I imagine most everyone here knows about Meltdown and Spectre, especially since it's the biggest security vulnerability ever as far as I know. Meanwhile, trying to actually fix it has been problematic, with initial fixes causing instability.

Much has been made of Linus Torvald's criticism of Intel's suggested patches to the Linux kernel, but it's important to understand why. He's accused Intel of passing the buck by making software developers responsible for dealing with it while also hoping that people will ignore the fix in the face of the performance hits:

    The whole IBRS_ALL feature to me very clearly says "Intel is not

    serious about this, we'll have a ugly hack that will be so expensive

    that we don't want to enable it by default, because that would look

    bad in benchmarks".

    So instead they try to push the garbage down to us. And they are doing

    it entirely wrong, even from a technical standpoint.

    I'm sure there is some lawyer there who says "we'll have to go through

    motions to protect against a lawsuit". But legal reasons do not make

    for good technology, or good patches that I should apply.

    [...]

    And that's actually ignoring the much _worse_ issue, namely that the

    whole hardware interface is literally mis-designed by morons.



FirebrandRoaring:

    namely that the whole hardware interface is literally mis-designed by morons

Dude. I hope he can deliver on that.

Man. Linus is pissed.


posted by johnnyFive: 119 days ago