Spectre v2 is really complicated to deal with. Just read this
recent thread in the LKML
I'm impressed how well written those messages are.
Intel Skylake CPUs are particularly problematic. Those are most of the
"6th generation Core" processors and some of the "7th generation Core".
The indirect branch predictor is a big problem. The retpoline deals with
most cases. On Skylake, this predictor is used in another case: for
return instructions that cause underflow in the call/return predictor
That means that EVERY return instruction is suspect, and the cost of being
suspect is high. OK, if you can prove that the call/return predictor
stack has not underflowed, you can just do a return. But how?
The best fix is not on the table: it would be great if Intel could patch
microcode so that the return predictor did not fall back to the indirect
branch predictor. It sounds easy, but I infer that it is not technically
Talk Mailing List