Slashdot Mirror

Are we seriously getting into an argument about whether Linus Torvalds initiated ad-hominem attacks or not? Because there is a loooong history of news articles and mailing list posts on this. Google seems to like this particular one you and I are talking about (probably because I am putting C++ in the search). But lots go back before that one. Here's one from 2004

In general, I'd say that anybody who designs his kernel modules for C++ is either
  (a) looking for problems
  (b) a C++ bigot that can't see what he is writing is really just C anyway

This is an attack not only against the language, but against the people who use it. I've seen the one you mentioned a bunch of times, but I can't seem to find the original post by Dmitry Kakurin. You imply that Dmitry Kakurin is the one who originally used the word "bullshit" but I only see Linus using it.

This topic is important because something pivotal is happening right now in the open-source community, and we need to understand why. Rewriting history now would blind us to the cause.

A lot of developers are pissed-off about the stupid post-meritocracy code-of-conduct political correctness. But we got here for a reason: many of the software "elites" were NOT running meritocracies. They claimed to do so, but in reality they were ostracizing smart capable people who didn't agree with them. To some degree, that's fine -- there needs to be a unifying philosophy in a project, and people who aren't on board are not going to be productive. But if you see leaders flaming people for having different opinions, that means those leaders are closing their mind to new ideas. That's also bad for a project. One can be open-minded without being an asshat.

The result of this is an overreaction, where "everyone is equal" and open discussion is no longer possible because people are walking on eggshells. Denying how we got here won't help. We need to acknowledge that posts like the ones Linus made are what fueled this revolt. And leaders today need to understand that they can be harsh, precise, and critical without being closed-minded or ostracizing. Linus probably knows this now. But don't pretend that he wasn't that way, or we risk this happening over and over again.

Main:
https://lkml.org/lkml/2019/1/1... (GPL Recission announcement (to show it can be done and encourage others to do it))
https://lkml.org/lkml/2018/10/... (Debunking of SFConservancy's statement)

Anti-Rescind:
ZDNet "Debunking" lulz.com article (by quoting PJ the paralegal, who got it wrong): https://www.zdnet.com/article/...
This is constantly cited by "no recind"ers.
SFConservancy's "Debunking" of lulz.com article: http://sfconservancy.org/news/...
(The new section: https://copyleft.org/guide/com... )
---
Pro-Rescind:
Refutation of SFConservancy's "debunking" of lulz.com article: https://lkml.org/lkml/2018/10/...
(Published 5 hours after the "debunking")

Public announcement of GPL Recission of GPC-Slots 2 game vs "Geek Feminists": https://lkml.org/lkml/2019/1/1...
(This was also posted elsewhere, so as to be visible to the recindees, and sent to the mail of the named individuals, where it could be determined)

Submission to slashdot (wasn't posted): https://slashdot.org/submissio...
---
Eben Moglen vows to write a paper about how the GPL is irrevokable:
https://lkml.org/lkml/2018/10/...
2 months later still no paper to be found: https://lkml.org/lkml/2018/12/...
---
Other useful links:
8chan discussions with author, and expositions on the law:
http://8ch.net/tech/res/101340...
http://8ch.net/tech/res/101782...
http://8ch.net/tech/res/101872...

4chan /g/ discussion, expositions on the law:
https://warosu.org/g/thread/S6...
http://archive.fo/OhIR4
http://boards.4channel.org/g/t...
---

Here's one user who did as suggested and consulted with an attorney friend, the attorney friend refuted the "following the GPL is consideration" argument nicely:
https://archives.gentoo.org/ge...

Thank you for the response, though I feel you don't address my
question. Happily though, I spoke with an acquaintance and it was
determined that the subservience to the license (i.e. agreeing to be
bound by the GPL2) could not be offered as consideration as its
restrictions were not the licensee's to offer at the time of
acceptance of the license. The licensee had no rights to offer as part
of the contract, as the contract had not yet given them any rights to
give up. The terms put forth by the GPL2 are only restrictions that
are part of the license.

Furthermore, as stated above, it should seem quite self referential -
I can't offer my acceptance of a license as consideration, because it
is what I am trying to accept.

As I am sure you are aware, under US law there is no contract if both
sides have not provided consideration. This leaves us in the strange
place of gratis licenses being suggestions.

Cheers,
R0b0t1

---
Various other threads:
https://archives.gentoo.org/ge...

Main:
https://lkml.org/lkml/2019/1/1... (GPL Recission announcement (to show it can be done and encourage others to do it))
https://lkml.org/lkml/2018/10/... (Debunking of SFConservancy's statement)

Anti-Rescind:
ZDNet "Debunking" lulz.com article (by quoting PJ the paralegal, who got it wrong): https://www.zdnet.com/article/...
This is constantly cited by "no recind"ers.
SFConservancy's "Debunking" of lulz.com article: http://sfconservancy.org/news/...
(The new section: https://copyleft.org/guide/com... )
---
Pro-Rescind:
Refutation of SFConservancy's "debunking" of lulz.com article: https://lkml.org/lkml/2018/10/...
(Published 5 hours after the "debunking")

Public announcement of GPL Recission of GPC-Slots 2 game vs "Geek Feminists": https://lkml.org/lkml/2019/1/1...
(This was also posted elsewhere, so as to be visible to the recindees, and sent to the mail of the named individuals, where it could be determined)

Submission to slashdot (wasn't posted): https://slashdot.org/submissio...
---
Eben Moglen vows to write a paper about how the GPL is irrevokable:
https://lkml.org/lkml/2018/10/...
2 months later still no paper to be found: https://lkml.org/lkml/2018/12/...
---
Other useful links:
8chan discussions with author, and expositions on the law:
http://8ch.net/tech/res/101340...
http://8ch.net/tech/res/101782...
http://8ch.net/tech/res/101872...

