1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Copyright (C) 2001 Ben. Herrenschmidt (benh@kernel.crashing.org) 4 * 5 * Modifications for ppc64: 6 * Copyright (C) 2003 Dave Engebretsen <engebret@us.ibm.com> 7 * 8 * Copyright 2008 Michael Ellerman, IBM Corporation. 9 */ 10 11 #include <linux/types.h> 12 #include <linux/jump_label.h> 13 #include <linux/kernel.h> 14 #include <linux/string.h> 15 #include <linux/init.h> 16 #include <linux/sched/mm.h> 17 #include <linux/stop_machine.h> 18 #include <asm/cputable.h> 19 #include <asm/code-patching.h> 20 #include <asm/interrupt.h> 21 #include <asm/page.h> 22 #include <asm/sections.h> 23 #include <asm/setup.h> 24 #include <asm/security_features.h> 25 #include <asm/firmware.h> 26 #include <asm/inst.h> 27 28 /* 29 * Used to generate warnings if mmu or cpu feature check functions that 30 * use static keys before they are initialized. 31 */ 32 bool static_key_feature_checks_initialized __read_mostly; 33 EXPORT_SYMBOL_GPL(static_key_feature_checks_initialized); 34 35 struct fixup_entry { 36 unsigned long mask; 37 unsigned long value; 38 long start_off; 39 long end_off; 40 long alt_start_off; 41 long alt_end_off; 42 }; 43 calc_addr(struct fixup_entry * fcur,long offset)44 static u32 *calc_addr(struct fixup_entry *fcur, long offset) 45 { 46 /* 47 * We store the offset to the code as a negative offset from 48 * the start of the alt_entry, to support the VDSO. This 49 * routine converts that back into an actual address. 50 */ 51 return (u32 *)((unsigned long)fcur + offset); 52 } 53 patch_alt_instruction(u32 * src,u32 * dest,u32 * alt_start,u32 * alt_end)54 static int patch_alt_instruction(u32 *src, u32 *dest, u32 *alt_start, u32 *alt_end) 55 { 56 int err; 57 ppc_inst_t instr; 58 59 instr = ppc_inst_read(src); 60 61 if (instr_is_relative_branch(ppc_inst_read(src))) { 62 u32 *target = (u32 *)branch_target(src); 63 64 /* Branch within the section doesn't need translating */ 65 if (target < alt_start || target > alt_end) { 66 err = translate_branch(&instr, dest, src); 67 if (err) 68 return 1; 69 } 70 } 71 72 raw_patch_instruction(dest, instr); 73 74 return 0; 75 } 76 patch_feature_section_mask(unsigned long value,unsigned long mask,struct fixup_entry * fcur)77 static int patch_feature_section_mask(unsigned long value, unsigned long mask, 78 struct fixup_entry *fcur) 79 { 80 u32 *start, *end, *alt_start, *alt_end, *src, *dest; 81 82 start = calc_addr(fcur, fcur->start_off); 83 end = calc_addr(fcur, fcur->end_off); 84 alt_start = calc_addr(fcur, fcur->alt_start_off); 85 alt_end = calc_addr(fcur, fcur->alt_end_off); 86 87 if ((alt_end - alt_start) > (end - start)) 88 return 1; 89 90 if ((value & fcur->mask & mask) == (fcur->value & mask)) 91 return 0; 92 93 src = alt_start; 94 dest = start; 95 96 for (; src < alt_end; src = ppc_inst_next(src, src), 97 dest = ppc_inst_next(dest, dest)) { 98 if (patch_alt_instruction(src, dest, alt_start, alt_end)) 99 return 1; 100 } 101 102 for (; dest < end; dest++) 103 raw_patch_instruction(dest, ppc_inst(PPC_RAW_NOP())); 104 105 return 0; 106 } 107 do_feature_fixups_mask(unsigned long value,unsigned long mask,void * fixup_start,void * fixup_end)108 static void do_feature_fixups_mask(unsigned long value, unsigned long mask, 109 void *fixup_start, void *fixup_end) 110 { 111 struct fixup_entry *fcur, *fend; 112 113 fcur = fixup_start; 114 fend = fixup_end; 115 116 for (; fcur < fend; fcur++) { 117 if (patch_feature_section_mask(value, mask, fcur)) { 118 WARN_ON(1); 119 printk("Unable to patch feature section at %p - %p" \ 120 " with %p - %p\n", 121 calc_addr(fcur, fcur->start_off), 122 calc_addr(fcur, fcur->end_off), 123 calc_addr(fcur, fcur->alt_start_off), 124 calc_addr(fcur, fcur->alt_end_off)); 125 } 126 } 127 } 128 do_feature_fixups(unsigned long value,void * fixup_start,void * fixup_end)129 void do_feature_fixups(unsigned long value, void *fixup_start, void *fixup_end) 130 { 131 do_feature_fixups_mask(value, ~0, fixup_start, fixup_end); 132 } 133 134 #ifdef CONFIG_PPC_BARRIER_NOSPEC is_fixup_addr_valid(void * dest,size_t size)135 static bool is_fixup_addr_valid(void *dest, size_t size) 136 { 137 return system_state < SYSTEM_FREEING_INITMEM || 138 !init_section_contains(dest, size); 139 } 140 do_patch_fixups(long * start,long * end,unsigned int * instrs,int num)141 static int do_patch_fixups(long *start, long *end, unsigned int *instrs, int num) 142 { 143 int i; 144 145 for (i = 0; start < end; start++, i++) { 