1 files changed, 138 insertions, 0 deletions
diff --git a/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
new file mode 100644
index 0000000000..b9bca49dd8
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
@@ -0,0 +1,138 @@
+From 3929bca9ca95de9d35e82ae8828b188029e3eb70 Mon Sep 17 00:00:00 2001
+From: Richard Earnshaw <rearnsha@arm.com>
+Date: Fri, 11 Jun 2021 16:02:05 +0100
+Subject: [PATCH] arm: Add command-line option for enabling CVE-2021-35465
+ mitigation [PR102035]
+Add a new option, -mfix-cmse-cve-2021-35465 and document it.  Enable it
+automatically for cortex-m33, cortex-m35p and cortex-m55.
+gcc:
+        PR target/102035
+        * config/arm/arm.opt (mfix-cmse-cve-2021-35465): New option.
+        * doc/invoke.texi (Arm Options): Document it.
+        * config/arm/arm-cpus.in (quirk_vlldm): New feature bit.
+        (ALL_QUIRKS): Add quirk_vlldm.
+        (cortex-m33): Add quirk_vlldm.
+        (cortex-m35p, cortex-m55): Likewise.
+        * config/arm/arm.c (arm_option_override): Enable fix_vlldm if
+        targetting an affected CPU and not explicitly controlled on
+        the command line.
+CVE: CVE-2021-35465
+Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70]
+Signed-off-by: Pgowda <pgowda.cve@gmail.com>
+---
+ gcc/config/arm/arm-cpus.in | 9 +++++++--
+ gcc/config/arm/arm.c       | 9 +++++++++
+ gcc/config/arm/arm.opt     | 4 ++++
+ gcc/doc/invoke.texi        | 9 +++++++++
+ 4 files changed, 29 insertions(+), 2 deletions(-)
+diff --git a/gcc/config/arm/arm.c b/gcc/config/arm/arm.c
+--- a/gcc/config/arm/arm.c      2020-07-22 23:35:17.344384552 -0700
+++ b/gcc/config/arm/arm.c      2021-11-11 20:16:19.761241867 -0800
+@@ -3595,6 +3595,15 @@ arm_option_override (void)
+        fix_cm3_ldrd = 0;
+     }
+ 
+  /* Enable fix_vlldm by default if required.  */
+  if (fix_vlldm == 2)
+    {
+      if (bitmap_bit_p (arm_active_target.isa, isa_bit_quirk_vlldm))
+       fix_vlldm = 1;
+      else
+       fix_vlldm = 0;
+    }
+
+   /* Hot/Cold partitioning is not currently supported, since we can't
+      handle literal pool placement in that case.  */
+   if (flag_reorder_blocks_and_partition)
+diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in
+--- a/gcc/config/arm/arm-cpus.in        2020-07-22 23:35:17.340384509 -0700
+++ b/gcc/config/arm/arm-cpus.in        2021-11-11 20:17:01.364573561 -0800
+@@ -190,6 +190,9 @@ define feature quirk_armv6kz
+ # Cortex-M3 LDRD quirk.
+ define feature quirk_cm3_ldrd
+ 
+# v8-m/v8.1-m VLLDM errata.
+define feature quirk_vlldm
+
+ # Don't use .cpu assembly directive
+ define feature quirk_no_asmcpu
+ 
+@@ -314,7 +317,7 @@ define fgroup DOTPROD       NEON dotprod
+ # architectures.
+ # xscale isn't really a 'quirk', but it isn't an architecture either and we
+ # need to ignore it for matching purposes.
+-define fgroup ALL_QUIRKS   quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd xscale quirk_no_asmcpu
+define fgroup ALL_QUIRKS   quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu
+ 
+ # Architecture entries
+ # format:
+@@ -1492,6 +1495,7 @@ begin cpu cortex-m33
+  architecture armv8-m.main+dsp+fp
+  option nofp remove ALL_FP
+  option nodsp remove armv7em
+ isa quirk_vlldm
+  costs v7m
+ end cpu cortex-m33
+ 
+@@ -1501,6 +1505,7 @@ begin cpu cortex-m35p
+  architecture armv8-m.main+dsp+fp
+  option nofp remove ALL_FP
+  option nodsp remove armv7em
+ isa quirk_vlldm
+  costs v7m
+ end cpu cortex-m35p
+ 
+@@ -1508,7 +1513,7 @@ begin cpu cortex-m55
+  cname cortexm55
+  tune flags LDSCHED
+  architecture armv8.1-m.main+mve.fp+fp.dp
+- isa quirk_no_asmcpu
+ isa quirk_no_asmcpu quirk_vlldm
+  costs v7m
+  vendor 41
+ end cpu cortex-m55
+diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt
+--- a/gcc/config/arm/arm.opt    2020-07-22 23:35:17.344384552 -0700
+++ b/gcc/config/arm/arm.opt    2021-11-11 20:16:19.761241867 -0800
+@@ -271,6 +271,10 @@ Target Report Var(fix_cm3_ldrd) Init(2)
+ Avoid overlapping destination and address registers on LDRD instructions
+ that may trigger Cortex-M3 errata.