4chan /g/ discussion, expositions on the law:
https://warosu.org/g/thread/S6...
http://archive.fo/OhIR4
http://boards.4channel.org/g/t...
---

Here's one user who did as suggested and consulted with an attorney friend, the attorney friend refuted the "following the GPL is consideration" argument nicely:
https://archives.gentoo.org/ge...

Thank you for the response, though I feel you don't address my
question. Happily though, I spoke with an acquaintance and it was
determined that the subservience to the license (i.e. agreeing to be
bound by the GPL2) could not be offered as consideration as its
restrictions were not the licensee's to offer at the time of
acceptance of the license. The licensee had no rights to offer as part
of the contract, as the contract had not yet given them any rights to
give up. The terms put forth by the GPL2 are only restrictions that
are part of the license.

Furthermore, as stated above, it should seem quite self referential -
I can't offer my acceptance of a license as consideration, because it
is what I am trying to accept.

As I am sure you are aware, under US law there is no contract if both
sides have not provided consideration. This leaves us in the strange
place of gratis licenses being suggestions.

Cheers,
R0b0t1

---
Various other threads:
https://archives.gentoo.org/ge...

Main:
https://lkml.org/lkml/2019/1/1... (GPL Recission announcement (to show it can be done and encourage others to do it))
https://lkml.org/lkml/2018/10/... (Debunking of SFConservancy's statement)

Anti-Rescind:
ZDNet "Debunking" lulz.com article (by quoting PJ the paralegal, who got it wrong): https://www.zdnet.com/article/...
This is constantly cited by "no recind"ers.
SFConservancy's "Debunking" of lulz.com article: http://sfconservancy.org/news/...
(The new section: https://copyleft.org/guide/com... )
---
Pro-Rescind:
Refutation of SFConservancy's "debunking" of lulz.com article: https://lkml.org/lkml/2018/10/...
(Published 5 hours after the "debunking")

Public announcement of GPL Recission of GPC-Slots 2 game vs "Geek Feminists": https://lkml.org/lkml/2019/1/1...
(This was also posted elsewhere, so as to be visible to the recindees, and sent to the mail of the named individuals, where it could be determined)

Submission to slashdot (wasn't posted): https://slashdot.org/submissio...
---
Eben Moglen vows to write a paper about how the GPL is irrevokable:
https://lkml.org/lkml/2018/10/...
2 months later still no paper to be found: https://lkml.org/lkml/2018/12/...
---
Other useful links:
8chan discussions with author, and expositions on the law:
http://8ch.net/tech/res/101340...
http://8ch.net/tech/res/101782...
http://8ch.net/tech/res/101872...

4chan /g/ discussion, expositions on the law:
https://warosu.org/g/thread/S6...
http://archive.fo/OhIR4
http://boards.4channel.org/g/t...
---

Here's one user who did as suggested and consulted with an attorney friend, the attorney friend refuted the "following the GPL is consideration" argument nicely:
https://archives.gentoo.org/ge...

Thank you for the response, though I feel you don't address my
question. Happily though, I spoke with an acquaintance and it was
determined that the subservience to the license (i.e. agreeing to be
bound by the GPL2) could not be offered as consideration as its
restrictions were not the licensee's to offer at the time of
acceptance of the license. The licensee had no rights to offer as part
of the contract, as the contract had not yet given them any rights to
give up. The terms put forth by the GPL2 are only restrictions that
are part of the license.

Furthermore, as stated above, it should seem quite self referential -
I can't offer my acceptance of a license as consideration, because it
is what I am trying to accept.

As I am sure you are aware, under US law there is no contract if both
sides have not provided consideration. This leaves us in the strange
place of gratis licenses being suggestions.

Cheers,
R0b0t1

---
Various other threads:
https://archives.gentoo.org/ge...

Main:
https://lkml.org/lkml/2019/1/1... (GPL Recission announcement (to show it can be done and encourage others to do it))
https://lkml.org/lkml/2018/10/... (Debunking of SFConservancy's statement)

Anti-Rescind:
ZDNet "Debunking" lulz.com article (by quoting PJ the paralegal, who got it wrong): https://www.zdnet.com/article/...
This is constantly cited by "no recind"ers.
SFConservancy's "Debunking" of lulz.com article: http://sfconservancy.org/news/...
(The new section: https://copyleft.org/guide/com... )
---
Pro-Rescind:
Refutation of SFConservancy's "debunking" of lulz.com article: https://lkml.org/lkml/2018/10/...
(Published 5 hours after the "debunking")

Public announcement of GPL Recission of GPC-Slots 2 game vs "Geek Feminists": https://lkml.org/lkml/2019/1/1...
(This was also posted elsewhere, so as to be visible to the recindees, and sent to the mail of the named individuals, where it could be determined)

Submission to slashdot (wasn't posted): https://slashdot.org/submissio...
---
Eben Moglen vows to write a paper about how the GPL is irrevokable:
https://lkml.org/lkml/2018/10/...
2 months later still no paper to be found: https://lkml.org/lkml/2018/12/...
---
Other useful links:
8chan discussions with author, and expositions on the law:
http://8ch.net/tech/res/101340...
http://8ch.net/tech/res/101782...
http://8ch.net/tech/res/101872...

