--- wikisrc/security/meltdown_spectre.mdwn	2018/04/05 08:46:42	1.22
+++ wikisrc/security/meltdown_spectre.mdwn	2018/04/08 09:01:37	1.23
@@ -26,10 +26,10 @@ riscv		|(Spec.)	|Not vulnerable	|		|		|
 
 [[!table data="""
 Port		|Vendor/Model	|Spectre (V2)	|NetBSD-7	|NetBSD-8	|NetBSD-current
-amd64		|Intel		|Vulnerable	|Not fixed	|Not fixed	|Fixed [MitigB]
-amd64		|AMD		|Vulnerable	|Not fixed	|Not fixed	|Fixed [MitigC]
+amd64		|Intel		|Vulnerable	|Not fixed	|Not fixed	|Fixed [MitigB] [MitigD]
+amd64		|AMD		|Vulnerable	|Not fixed	|Not fixed	|Fixed [MitigC] [MitigD]
 amd64		|VIA		|Unknown	|		|		|
-i386		|Intel		|Vulnerable	|Not fixed	|Not fixed	|Not fixed
+i386		|Intel		|Vulnerable	|Not fixed	|Not fixed	|Fixed [MitigD]
 i386		|AMD		|Vulnerable	|Not fixed	|Not fixed	|Fixed [MitigC]
 i386		|VIA		|Unknown	|		|		|
 mips		|MIPS P5600	|Vulnerable	|Not fixed	|Not fixed	|Not fixed
@@ -77,6 +77,11 @@ few AMD families. If the CPU supports th
 automatically. It can be dynamically disabled by changing the
 "machdep.spectre_v2.mitigated" sysctl.
 
+### Mitigation D: Retpoline
+
+SpectreV2 is mitigated in the kernel with the GCC "retpoline" compilation
+flag, which is enabled by default in GENERIC.
+
 ## External Resources
 
 * [MIPS Blog Post](https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/)