Loading...
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Copyright (C) 2001 Ben. Herrenschmidt (benh@kernel.crashing.org)
4 *
5 * Modifications for ppc64:
6 * Copyright (C) 2003 Dave Engebretsen <engebret@us.ibm.com>
7 *
8 * Copyright 2008 Michael Ellerman, IBM Corporation.
9 */
10
11#include <linux/types.h>
12#include <linux/jump_label.h>
13#include <linux/kernel.h>
14#include <linux/string.h>
15#include <linux/init.h>
16#include <linux/sched/mm.h>
17#include <linux/stop_machine.h>
18#include <asm/cputable.h>
19#include <asm/code-patching.h>
20#include <asm/interrupt.h>
21#include <asm/page.h>
22#include <asm/sections.h>
23#include <asm/setup.h>
24#include <asm/security_features.h>
25#include <asm/firmware.h>
26#include <asm/inst.h>
27
28struct fixup_entry {
29 unsigned long mask;
30 unsigned long value;
31 long start_off;
32 long end_off;
33 long alt_start_off;
34 long alt_end_off;
35};
36
37static u32 *calc_addr(struct fixup_entry *fcur, long offset)
38{
39 /*
40 * We store the offset to the code as a negative offset from
41 * the start of the alt_entry, to support the VDSO. This
42 * routine converts that back into an actual address.
43 */
44 return (u32 *)((unsigned long)fcur + offset);
45}
46
47static int patch_alt_instruction(u32 *src, u32 *dest, u32 *alt_start, u32 *alt_end)
48{
49 int err;
50 ppc_inst_t instr;
51
52 instr = ppc_inst_read(src);
53
54 if (instr_is_relative_branch(ppc_inst_read(src))) {
55 u32 *target = (u32 *)branch_target(src);
56
57 /* Branch within the section doesn't need translating */
58 if (target < alt_start || target > alt_end) {
59 err = translate_branch(&instr, dest, src);
60 if (err)
61 return 1;
62 }
63 }
64
65 raw_patch_instruction(dest, instr);
66
67 return 0;
68}
69
70static int patch_feature_section_mask(unsigned long value, unsigned long mask,
71 struct fixup_entry *fcur)
72{
73 u32 *start, *end, *alt_start, *alt_end, *src, *dest;
74
75 start = calc_addr(fcur, fcur->start_off);
76 end = calc_addr(fcur, fcur->end_off);
77 alt_start = calc_addr(fcur, fcur->alt_start_off);
78 alt_end = calc_addr(fcur, fcur->alt_end_off);
79
80 if ((alt_end - alt_start) > (end - start))
81 return 1;
82
83 if ((value & fcur->mask & mask) == (fcur->value & mask))
84 return 0;
85
86 src = alt_start;
87 dest = start;
88
89 for (; src < alt_end; src = ppc_inst_next(src, src),
90 dest = ppc_inst_next(dest, dest)) {
91 if (patch_alt_instruction(src, dest, alt_start, alt_end))
92 return 1;
93 }
94
95 for (; dest < end; dest++)
96 raw_patch_instruction(dest, ppc_inst(PPC_RAW_NOP()));
97
98 return 0;
99}
100
101static void do_feature_fixups_mask(unsigned long value, unsigned long mask,
102 void *fixup_start, void *fixup_end)
103{
104 struct fixup_entry *fcur, *fend;
105
106 fcur = fixup_start;
107 fend = fixup_end;
108
109 for (; fcur < fend; fcur++) {
110 if (patch_feature_section_mask(value, mask, fcur)) {
111 WARN_ON(1);
112 printk("Unable to patch feature section at %p - %p" \
113 " with %p - %p\n",
114 calc_addr(fcur, fcur->start_off),
115 calc_addr(fcur, fcur->end_off),
116 calc_addr(fcur, fcur->alt_start_off),
117 calc_addr(fcur, fcur->alt_end_off));
118 }
119 }
120}
121
122void do_feature_fixups(unsigned long value, void *fixup_start, void *fixup_end)
123{
124 do_feature_fixups_mask(value, ~0, fixup_start, fixup_end);
125}
126
127#ifdef CONFIG_PPC_BARRIER_NOSPEC
128static bool is_fixup_addr_valid(void *dest, size_t size)
129{
130 return system_state < SYSTEM_FREEING_INITMEM ||
131 !init_section_contains(dest, size);
132}
133
134static int do_patch_fixups(long *start, long *end, unsigned int *instrs, int num)
135{
136 int i;
137
138 for (i = 0; start < end; start++, i++) {
139 int j;
140 unsigned int *dest = (void *)start + *start;
141
142 if (!is_fixup_addr_valid(dest, sizeof(*instrs) * num))
143 continue;
144
145 pr_devel("patching dest %lx\n", (unsigned long)dest);
146
147 for (j = 0; j < num; j++)
148 patch_instruction(dest + j, ppc_inst(instrs[j]));
149 }
150 return i;
151}
152#endif
153
154#ifdef CONFIG_PPC_BOOK3S_64
155static int do_patch_entry_fixups(long *start, long *end, unsigned int *instrs,
156 bool do_fallback, void *fallback)
157{
158 int i;
159
160 for (i = 0; start < end; start++, i++) {
161 unsigned int *dest = (void *)start + *start;
162
163 if (!is_fixup_addr_valid(dest, sizeof(*instrs) * 3))
164 continue;
165
166 pr_devel("patching dest %lx\n", (unsigned long)dest);
167
168 // See comment in do_entry_flush_fixups() RE order of patching
169 if (do_fallback) {
170 patch_instruction(dest, ppc_inst(instrs[0]));
171 patch_instruction(dest + 2, ppc_inst(instrs[2]));
172 patch_branch(dest + 1, (unsigned long)fallback, BRANCH_SET_LINK);
173 } else {
174 patch_instruction(dest + 1, ppc_inst(instrs[1]));
175 patch_instruction(dest + 2, ppc_inst(instrs[2]));
176 patch_instruction(dest, ppc_inst(instrs[0]));
177 }
178 }
179 return i;
180}
181
182static void do_stf_entry_barrier_fixups(enum stf_barrier_type types)
183{
184 unsigned int instrs[3];
185 long *start, *end;
186 int i;
187
188 start = PTRRELOC(&__start___stf_entry_barrier_fixup);
189 end = PTRRELOC(&__stop___stf_entry_barrier_fixup);
190
191 instrs[0] = PPC_RAW_NOP();
192 instrs[1] = PPC_RAW_NOP();
193 instrs[2] = PPC_RAW_NOP();
194
195 i = 0;
196 if (types & STF_BARRIER_FALLBACK) {
197 instrs[i++] = PPC_RAW_MFLR(_R10);
198 instrs[i++] = PPC_RAW_NOP(); /* branch patched below */
199 instrs[i++] = PPC_RAW_MTLR(_R10);
200 } else if (types & STF_BARRIER_EIEIO) {
201 instrs[i++] = PPC_RAW_EIEIO() | 0x02000000; /* eieio + bit 6 hint */
202 } else if (types & STF_BARRIER_SYNC_ORI) {
203 instrs[i++] = PPC_RAW_SYNC();
204 instrs[i++] = PPC_RAW_LD(_R10, _R13, 0);
205 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
206 }
207
208 i = do_patch_entry_fixups(start, end, instrs, types & STF_BARRIER_FALLBACK,
209 &stf_barrier_fallback);
210
211 printk(KERN_DEBUG "stf-barrier: patched %d entry locations (%s barrier)\n", i,
212 (types == STF_BARRIER_NONE) ? "no" :
213 (types == STF_BARRIER_FALLBACK) ? "fallback" :
214 (types == STF_BARRIER_EIEIO) ? "eieio" :
215 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync"
216 : "unknown");
217}
218
219static void do_stf_exit_barrier_fixups(enum stf_barrier_type types)
220{
221 unsigned int instrs[6];
222 long *start, *end;
223 int i;
224
225 start = PTRRELOC(&__start___stf_exit_barrier_fixup);
226 end = PTRRELOC(&__stop___stf_exit_barrier_fixup);
227
228 instrs[0] = PPC_RAW_NOP();
229 instrs[1] = PPC_RAW_NOP();
230 instrs[2] = PPC_RAW_NOP();
231 instrs[3] = PPC_RAW_NOP();
232 instrs[4] = PPC_RAW_NOP();
233 instrs[5] = PPC_RAW_NOP();
234
235 i = 0;
236 if (types & STF_BARRIER_FALLBACK || types & STF_BARRIER_SYNC_ORI) {
237 if (cpu_has_feature(CPU_FTR_HVMODE)) {
238 instrs[i++] = PPC_RAW_MTSPR(SPRN_HSPRG1, _R13);
239 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_HSPRG0);
240 } else {
241 instrs[i++] = PPC_RAW_MTSPR(SPRN_SPRG2, _R13);
242 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_SPRG1);
243 }
244 instrs[i++] = PPC_RAW_SYNC();
245 instrs[i++] = PPC_RAW_LD(_R13, _R13, 0);
246 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
247 if (cpu_has_feature(CPU_FTR_HVMODE))
248 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_HSPRG1);
249 else
250 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_SPRG2);
251 } else if (types & STF_BARRIER_EIEIO) {
252 instrs[i++] = PPC_RAW_EIEIO() | 0x02000000; /* eieio + bit 6 hint */
253 }
254
255 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs));
256
257 printk(KERN_DEBUG "stf-barrier: patched %d exit locations (%s barrier)\n", i,
258 (types == STF_BARRIER_NONE) ? "no" :
259 (types == STF_BARRIER_FALLBACK) ? "fallback" :
260 (types == STF_BARRIER_EIEIO) ? "eieio" :
261 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync"
262 : "unknown");
263}
264
265static bool stf_exit_reentrant = false;
266static bool rfi_exit_reentrant = false;
267static DEFINE_MUTEX(exit_flush_lock);
268
269static int __do_stf_barrier_fixups(void *data)
270{
271 enum stf_barrier_type *types = data;
272
273 do_stf_entry_barrier_fixups(*types);
274 do_stf_exit_barrier_fixups(*types);
275
276 return 0;
277}
278
279void do_stf_barrier_fixups(enum stf_barrier_type types)
280{
281 /*
282 * The call to the fallback entry flush, and the fallback/sync-ori exit
283 * flush can not be safely patched in/out while other CPUs are
284 * executing them. So call __do_stf_barrier_fixups() on one CPU while
285 * all other CPUs spin in the stop machine core with interrupts hard
286 * disabled.
