Reviewed-by: Liming Gao <[email protected]> > -----Original Message----- > From: Wu, Hao A > Sent: Friday, December 21, 2018 11:11 AM > To: [email protected] > Cc: Wu, Hao A <[email protected]>; Ard Biesheuvel > <[email protected]>; Leif Lindholm <[email protected]>; Gao, > Liming <[email protected]>; Kinney, Michael D > <[email protected]>; Yao, Jiewen <[email protected]>; Laszlo Ersek > <[email protected]> > Subject: [PATCH v1 1/5] MdePkg/BaseLib: Introduce new SpeculationBarrier API > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1417 > > X86 specific BaseLib API AsmLfence() was introduced to address the Spectre > Variant 1 (CVE-2017-5753) issue. The purpose of this API is to insert > barriers to stop speculative execution. However, the API is highly > architecture (X86) specific, and thus should be avoided using across > generic code. > > To address this issue, this patch will add a new BaseLib API called > SpeculationBarrier(). Different architectures will have different > implementations for this API. > > For IA32 and x64, the implementation of SpeculationBarrier() will > directly call AsmLfence(). > > For ARM and AARCH64, this patch will add a temporary empty implementation > as a placeholder. We hope experts in ARM can help to contribute the actual > implementation. > > For EBC, similar to the ARM and AARCH64 cases, a temporary empty > implementation is added. > > Cc: Ard Biesheuvel <[email protected]> > Cc: Leif Lindholm <[email protected]> > Cc: Liming Gao <[email protected]> > Cc: Michael D Kinney <[email protected]> > Cc: Jiewen Yao <[email protected]> > Cc: Laszlo Ersek <[email protected]> > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Hao Wu <[email protected]> > --- > MdePkg/Library/BaseLib/BaseLib.inf | 5 +++ > MdePkg/Include/Library/BaseLib.h | 15 +++++++++ > MdePkg/Library/BaseLib/Arm/SpeculationBarrier.c | 30 ++++++++++++++++++ > MdePkg/Library/BaseLib/Ebc/SpeculationBarrier.c | 30 ++++++++++++++++++ > MdePkg/Library/BaseLib/X86SpeculationBarrier.c | 32 ++++++++++++++++++++ > 5 files changed, 112 insertions(+) > > diff --git a/MdePkg/Library/BaseLib/BaseLib.inf > b/MdePkg/Library/BaseLib/BaseLib.inf > index b84e58324c..d195c5417b 100644 > --- a/MdePkg/Library/BaseLib/BaseLib.inf > +++ b/MdePkg/Library/BaseLib/BaseLib.inf > @@ -336,6 +336,7 @@ > X86DisablePaging32.c > X86RdRand.c > X86PatchInstruction.c > + X86SpeculationBarrier.c > > [Sources.X64] > X64/Thunk16.nasm > @@ -515,6 +516,7 @@ > X86DisablePaging32.c > X86RdRand.c > X86PatchInstruction.c > + X86SpeculationBarrier.c > X64/GccInline.c | GCC > X64/Thunk16.S | XCODE > X64/SwitchStack.nasm| GCC > @@ -543,12 +545,14 @@ > Ebc/CpuBreakpoint.c > Ebc/SetJumpLongJump.c > Ebc/SwitchStack.c > + Ebc/SpeculationBarrier.c > Unaligned.c > Math64.c > > [Sources.ARM] > Arm/InternalSwitchStack.c > Arm/Unaligned.c > + Arm/SpeculationBarrier.c > Math64.c | RVCT > Math64.c | MSFT > > @@ -582,6 +586,7 @@ > [Sources.AARCH64] > Arm/InternalSwitchStack.c > Arm/Unaligned.c > + Arm/SpeculationBarrier.c > Math64.c > > AArch64/MemoryFence.S | GCC > diff --git a/MdePkg/Include/Library/BaseLib.h > b/MdePkg/Include/Library/BaseLib.h > index 8cc086983d..1eb842384e 100644 > --- a/MdePkg/Include/Library/BaseLib.h > +++ b/MdePkg/Include/Library/BaseLib.h > @@ -5111,6 +5111,21 @@ CpuDeadLoop ( > VOID > ); > > + > +/** > + Uses as a barrier to stop speculative execution. > + > + Ensures that no later instruction will execute speculatively, until all > prior > + instructions have completed. > + > +**/ > +VOID > +EFIAPI > +SpeculationBarrier ( > + VOID > + ); > + > + > #if defined (MDE_CPU_IA32) || defined (MDE_CPU_X64) > /// > /// IA32 and x64 Specific Functions. > diff --git a/MdePkg/Library/BaseLib/Arm/SpeculationBarrier.c > b/MdePkg/Library/BaseLib/Arm/SpeculationBarrier.c > new file mode 100644 > index 0000000000..8a6165a102 > --- /dev/null > +++ b/MdePkg/Library/BaseLib/Arm/SpeculationBarrier.c > @@ -0,0 +1,30 @@ > +/** @file > + SpeculationBarrier() function for ARM. > + > + Copyright (C) 2018, Intel Corporation. All rights reserved.<BR> > + > + This program and the accompanying materials are licensed and made available > + under the terms and conditions of the BSD License which accompanies this > + distribution. The full text of the license may be found at > + http://opensource.org/licenses/bsd-license.php. > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > WITHOUT > + WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > + > +**/ > + > + > +/** > + Uses as a barrier to stop speculative execution. > + > + Ensures that no later instruction will execute speculatively, until all > prior > + instructions have completed. > + > +**/ > +VOID > +EFIAPI > +SpeculationBarrier ( > + VOID > + ) > +{ > +} > diff --git a/MdePkg/Library/BaseLib/Ebc/SpeculationBarrier.c > b/MdePkg/Library/BaseLib/Ebc/SpeculationBarrier.c > new file mode 100644 > index 0000000000..8fa4c204f8 > --- /dev/null > +++ b/MdePkg/Library/BaseLib/Ebc/SpeculationBarrier.c > @@ -0,0 +1,30 @@ > +/** @file > + SpeculationBarrier() function for EBC. > + > + Copyright (C) 2018, Intel Corporation. All rights reserved.<BR> > + > + This program and the accompanying materials are licensed and made available > + under the terms and conditions of the BSD License which accompanies this > + distribution. The full text of the license may be found at > + http://opensource.org/licenses/bsd-license.php. > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > WITHOUT > + WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > + > +**/ > + > + > +/** > + Uses as a barrier to stop speculative execution. > + > + Ensures that no later instruction will execute speculatively, until all > prior > + instructions have completed. > + > +**/ > +VOID > +EFIAPI > +SpeculationBarrier ( > + VOID > + ) > +{ > +} > diff --git a/MdePkg/Library/BaseLib/X86SpeculationBarrier.c > b/MdePkg/Library/BaseLib/X86SpeculationBarrier.c > new file mode 100644 > index 0000000000..03deca8489 > --- /dev/null > +++ b/MdePkg/Library/BaseLib/X86SpeculationBarrier.c > @@ -0,0 +1,32 @@ > +/** @file > + SpeculationBarrier() function for IA32 and x64. > + > + Copyright (C) 2018, Intel Corporation. All rights reserved.<BR> > + > + This program and the accompanying materials are licensed and made available > + under the terms and conditions of the BSD License which accompanies this > + distribution. The full text of the license may be found at > + http://opensource.org/licenses/bsd-license.php. > + > + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > WITHOUT > + WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > + > +**/ > + > +#include <Library/BaseLib.h> > + > +/** > + Uses as a barrier to stop speculative execution. > + > + Ensures that no later instruction will execute speculatively, until all > prior > + instructions have completed. > + > +**/ > +VOID > +EFIAPI > +SpeculationBarrier ( > + VOID > + ) > +{ > + AsmLfence (); > +} > -- > 2.12.0.windows.1
_______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
