Clang Picks Up Support For Per-Function Speculative Load Hardening (Spectre V1)

Written by Michael Larabel in LLVM on 28 November 2018 at 05:52 AM EST. 2 Comments
For several months now the mainline LLVM Clang compiler code has offered Speculative Load Hardening (SLH) for the compiler-based approach for Spectre Variant One protection for critical software that might not be mitigated by hand against Spectre V1 vulnerabilities that can be picked up by Smatch and other utilities. The Clang compiler now has support for SLH on a function-by-function basis.

Enabling Speculative Load Hardening can be done with LLVM/Clang 7.0+ via the "-mspeculative-load-hardening" flag, which enables SLH for all functions being compiled. But with this latest addition to Clang as of this week, an SLH attribute is now available for C/C++ functions and Objective-C methods for enabling the behavior on a function-by-function manner.

The speculative_load_hardening attribute now allows for developers to selectively opt into this Spectre Variant One protection on a per-function basis where protecting against data leaks would be of vital importance rather than introducing the overhead to all functions.

More details on this change for Clang 8.0 can be found via this commit. More details on the LLVM Speculative Load Hardening via the compiler documentation.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week