287 *
288 * The branch to mark interrupt exits non-reentrant is enabled first,
289 * then stop_machine runs which will ensure all CPUs are out of the
290 * low level interrupt exit code before patching. After the patching,
291 * if allowed, then flip the branch to allow fast exits.
292 */
293
294 // Prevent static key update races with do_rfi_flush_fixups()
295 mutex_lock(&exit_flush_lock);
296 static_branch_enable(&interrupt_exit_not_reentrant);
297
298 stop_machine(__do_stf_barrier_fixups, &types, NULL);
299
300 if ((types & STF_BARRIER_FALLBACK) || (types & STF_BARRIER_SYNC_ORI))
301 stf_exit_reentrant = false;
302 else
303 stf_exit_reentrant = true;
304
305 if (stf_exit_reentrant && rfi_exit_reentrant)
306 static_branch_disable(&interrupt_exit_not_reentrant);
307
308 mutex_unlock(&exit_flush_lock);
309}
310
311void do_uaccess_flush_fixups(enum l1d_flush_type types)
312{
313 unsigned int instrs[4];
314 long *start, *end;
315 int i;
316
317 start = PTRRELOC(&__start___uaccess_flush_fixup);
318 end = PTRRELOC(&__stop___uaccess_flush_fixup);
319
320 instrs[0] = PPC_RAW_NOP();
321 instrs[1] = PPC_RAW_NOP();
322 instrs[2] = PPC_RAW_NOP();
323 instrs[3] = PPC_RAW_BLR();
324
325 i = 0;
326 if (types == L1D_FLUSH_FALLBACK) {
327 instrs[3] = PPC_RAW_NOP();
328 /* fallthrough to fallback flush */
329 }
330
331 if (types & L1D_FLUSH_ORI) {
332 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
333 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
334 }
335
336 if (types & L1D_FLUSH_MTTRIG)
337 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
338
339 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs));
340
341 printk(KERN_DEBUG "uaccess-flush: patched %d locations (%s flush)\n", i,
342 (types == L1D_FLUSH_NONE) ? "no" :
343 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
344 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
345 ? "ori+mttrig type"
346 : "ori type" :
347 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
348 : "unknown");
349}
350
351static int __do_entry_flush_fixups(void *data)
352{
353 enum l1d_flush_type types = *(enum l1d_flush_type *)data;
354 unsigned int instrs[3];
355 long *start, *end;
356 int i;
357
358 instrs[0] = PPC_RAW_NOP();
359 instrs[1] = PPC_RAW_NOP();
360 instrs[2] = PPC_RAW_NOP();
361
362 i = 0;
363 if (types == L1D_FLUSH_FALLBACK) {
364 instrs[i++] = PPC_RAW_MFLR(_R10);
365 instrs[i++] = PPC_RAW_NOP(); /* branch patched below */
366 instrs[i++] = PPC_RAW_MTLR(_R10);
367 }
368
369 if (types & L1D_FLUSH_ORI) {
370 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
371 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
372 }
373
374 if (types & L1D_FLUSH_MTTRIG)
375 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
376
377 /*
378 * If we're patching in or out the fallback flush we need to be careful about the
379 * order in which we patch instructions. That's because it's possible we could
380 * take a page fault after patching one instruction, so the sequence of
381 * instructions must be safe even in a half patched state.
382 *
383 * To make that work, when patching in the fallback flush we patch in this order:
384 * - the mflr (dest)
385 * - the mtlr (dest + 2)
386 * - the branch (dest + 1)
387 *
388 * That ensures the sequence is safe to execute at any point. In contrast if we
389 * patch the mtlr last, it's possible we could return from the branch and not
390 * restore LR, leading to a crash later.
391 *
392 * When patching out the fallback flush (either with nops or another flush type),
393 * we patch in this order:
394 * - the branch (dest + 1)
395 * - the mtlr (dest + 2)
396 * - the mflr (dest)
397 *
398 * Note we are protected by stop_machine() from other CPUs executing the code in a
399 * semi-patched state.
400 */
401
402 start = PTRRELOC(&__start___entry_flush_fixup);
403 end = PTRRELOC(&__stop___entry_flush_fixup);
404 i = do_patch_entry_fixups(start, end, instrs, types == L1D_FLUSH_FALLBACK,
405 &entry_flush_fallback);
406
407 start = PTRRELOC(&__start___scv_entry_flush_fixup);
408 end = PTRRELOC(&__stop___scv_entry_flush_fixup);
409 i += do_patch_entry_fixups(start, end, instrs, types == L1D_FLUSH_FALLBACK,
410 &scv_entry_flush_fallback);
411
412 printk(KERN_DEBUG "entry-flush: patched %d locations (%s flush)\n", i,
413 (types == L1D_FLUSH_NONE) ? "no" :
414 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
415 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
416 ? "ori+mttrig type"
417 : "ori type" :
418 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
419 : "unknown");
420
421 return 0;
422}
423
424void do_entry_flush_fixups(enum l1d_flush_type types)
425{
426 /*
427 * The call to the fallback flush can not be safely patched in/out while
428 * other CPUs are executing it. So call __do_entry_flush_fixups() on one
429 * CPU while all other CPUs spin in the stop machine core with interrupts
430 * hard disabled.
431 */
432 stop_machine(__do_entry_flush_fixups, &types, NULL);
433}
434
435static int __do_rfi_flush_fixups(void *data)
436{
437 enum l1d_flush_type types = *(enum l1d_flush_type *)data;
438 unsigned int instrs[3];
439 long *start, *end;
440 int i;
441
442 start = PTRRELOC(&__start___rfi_flush_fixup);
443 end = PTRRELOC(&__stop___rfi_flush_fixup);
444
445 instrs[0] = PPC_RAW_NOP();
446 instrs[1] = PPC_RAW_NOP();
447 instrs[2] = PPC_RAW_NOP();
448
449 if (types & L1D_FLUSH_FALLBACK)
450 /* b .+16 to fallback flush */
451 instrs[0] = PPC_RAW_BRANCH(16);
452
453 i = 0;
454 if (types & L1D_FLUSH_ORI) {
455 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
456 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
457 }
458
459 if (types & L1D_FLUSH_MTTRIG)
460 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
461
462 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs));
463
464 printk(KERN_DEBUG "rfi-flush: patched %d locations (%s flush)\n", i,
465 (types == L1D_FLUSH_NONE) ? "no" :
466 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
467 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
468 ? "ori+mttrig type"
469 : "ori type" :
470 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
471 : "unknown");
472
473 return 0;
474}
475
476void do_rfi_flush_fixups(enum l1d_flush_type types)
477{
478 /*
479 * stop_machine gets all CPUs out of the interrupt exit handler same
480 * as do_stf_barrier_fixups. do_rfi_flush_fixups patching can run
481 * without stop_machine, so this could be achieved with a broadcast
482 * IPI instead, but this matches the stf sequence.
