intel

INTEL ‘GAGS’ LINUX DISTROS FROM REVEALING PERFORMANCE HIT FROM SPECTRE PATCHES

Open-source champion Bruce Perens has called out Intel for adding a new restriction to its software license agreement along with its latest CPU security patches to prevent developers from publishing software benchmark results.

The new clause appears to be a move by Intel to legally gag developers from revealing performance degradation caused by its mitigations for Spectre and Foreshadow or ‘L1 Terminal Fault’ (L1TF) flaw speculative attacks.

“You will not, and will not allow any third party to … publish or provide any software benchmark or comparison test results,” Intel’s new agreement states.

The new term appeared with the fixes for ‘L1 Terminal Fault’ that were recently delivered to Microsoft and Linux distributions.

Performance hits are a concern for users, and Intel is facing several lawsuits from investors over its handling of the matter.

The chip maker argued when it disclosed L1TF that “there has been no meaningful performance impact observed as a result of mitigations applied” to PCs or data center equipment.

Another section of the license blocking redistribution appears to have caused maintainers of Debian to withhold Intel’s patch too, as reported by The Register.

But Perens thinks the bigger concern lies in Intel’s requirement not to publish benchmarks.

“Since the microcode is running for every instruction, this seems to be a use restriction on the entire processor. Don’t run your benchmarker at all, not even on your own software, if you ‘provide’ or publish the results,” he notes.

“So, lots of people are interested in the speed penalty incurred in the microcode fixes, and Intel has now attempted to gag anyone who would collect information for reporting about those penalties, through a restriction in their license. Bad move.”

Perens reckons Intel should rather own up to any damage caused by its patches.

“Silencing free speech by those who would merely publish benchmarks? Bad business. Customers can’t trust your components when you do that.”

UPDATE 12:15 pm ET, August 23, 2018 – An Intel spokesperson responded: “We are updating the license now to address this and will have a new version available soon. As an active member of the open-source community, we continue to welcome all feedback.”

About: Androxus


    Leave a Reply

    Your email address will not be published. Required fields are marked *