1/* SPDX-License-Identifier: GPL-2.0 */
2#ifndef _ASM_X86_ALTERNATIVE_H
3#define _ASM_X86_ALTERNATIVE_H
4
5#include <linux/types.h>
6#include <linux/stringify.h>
7#include <asm/asm.h>
8
9#define ALT_FLAGS_SHIFT		16
10
11#define ALT_FLAG_NOT		(1 << 0)
12#define ALT_NOT(feature)	((ALT_FLAG_NOT << ALT_FLAGS_SHIFT) | (feature))
13#define ALT_FLAG_DIRECT_CALL	(1 << 1)
14#define ALT_DIRECT_CALL(feature) ((ALT_FLAG_DIRECT_CALL << ALT_FLAGS_SHIFT) | (feature))
15#define ALT_CALL_ALWAYS		ALT_DIRECT_CALL(X86_FEATURE_ALWAYS)
16
17#ifndef __ASSEMBLY__
18
19#include <linux/stddef.h>
20
21/*
22 * Alternative inline assembly for SMP.
23 *
24 * The LOCK_PREFIX macro defined here replaces the LOCK and
25 * LOCK_PREFIX macros used everywhere in the source tree.
26 *
27 * SMP alternatives use the same data structures as the other
28 * alternatives and the X86_FEATURE_UP flag to indicate the case of a
29 * UP system running a SMP kernel.  The existing apply_alternatives()
30 * works fine for patching a SMP kernel for UP.
31 *
32 * The SMP alternative tables can be kept after boot and contain both
33 * UP and SMP versions of the instructions to allow switching back to
34 * SMP at runtime, when hotplugging in a new CPU, which is especially
35 * useful in virtualized environments.
36 *
37 * The very common lock prefix is handled as special case in a
38 * separate table which is a pure address list without replacement ptr
39 * and size information.  That keeps the table sizes small.
40 */
41
42#ifdef CONFIG_SMP
43#define LOCK_PREFIX_HERE \
44		".pushsection .smp_locks,\"a\"\n"	\
45		".balign 4\n"				\
46		".long 671f - .\n" /* offset */		\
47		".popsection\n"				\
48		"671:"
49
50#define LOCK_PREFIX LOCK_PREFIX_HERE "\n\tlock; "
51
52#else /* ! CONFIG_SMP */
53#define LOCK_PREFIX_HERE ""
54#define LOCK_PREFIX ""
55#endif
56
57/*
58 * objtool annotation to ignore the alternatives and only consider the original
59 * instruction(s).
60 */
61#define ANNOTATE_IGNORE_ALTERNATIVE				\
62	"999:\n\t"						\
63	".pushsection .discard.ignore_alts\n\t"			\
64	".long 999b\n\t"					\
65	".popsection\n\t"
66
67/*
68 * The patching flags are part of the upper bits of the @ft_flags parameter when
69 * specifying them. The split is currently like this:
70 *
71 * [31... flags ...16][15... CPUID feature bit ...0]
72 *
73 * but since this is all hidden in the macros argument being split, those fields can be
74 * extended in the future to fit in a u64 or however the need arises.
75 */
76struct alt_instr {
77	s32 instr_offset;	/* original instruction */
78	s32 repl_offset;	/* offset to replacement instruction */
79
80	union {
81		struct {
82			u32 cpuid: 16;	/* CPUID bit set for replacement */
83			u32 flags: 16;	/* patching control flags */
84		};
85		u32 ft_flags;
86	};
87
88	u8  instrlen;		/* length of original instruction */
89	u8  replacementlen;	/* length of new instruction */
90} __packed;
91
92extern struct alt_instr __alt_instructions[], __alt_instructions_end[];
93
94/*
95 * Debug flag that can be tested to see whether alternative
96 * instructions were patched in already:
97 */
98extern int alternatives_patched;
99
100extern void alternative_instructions(void);
101extern void apply_alternatives(struct alt_instr *start, struct alt_instr *end);
102extern void apply_retpolines(s32 *start, s32 *end);
103extern void apply_returns(s32 *start, s32 *end);
104extern void apply_seal_endbr(s32 *start, s32 *end);
105extern void apply_fineibt(s32 *start_retpoline, s32 *end_retpoine,
106			  s32 *start_cfi, s32 *end_cfi);
107
108struct module;
109
110struct callthunk_sites {
111	s32				*call_start, *call_end;
112	struct alt_instr		*alt_start, *alt_end;
113};
114
115#ifdef CONFIG_CALL_THUNKS
116extern void callthunks_patch_builtin_calls(void);
117extern void callthunks_patch_module_calls(struct callthunk_sites *sites,
118					  struct module *mod);
119extern void *callthunks_translate_call_dest(void *dest);
120extern int x86_call_depth_emit_accounting(u8 **pprog, void *func, void *ip);
121#else
122static __always_inline void callthunks_patch_builtin_calls(void) {}
123static __always_inline void
124callthunks_patch_module_calls(struct callthunk_sites *sites,
125			      struct module *mod) {}
126static __always_inline void *callthunks_translate_call_dest(void *dest)