483 */
484
485 // Prevent static key update races with do_stf_barrier_fixups()
486 mutex_lock(&exit_flush_lock);
487 static_branch_enable(&interrupt_exit_not_reentrant);
488
489 stop_machine(__do_rfi_flush_fixups, &types, NULL);
490
491 if (types & L1D_FLUSH_FALLBACK)
492 rfi_exit_reentrant = false;
493 else
494 rfi_exit_reentrant = true;
495
496 if (stf_exit_reentrant && rfi_exit_reentrant)
497 static_branch_disable(&interrupt_exit_not_reentrant);
498
499 mutex_unlock(&exit_flush_lock);
500}
501
502void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end)
503{
504 unsigned int instr;
505 long *start, *end;
506 int i;
507
508 start = fixup_start;
509 end = fixup_end;
510
511 instr = PPC_RAW_NOP();
512
513 if (enable) {
514 pr_info("barrier-nospec: using ORI speculation barrier\n");
515 instr = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
516 }
517
518 i = do_patch_fixups(start, end, &instr, 1);
519
520 printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
521}
522
523#endif /* CONFIG_PPC_BOOK3S_64 */
524
525#ifdef CONFIG_PPC_BARRIER_NOSPEC
526void do_barrier_nospec_fixups(bool enable)
527{
528 void *start, *end;
529
530 start = PTRRELOC(&__start___barrier_nospec_fixup);
531 end = PTRRELOC(&__stop___barrier_nospec_fixup);
532
533 do_barrier_nospec_fixups_range(enable, start, end);
534}
535#endif /* CONFIG_PPC_BARRIER_NOSPEC */
536
537#ifdef CONFIG_PPC_E500
538void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end)
539{
540 unsigned int instr[2];
541 long *start, *end;
542 int i;
543
544 start = fixup_start;
545 end = fixup_end;
546
547 instr[0] = PPC_RAW_NOP();
548 instr[1] = PPC_RAW_NOP();
549
550 if (enable) {
551 pr_info("barrier-nospec: using isync; sync as speculation barrier\n");
552 instr[0] = PPC_RAW_ISYNC();
553 instr[1] = PPC_RAW_SYNC();
554 }
555
556 i = do_patch_fixups(start, end, instr, ARRAY_SIZE(instr));
557
558 printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
559}
560
561static void __init patch_btb_flush_section(long *curr)
562{
563 unsigned int *start, *end;
564
565 start = (void *)curr + *curr;
566 end = (void *)curr + *(curr + 1);
567 for (; start < end; start++) {
568 pr_devel("patching dest %lx\n", (unsigned long)start);
569 patch_instruction(start, ppc_inst(PPC_RAW_NOP()));
570 }
571}
572
573void __init do_btb_flush_fixups(void)
574{
575 long *start, *end;
576
577 start = PTRRELOC(&__start__btb_flush_fixup);
578 end = PTRRELOC(&__stop__btb_flush_fixup);
579
580 for (; start < end; start += 2)
581 patch_btb_flush_section(start);
582}
583#endif /* CONFIG_PPC_E500 */
584
585void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
586{
587 long *start, *end;
588 u32 *dest;
589
590 if (!(value & CPU_FTR_LWSYNC))
591 return ;
592
593 start = fixup_start;
594 end = fixup_end;
595
596 for (; start < end; start++) {
597 dest = (void *)start + *start;
598 raw_patch_instruction(dest, ppc_inst(PPC_INST_LWSYNC));
599 }
600}
601
602static void __init do_final_fixups(void)
603{
604#if defined(CONFIG_PPC64) && defined(CONFIG_RELOCATABLE)
605 ppc_inst_t inst;
606 u32 *src, *dest, *end;
607
608 if (PHYSICAL_START == 0)
609 return;
610
611 src = (u32 *)(KERNELBASE + PHYSICAL_START);
612 dest = (u32 *)KERNELBASE;
613 end = (void *)src + (__end_interrupts - _stext);
614
615 while (src < end) {
616 inst = ppc_inst_read(src);
617 raw_patch_instruction(dest, inst);
618 src = ppc_inst_next(src, src);
619 dest = ppc_inst_next(dest, dest);
620 }
621#endif
622}
623
624static unsigned long __initdata saved_cpu_features;
625static unsigned int __initdata saved_mmu_features;
626#ifdef CONFIG_PPC64
627static unsigned long __initdata saved_firmware_features;
628#endif
629
630void __init apply_feature_fixups(void)
631{
632 struct cpu_spec *spec = PTRRELOC(*PTRRELOC(&cur_cpu_spec));
633
634 *PTRRELOC(&saved_cpu_features) = spec->cpu_features;
635 *PTRRELOC(&saved_mmu_features) = spec->mmu_features;
636
637 /*
638 * Apply the CPU-specific and firmware specific fixups to kernel text
639 * (nop out sections not relevant to this CPU or this firmware).
640 */
641 do_feature_fixups(spec->cpu_features,
642 PTRRELOC(&__start___ftr_fixup),
643 PTRRELOC(&__stop___ftr_fixup));
644
645 do_feature_fixups(spec->mmu_features,
646 PTRRELOC(&__start___mmu_ftr_fixup),
647 PTRRELOC(&__stop___mmu_ftr_fixup));
648
649 do_lwsync_fixups(spec->cpu_features,
650 PTRRELOC(&__start___lwsync_fixup),
651 PTRRELOC(&__stop___lwsync_fixup));
652
653#ifdef CONFIG_PPC64
654 saved_firmware_features = powerpc_firmware_features;
655 do_feature_fixups(powerpc_firmware_features,
656 &__start___fw_ftr_fixup, &__stop___fw_ftr_fixup);
657#endif
658 do_final_fixups();
659}
660
661void __init update_mmu_feature_fixups(unsigned long mask)
662{
663 saved_mmu_features &= ~mask;
664 saved_mmu_features |= cur_cpu_spec->mmu_features & mask;
665
666 do_feature_fixups_mask(cur_cpu_spec->mmu_features, mask,
667 PTRRELOC(&__start___mmu_ftr_fixup),
668 PTRRELOC(&__stop___mmu_ftr_fixup));
669 mmu_feature_keys_init();
670}
671
672void __init setup_feature_keys(void)
673{
674 /*
675 * Initialise jump label. This causes all the cpu/mmu_has_feature()
676 * checks to take on their correct polarity based on the current set of
677 * CPU/MMU features.
678 */
679 jump_label_init();
680 cpu_feature_keys_init();
681 mmu_feature_keys_init();
682}
683
684static int __init check_features(void)
685{
686 WARN(saved_cpu_features != cur_cpu_spec->cpu_features,
687 "CPU features changed after feature patching!\n");
688 WARN(saved_mmu_features != cur_cpu_spec->mmu_features,
689 "MMU features changed after feature patching!\n");
690#ifdef CONFIG_PPC64
691 WARN(saved_firmware_features != powerpc_firmware_features,
692 "Firmware features changed after feature patching!\n");
693#endif
694
695 return 0;
696}
697late_initcall(check_features);
698
699#ifdef CONFIG_FTR_FIXUP_SELFTEST
700
701#define check(x) \
702 if (!(x)) printk("feature-fixups: test failed at line %d\n", __LINE__);
703
704static int patch_feature_section(unsigned long value, struct fixup_entry *fcur)
705{
706 return patch_feature_section_mask(value, ~0, fcur);
707}
708
709/* This must be after the text it fixes up, vmlinux.lds.S enforces that atm */
710static struct fixup_entry fixup;
711
712static long __init calc_offset(struct fixup_entry *entry, unsigned int *p)
713{
714 return (unsigned long)p - (unsigned long)entry;
715}
716
717static void __init test_basic_patching(void)
718{
719 extern unsigned int ftr_fixup_test1[];
720 extern unsigned int end_ftr_fixup_test1[];
721 extern unsigned int ftr_fixup_test1_orig[];
722 extern unsigned int ftr_fixup_test1_expected[];
723 int size = 4 * (end_ftr_fixup_test1 - ftr_fixup_test1);
724
725 fixup.value = fixup.mask = 8;
726 fixup.start_off = calc_offset(&fixup, ftr_fixup_test1 + 1);
727 fixup.end_off = calc_offset(&fixup, ftr_fixup_test1 + 2);
728 fixup.alt_start_off = fixup.alt_end_off = 0;
729
730 /* Sanity check */
731 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
732
733 /* Check we don't patch if the value matches */
734 patch_feature_section(8, &fixup);
735 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
736
737 /* Check we do patch if the value doesn't match */
738 patch_feature_section(0, &fixup);
739 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0);
740
741 /* Check we do patch if the mask doesn't match */
742 memcpy(ftr_fixup_test1, ftr_fixup_test1_orig, size);
743 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
744 patch_feature_section(~8, &fixup);
745 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0);
746}
747
748static void __init test_alternative_patching(void)
749{
750 extern unsigned int ftr_fixup_test2[];
751 extern unsigned int end_ftr_fixup_test2[];
752 extern unsigned int ftr_fixup_test2_orig[];
753 extern unsigned int ftr_fixup_test2_alt[];
754 extern unsigned int ftr_fixup_test2_expected[];
755 int size = 4 * (end_ftr_fixup_test2 - ftr_fixup_test2);
756
757 fixup.value = fixup.mask = 0xF;
758 fixup.start_off = calc_offset(&fixup, ftr_fixup_test2 + 1);
759 fixup.end_off = calc_offset(&fixup, ftr_fixup_test2 + 2);
760 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test2_alt);
761 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test2_alt + 1);
762
763 /* Sanity check */
764 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
765
766 /* Check we don't patch if the value matches */
767 patch_feature_section(0xF, &fixup);
768 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
769
770 /* Check we do patch if the value doesn't match */
771 patch_feature_section(0, &fixup);
772 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0);
773
774 /* Check we do patch if the mask doesn't match */
775 memcpy(ftr_fixup_test2, ftr_fixup_test2_orig, size);
776 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
777 patch_feature_section(~0xF, &fixup);
778 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0);
779}
780
781static void __init test_alternative_case_too_big(void)
782{
783 extern unsigned int ftr_fixup_test3[];
784 extern unsigned int end_ftr_fixup_test3[];
785 extern unsigned int ftr_fixup_test3_orig[];
