Linus Torvalds declares Intel fix for Meltdown/Spectre COMPLETE AND UTTER GARBAGE [View all]

https://techcrunch.com/2018/01/22/linus-torvalds-declares-intel-fix-for-meltdown-spectre-complete-and-utter-garbage/

The always outspoken Linus Torvalds, best known for his continuing work on the innermost code of Linux systems, has harsh words to say and accusations to level against Intel. His evaluation of Intel’s latest proposed fix for the Meltdown/Spectre issue: “the patches are COMPLETE AND UTTER GARBAGE.” As a potential line of inquiry, he suggests: “Has anybody talked to them and told them they are f*cking insane?” (asterisk his.)

These and other kind epithets are awarded by Torvalds in a public email chain between him and David Woodhouse, an engineer at Amazon in the U.K., regarding Intel’s solution as relating to the Linux kernel. The issue is (as far as I can tell as someone far out of their depth) a clumsy and, Torvalds argues, “insane” implementation of a fix that essentially does nothing while also doing a bunch of unnecessary things.

The fix needs to address Meltdown (which primarily affects Intel chips), but instead of just doing so across the board, it makes the whole fix something the user or administrator has to opt into at boot. Why even ask, if this is such a huge vulnerability? And why do it at such a low level when future CPUs will supposedly not require it, at which point the choice would be at best unnecessary and at worst misleading or lead to performance issues?

Meanwhile, a bunch of other things are added in the same patch that Torvalds points out are redundant with existing solutions, for instance adding protections against an exploit already mitigated by Google Project Zero’s “retpoline” technique