Windows 10 2019 Will Reduce Performance Hits Caused by Spectre Mitigations to “Noise-Level”
Microsoft is currently pushing out new Preview Builds from Windows 10 2019 edition to Insiders in Skip Ahead and Fast Ring. Along with other improvements and features, it looks like the next version of the desktop operating system carries a mitigation for the Spectre v2 speculative execution side-channel attack that will stop the machines from slowing down.
When the companies hustled to address Spectre and Meltdown vulnerabilities, one of the major concerns was the reduced performance of the PCs. Mitigation, in some tests, showed a severe impact on performance that could go from 5% to 30%. Intel's microcode mitigations for Spectre variant 2, tracked as CVE- 2017-5715, were specifically of concern as they change how hardware speculatively executes.
However, Google's cloud systems suffered little to no impact as the company engineers developed a software-based mitigation for Variant 2 known as Retpoline that offers near to no impact on performance.
"Retpoline as a mitigation strategy swaps indirect branches for returns, to avoid using predictions which come from the BTB, as they can be poisoned by an attacker.
The problem with Skylake+ is that an RSB underflow falls back to using a BTB prediction, which allows the attacker to take control of speculation." - LKML
It appears that the Windows maker is now planning to take a similar approach with Windows 10 19H1. According to reports (first spotted by MSPU), the Redmond tech giant will "enable Retpoline by default" starting from the next feature update that will be released to Windows 10. This change was first reported by Insiders who are currently testing the Windows 10 19H1 builds.
Windows Kernel team's Mehmet Iyigun later confirmed this change, suggesting that Windows 10 2019 will be able to reduce performance impact caused by Spectre v2 mitigations to "noise-level."
Yes, we have enabled retpoline by default in our 19H1 flights along with what we call "import optimization" to further reduce perf impact due to indirect calls in kernel-mode. Combined, these reduce the perf impact of Spectre v2 mitigations to noise-level for most scenarios. https://t.co/CPlYeryV9K
— Mehmet Iyigun (@mamyun) October 18, 2018
Retpoline has already been implemented by Linux distributions, including Red Hat and SUSE. It appears that Microsoft could have implemented this with Windows 10 October 2018 Update. "It's possible to enable retpoline on stock RS5 since the necessary binary metadata is present in the binaries," Windows' Iyigun added. "However, we also have made a few fixes and perf improvements after RS5 forked, so it's better as a complete package..."