786 extern unsigned int ftr_fixup_test3_alt[];
787 int size = 4 * (end_ftr_fixup_test3 - ftr_fixup_test3);
788
789 fixup.value = fixup.mask = 0xC;
790 fixup.start_off = calc_offset(&fixup, ftr_fixup_test3 + 1);
791 fixup.end_off = calc_offset(&fixup, ftr_fixup_test3 + 2);
792 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test3_alt);
793 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test3_alt + 2);
794
795 /* Sanity check */
796 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
797
798 /* Expect nothing to be patched, and the error returned to us */
799 check(patch_feature_section(0xF, &fixup) == 1);
800 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
801 check(patch_feature_section(0, &fixup) == 1);
802 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
803 check(patch_feature_section(~0xF, &fixup) == 1);
804 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
805}
806
807static void __init test_alternative_case_too_small(void)
808{
809 extern unsigned int ftr_fixup_test4[];
810 extern unsigned int end_ftr_fixup_test4[];
811 extern unsigned int ftr_fixup_test4_orig[];
812 extern unsigned int ftr_fixup_test4_alt[];
813 extern unsigned int ftr_fixup_test4_expected[];
814 int size = 4 * (end_ftr_fixup_test4 - ftr_fixup_test4);
815 unsigned long flag;
816
817 /* Check a high-bit flag */
818 flag = 1UL << ((sizeof(unsigned long) - 1) * 8);
819 fixup.value = fixup.mask = flag;
820 fixup.start_off = calc_offset(&fixup, ftr_fixup_test4 + 1);
821 fixup.end_off = calc_offset(&fixup, ftr_fixup_test4 + 5);
822 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test4_alt);
823 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test4_alt + 2);
824
825 /* Sanity check */
826 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
827
828 /* Check we don't patch if the value matches */
829 patch_feature_section(flag, &fixup);
830 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
831
832 /* Check we do patch if the value doesn't match */
833 patch_feature_section(0, &fixup);
834 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0);
835
836 /* Check we do patch if the mask doesn't match */
837 memcpy(ftr_fixup_test4, ftr_fixup_test4_orig, size);
838 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
839 patch_feature_section(~flag, &fixup);
840 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0);
841}
842
843static void test_alternative_case_with_branch(void)
844{
845 extern unsigned int ftr_fixup_test5[];
846 extern unsigned int end_ftr_fixup_test5[];
847 extern unsigned int ftr_fixup_test5_expected[];
848 int size = 4 * (end_ftr_fixup_test5 - ftr_fixup_test5);
849
850 check(memcmp(ftr_fixup_test5, ftr_fixup_test5_expected, size) == 0);
851}
852
853static void __init test_alternative_case_with_external_branch(void)
854{
855 extern unsigned int ftr_fixup_test6[];
856 extern unsigned int end_ftr_fixup_test6[];
857 extern unsigned int ftr_fixup_test6_expected[];
858 int size = 4 * (end_ftr_fixup_test6 - ftr_fixup_test6);
859
860 check(memcmp(ftr_fixup_test6, ftr_fixup_test6_expected, size) == 0);
861}
862
863static void __init test_alternative_case_with_branch_to_end(void)
864{
865 extern unsigned int ftr_fixup_test7[];
866 extern unsigned int end_ftr_fixup_test7[];
867 extern unsigned int ftr_fixup_test7_expected[];
868 int size = 4 * (end_ftr_fixup_test7 - ftr_fixup_test7);
869
870 check(memcmp(ftr_fixup_test7, ftr_fixup_test7_expected, size) == 0);
871}
872
873static void __init test_cpu_macros(void)
874{
875 extern u8 ftr_fixup_test_FTR_macros[];
876 extern u8 ftr_fixup_test_FTR_macros_expected[];
877 unsigned long size = ftr_fixup_test_FTR_macros_expected -
878 ftr_fixup_test_FTR_macros;
879
880 /* The fixups have already been done for us during boot */
881 check(memcmp(ftr_fixup_test_FTR_macros,
882 ftr_fixup_test_FTR_macros_expected, size) == 0);
883}
884
885static void __init test_fw_macros(void)
886{
887#ifdef CONFIG_PPC64
888 extern u8 ftr_fixup_test_FW_FTR_macros[];
889 extern u8 ftr_fixup_test_FW_FTR_macros_expected[];
890 unsigned long size = ftr_fixup_test_FW_FTR_macros_expected -
891 ftr_fixup_test_FW_FTR_macros;
892
893 /* The fixups have already been done for us during boot */
894 check(memcmp(ftr_fixup_test_FW_FTR_macros,
895 ftr_fixup_test_FW_FTR_macros_expected, size) == 0);
896#endif
897}
898
899static void __init test_lwsync_macros(void)
900{
901 extern u8 lwsync_fixup_test[];
902 extern u8 end_lwsync_fixup_test[];
903 extern u8 lwsync_fixup_test_expected_LWSYNC[];
904 extern u8 lwsync_fixup_test_expected_SYNC[];
905 unsigned long size = end_lwsync_fixup_test -
906 lwsync_fixup_test;
907
908 /* The fixups have already been done for us during boot */
909 if (cur_cpu_spec->cpu_features & CPU_FTR_LWSYNC) {
910 check(memcmp(lwsync_fixup_test,
911 lwsync_fixup_test_expected_LWSYNC, size) == 0);
912 } else {
913 check(memcmp(lwsync_fixup_test,
914 lwsync_fixup_test_expected_SYNC, size) == 0);
915 }
916}
917
918#ifdef CONFIG_PPC64
919static void __init test_prefix_patching(void)
920{
921 extern unsigned int ftr_fixup_prefix1[];
922 extern unsigned int end_ftr_fixup_prefix1[];
923 extern unsigned int ftr_fixup_prefix1_orig[];
924 extern unsigned int ftr_fixup_prefix1_expected[];
925 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix1 - ftr_fixup_prefix1);
926
927 fixup.value = fixup.mask = 8;
928 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix1 + 1);
929 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix1 + 3);
930 fixup.alt_start_off = fixup.alt_end_off = 0;
931
932 /* Sanity check */
933 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_orig, size) == 0);
934
935 patch_feature_section(0, &fixup);
936 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_expected, size) == 0);
937 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_orig, size) != 0);
938}
939
940static void __init test_prefix_alt_patching(void)
941{
942 extern unsigned int ftr_fixup_prefix2[];
943 extern unsigned int end_ftr_fixup_prefix2[];
944 extern unsigned int ftr_fixup_prefix2_orig[];
945 extern unsigned int ftr_fixup_prefix2_expected[];
946 extern unsigned int ftr_fixup_prefix2_alt[];
947 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix2 - ftr_fixup_prefix2);
948
949 fixup.value = fixup.mask = 8;
950 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix2 + 1);
951 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix2 + 3);
952 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_prefix2_alt);
953 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_prefix2_alt + 2);
954 /* Sanity check */
955 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_orig, size) == 0);
956
957 patch_feature_section(0, &fixup);
958 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_expected, size) == 0);
959 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_orig, size) != 0);
960}
961
962static void __init test_prefix_word_alt_patching(void)
963{
964 extern unsigned int ftr_fixup_prefix3[];
965 extern unsigned int end_ftr_fixup_prefix3[];
966 extern unsigned int ftr_fixup_prefix3_orig[];
967 extern unsigned int ftr_fixup_prefix3_expected[];
968 extern unsigned int ftr_fixup_prefix3_alt[];
969 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix3 - ftr_fixup_prefix3);
970
971 fixup.value = fixup.mask = 8;
972 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix3 + 1);
973 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix3 + 4);
974 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_prefix3_alt);
975 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_prefix3_alt + 3);
976 /* Sanity check */
977 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_orig, size) == 0);
978
979 patch_feature_section(0, &fixup);
980 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_expected, size) == 0);
981 patch_feature_section(0, &fixup);
982 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_orig, size) != 0);
983}
984#else
985static inline void test_prefix_patching(void) {}
986static inline void test_prefix_alt_patching(void) {}
987static inline void test_prefix_word_alt_patching(void) {}
988#endif /* CONFIG_PPC64 */
989
990static int __init test_feature_fixups(void)
991{
992 printk(KERN_DEBUG "Running feature fixup self-tests ...\n");
993
994 test_basic_patching();
995 test_alternative_patching();
996 test_alternative_case_too_big();
997 test_alternative_case_too_small();
998 test_alternative_case_with_branch();
999 test_alternative_case_with_external_branch();
1000 test_alternative_case_with_branch_to_end();
1001 test_cpu_macros();
1002 test_fw_macros();
1003 test_lwsync_macros();
1004 test_prefix_patching();
1005 test_prefix_alt_patching();
1006 test_prefix_word_alt_patching();
1007
1008 return 0;
1009}
1010late_initcall(test_feature_fixups);
1011
1012#endif /* CONFIG_FTR_FIXUP_SELFTEST */
1// SPDX-License-Identifier: GPL-2.0-or-later
2/*
3 * Copyright (C) 2001 Ben. Herrenschmidt (benh@kernel.crashing.org)
4 *
5 * Modifications for ppc64:
6 * Copyright (C) 2003 Dave Engebretsen <engebret@us.ibm.com>
7 *
8 * Copyright 2008 Michael Ellerman, IBM Corporation.
