On 04.03.2024 17:10, Andrew Cooper wrote:
> --- a/xen/include/xen/nospec.h
> +++ b/xen/include/xen/nospec.h
> @@ -9,6 +9,29 @@
>
> #include <asm/nospec.h>
>
> +/*
> + * Protect a conditional branch from bad speculation. Architectures *must*
> + * provide arch_evaluate_nospec() for this to be effective.
> + */
> +static always_inline bool evaluate_nospec(bool cond)
> +{
> +#ifndef arch_evaluate_nospec
> +#define arch_evaluate_nospec(cond) cond
Hmm, noticed only while replying to patch 2: If the #define is to be kept
(see my reply there) it needs to be one of
#define arch_evaluate_nospec(cond) (cond)
or
#define arch_evaluate_nospec
Or it ought to be #undef-ed after use (thus preventing use in a context
where "cond" may expand to other than "cond").
Jan
> +#endif
> + return arch_evaluate_nospec(cond);
> +}
> +
> +/*
> + * Halt speculation unconditonally. Architectures *must* provide
> + * arch_block_speculation() for this to be effective.
> + */
> +static always_inline void block_speculation(void)
> +{
> +#ifdef arch_block_speculation
> + arch_block_speculation();
> +#endif
> +}
> +
> /**
> * array_index_mask_nospec() - generate a ~0 mask when index < size, 0
> otherwise
> * @index: array element index
