1/* SPDX-License-Identifier: GPL-2.0-only */
2/*
3 * Based on arch/arm/include/asm/assembler.h, arch/arm/mm/proc-macros.S
4 *
5 * Copyright (C) 1996-2000 Russell King
6 * Copyright (C) 2012 ARM Ltd.
7 */
8#ifndef __ASSEMBLY__
9#error "Only include this from assembly code"
10#endif
11
12#ifndef __ASM_ASSEMBLER_H
13#define __ASM_ASSEMBLER_H
14
15#include <linux/export.h>
16
17#include <asm/alternative.h>
18#include <asm/asm-bug.h>
19#include <asm/asm-extable.h>
20#include <asm/asm-offsets.h>
21#include <asm/cpufeature.h>
22#include <asm/cputype.h>
23#include <asm/debug-monitors.h>
24#include <asm/page.h>
25#include <asm/pgtable-hwdef.h>
26#include <asm/ptrace.h>
27#include <asm/thread_info.h>
28
29	/*
30	 * Provide a wxN alias for each wN register so what we can paste a xN
31	 * reference after a 'w' to obtain the 32-bit version.
32	 */
33	.irp	n,0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30
34	wx\n	.req	w\n
35	.endr
36
37	.macro disable_daif
38	msr	daifset, #0xf
39	.endm
40
41/*
42 * Save/restore interrupts.
43 */
44	.macro	save_and_disable_irq, flags
45	mrs	\flags, daif
46	msr	daifset, #3
47	.endm
48
49	.macro	restore_irq, flags
50	msr	daif, \flags
51	.endm
52
53	.macro	enable_dbg
54	msr	daifclr, #8
55	.endm
56
57	.macro	disable_step_tsk, flgs, tmp
58	tbz	\flgs, #TIF_SINGLESTEP, 9990f
59	mrs	\tmp, mdscr_el1
60	bic	\tmp, \tmp, #DBG_MDSCR_SS
61	msr	mdscr_el1, \tmp
62	isb	// Synchronise with enable_dbg
639990:
64	.endm
65
66	/* call with daif masked */
67	.macro	enable_step_tsk, flgs, tmp
68	tbz	\flgs, #TIF_SINGLESTEP, 9990f
69	mrs	\tmp, mdscr_el1
70	orr	\tmp, \tmp, #DBG_MDSCR_SS
71	msr	mdscr_el1, \tmp
729990:
73	.endm
74
75/*
76 * RAS Error Synchronization barrier
77 */
78	.macro  esb
79#ifdef CONFIG_ARM64_RAS_EXTN
80	hint    #16
81#else
82	nop
83#endif
84	.endm
85
86/*
87 * Value prediction barrier
88 */
89	.macro	csdb
90	hint	#20
91	.endm
92
93/*
94 * Clear Branch History instruction
95 */
96	.macro clearbhb
97	hint	#22
98	.endm
99
100/*
101 * Speculation barrier
102 */
103	.macro	sb
104alternative_if_not ARM64_HAS_SB
105	dsb	nsh
106	isb
107alternative_else
108	SB_BARRIER_INSN
109	nop
110alternative_endif
111	.endm
112
113/*
114 * NOP sequence
115 */
116	.macro	nops, num
117	.rept	\num
118	nop
119	.endr
120	.endm
121
122/*
123 * Register aliases.
124 */
125lr	.req	x30		// link register
126
127/*
128 * Vector entry
129 */
130	 .macro	ventry	label
131	.align	7
132	b	\label
133	.endm
134
135/*
136 * Select code when configured for BE.
137 */
138#ifdef CONFIG_CPU_BIG_ENDIAN
139#define CPU_BE(code...) code
140#else
141#define CPU_BE(code...)
142#endif
143
144/*
145 * Select code when configured for LE.
146 */
147#ifdef CONFIG_CPU_BIG_ENDIAN
148#define CPU_LE(code...)
149#else
150#define CPU_LE(code...) code
151#endif
152
153/*
154 * Define a macro that constructs a 64-bit value by concatenating two
155 * 32-bit registers. Note that on big endian systems the order of the
156 * registers is swapped.
