Loading...
1/* SPDX-License-Identifier: GPL-2.0 */
2#ifndef _ASM_X86_ALTERNATIVE_H
3#define _ASM_X86_ALTERNATIVE_H
4
5#include <linux/types.h>
6#include <linux/stringify.h>
7#include <asm/asm.h>
8
9#define ALT_FLAGS_SHIFT 16
10
11#define ALT_FLAG_NOT (1 << 0)
12#define ALT_NOT(feature) ((ALT_FLAG_NOT << ALT_FLAGS_SHIFT) | (feature))
13#define ALT_FLAG_DIRECT_CALL (1 << 1)
14#define ALT_DIRECT_CALL(feature) ((ALT_FLAG_DIRECT_CALL << ALT_FLAGS_SHIFT) | (feature))
15#define ALT_CALL_ALWAYS ALT_DIRECT_CALL(X86_FEATURE_ALWAYS)
16
17#ifndef __ASSEMBLY__
18
19#include <linux/stddef.h>
20
21/*
22 * Alternative inline assembly for SMP.
23 *
24 * The LOCK_PREFIX macro defined here replaces the LOCK and
25 * LOCK_PREFIX macros used everywhere in the source tree.
26 *
27 * SMP alternatives use the same data structures as the other
28 * alternatives and the X86_FEATURE_UP flag to indicate the case of a
29 * UP system running a SMP kernel. The existing apply_alternatives()
30 * works fine for patching a SMP kernel for UP.
31 *
32 * The SMP alternative tables can be kept after boot and contain both
33 * UP and SMP versions of the instructions to allow switching back to
34 * SMP at runtime, when hotplugging in a new CPU, which is especially
35 * useful in virtualized environments.
36 *
37 * The very common lock prefix is handled as special case in a
38 * separate table which is a pure address list without replacement ptr
39 * and size information. That keeps the table sizes small.
40 */
41
42#ifdef CONFIG_SMP
43#define LOCK_PREFIX_HERE \
44 ".pushsection .smp_locks,\"a\"\n" \
45 ".balign 4\n" \
46 ".long 671f - .\n" /* offset */ \
47 ".popsection\n" \
48 "671:"
49
50#define LOCK_PREFIX LOCK_PREFIX_HERE "\n\tlock; "
51
52#else /* ! CONFIG_SMP */
53#define LOCK_PREFIX_HERE ""
54#define LOCK_PREFIX ""
55#endif
56
57/*
58 * objtool annotation to ignore the alternatives and only consider the original
59 * instruction(s).
60 */
61#define ANNOTATE_IGNORE_ALTERNATIVE \
62 "999:\n\t" \
63 ".pushsection .discard.ignore_alts\n\t" \
64 ".long 999b\n\t" \
65 ".popsection\n\t"
66
67/*
68 * The patching flags are part of the upper bits of the @ft_flags parameter when
69 * specifying them. The split is currently like this:
70 *
71 * [31... flags ...16][15... CPUID feature bit ...0]
72 *
73 * but since this is all hidden in the macros argument being split, those fields can be
74 * extended in the future to fit in a u64 or however the need arises.