146 int j; 147 unsigned int *dest = (void *)start + *start; 148 149 if (!is_fixup_addr_valid(dest, sizeof(*instrs) * num)) 150 continue; 151 152 pr_devel("patching dest %lx\n", (unsigned long)dest); 153 154 for (j = 0; j < num; j++) 155 patch_instruction(dest + j, ppc_inst(instrs[j])); 156 } 157 return i; 158 } 159 #endif 160 161 #ifdef CONFIG_PPC_BOOK3S_64 do_patch_entry_fixups(long * start,long * end,unsigned int * instrs,bool do_fallback,void * fallback)162 static int do_patch_entry_fixups(long *start, long *end, unsigned int *instrs, 163 bool do_fallback, void *fallback) 164 { 165 int i; 166 167 for (i = 0; start < end; start++, i++) { 168 unsigned int *dest = (void *)start + *start; 169 170 if (!is_fixup_addr_valid(dest, sizeof(*instrs) * 3)) 171 continue; 172 173 pr_devel("patching dest %lx\n", (unsigned long)dest); 174 175 // See comment in do_entry_flush_fixups() RE order of patching 176 if (do_fallback) { 177 patch_instruction(dest, ppc_inst(instrs[0])); 178 patch_instruction(dest + 2, ppc_inst(instrs[2])); 179 patch_branch(dest + 1, (unsigned long)fallback, BRANCH_SET_LINK); 180 } else { 181 patch_instruction(dest + 1, ppc_inst(instrs[1])); 182 patch_instruction(dest + 2, ppc_inst(instrs[2])); 183 patch_instruction(dest, ppc_inst(instrs[0])); 184 } 185 } 186 return i; 187 } 188 do_stf_entry_barrier_fixups(enum stf_barrier_type types)189 static void do_stf_entry_barrier_fixups(enum stf_barrier_type types) 190 { 191 unsigned int instrs[3]; 192 long *start, *end; 193 int i; 194 195 start = PTRRELOC(&__start___stf_entry_barrier_fixup); 196 end = PTRRELOC(&__stop___stf_entry_barrier_fixup); 197 198 instrs[0] = PPC_RAW_NOP(); 199 instrs[1] = PPC_RAW_NOP(); 200 instrs[2] = PPC_RAW_NOP(); 201 202 i = 0; 203 if (types & STF_BARRIER_FALLBACK) { 204 instrs[i++] = PPC_RAW_MFLR(_R10); 205 instrs[i++] = PPC_RAW_NOP(); /* branch patched below */ 206 instrs[i++] = PPC_RAW_MTLR(_R10); 207 } else if (types & STF_BARRIER_EIEIO) { 208 instrs[i++] = PPC_RAW_EIEIO() | 0x02000000; /* eieio + bit 6 hint */ 209 } else if (types & STF_BARRIER_SYNC_ORI) { 210 instrs[i++] = PPC_RAW_SYNC(); 211 instrs[i++] = PPC_RAW_LD(_R10, _R13, 0); 212 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */ 213 } 214 215 i = do_patch_entry_fixups(start, end, instrs, types & STF_BARRIER_FALLBACK, 216 &stf_barrier_fallback); 217 218 printk(KERN_DEBUG "stf-barrier: patched %d entry locations (%s barrier)\n", i, 219 (types == STF_BARRIER_NONE) ? "no" : 220 (types == STF_BARRIER_FALLBACK) ? "fallback" : 221 (types == STF_BARRIER_EIEIO) ? "eieio" : 222 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync" 223 : "unknown"); 224 } 225 do_stf_exit_barrier_fixups(enum stf_barrier_type types)226 static void do_stf_exit_barrier_fixups(enum stf_barrier_type types) 227 { 228 unsigned int instrs[6]; 229 long *start, *end; 230 int i; 231 232 start = PTRRELOC(&__start___stf_exit_barrier_fixup); 233 end = PTRRELOC(&__stop___stf_exit_barrier_fixup); 234 235 instrs[0] = PPC_RAW_NOP(); 236 instrs[1] = PPC_RAW_NOP(); 237 instrs[2] = PPC_RAW_NOP(); 238 instrs[3] = PPC_RAW_NOP(); 239 instrs[4] = PPC_RAW_NOP(); 240 instrs[5] = PPC_RAW_NOP(); 241 242 i = 0; 243 if (types & STF_BARRIER_FALLBACK || types & STF_BARRIER_SYNC_ORI) { 244 if (cpu_has_feature(CPU_FTR_HVMODE)) { 245 instrs[i++] = PPC_RAW_MTSPR(SPRN_HSPRG1, _R13); 246 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_HSPRG0); 247 } else { 248 instrs[i++] = PPC_RAW_MTSPR(SPRN_SPRG2, _R13); 249 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_SPRG1); 250 } 251 instrs[i++] = PPC_RAW_SYNC(); 252 instrs[i++] = PPC_RAW_LD(_R13, _R13, 0); 253 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */ 254 if (cpu_has_feature(CPU_FTR_HVMODE)) 255 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_HSPRG1); 256 else 257 instrs[i++] = PPC_RAW_MFSPR(_R13, SPRN_SPRG2); 258 } else if (types & STF_BARRIER_EIEIO) { 259 instrs[i++] = PPC_RAW_EIEIO() | 0x02000000; /* eieio + bit 6 hint */ 260 } 261 262 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs)); 263 264 printk(KERN_DEBUG "stf-barrier: patched %d exit locations (%s barrier)\n", i, 265 (types == STF_BARRIER_NONE) ? "no" : 266 (types == STF_BARRIER_FALLBACK) ? "fallback" : 267 (types == STF_BARRIER_EIEIO) ? "eieio" : 268 (types == (STF_BARRIER_SYNC_ORI)) ? "hwsync" 269 : "unknown"); 270 } 271 272 static bool stf_exit_reentrant = false; 273 static bool rfi_exit_reentrant = false; 274 static DEFINE_MUTEX(exit_flush_lock); 275 __do_stf_barrier_fixups(void * data)276 static int __do_stf_barrier_fixups(void *data) 277 { 278 enum stf_barrier_type *types = data; 279 280 do_stf_entry_barrier_fixups(*types); 281 do_stf_exit_barrier_fixups(*types); 282 283 return 0; 284 } 285 do_stf_barrier_fixups(enum stf_barrier_type types)286 void do_stf_barrier_fixups(enum stf_barrier_type types) 287 { 288 /* 289 * The call to the fallback entry flush, and the fallback/sync-ori exit 290 * flush can not be safely patched in/out while other CPUs are 291 * executing them. So call __do_stf_barrier_fixups() on one CPU while 292 * all other CPUs spin in the stop machine core with interrupts hard 293 * disabled. 294 * 295 * The branch to mark interrupt exits non-reentrant is enabled first, 296 * then stop_machine runs which will ensure all CPUs are out of the 297 * low level interrupt exit code before patching. After the patching, 298 * if allowed, then flip the branch to allow fast exits. 299 */ 300 301 // Prevent static key update races with do_rfi_flush_fixups() 302 mutex_lock(&exit_flush_lock); 303 static_branch_enable(&interrupt_exit_not_reentrant); 304 305 stop_machine(__do_stf_barrier_fixups, &types, NULL); 306 307 if ((types & STF_BARRIER_FALLBACK) || (types & STF_BARRIER_SYNC_ORI)) 308 stf_exit_reentrant = false; 309 else 310 stf_exit_reentrant = true; 311 312 if (stf_exit_reentrant && rfi_exit_reentrant) 313 static_branch_disable(&interrupt_exit_not_reentrant); 314 315 mutex_unlock(&exit_flush_lock); 316 } 317 do_uaccess_flush_fixups(enum l1d_flush_type types)318 void do_uaccess_flush_fixups(enum l1d_flush_type types) 319 { 320 unsigned int instrs[4]; 321 long *start, *end; 322 int i; 323 324 start = PTRRELOC(&__start___uaccess_flush_fixup); 325 end = PTRRELOC(&__stop___uaccess_flush_fixup); 326 327 instrs[0] = PPC_RAW_NOP(); 328 instrs[1] = PPC_RAW_NOP(); 329 instrs[2] = PPC_RAW_NOP(); 330 instrs[3] = PPC_RAW_BLR(); 331 332 i = 0; 333 if (types == L1D_FLUSH_FALLBACK) { 334 instrs[3] = PPC_RAW_NOP(); 335 /* fallthrough to fallback flush */ 336 } 337 338 if (types & L1D_FLUSH_ORI) { 339 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */ 340 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */ 341 } 342 343 if (types & L1D_FLUSH_MTTRIG) 344 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0); 345 346 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs)); 347 348 printk(KERN_DEBUG "uaccess-flush: patched %d locations (%s flush)\n", i, 349 (types == L1D_FLUSH_NONE) ? "no" : 350 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" : 351 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG) 352 ? "ori+mttrig type" 353 : "ori type" : 354 (types & L1D_FLUSH_MTTRIG) ? "mttrig type" 355 : "unknown"); 356 } 357 __do_entry_flush_fixups(void * data)358 static int __do_entry_flush_fixups(void *data) 359 { 360 enum l1d_flush_type types = *(enum l1d_flush_type *)data; 361 unsigned int instrs[3]; 362 long *start, *end; 363 int i; 364 365 instrs[0] = PPC_RAW_NOP(); 366 instrs[1] = PPC_RAW_NOP(); 367 instrs[2] = PPC_RAW_NOP(); 368 369 i = 0; 370 if (types == L1D_FLUSH_FALLBACK) { 371 instrs[i++] = PPC_RAW_MFLR(_R10); 372 instrs[i++] = PPC_RAW_NOP(); /* branch patched below */ 373 instrs[i++] = PPC_RAW_MTLR(_R10); 374 } 375 376 if (types & L1D_FLUSH_ORI) { 377 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */ 378 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */ 379 } 380 381 if (types & L1D_FLUSH_MTTRIG) 382 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0); 383 384 /* 385 * If we're patching in or out the fallback flush we need to be careful about the 386 * order in which we patch instructions. That's because it's possible we could 387 * take a page fault after patching one instruction, so the sequence of 388 * instructions must be safe even in a half patched state. 389 * 390 * To make that work, when patching in the fallback flush we patch in this order: 391 * - the mflr (dest) 392 * - the mtlr (dest + 2) 393 * - the branch (dest + 1) 394 * 395 * That ensures the sequence is safe to execute at any point. In contrast if we 396 * patch the mtlr last, it's possible we could return from the branch and not 397 * restore LR, leading to a crash later. 398 * 399 * When patching out the fallback flush (either with nops or another flush type), 400 * we patch in this order: 401 * - the branch (dest + 1) 402 * - the mtlr (dest + 2) 403 * - the mflr (dest) 404 * 405 * Note we are protected by stop_machine() from other CPUs executing the code in a 406 * semi-patched state. 