[committed 0/7] Arm: mitigation for AES erratum on Cortex-a57 and Cortex-A72

[committed 0/7] Arm: mitigation for AES erratum on Cortex-a57 and Cortex-A72

[Richard Earnshaw]

The Cortex-A57 and Cortex-A72 processors have an erratum (#1742098
and #1655431 respectively) when running in Arm (32-bit) mode where an
instruction producing a 32-bit result that feeds into an AES encode or
decode can lead to an incorrect result.  The erratum does not occur when
operating in 64-bit (aarch64) mode.

The mitigation approach taken by this patch series is in two parts.
Firstly, to ensure that this cannot happen by inserting a special
128-bit copy operation before each operand to a potentially vulnerable
sequence.  This is overkill, but safe.  The copy operations are
independent instructions, so can be migrated out of loops by the GCSE
pass or other optimizations.

Secondly, we then allow the copy operations to be merged with common
cases where the producer is known to be unaffected by the erratum.
Currently that includes other AES instructions, loads and certain move
operations.

In combination this eliminates the majority of redundant instructions
for normal use cases.  I did consider adding a custom pass to do late
insertion of the mitigation, but decided against it.  A trivial
implemenation would be unable to hoist operations out of the loop, while
a more complex implementation would require a lot of data-flow
analysis to find the optimum location for each mitigation and might
need to insert mitigation instructions on multiple paths.  The pass
would be complex and likely to have difficult to test corner cases.

The series consists of 7 patches.  The first two patches are cleanups
to the existing code.  Patch 3 adds the command line options to enable
the mitigation and the corresponding documentation.  Patch 4 adds the
basic mitigation operation and patches 5 and 6 add various additional
patterns to elide the mitigation for common cases where it is not
needed.  The final patch adds a testcase.

Richard Earnshaw (7):
  arm: Disambiguate multiple crypto patterns with the same name.
  arm: Consistently use crypto_mode attribute in crypto patterns
  arm: Add option for mitigating against Cortex-A CPU erratum for AES
  arm: add basic mitigation for Cortex-A AES errata
  arm: suppress aes erratum when forwarding from aes
  arm: elide some cases where the AES erratum workaround is not
    required.
  arm: Add test for AES erratum mitigation

 gcc/config/arm/arm-cpus.in                    |   9 +-
 gcc/config/arm/arm.cc                         |   9 +
 gcc/config/arm/arm.opt                        |  10 +
 gcc/config/arm/crypto.md                      | 227 ++++++++++++++----
 gcc/config/arm/unspecs.md                     |   1 +
 gcc/doc/invoke.texi                           |  11 +
 .../gcc.target/arm/crypto-vaese-erratum1.c    |  28 +++
 7 files changed, 242 insertions(+), 53 deletions(-)
 create mode 100644 gcc/testsuite/gcc.target/arm/crypto-vaese-erratum1.c

-- 
2.25.1

[PATCH 1/7] arm: Disambiguate multiple crypto patterns with the same name.

[Richard Earnshaw]

[-- Attachment #1: Type: text/plain, Size: 722 bytes --]


No functional change, but arm/crypto.md has multiple pattenrs all
called crypto_<crypto_pattern>, which makes references to them
ambiguous, so add the iterator base to the pattern name so that it is
distinct in the commit logs.

gcc/ChangeLog:

	* config/arm/crypto.md (crypto_<CRYPTO_AESMC:crypto_pattern>): Add
	iterator to pattern name to disambiguate.
	(crypto_<CRYPTO_AES:crypto_pattern>): Likewise.
	(crypto_<CRYPTO_BINARY:crypto_pattern>): Likewise.
	(crypto_<CRYPTO_TERNARY:crypto_pattern>): Likewise.
	(crypto_<CRYPTO_SELECTING:crypto_pattern>): Likewise.
	(crypto_<CRYPTO_SELECTING:crypto_pattern>_lb): Likewise.
---
 gcc/config/arm/crypto.md | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-arm-Disambiguate-multiple-crypto-patterns-with-the-s.patch --]
[-- Type: text/x-patch; name="0001-arm-Disambiguate-multiple-crypto-patterns-with-the-s.patch", Size: 2293 bytes --]

diff --git a/gcc/config/arm/crypto.md b/gcc/config/arm/crypto.md
index 2425641e33f..6071ea17eac 100644
--- a/gcc/config/arm/crypto.md
+++ b/gcc/config/arm/crypto.md
@@ -19,7 +19,7 @@
 ;; <http://www.gnu.org/licenses/>.
 
 
-(define_insn "crypto_<crypto_pattern>"
+(define_insn "crypto_<CRYPTO_AESMC:crypto_pattern>"
   [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
 	(unspec:<crypto_mode>
 		[(match_operand:<crypto_mode> 1 "register_operand" "w")]
@@ -29,7 +29,7 @@ (define_insn "crypto_<crypto_pattern>"
   [(set_attr "type" "<crypto_type>")]
 )
 
-(define_insn "crypto_<crypto_pattern>"
+(define_insn "crypto_<CRYPTO_AES:crypto_pattern>"
   [(set (match_operand:V16QI 0 "register_operand" "=w")
 	(unspec:V16QI
 		[(xor:V16QI
@@ -83,7 +83,7 @@ (define_insn "*aarch32_crypto_aesd_fused"
    (set_attr "length" "8")]
 )
 
-(define_insn "crypto_<crypto_pattern>"
+(define_insn "crypto_<CRYPTO_BINARY:crypto_pattern>"
   [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
 	(unspec:<crypto_mode>
 		[(match_operand:<crypto_mode> 1 "register_operand" "0")
@@ -94,7 +94,7 @@ (define_insn "crypto_<crypto_pattern>"
   [(set_attr "type" "<crypto_type>")]
 )
 
-(define_insn "crypto_<crypto_pattern>"
+(define_insn "crypto_<CRYPTO_TERNARY:crypto_pattern>"
   [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
         (unspec:<crypto_mode> [(match_operand:<crypto_mode> 1 "register_operand" "0")
                       (match_operand:<crypto_mode> 2 "register_operand" "w")
@@ -145,7 +145,7 @@ (define_insn "crypto_vmullp64"
    of the V4SI, adjusted for endianness. Required due to neon_vget_lane and
    neon_set_lane that change the element ordering in memory for big-endian.  */
 
-(define_expand "crypto_<crypto_pattern>"
+(define_expand "crypto_<CRYPTO_SELECTING:crypto_pattern>"
   [(set (match_operand:V4SI 0 "register_operand")
 	(unspec:<crypto_mode>
 		[(match_operand:<crypto_mode> 1 "register_operand")
@@ -160,7 +160,7 @@ (define_expand "crypto_<crypto_pattern>"
   DONE;
 })
 
-(define_insn "crypto_<crypto_pattern>_lb"
+(define_insn "crypto_<CRYPTO_SELECTING:crypto_pattern>_lb"
   [(set (match_operand:V4SI 0 "register_operand" "=w")
         (unspec:<crypto_mode>
                      [(match_operand:<crypto_mode> 1 "register_operand" "0")

[PATCH 2/7] arm: Consistently use crypto_mode attribute in crypto patterns

[Richard Earnshaw]

[-- Attachment #1: Type: text/plain, Size: 981 bytes --]


A couple of patterns in the crypto support code were hard-coding the
mode rather than using the iterators.  While not incorrect, it was
slightly confusing, so adapt those patterns to the style of the rest
of the file.