75 */
76struct alt_instr {
77 s32 instr_offset; /* original instruction */
78 s32 repl_offset; /* offset to replacement instruction */
79
80 union {
81 struct {
82 u32 cpuid: 16; /* CPUID bit set for replacement */
83 u32 flags: 16; /* patching control flags */
84 };
85 u32 ft_flags;
86 };
87
88 u8 instrlen; /* length of original instruction */
89 u8 replacementlen; /* length of new instruction */
90} __packed;
91
92extern struct alt_instr __alt_instructions[], __alt_instructions_end[];
93
94/*
95 * Debug flag that can be tested to see whether alternative
96 * instructions were patched in already:
97 */
98extern int alternatives_patched;
99
100extern void alternative_instructions(void);
101extern void apply_alternatives(struct alt_instr *start, struct alt_instr *end);
102extern void apply_retpolines(s32 *start, s32 *end);
103extern void apply_returns(s32 *start, s32 *end);
104extern void apply_seal_endbr(s32 *start, s32 *end);
105extern void apply_fineibt(s32 *start_retpoline, s32 *end_retpoine,
106 s32 *start_cfi, s32 *end_cfi);
107
108struct module;
109
110struct callthunk_sites {
111 s32 *call_start, *call_end;
112 struct alt_instr *alt_start, *alt_end;
113};
114
115#ifdef CONFIG_CALL_THUNKS
116extern void callthunks_patch_builtin_calls(void);
117extern void callthunks_patch_module_calls(struct callthunk_sites *sites,
118 struct module *mod);
119extern void *callthunks_translate_call_dest(void *dest);
120extern int x86_call_depth_emit_accounting(u8 **pprog, void *func, void *ip);
121#else
122static __always_inline void callthunks_patch_builtin_calls(void) {}
123static __always_inline void
124callthunks_patch_module_calls(struct callthunk_sites *sites,
125 struct module *mod) {}
126static __always_inline void *callthunks_translate_call_dest(void *dest)
127{
128 return dest;
129}
130static __always_inline int x86_call_depth_emit_accounting(u8 **pprog,
131 void *func, void *ip)
132{
133 return 0;
134}
135#endif
136
137#ifdef CONFIG_SMP
138extern void alternatives_smp_module_add(struct module *mod, char *name,
139 void *locks, void *locks_end,
140 void *text, void *text_end);
141extern void alternatives_smp_module_del(struct module *mod);
142extern void alternatives_enable_smp(void);
143extern int alternatives_text_reserved(void *start, void *end);
144extern bool skip_smp_alternatives;
145#else
146static inline void alternatives_smp_module_add(struct module *mod, char *name,
147 void *locks, void *locks_end,
148 void *text, void *text_end) {}
149static inline void alternatives_smp_module_del(struct module *mod) {}
150static inline void alternatives_enable_smp(void) {}
151static inline int alternatives_text_reserved(void *start, void *end)
152{
153 return 0;
154}
155#endif /* CONFIG_SMP */
156
157#define ALT_CALL_INSTR "call BUG_func"
158
159#define b_replacement(num) "664"#num
160#define e_replacement(num) "665"#num
161
162#define alt_end_marker "663"
163#define alt_slen "662b-661b"
164#define alt_total_slen alt_end_marker"b-661b"
165#define alt_rlen(num) e_replacement(num)"f-"b_replacement(num)"f"
166
167#define OLDINSTR(oldinstr, num) \
168 "# ALT: oldnstr\n" \
169 "661:\n\t" oldinstr "\n662:\n" \
170 "# ALT: padding\n" \
171 ".skip -(((" alt_rlen(num) ")-(" alt_slen ")) > 0) * " \
172 "((" alt_rlen(num) ")-(" alt_slen ")),0x90\n" \
173 alt_end_marker ":\n"
174
175/*
176 * gas compatible max based on the idea from:
177 * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
178 *
179 * The additional "-" is needed because gas uses a "true" value of -1.
180 */
181#define alt_max_short(a, b) "((" a ") ^ (((" a ") ^ (" b ")) & -(-((" a ") < (" b ")))))"
182
183/*
184 * Pad the second replacement alternative with additional NOPs if it is
185 * additionally longer than the first replacement alternative.