407 */ 408 409 start = PTRRELOC(&__start___entry_flush_fixup); 410 end = PTRRELOC(&__stop___entry_flush_fixup); 411 i = do_patch_entry_fixups(start, end, instrs, types == L1D_FLUSH_FALLBACK, 412 &entry_flush_fallback); 413 414 start = PTRRELOC(&__start___scv_entry_flush_fixup); 415 end = PTRRELOC(&__stop___scv_entry_flush_fixup); 416 i += do_patch_entry_fixups(start, end, instrs, types == L1D_FLUSH_FALLBACK, 417 &scv_entry_flush_fallback); 418 419 printk(KERN_DEBUG "entry-flush: patched %d locations (%s flush)\n", i, 420 (types == L1D_FLUSH_NONE) ? "no" : 421 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" : 422 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG) 423 ? "ori+mttrig type" 424 : "ori type" : 425 (types & L1D_FLUSH_MTTRIG) ? "mttrig type" 426 : "unknown"); 427 428 return 0; 429 } 430 do_entry_flush_fixups(enum l1d_flush_type types)431 void do_entry_flush_fixups(enum l1d_flush_type types) 432 { 433 /* 434 * The call to the fallback flush can not be safely patched in/out while 435 * other CPUs are executing it. So call __do_entry_flush_fixups() on one 436 * CPU while all other CPUs spin in the stop machine core with interrupts 437 * hard disabled. 438 */ 439 stop_machine(__do_entry_flush_fixups, &types, NULL); 440 } 441 __do_rfi_flush_fixups(void * data)442 static int __do_rfi_flush_fixups(void *data) 443 { 444 enum l1d_flush_type types = *(enum l1d_flush_type *)data; 445 unsigned int instrs[3]; 446 long *start, *end; 447 int i; 448 449 start = PTRRELOC(&__start___rfi_flush_fixup); 450 end = PTRRELOC(&__stop___rfi_flush_fixup); 451 452 instrs[0] = PPC_RAW_NOP(); 453 instrs[1] = PPC_RAW_NOP(); 454 instrs[2] = PPC_RAW_NOP(); 455 456 if (types & L1D_FLUSH_FALLBACK) 457 /* b .+16 to fallback flush */ 458 instrs[0] = PPC_RAW_BRANCH(16); 459 460 i = 0; 461 if (types & L1D_FLUSH_ORI) { 462 instrs[i++] = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */ 463 instrs[i++] = PPC_RAW_ORI(_R30, _R30, 0); /* L1d flush */ 464 } 465 466 if (types & L1D_FLUSH_MTTRIG) 467 instrs[i++] = PPC_RAW_MTSPR(SPRN_TRIG2, _R0); 468 469 i = do_patch_fixups(start, end, instrs, ARRAY_SIZE(instrs)); 470 471 printk(KERN_DEBUG "rfi-flush: patched %d locations (%s flush)\n", i, 472 (types == L1D_FLUSH_NONE) ? "no" : 473 (types == L1D_FLUSH_FALLBACK) ? "fallback displacement" : 474 (types & L1D_FLUSH_ORI) ? (types & L1D_FLUSH_MTTRIG) 475 ? "ori+mttrig type" 476 : "ori type" : 477 (types & L1D_FLUSH_MTTRIG) ? "mttrig type" 478 : "unknown"); 479 480 return 0; 481 } 482 do_rfi_flush_fixups(enum l1d_flush_type types)483 void do_rfi_flush_fixups(enum l1d_flush_type types) 484 { 485 /* 486 * stop_machine gets all CPUs out of the interrupt exit handler same 487 * as do_stf_barrier_fixups. do_rfi_flush_fixups patching can run 488 * without stop_machine, so this could be achieved with a broadcast 489 * IPI instead, but this matches the stf sequence. 490 */ 491 492 // Prevent static key update races with do_stf_barrier_fixups() 493 mutex_lock(&exit_flush_lock); 494 static_branch_enable(&interrupt_exit_not_reentrant); 495 496 stop_machine(__do_rfi_flush_fixups, &types, NULL); 497 498 if (types & L1D_FLUSH_FALLBACK) 499 rfi_exit_reentrant = false; 500 else 501 rfi_exit_reentrant = true; 502 503 if (stf_exit_reentrant && rfi_exit_reentrant) 504 static_branch_disable(&interrupt_exit_not_reentrant); 505 506 mutex_unlock(&exit_flush_lock); 507 } 508 do_barrier_nospec_fixups_range(bool enable,void * fixup_start,void * fixup_end)509 void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end) 510 { 511 unsigned int instr; 512 long *start, *end; 513 int i; 514 515 start = fixup_start; 516 end = fixup_end; 517 518 instr = PPC_RAW_NOP(); 519 520 if (enable) { 521 pr_info("barrier-nospec: using ORI speculation barrier\n"); 522 instr = PPC_RAW_ORI(_R31, _R31, 0); /* speculation barrier */ 523 } 524 525 i = do_patch_fixups(start, end, &instr, 1); 526 527 printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i); 528 } 529 530 #endif /* CONFIG_PPC_BOOK3S_64 */ 531 532 #ifdef CONFIG_PPC_BARRIER_NOSPEC do_barrier_nospec_fixups(bool enable)533 void do_barrier_nospec_fixups(bool enable) 534 { 535 void *start, *end; 536 537 start = PTRRELOC(&__start___barrier_nospec_fixup); 538 end = PTRRELOC(&__stop___barrier_nospec_fixup); 539 540 do_barrier_nospec_fixups_range(enable, start, end); 541 } 542 #endif /* CONFIG_PPC_BARRIER_NOSPEC */ 543 544 #ifdef