Your Intel x86 CPU is Deeply Flawed (Meltdown/Spectre)
Thanks to @Infinity for sharing this...
"The fix is to separate the kernel's memory completely from user processes using what's called Kernel Page Table Isolation, or KPTI.
"The downside to this separation is that it is relatively expensive, time wise, to keep switching between two separate address spaces for every system call and for every interrupt from the hardware. These context switches do not happen instantly, and they force the processor to dump cached data and reload information from memory. This increases the kernel's overhead, and slows down the computer. Your Intel-powered machine will run slower as a result."
tl;dr you're going to get patched and will be trading up to 30% of your CPU performance in exchange for protection from a security flaw.
Not saying that's not the right choice, but I see rebellion and forks coming...you know, the "speed is critical, we won't upgrade past Linux 4.14..." crowd, or the "we're building a mining rig, so we want to use Dark Chester's non-isolation patches" tutorial people.
@WSS I think this is the equivalent of the introduction of the catalytic convertor. Shade tree coders?