Hacker News new | comments | show | ask | jobs | submit login
Linus Torvalds: “Somebody is pushing complete garbage for unclear reasons.” (iu.edu)
1854 points by Valmar 8 months ago | hide | past | web | favorite | 657 comments

The most striking thing here is that Linus has apparently dismissed incompetence as a rational explanation. Yes, he is often brash, but usually he is accusing someone of sheer stupidity. He does not do that here. Linus alleges that we are being lied to - that we don’t know the full story, nor Intel’s motives.

Furthermore, we are left to wonder if Microsoft is also being fed “bullshit” patches, and if they may be less discerning than Linus regarding a proper solution.

He's quite clear about his theory as to Intel's motives:

> The whole IBRS_ALL feature to me very clearly says "Intel is not serious about this, we'll have a ugly hack that will be so expensive that we don't want to enable it by default, because that would look bad in benchmarks".

> So instead they try to push the garbage down to us. And they are doing it entirely wrong, even from a technical standpoint."

That bit sounds to me like Intel is trying to pull a "Volkswagen": have it perform better in benchmarks than in real life (when hopefully secure execution will be enabled).

More generally, an opt-in switch to disable unsafe behaviour expresses a clear intent to preserve the unsafe behaviour for the foreseeable future.

Disabling unsafe behaviour for good on current chips and removing it from future ones would be equally easy, and clearly it isn't Intel's intent.

Plausible reasons, apart from looking good in benchmarks, include ease of access for their three-letter friends and not bothering with the cost of designing safe and high performance processors.

I would hope that it would not be removed if there is a performance difference. Not all systems are multi user, thinking stuff like includeos or systems that can control their interaction such that the risk in very minimal and not worth the cost.

If it were removed, the new processors would simply be worth less than the ones that immediately preceded them. The systems you're thinking about would then cost less. What's the problem?

The problem, of course, is that vendors couldn't pretend to sell systems that are worth the prices they would have quoted before all of this awfulness was exposed. That would be a problem for the vendors only. The rest of us would be better off.

But that penalizes the single process systems, they exist. One already pays a cost of overhead for multiprocess/multiuser systems and this is part of it. Pay for what you use. But have sane defaults(protect the common case).

Then again, I cannot see this costing much in future chips.

This debate is about desktop and server processors. You are imagining there is a market segment, worth caring about for non-niche companies like Intel, of non-hackable systems with no network access that use high-end microprocessors, but it isn't so.

Most relatively complex systems that use deluxe microprocessors and could be air-gapped are accessible for convenience instead, and more extreme actually inaccessible systems are likely to use different, specialized processors.

Why do you exclude all single-purpose networked servers? e.g. why wouldn't it be reasonable tradeoff for a private compute cluster with a limited set of applications (or even just one), systems running really dumb services, ...?

Reasonable for hackers, horribly optimistic for the defense team.

On another forum somebody suggested laywer / legal reasons. That if default performance takes too big of a dive the case for lawsuits is stronger. They already have a class action filed against them. A benchmark performance dive would be one angle to use in court.

Coming to a court with "unclean hands" won't help their case either. And showing bad faith can really crank up the damages awarded if it's a jury trial.

(I am not a lawyer, this is not legal advice.)

Would this be bad faith?

Assume no fix is available, at least for existing processors, that doesn't result in reduced performance. What should Intel do?

- Force users to take the performance hit?

- Let users decide whether to take the performance hit in exchange for security?

The processor's security features should perform as described - anything less is a very nasty surprise waiting for users. Intel could allow users to opt-in to insecure behaviour for performance, but insecurity absolutely must be opt-in rather than opt-out.

"The processor should perform as described - anything less is a very nasty surprise waiting for users. Intel could allow users to opt-in to less performant behaviour for security, but bad performance absolutely must be opt-in rather than opt-out."

Take away: it all depends on the users preferences. I am with you, in most cases, it should be about security, but I guess there are legitimate use-cases for the opposite as well.

I do video crunching on internal systems, I'm happy that the code I run has nothing to gain from spectre or meltdown, but even a 10% drop in performance is bad, and sometimes can mean doubling the cost (if the cpu that was encoding two real time feeds is no longer powerful enough to do so without dropping frames)

Not every one runs a lamp stack on the intenet.

That said the default should be security. I have to opt in for "maximum performance" in the bios of my hp kit, rather than "balanced power and performance", why shouldn't I have to opt in to "faster but less secure"?

> "The processor should perform as described - anything less is a very nasty surprise waiting for users. Intel could allow users to opt-in to less performant behaviour for security, but bad performance absolutely must be opt-in rather than opt-out."

But that isn't true. Poor performance is not remotely in the same class of "very nasty surprise" that security model violations are.

Users can already choose. They can buy old processors without the fix.

I really don't see what case anyone could have against Intel if they just fixed this. Having a fix but turning it off by default seems far more dangerous from a legal perspective. Or having the processor perform far worse in reality than advertised.

> They can buy old processors without the fix.

Tell me where you could buy old processors in sufficient quantity today and please explain how a modern motherboard with sufficient RAM would hold such an old processor?

Good question! I found this site that's selling plenty of older Intel processors: https://www.intel.com/buy/us/en/catalog/components/boxedproc...

If that's not old enough, there's also this: https://ark.intel.com/products/series/79666/Legacy-Intel-Cor...

But if you want a processor without this fix, then you're in luck: from what I understand, all modern Intel processors don't have this fix yet. And they're very well supported by motherboards.

And by the time the current crop of processors becomes unavailable, I suspect newer processors will be much faster than anything currently available.

That legacy site only goes to Q1'06. But Spectre/Meltdown affect those and even older CPUs.

Yeah if you could point me towards instructions on how I can install this old processor I just bought in my Macbook that'd be great, also if you know how I can install this old processor in my AWS instances that'd be awesome too.

Macbooks are not great for replacing processors. I was assuming it's not possible at all, but if it is, I'd love to know how.

Though personally I'd be more interested in a new processor.

Wow, I can imagine that expression becoming a very compelling analogy in a trial or competitor's marketing.

I winced as an owner of Volks Wagon stock when I read that. 3 people on this thread have now reacted to it.

If that type of behavior gets branded as "pulling a VW", that is the type of thing that could destroy VW in the long term. I agree it is a great analogy though.

> to pull a "Volkswagen"

Very specific model - The Bug


"Intel: Where Security is Optional"

The root question is what else is Intel trying to cover up with these garbage patches? Are they afraid of power leakage across gates allowing an attacker to gain a higher level of privilege in certain generations of silicon, and trying to cover it up with these patches (hence some of the seemingly crazy things they do)?

I could be very wrong but I read it as Intel trying to cover the fact that there are huge performance penalties with the patch enabled. Therefore Intel will continue to market chip performance sans patch while pushing down the responsibility of enabling them to OS vendors.

Aren’t most independant benchmarks run on OSes that are already patched?

Not with those patches, since they haven't been merged yet. The performance decreases that have been reported so far are for Meltdown patches, those new patches are apparently meant to mitigate Spectre.

Spectre affects AMD as well, how have they been handling this?

They might not "handle" it until there is a POC?

Alternatively, it could also be in the interest of many for these patches to have an inordinate negative affect on performance with Intel CPUs.

I am reminded that Linus has experience in the CPU industry (Transmeta), so he is in a position to see both sides on this.

Sorta off-topic, but what did Linus actually do back at Transmeta? Did he contribute to their JIT compiler for x86?

Probably not secret anymore. CMS (the "Code Morphing Software" that implemented the x86 emulation) originally went straight to translation which was difficult to get correct and was expensive to do for code that might only be run once. Linus, when he joined said "That's stupid" and wrote an x86 interpreter which then acted as the first tier in the emulation. That let to a massive improvement in quality as more workloads could be tested and enabled an awesome creation by Jim Mattson (IIRC): self-cosimulation. CMS could be run in a mode where all translation were cross checked with the interpreter before the results were committed.

This was before my time and I'm sure he did much more. I only have first-hand knowledge of his work on TVM, the Transmeta x86 Virtualization which predated Intel (and AMD's) hardware support for x86 virtualization. Sadly it never productized. I suspect we couldn't find a way to monetize it.

At least the journal reports I read at that time implied that much. He was one of the technical leads on this as far as I recall. So he would have had to get a very good knowledge of the Transmeta CPU and of the x86 instruction set for that task. I think it shows here.

IIRC, he originally wrote Linux to be 386 specific and essientially to get hands on experience with all of the special features.

He was already one of the best minds of x86 who hadn't seen real internals of another chip, hence why Transmeta hired him in the first place.

Why did you pick that specific example (power leakage)? Is there a proof of concept that does something similar?

Thats specific... Why did this come up?

Linus calls people stupid when they are usually being stupid, at least in his eyes. He doesn't wantonly accuse people of stupidity for no reason. It's just that when he perceives stupid activity... well, he generally goes off. It's his main trigger.

Wonder if perhaps Intel is under classified and gagged duress from the government? There has been plenty of evidence the government is not acting with citizen security foremost in its technical and telecommunications policies.

Hanlon's razor should include an exception where PR and politics are involved. Discounting malicious people as just stupid is the reason so many "stupid" people are in power.

That's probably a better fit for Heinlein's Razor:


Heinlein seems to agree with Kostempski's Razor: "Aphorism are worse than useless."

Hanlon's Razor is stupid... actually I misspoke. It's just evil.

>The most striking thing here is that Linus has apparently dismissed incompetence as a rational explanation. Yes, he is often brash, but usually he is accusing someone of sheer stupidity. He does not do that here. Linus alleges that we are being lied to - that we don’t know the full story, nor Intel’s motives.

"And that's actually ignoring the much _worse_ issue, namely that the whole hardware interface is literally mis-designed by morons."

Maybe you missed this line? Some classic Linus right there...

A lot of people trying to defend being a jerk as necessary in these circumstances. I think Google culture proves the opposite: Googley code and peer reviews, blameless postmortems, and a host of other mechanisms that de-escalate and de-personalize things.

The Meltdown work at Google probably didn't begin with a rant about morons.

It's possible to construct a culture where people can air grievances and criticize others without inducing flame wars. It only works for Linus because people won't go nuclear in the response, but for rank and file engineers, especially of equal stature, if you call someone a moron in a thread, it's likely to kill productivity and create a negative testosterone ladden atmosphere of people trying to avoid being wrong, and counter attacking others.

I've worked at a lot of places where engineer got into heated shouting matches. It's is not a way to increase the probability of zeroing in on a problem, or reaching agreement faster.

Why is the top comment on this about engineering culture?!

Linus is valuable precisely because he occasionally d-slaps people around, waking them up, even when what he says may be factually wrong, and reminding them the at the core the tech must be sane, f people and their feelings!

Yeah, it's good to have a 1 in 1000 brilliant people being aholes because it keeps the culture balanced. We need a dose of rascality, and Linus can afford to embody it and seems to like doing it, and he's also good at fixing the consequences of his rants by being reasonable afterwards.