CONFIG_PPC_E500 do_barrier_nospec_fixups_range(bool enable,void * fixup_start,void * fixup_end)545 void do_barrier_nospec_fixups_range(bool enable, void *fixup_start, void *fixup_end) 546 { 547 unsigned int instr[2]; 548 long *start, *end; 549 int i; 550 551 start = fixup_start; 552 end = fixup_end; 553 554 instr[0] = PPC_RAW_NOP(); 555 instr[1] = PPC_RAW_NOP(); 556 557 if (enable) { 558 pr_info("barrier-nospec: using isync; sync as speculation barrier\n"); 559 instr[0] = PPC_RAW_ISYNC(); 560 instr[1] = PPC_RAW_SYNC(); 561 } 562 563 i = do_patch_fixups(start, end, instr, ARRAY_SIZE(instr)); 564 565 printk(KERN_DEBUG "barrier-nospec: patched %d locations\n", i); 566 } 567 patch_btb_flush_section(long * curr)568 static void __init patch_btb_flush_section(long *curr) 569 { 570 unsigned int *start, *end; 571 572 start = (void *)curr + *curr; 573 end = (void *)curr + *(curr + 1); 574 for (; start < end; start++) { 575 pr_devel("patching dest %lx\n", (unsigned long)start); 576 patch_instruction(start, ppc_inst(PPC_RAW_NOP())); 577 } 578 } 579 do_btb_flush_fixups(void)580 void __init do_btb_flush_fixups(void) 581 { 582 long *start, *end; 583 584 start = PTRRELOC(&__start__btb_flush_fixup); 585 end = PTRRELOC(&__stop__btb_flush_fixup); 586 587 for (; start < end; start += 2) 588 patch_btb_flush_section(start); 589 } 590 #endif /* CONFIG_PPC_E500 */ 591 do_lwsync_fixups(unsigned long value,void * fixup_start,void * fixup_end)592 void do_lwsync_fixups(unsigned long value, void *fixup_start, void *fixup_end) 593 { 594 long *start, *end; 595 u32 *dest; 596 597 if (!(value & CPU_FTR_LWSYNC)) 598 return ; 599 600 start = fixup_start; 601 end = fixup_end; 602 603 for (; start < end; start++) { 604 dest = (void *)start + *start; 605 raw_patch_instruction(dest, ppc_inst(PPC_INST_LWSYNC)); 606 } 607 } 608 do_final_fixups(void)609 static void __init do_final_fixups(void) 610 { 611 #if defined(CONFIG_PPC64) && defined(CONFIG_RELOCATABLE) 612 ppc_inst_t inst; 613 u32 *src, *dest, *end; 614 615 if (PHYSICAL_START == 0) 616 return; 617 618 src = (u32 *)(KERNELBASE + PHYSICAL_START); 619 dest = (u32 *)KERNELBASE; 620 end = (void *)src + (__end_interrupts - _stext); 621 622 while (src < end) { 623 inst = ppc_inst_read(src); 624 raw_patch_instruction(dest, inst); 625 src = ppc_inst_next(src, src); 626 dest = ppc_inst_next(dest, dest); 627 } 628 #endif 629 } 630 631 static unsigned long __initdata saved_cpu_features; 632 static unsigned int __initdata saved_mmu_features; 633 #ifdef CONFIG_PPC64 634 static unsigned long __initdata saved_firmware_features; 635 #endif 636 apply_feature_fixups(void)637 void __init apply_feature_fixups(void) 638 { 639 struct cpu_spec *spec = PTRRELOC(*PTRRELOC(&cur_cpu_spec)); 640 641 *PTRRELOC(&saved_cpu_features) = spec->cpu_features; 642 *PTRRELOC(&saved_mmu_features) = spec->mmu_features; 643 644 /* 645 * Apply the CPU-specific and firmware specific fixups to kernel text 646 * (nop out sections not relevant to this CPU or this firmware). 647 */ 648 do_feature_fixups(spec->cpu_features, 649 PTRRELOC(&__start___ftr_fixup), 650 PTRRELOC(&__stop___ftr_fixup)); 651 652 do_feature_fixups(spec->mmu_features, 653 PTRRELOC(&__start___mmu_ftr_fixup), 654 PTRRELOC(&__stop___mmu_ftr_fixup)); 655 656 do_lwsync_fixups(spec->cpu_features, 657 PTRRELOC(&__start___lwsync_fixup), 658 PTRRELOC(&__stop___lwsync_fixup)); 659 660 #ifdef CONFIG_PPC64 661 saved_firmware_features = powerpc_firmware_features; 662 do_feature_fixups(powerpc_firmware_features, 663 &__start___fw_ftr_fixup, &__stop___fw_ftr_fixup); 664 #endif 665 do_final_fixups(); 666 } 667 update_mmu_feature_fixups(unsigned long mask)668 void __init update_mmu_feature_fixups(unsigned long mask) 669 { 670 saved_mmu_features &= ~mask; 671 saved_mmu_features |= cur_cpu_spec->mmu_features & mask; 672 673 do_feature_fixups_mask(cur_cpu_spec->mmu_features, mask, 674 PTRRELOC(&__start___mmu_ftr_fixup), 675 PTRRELOC(&__stop___mmu_ftr_fixup)); 676 mmu_feature_keys_init(); 677 } 678 setup_feature_keys(void)679 void __init setup_feature_keys(void) 680 { 681 /* 682 * Initialise jump label. This causes all the cpu/mmu_has_feature() 683 * checks to take on their correct polarity based on the current set of 684 * CPU/MMU features. 685 */ 686 jump_label_init(); 687 cpu_feature_keys_init(); 688 mmu_feature_keys_init(); 689 static_key_feature_checks_initialized = true; 690 } 691 check_features(void)692 static int __init check_features(void) 693 { 694 WARN(saved_cpu_features != cur_cpu_spec->cpu_features, 695 "CPU features changed after feature patching!