Spectre Variant 4 Disclosed, Mitigations to Result in Another Performance Hit

Discussion in '[H]ard|OCP Front Page News' started by Megalith, May 27, 2018.

  1. Megalith

    Megalith 24-bit/48kHz Staff Member

    Messages:
    12,357
    Joined:
    Aug 20, 2006
    Another variant of Spectre was disclosed this week by Microsoft, Google, AMD, ARM, Intel, and Red Hat. Variant 4, labeled "Speculative Store Bypass,” allows hackers to read older system values in a CPU stack or other memory locations. Intel’s microcode fixes will result in a performance hit of 2-8%, and the company’s hardware-based safeguard, “virtual fences,” will not protect against Variant 4 at all.

    Patrick Moorhead, principal analyst at Moor Insights and Strategy, said that Variant 4 would be much harder to “fix” architecturally than V1, V2, or V3a. “You either have to turn memory disambiguation on or off, which will be a BIOS setting,” he told Threatpost in an email. “It’s important to note that browsers have already included mitigations and that from a severity standpoint, has been flagged as ‘medium’ severity, compared to V1, V2, and V3, which were flagged as ‘high.'”
     
    DejaWiz likes this.
  2. dgz

    dgz [H]ardness Supreme

    Messages:
    4,401
    Joined:
    Feb 15, 2010
    So, we get the usual 2-8% performance [hit] this time. Congrats!
     
  3. DF-1

    DF-1 2[H]4U

    Messages:
    2,357
    Joined:
    Jun 17, 2011
    i thought this was the v3 one?

    I really cant keep up. Scrap the entire thing and start anew.
     
    Vercinaigh likes this.
  4. Spidey329

    Spidey329 [H]ardForum Junkie

    Messages:
    8,728
    Joined:
    Dec 15, 2003
    At this rate, the cumulative performance hit is going to be 30%-50% if this keeps up.
     
  5. Hallucinator

    Hallucinator Limp Gawd

    Messages:
    475
    Joined:
    Nov 1, 2006
    Patches with performance hit is like putting a restrictive carburetor intake adapter on a Dodge Viper - rendering it into a Slant 6 Dart.
     
    Darth Kyrie and kilroy67 like this.
  6. Exavior

    Exavior [H]ardForum Junkie

    Messages:
    9,363
    Joined:
    Dec 13, 2005
    guess pretty soon they will have to go back to making faster clock speeds to give us faster processors since their last round of tricks seem to not be very good in the end.
     
  7. DeathFromBelow

    DeathFromBelow [H]ardForum Junkie

    Messages:
    9,892
    Joined:
    Jul 15, 2005
    If any of you Intel guys need an upgrade now I have a couple Bulldozer and Piledriver machines availible to sell. :)
     
  8. Disco_Stu_04

    Disco_Stu_04 Limp Gawd

    Messages:
    328
    Joined:
    Aug 18, 2003
    Well, I was hoping to upgrade my 2600K to a x299 platform. I suppose I will keep waiting however I am taking a risk--

    I doubt Asus will adequately patch my older system but I struggle to justify paying money for a newer fully patched yet performance-compromised system.
     
  9. Navilor

    Navilor Limp Gawd

    Messages:
    168
    Joined:
    Jan 12, 2009
    My first car was a 1969 Dodge Dart GT with a 225 slant 6. It had a white paint job with a either a gold/tan or faded white interior. Nice car but no power.
     
  10. Vercinaigh

    Vercinaigh Gawd

    Messages:
    752
    Joined:
    Jul 31, 2008
    Or, you know, AMD, that doesn't have most of these problems and their fixes don't result in near this kinda issue. Atleast as far as I've been keeping up.
     
    Darth Kyrie likes this.
  11. Killerxp100

    Killerxp100 Gawd

    Messages:
    736
    Joined:
    May 20, 2011
    What a great way to make people upgrade.
     