(If we're mature enough to accept that this can only be accepted of 1 in 1000 people or something like that, and that obviously not all people are born equal, we can move on and enjoy life.)

For the most part he actually does a good job staying away from personal attacks. The problem is that his approach isn't going to yield great results. For there's 2 problematic parts to this e-mail.

The first is the personal attack when he calls Intel engineers morons. That 1 little unnecessary addon is uncalled for because it's quite reasonable that there's a lot of politics going on at Intel that's interfering with the engineering work. Could be that the next chip they're taping out can't be fixed properly without delaying & impacting revenue in a way that execs won't allow. Could be that there's legal reasons whereby Intel's "fix" is desirable from a management perspective to continue their denial of a problem with their chips to win or reduce the costs of the class actions. Or it could be any number of a hundred other reasons that the public isn't privy to.

The second, & this is pure speculation on my part that this didn't happen, is that he should have followed this in an offline discussion with the engineer. This public shaming doesn't do any good & just entrenches the frontline representatives of Intel to be antagonistic with Linus rather than to be his allies. I feel like if Linus wanted to be truly effective here in impacting Intel's direction (especially given their constant need to minimize the scale & scope of this problem) he could have followed up with the engineer off-list & gone "your explanation doesn't make any sense. can you clue me in on what's the motivation behind this approach?". It saves the engineer public embarrassment, it gets him an ally within Intel & it lets him have strategic information on what is motivating Intel engineers (consider - did his finger to nVidia in any way improve relations between Linux & nVidia?). Now if he did that & the answer still wasn't OK then he's free to use his bully pulpit as he wishes, but I suspect it was just instinctive & a build up of his frustration with Intel's handling of this whole matter.

The first is the personal attack when he calls Intel engineers morons. That 1 little unnecessary addon is uncalled for because it's quite reasonable that there's a lot of politics going on (...) can't be fixed properly without delaying & impacting revenue in a way that execs won't allow.

If that is really the case, then calling the engineers morons is actually very much called for!

Note this is a hypothetical since it's quite possible it's not the case, in which case even by your logic the moron label is incorrect. So in your opinion engineers are unintelligent because they listen to the demands of people who can fire them or perhaps, god forbid, they're trying to balance technical solutions against revenue? That seems perfectly rational reasoning to me but that must be because I too am a moron.

Very reasonable objection. So the engineers should be called "moral morons" or "ethical morons" because they are willing to follow instructions that stick Intel customers with terrible security problems, to help Intel shore up their share price.

Maybe Linus is being deliberately ambiguous about the type of moron he means.

Is this better?

Or maybe read the thread beyond Linus' rant. You'll get a better appreciation for the context. My impression is that Linus probably just misunderstood what the context/purpose of the patch & he's frustrated by the whole process & venting (which is fine). One thing Linus chiming in did accomplish is that the Intel engineers did a much job better explaining the motivation for the patch. To be fair it would have probably helped if the Intel engineers called it out up-front & explained why that patch is there (although maybe they did - I didn't read too much of it). They explain they knew it would prompt some volatile discussion & was the one they weren't happy about (not that anyone is happy about these flaws) so they made it last so nothing else would depend on it. Once the context was explained other Linux engineers chimed in with a cleaner way to accomplish it. All of these are senior Intel SW engineers and AFAICT they seem extremely competent not just on the Linux part of it but also in terms of understanding all the security implications on the Intel chips (these are easy to hand-wave explain & very hard to fully understand & fix).

All these engineers are in impossible situations trying to fix years of chips while at the same time providing a path forward for chips without these issues. You can call them morons all you want but from the little bit I've read I'm very impressed with their professionalism & knowledge and 100% do not want to be in their shoes right now.

Stop rattling about definitions.

If you had been working in a company that had been stopping you from doing your job then by definition the projection of the results of your work is "the results of my work show that I am a moron".

If you took the brightest person on earth and stopped him from communicating would that still make him "the brightest but unable to share" or would that make him "an idiot who has never learnt how to communcate his opinion"?

I am pretty sure you would pick different names for the same person depending on the situation, especially when it's more complex than a toilet conversation.

It's kind of weird you spin it that way. I've seen all sorts of places and in general people at them bottom eventually stop communicating because people in the middle don't want to hear it. Just now I came out of a small session commemorating the death of a fellow engineer in his late 40s. His problem? Obesity combined with caring too much about things.

That's in fact the big summary of it all. Some people actually have families to take care of. Losing your job for most people is not an option. I personally don't care calling out bullshit, but I also don't have a wife and 3 kids. By that logic losing the job is the stupid option.

I guarantee you that both at intel and at VW people called out the crap from management, were threatened and then decided they don't care enough to risk their livelihoods.

Calling intel stupid is imho entirely justified, but your logic to me sounds weird.

That... or completely misunderstand it...

It’s not hypotycal, it’s the part of hardware that made Intel CPU vulnerable to last week attack. Linus was right.

I highly recommend reading the rest of the thread beyond just Linus' complaint. This isn't about Meltdown but Spectre which impacts all CPUs with speculative execution. I believe these patches apply to AMD too even though Intel engineers are posting them as they appear to be generic x86 code. Not only is David brilliant at defusing that situation, he provides quite a bit of context to clarify confusion for external readers while correcting Linus' potential misunderstanding of the patch too. The "moronic" patch Linus is complaining about is to fix Skylake that still is impacted by a potential exploit even with the though the other less ugly fixes fix the majority of chips. David even agrees with the unfortunateness of the whole situation & says he's OK dropping that last patch if Linus wants because the Skylake vulnerability is less clearly exploitable. Ingo provides a follow-up suggestion about a potentially cleaner & simpler way to fix just the Skylake issue which is great & the whole point of how RFCs are supposed to work. So not only does it look like Linus' may have overreacted, it didn't even move the conversation along in any way (angry responses rarely seem to).

> it didn't even move the conversation along in any way (angry responses rarely seem to).

From your other comment [0] it sounds like it worked perfectly. The angry response first got the Intel engineer to defend their work and explain it better than they originally had, then further got others interested enough to improve it.

[0] https://news.ycombinator.com/item?id=16216289

>The problem is that his approach isn't going to yield great results.

Its worked so far.

> did his finger to nVidia in any way improve relations between Linux & nVidia

Purely anecdotal evidence, but in my experience the few pieces of hardware that I can generally bet they'll be fine with Linux are those branded Intel or NVidia (one may argue about the "optimus" thing, but if you want CUDA on a Linux laptop, nvidia's drivers do their job fine in the end, and this is what most Linux users will care about I guess)

Dunno the mechanics of it, but some things did work up just right about this :)

Because, as the comment says, he is wrong.

He may be technically correct in his assessment of the quality of the patches (I lack the necessary knowledge to even begin to assess it), but he does not go about explaining this in a sensible manner. He has never fostered a collaborative, inclusive atmosphere around the kernel.

If anybody at my workplace talked to a collaborator in that way they'd be in a chat with their manager minutes later, and if they persisted they'd be in a chat with HR.

For all that has been accomplished with the Linux kernel - and these achievements are huge and numerous and extremely impressive - I do wonder how much better things might have been if Linus was capable of criticising something without calling anybody a moron, swearing or throwing things.

What was in that email that needed that kind of language and tone? What could not have been said with a simple "I will not accept these patches" followed by a calm and dispassionate assessment of his issues with them? There's such an assessment in there somewhere, he's clearly thought it through, but one has to wade through the vitriol in order to get there. This is inefficient as well as hostile to contributors.

And these are people the community depends on for support, so we can run Linux on their products.

Most of Torvalds emails are not like this. In fact most of them are like you say, he explains his thoughts in a sensible manner. It's just when people play with fire that the lid comes of and makes the headlines.

A sensible mail discussing the details of some obscure technicality doesn't make HN frontpage.

I think that is important to note as well. His email normally gets the attention when he is pissed off. But the majority of them aren't.

It shows how angry he is, and how he is upset with the issues. While this could be avoided in a real world scenario, I would have bet if your manager feel something strongly about, they would have went rampant as well. And this is especially in remote working, words are hard to get feeling across without putting some "adjectives" into it.

Even if it's just once a month... I think very few teams would be able to deal with a co-worker with such violent outbursts.

Ok he's mad. We all get mad.

I've never said someone should have been aborted, no matter how mad I get. He has, over a ... A diff.

Perhaps he has some difficulties, like some of us do. Has he ever acknowledged his attitude in any way?

> Has he ever acknowledged his attitude in any way?


> I don't know where you happen to be based, but this 'you have to be nice' seems to be very popular in the US.

> The same way we have developers and marketing people and legal people who speak different languages, I think we can have some developers who are used to—and prefer—a more confrontational style, and still also have people who don't,

> Maybe it's just because I like arguing," Torvalds added. "I'm just not a huge believer in politeness and sensitivity being preferable over bluntly letting people know your feelings. But I also understand that other people are driven away by cursing and crass language when it all gets a bit too carried away.

Source: https://arstechnica.com/information-technology/2015/01/linus...

Calling people morons isn't being confrontational. It's being an asshole.

That's your opinion. Others would say the greater asshole is one who refuses to confront morons with their own moronic behaviour. That person is denying the moron opportunity to self-reflect and improve themselves.

And before you interject, I would also assert that numbing the confrontation with "civility" also nullifies the effect.

Depends. If people are morons, you can call them like that and not be an asshole, just honest. Don't know about this case, though ...

Even being right, you can still be a jerk.

Though being wrong and a jerk is definitely worse in a sense, personally I think that attitudes that qualify you as being a jerk only marginally help you in being honest.

The basic idea is that even if someone is a moron, calling them a moron isn't really.... doing much. Very little information, and a lot of rudeness. Telling them that their patch isn't mergable has more info and less raw rudeness IMO

I vehemently disagree for one very straightforward reason: this matter is far too important to prioritise civility over outcomes. This particular matter needs sunlight, and Torvalds' response is giving it a lot of sunlight.

An "inclusive atmosphere" is irrelevant. Pointless. I'd personally say it's counter-productive. There's no scenario where Torvalds' response is going to result in Intel abandoning the Linux ecosystem. The engineers at Intel can now go back to their managers and say "okay, we tried cutting corners and it didn't work."

This is such a broken argument. The one upside of behaving this way is that it makes the HN frontpage and one can argue about the value of that for the issue at hand. It's pretty much established fact that, all other things being equal, being an asshole to people doesn't further your objectives and generally just results in people either ignoring you or getting more defensive and less cooperative than they would otherwise be. Being socially inept is not exactly a rare trait amongst very smart people but let's recognise it for what it is, a personality flaw.

> Being socially inept is [...] a personality flaw.

That's a very dangerous and messed up reasoning. For a significant proportion of the population "society" is just a nasty scheme we put up with since we know not better way of not killing each other or exterminating ourselves as a species... Having to contort and torture one's personality just so you can be "socially adept" is a great pain, and when one occasionally gets away with being able not to do this it's NOT "a personality flaw".

