From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by groups.io with SMTP; Tue, 30 Apr 2019 04:47:34 -0700 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 47A02308621B; Tue, 30 Apr 2019 11:47:34 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-121-42.rdu2.redhat.com [10.10.121.42]) by smtp.corp.redhat.com (Postfix) with ESMTP id 3139A2B3A6; Tue, 30 Apr 2019 11:47:32 +0000 (UTC) Subject: Re: [edk2-devel] [Patch V2 1/6] MdePkg: Add PcdSpeculationBarrierType To: devel@edk2.groups.io, michael.d.kinney@intel.com Cc: Liming Gao References: <20190430013012.24008-1-michael.d.kinney@intel.com> <20190430013012.24008-2-michael.d.kinney@intel.com> From: "Laszlo Ersek" Message-ID: Date: Tue, 30 Apr 2019 13:47:27 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20190430013012.24008-2-michael.d.kinney@intel.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.42]); Tue, 30 Apr 2019 11:47:34 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 04/30/19 03:30, Michael D Kinney wrote: > Add gEfiMdePkgTokenSpaceGuid.PcdSpeculationBarrierType that > uses the PCD type FixedAtBuild. This performs a build time > selection for the type of speculation barrier to use in the > BaseLib function SpeculationBarrier(). The recommended > speculation barrier for x86 is LFENCE and this is the default > value for this PCD. x86 CPUs that do not support LFENCE must > select one of the other supported values which includes CPUID > and nothing. > > Cc: Liming Gao > Signed-off-by: Michael D Kinney > --- > MdePkg/MdePkg.dec | 9 +++++++++ > MdePkg/MdePkg.uni | 8 ++++++++ > 2 files changed, 17 insertions(+) > > diff --git a/MdePkg/MdePkg.dec b/MdePkg/MdePkg.dec > index e2ea8fff66..28d4a966c2 100644 > --- a/MdePkg/MdePkg.dec > +++ b/MdePkg/MdePkg.dec > @@ -2062,6 +2062,15 @@ [PcdsFixedAtBuild] > # @Prompt Enable control flow enforcement. > gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask|0x0|UINT32|0x30001017 > > + ## Indicates the type of instruction sequence to use for a speculation > + # barrier. The default instruction sequence is LFENCE.

> + # 0x00 - No operation.
> + # 0x01 - LFENCE (IA32/X64).
> + # 0x02 - CPUID (IA32/X64).
> + # Other - reserved > + # @Prompt Speculation Barrier Type. > + gEfiMdePkgTokenSpaceGuid.PcdSpeculationBarrierType|0x01|UINT8|0x30001018 > + > [PcdsFixedAtBuild,PcdsPatchableInModule] > ## Indicates the maximum length of unicode string used in the following > # BaseLib functions: StrLen(), StrSize(), StrCmp(), StrnCmp(), StrCpy(), StrnCpy()

In MdePkg.dec, we have: - [Includes.X64] - [LibraryClasses.X64] - [Guids.X64] but no PCD declarations that are architecture-specific. Is that intentional? Because, this PCD could be a good candidate for "IA32/X64 only". (Looking at the next patch too.) But, that's just my curiosity. Reviewed-by: Laszlo Ersek Thanks Laszlo > diff --git a/MdePkg/MdePkg.uni b/MdePkg/MdePkg.uni > index c359bb4b5b..5c1fa24065 100644 > --- a/MdePkg/MdePkg.uni > +++ b/MdePkg/MdePkg.uni > @@ -149,6 +149,14 @@ > " BIT0 - SMM CET Shadow Stack is enabled.
\n" > " Other - reserved" > > +#string STR_gEfiMdePkgTokenSpaceGuid_PcdSpeculationBarrierType_PROMPT #language en-US "Speculation Barrier Type." > + > +#string STR_gEfiMdePkgTokenSpaceGuid_PcdSpeculationBarrierType_HELP #language en-US "Indicates the type of instruction sequence to use for a speculation.barrier. The default instruction sequence is LFENCE.

\n" > + "0x00 - No operation.
\n" > + "0x01 - LFENCE (IA32/X64).
\n" > + "0x02 - CPUID (IA32/X64).
\n" > + "Other - reserved" > + > #string STR_gEfiMdePkgTokenSpaceGuid_PcdMaximumAsciiStringLength_PROMPT #language en-US "Maximum Length of Ascii String" > > #string STR_gEfiMdePkgTokenSpaceGuid_PcdMaximumAsciiStringLength_HELP #language en-US "Sets the maximum number of ASCII characters used for string functions. This affects the following BaseLib functions: AsciiStrLen(), AsciiStrSize(), AsciiStrCmp(), AsciiStrnCmp(), AsciiStrCpy(), AsciiStrnCpy().

\n" >