Arm Backporting SLS Vulnerability Mitigation To Existing GCC Releases

Back in June when Arm disclosed their Straight Line Speculation (SLS) vulnerability affecting their modern ARM processor designs there wasn't a whole lot of attention. It seems SLS is serious enough that Arm is working on bringing their compiler-based mitigations to existing GCC releases beyond it already being in the current development code.

This vulnerability can lead to ARMv8 CPUs speculatively executing instructions following a change in control flow. Mitigating SLS is currently done via compilers with inserting speculation barrier (SB) instructions around vulnerable instructions.

Arm isn't recommending these compiler-based mitigations be enabled by default as the overuse of SB instructions will hurt performance, but at the same time they are now moving to back-port the mitigations from the GCC 11 development code back to GCC 10 and even GCC 9 at least.

An Arm engineer today posted the SLS patches back-ported for GCC 9 while the GCC 10 patches will come following the imminent GCC 10.2 release.

Patched versions of the GNU Compiler Collection can mitigate this issue with the -mharden-sls= with a value of "all" to mitigate all vulnerable instructions, "retbr" just for using speculation barriers after RET and BR instructions, and "blr" for replacing BLR instruction usage with a BL to a function stub using a BR with a speculation barrier following it. Currently this Arm SLS mitigation does not allow controlling the behavior on a per-function basis.

I've been meaning to work on some benchmarks soon looking at the performance cost involved of this Arm SLS mitigation. Stay tuned.