One ought to care firstly for developing his/her personality in whichever way himself sees fit. If it doesn't fit well with society it's not a "flaw"!

(Yeah, if goes overboard and results in a team totally breaking up... even that is not a big deal! Some companies are worth breaking up into pieces. Heck, as long as people aren't literally killing each other it's still not "a flaw". Stop being insensitive and discriminating against people with other notions of relating themselves with the thinggy we call "society" and perpetuating this oppressive culture of admonishing people for being "socially inept". Maybe those people have something better to do with their lives!)

> just a nasty scheme we put up with since we know not better way of not killing each other or exterminating ourselves as a species

Sometimes I "have to do stuff to keep my wife happy." Once I discovered that I'm doing it because I want both her and myself to be happy, and stopped viewing it as an obligation, my life significantly improved. I learned to enjoy the ride. I think it made life a little better for the people around me, too. I learned that being petulant/sulky/edgy was not a sign of sophistication or wisdom.

Similarly, if we don't want to kill each other or exterminate ourselves as a species, then "society" doesn't have to feel so nasty. If you really do want to burn it all down, then by all means, go right ahead. At least that's authentic. But to choose to live amongst society, and still begrudge it, is insanely unhealthy. Literally.

I generally agree with you. My "begrudging" was mostly misdirected anger at the parent poster's attitude of labeling as "flawed personality" the act of very rarely and softly lashing out at society every now and then. Society only gets nasty when we forget its purpose and add too many restrictive rules on top of it and then rationalizations for those rules and so on...

This is obvious, and it's extremely sad to me that people believe otherwise and vehemently argue that Linus is justified in his pety rants. It was always pathetic.

The response is shockingly adult, given the culture Linus insists on trying to push:


What an excellent writeup, despite the tantrum Linus threw just a few replies earlier.

I'd highly recommend only reading the response and avoiding the Linus 'rant'. The rant contains no valuable information, the response is excellent and far more informative.

I'm sure I'll get downvoted though for calling Linus a baby, because somehow insulting Linus for his flaws is never ok but when Linus does it it's so cool!

> The response is shockingly adult

Some snippets from the response:

> since the peanut gallery is paying lots of attention it's probably worth explaining it a little more for their benefit

> not just drop it quietly because poor Davey is too scared that Linus might shout at him again

> If we can be done with the shouty part, I'd actually quite like to have a sensible discussion

None of this is adult. I'm not directly defending Linus' tone, or claiming that he's "more adult", but derogating and condescending the audience reading these public posts (1st quote), making cheap jokes about Linus' behaviour (2nd quote) and directly insulting Linus (3rd quote) is not what I would define as an "adult" response. Linus' email at least only gets angry and offensive while critiquing the code, and doesn't get personal.

> The rant contains no valuable information, the response is excellent and far more informative

Linus' "rant" informed me that Intel are setting IBRS as a default-off feature that must be asked for - offloading responsibility for security to the software. The response opens by condescending me, tells me that IBRS is expensive (we know), retpoline is performant, and the informativeness seems to stop there.

It then posits that as somehow justifying the offloading of said responsibility with the following:

> Then along came Paul with the cunning plan of "oh, indirect branches can be exploited? Screw it, let's not have any of those then", which is retpoline.

> But wait, why did I say "mostly"? Well, not everyone has a retpoline compiler yet... but OK, screw them; they need to update.

"Screw them" is the crux of his answer to Linus' concerns. Sorry, how is this in any way an adult response?

> None of this is adult.

Really? The long technical explanation, with the word "shouty" is not adult? The plea for sensible discussion?

Your post isn't worth responding to beyond that. You've taken extreme liberties in your reading of his response. "Directly insulting Linus" lmfao are you fucking kidding me? You're calling "shouty" as directly insulting, when it's a response to "Fucking morons" writing "garbage" code? This is disingenuous at best if not willfully ignorant.

Cheap jokes about Linus's behavior?????

Seriously, take a step back and realize the loops you're jumping through to try to somehow justify Linus's behavior by attacking a reasoned response to it.

Linus doesn't get personal when he calls Intel engineers morons? Are they not persons?

Yeah you're right. I should have worded that differently, my point was that in using the term "moron", he was focusing on the interface design: code.

Linus' tone is not really defensible, but I just don't think the response compares favourably either.

And, perhaps more importantly, Linus' concerns aren't addressed and the response isn't particularly informative. dwmw2 mentions in comments here on this HN thread that he has been pushing back on Linus' concerns, but the response appears rather to defend those decisions in Intel. Perhaps I misread?

At the end of the day, I just don't care about this tone argument. I only care that the issue is resolved properly, and like it or not, there's nobody I would trust to analyse an issue like this more than Linus.

People in this thread are making the (understandable) mistake of assuming that Linus' remarks were aimed at individual engineers at Intel. But they obviously weren't: they were clearly aimed at senior management at Intel to say "we're not going to accept garbage from you."

And I don't even care if it was garbage. Because either it was garbage, or they failed to demonstrate to Linus that it was not garbage. Either way this is entirely Intel's fault.

Not sure if you're trolling, but please chill out with the personal attacks. I'm sure it feels great to make a stand, but your comment doesn't add anything meaningful to the discussion besides demonstrating your hypocrisy.

Really? My comment doesn't add anything meaningful to the discussion?

I linked to a far more informative post that actually discusses a technical issue. Frankly, the response should have been what was linked on HN, not some rant.

I can't believe the irony of telling me to "chill out" with personal attacks when commenting on a rant that is majority perosnal attacks.

I too am interested in the detailed, specific discussion, so thank you for the link. But I also appreciate strong language calling out bad things with broad consequences. Especially by experts in fields I don't have expertise in. I appreciate the use of strong language as a signal of the current state of the solution and the probability of recurrence. Yes, Linus should modulate his language more. Yes, he's a dick. Yes, he would be more effective if he had more self-control. I just don't think this rant is entirely useless (though it's useless for reasons he did not intend so I can't give him full points)

Sometimes a rant is warranted. Sometimes it's time to get fired up and angry...

The issue occurs if you're not bulletproof on your position and then get too caught up on 'winning the argument' rather than solving the problem at hand.

This is why it's typically best to leave the theatrics aside unless absolutely necessary.

> I'm sure I'll get downvoted though for calling Linus a baby, because somehow insulting Linus for his flaws is never ok but when Linus does it it's so cool!

I'm pretty sure people aren't up in arms about Linus being a baby, but about your refusal to call out people on "subpar performance". Replace "subpar performance" with whatever you feel is an acceptable name for executing wrongly on very bad ideas.

And I feel like you might get downvoted because if there is one thing I HATE about companies, it's that people responding like this always get rewarded.

1) fuck up beyond belief (or just be assigned to a critical project and do nothing)

2) talk about the problem with everyone, without, of course, without fixing anything

3) inflict massive costs on everyone else because of the sudden urgent necessity of fixing your problem

4) get insane rewards for this

And I for one call statements such as the one from the top post here "optimism at it's finest":

> if you call someone a moron in a thread, it's likely to kill productivity and create a negative testosterone ladden atmosphere of people trying to avoid being wrong, and counter attacking others.

Unfortunately, corporate America is FULL, and I mean overloaded to the brim with people who will never admit the slightest mistake, and explode at anyone implying they made a subpar decision.

This attitude to "avoid blame" then proceeds to turn disaster into outright catastrophe. Many of these people who make some level of mistakes will see that not only can they get away with it, but aggressively attacking others for their mistakes comes with great rewards.

I have personally worked with several well known people in my field, who have climbed up the ladder this way. It isn't just that they didn't contribute, but they made great mistakes, both on the technical front (taking disastrous architectural decisions and forcing them through, despite agreement that there were very wrong), and on the financial front (doing budget allocations based on what THEY KNEW was a lost cause, and refusing to admit any fault or change course).

Once it does become clear that a disastrous mistake was made and propagated, and 90% of the budget was already spent (actually more like 150% in both cases), and none of the outcomes promised will be achieved, they then help organise a "code red", a "emergency sprint", an "extra effort", ... to "fix" things. But things are never fixed. Everyone is worse off, and will be for years.

The first few times this happens, these people are then rewarded. Promoted, in both cases. And of course, we are currently in the process of repeating one of these huge mistakes. Last time I so much as asked why this decision was made the guy very enthousiastically gave an answer, and I thought we both agreed it wasn't a good answer.

An hour later my manager asks to urgently see me.

A day later my director urgently called my manager and me to see him.

A week later we went to discuss "safety" with HR. (because of the 10 people thing, I'm sure, read on)

And yet, everybody, and I do mean everybody, knows this is a bad idea. However, having 50 people work for 1.5 years on a bad idea ... well those 50 people call it "a job", and nobody's going to be risking their career on calling this guy out any further (even if I did get 10 of them to walk into that director's office telling him that I did nothing wrong and that it's a bad idea).

But no worries ... no blame. We're still executing on that idea.

Here's the thing though. People always make mistakes. It's an unavoidable fact of life. The more power you have the bigger the scale of your fuckup. The problem is the denial of a problem (which Intel did in some ways & didn't in other) & making misleading statements. Those were all decisions not made at an engineering level BTW so berating an engineer won't help.

Finally, reading that thread further, it does seem like Linus's rant was a little premature & mistaken. David really handles it well & explains in detail in what way Linus may be misunderstanding what's going on. It's hard to know if that response mollified Linus or if he still thinks it's bunk & that thread was just taken offline so that it wouldn't have the noise of useless spectators chiming in, but it seemed like Ingo was perhaps satisfied & moved the conversation back to a way to solve the Skylake problem in a maintainable & clean way without the undesirable implementation that was originally proposed (you know, the whole point of an RFC). An RFC typically means they were looking for feedback & discussion not getting yelled at, especially for things outside their control. That being said, I certainly understand how frustrated everyone is with this given the amount of work that's been put into this by everyone.

Engineering culture is fundamentally about learning from mistakes (either as a community or individually). We can't fear them & there are limits to how much you can go to prevent making them before you just get decision paralysis. For that reason mea culpas are also unproductive. You should acknowledge your actions & your role in it - if you think you behaved incorrectly then of course apologize if you want to - but the person would made mistakes is just as much a victim of their environment as others (i.e. if I threw you into their position without the benefit of hindsight, would you do necessarily do a better job?) Yes corporate America has issues (as does every human endeavour btw) but I'm not convinced that in any way has to do anything with this discussion.

You do realize Intel has decided to NOT fix this issue, right ? Surely some yelling about this is in order. (because fixing the issue would cost them in benchmarks)

If your organization repeatedly rewards failure then maybe you should start thinking about switching teams or companies.

Welcome to corporate America.

.. or the country?

Complaining about downvotes is never cool.


> I'm sure I'll get downvoted though for calling Linus a baby, because somehow insulting Linus for his flaws is never ok but when Linus does it it's so cool!


