SlideShare a Scribd company logo

NVIDIA GTC 2018: Spectre/Meltdown Impact on High Performance Workloads

Jeremy Eder, profile picture
Jeremy Eder

This document summarizes a presentation given by Jeremy Eder from Red Hat Performance Engineering about the impact of the Spectre and Meltdown vulnerabilities on high performance workloads. It discusses performance data showing the impact on tasks like TensorFlow training on GPUs. It also provides suggestions for managing the performance impact, such as enabling transparent huge pages and PCID, and disabling specific kernel patches if needed. A list of additional reference links is also included.

Technology
Related topics:
Red Hat Technologies
1 of 13
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING1 Spectre/Meltdown Impact on High Performance Workloads Red Hat Performance Engineering NVIDIA GTC, March 2018
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING2 ● Context ● Performance Data and Capacity Planning ● KBase Overview ● Going Forward AGENDA
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING3 VULNERABILITY OVERVIEW Meltdown - Rogue data cache load ● Allows reading all memory Spectre Variant 1 - Bounds check bypass ● Throw-away data left insecure in CPU cache Spectre Variant 2 - Branch Target Injection ● CPU branch predictor trained by exploit
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING DETERMINING VULNERABILITY • OS vendors provide tools to determine vulnerability • Recent Linux and RHEL kernels include the following new sysfs entries 4 $ ls -1 /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown /sys/devices/system/cpu/vulnerabilities/spectre_v 1 /sys/devices/system/cpu/vulnerabilities/spectre_v 2
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING Userspace vs. Kernelspace Userspace ( e.g. /bin/bash) Operating System (e.g. Linux kernel) System Call Interface 5
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING6 PERFORMANCE DATA AND CAPACITY PLANNING
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING7 TensorFlow on NVIDIA GPUs, CUDA 9.1 %diff vs Pre-CVE Kernel Baseline
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING8 KERNEL BYPASS NETWORKING - Broadwell
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING9 CAPACITY PLANNING
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING10 ● RHEL 6/7 have transparent hugepages enabled by default ○ Reduces amount of TLB entries and thus total flush impact ● RHEL 7.4.z has PCID support from 4.14 ○ Reduces impact of TLB flushes by tagging/tracking ○ (2010+ CPUs have it...check /proc/cpuinfo) ● RHEL has runtime knobs to disable patches (no reboot req’d) HOW TO MANAGE PERFORMANCE IMPACT echo 0 > /sys/kernel/debug/x86/pti_enabled echo 0 > /sys/kernel/debug/x86/ibrs_enabled echo 0 > /sys/kernel/debug/x86/retp_enabled
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING11 IMPACT VARIES BY WORKLOAD
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING12 ● Community landing page https://meltdownattack.com/ ● Meltdown and Spectre in 3 Minutes ● FOSDEM Closing Keynote ● Speculative Execution Exploit Performance Impacts ● Controlling the Performance Impact of Microcode and Security Patches ● Intel.com: Advancing Security at the Silicon Level LINKS
JEREMY EDER - RED HAT PERFORMANCE ENGINEERING THANK YOU plus.google.com/+RedHat linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHatNews

More Related Content

PDF
Red Hat Summit 2018 5 New High Performance Features in OpenShift
Jeremy Eder
 
PDF
NVIDIA GTC 2018: Enabling GPU-as-a-Service Providers with Red Hat OpenShift
Jeremy Eder
 
PDF
Triangle Kubernetes Meetup - Performance Sensitive Apps in OpenShift
Jeremy Eder
 
PDF
Best practices for optimizing Red Hat platforms for large scale datacenter de...
Jeremy Eder
 
PDF
NVIDIA GTC 2019: Red Hat and the NVIDIA DGX: Tried, Tested, Trusted
Jeremy Eder
 
PDF
Rhel8 Beta - Halifax RHUG
Nicole Maselli
 
PDF
LinuxCon NA 2016: When Containers and Virtualization Do - and Don’t - Work T...
Jeremy Eder
 
PDF
Part 4 Maximizing the utilization of GPU resources on-premise and in the cloud
Univa, an Altair Company
 
Red Hat Summit 2018 5 New High Performance Features in OpenShift
Jeremy Eder
 
NVIDIA GTC 2018: Enabling GPU-as-a-Service Providers with Red Hat OpenShift
Jeremy Eder
 
Triangle Kubernetes Meetup - Performance Sensitive Apps in OpenShift
Jeremy Eder
 
Best practices for optimizing Red Hat platforms for large scale datacenter de...
Jeremy Eder
 
NVIDIA GTC 2019: Red Hat and the NVIDIA DGX: Tried, Tested, Trusted
Jeremy Eder
 
Rhel8 Beta - Halifax RHUG
Nicole Maselli
 
LinuxCon NA 2016: When Containers and Virtualization Do - and Don’t - Work T...
Jeremy Eder
 
Part 4 Maximizing the utilization of GPU resources on-premise and in the cloud
Univa, an Altair Company
 

What's hot (20)

PDF
OSCON 2017: To contain or not to contain
Jeremy Eder
 
PDF
A Container Stack for Openstack - OpenStack Silicon Valley
Stephen Gordon
 
PDF
Part 3 Maximizing the utilization of GPU resources on-premise and in the cloud
Univa, an Altair Company
 
PDF
Protecting the Galaxy - Multi-Region Disaster Recovery with OpenStack and Ceph
Sean Cohen
 
PDF
Part 2 Maximizing the utilization of GPU resources on-premise and in the cloud
Univa, an Altair Company
 
PDF
KubeCon NA, Seattle, 2016: Performance and Scalability Tuning Kubernetes for...
Jeremy Eder
 
PDF
Deploying Containers at Scale on OpenStack
Stephen Gordon
 
PDF
Red Hat Summit 2017: Wicked Fast PaaS: Performance Tuning of OpenShift and D...
Jeremy Eder
 
PDF
XPDS16: Live scalability for vGPU using gScale - Xiao Zheng, Intel
The Linux Foundation
 
PDF
XPDS16: Live Migration of vGPU - Xiao Zheng, Intel Asia-Pacific Research & De...
The Linux Foundation
 
PDF
Ceph Tech Talk: Ceph at DigitalOcean
Ceph Community
 
PDF
Patroni: Kubernetes-native PostgreSQL companion
Alexander Kukushkin
 
PDF
Let's turn your PostgreSQL into columnar store with cstore_fdw
Jan Holčapek
 
PDF
AMD EPYC™ Microprocessor Architecture
AMD
 
PPTX
AMD EPYC 7002 World Records
AMD
 
PPTX
AMD EPYC World Records
AMD
 
PDF
LAS16-207: Bus scaling QoS
Linaro
 
PDF
How to Burn Multi-GPUs using CUDA stress test memo
Naoto MATSUMOTO
 
PDF
Cephfs - Red Hat Openstack and Ceph meetup, Pune 28th november 2015
bipin kunal
 
PDF
RedGateWebinar - Where did my CPU go?
Kristofferson A
 
OSCON 2017: To contain or not to contain
Jeremy Eder
 
A Container Stack for Openstack - OpenStack Silicon Valley
Stephen Gordon
 
Part 3 Maximizing the utilization of GPU resources on-premise and in the cloud
Univa, an Altair Company
 
Protecting the Galaxy - Multi-Region Disaster Recovery with OpenStack and Ceph
Sean Cohen
 
Part 2 Maximizing the utilization of GPU resources on-premise and in the cloud
Univa, an Altair Company
 
KubeCon NA, Seattle, 2016: Performance and Scalability Tuning Kubernetes for...
Jeremy Eder
 
Deploying Containers at Scale on OpenStack
Stephen Gordon
 
Red Hat Summit 2017: Wicked Fast PaaS: Performance Tuning of OpenShift and D...
Jeremy Eder
 
XPDS16: Live scalability for vGPU using gScale - Xiao Zheng, Intel
The Linux Foundation
 