4chan /g/ discussion, expositions on the law:
https://warosu.org/g/thread/S6...
http://archive.fo/OhIR4
http://boards.4channel.org/g/t...
---

Here's one user who did as suggested and consulted with an attorney friend, the attorney friend refuted the "following the GPL is consideration" argument nicely:
https://archives.gentoo.org/ge...

Thank you for the response, though I feel you don't address my
question. Happily though, I spoke with an acquaintance and it was
determined that the subservience to the license (i.e. agreeing to be
bound by the GPL2) could not be offered as consideration as its
restrictions were not the licensee's to offer at the time of
acceptance of the license. The licensee had no rights to offer as part
of the contract, as the contract had not yet given them any rights to
give up. The terms put forth by the GPL2 are only restrictions that
are part of the license.

Furthermore, as stated above, it should seem quite self referential -
I can't offer my acceptance of a license as consideration, because it
is what I am trying to accept.

As I am sure you are aware, under US law there is no contract if both
sides have not provided consideration. This leaves us in the strange
place of gratis licenses being suggestions.

Cheers,
R0b0t1

---
Various other threads:
https://archives.gentoo.org/ge...

Main:
https://lkml.org/lkml/2019/1/1... (GPL Recission announcement (to show it can be done and encourage others to do it))
https://lkml.org/lkml/2018/10/... (Debunking of SFConservancy's statement)

Anti-Rescind:
ZDNet "Debunking" lulz.com article (by quoting PJ the paralegal, who got it wrong): https://www.zdnet.com/article/...
This is constantly cited by "no recind"ers.
SFConservancy's "Debunking" of lulz.com article: http://sfconservancy.org/news/...
(The new section: https://copyleft.org/guide/com... )
---
Pro-Rescind:
Refutation of SFConservancy's "debunking" of lulz.com article: https://lkml.org/lkml/2018/10/...
(Published 5 hours after the "debunking")

Public announcement of GPL Recission of GPC-Slots 2 game vs "Geek Feminists": https://lkml.org/lkml/2019/1/1...
(This was also posted elsewhere, so as to be visible to the recindees, and sent to the mail of the named individuals, where it could be determined)

Submission to slashdot (wasn't posted): https://slashdot.org/submissio...
---
Eben Moglen vows to write a paper about how the GPL is irrevokable:
https://lkml.org/lkml/2018/10/...
2 months later still no paper to be found: https://lkml.org/lkml/2018/12/...
---
Other useful links:
8chan discussions with author, and expositions on the law:
http://8ch.net/tech/res/101340...
http://8ch.net/tech/res/101782...
http://8ch.net/tech/res/101872...

4chan /g/ discussion, expositions on the law:
https://warosu.org/g/thread/S6...
http://archive.fo/OhIR4
http://boards.4channel.org/g/t...
---

Here's one user who did as suggested and consulted with an attorney friend, the attorney friend refuted the "following the GPL is consideration" argument nicely:
https://archives.gentoo.org/ge...

Thank you for the response, though I feel you don't address my
question. Happily though, I spoke with an acquaintance and it was
determined that the subservience to the license (i.e. agreeing to be
bound by the GPL2) could not be offered as consideration as its
restrictions were not the licensee's to offer at the time of
acceptance of the license. The licensee had no rights to offer as part
of the contract, as the contract had not yet given them any rights to
give up. The terms put forth by the GPL2 are only restrictions that
are part of the license.

Furthermore, as stated above, it should seem quite self referential -
I can't offer my acceptance of a license as consideration, because it
is what I am trying to accept.

As I am sure you are aware, under US law there is no contract if both
sides have not provided consideration. This leaves us in the strange
place of gratis licenses being suggestions.

Cheers,
R0b0t1

---
Various other threads:
https://archives.gentoo.org/ge...

Main:
https://lkml.org/lkml/2019/1/1... (GPL Recission announcement (to show it can be done and encourage others to do it))
https://lkml.org/lkml/2018/10/... (Debunking of SFConservancy's statement)

Anti-Rescind:
ZDNet "Debunking" lulz.com article (by quoting PJ the paralegal, who got it wrong): https://www.zdnet.com/article/...
This is constantly cited by "no recind"ers.
SFConservancy's "Debunking" of lulz.com article: http://sfconservancy.org/news/...
(The new section: https://copyleft.org/guide/com... )
---
Pro-Rescind:
Refutation of SFConservancy's "debunking" of lulz.com article: https://lkml.org/lkml/2018/10/...
(Published 5 hours after the "debunking")

Public announcement of GPL Recission of GPC-Slots 2 game vs "Geek Feminists": https://lkml.org/lkml/2019/1/1...
(This was also posted elsewhere, so as to be visible to the recindees, and sent to the mail of the named individuals, where it could be determined)

Submission to slashdot (wasn't posted): https://slashdot.org/submissio...
---
Eben Moglen vows to write a paper about how the GPL is irrevokable:
https://lkml.org/lkml/2018/10/...
2 months later still no paper to be found: https://lkml.org/lkml/2018/12/...
---
Other useful links:
8chan discussions with author, and expositions on the law:
http://8ch.net/tech/res/101340...
http://8ch.net/tech/res/101782...
http://8ch.net/tech/res/101872...

