1/* SPDX-License-Identifier: GPL-2.0 */ 2#ifndef _ASM_X86_ALTERNATIVE_H 3#define _ASM_X86_ALTERNATIVE_H 4 5#include <linux/types.h> 6#include <linux/stringify.h> 7#include <asm/asm.h> 8 9#define ALT_FLAGS_SHIFT 16 10 11#define ALT_FLAG_NOT (1 << 0) 12#define ALT_NOT(feature) ((ALT_FLAG_NOT << ALT_FLAGS_SHIFT) | (feature)) 13#define ALT_FLAG_DIRECT_CALL (1 << 1) 14#define ALT_DIRECT_CALL(feature) ((ALT_FLAG_DIRECT_CALL << ALT_FLAGS_SHIFT) | (feature)) 15#define ALT_CALL_ALWAYS ALT_DIRECT_CALL(X86_FEATURE_ALWAYS) 16 17#ifndef __ASSEMBLY__ 18 19#include <linux/stddef.h> 20 21/* 22 * Alternative inline assembly for SMP. 23 * 24 * The LOCK_PREFIX macro defined here replaces the LOCK and 25 * LOCK_PREFIX macros used everywhere in the source tree. 26 * 27 * SMP alternatives use the same data structures as the other 28 * alternatives and the X86_FEATURE_UP flag to indicate the case of a 29 * UP system running a SMP kernel. The existing apply_alternatives() 30 * works fine for patching a SMP kernel for UP. 31 * 32 * The SMP alternative tables can be kept after boot and contain both 33 * UP and SMP versions of the instructions to allow switching back to 34 * SMP at runtime, when hotplugging in a new CPU, which is especially 35 * useful in virtualized environments. 36 * 37 * The very common lock prefix is handled as special case in a 38 * separate table which is a pure address list without replacement ptr 39 * and size information. That keeps the table sizes small. 40 */ 41 42#ifdef CONFIG_SMP 43#define LOCK_PREFIX_HERE \ 44 ".pushsection .smp_locks,\"a\"\n" \ 45 ".balign 4\n" \ 46 ".long 671f - .\n" /* offset */ \ 47 ".popsection\n" \ 48 "671:" 49 50#define LOCK_PREFIX LOCK_PREFIX_HERE "\n\tlock; " 51 52#else /* ! CONFIG_SMP */ 53#define LOCK_PREFIX_HERE "" 54#define LOCK_PREFIX "" 55#endif 56 57/* 58 * objtool annotation to ignore the alternatives and only consider the original 59 * instruction(s). 60 */ 61#define ANNOTATE_IGNORE_ALTERNATIVE \ 62 "999:\n\t" \ 63 ".pushsection .discard.ignore_alts\n\t" \ 64 ".long 999b\n\t" \ 65 ".popsection\n\t" 66 67/* 68 * The patching flags are part of the upper bits of the @ft_flags parameter when 69 * specifying them. The split is currently like this: 70 * 71 * [31... flags ...16][15... CPUID feature bit ...0] 72 * 73 * but since this is all hidden in the macros argument being split, those fields can be 74 * extended in the future to fit in a u64 or however the need arises. 75 */ 76struct alt_instr { 77 s32 instr_offset; /* original instruction */ 78 s32 repl_offset; /* offset to replacement instruction */ 79 80 union { 81 struct { 82 u32 cpuid: 16; /* CPUID bit set for replacement */ 83 u32 flags: 16; /* patching control flags */ 84 }; 85 u32 ft_flags; 86 }; 87 88 u8 instrlen; /* length of original instruction */ 89 u8 replacementlen; /* length of new instruction */ 90} __packed; 91 92extern struct alt_instr __alt_instructions[], __alt_instructions_end[]; 93 94/* 95 * Debug flag that can be tested to see whether alternative 96 * instructions were patched in already: 97 */ 98extern int alternatives_patched; 99 100extern void alternative_instructions(void); 101extern void apply_alternatives(struct alt_instr *start, struct alt_instr *end); 102extern void apply_retpolines(s32 *start, s32 *end); 103extern void apply_returns(s32 *start, s32 *end); 104extern void apply_seal_endbr(s32 *start, s32 *end); 105extern void apply_fineibt(s32 *start_retpoline, s32 *end_retpoine, 106 s32 *start_cfi, s32 *end_cfi); 107 108struct module; 109 110struct callthunk_sites { 111 s32 *call_start, *call_end; 112 struct alt_instr *alt_start, *alt_end; 113}; 114 115#ifdef CONFIG_CALL_THUNKS 116extern void callthunks_patch_builtin_calls(void); 117extern void callthunks_patch_module_calls(struct callthunk_sites *sites, 118 struct module *mod); 119extern void *callthunks_translate_call_dest(void *dest); 120extern int x86_call_depth_emit_accounting(u8 **pprog, void *func, void *ip); 121#else 122static __always_inline void callthunks_patch_builtin_calls(void) {} 123static __always_inline void 124callthunks_patch_module_calls(struct callthunk_sites *sites, 125 struct module *mod) {} 126static __always_inline void *callthunks_translate_call_dest(void *dest) 127{ 128 return dest; 129} 130static __always_inline int x86_call_depth_emit_accounting(u8 **pprog, 131 void *func, void *ip) 132{ 133 return 0; 134} 135#endif 136 137#ifdef CONFIG_SMP 138extern void alternatives_smp_module_add(struct module *mod, char *name, 139 void *locks, void *locks_end, 140 void *text, void *text_end); 141extern void alternatives_smp_module_del(struct module *mod); 142extern void alternatives_enable_smp(void); 143extern int alternatives_text_reserved(void *start, void *end); 144extern bool skip_smp_alternatives; 145#else 146static inline void alternatives_smp_module_add(struct module *mod, char *name, 147 void *locks, void *locks_end, 148 void *text, void *text_end) {} 149static inline void alternatives_smp_module_del(struct module *mod) {} 150static inline void alternatives_enable_smp(void) {} 151static inline int alternatives_text_reserved(void *start, void *end) 152{ 153 return 0; 154} 155#endif /* CONFIG_SMP */ 156 157#define ALT_CALL_INSTR "call BUG_func" 158 159#define b_replacement(num) "664"#num 160#define e_replacement(num) "665"#num 161 162#define alt_end_marker "663" 163#define alt_slen "662b-661b" 164#define alt_total_slen alt_end_marker"b-661b" 165#define alt_rlen(num) e_replacement(num)"f-"b_replacement(num)"f" 166 167#define OLDINSTR(oldinstr, num) \ 168 "# ALT: oldnstr\n" \ 169 "661:\n\t" oldinstr "\n662:\n" \ 170 "# ALT: padding\n" \ 171 ".skip -(((" alt_rlen(num) ")-(" alt_slen ")) > 0) * " \ 172 "((" alt_rlen(num) ")-(" alt_slen ")),0x90\n" \ 173 alt_end_marker ":\n" 174 175/* 176 * gas compatible max based on the idea from: 177 * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax 178 * 179 * The additional "-" is needed because gas uses a "true" value of -1. 180 */ 181#define alt_max_short(a, b) "((" a ") ^ (((" a ") ^ (" b ")) & -(-((" a ") < (" b ")))))" 182 183/* 184 * Pad the second replacement alternative with additional NOPs if it is 185 * additionally longer than the first replacement alternative. 