{"id":13647701,"url":"https://github.com/ARM-software/speculation-barrier","last_synced_at":"2025-04-22T02:32:36.080Z","repository":{"id":74210150,"uuid":"116169955","full_name":"ARM-software/speculation-barrier","owner":"ARM-software","description":"This project provides a header file which contains wrapper macros for the __builtin_load_no_speculate builtin function defined at https://www.arm.com/security-update This builtin function defines a speculation barrier, which can be used to limit the conditions under which a value which has been loaded can be used under speculative execution.","archived":true,"fork":false,"pushed_at":"2018-05-08T15:45:05.000Z","size":12,"stargazers_count":44,"open_issues_count":1,"forks_count":15,"subscribers_count":12,"default_branch":"master","last_synced_at":"2024-11-09T21:37:27.753Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Objective-C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsl-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ARM-software.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-01-03T18:41:07.000Z","updated_at":"2023-11-01T13:15:11.000Z","dependencies_parsed_at":"2024-01-14T10:31:59.988Z","dependency_job_id":"9f935c1e-762e-441e-9b6c-c63b55c77650","html_url":"https://github.com/ARM-software/speculation-barrier","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARM-software%2Fspeculation-barrier","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARM-software%2Fspeculation-barrier/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARM-software%2Fspeculation-barrier/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ARM-software%2Fspeculation-barrier/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ARM-software","download_url":"https://codeload.github.com/ARM-software/speculation-barrier/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250163776,"owners_count":21385310,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T01:03:43.343Z","updated_at":"2025-04-22T02:32:35.813Z","avatar_url":"https://github.com/ARM-software.png","language":"Objective-C","readme":"# Speculation Barrier\n\nThis header file implements a set of wrapper macros for the\n`__builtin_load_no_speculate` builtin function detailed at\n[https://www.arm.com/security-update](https://www.arm.com/security-update).\nThis builtin function defines a speculation barrier, which can be used to\nlimit the conditions under which a value which has been loaded can be used\nunder speculative execution.\n\nThe header file provided here allows a migration path to using the builtin\nfunction for users who are unable to immediately upgrade to a compiler which\nsupports the builtin. Arm recommends using an upgraded compiler where possible\nto ensure the most comprehensive support for the mitigation provided by the\nbuiltin function.\n\n## Use\n\nThis header file can be included in a project as any other C header would be.\nFor full details on usage of the builtin function please see\n[https://www.arm.com/security-update](https://www.arm.com/security-update).\n\nThis header provides three wrapper macros, which correspond to using the\n`__builtin_load_no_speculate` builtin function with three, four and five\narguments respectively.\n\n```\n  load_no_speculate (__ptr, __low, __high)\n  load_no_speculate_fail (__ptr, __low, __high, __failval)\n  load_no_speculate_cmp (__ptr, __low, __high, __failval, __cmpptr)\n```\n\nAs an example, consider this function, also given as an example at\n[https://www.arm.com/security-update](https://www.arm.com/security-update).\n\n```\nint array[N]; \nint foo (unsigned n) \n{ \n  int tmp; \n  if (n \u003c N) \n    tmp = array[n] \n  else \n    tmp = FAIL; \n\n  return tmp; \n}\n```\n\nThis can result in a speculative return of the value at `array[n]`, even\nif `n \u003e= N`. To mitigate against this, we can use the wrapper macros defined\nin this header:\n\n```\n#include \"speculation_barrier.h\"\n\nint foo (unsigned n) \n{ \n  int *lower = array;\n  int *ptr = array + n; \n  int *upper = array + N; \n  return load_no_speculate_fail (ptr, lower, upper, FAIL);\n}\n```\n\nThis will ensure that speculative execution can only continue using a value\nstored within the array or with `FAIL`.\n\n## Supported Environments\n\nThis header provides a migration path to using the builtin function for\nthe AArch64 execution state of Armv8-A, and for the A32 (Arm) and T32 (Thumb)\nexecution states of Armv7-A and Armv8-A.\n\nSupport for other architectures is currently only provided when using a\ncompiler which provides the predefine `__HAVE_LOAD_NO_SPECULATE`,\nindicating compiler support for the `__builtin_load_no_speculate` builtin\nfunction.\n\n## Compatibility\n\nThis header has been tested with Arm Compiler 6 versions 6.5 and above,\nGCC versions 4.8 and above, including GCC 7 with prototype support for the\ncompiler builtin function, and with an LLVM/Clang development toolchain\n(version 6.0.0).\n\n## Testing\n\nA set of testcases are provided in `tests.c`. These test the abstract machine\nsemantics of the provided wrapper macros. The expected behaviour of running the\ntest program is for no output to be printed. Any output indicates a failure to\nimplement the required abstract machine semantics of the builtin.\n\nNote that the testcases provided do not check whether speculative execution\nhas been inhibited.\n\n## License\n\nThis project is licensed under the Boost Software License 1.0\n(SPDX-License-Identifier: BSL-1.0). See the [LICENSE.md](LICENSE.md) file\nfor details.\n\n## Contributing\n\nContributions to this project are welcome under the Boost Software License\n1.0 (SPDX-License-Identifier: BSL-1.0).\n\nArm does not foresee this project requiring a high volume of contributions,\nbut welcomes contributions adding support for other architectures, further\ntestcases, and bug-fixes.\n\n## Further details\n\nFor further details on use of the `__builtin_load_no_speculate` compiler\nbuiltin, please refer to\n[https://www.arm.com/security-update](https://www.arm.com/security-update).\n\n","funding_links":[],"categories":["Objective-C"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FARM-software%2Fspeculation-barrier","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FARM-software%2Fspeculation-barrier","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FARM-software%2Fspeculation-barrier/lists"}