Some insights <https://www.theregister.co.uk/2019/12/10/linux_kernel_aws/> into the different priorities often faced by different groups faced with the same problem. Linux kernel developer Greg Kroah-Hartman says to avoid most of these “MDS” (“Microarchitectural Data Sampling”) vulnerabilities, you must turn off Intel’s hyperthreading, full stop. Amazon, on the other hand, find that the resulting 30-40% performance loss is unacceptable for many of their customers. So they have come up with a tweaked scheduler algorithm for their Linux kernels that avoids running two different guests on the same physical core at the same time. With this and other careful management, they claim to be able to keep their customers safe from each other, with much less dramatic performance impact. But then you have the downside that the mainline kernel is not interested in accepting patches with such narrow applicability. Of course Amazon would like to come up with something they will accept, just to reduce their own maintenance burden.