Spectre and Meltdown: Linux creator Linus Torvalds criticises Intel’s ‘garbage’ patches

Linux guru complains about approach to patching the chip flaw.






Linus Torvalds is not happy about the patches that Intel has developed to protect the Linux kernel from the Spectre and Linux flaws.

In a posting on the Linux kernel mailing list, the Linux creator criticized differences in the way that Intel approached patches for the Meltdown and Spectre flaws. He said of the patches: "They do literally insane things. They do things that do not make sense."

Torvalds added: "And I really don't want to see these garbage patches just mindlessly sent around."

Spectre and Meltdown are design flaws in modern CPUs which could allow hackers to get around system protections on a wide range of PCs, servers, and smartphones, allowing attackers to access data including passwords, from memory. Since the flaws were discovered, the tech industry has been scrambling to fix them before they can be exploited.

However, others on the mailing list took a different view: "Certainly it's a nasty hack, but hey -- the world was on fire and in the end we didn't have to just turn the datacenters off and go back to goat farming, so it's not all bad," said one.

It's not the first time the Linux chief has criticized Intel's approach to the Spectre and Meltdown flaws. Earlier this month, he said: "I think somebody inside of Intel needs to really take a long hard look at their CPU's, and actually admit that they have issues instead of writing PR blurbs that say that everything works as designed."

Intel had not responded to a request for comment at the time of publication.

Torvalds also said that he had decided not to publish the final version of Linux 4.15 this weekend as planned as there was still work to do, and had instead decided to deliver release candidate (RC) nine instead. Torvalds had already warned that the 'Meltdown and Spectre hoopla' might result in another RC being released.

The final version should arrive after this RC, he said.

"I really expect no more delays after this. We've had rc9's before, but they have been pretty rare (the last one was 3.1-rc9 back in 2011 - that release went all the way to rc10, and I really don't think we'll do that this time _despite_ all the CPU bug mitigation craziness)," he said.

Comments are closed.

%d bloggers like this: