Hello guys,
It is quite late and I am pretty tired because Intel allowed me to spend another evening investigating what they did wrong. So here is just the short version of this:
I had a call with Peter and Arne today and we discussed what we can do to actually fix the latest Intel vulnerabilities. There is only one option which is to disable SMT - or rather known as Intel Hyper-Threading by default.
This will decrease performance by at least 40%. I think with our workload it might be worse.
There is a new CGI which allows you to see how your hardware is affected and it allows you to force HT on if you really really want it and do not care about people breaking into your firewall.
The code has just been pushed into next. Because I want to get this update out as soon as possible, please help me testing it and maybe if you have the time to do some benchmarks, that would be good to know how much performance we are actually losing.
If you have questions, please don’t hesitate to ask.
I am going to bed now :)
-Michael