XPDS16: Live Migration of vGPU - Xiao Zheng, Intel Asia-Pacific Research & De...
The Linux Foundation
 
Ceph Tech Talk: Ceph at DigitalOcean
Ceph Community
 
Patroni: Kubernetes-native PostgreSQL companion
Alexander Kukushkin
 
Let's turn your PostgreSQL into columnar store with cstore_fdw
Jan Holčapek
 
AMD EPYC™ Microprocessor Architecture
AMD
 
AMD EPYC 7002 World Records
AMD
 
AMD EPYC World Records
AMD
 
LAS16-207: Bus scaling QoS
Linaro
 
How to Burn Multi-GPUs using CUDA stress test memo
Naoto MATSUMOTO
 
Cephfs - Red Hat Openstack and Ceph meetup, Pune 28th november 2015
bipin kunal
 
RedGateWebinar - Where did my CPU go?
Kristofferson A
 
Ad

Similar to NVIDIA GTC 2018: Spectre/Meltdown Impact on High Performance Workloads (20)

PDF
RHEL_Overview_Customer_Presentation_(golddeck)_customer_version
tedm23
 
PDF
Red Hat for IBM System z IBM Enterprise2014 Las Vegas
Filipe Miranda
 
PDF
OpenStack Benelux Conference 2014 | Plenair | RedHat
Guston Remie
 
PDF
tburke_rhel6_summit.pdf
ricardoarguello
 
PPTX
Unix tc
Bill Chea
 
PDF
Module 13 - Troubleshooting
T. J. Saotome
 
PDF
Red Hat Enterprise Linux 8 Technical overview v1(1).pdf
SimonCoter2
 
PDF
Openstack Benelux Conference 2014 Red Hat Keynote
Microsoft
 
PDF
RHEL roadmap
Ramesh Kumar
 
PDF
Red Hat for IBM System z Update v5
Filipe Miranda
 
PDF
2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...
Shawn Wells
 
PDF
[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform
OpenStack Korea Community
 
PDF
2010-11-08 NSA Technical Symposium
Shawn Wells
 
PDF
2011-11-03 Intelligence Community Cloud Users Group
Shawn Wells
 
PDF
Kernel Recipes 2017 - The state of kernel self-protection - Kees Cook
Anne Nicolas
 
PDF
2009-09-24 Get the Hype on System z Webinar with IBM, Current & Future Linux ...
Shawn Wells
 
PPTX
Linux remote
yarden hanan
 
PDF
2008-09-09 IBM Interaction Conference, Red Hat Update for System z
Shawn Wells
 
PDF
2009-04-14 IBM ISV Partnership Call
Shawn Wells
 
PDF
RHEL roadmap
Terry Wang
 
RHEL_Overview_Customer_Presentation_(golddeck)_customer_version
tedm23
 
Red Hat for IBM System z IBM Enterprise2014 Las Vegas
Filipe Miranda
 
OpenStack Benelux Conference 2014 | Plenair | RedHat
Guston Remie
 
tburke_rhel6_summit.pdf
ricardoarguello
 
Unix tc
Bill Chea
 
Module 13 - Troubleshooting
T. J. Saotome
 
Red Hat Enterprise Linux 8 Technical overview v1(1).pdf
SimonCoter2
 
Openstack Benelux Conference 2014 Red Hat Keynote
Microsoft
 
RHEL roadmap
Ramesh Kumar
 
Red Hat for IBM System z Update v5
Filipe Miranda
 
2010-01-28 NSA Open Source User Group Meeting, Current & Future Linux on Syst...
Shawn Wells
 
[OpenStack Days Korea 2016] Track1 - Red Hat enterprise Linux OpenStack Platform
OpenStack Korea Community
 
2010-11-08 NSA Technical Symposium
Shawn Wells
 
2011-11-03 Intelligence Community Cloud Users Group
Shawn Wells
 
Kernel Recipes 2017 - The state of kernel self-protection - Kees Cook
Anne Nicolas
 
2009-09-24 Get the Hype on System z Webinar with IBM, Current & Future Linux ...
Shawn Wells
 
