Announcement

Collapse
No announcement yet.

Retpoline Is Still Being Improved Upon For Intel Skylake/Kabylake

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Retpoline Is Still Being Improved Upon For Intel Skylake/Kabylake

    Phoronix: Retpoline Is Still Being Improved Upon For Intel Skylake/Kabylake

    While initial support for Retpoline was merged into the Linux 4.15 Git kernel last week and is now being backported to some supported Linux kernel series, there is still additional work ongoing for properly mitigating Spectre v2 on Intel Skylake CPUs and newer...

    http://www.phoronix.com/scan.php?pag...LINE_UNDERFLOW

  • #2
    After a certain point, you need hardware changes ... impossible to guarantee all holes are closed via software methods.

    Comment


    • #3
      Originally posted by InsideJob View Post
      I'm really not too worried about it at this point.
      You should still be worried about what still lurks undiscovered.

      It seems to me that Intel in particular has a tendency to favour raw performance at the detriment of any other problems that their optimizations tricks would do, some time bordering on dangerous.


      Comment


      • #4
        Originally posted by InsideJob View Post
        Actually, Skylake (which I own) and newer already have the facility built-in, it's called Indirect Branch Restricted Speculation. I read somewhere they're making that the default on newer Intel chips but can't find the article now... was from a Red Hat engineer guy. You still need compiler changes for variant #1 though, which is actually really hard to exploit and I'm not aware of any cracks in the wild that use it. Anywho, it appears that with the new microcode and a properly patched kernel that defaults to IBRS I'm already "immune" to two out of three of them -- KPTI takes care of variant #3 BTW.

        I'm really not too worried about it at this point.
        The question isn't really whether they can be made safe, but at what (hardware/perf/power use) cost this safety comes.

        Comment

        Working...
        X