9 */
10
11#include <linux/types.h>
12#include <linux/jump_label.h>
13#include <linux/kernel.h>
14#include <linux/string.h>
15#include <linux/init.h>
16#include <linux/sched/mm.h>
17#include <linux/stop_machine.h>
18#include <asm/cputable.h>
19#include <asm/text-patching.h>
20#include <asm/interrupt.h>
21#include <asm/page.h>
22#include <asm/sections.h>
23#include <asm/setup.h>
24#include <asm/security_features.h>
25#include <asm/firmware.h>
26#include <asm/inst.h>
27
28/*
29 * Used to generate warnings if mmu or cpu feature check functions that
30 * use static keys before they are initialized.
31 */
32bool static_key_feature_checks_initialized __read_mostly;
33EXPORT_SYMBOL_GPL(static_key_feature_checks_initialized);
34
35struct fixup_entry {
36 unsigned long mask;
37 unsigned long value;
38 long start_off;
39 long end_off;
40 long alt_start_off;
41 long alt_end_off;
42};
43
44static u32 *calc_addr(struct fixup_entry *fcur, long offset)
45{
46 /*
47 * We store the offset to the code as a negative offset from
48 * the start of the alt_entry, to support the VDSO. This
49 * routine converts that back into an actual address.
50 */
51 return (u32 *)((unsigned long)fcur + offset);
52}
53
54static int patch_alt_instruction(u32 *src, u32 *dest, u32 *alt_start, u32 *alt_end)
55{
56 int err;
57 ppc_inst_t instr;
58
59 instr = ppc_inst_read(src);
60
61 if (instr_is_relative_branch(ppc_inst_read(src))) {
62 u32 *target = (u32 *)branch_target(src);
63
64 /* Branch within the section doesn't need translating */
65 if (target < alt_start || target > alt_end) {
66 err = translate_branch(&instr, dest, src);
67 if (err)
68 return 1;
69 }
70 }
71
72 raw_patch_instruction(dest, instr);
73
74 return 0;
75}
76
77static int patch_feature_section_mask(unsigned long value, unsigned long mask,
78 struct fixup_entry *fcur)
79{
80 u32 *start, *end, *alt_start, *alt_end, *src, *dest;
81
82 start = calc_addr(fcur, fcur->start_off);
83 end = calc_addr(fcur, fcur->end_off);
84 alt_start = calc_addr(fcur, fcur->alt_start_off);
85 alt_end = calc_addr(fcur, fcur->alt_end_off);
86
87 if ((alt_end - alt_start) > (end - start))
88 return 1;
89
90 if ((value & fcur->mask & mask) == (fcur->value & mask))
91 return 0;
92
93 src = alt_start;
94 dest = start;
95
96 for (; src < alt_end; src = ppc_inst_next(src, src),
97 dest = ppc_inst_next(dest, dest)) {
98 if (patch_alt_instruction(src, dest, alt_start, alt_end))
99 return 1;
100 }
101
102 for (; dest < end; dest++)
103 raw_patch_instruction(dest, ppc_inst(PPC_RAW_NOP()));
104
105 return 0;
106}
107
108static void do_feature_fixups_mask(unsigned long value, unsigned long mask,
109 void *fixup_start, void *fixup_end)
110{
111 struct fixup_entry *fcur, *fend;
112
113 fcur = fixup_start;
114 fend = fixup_end;
115
116 for (; fcur < fend; fcur++) {
117 if (patch_feature_section_mask(value, mask, fcur)) {
118 WARN_ON(1);
119 printk("Unable to patch feature section at %p - %p" \
120 " with %p - %p\n",
121 calc_addr(fcur, fcur->start_off),
122 calc_addr(fcur, fcur->end_off),
123 calc_addr(fcur, fcur->alt_start_off),
124 calc_addr(fcur, fcur->alt_end_off));
125 }
126 }
127}
128
129void do_feature_fixups(unsigned long value, void *fixup_start, void *fixup_end)
130{
131 do_feature_fixups_mask(value, ~0, fixup_start, fixup_end);
132}
133
134#ifdef CONFIG_PPC_BARRIER_NOSPEC
135static bool is_fixup_addr_valid(void *dest, size_t size)
136{
137 return system_state < SYSTEM_FREEING_INITMEM ||
138 !init_section_contains(dest, size);
139}
140
141static int do_patch_fixups(long *start, long *end, unsigned int *instrs, int num)
142{
143 int i;
144
145 for (i = 0; start < end; start++, i++) {
146 int j;
147 unsigned int *dest = (void *)start + *start;
148
149 if (!is_fixup_addr_valid(dest, sizeof(*instrs) * num))
150 continue;
151
152 pr_devel("patching dest %lx\n", (unsigned long)dest);
153
154 for (j = 0; j < num; j++)
155 patch_instruction(dest + j, ppc_inst(instrs[j]));
156 }
157 return i;
158}
159#endif
160
161#ifdef CONFIG_PPC_BOOK3S_64
162static int do_patch_entry_fixups(long *start, long *end, unsigned int *instrs,
163 bool do_fallback, void *fallback)
164{
165 int i;
166
167 for (i = 0; start < end; start++, i++) {
168 unsigned int *dest = (void *)start + *start;
169
170 if (!is_fixup_addr_valid(dest, sizeof(*instrs) * 3))
171 continue;
172
173 pr_devel("patching dest %lx\n", (unsigned long)dest);
174
175 // See comment in do_entry_flush_fixups() RE order of patching
176 if (do_fallback) {
177 patch_instruction(dest, ppc_inst(instrs[0]));
178 patch_instruction(dest + 2, ppc_inst(instrs[2]));
179 patch_branch(dest + 1, (unsigned long)fallback, BRANCH_SET_LINK);
180 } else {
181 patch_instruction(dest + 1, ppc_inst(instrs[1]));
182 patch_instruction(dest + 2, ppc_inst(instrs[2]));
183 patch_instruction(dest, ppc_inst(instrs[0]));
184 }
185 }
186 return i;
187}
188
189static void do_stf_entry_barrier_fixups(enum stf_barrier_type types)
190{
191 unsigned int instrs[3];
192 long *start, *end;
193 int i;
194
195 start = PTRRELOC(&__start___stf_entry_barrier_fixup);
196 end = PTRRELOC(&__stop___stf_entry_barrier_fixup);
197
198 instrs[0] = PPC_RAW_NOP();
199 instrs[1] = PPC_RAW_NOP();
200 instrs[2] = PPC_RAW_NOP();
201
202 i = 0;
203 if (types & STF_BARRIER_FALLBACK) {
204 instrs[i++] = PPC_RAW_MFLR(_R10);
205 instrs[i++] = PPC_RAW_NOP(); /* branch patched below */
206 instrs[i++] = PPC_RAW_MTLR(_R10);
207 } else if (types & STF_BARRIER_EIEIO) {
208 instrs[i++] = PPC_RAW_EIEIO() | 0x02000000; /* eieio + bit 6 hint */
209 } else if (types & STF_BARRIER_SYNC_ORI) {
210 instrs[i++] = PPC_RAW_SYNC();
211 instrs[i++] = PPC_RAW_LD(_R10, _R13, 0);
212 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
213 }
214
215 i = do_patch_entry_fixups(start, end, instrs, types & STF_BARRIER_FALLBACK,
216 &stf_barrier_fallback);
217
218 printk(KERN_DEBUG "stf-barrier: patched %d entry locations (%s barrier)\n", i,
219 (types == STF_BARRIER_NONE) ? "no" :
220 (types == STF_BARRIER_FALLBACK) ? "fallback" :
221 (types == STF_BARRIER_EIEIO) ? "eieio" :
222 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync"
223 : "unknown");
224}
225
226static void do_stf_exit_barrier_fixups(enum stf_barrier_type types)
227{
228 unsigned int instrs[6];
229 long *start, *end;
230 int i;
231
232 start = PTRRELOC(&__start___stf_exit_barrier_fixup);
233 end = PTRRELOC(&__stop___stf_exit_barrier_fixup);
234
235 instrs[0] = PPC_RAW_NOP();
236 instrs[1] = PPC_RAW_NOP();
237 instrs[2] = PPC_RAW_NOP();
238 instrs[3] = PPC_RAW_NOP();
239 instrs[4] = PPC_RAW_NOP();
240 instrs[5] = PPC_RAW_NOP();
241
242 i = 0;
243 if (types & STF_BARRIER_FALLBACK || types & STF_BARRIER_SYNC_ORI) {
244 if (cpu_has_feature(CPU_FTR_HVMODE)) {
245 instrs[i++] = PPC_RAW_MTSPR(SPRN_HSPRG1, _R13);
246 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_HSPRG0);
247 } else {
248 instrs[i++] = PPC_RAW_MTSPR(SPRN_SPRG2, _R13);
249 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_SPRG1);
250 }
251 instrs[i++] = PPC_RAW_SYNC();
252 instrs[i++] = PPC_RAW_LD(_R13, _R13, 0);
253 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
254 if (cpu_has_feature(CPU_FTR_HVMODE))
255 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_HSPRG1);
256 else
257 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_SPRG2);
258 } else if (types & STF_BARRIER_EIEIO) {
259 instrs[i++] = PPC_RAW_EIEIO() | 0x02000000; /* eieio + bit 6 hint */
260 }
261
262 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs));
263
264 printk(KERN_DEBUG "stf-barrier: patched %d exit locations (%s barrier)\n", i,
265 (types == STF_BARRIER_NONE) ? "no" :
266 (types == STF_BARRIER_FALLBACK) ? "fallback" :
267 (types == STF_BARRIER_EIEIO) ? "eieio" :
268 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync"
269 : "unknown");
270}
271
272static bool stf_exit_reentrant = false;
273static bool rfi_exit_reentrant = false;
274static DEFINE_MUTEX(exit_flush_lock);
275
276static int __do_stf_barrier_fixups(void *data)
277{
278 enum stf_barrier_type *types = data;
279
280 do_stf_entry_barrier_fixups(*types);
281 do_stf_exit_barrier_fixups(*types);
282
283 return 0;
284}
285
286void do_stf_barrier_fixups(enum stf_barrier_type types)
287{
288 /*
289 * The call to the fallback entry flush, and the fallback/sync-ori exit
290 * flush can not be safely patched in/out while other CPUs are
291 * executing them. So call __do_stf_barrier_fixups() on one CPU while
292 * all other CPUs spin in the stop machine core with interrupts hard
293 * disabled.
