Windows 10 19H1 Update Will Eradicate Spectre Performance Woes With Google Retpoline Patch

meltdown spectre
Ever since the Meltdown and Spectre were disclosed earlier this year, the issues surrounding the speculative execution exploits has been multi-pronged. On the one hand, there are concerns that nefarious parties taking advantage of the exploits to compromise unpatched systems. In addition, there have been concerns that the current patches to mitigate the attacks can reduce processing performance by up to 30 percent in some cases.

Thankfully, Google engineers have developed a Spectre Variant 2 mitigation technique that results in a negligible impact in system performance. The mitigation strategy, which is called Retpoline, was initially detailed shortly after the details of Meltdown and Spectre first became public knowledge. As described on LKML back in early January:

Retpoline as a mitigation strategy swaps indirect branches for returns, to avoid using predictions which come from the BTB, as they can be poisoned by an attacker. The problem with Skylake+ is that an RSB underflow falls back to using a BTB prediction, which allows the attacker to take control of speculation.

Now, Microsoft has confirmed that it is integrating Retpoline into the next major release of Windows 10, which is currently being developed under the codename 19H1 (2019, First Half). Mehmet Iyigun, who works on Microsoft's Windows and Azure kernel team, wrote on Twitter, "Yes, we have enabled retpoline by default in our 19H1 flights along with what we call 'import optimization' to further reduce perf impact due to indirect calls in kernel-mode."

That means when the next major release of Windows 10 rolls out, the performance hit will be reduced to "noise level". 

Unfortunately, Microsoft didn't have its Retpoline solution ready in time for the Windows 10 October 2018 Update, which was initially released earlier this month. However, given how much trouble Microsoft has encountered with the October 2018 Update -- including serious problems with file deletion -- perhaps it's good that Microsoft didn't try cramming Retpoline into this most recent release.