> Downvote away!

You're being far over the top dramatic. It's unnecessary, your setup text did a perfectly fine job of making the argument. The two comments about downvoting detract from the substance.

Is it over the top dramatic because of the exclamation mark?

Regardless, I feel it's important to point out a consistent hypocrisy I've witnessed and experienced. I think it's totally relevant and substantive.

edit: I have no desire to continue a metadiscussion on downvoting. I don't care about downvotes, the downvotes are a symptom of an entirely relevant issue; a community that has a ridiculous double standard for Linus. It was not an attempt to attract or prevent downvotes, or to discuss downvotes, or downvoting, or the culture of voting on HN.

I brought up downvotes as an example of the underlying issue. Clearly I did a poor job of that as it's led to a number of unrelated comments. I apologize for the clutter that a one-off comment on hypocrisy has caused.

It's unnecessary and against the HN guidelines to comment on downvotes.

> "Please don't comment about the voting on comments. It never does any good, and it makes boring reading."


That includes votes you're expecting. It distracts from the substance of what you're trying to say.

If you're concerned or thinking about downvotes when you're composing your comment, rethink how you can phrase it: if you think you're "speaking truth to power", "saying what must be said", or "pointing out hypocrisy", or something similar, you're already starting from a position of antagonism, real or imagined. People aren't going to respond to that well. Figure out — or at least attempt to find — a way to express what you're trying to get across in a way that'll be actually heard and understood by those you're trying to reach. What's actually going to make a difference?

If you think that they can't be reached or it's not worth the effort to try to do so, it's likely not worth the effort to comment at all. Given that you are participating on HN, please do make the effort. After all, that's one of the features HN members value: good, quality, constructive discussion.

Attempting to preempt downvotes is passive aggressive and adds nothing to the conversation; adding emphasis is doubling down on that mistake. It never actually works toward preventing downvotes, and instead attracts them. That makes it difficult to know whether the person is trying to lure downvotes on purpose for self-fulfilling prophecy reasons, or whether they actually believe it helps to try to preempt such.

If your argument has merit, it can stand alone. Responding to an avalanche of downvotes after the fact is the only thing I've seen on HN that makes sense. For example to try to counter a perception (eg if you think your argument is being taken incorrectly, or challenging the downvoters to discuss why they're downvoting; that can draw out more substance to a conversation).

See my edit: I don't want to continue this discussion as I have a fairly high up comment and I think this is just a bunch of clutter for the purpose of meta discussion. Talk about 'makes for boring reading'.

> given that this is not the first time I've posted something similar

Funny, I didn’t see that in your ten day long comment history.

A human being can only have one account on one website. How about this - you delete your post, and I delete my post, and we both contribute to the conversation by removing useless posts!

See, I feel the opposite.

I dream of working on something where the criticism is so honest. Where I don’t have to read between the lines to understand how big of a deal a person considers an issue. Pussyfooting to lessen the blow benefits no one in the long run.

I often end up running my code reviews by other people first to make sure they’re gentle enough because I know people are overly sensitive/attached to their work. It’s a stupid dance and such a waste of everyone’s time. If we could just be honest with each other we could build great things.

I single handledly blame this culture of being nice instead of honest on the total undeniable loss of software qualified across the industry.

Why not both? I think OP means that we should be nice and honest.

I posit there is no nice way to reflect when something is actual garbage. When it should go into the trash bin instead of being merged, even with modifications.

It’s never going to be nice to hear.

In lessening the blow you lose the message. You lose the true meaning. You lie.

I don't think there's a native English speaker in the world who reads the phrase "<x> is garbage" and interprets that literally as "this is just a metaphor for deciding not to use something and thus throwing it out." No, there's always vitriol, and the writer knows that, which is why they say it like that--because they're feeling vitriolic.

I'm sure you can imagine equally accurate ways to reject code contributions; it doesn't really take any creativity. When you say that the "true meaning" is lost, what you're really saying is the true meaning was to make the contributor feel bad. If you want to defend that, go ahead, but that intent needs to be out in the open, not hidden behind the plausible deniability of words.

The vitriol is the most important part of the message. If they don’t feel bad about what they’ve done what reason do they have not to do it again?

Without the vitriol you solve only the most immediate problem, when the true intention of calling something g garbage is to prevent many future problems. You learn nothing from being politely shoed off.

If the person you are criticising gives any kind of shit at all about doing a good job, they will supply their own 'feeling bad' when you demonstrate that they haven't done a good job. In this case, you adding vitriol is unnecessary.

If the person you are criticising doesn't give any kind of shit, then your vitriol will make them feel bad and dislike you, but it isn't going to improve their code quality, because they still don't care. (And if they answer to you directly, they are likely less motivated to do well next time now that you have acted like a prick)

If the person is not able to discern the difference between good and bad code, then it is useful to them if you can explain what it is that you are mad about when reviewing the code, but again in this case, vitriol without understanding just makes you seem like an arsehole to work with.

Are you arguing that it's impossible to learn without feeling bad about yourself? As in, you must feel personally ashamed and hurt, or else you're going to make the mistake again? If not, you're probably going to have to explain your position a little more, because that's how I'm reading it right now.

Note, this can't be some abstract equivalence between "feel bad" and "know you made a mistake," because if that's what you meant, then we're back to the vitriol being unnecessary.

Look back on your life. Do you remember the individual lessons in school? Unlikely. Do you remember the time you got sent to the principals office or the time you got yelled at for breaking a lamp or having a party? Much more likely. Lessons bundled with strong emotions make far better memories.

You learned pretty much everything that you are doing right now and I am fairly certain that 99% or more of that was learned without you feeling bad about yourself.

I for one can't remember a single lesson from school, yet I can still recall some of the stuff I learned and apply it, despite nobody yelling at me for doing it wrong at some point.

Being upfront and honest about stuff is all nice and good but when I give a code review or get one, I find it far better to constructively discuss stuff and not yell at people or insult them for whatever reason. Linus did not even ask why it was done that way, he did not have all the info. Would you prefer being instulted for doing something the "wrong" way, eventhough you had a perfectly good reason for doing it that way? Even if you knew it was "wrong" but there just isn't a good solution and you are just trying to fix the problem at hand?

For sure. The proximate lesson was 'make sure not to trust teacher X or administrator Z; those two are assholes who don't pay attention and just try to solve problems in whatever way is most personally convenient without caring about anyone else or what really happened or fairness.' It was an effective more general lesson in (a) what never to do if you want people to like or trust you, and (b) what to watch out for before trusting someone in a position of authority.

It seems like my education was vastly different than yours.

Well I don't remember any of that. Never was sent to the office, don't recall breaking anything save for one of my own plates recently. I do recall a few lessons though. Parties are more of a blur to me. If I recall something with strong emotions any other significant information will be lost. I am definitely personally not capable of learning from someone yelling at me. I will just feel remorse or awful about myself. That is not productive.

I'd consider rethinking this view.

Being torn into and being called a moron, useless, pathetic, etc. leaves deep trauma that will bleed into other areas of your life. Even if you're tough and think you've brushed it off.

The idea that we're duty-bound to inflict emotional cruelty on people when we think they've made a mistake is probably the cause of most of the suffering we see in the world.

You can tell someone that their code is very bad and make sure they get it, without trying to twist the thumbscrews and make sure that they feel rotten to their very core.

Or it just means someone lacks a proper grasp of the English language! I find a thesaurus is handy.

Please use your thesaurus and enlighten me to how then I say “this code is garbage” in a nice way, while clearly communicating the full meaning of:

    - this code is bad
    - you should reassess your skills and values 
    that lead you to believe this was good
    - your worldview may be flawed, look into that 
    - don’t do this again
    - you should probably feel bad too, to attach 
    emotion to strengthen your memories of this
    to make this a learning experience

Do you not understand the emotional cruelty of trying to say all 6 things at once to someone who (in theory) is actually trying to contribute?

Maybe someone is not trying. Maybe you're wasting your breath then. Maybe someone is trying, but has an incomplete world view. Ok great, now you've pissed them off instead of saying what's wrong.

Just say what's wrong with the code! That's what actually matters. Not that you think it's garbage.

rm -rf

I chuckled when I saw this. Google processes and code reviews are extremely passive aggressive and very much inefficient, focusing on things that do not matter to the end user. Lots of subtle politics going to do the smallest thing. Lack of care and quality shows. Google is hardly what one would want to emulate. It may be a business success but that is about it; it's as dysfunctional as anything of its size.

Funnily the first core value is focus on the user. Almost no one there ever cares or thinks from the perspective of the user in decision making. Users are incidental to the things that happen there.

Kool-aid much?!

I am finding the comments here about how Linus needs to behave properly, like they do at Google, amusing given how often Google and other for profit companies are portrayed as evil empires and FOSS is portrayed as the only moral antidote to the evils of capitalism.

Let Linus swear a little and suddenly those roles are entirely reversed? Really?

Isn't that kind of a non sequitur? The idea that "Google is evil" (not that I agree with it) and the idea that "It's possible to construct a culture where people can air grievances and criticize others without inducing flame wars [like at Google]" are arguments that have nothing to do with each other. There is no role reversal, even if we unreservedly accept both premises.

No, it is not a non sequitur.

There is no separating out corporate culture from the fact that it is a corporation. FOSS is not a for profit corporation. Expecting it to function like one is not reasonable. Trying to impose corporate culture as the standard for FOSS is not only not reasonable, it is counterproductive.

If you want corporate software, cool. But if you want FOSS to exist at all, there has to be a fundamental acceptance of the fact that it will have a different culture and a different process.

I will add that his cussing spree here is in response to a for profit corporation trying to shit all over his project. But, hey, must be totes okay for them to shit on it since they didn't use any cuss words or raise their voice.

There is your so called corporate etiquette right there.

I think we disagree on your assumptions.

Positive team environment and corporate culture are not inextricably linked. They may overlap depending on the corporation in question, but they are not one in the same. This should be obvious since you can have a positive team environment on teams where no corporation is involved (e.g., hobby projects). Clearly the suggestion that FOSS should have a positive team environment cannot be the same as the suggestion that FOSS should have a corporate culture.

Think about how your logic would look flipped around. If leads at Google were encouraged to slap people down when they disagree with their suggestions, then you'd have to suddenly argue that Linus should change his tune because otherwise he'd be fostering a corporate culture, and FOSS must have a different culture than that.

Clearly that, too, would be a non sequitur.

As for the rest of what you said, I think you know no one is suggesting anything of the sort. There's no reason to straw man here.

Everything I am reading indicates that:

A. Linus doesn't do this very often. Most of the time, he is perfectly well mannered. But we don't hear about that. We only hear about these incidents.

B. Most of his work conversations occur on the public record. So anyone can get hold of it when he gets riled. When a CEO gets riled, that is much more likely to occur privately and get covered up.

C. He created Linux for free. It is his passion. It shouldn't be surprising that he feels strongly about it when it is threatened.