\n"); 696 WARN(saved_mmu_features != cur_cpu_spec->mmu_features, 697 "MMU features changed after feature patching!\n"); 698 #ifdef CONFIG_PPC64 699 WARN(saved_firmware_features != powerpc_firmware_features, 700 "Firmware features changed after feature patching!\n"); 701 #endif 702 703 return 0; 704 } 705 late_initcall(check_features); 706 707 #ifdef CONFIG_FTR_FIXUP_SELFTEST 708 709 #define check(x) \ 710 if (!(x)) printk("feature-fixups: test failed at line %d\n", __LINE__); 711 patch_feature_section(unsigned long value,struct fixup_entry * fcur)712 static int patch_feature_section(unsigned long value, struct fixup_entry *fcur) 713 { 714 return patch_feature_section_mask(value, ~0, fcur); 715 } 716 717 /* This must be after the text it fixes up, vmlinux.lds.S enforces that atm */ 718 static struct fixup_entry fixup; 719 calc_offset(struct fixup_entry * entry,unsigned int * p)720 static long __init calc_offset(struct fixup_entry *entry, unsigned int *p) 721 { 722 return (unsigned long)p - (unsigned long)entry; 723 } 724 test_basic_patching(void)725 static void __init test_basic_patching(void) 726 { 727 extern unsigned int ftr_fixup_test1[]; 728 extern unsigned int end_ftr_fixup_test1[]; 729 extern unsigned int ftr_fixup_test1_orig[]; 730 extern unsigned int ftr_fixup_test1_expected[]; 731 int size = 4 * (end_ftr_fixup_test1 - ftr_fixup_test1); 732 733 fixup.value = fixup.mask = 8; 734 fixup.start_off = calc_offset(&fixup, ftr_fixup_test1 + 1); 735 fixup.end_off = calc_offset(&fixup, ftr_fixup_test1 + 2); 736 fixup.alt_start_off = fixup.alt_end_off = 0; 737 738 /* Sanity check */ 739 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0); 740 741 /* Check we don't patch if the value matches */ 742 patch_feature_section(8, &fixup); 743 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0); 744 745 /* Check we do patch if the value doesn't match */ 746 patch_feature_section(0, &fixup); 747 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0); 748 749 /* Check we do patch if the mask doesn't match */ 750 memcpy(ftr_fixup_test1, ftr_fixup_test1_orig, size); 751 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_orig, size) == 0); 752 patch_feature_section(~8, &fixup); 753 check(memcmp(ftr_fixup_test1, ftr_fixup_test1_expected, size) == 0); 754 } 755 test_alternative_patching(void)756 static void __init test_alternative_patching(void) 757 { 758 extern unsigned int ftr_fixup_test2[]; 759 extern unsigned int end_ftr_fixup_test2[]; 760 extern unsigned int ftr_fixup_test2_orig[]; 761 extern unsigned int ftr_fixup_test2_alt[]; 762 extern unsigned int ftr_fixup_test2_expected[]; 763 int size = 4 * (end_ftr_fixup_test2 - ftr_fixup_test2); 764 765 fixup.value = fixup.mask = 0xF; 766 fixup.start_off = calc_offset(&fixup, ftr_fixup_test2 + 1); 767 fixup.end_off = calc_offset(&fixup, ftr_fixup_test2 + 2); 768 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test2_alt); 769 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test2_alt + 1); 770 771 /* Sanity check */ 772 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0); 773 774 /* Check we don't patch if the value matches */ 775 patch_feature_section(0xF, &fixup); 776 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0); 777 778 /* Check we do patch if the value doesn't match */ 779 patch_feature_section(0, &fixup); 780 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0); 781 782 /* Check we do patch if the mask doesn't match */ 783 memcpy(ftr_fixup_test2, ftr_fixup_test2_orig, size); 784 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_orig, size) == 0); 785 patch_feature_section(~0xF, &fixup); 786 check(memcmp(ftr_fixup_test2, ftr_fixup_test2_expected, size) == 0); 787 } 788 test_alternative_case_too_big(void)789 static void __init test_alternative_case_too_big(void) 790 { 791 extern unsigned int ftr_fixup_test3[]; 792 extern unsigned int end_ftr_fixup_test3[]; 793 extern unsigned int ftr_fixup_test3_orig[]; 794 extern unsigned int ftr_fixup_test3_alt[]; 795 int size = 4 * (end_ftr_fixup_test3 - ftr_fixup_test3); 796 797 fixup.value = fixup.mask = 0xC; 798 fixup.start_off = calc_offset(&fixup, ftr_fixup_test3 + 1); 799 fixup.end_off = calc_offset(&fixup, ftr_fixup_test3 + 2); 800 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test3_alt); 801 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test3_alt + 2); 802 803 /* Sanity check */ 804 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0); 805 806 /* Expect nothing to be patched, and the error returned to us */ 807 check(patch_feature_section(0xF, &fixup) == 1); 808 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0); 809 check(patch_feature_section(0, &fixup) == 1); 810 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0); 811 check(patch_feature_section(~0xF, &fixup) == 1); 812 check(memcmp(ftr_fixup_test3, ftr_fixup_test3_orig, size) == 0); 813 } 814 test_alternative_case_too_small(void)815 static void __init test_alternative_case_too_small(void) 816 { 817 extern unsigned int ftr_fixup_test4[]; 818 extern unsigned int end_ftr_fixup_test4[]; 819 extern unsigned int ftr_fixup_test4_orig[]; 820 extern unsigned int ftr_fixup_test4_alt[]; 821 extern unsigned int ftr_fixup_test4_expected[]; 822 int size = 4 * (end_ftr_fixup_test4 - ftr_fixup_test4); 823 unsigned long flag; 824 825 /* Check a high-bit flag */ 826 flag = 1UL << ((sizeof(unsigned long) - 1) * 8); 827 fixup.value = fixup.mask = flag; 828 fixup.start_off = calc_offset(&fixup, ftr_fixup_test4 + 1); 829 fixup.end_off = calc_offset(&fixup, ftr_fixup_test4 + 5); 830 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_test4_alt); 831 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_test4_alt + 2); 832 833 /* Sanity check */ 834 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0); 835 836 /* Check we don't patch if the value matches */ 837 patch_feature_section(flag, &fixup); 838 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0); 839 840 /* Check we do patch if the value doesn't match */ 841 patch_feature_section(0, &fixup); 842 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0); 843 844 /* Check we do patch if the mask doesn't match */ 845 memcpy(ftr_fixup_test4, ftr_fixup_test4_orig, size); 846 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_orig, size) == 0); 847 patch_feature_section(~flag, &fixup); 848 check(memcmp(ftr_fixup_test4, ftr_fixup_test4_expected, size) == 0); 849 } 850 test_alternative_case_with_branch(void)851 static void test_alternative_case_with_branch(void) 852 { 853 extern unsigned int ftr_fixup_test5[]; 854 extern unsigned int end_ftr_fixup_test5[]; 855 extern unsigned int ftr_fixup_test5_expected[]; 856 int size = 4 * (end_ftr_fixup_test5 - ftr_fixup_test5); 857 858 check(memcmp(ftr_fixup_test5, ftr_fixup_test5_expected, size) == 0); 859 } 860 test_alternative_case_with_external_branch(void)861 static void __init test_alternative_case_with_external_branch(void) 862 { 863 extern unsigned int ftr_fixup_test6[]; 864 extern unsigned int end_ftr_fixup_test6[]; 865 extern unsigned int ftr_fixup_test6_expected[]; 866 int size = 4 * (end_ftr_fixup_test6 - ftr_fixup_test6); 867 868 check(memcmp(ftr_fixup_test6, ftr_fixup_test6_expected, size) == 0); 869 } 870 test_alternative_case_with_branch_to_end(void)871 static void __init test_alternative_case_with_branch_to_end(void) 872 { 873 extern unsigned int ftr_fixup_test7[]; 874 extern unsigned int end_ftr_fixup_test7[]; 875 extern unsigned int ftr_fixup_test7_expected[]; 876 int size = 4 * (end_ftr_fixup_test7 - ftr_fixup_test7); 877 878 check(memcmp(ftr_fixup_test7, ftr_fixup_test7_expected, size) == 0); 879 } 880 test_cpu_macros(void)881 static void __init test_cpu_macros(void) 882 { 883 extern u8 ftr_fixup_test_FTR_macros[]; 884 extern u8 ftr_fixup_test_FTR_macros_expected[]; 885 unsigned long size = ftr_fixup_test_FTR_macros_expected - 886 ftr_fixup_test_FTR_macros; 887 888 /* The fixups have already been done for us during boot */ 889 check(memcmp(ftr_fixup_test_FTR_macros, 890 ftr_fixup_test_FTR_macros_expected, size) == 0); 891 } 892 test_fw_macros(void)893 static void __init test_fw_macros(void) 894 { 895 #ifdef CONFIG_PPC64 896 extern u8 ftr_fixup_test_FW_FTR_macros[]; 897 extern u8 ftr_fixup_test_FW_FTR_macros_expected[]; 898 unsigned long size = ftr_fixup_test_FW_FTR_macros_expected - 899 ftr_fixup_test_FW_FTR_macros; 900 901 /* The fixups have already been done for us during boot */ 902 check(memcmp(ftr_fixup_test_FW_FTR_macros, 903 ftr_fixup_test_FW_FTR_macros_expected, size) == 0); 904 #endif 905 } 906 test_lwsync_macros(void)907 static void __init test_lwsync_macros(void) 908 { 909 extern u8 lwsync_fixup_test[]; 910 extern u8 end_lwsync_fixup_test[]; 911 extern u8 lwsync_fixup_test_expected_LWSYNC[]; 912 extern u8 lwsync_fixup_test_expected_SYNC[]; 913 unsigned