Prof. Jayanth R. Varma's Financial Markets Blog

About me       Latest Posts       Posts by Year       Posts by Categories

Why Intel investors should subscribe to the Linux Kernel Mailing List or at least LWN

On January 3 and 4, 2018 (Wednesday and Thursday), the Intel stock price dropped by about 5% amidst massive trading volumes after The Register revealed a major security vulnerability in Intel chips on Tuesday evening (the Meltdown and Spectre bugs were officially disclosed shortly thereafter). But a bombshell had landed on the Linux Kernel on Saturday, and a careful reader would have been able to short the stock when the market opened on Tuesday (after the extended weekend). So, -1 for semi-strong form market efficiency.

Saturday’s post on LWN was very cryptic:

Linus has merged the kernel page-table isolation patch set into the mainline just ahead of the 4.15-rc6 release. This is a fundamental change that was added quite late in the development cycle; it seems a fair guess that 4.15 will have to go to -rc8, at least, before it’s ready for release.

The reason this was a bombshell is that rc6 (release candidate 6) is very late in the release cycle where only minor bug fixes are usually made before release as version 4.15. As little as 10 days earlier, an article on LWN stated that Kernel Page-Table Isolation (KPTI) patch would be merged only into version 4.16 and even that was regarded as rushed. The article stated that many of the core kernel developers have clearly put a lot of time into this work and concluded that:

KPTI, in other words, has all the markings of a security patch being readied under pressure from a deadline.

If merging into 4.16 looked like racing against a deadline, pushing it into 4.15 clearly indicated an emergency. The public still did not know what the bug was that KPTI was guarding against, because security researchers follow a policy of responsible disclosure where public disclosure is delayed during an embargo period which gives time to the key developers (who are informed in advance) to patch their software. But, clearly the bug must be really scary for the core developers to merge the patch into the kernel in such a tearing hurry.

One more critical piece of information had landed on LWN two days before the bombshell. On December 27, a post described a small change that had been made in the KPTI patch:

AMD processors are not subject to the types of attacks that the kernel page table isolation feature protects against. The AMD microarchitecture does not allow memory references, including speculative references, that access higher privileged data when running in a lesser privileged mode when that access would result in a page fault.

Disable page table isolation by default on AMD processors by not setting the X86_BUG_CPU_INSECURE feature, which controls whether X86_FEATURE_PTI is set.

As Linus Torvalds put it a few days later: “not all CPU’s are crap.” Since it was already known that KPTI would degrade the performance of the processor by about 5%, the implication was clear: Intel chips would slow down by 5% relative to AMD after KPTI. In fact, one post on LWN on Monday evening (Note that Jan 2, 2018 0:00 UTC (Tue) would actually be late Monday evening in New York) did mention that trade idea:

Posted Jan 2, 2018 0:00 UTC (Tue) by Felix_the_Mac (guest, #32242)
In reply to: Kernel page-table isolation merged by GhePeU
Parent article: Kernel page-table isolation merged
I guess now would be a good time to buy AMD stock

The stock price chart shows that AMD did start rising on Tuesday, though the big volumes came only on Wednesday and Thursday. The interesting question is why was the smart money not reading the Linux Kernel Mailing List or at least LWN and getting ready for the short Intel, long AMD trade? Were they still recovering from the hangover of the New Year party?

Posted at 1:21 pm IST on Fri, 5 Jan 2018         permanent link


Comments

Comments