xref: /linux/arch/x86/include/asm/alternative.h (revision 021bc4b9) 
1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _ASM_X86_ALTERNATIVE_H
3 #define _ASM_X86_ALTERNATIVE_H
4 
5 #include <linux/types.h>
6 #include <linux/stringify.h>
7 #include <asm/asm.h>
8 
9 #define ALT_FLAGS_SHIFT		16
10 
11 #define ALT_FLAG_NOT		(1 << 0)
12 #define ALT_NOT(feature)	((ALT_FLAG_NOT << ALT_FLAGS_SHIFT) | (feature))
13 #define ALT_FLAG_DIRECT_CALL	(1 << 1)
14 #define ALT_DIRECT_CALL(feature) ((ALT_FLAG_DIRECT_CALL << ALT_FLAGS_SHIFT) | (feature))
15 #define ALT_CALL_ALWAYS		ALT_DIRECT_CALL(X86_FEATURE_ALWAYS)
16 
17 #ifndef __ASSEMBLY__
18 
19 #include <linux/stddef.h>
20 
21 /*
22  * Alternative inline assembly for SMP.
23  *
24  * The LOCK_PREFIX macro defined here replaces the LOCK and
25  * LOCK_PREFIX macros used everywhere in the source tree.
26  *
27  * SMP alternatives use the same data structures as the other
28  * alternatives and the X86_FEATURE_UP flag to indicate the case of a
29  * UP system running a SMP kernel.  The existing apply_alternatives()
30  * works fine for patching a SMP kernel for UP.
31  *
32  * The SMP alternative tables can be kept after boot and contain both
33  * UP and SMP versions of the instructions to allow switching back to
34  * SMP at runtime, when hotplugging in a new CPU, which is especially
35  * useful in virtualized environments.
36  *
37  * The very common lock prefix is handled as special case in a
38  * separate table which is a pure address list without replacement ptr
39  * and size information.  That keeps the table sizes small.
40  */
41 
42 #ifdef CONFIG_SMP
43 #define LOCK_PREFIX_HERE \
44 		".pushsection .smp_locks,\"a\"\n"	\
45 		".balign 4\n"				\
46 		".long 671f - .\n" /* offset */		\
47 		".popsection\n"				\
48 		"671:"
49 
50 #define LOCK_PREFIX LOCK_PREFIX_HERE "\n\tlock; "
51 
52 #else /* ! CONFIG_SMP */
53 #define LOCK_PREFIX_HERE ""
54 #define LOCK_PREFIX ""
55 #endif
56 
57 /*
58  * objtool annotation to ignore the alternatives and only consider the original
59  * instruction(s).
60  */
61 #define ANNOTATE_IGNORE_ALTERNATIVE				\
62 	"999:\n\t"						\
63 	".pushsection .discard.ignore_alts\n\t"			\
64 	".long 999b\n\t"					\
65 	".popsection\n\t"
66 
67 /*
68  * The patching flags are part of the upper bits of the @ft_flags parameter when
69  * specifying them. The split is currently like this:
70  *
71  * [31... flags ...16][15... CPUID feature bit ...0]
72  *
73  * but since this is all hidden in the macros argument being split, those fields can be
74  * extended in the future to fit in a u64 or however the need arises.
