fix(security): optimisations for CVE-2022-23960

Optimised the loop workaround for Spectre_BHB mitigation:
1. use of speculation barrier for cores implementing SB instruction.
2. use str/ldr instead of stp/ldp as the loop uses only X2 register.

Signed-off-by: Bipin Ravi <bipin.ravi@arm.com>
Change-Id: I8ac53ea1e42407ad8004c1d59c05f791011f195d

include/arch/aarch64/asm_macros.S

@@ -214,6 +214,19 @@
 	ret
 	.endm
 
+	/*
+	 * Macro for using speculation barrier instruction introduced by
+	 * FEAT_SB, if it's enabled.
+	 */
+	.macro speculation_barrier
+#if ENABLE_FEAT_SB
+	sb
+#else
+	dsb	sy
+	isb
+#endif
+	.endm
+
 	/*
 	 * Macro for mitigating against speculative execution beyond ERET. Uses the
 	 * speculation barrier instruction introduced by FEAT_SB, if it's enabled.

lib/cpus/aarch64/wa_cve_2022_23960_bhb.S

@@ -9,11 +9,11 @@
 #if WORKAROUND_CVE_2022_23960
 	/*
 	 * This macro applies the mitigation for CVE-2022-23960.
-         * The macro saves x2-x3 to the CPU context.
+         * The macro saves x2 to the CPU context.
          * SP should point to the CPU context.
 	 */
 	.macro	apply_cve_2022_23960_bhb_wa _bhb_loop_count
-	stp	x2, x3, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X2]
+	str	x2, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X2]
 
 	/* CVE-BHB-NUM loop count */
 	mov	x2, \_bhb_loop_count
@@ -24,8 +24,7 @@
 2:
 	subs	x2, x2, #1
 	bne	1b
-	dsb	sy
+	speculation_barrier
-	isb
+	ldr	x2, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X2]
-	ldp	x2, x3, [sp, #CTX_GPREGS_OFFSET + CTX_GPREG_X2]
 	.endm
 #endif /* WORKAROUND_CVE_2022_23960 */