186 */ 187#define OLDINSTR_2(oldinstr, num1, num2) \ 188 "# ALT: oldinstr2\n" \ 189 "661:\n\t" oldinstr "\n662:\n" \ 190 "# ALT: padding2\n" \ 191 ".skip -((" alt_max_short(alt_rlen(num1), alt_rlen(num2)) " - (" alt_slen ")) > 0) * " \ 192 "(" alt_max_short(alt_rlen(num1), alt_rlen(num2)) " - (" alt_slen ")), 0x90\n" \ 193 alt_end_marker ":\n" 194 195#define OLDINSTR_3(oldinsn, n1, n2, n3) \ 196 "# ALT: oldinstr3\n" \ 197 "661:\n\t" oldinsn "\n662:\n" \ 198 "# ALT: padding3\n" \ 199 ".skip -((" alt_max_short(alt_max_short(alt_rlen(n1), alt_rlen(n2)), alt_rlen(n3)) \ 200 " - (" alt_slen ")) > 0) * " \ 201 "(" alt_max_short(alt_max_short(alt_rlen(n1), alt_rlen(n2)), alt_rlen(n3)) \ 202 " - (" alt_slen ")), 0x90\n" \ 203 alt_end_marker ":\n" 204 205#define ALTINSTR_ENTRY(ft_flags, num) \ 206 " .long 661b - .\n" /* label */ \ 207 " .long " b_replacement(num)"f - .\n" /* new instruction */ \ 208 " .4byte " __stringify(ft_flags) "\n" /* feature + flags */ \ 209 " .byte " alt_total_slen "\n" /* source len */ \ 210 " .byte " alt_rlen(num) "\n" /* replacement len */ 211 212#define ALTINSTR_REPLACEMENT(newinstr, num) /* replacement */ \ 213 "# ALT: replacement " #num "\n" \ 214 b_replacement(num)":\n\t" newinstr "\n" e_replacement(num) ":\n" 215 216/* alternative assembly primitive: */ 217#define ALTERNATIVE(oldinstr, newinstr, ft_flags) \ 218 OLDINSTR(oldinstr, 1) \ 219 ".pushsection .altinstructions,\"a\"\n" \ 220 ALTINSTR_ENTRY(ft_flags, 1) \ 221 ".popsection\n" \ 222 ".pushsection .altinstr_replacement, \"ax\"\n" \ 223 ALTINSTR_REPLACEMENT(newinstr, 1) \ 224 ".popsection\n" 225 226#define ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \ 227 OLDINSTR_2(oldinstr, 1, 2) \ 228 ".pushsection .altinstructions,\"a\"\n" \ 229 ALTINSTR_ENTRY(ft_flags1, 1) \ 230 ALTINSTR_ENTRY(ft_flags2, 2) \ 231 ".popsection\n" \ 232 ".pushsection .altinstr_replacement, \"ax\"\n" \ 233 ALTINSTR_REPLACEMENT(newinstr1, 1) \ 234 ALTINSTR_REPLACEMENT(newinstr2, 2) \ 235 ".popsection\n" 236 237/* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */ 238#define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \ 239 ALTERNATIVE_2(oldinstr, newinstr_no, X86_FEATURE_ALWAYS, \ 240 newinstr_yes, ft_flags) 241 242#define ALTERNATIVE_3(oldinsn, newinsn1, ft_flags1, newinsn2, ft_flags2, \ 243 newinsn3, ft_flags3) \ 244 OLDINSTR_3(oldinsn, 1, 2, 3) \ 245 ".pushsection .altinstructions,\"a\"\n" \ 246 ALTINSTR_ENTRY(ft_flags1, 1) \ 247 ALTINSTR_ENTRY(ft_flags2, 2) \ 248 ALTINSTR_ENTRY(ft_flags3, 3) \ 249 ".popsection\n" \ 250 ".pushsection .altinstr_replacement, \"ax\"\n" \ 251 ALTINSTR_REPLACEMENT(newinsn1, 1) \ 252 ALTINSTR_REPLACEMENT(newinsn2, 2) \ 253 ALTINSTR_REPLACEMENT(newinsn3, 3) \ 254 ".popsection\n" 255 256/* 257 * Alternative instructions for different CPU types or capabilities. 258 * 259 * This allows to use optimized instructions even on generic binary 260 * kernels. 261 * 262 * length of oldinstr must be longer or equal the length of newinstr 263 * It can be padded with nops as needed. 264 * 265 * For non barrier like inlines please define new variants 266 * without volatile and memory clobber. 