157 */
158#ifndef CONFIG_CPU_BIG_ENDIAN
159	.macro	regs_to_64, rd, lbits, hbits
160#else
161	.macro	regs_to_64, rd, hbits, lbits
162#endif
163	orr	\rd, \lbits, \hbits, lsl #32
164	.endm
165
166/*
167 * Pseudo-ops for PC-relative adr/ldr/str <reg>, <symbol> where
168 * <symbol> is within the range +/- 4 GB of the PC.
169 */
170	/*
171	 * @dst: destination register (64 bit wide)
172	 * @sym: name of the symbol
173	 */
174	.macro	adr_l, dst, sym
175	adrp	\dst, \sym
176	add	\dst, \dst, :lo12:\sym
177	.endm
178
179	/*
180	 * @dst: destination register (32 or 64 bit wide)
181	 * @sym: name of the symbol
182	 * @tmp: optional 64-bit scratch register to be used if <dst> is a
183	 *       32-bit wide register, in which case it cannot be used to hold
184	 *       the address
185	 */
186	.macro	ldr_l, dst, sym, tmp=
187	.ifb	\tmp
188	adrp	\dst, \sym
189	ldr	\dst, [\dst, :lo12:\sym]
190	.else
191	adrp	\tmp, \sym
192	ldr	\dst, [\tmp, :lo12:\sym]
193	.endif
194	.endm
195
196	/*
197	 * @src: source register (32 or 64 bit wide)
198	 * @sym: name of the symbol
199	 * @tmp: mandatory 64-bit scratch register to calculate the address
200	 *       while <src> needs to be preserved.
201	 */
202	.macro	str_l, src, sym, tmp
203	adrp	\tmp, \sym
204	str	\src, [\tmp, :lo12:\sym]
205	.endm
206
207	/*
208	 * @dst: destination register
209	 */
210#if defined(__KVM_NVHE_HYPERVISOR__) || defined(__KVM_VHE_HYPERVISOR__)
211	.macro	get_this_cpu_offset, dst
212	mrs	\dst, tpidr_el2
213	.endm
214#else
215	.macro	get_this_cpu_offset, dst
216alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
217	mrs	\dst, tpidr_el1
218alternative_else
219	mrs	\dst, tpidr_el2
220alternative_endif
221	.endm
222
223	.macro	set_this_cpu_offset, src
224alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
225	msr	tpidr_el1, \src
226alternative_else
227	msr	tpidr_el2, \src
228alternative_endif
229	.endm
230#endif
231
232	/*
233	 * @dst: Result of per_cpu(sym, smp_processor_id()) (can be SP)
234	 * @sym: The name of the per-cpu variable
235	 * @tmp: scratch register
236	 */
237	.macro adr_this_cpu, dst, sym, tmp
238	adrp	\tmp, \sym
239	add	\dst, \tmp, #:lo12:\sym
240	get_this_cpu_offset \tmp
241	add	\dst, \dst, \tmp
242	.endm
243
244	/*
245	 * @dst: Result of READ_ONCE(per_cpu(sym, smp_processor_id()))
246	 * @sym: The name of the per-cpu variable
247	 * @tmp: scratch register
248	 */
249	.macro ldr_this_cpu dst, sym, tmp
250	adr_l	\dst, \sym
251	get_this_cpu_offset \tmp
252	ldr	\dst, [\dst, \tmp]
253	.endm
254
255/*
256 * vma_vm_mm - get mm pointer from vma pointer (vma->vm_mm)
257 */
258	.macro	vma_vm_mm, rd, rn
259	ldr	\rd, [\rn, #VMA_VM_MM]
260	.endm
261
262/*
263 * read_ctr - read CTR_EL0. If the system has mismatched register fields,
264 * provide the system wide safe value from arm64_ftr_reg_ctrel0.sys_val
265 */
266	.macro	read_ctr, reg
267#ifndef __KVM_NVHE_HYPERVISOR__
268alternative_if_not ARM64_MISMATCHED_CACHE_TYPE
269	mrs	\reg, ctr_el0			// read CTR
270	nop
271alternative_else
272	ldr_l	\reg, arm64_ftr_reg_ctrel0 + ARM64_FTR_SYSVAL
273alternative_endif
274#else
275alternative_if_not ARM64_KVM_PROTECTED_MODE
276	ASM_BUG()
277alternative_else_nop_endif
278alternative_cb ARM64_ALWAYS_SYSTEM, kvm_compute_final_ctr_el0
279	movz	\reg, #0
280	movk	\reg, #0, lsl #16
281	movk	\reg, #0, lsl #32
282	movk	\reg, #0, lsl #48
283alternative_cb_end
284#endif
285	.endm
286
287
288/*
289 * raw_dcache_line_size - get the minimum D-cache line size on this CPU
290 * from the CTR register.
