January 3, 2018 at 4:04 am
https://www.theregister.co.uk/2018/01/02/intel_cpu_design_flaw/
This patch is mainly security related for "cloud based" computers, but it's probably going to be applied to all Intel hardware running Windows and Linux systems.
Great, preliminary news is that this could affect performance on database servers in a negative way up to 30%. :crazy:
I don't have the words or emoticons to express my dismay, since my department hardware budget is tight and pretty much locked in for the year.
January 4, 2018 at 2:44 am
I was expecting more chat about this in this forum. Let's wait and see what the fix actually is.
January 4, 2018 at 2:47 am
Between 5-30% which means they don't have a clue and have just put a finger in the air and came up with a figure.
January 4, 2018 at 3:37 am
Super Cat - Thursday, January 4, 2018 2:47 AMBetween 5-30% which means they don't have a clue and have just put a finger in the air and came up with a figure.
No they have run benchmarks for various types of loads ranging from CPU intensive to I/O intensive. Guess why it's important to this forum? The database benchmarks with the heavy I/O load suffered the most...
(Microsoft and core Linux developers have been working on patches for at least a few weeks if not longer...)
And the security aspect of this is critical enough that Microsoft started mass patching and rebooting Azure VMs last night.
I heard something was up over a week ago since I follow security, Microsoft OS and Linux development, I think most of the SQL Server Blog-O-Sphere was/is either on holiday or waiting for more details.
January 4, 2018 at 8:17 am
I'm not sure why people think this is mainly for "cloud-based" computers. It affects anything with the susceptible CPUs.
--Jeff Moden
Change is inevitable... Change for the better is not.
January 4, 2018 at 8:37 am
So are major companies really going to be okay just eating a potential 30+% CPU performance drop on their servers?
It sounds like the performance impact on the average home user is minimal.
January 4, 2018 at 9:04 am
ZZartin - Thursday, January 4, 2018 8:37 AMSo are major companies really going to be okay just eating a potential 30+% CPU performance drop on their servers?It sounds like the performance impact on the average home user is minimal.
We're not, but both accuracy and security have precedence over performance. We're doing a deep dive on the problem and our systems to see if someone could actually pull off a security breach even with all the other layers of security that we have. If it turns out that the answer is "Yes, someone could", then two things will happen...
1. We'll take the hit on performance as a first step.
2. Although this is one place where performance may not be entirely "in the code", we know exactly how long our current stuff takes to execute whether it's GUI code or large batch code and we'll be looking for slowdowns. Since almost all code has a "good enough" nature in it, there's always room for improvement and improve it we shall.
We're setting up to do tests on our staging boxes because we also know how long things take to run there, as well. We also have a PreProd box for our "money maker" where most of the action both on the front end and for batch code takes place. We'll be doing testing there, as well, to see if we can catch anything early.
Jeez... this reminds me of the recent thing with Volkswagon. What a pain in the ass all of this is going to be for a whole lot of people and companies.
--Jeff Moden
Change is inevitable... Change for the better is not.
January 4, 2018 at 11:25 am
Jeez... this reminds me of the recent thing with Volkswagon. What a pain in the ass all of this is going to be for a whole lot of people and companies.
--Jeff Moden
I heard about this earlier than most since I also run Linux systems and the folks kept talking about "secretive patches" going into the kernel. So I alarmed the proper folks and I don't think they will realize the magnitude of the situation for the SQL databases until job run times go up. Maybe the application I/O improvements I've asked for years ago will get rolled out to make up for the loss in performance...
Some of the fixes may also affect the high resolution system timers in the user space. That would kill certain categories of apps....
" In other words, it's a huge s**t sandwich, and we're all gonna have to take a bite."
- Full Metal Jacket
January 4, 2018 at 11:30 am
chrisn-585491 - Thursday, January 4, 2018 11:25 AMJeez... this reminds me of the recent thing with Volkswagon. What a pain in the ass all of this is going to be for a whole lot of people and companies.
--Jeff Moden
I heard about this earlier than most since I also run Linux systems and the folks kept talking about "secretive patches" going into the kernel. So I alarmed the proper folks and I don't think they will realize the magnitude of the situation for the SQL databases until job run times go up. Maybe the application I/O improvements I've asked for years ago will get rolled out to make up for the loss in performance...
Some of the fixes may also affect the high resolution system timers in the user space. That would kill certain categories of apps....
" In other words, it's a huge s**t sandwich, and we're all gonna have to take a bite."
- Full Metal Jacket
Going to affect more than just SQL Server.
January 4, 2018 at 11:42 am
SQL Server Guidance to protect against speculative execution side-channel vulnerabilities
https://support.microsoft.com/en-us/help/4073225/guidance-for-sql-server
Viewing 10 posts - 1 through 9 (of 9 total)
You must be logged in to reply to this topic. Login to reply