Intel has made significant changes to the license for its latest CPU microcode updates after users complained that the previous version banned benchmarks and comparison tests.
Since January, when researchers disclosed the existence of the speculative execution vulnerabilities known as Spectre and Meltdown, Intel has released several rounds of microcode updates designed to prevent these and similar attacks.
The latest updates are designed to address three vulnerabilities tracked as Foreshadow or L1 Terminal Fault (L1TF). Microsoft and Linux distributions have begun distributing the microcode updates for these flaws, but some people noticed that the license file delivered with the updates prohibits benchmarking.
“Unless expressly permitted under the Agreement, You will not, and will not allow any third party to publish or provide any Software benchmark or comparison test results,” the license read.
The mitigations for speculative execution vulnerabilities have been known to have a significant impact on performance in some cases. In the case of the Foreshadow flaws, Intel and Microsoft said there should not be any performance degradation on consumer PCs and many data center workloads. However, some data center workloads may be slowed down.
Following complaints, Intel has decided to significantly simplify the license. It now only says that redistributions of the microcode updates must include a copyright notice and a disclaimer, Intel’s name cannot be used to endorse or support products derived from its software, and that reverse engineering or disassembly of its software are not permitted.
“We have simplified the Intel license to make it easier to distribute CPU microcode updates,” said Imad Sousou, corporate VP and GM of Intel’s Open Source Technology Center. “As an active member of the open source community, we continue to welcome all feedback and thank the community.”