291 */
292	.macro	raw_dcache_line_size, reg, tmp
293	mrs	\tmp, ctr_el0			// read CTR
294	ubfm	\tmp, \tmp, #16, #19		// cache line size encoding
295	mov	\reg, #4			// bytes per word
296	lsl	\reg, \reg, \tmp		// actual cache line size
297	.endm
298
299/*
300 * dcache_line_size - get the safe D-cache line size across all CPUs
301 */
302	.macro	dcache_line_size, reg, tmp
303	read_ctr	\tmp
304	ubfm		\tmp, \tmp, #16, #19	// cache line size encoding
305	mov		\reg, #4		// bytes per word
306	lsl		\reg, \reg, \tmp	// actual cache line size
307	.endm
308
309/*
310 * raw_icache_line_size - get the minimum I-cache line size on this CPU
311 * from the CTR register.
312 */
313	.macro	raw_icache_line_size, reg, tmp
314	mrs	\tmp, ctr_el0			// read CTR
315	and	\tmp, \tmp, #0xf		// cache line size encoding
316	mov	\reg, #4			// bytes per word
317	lsl	\reg, \reg, \tmp		// actual cache line size
318	.endm
319
320/*
321 * icache_line_size - get the safe I-cache line size across all CPUs
322 */
323	.macro	icache_line_size, reg, tmp
324	read_ctr	\tmp
325	and		\tmp, \tmp, #0xf	// cache line size encoding
326	mov		\reg, #4		// bytes per word
327	lsl		\reg, \reg, \tmp	// actual cache line size
328	.endm
329
330/*
331 * tcr_set_t0sz - update TCR.T0SZ so that we can load the ID map
332 */
333	.macro	tcr_set_t0sz, valreg, t0sz
334	bfi	\valreg, \t0sz, #TCR_T0SZ_OFFSET, #TCR_TxSZ_WIDTH
335	.endm
336
337/*
338 * tcr_set_t1sz - update TCR.T1SZ
339 */
340	.macro	tcr_set_t1sz, valreg, t1sz
341	bfi	\valreg, \t1sz, #TCR_T1SZ_OFFSET, #TCR_TxSZ_WIDTH
342	.endm
343
344/*
345 * tcr_compute_pa_size - set TCR.(I)PS to the highest supported
346 * ID_AA64MMFR0_EL1.PARange value
347 *
348 *	tcr:		register with the TCR_ELx value to be updated
349 *	pos:		IPS or PS bitfield position
350 *	tmp{0,1}:	temporary registers
351 */
352	.macro	tcr_compute_pa_size, tcr, pos, tmp0, tmp1
353	mrs	\tmp0, ID_AA64MMFR0_EL1
354	// Narrow PARange to fit the PS field in TCR_ELx
355	ubfx	\tmp0, \tmp0, #ID_AA64MMFR0_EL1_PARANGE_SHIFT, #3
356	mov	\tmp1, #ID_AA64MMFR0_EL1_PARANGE_MAX
357	cmp	\tmp0, \tmp1
358	csel	\tmp0, \tmp1, \tmp0, hi
359	bfi	\tcr, \tmp0, \pos, #3
360	.endm
361
362	.macro __dcache_op_workaround_clean_cache, op, addr
363alternative_if_not ARM64_WORKAROUND_CLEAN_CACHE
364	dc	\op, \addr
365alternative_else
366	dc	civac, \addr
367alternative_endif
368	.endm
369
370/*
371 * Macro to perform a data cache maintenance for the interval
372 * [start, end) with dcache line size explicitly provided.
