From 1be5d8d3bbec4c9a112114993ac5c85b2b26c4c4 Mon Sep 17 00:00:00 2001
From: Alan Modra <amodra@gmail.com>
Date: Wed, 17 Jan 2018 14:19:08 +1030
Subject: PowerPC PLT speculative execution barriers

Spectre variant 2 mitigation for PowerPC and PowerPC64.

bfd/
	* elf32-ppc.c (GLINK_ENTRY_SIZE): Handle speculation barrier.
	(CRSETEQ, BEQCTRM): Define.
	(is_nonpic_glink_stub): Don't check bctr.
	(ppc_elf_link_hash_table_create): Init new ppc_elf_params field.
	(ppc_elf_relax_section): Size speculation barrier.
	(output_bctr): New function.
	(write_glink_stub): Use output_bctr.
	(ppc_elf_relocate_section): Use output_bctr for long branch stub.
	(ppc_elf_finish_dynamic_symbol): Likewise.
	(ppc_elf_finish_dynamic_sections): Use output_bctr.
	* elf32-ppc.h (struct ppc_elf_params): Add speculate_indirect_jumps.
	* elf64-ppc.c (CRSETEQ, BEQCTRM, BEQCTRLM): Define.
	(GLINK_PLTRESOLVE_SIZE): Size speculation barrier.
	(size_global_entry_stubs): Handle speculation barrier sizing.
	(plt_stub_size): Likewise.
	(output_bctr): New function.
	(build_plt_stub, build_tls_get_addr_stub): Output speculation
	barrier.
	(ppc_build_one_stub): Likewise for ppc_stub_plt_branch.
	(ppc_size_one_stub): Size speculation barrier in ppc_stub_plt_branch.
	(build_global_entry_stubs): Output speculation barrier.
	(ppc64_elf_build_stubs): Likewise in __glink_PLTresolve stub.
	* elf64-ppc.h (struct ppc64_elf_params): Add speculate_indirect_jumps.
gold/
	* options.h (speculate_indirect_jumps): New option.
	* powerpc.cc (beqctrm, beqctrlm, crseteq): New insn constants.
	(output_bctr): New function.
	(Stub_table::plt_call_size): Add space for speculation barrier.
	(Stub_table::branch_stub_size): Likewise.
	(Output_data_glink::pltresolve_size): Likewise.
	(Stub_table::do_write): Output speculation barriers.
ld/
	* emultempl/ppc32elf.em (params): Init new field.
	(OPTION_SPECULATE_INDIRECT_JUMPS): Define.
	(OPTION_NO_SPECULATE_INDIRECT_JUMPS): Define.
	(PARSE_AND_LIST_LONGOPTS): Handle new options.
	(PARSE_AND_LIST_ARGS_CASES): Likewise.
	(PARSE_AND_LIST_OPTIONS): Likewise.
	* emultempl/ppc64elf.em (params): Init new field.
	(OPTION_SPECULATE_INDIRECT_JUMPS): Define.
	(OPTION_NO_SPECULATE_INDIRECT_JUMPS): Define.
	(PARSE_AND_LIST_LONGOPTS): Handle --speculate-indirect-jumps.
	(PARSE_AND_LIST_OPTIONS): Likewise.
	(PARSE_AND_LIST_ARGS_CASES): Likewise.
	* ld.texinfo (--no-plt-thread-safe): Correct itemx.
	(--speculate-indirect-jumps): Document.
	* testsuite/ld-powerpc/elfv2exe.d,
	* testsuite/ld-powerpc/elfv2so.d,
	* testsuite/ld-powerpc/relbrlt.d,
	* testsuite/ld-powerpc/powerpc.exp: Disable plt alignment and
	speculation barriers on various tests.
---
 ld/emultempl/ppc32elf.em | 20 +++++++++++++++++++-
 ld/emultempl/ppc64elf.em | 22 ++++++++++++++++++++--
 2 files changed, 39 insertions(+), 3 deletions(-)

(limited to 'ld/emultempl')

diff --git a/ld/emultempl/ppc32elf.em b/ld/emultempl/ppc32elf.em
index 70dd5a0..4e71a78 100644
--- a/ld/emultempl/ppc32elf.em
+++ b/ld/emultempl/ppc32elf.em
@@ -38,7 +38,7 @@ static int notlsopt = 0;
 /* Choose the correct place for .got.  */
 static int old_got = 0;
 
-static struct ppc_elf_params params = { PLT_UNSET, 0, -1,
+static struct ppc_elf_params params = { PLT_UNSET, 0, 1, -1,
 					0, 0, 0, 0, 0, 0, 0 };
 
