MdeModulePkg/Variable: Update to consume SpeculationBarrier

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1417

Since BaseLib API AsmLfence() is a x86 arch specific API and should be
avoided using in generic codes, this commit replaces the usage of
AsmLfence() with arch-generic API SpeculationBarrier().

Please note that speculation execution barriers are intended to be
asserted for SMM codes, hence, this commit still preserve an empty
implementation of the speculation execution barrier for the DXE codes.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h

@@ -85,13 +85,15 @@ SetVariableCheckHandlerMor (
   );
 
 /**
-  This service is consumed by the variable modules to perform a serializing
+  This service is consumed by the variable modules to place a barrier to stop
-  operation on all load-from-memory instructions that were issued prior to the
+  speculative execution.
-  call of this function.
+
+  Ensures that no later instruction will execute speculatively, until all prior
+  instructions have completed.
 
 **/
 VOID
-MemoryLoadFence (
+VariableSpeculationBarrier (
   VOID
   );
 

MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierDxe.c

@@ -1,5 +1,5 @@
 /** @file
-  Serialize operation on all load-from-memory instructions (DXE version).
+  Barrier to stop speculative execution (DXE version).
 
 Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
@@ -15,13 +15,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include "Variable.h"
 
 /**
-  This service is consumed by the variable modules to perform a serializing
+  This service is consumed by the variable modules to place a barrier to stop
-  operation on all load-from-memory instructions that were issued prior to the
+  speculative execution.
-  call of this function.
+
+  Ensures that no later instruction will execute speculatively, until all prior
+  instructions have completed.
 
 **/
 VOID
-MemoryLoadFence (
+VariableSpeculationBarrier (
   VOID
   )
 {

MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierSmm.c

@@ -1,5 +1,5 @@
 /** @file
-  Serialize operation on all load-from-memory instructions (SMM version).
+  Barrier to stop speculative execution (SMM version).
 
 Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
@@ -16,15 +16,17 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include "Variable.h"
 
 /**
-  This service is consumed by the variable modules to perform a serializing
+  This service is consumed by the variable modules to place a barrier to stop
-  operation on all load-from-memory instructions that were issued prior to the
+  speculative execution.
-  call of this function.
+
+  Ensures that no later instruction will execute speculatively, until all prior
+  instructions have completed.
 
 **/
 VOID
-MemoryLoadFence (
+VariableSpeculationBarrier (
   VOID
   )
 {
-  AsmLfence ();
+  SpeculationBarrier ();
 }

MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c

@@ -3201,11 +3201,11 @@ VariableServiceSetVariable (
       return EFI_SECURITY_VIOLATION;
     }
     //
-    // The MemoryLoadFence() call here is to ensure the above sanity check
+    // The VariableSpeculationBarrier() call here is to ensure the above sanity
-    // for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed
+    // check for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed
     // before the execution of subsequent codes.
     //
-    MemoryLoadFence ();
+    VariableSpeculationBarrier ();
     PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
   } else {
     PayloadSize = DataSize;

MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf

@@ -46,7 +46,7 @@
   TcgMorLockDxe.c
   VarCheck.c
   VariableExLib.c
-  LoadFenceDxe.c
+  SpeculationBarrierDxe.c
 
 [Packages]
   MdePkg/MdePkg.dec

MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c

@@ -538,11 +538,11 @@ SmmVariableHandler (
       }
 
       //
-      // The MemoryLoadFence() call here is to ensure the previous range/content
+      // The VariableSpeculationBarrier() call here is to ensure the previous
-      // checks for the CommBuffer have been completed before the subsequent
+      // range/content checks for the CommBuffer have been completed before the
-      // consumption of the CommBuffer content.
+      // subsequent consumption of the CommBuffer content.
       //
-      MemoryLoadFence ();
+      VariableSpeculationBarrier ();
       if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
         //
         // Make sure VariableName is A Null-terminated string.
@@ -638,11 +638,11 @@ SmmVariableHandler (
       }
 
       //
-      // The MemoryLoadFence() call here is to ensure the previous range/content
+      // The VariableSpeculationBarrier() call here is to ensure the previous
-      // checks for the CommBuffer have been completed before the subsequent
+      // range/content checks for the CommBuffer have been completed before the
-      // consumption of the CommBuffer content.
+      // subsequent consumption of the CommBuffer content.
       //
-      MemoryLoadFence ();
+      VariableSpeculationBarrier ();
       if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
         //
         // Make sure VariableName is A Null-terminated string.
@@ -779,11 +779,11 @@ SmmVariableHandler (
       }
 
       //
-      // The MemoryLoadFence() call here is to ensure the previous range/content
+      // The VariableSpeculationBarrier() call here is to ensure the previous
-      // checks for the CommBuffer have been completed before the subsequent
+      // range/content checks for the CommBuffer have been completed before the
-      // consumption of the CommBuffer content.
+      // subsequent consumption of the CommBuffer content.
       //
-      MemoryLoadFence ();
+      VariableSpeculationBarrier ();
       if (CommVariableProperty->NameSize < sizeof (CHAR16) || CommVariableProperty->Name[CommVariableProperty->NameSize/sizeof (CHAR16) - 1] != L'\0') {
         //
         // Make sure VariableName is A Null-terminated string.

MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf

@@ -54,7 +54,7 @@
   PrivilegePolymorphic.h
   VariableExLib.c
   TcgMorLockSmm.c
-  LoadFenceSmm.c
+  SpeculationBarrierSmm.c
 
 [Packages]
   MdePkg/MdePkg.dec