373 *
374 * 	op:		operation passed to dc instruction
375 * 	domain:		domain used in dsb instruciton
376 * 	start:          starting virtual address of the region
377 * 	end:            end virtual address of the region
378 *	linesz:		dcache line size
379 * 	fixup:		optional label to branch to on user fault
380 * 	Corrupts:       start, end, tmp
381 */
382	.macro dcache_by_myline_op op, domain, start, end, linesz, tmp, fixup
383	sub	\tmp, \linesz, #1
384	bic	\start, \start, \tmp
385.Ldcache_op\@:
386	.ifc	\op, cvau
387	__dcache_op_workaround_clean_cache \op, \start
388	.else
389	.ifc	\op, cvac
390	__dcache_op_workaround_clean_cache \op, \start
391	.else
392	.ifc	\op, cvap
393	sys	3, c7, c12, 1, \start	// dc cvap
394	.else
395	.ifc	\op, cvadp
396	sys	3, c7, c13, 1, \start	// dc cvadp
397	.else
398	dc	\op, \start
399	.endif
400	.endif
401	.endif
402	.endif
403	add	\start, \start, \linesz
404	cmp	\start, \end
405	b.lo	.Ldcache_op\@
406	dsb	\domain
407
408	_cond_uaccess_extable .Ldcache_op\@, \fixup
409	.endm
410
411/*
412 * Macro to perform a data cache maintenance for the interval
413 * [start, end)
414 *
415 * 	op:		operation passed to dc instruction
416 * 	domain:		domain used in dsb instruciton
417 * 	start:          starting virtual address of the region
418 * 	end:            end virtual address of the region
419 * 	fixup:		optional label to branch to on user fault
420 * 	Corrupts:       start, end, tmp1, tmp2
421 */
422	.macro dcache_by_line_op op, domain, start, end, tmp1, tmp2, fixup
423	dcache_line_size \tmp1, \tmp2
424	dcache_by_myline_op \op, \domain, \start, \end, \tmp1, \tmp2, \fixup
425	.endm
426
427/*
428 * Macro to perform an instruction cache maintenance for the interval
429 * [start, end)
430 *
431 * 	start, end:	virtual addresses describing the region
432 *	fixup:		optional label to branch to on user fault
433 * 	Corrupts:	tmp1, tmp2
434 */
435	.macro invalidate_icache_by_line start, end, tmp1, tmp2, fixup
436	icache_line_size \tmp1, \tmp2
437	sub	\tmp2, \tmp1, #1
438	bic	\tmp2, \start, \tmp2
439.Licache_op\@:
440	ic	ivau, \tmp2			// invalidate I line PoU
441	add	\tmp2, \tmp2, \tmp1
442	cmp	\tmp2, \end
443	b.lo	.Licache_op\@
444	dsb	ish
445	isb
446
447	_cond_uaccess_extable .Licache_op\@, \fixup
448	.endm
449
450/*
451 * load_ttbr1 - install @pgtbl as a TTBR1 page table
452 * pgtbl preserved
453 * tmp1/tmp2 clobbered, either may overlap with pgtbl
454 */
455	.macro		load_ttbr1, pgtbl, tmp1, tmp2
456	phys_to_ttbr	\tmp1, \pgtbl
457	offset_ttbr1 	\tmp1, \tmp2
458	msr		ttbr1_el1, \tmp1
459	isb
460	.endm
461
462/*
463 * To prevent the possibility of old and new partial table walks being visible
464 * in the tlb, switch the ttbr to a zero page when we invalidate the old
465 * records. D4.7.1 'General TLB maintenance requirements' in ARM DDI 0487A.i
466 * Even switching to our copied tables will cause a changed output address at
467 * each stage of the walk.
