Loading...
1/*
2 * Copyright (C) 2001 Ben. Herrenschmidt (benh@kernel.crashing.org)
3 *
4 * Modifications for ppc64:
5 * Copyright (C) 2003 Dave Engebretsen <engebret@us.ibm.com>
6 *
7 * Copyright 2008 Michael Ellerman, IBM Corporation.
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
13 */
14
15#include <linux/types.h>
16#include <linux/jump_label.h>
17#include <linux/kernel.h>
18#include <linux/string.h>
19#include <linux/init.h>
20#include <linux/sched/mm.h>
21#include <asm/cputable.h>
22#include <asm/code-patching.h>
23#include <asm/page.h>
24#include <asm/sections.h>
25#include <asm/setup.h>
26#include <asm/security_features.h>
27#include <asm/firmware.h>
28
29struct fixup_entry {
30 unsigned long mask;
31 unsigned long value;
32 long start_off;
33 long end_off;
34 long alt_start_off;
35 long alt_end_off;
36};
37
38static unsigned int *calc_addr(struct fixup_entry *fcur, long offset)
39{
40 /*
41 * We store the offset to the code as a negative offset from
42 * the start of the alt_entry, to support the VDSO. This
43 * routine converts that back into an actual address.
44 */
45 return (unsigned int *)((unsigned long)fcur + offset);
46}
47
48static int patch_alt_instruction(unsigned int *src, unsigned int *dest,
49 unsigned int *alt_start, unsigned int *alt_end)
50{
51 unsigned int instr;
52
53 instr = *src;
54
55 if (instr_is_relative_branch(*src)) {
56 unsigned int *target = (unsigned int *)branch_target(src);
57
58 /* Branch within the section doesn't need translating */
59 if (target < alt_start || target > alt_end) {
60 instr = translate_branch(dest, src);
61 if (!instr)
62 return 1;
63 }
64 }
65
66 raw_patch_instruction(dest, instr);
67
68 return 0;
69}
70
71static int patch_feature_section(unsigned long value, struct fixup_entry *fcur)
72{
73 unsigned int *start, *end, *alt_start, *alt_end, *src, *dest;
74
75 start = calc_addr(fcur, fcur->start_off);
76 end = calc_addr(fcur, fcur->end_off);
77 alt_start = calc_addr(fcur, fcur->alt_start_off);
78 alt_end = calc_addr(fcur, fcur->alt_end_off);
79
80 if ((alt_end - alt_start) > (end - start))
81 return 1;
82
83 if ((value & fcur->mask) == fcur->value)
84 return 0;
85
86 src = alt_start;
87 dest = start;
88
89 for (; src < alt_end; src++, dest++) {
90 if (patch_alt_instruction(src, dest, alt_start, alt_end))
91 return 1;
92 }
93
94 for (; dest < end; dest++)
95 raw_patch_instruction(dest, PPC_INST_NOP);
96
97 return 0;
98}
99
100void do_feature_fixups(unsigned long value, void *fixup_start, void *fixup_end)
101{
102 struct fixup_entry *fcur, *fend;
103
104 fcur = fixup_start;
105 fend = fixup_end;
106
107 for (; fcur < fend; fcur++) {
108 if (patch_feature_section(value, fcur)) {
109 WARN_ON(1);
110 printk("Unable to patch feature section at %p - %p" \
111 " with %p - %p\n",
112 calc_addr(fcur, fcur->start_off),
113 calc_addr(fcur, fcur->end_off),
114 calc_addr(fcur, fcur->alt_start_off),
115 calc_addr(fcur, fcur->alt_end_off));
116 }
117 }
118}
119
120#ifdef CONFIG_PPC_BOOK3S_64
121void do_stf_entry_barrier_fixups(enum stf_barrier_type types)
122{
123 unsigned int instrs[3], *dest;
124 long *start, *end;
125 int i;
126
127 start = PTRRELOC(&__start___stf_entry_barrier_fixup),
128 end = PTRRELOC(&__stop___stf_entry_barrier_fixup);
129
130 instrs[0] = 0x60000000; /* nop */
131 instrs[1] = 0x60000000; /* nop */
132 instrs[2] = 0x60000000; /* nop */
133
134 i = 0;
135 if (types & STF_BARRIER_FALLBACK) {
136 instrs[i++] = 0x7d4802a6; /* mflr r10 */
137 instrs[i++] = 0x60000000; /* branch patched below */
138 instrs[i++] = 0x7d4803a6; /* mtlr r10 */
139 } else if (types & STF_BARRIER_EIEIO) {
140 instrs[i++] = 0x7e0006ac; /* eieio + bit 6 hint */
141 } else if (types & STF_BARRIER_SYNC_ORI) {
142 instrs[i++] = 0x7c0004ac; /* hwsync */
143 instrs[i++] = 0xe94d0000; /* ld r10,0(r13) */
144 instrs[i++] = 0x63ff0000; /* ori 31,31,0 speculation barrier */
145 }
146
147 for (i = 0; start < end; start++, i++) {
148 dest = (void *)start + *start;
149
150 pr_devel("patching dest %lx\n", (unsigned long)dest);
151
152 patch_instruction(dest, instrs[0]);
153
154 if (types & STF_BARRIER_FALLBACK)
155 patch_branch(dest + 1, (unsigned long)&stf_barrier_fallback,
156 BRANCH_SET_LINK);
157 else
158 patch_instruction(dest + 1, instrs[1]);
159
160 patch_instruction(dest + 2, instrs[2]);
161 }
162
163 printk(KERN_DEBUG "stf-barrier: patched %d entry locations (%s barrier)\n", i,
164 (types == STF_BARRIER_NONE) ? "no" :
165 (types == STF_BARRIER_FALLBACK) ? "fallback" :
166 (types == STF_BARRIER_EIEIO) ? "eieio" :
167 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync"
168 : "unknown");
169}
170
171void do_stf_exit_barrier_fixups(enum stf_barrier_type types)
172{
173 unsigned int instrs[6], *dest;
174 long *start, *end;
175 int i;
176
177 start = PTRRELOC(&__start___stf_exit_barrier_fixup),
178 end = PTRRELOC(&__stop___stf_exit_barrier_fixup);
179
180 instrs[0] = 0x60000000; /* nop */
181 instrs[1] = 0x60000000; /* nop */
182 instrs[2] = 0x60000000; /* nop */
183 instrs[3] = 0x60000000; /* nop */
184 instrs[4] = 0x60000000; /* nop */
185 instrs[5] = 0x60000000; /* nop */
186
187 i = 0;
188 if (types & STF_BARRIER_FALLBACK || types & STF_BARRIER_SYNC_ORI) {