4chan /g/ discussion, expositions on the law:
https://warosu.org/g/thread/S6...
http://archive.fo/OhIR4
http://boards.4channel.org/g/t...
---

Here's one user who did as suggested and consulted with an attorney friend, the attorney friend refuted the "following the GPL is consideration" argument nicely:
https://archives.gentoo.org/ge...

Thank you for the response, though I feel you don't address my
question. Happily though, I spoke with an acquaintance and it was
determined that the subservience to the license (i.e. agreeing to be
bound by the GPL2) could not be offered as consideration as its
restrictions were not the licensee's to offer at the time of
acceptance of the license. The licensee had no rights to offer as part
of the contract, as the contract had not yet given them any rights to
give up. The terms put forth by the GPL2 are only restrictions that
are part of the license.

Furthermore, as stated above, it should seem quite self referential -
I can't offer my acceptance of a license as consideration, because it
is what I am trying to accept.

As I am sure you are aware, under US law there is no contract if both
sides have not provided consideration. This leaves us in the strange
place of gratis licenses being suggestions.

Cheers,
R0b0t1

---
Various other threads:
https://archives.gentoo.org/ge...

https://lkml.org/lkml/2019/1/2...

There are two iron laws when it comes to the linux-kernel and it's
facing towards the larger world.

1) The grsecurity-pax patch is absolutely vital if one wishes to not be
hacked by chinese(TM). (And has been vital for the last 15+ years.)

2) GRSecurity is _blatantly_ violating the GPL by adding additional
restrictive terms.

Other things we have come to know is that
A) Linus is a poor judge of quality, or just out of touch.

To say that GRSecurity is garbage?
No linus, it's just the layer covering up the shit heap that the
linux-kernel is when it comes to exploitable code.
That stench you smell is not that nice grassy cover over the garbage
tip, it is what is below, what that top is holding down.

You know... I would expect the things that Linus said about GRSecurity
from a white woman... I would expect that. Knowing nothing, spouting
bullshit, destroying lives. That's their _thing_.

But from a man?

Well, goes to show you. White men ain't men. Best they are is 40 year
old bois. Faggots to say for short in American parlance.

Same reason they won't hold it down when a bunch of fucking cunts CoC
them. You build the whole edifice, then you let a bunch of do-nothing
white women rule over the thing you built and you.

But hey, that's Linux!

The author of the GPL licensed text-mode casino game "GPC-Slots 2" has rescinded the license from the "Geek feminist" collective.
( https://lkml.org/lkml/2019/1/1... )
( https://slashdot.org/submissio... )

Here's the LKML post that kicked it off, if you don't want to click through: https://lkml.org/lkml/2018/12/10/1145

I think his point #2 is probably the most "nutty", but that really does seem like an implementation detail:

2. The way that system calls work is very strange. Most syscalls on
x32 enter through their *native* (i.e. not COMPAT_SYSCALL_DEFINE)
entry point, and this is intentional. For example, adjtimex() uses
the native entry, not the compat entry, because x32's struct timex
matches the x86_64 layout. But a handful of syscalls have separate
entry points -- these are the syscalls starting at 512. These enter
through the COMPAT_SYSCALL_DEFINE entry points.

The x32 syscalls that are *not* in the 512 range violate all semblance
of kernel syscall convention. In the syscall handlers,
in_compat_syscall() returns true, but the COMPAT_SYSCALL_DEFINE entry
is not invoked. This is nutty and risks breaking things when people
refactor their syscall implementations. And no one tests these
things. Similarly, if someone calls any of the syscalls below 512 but
sets bit 31 in RAX, then the native entry will be called with
in_compat_set().

x32 support removal is the kind of thing that should be thought long and hard about, because it's the kind of thing that will be nearly impossible to put back in once it's removed. Abstraction layers and edge cases keep us (and the kernel devs) honest, and have some value even if the number of users is small. Additionally, this seems like a classic case of chicken-and-egg with a lesser-used arch variation. Perhaps actual *publicity* after it was put in 6 years ago would have helped; perhaps this story itself will prompt more use.

Compare 2010:
https://lkml.org/lkml/2010/5/20/218

This is just unbelievable SH*T: ...
First it says "only ask if EMBEDDED", and then it says "default to Y if
not embedded".

Why? Why the hell did somebody decide that everybody and their pet dog
should get that totally uninteresting driver, whether they want it or not?

I realize that every single developer thinks that their driver is the most
important thing in the universe, but come on! This kind of thing is
totally inappropriate, and to make matters worse, it looks like there are
a few commits that won't even compile because the whole file wasn't even
added until later.
And this piece of shit was made _mandatory_?

Get a grip, people. I'm not pulling idiotic crap like this. Some quality
control before you ask me to pull, for chissake!

2018:

We do *not* enable new random drivers by default. And we most *definitely* don't do it when they are odd-ball ones that most people have never heard of.

Yet the new "BigBen Interactive" driver that was added this merge window did exactly that.

Just don't do it.