 static void
@@ -246,6 +246,8 @@ enum ppc32_opt
   OPTION_NO_TLS_GET_ADDR_OPT,
   OPTION_NEW_PLT,
   OPTION_OLD_PLT,
+  OPTION_SPECULATE_INDIRECT_JUMPS,
+  OPTION_NO_SPECULATE_INDIRECT_JUMPS,
   OPTION_PLT_ALIGN,
   OPTION_NO_PLT_ALIGN,
   OPTION_OLD_GOT,
@@ -267,6 +269,8 @@ if test -z "$VXWORKS_BASE_EM_FILE" ; then
   PARSE_AND_LIST_LONGOPTS=${PARSE_AND_LIST_LONGOPTS}'
   { "secure-plt", no_argument, NULL, OPTION_NEW_PLT },
   { "bss-plt", no_argument, NULL, OPTION_OLD_PLT },
+  { "speculate-indirect-jumps", no_argument, NULL, OPTION_SPECULATE_INDIRECT_JUMPS },
+  { "no-speculate-indirect-jumps", no_argument, NULL, OPTION_NO_SPECULATE_INDIRECT_JUMPS },
   { "plt-align", no_argument, NULL, OPTION_PLT_ALIGN },
   { "no-plt-align", no_argument, NULL, OPTION_NO_PLT_ALIGN },
   { "sdata-got", no_argument, NULL, OPTION_OLD_GOT },'
@@ -300,6 +304,12 @@ if test -z "$VXWORKS_BASE_EM_FILE" ; then
   --bss-plt                   Force old-style BSS PLT.\n"
 		   ));
   fprintf (file, _("\
+  --speculate-indirect-jumps  PLT call stubs without speculation barrier.\n"
+		   ));
+  fprintf (file, _("\
+  --no-speculate-indirect-jumps PLT call stubs with speculation barrier.\n"
+		   ));
+  fprintf (file, _("\
   --plt-align                 Align PLT call stubs to fit cache lines.\n"
 		   ));
   fprintf (file, _("\
@@ -350,6 +360,14 @@ PARSE_AND_LIST_ARGS_CASES=${PARSE_AND_LIST_ARGS_CASES}'
       params.plt_style = PLT_OLD;
       break;
 
+    case OPTION_SPECULATE_INDIRECT_JUMPS:
+      params.speculate_indirect_jumps = 1;
+      break;
+
+    case OPTION_NO_SPECULATE_INDIRECT_JUMPS:
+      params.speculate_indirect_jumps = 0;
+      break;
+
     case OPTION_PLT_ALIGN:
       params.plt_stub_align = 5;
       break;
diff --git a/ld/emultempl/ppc64elf.em b/ld/emultempl/ppc64elf.em
index 840bd44..c7c27b0 100644
--- a/ld/emultempl/ppc64elf.em
+++ b/ld/emultempl/ppc64elf.em
@@ -38,7 +38,7 @@ static struct ppc64_elf_params params = { NULL,
 					  &ppc_layout_sections_again,
 					  1, -1, 0,
 					  ${DEFAULT_PLT_STATIC_CHAIN-0}, -1, 5,
-					  -1, 0, -1, -1, 0};
+					  -1, 1, 0, -1, -1, 0};
 
 /* Fake input file for stubs.  */
 static lang_input_statement_type *stub_file;
@@ -692,6 +692,8 @@ enum ppc64_opt
   OPTION_NO_PLT_STATIC_CHAIN,
   OPTION_PLT_THREAD_SAFE,
   OPTION_NO_PLT_THREAD_SAFE,
+  OPTION_SPECULATE_INDIRECT_JUMPS,
+  OPTION_NO_SPECULATE_INDIRECT_JUMPS,
   OPTION_PLT_ALIGN,
   OPTION_NO_PLT_ALIGN,
   OPTION_PLT_LOCALENTRY,
@@ -719,6 +721,8 @@ PARSE_AND_LIST_LONGOPTS=${PARSE_AND_LIST_LONGOPTS}'
   { "no-plt-static-chain", no_argument, NULL, OPTION_NO_PLT_STATIC_CHAIN },
   { "plt-thread-safe", no_argument, NULL, OPTION_PLT_THREAD_SAFE },
   { "no-plt-thread-safe", no_argument, NULL, OPTION_NO_PLT_THREAD_SAFE },
+  { "speculate-indirect-jumps", no_argument, NULL, OPTION_SPECULATE_INDIRECT_JUMPS },
+  { "no-speculate-indirect-jumps", no_argument, NULL, OPTION_NO_SPECULATE_INDIRECT_JUMPS },
   { "plt-align", optional_argument, NULL, OPTION_PLT_ALIGN },
   { "no-plt-align", no_argument, NULL, OPTION_NO_PLT_ALIGN },
   { "plt-localentry", optional_argument, NULL, OPTION_PLT_LOCALENTRY },
@@ -760,7 +764,13 @@ PARSE_AND_LIST_OPTIONS=${PARSE_AND_LIST_OPTIONS}'
   --plt-thread-safe           PLT call stubs with load-load barrier.\n"
 		   ));
   fprintf (file, _("\
-  --no-plt-thread-safe        PLT call stubs without barrier.\n"
+  --no-plt-thread-safe        PLT call stubs without load-load barrier.\n"
+		   ));
+  fprintf (file, _("\
+  --speculate-indirect-jumps  PLT call stubs without speculation barrier.\n"
+		   ));
+  fprintf (file, _("\
+  --no-speculate-indirect-jumps PLT call stubs with speculation barrier.\n"
 		   ));
   fprintf (file, _("\
   --plt-align [=<align>]      Align PLT call stubs to fit cache lines.\n"
@@ -850,6 +860,14 @@ PARSE_AND_LIST_ARGS_CASES=${PARSE_AND_LIST_ARGS_CASES}'
       params.plt_thread_safe = 0;
       break;
 
+    case OPTION_SPECULATE_INDIRECT_JUMPS:
+      params.speculate_indirect_jumps = 1;
+      break;
+
+    case OPTION_NO_SPECULATE_INDIRECT_JUMPS:
+      params.speculate_indirect_jumps = 0;
+      break;
+
     case OPTION_PLT_ALIGN:
       if (optarg != NULL)
 	{
-- 
cgit v1.1