189 if (cpu_has_feature(CPU_FTR_HVMODE)) {
190 instrs[i++] = 0x7db14ba6; /* mtspr 0x131, r13 (HSPRG1) */
191 instrs[i++] = 0x7db04aa6; /* mfspr r13, 0x130 (HSPRG0) */
192 } else {
193 instrs[i++] = 0x7db243a6; /* mtsprg 2,r13 */
194 instrs[i++] = 0x7db142a6; /* mfsprg r13,1 */
195 }
196 instrs[i++] = 0x7c0004ac; /* hwsync */
197 instrs[i++] = 0xe9ad0000; /* ld r13,0(r13) */
198 instrs[i++] = 0x63ff0000; /* ori 31,31,0 speculation barrier */
199 if (cpu_has_feature(CPU_FTR_HVMODE)) {
200 instrs[i++] = 0x7db14aa6; /* mfspr r13, 0x131 (HSPRG1) */
201 } else {
202 instrs[i++] = 0x7db242a6; /* mfsprg r13,2 */
203 }
204 } else if (types & STF_BARRIER_EIEIO) {
205 instrs[i++] = 0x7e0006ac; /* eieio + bit 6 hint */
206 }
207
208 for (i = 0; start < end; start++, i++) {
209 dest = (void *)start + *start;
210
211 pr_devel("patching dest %lx\n", (unsigned long)dest);
212
213 patch_instruction(dest, instrs[0]);
214 patch_instruction(dest + 1, instrs[1]);
215 patch_instruction(dest + 2, instrs[2]);
216 patch_instruction(dest + 3, instrs[3]);
217 patch_instruction(dest + 4, instrs[4]);
218 patch_instruction(dest + 5, instrs[5]);
219 }
220 printk(KERN_DEBUG "stf-barrier: patched %d exit locations (%s barrier)\n", i,
221 (types == STF_BARRIER_NONE) ? "no" :
222 (types == STF_BARRIER_FALLBACK) ? "fallback" :
223 (types == STF_BARRIER_EIEIO) ? "eieio" :
224 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync"
225 : "unknown");
226}
227
228
229void do_stf_barrier_fixups(enum stf_barrier_type types)
230{
231 do_stf_entry_barrier_fixups(types);
232 do_stf_exit_barrier_fixups(types);
233}
234
235void do_rfi_flush_fixups(enum l1d_flush_type types)
236{
237 unsigned int instrs[3], *dest;
238 long *start, *end;
239 int i;
240
241 start = PTRRELOC(&__start___rfi_flush_fixup),
242 end = PTRRELOC(&__stop___rfi_flush_fixup);
243
244 instrs[0] = 0x60000000; /* nop */
245 instrs[1] = 0x60000000; /* nop */
246 instrs[2] = 0x60000000; /* nop */
247
248 if (types & L1D_FLUSH_FALLBACK)
249 /* b .+16 to fallback flush */
250 instrs[0] = 0x48000010;
251
252 i = 0;
253 if (types & L1D_FLUSH_ORI) {
254 instrs[i++] = 0x63ff0000; /* ori 31,31,0 speculation barrier */
255 instrs[i++] = 0x63de0000; /* ori 30,30,0 L1d flush*/
256 }
257
258 if (types & L1D_FLUSH_MTTRIG)
259 instrs[i++] = 0x7c12dba6; /* mtspr TRIG2,r0 (SPR #882) */
260
261 for (i = 0; start < end; start++, i++) {
262 dest = (void *)start + *start;
263
264 pr_devel("patching dest %lx\n", (unsigned long)dest);
265
266 patch_instruction(dest, instrs[0]);
267 patch_instruction(dest + 1, instrs[1]);
268 patch_instruction(dest + 2, instrs[2]);
269 }
270
271 printk(KERN_DEBUG "rfi-flush: patched %d locations (%s flush)\n", i,
272 (types == L1D_FLUSH_NONE) ? "no" :
273 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
274 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
275 ? "ori+mttrig type"
276 : "ori type" :
277 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
278 : "unknown");
279}
280#endif /* CONFIG_PPC_BOOK3S_64 */
281
282void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
283{
284 long *start, *end;
285 unsigned int *dest;
286
287 if (!(value & CPU_FTR_LWSYNC))
288 return ;
289
290 start = fixup_start;
291 end = fixup_end;
292
293 for (; start < end; start++) {
294 dest = (void *)start + *start;
295 raw_patch_instruction(dest, PPC_INST_LWSYNC);
296 }
297}
298
299static void do_final_fixups(void)
300{
301#if defined(CONFIG_PPC64) && defined(CONFIG_RELOCATABLE)
302 int *src, *dest;
303 unsigned long length;
304
305 if (PHYSICAL_START == 0)
306 return;
307
308 src = (int *)(KERNELBASE + PHYSICAL_START);
309 dest = (int *)KERNELBASE;
310 length = (__end_interrupts - _stext) / sizeof(int);
311
312 while (length--) {
313 raw_patch_instruction(dest, *src);
314 src++;
315 dest++;
316 }
317#endif
318}
319
320static unsigned long __initdata saved_cpu_features;
321static unsigned int __initdata saved_mmu_features;
322#ifdef CONFIG_PPC64
323static unsigned long __initdata saved_firmware_features;
324#endif
325
326void __init apply_feature_fixups(void)
327{
328 struct cpu_spec *spec = PTRRELOC(*PTRRELOC(&cur_cpu_spec));
329
330 *PTRRELOC(&saved_cpu_features) = spec->cpu_features;
331 *PTRRELOC(&saved_mmu_features) = spec->mmu_features;
332
333 /*
334 * Apply the CPU-specific and firmware specific fixups to kernel text
335 * (nop out sections not relevant to this CPU or this firmware).
336 */
337 do_feature_fixups(spec->cpu_features,
338 PTRRELOC(&__start___ftr_fixup),
339 PTRRELOC(&__stop___ftr_fixup));
340
341 do_feature_fixups(spec->mmu_features,
342 PTRRELOC(&__start___mmu_ftr_fixup),
343 PTRRELOC(&__stop___mmu_ftr_fixup));
344
345 do_lwsync_fixups(spec->cpu_features,
346 PTRRELOC(&__start___lwsync_fixup),
347 PTRRELOC(&__stop___lwsync_fixup));
348
349#ifdef CONFIG_PPC64
350 saved_firmware_features = powerpc_firmware_features;
351 do_feature_fixups(powerpc_firmware_features,
352 &__start___fw_ftr_fixup, &__stop___fw_ftr_fixup);
353#endif
354 do_final_fixups();
355}
356
357void __init setup_feature_keys(void)
358{
359 /*
360 * Initialise jump label. This causes all the cpu/mmu_has_feature()
361 * checks to take on their correct polarity based on the current set of
362 * CPU/MMU features.