Yes, yes, every developer always thinks that _their_ driver is so special and so magically important that it should be enabled by default. But no. When we have thousands of drivers, we don't randomly pick one new driver to be enabled by default just because some developer thinks it is special. It's not.... Please don't do things like this.

This is clearly developer behavior which Linus just HATES, but now he has to be polite in expressing his disdain for it.

I expect Linus to be committed to the looney bin in a matter of months.

Someone stuck a gun to his head?

Yes. He was threatened.

Linus exclusively uses an ASCII text editor, but this letter had unicode in it. You can see it easily in the quote marks. Either someone else wrote part of it, or he was trying to send a subtle way of showing duress.

He has indicated before that he has been approached by governmental agencies to add backdoors. When asked about this very question, he would exaggeratedly shake his head "yes" while saying "no", making the audience laugh. This time it's not so funny.

https://lkml.org/lkml/2018/9/2...

Here you go.

When you do exactly what you quoted, "do not insult/harass," for a political agenda because of the code of conduct. Which is already happening: https://lkml.org/lkml/2018/9/2...

> The problem is that it can and will be used to push people out of the project for purely power-related reasons.

It's already started: LKML

If you're terribly upset because Linux Torvalds was mean to you, not in person but *IN A FUCKING E-MAIL* then the real problem is you, not him.

Says you. Linus disagrees.

BULLSHIT.
-- Linus Torvalds, LKML, 21/1/2018

COMPLETE AND UTTER GARBAGE.
-- Linus Torvalds, LKML, 21/1/2018

WHAT THE F*CK IS GOING ON?
-- Linus Torvalds, LKML, 21/1/2018

BULLSHIT.
-- Linus Torvalds, LKML, 21/1/2018

COMPLETE AND UTTER GARBAGE.
-- Linus Torvalds, LKML, 21/1/2018

WHAT THE F*CK IS GOING ON?
-- Linus Torvalds, LKML, 21/1/2018

BULLSHIT.
-- Linus Torvalds, LKML, 21/1/2018

COMPLETE AND UTTER GARBAGE.
-- Linus Torvalds, LKML, 21/1/2018

WHAT THE F*CK IS GOING ON?
-- Linus Torvalds, LKML, 21/1/2018

It is pathetic that we've got a whole generation or two of supposed adults taking colorful metaphors so literally and personally (just like those aspies they love to demonize for lacking in social skills). As a general rule, reading/writing data one byte at a time IS fucking stupid.

https://lkml.org/lkml/2012/7/6...

One example is from about six years ago when Linus reminded everyone very crisply that one doesn't change userspace APIs willy nilly and then blame the applications that were broken by the change.

I agree, and if we read Mauro's response we see a person that tries to explain why they made a (wrong) choice, apologize for their mistake, and presumably move on with their life. No tears shed, no tantrum thrown, no touchy-feely-police called.

Some friendly banter (which I believe your link can be read as, too) is just the salt in our daily soup. As long as the person dishing out the compliments is willing to accept a same-level response I don't have a problem with it.

One example is from about six years ago when Linus reminded everyone very crisply that one doesn't change userspace APIs willy nilly and then blame the applications that were broken by the change.

I agree, and if we read Mauro's response we see a person that tries to explain why they made a (wrong) choice, apologize for their mistake, and presumably move on with their life. No tears shed, no tantrum thrown, no touchy-feely-police called.

Some friendly banter (which I believe your link can be read as, too) is just the salt in our daily soup. As long as the person dishing out the compliments is willing to accept a same-level response I don't have a problem with it.

One example is from about six years ago when Linus reminded everyone very crisply that one doesn't change userspace APIs willy nilly and then blame the applications that were broken by the change.

You left out the sarcasm tag when you wrote "reminder" right? Because "Mauro, SHUT THE FUCK UP!" goes a bit beyond that, to say the least. It's a safe bet that this is specifically one of the posts that Linus apologized for today.

Sometimes when someone who shouldn't screw up does so with blatant disregard for the priorities of the project, it's useful to flame them to remind other people NOT to do the same thing.

One example is from about six years ago when Linus reminded everyone very crisply that one doesn't change userspace APIs willy nilly and then blame the applications that were broken by the change. I'm pretty sure that his response reinforced in many developers' minds that this was simply unacceptable and reminded them far more effectively than an unemotional purely technical observation would have.

https://lkml.org/lkml/2017/1/1...

Here's the basic explanation :
https://lkml.org/lkml/2018/4/3...

Many Linuxes have at least applied the Intel microcode patches and the kernel-level Spectre mitigations. What they have done is not adequate. It's not clear all the VM guest-guest switches are properly protected, and there are chip variant caveats, and some bits of userland need fixes which isn't done.

Specifically, any part of the userland that runs untrusted code, like web browsers that run Javascript, should be recompiled with retpoline, and most Linuxes don't ship the correct C compiler to do that. How is OpenBSD's web browser doing? Do they even provide a retpoline-capable compiler?

Does OpenBSD have qemu/kvm/Xen? If so, is it spectre-mitigated?

Even beyond speculative execution attacks, these bugs call attention to the danger of cache timing attacks which may become a more fruitful class of exploits soon. But that's not a place where OpenBSD is lagging. I think they may be lagging on spectre mitigation specifically (though Linux isn't doing great, either).

