Mainline GCC 9.0 Compiler Now Has Speculation Tracking Against Spectre V1

As we literally finished covering the story of Linux 4.19 kernel having Enhanced IBRS as protection against Spectre for Intel CPUs, we caught wind that ARM’s “-mtrack-speculation” (a Spectre V1 safeguard) is being introduced to the mainline GCC 9.0 compiler code-base.

What this means is that if you enable -mtrack-speculation, the compiler will generate a code for tracking data speculation, which lets you see if the CPU control flow speculation matches its data flow calculations. This is useful for detecting if the CPU is speculating incorrectly, and if it is, the code could be susceptible to a Spectre V1 exploit (or similar exploits).

All of this was added to AArch64 for the current GCC implementation, but it could find its way to other architectures as well. Its unlikely that ARM will bring it over to 32-bit ARM, because 32-bit ARM contains less registers and it would be much more complicated to patch in the functionality.

It’s unknown as of yet the performance impact that enable -mtrack-speculation will bring, but for those that want to give it a whirl right now, you can grab it on the GCC SVN/Git, and it will be part of the GCC 9.1 stable release sometime in 2019.

Kamil Anwar
Kamil is a certified MCITP, CCNA (W), CCNA (S) and a former British Computer Society Member with over 9 years of experience Configuring, Deploying and Managing Switches, Firewalls and Domain Controllers also an old-school still active on FreeNode.