From a9ba2a9b77bec7eacaf066801f22d1c366a2bc86 Mon Sep 17 00:00:00 2001
From: Matthew Malcomson <matthew.malcomson@arm.com>
Date: Thu, 9 Jul 2020 09:11:58 +0100
Subject: aarch64: New Straight Line Speculation (SLS) mitigation flags

Here we introduce the flags that will be used for straight line speculation.

The new flag introduced is `-mharden-sls=`.
This flag can take arguments of `none`, `all`, or a comma seperated list of one
or more of `retbr` or `blr`.
`none` indicates no special mitigation of the straight line speculation
vulnerability.
`all` requests all mitigations currently implemented.
`retbr` requests that the RET and BR instructions have a speculation barrier
inserted after them.
`blr` requests that BLR instructions are replaced by a BL to a function stub
using a BR with a speculation barrier after it.

Setting this on a per-function basis using attributes or the like is not
enabled, but may be in the future.

gcc/ChangeLog:

2020-06-02  Matthew Malcomson  <matthew.malcomson@arm.com>

	* config/aarch64/aarch64-protos.h (aarch64_harden_sls_retbr_p):
	New.
	(aarch64_harden_sls_blr_p): New.
	* config/aarch64/aarch64.c (enum aarch64_sls_hardening_type):
	New.
	(aarch64_harden_sls_retbr_p): New.
	(aarch64_harden_sls_blr_p): New.
	(aarch64_validate_sls_mitigation): New.
	(aarch64_override_options): Parse options for SLS mitigation.
	* config/aarch64/aarch64.opt (-mharden-sls): New option.
	* doc/invoke.texi: Document new option.
---
 gcc/doc/invoke.texi | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'gcc/doc')

diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index e21d8a5..f4fc303 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -698,6 +698,7 @@ Objective-C and Objective-C++ Dialects}.
 -msign-return-address=@var{scope} @gol
 -mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf}
 +@var{b-key}]|@var{bti} @gol
+-mharden-sls=@var{opts} @gol
 -march=@var{name}  -mcpu=@var{name}  -mtune=@var{name}  @gol
 -moverride=@var{string}  -mverbose-cost-dump @gol
 -mstack-protector-guard=@var{guard} -mstack-protector-guard-reg=@var{sysreg} @gol
@@ -17367,6 +17368,17 @@ functions.  The optional argument @samp{b-key} can be used to sign the functions
 with the B-key instead of the A-key.
 @samp{bti} turns on branch target identification mechanism.
 
+@item -mharden-sls=@var{opts}
+@opindex mharden-sls
+Enable compiler hardening against straight line speculation (SLS).
+@var{opts} is a comma-separated list of the following options:
+@table @samp
+@item retbr
+@item blr
+@end table
+In addition, @samp{-mharden-sls=all} enables all SLS hardening while
+@samp{-mharden-sls=none} disables all SLS hardening.
+
 @item -msve-vector-bits=@var{bits}
 @opindex msve-vector-bits
 Specify the number of bits in an SVE vector register.  This option only has
-- 
cgit v1.1