Page MenuHomePhabricator

[x86][seses] No LFENCEs in basic blocks w/o loads
AcceptedPublic

Authored by zbrid on Mar 10 2020, 10:11 AM.

Details

Summary

Add a flag to the x86 Speculative Execution Side Effect Suppression Pass
that allows users to turn off adding LFENCEs in basic blocks with no
loads.

This is a part of a set of flags that can be used to experiment with
optimizing this mitigation for Load Value Injection.

One pager on Load Value Injection:
https://software.intel.com/security-software-guidance/software-guidance/load-value-injection

Deep dive on Load Value Injection:
https://software.intel.com/security-software-guidance/insights/deep-dive-load-value-injection

Results of my performance testing

I ran the BoringSSL benchmarks which run many cryptographic operations
and reports the number of operations per second completed in a given
time.

Modified Mitigation vs Baseline
Geometric mean
0.073 (This can be read as the geomean ops/s of the mitigated program
was 7.3% of the ops/s of the unmitigated program. Similar below.)
Minimum
0.041
Quartile 1
0.060
Median
0.066
Quartile 3
0.081
Maximum
0.234

Fully Mitigated vs Baseline
Geometric mean
0.071
Minimum
0.041
Quartile 1
0.060
Median
0.063
Quartile 3
0.077
Maximum
0.230

Diff Detail

Event Timeline

zbrid created this revision.Mar 10 2020, 10:11 AM
Herald added a project: Restricted Project. · View Herald TranscriptMar 10 2020, 10:11 AM

LGTM modulo a few cosmetic nits. Similar to the previous review, please wait for approval from someone with more ownership here before landing.

Thanks!

llvm/lib/Target/X86/X86SpeculativeExecutionSideEffectSuppression.cpp
55

nit: please wrap at 80cols, potentially by "splitting the" " string"

91

nit: please delete this line

llvm/test/CodeGen/X86/speculative-execution-side-effect-suppression-omit-lfence-in-bb-without-loads.ll
13

If these tests are checking for consecutive lines, consider using CHECK-FLAGGED-NEXT. Otherwise, FileCheck won't complain if there are intervening instructions (e.g., an incorrectly placed lfence)

This revision is now accepted and ready to land.Mar 10 2020, 5:16 PM
zbrid updated this revision to Diff 250092.Mar 12 2020, 4:47 PM
zbrid marked 3 inline comments as done.
  • Update tests to use CHECK-NEXT
  • ClangFormat/nits
zbrid added a comment.Mar 12 2020, 4:48 PM

Updated to address comments