  12. mullet

    mullet [H]ard|Gawd

    Messages:
    1,515
    Joined:
    Aug 19, 2004

    Yeah upgrade to AMD, I will never spend another dime on any product again that has intel on it.
     
    Darth Kyrie and knowom like this.
  13. ADRENALIN_2099

    ADRENALIN_2099 Gawd

    Messages:
    911
    Joined:
    Apr 26, 2008
    Fucking hell. So that's like a 16% hit so far
     
  14. HaloSVT

    HaloSVT n00bie

    Messages:
    51
    Joined:
    Sep 20, 2011
    It is truly the end times.
     
  15. kandrey89

    kandrey89 Limp Gawd

    Messages:
    169
    Joined:
    Jul 11, 2015
    Sounds like all the 5-10% Intel gains per generation are setting back Intel by what? 6 years
     
  16. Disco_Stu_04

    Disco_Stu_04 Limp Gawd

    Messages:
    328
    Joined:
    Aug 18, 2003
    ...

    "doesn't have most of these problems"

    Like you said, there's issues with AMD as well --- honestly why spend the money now on AMD?

    Furthermore, is AMD less at risk because of the design? Or just lower market share and therefore less in-depth scrutiny?
     
  17. Ranma

    Ranma Limp Gawd

    Messages:
    159
    Joined:
    Jan 31, 2008
    Actually AMD is not affected because of the different architecture. But You should know that because you come to this site..
     
  18. Disco_Stu_04

    Disco_Stu_04 Limp Gawd

    Messages:
    328
    Joined:
    Aug 18, 2003
    If I read the following correctly, it sounds like what you said was incorrect?

    https://www.amd.com/en/corporate/security-updates

     
    juanrga likes this.
  19. knowom

    knowom Limp Gawd

    Messages:
    265
    Joined:
    Aug 15, 2008
    i1-6100 skylake selling points voided, skyOC, voided upgrade path, and -16% hardware penalty. I know what brand CPU I'm not buying to replace it in about 6 months by the time it's been vulnerability fixed to down to Celeron or Atom CPU.
     
  20. Skylinestar

    Skylinestar Limp Gawd

    Messages:
    418
    Joined:
    Jun 14, 2011
    No overclock can mitigate this hit

    Dick: Check out my latest wc i7 8700K rig. I gain 50% speed boost in benchmark.
    John: Make sure you apply all the latest Spectre/Meltdown patch.
    Dick: Aye.
    (patching UEFI, Win10 updates).
    (run benchmark)
    Dick: My bechmark scores are back to non-overclock.
    (e-peen shrink)
    John: Or you prefer to have your private data stolen
     
    Last edited: May 28, 2018
  21. SixFootDuo

    SixFootDuo [H]ardness Supreme

    Messages:
    4,716
    Joined:
    Oct 5, 2004
    Funny to see all of you running around scurred flailing your arms all around screaming the sky if falling.

    Really?



    Macrium reflect free

    Image your OS, an older non fcked version and or use Windows 10 Lite V1 to V4

    Don't update your bios or revert to an older bios

    Just enjoy your shit and all your performance

    Like I do

    reimage your system every few days.
     
  22. DeathFromBelow

    DeathFromBelow [H]ardForum Junkie

    Messages:
    9,892
    Joined:
    Jul 15, 2005
    Intel made certain performance optimizations that accidentally* broke security. There are 5 variants of the Spectre/Meltdown exploits. The Meltdown bugs are Intel only. AMD needs microcode updates for variants 2 and 4 and an OS update for v1.

    Has anyone actually seen any real-world examples of those exploits in action on AMD hardware without physical access to the machine? My understanding is that its impractical.
     