75  */
76 struct alt_instr {
77 	s32 instr_offset;	/* original instruction */
78 	s32 repl_offset;	/* offset to replacement instruction */
79 
80 	union {
81 		struct {
82 			u32 cpuid: 16;	/* CPUID bit set for replacement */
83 			u32 flags: 16;	/* patching control flags */
84 		};
85 		u32 ft_flags;
86 	};
87 
88 	u8  instrlen;		/* length of original instruction */
89 	u8  replacementlen;	/* length of new instruction */
90 } __packed;
91 
92 extern struct alt_instr __alt_instructions[], __alt_instructions_end[];
93 
94 /*
95  * Debug flag that can be tested to see whether alternative
96  * instructions were patched in already:
97  */
98 extern int alternatives_patched;
99 
100 extern void alternative_instructions(void);
101 extern void apply_alternatives(struct alt_instr *start, struct alt_instr *end);
102 extern void apply_retpolines(s32 *start, s32 *end);
103 extern void apply_returns(s32 *start, s32 *end);
104 extern void apply_seal_endbr(s32 *start, s32 *end);
105 extern void apply_fineibt(s32 *start_retpoline, s32 *end_retpoine,
106 			  s32 *start_cfi, s32 *end_cfi);
107 
108 struct module;
109 
110 struct callthunk_sites {
111 	s32				*call_start, *call_end;
112 	struct alt_instr		*alt_start, *alt_end;
113 };
114 
115 #ifdef CONFIG_CALL_THUNKS
116 extern void callthunks_patch_builtin_calls(void);
117 extern void callthunks_patch_module_calls(struct callthunk_sites *sites,
118 					  struct module *mod);
119 extern void *callthunks_translate_call_dest(void *dest);
120 extern int x86_call_depth_emit_accounting(u8 **pprog, void *func);
121 #else
122 static __always_inline void callthunks_patch_builtin_calls(void) {}
123 static __always_inline void
124 callthunks_patch_module_calls(struct callthunk_sites *sites,
125 			      struct module *mod) {}
126 static __always_inline void *callthunks_translate_call_dest(void *dest)
127 {
128 	return dest;
129 }
130 static __always_inline int x86_call_depth_emit_accounting(u8 **pprog,
131 							  void *func)
132 {
133 	return 0;
134 }
135 #endif
136 
137 #ifdef CONFIG_SMP
138 extern void alternatives_smp_module_add(struct module *mod, char *name,
139 					void *locks, void *locks_end,
140 					void *text, void *text_end);
141 extern void alternatives_smp_module_del(struct module *mod);
142 extern void alternatives_enable_smp(void);
143 extern int alternatives_text_reserved(void *start, void *end);
144 extern bool skip_smp_alternatives;
145 #else
146 static inline void alternatives_smp_module_add(struct module *mod, char *name,
147 					       void *locks, void *locks_end,
148 					       void *text, void *text_end) {}
149 static inline void alternatives_smp_module_del(struct module *mod) {}
150 static inline void alternatives_enable_smp(void) {}
151 static inline int alternatives_text_reserved(void *start, void *end)
152 {
153 	return 0;
154 }
155 #endif	/* CONFIG_SMP */
156 
157 #define ALT_CALL_INSTR		"call BUG_func"
158 
159 #define b_replacement(num)	"664"#num
160 #define e_replacement(num)	"665"#num
161 
162 #define alt_end_marker		"663"
163 #define alt_slen		"662b-661b"
164 #define alt_total_slen		alt_end_marker"b-661b"
165 #define alt_rlen(num)		e_replacement(num)"f-"b_replacement(num)"f"
166 
167 #define OLDINSTR(oldinstr, num)						\
168 	"# ALT: oldnstr\n"						\
169 	"661:\n\t" oldinstr "\n662:\n"					\
170 	"# ALT: padding\n"						\
171 	".skip -(((" alt_rlen(num) ")-(" alt_slen ")) > 0) * "		\
172 		"((" alt_rlen(num) ")-(" alt_slen ")),0x90\n"		\
173 	alt_end_marker ":\n"
174 
175 /*
176  * gas compatible max based on the idea from:
177  * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
178  *
179  * The additional "-" is needed because gas uses a "true" value of -1.
180  */
181 #define alt_max_short(a, b)	"((" a ") ^ (((" a ") ^ (" b ")) & -(-((" a ") < (" b ")))))"
182 
183 /*
184  * Pad the second replacement alternative with additional NOPs if it is
185  * additionally longer than the first replacement alternative.
