It would be much easier for a vendor to turn off speculative compilation in that case though, i.e. for HPC you want all the performance, but a cloud vendor could still protect vulnerable interfaces.
Well, again, if the x86 code morphing software is available and open source, and if someone understands this software and can modify it -- then that's infinitely infinitely better (from a security perspective) -- than having to run x86 code directly on a regular AMD/Intel x86 processor...
In the latter case -- you have absolutely no control whatsoever over how the processor interprets and dispatches its x86 instructions...
Oh totally. I'm more sure than not that something like an open source code morphing software could be made more secure against side channel attacks with greater flexibility than is afforded micro code updates.
I'm mainly saying that it's a problem space that both has actively shipping implemetnations (Nvidia Denver), has new levels of cache which affect performance based on previous codeflows, and hasn't been fully explored publicly AFAIK. There's probs some dragons in there in at least the pre spectre versions of that software.
