Intel and AMD developers fixed a major issue in the Linux 6.13 release, an issue that was caused by a bad commit from a Microsoft developer.

A Microsoft developer submitted code months ago that was designed to improve performance by changing how CPUs cache executable pages. The code was designed to use large read-only execute (ROX) pages instead of the current method.

Unfortunately, the code interfered with Control Clow Integrity (CFI), an anti-malware feature that is critical to maintaining Linux security.

Intel engineer Peter Zijlstra submitted a commit that that rolled back the code. He acknowledged the Microsoft developer has been working to fix the issue, but felt time had run out in order to finalize work on 6.13.

The whole module_writable_address() nonsense made a giant mess of alternative.c, not to mention it still contains bugs — notable some of the CFI variants crash and burn.

Mike has been working on patches to clean all this up again, but given the current state of things, this stuff just isn’t ready.

Disable for now, lets try again next cycle.

While increased performance is a worthwhile goal, Zijlstra made the right call in rolling back the change. Performance should not come at the expense of security, which is exactly what would have happened if this patch had slipped through.