Linux Kernel removes Spectre patch due to seriously affects performance

Linux 4.20 merged Spectre patch (Single Thread Indirect Branch Predictors) was found to have a severe impact on the performance of Intel processors, and this patch has been ported back to Linux 4.14 and 4.19 LTS versions, tests show that patches do have a significant impact on the performance of various applications, which raises the debate about whether Linux stable kernels should contain patches that can cause performance degradation.

Spectre variant

On Friday, stable kernel maintainer Greg Kroah-Hartman released the Linux kernels 4.19.4, 4.14.83 and 4.9.139, of which 4.19.4 and 4.14.83 mainly withdraw the STIBP patch. Linus Torvalds pointed out on the developer ‘s mailing list that STIPB patches cost more than people think. When the performance of certain loads drops by 50%, people may need to ask themselves whether the price is worth paying. It’s better to disable Hyper-Threading completely. Why should STIBP be enabled by default when people who really care about security have disabled Hyper-Threading? Perhaps the stable kernel may re-migrate the code after the STIBP patch is more reliable.

This was marked for stable, and honestly, nowhere in the discussion
did I see any mention of just *how* bad the performance impact of this
was.

When performance goes down by 50% on some loads, people need to start
asking themselves whether it was worth it. It’s apparently better to
just disable SMT entirely, which is what security-conscious people do
anyway.

So why do that STIBP slow-down by default when the people who *really*
care already disabled SMT?

I think we should use the same logic as for L1TF: we default to
something that doesn’t kill performance. Warn once about it, and let
the crazy people say “I’d rather take a 50% performance hit than
worry about a theoretical issue”.

Linus