Also fix some white space issues.

gcc/ChangeLog:

	* config/arm/crypto.md (crypto_<CYRPTO_AES:crypto_pattern>): Use
	<crypto_mode> rather than hard-coding the mode.
	(crypto_<CRYPTO_AESMC:crypto_pattern>): Fix white space.
	(crypto_<CRYPTO_AES:crypto_pattern>): Likewise.
	(*aarch32_crypto_aese_fused): Likewise.
	(*aarch32_crypto_aesd_fused): Likewise.
	(crypto_<CRYPTO_BINARY:crypto_pattern>): Likewise.
	(crypto_<CRYPTO_TERNARY:crypto_pattern>): Likewise.
	(crypto_sha1h_lb): Likewise.
	(crypto_vmullp64): Likewise.
	(crypto_<CRYPTO_SELECTING:crypto_pattern>): Likewise.
	(crypto_<CRYPTO_SELECTING:crypto_pattern>_lb): Likewise.
---
 gcc/config/arm/crypto.md | 94 ++++++++++++++++++++--------------------
 1 file changed, 47 insertions(+), 47 deletions(-)


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0002-arm-Consistently-use-crypto_mode-attribute-in-crypto.patch --]
[-- Type: text/x-patch; name="0002-arm-Consistently-use-crypto_mode-attribute-in-crypto.patch", Size: 7875 bytes --]

diff --git a/gcc/config/arm/crypto.md b/gcc/config/arm/crypto.md
index 6071ea17eac..020dfba7dcf 100644
--- a/gcc/config/arm/crypto.md
+++ b/gcc/config/arm/crypto.md
@@ -22,7 +22,7 @@
 (define_insn "crypto_<CRYPTO_AESMC:crypto_pattern>"
   [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
 	(unspec:<crypto_mode>
-		[(match_operand:<crypto_mode> 1 "register_operand" "w")]
+	 [(match_operand:<crypto_mode> 1 "register_operand" "w")]
 	 CRYPTO_AESMC))]
   "TARGET_CRYPTO"
   "<crypto_pattern>.<crypto_size_sfx>\\t%q0, %q1"
@@ -30,12 +30,12 @@ (define_insn "crypto_<CRYPTO_AESMC:crypto_pattern>"
 )
 
 (define_insn "crypto_<CRYPTO_AES:crypto_pattern>"
-  [(set (match_operand:V16QI 0 "register_operand" "=w")
-	(unspec:V16QI
-		[(xor:V16QI
-		     (match_operand:V16QI 1 "register_operand" "%0")
-		     (match_operand:V16QI 2 "register_operand" "w"))]
-	CRYPTO_AES))]
+  [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
+	(unspec:<crypto_mode>
+	 [(xor:<crypto_mode>
+	   (match_operand:<crypto_mode> 1 "register_operand" "%0")
+	   (match_operand:<crypto_mode> 2 "register_operand" "w"))]
+	 CRYPTO_AES))]
   "TARGET_CRYPTO"
   "<crypto_pattern>.<crypto_size_sfx>\\t%q0, %q2"
   [(set_attr "type" "<crypto_type>")]
@@ -44,17 +44,16 @@ (define_insn "crypto_<CRYPTO_AES:crypto_pattern>"
 ;; When AESE/AESMC fusion is enabled we really want to keep the two together
 ;; and enforce the register dependency without scheduling or register
 ;; allocation messing up the order or introducing moves inbetween.
-;;  Mash the two together during combine.
+;; Mash the two together during combine.
 
 (define_insn "*aarch32_crypto_aese_fused"
   [(set (match_operand:V16QI 0 "register_operand" "=w")
 	(unspec:V16QI
-		[(unspec:V16QI
-		    [(xor:V16QI
-			(match_operand:V16QI 1 "register_operand" "%0")
-			(match_operand:V16QI 2 "register_operand" "w"))]
-		UNSPEC_AESE)]
-	UNSPEC_AESMC))]
+	 [(unspec:V16QI [(xor:V16QI
+			  (match_operand:V16QI 1 "register_operand" "%0")
+			  (match_operand:V16QI 2 "register_operand" "w"))]
+	   UNSPEC_AESE)]
+	 UNSPEC_AESMC))]
   "TARGET_CRYPTO
    && arm_fusion_enabled_p (tune_params::FUSE_AES_AESMC)"
   "aese.8\\t%q0, %q2\;aesmc.8\\t%q0, %q0"
@@ -65,17 +64,16 @@ (define_insn "*aarch32_crypto_aese_fused"
 ;; When AESD/AESIMC fusion is enabled we really want to keep the two together
 ;; and enforce the register dependency without scheduling or register
 ;; allocation messing up the order or introducing moves inbetween.
-;;  Mash the two together during combine.
+;; Mash the two together during combine.
 
 (define_insn "*aarch32_crypto_aesd_fused"
   [(set (match_operand:V16QI 0 "register_operand" "=w")
 	(unspec:V16QI
-		[(unspec:V16QI
-		    [(xor:V16QI
-			(match_operand:V16QI 1 "register_operand" "%0")
-			(match_operand:V16QI 2 "register_operand" "w"))]
-		UNSPEC_AESD)]
-	UNSPEC_AESIMC))]
+	 [(unspec:V16QI [(xor:V16QI
+			  (match_operand:V16QI 1 "register_operand" "%0")
+			  (match_operand:V16QI 2 "register_operand" "w"))]
+	   UNSPEC_AESD)]
+	 UNSPEC_AESIMC))]
   "TARGET_CRYPTO
    && arm_fusion_enabled_p (tune_params::FUSE_AES_AESMC)"
   "aesd.8\\t%q0, %q2\;aesimc.8\\t%q0, %q0"
@@ -86,9 +84,9 @@ (define_insn "*aarch32_crypto_aesd_fused"
 (define_insn "crypto_<CRYPTO_BINARY:crypto_pattern>"
   [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
 	(unspec:<crypto_mode>
-		[(match_operand:<crypto_mode> 1 "register_operand" "0")
-		(match_operand:<crypto_mode> 2 "register_operand" "w")]
-	CRYPTO_BINARY))]
+	 [(match_operand:<crypto_mode> 1 "register_operand" "0")
+	  (match_operand:<crypto_mode> 2 "register_operand" "w")]
+	 CRYPTO_BINARY))]
   "TARGET_CRYPTO"
   "<crypto_pattern>.<crypto_size_sfx>\\t%q0, %q2"
   [(set_attr "type" "<crypto_type>")]
@@ -96,18 +94,20 @@ (define_insn "crypto_<CRYPTO_BINARY:crypto_pattern>"
 
 (define_insn "crypto_<CRYPTO_TERNARY:crypto_pattern>"
   [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
-        (unspec:<crypto_mode> [(match_operand:<crypto_mode> 1 "register_operand" "0")
-                      (match_operand:<crypto_mode> 2 "register_operand" "w")
-                      (match_operand:<crypto_mode> 3 "register_operand" "w")]
-         CRYPTO_TERNARY))]
+	(unspec:<crypto_mode>
+	 [(match_operand:<crypto_mode> 1 "register_operand" "0")
+	  (match_operand:<crypto_mode> 2 "register_operand" "w")
+	  (match_operand:<crypto_mode> 3 "register_operand" "w")]
+	 CRYPTO_TERNARY))]
   "TARGET_CRYPTO"
   "<crypto_pattern>.<crypto_size_sfx>\\t%q0, %q2, %q3"
   [(set_attr "type" "<crypto_type>")]
 )
 
-/* The vec_select operation always selects index 0 from the lower V2SI subreg
-   of the V4SI, adjusted for endianness. Required due to neon_vget_lane and
-   neon_set_lane that change the element ordering in memory for big-endian.  */
+;; The vec_select operation always selects index 0 from the lower V2SI
+;; subreg of the V4SI, adjusted for endianness. Required due to
+;; neon_vget_lane and neon_set_lane that change the element ordering
+;; in memory for big-endian.
 
 (define_expand "crypto_sha1h"
   [(set (match_operand:V4SI 0 "register_operand")
@@ -122,10 +122,10 @@ (define_expand "crypto_sha1h"
 (define_insn "crypto_sha1h_lb"
   [(set (match_operand:V4SI 0 "register_operand" "=w")
 	(unspec:V4SI
-	  [(vec_select:SI
+	 [(vec_select:SI
 	   (match_operand:V4SI 1 "register_operand" "w")
 	   (parallel [(match_operand:SI 2 "immediate_operand" "i")]))]
-	UNSPEC_SHA1H))]
+	 UNSPEC_SHA1H))]
   "TARGET_CRYPTO && INTVAL (operands[2]) == NEON_ENDIAN_LANE_N (V2SImode, 0)"
   "sha1h.32\\t%q0, %q1"
   [(set_attr "type" "crypto_sha1_fast")]
@@ -133,9 +133,9 @@ (define_insn "crypto_sha1h_lb"
 
 (define_insn "crypto_vmullp64"
   [(set (match_operand:TI 0 "register_operand" "=w")
-        (unspec:TI [(match_operand:DI 1 "register_operand" "w")
-                    (match_operand:DI 2 "register_operand" "w")]
-         UNSPEC_VMULLP64))]
+	(unspec:TI [(match_operand:DI 1 "register_operand" "w")
+		    (match_operand:DI 2 "register_operand" "w")]
+	 UNSPEC_VMULLP64))]
   "TARGET_CRYPTO"
   "vmull.p64\\t%q0, %P1, %P2"
   [(set_attr "type" "crypto_pmull")]
@@ -148,10 +148,10 @@ (define_insn "crypto_vmullp64"
 (define_expand "crypto_<CRYPTO_SELECTING:crypto_pattern>"
   [(set (match_operand:V4SI 0 "register_operand")
 	(unspec:<crypto_mode>
-		[(match_operand:<crypto_mode> 1 "register_operand")
-		 (match_operand:<crypto_mode> 2 "register_operand")
-		 (match_operand:<crypto_mode> 3 "register_operand")]
-	CRYPTO_SELECTING))]
+	 [(match_operand:<crypto_mode> 1 "register_operand")
+	  (match_operand:<crypto_mode> 2 "register_operand")
+	  (match_operand:<crypto_mode> 3 "register_operand")]
+	 CRYPTO_SELECTING))]
   "TARGET_CRYPTO"
 {
   rtx op4 = GEN_INT (NEON_ENDIAN_LANE_N (V2SImode, 0));
@@ -162,13 +162,13 @@ (define_expand "crypto_<CRYPTO_SELECTING:crypto_pattern>"
 
 (define_insn "crypto_<CRYPTO_SELECTING:crypto_pattern>_lb"
   [(set (match_operand:V4SI 0 "register_operand" "=w")
-        (unspec:<crypto_mode>
-                     [(match_operand:<crypto_mode> 1 "register_operand" "0")
-                      (vec_select:SI
-                        (match_operand:<crypto_mode> 2 "register_operand" "w")
-                        (parallel [(match_operand:SI 4 "immediate_operand" "i")]))
-                      (match_operand:<crypto_mode> 3 "register_operand" "w")]
-         CRYPTO_SELECTING))]
+	(unspec:<crypto_mode>
+	 [(match_operand:<crypto_mode> 1 "register_operand" "0")
+	  (vec_select:SI
+	   (match_operand:<crypto_mode> 2 "register_operand" "w")
+	   (parallel [(match_operand:SI 4 "immediate_operand" "i")]))
+	  (match_operand:<crypto_mode> 3 "register_operand" "w")]
+	 CRYPTO_SELECTING))]
   "TARGET_CRYPTO && INTVAL (operands[4]) == NEON_ENDIAN_LANE_N (V2SImode, 0)"
   "<crypto_pattern>.<crypto_size_sfx>\\t%q0, %q2, %q3"
   [(set_attr "type" "<crypto_type>")]

[PATCH 3/7] arm: Add option for mitigating against Cortex-A CPU erratum for AES

[Richard Earnshaw]