186 */
187#define OLDINSTR_2(oldinstr, num1, num2) \
188 "# ALT: oldinstr2\n" \
189 "661:\n\t" oldinstr "\n662:\n" \
190 "# ALT: padding2\n" \
191 ".skip -((" alt_max_short(alt_rlen(num1), alt_rlen(num2)) " - (" alt_slen ")) > 0) * " \
192 "(" alt_max_short(alt_rlen(num1), alt_rlen(num2)) " - (" alt_slen ")), 0x90\n" \
193 alt_end_marker ":\n"
194
195#define OLDINSTR_3(oldinsn, n1, n2, n3) \
196 "# ALT: oldinstr3\n" \
197 "661:\n\t" oldinsn "\n662:\n" \
198 "# ALT: padding3\n" \
199 ".skip -((" alt_max_short(alt_max_short(alt_rlen(n1), alt_rlen(n2)), alt_rlen(n3)) \
200 " - (" alt_slen ")) > 0) * " \
201 "(" alt_max_short(alt_max_short(alt_rlen(n1), alt_rlen(n2)), alt_rlen(n3)) \
202 " - (" alt_slen ")), 0x90\n" \
203 alt_end_marker ":\n"
204
205#define ALTINSTR_ENTRY(ft_flags, num) \
206 " .long 661b - .\n" /* label */ \
207 " .long " b_replacement(num)"f - .\n" /* new instruction */ \
208 " .4byte " __stringify(ft_flags) "\n" /* feature + flags */ \
209 " .byte " alt_total_slen "\n" /* source len */ \
210 " .byte " alt_rlen(num) "\n" /* replacement len */
211
212#define ALTINSTR_REPLACEMENT(newinstr, num) /* replacement */ \
213 "# ALT: replacement " #num "\n" \
214 b_replacement(num)":\n\t" newinstr "\n" e_replacement(num) ":\n"
215
216/* alternative assembly primitive: */
217#define ALTERNATIVE(oldinstr, newinstr, ft_flags) \
218 OLDINSTR(oldinstr, 1) \
219 ".pushsection .altinstructions,\"a\"\n" \
220 ALTINSTR_ENTRY(ft_flags, 1) \
221 ".popsection\n" \
222 ".pushsection .altinstr_replacement, \"ax\"\n" \
223 ALTINSTR_REPLACEMENT(newinstr, 1) \
224 ".popsection\n"
225
226#define ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \
227 OLDINSTR_2(oldinstr, 1, 2) \
228 ".pushsection .altinstructions,\"a\"\n" \
229 ALTINSTR_ENTRY(ft_flags1, 1) \
230 ALTINSTR_ENTRY(ft_flags2, 2) \
231 ".popsection\n" \
232 ".pushsection .altinstr_replacement, \"ax\"\n" \
233 ALTINSTR_REPLACEMENT(newinstr1, 1) \
234 ALTINSTR_REPLACEMENT(newinstr2, 2) \
235 ".popsection\n"
236
237/* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */
238#define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
239 ALTERNATIVE_2(oldinstr, newinstr_no, X86_FEATURE_ALWAYS, \
240 newinstr_yes, ft_flags)
241
242#define ALTERNATIVE_3(oldinsn, newinsn1, ft_flags1, newinsn2, ft_flags2, \
243 newinsn3, ft_flags3) \
244 OLDINSTR_3(oldinsn, 1, 2, 3) \
245 ".pushsection .altinstructions,\"a\"\n" \
246 ALTINSTR_ENTRY(ft_flags1, 1) \
247 ALTINSTR_ENTRY(ft_flags2, 2) \
248 ALTINSTR_ENTRY(ft_flags3, 3) \
249 ".popsection\n" \
250 ".pushsection .altinstr_replacement, \"ax\"\n" \
251 ALTINSTR_REPLACEMENT(newinsn1, 1) \
252 ALTINSTR_REPLACEMENT(newinsn2, 2) \
253 ALTINSTR_REPLACEMENT(newinsn3, 3) \
254 ".popsection\n"
255
256/*
257 * Alternative instructions for different CPU types or capabilities.
258 *
259 * This allows to use optimized instructions even on generic binary
260 * kernels.
261 *
262 * length of oldinstr must be longer or equal the length of newinstr
263 * It can be padded with nops as needed.
264 *
265 * For non barrier like inlines please define new variants
266 * without volatile and memory clobber.
267 */
268#define alternative(oldinstr, newinstr, ft_flags) \
269 asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags) : : : "memory")
270
271#define alternative_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \
272 asm_inline volatile(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) ::: "memory")
273
274#define alternative_ternary(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
275 asm_inline volatile(ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) ::: "memory")
276
277/*
278 * Alternative inline assembly with input.
