Retpoline Patch to reduce Spectrum v2 slowdowns under Windows 10

Credit: Production Perig / ShutterstockAfter the Spectrum mitigation measures resulted in a relative slowdown of some processor microarchitectures and some workloads, Microsoft Windows engineers announced that they would implement Google's Retpoline mitigation for the Specter 2 variant ( CVE-2017-5715).

Spectrum V2 Patches

Google had been testing Retpoline on its own servers for months before the Specter bug was released because the company's Project Zero team was among the researchers who discovered that Specter already existed. However, Google has made Retpoline public only a day after the leak of the Specter bug. At that time, Microsoft and Intel, who had also learned the existence of the Specter bug a few months earlier, had already developed their own patch that mitigated the effects of Specter V2. However, you should receive the firmware update from your OEM or motherboard.

Another problem is that the Microsoft patch has a significantly greater impact on performance than Google's Retpoline. As such, Windows developers have begun working on an implementation of Retpoline mitigation for Windows 10.

The hotfix will not be available to Windows 10 users until the next major update of Windows 10 in the first half of 2019. Additionally, Microsoft will not pay for the Retpoline patch in previous versions of Windows, including older versions of Windows 10.

What does the Retpoline patch do?

Specter v2 is a "branch target injection" vulnerability that exploits the speculative execution behavior of the CPU to leak information that can be used by the code as part of an attack on a machine. host.

According to Google, Retpoline "sequences" are a software construct that isolates the indirect branches of speculative execution. This solution could be applied to protect sensitive binary files of an operating system or hypervisor implementation against branch target injections against their indirect branches.

The name Retpoline is a combination of the words "back" and "trampoline". Why trampoline, ask yourself? This is because when using return operations, any associated speculative execution will "bounce back" indefinitely.

In previous articles, Google had stated that the impact of Retpoline on performance was negligible. The Windows Core Developer Mehmet Iyigun also says on Twitter that the new patch will reduce the performance impact of Spectrum v2 attenuations to "noise level" in most scenarios.

In case this is not already clear, the Retpoline patch will not affect the other speculative runtime vulnerabilities revealed this year.