Exploration for Software Mitigation to Spectre Attacks of Poisoning Indirect Branches

ABSTRACTSpeculative execution and branch prediction are techniques that are widely used in modern superscalar processors to exploit instruction-level parallelism. Recently, researchers have discovered a new kind of attacks named Spectre which exploits speculation mechanisms with a side channel. Since speculation is widely used in modern superscalar processors, these vulnerabilities are found in many popular processors. Exploiting the security vulnerabilities, the attacker can leak the host memory from inside a KVM guest. While the hardware providers are trying to fix the issues from the microarchitecture designs in the next generation of their products, software mitigation are always desirable. Retpoline is a pure software fix developed by Google and is claimed to have a negligible impact on performance. In this paper, we look into the details of Retpoline and evaluate it with various workloads. We found that Retpoline does have impact on performance to the existing software but varies depending on how ap...