How far are you willing to go to make your PC more secure? Most security conscious people understand that mitigating their risk involves some kind of trade-off, whether it's sacrificing convenience, spending more money, or compromising their system's performance. Yet many Linux users weren't prepared for a patch for the Spectre v2 vulnerability to incur up to a 50% performance penalty on Intel processors.
The patch in question was released with the Linux 4.20 kernel. It bears the Single Thread Indirect Branch Predictors (STIBP) mitigation for CPUs with simultaneous multithreading (SMT). This is supposed to prevent attacks based on the Spectre v2 vulnerability, but as a result, it also hurts performance on Intel processors with Hyper-Threading enabled, provided those CPUs are running the latest microcode updates as well.
It was clear that STIBP would impact performance. Yet according to a message posted by Linus Torvalds, who is back at the helm after a brief hiatus in September, "nowhere in the discussion did I see any mention of just *how* bad the performance impact of this [patch] was." He added that "when performance goes down by 50% on some loads, people need to start asking themselves whether it was worth it" to use the mitigation.
Torvalds also said that people truly concerned about their security just disable SMT entirely. That means a mitigation enabled by default with the latest Linux kernel incurs up to a 50% performance overhead even though most people either won't benefit from it or have taken other precautions. That led Torvalds to propose the following solution for the next release of Linux for Intel systems, which should appease most users:
"I think we should use the same logic as for L1TF: we default to something that doesn't kill performance. Warn once about it, and let the crazy people say, 'I'd rather take a 50% performance hit than worry about a theoretical issue'."
Besides, Torvalds isn't the only one surprised by this implementation of STIBP. Intel Fellow Arjan van de Ven said in a reply that "in the documentation, AMD officially recommends against this by default, and I can speak for Intel that our position is that as well: this really must not be on by default." He added that using the tools "surgically" is fine, but the idea of having it always on elicited a one-word reaction--"Yikes."