363 */
364 jump_label_init();
365 cpu_feature_keys_init();
366 mmu_feature_keys_init();
367}
368
369static int __init check_features(void)
370{
371 WARN(saved_cpu_features != cur_cpu_spec->cpu_features,
372 "CPU features changed after feature patching!\n");
373 WARN(saved_mmu_features != cur_cpu_spec->mmu_features,
374 "MMU features changed after feature patching!\n");
375#ifdef CONFIG_PPC64
376 WARN(saved_firmware_features != powerpc_firmware_features,
377 "Firmware features changed after feature patching!\n");
378#endif
379
380 return 0;
381}
382late_initcall(check_features);
383
384#ifdef CONFIG_FTR_FIXUP_SELFTEST
385
386#define check(x) \
387 if (!(x)) printk("feature-fixups: test failed at line %d\n", __LINE__);
388
389/* This must be after the text it fixes up, vmlinux.lds.S enforces that atm */
390static struct fixup_entry fixup;
391
392static long calc_offset(struct fixup_entry *entry, unsigned int *p)
393{
394 return (unsigned long)p - (unsigned long)entry;
395}
396
397static void test_basic_patching(void)
398{
399 extern unsigned int ftr_fixup_test1[];
400 extern unsigned int end_ftr_fixup_test1[];
401 extern unsigned int ftr_fixup_test1_orig[];
402 extern unsigned int ftr_fixup_test1_expected[];
403 int size = end_ftr_fixup_test1 - ftr_fixup_test1;
404
405 fixup.value = fixup.mask = 8;
406 fixup.start_off = calc_offset(&fixup, ftr_fixup_test1 + 1);
407 fixup.end_off = calc_offset(&fixup, ftr_fixup_test1 + 2);
408 fixup.alt_start_off = fixup.alt_end_off = 0;
409
410 /* Sanity check */
411 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
412
413 /* Check we don't patch if the value matches */
414 patch_feature_section(8, &fixup);
415 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
416
417 /* Check we do patch if the value doesn't match */
418 patch_feature_section(0, &fixup);
419 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0);
420
421 /* Check we do patch if the mask doesn't match */
422 memcpy(ftr_fixup_test1, ftr_fixup_test1_orig, size);
423 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
424 patch_feature_section(~8, &fixup);
425 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0);
426}
427
428static void test_alternative_patching(void)
429{
430 extern unsigned int ftr_fixup_test2[];
431 extern unsigned int end_ftr_fixup_test2[];
432 extern unsigned int ftr_fixup_test2_orig[];
433 extern unsigned int ftr_fixup_test2_alt[];
434 extern unsigned int ftr_fixup_test2_expected[];
435 int size = end_ftr_fixup_test2 - ftr_fixup_test2;
436
437 fixup.value = fixup.mask = 0xF;
438 fixup.start_off = calc_offset(&fixup, ftr_fixup_test2 + 1);
439 fixup.end_off = calc_offset(&fixup, ftr_fixup_test2 + 2);
440 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test2_alt);
441 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test2_alt + 1);
442
443 /* Sanity check */
444 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
445
446 /* Check we don't patch if the value matches */
447 patch_feature_section(0xF, &fixup);
448 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
449
450 /* Check we do patch if the value doesn't match */
451 patch_feature_section(0, &fixup);
452 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0);
453
454 /* Check we do patch if the mask doesn't match */
455 memcpy(ftr_fixup_test2, ftr_fixup_test2_orig, size);
456 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
457 patch_feature_section(~0xF, &fixup);
458 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0);
459}
460
461static void test_alternative_case_too_big(void)
462{
463 extern unsigned int ftr_fixup_test3[];
464 extern unsigned int end_ftr_fixup_test3[];
465 extern unsigned int ftr_fixup_test3_orig[];
466 extern unsigned int ftr_fixup_test3_alt[];
467 int size = end_ftr_fixup_test3 - ftr_fixup_test3;
468
469 fixup.value = fixup.mask = 0xC;
470 fixup.start_off = calc_offset(&fixup, ftr_fixup_test3 + 1);
471 fixup.end_off = calc_offset(&fixup, ftr_fixup_test3 + 2);
472 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test3_alt);
473 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test3_alt + 2);
474
475 /* Sanity check */
476 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
477
478 /* Expect nothing to be patched, and the error returned to us */
479 check(patch_feature_section(0xF, &fixup) == 1);
480 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
481 check(patch_feature_section(0, &fixup) == 1);
482 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
483 check(patch_feature_section(~0xF, &fixup) == 1);
484 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
485}
486
487static void test_alternative_case_too_small(void)
488{
489 extern unsigned int ftr_fixup_test4[];
490 extern unsigned int end_ftr_fixup_test4[];
491 extern unsigned int ftr_fixup_test4_orig[];
492 extern unsigned int ftr_fixup_test4_alt[];
493 extern unsigned int ftr_fixup_test4_expected[];
494 int size = end_ftr_fixup_test4 - ftr_fixup_test4;
495 unsigned long flag;
496
497 /* Check a high-bit flag */
498 flag = 1UL << ((sizeof(unsigned long) - 1) * 8);
499 fixup.value = fixup.mask = flag;
500 fixup.start_off = calc_offset(&fixup, ftr_fixup_test4 + 1);
501 fixup.end_off = calc_offset(&fixup, ftr_fixup_test4 + 5);
502 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test4_alt);
503 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test4_alt + 2);
504
505 /* Sanity check */
506 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
507
508 /* Check we don't patch if the value matches */
509 patch_feature_section(flag, &fixup);
510 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
511
512 /* Check we do patch if the value doesn't match */
513 patch_feature_section(0, &fixup);
514 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0);
515
516 /* Check we do patch if the mask doesn't match */
517 memcpy(ftr_fixup_test4, ftr_fixup_test4_orig, size);
518 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
519 patch_feature_section(~flag, &fixup);
520 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0);
521}
522
523static void test_alternative_case_with_branch(void)
524{
525 extern unsigned int ftr_fixup_test5[];
526 extern unsigned int end_ftr_fixup_test5[];
527 extern unsigned int ftr_fixup_test5_expected[];
528 int size = end_ftr_fixup_test5 - ftr_fixup_test5;
529
530 check(memcmp(ftr_fixup_test5, ftr_fixup_test5_expected, size) == 0);
531}
532
533static void test_alternative_case_with_external_branch(void)
534{
535 extern unsigned int ftr_fixup_test6[];
536 extern unsigned int end_ftr_fixup_test6[];
537 extern unsigned int ftr_fixup_test6_expected[];
538 int size = end_ftr_fixup_test6 - ftr_fixup_test6;
539
540 check(memcmp(ftr_fixup_test6, ftr_fixup_test6_expected, size) == 0);
541}
542
543static void test_cpu_macros(void)
544{
545 extern u8 ftr_fixup_test_FTR_macros[];
546 extern u8 ftr_fixup_test_FTR_macros_expected[];
547 unsigned long size = ftr_fixup_test_FTR_macros_expected -
548 ftr_fixup_test_FTR_macros;
549
550 /* The fixups have already been done for us during boot */
551 check(memcmp(ftr_fixup_test_FTR_macros,
552 ftr_fixup_test_FTR_macros_expected, size) == 0);
553}
554
555static void test_fw_macros(void)
556{
557#ifdef CONFIG_PPC64
558 extern u8 ftr_fixup_test_FW_FTR_macros[];
559 extern u8 ftr_fixup_test_FW_FTR_macros_expected[];
560 unsigned long size = ftr_fixup_test_FW_FTR_macros_expected -
561 ftr_fixup_test_FW_FTR_macros;
562
563 /* The fixups have already been done for us during boot */
564 check(memcmp(ftr_fixup_test_FW_FTR_macros,
565 ftr_fixup_test_FW_FTR_macros_expected, size) == 0);
566#endif
567}
568
569static void test_lwsync_macros(void)
570{
571 extern u8 lwsync_fixup_test[];
572 extern u8 end_lwsync_fixup_test[];
573 extern u8 lwsync_fixup_test_expected_LWSYNC[];
574 extern u8 lwsync_fixup_test_expected_SYNC[];
575 unsigned long size = end_lwsync_fixup_test -
576 lwsync_fixup_test;
577
578 /* The fixups have already been done for us during boot */
579 if (cur_cpu_spec->cpu_features & CPU_FTR_LWSYNC) {
580 check(memcmp(lwsync_fixup_test,
581 lwsync_fixup_test_expected_LWSYNC, size) == 0);
582 } else {
583 check(memcmp(lwsync_fixup_test,
584 lwsync_fixup_test_expected_SYNC, size) == 0);
585 }
586}
587
588static int __init test_feature_fixups(void)
589{
590 printk(KERN_DEBUG "Running feature fixup self-tests ...\n");
591
592 test_basic_patching();
593 test_alternative_patching();
594 test_alternative_case_too_big();
595 test_alternative_case_too_small();
596 test_alternative_case_with_branch();
597 test_alternative_case_with_external_branch();
598 test_cpu_macros();
599 test_fw_macros();
600 test_lwsync_macros();
601
602 return 0;
603}
604late_initcall(test_feature_fixups);
605
606#endif /* CONFIG_FTR_FIXUP_SELFTEST */
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Copyright (C) 2001 Ben. Herrenschmidt (benh@kernel.crashing.org)
4 *
5 * Modifications for ppc64:
6 * Copyright (C) 2003 Dave Engebretsen <engebret@us.ibm.com>
7 *
8 * Copyright 2008 Michael Ellerman, IBM Corporation.
