x86/spec-ctrl: Rework SPEC_CTRL_ENTRY_FROM_INTR_IST

We are shortly going to add a conditional IBPB in this path.

Therefore, we cannot hold spec_ctrl_flags in %eax, and rely on only clobbering
it after we're done with its contents.  %rbx is available for use, and the
more normal register to hold preserved information in.

With %rax freed up, use it instead of %rdx for the RSB tmp register, and for
the adjustment to spec_ctrl_flags.

This leaves no use of %rdx, except as 0 for the upper half of WRMSR.  In
practice, %rdx is 0 from SAVE_ALL on all paths and isn't likely to change in
the foreseeable future, so update the macro entry requirements to state this
dependency.  This marginal optimisation can be revisited if circumstances
change.

No practical change.

This is part of XSA-407.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>

diff --git a/xen/arch/x86/include/asm/spec_ctrl_asm.h b/xen/arch/x86/include/asm/spec_ctrl_asm.h
index 0ff1b118f882c7ccb96e4e91f7af3a747f1e5e62..15e24cde00d119efb2aeb6202549324c6947dbbe 100644 (file)
--- a/xen/arch/x86/include/asm/spec_ctrl_asm.h
+++ b/xen/arch/x86/include/asm/spec_ctrl_asm.h
@@ -251,34 +251,33 @@
  */
 .macro SPEC_CTRL_ENTRY_FROM_INTR_IST
 /*
- * Requires %rsp=regs, %r14=stack_end
- * Clobbers %rax, %rcx, %rdx
+ * Requires %rsp=regs, %r14=stack_end, %rdx=0
+ * Clobbers %rax, %rbx, %rcx, %rdx
  *
  * This is logical merge of DO_OVERWRITE_RSB and DO_SPEC_CTRL_ENTRY
  * maybexen=1, but with conditionals rather than alternatives.
  */
-    movzbl STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14), %eax
+    movzbl STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14), %ebx
 
-    test $SCF_ist_rsb, %al
+    test $SCF_ist_rsb, %bl
     jz .L\@_skip_rsb
 
-    DO_OVERWRITE_RSB tmp=rdx /* Clobbers %rcx/%rdx */
+    DO_OVERWRITE_RSB         /* Clobbers %rax/%rcx */
 
 .L\@_skip_rsb:
 
-    test $SCF_ist_sc_msr, %al
+    test $SCF_ist_sc_msr, %bl
     jz .L\@_skip_msr_spec_ctrl
 
-    xor %edx, %edx
+    xor %eax, %eax
     testb $3, UREGS_cs(%rsp)
-    setnz %dl
-    not %edx
-    and %dl, STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14)
+    setnz %al
+    not %eax
+    and %al, STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14)
 
     /* Load Xen's intended value. */
     mov $MSR_SPEC_CTRL, %ecx
     movzbl STACK_CPUINFO_FIELD(xen_spec_ctrl)(%r14), %eax
-    xor %edx, %edx
     wrmsr
 
     /* Opencoded UNLIKELY_START() with no condition. */

diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S
index ea6f0afbc2b435c37194ca00956bd2772dc378a0..5ad5c36128aae6d917888cd42bd5a61d89b5fdc1 100644 (file)
--- a/xen/arch/x86/x86_64/entry.S
+++ b/xen/arch/x86/x86_64/entry.S
@@ -966,7 +966,7 @@ ENTRY(double_fault)
 
         GET_STACK_END(14)
 
-        SPEC_CTRL_ENTRY_FROM_INTR_IST /* Req: %rsp=regs, %r14=end, Clob: acd */
+        SPEC_CTRL_ENTRY_FROM_INTR_IST /* Req: %rsp=regs, %r14=end, %rdx=0, Clob: abcd */
         /* WARNING! `ret`, `call *`, `jmp *` not safe before this point. */
 
         mov   STACK_CPUINFO_FIELD(xen_cr3)(%r14), %rbx
@@ -1002,7 +1002,7 @@ handle_ist_exception:
 
         GET_STACK_END(14)
 
-        SPEC_CTRL_ENTRY_FROM_INTR_IST /* Req: %rsp=regs, %r14=end, Clob: acd */
+        SPEC_CTRL_ENTRY_FROM_INTR_IST /* Req: %rsp=regs, %r14=end, %rdx=0, Clob: abcd */
         /* WARNING! `ret`, `call *`, `jmp *` not safe before this point. */
 
         mov   STACK_CPUINFO_FIELD(xen_cr3)(%r14), %rcx