Patches have been submitted by ARM to address the new Straight Line Speculation (SLS) vulnerability.
Patch series: https://lists.llvm.org/pipermail/llvm-dev/2020-June/142109.html
We are (obviously) not expecting maintainers to accept patches before they're accepted upstream, this is just to keep track.
"Please find patches for these mitigations on the below reviews:
1. https://reviews.llvm.org/D81399: [AArch64] Fix branch, terminator, etc properties for BRA* instructions.
2. https://reviews.llvm.org/D81400: [AArch64] Introduce AArch64SLSHardeningPass, which implements the hardening of RET and BR instructions.
3. https://reviews.llvm.org/D81401: [NFC] Refactor ThunkInserter to make it available for all targets.
4. https://reviews.llvm.org/D81402: [AArch64] Extend AArch64SLSHardeningPass to harden BLR instructions.
5. https://reviews.llvm.org/D81403: Work around GlobalISel limitation on Indirect Thunks.
6. https://reviews.llvm.org/D81404: [AArch64] Add clang command line support for -mharden-sls=
7. https://reviews.llvm.org/D81405: [AArch64] Avoid incompatibility between SLSBLR mitigation and BTI codegen, by only using X16 and X17 registers for BLRs."
FWICS the patches are in master now but not in 10.0.x. Upstream Bugzilla is broken, so I can't check whether they were requested for backporting already.