9 */
10
11#include <linux/types.h>
12#include <linux/jump_label.h>
13#include <linux/kernel.h>
14#include <linux/string.h>
15#include <linux/init.h>
16#include <linux/sched/mm.h>
17#include <linux/stop_machine.h>
18#include <asm/cputable.h>
19#include <asm/code-patching.h>
20#include <asm/interrupt.h>
21#include <asm/page.h>
22#include <asm/sections.h>
23#include <asm/setup.h>
24#include <asm/security_features.h>
25#include <asm/firmware.h>
26#include <asm/inst.h>
27
28struct fixup_entry {
29 unsigned long mask;
30 unsigned long value;
31 long start_off;
32 long end_off;
33 long alt_start_off;
34 long alt_end_off;
35};
36
37static u32 *calc_addr(struct fixup_entry *fcur, long offset)
38{
39 /*
40 * We store the offset to the code as a negative offset from
41 * the start of the alt_entry, to support the VDSO. This
42 * routine converts that back into an actual address.
43 */
44 return (u32 *)((unsigned long)fcur + offset);
45}
46
47static int patch_alt_instruction(u32 *src, u32 *dest, u32 *alt_start, u32 *alt_end)
48{
49 int err;
50 struct ppc_inst instr;
51
52 instr = ppc_inst_read(src);
53
54 if (instr_is_relative_branch(ppc_inst_read(src))) {
55 u32 *target = (u32 *)branch_target(src);
56
57 /* Branch within the section doesn't need translating */
58 if (target < alt_start || target > alt_end) {
59 err = translate_branch(&instr, dest, src);
60 if (err)
61 return 1;
62 }
63 }
64
65 raw_patch_instruction(dest, instr);
66
67 return 0;
68}
69
70static int patch_feature_section(unsigned long value, struct fixup_entry *fcur)
71{
72 u32 *start, *end, *alt_start, *alt_end, *src, *dest;
73
74 start = calc_addr(fcur, fcur->start_off);
75 end = calc_addr(fcur, fcur->end_off);
76 alt_start = calc_addr(fcur, fcur->alt_start_off);
77 alt_end = calc_addr(fcur, fcur->alt_end_off);
78
79 if ((alt_end - alt_start) > (end - start))
80 return 1;
81
82 if ((value & fcur->mask) == fcur->value)
83 return 0;
84
85 src = alt_start;
86 dest = start;
87
88 for (; src < alt_end; src = ppc_inst_next(src, src),
89 dest = ppc_inst_next(dest, dest)) {
90 if (patch_alt_instruction(src, dest, alt_start, alt_end))
91 return 1;
92 }
93
94 for (; dest < end; dest++)
95 raw_patch_instruction(dest, ppc_inst(PPC_RAW_NOP()));
96
97 return 0;
98}
99
100void do_feature_fixups(unsigned long value, void *fixup_start, void *fixup_end)
101{
102 struct fixup_entry *fcur, *fend;
103
104 fcur = fixup_start;
105 fend = fixup_end;
106
107 for (; fcur < fend; fcur++) {
108 if (patch_feature_section(value, fcur)) {
109 WARN_ON(1);
110 printk("Unable to patch feature section at %p - %p" \
111 " with %p - %p\n",
112 calc_addr(fcur, fcur->start_off),
113 calc_addr(fcur, fcur->end_off),
114 calc_addr(fcur, fcur->alt_start_off),
115 calc_addr(fcur, fcur->alt_end_off));
116 }
117 }
118}
119
120#ifdef CONFIG_PPC_BOOK3S_64
121static void do_stf_entry_barrier_fixups(enum stf_barrier_type types)
122{
123 unsigned int instrs[3], *dest;
124 long *start, *end;
125 int i;
126
127 start = PTRRELOC(&__start___stf_entry_barrier_fixup);
128 end = PTRRELOC(&__stop___stf_entry_barrier_fixup);
129
130 instrs[0] = PPC_RAW_NOP();
131 instrs[1] = PPC_RAW_NOP();
132 instrs[2] = PPC_RAW_NOP();
133
134 i = 0;
135 if (types & STF_BARRIER_FALLBACK) {
136 instrs[i++] = PPC_RAW_MFLR(_R10);
137 instrs[i++] = PPC_RAW_NOP(); /* branch patched below */
138 instrs[i++] = PPC_RAW_MTLR(_R10);
139 } else if (types & STF_BARRIER_EIEIO) {
140 instrs[i++] = PPC_RAW_EIEIO() | 0x02000000; /* eieio + bit 6 hint */
141 } else if (types & STF_BARRIER_SYNC_ORI) {
142 instrs[i++] = PPC_RAW_SYNC();
143 instrs[i++] = PPC_RAW_LD(_R10, _R13, 0);
144 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
145 }
146
147 for (i = 0; start < end; start++, i++) {
148 dest = (void *)start + *start;
149
150 pr_devel("patching dest %lx\n", (unsigned long)dest);
151
152 // See comment in do_entry_flush_fixups() RE order of patching
153 if (types & STF_BARRIER_FALLBACK) {
154 patch_instruction(dest, ppc_inst(instrs[0]));
155 patch_instruction(dest + 2, ppc_inst(instrs[2]));
156 patch_branch(dest + 1,
157 (unsigned long)&stf_barrier_fallback, BRANCH_SET_LINK);
158 } else {
159 patch_instruction(dest + 1, ppc_inst(instrs[1]));
160 patch_instruction(dest + 2, ppc_inst(instrs[2]));
161 patch_instruction(dest, ppc_inst(instrs[0]));
162 }
163 }
164
165 printk(KERN_DEBUG "stf-barrier: patched %d entry locations (%s barrier)\n", i,
166 (types == STF_BARRIER_NONE) ? "no" :
167 (types == STF_BARRIER_FALLBACK) ? "fallback" :
168 (types == STF_BARRIER_EIEIO) ? "eieio" :
169 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync"
170 : "unknown");
171}
172
173static void do_stf_exit_barrier_fixups(enum stf_barrier_type types)
174{
175 unsigned int instrs[6], *dest;
176 long *start, *end;
177 int i;
178
179 start = PTRRELOC(&__start___stf_exit_barrier_fixup);
180 end = PTRRELOC(&__stop___stf_exit_barrier_fixup);
181
182 instrs[0] = PPC_RAW_NOP();
183 instrs[1] = PPC_RAW_NOP();
184 instrs[2] = PPC_RAW_NOP();
185 instrs[3] = PPC_RAW_NOP();
186 instrs[4] = PPC_RAW_NOP();
187 instrs[5] = PPC_RAW_NOP();
188
189 i = 0;
190 if (types & STF_BARRIER_FALLBACK || types & STF_BARRIER_SYNC_ORI) {
191 if (cpu_has_feature(CPU_FTR_HVMODE)) {
192 instrs[i++] = PPC_RAW_MTSPR(SPRN_HSPRG1, _R13);
193 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_HSPRG0);
194 } else {
195 instrs[i++] = PPC_RAW_MTSPR(SPRN_SPRG2, _R13);
196 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_SPRG1);
197 }
198 instrs[i++] = PPC_RAW_SYNC();
199 instrs[i++] = PPC_RAW_LD(_R13, _R13, 0);
200 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
201 if (cpu_has_feature(CPU_FTR_HVMODE))
