From: Hao Wu <hao.a.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Hao Wu <hao.a.wu@intel.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
Leif Lindholm <leif.lindholm@linaro.org>,
Liming Gao <liming.gao@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Jiewen Yao <jiewen.yao@intel.com>,
Laszlo Ersek <lersek@redhat.com>
Subject: [PATCH v1 1/5] MdePkg/BaseLib: Introduce new SpeculationBarrier API
Date: Fri, 21 Dec 2018 11:11:02 +0800 [thread overview]
Message-ID: <20181221031106.12960-2-hao.a.wu@intel.com> (raw)
In-Reply-To: <20181221031106.12960-1-hao.a.wu@intel.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1417
X86 specific BaseLib API AsmLfence() was introduced to address the Spectre
Variant 1 (CVE-2017-5753) issue. The purpose of this API is to insert
barriers to stop speculative execution. However, the API is highly
architecture (X86) specific, and thus should be avoided using across
generic code.
To address this issue, this patch will add a new BaseLib API called
SpeculationBarrier(). Different architectures will have different
implementations for this API.
For IA32 and x64, the implementation of SpeculationBarrier() will
directly call AsmLfence().
For ARM and AARCH64, this patch will add a temporary empty implementation
as a placeholder. We hope experts in ARM can help to contribute the actual
implementation.
For EBC, similar to the ARM and AARCH64 cases, a temporary empty
implementation is added.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
MdePkg/Library/BaseLib/BaseLib.inf | 5 +++
MdePkg/Include/Library/BaseLib.h | 15 +++++++++
MdePkg/Library/BaseLib/Arm/SpeculationBarrier.c | 30 ++++++++++++++++++
MdePkg/Library/BaseLib/Ebc/SpeculationBarrier.c | 30 ++++++++++++++++++
MdePkg/Library/BaseLib/X86SpeculationBarrier.c | 32 ++++++++++++++++++++
5 files changed, 112 insertions(+)
diff --git a/MdePkg/Library/BaseLib/BaseLib.inf b/MdePkg/Library/BaseLib/BaseLib.inf
index b84e58324c..d195c5417b 100644
--- a/MdePkg/Library/BaseLib/BaseLib.inf
+++ b/MdePkg/Library/BaseLib/BaseLib.inf
@@ -336,6 +336,7 @@
X86DisablePaging32.c
X86RdRand.c
X86PatchInstruction.c
+ X86SpeculationBarrier.c
[Sources.X64]
X64/Thunk16.nasm
@@ -515,6 +516,7 @@
X86DisablePaging32.c
X86RdRand.c
X86PatchInstruction.c
+ X86SpeculationBarrier.c
X64/GccInline.c | GCC
X64/Thunk16.S | XCODE
X64/SwitchStack.nasm| GCC
@@ -543,12 +545,14 @@
Ebc/CpuBreakpoint.c
Ebc/SetJumpLongJump.c
Ebc/SwitchStack.c
+ Ebc/SpeculationBarrier.c
Unaligned.c
Math64.c
[Sources.ARM]
Arm/InternalSwitchStack.c
Arm/Unaligned.c
+ Arm/SpeculationBarrier.c
Math64.c | RVCT
Math64.c | MSFT
@@ -582,6 +586,7 @@
[Sources.AARCH64]
Arm/InternalSwitchStack.c
Arm/Unaligned.c
+ Arm/SpeculationBarrier.c
Math64.c
AArch64/MemoryFence.S | GCC
diff --git a/MdePkg/Include/Library/BaseLib.h b/MdePkg/Include/Library/BaseLib.h
index 8cc086983d..1eb842384e 100644
--- a/MdePkg/Include/Library/BaseLib.h
+++ b/MdePkg/Include/Library/BaseLib.h
@@ -5111,6 +5111,21 @@ CpuDeadLoop (
VOID
);
+
+/**
+ Uses as a barrier to stop speculative execution.
+
+ Ensures that no later instruction will execute speculatively, until all prior
+ instructions have completed.
