File gcc7-aarch64-sls-miti-1.patch of Package gcc7-testresults
xxxxxxxxxx
1
Backport to gcc7 of the below commit for bsc#1172798
2
3
commit 20da13e395bde597d8337167c712039c8f923c3b
4
Author: Matthew Malcomson <matthew.malcomson@arm.com>
5
Date: Thu Jul 9 09:11:58 2020 +0100
6
7
aarch64: New Straight Line Speculation (SLS) mitigation flags
8
9
Here we introduce the flags that will be used for straight line speculation.
10
11
The new flag introduced is `-mharden-sls=`.
12
This flag can take arguments of `none`, `all`, or a comma seperated list
13
of one or more of `retbr` or `blr`.
14
`none` indicates no special mitigation of the straight line speculation
15
vulnerability.
16
`all` requests all mitigations currently implemented.
17
`retbr` requests that the RET and BR instructions have a speculation
18
barrier inserted after them.
19
`blr` requests that BLR instructions are replaced by a BL to a function
20
stub using a BR with a speculation barrier after it.
21
22
Setting this on a per-function basis using attributes or the like is not
23
enabled, but may be in the future.
24
25
(cherry picked from commit a9ba2a9b77bec7eacaf066801f22d1c366a2bc86)
26
27
gcc/ChangeLog:
28
29
2020-06-02 Matthew Malcomson <matthew.malcomson@arm.com>
30
31
* config/aarch64/aarch64-protos.h (aarch64_harden_sls_retbr_p):
32
New.
33
(aarch64_harden_sls_blr_p): New.
34
* config/aarch64/aarch64.c (enum aarch64_sls_hardening_type):
35
New.
36
(aarch64_harden_sls_retbr_p): New.
37
(aarch64_harden_sls_blr_p): New.
38
(aarch64_validate_sls_mitigation): New.
39
(aarch64_override_options): Parse options for SLS mitigation.
40
* config/aarch64/aarch64.opt (-mharden-sls): New option.
41
* doc/invoke.texi: Document new option.
42
43
Index: gcc-7.5.0+r278197/gcc/config/aarch64/aarch64-protos.h
44
===================================================================
45
--- gcc-7.5.0+r278197.orig/gcc/config/aarch64/aarch64-protos.h
46
+++ gcc-7.5.0+r278197/gcc/config/aarch64/aarch64-protos.h
47
48
extern const atomic_ool_names aarch64_ool_ldclr_names;
49
extern const atomic_ool_names aarch64_ool_ldeor_names;
50
51
+extern bool aarch64_harden_sls_retbr_p (void);
52
+extern bool aarch64_harden_sls_blr_p (void);
53
+
54
#endif /* GCC_AARCH64_PROTOS_H */
55
Index: gcc-7.5.0+r278197/gcc/config/aarch64/aarch64.c
56
===================================================================
57
--- gcc-7.5.0+r278197.orig/gcc/config/aarch64/aarch64.c
58
+++ gcc-7.5.0+r278197/gcc/config/aarch64/aarch64.c
59
60
return false;
61
}
62
63
+/* Straight line speculation indicators. */
64
+enum aarch64_sls_hardening_type
65
+{
66
+ SLS_NONE = 0,
67
+ SLS_RETBR = 1,
68
+ SLS_BLR = 2,
69
+ SLS_ALL = 3,
70
+};
71
+static enum aarch64_sls_hardening_type aarch64_sls_hardening;
72
+
73
+/* Return whether we should mitigatate Straight Line Speculation for the RET
74
+ and BR instructions. */
75
+bool
76
+aarch64_harden_sls_retbr_p (void)
77
+{
78
+ return aarch64_sls_hardening & SLS_RETBR;
79
+}
80
+
81
+/* Return whether we should mitigatate Straight Line Speculation for the BLR
82
+ instruction. */
83
+bool
84
+aarch64_harden_sls_blr_p (void)
85
+{
86
+ return aarch64_sls_hardening & SLS_BLR;
87
+}
88
+
89
+/* As of yet we only allow setting these options globally, in the future we may
90
+ allow setting them per function. */
91
+static void
92
+aarch64_validate_sls_mitigation (const char *const_str)
93
+{
94
+ char *token_save = NULL;
95
