Hello
I expect that you have heard about the recent vulnerabilities of most of the actual CPU's. These vulnerabilities are known as Meltdown and Spectre. I think this picture about these vulverabilities exaggerates a bit
but the threat should not be underestimated (picture stems from an article in ct about Spectre/Meltdown).
A mitigation (RETPOLINE) was shipped with the actual kernel 4.9.77. As a negative effect it might reduce the CPU-perfomance for about 5 %.
To evaluate the effect I compiled this kernel for Xenial64. These are the additional kernel parameters that are part of the base settings of 4.9.77 compared to 4.9.58:
# Linux/x86 4.9.77 Kernel Configuration
CONFIG_RETPOLINE=y
CONFIG_GENERIC_CPU_VULNERABILITIES=y
CONFIG_KEYS_COMPAT=y
CONFIG_PAGE_TABLE_ISOLATION=y
After changing the kernel I used HARDINFO to determine the CPU performance with the Xenial64 7.5 Standard-Kernel 4.9.58, the 4.9.77 without and with RETPOLINE activated.
According to the literature RETPOLINE should reduce the performance significantly.
______________________________________________Kernel 4.9.58________Kernel 4.9.77 no retpoline___Kernel 4.9.77 with retpoline
CPU Blowfish (lower is better)______This Machine___3581 MHz__2.025____ 3300 MHz__1.986_________3300 MHz__1.997
CPU CryptoHash (higher is better)__This Machine___3581 MHz__717.230___3300 MHz__781.685_______3300 MHz__755.834
CPU Fibonacci (lower is better)_____This Machine___3581 MHz__0.289_____3300 MHz__0.291_________3300 MHz__0.294
CPU N-Queens (lower is better)____This Machine___3581 MHz__7.153_____3300 MHz__6.935_________3300 MHz__7.236
According to these results I see only a performance reduction for N-QUEENS and CryptoHash. For some reasons the K4.9.58 doesn't determine the CPU frequency correctly.
If you are interested in testing and protecting your machine against the vulverability you can download here my compiled kernel with all necessary files including the used .config file.
Update !
http://www.mediafire.com/file/h1ys05ddq ... l64.tar.gz
Christian
P.S. These are the configuration differences between the standard kernel .config 4.9.58 and 4.9.124:
CONFIG_RETPOLINE=y
CONFIG_GENERIC_CPU_VULNERABILITIES=y
CONFIG_PAGE_TABLE_ISOLATION=y
CONFIG_HOTPLUG_SMT=y