| I would guess they are fairly focused on it at this point. They are releasing microcode update mitigations for the CPUs of today, and at least state they will be improving things in the CPUs of the future, which is more-or-less what one might guess they would do with billions of dollars at stake. That's not to say that they are going to magically get rid of all speculative execution, and I wouldn't try defending their PR approach, but one would guess they would at a bare minimum whittle away at the cost of mitigations. Some related snippets about at least declared future intent. This obviously isn't a comprehensive list, but I think it suggests they realize the current state of affairs is not good for them: From LKML[1] related to approach taken with the new microcode update for variant #2 being better/less costly in future CPUs: Later CPUs are intended to have an 'IBRS all the time' feature which is
set-and-forget, and will perform much better, I believe. If we find
we're running on a CPU with that, we'll turn off the retpoline..." And from today's Intel PDF regarding variant #2: There are three new capabilities that will now be supported for this mitigation strategy.
These capabilities will be available on modern existing products if the appropriate microcode update is
applied, as well as on future products, where the performance cost of these mitigations will be
improved. And from today's Intel PDF regarding variant #3: Future Intel processors will also have hardware support for mitigating Rogue Data Cache Load. And a related comment from the always reputable source of "some security guy on the internet"[2]: Whatever mitigations CPU vendors come up with will be in concert with software changes. "Page table isolation" is an overnight redesign of all operating systems. It's here to stay. The next step is for Intel CPUs to fix its performance cost [1] https://lkml.org/lkml/2018/1/4/432 [2] https://twitter.com/ErrataRob/status/949194584399237120 |