1 /* 2 * Copyright (C) 2018-2022 Intel Corporation. 3 * 4 * SPDX-License-Identifier: BSD-3-Clause 5 */ 6 7 #ifndef SECURITY_H 8 #define SECURITY_H 9 10 /* type of speculation control 11 * 0 - no speculation control support 12 * 1 - raw IBRS + IBPB support 13 * 2 - with STIBP optimization support 14 */ 15 #define IBRS_NONE 0 16 #define IBRS_RAW 1 17 #define IBRS_OPT 2 18 19 #ifndef ASSEMBLER 20 int32_t get_ibrs_type(void); 21 void cpu_l1d_flush(void); 22 bool check_cpu_security_cap(void); 23 void cpu_internal_buffers_clear(void); 24 bool is_ept_force_4k_ipage(void); 25 uint64_t get_random_value(void); 26 void disable_rrsba(void); 27 28 #ifdef STACK_PROTECTOR 29 struct stack_canary { 30 /* Gcc generates extra code, using [fs:40] to access canary */ 31 uint8_t reserved[40]; 32 uint64_t canary; 33 }; 34 void set_fs_base(void); 35 #endif 36 37 #endif /* ASSEMBLER */ 38 39 #endif /* SECURITY_H */ 40