267 */ 268#define alternative(oldinstr, newinstr, ft_flags) \ 269 asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags) : : : "memory") 270 271#define alternative_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \ 272 asm_inline volatile(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) ::: "memory") 273 274#define alternative_ternary(oldinstr, ft_flags, newinstr_yes, newinstr_no) \ 275 asm_inline volatile(ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) ::: "memory") 276 277/* 278 * Alternative inline assembly with input. 279 * 280 * Peculiarities: 281 * No memory clobber here. 282 * Argument numbers start with 1. 283 * Leaving an unused argument 0 to keep API compatibility. 284 */ 285#define alternative_input(oldinstr, newinstr, ft_flags, input...) \ 286 asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags) \ 287 : : "i" (0), ## input) 288 289/* Like alternative_input, but with a single output argument */ 290#define alternative_io(oldinstr, newinstr, ft_flags, output, input...) \ 291 asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags) \ 292 : output : "i" (0), ## input) 293 294/* Like alternative_io, but for replacing a direct call with another one. */ 295#define alternative_call(oldfunc, newfunc, ft_flags, output, input...) \ 296 asm_inline volatile (ALTERNATIVE("call %c[old]", "call %c[new]", ft_flags) \ 297 : output : [old] "i" (oldfunc), [new] "i" (newfunc), ## input) 298 299/* 300 * Like alternative_call, but there are two features and respective functions. 301 * If CPU has feature2, function2 is used. 302 * Otherwise, if CPU has feature1, function1 is used. 303 * Otherwise, old function is used. 304 */ 305#define alternative_call_2(oldfunc, newfunc1, ft_flags1, newfunc2, ft_flags2, \ 306 output, input...) \ 307 asm_inline volatile (ALTERNATIVE_2("call %c[old]", "call %c[new1]", ft_flags1, \ 308 "call %c[new2]", ft_flags2) \ 309 : output, ASM_CALL_CONSTRAINT \ 310 : [old] "i" (oldfunc), [new1] "i" (newfunc1), \ 311 [new2] "i" (newfunc2), ## input) 312 313/* 314 * use this macro(s) if you need more than one output parameter 315 * in alternative_io 316 */ 317#define ASM_OUTPUT2(a...) a 318 319/* 320 * use this macro if you need clobbers but no inputs in 321 * alternative_{input,io,call}() 322 */ 323#define ASM_NO_INPUT_CLOBBER(clbr...) "i" (0) : clbr 324 325/* Macro for creating assembler functions avoiding any C magic. */ 326#define DEFINE_ASM_FUNC(func, instr, sec) \ 327 asm (".pushsection " #sec ", \"ax\"\n" \ 328 ".global " #func "\n\t" \ 329 ".type " #func ", @function\n\t" \ 330 ASM_FUNC_ALIGN "\n" \ 331 #func ":\n\t" \ 332 ASM_ENDBR \ 333 instr "\n\t" \ 334 ASM_RET \ 335 ".size " #func ", . - " #func "\n\t" \ 336 ".popsection") 337 338void BUG_func(void); 339void nop_func(void); 340 341#else /* __ASSEMBLY__ */ 342 343#ifdef CONFIG_SMP 344 .macro LOCK_PREFIX 345672: lock 346 .pushsection .smp_locks,"a" 347 .balign 4 348 .long 672b - . 349 .popsection 350 .endm 351#else 352 .macro LOCK_PREFIX 353 .endm 354#endif 355 356/* 357 * objtool annotation to ignore the alternatives and only consider the original 358 * instruction(s). 359 */ 360.macro ANNOTATE_IGNORE_ALTERNATIVE 361 .Lannotate_\@: 362 .pushsection .discard.ignore_alts 363 .long .Lannotate_\@ 364 .popsection 365.endm 366 367/* 368 * Issue one struct alt_instr descriptor entry (need to put it into 369 * the section .altinstructions, see below). This entry contains 370 * enough information for the alternatives patching code to patch an 371 * instruction. See apply_alternatives(). 