Arm Backporting SLS Vulnerability Mitigation To Existing GCC Releases
Written by Michael Larabel in Arm on 21 July 2020 at 04:39 PM EDT. 5 Comments
ARM --
Back in June when Arm disclosed their Straight Line Speculation (SLS) vulnerability affecting their modern ARM processor designs there wasn't a whole lot of attention. It seems SLS is serious enough that Arm is working on bringing their compiler-based mitigations to existing GCC releases beyond it already being in the current development code.

This vulnerability can lead to ARMv8 CPUs speculatively executing instructions following a change in control flow. Mitigating SLS is currently done via compilers with inserting speculation barrier (SB) instructions around vulnerable instructions.

Arm isn't recommending these compiler-based mitigations be enabled by default as the overuse of SB instructions will hurt performance, but at the same time they are now moving to back-port the mitigations from the GCC 11 development code back to GCC 10 and even GCC 9 at least.

An Arm engineer today posted the SLS patches back-ported for GCC 9 while the GCC 10 patches will come following the imminent GCC 10.2 release.

Patched versions of the GNU Compiler Collection can mitigate this issue with the -mharden-sls= with a value of "all" to mitigate all vulnerable instructions, "retbr" just for using speculation barriers after RET and BR instructions, and "blr" for replacing BLR instruction usage with a BL to a function stub using a BR with a speculation barrier following it. Currently this Arm SLS mitigation does not allow controlling the behavior on a per-function basis.

I've been meaning to work on some benchmarks soon looking at the performance cost involved of this Arm SLS mitigation. Stay tuned.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week