Spectre Variant One Mitigations Will Be Sent In For Linux 4.16

Retpolines and the CPU microcode updates have been for Spectre Variant Two while now a set of Linux kernel patches have been called for merging into -next for the upcoming Linux 4.16 kernel cycle.
Dan Williams of Intel has called for the collection of Spectre Variant One mitigations to be pulled. This includes a number of kernel changes outlined via this mailing list post.
Separately there is also a new Spectre v2 patch series under "request for comments" to use the new CPU microcode features for speculation control on Intel and AMD CPUs. The patches also allow for Indirect Branch Prediction Barrier (IBPB) for KVM guests.
Certainly it's been a busy month in the Linux security space and there still is more work to be done for fully addressing Spectre on all vulnerable CPUs.
27 Comments