Epic, developers of Unreal Engine and popular online game Fortnite, have given us our first clue as to the impact of Meltdown CPU patching on gaming performance.
Meltdown, which impacts basically any Intel CPU in the past ten years or more, means that any application can gain access to a privileged area of kernel memory on the CPU. That kernel memory, at any time, might be storing within it sensitive information, like passwords, encryption keys, and various other keys to the kingdom.
In order to mitigate the risk of Meltdown – not to be confused with Spectre, which is a different vulnerability that impacts almost all CPUs – a series of patches are being produced for Intel-based systems, both Linux kernel updates and Windows updates, that effectively rewrite the way the operating system kernel works.
TL; DR: that ‘short’ way of working, via kernel memory, will be closed, and applications will have to go a ‘longer way around’ to ensure the processor’s kernel memory, and everything contained within it, is secure.
This is going to have a performance impact, for sure. The Register did some initial testing and found it could be anywhere between 5-30% slowdown on CPU performance.
PostgreSQL SELECT 1 with the KPTI workaround for Intel CPU vulnerability https://t.co/N9gSvML2Fo
Best case: 17% slowdown
Worst case: 23%
— The Register (@TheRegister) January 2, 2018
People’s first thought in this instance is about their own PC. There’s a good chance you’re running a processor model that’s covered by the Meltdown vulnerability, and if you want your PC to remain secure against this nasty kernel bug, then you’ll need to keep your patches up to date. And when you do apply the patches, there will be some degree of performance hit.
Spare a thought, however, for online services. If you don’t patch your PC for a while – and we recommend that you do – then that’s your choice. Service providers, data centres, public cloud platforms and the like have to patch their systems as soon as possible. They have a duty of care to the services and data they host, and would be opening themselves up to all manner of liability and lawsuits if their negligent inaction caused breaches or data loss.
Lots of gaming-related services – from online stores and digital downloads, to streaming services and even the back-end of online games themselves – will also be running on Intel-powered servers. A public cloud, including services like Microsoft’s Azure or Amazon’s AWS, is the ideal location for gaming platforms, because you can scale your capacity up and down on demand, in tandem with user load.
And now, thanks to a forum post by Epic – the developers of Fortnite, and its PUBG-alike mode, Fortnite Battle Royale – we have an indication of how bad that performance hit might be.
To be clear, we don’t know what the parameters of that graph are, other than it’s clearly been lifted from a monitoring solution like Nagios or Zabbix. We don’t know if that’s one server, or a bunch, or Fortnite’s entire server farm, but that is a horrific jump in CPU usage which – anecdotally, at least – tends to correspond with longer queues and instability for players of Fortnite Battle Royale.
That graph is literally a sysadmin’s worst nightmare. You spec a platform with the capacity you need, plus a little spare. Then you find that your CPU usage has more than doubled, overnight, because of a vulnerability you needed to patch? That sort of thing keeps IT folk awake at night.
At least on a cloud platform Epic will be able to easily add more resources to the pot by requesting more from their cloud provider, but that’s not cheap and everyone will be clamouring for it.
This absolutely won’t be the last we hear of the Meltdown CPU vulnerability – or Spectre – in a gaming context, but thanks to a bit of up-front honesty from Epic, we have an idea of how serious it might be.