Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
×
Windows Google Microsoft

Windows 10 Will Banish Spectre Slowdowns With Google's Retpoline Patch (zdnet.com) 61

Microsoft is including Google's mitigation for the Spectre Variant 2 speculative execution side-channel attack in the next release of Windows 10, currently codenamed 19H1. ZDNet reports: Google developed a software-based mitigation for Spectre Variant 2 called Retpoline that constrains speculative execution behavior sufficiently to mitigate an attack. Google's testing found its fix had a negligible effect on performance. Retpoline was implemented by Linux distributions such as Red Hat and SUSE, as well as by Oracle for Oracle Linux 6 and 7. And now, as MSPoweruser spotted, Microsoft's kernel engineers have confirmed that Retpoline will be part of the next version of Windows 10, 19H1, which is due out next year. Google's Retpoline plus Microsoft's own kernel modifications have reduced the performance impact to "noise level", according to Mehmet Iyigun of Microsoft's Windows and Azure kernel team. "Yes, we have enabled Retpoline by default in our 19H1 flights along with what we call 'import optimization' to further reduce perf impact due to indirect calls in kernel-mode. Combined, these reduce the perf impact of Spectre v2 mitigations to noise-level for most scenarios," wrote Iyigun.

"The bad news is that Microsoft didn't include the Retpoline fix in the latest Windows 10 October 2018 Update Redstone 5, or RS5, release, even though, according to CrowdStrike researcher Alex Ionescu, it could have," reports ZDNet.
This discussion has been archived. No new comments can be posted.

Windows 10 Will Banish Spectre Slowdowns With Google's Retpoline Patch

Comments Filter:
  • by Alain Williams ( 2972 ) <addw@phcomp.co.uk> on Sunday October 21, 2018 @01:33PM (#57513824) Homepage

    Linux vendors had patches out in March!

    • by Anonymous Coward

      Windows 7 is why

      To address it in win7 all systems need a BIOS newer than may 2018

      Unfortunately only HP, Dell and Apple update their BIOS after 2 years due to enterprise demands. You are SOL if you have anything else and this have to rely on software to migitate the bugs.

    • by p0p0 ( 1841106 )
      Microsoft has tried adding it in but when they test Windows Update, it just deletes the patch from the filesystem!
  • The great news? The highly unlikely possibility that you will fall victim to a speculative execution based attack has been addressed. The horrible news? It was implemented by the same company that can't guarantee your files won't be randomly deleted by the greatest security threat known in modern times, to wit Microsoft. I'm sure it's been well tested and there will be no problems though. Even Microsoft has to get it right occasionally, amirite?
  • Oh, we gave you a patch that will slow down your machine because of Spectre.
    Did we mention we're getting a much better patch now? You have to update to 10 to get it, though.

  • by complete loony ( 663508 ) <Jeremy.Lakeman@nOSpaM.gmail.com> on Sunday October 21, 2018 @07:00PM (#57514882)

    The retpoline hack is a deliberate stack smash, to execute an indirect jump that the CPU will not speculate. Since the CPU cannot speculate it, execution *must* be slower than code from before spectre was discovered. But it does mean you can turn off *really* slow CPU mitigations.

    The real trick is avoiding the need for retpoline in the first place. Make sure that indirect jumps have shortcuts for commonly executed branches that aren't affected by Spectre.

    BTW, I watched a great talk about spectre [youtube.com], for application developers, by a clang compiler engineer who was involved in the research on spectre.

  • How about the patch where it really matters: on servers? Will this patch be available on Server 2016? Server 2019? 2012 R2? (OK, not really expecting it on 2012 R2 or earlier, but one can hope.)

    Server 2016 and Windows 10 share (or at least used to share) a lot of the same codebase, so one would think Server 2016 could be patched here fairly easily.

    And that this won't happen until the next Windows 10 release (probably April 2019)? Absolutely ridiculous. Get it out. NOW.

  • [from TFS] "The bad news is that Microsoft didn't include the Retpoline fix in the latest Windows 10 October 2018 Update Redstone 5, or RS5, release, even though, according to CrowdStrike researcher Alex Ionescu, it could have," reports ZDNet.

    Not such bad news in light of 1809's data-losing file system bugs. I'd like to see something like this much more thoroughly tested, given the grave security implications.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...