Patch for Retbleed Problem Slows Down Virtual Machines on Linux by 70%

Septembre 13, 2022
par Carina Wilson
199 Vues
3 lecture minimale

VMware engineers have tested a Linux kernel patch that addresses the Retbleed side-channel problem. The researchers came to the disappointing conclusion that this fix can affect performance, reducing it immediately by 70%.

Let me remind you that we also talked about Linus Torvalds Uses Linux on an Apple MacBook Air with an M2 Processor, et aussi que Réseau de robots P2P Panchan Attaques les serveurs Linux.

Retbleed was discovered and described by experts from the ETH Zurich last summer. At the time, the bug was reported to affect Intel processors from 3 à 6 years old, as well as AMD processors from 1 à 11 years old. Experts immediately warned that fixing the bug could have a negative impact on performance.

Let me remind you that Retbleed consists of two vulnerabilities (CVE-2022-29900 for AMD and CVE-2022-29901 for Intel) and belongs to the Specter-BTI class of speculative attacks (variant 2). The name Retbleed refers to the Retpoline security solution, which was developed by Google dans 2018 to combat the Meltdown and Specter processor vulnerabilities. It was in the work of the Retpoline protection that fresh problems were found.

As VMware engineers now report in the Linux Kernel mailing list, the Retbleed patches do cause a noticeable performance regression in the Linux 5.19 kernel. The company’s internal tests have shown that running Linux virtual machines with the ESXi hypervisor and Linux kernel version 5.19 results in a performance drop of up to 70% with a single vCPU, un 30% drop in network performance, and up to 13% in storage performance.

If VMware testers disabled patches for Retbleed in the 5.19 kernel, ESXi performance returned to normal levels, as in version 5.18. The tests were conducted on Intel Skylake processors released between 2015 et 2017.

Since speculative computing was generally designed to speed up data processing, it is not surprising that disabling it has a very negative impact on performance. Cependant, un 70% performance drop is simply unacceptable for many business processes and is a big problem.

En fait, if the patches are not improved and revised, users are faced with a clear choice: use the 5.19 kernel and still lose performance, or stay on the previous version and take the possible risks, relying on the fact that the Retbleed problem is not so easy to exploit.

We believe that these findings will be useful to the Linux community, and wanted to document them.VMware representatives politely summarize.

A propos de l'auteur

Carina Wilson

Avec plus de 10 ans d'expérience en rédaction pour les médias en ligne et imprimés, Je suis un expert dans la production de textes clairs et convaincants.

J'ai écrit pour une agence de rédaction SEO de premier plan ainsi que pour certaines des marques les plus connues du Royaume-Uni., revues et journaux.

Afficher tous les articles

Laissez un commentaire