Intel today revealed additional information regarding its ongoing testing of the Meltdown and Spectre firmware patches it has released. To date, the company says it has released firmware updates for 90 percent of processors made in the past five years. That says nothing about processors from before that time, but that's a different topic. Intel executive VP and GM for the Data Center Group also mentions the reboot issues previous discussed and says that it's "making progress toward identifying the root cause" and will be "providing beta microcode to vendors for validation by next week." But the bigger topic is the performance testing results for data centers.
While client systems are the least likely to be affected by the firmware and software updates, with generally negligible impacts to office tasks and even gaming, things become more complex when we enter the world of servers. Intel has so far only provided figures using industry standard benchmarks on dual-socket Xeon Platinum (Skylake) platforms, which are the latest generation server products. Given that even client workloads have shown more significant drops in performance on Broadwell and earlier architectures, the same will likely happen with Xeon parts.
The performance impact as always will depend on the specific workload being tested, and while industry benchmarks are nice, companies will ultimately need to measure the impact on their own infrastructure. Intel does note that "workloads that incorporate a larger number of user/kernel privilege changes and spend a significant amount of time in privileged mode will be more adversely impacted." Intel also says it's continuing to work on improving the software patches and other fixes so that the performance impacts aren't as severe, but that will take some time. For now, here are the results Intel has published:
For many of the benchmarks, the performance delta is relatively small. Integer, floating-point, Linpack, Stream, server-side Java, energy efficiency, and OLTP brokerage all show a 0-4 percent drop in performance. When we get to the storage benchmarks, however, things get a bit more complex.
Simulating various storage workloads with 4k random IO, Intel provides three data point: 100 percent read, 100 percent write, and a 70/30 read/write mix. The read performance wasn't affected, but CPU utilization did increase 22 percent. Similarly, the 70/30 mix (which is a good real-world mix for many installations) shows a minor two percent drop in performance, but again CPU utilization is up 20 percent. Lastly, the 100 percent write workload shows a large 18 percent drop in performance, though only a two percent increase in CPU utilization. In other words, most storage workloads aren't likely to be significantly slower, but they will have higher CPU use, and that could impact the overall experience on heavily loaded servers.
The final SPDK (Storage Platform Development Kit) is another interesting data point, where Intel shows no loss in performance when using all CPU cores, but a drop of 25 percent when utilizing only a single core. This supports the above storage results, where CPU utilization was higher in several instances. With only a single CPU core, that increased CPU utilization appears to result in a CPU bottleneck.
While a 0-25 percent impact on performance is a rather large range, it coincides with what others have said since the beginning. Many workloads don't access the kernel much and will show little if any change in performance, but those that do hit the kernel hard may end up with significant performance losses. Intel also states, "In those areas where we are seeing higher impacts, we are working hard with our partners and customers to identify ways to address this. For example, there are other mitigation options that could yield less impact."
No doubt this isn't the last we've heard of Meltdown and Spectre, and there's a new site SkyfallAttack that says it will publish details on two additional vulnerabilities, Skyfall and Solace. Clearly a Bond fan, the site says that details will be provided once OS and chip manufacturers have prepared patches. We'll have to see if these are real, and whether they're separate and distinct from Meltdown and Spectre, so stay tuned.