Menu
blog.headdesk.me
blog.headdesk.me

Meltdown and Spectre CVE-2017-5715

Posted on 2018/01/052018/01/05

Numerous posts and announcements have been made available in past 48 hours[1]. I don’t want to embarrass myself trying to describe what they’re about. Here I want to measure the performance penalty for the kernel patch. Kernel update has been made available on CentOS 7 (3.10.0-693.11.6.el7), roughly 12 hours behind Redhat. Here is a quick test of mysql sysbench on a small instance on aliyun, AWS, and Azure. No impact I can see on Aliyun ecs, but there is around 10% impact on AWS ec2 and Azure vm.

Aliyun ecs xn4.small before patching

SQL statistics:
queries performed:
read: 580902
write: 0
other: 82986
total: 663888
transactions: 41493 (691.52 per sec.)
queries: 663888 (11064.27 per sec.)

Aliyun ecs xn4.small after patching

SQL statistics:
queries performed:
read: 605276
write: 0
other: 86468
total: 691744
transactions: 43234 (720.53 per sec.)
queries: 691744 (11528.55 per sec.)

AWS ec2 t2.micro before patching

SQL statistics:
queries performed:
read: 701540
write: 0
other: 100220
total: 801760
transactions: 50110 (835.12 per sec.)
queries: 801760 (13361.98 per sec.)

AWS ec2 t2.micro after patching

SQL statistics:
queries performed:
read: 623448
write: 0
other: 89064
total: 712512
transactions: 44532 (742.16 per sec.)
queries: 712512 (11874.55 per sec.)

Azure vm A2v2 before patching

SQL statistics:
queries performed:
read: 302428
write: 0
other: 43204
total: 345632
transactions: 21602 (359.98 per sec.)
queries: 345632 (5759.70 per sec.)

Azure vm A2v2 after patching

SQL statistics:
queries performed:
read: 237104
write: 0
other: 33872
total: 270976
transactions: 16936 (282.23 per sec.)
queries: 270976 (4515.65 per sec.)

On a relevant note, I’m seeing the smallest instances from ali and aws beat Azure’s A2. Azure is inferior in just about everything.

The sysbench tests

sysbench --db-driver=mysql --mysql-user=root --mysql-password=xxx --mysql-db=sysbench \
--range_size=100 --table_size=10000 --tables=2 --threads=1 --events=0 --time=60 \
--rand-type=uniform /usr/share/sysbench/oltp_read_only.lua prepare

sysbench --db-driver=mysql --mysql-user=root --mysql-password=xxx --mysql-db=sysbench \
--range_size=100 --table_size=10000 --tables=2 --threads=1 --events=0 --time=60 \
--rand-type=uniform /usr/share/sysbench/oltp_read_only.lua run

[1] More about meltdown and spectre

Ubuntu https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
Redhat https://access.redhat.com/security/vulnerabilities/speculativeexecution
FreeBSD https://www.freebsd.org/news/newsflash.html
AWS https://aws.amazon.com/security/security-bulletins/AWS-2018-013/
Google https://googleprojectzero.blogspot.hk/
Graz University of Technology https://meltdownattack.com/

facebookShare on Facebook
TwitterTweet

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Full text search

Recent Posts

  • Terraform and segregated permissions
  • LVM Compression and Deduplication
  • Edit gpg encrypted file with vim
  • Lelit Elizabeth PL92T Pressure Tuning
  • jq transformation
  • aws (8)
  • coffee (1)
  • headfi (1)
  • linux (6)
  • others (58)
  • security (2)
  • tech (36)
  • wordpress (2)

apache aws awscli azure backup clearlinux cloud coffee docker DOCP ec2 EL8 epyc espresso featured gpg jenkins kernel lelit linux lvm meltdown memory MFA mikrotik php python rdp Redhat RHEL roasting rpm Ryzen site-to-site snapshot spectre tech terraform tuning ubuntu ubuntu upgrade vim vpn wordpress xdotool

©2023 blog.headdesk.me | Powered by SuperbThemes & WordPress