Linux remote
yarden hanan
 
2008-09-09 IBM Interaction Conference, Red Hat Update for System z
Shawn Wells
 
2009-04-14 IBM ISV Partnership Call
Shawn Wells
 
RHEL roadmap
Terry Wang
 
Ad

Recently uploaded (20)

PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PPT
Teaching material agriculture food technology
LiaRayya
 
PDF
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
PDF
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PDF
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PPTX
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Approach and Philosophy of On baking technology
30anthuong17
 
Teaching material agriculture food technology
LiaRayya
 
Dropbox Q2 2025 Financial Results & Investor Presentation
Dropbox
 
The Rise and Fall of 3GPP – Time for a Sabbatical?
3G4G
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Cloud computing and distributed systems.
kkkkkhan
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
Bridging biosciences and deep learning for revolutionary discoveries: a compr...
IAESIJAI
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
CIFDAQ's Market Insight: SEC Turns Pro Crypto
CIFDAQ
 
PA Analog/Digital System: The Backbone of Modern Surveillance and Communication
AVTRON Technologies LLC
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 

NVIDIA GTC 2018: Spectre/Meltdown Impact on High Performance Workloads

  • 1. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING1 Spectre/Meltdown Impact on High Performance Workloads Red Hat Performance Engineering NVIDIA GTC, March 2018
  • 2. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING2 ● Context ● Performance Data and Capacity Planning ● KBase Overview ● Going Forward AGENDA
  • 3. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING3 VULNERABILITY OVERVIEW Meltdown - Rogue data cache load ● Allows reading all memory Spectre Variant 1 - Bounds check bypass ● Throw-away data left insecure in CPU cache Spectre Variant 2 - Branch Target Injection ● CPU branch predictor trained by exploit
  • 4. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING DETERMINING VULNERABILITY • OS vendors provide tools to determine vulnerability • Recent Linux and RHEL kernels include the following new sysfs entries 4 $ ls -1 /sys/devices/system/cpu/vulnerabilities/* /sys/devices/system/cpu/vulnerabilities/meltdown /sys/devices/system/cpu/vulnerabilities/spectre_v 1 /sys/devices/system/cpu/vulnerabilities/spectre_v 2
  • 5. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING Userspace vs. Kernelspace Userspace ( e.g. /bin/bash) Operating System (e.g. Linux kernel) System Call Interface 5
  • 6. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING6 PERFORMANCE DATA AND CAPACITY PLANNING
  • 7. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING7 TensorFlow on NVIDIA GPUs, CUDA 9.1 %diff vs Pre-CVE Kernel Baseline
  • 8. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING8 KERNEL BYPASS NETWORKING - Broadwell
  • 9. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING9 CAPACITY PLANNING
  • 10. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING10 ● RHEL 6/7 have transparent hugepages enabled by default ○ Reduces amount of TLB entries and thus total flush impact ● RHEL 7.4.z has PCID support from 4.14 ○ Reduces impact of TLB flushes by tagging/tracking ○ (2010+ CPUs have it...check /proc/cpuinfo) ● RHEL has runtime knobs to disable patches (no reboot req’d) HOW TO MANAGE PERFORMANCE IMPACT echo 0 > /sys/kernel/debug/x86/pti_enabled echo 0 > /sys/kernel/debug/x86/ibrs_enabled echo 0 > /sys/kernel/debug/x86/retp_enabled
  • 11. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING11 IMPACT VARIES BY WORKLOAD
  • 12. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING12 ● Community landing page https://meltdownattack.com/ ● Meltdown and Spectre in 3 Minutes ● FOSDEM Closing Keynote ● Speculative Execution Exploit Performance Impacts ● Controlling the Performance Impact of Microcode and Security Patches ● Intel.com: Advancing Security at the Silicon Level LINKS
  • 13. JEREMY EDER - RED HAT PERFORMANCE ENGINEERING THANK YOU plus.google.com/+RedHat linkedin.com/company/red-hat youtube.com/user/RedHatVideos facebook.com/redhatinc twitter.com/RedHatNews