Menu
blog.headdesk.me
blog.headdesk.me

Meltdown and Spectre CVE-2017-5715

Posted on 2018/01/052018/01/05

Numerous posts and announcements have been made available in past 48 hours[1]. I don’t want to embarrass myself trying to describe what they’re about. Here I want to measure the performance penalty for the kernel patch. Kernel update has been made available on CentOS 7 (3.10.0-693.11.6.el7), roughly 12 hours behind Redhat. Here is a quick test of mysql sysbench on a small instance on aliyun, AWS, and Azure. No impact I can see on Aliyun ecs, but there is around 10% impact on AWS ec2 and Azure vm.

Aliyun ecs xn4.small before patching

SQL statistics:
queries performed:
read: 580902
write: 0
other: 82986
total: 663888
transactions: 41493 (691.52 per sec.)
queries: 663888 (11064.27 per sec.)

Aliyun ecs xn4.small after patching

SQL statistics:
queries performed:
read: 605276
write: 0
other: 86468
total: 691744
transactions: 43234 (720.53 per sec.)
queries: 691744 (11528.55 per sec.)

AWS ec2 t2.micro before patching

SQL statistics:
queries performed:
read: 701540
write: 0
other: 100220
total: 801760
transactions: 50110 (835.12 per sec.)
queries: 801760 (13361.98 per sec.)

AWS ec2 t2.micro after patching

SQL statistics:
queries performed:
read: 623448
write: 0
other: 89064
total: 712512
transactions: 44532 (742.16 per sec.)
queries: 712512 (11874.55 per sec.)

Azure vm A2v2 before patching

SQL statistics:
queries performed:
read: 302428
write: 0
other: 43204
total: 345632
transactions: 21602 (359.98 per sec.)
queries: 345632 (5759.70 per sec.)

Azure vm A2v2 after patching

SQL statistics:
queries performed:
read: 237104
write: 0
other: 33872
total: 270976
transactions: 16936 (282.23 per sec.)
queries: 270976 (4515.65 per sec.)

On a relevant note, I’m seeing the smallest instances from ali and aws beat Azure’s A2. Azure is inferior in just about everything.

The sysbench tests

sysbench --db-driver=mysql --mysql-user=root --mysql-password=xxx --mysql-db=sysbench \
--range_size=100 --table_size=10000 --tables=2 --threads=1 --events=0 --time=60 \
--rand-type=uniform /usr/share/sysbench/oltp_read_only.lua prepare

sysbench --db-driver=mysql --mysql-user=root --mysql-password=xxx --mysql-db=sysbench \
--range_size=100 --table_size=10000 --tables=2 --threads=1 --events=0 --time=60 \
--rand-type=uniform /usr/share/sysbench/oltp_read_only.lua run

[1] More about meltdown and spectre

Ubuntu https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown
Redhat https://access.redhat.com/security/vulnerabilities/speculativeexecution
FreeBSD https://www.freebsd.org/news/newsflash.html
AWS https://aws.amazon.com/security/security-bulletins/AWS-2018-013/
Google https://googleprojectzero.blogspot.hk/
Graz University of Technology https://meltdownattack.com/

facebookShare on Facebook
TwitterTweet

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Full text search

Recent Posts

  • Dumping AWS Organization tree
  • Free is the most expensive
  • Terraform conditional resource and blocks
  • Upgrade Ubuntu 16.04 to latest release
  • Inspect and control network traffic on AWS
  • aws (8)
  • coffee (1)
  • headfi (1)
  • linux (7)
  • others (55)
  • security (2)
  • tech (36)
  • wordpress (2)

apache aws awscli azure backup cloud coffee coreos distributed filesystem docker ec2 EL8 elasticcache etckeeper featured heartbleed kernel linux mail meltdown mysql php pine python rdp rds Redhat Red Hat RHEL RHEL7 rpm Ryzen snapshot spectre SSL systemd tech terraform ubuntu ubuntu upgrade vector vpn wordpress xtreemfs yum

©2022 blog.headdesk.me | Powered by SuperbThemes & WordPress