Remember this is all 8 months out. It is really kinda extreme that Google broke their standard timeline and took an 6-month head start on the industry to fix GCE. I suppose it is fair since it's their own research. If they are funding this massive highly-competent security team in house, the benefit that GCE is more secure than competitors is not unreasonable. It's a little annoying, politically, that they cooperated with their big competitors, but it's socially practical to cooperate with those who could keep secrets and who affected many users. Anyway they're not asking someone else to delay disclosure to be "responsible" which would be hypocritical. It's their own discovery. I don't think Google's going beyond what they're entitled to with how they handled this discovery, at all, so let me be clear on that since it's so fashionable for people to imagine their relation to Google as a sort of entitled serfdom, and that's bullshit. I'm just saying their odd behaviour reveals the present situation is exceptional, so OpenBSD, Linux communities, AMD and Intel (to the extent they can release ucode) are being tested in an exceptional manner right now.

But in the response to Spectre, the result of the test is disappointing flail.

Abusively. Linus did not think highly of the patch at all.

The problem Linus had is with the microcode update Intel was pushing for Spectre seemingly making the new work around instructions as optional and seemingly designed for the long term: Linus talking about the insanity of the Spectre patches to go along with the Intel microcode updates. The Meltdown stuff needs fixed in hardware (ie, not a microcode update) and should in theory be relatively easy to fix.

In his words for Spectre though: "since we already know that the IBRS overhead is huge on existing hardware, all those hardware capability bits are just complete and utter garbage. Nobody sane will use them, since the cost is too damn high. So you end up having to look at "which CPU stepping is this" anyway." Ie, because IBRS has such massively overhead, Linux developers are trying to avoid it as much as possible with other software workarounds. Even if Intel manages to integrate IBRS in a future revision of their chips that doesn't have the huge performance cost, they're going to have to use yet another CPUID to differentiate the ones they have patched now with IBRS and future ones so kernel developers can use that instead of the various software workarounds, but then that's still going to involve looking at CPU model/steppings/whatever.

Other companies just said "don't install that" and said things like "it won't work with our equipment"

That's because the microcode update introducing IBRS/IBPB was causing reboots. Also, the kernel still has to be modified to use the feature, but only if it exists. So, at the moment it's basically a waiting game. Oh, and AMD chips also have to be patched for the Spectre variant(s?) they're vulnerable to, and I don't know if that's something workaroundable in software only. In any case, Linus was talking about the patches to the kernel and what it seemed to represent upon Intel's intentions for the future in reference to Spectre, not the microcode update itself.

You seem to have bought into the cool-aid. Please add a healthy dose of critical thinking. Because this isn't the kind of cool-aid that makes for a fun trip with pretty pictures. This is the kind that melts your brain.

It's not that it's a nasty hack. It's much worse than that.

That's part of the big problem here. The speculation control cpuid stuff shows that Intel actually seems to plan on doing the right thing for meltdown (the main question being _when_). Which is not a huge surprise, since it should be easy to fix, and it's a really honking big hole to drive through. Not doing the right thing for meltdown would be completely unacceptable. So the IBRS garbage implies that Intel is _not_ planning on doing the right thing for the indirect branch speculation. Honestly, that's completely unacceptable too.

It's not "weird" at all. It's very much part of the whole "this is complete garbage" issue. The whole IBRS_ALL feature to me very clearly says "Intel is not serious about this, we'll have a ugly hack that will be so expensive that we don't want to enable it by default, because that would look bad in benchmarks". So instead they try to push the garbage down to us. And they are doing it entirely wrong, even from a technical standpoint. I'm sure there is some lawyer there who says "we'll have to go through motions to protect against a lawsuit". But legal reasons do not make for good technology, or good patches that I should apply.

BULLSHIT. Have you _looked_ at the patches you are talking about? You should have - several of them bear your name. The patches do things like add the garbage MSR writes to the kernel entry/exit points. That's insane. That says "we're trying to protect the kernel". We already have retpoline there, with less overhead. So somebody isn't telling the truth here. Somebody is pushing complete garbage for unclear reasons. Sorry for having to point that out. If this was about flushing the BTB at actual context switches between different users, I'd believe you. But that's not at all what the patches do. As it is, the patches are COMPLETE AND UTTER GARBAGE. They do literally insane things. They do things that do not make sense. That makes all your arguments questionable and suspicious. The patches do things that are not sane. WHAT THE F*CK IS GOING ON? And that's actually ignoring the much _worse_ issue, namely that the whole hardware interface is literally mis-designed by morons. It's mis-designed for two major reasons: - the "the interface implies Intel will never fix it" reason. See the difference between IBRS_ALL and RDCL_NO. One implies Intel will fix something. The other does not. Do you really think that is acceptable? - the "there is no performance indicator". The whole point of having cpuid and flags from the microarchitecture is that we can use those to make decisions. But since we already know that the IBRS overhead is huge on existing hardware, all those hardware capability bits are just complete and utter garbage. Nobody sane will use them, since the cost is too damn high. So you end up having to look at "which CPU stepping is this" anyway. I think we need something better than this garbage.

Interesting thing is that PCID predates INVPCID. And you can get some of the effects of an INVPCID on a processor which only supports PCID.

I.e.

http://forum.osdev.org/viewtop...

