Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > comp.sys.intel > #520

Linus Torvalds declares Intel fix for Meltdown/Spectre 'COMPLETE AND UTTER GARBAGE'

Cross-posted to 5 groups.

Show all headers | View raw

The always outspoken Linus Torvalds, best known for his 
continuing work on the innermost code of Linux systems, has 
harsh words to say and accusations to level against Intel. His 
evaluation of Intel’s latest proposed fix for the 
Meltdown/Spectre issue: “the patches are COMPLETE AND UTTER 
GARBAGE.” As a potential line of inquiry, he suggests: “Has 
anybody talked to them and told them they are f*cking insane?” 
(Asterisk his.)

These and other kind epithets are awarded by Torvalds in a 
public email chain between him and David Woodhouse, an engineer 
at Amazon in the U.K., regarding Intel’s solution as relating to 
the Linux kernel. The issue is (as far as I can tell as someone 
far out of their depth) a clumsy and, Torvalds argues, “insane” 
implementation of a fix that essentially does nothing while also 
doing a bunch of unnecessary things.

The fix needs to address Meltdown (which primarily affects Intel 
chips), but instead of just doing so across the board, it makes 
the whole fix something the user or administrator has to opt 
into at boot. Why even ask, if this is such a huge 
vulnerability? And why do it at such a low level when future 
CPUs will supposedly not require it, at which point the choice 
would be at best unnecessary and at worst misleading or lead to 
performance issues?
Meanwhile, a bunch of other things are added in the same patch 
that Torvalds points out are redundant with existing solutions, 
for instance adding protections against an exploit already 
mitigated by Google Project Zero’s “retpoline” technique.

Why do this? Torvalds speculates that a major part of Intel’s 
technique, in this case “Indirect Branch Restricted Speculation” 
or IBRS, is so inefficient that to roll it out universally would 
result in widespread performance hits. So instead, it made the 
main Meltdown fix optional and added the redundant stuff to make 
the patch look more comprehensive.

Is Intel really planning on making this shit architectural? Has 
anybody talked to them and told them they are f*cking insane?

They do literally insane things. They do things that do not make 
sense. That makes all your [i.e. Woodhouse’s] arguments 
questionable and suspicious. The patches do things that are not 
sane.

…So somebody isn’t telling the truth here. Somebody is pushing 
complete garbage for unclear reasons. Sorry for having to point 
that out.

Woodhouse (who in a long-suffering manner asks they “be done 
with the shouty part”), later in the thread acknowledges 
Torvalds’ criticism, calling IBRS is “a vile hack” and agreeing 
that “There’s no good reason for it to be opt-in.” But he but 
notes some points that are, if not exactly in favor of Intel’s 
approach, at least explain it a bit.

Intel, for its part, offered the following statement: “We take 
the feedback of industry partners seriously. We are actively 
engaging with the Linux community, including Linus, as we seek 
to work together on solutions.” So at least they seem to still 
be on a first-name basis.

At any rate, this is all very deep discussion and really only a 
small slice of it. I’m not highlighting this because I think 
it’s technically interesting (I’m not really qualified to say 
so) or consequential in terms of what users will see (it’s hard 
to say at this point) but rather to simply point out that the 
Meltdown/Spectre debacle is far from over — in fact, it’s barely 
begun.

What we saw a few weeks back was the initial wave of craziness 
and the first line of defense being established. But the work of 
protecting the billions of devices affected by these problems is 
going to go on for years as conflicts like this work themselves 
out. And Linus Torvalds, as profane as his criticisms are wont 
to be, is one of the many people working hard on behalf of the 
open-source community and the people who ultimately benefit from 
it down the line.

If there weren’t detail-oriented, no-BS, old-school coders out 
there watching out for the likes of you and me, the great 
complacent unwashed out here in userland, we would have to take 
whatever Intel and the others hand us and thank them in our 
ignorance. I for one am glad to have people smarter and more 
uncompromising than myself fighting on our behalf, however 
“shouty” they may be.

Comments:

Hugh Cry · University of Calgary, Canada
Because Linux is bug free, right? Torvalds is sitting in a glass 
house.
Like · Reply · 10 · Jan 22, 2018 12:48pm

Gene Keenan · Works at Self-Employed
https://www.theverge.com/.../intel-advises-pause...
Like · Reply · 5 · Jan 22, 2018 12:55pm

Vince Feminella · Head Brewer at Screwy Brewing Company
uh...while Linux runs on Intel, its far from being a CPU 
architecture.
Like · Reply · 10 · Jan 22, 2018 12:59pm

Mace Moneta
This has nothing to do with being "bug free" it's about the way 
a bug was (not) fixed.
Like · Reply · 38 · Jan 22, 2018 1:00pm · Edited

https://techcrunch.com/2018/01/22/linus-torvalds-declares-intel-
fix-for-meltdown-spectre-complete-and-utter-garbage/

Back to comp.sys.intel | Previous | Next — Next in thread | Find similar

Thread

Linus Torvalds declares Intel fix for Meltdown/Spectre 'COMPLETE AND UTTER GARBAGE' Nomen Nescio <nobody@dizum.com> - 2018-01-29 06:25 +0100
  Re: Linus Torvalds declares Intel fix for Meltdown/Spectre 'COMPLETE AND UTTER GARBAGE' Paul <nospam@needed.invalid> - 2018-01-29 01:58 -0500
    Re: Linus Torvalds declares Intel fix for Meltdown/Spectre 'COMPLETE AND UTTER GARBAGE' "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2018-01-30 20:44 +0800
  Re: Linus Torvalds declares Intel fix for Meltdown/Spectre 'COMPLETE AND UTTER GARBAGE' "Mr. Man-wai Chang" <toylet.toylet@gmail.com> - 2018-01-30 20:42 +0800

csiph-web