D. A corporation is trying to fuck his project over, no doubt for personal financial gain. In my book, that is a vastly bigger offense than a little swearing. Etiquette that focuses on polite words and excuses more serious offenses is not a good thing. If corporate culture were really the better answer here, then Linus' tirade would have never happened because Intel would not be trying to crap all over Linux to begin with.

So I find it incomprehensible that anyone would suggest that the solution here is for Linus to operate more like BigCo. He is a guardian of a public good. He is defending it from corporate greed. The lack of moral responsibility of a large corporation is the very reason he is cussing. Expecting him to be more like them amounts to asking him to sell us all out for money and the sake of saving face in public rather than taking a stand on our behalf.

The real focus of this discussion should not be the language Linus used. It should be "What the hell, Intel?" But I am not seeing that focus.

And I can tell you why I am not seeing it: Because no one is surprised or shocked that a corporation would do something so terrible. In fact, we expect it. So we don't bother to try to hold corporations to a moral standard.

Instead, we expect people like Linus to meet a moral standard because he consistently does. Then we give him hell when that isn't an easy thing to do in this shitty world.

The real solution to this problem is to be pissed at Intel, not lecturing Linus that he needs to behave better, just like corporations do. A corporation is the root cause of this issue.

That isn't a straw man. It is the crux of the problem here.

I don't think Linus is wrong for how he interacts with people, but I do worry that people are so easily distracted by his display that the ensuing conversation about his behavior detracts from his message. Nearly every statement he makes like this devolves into musings on human psychology.

People tend to talk about that which is both trivial and emotional and will derail a discussion in that direction on the slightest opening. This is not peculiar to how Linus Torvalds gets treated. It is the default norm for human behavior. Talking about things with actual consequences is often decried as political and deemed not appropriate for civil, intellectual conversation.

Counter point is that Google, like Intel, puts profits ahead of doing the right thing, selling out its users to advertisers with virtual impunity because those same users are addicted to the "free" stuff that Google gives them. So maybe we need more prominent people like Torvalds calling bullshit on them too. Finally we are starting to get such voices re Facebook, but even those not as honest as Torvalds.

See the bashcoder thread for a more hardnose analysis of this article, Torvalds and Intel: https://news.ycombinator.com/item?id=16202539

Even if I agreed with your sell-out criticism, what makes you think that hurling obscenities and insults at the executives would change that, vs a well written argument that the behavior is wrong and will have consequences that could harm the company?

Simply calling something garbage doesn't elicit change, our political system is the perfect example of that. It creates polarization which, due to human nature, makes can make people less motivated to work with you.

There's no even any evidence Intel did anything wrong. For decades, the market demanded performance, and VM based cloud computing was created long after speculative execution became an industry wide (not just Intel) optimization. The way we use CPUs has changed, our OSes have changed, the threat model has changed, and the sophistication of attacks has changed.

Future CPUs need to be designed from the ground up with modern cloud computing in mind and that's going to take 2 years at least given industry cycles. What do we do in the meantime with our current silicon is the question. Intel seems like they're trying to do the right think by handling failures in retpoline to offer full protection.

But maybe the conspiracies are right, but when has an accusation of some conspiratorial behavior ever been solved by people yelling and screaming moron and garbage?

It's just not the right way to perform an investigation IMHO.

Like most things we only see one part of these discussions. It might be so that this have built up under several weeks/conversations etc and when nothing happens something needs to be done. In a non-cooperative there’s no boss you can turn to when you are unhappy with the situation, in linux’s case few other actual platforms to “turn” to. What do you do when, online, mostly only have your reputation to influence people.

I’m not defending Linus per se, but he do have a really unique position and it’s probably not easy to be in that position and AFAIKT it works. Maybe if it would have been someone else the world would look, most probably, rather different.

It’s really easy to criticize, but frankly none of us knows how it is to be in his situation and I guess he has to deal with his fair share of trolls, morons and energy thieves.

Not just Google. This is standard in any major tech company. His behavior and abhorrent and there is no excuse. Tech should embrace mentoring, learning, constructive criticism, and learning from failures. Yes, this is hopefully a once in a lifetime situation -- but our values need to transcend that. This is not the first time that Linus has swept decency under the carpet. Linus would be such an HR issue at most companies and likely shown the door. If anyone is championing or approving his behavior, this will not win you support and 'points' long term.

I think the context in which Linus exists professionally is perennially misunderstood. IMO he basically has to be this way, or else the kernel would have been effectively stolen by [insert powerful tech company] at various crucial moments throughout its history. I see his particular position in technology as being truly unique, and that it essentially just requires somewhat exaggerated rhetoric and even superficially childish antics to protect the independence of the kernel.

This is not to say that Linus’ behavior is a good model for “how engineers should generally behave”. It just isn’t, and anyone behaving this way in a company should almost certainly be fired. I think he’d probably agree, to boot. But I could be wrong about that.

P.S. I hope I don’t come across with disagreeing with you about any of what you think tech “should” be. I totally agree with you.

Can you show me an example where a leader of an OSS project had reasonable discussions with other developers (read: n steps below calling them morons who write garbage code), and as a result their project was "stolen" by a powerful tech company?

Firefox + Mr. Robot for a very recent example. Someone at some level should have exclaimed angrily that pushing people an extension without their consent that fiddled with content was a “garbage idea for garbage people”.

Instead they lost face and now I and many other privacy concerned users can never trust Firefox ever again.

The firefox situation had more to do with the extension bypassing typical review processes than with engineers seeing the problem but not voicing their opinion. Many Mozilla engineers learned about that debacle the same time that we did.

Your question is constructed in just such a way as to make your point for you. Hopefully you’ll see that it’s far too specific of a demand as to truly support your position. Would you provide me with a less specifically bounded question that you think still captures your position on this?

I asked you to provide an example of the situation you described. I was as specific as you were.

I will try to be more straightforward.

You've stated that Linus has a unique role, and that he has to be this way or he'll lose the kernel/ essentially be worse at his job.

You've provided no examples or evidence (and I asked).

In your opinion, Linus must be this way, it is "just required" by his unique position. We have this totally unknowable position that you, for no apparent reason, assume is best suited to people who insult others publicly. And because this position is unique we can't compare him to others, by nature of the position.

You have essentially placed Linus in a position where you could basically justify anything. "Oh, well, it's a very unique role - you just have to be xyz for this sort of work".

The thing is, Linus's position may be unique, but it has a lot in common with lots of positions we have a good handle on. There are lots of open source leaders out there, lots of people who manage codebases, write code, etc. Maybe not exactly all of those things in exactly the same way, but we have plenty of similar positions.

I do not imagine a community so vehemently defending members of those positions who act like Linus. By your own admission this is a bad model for others in the same exact industry with similar roles - you even say they should be fired for acting the way he does.

So I guess my question is; what unique aspect of Linus's role makes him so different from everyone else with incredibly similar roles? What evidence is there that, against everything we know about positions like the one he fills, acting the way he does is the right way for his role?


His behavior and abhorrent and there is no excuse.

Does he owe you anything? Are you co-workers? Are you in his employ? It´s FOSS. If you don´t like it, walk away. The Linux kernel is his creation, his baby, and he runs the show. You don´t like his behavior? You don´t like his attitude? Fork the code, make your own mailinglist, get a bunch of people to submit patches, and knock yourself out.

I get that he is a "public figure in tech" and all that, but he owes you nothing - I failed to read the memo where he declared to act as a figurehead for proper behavior, or where he agreed to be an example or anything like that.

You are right on some level, but there may be exceptions to the rule. Keep in mind that Google may never have grown beyond its first years without Linux (and Linus guiding it). There was no other economically viable option with development at the state of the art, at least in those days (the late 90s).

> This is standard in any major tech company. His behavior and abhorrent and there is no excuse.

I work at one of those "major tech companies", and I can assure you that people call things garbage with regularly.

Is this public discussion an attempt to "zero in" on this problem? Does anyone outside of Intel "agree" with their current approach? This is a more reasonable situation for the Torvalds method than many others in which he uses it.


I would recommend reading this response.

Here are some great excerpts:

> That's why my initial idea, as implemented in this RFC patchset, was to stick with IBRS on Skylake, and use retpoline everywhere else. I'll give you "garbage patches", but they weren't being "just mindlessly sent around". If we're going to drop IBRS support and accept the caveats, then let's do it as a conscious decision having seen what it would look like, not just drop it quietly because poor Davey is too scared that Linus might shout at him again. :)

> If we can be done with the shouty part, I'd actually quite like to have a sensible discussion about when, if ever, we do IBPB on context switch (ptraceability and dumpable have both been suggested) and when, if ever, we set STIPB in userspace.

Those seem relevant to the thread. That said - it's really a good read for a technical overview of the issues and patches.

>it's likely to kill productivity

Possibly, but I don't think that arguments, even heated ones, aren't without benefits that may not be otherwise obtainable. Arguments require passion and commitment, you have to care about something to get heated over it face-to-face and when you, as an adult, get upset over something you are putting your reputation on the line to some extent. This motivates some people.

This provokes an interesting question-does googles desire for a very... harmonious work environment have any relationship with their reputation for project ADD?


For me, one of the more difficult type of engineers to work with aren't people low in tech skills or other traditional lacking, but engineers who can't deal with failings generated by other people, in a rational and civilised manner.

Anyone building anything of modicum importance is going to fail. Moreover, failures can be institutional, i.e any process or lack of process, which significantly increases the chances of failure. These have to be dealt with at an institutional level. If the failure is personal, I.e caused by traits specific to the person, can it be resolved by having a better feedback loop. Many reasons to be angry but very few to express it in a confrontational manner. I have many brilliant friends I wouldn’t work with for the above reason.

Google culture is Google culture, it doesn't prove anything other than what works for Google. Linus culture proves what works for Linus.

I've worked at a lot of places with different cultures. You don't need "Google culture" to not work with assholes.

I agree wholeheartedly that it is not a good way to live. I don't enjoy it.

> I've worked at a lot of places where engineer got into heated shouting matches. It's is not a way to increase the probability of zeroing in on a problem, or reaching agreement faster.

That hasn't been my experience. A boss at a previous job and I often had heated discussions about technologies and direction. It worked for us. We came to great solutions that neither of us started advocating. Years after I left, we are still good friends.

One lady we worked with started keeping a nerf gun on her desk if we got too close to her while arguing. This was the problem for me.

It wasn't good for us to fall back on raised voices to accomplish discussion. It accomplished the goals, but it did it in a way that was bad for our psyche. Even if we are both willing participants in that, we were effecting others who were both not willing participants AND unwilling to speak up because we were both her senior.

So I say fuck that. There is a way to say what needs to be said without being an asshole or spending time trying to make it politically correct. You just have to say the core of what you are trying to say, without the asshole flair attached to it.

