MdeModulePkg/Variable: Update to consume SpeculationBarrier

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1417 Since BaseLib API AsmLfence() is a x86 arch specific API and should be avoided using in generic codes, this commit replaces the usage of AsmLfence() with arch-generic API SpeculationBarrier(). Please note that speculation execution barriers are intended to be asserted for SMM codes, hence, this commit still preserve an empty implementation of the speculation execution barrier for the DXE codes. Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
2018-12-21 10:30:22 +08:00 · 2018-12-21 10:30:22 +08:00 · 49395ea0bc
parent 107775734d
commit 49395ea0bc
7 changed files with 38 additions and 32 deletions
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h
@ -85,13 +85,15 @@ SetVariableCheckHandlerMor (
  );

 /**
-  This service is consumed by the variable modules to perform a serializing
-  operation on all load-from-memory instructions that were issued prior to the
-  call of this function.
+  This service is consumed by the variable modules to place a barrier to stop
+  speculative execution.
+
+  Ensures that no later instruction will execute speculatively, until all prior
+  instructions have completed.

 **/
 VOID
-MemoryLoadFence (
+VariableSpeculationBarrier (
  VOID
  );

--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierDxe.c
@ -1,5 +1,5 @@
 /** @file
-  Serialize operation on all load-from-memory instructions (DXE version).
+  Barrier to stop speculative execution (DXE version).

 Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
@ -15,13 +15,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include "Variable.h"

 /**
-  This service is consumed by the variable modules to perform a serializing
-  operation on all load-from-memory instructions that were issued prior to the
-  call of this function.
+  This service is consumed by the variable modules to place a barrier to stop
+  speculative execution.
+
+  Ensures that no later instruction will execute speculatively, until all prior
+  instructions have completed.

 **/
 VOID
-MemoryLoadFence (
+VariableSpeculationBarrier (
  VOID
  )
 {
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierSmm.c
@ -1,5 +1,5 @@
 /** @file
-  Serialize operation on all load-from-memory instructions (SMM version).
+  Barrier to stop speculative execution (SMM version).

 Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
@ -16,15 +16,17 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include "Variable.h"

 /**
-  This service is consumed by the variable modules to perform a serializing
-  operation on all load-from-memory instructions that were issued prior to the
-  call of this function.
+  This service is consumed by the variable modules to place a barrier to stop
+  speculative execution.
+
+  Ensures that no later instruction will execute speculatively, until all prior
+  instructions have completed.

 **/
 VOID
-MemoryLoadFence (
+VariableSpeculationBarrier (
  VOID
  )
 {
-  AsmLfence ();
+  SpeculationBarrier ();
 }
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@ -3201,11 +3201,11 @@ VariableServiceSetVariable (
      return EFI_SECURITY_VIOLATION;
    }
    //
-    // The MemoryLoadFence() call here is to ensure the above sanity check
-    // for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed
+    // The VariableSpeculationBarrier() call here is to ensure the above sanity
+    // check for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed
    // before the execution of subsequent codes.
    //
-    MemoryLoadFence ();
+    VariableSpeculationBarrier ();
    PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
  } else {
    PayloadSize = DataSize;
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@ -46,7 +46,7 @@
  TcgMorLockDxe.c
  VarCheck.c
  VariableExLib.c
-  LoadFenceDxe.c
+  SpeculationBarrierDxe.c

 [Packages]
  MdePkg/MdePkg.dec
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@ -538,11 +538,11 @@ SmmVariableHandler (
      }

      //
-      // The MemoryLoadFence() call here is to ensure the previous range/content
-      // checks for the CommBuffer have been completed before the subsequent
-      // consumption of the CommBuffer content.
+      // The VariableSpeculationBarrier() call here is to ensure the previous
+      // range/content checks for the CommBuffer have been completed before the
+      // subsequent consumption of the CommBuffer content.
      //
-      MemoryLoadFence ();
+      VariableSpeculationBarrier ();
      if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
        //
        // Make sure VariableName is A Null-terminated string.
@ -638,11 +638,11 @@ SmmVariableHandler (
      }

      //
-      // The MemoryLoadFence() call here is to ensure the previous range/content
-      // checks for the CommBuffer have been completed before the subsequent
-      // consumption of the CommBuffer content.
+      // The VariableSpeculationBarrier() call here is to ensure the previous
+      // range/content checks for the CommBuffer have been completed before the
+      // subsequent consumption of the CommBuffer content.
      //
-      MemoryLoadFence ();
+      VariableSpeculationBarrier ();
      if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
        //
        // Make sure VariableName is A Null-terminated string.
@ -779,11 +779,11 @@ SmmVariableHandler (
      }

      //
-      // The MemoryLoadFence() call here is to ensure the previous range/content
-      // checks for the CommBuffer have been completed before the subsequent
-      // consumption of the CommBuffer content.
+      // The VariableSpeculationBarrier() call here is to ensure the previous
+      // range/content checks for the CommBuffer have been completed before the
+      // subsequent consumption of the CommBuffer content.
      //
-      MemoryLoadFence ();
+      VariableSpeculationBarrier ();
      if (CommVariableProperty->NameSize < sizeof (CHAR16) || CommVariableProperty->Name[CommVariableProperty->NameSize/sizeof (CHAR16) - 1] != L'\0') {
        //
        // Make sure VariableName is A Null-terminated string.
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
@ -54,7 +54,7 @@
  PrivilegePolymorphic.h
  VariableExLib.c
  TcgMorLockSmm.c
-  LoadFenceSmm.c
+  SpeculationBarrierSmm.c

 [Packages]
  MdePkg/MdePkg.dec