X86 Spectre Variants and Mitigations

Recently, folks in my company suspect if Spectre mitigations are involved once they see a performance bug. So I make a simple summary of different X86 Spectre Variants, performance loss and workarounds. So they can have a general idea if Spectre might be involved or rule out the issue by suggesting the proper workaround to customer when necessory. Some of the kernel command line are for UEK series only, but most of them are compatible with
kernel.

Spectre V1 (Bounds Check Bypass)
can't toggle at runtime
No performance impact

Spectre V2 (Branch Target Injection)
There are two mitigations, Retpoline and IBRS.
Retpoline is the prefered and by default enabled mitigation for most X86 systems, 0%-5% performance loss.
IBRS is intel suggested mitigation for Skylake+ processor and enabled by default for Skylake+, performance 
loss is less than 20% in extreme case.

Dynamic switch:
/sys/kernel/debug/x86{retpoline_enabled,ibrs_enabled}

Kernel bootup parameter:
spectre_v2=
                        on   - unconditionally enable
                        off  - unconditionally disable
                        auto - kernel detects whether your CPU model is
                               vulnerable  (default)
                        retpoline         - replace indirect branches
                        retpoline,generic - google's original retpoline
                        retpoline,amd     - AMD-specific minimal thunk
                        ibrs              - Use IBRS (if microcode is available).

nospectre_v2
                        Euivalent to spectre_v2=off

spectre_v2_heuristics=
                        off             - disable all heuristics (see below)
                        skylake=off     - do not use IBRS if present on Skylake