MOV to CR3. The behavior of the instruction depends on the value of CR4.PCIDE:

If CR4.PCIDE = 0, the instruction invalidates all TLB entries associated with PCID 000H except those for global pages. It also invalidates all entries in all paging-structure caches associated with PCID 000H.

If CR4.PCIDE = 1 and bit 63 of the instructionâ(TM)s source operand is 0, the instruction invalidates all TLB entries associated with the PCID specified in bits 11:0 of the instructionâ(TM)s source operand except those for global pages. It also invalidates all entries in all paging-structure caches associated with that PCID. It is not required to invalidate entries in the TLBs and paging-structure caches that are associated with other PCIDs.

If CR4.PCIDE = 1 and bit 63 of the instructionâ(TM)s source operand is 1, the instruction is not required to invalidate any TLB entries or entries in paging-structure caches.

See
https://www.intel.com/content/... page 145

This chap tried it, and apparently it works

http://www.dumais.io/index.php...

I.e. with bit 63 and 0:11 set to PCID a write to CR3 works like INVPCID in processors which don't have INVPCID.

This actually makes a difference. My 2012 Macbook pro has a

machdep.cpu.brand_string: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
machdep.cpu.features: FPU VME DE PSE TSC MSR PAE MCE CX8 APIC SEP MTRR PGE MCA CMOV PAT PSE36 CLFSH DS ACPI MMX FXSR SSE SSE2 SS HTT TM PBE SSE3 PCLMULQDQ DTES64 MON DSCPL VMX EST TM2 SSSE3 CX16 TPR PDCM SSE4.1 SSE4.2 x2APIC POPCNT AES PCID XSAVE OSXSAVE TSCTMR AVX1.0 RDRAND F16C

I.e. assuming the patches know the bit 63 set in writes to cr3 trick, they should be able to do page table invalidation per PCID even on rather old chips.

It looks like KAISER on Linux supports/will support this

https://github.com/nathanchanc...

https://lkml.org/lkml/2017/11/... [currently down(!) but the title is "Subject [PATCH 4/6] x86/mm/kaiser: Support PCID without INVPCID"]

I read more, and it's actually a timing attack combined with a cache read.
So...
A little more problematic than I initially indicated because the cache does flush, but they're snagging it sooner. Linus has the right answer: Disable speculation when going into kernel/protected memory space. https://lkml.org/lkml/2018/1/3/797

As to the block reuse issue, it's simply impossible for the system level design engineer to fully understand all those blocks, just like the the block level designers can't understand the entire system(s) that their block is used in. Intel's model is a library of known good blocks, system level designers then integrate these together.

The issue is that all this is working "as designed" and there is a fundamental design issue (easy fix by Linus noted above). That this issue made it into a VHDL block that was vetted is *the* issue, but that this block was then re-used is expected. Since it never actually broke it never was refactored.

I don't see a solution to the "teams in isolation" problem either. The CPUs and support circuitry (like chipset) are simply too damn complex for a human brain to hold an entire model of in any level of detail capable of being useful in a design context. In chipset I only had three areas that I focused on, there were many many others, some I had better awareness of than others. My blocks I knew inside and out, I knew how to tickle them, break them, etc. Blocks I interacted with I knew their internal block diagram, but not the low level functionality, and blocks orthogonal to my focus area really were just "block Foo connects to Bar and Baz, and I connect to Baz". So I need to understand Baz, but I'd just have to trust that the Baz - Foo interface was done correct.

I'm not sure you can even call this a "defect". The CPU is working as advertised, and it's not like it's insecure by design.

Except that the 386 would be considered secure for every modern OS implementation. The Pentium broke that to run faster.

Had this problem surfaced in the mid-90s, lots of OS researchers (yes, including Andrew Tanenbaum) would have argued that the CPU wasn't at fault, the operating system was.

But the OS would have to negate performance of the branch prediction strategy of the CPU. Sounds like covering up a design flaw of the CPU to me. I think OS designers are smarter than that.

Here is an OS designer's response to the talk that this isn't a CPU design flaw:
https://lkml.org/lkml/2018/1/3...

At least AMD handled the situation correctly.

#$&^*$# that's what happens when you have two clipboards. Here it is.

Intel engineers tried to make ALL x86 processors suffer a slow down from their fuck up, and they bitched when AMD disabled it for AMD processors. https://lkml.org/lkml/2017/12/...

AMD seem to think they're not affected by Meltdown:

AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.

BTB it is almost certainly this email, sent on 26 December, which led to the Meltdown vulnerability being made public, causing the disclosure timeline to be moved up.

(1) There seems to be two separate exploits which you need to dig into the reporting to work. The Register's coverage is quite good and explains it all. "MELTDOWN" seems to be the more problematic one, and affects Intel and ARM chips. "SPECTRE" seems less problematic and affects AMD chips as well.

(2) AMD affected or not? Google says yeah, AMD says nay. However the wording from the LKML list is that "AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against". I think this references that the kernel patch is targeted against MELTDOWN, which does not affect AMD chips (see point 1)

(3) Although everyone's kicking Intel down, the main problem is that no-one can really trust each other now. I know there is a claim of "defective by design", but a lot of things can be described that way if they aren't used in their intended manner. In a "sane" world there would be no malicious actors trying to exploit what seems like quite a clever trick relying on timings (not a chip designer/expert). I read a lot of issues with the web came about, due to the fact that when it was designed everyone on the internet trusted each other, so security against bad apples wasn't designed in. As things have been commercialised you can see the effects, to the point that the only sane way to browse is using ad blockers and no script.