    Last edited: May 28, 2018
    Vercinaigh and Darth Kyrie like this.
  23. d3athf1sh

    d3athf1sh Limp Gawd

    Messages:
    188
    Joined:
    Dec 16, 2015

    hell, i have an old athlon II x2 245 just sitting in a box somewhere if anyone needs it. you probably wouldn't notice much of a performance difference, at this point! :)
     
  24. mesyn191

    mesyn191 2[H]4U

    Messages:
    2,917
    Joined:
    Jun 28, 2004
    This is, uuuh, silly since a)you'll effectively never get any bug or driver fixes for your install of windows/linux if you're forcing it to revert to an old image and b)you'll still get infected even if you're constantly reverting to your old OS install every few days which means the virus can grab your personal info/credit card #'s/passwords/etc. that you use before reverting again and c)most people are VERY aggressively not interested in running their PC like this (even if they have the technical inclination which many don't) and its unreasonable to expect them to do so.

    Its also worth pointing out the performance penalty for the fixes on Zen based AMD systems is pretty negligible too (0-3% IIRC) for the v1 exploits while for Intel just the 1st round of fixes for Meltdown/Spectre were much larger (3-8%) and the fixes for these new exploits will impose further hits to performance. Enough that current Intel CPU's will perform about the same or slower than Ivybridge or possibly even Sandybridge! In which case AMD's current Zen and Zen+ CPU's will end up being a bit faster over all per clock....which is quite the role reversal to say the least.

    If you have a 2015 or newer (ie. Kabylake, Skylake, Broadwell) Intel chip clocked at or over 4.5Ghz that -won't- be a devastating problem since you'll still have a fairly fast system that probably won't bottleneck anything much if at all. But for older Intel CPU's, which don't support some of the same features or instructions newer Intel CPU's do, I believe the performance hit for the fixes can be quite large at times (ie. 20% or more performance hit just for the v1 fixes) depending on what you're doing so it -might- actually be worthwhile (really will depend on your budget) to upgrade to something Zen+ based even if you've got your current older system overclocked to well over 4Ghz.

    Honestly with Zen2 (which is supposed to be 10%+ faster per clock vs Zen+ and clock to near 5Ghz along with more cores) probably coming in early or mid 2019 its probably worthwhile to hold off on upgrading for that to come out at least.

    I do know Intel is expected to have chips out by year end with hardware fixes for the v1 Meltdown/Spectre exploits but no word yet on the v2 exploits or if there will still be some sort of performance hit present.

    I believe there have been some proof of concepts in the papers that released some info about these exploits originally but as far as I know nothing is out there in the wild. It seems like they'll get this patched soon anyways so unless they screw up implementing the patch somehow none of this seems to matter much at all for AMD Zen based chips.
     
    MrTryfe, Vercinaigh and Darth Kyrie like this.
  25. DukenukemX

    DukenukemX 2[H]4U

    Messages:
    3,770
    Joined:
    Jan 30, 2005
    Don't make me throw water on you. Cold water.
     
  26. Master_shake_

    Master_shake_ Little Bitch

    Messages:
    6,842
    Joined:
    Apr 9, 2012
    So where are we now?

    4 versions 4 performance hots should put us near Sandy bridge performance, no?

    Intel's stock price should be zero or near zero.
     
    Vercinaigh likes this.
  27. DejaWiz

    DejaWiz Oracle of Unfortunate Truths

    Messages:
    19,077
    Joined:
    Apr 15, 2005
    They're going to have to go back to the "PR" performance rating schema from long ago...

    "Introducing the new Intel 9th Generation Core i7-9700K PR-PIII 1000. Special imtroductory price of only $389!"
     
  28. John721

    John721 [H]ard|Gawd

    Messages:
    1,598
    Joined:
    Mar 8, 2006
    In terms of performance impacts from implementing all these spectre fixes, is amd less affected than intel?
     
  29. mesyn191

    mesyn191 2[H]4U

    Messages:
    2,917
    Joined:
    Jun 28, 2004
    AMD is virtually unaffected performance wise from any of the fixes. Even in most synthetic benches the performance hit Zen gets is usually negligible.

    Its Intel that is getting hit relatively hard. I guess they depended more on speculative loads than AMD did or something. Or they were more lax in their implementations. Or a combo of both. The fixes essentially end up reducing the effectiveness of the different types of speculative loads that are going on or in some cases eliminate them entirely depending on which core architecture you're talking about.

