- Pivotal Greenplum Database (GPDB)
- HAWQ Database (HDB)
This document explains about Meltdown and Spectre vulnerabilities and performance impact of the patch on Greenplum and HAWQ database.
What is Meltdown & Spectre?
Meltdown and Spectre exploit critical vulnerabilities in modern processors. These hardware issues allow programs to steal data which is currently processed on the computer. While these programs are typically not permitted to read data from the other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs.
For additional context regarding the hardware issues, please read the following links :
|Architecture||Intel||Intel, AMD, ARM|
|Entry||Must have code execution on the system||Must have code execution on the system|
|Method||Intel Privilege Execution + Speculative Execution||Branch Prediction + Speculative Execution|
|Impact||Read Kernel Memory from User Space||Read contents of memory from other users's running program|
|Action||Kernel Patching||Kernel Patching (more nuanced)|
|Patch Name||KPTI aka KAISER||LLVM/retpoline|
Impact of kernel patch fixes on Greenplum and Pivotal HDB?
The fixes to Linux kernels are expected to have a performance impact to Greenplum Databases. Testing various data set sizes with the TPC-DS benchmark, we see the following impacts:
1 GB dataset - 4-10% decrease in performance 1 TB dataset - 13-18% decrease in performance
These ranges are partly determined by the use of ORCA vs. Planner (Planner doing better for 1 GB, ORCA better for 1 TB) as well as the kind of workload which systems are subjected to. A customer may see a larger performance impact depending on their workload.
Because the vulnerabilities were announced early, some OS vendors are still working on the mitigation efforts required to address this flaw.
Pivotal continues to investigate the full extent of the impact that the fixes from vendors will have upon Greenplum and will issue further guidance when available.
Please check the following Pivotal advisory for updates: https://pivotal.io/security/meltdown-and-spectre-attacks