Just like Intel's CPUs, Intel GPUs are allegedly vulnerable to performance penalties from security mitigations. Phoronix reports that disabling Intel graphics security mitigations for its OpenCL and Level Zero compute stack in Linux can boost performance by up to 20%.
Canonical, the makers of Ubuntu, are looking to disable these security mitigations in their OS due to the enormous performance impact these mitigations have on Intel GPUs. Intel reportedly allows its GPU compute stack to be built without security mitigations, enabling Canonical to achieve its goal without hunting down unofficial deactivation methods.
Intel also publishes its OpenCL and Level Zero compute stack on its GitHub page without mitigations enabled by default, giving Canonical extra confidence that disabling the mitigations is worthwhile. Further, Ubuntu's kernel already has the same security mitigations Intel provides for its GPUs intact on the CPU side, making Intel's GPU mitigations almost redundant.
However, Canonical admits that disabling Intel's security mitigations on the GPU side will open up systems to unknown security vulnerabilities, even though its kernel is secured appropriately. However, the apparent risk is so small that the extra performance afforded by disabling the mitigations is worth it.
Security mitigations are architecture-specific, so these performance issues are guaranteed to affect not only Intel's integrated GPUs but also its dedicated GPUs. There is no easy-to-find information on whether or not Windows has these mitigations turned on by default for Intel GPUs. But if Intel is so willing to disable them on Linux, we can expect Intel to provide an update on the Windows side in the future, assuming they are turned on in the first place.
Security mitigations began seriously affecting Intel CPUs when the Spectre vulnerability was first discovered. Intel has had to provide constant security updates to its processors since then to combat wave after wave of new security vulnerabilities that have been discovered, which sadly hamper CPU performance. For example, the Spectre-v2 mitigations alone induce up to a 35% performance impact on patched Intel chips. Security vulnerabilities often impact performance-focused components inside the CPU, such as the branch predictor. Security mitigations modify these aspects of the CPU, causing performance to drop. AMD CPUs are also affected in the same way, but are generally less sensitive to performance drops due to their chips being less susceptible to exploitation than Intel's CPUs. There are exceptions, though, including AMD's Inception fix on Zen 3.
The good news is that GPUs don't run the operating system, so security mitigations on the GPU side are far less important than on the CPU (especially in the consumer market). Intel and Canonical would probably be far less willing to disable security mitigations if this weren't the case.
Follow Tom's Hardware on Google News to get our up-to-date news, analysis, and reviews in your feeds. Make sure to click the Follow button.
