From: Andrew Cooper <andrew.cooper3@citrix.com>

Subject: x86/spec-ctrl: Rework SPEC_CTRL_ENTRY_FROM_INTR_IST

We are shortly going to add a conditional IBPB in this path.

Therefore, we cannot hold spec_ctrl_flags in %eax, and rely on only clobbering

it after we're done with its contents.  %rbx is available for use, and the

more normal register to hold preserved information in.

With %rax freed up, use it instead of %rdx for the RSB tmp register, and for

the adjustment to spec_ctrl_flags.

This leaves no use of %rdx, except as 0 for the upper half of WRMSR.  In

practice, %rdx is 0 from SAVE_ALL on all paths and isn't likely to change in

the foreseeable future, so update the macro entry requirements to state this

dependency.  This marginal optimisation can be revisited if circumstances

change.

No practical change.

This is part of XSA-407.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>

Reviewed-by: Jan Beulich <jbeulich@suse.com>

diff --git a/xen/arch/x86/x86_64/entry.S b/xen/arch/x86/x86_64/entry.S

index 2a86938f1f32..a1810bf4d311 100644

--- a/xen/arch/x86/x86_64/entry.S

+++ b/xen/arch/x86/x86_64/entry.S

@@ -932,7 +932,7 @@ ENTRY(double_fault)

         GET_STACK_END(14)

-        SPEC_CTRL_ENTRY_FROM_INTR_IST /* Req: %rsp=regs, %r14=end, Clob: acd */

+        SPEC_CTRL_ENTRY_FROM_INTR_IST /* Req: %rsp=regs, %r14=end, %rdx=0, Clob: abcd */

         /* WARNING! `ret`, `call *`, `jmp *` not safe before this point. */

         mov   STACK_CPUINFO_FIELD(xen_cr3)(%r14), %rbx

@@ -968,7 +968,7 @@ handle_ist_exception:

         GET_STACK_END(14)

-        SPEC_CTRL_ENTRY_FROM_INTR_IST /* Req: %rsp=regs, %r14=end, Clob: acd */

+        SPEC_CTRL_ENTRY_FROM_INTR_IST /* Req: %rsp=regs, %r14=end, %rdx=0, Clob: abcd */

         /* WARNING! `ret`, `call *`, `jmp *` not safe before this point. */

         mov   STACK_CPUINFO_FIELD(xen_cr3)(%r14), %rcx

diff --git a/xen/include/asm-x86/spec_ctrl_asm.h b/xen/include/asm-x86/spec_ctrl_asm.h

index 0ff1b118f882..15e24cde00d1 100644

--- a/xen/include/asm-x86/spec_ctrl_asm.h

+++ b/xen/include/asm-x86/spec_ctrl_asm.h

@@ -251,34 +251,33 @@

  */

 .macro SPEC_CTRL_ENTRY_FROM_INTR_IST

 /*

- * Requires %rsp=regs, %r14=stack_end

- * Clobbers %rax, %rcx, %rdx

+ * Requires %rsp=regs, %r14=stack_end, %rdx=0

+ * Clobbers %rax, %rbx, %rcx, %rdx

  *

  * This is logical merge of DO_OVERWRITE_RSB and DO_SPEC_CTRL_ENTRY

  * maybexen=1, but with conditionals rather than alternatives.

  */

-    movzbl STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14), %eax

+    movzbl STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14), %ebx

-    test $SCF_ist_rsb, %al

+    test $SCF_ist_rsb, %bl

     jz .L\@_skip_rsb

-    DO_OVERWRITE_RSB tmp=rdx /* Clobbers %rcx/%rdx */

+    DO_OVERWRITE_RSB         /* Clobbers %rax/%rcx */

 .L\@_skip_rsb:

-    test $SCF_ist_sc_msr, %al

+    test $SCF_ist_sc_msr, %bl

     jz .L\@_skip_msr_spec_ctrl

-    xor %edx, %edx

+    xor %eax, %eax

     testb $3, UREGS_cs(%rsp)

-    setnz %dl

-    not %edx

-    and %dl, STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14)

+    setnz %al

+    not %eax

+    and %al, STACK_CPUINFO_FIELD(spec_ctrl_flags)(%r14)

     /* Load Xen's intended value. */

     mov $MSR_SPEC_CTRL, %ecx

     movzbl STACK_CPUINFO_FIELD(xen_spec_ctrl)(%r14), %eax

-    xor %edx, %edx

     wrmsr

     /* Opencoded UNLIKELY_START() with no condition. */