294 *
295 * The branch to mark interrupt exits non-reentrant is enabled first,
296 * then stop_machine runs which will ensure all CPUs are out of the
297 * low level interrupt exit code before patching. After the patching,
298 * if allowed, then flip the branch to allow fast exits.
299 */
300
301 // Prevent static key update races with do_rfi_flush_fixups()
302 mutex_lock(&exit_flush_lock);
303 static_branch_enable(&interrupt_exit_not_reentrant);
304
305 stop_machine(__do_stf_barrier_fixups, &types, NULL);
306
307 if ((types & STF_BARRIER_FALLBACK) || (types & STF_BARRIER_SYNC_ORI))
308 stf_exit_reentrant = false;
309 else
310 stf_exit_reentrant = true;
311
312 if (stf_exit_reentrant && rfi_exit_reentrant)
313 static_branch_disable(&interrupt_exit_not_reentrant);
314
315 mutex_unlock(&exit_flush_lock);
316}
317
318void do_uaccess_flush_fixups(enum l1d_flush_type types)
319{
320 unsigned int instrs[4];
321 long *start, *end;
322 int i;
323
324 start = PTRRELOC(&__start___uaccess_flush_fixup);
325 end = PTRRELOC(&__stop___uaccess_flush_fixup);
326
327 instrs[0] = PPC_RAW_NOP();
328 instrs[1] = PPC_RAW_NOP();
329 instrs[2] = PPC_RAW_NOP();
330 instrs[3] = PPC_RAW_BLR();
331
332 i = 0;
333 if (types == L1D_FLUSH_FALLBACK) {
334 instrs[3] = PPC_RAW_NOP();
335 /* fallthrough to fallback flush */
336 }
337
338 if (types & L1D_FLUSH_ORI) {
339 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
340 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
341 }
342
343 if (types & L1D_FLUSH_MTTRIG)
344 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
345
346 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs));
347
348 printk(KERN_DEBUG "uaccess-flush: patched %d locations (%s flush)\n", i,
349 (types == L1D_FLUSH_NONE) ? "no" :
350 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
351 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
352 ? "ori+mttrig type"
353 : "ori type" :
354 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
355 : "unknown");
356}
357
358static int __do_entry_flush_fixups(void *data)
359{
360 enum l1d_flush_type types = *(enum l1d_flush_type *)data;
361 unsigned int instrs[3];
362 long *start, *end;
363 int i;
364
365 instrs[0] = PPC_RAW_NOP();
366 instrs[1] = PPC_RAW_NOP();
367 instrs[2] = PPC_RAW_NOP();
368
369 i = 0;
370 if (types == L1D_FLUSH_FALLBACK) {
371 instrs[i++] = PPC_RAW_MFLR(_R10);
372 instrs[i++] = PPC_RAW_NOP(); /* branch patched below */
373 instrs[i++] = PPC_RAW_MTLR(_R10);
374 }
375
376 if (types & L1D_FLUSH_ORI) {
377 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
378 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
379 }
380
381 if (types & L1D_FLUSH_MTTRIG)
382 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
383
384 /*
385 * If we're patching in or out the fallback flush we need to be careful about the
386 * order in which we patch instructions. That's because it's possible we could
387 * take a page fault after patching one instruction, so the sequence of
388 * instructions must be safe even in a half patched state.
389 *
390 * To make that work, when patching in the fallback flush we patch in this order:
391 * - the mflr (dest)
392 * - the mtlr (dest + 2)
393 * - the branch (dest + 1)
394 *
395 * That ensures the sequence is safe to execute at any point. In contrast if we
396 * patch the mtlr last, it's possible we could return from the branch and not
397 * restore LR, leading to a crash later.
398 *
399 * When patching out the fallback flush (either with nops or another flush type),
400 * we patch in this order:
401 * - the branch (dest + 1)
402 * - the mtlr (dest + 2)
403 * - the mflr (dest)
404 *
405 * Note we are protected by stop_machine() from other CPUs executing the code in a
406 * semi-patched state.
407 */
408
409 start = PTRRELOC(&__start___entry_flush_fixup);
410 end = PTRRELOC(&__stop___entry_flush_fixup);
411 i = do_patch_entry_fixups(start, end, instrs, types == L1D_FLUSH_FALLBACK,
412 &entry_flush_fallback);
413
414 start = PTRRELOC(&__start___scv_entry_flush_fixup);
415 end = PTRRELOC(&__stop___scv_entry_flush_fixup);
416 i += do_patch_entry_fixups(start, end, instrs, types == L1D_FLUSH_FALLBACK,
417 &scv_entry_flush_fallback);
418
419 printk(KERN_DEBUG "entry-flush: patched %d locations (%s flush)\n", i,
420 (types == L1D_FLUSH_NONE) ? "no" :
421 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
422 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
423 ? "ori+mttrig type"
424 : "ori type" :
425 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
426 : "unknown");
427
428 return 0;
429}
430
431void do_entry_flush_fixups(enum l1d_flush_type types)
432{
433 /*
434 * The call to the fallback flush can not be safely patched in/out while
435 * other CPUs are executing it. So call __do_entry_flush_fixups() on one
436 * CPU while all other CPUs spin in the stop machine core with interrupts
437 * hard disabled.
438 */
439 stop_machine(__do_entry_flush_fixups, &types, NULL);
440}
441
442static int __do_rfi_flush_fixups(void *data)
443{
444 enum l1d_flush_type types = *(enum l1d_flush_type *)data;
445 unsigned int instrs[3];
446 long *start, *end;
447 int i;
448
449 start = PTRRELOC(&__start___rfi_flush_fixup);
450 end = PTRRELOC(&__stop___rfi_flush_fixup);
451
452 instrs[0] = PPC_RAW_NOP();
453 instrs[1] = PPC_RAW_NOP();
454 instrs[2] = PPC_RAW_NOP();
455
456 if (types & L1D_FLUSH_FALLBACK)
457 /* b .+16 to fallback flush */
458 instrs[0] = PPC_RAW_BRANCH(16);
459
460 i = 0;
461 if (types & L1D_FLUSH_ORI) {
462 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
463 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */
464 }
465
466 if (types & L1D_FLUSH_MTTRIG)
467 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0);
468
469 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs));
470
471 printk(KERN_DEBUG "rfi-flush: patched %d locations (%s flush)\n", i,
472 (types == L1D_FLUSH_NONE) ? "no" :
473 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" :
474 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG)
475 ? "ori+mttrig type"
476 : "ori type" :
477 (types & L1D_FLUSH_MTTRIG) ? "mttrig type"
478 : "unknown");
479
480 return 0;
481}
482
483void do_rfi_flush_fixups(enum l1d_flush_type types)
484{
485 /*
486 * stop_machine gets all CPUs out of the interrupt exit handler same
487 * as do_stf_barrier_fixups. do_rfi_flush_fixups patching can run
488 * without stop_machine, so this could be achieved with a broadcast
489 * IPI instead, but this matches the stf sequence.