468 */
469	.macro break_before_make_ttbr_switch zero_page, page_table, tmp, tmp2
470	phys_to_ttbr \tmp, \zero_page
471	msr	ttbr1_el1, \tmp
472	isb
473	tlbi	vmalle1
474	dsb	nsh
475	load_ttbr1 \page_table, \tmp, \tmp2
476	.endm
477
478/*
479 * reset_pmuserenr_el0 - reset PMUSERENR_EL0 if PMUv3 present
480 */
481	.macro	reset_pmuserenr_el0, tmpreg
482	mrs	\tmpreg, id_aa64dfr0_el1
483	sbfx	\tmpreg, \tmpreg, #ID_AA64DFR0_EL1_PMUVer_SHIFT, #4
484	cmp	\tmpreg, #1			// Skip if no PMU present
485	b.lt	9000f
486	msr	pmuserenr_el0, xzr		// Disable PMU access from EL0
4879000:
488	.endm
489
490/*
491 * reset_amuserenr_el0 - reset AMUSERENR_EL0 if AMUv1 present
492 */
493	.macro	reset_amuserenr_el0, tmpreg
494	mrs	\tmpreg, id_aa64pfr0_el1	// Check ID_AA64PFR0_EL1
495	ubfx	\tmpreg, \tmpreg, #ID_AA64PFR0_EL1_AMU_SHIFT, #4
496	cbz	\tmpreg, .Lskip_\@		// Skip if no AMU present
497	msr_s	SYS_AMUSERENR_EL0, xzr		// Disable AMU access from EL0
498.Lskip_\@:
499	.endm
500/*
501 * copy_page - copy src to dest using temp registers t1-t8
502 */
503	.macro copy_page dest:req src:req t1:req t2:req t3:req t4:req t5:req t6:req t7:req t8:req
5049998:	ldp	\t1, \t2, [\src]
505	ldp	\t3, \t4, [\src, #16]
506	ldp	\t5, \t6, [\src, #32]
507	ldp	\t7, \t8, [\src, #48]
508	add	\src, \src, #64
509	stnp	\t1, \t2, [\dest]
510	stnp	\t3, \t4, [\dest, #16]
511	stnp	\t5, \t6, [\dest, #32]
512	stnp	\t7, \t8, [\dest, #48]
513	add	\dest, \dest, #64
514	tst	\src, #(PAGE_SIZE - 1)
515	b.ne	9998b
516	.endm
517
518/*
519 * Annotate a function as being unsuitable for kprobes.
520 */
521#ifdef CONFIG_KPROBES
522#define NOKPROBE(x)				\
523	.pushsection "_kprobe_blacklist", "aw";	\
524	.quad	x;				\
525	.popsection;
526#else
527#define NOKPROBE(x)
528#endif
529
530#if defined(CONFIG_KASAN_GENERIC) || defined(CONFIG_KASAN_SW_TAGS)
531#define EXPORT_SYMBOL_NOKASAN(name)
532#else
533#define EXPORT_SYMBOL_NOKASAN(name)	EXPORT_SYMBOL(name)
534#endif
535
536	/*
537	 * Emit a 64-bit absolute little endian symbol reference in a way that
538	 * ensures that it will be resolved at build time, even when building a
539	 * PIE binary. This requires cooperation from the linker script, which
540	 * must emit the lo32/hi32 halves individually.
541	 */
542	.macro	le64sym, sym
543	.long	\sym\()_lo32
544	.long	\sym\()_hi32
545	.endm
546
547	/*
548	 * mov_q - move an immediate constant into a 64-bit register using
549	 *         between 2 and 4 movz/movk instructions (depending on the
550	 *         magnitude and sign of the operand)
551	 */
552	.macro	mov_q, reg, val
553	.if (((\val) >> 31) == 0 || ((\val) >> 31) == 0x1ffffffff)
554	movz	\reg, :abs_g1_s:\val
555	.else
556	.if (((\val) >> 47) == 0 || ((\val) >> 47) == 0x1ffff)
557	movz	\reg, :abs_g2_s:\val
558	.else
559	movz	\reg, :abs_g3:\val
560	movk	\reg, :abs_g2_nc:\val
561	.endif
562	movk	\reg, :abs_g1_nc:\val
563	.endif
564	movk	\reg, :abs_g0_nc:\val
565	.endm
566
567/*
568 * Return the current task_struct.
