Last week the AMD Inception vulnerability was made public as a speculative side channel attack affecting Zen processors and different mitigation options based on the CPU generation.
There wasn’t too much communication around the performance implications of mitigating Inception while over the past week I have begun benchmarking the software and microcode updates on Ryzen and EPYC processors.
AMD already published the updated Family 19h microcode for EPYC processors in linux-firmware.git while on the consumer/client side AMD partners will be rolling out updated AGESA with the mitigated microcode.
There are though updated patches in development to clean-up this Inception (SRSO) mitigation code and that cleaned up work will likely be upstreamed in the coming days, but ultimately isn’t expected to change the mitigation overhead costs.
For getting an initial idea of the AMD Inception mitigation performance impact, I used an AMD EPYC 7763 (Milan / Zen 3) server running Ubuntu 22.04 LTS and using a custom kernel build as of last week, The following kernel configurations were tested: off - No Inception mitigations.
The “safe RET” mode is the default mode of operation with AMD Zen processors on the Linux kernel versions patched since last week.
This is the best summary I could come up with:
Last week the AMD Inception vulnerability was made public as a speculative side channel attack affecting Zen processors and different mitigation options based on the CPU generation.
There wasn’t too much communication around the performance implications of mitigating Inception while over the past week I have begun benchmarking the software and microcode updates on Ryzen and EPYC processors.
AMD already published the updated Family 19h microcode for EPYC processors in linux-firmware.git while on the consumer/client side AMD partners will be rolling out updated AGESA with the mitigated microcode.
There are though updated patches in development to clean-up this Inception (SRSO) mitigation code and that cleaned up work will likely be upstreamed in the coming days, but ultimately isn’t expected to change the mitigation overhead costs.
For getting an initial idea of the AMD Inception mitigation performance impact, I used an AMD EPYC 7763 (Milan / Zen 3) server running Ubuntu 22.04 LTS and using a custom kernel build as of last week, The following kernel configurations were tested: off - No Inception mitigations.
The “safe RET” mode is the default mode of operation with AMD Zen processors on the Linux kernel versions patched since last week.
I’m a bot and I’m open source!