> -----Original Message----- > From: Laszlo Ersek [mailto:ler...@redhat.com] > Sent: Tuesday, September 25, 2018 9:01 PM > To: Wu, Hao A; edk2-devel@lists.01.org > Cc: Yao, Jiewen; Gao, Liming; Kinney, Michael D > Subject: Re: [edk2] [PATCH v2 1/5] MdePkg/BaseLib: Add new AsmLfence API > > Hi Hao, > > On 09/25/18 08:12, Hao Wu wrote: > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1193 > > > > This commit will add a new BaseLib API AsmLfence(). This API will perform > > a serializing operation on all load-from-memory instructions that were > > issued prior to the call of this function. Please note that this API is > > only available on IA-32 and x64. > > > > The purpose of adding this API is to mitigate of the [CVE-2017-5753] > > Bounds Check Bypass issue when untrusted data are being processed within > > SMM. More details can be referred at the 'Bounds check bypass mitigation' > > section at the below link: > > > > https://software.intel.com/security-software-guidance/insights/host- > firmware-speculative-execution-side-channel-mitigation > > > > Cc: Ard Biesheuvel <ard.biesheu...@linaro.org> > > Cc: Leif Lindholm <leif.lindh...@linaro.org> > > Cc: Laszlo Ersek <ler...@redhat.com> > > Cc: Jiewen Yao <jiewen....@intel.com> > > Cc: Michael D Kinney <michael.d.kin...@intel.com> > > Cc: Liming Gao <liming....@intel.com> > > Contributed-under: TianoCore Contribution Agreement 1.1 > > Signed-off-by: Hao Wu <hao.a...@intel.com> > > --- > > MdePkg/Include/Library/BaseLib.h | 13 +++++++ > > MdePkg/Library/BaseLib/BaseLib.inf | 2 ++ > > MdePkg/Library/BaseLib/Ia32/Lfence.nasm | 37 +++++++++++++++++++ > > MdePkg/Library/BaseLib/X64/Lfence.nasm | 38 ++++++++++++++++++++ > > 4 files changed, 90 insertions(+) > > > > diff --git a/MdePkg/Include/Library/BaseLib.h > b/MdePkg/Include/Library/BaseLib.h > > index 123ae19dc2..656b7736b1 100644 > > --- a/MdePkg/Include/Library/BaseLib.h > > +++ b/MdePkg/Include/Library/BaseLib.h > > @@ -9139,6 +9139,19 @@ AsmWriteTr ( > > ); > > > > /** > > + Performs a serializing operation on all load-from-memory instructions > > that > > + were issued prior the AsmLfence function. > > + > > + Executes a LFENCE instruction. This function is only available on IA-32 > > and > x64. > > + > > +**/ > > +VOID > > +EFIAPI > > +AsmLfence ( > > + VOID > > + ); > > + > > +/** > > Patch the immediate operand of an IA32 or X64 instruction such that the > byte, > > word, dword or qword operand is encoded at the end of the instruction's > > binary representation. > > diff --git a/MdePkg/Library/BaseLib/BaseLib.inf > b/MdePkg/Library/BaseLib/BaseLib.inf > > index a1b5ec4b75..ed15c025f9 100644 > > --- a/MdePkg/Library/BaseLib/BaseLib.inf > > +++ b/MdePkg/Library/BaseLib/BaseLib.inf > > @@ -68,6 +68,7 @@ > > > > [Sources.Ia32] > > Ia32/WriteTr.nasm > > + Ia32/Lfence.nasm > > > > Ia32/Wbinvd.c | MSFT > > Ia32/WriteMm7.c | MSFT > > @@ -346,6 +347,7 @@ > > X64/EnableCache.nasm > > X64/DisableCache.nasm > > X64/WriteTr.nasm > > + X64/Lfence.nasm > > > > X64/CpuBreakpoint.c | MSFT > > X64/WriteMsr64.c | MSFT > > diff --git a/MdePkg/Library/BaseLib/Ia32/Lfence.nasm > b/MdePkg/Library/BaseLib/Ia32/Lfence.nasm > > new file mode 100644 > > index 0000000000..f8b2550ef8 > > --- /dev/null > > +++ b/MdePkg/Library/BaseLib/Ia32/Lfence.nasm > > @@ -0,0 +1,37 @@ > > +;------------------------------------------------------------------------------ > > ; > > +; Copyright (c) 2018, Intel Corporation. All rights reserved.<BR> > > +; This program and the accompanying materials > > +; are licensed and made available under the terms and conditions of the BSD > License > > +; which accompanies this distribution. The full text of the license may be > found at > > +; http://opensource.org/licenses/bsd-license.php. > > +; > > +; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > BASIS, > > +; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > EXPRESS OR IMPLIED. > > +; > > +; Module Name: > > +; > > +; Lfence.nasm > > +; > > +; Abstract: > > +; > > +; Performs a serializing operation on all load-from-memory instructions > that > > +; were issued prior to the call of this function. > > +; > > +; Notes: > > +; > > +;------------------------------------------------------------------------------ > > + > > + SECTION .text > > + > > +;------------------------------------------------------------------------------ > > +; VOID > > +; EFIAPI > > +; AsmLfence ( > > +; VOID > > +; ); > > +;------------------------------------------------------------------------------ > > +global ASM_PFX(AsmLfence) > > +ASM_PFX(AsmLfence): > > + lfence > > + ret > > + > > diff --git a/MdePkg/Library/BaseLib/X64/Lfence.nasm > b/MdePkg/Library/BaseLib/X64/Lfence.nasm > > new file mode 100644 > > index 0000000000..e81c77964b > > --- /dev/null > > +++ b/MdePkg/Library/BaseLib/X64/Lfence.nasm > > @@ -0,0 +1,38 @@ > > +;------------------------------------------------------------------------------ > > ; > > +; Copyright (c) 2018, Intel Corporation. All rights reserved.<BR> > > +; This program and the accompanying materials > > +; are licensed and made available under the terms and conditions of the BSD > License > > +; which accompanies this distribution. The full text of the license may be > found at > > +; http://opensource.org/licenses/bsd-license.php. > > +; > > +; THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" > BASIS, > > +; WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER > EXPRESS OR IMPLIED. > > +; > > +; Module Name: > > +; > > +; Lfence.nasm > > +; > > +; Abstract: > > +; > > +; Performs a serializing operation on all load-from-memory instructions > that > > +; were issued prior to the call of this function. > > +; > > +; Notes: > > +; > > +;------------------------------------------------------------------------------ > > + > > + DEFAULT REL > > + SECTION .text > > + > > +;------------------------------------------------------------------------------ > > +; VOID > > +; EFIAPI > > +; AsmLfence ( > > +; VOID > > +; ); > > +;------------------------------------------------------------------------------ > > +global ASM_PFX(AsmLfence) > > +ASM_PFX(AsmLfence): > > + lfence > > + ret > > + > > > > "git-am" complained about this patch: > > > Applying: MdePkg/BaseLib: Add new AsmLfence API > > .git/rebase-apply/patch:94: new blank line at EOF. > > + > > .git/rebase-apply/patch:138: new blank line at EOF. > > + > > warning: 2 lines add whitespace errors. > > The message seems to refer to the two new NASM files. > > (I think it's OK to strip those empty lines before pushing.)
Hi Laszlo, After some quick checks, I found that both the newly introduced NASM files have an extra empty line before the EOF. I will remove them and just keep one empty line before EOF for those 2 NASM files. Thanks for spotting the issue. Best Regards, Hao Wu > > Thanks > Laszlo _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
