Speculative attacks are still an active threat today that, even if initially focused on the x86 platform, reach across all modern hardware architectures. RISC-V is a newly proposed open instruction set architecture that has seen traction from both the industry and academia in recent years. In this paper we focus on the RISC-V cores where speculation is enabled and, as we show, where Spectre attacks are as effective as on x86. Even though RISC-V hardware mitigations were proposed in the past, they have not yet passed the prototype phase. Instead, we propose low-overhead software mitigations for Spectre-BTI, inspired from those used on the x86 architecture, and for Spectre-RSB, to our knowledge the first such mitigation to be proposed. We show that these mitigations work in practice and that they can be integrated in the LLVM toolchain. For transparency and reproducibility, all our programs and data are made publicly available online.

翻译：投机攻击至今仍是一种活跃的威胁，即使最初主要针对x86平台，现已波及所有现代硬件架构。RISC-V是一种新近提出的开源指令集架构，近年来在工业界和学术界均获得广泛关注。本文聚焦于启用投机执行的RISC-V核心，并证明在这些核心上Spectre攻击的效果与x86平台相当。尽管过去已有针对RISC-V的硬件缓解方案提出，但尚未突破原型阶段。为此，我们借鉴x86架构的缓解思路，提出针对Spectre-BTI的低开销软件缓解方法，并首次提出针对Spectre-RSB的缓解方案。实验证明这些缓解措施在实际中有效，且可集成至LLVM工具链。为确保研究透明性与可复现性，所有程序及数据均已在线公开。