Linus Torvalds has implemented a small security tweak in the Linux OS’s source code to improve multithreaded performance. The tweak, x86/uaccess:Avoid barrier_nospec() in 64-bit copy_from_user(), targets Meltdown and Spectre attacks. It speeds up the OS by 2.6 percent.
The tweak changes the use of barrier_nospec() API to prevent speculative execution, a modern CPU feature that predicts programming code before it’s called. This prediction can create security risks if not handled properly.
Red Hat specialist Josh Poimboeuf previously addressed this issue with his code, but Torvalds’ rewrite is faster and more efficient. His tweak uses pointer masking to avoid blocking speculative execution while handling invalid addresses securely.
The result is a performance improvement without compromising security, making it beneficial for Linux systems that require high performance and robust security, such as web servers. Few experts have the depth of knowledge required to achieve such gains, underscoring Torvalds’ expertise in optimizing Linux for both speed and security.
Source: https://www.techzine.eu/news/devops/126029/small-security-tweak-torvalds-improves-linux-performance