SESES Speculative Execution Pass Lands In LLVM With "Extreme Performance Implications"

The Google-backed SESES pass for LLVM to help fend off speculative execution vulnerabilities has been merged for LLVM 11, but in opting to enable this patch you lose much of your system's performance.

SESES was shown back in March by Google engineer Zola Bridges following the public disclosure of the Load Value Injection attack affecting Intel CPUs. SESES is an optional pass for LLVM on x86-based platforms for "Speculative Execution Side Effect Suppression" and is intended as a last resort for mitigating against the likes of LVI and other possible speculative execution side channel vulnerabilities.

SESES though is downright bloody and brutal to performance. This LLVM pass adds a load fence (LFENCE) instruction before each memory read instruction, memory write instruction, and the first branch instruction in a group of terminators at the end of a basic block. This is great for fending off vulnerabilities, but absolutely slaughters the performance.

In Zola Bridges' own test using Google's BoringSSL implementation, SESES'ed performance was just 7% that of the original speed. Yes, over a 90% hit to the performance.

Given the tremendous performance ramifications from this pass, even though it's opt-in it wasn't clear if it would be merged. Since the March discussion over it, finally today the patch was merged. SESES will now be available for those who want it in LLVM 11.

On the GNU side, you can see our GNU LVI mitigation impact testing while I will take LLVM SESES for a whirl soon.