[-- Attachment #1: Type: text/plain, Size: 880 bytes --]


Add a new option -mfix-cortex-a-aes for enabling the Cortex-A AES
erratum work-around and enable it automatically for the affected
products (Cortex-A57 and Cortex-A72).

gcc/ChangeLog:

	* config/arm/arm-cpus.in (quirk_aes_1742098): New quirk feature
	(ALL_QUIRKS): Add it.
	(cortex-a57, cortex-a72): Enable it.
	(cortex-a57.cortex-a53, cortex-a72.cortex-a53): Likewise.
	* config/arm/arm.opt (mfix-cortex-a57-aes-1742098): New command-line
	option.
	(mfix-cortex-a72-aes-1655431): New option alias.
	* config/arm/arm.cc (arm_option_override): Handle default settings
	for AES erratum switch.
	* doc/invoke.texi (Arm Options): Document new options.
---
 gcc/config/arm/arm-cpus.in |  9 ++++++++-
 gcc/config/arm/arm.cc      |  9 +++++++++
 gcc/config/arm/arm.opt     | 10 ++++++++++
 gcc/doc/invoke.texi        | 11 +++++++++++
 4 files changed, 38 insertions(+), 1 deletion(-)


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0003-arm-Add-option-for-mitigating-against-Cortex-A-CPU-e.patch --]
[-- Type: text/x-patch; name="0003-arm-Add-option-for-mitigating-against-Cortex-A-CPU-e.patch", Size: 4423 bytes --]

diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in
index 499e82d790d..0d3082b569f 100644
--- a/gcc/config/arm/arm-cpus.in
+++ b/gcc/config/arm/arm-cpus.in
@@ -192,6 +192,9 @@ define feature quirk_cm3_ldrd
 # v8-m/v8.1-m VLLDM errata.
 define feature quirk_vlldm
 
+# AES errata on some Cortex-A parts
+define feature quirk_aes_1742098
+
 # Don't use .cpu assembly directive
 define feature quirk_no_asmcpu
 
@@ -329,7 +332,7 @@ define implied vfp_base MVE MVE_FP ALL_FP
 # architectures.
 # xscale isn't really a 'quirk', but it isn't an architecture either and we
 # need to ignore it for matching purposes.
-define fgroup ALL_QUIRKS   quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu
+define fgroup ALL_QUIRKS   quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu quirk_aes_1742098
 
 define fgroup IGNORE_FOR_MULTILIB cdecp0 cdecp1 cdecp2 cdecp3 cdecp4 cdecp5 cdecp6 cdecp7
 
@@ -1342,6 +1345,7 @@ begin cpu cortex-a57
  cname cortexa57
  tune flags LDSCHED
  architecture armv8-a+crc+simd
+ isa quirk_aes_1742098
  option crypto add FP_ARMv8 CRYPTO
  costs cortex_a57
  vendor 41
@@ -1353,6 +1357,7 @@ begin cpu cortex-a72
  tune for cortex-a57
  tune flags LDSCHED
  architecture armv8-a+crc+simd
+ isa quirk_aes_1742098
  option crypto add FP_ARMv8 CRYPTO
  costs cortex_a57
  vendor 41
@@ -1391,6 +1396,7 @@ begin cpu cortex-a57.cortex-a53
  tune for cortex-a53
  tune flags LDSCHED
  architecture armv8-a+crc+simd
+ isa quirk_aes_1742098
  option crypto add FP_ARMv8 CRYPTO
  costs cortex_a57
 end cpu cortex-a57.cortex-a53
@@ -1400,6 +1406,7 @@ begin cpu cortex-a72.cortex-a53
  tune for cortex-a53
  tune flags LDSCHED
  architecture armv8-a+crc+simd
+ isa quirk_aes_1742098
  option crypto add FP_ARMv8 CRYPTO
  costs cortex_a57
 end cpu cortex-a72.cortex-a53
diff --git a/gcc/config/arm/arm.cc b/gcc/config/arm/arm.cc
index 7825e364c01..04354b36606 100644
--- a/gcc/config/arm/arm.cc
+++ b/gcc/config/arm/arm.cc
@@ -3638,6 +3638,15 @@ arm_option_override (void)
 	fix_vlldm = 0;
     }
 
+  /* Enable fix_aes by default if required.  */
+  if (fix_aes_erratum_1742098 == 2)
+    {
+      if (bitmap_bit_p (arm_active_target.isa, isa_bit_quirk_aes_1742098))
+	fix_aes_erratum_1742098 = 1;
+      else
+	fix_aes_erratum_1742098 = 0;
+    }
+
   /* Hot/Cold partitioning is not currently supported, since we can't
      handle literal pool placement in that case.  */
   if (flag_reorder_blocks_and_partition)
diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt
index 587fc932f96..2a4f165033a 100644
--- a/gcc/config/arm/arm.opt
+++ b/gcc/config/arm/arm.opt
@@ -272,6 +272,16 @@ mfix-cmse-cve-2021-35465
 Target Var(fix_vlldm) Init(2)
 Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
 
+mfix-cortex-a57-aes-1742098
+Target Var(fix_aes_erratum_1742098) Init(2) Save
+Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
+Arm erratum #1742098
+
+mfix-cortex-a72-aes-1655431
+Target Alias(mfix-cortex-a57-aes-1742098)
+Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
+Arm erratum #1655431
+
 munaligned-access
 Target Var(unaligned_access) Init(2) Save
 Enable unaligned word and halfword accesses to packed data.
diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi
index 58751c48b8e..67693d6c5cf 100644
--- a/gcc/doc/invoke.texi
+++ b/gcc/doc/invoke.texi
@@ -812,6 +812,8 @@ Objective-C and Objective-C++ Dialects}.
 -mtp=@var{name}  -mtls-dialect=@var{dialect} @gol
 -mword-relocations @gol
 -mfix-cortex-m3-ldrd @gol
+-mfix-cortex-a57-aes-1742098 @gol
+-mfix-cortex-a72-aes-1655431 @gol
 -munaligned-access @gol
 -mneon-for-64bits @gol
 -mslow-flash-data @gol
@@ -21281,6 +21283,15 @@ with overlapping destination and base registers are used.  This option avoids
 generating these instructions.  This option is enabled by default when
 @option{-mcpu=cortex-m3} is specified.
 