569 */
570	.macro	get_current_task, rd
571	mrs	\rd, sp_el0
572	.endm
573
574/*
575 * If the kernel is built for 52-bit virtual addressing but the hardware only
576 * supports 48 bits, we cannot program the pgdir address into TTBR1 directly,
577 * but we have to add an offset so that the TTBR1 address corresponds with the
578 * pgdir entry that covers the lowest 48-bit addressable VA.
579 *
580 * Note that this trick is only used for LVA/64k pages - LPA2/4k pages uses an
581 * additional paging level, and on LPA2/16k pages, we would end up with a root
582 * level table with only 2 entries, which is suboptimal in terms of TLB
583 * utilization, so there we fall back to 47 bits of translation if LPA2 is not
584 * supported.
585 *
586 * orr is used as it can cover the immediate value (and is idempotent).
587 * 	ttbr: Value of ttbr to set, modified.
588 */
589	.macro	offset_ttbr1, ttbr, tmp
590#if defined(CONFIG_ARM64_VA_BITS_52) && !defined(CONFIG_ARM64_LPA2)
591	mrs	\tmp, tcr_el1
592	and	\tmp, \tmp, #TCR_T1SZ_MASK
593	cmp	\tmp, #TCR_T1SZ(VA_BITS_MIN)
594	orr	\tmp, \ttbr, #TTBR1_BADDR_4852_OFFSET
595	csel	\ttbr, \tmp, \ttbr, eq
596#endif
597	.endm
598
599/*
600 * Arrange a physical address in a TTBR register, taking care of 52-bit
601 * addresses.
602 *
603 * 	phys:	physical address, preserved
604 * 	ttbr:	returns the TTBR value
605 */
606	.macro	phys_to_ttbr, ttbr, phys
607#ifdef CONFIG_ARM64_PA_BITS_52
608	orr	\ttbr, \phys, \phys, lsr #46
609	and	\ttbr, \ttbr, #TTBR_BADDR_MASK_52
610#else
611	mov	\ttbr, \phys
612#endif
613	.endm
614
615	.macro	phys_to_pte, pte, phys
616#ifdef CONFIG_ARM64_PA_BITS_52
617	orr	\pte, \phys, \phys, lsr #PTE_ADDR_HIGH_SHIFT
618	and	\pte, \pte, #PHYS_TO_PTE_ADDR_MASK
619#else
620	mov	\pte, \phys
621#endif
622	.endm
623
624/*
625 * tcr_clear_errata_bits - Clear TCR bits that trigger an errata on this CPU.
626 */
627	.macro	tcr_clear_errata_bits, tcr, tmp1, tmp2
628#ifdef CONFIG_FUJITSU_ERRATUM_010001
629	mrs	\tmp1, midr_el1
630
631	mov_q	\tmp2, MIDR_FUJITSU_ERRATUM_010001_MASK
632	and	\tmp1, \tmp1, \tmp2
633	mov_q	\tmp2, MIDR_FUJITSU_ERRATUM_010001
634	cmp	\tmp1, \tmp2
635	b.ne	10f
636
637	mov_q	\tmp2, TCR_CLEAR_FUJITSU_ERRATUM_010001
638	bic	\tcr, \tcr, \tmp2
63910:
640#endif /* CONFIG_FUJITSU_ERRATUM_010001 */
641	.endm
642
643/**
644 * Errata workaround prior to disable MMU. Insert an ISB immediately prior
645 * to executing the MSR that will change SCTLR_ELn[M] from a value of 1 to 0.
646 */
647	.macro pre_disable_mmu_workaround
648#ifdef CONFIG_QCOM_FALKOR_ERRATUM_E1041
649	isb
650#endif
651	.endm
652
653	/*
654	 * frame_push - Push @regcount callee saved registers to the stack,
655	 *              starting at x19, as well as x29/x30, and set x29 to
656	 *              the new value of sp. Add @extra bytes of stack space
657	 *              for locals.
658	 */
659	.macro		frame_push, regcount:req, extra
660	__frame		st, \regcount, \extra
661	.endm
662
663	/*
664	 * frame_pop  - Pop the callee saved registers from the stack that were
665	 *              pushed in the most recent call to frame_push, as well
666	 *              as x29/x30 and any extra stack space that may have been
667	 *              allocated.
