Slashdot Mirror

← Back to Stories (view on slashdot.org)

Two Linux Kernels Revert Performance-Killing Spectre Patches (phoronix.com)

Posted by EditorDavid on from the cures-worse-than-diseases dept.

Friday Greg Kroah-Hartman released stable point releases of Linux kernel 4.19.4, as well as 4.14.83 and 4.9.139. While they were basic maintenance updates, the 4.19.4 and 4.14.83 releases are significant because they also reverted the performance-killing Spectre patches (involving "Single Thread Indirect Branch Predictors", or STIBP) that had been back-ported from Linux 4.20, according to Phoronix:

There is improved STIBP code on the way for Linux 4.20 that by default just applies STIBP to SECCOMP threads and processes requesting it via prctl() but otherwise is off by default (that behavior can also be changed via kernel parameters). Once that code is ready to go for Linux 4.20, we may see it then back-ported to these stable trees.

Aside from reverting STIBP, these point releases just have various fixes in them as noted for 4.19.4, 4.14.83, and 4.9.139.
Last Sunday Linus Torvalds complained that the performance impact of the STIPB code "was clearly way more expensive than people were told," according to ZDNet: "When performance goes down by 50 percent on some loads, people need to start asking themselves whether it was worth it. It's apparently better to just disable SMT entirely, which is what security-conscious people do anyway," wrote Torvalds. "So why do that STIBP slow-down by default when the people who *really* care already disabled SMT?"

5 of 103 comments (clear)

  1. Consider by 3seas · · Score: 3, Insightful

    sometimes I feel the responsiveness of my windows system running on an i7 is slower than a commodore 64. It should make people wonder with all the advances in chip manufacturing, speed and..... Oh wait Moores law doesn't apply to user experience.

    1. Re:Consider by 110010001000 · · Score: 4, Insightful

      Moore's Law has been dead for many years now. We can only expect single digit improvements in CPU performance from now on. Of course, someone will reply with "what about quantum computers?" but those people don't even understand what quantum computers are.

    2. Re:Consider by 110010001000 · · Score: 1, Insightful

      Thanks for the tip. Some pedant always points this out. No one cares. The end result is that CPUs have hit a dead end.

    3. Re:Consider by gweihir · · Score: 4, Insightful

      Indeed. And eventually even those single digit improvements will go away. Maybe we can start writing better software now?

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
  2. Re:this is the wrong call by drinkypoo · · Score: 3, Insightful

    That someone doesn't "care" about security doesn't mean they shouldn't get secure defaults, to the contrary.
    It's not *just* about those users either (who "don't care", is in "are yet unaware of X because they're still too busy with all the other shit devs and corporations sling at them"), it's also about them being a vecor of attack / resource drain on yet others.

    Exactly this. I couldn't have said it better myself (as evinced by the fact that I didn't) but it's actually more important for people who don't care about security to get secure defaults, specifically because they don't care.

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"