[phkahler]

RISC-V impact? With all the reports of these attacks, I have not seen mention of risc-v. Since they are in the process of finalizing a lot of specs including memory model and privileged instructions, I wonder if there will be last minute changes to mitigate these vulnerabilities.

[bem94]

The problem (in my understanding) is not with the specification of the x86 ISA, but with the implementation of the speculative execution micro-architecture and probably the memory sub-system as well. That is why Intel is so badly affected by the problem, but not AMD, despite them both implementing the same instruction set.

RISCV has already had to fix its memory consistency model, so it is not without problems. But it that is a spec bug, not an implementation bug. Whether there is an out of order, speculative execution RISCV core in the wild which suffers from this is as far as I know very unlikely. If there is, no doubt it's designers have had a busy time lately.

[earenndil]

My understanding is that meltdown is due to the implementation, but spectre occurs due to issues with the specification.

[leoc]

At the risk of being a HN self-parody, I’ve also been wondering what this means for the Mill...

https://millcomputing.com/docs/prediction/

[gpderetta]

The only speculation done on the mill currently is on whether it will ever be released, so I think they'll be safe.

[sp332]

Don't worry, I was wondering this myself. There doesn't seem to be anything official or even any discussion on the forums yet.

[Tuna-Fish]

The details that this attack depends on are outside the architecture of the system, in the microarchitecture. A cpu of almost any architecture can be vulnerable or not depending on how it was implemented, thus Ryzen is immune to the worst variant while both Intel and the fastest Arm cpus are vulnerable.

I'd presume that the slowest RISC-V designs are immune due to not speculating enough, while any high-performance implementation is vulnerable.

[ars]

As of right now every single CPU that does speculative execution. (I.e. runs both sides of a branch then throws away the one that didn't end up being valid.)

[Keyframe]

RISC-V is an ISA, so it depends on the implementation.

[phkahler]

From one of the papers:

>> While makeshift processor-specific countermeasures are possible in some cases, sound solutions will require fixes to processor designs as well as updates to instruc- tion set architectures (ISAs) to give hardware architects and software developers a common understanding as to what computation state CPU implementations are (and are not) permitted to leak.

[bpye]

I imagine BOOM and BOOM v2 may be vulnerable as they support OoO execution.