Linux developers continue to discuss kernel “Straight Line Speculation” mitigation measures
Last summer, ARM Company disclosed the Straight Line Speculation (SLS) vulnerability, and they soon introduced safeguards against SLS in the GCC and LLVM compilers. Compiler-based SLS mitigation measures include adding speculative barrier sequences around vulnerable instructions to prevent speculative execution of instructions around changes in the control flow.
Although compiler developers quickly added this option, so far, Linux kernel developers are still divided on its importance and the recommended patch to turn on this option when compiling the ARM Linux kernel.
Currently, although the compiler supports enhancements to SLS on ARM, it has not been widely used in the potentially affected software. In February, a Google engineer proposed a kernel option to enable ARM SLS mitigation. The patch enables the “-mharden-sls=” compiler option to insert speculative barriers (SB) instructions or other DSB+ISB instructions around instructions that are susceptible to SLS.
The patch itself is very simple, basically, just turn on the compiler option, but this week has reached the sixth round of review, developers seem to be still in disagreement, whether it is necessary or should be merged. Even Google engineers working on the kernel did not agree with the proposed mitigation patch. Currently, the sixth round of patches will be reviewed and commented on the kernel mailing list.