Intel's Mystery Linux Muckabout is a Dangerous Ploy at a Dangerous Time

Open source is no place for secrets. From a report: This is a critical time for the Good Chip Intel. After the vessel driftied through the Straits of Lateness towards the Rocks of Irrelevance, Captain Pat parachuted into the bridge to grab the helm and bark "Full steam ahead!" Its first berth at Alder Lake is generally seen as a return to competitive form, but that design started well before Gelsinger's return and there's still zero room for navigational errors in the expeditions ahead. At least one of the course corrections looks a bit rum. Intel has long realised the importance of supporting open source to keep its chips dancing with Linux. Unlike the halcyon days of Wintel dominance, though, this means being somewhat more open about the down-and-dirty details of exactly how its chips do their thing. You can't sign an NDA with the Linux kernel.

Chipmakers are notoriously paranoid: Silicon Valley was born in intrigue and suspicion. Despite Intel's iconic CEO Andy Grove making paranoia a corporate mantra, Intel became relatively relaxed. Qualcomm and Apple would throw you into their piranha pools merely for asking questions if they could, while Intel has learned to give as well as take. But it may be going back to bad habits. One of the new things not open to discussion is something called Software Defined Silicon (SDSi), about which Intel has nothing to say. Which is odd because it has just submitted supporting code for it to the Linux kernel. The code itself doesn't say anything about SDSi, instead adding a mechanism to control whatever it is via some authorised secure token. It basically unlocks hardware features when the right licence is applied. That's not new. Higher performance or extra features in electronic test equipment often comes present but disabled on the base models, and the punter can pay to play later. But what might it mean in SDSi and the Intel architecture?

It is expensive for Intel and OEMs alike to have multiple physical variants of anything; much better if you make one thing that does everything and charge for unlocking it. It's a variant of a trick discovered by hackish school kids in the late 1970s, where cheaper Casio scientific calculators used exactly the same hardware as the more expensive model. Casio just didn't print all the functions on the keyboards of the pleb kit. Future Intel chips will doubtless have cores and cache disabled until magic numbers appear, and with the SoC future beckoning that can extend to all manner of IO, acceleration, and co-processing features. It might even be there already. From engineering, marketing, and revenue perspectives, this is great. Intel could make an M1-like SoC that can be configured on the fly for different platforms, getting the design, performance, and fab efficiencies that Apple enjoys while making sense for multiple OEMs. There could be further revenue from software upgrades, or even subscription models.

Holy shit has El Reg gotten more incoherent...

[Anonymous Coward]

Here is the Phoronix story on it from a few months back...
https://www.phoronix.com/scan.... [phoronix.com]

In short, the twats at the Reg have an issue with a driver that allows for uploading a license key to the CPU to unlock features.

Re:Holy shit has El Reg gotten more incoherent...

[AmiMoJo]

It's very similar to the old Raspberry Pi. You could buy a licence to enable MPEG decoding on the GPU. With the key the GPU firmware would unlock the feature. Linux had support for sending they key.

By the way, software defined silicon is just a new way of saying it has a small FPGA core in it.

Re: Holy shit has El Reg gotten more incoherent...

[Z00L00K]

And I wonder how long it will take before someone is able to enable that independent of Intel.

Re:

[arglebargle_xiv]

Beat me to it. And since you can buy full-blown Altera... ah, sorry, Intel, what was I thinking there, FPGAs that leave whatever Intel have put on-die for dead, it seems more likely it's a PR-control feature to make sure everyone doesn't rush in and faff around with it and then declare it to be rubbish because it's not a full-blown FPGA. You absolutely know this is going to happen, first thing someone will do is compare it to a Virtex-7 and pronounce it to be crap, and then Intel have a PR nightmare on th

Re:

[AmiMoJo]

There are advantages to having an FPGA on the same die as the CPU, it can share a lot of resources and use the CPU for flow control without implementing a soft ARM core etc. AMD are working on the same thing.

They will come out with some impressive benchmarks for specific tasks like encoding, machine learning or image processing. Then crypto miners will get hold of it.

Re:

[chainsaw1]

Yes, but Intel tried this with integrated graphics and kept delivering half-assed solutions until at one point that actually made a few with built in Radeons.