186  */
187 #define OLDINSTR_2(oldinstr, num1, num2) \
188 	"# ALT: oldinstr2\n"									\
189 	"661:\n\t" oldinstr "\n662:\n"								\
190 	"# ALT: padding2\n"									\
191 	".skip -((" alt_max_short(alt_rlen(num1), alt_rlen(num2)) " - (" alt_slen ")) > 0) * "	\
192 		"(" alt_max_short(alt_rlen(num1), alt_rlen(num2)) " - (" alt_slen ")), 0x90\n"	\
193 	alt_end_marker ":\n"
194 
195 #define OLDINSTR_3(oldinsn, n1, n2, n3)								\
196 	"# ALT: oldinstr3\n"									\
197 	"661:\n\t" oldinsn "\n662:\n"								\
198 	"# ALT: padding3\n"									\
199 	".skip -((" alt_max_short(alt_max_short(alt_rlen(n1), alt_rlen(n2)), alt_rlen(n3))	\
200 		" - (" alt_slen ")) > 0) * "							\
201 		"(" alt_max_short(alt_max_short(alt_rlen(n1), alt_rlen(n2)), alt_rlen(n3))	\
202 		" - (" alt_slen ")), 0x90\n"							\
203 	alt_end_marker ":\n"
204 
205 #define ALTINSTR_ENTRY(ft_flags, num)					      \
206 	" .long 661b - .\n"				/* label           */ \
207 	" .long " b_replacement(num)"f - .\n"		/* new instruction */ \
208 	" .4byte " __stringify(ft_flags) "\n"		/* feature + flags */ \
209 	" .byte " alt_total_slen "\n"			/* source len      */ \
210 	" .byte " alt_rlen(num) "\n"			/* replacement len */
211 
212 #define ALTINSTR_REPLACEMENT(newinstr, num)		/* replacement */	\
213 	"# ALT: replacement " #num "\n"						\
214 	b_replacement(num)":\n\t" newinstr "\n" e_replacement(num) ":\n"
215 
216 /* alternative assembly primitive: */
217 #define ALTERNATIVE(oldinstr, newinstr, ft_flags)			\
218 	OLDINSTR(oldinstr, 1)						\
219 	".pushsection .altinstructions,\"a\"\n"				\
220 	ALTINSTR_ENTRY(ft_flags, 1)					\
221 	".popsection\n"							\
222 	".pushsection .altinstr_replacement, \"ax\"\n"			\
223 	ALTINSTR_REPLACEMENT(newinstr, 1)				\
224 	".popsection\n"
225 
226 #define ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \
227 	OLDINSTR_2(oldinstr, 1, 2)					\
228 	".pushsection .altinstructions,\"a\"\n"				\
229 	ALTINSTR_ENTRY(ft_flags1, 1)					\
230 	ALTINSTR_ENTRY(ft_flags2, 2)					\
231 	".popsection\n"							\
232 	".pushsection .altinstr_replacement, \"ax\"\n"			\
233 	ALTINSTR_REPLACEMENT(newinstr1, 1)				\
234 	ALTINSTR_REPLACEMENT(newinstr2, 2)				\
235 	".popsection\n"
236 
237 /* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */
238 #define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
239 	ALTERNATIVE_2(oldinstr, newinstr_no, X86_FEATURE_ALWAYS,	\
240 		      newinstr_yes, ft_flags)
241 
242 #define ALTERNATIVE_3(oldinsn, newinsn1, ft_flags1, newinsn2, ft_flags2, \
243 			newinsn3, ft_flags3)				\
244 	OLDINSTR_3(oldinsn, 1, 2, 3)					\
245 	".pushsection .altinstructions,\"a\"\n"				\
246 	ALTINSTR_ENTRY(ft_flags1, 1)					\
247 	ALTINSTR_ENTRY(ft_flags2, 2)					\
248 	ALTINSTR_ENTRY(ft_flags3, 3)					\
249 	".popsection\n"							\
250 	".pushsection .altinstr_replacement, \"ax\"\n"			\
251 	ALTINSTR_REPLACEMENT(newinsn1, 1)				\
252 	ALTINSTR_REPLACEMENT(newinsn2, 2)				\
253 	ALTINSTR_REPLACEMENT(newinsn3, 3)				\
254 	".popsection\n"
255 
256 /*
257  * Alternative instructions for different CPU types or capabilities.
258  *
259  * This allows to use optimized instructions even on generic binary
260  * kernels.
261  *
262  * length of oldinstr must be longer or equal the length of newinstr
263  * It can be padded with nops as needed.
264  *
265  * For non barrier like inlines please define new variants
266  * without volatile and memory clobber.
267  */
268 #define alternative(oldinstr, newinstr, ft_flags)			\
269 	asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags) : : : "memory")
270 
271 #define alternative_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \
272 	asm_inline volatile(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) ::: "memory")
273 
274 #define alternative_ternary(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
275 	asm_inline volatile(ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) ::: "memory")
276 
277 /*
278  * Alternative inline assembly with input.
