Add a flag to the x86 Speculative Execution Side Effect Suppression Pass
that allows users to turn off LFENCEing data invariant instructions.
Note that the list currently used by this flag does not include
information about vector instructions. That information can be added in
the future with no issues. The fact those instructions have not been
added to this list mean that it's also likely that the improvements
shown in the following performance data is understated.
This is a part of a set of flags that can be used to experiment with
optimizing this mitigation for Load Value Injection.
One pager on Load Value Injection:
Deep dive on Load Value Injection:
Performance Testing Results
I ran the BoringSSL benchmarks which run many cryptographic operations
and reports the number of operations per second completed in a given
Modified Mitigation vs Baseline
0.129 (This can be read as the geomean ops/s of the mitigated program
was 12.9% of the ops/s of the unmitigated program. Similar below.)
Fully Mitigated vs Baseline