Meltdown and Spectre CVE-2017-5715

Posted on

Numerous posts and announcements have been made available in past 48 hours[1]. I don’t want to embarrass myself trying to describe what they’re about. Here I want to measure the performance penalty for the kernel patch. Kernel update has been made available on CentOS 7 (3.10.0-693.11.6.el7), roughly 12 hours behind Redhat. Here is a quick test of mysql sysbench on a small instance on aliyun, AWS, and Azure. No impact I can see on Aliyun ecs, but there is around 10% impact on AWS ec2 and Azure vm.

Aliyun ecs xn4.small before patching

SQL statistics:
queries performed:
read: 580902
write: 0
other: 82986
total: 663888
transactions: 41493 (691.52 per sec.)
queries: 663888 (11064.27 per sec.)

Aliyun ecs xn4.small after patching

SQL statistics:
queries performed:
read: 605276
write: 0
other: 86468
total: 691744
transactions: 43234 (720.53 per sec.)
queries: 691744 (11528.55 per sec.)

AWS ec2 t2.micro before patching

SQL statistics:
queries performed:
read: 701540
write: 0
other: 100220
total: 801760
transactions: 50110 (835.12 per sec.)
queries: 801760 (13361.98 per sec.)

AWS ec2 t2.micro after patching

SQL statistics:
queries performed:
read: 623448
write: 0
other: 89064
total: 712512
transactions: 44532 (742.16 per sec.)
queries: 712512 (11874.55 per sec.)

Azure vm A2v2 before patching

SQL statistics:
queries performed:
read: 302428
write: 0
other: 43204
total: 345632
transactions: 21602 (359.98 per sec.)
queries: 345632 (5759.70 per sec.)

Azure vm A2v2 after patching

SQL statistics:
queries performed:
read: 237104
write: 0
other: 33872
total: 270976
transactions: 16936 (282.23 per sec.)
queries: 270976 (4515.65 per sec.)

On a relevant note, I’m seeing the smallest instances from ali and aws beat Azure’s A2. Azure is inferior in just about everything.

The sysbench tests

sysbench --db-driver=mysql --mysql-user=root --mysql-password=xxx --mysql-db=sysbench \
--range_size=100 --table_size=10000 --tables=2 --threads=1 --events=0 --time=60 \
--rand-type=uniform /usr/share/sysbench/oltp_read_only.lua prepare

sysbench --db-driver=mysql --mysql-user=root --mysql-password=xxx --mysql-db=sysbench \
--range_size=100 --table_size=10000 --tables=2 --threads=1 --events=0 --time=60 \
--rand-type=uniform /usr/share/sysbench/oltp_read_only.lua run

[1] More about meltdown and spectre

Ubuntu https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
Redhat https://access.redhat.com/security/vulnerabilities/speculativeexecution
FreeBSD https://www.freebsd.org/news/newsflash.html
AWS https://aws.amazon.com/security/security-bulletins/AWS-2018-013/
Google https://googleprojectzero.blogspot.hk/
Graz University of Technology https://meltdownattack.com/

facebookShare on Facebook
TwitterTweet

Leave a Reply

Your email address will not be published. Required fields are marked *