Compiler support for mitigations

Updated on 12/Oct/2018

Addressing Spectre Variant 1 (CVE-2017-5753) in Software

This whitepaper begins by giving a brief overview of the original Spectre Variant 1 attack and shows how, at the assembly level, mitigations can be applied. It then shows that it is not possible to use normal high-level language constructs to protect programs using these techniques. Following on from this it discusses some practical mitigation techniques that can be applied and shows how, with the help of some compiler instrumentation of the control flow, it is possible to insert annotations into the source program that can lead to effective mitigation.

Finally, it discusses some of the subvariants of Variant 1 and shows that the same mitigation techniques can be applied there as well.

Download

This whitepaper should be read in conjunction with the Cache Speculation Side-channels whitepaper.