Linux Creator Calls Intel Meltdown, Spectre Patches 'Complete and Utter Garbage'
Linus Torvalds, the creator of the kernel for the Linux operating system, trashed Intel's attempts to close side-channel security gaps on Sunday as "insane" and accused the beleaguered chipmaker of dishonesty.
In an email exchange with David Woodhouse, a former Linux kernel engineer at Intel, Torvalds suggested there was more than meets the eye in the patch for Spectre, which will allegedly impose such a performance hit on CPUs that many won't use it.
Torvalds assailed Woodhouse's argument that while Intel's fix was, indeed, "a nasty hack," it was a necessary one, given the "world was on fire."
[Related: Intel's Faulty Meltdown and Spectre Patches Are Causing More Reboot Issues In Newer Chips]
Torvalds, however, characterized the patch as "much worse than that."
Woodhouse, an engineer at Amazon Web Services since 2016, defended his former employer's work as "tolerable" as long as it dies out in the current generation of Intel processors.
Intel is pushing "garbage," Torvalds countered, and they're taking the wrong "technical standpoint." He speculated legal concerns, rather than technological ones, were driving the approach.
Based on his evaluation of modifications the patch implements on the operating system kernel, Torvalds said the choices made by Intel do "literally insane things" that just don't make sense from an architectural standpoint.
"So somebody isn't telling the truth here. Somebody is pushing complete garbage for unclear reasons," Torvalds wrote.
Torvalds said he believes Intel did "the right thing" as far as closing Meltdown exploits. That vulnerability, unique to Intel chips, presented a "honking big hole" that should have been an easy fix.
But the modifications released to restrict indirect branch speculation—the exploit known as Spectre—suggest Intel is not "planning on doing the right thing" nor is the company "serious."
The bad decisions will result in failures to close that side-channel exploit.
"We'll have a ugly hack that will be so expensive that we don't want to enable it by default, because that would look bad in benchmarks," Torvalds wrote.
"I think we need something better than this garbage," Torvalds said in closing the debate.
"We take the feedback of industry partners seriously," writes an Intel spokesman to CRN, in an email sent Tuesday. "We are actively engaging with the Linux community, including Linus, as we seek to work together on solutions."