Linux is reluctant to apply Intel patches against Specter

Specter, or rather the mitigations necessary to improve the security of processors exposed to this vector of attack, threaten to cause a significant decrease in performance on computers

From this we saw yesterday a somewhat dramatic episode, since a mitigation against the Specter v2 attacks with the initials STIBP causes a decrease of up to 50% in some loads on Intel CPU (mark for which mitigation is directed).

The situation seriously questioned the STIBP authorization, something that was supported by Linus Torvalds, who recommended the non-activation of the mitigation by default and that instead SMT (Hyper-Threading in Intel) be disabled from the configuration of the board base if you wanted to secure the best security. The arrival of STIBP is not only planned for Linux 4.20, but has also been taken back to LTS versions 4.14 and 4.19, which is logical if we consider that it is a security measure against Specter. The workloads affected include Python, PHP, Java, code compilation and even the execution of some games, so performance problems could have an appreciable impact not only on server environments, but also on the end user's desktop.

After the commotion generated, there have been some movements in the backstage of Linux, since in the release stable candidate branch of Greg Kroah-Hartman the code of STIBP has been reverted in Linux 4.14 and 4.19, so the performance problems would have to have disappeared in those versions. However, mitigation is still present in Linux 4.20, with the intention of being revised under a better approach and be ready before the official release of this version of the kernel within a month. The aim is to debug the STIBP code to avoid the impact on performance as much as possible.

Although this mitigation is aimed at Intel users, this does not mean that those of AMD can claim victory, since although the first brand seems to be more affected by the problems arising from Specter, the second also makes use of SMT , so it can not be ruled out that similar episodes occur in their products.


Date update on 2018-11-25. Date published on 2018-11-25. Category: linux Author: Oscar olg Fuente: muylinux
linux