668	 */
669	.macro		frame_pop
670	__frame		ld
671	.endm
672
673	.macro		__frame_regs, reg1, reg2, op, num
674	.if		.Lframe_regcount == \num
675	\op\()r		\reg1, [sp, #(\num + 1) * 8]
676	.elseif		.Lframe_regcount > \num
677	\op\()p		\reg1, \reg2, [sp, #(\num + 1) * 8]
678	.endif
679	.endm
680
681	.macro		__frame, op, regcount, extra=0
682	.ifc		\op, st
683	.if		(\regcount) < 0 || (\regcount) > 10
684	.error		"regcount should be in the range [0 ... 10]"
685	.endif
686	.if		((\extra) % 16) != 0
687	.error		"extra should be a multiple of 16 bytes"
688	.endif
689	.ifdef		.Lframe_regcount
690	.if		.Lframe_regcount != -1
691	.error		"frame_push/frame_pop may not be nested"
692	.endif
693	.endif
694	.set		.Lframe_regcount, \regcount
695	.set		.Lframe_extra, \extra
696	.set		.Lframe_local_offset, ((\regcount + 3) / 2) * 16
697	stp		x29, x30, [sp, #-.Lframe_local_offset - .Lframe_extra]!
698	mov		x29, sp
699	.endif
700
701	__frame_regs	x19, x20, \op, 1
702	__frame_regs	x21, x22, \op, 3
703	__frame_regs	x23, x24, \op, 5
704	__frame_regs	x25, x26, \op, 7
705	__frame_regs	x27, x28, \op, 9
706
707	.ifc		\op, ld
708	.if		.Lframe_regcount == -1
709	.error		"frame_push/frame_pop may not be nested"
710	.endif
711	ldp		x29, x30, [sp], #.Lframe_local_offset + .Lframe_extra
712	.set		.Lframe_regcount, -1
713	.endif
714	.endm
715
716/*
717 * Set SCTLR_ELx to the @reg value, and invalidate the local icache
718 * in the process. This is called when setting the MMU on.
719 */
720.macro set_sctlr, sreg, reg
721	msr	\sreg, \reg
722	isb
723	/*
724	 * Invalidate the local I-cache so that any instructions fetched
725	 * speculatively from the PoC are discarded, since they may have
726	 * been dynamically patched at the PoU.
727	 */
728	ic	iallu
729	dsb	nsh
730	isb
731.endm
732
733.macro set_sctlr_el1, reg
734	set_sctlr sctlr_el1, \reg
735.endm
736
737.macro set_sctlr_el2, reg
738	set_sctlr sctlr_el2, \reg
739.endm
740
741	/*
742	 * Check whether asm code should yield as soon as it is able. This is
743	 * the case if we are currently running in task context, and the
744	 * TIF_NEED_RESCHED flag is set. (Note that the TIF_NEED_RESCHED flag
745	 * is stored negated in the top word of the thread_info::preempt_count
746	 * field)
747	 */
748	.macro		cond_yield, lbl:req, tmp:req, tmp2
749#ifdef CONFIG_PREEMPT_VOLUNTARY
750	get_current_task \tmp
751	ldr		\tmp, [\tmp, #TSK_TI_PREEMPT]
752	/*
753	 * If we are serving a softirq, there is no point in yielding: the
754	 * softirq will not be preempted no matter what we do, so we should
755	 * run to completion as quickly as we can. The preempt_count field will
756	 * have BIT(SOFTIRQ_SHIFT) set in this case, so the zero check will
757	 * catch this case too.
758	 */
759	cbz		\tmp, \lbl
760#endif
761	.endm
762
763/*
764 * Branch Target Identifier (BTI)
765 */
766	.macro  bti, targets
767	.equ	.L__bti_targets_c, 34
768	.equ	.L__bti_targets_j, 36
769	.equ	.L__bti_targets_jc,38
770	hint	#.L__bti_targets_\targets
771	.endm
772
773/*
774 * This macro emits a program property note section identifying
775 * architecture features which require special handling, mainly for
776 * use in assembly files included in the VDSO.
