Benchmarking The Performance Impact Of Linux 5.15's Newest Protection Around Side Channel Attacks
In total I ran 65 different tests on the default kernel build and then again with the ZERO_CALL_USED_REGS feature enabled.
When taking the geometric mean of all 65 test cases -- including both the synthetic and real-world workloads -- there was just a 1.5% performance difference observed on this AMD Ryzen 9 5950X system.
There was just a handful of cases with a measurable impact from using ZERO_CALL_USED_REGS. In a few of the I/O benchmarks there was up to a few percent drop from using this new compiler functionality on the kernel build. Seeing the largest hit were the synthetic test cases just exercising the kernel's context switching performance. The context switching performance took ~11% longer when using this new security hardening option for the kernel build, on top of the various other CPU security mitigations seen in recent years also impairing the context switching speed. Aside from the synthetic context switching and I/O throughput tests, there were just a few random cases of some performance noise in the 2~3% range when using ZERO_CALL_USED_REGS but overall the performance was flat with ZERO_CALL_USED_REGS increasing security and fortunately not at any significant real-world performance cost.
All 65 benchmarks in total for this comparison can be viewed on OpenBenchmarking.org.
If you enjoyed this article consider joining Phoronix Premium to view this site ad-free, multi-page articles on a single page, and other benefits. PayPal or Stripe tips are also graciously accepted. Thanks for your support.