Google culture is jerky in it's own way though. The demonization of James Damore was disgusting. Trying to silence educated voices from responding to request for comments on the topic is wrong.

what does work culture have to do with any of this? you want people to always behave as if they are at work? I rather not. companies have no desire to allow any kind of speech that would hamper productivity or create bad PR.

For what it's worth, I would definitely rather work under Linus than at Google. Google seems, from speaking to people who work there, thoroughly unpleasant.

I must say that I'm really happy that Linux is taking a stance on this one. He doesn't care what the legal consequences to Intel are, he is pushing for a proper technical solution damned be the consequences.

You’re not the only one, he may be brash at times but god damn we need him and maybe we need his brash anti-bullshit meter too.

Being able to call out bullshit doesn't mean having to curse it out. All Linus needs to do is say something like "I don't understand why this is here, and I'm not merging it until I do", rather than "They do literally insane things. They do things that do not make sense". The latter is not a technical argument, and it doesn't provide accuracy or clarity about next steps.

"So somebody isn't telling the truth here. Somebody is pushing complete garbage for unclear reasons" - maybe the patches are bad. Or maybe there is an undisclosed vulnerability (like https://skyfallattack.com/ ?) that needs this "garbage" to mitigate it, and no-one got Linus properly in the loop. If it's the latter, all this shouting and cursing about "They do things that do not make sense" has likely attracted the attention of people interested in such things...

Sometimes in a sea of noise it's good to have someone highly qualified shouting to make people sit up and really pay attention. Like now, because it is critically needed.

Really? It's a 10 patch series. Patches 4 & 5 have attracted high-quality low-curse technical discussion of <10 mails.

Linus' initial response to patch 9 appears to be missing from the mailing list, so it's not even clear to me he intended it to be made public.

Where is the sea of noise you think justifies this?

>> Being able to call out bullshit doesn't mean having to curse it out.

Here we go.

>> All Linus needs to do is say something like

And all you need to do is be that nice and be as brilliant as Linus is.

Oh, it's harder to be that smart than it is to be that nice? Maybe consider that for people as highly gifted as Linus, it actually isn't.

What you take for granted as normal behavior isn't always normal to others, especially those at the outliers of skill and intelligence.

Manners were invented to prevent disease and stuff, but they're also used by the aristocracy to differentiate themselves from the rabble. Complaining about word choice and tone is an example of the latter. "Linus doesn't talk the way good people do."

I think you're misreading my comment. The original post was "we need this brashness", my point is, we don't.

If a specific individual is unable to communicate without that, that's a totally different matter - being able to accommodate a wide church of people is a crucial diversity matter.

Would it have been clearer if I had said "All someone in a project leadership position needs to say ..." ? I'm arguing against that the notion that this approach is necessary, not that it shouldn't be accommodated.

I'm inclined to disagree on all points.

As sundvor already pointed out, Linus's cursing works. He uses it for emphasis, to bring attention to bear where it's needed. Being polite would likely be less effective.

> If a specific individual is unable to communicate without that, that's a totally different matter - being able to accommodate a wide church of people is a crucial diversity matter.

So shouldn't you be OK with Linus cursing?

I disagree here too, though. Cursing is a choice, not a disability.

If, say, a firm fires someone for failing to maintain a civil tongue, I'd hardly call that a diversity problem. It could be quite reasonable, depending on the firm.

> I'm arguing against that the notion that this approach is necessary, not that it shouldn't be accommodated

Define 'necessary'. Would the kernel implode if Linus were more polite? Of course not, but I still agree with sundvor that Linus uses it as an effective tool. He's not just an angry child with poor impulse control.

Linus' cursing works because he's Linus, not because he is cursing. There is really no evidence that if he uses strong but less abusive language the work won't get done.

>> There is really no evidence that if he uses strong but less abusive language the work won't get done.

That is because there is no other copy of Linus. There's plenty of other lesser software developers who can't do a tenth of what Linus did in his life.

There's also no other copy of Donald Knuth, or Dennis Ritchie, or Alan Kay, or any other computer luminary. There's also no other copy of any "other lesser software developer" or you or me or the baristas at your closest Starbucks. What you've said in response is "the sky is blue": indisputably true and essentially irrelevant.

I'd argue that in fact, there is circumstantial evidence that brilliant computer programmers can get work done without occasionally making those they interact with miserable: that evidence is the fact that most brilliant computer programmers get work done without occasionally making those they interact with miserable. There is nothing that requires Linus to make strong points by jumping and down and screaming. That's an affection he deliberately chooses.

There's a strong notion through this whole comment thread of "if he didn't do that, nobody would listen to him," which is absolute nonsense. People don't listen to him because of these kinds of outbursts, they listen to him because he's Linus Torvalds. They listen to him in spite of these kinds of outbursts.

>People don't listen to him because of these kinds of outbursts

Check the title of the thread you're in, and how many comments it has. People absolutely listen to him when he has these outbursts. It's usually a solid indicator there's something worth getting outraged about.

And that somehow entitles him to insult everyone he wants to, so frequently?

> so frequently

I am guessing you don't read the Linux mailing list if you think Linus goes off like this regularly. Maybe you're confusing it with the OpenBSD list and Theo.

Linus' comments like this make the news because of the content. If he did this all the time - frequently, as you posit - it wouldn't make the news all that often, as it would be normal. Linus isn't a guy who flies off the handle with regularity.

>The original post was "we need this brashness", my point is, we don't.

I think we do when communicating with some people. It's all a matter of context. To 99.99% of people being brash is just going to be a hindrance. For some however it's required for them to see what their actions are not up to standard.

That's my 2c's anyway. I've never had a situation (within the tech industry) where I've needed to be so on the nose as Linus, but a couple of times I've got close after repeatedly telling one person their actions were VERY wrong and risked doing the whole entire team damage.

The original post was "we need this brashness", my point is, we don't.

Anything that speaks for all of us is bullshit, so both of you are offtopic. Anybody who pretends to speak for what "we need" is a charlatan. You don't need to address what one person says their preference for universal organization is. Don't feed the trolls.

How much attention would this have gotten it if was a polite note somewhere?

Maybe less. Probably not more ....

Also, what's wrong with cursing? Are our sensibilities really that delicate?

BULLSHIT (I hear you like it). It's about basic etiquette, and treating humans as humans. No amount of gifted skill is a threshold for crossing that behavior barrier.

>>No amount of gifted skill is a threshold for crossing that behavior barrier.

Sure there is. You would rather have Linus in your life who yells at people than not. Linus being an asshole is something you have to deal with to get access to his intelligence. I suggest you make peace with this understanding, as it applies to far more people than Linus.

Having a Linus who doesn't yell at people will be any day better than having one who abuses others at will. He needs to take anger management classes. We could seriously do with a little less high-headedness in the world.

>> Having a Linus who doesn't yell at people

And having my cake and eating it too in every scenario would be great. That's not how things work all the time. It's up to you to deal with it, not Linus to change. He's the scarce resource. He has the leverage. You're just someone on the Internet mad.

Even if I was offended by his communication style, I agree that his technical acumen ought to afford him freedom to communicate as he pleases (possibly limiting to the realm of his expertise).

I've found this quote by Neil Gaiman to be applicable to more than just Freelancing:

> You get work however you get work, but people keep working in a freelance world (and more and more of todays world is freelance), because their work is good, because they are easy to get along with and because they deliver the work on time. And you don’t even need all three! Two out of three is fine. People will tolerate how unpleasant you are if your work is good and you deliver it on time. People will forgive the lateness of your work if it is good and they like you. And you don’t have to be as good as everyone else if you’re on time and it’s always a pleasure to hear from you

Again, your understanding is that intelligent people have the right to abuse. That's just akin to supporting oppression of weaker by stronger. That might be how things are for a lot of people, but not how they should be. Also, mad internet people have historically changed a lot of things, so I'm justified in showing my disapproval even if it won't change Linus. Changing at least one upcoming Linus in life would be a good enough goal.

>> right to abuse.

Equating harsh even personally offensive language to "abuse" is the biggest disagreement here.

Many people, myself included, prescribe to axiom of "sticks and stones will break my bones but words can never hurt me" I understand that the current generation believes that feels are the most important thing ever...

I reject the idea that a person has the right not be offended, and I reject the idea that words on a linux mailing list are abuse

Started writing a response before reading your own, I think you've nailed my perspective on the matter.

Abuse is not offense, offense is not abuse.

Oxford dictionary says otherwise. Replied to the parent comment with references.

It doesn't matter what meaning you personally attribute to it, harsh, deliberately insulting language is "verbal abuse". References:

1. https://en.oxforddictionaries.com/definition/abuse

(Look for meaning 3)

2. http://www.thefreedictionary.com/abuse

Look for 'verbal abuse'.


Not sure what made you think all these things you're writing. By abuse I simply meant 'verbal abuse'. You yourself first apply hyperbolic meaning to the word, and then say it's not that. The whole argument is kind of strange to me. And when did showing dictionary meaning of the dictionary word I'm using start to be a fallacy of argument?

Either you are trolling, or naive into the Politically Correct Social Justice world around you if you do not understand the point of view I am speaking against.

World where people are fired from their jobs because they tell a joke someone finds offensive, I world where you are just one twit or one overheard conversation away from the outrage mob ruining your life..

I think others have clearly communicated who they think is the troll by flagging.

lol... No Social Justice Advocates hate freedom of speech as you seem to as well. Flagging is an indication they they disapprove of my views and would like to censor it. It is indication they do not believe in the concept of free speech

:) Everyone who disagrees with you is either a troll, 'social justice advocate', and what not. Freedom of speech is a legal right, but civilized behavior is an basic expectation and as a privately managed forum HN can enforce their own expected behavior. Your arguments were anyway not constructive as per their guidelines. No further argument from me.

Maybe you should be more concerned about people who are actually threats to you, rather than those who just use language you don't like.

I'm already more concerned about the people who are an actual threat to me, just that I'm also concerned about prolific people using abusive language to insult lesser intelligent people. If I write in the tone that everybody else here is writing in support of Linus' abusive language, I'd say "I am what I am, get over it".

No, it will not. Because then we get a Linus who would have to maintain a filter as well as his technical expertise. The later would suffer, I'm shure.

While I believe your perspective to be reasonable, you do realize that your first sentence undermines your credibility to assert there validity.

Sometimes like for like treatment is necessary.

For random future internet individuals, i know, i know: *there should be their should be its...

Thank you for saying what I couldn’t put into words.

If you’re worried about ‘cursing’ and you seriously think that it’s something important in the scope of this discussion around security and the grand scale of negligence afoot, I believe you may need to re-evaluate your values.

In fact, the idea that you’re even bringing up such minor language at such a time really disappoints me.

Yeah, it's weird... I get why people would want to call Torvalds out on acting abusively, but focussing on the 'bad words' is odd.

Would I be correct in assuming that the majority of commenters here are from the US? (Not trying to throw shade on you Americans, just that you do tend to get needlessly flustered about swearing)

> Being able to call out bullshit doesn't mean having to curse it out

Sometimes this is actually necessary to get heard, and have the issue taken seriously. It helps providing the feedback that something REALLY wrong just happened and needs to be addressed immediately.

