Linux Developers Continue Discussing "SLS" Mitigation For The Kernel
While compiler support is out there for hardening against straight-line speculation on ARM, seeing these options utilized by potentially affected software hasn't been so quick. In February there were Google engineers proposing a kernel option for enabling the ARM SLS mitigation. The kernel patch is for basically enabling the "-mharden-sls=" compiler option for inserting speculation barrier (SB) instructions or otherwise DSB+ISB instructions around the instructions vulnerable to SLS.
The patch itself is simple in basically just flipping on the compiler option, but this week it's now up to its sixth round of review and developers seem to still be in disagreement if it's necessary and should be merged. Even fellow Google engineers working on the kernel haven't seen eye to eye on this proposed mitigation patch.
At build-time via the Kconfig option is support for configuring whether to mitigate all mitigations against SLS or not use it as well or optionally to just enable the mitigation for RET and BR instructions or just BLR instructions. There is the potential for some performance impact of this mitigation and will be interesting to benchmark it if/when it's been mainlined.
The sixth round of this patch is up for review and any remaining debate on the kernel mailing list.