úplne ako doteraz Korigovať nepresnosti. Je to priekak,ak by existovalo jedine riešenie pomocou LFNECE.
AMD recommends that SW vendors analyze their code for any potential vulnerabilities related to this type of transient execution. Potential vulnerabilities can be addressed by inserting an LFENCE or using existing speculation mitigation techniques as described in [2].
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1010
Našťastie existuje aj iné riešenie. Použite LFENCE všade sme si otestovali v patchi SESES
Google Engineer Shows "SESES" For Mitigating LVI + Side-Channel Attacks - Code Runs ~7% Original Speed
on 21 March 2020
peculative Execution Side Effect Suppression (SESES) and was started for mitigating Load Value Injection but expanded to address other side-channel vulnerabilities like Spectre V1/V4 and others. It offers extra safeguards beyond just LVI mitigation, but in Google's own BoringSSL test (their fork of OpenSSL), the performance came in to a 7% geometric mean of the original performance (not a 7% hit, merely 7% the original performance).
https://www.phoronix.com/scan.php?page=news_item&px=LLVM-SESES-Mitigating-LVI-More