Linus Torvalds, the original creator of Linux, announced good and bad news about the Meltdown security vulnerabilities and Specter. The good news is that Linux Kernel 4.15 is out and it's "quiet and small, no last-minute panic, with minor fixes for various issues."
The bad news? "We're not done with Specter - Meltdown."
In the Linux Kernel mailing list (Linux Kernel Mailing List or LKML), Torvalds reports:
"Most of the 4.15 project was all the regular boring stuff and I mean it was done in the best possible way that may not be glamorous to get titles, but is the bread and butter of core development."
"While Specter / Meltdown was obviously the big news of this development cycle, it is worth noting that we also had all the regular updates and that work elsewhere did not stop, and did not distract developers from CPU issues. In the big picture, 4.15 looks perfectly normal, with two-thirds of the full patch being drivers… and not to reduce CPU errors. ”
But, trying to fix the problems that appeared with the Meltdown and Specter vulnerabilities, the developers spent a lot of time on problems that have not yet been completed. First of all, like all developers of any operating system, Linux developers are waiting for Intel's hardware designers to complete updates to firmware and microcode.
In his latest quarterly report, Intel CEO Brian Krzanich said Intel would "restore confidence in data security with a first urgent, transparent and timely communication with the customer." We are still waiting.
Krzanich also said that Intel is "working around the clock" to mitigate the Meltdown and Specter flaws and that the company will release updated chips later this year to provide a permanent fix. In the long run, defining these hardware architectural design problems may even require them users to replace their CPUs.
Meanwhile, Torvalds developers for the Linux kernel know the job is not done.
Torvalds said: "It is worth noting that we are not ready with Specter / Meltdown. It takes more time (arm, specter-v1, etc.) ”
Torvalds believes that “we will have a normal and completely boring development cycle for the 4.16 kernel. "Because boring is really good."
- Windows vs Linux you like does not like it
- Kernel 4.14.15 fixes 2 on 3 Variants of Specter & Meltdown