279  *
280  * Peculiarities:
281  * No memory clobber here.
282  * Argument numbers start with 1.
283  * Leaving an unused argument 0 to keep API compatibility.
284  */
285 #define alternative_input(oldinstr, newinstr, ft_flags, input...)	\
286 	asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags)	\
287 		: : "i" (0), ## input)
288 
289 /*
290  * This is similar to alternative_input. But it has two features and
291  * respective instructions.
292  *
293  * If CPU has feature2, newinstr2 is used.
294  * Otherwise, if CPU has feature1, newinstr1 is used.
295  * Otherwise, oldinstr is used.
296  */
297 #define alternative_input_2(oldinstr, newinstr1, ft_flags1, newinstr2,	     \
298 			   ft_flags2, input...)				     \
299 	asm_inline volatile(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1,     \
300 		newinstr2, ft_flags2)					     \
301 		: : "i" (0), ## input)
302 
303 /* Like alternative_input, but with a single output argument */
304 #define alternative_io(oldinstr, newinstr, ft_flags, output, input...)	\
305 	asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags)	\
306 		: output : "i" (0), ## input)
307 
308 /* Like alternative_io, but for replacing a direct call with another one. */
309 #define alternative_call(oldfunc, newfunc, ft_flags, output, input...)	\
310 	asm_inline volatile (ALTERNATIVE("call %P[old]", "call %P[new]", ft_flags) \
311 		: output : [old] "i" (oldfunc), [new] "i" (newfunc), ## input)
312 
313 /*
314  * Like alternative_call, but there are two features and respective functions.
315  * If CPU has feature2, function2 is used.
316  * Otherwise, if CPU has feature1, function1 is used.
317  * Otherwise, old function is used.
318  */
319 #define alternative_call_2(oldfunc, newfunc1, ft_flags1, newfunc2, ft_flags2,   \
320 			   output, input...)				      \
321 	asm_inline volatile (ALTERNATIVE_2("call %P[old]", "call %P[new1]", ft_flags1,\
322 		"call %P[new2]", ft_flags2)				      \
323 		: output, ASM_CALL_CONSTRAINT				      \
324 		: [old] "i" (oldfunc), [new1] "i" (newfunc1),		      \
325 		  [new2] "i" (newfunc2), ## input)
326 
327 /*
328  * use this macro(s) if you need more than one output parameter
329  * in alternative_io
330  */
331 #define ASM_OUTPUT2(a...) a
332 
333 /*
334  * use this macro if you need clobbers but no inputs in
335  * alternative_{input,io,call}()
336  */
337 #define ASM_NO_INPUT_CLOBBER(clbr...) "i" (0) : clbr
338 
339 /* Macro for creating assembler functions avoiding any C magic. */
340 #define DEFINE_ASM_FUNC(func, instr, sec)		\
341 	asm (".pushsection " #sec ", \"ax\"\n"		\
342 	     ".global " #func "\n\t"			\
343 	     ".type " #func ", @function\n\t"		\
344 	     ASM_FUNC_ALIGN "\n"			\
345 	     #func ":\n\t"				\
346 	     ASM_ENDBR					\
347 	     instr "\n\t"				\
348 	     ASM_RET					\
349 	     ".size " #func ", . - " #func "\n\t"	\
350 	     ".popsection")
351 
352 void BUG_func(void);
353 void nop_func(void);
354 
355 #else /* __ASSEMBLY__ */
356 
357 #ifdef CONFIG_SMP
358 	.macro LOCK_PREFIX
359 672:	lock
360 	.pushsection .smp_locks,"a"
361 	.balign 4
362 	.long 672b - .
363 	.popsection
364 	.endm
365 #else
366 	.macro LOCK_PREFIX
367 	.endm
368 #endif
369 
370 /*
371  * objtool annotation to ignore the alternatives and only consider the original
372  * instruction(s).
373  */
374 .macro ANNOTATE_IGNORE_ALTERNATIVE
375 	.Lannotate_\@:
376 	.pushsection .discard.ignore_alts
377 	.long .Lannotate_\@
378 	.popsection
379 .endm
380 
381 /*
382  * Issue one struct alt_instr descriptor entry (need to put it into
383  * the section .altinstructions, see below). This entry contains
384  * enough information for the alternatives patching code to patch an
385  * instruction. See apply_alternatives().
