Speculative Load Hardening Lands In LLVM For Spectre V1 Mitigation

Written by Michael Larabel in LLVM on 13 July 2018 at 07:44 AM EDT. Add A Comment
LLVM
The Speculative Load Hardening (SLH) effort that has been in development for months as a compiler-based automated Spectre Variant One mitigation technique has landed within LLVM trunk.

Happening in time for LLVM 7.0 is this initial Speculative Load Hardening for x86/x86_64 while ARM developers are also working on leveraging SLH within LLVM for AArch64 (64-bit ARM) as well.

While we have seen a lot of code within the Linux kernel and elsewhere manually adjusted for Spectre V1 defense, thanks to being pointed out with tools like Smatch, Speculative Load Hardening is a compiler-based approach for trying to mitigate Spectre V1.

The compiler would cause loads to be checked using branch-less code to verify its execution abides by a valid control flow path, in order to ensure its not prone to this bounds check bypass vulnerability. There is the original design document by LLVM developers who started working on SLH earlier this year.

Speculative Load Hardening is intended to be used by critical software that is unlikely to be mitigated by hand due to its complexity or unmaintained code. SLH also yields a baseline on performance if then mitigating by hand while also being a simpler approach for developers.

At this point Speculative Load Hardening in LLVM trunk is only working on x86 architectures for select ABIs. This functionality is only enabled via debug flags at the moment (the x86-speculative-load-hardening flag).
Add A Comment
Related News
LLVM's BOLT Being Adapted To Analyze Security Hardening Of Binaries
LLVM/Clang 18.1 Released With Intel AVX10.1 Work, Adds Clearwater Forest & Panther Lake
Meta Continues Working On BOLT'ing The Linux Kernel For Greater Performance
LLVM/Clang Can Work Fine As A GCC Replacement For Linux Distributions
LLVM 18.1-rc1 Released For Enabling New Intel CPU Features, More C23 & C++23
Autocheck To Check If Your C++ Code Is Safe For Automobiles & Safety Critical Systems
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Linus Torvalds Injects Tabs To Thwart Kconfig Parsers Not Correctly Handling Them
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Fedora Linux 40 Cleared For Release Next Week
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Ubuntu 24.04 Supports Easy Installation Of OpenZFS Root File-System With Encryption
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"