, these sorts of security problems are less of an issue - whether a process can figure out what memory space other processes are in is more of an issue for machines "open to the world with heterogeneous applications" (i.e. 99.9% of the machines out there).
The scenario from the article:
And, if you're running HPC "in the cloud" on VMs, this is an issue.
I suppose the down side is that if they do kernel mods to fix this for the 99.9%, it adversely affects the performance for the 0.1% (that is, us).
From: Beowulf [mailto:beowulf-bounces at beowulf.org] On Behalf Of Christopher Samuel
Sent: Tuesday, January 02, 2018 7:46 PM
To: beowulf at beowulf.org
Subject: [Beowulf] Intel CPU design bug & security flaw - kernel fix imposes performance penalty
Just a quick break from my holiday in Philadelphia (swapped forecast 40C on Saturday in Melbourne for -10C forecast here) to let folks know about what looks like a longstanding Intel CPU design flaw that has security implications.
There appears to be no microcode fix possible and the kernel fix will incur a significant performance penalty, people are talking about in the range of 5%-30% depending on the generation of the CPU. :-(
There's a post on the PostgreSQL site that measures the impact, El Reg summarises the impact as:
Best case: 17% slowdown
Worst case: 23%
Here's the post about the measured impact:
This is going to be interesting I think...
All the best,
Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC _______________________________________________
Beowulf mailing list, Beowulf at beowulf.org sponsored by Penguin Computing To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf
More information about the Beowulf