+@item -mfix-cortex-a57-aes-1742098
+@itemx -mno-fix-cortex-a57-aes-1742098
+@itemx -mfix-cortex-a72-aes-1655431
+@itemx -mno-fix-cortex-a72-aes-1655431
+Enable (disable) mitigation for an erratum on Cortex-A57 and
+Cortex-A72 that affects the AES cryptographic instructions.  This
+option is enabled by default when either @option{-mcpu=cortex-a57} or
+@option{-mcpu=cortex-a72} is specified.
+
 @item -munaligned-access
 @itemx -mno-unaligned-access
 @opindex munaligned-access

[PATCH 4/7] arm: add basic mitigation for Cortex-A AES errata

[Richard Earnshaw]

[-- Attachment #1: Type: text/plain, Size: 871 bytes --]


This patch adds the basic patterns for mitigation of the erratum, but no
attempt is made at this point to optimize the results for the cases where
the erratum mitigation is not needed.

The mitigation is done by guaranteeing that the input operands are fed
from a full-width operation by using an identity operation on the input
values.

gcc/ChangeLog:

	* config/arm/crypto.md (crypto_<CRYPTO_AES:crypto_pattern>): Convert
	to define_expand.  Add mitigation for the Cortex-A AES erratum
	when enabled.
	(*crypto_<CRYPTO_AES:crypto_pattern>_insn): New pattern, based
	on original crypto_<CRYPTO_AES:crypto_pattern> insn.
	(aes_op_protect): New pattern.
	* config/arm/unspecs.md (unspec): Add UNSPEC_AES_PROTECT.
---
 gcc/config/arm/crypto.md  | 36 +++++++++++++++++++++++++++++++++++-
 gcc/config/arm/unspecs.md |  1 +
 2 files changed, 36 insertions(+), 1 deletion(-)


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0004-arm-add-basic-mitigation-for-Cortex-A-AES-errata.patch --]
[-- Type: text/x-patch; name="0004-arm-add-basic-mitigation-for-Cortex-A-AES-errata.patch", Size: 2462 bytes --]

diff --git a/gcc/config/arm/crypto.md b/gcc/config/arm/crypto.md
index 020dfba7dcf..fbee1829ce8 100644
--- a/gcc/config/arm/crypto.md
+++ b/gcc/config/arm/crypto.md
@@ -29,7 +29,28 @@ (define_insn "crypto_<CRYPTO_AESMC:crypto_pattern>"
   [(set_attr "type" "<crypto_type>")]
 )
 
-(define_insn "crypto_<CRYPTO_AES:crypto_pattern>"
+(define_expand "crypto_<CRYPTO_AES:crypto_pattern>"
+  [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
+	(unspec:<crypto_mode>
+		[(xor:<crypto_mode>
+		     (match_operand:<crypto_mode> 1 "register_operand" "%0")
+		     (match_operand:<crypto_mode> 2 "register_operand" "w"))]
+	CRYPTO_AES))]
+  "TARGET_CRYPTO"
+{
+  if (fix_aes_erratum_1742098)
+    {
+      rtx op1_protect = gen_reg_rtx (V16QImode);
+      emit_insn (gen_aes_op_protect (op1_protect, operands[1]));
+      operands[1] = op1_protect;
+      rtx op2_protect = gen_reg_rtx (V16QImode);
+      emit_insn (gen_aes_op_protect (op2_protect, operands[2]));
+      operands[2] = op2_protect;
+    }
+  /* Fall through to default expansion.  */
+})
+
+(define_insn "*crypto_<CRYPTO_AES:crypto_pattern>_insn"
   [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
 	(unspec:<crypto_mode>
 	 [(xor:<crypto_mode>
@@ -41,6 +62,19 @@ (define_insn "crypto_<CRYPTO_AES:crypto_pattern>"
   [(set_attr "type" "<crypto_type>")]
 )
 
+; Mitigate against AES erratum on Cortex-A57 and Cortex-A72 by performing
+; a 128-bit operation on an operand producer.  This can be eliminated only
+; if we know that the operand was produced by a full-width operation.
+; V16QImode matches <crypto_mode> for the AES instructions.
+(define_insn "aes_op_protect"
+  [(set (match_operand:V16QI 0 "register_operand" "=w")
+	(unspec:V16QI [(match_operand:V16QI 1 "register_operand" "0")]
+	 UNSPEC_AES_PROTECT))]
+  "TARGET_CRYPTO && fix_aes_erratum_1742098"
+  "vmov\\t%q0, %q1"
+  [(set_attr "type" "neon_move_q")]
+)
+
 ;; When AESE/AESMC fusion is enabled we really want to keep the two together
 ;; and enforce the register dependency without scheduling or register
 ;; allocation messing up the order or introducing moves inbetween.
diff --git a/gcc/config/arm/unspecs.md b/gcc/config/arm/unspecs.md
index 2782af08834..7748e784379 100644
--- a/gcc/config/arm/unspecs.md
+++ b/gcc/config/arm/unspecs.md
@@ -270,6 +270,7 @@ (define_c_enum "unspec" [
   UNSPEC_AESE
   UNSPEC_AESIMC
   UNSPEC_AESMC
+  UNSPEC_AES_PROTECT
   UNSPEC_SHA1C
   UNSPEC_SHA1M
   UNSPEC_SHA1P

[PATCH 5/7] arm: suppress aes erratum when forwarding from aes

[Richard Earnshaw]

[-- Attachment #1: Type: text/plain, Size: 579 bytes --]


AES operations are commonly chained and since the result of one AES
operation is never a 32-bit value, they do not need an additional
mitigation instruction for the forwarded result.  We handle this
common case by adding additional patterns that allow for this.

gcc/ChangeLog:

	* config/arm/crypto.md (crypto_<CRYPTO_AESMC:crypto_pattern>_protected):
	New pattern.
	(aarch32_crypto_aese_fused_protected): Likewise.
	(aarch32_crypto_aesd_fused_protected): Likewise.
---
 gcc/config/arm/crypto.md | 50 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0005-arm-suppress-aes-erratum-when-forwarding-from-aes.patch --]
[-- Type: text/x-patch; name="0005-arm-suppress-aes-erratum-when-forwarding-from-aes.patch", Size: 2784 bytes --]

diff --git a/gcc/config/arm/crypto.md b/gcc/config/arm/crypto.md
index fbee1829ce8..df857352382 100644
--- a/gcc/config/arm/crypto.md
+++ b/gcc/config/arm/crypto.md
@@ -75,6 +75,20 @@ (define_insn "aes_op_protect"
   [(set_attr "type" "neon_move_q")]
 )
 