Imagine a sergeant talking to a trainee. What's the most efficient ?

- "Dear soldier, I think the way you handle your weapon is going to get you killed in a few moment. You should probably change that appropriately. If I may provide you this advice, of corse."

- "Stop this shit now! You're going to shoot yourself!"

Of all replies defending Linus I've read, this one hits home run.

Linus himself admits[1] that his outrageous insults are sort of "jokey" and a hyperbole. That's the surface. The underlying tone is to get attention without getting drowned by political correctness.


I do agree his language and tone can be very painful to read. Imagine getting called a moron in front of the whole world, when you could have private conversation first with a smaller group.

When I read his reply, I could feel the pain. I imagined I would reply back to him and say "well fuck you too." When I finished reading the email, regardless of who is more right or more wrong, I can understand and feel his frustration. I would absolutely go mad if someone messes with something I care about, and then have the guts to do fact checks.

But I still think there is room to offer an olive branch, honestly. But given how busy he is, and how many shitty patches they get, I can understand his frustration.

That being said, it almost seems like no one other than him, can do a better job in keeping up with the quality if he has to be the one yelling all the time. When Linus is no longer involved (for any reasons), can Linux kernel project continues to have quality code?

A couple years ago Linus shared his views on insult: respect should be earned. https://www.youtube.com/watch?v=JZ017D_JOPY

Worth watching.


If I've been a moron in front of the whole world, you might as well call me one; that part doesn't make a lot of difference. And if I know I haven't, well it doesn't make a lot of difference if you call me one either. I'm not five years old any more, having to chant "sticks and stones may break my bones..." to convince myself it's true, choking back the tears.

There was no "pain" on reading the reply. Only a minor frustration that there had clearly been a miscommunication about the different parts of the patch series, leading to his objections when he saw something he didn't expect. And certainly no temptation to say what you suggest. It was a technical rant. No people were harmed, and a personal reply like that would have been completely unnecessary.

I was expecting him not to like IBRS. Hell, I don't like it either. But as I said later, it still wants posting in the light of day, and a conscious decision to drop it and accept the caveats, if that's what we're going to do.

Thanks for replying here. I'm not so interested in the debate about decorum and word choice as the technical matter, but it's good to head off the branches of speculation (if you will) into them to have your insights.

> Imagine getting called a moron in front of the whole world

If he was right about what I did, I would make damn sure that I didn't do it again.

I believe he's being obnoxious because the people submitting these patches are trying to quietly pull some bullshit.

If you're trying to affect countless people and companies across the world with questionable actions, I don't care how bad you feel.

> Or maybe there is an undisclosed vulnerability (like https://skyfallattack.com/ ?)

Let's not highlight this nonsense hoax. It isn't how embargoes work and is obviously people just trying to jump on the hype train.

The function of the "shouting and cursing" is to draw attention. If Linus had used mild language, it wouldn't be on Hacker News and we wouldn't be talking about it. When Linus rants, it's always something worth ranting about; it's a powerful shaming tool to enforce good behaviour in a world where there's little other leverage.

And in the unlikely event that your theory regarding undisclosed vulnerabilities is true, this will certainly make them think twice about leaving Linus out of the loop again, no?

> "I don't understand why this is here, and I'm not merging it until I do"

This is not clear enough and could be interpreted as incompetence on the part of the speaker

It turned out that Linus had confused "IBRS" and "IBPB". That seems to me that he didn't understand it.

I'm not sure why saying "I don't understand this" would confer _incompetence_ rather than just not understanding. Understanding is easily gained with good communication. The original patch set clearly doesn't explain the point of the patches well, and everyone gets things wrong as well. There's no shame in saying "I don't understand this", it's not a final statement equivalent to "I will never be able to understand this".

Which means you are insecure about being viewed as incompetent over furthering the discussion.

If you don't understand it, say you don't understand it.

Unless you are a narcistic person that think you can never fail and anything you don't understand is always garbage.

The content in that link is hair-raising to say the least.

I suspect this isn't even Linus at "full throttle"[1], as it were, since he's still censoring his "fuck"s.

[1] https://lkml.org/lkml/2012/12/23/75

And here[1] is Woodhouse's coherent latest reply as of a couple hours ago on the issue, which explains for all us in the peanut gallery (his words, which I think are spot on) exactly what this is about, why it's included, how it actually affects the situation, why it was put forth at all, etc.

It appears much less sinister than Linus was insinuating, but Linus has yet to reply.

1: http://lkml.iu.edu/hypermail/linux/kernel/1801.2/05282.html

That's an interesting summary but I predict that Linus will destroy him for completely avoiding the hard question: why the fuck IBRS_ALL would not be on by default on future "fixed" chips, if on such CPU it would not be somehow crappy. And the risk of it becoming architectural (with that absurd default) is insane too.

Why would he do that? I completely agree with him on that, and I already told him I've been pushing back on it since I first heard about it a few weeks ago. Although there are technical reasons why we might need IBRS_ALL as a stop-gap before we can get to a proper solution, we bloody well ought to have line-of-sight to a proper solution in the same way that RDCL_NO says "it's OK, we fixed it" for Meltdown.

But that's a separate topic. As I explicitly said, I limited that answer to the things we can do on current hardware.

In case it’s unclear to anyone, David Woodhouse (the person Linus is replying to / previous poster) works for Amazon and previously Intel[1] aka @dwmw2 on Twitter, ironically his twitter profile is: “Kernel hacker. Known to occasionally promote an attitude of violence towards complete morons.”

*[1] Correction, I thought (as does Google) that he still worked at Intel, but it was pointed out that he now works at Amazon UK.

This isn't the case, he works for Amazon. Unless he also works for Intel but that seems unlikely.

Edit: Just to make this clearer you can see his email in the Signed-off-by of the patch under discussion: https://lkml.org/lkml/2018/1/20/163

Thanks for pointing that out - I was under the impression he still worked for intel, before commenting I checked and all the top Google results suggested as much, I’ve corrected my comment.

* Principal Engineer - Amazon Web Services - Employed Oct 2016 – Present - Employment Duration 1 yr 4 mo

* Intel Corporation - Linux Kernel Engineer - Employed Jun 2008 – Oct 2016 - Employment Duration 8 yrs 5 mos

Source: LinkedIn - https://www.linkedin.com/in/dwmw2/

Note: Also, this is not and please do not turn this into a personal witch-hunt or anything like that, I am just adding context / clarification as to the mailing list thread.

Thanks for this, the beginning where he quotes himself threw me off.

I, too, missed the double-indenting at the start and thought David was replying to Linus. Once I got to the textbook swearing I double-checked and figured it out.

No worries at all, mailing lists are a PITA to navigate at the best of times.

I'm going to be honest, I need an ELI5 here. I know what the meltdown/spectre issues are, and kinda understand what retpoline is.

Big simplification:

Proper way to fix an hardware bug like this, is that newer cpu gets protected by default, and they answer they are when queried.

So you can ask the CPU "what's your status on bug X" and the cpu answers "i'm good, you don't need to do anything" (newer fixed chips), or "i know about it but was already built, and need microcode update/special behavior to protect myself" (current chips with microcode update), "no answer / I'm not good" (old chips without update).

So new stuff is protected, and you add more protection (and slowdowns, and special stuff) for older chips that don't know how to deal with it.

What Intel is trying to do here, is to go the other way: the chips, even the new ones, will stay vulnerable by default, and when queried they say "I have a fix but I don't use it, you can enable it by asking !" and the kernel is supposed to enable it.

It's terrible for a lot of reasons, like "boot an older os and it's vulnerable since it doesn't know to call this", "additional code to enable this feature has to run for all of eternity for new chips now, instead of having to run for older chips and being phased out over time", etc ...

The reason why Intel does that seems obvious: by default the chip does not lose speed since the fix is not enabled, and so instead of "intel chips lose 30% speed over night because of a flaw" it becomes "intel adds a special security mode that protects you even more for critical applications, at the cost of some speed". Purely marketing speech and decision at the cost of proper engineering decisions, and they need and try to get OSes like Linux to play along. That's what he means by "[it] shows intel had no intention of fixing those flaws".

Additionally there seems to be a second issue in that the quality and behavior of the patches they submitted are trying to hide this deceptively simple but technically terrible behavior by making it look/sound obtuse and complicated.

In other words, intel is using its presence and weight to try and push a shitty solution, but one that is better for them marketing wise. Linus is flabbergasted to be treated like an idiot or a obedient drone that should apply such obvious abusive patches.

Awesome explanation. That is indeed deserving of the word "f*cked".

My next CPU will be an AMD then.

That's the upshot of this debacle for me, too. Intel has lost me (again) as a customer.

How did they (temporarily) win you back?

For a while, they were really the only game in town when AMD was struggling to keep up, performance-wise. Now with Ryzen there's really no reason for me not to switch back. I was an AMD fanboy from the K6-II through a few Athlon revisions.

Linus also says that this shows Intel means never to fix Spectre2. Of course, that would only be their current position -- they could change their minds later. That strongly implies that the decision to disable by default is a marketing decision, but take this with salt -- it could also be a bad engineering decision.

> In other words, intel is using its presence and weight to try and push a shitty solution, but one that is better for them marketing wise. Linus is flabbergasted to be treated like an idiot or a obedient drone that should apply such obvious abusive patches.

I see where the brashness comes from. Shady dealings on Intel's part.

Wow. That's outright malicious behaviour from Intel there.

It's not entirely clear to me, but in some of the followup emails it appears that Linus was mistaking the purpose of some patches (or flags at least) due to unobvious naming, but I'm unsure if that significantly alters his criticism. He says it still applies, but is much more muted in tone about it (and whether that's from the original email possibly not being intended to by public or not, I don't know).

This doesn't make sense though. If Intel indeed plans to leave chips vulnerable except if you set a flag, then how are these bullshit patches? This will be the only solution Intel is going to deliver right? I get that he doesn't like it, but that doesn't explain why he feels lied to. If Intel says "we're going to not turn the patch on by default", wherein does he suspect the lie?

He's complaining about their "fix" being terrible, but isn't fully against using it the end since as you said, that's all there is going to be to have the chips work properly.

The reason he refuses those current patches and directly call it a lie/deception is because of what my last two paragraphs related; if you read his message (where the link points to) it's about half way: Intel tries to disguise it by doing it in a convoluted way. Basically they try to avoid making it obvious when looking at the code, because they don't want a "if (intel_chip) enable_fix_because_default_is_broken_on_intel();" and instead pushes something that looks like the kernel needs to do lots of complex stuff [aka, "it's complex, and a fix-on-chip is not enough the kernel needs protection anyway !", and that means a terrible patch with lots of garbage and filler code.

