Attention is currently required from: Christian Walter, Arthur Heymans, Kyösti Mälkki, Patrick Rudolph. Angel Pons has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/54010 )
Change subject: cpu/x86/entry16.S: Make Intel CBnT TOCTOU safe ......................................................................
Patch Set 2:
(1 comment)
File src/cpu/x86/entry16.S:
https://review.coreboot.org/c/coreboot/+/54010/comment/e8c68ccf_2cd80a89 PS2, Line 135: 2: The main concern I have with your approach is that the cr0 read-modify-write sequence is repeated twice, but I'm not bothered enough to block this change.
The advantage with how I did it, is that for non-CBnT platforms nothing changes.
Sure.
Keeping track of registers depending on CPP is probably better to avoid.
Even with your approach, %ecx and %edx are only clobbered inside the #if/#endif section. In any case, the code that sets up IDT/GDT already clobbers these registers.
See the discussion in CB:38252
I see this comment from kmalkki:
Just my personal preference, there is a read-modify-write sequence on cr0 that I would rather not see split to so many lines. Specially with rdmsr there in the middle register usage is not so obvious.
I didn't split the read-modify-write sequence because of this.