386  */
387 .macro altinstr_entry orig alt ft_flags orig_len alt_len
388 	.long \orig - .
389 	.long \alt - .
390 	.4byte \ft_flags
391 	.byte \orig_len
392 	.byte \alt_len
393 .endm
394 
395 .macro ALT_CALL_INSTR
396 	call BUG_func
397 .endm
398 
399 /*
400  * Define an alternative between two instructions. If @feature is
401  * present, early code in apply_alternatives() replaces @oldinstr with
402  * @newinstr. ".skip" directive takes care of proper instruction padding
403  * in case @newinstr is longer than @oldinstr.
404  */
405 .macro ALTERNATIVE oldinstr, newinstr, ft_flags
406 140:
407 	\oldinstr
408 141:
409 	.skip -(((144f-143f)-(141b-140b)) > 0) * ((144f-143f)-(141b-140b)),0x90
410 142:
411 
412 	.pushsection .altinstructions,"a"
413 	altinstr_entry 140b,143f,\ft_flags,142b-140b,144f-143f
414 	.popsection
415 
416 	.pushsection .altinstr_replacement,"ax"
417 143:
418 	\newinstr
419 144:
420 	.popsection
421 .endm
422 
423 #define old_len			141b-140b
424 #define new_len1		144f-143f
425 #define new_len2		145f-144f
426 #define new_len3		146f-145f
427 
428 /*
429  * gas compatible max based on the idea from:
430  * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
431  *
432  * The additional "-" is needed because gas uses a "true" value of -1.
433  */
434 #define alt_max_2(a, b)		((a) ^ (((a) ^ (b)) & -(-((a) < (b)))))
435 #define alt_max_3(a, b, c)	(alt_max_2(alt_max_2(a, b), c))
436 
437 
438 /*
439  * Same as ALTERNATIVE macro above but for two alternatives. If CPU
440  * has @feature1, it replaces @oldinstr with @newinstr1. If CPU has
441  * @feature2, it replaces @oldinstr with @feature2.
442  */
443 .macro ALTERNATIVE_2 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2
444 140:
445 	\oldinstr
446 141:
447 	.skip -((alt_max_2(new_len1, new_len2) - (old_len)) > 0) * \
448 		(alt_max_2(new_len1, new_len2) - (old_len)),0x90
449 142:
450 
451 	.pushsection .altinstructions,"a"
452 	altinstr_entry 140b,143f,\ft_flags1,142b-140b,144f-143f
453 	altinstr_entry 140b,144f,\ft_flags2,142b-140b,145f-144f
454 	.popsection
455 
456 	.pushsection .altinstr_replacement,"ax"
457 143:
458 	\newinstr1
459 144:
460 	\newinstr2
461 145:
462 	.popsection
463 .endm
464 
465 .macro ALTERNATIVE_3 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2, newinstr3, ft_flags3
466 140:
467 	\oldinstr
468 141:
469 	.skip -((alt_max_3(new_len1, new_len2, new_len3) - (old_len)) > 0) * \
470 		(alt_max_3(new_len1, new_len2, new_len3) - (old_len)),0x90
471 142:
472 
473 	.pushsection .altinstructions,"a"
474 	altinstr_entry 140b,143f,\ft_flags1,142b-140b,144f-143f
475 	altinstr_entry 140b,144f,\ft_flags2,142b-140b,145f-144f
476 	altinstr_entry 140b,145f,\ft_flags3,142b-140b,146f-145f
477 	.popsection
478 
479 	.pushsection .altinstr_replacement,"ax"
480 143:
481 	\newinstr1
482 144:
483 	\newinstr2
484 145:
485 	\newinstr3
486 146:
487 	.popsection
488 .endm
489 
490 /* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */
491 #define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
492 	ALTERNATIVE_2 oldinstr, newinstr_no, X86_FEATURE_ALWAYS,	\
493 	newinstr_yes, ft_flags
494 
495 #endif /* __ASSEMBLY__ */
496 
497 #endif /* _ASM_X86_ALTERNATIVE_H */
498