279 *
280 * Peculiarities:
281 * No memory clobber here.
282 * Argument numbers start with 1.
283 * Leaving an unused argument 0 to keep API compatibility.
284 */
285#define alternative_input(oldinstr, newinstr, ft_flags, input...) \
286 asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags) \
287 : : "i" (0), ## input)
288
289/*
290 * This is similar to alternative_input. But it has two features and
291 * respective instructions.
292 *
293 * If CPU has feature2, newinstr2 is used.
294 * Otherwise, if CPU has feature1, newinstr1 is used.
295 * Otherwise, oldinstr is used.
296 */
297#define alternative_input_2(oldinstr, newinstr1, ft_flags1, newinstr2, \
298 ft_flags2, input...) \
299 asm_inline volatile(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, \
300 newinstr2, ft_flags2) \
301 : : "i" (0), ## input)
302
303/* Like alternative_input, but with a single output argument */
304#define alternative_io(oldinstr, newinstr, ft_flags, output, input...) \
305 asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags) \
306 : output : "i" (0), ## input)
307
308/* Like alternative_io, but for replacing a direct call with another one. */
309#define alternative_call(oldfunc, newfunc, ft_flags, output, input...) \
310 asm_inline volatile (ALTERNATIVE("call %P[old]", "call %P[new]", ft_flags) \
311 : output : [old] "i" (oldfunc), [new] "i" (newfunc), ## input)
312
313/*
314 * Like alternative_call, but there are two features and respective functions.
315 * If CPU has feature2, function2 is used.
316 * Otherwise, if CPU has feature1, function1 is used.
317 * Otherwise, old function is used.
318 */
319#define alternative_call_2(oldfunc, newfunc1, ft_flags1, newfunc2, ft_flags2, \
320 output, input...) \
321 asm_inline volatile (ALTERNATIVE_2("call %P[old]", "call %P[new1]", ft_flags1,\
322 "call %P[new2]", ft_flags2) \
323 : output, ASM_CALL_CONSTRAINT \
324 : [old] "i" (oldfunc), [new1] "i" (newfunc1), \
325 [new2] "i" (newfunc2), ## input)
326
327/*
328 * use this macro(s) if you need more than one output parameter
329 * in alternative_io
330 */
331#define ASM_OUTPUT2(a...) a
332
333/*
334 * use this macro if you need clobbers but no inputs in
335 * alternative_{input,io,call}()
336 */
337#define ASM_NO_INPUT_CLOBBER(clbr...) "i" (0) : clbr
338
339/* Macro for creating assembler functions avoiding any C magic. */
340#define DEFINE_ASM_FUNC(func, instr, sec) \
341 asm (".pushsection " #sec ", \"ax\"\n" \
342 ".global " #func "\n\t" \
343 ".type " #func ", @function\n\t" \
344 ASM_FUNC_ALIGN "\n" \
345 #func ":\n\t" \
346 ASM_ENDBR \
347 instr "\n\t" \
348 ASM_RET \
349 ".size " #func ", . - " #func "\n\t" \
350 ".popsection")
351
352void BUG_func(void);
353void nop_func(void);
354
355#else /* __ASSEMBLY__ */
356
357#ifdef CONFIG_SMP
358 .macro LOCK_PREFIX
359672: lock
360 .pushsection .smp_locks,"a"
361 .balign 4
362 .long 672b - .
363 .popsection
364 .endm
365#else
366 .macro LOCK_PREFIX
367 .endm
368#endif
369
370/*
371 * objtool annotation to ignore the alternatives and only consider the original
372 * instruction(s).
373 */
374.macro ANNOTATE_IGNORE_ALTERNATIVE
375 .Lannotate_\@:
376 .pushsection .discard.ignore_alts
377 .long .Lannotate_\@
378 .popsection
379.endm
380
381/*
382 * Issue one struct alt_instr descriptor entry (need to put it into
383 * the section .altinstructions, see below). This entry contains
384 * enough information for the alternatives patching code to patch an
385 * instruction. See apply_alternatives().
