Linked by Thom Holwerda on Wed 3rd Jan 2018 00:42 UTC

A fundamental design flaw in Intel's processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel's virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we're looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features - such as PCID - to reduce the performance hit.

That's one hell of a bug.

Thread beginning with comment 652462
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:

Yeah, looks like everyone is making a bit fuss and bragging about a possible cpu slowdown while we already shove our over powerful computers with flash animations and real time virus scanners. Would have we noticed if not informed ?

We just bumped our DB box from 8 to 10 CPUs, like two weeks ago, as we were running higher and higher overall CPU loads.

This patch will effectively negate those CPUs and now we'll probably have to allocate 2 more just to compensate and get us back to where we were.

However, because of our reliability and failover requirements, we also need to allocate more CPUs to the back up machines as well. Due to our need to ensure that our Staging and Production systems are equal for testing and rollout issues, we also have to upgrade our Staging infrastructure (which also has a hot spare machine).

So, this bug is going to "cost" us 8 more CPUs. We had to scavenge under used VMs to reclaim them in order to free up those CPUs for our upgrade. I honestly don't know if we have 8 CPUs to spare.

Thankfully, we won't need to do this to the rest of the infrastructure, as the CPU load isn't as much of a problem but we're certainly excited that everything (notably response times) are just going to be 10-20% slower across the board. Yay us.

So, yea, this is a big deal for us.

Reply Parent Score: 4

PJBonoVox Member since:

It comes down to use case I guess. There are folks on OSNews (and the internet as a whole) who run 1000+ build farms at work, there are some who tinker as hobbyists and some who probably only use x86 when absolutely necessary.

It's gonna impact different people in different ways (if at all). Some folks are thinking about their brand new gaming rig, others about their company's 8-figure cloud operations.

That's why I love this site, it's a whole mix of backgrounds.

Reply Parent Score: 4

grat Member since:

The impact of the security fix varies depending on what your workload is.

Gaming, which all runs in user space, rather than kernel space, seems largely unaffected.

Similarly, I would question whether a well tuned DB would be heavily affected, since it's largely IO bound as a rule, rather than heavy kernel CPU.

Best plan is to start preparing for increased CPU counts, but wait to verify it's a problem first.

... or buy AMD. ;)

Reply Parent Score: 3