Fix for Meltdown and Spectre will affect your server performance!
Microsoft, Apple and several Linux distros started to distribute patches to try to fix the recent security flaws found in Intel, AMD and ARM CPUs, in almost every CPU released in the last 20 years. The security flaws are known as Meltdown (affects Intel) and Spectre (affects Intel, AMD and some ARM processors).
The flaw allow softwares to access protected memory areas that should be accessed only by the Operating System kernel, and get sensitive data, like passwords, etc.
There are two problems with the fixes:
- They do not fix 100% of the problem, since it is related on how the CPUs were designed. So far, there is no 100% solution for the problem, and probably it will never exists.
- They impact badly in performance.
In a recent post to firebird-devel list, an user reported that the performance of the Firebird server dropped ~30% after he upgraded its Linux kernel to a version that “fix” those security flaws.
General reports over the internet shows that the most affected areas of the system are CPU, RAM and Disk, so any software that makes intensive use of some of those areas will probably have its performance significantly degraded.
Just to be clear: this performance loss doesn’t affect only Firebird, but any software!
Loading...
More information:
https://www.techrepublic.com/article/intel-chips-have-critical-design-flaw-and-fixing-it-will-slow-linux-mac-and-windows-systems/
More information about performance hit, this time from Microsoft:
http://www.zdnet.com/article/microsoft-says-older-windows-versions-face-greatest-meltdown-spectre-performance-issues/
Here are a few details on Linux related distros
https://lwn.net/Articles/742999/
Official performance numbers from Intel:
https://newsroom.intel.com/editorials/intel-security-issue-update-initial-performance-data-results-client-systems/
Hello cantu,
we use firebird in our Company and for our Costumers, and we “need” want to know, how are the Losses combined with firebird after the Update? Will firebird make Tests or publish tests from users in the next time? We only use Windows.
mfg
There is no way to know how much of performance you will loose, since it depends on several factors, including hardware and the kind of operations you most do in the database. Based on what I’m reading from others, I guess the impact can vary from 15% to 30%. I don’t think the Project will do or publish any test results, since it would be pointless.
Thanks for Answer.
Maybe it is interesting for you: https://www.heise.de/security/meldung/Meltdown-und-Spectre-Intel-zieht-Microcode-Updates-fuer-Prozessoren-zurueck-3948447.html
New Spectre variant 4 patches cause up to 8% performance hit, warns Intel https://www.zdnet.com/article/new-spectre-variant-4-our-patches-cause-up-to-8-performance-hit-warns-intel/