202 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_HSPRG1);
203 else
204 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_SPRG2);
205 } else if (types & STF_BARRIER_EIEIO) {
206 instrs[i++] = PPC_RAW_EIEIO() | 0x02000000; /* eieio + bit 6 hint */
207 }
208
209 for (i = 0; start < end; start++, i++) {
210 dest = (void *)start + *start;
211
212 pr_devel("patching dest %lx\n", (unsigned long)dest);
213
214 patch_instruction(dest, ppc_inst(instrs[0]));
215 patch_instruction(dest + 1, ppc_inst(instrs[1]));
216 patch_instruction(dest + 2, ppc_inst(instrs[2]));
217 patch_instruction(dest + 3, ppc_inst(instrs[3]));
218 patch_instruction(dest + 4, ppc_inst(instrs[4]));
219 patch_instruction(dest + 5, ppc_inst(instrs[5]));
220 }
221 printk(KERN_DEBUG "stf-barrier: patched %d exit locations (%s barrier)\n", i,
222 (types == STF_BARRIER_NONE) ? "no" :
223 (types == STF_BARRIER_FALLBACK) ? "fallback" :
224 (types == STF_BARRIER_EIEIO) ? "eieio" :
225 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync"
226 : "unknown");
227}
228
229static bool stf_exit_reentrant = false;
230static bool rfi_exit_reentrant = false;
231
232static int __do_stf_barrier_fixups(void *data)
233{
234 enum stf_barrier_type *types = data;
235
236 do_stf_entry_barrier_fixups(*types);
237 do_stf_exit_barrier_fixups(*types);
238
239 return 0;
240}
241
242void do_stf_barrier_fixups(enum stf_barrier_type types)
243{
244 /*
245 * The call to the fallback entry flush, and the fallback/sync-ori exit
246 * flush can not be safely patched in/out while other CPUs are
247 * executing them. So call __do_stf_barrier_fixups() on one CPU while
248 * all other CPUs spin in the stop machine core with interrupts hard
249 * disabled.
250 *
251 * The branch to mark interrupt exits non-reentrant is enabled first,
252 * then stop_machine runs which will ensure all CPUs are out of the
253 * low level interrupt exit code before patching. After the patching,
254 * if allowed, then flip the branch to allow fast exits.
255 */
256 static_branch_enable(&interrupt_exit_not_reentrant);
257
258 stop_machine(__do_stf_barrier_fixups, &types, NULL);
259
260 if ((types & STF_BARRIER_FALLBACK) || (types & STF_BARRIER_SYNC_ORI))
261 stf_exit_reentrant = false;
262 else
263 stf_exit_reentrant = true;
264
265 if (stf_exit_reentrant && rfi_exit_reentrant)
266 static_branch_disable(&interrupt_exit_not_reentrant);
267}
268
269void do_uaccess_flush_fixups(enum l1d_flush_type types)
270{
271 unsigned int instrs[4], *dest;
272 long *start, *end;
273 int i;
274
275 start = PTRRELOC(&__start___uaccess_flush_fixup);
276 end = PTRRELOC(&__stop___uaccess_flush_fixup);
277
278 instrs[0] = PPC_RAW_NOP();
279 instrs[1] = PPC_RAW_NOP();
280 instrs[2] = PPC_RAW_NOP();
281 instrs[3] = PPC_RAW_BLR();
282
283 i = 0;
284 if (types == L1D_FLUSH_FALLBACK) {
285 instrs[3] = PPC_RAW_NOP();
286 /* fallthrough to fallback flush */
287 }
288
289 if (types & L1D_FLUSH_ORI) {
290 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
291 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
292 }
293
294 if (types & L1D_FLUSH_MTTRIG)
295 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
296
297 for (i = 0; start < end; start++, i++) {
298 dest = (void *)start + *start;
299
300 pr_devel("patching dest %lx\n", (unsigned long)dest);
301
302 patch_instruction(dest, ppc_inst(instrs[0]));
303
304 patch_instruction(dest + 1, ppc_inst(instrs[1]));
305 patch_instruction(dest + 2, ppc_inst(instrs[2]));
306 patch_instruction(dest + 3, ppc_inst(instrs[3]));
307 }
308
309 printk(KERN_DEBUG "uaccess-flush: patched %d locations (%s flush)\n", i,
310 (types == L1D_FLUSH_NONE) ? "no" :
311 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
312 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
313 ? "ori+mttrig type"
314 : "ori type" :
315 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
316 : "unknown");
317}
318
319static int __do_entry_flush_fixups(void *data)
320{
321 enum l1d_flush_type types = *(enum l1d_flush_type *)data;
322 unsigned int instrs[3], *dest;
323 long *start, *end;
324 int i;
325
326 instrs[0] = PPC_RAW_NOP();
327 instrs[1] = PPC_RAW_NOP();
328 instrs[2] = PPC_RAW_NOP();
329
330 i = 0;
331 if (types == L1D_FLUSH_FALLBACK) {
332 instrs[i++] = PPC_RAW_MFLR(_R10);
333 instrs[i++] = PPC_RAW_NOP(); /* branch patched below */
334 instrs[i++] = PPC_RAW_MTLR(_R10);
335 }
336
337 if (types & L1D_FLUSH_ORI) {
338 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
339 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
340 }
341
342 if (types & L1D_FLUSH_MTTRIG)
343 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
344
345 /*
346 * If we're patching in or out the fallback flush we need to be careful about the
347 * order in which we patch instructions. That's because it's possible we could
348 * take a page fault after patching one instruction, so the sequence of
349 * instructions must be safe even in a half patched state.
350 *
351 * To make that work, when patching in the fallback flush we patch in this order:
352 * - the mflr (dest)
353 * - the mtlr (dest + 2)
354 * - the branch (dest + 1)
355 *
356 * That ensures the sequence is safe to execute at any point. In contrast if we
357 * patch the mtlr last, it's possible we could return from the branch and not
358 * restore LR, leading to a crash later.
359 *
360 * When patching out the fallback flush (either with nops or another flush type),
361 * we patch in this order:
362 * - the branch (dest + 1)
363 * - the mtlr (dest + 2)
364 * - the mflr (dest)
365 *
366 * Note we are protected by stop_machine() from other CPUs executing the code in a
367 * semi-patched state.
