[German]Surprise in Windows 10 Insider Preview 19H1: The kernel contains the Retpoline technology to protect it from Spectre V2 attack. This is to minimize the power loss caused by this protection.
Background information about Retpoline
At the beginning of the year, the attack methods Spectre and Meltdown, which work at the CPU level, became publicly known. As a result, Intel and Microsoft released a number of Meltdown and Spectre Microcode patches. An unwelcome side effect: Some patches caused massive performance losses in the systems.
On the other hand, Google software developers had the idea to mitigate speculative side channel attacks for Spectre (and Meltdown) using special code constructs. The technique is called Retpoline and was described in this Google document. Google used the Retpoline technique to patch its own servers for the cloud.
Microsoft is using Retpoline
Now security researcher Alex Ionescu noticed while testing the current Insider Preview for Windows 10 19H1 that Retpoline is activated in the kernel. He reported this in a tweet, answered by Mehmet Iyigun.
Yes, we have enabled retpoline by default in our 19H1 flights along with what we call "import optimization" to further reduce perf impact due to indirect calls in kernel-mode. Combined, these reduce the perf impact of Spectre v2 mitigations to noise-level for most scenarios. https://t.co/CPlYeryV9K
— Mehmet Iyigun (@mamyun) 18. Oktober 2018
In his tests, he recognized greatly improve performance of the new kernel in file system benchmarks on a Surface Pro 4. Mehmet Iyigun (@mamyun) from the Windows/Azure Kernel Team then confirmed on Twitter that Retpoline had been enabled by default in the Windows 10 development branch 19H1 (to be the spring update in 2019).
At Microsoft, this is combined with a technique called 'Import Optimization'. The developers aim to minimize the performance losses caused by indirect calls to kernel mode functions. The combination of these techniques reduce the performance losses caused by Spectre V2 protection to noise-level. (via)
Cookies helps to fund this blog: Cookie settings