    Its mostly the older ones (Haswell and older) that get effected the most but the newer ones still take a big enough hit to cumulatively eliminate nearly all the performance gains Intel made with them vs Sandybridge or Ivybridge.
     
    Vercinaigh likes this.
  30. Gottfried Leibnizzle

    Gottfried Leibnizzle Limp Gawd

    Messages:
    198
    Joined:
    Apr 29, 2015
    Moron's law: the performance hit due to vulnerability patches doubles every 18 months.
     
  31. SDplus

    SDplus Limp Gawd

    Messages:
    135
    Joined:
    May 11, 2012
    I'm starting to think that this is all a deliberate push to make people that are happy with semi-old equipments performance feeling forced to upgrade to new stuff. It has been the bane of the industry as of late that new softwares and OS's has not been challenging enough to make people do the regular upgrades. This is a variant of Apple slowing down old phones...
     
    d3athf1sh and ncjoe like this.
  32. DukenukemX

    DukenukemX 2[H]4U

    Messages:
    3,770
    Joined:
    Jan 30, 2005
    This doesn't benefit Intel at all, but AMD on the other hand... Unless this performance hit effects games, it will probably just effect servers again. But either way it doesn't make Intel look good as the upgrades could go Ryzen. So far AMD has taken nearly 50% of the CPU market. Intel might get servers to upgrade to newer Intel's but that would just be a really short term benefit with long term problems.
     
    Vercinaigh and Darth Kyrie like this.
  33. Hallucinator

    Hallucinator Limp Gawd

    Messages:
    475
    Joined:
    Nov 1, 2006
    My first car? Dull looking white 1963 Plymouth Valiant convertible/blue interior with Slant 6 - only 170 cu. No power (101 hp sleeper) but ton of fun
     
  34. SLee

    SLee Gawd

    Messages:
    930
    Joined:
    Oct 27, 2002
    AMD's sales may have grown by something like 50%, but it's actual share is something like 12% of desktop and 1% of server.

    https://www.tomshardware.com/news/amd-cpu-gpu-market-share,36592.html
     
    Peter2k likes this.
  35. Kdawg

    Kdawg Gawd

    Messages:
    819
    Joined:
    Aug 12, 2017
    i am 100% unpatched.

    0% performance loss.
     
  36. Vercinaigh

    Vercinaigh Gawd

    Messages:
    752
    Joined:
    Jul 31, 2008
    And 100% security risk. But hey who cares all your personal information is already all over the internet anyways right?! What's a bit more! :D

    Pretty sure he means sales since launch, not over all market. I can buy the 50% of new CPU's sold being AMD, but it's prolly a fair bit less. Love mine though, not so much my 3930k that was latency locking so bad the system timed out and hard reset from these patches, forced upgrade yo.
     
    Red Falcon likes this.
  37. knowom

    knowom Limp Gawd

    Messages:
    265
    Joined:
    Aug 15, 2008
    There is also the security through obscurity aspect as well in AMD's case much like Apple compared to Microsoft.
     
  38. Ebernanut

    Ebernanut Gawd

    Messages:
    856
    Joined:
    Dec 15, 2010
    This has nothing to do with obscurity. Both are being researched fully because this isn't some malware writer trying to infect the most machines with as little effort as possible, in fact if anything Intel has the deepest pockets and the most to gain by finding issues in AMD CPUs(like many suspect the CTS labs bullshit was).
     
  39. Skylinestar

    Skylinestar Limp Gawd

    Messages:
    418
    Joined:
    Jun 14, 2011
    You just beat hwbot #1 oc.
     
  40. WhoBeDaPlaya

    WhoBeDaPlaya 2[H]4U

    Messages:
    2,587
    Joined:
    Dec 16, 2002
    No, at this rate, the question is will there be any performance gain left from speculative execution?