368 */
369
370 start = PTRRELOC(&__start___entry_flush_fixup);
371 end = PTRRELOC(&__stop___entry_flush_fixup);
372 for (i = 0; start < end; start++, i++) {
373 dest = (void *)start + *start;
374
375 pr_devel("patching dest %lx\n", (unsigned long)dest);
376
377 if (types == L1D_FLUSH_FALLBACK) {
378 patch_instruction(dest, ppc_inst(instrs[0]));
379 patch_instruction(dest + 2, ppc_inst(instrs[2]));
380 patch_branch(dest + 1,
381 (unsigned long)&entry_flush_fallback, BRANCH_SET_LINK);
382 } else {
383 patch_instruction(dest + 1, ppc_inst(instrs[1]));
384 patch_instruction(dest + 2, ppc_inst(instrs[2]));
385 patch_instruction(dest, ppc_inst(instrs[0]));
386 }
387 }
388
389 start = PTRRELOC(&__start___scv_entry_flush_fixup);
390 end = PTRRELOC(&__stop___scv_entry_flush_fixup);
391 for (; start < end; start++, i++) {
392 dest = (void *)start + *start;
393
394 pr_devel("patching dest %lx\n", (unsigned long)dest);
395
396 if (types == L1D_FLUSH_FALLBACK) {
397 patch_instruction(dest, ppc_inst(instrs[0]));
398 patch_instruction(dest + 2, ppc_inst(instrs[2]));
399 patch_branch(dest + 1,
400 (unsigned long)&scv_entry_flush_fallback, BRANCH_SET_LINK);
401 } else {
402 patch_instruction(dest + 1, ppc_inst(instrs[1]));
403 patch_instruction(dest + 2, ppc_inst(instrs[2]));
404 patch_instruction(dest, ppc_inst(instrs[0]));
405 }
406 }
407
408
409 printk(KERN_DEBUG "entry-flush: patched %d locations (%s flush)\n", i,
410 (types == L1D_FLUSH_NONE) ? "no" :
411 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
412 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
413 ? "ori+mttrig type"
414 : "ori type" :
415 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
416 : "unknown");
417
418 return 0;
419}
420
421void do_entry_flush_fixups(enum l1d_flush_type types)
422{
423 /*
424 * The call to the fallback flush can not be safely patched in/out while
425 * other CPUs are executing it. So call __do_entry_flush_fixups() on one
426 * CPU while all other CPUs spin in the stop machine core with interrupts
427 * hard disabled.
428 */
429 stop_machine(__do_entry_flush_fixups, &types, NULL);
430}
431
432static int __do_rfi_flush_fixups(void *data)
433{
434 enum l1d_flush_type types = *(enum l1d_flush_type *)data;
435 unsigned int instrs[3], *dest;
436 long *start, *end;
437 int i;
438
439 start = PTRRELOC(&__start___rfi_flush_fixup);
440 end = PTRRELOC(&__stop___rfi_flush_fixup);
441
442 instrs[0] = PPC_RAW_NOP();
443 instrs[1] = PPC_RAW_NOP();
444 instrs[2] = PPC_RAW_NOP();
445
446 if (types & L1D_FLUSH_FALLBACK)
447 /* b .+16 to fallback flush */
448 instrs[0] = PPC_INST_BRANCH | 16;
449
450 i = 0;
451 if (types & L1D_FLUSH_ORI) {
452 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
453 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
454 }
455
456 if (types & L1D_FLUSH_MTTRIG)
457 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
458
459 for (i = 0; start < end; start++, i++) {
460 dest = (void *)start + *start;
461
462 pr_devel("patching dest %lx\n", (unsigned long)dest);
463
464 patch_instruction(dest, ppc_inst(instrs[0]));
465 patch_instruction(dest + 1, ppc_inst(instrs[1]));
466 patch_instruction(dest + 2, ppc_inst(instrs[2]));
467 }
468
469 printk(KERN_DEBUG "rfi-flush: patched %d locations (%s flush)\n", i,
470 (types == L1D_FLUSH_NONE) ? "no" :
471 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
472 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
473 ? "ori+mttrig type"
474 : "ori type" :
475 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
476 : "unknown");
477
478 return 0;
479}
480
481void do_rfi_flush_fixups(enum l1d_flush_type types)
482{
483 /*
484 * stop_machine gets all CPUs out of the interrupt exit handler same
485 * as do_stf_barrier_fixups. do_rfi_flush_fixups patching can run
486 * without stop_machine, so this could be achieved with a broadcast
487 * IPI instead, but this matches the stf sequence.
488 */
489 static_branch_enable(&interrupt_exit_not_reentrant);
490
491 stop_machine(__do_rfi_flush_fixups, &types, NULL);
492
493 if (types & L1D_FLUSH_FALLBACK)
494 rfi_exit_reentrant = false;
495 else
496 rfi_exit_reentrant = true;
497
498 if (stf_exit_reentrant && rfi_exit_reentrant)
499 static_branch_disable(&interrupt_exit_not_reentrant);
500}
501
502void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end)
503{
504 unsigned int instr, *dest;
505 long *start, *end;
506 int i;
507
508 start = fixup_start;
509 end = fixup_end;
510
511 instr = PPC_RAW_NOP();
512
513 if (enable) {
514 pr_info("barrier-nospec: using ORI speculation barrier\n");
515 instr = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
516 }
517
518 for (i = 0; start < end; start++, i++) {
519 dest = (void *)start + *start;
520
521 pr_devel("patching dest %lx\n", (unsigned long)dest);
522 patch_instruction(dest, ppc_inst(instr));
523 }
524
525 printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
526}
527
528#endif /* CONFIG_PPC_BOOK3S_64 */
529
530#ifdef CONFIG_PPC_BARRIER_NOSPEC
531void do_barrier_nospec_fixups(bool enable)
532{
533 void *start, *end;
534
535 start = PTRRELOC(&__start___barrier_nospec_fixup);
536 end = PTRRELOC(&__stop___barrier_nospec_fixup);
537
538 do_barrier_nospec_fixups_range(enable, start, end);
539}
540#endif /* CONFIG_PPC_BARRIER_NOSPEC */
541
542#ifdef CONFIG_PPC_FSL_BOOK3E
543void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end)
544{
545 unsigned int instr[2], *dest;
546 long *start, *end;
547 int i;
548
549 start = fixup_start;
550 end = fixup_end;
551
552 instr[0] = PPC_RAW_NOP();
553 instr[1] = PPC_RAW_NOP();
554
555 if (enable) {
556 pr_info("barrier-nospec: using isync; sync as speculation barrier\n");
557 instr[0] = PPC_RAW_ISYNC();
558 instr[1] = PPC_RAW_SYNC();
559 }
560
561 for (i = 0; start < end; start++, i++) {
562 dest = (void *)start + *start;
563
564 pr_devel("patching dest %lx\n", (unsigned long)dest);
565 patch_instruction(dest, ppc_inst(instr[0]));
566 patch_instruction(dest + 1, ppc_inst(instr[1]));
567 }
568
569 printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
570}
571
572static void patch_btb_flush_section(long *curr)
573{
574 unsigned int *start, *end;
575
576 start = (void *)curr + *curr;
577 end = (void *)curr + *(curr + 1);
578 for (; start < end; start++) {
579 pr_devel("patching dest %lx\n", (unsigned long)start);
580 patch_instruction(start, ppc_inst(PPC_RAW_NOP()));
581 }
582}
583
584void do_btb_flush_fixups(void)
585{
586 long *start, *end;
587
588 start = PTRRELOC(&__start__btb_flush_fixup);
589 end = PTRRELOC(&__stop__btb_flush_fixup);
590
591 for (; start < end; start += 2)
592 patch_btb_flush_section(start);
593}
594#endif /* CONFIG_PPC_FSL_BOOK3E */
595
596void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
597{
598 long *start, *end;
599 u32 *dest;
600
601 if (!(value & CPU_FTR_LWSYNC))
602 return ;
603
604 start = fixup_start;
605 end = fixup_end;
606
607 for (; start < end; start++) {
608 dest = (void *)start + *start;
609 raw_patch_instruction(dest, ppc_inst(PPC_INST_LWSYNC));
610 }
611}
612
613static void do_final_fixups(void)
614{
615#if defined(CONFIG_PPC64) && defined(CONFIG_RELOCATABLE)
616 struct ppc_inst inst;
617 u32 *src, *dest, *end;
618
619 if (PHYSICAL_START == 0)
620 return;
621
622 src = (u32 *)(KERNELBASE + PHYSICAL_START);
623 dest = (u32 *)KERNELBASE;
624 end = (void *)src + (__end_interrupts - _stext);
625
626 while (src < end) {
627 inst = ppc_inst_read(src);
628 raw_patch_instruction(dest, inst);
629 src = ppc_inst_next(src, src);
630 dest = ppc_inst_next(dest, dest);
631 }
632#endif
633}
634
635static unsigned long __initdata saved_cpu_features;
636static unsigned int __initdata saved_mmu_features;
637#ifdef CONFIG_PPC64
638static unsigned long __initdata saved_firmware_features;
639#endif
640
641void __init apply_feature_fixups(void)
642{
643 struct cpu_spec *spec = PTRRELOC(*PTRRELOC(&cur_cpu_spec));
644
645 *PTRRELOC(&saved_cpu_features) = spec->cpu_features;
646 *PTRRELOC(&saved_mmu_features) = spec->mmu_features;
647
648 /*
649 * Apply the CPU-specific and firmware specific fixups to kernel text
650 * (nop out sections not relevant to this CPU or this firmware).
