[committed 0/6] arm: mitigation for CVE-2021-35465
Richard Earnshaw
rearnsha@arm.com
Tue Aug 24 10:59:22 GMT 2021
Arm recently disclosed a security-related erratum (CVE-2021-35465) for
some armv8-m and armv8.1-m products relating to use of the VLLDM
instruction during the transition from secure to non-secure state.
This patch implements the recommended software mitigation for this
erratum for use on unfixed silicon products.
The patch series is essentially in two parts. The first two patches
are really clean-ups that first address a problem with the RTL in the
machine description for VLLDM and VLSTM instructions and then improve
the reliability of testing for the availability of CMSE when running
the test suite. The remaining patches then implement the mitigation
itself and add some additional tests to the testsuite.
I will also back-port this series to gcc-10 and gcc-11.
R.
Richard Earnshaw (6):
arm: Fix general issues with patterns for VLLDM and VLSTM
arm: testsuite: improve detection of CMSE hardware.
arm: Add command-line option for enabling CVE-2021-35465 mitigation
[PR102035]
arm: add erratum mitigation to __gnu_cmse_nonsecure_call [PR102035]
arm: fix vlldm erratum for Armv8.1-m [PR102035]
arm: Add tests for VLLDM mitigation [PR102035]
gcc/config/arm/arm-cpus.in | 9 ++++--
gcc/config/arm/arm.c | 9 ++++++
gcc/config/arm/arm.md | 11 +++++--
gcc/config/arm/arm.opt | 4 +++
gcc/config/arm/vfp.md | 29 ++++++++++-------
gcc/doc/invoke.texi | 9 ++++++
.../arm/cmse/mainline/8_1m/soft/cmse-13a.c | 31 +++++++++++++++++++
.../arm/cmse/mainline/8_1m/soft/cmse-7a.c | 28 +++++++++++++++++
.../arm/cmse/mainline/8_1m/soft/cmse-8a.c | 30 ++++++++++++++++++
.../cmse/mainline/8_1m/softfp-sp/cmse-7a.c | 27 ++++++++++++++++
.../cmse/mainline/8_1m/softfp-sp/cmse-8a.c | 29 +++++++++++++++++
.../arm/cmse/mainline/8_1m/softfp/cmse-13a.c | 30 ++++++++++++++++++
.../arm/cmse/mainline/8_1m/softfp/cmse-7a.c | 27 ++++++++++++++++
.../arm/cmse/mainline/8_1m/softfp/cmse-8a.c | 29 +++++++++++++++++
gcc/testsuite/lib/target-supports.exp | 15 ++++-----
libgcc/config/arm/cmse_nonsecure_call.S | 5 +++
16 files changed, 299 insertions(+), 23 deletions(-)
create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c
create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c
create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c
create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c
create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c
create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c
create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c
create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c
--
2.25.1
More information about the Gcc-patches
mailing list