On Friday, stable kernel maintainer Greg Kroah-Hartman released the Linux kernels 4.19.4, 4.14.83 and 4.9.139, of which 4.19.4 and 4.14.83 mainly withdraw the STIBP patch. Linus Torvalds pointed out on the developer ‘s mailing list that STIPB patches cost more than people think. When the performance of certain loads drops by 50%, people may need to ask themselves whether the price is worth paying. It’s better to disable Hyper-Threading completely. Why should STIBP be enabled by default when people who really care about security have disabled Hyper-Threading? Perhaps the stable kernel may re-migrate the code after the STIBP patch is more reliable.
This was marked for stable, and honestly, nowhere in the discussion
did I see any mention of just *how* bad the performance impact of this
was.When performance goes down by 50% on some loads, people need to start
asking themselves whether it was worth it. It’s apparently better to
just disable SMT entirely, which is what security-conscious people do
anyway.So why do that STIBP slow-down by default when the people who *really*
care already disabled SMT?I think we should use the same logic as for L1TF: we default to
something that doesn’t kill performance. Warn once about it, and let
the crazy people say “I’d rather take a 50% performance hit than
worry about a theoretical issue”.Linus