long size = end_lwsync_fixup_test - 914 lwsync_fixup_test; 915 916 /* The fixups have already been done for us during boot */ 917 if (cur_cpu_spec->cpu_features & CPU_FTR_LWSYNC) { 918 check(memcmp(lwsync_fixup_test, 919 lwsync_fixup_test_expected_LWSYNC, size) == 0); 920 } else { 921 check(memcmp(lwsync_fixup_test, 922 lwsync_fixup_test_expected_SYNC, size) == 0); 923 } 924 } 925 926 #ifdef CONFIG_PPC64 test_prefix_patching(void)927 static void __init test_prefix_patching(void) 928 { 929 extern unsigned int ftr_fixup_prefix1[]; 930 extern unsigned int end_ftr_fixup_prefix1[]; 931 extern unsigned int ftr_fixup_prefix1_orig[]; 932 extern unsigned int ftr_fixup_prefix1_expected[]; 933 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix1 - ftr_fixup_prefix1); 934 935 fixup.value = fixup.mask = 8; 936 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix1 + 1); 937 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix1 + 3); 938 fixup.alt_start_off = fixup.alt_end_off = 0; 939 940 /* Sanity check */ 941 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_orig, size) == 0); 942 943 patch_feature_section(0, &fixup); 944 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_expected, size) == 0); 945 check(memcmp(ftr_fixup_prefix1, ftr_fixup_prefix1_orig, size) != 0); 946 } 947 test_prefix_alt_patching(void)948 static void __init test_prefix_alt_patching(void) 949 { 950 extern unsigned int ftr_fixup_prefix2[]; 951 extern unsigned int end_ftr_fixup_prefix2[]; 952 extern unsigned int ftr_fixup_prefix2_orig[]; 953 extern unsigned int ftr_fixup_prefix2_expected[]; 954 extern unsigned int ftr_fixup_prefix2_alt[]; 955 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix2 - ftr_fixup_prefix2); 956 957 fixup.value = fixup.mask = 8; 958 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix2 + 1); 959 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix2 + 3); 960 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_prefix2_alt); 961 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_prefix2_alt + 2); 962 /* Sanity check */ 963 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_orig, size) == 0); 964 965 patch_feature_section(0, &fixup); 966 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_expected, size) == 0); 967 check(memcmp(ftr_fixup_prefix2, ftr_fixup_prefix2_orig, size) != 0); 968 } 969 test_prefix_word_alt_patching(void)970 static void __init test_prefix_word_alt_patching(void) 971 { 972 extern unsigned int ftr_fixup_prefix3[]; 973 extern unsigned int end_ftr_fixup_prefix3[]; 974 extern unsigned int ftr_fixup_prefix3_orig[]; 975 extern unsigned int ftr_fixup_prefix3_expected[]; 976 extern unsigned int ftr_fixup_prefix3_alt[]; 977 int size = sizeof(unsigned int) * (end_ftr_fixup_prefix3 - ftr_fixup_prefix3); 978 979 fixup.value = fixup.mask = 8; 980 fixup.start_off = calc_offset(&fixup, ftr_fixup_prefix3 + 1); 981 fixup.end_off = calc_offset(&fixup, ftr_fixup_prefix3 + 4); 982 fixup.alt_start_off = calc_offset(&fixup, ftr_fixup_prefix3_alt); 983 fixup.alt_end_off = calc_offset(&fixup, ftr_fixup_prefix3_alt + 3); 984 /* Sanity check */ 985 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_orig, size) == 0); 986 987 patch_feature_section(0, &fixup); 988 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_expected, size) == 0); 989 patch_feature_section(0, &fixup); 990 check(memcmp(ftr_fixup_prefix3, ftr_fixup_prefix3_orig, size) != 0); 991 } 992 #else test_prefix_patching(void)993 static inline void test_prefix_patching(void) {} test_prefix_alt_patching(void)994 static inline void test_prefix_alt_patching(void) {} test_prefix_word_alt_patching(void)995 static inline void test_prefix_word_alt_patching(void) {} 996 #endif /* CONFIG_PPC64 */ 997 test_feature_fixups(void)998 static int __init test_feature_fixups(void) 999 { 1000 printk(KERN_DEBUG "Running feature fixup self-tests ...\n"); 1001 1002 test_basic_patching(); 1003 test_alternative_patching(); 1004 test_alternative_case_too_big(); 1005 test_alternative_case_too_small(); 1006 test_alternative_case_with_branch(); 1007 test_alternative_case_with_external_branch(); 1008 test_alternative_case_with_branch_to_end(); 1009 test_cpu_macros(); 1010 test_fw_macros(); 1011 test_lwsync_macros(); 1012 test_prefix_patching(); 1013 test_prefix_alt_patching(); 1014 test_prefix_word_alt_patching(); 1015 1016 return 0; 1017 } 1018 late_initcall(test_feature_fixups); 1019 1020 #endif /* CONFIG_FTR_FIXUP_SELFTEST */ 1021