They have also been released in all currently supported versions of Visual Studio 20 as follows: These switches are available starting in Visual Studio 16.5 preview 3 and will be available in MSVC toolsets included in all future releases of Visual Studio (including Previews). What versions of MSVC support the /Qspectre-load and /Qspectre-load-cf switches? As these switches stop speculation of all loads, the performance impact is very high, so this mitigation is not appropriate everywhere. If there are performance critical blocks of code that do not require protection, then you can disable these mitigations using _declspec(spectre(nomitigation)). The /Qspectre-load-cf flag provides a subset of this behavior, only protecting control flow instructions: JMP, RET, and CALL. When this is not possible, such as for jmp the compiler uses an alternate mitigation strategy, loading the target non-destructively before inserting an LFENCE as follows: xor rbx, In most cases, the instruction can be split into the load and control flow, so an LFENCE can be inserted after the load. However, for control flow instructions, this approach does not work. For most loads, this entails adding an LFENCE instruction after the load instruction. The /Qspectre-load flag specifies compiler generation of serializing instructions for every load instruction. These switches are only available on x86 and 圆4 platforms. We are now adding two new switches /Qspectre-load and /Qspectre-load-cf to provide a more complete mitigation of Spectre attacks based on loads for customers.
These mitigations, while not significantly impacting performance, do not protect against all possible speculative load attacks, described in industry research as Load Value Injection. In a previous blog post, Microsoft described the Spectre mitigations available under /Qspectre.
0 kommentar(er)