386 */
387.macro altinstr_entry orig alt ft_flags orig_len alt_len
388 .long \orig - .
389 .long \alt - .
390 .4byte \ft_flags
391 .byte \orig_len
392 .byte \alt_len
393.endm
394
395.macro ALT_CALL_INSTR
396 call BUG_func
397.endm
398
399/*
400 * Define an alternative between two instructions. If @feature is
401 * present, early code in apply_alternatives() replaces @oldinstr with
402 * @newinstr. ".skip" directive takes care of proper instruction padding
403 * in case @newinstr is longer than @oldinstr.
404 */
405.macro ALTERNATIVE oldinstr, newinstr, ft_flags
406140:
407 \oldinstr
408141:
409 .skip -(((144f-143f)-(141b-140b)) > 0) * ((144f-143f)-(141b-140b)),0x90
410142:
411
412 .pushsection .altinstructions,"a"
413 altinstr_entry 140b,143f,\ft_flags,142b-140b,144f-143f
414 .popsection
415
416 .pushsection .altinstr_replacement,"ax"
417143:
418 \newinstr
419144:
420 .popsection
421.endm
422
423#define old_len 141b-140b
424#define new_len1 144f-143f
425#define new_len2 145f-144f
426#define new_len3 146f-145f
427
428/*
429 * gas compatible max based on the idea from:
430 * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
431 *
432 * The additional "-" is needed because gas uses a "true" value of -1.
433 */
434#define alt_max_2(a, b) ((a) ^ (((a) ^ (b)) & -(-((a) < (b)))))
435#define alt_max_3(a, b, c) (alt_max_2(alt_max_2(a, b), c))
436
437
438/*
439 * Same as ALTERNATIVE macro above but for two alternatives. If CPU
440 * has @feature1, it replaces @oldinstr with @newinstr1. If CPU has
441 * @feature2, it replaces @oldinstr with @feature2.
442 */
443.macro ALTERNATIVE_2 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2
444140:
445 \oldinstr
446141:
447 .skip -((alt_max_2(new_len1, new_len2) - (old_len)) > 0) * \
448 (alt_max_2(new_len1, new_len2) - (old_len)),0x90
449142:
450
451 .pushsection .altinstructions,"a"
452 altinstr_entry 140b,143f,\ft_flags1,142b-140b,144f-143f
453 altinstr_entry 140b,144f,\ft_flags2,142b-140b,145f-144f
454 .popsection
455
456 .pushsection .altinstr_replacement,"ax"
457143:
458 \newinstr1
459144:
460 \newinstr2
461145:
462 .popsection
463.endm
464
465.macro ALTERNATIVE_3 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2, newinstr3, ft_flags3
466140:
467 \oldinstr
468141:
469 .skip -((alt_max_3(new_len1, new_len2, new_len3) - (old_len)) > 0) * \
470 (alt_max_3(new_len1, new_len2, new_len3) - (old_len)),0x90
471142:
472
473 .pushsection .altinstructions,"a"
474 altinstr_entry 140b,143f,\ft_flags1,142b-140b,144f-143f
475 altinstr_entry 140b,144f,\ft_flags2,142b-140b,145f-144f
476 altinstr_entry 140b,145f,\ft_flags3,142b-140b,146f-145f
477 .popsection
478
479 .pushsection .altinstr_replacement,"ax"
480143:
481 \newinstr1
482144:
483 \newinstr2
484145:
485 \newinstr3
486146:
487 .popsection
488.endm
489
490/* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */
491#define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
492 ALTERNATIVE_2 oldinstr, newinstr_no, X86_FEATURE_ALWAYS, \
493 newinstr_yes, ft_flags
494
495#endif /* __ASSEMBLY__ */
496
497#endif /* _ASM_X86_ALTERNATIVE_H */