File xsa456-0o.patch of Package xen

# Commit 45dac88e78e8a2d9d8738eef884fe6730faf9e67
# Date 2024-04-09 16:37:30 +0100
# Author Andrew Cooper <andrew.cooper3@citrix.com>
# Committer Andrew Cooper <andrew.cooper3@citrix.com>
x86/spec-ctrl: Widen the {xen,last,default}_spec_ctrl fields

Right now, they're all bytes, but MSR_SPEC_CTRL has been steadily gaining new
features.

No functional change.

Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/arch/x86/hvm/vmx/entry.S
+++ b/xen/arch/x86/hvm/vmx/entry.S
@@ -52,7 +52,7 @@ ENTRY(vmx_asm_vmexit_handler)
          * also suffer from PBRSB, the prior RSB stuffing suffices to make the
          * RSB safe.
          */
-        ALTERNATIVE __stringify(ASM_NOP36), DO_SPEC_CTRL_ENTRY_FROM_HVM, X86_FEATURE_SC_MSR_HVM
+        ALTERNATIVE __stringify(ASM_NOP35), DO_SPEC_CTRL_ENTRY_FROM_HVM, X86_FEATURE_SC_MSR_HVM
         ALTERNATIVE "lfence", "", X86_SPEC_NO_LFENCE_ENTRY_VMX
         /* WARNING! `ret`, `call *`, `jmp *` not safe before this point. */
 
--- a/xen/arch/x86/spec_ctrl.c
+++ b/xen/arch/x86/spec_ctrl.c
@@ -65,7 +65,7 @@ int8_t __read_mostly opt_l1d_flush = -1;
 static bool __initdata opt_lock_harden;
 
 bool __initdata bsp_delay_spec_ctrl;
-uint8_t __read_mostly default_xen_spec_ctrl;
+unsigned int __read_mostly default_xen_spec_ctrl;
 uint8_t __read_mostly default_scf;
 
 paddr_t __read_mostly l1tf_addr_mask, __read_mostly l1tf_safe_maddr;
--- a/xen/include/asm-x86/current.h
+++ b/xen/include/asm-x86/current.h
@@ -55,7 +55,7 @@ struct cpu_info {
 
     /* See asm-x86/spec_ctrl_asm.h for usage. */
     unsigned int shadow_spec_ctrl;
-    uint8_t      xen_spec_ctrl;
+    unsigned int xen_spec_ctrl;
     uint8_t      scf; /* SCF_* */
 
     /*
@@ -73,7 +73,7 @@ struct cpu_info {
      */
     bool         use_pv_cr3;
 
-    unsigned long __pad;
+    /* unsigned long __pad; */
     /* get_stack_bottom() must be 16-byte aligned */
 };
 
--- a/xen/include/asm-x86/nops.h
+++ b/xen/include/asm-x86/nops.h
@@ -66,9 +66,8 @@
 #define ASM_NOP17 ASM_NOP8; ASM_NOP7; ASM_NOP2
 #define ASM_NOP22 ASM_NOP8; ASM_NOP8; ASM_NOP6
 #define ASM_NOP24 ASM_NOP8; ASM_NOP8; ASM_NOP8
-#define ASM_NOP25 ASM_NOP8; ASM_NOP8; ASM_NOP7; ASM_NOP2
-#define ASM_NOP33 ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP7; ASM_NOP2
-#define ASM_NOP36 ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP4
+#define ASM_NOP32 ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP8
+#define ASM_NOP35 ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP3
 #define ASM_NOP40 ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP8; ASM_NOP8
 #else
 #define ASM_NOP40 _ASM_MK_NOP(K8_NOP8, K8_NOP8, K8_NOP8, K8_NOP8, K8_NOP8)
--- a/xen/include/asm-x86/spec_ctrl.h
+++ b/xen/include/asm-x86/spec_ctrl.h
@@ -55,7 +55,7 @@ extern int8_t opt_eager_fpu;
 extern int8_t opt_l1d_flush;
 
 extern bool bsp_delay_spec_ctrl;
-extern uint8_t default_xen_spec_ctrl;
+extern unsigned int default_xen_spec_ctrl;
 extern uint8_t default_scf;
 
 extern int8_t opt_xpti_hwdom, opt_xpti_domu;
--- a/xen/include/asm-x86/spec_ctrl_asm.h
+++ b/xen/include/asm-x86/spec_ctrl_asm.h
@@ -207,7 +207,7 @@ LBLn(insert_rsb_entry):;
     andb $~SCF_use_shadow, CPUINFO_scf(%rsp)
 
     /* Load Xen's intended value. */
-    movzbl CPUINFO_xen_spec_ctrl(%rsp), %eax
+    mov CPUINFO_xen_spec_ctrl(%rsp), %eax
     wrmsr
 .endm
 
@@ -276,10 +276,10 @@ LBLn(insert_rsb_entry):;
         setnz %al
         not %eax
         and %al, STACK_CPUINFO_FIELD(scf)(%r14)
-        movzbl STACK_CPUINFO_FIELD(xen_spec_ctrl)(%r14), %eax
+        mov STACK_CPUINFO_FIELD(xen_spec_ctrl)(%r14), %eax
     .else
         andb $~SCF_use_shadow, CPUINFO_scf(%rsp)
-        movzbl CPUINFO_xen_spec_ctrl(%rsp), %eax
+        mov  CPUINFO_xen_spec_ctrl(%rsp), %eax
     .endif
 
     wrmsr
@@ -342,7 +342,7 @@ LBLn(insert_rsb_entry):;
      * eIBRS, this prevents CALLs/JMPs using predictions learnt at a lower
      * predictor mode, and it flushes the RSB.
      */
-    ALTERNATIVE __stringify(ASM_NOP25),                                 \
+    ALTERNATIVE __stringify(ASM_NOP24),                                 \
         __stringify(DO_SPEC_CTRL_ENTRY maybexen=0), X86_FEATURE_SC_MSR_PV
 
     ALTERNATIVE "lfence", "", X86_SPEC_NO_LFENCE_ENTRY_PV
@@ -381,7 +381,7 @@ LBLn(insert_rsb_entry):;
         DO_OVERWRITE_RSB, X86_FEATURE_SC_RSB_PV
 
 .L\@_skip:
-    ALTERNATIVE __stringify(ASM_NOP33),                                 \
+    ALTERNATIVE __stringify(ASM_NOP32),                                 \
         __stringify(DO_SPEC_CTRL_ENTRY maybexen=1), X86_FEATURE_SC_MSR_PV
 
     ALTERNATIVE "lfence", "", X86_SPEC_NO_LFENCE_ENTRY_INTR
@@ -480,7 +480,7 @@ LBLn(insert_rsb_entry):;
 
     /* Load Xen's intended value. */
     mov $MSR_SPEC_CTRL, %ecx
-    movzbl STACK_CPUINFO_FIELD(xen_spec_ctrl)(%r14), %eax
+    mov STACK_CPUINFO_FIELD(xen_spec_ctrl)(%r14), %eax
     wrmsr
 
 .L\@_skip_msr_spec_ctrl: