Spectre v2 is really complicated to deal with. Just read this recent thread in the LKML <https://lkml.org/lkml/2018/1/20/158> I'm impressed how well written those messages are. Intel Skylake CPUs are particularly problematic. Those are most of the "6th generation Core" processors and some of the "7th generation Core". <https://en.wikipedia.org/wiki/Skylake_(microarchitecture)> The indirect branch predictor is a big problem. The retpoline deals with most cases. On Skylake, this predictor is used in another case: for return instructions that cause underflow in the call/return predictor stack. That means that EVERY return instruction is suspect, and the cost of being suspect is high. OK, if you can prove that the call/return predictor stack has not underflowed, you can just do a return. But how? The best fix is not on the table: it would be great if Intel could patch microcode so that the return predictor did not fall back to the indirect branch predictor. It sounds easy, but I infer that it is not technically possible.