+;; An AESMC operation can feed directly into a subsequent AES
+;; operation without needing mitigation.
+(define_insn "*crypto_<CRYPTO_AESMC:crypto_pattern>_protected"
+  [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
+	(unspec:<crypto_mode>
+	 [(unspec:<crypto_mode>
+	   [(match_operand:<crypto_mode> 1 "register_operand" "w")]
+	   CRYPTO_AESMC)]
+	 UNSPEC_AES_PROTECT))]
+  "TARGET_CRYPTO && fix_aes_erratum_1742098"
+  "<crypto_pattern>.<crypto_size_sfx>\\t%q0, %q1"
+  [(set_attr "type" "<crypto_type>")]
+)
+
 ;; When AESE/AESMC fusion is enabled we really want to keep the two together
 ;; and enforce the register dependency without scheduling or register
 ;; allocation messing up the order or introducing moves inbetween.
@@ -95,6 +109,25 @@ (define_insn "*aarch32_crypto_aese_fused"
    (set_attr "length" "8")]
 )
 
+;; And similarly when mitigation is enabled, but not needed in this
+;; case.
+(define_insn "*aarch32_crypto_aese_fused_protected"
+  [(set (match_operand:V16QI 0 "register_operand" "=w")
+	(unspec:V16QI
+	 [(unspec:V16QI
+	   [(unspec:V16QI [(xor:V16QI
+			    (match_operand:V16QI 1 "register_operand" "%0")
+			    (match_operand:V16QI 2 "register_operand" "w"))]
+	     UNSPEC_AESE)]
+	   UNSPEC_AESMC)]
+	 UNSPEC_AES_PROTECT))]
+  "TARGET_CRYPTO && fix_aes_erratum_1742098
+   && arm_fusion_enabled_p (tune_params::FUSE_AES_AESMC)"
+  "aese.8\\t%q0, %q2\;aesmc.8\\t%q0, %q0"
+  [(set_attr "type" "crypto_aese")
+   (set_attr "length" "8")]
+)
+
 ;; When AESD/AESIMC fusion is enabled we really want to keep the two together
 ;; and enforce the register dependency without scheduling or register
 ;; allocation messing up the order or introducing moves inbetween.
@@ -115,6 +148,23 @@ (define_insn "*aarch32_crypto_aesd_fused"
    (set_attr "length" "8")]
 )
 
+(define_insn "*aarch32_crypto_aesd_fused_protected"
+  [(set (match_operand:V16QI 0 "register_operand" "=w")
+	(unspec:V16QI
+	 [(unspec:V16QI
+	   [(unspec:V16QI [(xor:V16QI
+			    (match_operand:V16QI 1 "register_operand" "%0")
+			    (match_operand:V16QI 2 "register_operand" "w"))]
+	     UNSPEC_AESD)]
+	   UNSPEC_AESIMC)]
+	 UNSPEC_AES_PROTECT))]
+  "TARGET_CRYPTO && fix_aes_erratum_1742098
+   && arm_fusion_enabled_p (tune_params::FUSE_AES_AESMC)"
+  "aesd.8\\t%q0, %q2\;aesimc.8\\t%q0, %q0"
+  [(set_attr "type" "crypto_aese")
+   (set_attr "length" "8")]
+)
+
 (define_insn "crypto_<CRYPTO_BINARY:crypto_pattern>"
   [(set (match_operand:<crypto_mode> 0 "register_operand" "=w")
 	(unspec:<crypto_mode>

[PATCH 6/7] arm: elide some cases where the AES erratum workaround is not required.

[Richard Earnshaw]

[-- Attachment #1: Type: text/plain, Size: 639 bytes --]


Some common cases where the AES erratum workaround are not required
are when there are 64- or 128-bit loads from memory, moving a 128-bit
value from core registers, and where a 128-bit constant is being
loaded from a literal pool.  The loads may also be misaligned or
generated via a neon intrinsic function.

gcc/ChangeLog:

	* config/arm/crypto.md (aes_op_protect): Allow moves from core
	registers and from memory.
	(aes_op_protect_misalign_load): New pattern.
	(aes_op_protect_neon_vld1v16qi): New pattern.
---
 gcc/config/arm/crypto.md | 55 ++++++++++++++++++++++++++++++++++------
 1 file changed, 47 insertions(+), 8 deletions(-)


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0006-arm-elide-some-cases-where-the-AES-erratum-workaroun.patch --]
[-- Type: text/x-patch; name="0006-arm-elide-some-cases-where-the-AES-erratum-workaroun.patch", Size: 2779 bytes --]

diff --git a/gcc/config/arm/crypto.md b/gcc/config/arm/crypto.md
index df857352382..4c785073028 100644
--- a/gcc/config/arm/crypto.md
+++ b/gcc/config/arm/crypto.md
@@ -62,17 +62,56 @@ (define_insn "*crypto_<CRYPTO_AES:crypto_pattern>_insn"
   [(set_attr "type" "<crypto_type>")]
 )
 
-; Mitigate against AES erratum on Cortex-A57 and Cortex-A72 by performing
-; a 128-bit operation on an operand producer.  This can be eliminated only
-; if we know that the operand was produced by a full-width operation.
-; V16QImode matches <crypto_mode> for the AES instructions.
+;; Mitigate against AES erratum on Cortex-A57 and Cortex-A72 by
+;; performing a 128-bit operation on an operand producer.  This can be
+;; eliminated only if we know that the operand was produced by a
+;; full-width operation.  V16QImode matches <crypto_mode> for the AES
+;; instructions.  Handle some very common cases where the source is
+;; known to be safe (transfers from core registers and memory).
 (define_insn "aes_op_protect"
-  [(set (match_operand:V16QI 0 "register_operand" "=w")
-	(unspec:V16QI [(match_operand:V16QI 1 "register_operand" "0")]
+  [(set (match_operand:V16QI 0 "register_operand" "=w,w,w")
+	(unspec:V16QI [(match_operand:V16QI 1 "general_operand" "w,r,Uni")]
+	 UNSPEC_AES_PROTECT))]
+  "TARGET_CRYPTO && fix_aes_erratum_1742098"
+  {
+    switch (which_alternative)
+      {
+      case 0: return "vmov\t%q0, %q1";
+      case 1: return "vmov\t%e0, %Q1, %R1  @ V16QI\;vmov\t%f0, %J1, %K1";
+      case 2: return output_move_neon (operands);
+      default: gcc_unreachable ();
+      }
+  }
+  [(set_attr "type" "neon_move_q,neon_from_gp_q,neon_load1_4reg")
+   (set_attr "length" "4,8,8")
+   (set_attr "arm_pool_range" "*,*,1020")
+   (set_attr "thumb2_pool_range" "*,*,1018")
+   (set_attr "neg_pool_range" "*,*,996")]
+)
+
+;; Another safe case is when a movmisalign load is used as the source.
+(define_insn "*aes_op_protect_misalign_load"
+  [(set (match_operand:V16QI 0 "s_register_operand" "=w")
+	(unspec:V16QI
+	 [(unspec:V16QI
+	   [(match_operand:V16QI 1 "neon_permissive_struct_operand" "Um")]
+	   UNSPEC_MISALIGNED_ACCESS)]
 	 UNSPEC_AES_PROTECT))]
   "TARGET_CRYPTO && fix_aes_erratum_1742098"
-  "vmov\\t%q0, %q1"
-  [(set_attr "type" "neon_move_q")]
+  "vld1.8\t%{q0}, %A1"
+  [(set_attr "type" "neon_load1_1reg_q")]
+)
+
+;; Similarly for the vld1 intrinsic
+(define_insn "aes_op_protect_neon_vld1v16qi"
+  [(set (match_operand:V16QI 0 "s_register_operand" "=w")
+        (unspec:V16QI
+	 [(unspec:V16QI [(match_operand:V16QI 1 "neon_struct_operand" "Um")]
+           UNSPEC_VLD1)]
+	 UNSPEC_AES_PROTECT))]
+  "TARGET_NEON"
+  "vld1.8\t%h0, %A1"
+  [(set_attr "type" "neon_load1_1reg_q")]
 )
 
 ;; An AESMC operation can feed directly into a subsequent AES

[PATCH 7/7] arm: Add test for AES erratum mitigation

[Richard Earnshaw]

[-- Attachment #1: Type: text/plain, Size: 432 bytes --]


Add a testcase for the erratum mitigation.  To improve coverage
use -dp on the assembler output and match the pattern names (and where
needed the alternative number).

gcc/testsuite/ChangeLog:

	* gcc.target/arm/crypto-vaese-erratum1.c: New test.
---
 .../gcc.target/arm/crypto-vaese-erratum1.c    | 28 +++++++++++++++++++
 1 file changed, 28 insertions(+)
 create mode 100644 gcc/testsuite/gcc.target/arm/crypto-vaese-erratum1.c


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0007-arm-Add-test-for-AES-erratum-mitigation.patch --]
[-- Type: text/x-patch; name="0007-arm-Add-test-for-AES-erratum-mitigation.patch", Size: 1206 bytes --]

diff --git a/gcc/testsuite/gcc.target/arm/crypto-vaese-erratum1.c b/gcc/testsuite/gcc.target/arm/crypto-vaese-erratum1.c
new file mode 100644
index 00000000000..3f16688a8aa
--- /dev/null
+++ b/gcc/testsuite/gcc.target/arm/crypto-vaese-erratum1.c
@@ -0,0 +1,28 @@
+/* { dg-do compile } */
+/* { dg-require-effective-target arm_crypto_ok } */
+/* { dg-options "-O2 -mfix-cortex-a57-aes-1742098 -dp" } */
+/* { dg-add-options arm_crypto } */
+
+#include "arm_neon.h"
+
+uint8x16_t
+foo (uint8x16_t v)
+{
+  const uint8x16_t key1 = {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+			   0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f};
+  const uint8x16_t key2 = {0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+			   0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f};
+  int i;
+
+  for (i = 0; i < 16; ++i)
+    {
+      v = vaesmcq_u8 (vaeseq_u8 (v, key1));
+      v = vaesmcq_u8 (vaeseq_u8 (v, key2));
+    }
+  return v;
+}
+
+/* { dg-final { scan-assembler "aese.8\tq\[0-9\]+, q\[0-9\]+" } } */
+/* { dg-final { scan-assembler-times "aes_op_protect/2" 2} } */
+/* { dg-final { scan-assembler-times "aes_op_protect/0" 1} } */
+/* { dg-final { scan-assembler-times "(?:aesmc|aese_fused)_protected" 1} } */

Re: [PATCH 3/7] arm: Add option for mitigating against Cortex-A CPU erratum for AES

[Jakub Jelinek]

On Thu, Jan 20, 2022 at 11:27:20AM +0000, Richard Earnshaw via Gcc-patches wrote:
> gcc/ChangeLog:
> 
> 	* config/arm/arm.opt (mfix-cortex-a57-aes-1742098): New command-line
> 	option.
> 	(mfix-cortex-a72-aes-1655431): New option alias.

> --- a/gcc/config/arm/arm.opt
> +++ b/gcc/config/arm/arm.opt
> @@ -272,6 +272,16 @@ mfix-cmse-cve-2021-35465
>  Target Var(fix_vlldm) Init(2)
>  Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
>  
> +mfix-cortex-a57-aes-1742098
> +Target Var(fix_aes_erratum_1742098) Init(2) Save
> +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> +Arm erratum #1742098
> +
> +mfix-cortex-a72-aes-1655431
> +Target Alias(mfix-cortex-a57-aes-1742098)
> +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> +Arm erratum #1655431
> +
>  munaligned-access
>  Target Var(unaligned_access) Init(2) Save
>  Enable unaligned word and halfword accesses to packed data.

This breaks:
Running /usr/src/gcc/gcc/testsuite/gcc.misc-tests/help.exp ...
FAIL: compiler driver --help=target option(s): "^ +-.*[^:.]$" absent from output: "  -mfix-cortex-a57-aes-1742098 Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72. Arm erratum #1742098"

help.exp with help of lib/options.exp tests whether all non-empty descriptions of
options are terminated with . or :.

The following patch fixes that, ok for trunk?

2022-01-27  Jakub Jelinek  <jakub@redhat.com>

	* config/arm/arm.opt (mfix-cortex-a57-aes-1742098,
	mfix-cortex-a72-aes-1655431): Ensure description ends with full stop.

--- gcc/config/arm/arm.opt.jj	2022-01-21 22:43:22.879719389 +0100
+++ gcc/config/arm/arm.opt	2022-01-27 11:02:29.457553296 +0100
@@ -274,13 +274,13 @@ Mitigate issues with VLLDM on some M-pro
 
 mfix-cortex-a57-aes-1742098
 Target Var(fix_aes_erratum_1742098) Init(2) Save
-Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
-Arm erratum #1742098
+Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72
+(Arm erratum #1742098).
 
 mfix-cortex-a72-aes-1655431
 Target Alias(mfix-cortex-a57-aes-1742098)
-Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
-Arm erratum #1655431
+Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72
+(Arm erratum #1655431).
 
 munaligned-access
 Target Var(unaligned_access) Init(2) Save

	Jakub

ARM patch ping

[Jakub Jelinek]

Hi!

