System is already using retpolines

I saw this mail about retpolines/ibrs:, however my Tumbleweed system seems to be using retpolines already, similar to the Fedora system there, even though I’m using defaults.

> cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Mitigation: Full generic retpoline, IBPB: conditional, IBRS_FW, STIBP: conditional, RSB filling
> cat /proc/cmdline 
BOOT_IMAGE=/boot/vmlinuz-5.0.7-1-default root=UUID=9dfdcf90-5515-4e84-b6f4-b24d9851e4bb resume=/dev/sdb5 splash=silent quiet showopts

IMO you can’t believe well over half of what you read about performance penalties, there are also plenty of posts about people who found either no penalty or any penalty that’s measurable.

So, bottom line is that you should do your own testing, see what is happening on your system.

although you can poke for individual settings like what you’ve done, it’s probably more efficient to scan your system for all mitigation settings with either the packed meltdown-spectre checker or from github. Even if you use the package, read the github link for more information about how the checker works, how to interpret, and some good summaries about the CVE events

Note that retpoline is mentioned only as a mitigation option for one of the 4 Spectre variants,. IMO it’s the preferred mitigation but you certainly have alternatives if you prefer. And, you may want to do more to address the other variants.

Some of the first discussion when Meltdown and Spectre first appeared, some of the info in the discussion was only “best of knowledge” in those opening days and later were shown to either not be entirely true