372 */ 373.macro altinstr_entry orig alt ft_flags orig_len alt_len 374 .long \orig - . 375 .long \alt - . 376 .4byte \ft_flags 377 .byte \orig_len 378 .byte \alt_len 379.endm 380 381.macro ALT_CALL_INSTR 382 call BUG_func 383.endm 384 385/* 386 * Define an alternative between two instructions. If @feature is 387 * present, early code in apply_alternatives() replaces @oldinstr with 388 * @newinstr. ".skip" directive takes care of proper instruction padding 389 * in case @newinstr is longer than @oldinstr. 390 */ 391.macro ALTERNATIVE oldinstr, newinstr, ft_flags 392140: 393 \oldinstr 394141: 395 .skip -(((144f-143f)-(141b-140b)) > 0) * ((144f-143f)-(141b-140b)),0x90 396142: 397 398 .pushsection .altinstructions,"a" 399 altinstr_entry 140b,143f,\ft_flags,142b-140b,144f-143f 400 .popsection 401 402 .pushsection .altinstr_replacement,"ax" 403143: 404 \newinstr 405144: 406 .popsection 407.endm 408 409#define old_len 141b-140b 410#define new_len1 144f-143f 411#define new_len2 145f-144f 412#define new_len3 146f-145f 413 414/* 415 * gas compatible max based on the idea from: 416 * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax 417 * 418 * The additional "-" is needed because gas uses a "true" value of -1. 419 */ 420#define alt_max_2(a, b) ((a) ^ (((a) ^ (b)) & -(-((a) < (b))))) 421#define alt_max_3(a, b, c) (alt_max_2(alt_max_2(a, b), c)) 422 423 424/* 425 * Same as ALTERNATIVE macro above but for two alternatives. If CPU 426 * has @feature1, it replaces @oldinstr with @newinstr1. If CPU has 427 * @feature2, it replaces @oldinstr with @feature2. 428 */ 429.macro ALTERNATIVE_2 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2 430140: 431 \oldinstr 432141: 433 .skip -((alt_max_2(new_len1, new_len2) - (old_len)) > 0) * \ 434 (alt_max_2(new_len1, new_len2) - (old_len)),0x90 435142: 436 437 .pushsection .altinstructions,"a" 438 altinstr_entry 140b,143f,\ft_flags1,142b-140b,144f-143f 439 altinstr_entry 140b,144f,\ft_flags2,142b-140b,145f-144f 440 .popsection 441 442 .pushsection .altinstr_replacement,"ax" 443143: 444 \newinstr1 445144: 446 \newinstr2 447145: 448 .popsection 449.endm 450 451.macro ALTERNATIVE_3 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2, newinstr3, ft_flags3 452140: 453 \oldinstr 454141: 455 .skip -((alt_max_3(new_len1, new_len2, new_len3) - (old_len)) > 0) * \ 456 (alt_max_3(new_len1, new_len2, new_len3) - (old_len)),0x90 457142: 458 459 .pushsection .altinstructions,"a" 460 altinstr_entry 140b,143f,\ft_flags1,142b-140b,144f-143f 461 altinstr_entry 140b,144f,\ft_flags2,142b-140b,145f-144f 462 altinstr_entry 140b,145f,\ft_flags3,142b-140b,146f-145f 463 .popsection 464 465 .pushsection .altinstr_replacement,"ax" 466143: 467 \newinstr1 468144: 469 \newinstr2 470145: 471 \newinstr3 472146: 473 .popsection 474.endm 475 476/* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */ 477#define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \ 478 ALTERNATIVE_2 oldinstr, newinstr_no, X86_FEATURE_ALWAYS, \ 479 newinstr_yes, ft_flags 480 481#endif /* __ASSEMBLY__ */ 482 483#endif /* _ASM_X86_ALTERNATIVE_H */ 484