Linus Torvalds 称英特尔的补丁是垃圾

听说英特尔补丁有问题，英特尔让大家停止打，等待第二个

这牙膏挤出来再想收回去不容易啊

Linus 真帅啊！

Linus 怒斥英特尔工程师.avi

支持

Fuck U Nvidia & Intel

AMD，YES ！

觉得跟 Linus 对肛的 Intel 工程师比较帅

https://lkml.org/lkml/2018/1/22/598

>> If we're going to drop IBRS support and accept the
caveats, then let's do it as a conscious decision having seen what it
would look like, not just drop it quietly because poor Davey is too
scared that Linus might shout at him again. :)

笑出声

Linus 这暴脾气……

大佬都这么真性情的吗

就是要有这种大佬站出来治一治这一票大厂，幸好有他，RMS，eff，不然这些大厂迟早跟忝潮的那几个流氓巨头一样。

Linus Torvalds 宽于律己严以待人惯了。

http://www.cnbeta.com/articles/tech/447797.htm

http://lkml.iu.edu/hypermail/linux/kernel/1711.2/01357.html

http://lkml.iu.edu/hypermail/linux/kernel/1711.2/01701.html

这件事告诉我，你要喷别人的话，起码自己就是个大佬，这样才不会被反喷。

@geelaw
哈哈哈哈哈

Linus 凭 Linux 和 git 两件作品早就封神了，随便 bb 都不太会掉下神坛来了，何况这货还在不停干怪，偶尔还干一把神

Linus 人狠话也多

但是这个 path 是他自己 merge 的阿。https://github.com/torvalds/linux/commit/5aa90a84589282b87666f92b6c3c917c8080a9bf

path -> patch

我脑补了传说中那张迭出中指的照片……

@mason961125
可能是发现 intel 递过来的餐巾纸不仅不能擦干净屁股还弄得一手 /**shit**/
这下吃瓜群众连指责他喷的理由都没有了

@geelaw #12 我也想不通为什么 Linus 拒绝 Grsecurity 或者 PaX 之类的安全技术进入主线内核。。。

@Flygoat 很简单，因为 Grsecurity 的代码也是狗屎。
https://www.spinics.net/lists/kernel/msg2540934.html
http://www.cnbeta.com/articles/tech/626015.htm

“有人正以不明的理由推动彻底的垃圾”

原谅我笑了，这句话翻译的很好很传神。

"英特尔的做法是在启动时候选择"

没明白，为什么启动时候选择就垃圾了？

intel 的补丁确实是垃圾，数据中心应用场景性能下降 20~30%是普遍现象，但现在暂时没有其他补救方法，如果你的节点是自己独占的，那么的确没有必要开启，这也是 linus 鄙视 Grsecurity 原因，因为它们都没有从根本上寻找解决方法

感觉 Linus 喷 Intel 的原因在于，Intel CPU 的锅，最终背的是 Linux。

@bukip

解读：

>Big simplification: Proper way to fix an hardware bug like this, is that newer cpu gets protected by default, and they answer they are when queried.

So you can ask the CPU "what's your status on bug X" and the cpu answers "i'm good, you don't need to do anything" (newer fixed chips), or "i know about it but was already built, and need microcode update/special behavior to protect myself" (current chips with microcode update), "no answer / I'm not good" (old chips without update).

So new stuff is protected, and you add more protection (and slowdowns, and special stuff) for older chips that don't know how to deal with it.

What Intel is trying to do here, is to go the other way: the chips, even the new ones, will stay vulnerable by default, and when queried they say "I have a fix but I don't use it, you can enable it by asking !" and the kernel is supposed to enable it.

It's terrible for a lot of reasons, like "boot an older os and it's vulnerable since it doesn't know to call this", "additional code to enable this feature has to run for all of eternity for new chips now, instead of having to run for older chips and being phased out over time", etc ...

The reason why Intel does that seems obvious: by default the chip does not lose speed since the fix is not enabled, and so instead of "intel chips lose 30% speed over night because of a flaw" it becomes "intel adds a special security mode that protects you even more for critical applications, at the cost of some speed". Purely marketing speech and decision at the cost of proper engineering decisions, and they need and try to get OSes like Linux to play along. That's what he means by "[it] shows intel had no intention of fixing those flaws".

Additionally there seems to be a second issue in that the quality and behavior of the patches they submitted are trying to hide this deceptively simple but technically terrible behavior by making it look/sound obtuse and complicated.

In other words, intel is using its presence and weight to try and push a shitty solution, but one that is better for them marketing wise. Linus is flabbergasted to be treated like an idiot or a obedient drone that should apply such obvious abusive patches.

（搬运自 reddit 和 hacker news，
https://www.reddit.com/r/sysadmin/comments/7s47h9/linus_torvalds_is_not_happy_about_inte ）

@Flygoat 就像每次取地址都对指针判空一样，虽然能防止 crash，但是根本方案还是代码不出错，不传空指针过来

@wangyucn 还是因为不同年代的 CPU

AMD, YES!