I'm guessing this is their half-assed attempt to accelerate some functions by coding software functions in the FPGA--until AMD teams with Xilinx for a multi core dynamically reprogrammable FPGA and demos it using the FPGA to compress and encrypy/decrypt then changes the cipher and begins video decoding without stopping the compression stream. Intel t

Re:

[dogsbreath]

The Reg "twats" have always leaned heavily to skeptical sarcasm about any subject. Nothing personal; they don't like anything but they love colourful headlines. Making sense not required. Could be newborn babes or Mother Theresa, no matter: Reg would rip them.

Re: Holy shit has El Reg gotten more incoherent...

[samwichse]

That summary read like it was generated by an AI trained on high school essays written to fill a word count.

Re:

[Aighearach]

Yeah, all I can gather from it is that a paranoid British person somehow thinks Intel was once a responsible corporate actor, and now they're scared because something (they don't know what it is) requires a license to activate, and has Linux support.

Probably some sort of FPGA-like integration for Xeon processors. It's perfectly normal that you might need a license for individual circuits that you're deploying.

Re:

[bsmith0]

El Reg has always had morons for writters. They're about the same level as anything written for ZDNet properties.

Here comes the subscription business model

[RogueWarrior65]

I'm convinced that some asshar at Harvard Business School decided to teach subscription business models about 15 years ago and now we're seeing them everywhere. I wouldn't be surprised if Intel has figured out a way to employ that in the actual processor.

Re:

[Anonymous Coward]

IBM has been doing this for DECADES! This isn't new at ALL.

Re:

[splutty]

You've obviously never worked with mid-range and high-end server software and hardware.

It's been standard pretty much since ENIAC.

Re:

[JBeretta]

You've obviously never worked with mid-range and high-end server software and hardware.

It's been standard pretty much since ENIAC.

Indeed. Higher end microwave gear (Cambium, DragonWave, etc) often require additional expenditures to unlock features. For a while Cambium gear would only operate at 50 mbps unless you forked out about $500 per radio (If memory serves, cut me some slack on the amount) which would then unlock the full 200 mbps potential of the hardware.

Re:

[theskipper]

Not sure what its data rate is, but my GE unit didn't have any feature restrictions out of the box. Just toss the bowl of oatmeal or whatever in there and press the start button. You may want to look into switching vendors.

Re:

[chill]

I remember IBM doing this with the AS/400 back in the late 1980s, which is approaching 40 years ago now. (Ugh.) It was probably old back then, but IBM made bucketfulls of money with the hardware subscription model.

Re:

[Ed Avis]

Yes, and IBM can do it because IBM has a monopoly in AS/400 compatible systems. In a fully competitive chip market there wouldn't be any room for this crippling. After all if you can sell a crippled chip for $100 and still make a profit, any competitor can sell an equally good chip for the same price and not cripple it. It starts to become a worthwhile business model as you get closer to a monopoly. I can imagine a tacit agreement between Intel and AMD that they're both going to market their chips like

Re:

[chill]

I think with the rise of ARM and the upcoming rise of RISC-V, the x86 boys are going to find it harder than they think.

Not seeing the contradiction.

[fuzzyfuzzyfungus]

Obviously, Intel doesnâ(TM)t want to talk about âsoftware defined siliconâ(TM) because it doesnâ(TM)t mean some cool FPGA thing, it means crippling parts unless you pay up.

That said, itâ(TM)s not clear why that would cause any issues for the level of openness implied by mainline kernel support: all you need for unlock keys is some keying material stored on the chip(so that keys can be unique per chip, to avoid MitM attacks on the authorization process) plus a prosaic little low speed bus to do the negotiating over and advertise what features are available.

Basically the same things a smart card or SIM/UCCID reader needs; and those are utterly boring and not exactly compromised by having kernel support. All the secrets that matter are on the die and probably cryptographic. Why would Intel mess around with some stupid security-through-obscurity nonsense that will get cracked and widely distributed when per-CPU key pairs are vastly simpler?

Re:

[Luckyo]

Because it's probably not going to get cracked in any relevant time scale. If ever.

Reads like an opinion piece

[loufoque]

How about mods do their job and ensure submissions pass the standaed for basic journalism?

Re:

[greytree]

I concur.
I started reading hoping to find some news, and gave up after the third large paragraph.

Editors: EDIT FFS !

That's because it is

[Editorial Failure]

Don't try to read the "summaries" here, they're not summaries.