+ 
+mfix-cmse-cve-2021-35465
+Target Var(fix_vlldm) Init(2)
+Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
+
+ munaligned-access
+ Target Report Var(unaligned_access) Init(2) Save
+ Enable unaligned word and halfword accesses to packed data.
+diff -upr a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
+--- a/gcc/doc/invoke.texi       2021-11-11 19:30:56.264523105 -0800
+++ b/gcc/doc/invoke.texi       2021-11-11 20:16:19.769241739 -0800
+@@ -773,6 +773,7 @@ Objective-C and Objective-C++ Dialects}.
+ -mverbose-cost-dump @gol
+ -mpure-code @gol
+ -mcmse @gol
+-mfix-cmse-cve-2021-35465 @gol
+ -mfdpic}
+ 
+ @emph{AVR Options}
+@@ -21233,6 +21234,14 @@ Use multiply and add/subtract instructio
+ 
+ Do not use multiply and add/subtract instructions.
+ 
+@item -mfix-cmse-cve-2021-35465
+@opindex mfix-cmse-cve-2021-35465
+Mitigate against a potential security issue with the @code{VLLDM} instruction
+in some M-profile devices when using CMSE (CVE-2021-365465).  This option is
+enabled by default when the option @option{-mcpu=} is used with
+@code{cortex-m33}, @code{cortex-m35p} or @code{cortex-m55}.  The option
+@option{-mno-fix-cmse-cve-2021-35465} can be used to disable the mitigation.
+
+ @item -mfdpic
+ @opindex mfdpic
+

diff --git a/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch new file mode 100644 index 0000000000..b9bca49dd8 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch
@@ -0,0 +1,138 @@
	1	From 3929bca9ca95de9d35e82ae8828b188029e3eb70 Mon Sep 17 00:00:00 2001
	2	From: Richard Earnshaw <rearnsha@arm.com>
	3	Date: Fri, 11 Jun 2021 16:02:05 +0100
	4	Subject: [PATCH] arm: Add command-line option for enabling CVE-2021-35465
	5	mitigation [PR102035]
	6
	7	Add a new option, -mfix-cmse-cve-2021-35465 and document it. Enable it
	8	automatically for cortex-m33, cortex-m35p and cortex-m55.
	9
	10	gcc:
	11	PR target/102035
	12	* config/arm/arm.opt (mfix-cmse-cve-2021-35465): New option.
	13	* doc/invoke.texi (Arm Options): Document it.
	14	* config/arm/arm-cpus.in (quirk_vlldm): New feature bit.
	15	(ALL_QUIRKS): Add quirk_vlldm.
	16	(cortex-m33): Add quirk_vlldm.
	17	(cortex-m35p, cortex-m55): Likewise.
	18	* config/arm/arm.c (arm_option_override): Enable fix_vlldm if
	19	targetting an affected CPU and not explicitly controlled on
	20	the command line.
	21
	22	CVE: CVE-2021-35465
	23	Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70]
	24	Signed-off-by: Pgowda <pgowda.cve@gmail.com>
	25
	26	---
	27	gcc/config/arm/arm-cpus.in \| 9 +++++++--
	28	gcc/config/arm/arm.c \| 9 +++++++++
	29	gcc/config/arm/arm.opt \| 4 ++++
	30	gcc/doc/invoke.texi \| 9 +++++++++
	31	4 files changed, 29 insertions(+), 2 deletions(-)
	32
	33	diff --git a/gcc/config/arm/arm.c b/gcc/config/arm/arm.c
	34	--- a/gcc/config/arm/arm.c 2020-07-22 23:35:17.344384552 -0700
	35	+++ b/gcc/config/arm/arm.c 2021-11-11 20:16:19.761241867 -0800
	36	@@ -3595,6 +3595,15 @@ arm_option_override (void)
	37	fix_cm3_ldrd = 0;
	38	}
	39
	40	+ /* Enable fix_vlldm by default if required. */
	41	+ if (fix_vlldm == 2)
	42	+ {
	43	+ if (bitmap_bit_p (arm_active_target.isa, isa_bit_quirk_vlldm))
	44	+ fix_vlldm = 1;
	45	+ else
	46	+ fix_vlldm = 0;
	47	+ }
	48	+
	49	/* Hot/Cold partitioning is not currently supported, since we can't
	50	handle literal pool placement in that case. */
	51	if (flag_reorder_blocks_and_partition)
	52	diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in
	53	--- a/gcc/config/arm/arm-cpus.in 2020-07-22 23:35:17.340384509 -0700
	54	+++ b/gcc/config/arm/arm-cpus.in 2021-11-11 20:17:01.364573561 -0800
	55	@@ -190,6 +190,9 @@ define feature quirk_armv6kz
	56	# Cortex-M3 LDRD quirk.