+
+**/
+VOID
+EFIAPI
+SpeculationBarrier (
+ VOID
+ );
+
+
#if defined (MDE_CPU_IA32) || defined (MDE_CPU_X64)
///
/// IA32 and x64 Specific Functions.
diff --git a/MdePkg/Library/BaseLib/Arm/SpeculationBarrier.c b/MdePkg/Library/BaseLib/Arm/SpeculationBarrier.c
new file mode 100644
index 0000000000..8a6165a102
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Arm/SpeculationBarrier.c
@@ -0,0 +1,30 @@
+/** @file
+ SpeculationBarrier() function for ARM.
+
+ Copyright (C) 2018, Intel Corporation. All rights reserved.<BR>
+
+ This program and the accompanying materials are licensed and made available
+ under the terms and conditions of the BSD License which accompanies this
+ distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php.
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT
+ WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+
+/**
+ Uses as a barrier to stop speculative execution.
+
+ Ensures that no later instruction will execute speculatively, until all prior
+ instructions have completed.
+
+**/
+VOID
+EFIAPI
+SpeculationBarrier (
+ VOID
+ )
+{
+}
diff --git a/MdePkg/Library/BaseLib/Ebc/SpeculationBarrier.c b/MdePkg/Library/BaseLib/Ebc/SpeculationBarrier.c
new file mode 100644
index 0000000000..8fa4c204f8
--- /dev/null
+++ b/MdePkg/Library/BaseLib/Ebc/SpeculationBarrier.c
@@ -0,0 +1,30 @@
+/** @file
+ SpeculationBarrier() function for EBC.
+
+ Copyright (C) 2018, Intel Corporation. All rights reserved.<BR>
+
+ This program and the accompanying materials are licensed and made available
+ under the terms and conditions of the BSD License which accompanies this
+ distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php.
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT
+ WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+
+/**
+ Uses as a barrier to stop speculative execution.
+
+ Ensures that no later instruction will execute speculatively, until all prior
+ instructions have completed.
+
+**/
+VOID
+EFIAPI
+SpeculationBarrier (
+ VOID
+ )
+{
+}
diff --git a/MdePkg/Library/BaseLib/X86SpeculationBarrier.c b/MdePkg/Library/BaseLib/X86SpeculationBarrier.c
new file mode 100644
index 0000000000..03deca8489
--- /dev/null
+++ b/MdePkg/Library/BaseLib/X86SpeculationBarrier.c
@@ -0,0 +1,32 @@
+/** @file
+ SpeculationBarrier() function for IA32 and x64.
+
+ Copyright (C) 2018, Intel Corporation. All rights reserved.<BR>
+
+ This program and the accompanying materials are licensed and made available
+ under the terms and conditions of the BSD License which accompanies this
+ distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php.
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT
+ WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+
+/**
+ Uses as a barrier to stop speculative execution.
+
+ Ensures that no later instruction will execute speculatively, until all prior
+ instructions have completed.
+
+**/
+VOID
+EFIAPI
+SpeculationBarrier (
+ VOID
+ )
+{
+ AsmLfence ();
+}
--
2.12.0.windows.1
next prev parent reply other threads:[~2018-12-21 3:11 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-12-21 3:11 [PATCH v1 0/5] Ues arch-generic API SpeculationBarrier() to replace AsmLfence() Hao Wu
2018-12-21 3:11 ` Hao Wu [this message]
2018-12-24 3:15 ` [PATCH v1 1/5] MdePkg/BaseLib: Introduce new SpeculationBarrier API Gao, Liming
2018-12-21 3:11 ` [PATCH v1 2/5] MdeModulePkg/FaultTolerantWrite: Update to consume SpeculationBarrier Hao Wu
2018-12-24 2:56 ` Wang, Jian J
2018-12-21 3:11 ` [PATCH v1 3/5] MdeModulePkg/SmmLockBox: " Hao Wu
2018-12-24 2:56 ` Wang, Jian J
2018-12-21 3:11 ` [PATCH v1 4/5] MdeModulePkg/Variable: " Hao Wu
2018-12-24 2:59 ` Wang, Jian J
2018-12-21 3:11 ` [PATCH v1 5/5] UefiCpuPkg/PiSmmCpuDxeSmm: " Hao Wu
2018-12-24 0:54 ` Dong, Eric
2018-12-21 11:22 ` [PATCH v1 0/5] Ues arch-generic API SpeculationBarrier() to replace AsmLfence() Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181221031106.12960-2-hao.a.wu@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox