- VMware performance team has tested Linux kernel 5.19 and found that this kernel version has a major performance hit on ESXi VMs.
- The reason for the performance hit is the Retbleed mitigations that were implemented during kernel 5.19 development.
- Disabling the Retbleed mitigation by kernel boot parameters fixes the performance issues, bringing it on par with Linux kernel 5.18; the version that did not have Retbleed mitigations.
During the development of Linux kernel 5.19, some bad news emerged as some of the Intel and AMD CPUs are vulnerable. This vulnerability named Retbleed and the development of kernel 5.19 was immediately shifted to fix this issue, causing one more week of work on it.
Affects networking and storage as well
Disabling the Retbleed mitigation fixes the performance hit, but also makes the systems vulnerable
The fix was told to be affecting the CPU performance, but, VMware now states that it could smash up to 70% of computing power on ESXi VMs. After investigation, the VMware performance team has published the details and a warning about a performance regression on VMware ESXi VMs while running atop Linux kernel 5.19. This kernel release can cause performance loss of up to 70% in computing, up to 30% in networking, and up to 13% in storage.
After trying to turn off the Retbleed mitigation with spectre_v2=off kernel boot parameter, the VMware performance team has noticed that the results are almost the same with Linux kernel 5.18; the kernel release without Retbleed mitigations. This test ensures that the performance hit is caused by the Retbleed fixes.
Retbleed is a speculative execution vulnerability that is a Spectre variant. This vulnerability can be tracked as CVE-2022-29900 for AMD hardware and CVE-2022-29901 for Intel hardware. You can find our full coverage for Retbleed vulnerability here.