As Intel continued adding new security mitigations to its CPUs and GPUs with each new threat, some started overlapping, causing unnecessary resource drainage. One of these can seemingly return up to 20% of lost performance when disabled, a thing that prompted Intel and Canonical to make it the default state.
According to an Ubuntu Launchpad bug report for the Intel Compute Runtime, users can expect up to 20% performance improvement when disabling Intel graphics security mitigations on the GPU compute stack for OpenCL and Level Zero. In other words, disabling these driver-level mitigations can significantly boost the performance on heavy compute tasks such as physics simulations and data processing. And in case you were wondering, Windows users and especially gamers don’t seem to be concerned by this.
With so much performance on the line, Ubuntu maker Canonical has collaborated with Intel to disable these security patches in its Linux packages to avoid wasting performance on redundant mitigations. Ubuntu’s kernel already has these security mitigations for the CPU side, so having them on both is wasteful. In fact, even Intel’s GitHub binary packages for Compute Runtime for OpenCL and Level Zero ship with these mitigations disabled. In the case of Canonical, this change is expected to begin with Ubuntu 25.10.
“After discussion between Intel and Canonical’s security teams, we are in agreement that Spectre no longer needs to be mitigated for the GPU at the Compute Runtime level. At this point, Spectre has been mitigated in the kernel, and a clear warning from the Compute Runtime build serves as a warning for those running modified kernels without those patches. For these reasons, we feel that Spectre mitigations in Compute Runtime no longer offer enough security impact to justify the current performance tradeoff,” says Shane McKee, software engineer at Canonical.
With that in mind, such a move could open the door up for new and unknown venues of attack, which could force Intel and Canonical to reenable these security fixes. But until then, professionals can enjoy extra performance, wasting less time waiting for tasks to finish. Considering the cost of hardware infrastructures nowadays, every percent gained is a win.
