The father of the Linux operating system has once again blasted Intel for its handling of the Spectre and Meltdown chip vulnerabilities due to the sloppiness of some of the patches. While he has a point, he’s also being a bit unfair, as well as unreasonable.
Linus Torvalds is known for his blistering comments on the Linux mailing lists and frequently expresses his dissatisfaction with high levels of acidity. In this case, he was responding to an Amazon engineer on the Linux kernel mailing list regarding recent patches that have resulted in some systems randomly rebooting.
“They do literally insane things. They do things that do not make sense,” Torvalds wrote. “I think we need something better than this garbage.”
Spectre and Meltdown are silicon-level chip vulnerabilities that enable hackers to bypass protections and access in data that they should not see. While data cannot be changed, deleted, or overwritten, it still can be seen — and that’s problem enough.
One of Torvalds’ complaints is that Intel chose to do nothing for variant 2 of the Spectre flaw. Rather than preventing abuse of branch prediction by disabling it and taking the performance hit, Intel has decided to ship at least the next few chips with the vulnerability by default but will include a protection flag that can be set by software.
Intel explained its decision in a technical note entitled Speculative Execution Side Channel Mitigations. The decision to address the flaw as a feature with an opt-in flag to mitigate it caused Torvalds to go off.
“All of this is pure garbage. Is Intel really planning on making this shit architectural?” he wrote. “Has anybody talked to them and told them they are f*cking insane? Please, any Intel engineers here — talk to your managers.”
The “insane” part he is referring to is that Intel has added redundant code to the patch and made the entire thing optional. Torvalds says Intel’s Meltdown patch is so inefficient that it would cause considerable performance hits, which we already know. He said Google has made far better fixes on its own.
Separately, Intel identified the problem with updates that have caused Broadwell and Haswell-generation CPUs to crash. It asked OEMs and other partners to pull their fixes until it can issue a proper fix. Few things are more embarrassing than patching a patch, as Microsoft has learned over the years, so Intel is looking pretty sloppy here.
Where’s Torvalds’ fix?
But in this case, I also think Tovalds is being an ass, and it’s not funny. Intel is rushing out fixes to silicon-based problems. That is not an easy thing to do. It’s being forced to change how a CPU processes information in a fundamental way. If it’s so simple, where’s Torvalds’ fix? He keeps calling it garbage in the mailing list but offers no fix.
The fixes will improve. Many people were forced to scramble after Google went public with the news. Even though Google sat on the problem for more than six months, it didn’t inform enough people and some were left to scramble. The patches will be optimized in time but for now, yes, there will be pain.
And yes, it will be in the CPU pipeline for a while because the development pipeline is long. You are talking about a device with billions of transistors, and the problem isn’t a bug as defined by software errors but a vulnerability in how the CPU functions. That will take time to correct. It’s not changed overnight, not even close. Intel has to make fundamental changes to the branch prediction function of the CPU, and that’s not trivial. Is it supposed to not release any new CPUs for the next one or two years while it addresses the flaw? That’s ludicrous.
So, I repeat, what is your solution Linus, beyond repeatedly calling it garbage?