How to check if Linux kernel is "Retpoline" enabled or not? As for the "Spectre" security vulnerability, "Retpoline" was introduced to be a solution to mitigate the risk. However, I've read a post that mentioned:

How to check if Linux kernel is "Retpoline" enabled or not? As for the "Spectre" security vulnerability, "Retpoline" was introduced to be a solution to mitigate the risk. However, I've read a post that mentioned: > If you build the kernel without `CONFIG_RETPOLINE`, you can't build modules with retpoline and then expect them to load — because the thunk symbols aren't exported. > > If you build the kernel with the retpoline though, you _can_ successfully load modules which aren't built with retpoline. (Source) Is there an easy and common/generic/unified way to check if kernel is "Retpoline" enabled or not? I want to do this so that my installer can use the proper build of kernel module to be installed.

If you’re using mainline kernels, or most major distributions’ kernels, the best way to check for full retpoline support ( _i.e._ the kernel was configured with `CONFIG_RETPOLINE`, and was built with a retpoline-capable compiler) is to look for “Full generic retpoline” in `/sys/devices/system/cpu/vulnerabilities/spectre_v2`. On my system:

$ cat /sys/devices/system/cpu/vulnerabilities/spectre_v2
Mitigation: Full generic retpoline, IBPB, IBRS_FW

If you want more comprehensive tests, to detect retpolines on kernels without the `spectre_v2` systree file, check out how `spectre-meltdown-checker` goes about things.