777 */
778
779#define NT_GNU_PROPERTY_TYPE_0  5
780#define GNU_PROPERTY_AARCH64_FEATURE_1_AND      0xc0000000
781
782#define GNU_PROPERTY_AARCH64_FEATURE_1_BTI      (1U << 0)
783#define GNU_PROPERTY_AARCH64_FEATURE_1_PAC      (1U << 1)
784
785#ifdef CONFIG_ARM64_BTI_KERNEL
786#define GNU_PROPERTY_AARCH64_FEATURE_1_DEFAULT		\
787		((GNU_PROPERTY_AARCH64_FEATURE_1_BTI |	\
788		  GNU_PROPERTY_AARCH64_FEATURE_1_PAC))
789#endif
790
791#ifdef GNU_PROPERTY_AARCH64_FEATURE_1_DEFAULT
792.macro emit_aarch64_feature_1_and, feat=GNU_PROPERTY_AARCH64_FEATURE_1_DEFAULT
793	.pushsection .note.gnu.property, "a"
794	.align  3
795	.long   2f - 1f
796	.long   6f - 3f
797	.long   NT_GNU_PROPERTY_TYPE_0
7981:      .string "GNU"
7992:
800	.align  3
8013:      .long   GNU_PROPERTY_AARCH64_FEATURE_1_AND
802	.long   5f - 4f
8034:
804	/*
805	 * This is described with an array of char in the Linux API
806	 * spec but the text and all other usage (including binutils,
807	 * clang and GCC) treat this as a 32 bit value so no swizzling
808	 * is required for big endian.
809	 */
810	.long   \feat
8115:
812	.align  3
8136:
814	.popsection
815.endm
816
817#else
818.macro emit_aarch64_feature_1_and, feat=0
819.endm
820
821#endif /* GNU_PROPERTY_AARCH64_FEATURE_1_DEFAULT */
822
823	.macro __mitigate_spectre_bhb_loop      tmp
824#ifdef CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY
825alternative_cb ARM64_ALWAYS_SYSTEM, spectre_bhb_patch_loop_iter
826	mov	\tmp, #32		// Patched to correct the immediate
827alternative_cb_end
828.Lspectre_bhb_loop\@:
829	b	. + 4
830	subs	\tmp, \tmp, #1
831	b.ne	.Lspectre_bhb_loop\@
832	sb
833#endif /* CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY */
834	.endm
835
836	.macro mitigate_spectre_bhb_loop	tmp
837#ifdef CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY
838alternative_cb ARM64_ALWAYS_SYSTEM, spectre_bhb_patch_loop_mitigation_enable
839	b	.L_spectre_bhb_loop_done\@	// Patched to NOP
840alternative_cb_end
841	__mitigate_spectre_bhb_loop	\tmp
842.L_spectre_bhb_loop_done\@:
843#endif /* CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY */
844	.endm
845
846	/* Save/restores x0-x3 to the stack */
847	.macro __mitigate_spectre_bhb_fw
848#ifdef CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY
849	stp	x0, x1, [sp, #-16]!
850	stp	x2, x3, [sp, #-16]!
851	mov	w0, #ARM_SMCCC_ARCH_WORKAROUND_3
852alternative_cb ARM64_ALWAYS_SYSTEM, smccc_patch_fw_mitigation_conduit
853	nop					// Patched to SMC/HVC #0
854alternative_cb_end
855	ldp	x2, x3, [sp], #16
856	ldp	x0, x1, [sp], #16
857#endif /* CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY */
858	.endm
859
860	.macro mitigate_spectre_bhb_clear_insn
861#ifdef CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY
862alternative_cb ARM64_ALWAYS_SYSTEM, spectre_bhb_patch_clearbhb
863	/* Patched to NOP when not supported */
864	clearbhb
865	isb
866alternative_cb_end
867#endif /* CONFIG_MITIGATE_SPECTRE_BRANCH_HISTORY */
868	.endm
869#endif	/* __ASM_ASSEMBLER_H */
870