490 */
491
492 // Prevent static key update races with do_stf_barrier_fixups()
493 mutex_lock(&exit_flush_lock);
494 static_branch_enable(&interrupt_exit_not_reentrant);
495
496 stop_machine(__do_rfi_flush_fixups, &types, NULL);
497
498 if (types & L1D_FLUSH_FALLBACK)
499 rfi_exit_reentrant = false;
500 else
501 rfi_exit_reentrant = true;
502
503 if (stf_exit_reentrant && rfi_exit_reentrant)
504 static_branch_disable(&interrupt_exit_not_reentrant);
505
506 mutex_unlock(&exit_flush_lock);
507}
508
509void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end)
510{
511 unsigned int instr;
512 long *start, *end;
513 int i;
514
515 start = fixup_start;
516 end = fixup_end;
517
518 instr = PPC_RAW_NOP();
519
520 if (enable) {
521 pr_info("barrier-nospec: using ORI speculation barrier\n");
522 instr = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */
523 }
524
525 i = do_patch_fixups(start, end, &instr, 1);
526
527 printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
528}
529
530#endif /* CONFIG_PPC_BOOK3S_64 */
531
532#ifdef CONFIG_PPC_BARRIER_NOSPEC
533void do_barrier_nospec_fixups(bool enable)
534{
535 void *start, *end;
536
537 start = PTRRELOC(&__start___barrier_nospec_fixup);
538 end = PTRRELOC(&__stop___barrier_nospec_fixup);
539
540 do_barrier_nospec_fixups_range(enable, start, end);
541}
542#endif /* CONFIG_PPC_BARRIER_NOSPEC */
543
544#ifdef CONFIG_PPC_E500
545void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end)
546{
547 unsigned int instr[2];
548 long *start, *end;
549 int i;
550
551 start = fixup_start;
552 end = fixup_end;
553
554 instr[0] = PPC_RAW_NOP();
555 instr[1] = PPC_RAW_NOP();
556
557 if (enable) {
558 pr_info("barrier-nospec: using isync; sync as speculation barrier\n");
559 instr[0] = PPC_RAW_ISYNC();
560 instr[1] = PPC_RAW_SYNC();
561 }
562
563 i = do_patch_fixups(start, end, instr, ARRAY_SIZE(instr));
564
565 printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i);
566}
567
568static void __init patch_btb_flush_section(long *curr)
569{
570 unsigned int *start, *end;
571
572 start = (void *)curr + *curr;
573 end = (void *)curr + *(curr + 1);
574 for (; start < end; start++) {
575 pr_devel("patching dest %lx\n", (unsigned long)start);
576 patch_instruction(start, ppc_inst(PPC_RAW_NOP()));
577 }
578}
579
580void __init do_btb_flush_fixups(void)
581{
582 long *start, *end;
583
584 start = PTRRELOC(&__start__btb_flush_fixup);
585 end = PTRRELOC(&__stop__btb_flush_fixup);
586
587 for (; start < end; start += 2)
588 patch_btb_flush_section(start);
589}
590#endif /* CONFIG_PPC_E500 */
591
592void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end)
593{
594 long *start, *end;
595 u32 *dest;
596
597 if (!(value & CPU_FTR_LWSYNC))
598 return ;
599
600 start = fixup_start;
601 end = fixup_end;
602
603 for (; start < end; start++) {
604 dest = (void *)start + *start;
605 raw_patch_instruction(dest, ppc_inst(PPC_INST_LWSYNC));
606 }
607}
608
609static void __init do_final_fixups(void)
610{
611#if defined(CONFIG_PPC64) && defined(CONFIG_RELOCATABLE)
612 ppc_inst_t inst;
613 u32 *src, *dest, *end;
614
615 if (PHYSICAL_START == 0)
616 return;
617
618 src = (u32 *)(KERNELBASE + PHYSICAL_START);
619 dest = (u32 *)KERNELBASE;
620 end = (void *)src + (__end_interrupts - _stext);
621
622 while (src < end) {
623 inst = ppc_inst_read(src);
624 raw_patch_instruction(dest, inst);
625 src = ppc_inst_next(src, src);
626 dest = ppc_inst_next(dest, dest);
627 }
628#endif
629}
630
631static unsigned long __initdata saved_cpu_features;
632static unsigned int __initdata saved_mmu_features;
633#ifdef CONFIG_PPC64
634static unsigned long __initdata saved_firmware_features;
635#endif
636
637void __init apply_feature_fixups(void)
638{
639 struct cpu_spec *spec = PTRRELOC(*PTRRELOC(&cur_cpu_spec));
640
641 *PTRRELOC(&saved_cpu_features) = spec->cpu_features;
642 *PTRRELOC(&saved_mmu_features) = spec->mmu_features;
643
644 /*
645 * Apply the CPU-specific and firmware specific fixups to kernel text
646 * (nop out sections not relevant to this CPU or this firmware).
647 */
648 do_feature_fixups(spec->cpu_features,
649 PTRRELOC(&__start___ftr_fixup),
650 PTRRELOC(&__stop___ftr_fixup));
651
652 do_feature_fixups(spec->mmu_features,
653 PTRRELOC(&__start___mmu_ftr_fixup),
654 PTRRELOC(&__stop___mmu_ftr_fixup));
655
656 do_lwsync_fixups(spec->cpu_features,
657 PTRRELOC(&__start___lwsync_fixup),
658 PTRRELOC(&__stop___lwsync_fixup));
659
660#ifdef CONFIG_PPC64
661 saved_firmware_features = powerpc_firmware_features;
662 do_feature_fixups(powerpc_firmware_features,
663 &__start___fw_ftr_fixup, &__stop___fw_ftr_fixup);
664#endif
665 do_final_fixups();
666}
667
668void __init update_mmu_feature_fixups(unsigned long mask)
669{
670 saved_mmu_features &= ~mask;
671 saved_mmu_features |= cur_cpu_spec->mmu_features & mask;
672
673 do_feature_fixups_mask(cur_cpu_spec->mmu_features, mask,
674 PTRRELOC(&__start___mmu_ftr_fixup),
675 PTRRELOC(&__stop___mmu_ftr_fixup));
676 mmu_feature_keys_init();
677}
678
679void __init setup_feature_keys(void)
680{
681 /*
682 * Initialise jump label. This causes all the cpu/mmu_has_feature()
683 * checks to take on their correct polarity based on the current set of
684 * CPU/MMU features.
685 */
686 jump_label_init();
687 cpu_feature_keys_init();
688 mmu_feature_keys_init();
689 static_key_feature_checks_initialized = true;
690}
691
692static int __init check_features(void)
693{
694 WARN(saved_cpu_features != cur_cpu_spec->cpu_features,
695 "CPU features changed after feature patching!\n");
696 WARN(saved_mmu_features != cur_cpu_spec->mmu_features,
697 "MMU features changed after feature patching!\n");
698#ifdef CONFIG_PPC64
699 WARN(saved_firmware_features != powerpc_firmware_features,
700 "Firmware features changed after feature patching!\n");
701#endif
702
703 return 0;
704}
705late_initcall(check_features);
706
707#ifdef CONFIG_FTR_FIXUP_SELFTEST
708
709#define check(x) \
710 if (!(x)) printk("feature-fixups: test failed at line %d\n", __LINE__);
711
712static int patch_feature_section(unsigned long value, struct fixup_entry *fcur)
713{
714 return patch_feature_section_mask(value, ~0, fcur);
715}
716
717/* This must be after the text it fixes up, vmlinux.lds.S enforces that atm */
718static struct fixup_entry fixup;
719
720static long __init calc_offset(struct fixup_entry *entry, unsigned int *p)
721{
722 return (unsigned long)p - (unsigned long)entry;
723}
724
725static void __init test_basic_patching(void)
726{
727 extern unsigned int ftr_fixup_test1[];
728 extern unsigned int end_ftr_fixup_test1[];
729 extern unsigned int ftr_fixup_test1_orig[];
730 extern unsigned int ftr_fixup_test1_expected[];
731 int size = 4 * (end_ftr_fixup_test1 - ftr_fixup_test1);
732
733 fixup.value = fixup.mask = 8;
734 fixup.start_off = calc_offset(&fixup, ftr_fixup_test1 + 1);
735 fixup.end_off = calc_offset(&fixup, ftr_fixup_test1 + 2);
736 fixup.alt_start_off = fixup.alt_end_off = 0;
737
738 /* Sanity check */
739 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
740
741 /* Check we don't patch if the value matches */
742 patch_feature_section(8, &fixup);
743 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
744
745 /* Check we do patch if the value doesn't match */
746 patch_feature_section(0, &fixup);
747 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0);
748
749 /* Check we do patch if the mask doesn't match */
750 memcpy(ftr_fixup_test1, ftr_fixup_test1_orig, size);
751 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0);
752 patch_feature_section(~8, &fixup);
753 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0);
754}
755
756static void __init test_alternative_patching(void)
757{
758 extern unsigned int ftr_fixup_test2[];
759 extern unsigned int end_ftr_fixup_test2[];
760 extern unsigned int ftr_fixup_test2_orig[];
761 extern unsigned int ftr_fixup_test2_alt[];
762 extern unsigned int ftr_fixup_test2_expected[];
763 int size = 4 * (end_ftr_fixup_test2 - ftr_fixup_test2);
764
765 fixup.value = fixup.mask = 0xF;
766 fixup.start_off = calc_offset(&fixup, ftr_fixup_test2 + 1);
767 fixup.end_off = calc_offset(&fixup, ftr_fixup_test2 + 2);
768 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test2_alt);
769 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test2_alt + 1);
770
771 /* Sanity check */
772 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
773
774 /* Check we don't patch if the value matches */
775 patch_feature_section(0xF, &fixup);
776 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
777
778 /* Check we do patch if the value doesn't match */
779 patch_feature_section(0, &fixup);
780 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0);
781
782 /* Check we do patch if the mask doesn't match */
783 memcpy(ftr_fixup_test2, ftr_fixup_test2_orig, size);
784 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0);
785 patch_feature_section(~0xF, &fixup);
786 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0);
787}
788
