Retpoline v5 Published For Fending Off Spectre Branch Target Injection

Written by Michael Larabel in Linux Security on 6 January 2018 at 08:25 AM EST. 23 Comments
David Woodhouse of Amazon has sent out the latest quickly-revising patches for introducing the "Retpoline" functionality to the Linux kernel for mitigating the Spectre "variant 2" attack.

Retpoline v5 is the latest as of Saturday morning as the ongoing effort for avoiding speculative indirect calls within the Linux kernel for preventing a branch target injection style attack. These 200+ lines of kernel code paired with the GCC Retpoline patches are able to address vulnerable indirect branches in the Linux kernel.

The Retpoline approach is said to only have up to a ~1.5% performance hit when patched... I hope this weekend to get around to trying these kernel and GCC patches on some of my systems for looking at the performance impact in our commonly benchmarked workloads. The Retpoline work is separate from the KPTI page table isolation work for addressing the Intel CPU Meltdown issue.

With the fifth version of these patches, some warnings have been taken care of, the X86_FEATURE_RETPOLINE logic improved, and the AMD support for Retpoline has been merged into the main patches rather than having its own patch. Of Variant Two, AMD's security notice did say that their architecture has "near zero risk of exploitation" but looks like it will be protected nevertheless by the Retpoline patches with nominal performance overhead.

These latest patches for now can be found on the kernel mailing list while should be merged to the mainline tree for Linux 4.16. There is also the GCC patch tree and the patches can be obtained as well via linux-retpoline.git. Stay tuned for benchmarks.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week