The patch will have a bigger impact on memory-intensive programs that switch frequently between different privilege levels. Unfortunately, switching between privilege levels is very common, particularly through something called a "system call" or "syscall" for short. Many common tasks like reading and writing a disk, accessing the network, reading key presses from the keyboard, and so on are done through syscalls.azurekep wrote: ↑Fri Jan 05, 2018 12:40 pmNice explanation. The above excerpt gets to a question I raised earlier. Intel is apparently disputing the degree of slowdown that will come from the patches and says it is dependent on the type of program. From what I understand of your explanation, it would seem to be programs that heavily use the cache. What programs would heavily use the cache? Browsers? Text editors? Tax programs? MP3 tag editing? Photoshop?Mudpuppy wrote: ↑Fri Jan 05, 2018 3:29 amAs for the performance hit after applying patches, that has to do with the caches. The primary software fix to keep information from leaking between instructions running with different permissions is to flush the caches before running instructions with a different set of permissions. But you are figuratively throwing the baby out with the bath water. This gets rid of anything in the cache that might be part of an exploit attempt, but it also gets rid of all the cached data that wasn't part of the exploit. Now your memory loads will take longer as the cache is repopulated for the new set of instructions. If you don't switch often between instructions with different permissions, you won't see much of a slow down. But the more you switch, the slower the memory operations will be as the cache gets reloaded over and over again.
We will all be forced to apply patches to internet-facing computers, whether we want to or not, but it would be useful to have some idea of the degree of performance hit we may experience, especially from workhorse tasks like web browsing. It may force people on slow broadband connections, for instance, to upgrade to faster connections to compensate for the slowed processor/cache-related performance.
It will not be remedied by getting a faster Internet connection, as the bottleneck is the computer itself, not the Internet connection. And "faster" is actually a misnomer for Internet connections. You get more throughput (more bits per second) with a higher connection, but each bit still transmits at the same speed. An analogy would be to compare a 6-lane road with a 55mph speed limit to a 2-lane road with a 55mph speed limit. Both have the same speed limit, but the bigger road can handle more cars simultaneously. Putting more proverbial cars on the proverbial road won't compensate for this particular patch.