From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by groups.io with SMTP; Tue, 30 Apr 2019 08:43:37 -0700 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 7283A3082163; Tue, 30 Apr 2019 15:43:21 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-42.rdu2.redhat.com [10.10.121.42]) by smtp.corp.redhat.com (Postfix) with ESMTP id 279A47C825; Tue, 30 Apr 2019 15:43:19 +0000 (UTC) Subject: Re: [edk2-devel] [Patch V2 1/6] MdePkg: Add PcdSpeculationBarrierType To: "Kinney, Michael D" , "devel@edk2.groups.io" Cc: "Gao, Liming" References: <20190430013012.24008-1-michael.d.kinney@intel.com> <20190430013012.24008-2-michael.d.kinney@intel.com> From: "Laszlo Ersek" Message-ID: <4c23e600-15b4-0754-a0f0-11ec04884c46@redhat.com> Date: Tue, 30 Apr 2019 17:43:19 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.47]); Tue, 30 Apr 2019 15:43:26 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 04/30/19 17:16, Kinney, Michael D wrote: > Laszlo, > > I tried to design this PCD so it could be used for other > architectures as needed in the future by expanding the enum. > I marked enum values 0x01(LFENCE) and 0x02(CPUID) for > IA32/X64. Value 0x00 (NOP) is for all archs. Ah, good point. In fact, this has more or less crossed my mind, but I ruled out the idea, as (I thought) a multi-arch PCD would have to be a bitmap, not a simple enum. Of course, I was wrong about that -- in any given platform build, the PCD doesn't have to contain the right setting for every possible architecture supported by edk2. It only need contain the right setting for the arch of the current platform build. So yes, this design is great; please apply my R-b. Thanks Laszlo >> -----Original Message----- >> From: devel@edk2.groups.io >> [mailto:devel@edk2.groups.io] On Behalf Of Laszlo Ersek >> Sent: Tuesday, April 30, 2019 4:47 AM >> To: devel@edk2.groups.io; Kinney, Michael D >> >> Cc: Gao, Liming >> Subject: Re: [edk2-devel] [Patch V2 1/6] MdePkg: Add >> PcdSpeculationBarrierType >> >> On 04/30/19 03:30, Michael D Kinney wrote: >>> Add >> gEfiMdePkgTokenSpaceGuid.PcdSpeculationBarrierType that >>> uses the PCD type FixedAtBuild. This performs a >> build time >>> selection for the type of speculation barrier to use >> in the >>> BaseLib function SpeculationBarrier(). The >> recommended >>> speculation barrier for x86 is LFENCE and this is the >> default >>> value for this PCD. x86 CPUs that do not support >> LFENCE must >>> select one of the other supported values which >> includes CPUID >>> and nothing. >>> >>> Cc: Liming Gao >>> Signed-off-by: Michael D Kinney >> >>> --- >>> MdePkg/MdePkg.dec | 9 +++++++++ >>> MdePkg/MdePkg.uni | 8 ++++++++ >>> 2 files changed, 17 insertions(+) >>> >>> diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec >>> index e2ea8fff66..28d4a966c2 100644 >>> --- a/MdePkg/MdePkg.dec >>> +++ b/MdePkg/MdePkg.dec >>> @@ -2062,6 +2062,15 @@ [PcdsFixedAtBuild] >>> # @Prompt Enable control flow enforcement. >>> >> gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPrope >> rtyMask|0x0|UINT32|0x30001017 >>> >>> + ## Indicates the type of instruction sequence to >> use for a speculation >>> + # barrier. The default instruction sequence is >> LFENCE.

>>> + # 0x00 - No operation.
>>> + # 0x01 - LFENCE (IA32/X64).
>>> + # 0x02 - CPUID (IA32/X64).
>>> + # Other - reserved >>> + # @Prompt Speculation Barrier Type. >>> + >> gEfiMdePkgTokenSpaceGuid.PcdSpeculationBarrierType|0x01 >> |UINT8|0x30001018 >>> + >>> [PcdsFixedAtBuild,PcdsPatchableInModule] >>> ## Indicates the maximum length of unicode string >> used in the following >>> # BaseLib functions: StrLen(), StrSize(), >> StrCmp(), StrnCmp(), StrCpy(), StrnCpy()

>> >> In MdePkg.dec, we have: >> - [Includes.X64] >> - [LibraryClasses.X64] >> - [Guids.X64] >> >> but no PCD declarations that are architecture-specific. >> Is that >> intentional? Because, this PCD could be a good >> candidate for "IA32/X64 >> only". (Looking at the next patch too.) >> >> But, that's just my curiosity. >> >> Reviewed-by: Laszlo Ersek >> >> Thanks >> Laszlo >> >> >>> diff --git a/MdePkg/MdePkg.uni b/MdePkg/MdePkg.uni >>> index c359bb4b5b..5c1fa24065 100644 >>> --- a/MdePkg/MdePkg.uni >>> +++ b/MdePkg/MdePkg.uni >>> @@ -149,6 +149,14 @@ >>> >> " BIT0 - SMM CET Shadow Stack is enabled.
\n" >>> >> " Other - reserved" >>> >>> +#string >> STR_gEfiMdePkgTokenSpaceGuid_PcdSpeculationBarrierType_ >> PROMPT #language en-US "Speculation Barrier Type." >>> + >>> +#string >> STR_gEfiMdePkgTokenSpaceGuid_PcdSpeculationBarrierType_ >> HELP #language en-US "Indicates the type of >> instruction sequence to use for a speculation.barrier. >> The default instruction sequence is LFENCE.

\n" >>> + >> "0x00 - No operation.
\n" >>> + >> "0x01 - LFENCE (IA32/X64).
\n" >>> + >> "0x02 - CPUID (IA32/X64).
\n" >>> + >> "Other - reserved" >>> + >>> #string >> STR_gEfiMdePkgTokenSpaceGuid_PcdMaximumAsciiStringLengt >> h_PROMPT #language en-US "Maximum Length of Ascii >> String" >>> >>> #string >> STR_gEfiMdePkgTokenSpaceGuid_PcdMaximumAsciiStringLengt >> h_HELP #language en-US "Sets the maximum number of >> ASCII characters used for string functions. This >> affects the following BaseLib functions: AsciiStrLen(), >> AsciiStrSize(), AsciiStrCmp(), AsciiStrnCmp(), >> AsciiStrCpy(), AsciiStrnCpy().

\n" >>> >> >> >> >