I'd like to ping the following patch.

Thanks.

On Thu, Jan 27, 2022 at 11:07:26AM +0100, Jakub Jelinek via Gcc-patches wrote:
> On Thu, Jan 20, 2022 at 11:27:20AM +0000, Richard Earnshaw via Gcc-patches wrote:
> > gcc/ChangeLog:
> > 
> > 	* config/arm/arm.opt (mfix-cortex-a57-aes-1742098): New command-line
> > 	option.
> > 	(mfix-cortex-a72-aes-1655431): New option alias.
> 
> > --- a/gcc/config/arm/arm.opt
> > +++ b/gcc/config/arm/arm.opt
> > @@ -272,6 +272,16 @@ mfix-cmse-cve-2021-35465
> >  Target Var(fix_vlldm) Init(2)
> >  Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
> >  
> > +mfix-cortex-a57-aes-1742098
> > +Target Var(fix_aes_erratum_1742098) Init(2) Save
> > +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> > +Arm erratum #1742098
> > +
> > +mfix-cortex-a72-aes-1655431
> > +Target Alias(mfix-cortex-a57-aes-1742098)
> > +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> > +Arm erratum #1655431
> > +
> >  munaligned-access
> >  Target Var(unaligned_access) Init(2) Save
> >  Enable unaligned word and halfword accesses to packed data.
> 
> This breaks:
> Running /usr/src/gcc/gcc/testsuite/gcc.misc-tests/help.exp ...
> FAIL: compiler driver --help=target option(s): "^ +-.*[^:.]$" absent from output: "  -mfix-cortex-a57-aes-1742098 Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72. Arm erratum #1742098"
> 
> help.exp with help of lib/options.exp tests whether all non-empty descriptions of
> options are terminated with . or :.
> 
> The following patch fixes that, ok for trunk?
> 
> 2022-01-27  Jakub Jelinek  <jakub@redhat.com>
> 
> 	* config/arm/arm.opt (mfix-cortex-a57-aes-1742098,
> 	mfix-cortex-a72-aes-1655431): Ensure description ends with full stop.
> 
> --- gcc/config/arm/arm.opt.jj	2022-01-21 22:43:22.879719389 +0100
> +++ gcc/config/arm/arm.opt	2022-01-27 11:02:29.457553296 +0100
> @@ -274,13 +274,13 @@ Mitigate issues with VLLDM on some M-pro
>  
>  mfix-cortex-a57-aes-1742098
>  Target Var(fix_aes_erratum_1742098) Init(2) Save
> -Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> -Arm erratum #1742098
> +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72
> +(Arm erratum #1742098).
>  
>  mfix-cortex-a72-aes-1655431
>  Target Alias(mfix-cortex-a57-aes-1742098)
> -Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> -Arm erratum #1655431
> +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72
> +(Arm erratum #1655431).
>  
>  munaligned-access
>  Target Var(unaligned_access) Init(2) Save

	Jakub

Re: ARM patch ping

[Richard Biener]

On Thu, Feb 3, 2022 at 2:21 PM Jakub Jelinek via Gcc-patches
<gcc-patches@gcc.gnu.org> wrote:
>
> Hi!
>
> I'd like to ping the following patch.

OK (note the patch is obvious IMHO)

Richard.

> Thanks.
>
> On Thu, Jan 27, 2022 at 11:07:26AM +0100, Jakub Jelinek via Gcc-patches wrote:
> > On Thu, Jan 20, 2022 at 11:27:20AM +0000, Richard Earnshaw via Gcc-patches wrote:
> > > gcc/ChangeLog:
> > >
> > >     * config/arm/arm.opt (mfix-cortex-a57-aes-1742098): New command-line
> > >     option.
> > >     (mfix-cortex-a72-aes-1655431): New option alias.
> >
> > > --- a/gcc/config/arm/arm.opt
> > > +++ b/gcc/config/arm/arm.opt
> > > @@ -272,6 +272,16 @@ mfix-cmse-cve-2021-35465
> > >  Target Var(fix_vlldm) Init(2)
> > >  Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465).
> > >
> > > +mfix-cortex-a57-aes-1742098
> > > +Target Var(fix_aes_erratum_1742098) Init(2) Save
> > > +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> > > +Arm erratum #1742098
> > > +
> > > +mfix-cortex-a72-aes-1655431
> > > +Target Alias(mfix-cortex-a57-aes-1742098)
> > > +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> > > +Arm erratum #1655431
> > > +
> > >  munaligned-access
> > >  Target Var(unaligned_access) Init(2) Save
> > >  Enable unaligned word and halfword accesses to packed data.
> >
> > This breaks:
> > Running /usr/src/gcc/gcc/testsuite/gcc.misc-tests/help.exp ...
> > FAIL: compiler driver --help=target option(s): "^ +-.*[^:.]$" absent from output: "  -mfix-cortex-a57-aes-1742098 Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72. Arm erratum #1742098"
> >
> > help.exp with help of lib/options.exp tests whether all non-empty descriptions of
> > options are terminated with . or :.
> >
> > The following patch fixes that, ok for trunk?
> >
> > 2022-01-27  Jakub Jelinek  <jakub@redhat.com>
> >
> >       * config/arm/arm.opt (mfix-cortex-a57-aes-1742098,
> >       mfix-cortex-a72-aes-1655431): Ensure description ends with full stop.
> >
> > --- gcc/config/arm/arm.opt.jj 2022-01-21 22:43:22.879719389 +0100
> > +++ gcc/config/arm/arm.opt    2022-01-27 11:02:29.457553296 +0100
> > @@ -274,13 +274,13 @@ Mitigate issues with VLLDM on some M-pro
> >
> >  mfix-cortex-a57-aes-1742098
> >  Target Var(fix_aes_erratum_1742098) Init(2) Save
> > -Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> > -Arm erratum #1742098
> > +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72
> > +(Arm erratum #1742098).
> >
> >  mfix-cortex-a72-aes-1655431
> >  Target Alias(mfix-cortex-a57-aes-1742098)
> > -Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72.
> > -Arm erratum #1655431
> > +Mitigate issues with AES instructions on Cortex-A57 and Cortex-A72
> > +(Arm erratum #1655431).
> >
> >  munaligned-access
> >  Target Var(unaligned_access) Init(2) Save
>
>         Jakub
>