Rollback to Linux Kernel & Linux Firmware Prior to MeltDown & Spectre Fix

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Cosmo.
Level 23
Level 23
Posts: 17829
Joined: Sat Dec 06, 2014 7:34 am

Re: Rollback to Linux Kernel & Linux Firmware Prior to MeltDown & Spectre Fix

Post by Cosmo. » Fri Mar 30, 2018 2:59 pm

In my understanding the last post says: I am still after another week not able to notice anything and only believe in what I read.

Royi
Level 1
Level 1
Posts: 47
Joined: Fri Aug 11, 2017 8:55 am

Re: Rollback to Linux Kernel & Linux Firmware Prior to MeltDown & Spectre Fix

Post by Royi » Fri Mar 30, 2018 5:32 pm

No, You're wrong.

Just like I feel the difference between Haswell and Coffee Lake which is ~10% I can feel those.
Yet indeed 10% becomes noticeable only when doing long tasks (More than few seconds).
I tend to do those hence I can feel the difference.

Royi
Level 1
Level 1
Posts: 47
Joined: Fri Aug 11, 2017 8:55 am

Re: Rollback to Linux Kernel & Linux Firmware Prior to MeltDown & Spectre Fix

Post by Royi » Tue May 22, 2018 3:22 am

Another Spectre / MeltDown Variant Issue - Microsoft, Google: We've Found a Fourth Data Leaking Meltdown Spectre CPU Hole.

Of course it comes with another performance hit:
"This mitigation will be set to off-by-default, providing customers the choice of whether to enable it or not. We expect most industry software partners will likewise use the default-off option. In this configuration, we have observed no performance impact. If enabled, we’ve observed a performance impact of approximately 2-8 per cent based on overall scores for benchmarks like SYSmark 2014 SE and SPEC integer rate on client and server test systems."
Since those are irrelevant for the end user (Single User of a computer) I hope in Linux they will switch all of them OFF by default.
I really hate those performance hits.

User avatar
smurphos
Level 7
Level 7
Posts: 1568
Joined: Fri Sep 05, 2014 12:18 am
Location: Britisher...

Re: Rollback to Linux Kernel & Linux Firmware Prior to MeltDown & Spectre Fix

Post by smurphos » Tue May 22, 2018 3:31 am

Royi wrote:
Tue May 22, 2018 3:22 am
Since those are irrelevant for the end user (Single User of a computer) I hope in Linux they will switch all of them OFF by default.
I really hate those performance hits.
https://wiki.ubuntu.com/SecurityTeam/Kn ... e/Variant4
In Ubuntu, SSBD is OFF by default because it is not needed by most programs and carries a notable performance impact. A prctl() has been added (PR_SPEC_STORE_BYPASS) that enables developers to opt into the mitigation on a per process basis. Applications using a seccomp filter will be implicitly opted into the mitigations. This means that strict and devmode snaps, processes inside of LXD containers, sandboxed processes of the Firefox and Chromium browsers, among some other processes running in a default Ubuntu install on x86 processors, will have the SSBD mitigation enabled out of the box.

Users can explicitly opt-in to SSBD mitigations, on a system-wide basis, by booting with the spec_store_bypass_disable=on boot parameter. See the Mitigation Controls page for details on available boot options.

Royi
Level 1
Level 1
Posts: 47
Joined: Fri Aug 11, 2017 8:55 am

Re: Rollback to Linux Kernel & Linux Firmware Prior to MeltDown & Spectre Fix

Post by Royi » Tue May 22, 2018 5:02 am

smurphos wrote:
Tue May 22, 2018 3:31 am
Royi wrote:
Tue May 22, 2018 3:22 am
Since those are irrelevant for the end user (Single User of a computer) I hope in Linux they will switch all of them OFF by default.
I really hate those performance hits.
https://wiki.ubuntu.com/SecurityTeam/Kn ... e/Variant4
In Ubuntu, SSBD is OFF by default because it is not needed by most programs and carries a notable performance impact. A prctl() has been added (PR_SPEC_STORE_BYPASS) that enables developers to opt into the mitigation on a per process basis. Applications using a seccomp filter will be implicitly opted into the mitigations. This means that strict and devmode snaps, processes inside of LXD containers, sandboxed processes of the Firefox and Chromium browsers, among some other processes running in a default Ubuntu install on x86 processors, will have the SSBD mitigation enabled out of the box.

Users can explicitly opt-in to SSBD mitigations, on a system-wide basis, by booting with the spec_store_bypass_disable=on boot parameter. See the Mitigation Controls page for details on available boot options.
Yea, in the article above it was said this one will be Opt In only.
Yet I want to be able to disable all those Spectre / Meltdown protections and make them Opt In (Not only variant 4).

User avatar
michael louwe
Level 9
Level 9
Posts: 2671
Joined: Sun Sep 11, 2016 11:18 pm

Re: Rollback to Linux Kernel & Linux Firmware Prior to MeltDown & Spectre Fix

Post by michael louwe » Tue May 22, 2018 5:27 am

AFAIK, nearly all web-servers have applied the mitigations for Meltdown & Spectre = slower Internet. Most computer users have applied the same mitigations = slower computers. A Double Whammy.!

No thanks to the Speculative Execution feature in CPUs that gave a "false" performance boost. Intel had put performance ahead of security in her quest to out-market AMD during the 1990s. Isn't speculation a bad thing to do.? Does self-driving cars also use Speculative Execution.?

Post Reply

Return to “Newbie Questions”