My thoughts on people suing Intel are a bit conflicted. Probably based on US law they would lose, but my analogy is like blaming (insert car manufacturer here) for selling you a car which crashes only when someone throws stones at it. We need stronger laws and protections against the rise in hostile actors.

(4) It's interesting that the Google blog post couldn't wait for the embargo-ed deadline of 9th January. They and their customers must have been getting really spooked. I suspect that this was being worked on and known by multiple parties, and a bit of coordination would have been good rather than panic.

(5) It'll be interesting to see what happens with regards to performance - from my understanding the SPECTRE variants just needs code recompilation. Most home workloads should not be affected by the two exploits, however I think if you are I/O heavy then it may be an issues.

Interesting time indeed.

when did AMD say that? all reports say that both AMD and ARM are also affected

AMD CPUs are NOT affected. Quit spreading lies.

https://lkml.org/lkml/2017/12/27/2

Some ARM64 chips are affected as well actually. Citation: https://lwn.net/Articles/74039...

I don't see why they would name AMD since it's unaffected however. https://lkml.org/lkml/2017/12/...

OK, that's back of the envelope and with the usual caveats, but everybody wants one number.

From the AMD commit:

AMD processors are not subject to the types of attacks that the kernel
page table isolation feature protects against. The AMD microarchitecture
does not allow memory references, including speculative references, that
access higher privileged data when running in a lesser privileged mode
when that access would result in a page fault.

this can probably be rewritten in the inverse like:

Intel processors ... allow memory references, including speculative references, that
access higher privileged data when running in a lesser privileged mode, [including]
when that access would result in a page fault.

So it seems like: set up a speculative memory reference to a kernel memory structure, cause a page fault, and then get a bit of kernel memory out (and back in?). That could get you root before long. Some people have been saying this can be leveraged to get a guest into its hypervisor too.

It doesn't appear that way..

https://lkml.org/lkml/2017/12/27/2

The summary is not fully explicit: this is not a flaw in Intel x86 ISA, but specific to CPUs made by Intel. AMD processors don't have the problem, so they should not need the patch.

https://lkml.org/lkml/2017/12/...

This could be a huge win for AMD, because the patch incurs a measurable slowdown. At the moment, though, the Linux fix doesn't seem to distinguish between manufacturers. I expect the distinction will appear later -- better safe than sorry.

Doesn't look like it's everybody. https://lkml.org/lkml/2017/12/...

And what is interesting, AMD is immune to that, proof: https://lkml.org/lkml/2017/12/...

Looks like you missed this commit from Tom Lendacky at AMD.

Obligatory response to "rampant layering violation".

To be fair, that statement was made a decade ago; more than enough time for one to appreciate being wrong, which does happen to the best of us. However the Linux maintainers feel today, Jeff Bonwick's reply is worth repeating.

Maintainer, Andrew Morton weighed in on this years ago, saying "ZFS is a rampant layering violation" ( https://lkml.org/lkml/2006/6/9... ) . Even with a compatible license, moving ZFS in-tree is very unlikely since folks like Andrew are the ones that would have to be convinced.

A GPL compatible license would allow distributions to include it in their kernels however, and skip the dkms hassles.

Fixed link to the statement

As a long-standing member of the computer security industry, having done vulnerability research my entire career [0], there's exactly two sentiments in the industry:

1.) This is cool! I'll do this in my free time, it's fun!
2.) Fuck you, pay me.

The problem with #1 is that as soon as you hit any real resistance, it stops being fun. Have you tried landing a patch at GNU.org or in the upstream kernel? Biggest pain in the rear, ever.

The current state of affairs is that you can remain a White Hat and report vulnerabilities to Google in any open source software [1] or even Android specifically [2] and earn TENS OF THOUSANDS OF DOLLARS PER BUG. You can find even more companies / projects to assist through BugCrowd or HackerOne.

Alternately, if you don't mind your bugs being sold to any number of nation states, just take your research to Apple iOS, and either Exodus [3] or VUPEN-nee-Zerodium will pay you A MOTHER FUCKING MILLION DOLLARS [4] for the right bugs.

All of this whining is coming from the same open-source community leader (Torvalds) that has publicly shunned GRSecurity [5] one of the groups that has been trying to help for 20 years, and has stated that infosec industry members should "Please just kill yourself now. The world would be a better place." [6]

So to you, Mr. Torvalds, I say:

FUCK YOU, PAY ME.

[0]: https://www.linkedin.com/in/za...
[1]: https://www.google.com/about/a...
[2]: https://www.google.com/about/a...
[3]: https://rsp.exodusintel.com/
[4]: https://zerodium.com/program.h...
[5]: https://lkml.org/lkml/2017/6/2...
[6]: https://web.archive.org/web/20...

And the whole thing came up because someone (and not a systemd developer) decided that rlimits for setuid processes should be copied from pid 1, because that seemed a good default. Linus didn't like the patch, making his joking reference to systemd, but he was right whatever pid 1 was, shell, init(1), upstart or whatever -- copying rlimits from pid1 to all setuid processes makes no fucking sense whatever.

https://lkml.org/lkml/2017/7/6...