Intel backtracks on benchmark-banning microcode licence

August 24, 2018 | 11:39

Tags: #benchmark #flaw #foreshadow #insecurity #licence #licensing #meltdown #microcode #security #spectre #speculative-execution #vulnerability

Companies: #debian #intel

Intel has been forced to roll back a change to the licensing terms of its processor microcode firmware that forbade users from publishing benchmark results, but has neither explained the intentions behind the original change nor apologised.

Intel, it has to be said, is having a rough time of late. The company has been struggling to get its long-delayed 10nm process node off the ground, is seeing increasing competition from perennial underdog AMD, and has been scrambling to patch a string of serious security vulnerabilities related to its use of speculative execution to boost processor performance - though in this latter issue it is not alone.

It's the speculative execution flaws that appear to have given the company the idea to prevent users from directly comparing system performance pre- and post-patch: The company's latest microcode update, released to address a speculative execution attack dubbed Foreshadow, came with a new licence agreement that explicitly forbid users from measuring and publishing performance results - taken by many as a sign that the Foreshadow patch, as with previous patches against the Spectre and Meltdown vulnerabilities, can have a serious impact on the performance of certain workloads.

The changes to the licence were first spotted by the Debian Linux distribution and publicly reported by The Register earlier this week, pointing to verbiage effectively preventing it from distributing the microcode update to its users. Following considerable backlash from industry names including Bruce Perens, Intel inevitably backed down - but has yet to explain why it attempted to prevent benchmarking in the first place.

'We have simplified the Intel license to make it easier to distribute CPU microcode updates,' explains Intel's Imad Sousou in a Twitter post. 'As an active member of the open source community, we continue to welcome all feedback and thank the community.'

Under the revised licence, users are not prevented from performing and publishing benchmarks whether to compare the performance of Intel processors pre- and post-patch or for any other reasons, while the verbiage to which Debian had taken exception has also been removed allowing the update to be distributed in the distribution's 'non-free' software repository.

The new licence can be read in full here.


Discuss this in the forums
YouTube logo
MSI MPG Velox 100R Chassis Review

October 14 2021 | 15:04