Originally posted by elatllat
View Post
2. even with "private git repository" you can't have the patch land in mainline and see serious feedback and testing until the embargo is over, for the above reasons.
The "private list of security officers" (namely Torvalds, Greg and another guy) can't really know enough about the CPU architecture and exploits to actually mitigate the issue properly (as in "without significant performance loss") themselves and still have to rely on contributions from Intel or whoever is the manufacturer.
This will only increase a bit the time the CPU mitigation patches will have for review (3-6 months, depending on the NDA) but won't guarantee a damn thing about quality of contribution (Intel can keep sending bs mitigations instead of fixing in hardware), and it's still limited to fixing the issue in mainline when the NDA expires.
Leave a comment: