• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.
  • The forums have been upgraded with support for dark mode. By default it will follow the setting on your system/browser. You may override it by scrolling to the end of the page and clicking the gears icon.

Intel GPUs Gain 20% Performance by Disabling Security Mitigations

AleksandarK

AleksandarK

News Editor
Staff member
Joined
Aug 19, 2017
Messages
3,211 (1.11/day)
Intel GPUs, both iGPUs and Arc, on Linux, can achieve a surprising 20% performance boost by taking direct action within their own graphics stack. The company has long incorporated security mitigations into its open-source Compute Runtime to protect against vulnerabilities like Spectre, but these safeguards have carried a hidden cost. With the introduction of a build-time option named NEO_DISABLE_MITIGATIONS, Intel now allows users to compile the Compute Runtime without these extra checks, thereby reclaiming up to 20% in OpenCL and Level Zero workloads. Behind the scenes, Intel's engineers have been testing unmitigated builds on GitHub for months, and the results have been clear: disabling these driver-level mitigations can significantly speed up shader compilation, AI-driven upscaling routines, and physics simulations that rely on GPU compute.

Intel's confidence in disabling these checks stems from the fact that modern Linux kernels already address Spectre vulnerabilities comprehensively at the operating system level. To keep users informed, the Compute Runtime build will emit a warning if it detects a kernel lacking the necessary patches, ensuring transparency about any residual risk. Canonical's Ubuntu team has partnered with Intel to introduce this enhancement in its upcoming 25.10 release. But make no mistake, this is Intel's initiative: the company is driving the performance improvements, publishing unmitigated binaries upstream, and coordinating with distribution partners to make the change broadly available. Security teams at Intel have analyzed the potential attack surface and concluded that the performance gains far outweigh the minimal risk, especially given that Intel's own builds have been running unmitigated without incident.



View at TechPowerUp Main Site | Source
 
So, two things:
  1. I didn't really understand, is this relevant on windows as well?
  2. Why would you need spectre exploit mitigations on a gpu? First i've heard of this. I thought it was a cpu issue?
 
Yes, GPU's have security flaws as well. And can be exploited if there's not a decent driver patch for it.
 
Rexter said:
So, two things:
  1. I didn't really understand, is this relevant on windows as well?
Click to expand...
Partially it is. The Intel Compute Runtime can run under Windows Subsystem for Linux. The Windows drivers themselves provide a version of CR, but it's not known whether they ship the same configuration.
Rexter said:
  1. Why would you need spectre exploit mitigations on a gpu? First i've heard of this. I thought it was a cpu issue?
Click to expand...
It's not mitigating against Spectre on the GPU. It's mitigating in the runtime code running on the CPU. It's redundant if the kernel already does its mitigations, so now it's not being enabled by default.
Intel went with a cautious approach with this mitigation, for the time where Spectre mitigations were not always running in the kernel for whatever reason.

One has to keep in mind that this issue is only affecting Intel OpenCL runtime, not the graphic drivers themselves as far as we know.
 
How much more competitive would this make with GPU testing.
 
I believe their shader compiler also relies on the Compute Runtime. If so, this could slightly speed up the first run of games or new driver installations. I wonder if the actual GPU drivers themselves aren't being handicapped by unneeded mitigations.
 
Rexter said:
So, two things:
  1. I didn't really understand, is this relevant on windows as well?
  2. Why would you need spectre exploit mitigations on a gpu? First i've heard of this. I thought it was a cpu issue?
Click to expand...
Intel GPUs are very CPU-dependent when it comes to best performance, so it makes sense that any boost the CPU would get from disabling mitigations would boost GPU performance.
 
Since nobody has access on my personal PC but me, I want to disable those craps on my Intel CPU too. Is there any possible way to do that??
 
Good way to encourage people to upgrade their non-kernel mitigated CPUs. An additional 20% boost when you can confidently turn off those software based spectre workarounds.
 
DudeBeFishing said:
Is Intel suffering from amnesia? We've known since 2018.
Click to expand...
Who is “we”? Did “we” know the Linux kernel wasn’t fully patched against Spectre until version 6.13, released in January 2025?
 
Last edited:
TumbleGeorge said:
Has another way to boost performance. If you want. Make dev drive and install games in this place.
Click to expand...
Sorry, but how does this boost performance over an nVme drive and what does it have to do with Intel's Security mitigations slowing down the CPU?
 
Prima.Vera said:
Sorry, but how does this boost performance over an nVme drive and what does it have to do with Intel's Security mitigations slowing down the CPU?
Click to expand...
optimizing file system operations and leveraging a more efficient file system, ReFS, along with a performance mode for Windows Defender
Click to expand...
This.
 
Visible Noise said:
Who is “we”? Did “we” know the Linux kernel wasn’t fully patched against Spectre until version 6.13, released in January 2025?
Click to expand...
We as in anyone who frequently reads tech news. It's known these mitigations reduce performance. The Windows patches and microcode updates reduce performance. It's no surprise the Linux kernel mitigations do too. Intel pushed hard to have these unneeded mitigations pushed to home PCs. Intel was fine with their older CPUs performance tanking. Now it affects their new product, and all of a sudden these mitigations aren't worth the performance hit. And no, these mitigations have been there since 2019 or so.
 
If I want I can disable those mitigation in the linux kernel. I doubt it's that simple and easy with windows.
the gnu userspace is evolving. It's hard to compare real life values or benchmarks from the past years with as of today.
When I want an insecure gaming only system i boot up windows 11 pro.

Once in a while i read ignored members.

I think those other bugs were found later or were tested or verified much later. I saw quite recently they classify these bugs in another fashion.
Note: I do not watch or check cpuinfo on every warmboot.

model name : AMD Ryzen 5 7600X 6-Core Processor
bugs : sysret_ss_attrs spectre_v1 spectre_v2 spec_store_bypass srso spectre_v2_user

Quoting an antique kernel with 6.13.x is kinda funny. New hardware should run bleeding edge. For dated hardware, E.g. Intel T3000 and similar, linux mint is fine with the outdated old packages (=Software)

You quote a kernel from end of january 2025
Code: 
     Sun Jan 19 21:17:06 2025 >>> sys-kernel/gentoo-sources-6.12.10
       merge time: 51 seconds.

     Tue Jan 21 12:51:53 2025 >>> sys-kernel/gentoo-sources-6.13.0
       merge time: 1 minute and 22 seconds.
 
You must log in or register to reply here.
Back
Top