From 49395ea0bc69c30f753f93877e6cc82b8ed0212b Mon Sep 17 00:00:00 2001 From: Hao Wu Date: Fri, 21 Dec 2018 10:30:22 +0800 Subject: MdeModulePkg/Variable: Update to consume SpeculationBarrier REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1417 Since BaseLib API AsmLfence() is a x86 arch specific API and should be avoided using in generic codes, this commit replaces the usage of AsmLfence() with arch-generic API SpeculationBarrier(). Please note that speculation execution barriers are intended to be asserted for SMM codes, hence, this commit still preserve an empty implementation of the speculation execution barrier for the DXE codes. Cc: Ard Biesheuvel Cc: Jiewen Yao Cc: Liming Gao Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu Reviewed-by: Jian J Wang --- .../Universal/Variable/RuntimeDxe/LoadFenceDxe.c | 31 -------------------- .../Universal/Variable/RuntimeDxe/LoadFenceSmm.c | 30 -------------------- .../Variable/RuntimeDxe/PrivilegePolymorphic.h | 10 ++++--- .../Variable/RuntimeDxe/SpeculationBarrierDxe.c | 33 ++++++++++++++++++++++ .../Variable/RuntimeDxe/SpeculationBarrierSmm.c | 32 +++++++++++++++++++++ .../Universal/Variable/RuntimeDxe/Variable.c | 6 ++-- .../Variable/RuntimeDxe/VariableRuntimeDxe.inf | 2 +- .../Universal/Variable/RuntimeDxe/VariableSmm.c | 24 ++++++++-------- .../Universal/Variable/RuntimeDxe/VariableSmm.inf | 2 +- 9 files changed, 88 insertions(+), 82 deletions(-) delete mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c delete mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierDxe.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierSmm.c (limited to 'MdeModulePkg/Universal') diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c deleted file mode 100644 index 0f64ee093b..0000000000 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c +++ /dev/null @@ -1,31 +0,0 @@ -/** @file - Serialize operation on all load-from-memory instructions (DXE version). - -Copyright (c) 2018, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "Variable.h" - -/** - This service is consumed by the variable modules to perform a serializing - operation on all load-from-memory instructions that were issued prior to the - call of this function. - -**/ -VOID -MemoryLoadFence ( - VOID - ) -{ - // - // Do nothing. - // -} diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c deleted file mode 100644 index 4b0d7e3e95..0000000000 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c +++ /dev/null @@ -1,30 +0,0 @@ -/** @file - Serialize operation on all load-from-memory instructions (SMM version). - -Copyright (c) 2018, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include -#include "Variable.h" - -/** - This service is consumed by the variable modules to perform a serializing - operation on all load-from-memory instructions that were issued prior to the - call of this function. - -**/ -VOID -MemoryLoadFence ( - VOID - ) -{ - AsmLfence (); -} diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h index a324ad2365..7af22a4ad6 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h @@ -85,13 +85,15 @@ SetVariableCheckHandlerMor ( ); /** - This service is consumed by the variable modules to perform a serializing - operation on all load-from-memory instructions that were issued prior to the - call of this function. + This service is consumed by the variable modules to place a barrier to stop + speculative execution. + + Ensures that no later instruction will execute speculatively, until all prior + instructions have completed. **/ VOID -MemoryLoadFence ( +VariableSpeculationBarrier ( VOID ); diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierDxe.c new file mode 100644 index 0000000000..bc3f695335 --- /dev/null +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierDxe.c @@ -0,0 +1,33 @@ +/** @file + Barrier to stop speculative execution (DXE version). + +Copyright (c) 2018, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include "Variable.h" + +/** + This service is consumed by the variable modules to place a barrier to stop + speculative execution. + + Ensures that no later instruction will execute speculatively, until all prior + instructions have completed. + +**/ +VOID +VariableSpeculationBarrier ( + VOID + ) +{ + // + // Do nothing. + // +} diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierSmm.c new file mode 100644 index 0000000000..dbc20f6c4d --- /dev/null +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/SpeculationBarrierSmm.c @@ -0,0 +1,32 @@ +/** @file + Barrier to stop speculative execution (SMM version). + +Copyright (c) 2018, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include +#include "Variable.h" + +/** + This service is consumed by the variable modules to place a barrier to stop + speculative execution. + + Ensures that no later instruction will execute speculatively, until all prior + instructions have completed. + +**/ +VOID +VariableSpeculationBarrier ( + VOID + ) +{ + SpeculationBarrier (); +} diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index d100b1dcc5..443cf07144 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -3201,11 +3201,11 @@ VariableServiceSetVariable ( return EFI_SECURITY_VIOLATION; } // - // The MemoryLoadFence() call here is to ensure the above sanity check - // for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed + // The VariableSpeculationBarrier() call here is to ensure the above sanity + // check for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed // before the execution of subsequent codes. // - MemoryLoadFence (); + VariableSpeculationBarrier (); PayloadSize = DataSize - AUTHINFO2_SIZE (Data); } else { PayloadSize = DataSize; diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index 868981ccaf..7ef8a97f5d 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -46,7 +46,7 @@ TcgMorLockDxe.c VarCheck.c VariableExLib.c - LoadFenceDxe.c + SpeculationBarrierDxe.c [Packages] MdePkg/MdePkg.dec diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c index 6dc19c24db..8c53f84ff6 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c @@ -538,11 +538,11 @@ SmmVariableHandler ( } // - // The MemoryLoadFence() call here is to ensure the previous range/content - // checks for the CommBuffer have been completed before the subsequent - // consumption of the CommBuffer content. + // The VariableSpeculationBarrier() call here is to ensure the previous + // range/content checks for the CommBuffer have been completed before the + // subsequent consumption of the CommBuffer content. // - MemoryLoadFence (); + VariableSpeculationBarrier (); if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') { // // Make sure VariableName is A Null-terminated string. @@ -638,11 +638,11 @@ SmmVariableHandler ( } // - // The MemoryLoadFence() call here is to ensure the previous range/content - // checks for the CommBuffer have been completed before the subsequent - // consumption of the CommBuffer content. + // The VariableSpeculationBarrier() call here is to ensure the previous + // range/content checks for the CommBuffer have been completed before the + // subsequent consumption of the CommBuffer content. // - MemoryLoadFence (); + VariableSpeculationBarrier (); if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') { // // Make sure VariableName is A Null-terminated string. @@ -779,11 +779,11 @@ SmmVariableHandler ( } // - // The MemoryLoadFence() call here is to ensure the previous range/content - // checks for the CommBuffer have been completed before the subsequent - // consumption of the CommBuffer content. + // The VariableSpeculationBarrier() call here is to ensure the previous + // range/content checks for the CommBuffer have been completed before the + // subsequent consumption of the CommBuffer content. // - MemoryLoadFence (); + VariableSpeculationBarrier (); if (CommVariableProperty->NameSize < sizeof (CHAR16) || CommVariableProperty->Name[CommVariableProperty->NameSize/sizeof (CHAR16) - 1] != L'\0') { // // Make sure VariableName is A Null-terminated string. diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf index 2fe72ff8a4..db7d220e06 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf @@ -54,7 +54,7 @@ PrivilegePolymorphic.h VariableExLib.c TcgMorLockSmm.c - LoadFenceSmm.c + SpeculationBarrierSmm.c [Packages] MdePkg/MdePkg.dec -- cgit