All except some of the most recent arm64 processors have a speculative
execution flaw that occurs across a syscall boundary, which cannot be
mitigated in the kernel. In order to protect against this leak a
speculation barrier needs to be placed after an svc instruction.
In order to avoid the performance impact of these instructions, the kernel
will soon start returning execution two instructions past the svc call.
For now two hardware no ops are added, which allows syscalls to work with
both old and new kernels. Once the kernel is cut over the no ops can be
replaced with actual speculation barriers.
Discussed at length with deraadt@
9cf24da4ba