In this case the unhinged-sounding prose and el reg link said it was probably an opinion piece.

Turns out, indeed it was... and clearly marked as such on el reg. But not here.

Why not here? Because these editors are not even trying to serve the readership. The readership shall damn well do as it's told.

Re:

[thegarbz]

Because it is an opinion piece.

Fuck Intel

[rpnx]

Buy AMD. Will boycott Intel if they go back to their old ways of not being open.

Re:

[Anonymous Coward]

They are open, all the stuff they are contributing to the Linux kernel is open source, even all their new GPU drivers are open source. Intel was also the first to provide an open source vulkan driver for Linux. AMD has provided one as well but it's WAY behind the community one. This is no different to the mpeg encoder unlocking that you could do with the Raspberry Pi.

Im not sure what you're saying is not "open" here in comparison to AMD.

Re:

[DamnOregonian]

Openness isn't Intel's problem. They've constantly led the industry in open-source.
Intel's problem was constantly slapping new clothes and prices on languishing technology, and using anti-competitive practices to stifle the smackdown they deserved for the beforementioned practices.

That said, Alder Lake is now the best performing architecture shipping on the planet (though not power-wise)
Zen3's crown was short-lived. Perhaps they'll become competitive in the power-domain. Perhaps not. Either way, this ar

Re:

[DamnOregonian]

Mmh, the smell of butthurt incel.

Re:

[DamnOregonian]

A basement dweller threatening via keyboard anonymously. So scary. No, really. I bet you're so big, strong, and masculine.
Incels gonna incel.

Re:

[DamnOregonian]

Does your mommy know you skipped school again, today?

License in microcode...

[Anonymous Coward]

If the "secret key" is in the silicon, then once it's hacked everyone feasts. Not a good idea.
If the secret key is burned in after silicon, that means it can be changed (unless it's done via fuses). Now Intel has a zillion keycodes to keep track of (with a serial number on each chip) for a rather long time. Again, not a good idea.
If the secret key is in the microcode/flash area, again, that can be ferreted out/changed.
If it, in any way, can be used to install some sort of spyware/hack on the chip, Intel

Re:

[tomz16]

You almost had it, except you kind of missed the entire asymmetric part of public-key cryptography.... Imagine this: the root (private) key is in a cold storage secure vault somewhere at Intel HQ. It comes out to see daylight *maybe* once per product launch and *maybe* never if you just use an intermediate. The product-specific signing key (private, and blessed by that pki chain) is at the intel commerce backend (behind some really barebones "please sign this request" api) which is what actually chooc

This kind of marketting makes me want to puke

[dargaud]

I know IBM, SGI and a few others have been doing it for years, but I swear I'll make sure my employers never by any of this shit strategy, ever. If the chip has the hardware capability, you already paid for it and you ought to be able to use it. Having to pay extra afterwards to unlock some of it is some Harvard business grad wet dream I want no part of. Any attempt at justifying it is dishonest at best.

Re:

[bws111]

The only way you can come to the conclusion 'you already paid for it' is if you are daft enough to think that the BOM cost is the only cost involved. And with things like high-end processors, that isn't remotely true. Suppose you spend $100M developing a new processor core, and over the life of the product you expect to sell 1 million cores. You have a development cost of $100/core. To lower manufacturing costs, you just build 8 core chips. Now you, as a customer, only require 4 cores. Would you rath

Re:

[jabuzz]

Thing is you could just put a bunch of one time programmable fuses on the chip and program it the once as it comes off the production line.

Re:

[bws111]

You can do that, but I have no idea why any customer would prefer that. That means if your workload increases and now you need more cores you get to buy a whole new chip, paying the development cost again for the number of cores you already had, plus the new cores, plus the BOM cost again. Of course, super geniuses like the OP might prefer that.

Re:This kind of marketting makes me want to puke

[bill_mcgonigle]

> To lower manufacturing costs, you just build 8 core chips.

That entire argument hinges on this assumption.

If Intel is getting close to 100% yields then they have a major breakthrough.

Usually a 4-core is a binned 6- or 8-core because yields just aren't that good.

Re:

[bws111]

No, it doesn't hinge on that assumption. Down binning is independent of this. They are still manufacturing 8 core chips, some just don't work (and can't be activated later). If you want to buy a down binned chip that has no possibility of being upgraded you can still do that. This discussion is about not enabling cores that work.

Re:

[thegarbz]

If the chip has the hardware capability, you already paid for it

Did you? I thought you bought something with a specific feature set. Did they advertise the full set of supported hardware to you when you paid? No they didn't.

Your position is stupid and self defeating. There are very real cost benefits which do actually trickle down to you through manufacturers which do standardise on hardware platforms.

Re:

[dargaud]

No. It's even worse than that. You actually pay extra for the onboard security part that goes into the verification process (hey, there's research and engineering in that!) and for the admin team that handles the licensing. Just look at the companies that do this kind of shit , they're either gone or struggling (SGI, IBM...)

Re:

[bws111]

You really aren't too bright, are you? OK, let's look at a few scenarios:

You have two datacenters, each running their own workload normally, but can back up the other datacenter in an emergency. This requires each datacenter to have twice the capacity normally required. Sane people: I will purchase excess hardware with most of it inactivated, and only pay to activate it i(rent it) n an emergency. You: I will only purchase hardware with no activation, therefore I will pay the full price now, even thou

Re:

[thegarbz]

Just look at the companies that do this kind of shit , they're either gone or struggling (SGI, IBM...)

Yeah just like Tesla is gone and struggling. Or Keysight. Or providers of high end test gear. Or NVIDIA and ATI. Samsung does it too.

I think you're completely ignorant as to just how many companies take this approach and just how much cost saving there is in economies of scale. Hell forget economies of scale, eliminating a production line change alone more than pays for the "added costs" you complain about. It's a stupid compliant. You're directly benefitting from reduced construction costs while getting no

Re:

[bws111]

I don't think I'll ever understand people like the OP, who make purchasing decisions based not on what THEY get from the deal, but on what the OTHER guy gets.

Lets look at a hypothetical case where the BOM cost is $100/chip, and there is a $100/core cost for development, etc. According to these geniuses:

8-core chip, all good cores - $900 - fair
8-core chip, downbinned (either because of yield problems, or intentionally blowing fuses or something) to 4 cores - $500 - fair
8-core chip, only 4 cores activated -

Re:

[gnasher719]

One restaurant near me always had an "early bird" offer where the same food was cheaper if you ordered from 4pm to 5:30pm or something like that. It maximises profits, because people who are tight or don't have much cash can eat there earlier. These people wouldn't eat at the higher price.

So according to you that is a business practice that you would never support? Stores selling clothing shouldn't ever have sales?

You don't pay for the silicon. You pay for the features. So your cheaper chip with fewer

Oh please

[Opportunist]

Could we have a little bit less creative writing 101 in our content?

Then reject it.

[Gravis Zero]

If you don't know how the code actually functions then simply reject the code until it's made clear. Frankly, Intel can fuck right off because they have been operating in bad faith since the very beginning. The fact that it may bite them in the ass is no reason to make any exceptions for them.

Processor-As-A-Service

[blessedvirtue]

Are they going to charge a monthly subscription fee?

big step there

[zeiche]

going from “we don’t know what it is” to “there may be a subscription model ahead” is a HUGE step. maybe stick to writing about stuff that is known?

Re:

[sjames]

You missed the step in the middle where they have already submitted code to drive "activation" of hardware based on license keys. In other words, a nickel and dime scheme. It's not much of a jump to expect in this era of rent seeking that any such scheme sooner or later devolves into a subscription model.

Nothing new

[rleibman]

Back in the 486 days, IIRC you could get a math co-processor (a 487). Both chips were identical, only one had the math coprocessor disabled. The moment you put the coprocessor in it's socket, the main processor would be disabled and only the co-processor was active.

Re:

[Bert64]

They were trying to cling to the older model used for the 386 and earlier, where the FPU was a separate chip.
Usually the chips with FPU disabled were ones where the FPU was faulty due to imperfections in the manufacturing process, so disabling part of the chip allows them to sell it as a cheaper model instead of wasting it entirely. Motorola did the same thing too, and chip manufacturers are still doing it today - processors today will have a faulty core disabled and be sold as a model with fewer cores.
Ther

Re: Nothing new

[Type44Q]

Back in the 486 days, IIRC you could get a math co-processor (a 487).

You're thinking of a 387; the 80486DX had the co-processor built-in. When you added the overdrive chip, it merely disabled the 486SX and replaced it.