651 */
652 do_feature_fixups(spec->cpu_features,
653 PTRRELOC(&__start___ftr_fixup),
654 PTRRELOC(&__stop___ftr_fixup));
655
656 do_feature_fixups(spec->mmu_features,
657 PTRRELOC(&__start___mmu_ftr_fixup),
658 PTRRELOC(&__stop___mmu_ftr_fixup));
659
660 do_lwsync_fixups(spec->cpu_features,
661 PTRRELOC(&__start___lwsync_fixup),
662 PTRRELOC(&__stop___lwsync_fixup));
663
664#ifdef CONFIG_PPC64
665 saved_firmware_features = powerpc_firmware_features;
666 do_feature_fixups(powerpc_firmware_features,
667 &__start___fw_ftr_fixup, &__stop___fw_ftr_fixup);
668#endif
669 do_final_fixups();
670}
671
672void __init setup_feature_keys(void)
673{
674 /*
675 * Initialise jump label. This causes all the cpu/mmu_has_feature()
676 * checks to take on their correct polarity based on the current set of
677 * CPU/MMU features.
678 */
679 jump_label_init();
680 cpu_feature_keys_init();
681 mmu_feature_keys_init();
682}
683
684static int __init check_features(void)
685{
686 WARN(saved_cpu_features != cur_cpu_spec->cpu_features,
687 "CPU features changed after feature patching!\n");
688 WARN(saved_mmu_features != cur_cpu_spec->mmu_features,
689 "MMU features changed after feature patching!\n");
690#ifdef CONFIG_PPC64
691 WARN(saved_firmware_features != powerpc_firmware_features,
692 "Firmware features changed after feature patching!\n");
693#endif
694
695 return 0;
696}
697late_initcall(check_features);
698
699#ifdef CONFIG_FTR_FIXUP_SELFTEST
700
701#define check(x) \
702 if (!(x)) printk("feature-fixups: test failed at line %d\n", __LINE__);
703
704/* This must be after the text it fixes up, vmlinux.lds.S enforces that atm */
705static struct fixup_entry fixup;
706
707static long calc_offset(struct fixup_entry *entry, unsigned int *p)
708{
709 return (unsigned long)p - (unsigned long)entry;
710}
711
712static void test_basic_patching(void)
713{
714 extern unsigned int ftr_fixup_test1[];
715 extern unsigned int end_ftr_fixup_test1[];
716 extern unsigned int ftr_fixup_test1_orig[];
717 extern unsigned int ftr_fixup_test1_expected[];
718 int size = 4 * (end_ftr_fixup_test1 - ftr_fixup_test1);
719
720 fixup.value = fixup.mask = 8;
721 fixup.start_off = calc_offset(&fixup, ftr_fixup_test1 + 1);
722 fixup.end_off = calc_offset(&fixup, ftr_fixup_test1 + 2);
723 fixup.alt_start_off = fixup.alt_end_off = 0;
724
725 /* Sanity check */
726 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
727
728 /* Check we don't patch if the value matches */
729 patch_feature_section(8, &fixup);
730 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
731
732 /* Check we do patch if the value doesn't match */
733 patch_feature_section(0, &fixup);
734 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0);
735
736 /* Check we do patch if the mask doesn't match */
737 memcpy(ftr_fixup_test1, ftr_fixup_test1_orig, size);
738 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
739 patch_feature_section(~8, &fixup);
740 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0);
741}
742
743static void test_alternative_patching(void)
744{
745 extern unsigned int ftr_fixup_test2[];
746 extern unsigned int end_ftr_fixup_test2[];
747 extern unsigned int ftr_fixup_test2_orig[];
748 extern unsigned int ftr_fixup_test2_alt[];
749 extern unsigned int ftr_fixup_test2_expected[];
750 int size = 4 * (end_ftr_fixup_test2 - ftr_fixup_test2);
751
752 fixup.value = fixup.mask = 0xF;
753 fixup.start_off = calc_offset(&fixup, ftr_fixup_test2 + 1);
754 fixup.end_off = calc_offset(&fixup, ftr_fixup_test2 + 2);
755 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test2_alt);
756 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test2_alt + 1);
757
758 /* Sanity check */
759 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
760
761 /* Check we don't patch if the value matches */
762 patch_feature_section(0xF, &fixup);
763 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
764
765 /* Check we do patch if the value doesn't match */
766 patch_feature_section(0, &fixup);
767 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0);
768
769 /* Check we do patch if the mask doesn't match */
770 memcpy(ftr_fixup_test2, ftr_fixup_test2_orig, size);
771 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
772 patch_feature_section(~0xF, &fixup);
773 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0);
774}
775
776static void test_alternative_case_too_big(void)
777{
778 extern unsigned int ftr_fixup_test3[];
779 extern unsigned int end_ftr_fixup_test3[];
780 extern unsigned int ftr_fixup_test3_orig[];
781 extern unsigned int ftr_fixup_test3_alt[];
782 int size = 4 * (end_ftr_fixup_test3 - ftr_fixup_test3);
783
784 fixup.value = fixup.mask = 0xC;
785 fixup.start_off = calc_offset(&fixup, ftr_fixup_test3 + 1);
786 fixup.end_off = calc_offset(&fixup, ftr_fixup_test3 + 2);
787 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test3_alt);
788 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test3_alt + 2);
789
790 /* Sanity check */
791 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
792
793 /* Expect nothing to be patched, and the error returned to us */
794 check(patch_feature_section(0xF, &fixup) == 1);
795 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
796 check(patch_feature_section(0, &fixup) == 1);
797 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
798 check(patch_feature_section(~0xF, &fixup) == 1);
799 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
800}
801
802static void test_alternative_case_too_small(void)
803{
804 extern unsigned int ftr_fixup_test4[];
805 extern unsigned int end_ftr_fixup_test4[];
806 extern unsigned int ftr_fixup_test4_orig[];
807 extern unsigned int ftr_fixup_test4_alt[];
808 extern unsigned int ftr_fixup_test4_expected[];
809 int size = 4 * (end_ftr_fixup_test4 - ftr_fixup_test4);
810 unsigned long flag;
811
812 /* Check a high-bit flag */
813 flag = 1UL << ((sizeof(unsigned long) - 1) * 8);
814 fixup.value = fixup.mask = flag;
815 fixup.start_off = calc_offset(&fixup, ftr_fixup_test4 + 1);
816 fixup.end_off = calc_offset(&fixup, ftr_fixup_test4 + 5);
817 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test4_alt);
818 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test4_alt + 2);
819
820 /* Sanity check */
821 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
822
823 /* Check we don't patch if the value matches */
824 patch_feature_section(flag, &fixup);
825 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
826
827 /* Check we do patch if the value doesn't match */
828 patch_feature_section(0, &fixup);
829 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0);
830