789static void __init test_alternative_case_too_big(void)
790{
791 extern unsigned int ftr_fixup_test3[];
792 extern unsigned int end_ftr_fixup_test3[];
793 extern unsigned int ftr_fixup_test3_orig[];
794 extern unsigned int ftr_fixup_test3_alt[];
795 int size = 4 * (end_ftr_fixup_test3 - ftr_fixup_test3);
796
797 fixup.value = fixup.mask = 0xC;
798 fixup.start_off = calc_offset(&fixup, ftr_fixup_test3 + 1);
799 fixup.end_off = calc_offset(&fixup, ftr_fixup_test3 + 2);
800 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test3_alt);
801 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test3_alt + 2);
802
803 /* Sanity check */
804 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
805
806 /* Expect nothing to be patched, and the error returned to us */
807 check(patch_feature_section(0xF, &fixup) == 1);
808 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
809 check(patch_feature_section(0, &fixup) == 1);
810 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
811 check(patch_feature_section(~0xF, &fixup) == 1);
812 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0);
813}
814
815static void __init test_alternative_case_too_small(void)
816{
817 extern unsigned int ftr_fixup_test4[];
818 extern unsigned int end_ftr_fixup_test4[];
819 extern unsigned int ftr_fixup_test4_orig[];
820 extern unsigned int ftr_fixup_test4_alt[];
821 extern unsigned int ftr_fixup_test4_expected[];
822 int size = 4 * (end_ftr_fixup_test4 - ftr_fixup_test4);
823 unsigned long flag;
824
825 /* Check a high-bit flag */
826 flag = 1UL << ((sizeof(unsigned long) - 1) * 8);
827 fixup.value = fixup.mask = flag;
828 fixup.start_off = calc_offset(&fixup, ftr_fixup_test4 + 1);
829 fixup.end_off = calc_offset(&fixup, ftr_fixup_test4 + 5);
830 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test4_alt);
831 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test4_alt + 2);
832
833 /* Sanity check */
834 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
835
836 /* Check we don't patch if the value matches */
837 patch_feature_section(flag, &fixup);
838 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
839
840 /* Check we do patch if the value doesn't match */
841 patch_feature_section(0, &fixup);
842 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0);
843
844 /* Check we do patch if the mask doesn't match */
845 memcpy(ftr_fixup_test4, ftr_fixup_test4_orig, size);
846 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0);
847 patch_feature_section(~flag, &fixup);
848 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0);
849}
850
851static void test_alternative_case_with_branch(void)
852{
853 extern unsigned int ftr_fixup_test5[];
854 extern unsigned int end_ftr_fixup_test5[];
855 extern unsigned int ftr_fixup_test5_expected[];
856 int size = 4 * (end_ftr_fixup_test5 - ftr_fixup_test5);
857
858 check(memcmp(ftr_fixup_test5, ftr_fixup_test5_expected, size) == 0);
859}
860
861static void __init test_alternative_case_with_external_branch(void)
862{
863 extern unsigned int ftr_fixup_test6[];
864 extern unsigned int end_ftr_fixup_test6[];
865 extern unsigned int ftr_fixup_test6_expected[];
866 int size = 4 * (end_ftr_fixup_test6 - ftr_fixup_test6);
867
868 check(memcmp(ftr_fixup_test6, ftr_fixup_test6_expected, size) == 0);
869}
870
871static void __init test_alternative_case_with_branch_to_end(void)
872{
873 extern unsigned int ftr_fixup_test7[];
874 extern unsigned int end_ftr_fixup_test7[];
875 extern unsigned int ftr_fixup_test7_expected[];
876 int size = 4 * (end_ftr_fixup_test7 - ftr_fixup_test7);
877
878 check(memcmp(ftr_fixup_test7, ftr_fixup_test7_expected, size) == 0);
879}
880
881static void __init test_cpu_macros(void)
882{
883 extern u8 ftr_fixup_test_FTR_macros[];
884 extern u8 ftr_fixup_test_FTR_macros_expected[];
885 unsigned long size = ftr_fixup_test_FTR_macros_expected -
886 ftr_fixup_test_FTR_macros;
887
888 /* The fixups have already been done for us during boot */
889 check(memcmp(ftr_fixup_test_FTR_macros,
890 ftr_fixup_test_FTR_macros_expected, size) == 0);
891}
892
893static void __init test_fw_macros(void)
894{
895#ifdef CONFIG_PPC64
896 extern u8 ftr_fixup_test_FW_FTR_macros[];
897 extern u8 ftr_fixup_test_FW_FTR_macros_expected[];
898 unsigned long size = ftr_fixup_test_FW_FTR_macros_expected -
899 ftr_fixup_test_FW_FTR_macros;
900
901 /* The fixups have already been done for us during boot */
902 check(memcmp(ftr_fixup_test_FW_FTR_macros,
903 ftr_fixup_test_FW_FTR_macros_expected, size) == 0);
904#endif
905}
906
907static void __init test_lwsync_macros(void)
908{
909 extern u8 lwsync_fixup_test[];
910 extern u8 end_lwsync_fixup_test[];
911 extern u8 lwsync_fixup_test_expected_LWSYNC[];
912 extern u8 lwsync_fixup_test_expected_SYNC[];
913 unsigned long size = end_lwsync_fixup_test -
914 lwsync_fixup_test;
915
916 /* The fixups have already been done for us during boot */
917 if (cur_cpu_spec->cpu_features & CPU_FTR_LWSYNC) {
918 check(memcmp(lwsync_fixup_test,
919 lwsync_fixup_test_expected_LWSYNC, size) == 0);
920 } else {
921 check(memcmp(lwsync_fixup_test,
922 lwsync_fixup_test_expected_SYNC, size) == 0);
923 }
924}
925
926#ifdef CONFIG_PPC64
927static void __init test_prefix_patching(void)
928{
929 extern unsigned int ftr_fixup_prefix1[];
930 extern unsigned int end_ftr_fixup_prefix1[];
931 extern unsigned int ftr_fixup_prefix1_orig[];
932 extern unsigned int ftr_fixup_prefix1_expected[];
933 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix1 - ftr_fixup_prefix1);
934
935 fixup.value = fixup.mask = 8;
936 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix1 + 1);
937 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix1 + 3);
938 fixup.alt_start_off = fixup.alt_end_off = 0;
939
940 /* Sanity check */
941 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_orig, size) == 0);
942
943 patch_feature_section(0, &fixup);
944 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_expected, size) == 0);
945 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_orig, size) != 0);
946}
947
948static void __init test_prefix_alt_patching(void)
949{
950 extern unsigned int ftr_fixup_prefix2[];
951 extern unsigned int end_ftr_fixup_prefix2[];
952 extern unsigned int ftr_fixup_prefix2_orig[];
953 extern unsigned int ftr_fixup_prefix2_expected[];
954 extern unsigned int ftr_fixup_prefix2_alt[];
955 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix2 - ftr_fixup_prefix2);
956
957 fixup.value = fixup.mask = 8;
958 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix2 + 1);
959 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix2 + 3);
960 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_prefix2_alt);
961 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_prefix2_alt + 2);
962 /* Sanity check */
963 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_orig, size) == 0);
964
965 patch_feature_section(0, &fixup);
966 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_expected, size) == 0);
967 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_orig, size) != 0);
968}
969
970static void __init test_prefix_word_alt_patching(void)
971{
972 extern unsigned int ftr_fixup_prefix3[];
973 extern unsigned int end_ftr_fixup_prefix3[];
974 extern unsigned int ftr_fixup_prefix3_orig[];
975 extern unsigned int ftr_fixup_prefix3_expected[];
976 extern unsigned int ftr_fixup_prefix3_alt[];
977 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix3 - ftr_fixup_prefix3);
978
979 fixup.value = fixup.mask = 8;
980 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix3 + 1);
981 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix3 + 4);
982 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_prefix3_alt);
983 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_prefix3_alt + 3);
984 /* Sanity check */
985 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_orig, size) == 0);
986
987 patch_feature_section(0, &fixup);
988 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_expected, size) == 0);
989 patch_feature_section(0, &fixup);
990 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_orig, size) != 0);
991}
992#else
993static inline void test_prefix_patching(void) {}
994static inline void test_prefix_alt_patching(void) {}
995static inline void test_prefix_word_alt_patching(void) {}
996#endif /* CONFIG_PPC64 */
997
998static int __init test_feature_fixups(void)
999{
1000 printk(KERN_DEBUG "Running feature fixup self-tests ...\n");
1001
1002 test_basic_patching();
1003 test_alternative_patching();
1004 test_alternative_case_too_big();
1005 test_alternative_case_too_small();
1006 test_alternative_case_with_branch();
1007 test_alternative_case_with_external_branch();
1008 test_alternative_case_with_branch_to_end();
1009 test_cpu_macros();
1010 test_fw_macros();
1011 test_lwsync_macros();
1012 test_prefix_patching();
1013 test_prefix_alt_patching();
1014 test_prefix_word_alt_patching();
1015
1016 return 0;
1017}
1018late_initcall(test_feature_fixups);
1019
1020#endif /* CONFIG_FTR_FIXUP_SELFTEST */