	57	define feature quirk_cm3_ldrd
	58
	59	+# v8-m/v8.1-m VLLDM errata.
	60	+define feature quirk_vlldm
	61	+
	62	# Don't use .cpu assembly directive
	63	define feature quirk_no_asmcpu
	64
	65	@@ -314,7 +317,7 @@ define fgroup DOTPROD NEON dotprod
	66	# architectures.
	67	# xscale isn't really a 'quirk', but it isn't an architecture either and we
	68	# need to ignore it for matching purposes.
	69	-define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd xscale quirk_no_asmcpu
	70	+define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu
	71
	72	# Architecture entries
	73	# format:
	74	@@ -1492,6 +1495,7 @@ begin cpu cortex-m33
	75	architecture armv8-m.main+dsp+fp
	76	option nofp remove ALL_FP
	77	option nodsp remove armv7em
	78	+ isa quirk_vlldm
	79	costs v7m
	80	end cpu cortex-m33
	81
	82	@@ -1501,6 +1505,7 @@ begin cpu cortex-m35p
	83	architecture armv8-m.main+dsp+fp
	84	option nofp remove ALL_FP
	85	option nodsp remove armv7em
	86	+ isa quirk_vlldm
	87	costs v7m
	88	end cpu cortex-m35p
	89
	90	@@ -1508,7 +1513,7 @@ begin cpu cortex-m55
	91	cname cortexm55
	92	tune flags LDSCHED
	93	architecture armv8.1-m.main+mve.fp+fp.dp
	94	- isa quirk_no_asmcpu
	95	+ isa quirk_no_asmcpu quirk_vlldm
	96	costs v7m
	97	vendor 41
	98	end cpu cortex-m55
	99	diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt
	100	--- a/gcc/config/arm/arm.opt 2020-07-22 23:35:17.344384552 -0700
	101	+++ b/gcc/config/arm/arm.opt 2021-11-11 20:16:19.761241867 -0800
	102	@@ -271,6 +271,10 @@ Target Report Var(fix_cm3_ldrd) Init(2)
	103	Avoid overlapping destination and address registers on LDRD instructions
	104	that may trigger Cortex-M3 errata.
	105
	106	+mfix-cmse-cve-2021-35465
	107	+Target Var(fix_vlldm) Init(2)
	108	+Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
	109	+
	110	munaligned-access
	111	Target Report Var(unaligned_access) Init(2) Save
	112	Enable unaligned word and halfword accesses to packed data.
	113	diff -upr a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
	114	--- a/gcc/doc/invoke.texi 2021-11-11 19:30:56.264523105 -0800
	115	+++ b/gcc/doc/invoke.texi 2021-11-11 20:16:19.769241739 -0800
	116	@@ -773,6 +773,7 @@ Objective-C and Objective-C++ Dialects}.
	117	-mverbose-cost-dump @gol
	118	-mpure-code @gol
	119	-mcmse @gol
	120	+-mfix-cmse-cve-2021-35465 @gol
	121	-mfdpic}
	122
	123	@emph{AVR Options}
	124	@@ -21233,6 +21234,14 @@ Use multiply and add/subtract instructio
	125
	126	Do not use multiply and add/subtract instructions.
	127
	128	+@item -mfix-cmse-cve-2021-35465
	129	+@opindex mfix-cmse-cve-2021-35465
	130	+Mitigate against a potential security issue with the @code{VLLDM} instruction
	131	+in some M-profile devices when using CMSE (CVE-2021-365465). This option is
	132	+enabled by default when the option @option{-mcpu=} is used with
	133	+@code{cortex-m33}, @code{cortex-m35p} or @code{cortex-m55}. The option
	134	+@option{-mno-fix-cmse-cve-2021-35465} can be used to disable the mitigation.
	135	+
	136	@item -mfdpic
	137	@opindex mfdpic
	138