831 /* Check we do patch if the mask doesn't match */
832 memcpy(ftr_fixup_test4, ftr_fixup_test4_orig, size);
833 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
834 patch_feature_section(~flag, &fixup);
835 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0);
836}
837
838static void test_alternative_case_with_branch(void)
839{
840 extern unsigned int ftr_fixup_test5[];
841 extern unsigned int end_ftr_fixup_test5[];
842 extern unsigned int ftr_fixup_test5_expected[];
843 int size = 4 * (end_ftr_fixup_test5 - ftr_fixup_test5);
844
845 check(memcmp(ftr_fixup_test5, ftr_fixup_test5_expected, size) == 0);
846}
847
848static void test_alternative_case_with_external_branch(void)
849{
850 extern unsigned int ftr_fixup_test6[];
851 extern unsigned int end_ftr_fixup_test6[];
852 extern unsigned int ftr_fixup_test6_expected[];
853 int size = 4 * (end_ftr_fixup_test6 - ftr_fixup_test6);
854
855 check(memcmp(ftr_fixup_test6, ftr_fixup_test6_expected, size) == 0);
856}
857
858static void test_alternative_case_with_branch_to_end(void)
859{
860 extern unsigned int ftr_fixup_test7[];
861 extern unsigned int end_ftr_fixup_test7[];
862 extern unsigned int ftr_fixup_test7_expected[];
863 int size = 4 * (end_ftr_fixup_test7 - ftr_fixup_test7);
864
865 check(memcmp(ftr_fixup_test7, ftr_fixup_test7_expected, size) == 0);
866}
867
868static void test_cpu_macros(void)
869{
870 extern u8 ftr_fixup_test_FTR_macros[];
871 extern u8 ftr_fixup_test_FTR_macros_expected[];
872 unsigned long size = ftr_fixup_test_FTR_macros_expected -
873 ftr_fixup_test_FTR_macros;
874
875 /* The fixups have already been done for us during boot */
876 check(memcmp(ftr_fixup_test_FTR_macros,
877 ftr_fixup_test_FTR_macros_expected, size) == 0);
878}
879
880static void test_fw_macros(void)
881{
882#ifdef CONFIG_PPC64
883 extern u8 ftr_fixup_test_FW_FTR_macros[];
884 extern u8 ftr_fixup_test_FW_FTR_macros_expected[];
885 unsigned long size = ftr_fixup_test_FW_FTR_macros_expected -
886 ftr_fixup_test_FW_FTR_macros;
887
888 /* The fixups have already been done for us during boot */
889 check(memcmp(ftr_fixup_test_FW_FTR_macros,
890 ftr_fixup_test_FW_FTR_macros_expected, size) == 0);
891#endif
892}
893
894static void test_lwsync_macros(void)
895{
896 extern u8 lwsync_fixup_test[];
897 extern u8 end_lwsync_fixup_test[];
898 extern u8 lwsync_fixup_test_expected_LWSYNC[];
899 extern u8 lwsync_fixup_test_expected_SYNC[];
900 unsigned long size = end_lwsync_fixup_test -
901 lwsync_fixup_test;
902
903 /* The fixups have already been done for us during boot */
904 if (cur_cpu_spec->cpu_features & CPU_FTR_LWSYNC) {
905 check(memcmp(lwsync_fixup_test,
906 lwsync_fixup_test_expected_LWSYNC, size) == 0);
907 } else {
908 check(memcmp(lwsync_fixup_test,
909 lwsync_fixup_test_expected_SYNC, size) == 0);
910 }
911}
912
913#ifdef CONFIG_PPC64
914static void __init test_prefix_patching(void)
915{
916 extern unsigned int ftr_fixup_prefix1[];
917 extern unsigned int end_ftr_fixup_prefix1[];
918 extern unsigned int ftr_fixup_prefix1_orig[];
919 extern unsigned int ftr_fixup_prefix1_expected[];
920 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix1 - ftr_fixup_prefix1);
921
922 fixup.value = fixup.mask = 8;
923 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix1 + 1);
924 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix1 + 3);
925 fixup.alt_start_off = fixup.alt_end_off = 0;
926
927 /* Sanity check */
928 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_orig, size) == 0);
929
930 patch_feature_section(0, &fixup);
931 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_expected, size) == 0);
932 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_orig, size) != 0);
933}
934
935static void __init test_prefix_alt_patching(void)
936{
937 extern unsigned int ftr_fixup_prefix2[];
938 extern unsigned int end_ftr_fixup_prefix2[];
939 extern unsigned int ftr_fixup_prefix2_orig[];
940 extern unsigned int ftr_fixup_prefix2_expected[];
941 extern unsigned int ftr_fixup_prefix2_alt[];
942 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix2 - ftr_fixup_prefix2);
943
944 fixup.value = fixup.mask = 8;
945 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix2 + 1);
946 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix2 + 3);
947 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_prefix2_alt);
948 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_prefix2_alt + 2);
949 /* Sanity check */
950 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_orig, size) == 0);
951
952 patch_feature_section(0, &fixup);
953 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_expected, size) == 0);
954 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_orig, size) != 0);
955}
956
957static void __init test_prefix_word_alt_patching(void)
958{
959 extern unsigned int ftr_fixup_prefix3[];
960 extern unsigned int end_ftr_fixup_prefix3[];
961 extern unsigned int ftr_fixup_prefix3_orig[];
962 extern unsigned int ftr_fixup_prefix3_expected[];
963 extern unsigned int ftr_fixup_prefix3_alt[];
964 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix3 - ftr_fixup_prefix3);
965
966 fixup.value = fixup.mask = 8;
967 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix3 + 1);
968 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix3 + 4);
969 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_prefix3_alt);
970 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_prefix3_alt + 3);
971 /* Sanity check */
972 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_orig, size) == 0);
973
974 patch_feature_section(0, &fixup);
975 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_expected, size) == 0);
976 patch_feature_section(0, &fixup);
977 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_orig, size) != 0);
978}
979#else
980static inline void test_prefix_patching(void) {}
981static inline void test_prefix_alt_patching(void) {}
982static inline void test_prefix_word_alt_patching(void) {}
983#endif /* CONFIG_PPC64 */
984
985static int __init test_feature_fixups(void)
986{
987 printk(KERN_DEBUG "Running feature fixup self-tests ...\n");
988
989 test_basic_patching();
990 test_alternative_patching();
991 test_alternative_case_too_big();
992 test_alternative_case_too_small();
993 test_alternative_case_with_branch();
994 test_alternative_case_with_external_branch();
995 test_alternative_case_with_branch_to_end();
996 test_cpu_macros();
997 test_fw_macros();
998 test_lwsync_macros();
999 test_prefix_patching();
1000 test_prefix_alt_patching();
1001 test_prefix_word_alt_patching();
1002
1003 return 0;
1004}
1005late_initcall(test_feature_fixups);
1006
1007#endif /* CONFIG_FTR_FIXUP_SELFTEST */