Intel's intention is clear in that they specifically pushes this in the same patchset as the "tell the chip to be secure", trying to mush the two things together to make it looks like it's all the same thing, whereas in reality it should be two patchset: one to enable the security mode, and bad for intel marketing wise. And a second one to add those "fixes" to the kernel, that would be refused because terrible and in part unecessary since retpoline already protects it. What Linus is saying is "sure I need the first change, but since you're intent on pushing them together I'm refusing them, because the second one is pure garbage, and you mix them together to hide the first".

Eg quotes from said mail to show it's indeed his problem:

> So instead they try to push the garbage down to us. And they are doing it entirely wrong, even from a technical standpoint.


> The patches do things like add the garbage MSR writes to the kernel entry/exit points. That's insane. That says "we're trying to protect the kernel". We already have retpoline there, with less overhead.

(what he means here is that they try in their patch to make it look like the kernel needs a special protection, while it already has it through retpoline)


> So somebody isn't telling the truth here. Somebody is pushing complete garbage for unclear reasons. Sorry for having to point that out. If this was about flushing the BTB at actual context switches between different users, I'd believe you. But that's not at all what the patches do.

(eg "why are you pushing all this crap around to hide what's really happening/need to be executed")

That makes sense, thank you!

The reasonable expectation would be that Intel fixes one (or both) of the bugs

- In newer CPU's. There should be mitigations against these attacks. That would probably seriously hurt intel by delaying their future processor launches

- In Older/existing CPU's through microcode updates. Bar literally making "fixed" versions of every Intel CPU in the last 10~ years. This is the only way to resolve the issue on existing hardware

Instead of doing that. Intel wants to avoid the much-reported "30% performance hit" by simply saying "Well if you want this FEATURE, you can enable it in your OS!"

Intel is trying to downplay a massive security vulnerability in their hardware as something that OS vendors can just let users opt in/out of

It's not Intel's issue, it's a design flaw per se, affecting _all_ CPUs that use predictive branch execution that has effects on the processor cache, which are pretty much all processors produced in this millenium.

That said, there _might_ be a solution to this problem in a way that predictive branch execution does not need to be removed completely from future architecture, which would be a thing we don't really want to loose, even if it increases safety. During that time, it makes sense to disable it, but not by default. The only implication is that older systems must be patched, which is every admin's responsibility.

> It's not Intel's issue, it's a design flaw per se, affecting _all_ CPUs that use predictive branch execution that has effects on the processor cache, which are pretty much all processors produced in this millenium.

Just because other CPUs have this flaw, doesn't mean this isn't Intel's issue. Regardless of the state of other CPU manufacturers, Intel is producing buggy CPUs.

> which are pretty much all processors produced in this millenium.

Is there a simple table of every mainstream purchasable CPU out-there and whether it was affected?

To be clear: I'm not knowledgeable about this at all, so I could be way off base, but my reading is that he's saying that the patches seem to be doing things that don't make sense (given the information supplied with them) - that is, Intel are trying to sneak in extra fixes or other things alongside without talking about them.

The bullshit part is that Intel is trying to push this as a 'solution'. Linux is incredibly important, so if Linus does not approve of this 'solution', it'll be very difficult for Intel to go through with it (of course, they could also be brash and still do it).

See my second message (next to yours), it's not just that, yes he thinks and clearly says that thissolution is terrible but that's not why he calls them out to be basically liars; this one is because they put useless filler garbage code all around to hide what's happening in their patches.

I think we're lucky to have someone as clear, outspoken and refusing such crap in charge of the kernel.

Part of the problem is Linus doesn't actually understand the different portions of what Intel is doing, and is mixing up IBPB and IBRS. They do different things, and he's thinking they're all part of the same thing.

This could be a sign that these things are poorly written and need to be refactored into something more obvious, or it could be that they're so fundamentally complex that it's going to be difficult to grasp without context.

> or it could be that they're so fundamentally complex that it's going to be difficult to grasp without context.

If it is that fundamentally complex, then it sounds like they need to find a better solution.

I don't disagree, but they are working under a time crunch trying to fix something that is a flaw fundamental to modern chip design.

Hopefully the goal here is to get everything to a secure state, with time to iterate and improve once everyone can sit back and breathe. Hopefully.

Thank you.

Thank you for your explanation.

Thanks for your informative explanation. However…

> "boot an older os and it's vulnerable since it doesn't know to call this"

Presumably the hardware that fixes this is not even available on the market yet. How likely is it that somebody will go out of their way to install an obsolete OS version on their brand new hardware?

An obsolete version that runs faster and benchmarks better, which some customers won't realize is less secure? It doesn't seem unlikely...

The problem is that every fix that you could think for Spectre reduces the performance of the CPU.

So not enabling this by default it's a good choice, Spectre is very difficult to exploit: so if you do critical things you enable the fix, if you use the computer for gaming, video rendering, and things where you don't care too much about security but you care about performance, you don't enable it.

Why not the other way around? You have the fix enabled and if you don't know you get protected by default. If you really know better then you can disable the fix (via a special CPU instruction), because you know you're not running anything critical?

> you can disable the fix (via a special CPU instruction)

The CPU can not be allowed to disable the fix, because then that could be done by an attacker. Therefore the only more secure way is to move in the secure direction, from insecure to more secure.

Nonsense, just make it so that only privileged kernel code can modify this configuration. Tons of CPU configuration parameters already work that way, it's a non-issue.

If for some reason you even want to forbid even privileged code from modifying the config then add an other "lock" bit that forbids subsequent reconfiguration till the next reboot.

Uh no, they would obviously make it so only kernel code can run that, like many other such settings.

And if an attacker can run code at the kernel level it's a non issue, as they're already on the other side of the airtight hatchway anyway [1]: they're in control of the computer and the memory.

[1]: https://blogs.msdn.microsoft.com/oldnewthing/20060508-22/?p=...

"Spectre is very difficult to exploit"

From what I've seen. There's been demonstrated attacks using Javascript in Chrome to dump the saved passwords from the browser using these bugs

If an attack is that easy to pull off, I don't think it's reasonable to make it an "opt in"

Agreed, I keep hearing it's difficult yet user om2 on the webkit team says they were able to come up with multiple attacks internally in the webkit team once they'd heard about the trick [1].

Safari/webkit have since rolled out mitigations to prevent the attacks that they figured out but it puts the lie to the idea that Spectre is only a theoretical attack that we've yet to see an exploit for.

[1] https://news.ycombinator.com/item?id=16104831

Insecure defaults are always bad. The other way round would be the right choice. Let users downgrade their security for performance, if they insist.

Here's an explanation of retpoline:


“Retpoline” sequences are a software construct which allow indirect branches to be isolated from speculative execution. This may be applied to protect sensitive binaries (such as operating system or hypervisor implementations) from branch target injection attacks against their indirect branches.

The name “retpoline” is a portmanteau of “return” and “trampoline.” It is a trampoline construct constructed using return operations which also figuratively ensures that any associated speculative execution will “bounce” endlessly.

Maybe I wasn't clear. Your explanation and the linked article is very informative, but I wanted to understand what's the "garbage" Linus is talking about. As I said, I do understand retpolines from a high level.

The garbage part is still somewhat beyond my understanding but as I see it he isn't so much talking about the decision to not disable insecure branch prediction by default but rather addressing some very weird behaviour the patches add to kernel entry/exit points. Namely writing to MSRs (Model Specific Registers). This seems non-sensical as the branch predictor shouldn't need screwing with at this stage because the kernel already has retpoline protection. So he is musing there is further ulterior motives here.. perhaps another vulnerability (beyond Meltdown/Spectre) they are getting out ahead of with these very peculiar changes.

He is still ofcourse mad that they don't seem like they want to fix Spectre correctly but that seems tangential to how pissed he is that they are trying to get code merged that clearly does something other than just mitigate Spectre.

Unfortunately this entire thread is derailed with garbage about how Linus talks, rather than the fact he thinks Intel is doing something really fucking dodgy here and we should all try work out what it is.

Linus seems to have two complaints:

1) Recent patch submissions imply that Intel has no good hardware or microcode mitigation for spectre-like attacks. There is a sub-complaint that Intel has a bad (i.e. kills performance) fix, but will not enable it by default because benchmarks matter.

2) This series of patches in particular appears to be doing either something different, or more than what their descriptions imply

These patches do various things, presumably to manipulate the opaque internal state of the CPU, but only Intel knows for sure precisely what they do.

> Intel has no good hardware or microcode mitigation for spectre-like attacks

I was under the impression that for at least one category of attack, there is no hardware mitigation possible because it's a fundamental problem with the x86-64 design. Fixing it would require building a chip that uses some other architecture. Is that not the case?

That's not exactly true. You could build an x86-64 chip without these flaws, but it would require a new internal architecture with a lot more silicon.

One obvious approach would be to have two caches per core. Speculative execution would use a different cache than normal execution. If the speculative action is committed to, it swaps which cache is the normal one and which is the speculative one. Then you'd also need to flush the branch predictor on context changes. And a few other issues.

Nothing that's impossible to do, but it would require a huge amount of new design and a lot more silicon just to maintain the performance of current chips without mitigation.

It will very probably not be double caches and nothing that kind of order for requested new silicon area. Its only an annoyance because the design are not gonna change for solid Spectre resistance (at least for its currently known versions v1 and 2) for the next chips, because their design are already complete since month if not years, and yes, that would be very significant changes. But separating the caches? Never gonna happen. Anything taking the same space as separating the caches? Never gonna happen, and actually not needed.

Yes a solid Spectre fix will obviously make designers rethink their microarch in some deep aspects. But somewhat good mitigations should be available as soon as the next chips, and off-by-default is completely utterly insane. The OS is not part of the platform (except in some special cases that can disable the mitigation for performance if they like), and the platform is supposed to be retro-compatible, maybe not perfectly but reasonably. Ok it has already been somewhat less true than before in the few recent year, but lets not encourage that behavior. So shipping new CPU that are broken by default but can be somewhat less broken as an opt-in is an attempt to mask the level of the fuck-up, or maybe to avoid the creation of a new stepping. We should not tolerate that from Intel, a stepping is expensive but they have the money to do it.

My point was solely that there are ways to preserve x86-64 as an ISA, and listed the single most obvious way to go about it. I never suggested that it was the best solution, or that those changes would be made any time soon, or that Intel's behavior has been anything but atrocious.

Did you mean to respond to someone else, maybe?

I'm no chip designer, but maybe a 'small' speculation cache which allows quick moving to the real caches might be better just in terms of less cache needs. If there's not enough space then you can't speculate farther, and that's that.

Of course, that'd probably need more complex logic to manage this new cache, which makes things more difficult. Then again, not sure how two caches interacts with potential speculation across multiple branches (does Intel even do that?)

(FYI you're missing your [1] reference.)

Thanks, I had a footnote, but decided it would be more confusing than clarifying at the ELI5 level.

There's a follow up email that has much more details. Not ELI5 though.

> But since the peanut gallery is paying lots of attention it's probably worth explaining it a little more for their benefit.



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact