--- wikisrc/security/meltdown_spectre.mdwn 2018/04/05 08:46:42 1.22 +++ wikisrc/security/meltdown_spectre.mdwn 2018/04/08 09:01:37 1.23 @@ -26,10 +26,10 @@ riscv |(Spec.) |Not vulnerable | | | [[!table data=""" Port |Vendor/Model |Spectre (V2) |NetBSD-7 |NetBSD-8 |NetBSD-current -amd64 |Intel |Vulnerable |Not fixed |Not fixed |Fixed [MitigB] -amd64 |AMD |Vulnerable |Not fixed |Not fixed |Fixed [MitigC] +amd64 |Intel |Vulnerable |Not fixed |Not fixed |Fixed [MitigB] [MitigD] +amd64 |AMD |Vulnerable |Not fixed |Not fixed |Fixed [MitigC] [MitigD] amd64 |VIA |Unknown | | | -i386 |Intel |Vulnerable |Not fixed |Not fixed |Not fixed +i386 |Intel |Vulnerable |Not fixed |Not fixed |Fixed [MitigD] i386 |AMD |Vulnerable |Not fixed |Not fixed |Fixed [MitigC] i386 |VIA |Unknown | | | mips |MIPS P5600 |Vulnerable |Not fixed |Not fixed |Not fixed @@ -77,6 +77,11 @@ few AMD families. If the CPU supports th automatically. It can be dynamically disabled by changing the "machdep.spectre_v2.mitigated" sysctl. +### Mitigation D: Retpoline + +SpectreV2 is mitigated in the kernel with the GCC "retpoline" compilation +flag, which is enabled by default in GENERIC. + ## External Resources * [MIPS Blog Post](https://www.mips.com/blog/mips-response-on-speculative-execution-and-side-channel-vulnerabilities/)