+ char *str = NULL;
96
+
97
+ if (strcmp (const_str, "none") == 0)
98
+ {
99
+ aarch64_sls_hardening = SLS_NONE;
100
+ return;
101
+ }
102
+ if (strcmp (const_str, "all") == 0)
103
+ {
104
+ aarch64_sls_hardening = SLS_ALL;
105
+ return;
106
+ }
107
+
108
+ char *str_root = xstrdup (const_str);
109
+ str = strtok_r (str_root, ",", &token_save);
110
+ if (!str)
111
+ error ("invalid argument given to %<-mharden-sls=%>");
112
+
113
+ int temp = SLS_NONE;
114
+ while (str)
115
+ {
116
+ if (strcmp (str, "blr") == 0)
117
+ temp |= SLS_BLR;
118
+ else if (strcmp (str, "retbr") == 0)
119
+ temp |= SLS_RETBR;
120
+ else if (strcmp (str, "none") == 0 || strcmp (str, "all") == 0)
121
+ {
122
+ error ("%<%s%> must be by itself for %<-mharden-sls=%>", str);
123
+ break;
124
+ }
125
+ else
126
+ {
127
+ error ("invalid argument %<%s%> for %<-mharden-sls=%>", str);
128
+ break;
129
+ }
130
+ str = strtok_r (NULL, ",", &token_save);
131
+ }
132
+ aarch64_sls_hardening = (aarch64_sls_hardening_type) temp;
133
+ free (str_root);
134
+}
135
+
136
/* Validate a command-line -march option. Parse the arch and extensions
137
(if any) specified in STR and throw errors if appropriate. Put the
138
results, if they are valid, in RES and ISA_FLAGS. Return whether the
139
140
selected_arch = NULL;
141
selected_tune = NULL;
142
143
+ if (aarch64_harden_sls_string)
144
+ aarch64_validate_sls_mitigation (aarch64_harden_sls_string);
145
+
146
/* -mcpu=CPU is shorthand for -march=ARCH_FOR_CPU, -mtune=CPU.
147
If either of -march or -mtune is given, they override their
148
respective component of -mcpu. */
149
Index: gcc-7.5.0+r278197/gcc/config/aarch64/aarch64.opt
150
===================================================================
151
--- gcc-7.5.0+r278197.orig/gcc/config/aarch64/aarch64.opt
152
+++ gcc-7.5.0+r278197/gcc/config/aarch64/aarch64.opt
153
154
Target Report RejectNegative Mask(GENERAL_REGS_ONLY) Save
155
Generate code which uses only the general registers.
156
157
+mharden-sls=
158
+Target RejectNegative Joined Var(aarch64_harden_sls_string)
159
+Generate code to mitigate against straight line speculation.
160
+
161
mfix-cortex-a53-835769
162
Target Report Var(aarch64_fix_a53_err835769) Init(2) Save
163
Workaround for ARM Cortex-A53 Erratum number 835769.
164
Index: gcc-7.5.0+r278197/gcc/doc/invoke.texi
165
===================================================================
166
--- gcc-7.5.0+r278197.orig/gcc/doc/invoke.texi
167
+++ gcc-7.5.0+r278197/gcc/doc/invoke.texi
168
169
-mlow-precision-recip-sqrt -mno-low-precision-recip-sqrt@gol
170
-mlow-precision-sqrt -mno-low-precision-sqrt@gol
171
-mlow-precision-div -mno-low-precision-div @gol
172
+-mharden-sls=@var{opts} @gol
173
-march=@var{name} -mcpu=@var{name} -mtune=@var{name}}
174
175
@emph{Adapteva Epiphany Options}
176
177
functions, and @samp{all}, which enables pointer signing for all functions. The
178
default value is @samp{none}.
179
180
+@item -mharden-sls=@var{opts}
181
+@opindex mharden-sls
182
+Enable compiler hardening against straight line speculation (SLS).
183
+@var{opts} is a comma-separated list of the following options:
184
+@table @samp
185
+@item retbr
186
+@item blr
187
+@end table
188
+In addition, @samp{-mharden-sls=all} enables all SLS hardening while
189
+@samp{-mharden-sls=none} disables all SLS hardening.
190
+
191
@end table
192
193
@subsubsection @option{-march} and @option{-mcpu} Feature Modifiers
194