Re:

[mcswell]

You're right: https://www.cpu-world.com/CPUs... [cpu-world.com], although I'm not clear whether the 486 actually had any math coprocessor. But certainly when the 80487 was installed on a motherboard, the 80486 was disabled.

Probably completely useless curiosity...

[Surak_Prime]

...at this point, but I wonder: Could you get an 80487 to work this way without even having the now useless 486?

"Open source is no place for secrets"?

[93 Escort Wagon]

Okay, everybody post your private keys in this thread, now!

Re:

[i.r.id10t]

Hahah, except this is more like "ok, everyone post the code their ssh client or daemon uses when doing keypair authentication"

Can Use the DMCA to lock in windows only booting?

[Joe_Dragon]

Can Use the DMCA to lock in windows only booting? On some chips? Use the DMCA to remove MB bios builds that may bypass Intel locks?
Lock out linux from just bypassing intel pay to unlock hardware stuff that with the same chip works in windows?

AMD can really pick up if intel does raid keys for

[Joe_Dragon]

AMD can really pick up if intel does raid keys for cpus and it can be like $1999 for an CPU key that is an little board you plug into an pin header on the MB.

It can't really be an software only key??

Re:

[Aighearach]

Hilariously, this is likely for sub-processors to accelerate specific tasks like machine learning, to compete with the offering from AMD.

Notice that both companies recently acquired FPGA companies...

The theory that Intel competing by copying AMD will drive customers to AMD is funny. But the thing that is constraining AMD's data center market share growth is their production capabilities, since they're fabless. They're eating up 100% of the market share that they can supply. So nothing Intel does can drive c

Re:

[Aighearach]

You're seeing retail packaged processors available because they're really high priced and the retailers are only selling a few.

Before buying AMD stock a few months ago, I spent a bunch of time analyzing their supply chain. You can blah blah, but I've already done the research. They make sure to sell a few to each retailer to keep consumer interest in the lower priced CPUs firm. (see also: price differentiation) But it doesn't mean that supply is unconstrained. It just means it is a managed supply chain. And

Will the EU let the upgrade be lost on resale and

[Joe_Dragon]

Will the EU let the upgrade be lost on resale and other BS so they can get paid 2-4 times for the same chip. You want to run vm's on there no you need to buy the Higher cost upgrade or maybe pay per VM. Upgraded to much other hardware you need to do an windows XP like reactivation

That summary

[Powercntrl]

To borrow a line from one of my favorite episodes of Auto-Tune the News [youtube.com]:

Am I wasted or did that really transpire? So many metaphors my brain is on fire.

Compared with M1

[gnasher719]

If you look at the pictures of M1, M1 Pro, and M1 Max there is no way that you could save money by shipping an M1 Pro with the "Pro" features disable, turning it into an M1.

What Apple _does_ is binning, and processors that don't have all cores working will be binned as slightly cheaper chips (6 vs. 8 performance cores, 7 vs 8 or 14 vs 16 GPU cores).

Licensed features or software-defined silicon

[HotNeedleOfInquiry]

The article goes on about, presumably, unlocking features that are hard-defined in the chip. That's probably not what Intel is thinking when they say "software-defined silicon". Intel is big in FPGA's (field programmable gate arrays). What I think they might mean is an FPGA hung on the side of the CPU and it's function defined by field-loadable code generated by an HDL language. Imagine being able to design a very specialized image tracker or audio processor, generate the code for an FPGA tightly integr

Re:

[JustNiz]

...and lets not forget how much the NSA is gonna love this.

Fob to Frob

[cstacy]

So you're saying I won't be able to reboot my computer remotely unless I pay a subscription fee?

More DRM in Linux

[vbdasc]

More DRM (not Direct Rendering Manager) in Linux, yay! I bet RMS is gonna like this.

Done since Mainframe Days

[herbierobinson]

At least one of the large mainframe vendors used to do this with jumpers. It only worked until the laid off the techs who installed the "upgrade". The tech promptly went into business selling the upgrade for half price (we are talking the equivalent of a year's salary...).

Bad (crummy) Article

[snstrk]

I don't have cable. Do I want to pay for decoders on my netbook? No. Author! You call ME a cheapskate? F-You! Your article needed some footnotes, some proofs. It reads like a communist propaganda piece from the twenties. (19-twenties) I propose a new title for your crummy propaganda, "Confused about FPGA". Andrew