127{
128	return dest;
129}
130static __always_inline int x86_call_depth_emit_accounting(u8 **pprog,
131							  void *func, void *ip)
132{
133	return 0;
134}
135#endif
136
137#ifdef CONFIG_SMP
138extern void alternatives_smp_module_add(struct module *mod, char *name,
139					void *locks, void *locks_end,
140					void *text, void *text_end);
141extern void alternatives_smp_module_del(struct module *mod);
142extern void alternatives_enable_smp(void);
143extern int alternatives_text_reserved(void *start, void *end);
144extern bool skip_smp_alternatives;
145#else
146static inline void alternatives_smp_module_add(struct module *mod, char *name,
147					       void *locks, void *locks_end,
148					       void *text, void *text_end) {}
149static inline void alternatives_smp_module_del(struct module *mod) {}
150static inline void alternatives_enable_smp(void) {}
151static inline int alternatives_text_reserved(void *start, void *end)
152{
153	return 0;
154}
155#endif	/* CONFIG_SMP */
156
157#define ALT_CALL_INSTR		"call BUG_func"
158
159#define b_replacement(num)	"664"#num
160#define e_replacement(num)	"665"#num
161
162#define alt_end_marker		"663"
163#define alt_slen		"662b-661b"
164#define alt_total_slen		alt_end_marker"b-661b"
165#define alt_rlen(num)		e_replacement(num)"f-"b_replacement(num)"f"
166
167#define OLDINSTR(oldinstr, num)						\
168	"# ALT: oldnstr\n"						\
169	"661:\n\t" oldinstr "\n662:\n"					\
170	"# ALT: padding\n"						\
171	".skip -(((" alt_rlen(num) ")-(" alt_slen ")) > 0) * "		\
172		"((" alt_rlen(num) ")-(" alt_slen ")),0x90\n"		\
173	alt_end_marker ":\n"
174
175/*
176 * gas compatible max based on the idea from:
177 * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
178 *
179 * The additional "-" is needed because gas uses a "true" value of -1.
180 */
181#define alt_max_short(a, b)	"((" a ") ^ (((" a ") ^ (" b ")) & -(-((" a ") < (" b ")))))"
182
183/*
184 * Pad the second replacement alternative with additional NOPs if it is
185 * additionally longer than the first replacement alternative.
186 */
187#define OLDINSTR_2(oldinstr, num1, num2) \
188	"# ALT: oldinstr2\n"									\
189	"661:\n\t" oldinstr "\n662:\n"								\
190	"# ALT: padding2\n"									\
191	".skip -((" alt_max_short(alt_rlen(num1), alt_rlen(num2)) " - (" alt_slen ")) > 0) * "	\
192		"(" alt_max_short(alt_rlen(num1), alt_rlen(num2)) " - (" alt_slen ")), 0x90\n"	\
193	alt_end_marker ":\n"
194
195#define OLDINSTR_3(oldinsn, n1, n2, n3)								\
196	"# ALT: oldinstr3\n"									\
197	"661:\n\t" oldinsn "\n662:\n"								\
198	"# ALT: padding3\n"									\
199	".skip -((" alt_max_short(alt_max_short(alt_rlen(n1), alt_rlen(n2)), alt_rlen(n3))	\
200		" - (" alt_slen ")) > 0) * "							\
201		"(" alt_max_short(alt_max_short(alt_rlen(n1), alt_rlen(n2)), alt_rlen(n3))	\
202		" - (" alt_slen ")), 0x90\n"							\
203	alt_end_marker ":\n"
204
205#define ALTINSTR_ENTRY(ft_flags, num)					      \
206	" .long 661b - .\n"				/* label           */ \
207	" .long " b_replacement(num)"f - .\n"		/* new instruction */ \
208	" .4byte " __stringify(ft_flags) "\n"		/* feature + flags */ \
209	" .byte " alt_total_slen "\n"			/* source len      */ \
210	" .byte " alt_rlen(num) "\n"			/* replacement len */
211
212#define ALTINSTR_REPLACEMENT(newinstr, num)		/* replacement */	\
213	"# ALT: replacement " #num "\n"						\
214	b_replacement(num)":\n\t" newinstr "\n" e_replacement(num) ":\n"
215
216/* alternative assembly primitive: */
217#define ALTERNATIVE(oldinstr, newinstr, ft_flags)			\
218	OLDINSTR(oldinstr, 1)						\
219	".pushsection .altinstructions,\"a\"\n"				\
220	ALTINSTR_ENTRY(ft_flags, 1)					\
221	".popsection\n"							\
222	".pushsection .altinstr_replacement, \"ax\"\n"			\
223	ALTINSTR_REPLACEMENT(newinstr, 1)				\
224	".popsection\n"
225
226#define ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \
227	OLDINSTR_2(oldinstr, 1, 2)					\
228	".pushsection .altinstructions,\"a\"\n"				\
229	ALTINSTR_ENTRY(ft_flags1, 1)					\
230	ALTINSTR_ENTRY(ft_flags2, 2)					\
231	".popsection\n"							\
232	".pushsection .altinstr_replacement, \"ax\"\n"			\
233	ALTINSTR_REPLACEMENT(newinstr1, 1)				\
234	ALTINSTR_REPLACEMENT(newinstr2, 2)				\
235	".popsection\n"
236
237/* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */
238#define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
239	ALTERNATIVE_2(oldinstr, newinstr_no, X86_FEATURE_ALWAYS,	\
240		      newinstr_yes, ft_flags)
241
242#define ALTERNATIVE_3(oldinsn, newinsn1, ft_flags1, newinsn2, ft_flags2, \
243			newinsn3, ft_flags3)				\
244	OLDINSTR_3(oldinsn, 1, 2, 3)					\
245	".pushsection .altinstructions,\"a\"\n"				\
246	ALTINSTR_ENTRY(ft_flags1, 1)					\
247	ALTINSTR_ENTRY(ft_flags2, 2)					\
248	ALTINSTR_ENTRY(ft_flags3, 3)					\
249	".popsection\n"							\
250	".pushsection .altinstr_replacement, \"ax\"\n"			\
251	ALTINSTR_REPLACEMENT(newinsn1, 1)				\
252	ALTINSTR_REPLACEMENT(newinsn2, 2)				\
253	ALTINSTR_REPLACEMENT(newinsn3, 3)				\
254	".popsection\n"
255
256/*
257 * Alternative instructions for different CPU types or capabilities.
258 *
259 * This allows to use optimized instructions even on generic binary
260 * kernels.
261 *
262 * length of oldinstr must be longer or equal the length of newinstr
263 * It can be padded with nops as needed.
264 *
265 * For non barrier like inlines please define new variants
266 * without volatile and memory clobber.
267 */
268#define alternative(oldinstr, newinstr, ft_flags)			\
269	asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags) : : : "memory")
270
271#define alternative_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \
272	asm_inline volatile(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) ::: "memory")
273
274#define alternative_ternary(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
275	asm_inline volatile(ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) ::: "memory")
276
277/*
278 * Alternative inline assembly with input.
279 *
280 * Peculiarities:
281 * No memory clobber here.
282 * Argument numbers start with 1.
283 * Leaving an unused argument 0 to keep API compatibility.
284 */
285#define alternative_input(oldinstr, newinstr, ft_flags, input...)	\
286	asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags)	\
287		: : "i" (0), ## input)
288
289/*
290 * This is similar to alternative_input. But it has two features and
291 * respective instructions.
292 *
293 * If CPU has feature2, newinstr2 is used.
294 * Otherwise, if CPU has feature1, newinstr1 is used.
295 * Otherwise, oldinstr is used.
296 */
297#define alternative_input_2(oldinstr, newinstr1, ft_flags1, newinstr2,	     \
298			   ft_flags2, input...)				     \
299	asm_inline volatile(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1,     \
300		newinstr2, ft_flags2)					     \
301		: : "i" (0), ## input)
302
303/* Like alternative_input, but with a single output argument */
304#define alternative_io(oldinstr, newinstr, ft_flags, output, input...)	\
305	asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, ft_flags)	\
306		: output : "i" (0), ## input)
307
308/* Like alternative_io, but for replacing a direct call with another one. */
309#define alternative_call(oldfunc, newfunc, ft_flags, output, input...)	\
310	asm_inline volatile (ALTERNATIVE("call %P[old]", "call %P[new]", ft_flags) \
311		: output : [old] "i" (oldfunc), [new] "i" (newfunc), ## input)
312
313/*
314 * Like alternative_call, but there are two features and respective functions.
315 * If CPU has feature2, function2 is used.
316 * Otherwise, if CPU has feature1, function1 is used.
317 * Otherwise, old function is used.
318 */
319#define alternative_call_2(oldfunc, newfunc1, ft_flags1, newfunc2, ft_flags2,   \
320			   output, input...)				      \
321	asm_inline volatile (ALTERNATIVE_2("call %P[old]", "call %P[new1]", ft_flags1,\
322		"call %P[new2]", ft_flags2)				      \
323		: output, ASM_CALL_CONSTRAINT				      \
324		: [old] "i" (oldfunc), [new1] "i" (newfunc1),		      \
325		  [new2] "i" (newfunc2), ## input)
326
327/*
328 * use this macro(s) if you need more than one output parameter
329 * in alternative_io
330 */
331#define ASM_OUTPUT2(a...) a
332
333/*
334 * use this macro if you need clobbers but no inputs in
335 * alternative_{input,io,call}()
336 */
337#define ASM_NO_INPUT_CLOBBER(clbr...) "i" (0) : clbr
338
339/* Macro for creating assembler functions avoiding any C magic. */
340#define DEFINE_ASM_FUNC(func, instr, sec)		\
341	asm (".pushsection " #sec ", \"ax\"\n"		\
342	     ".global " #func "\n\t"			\
343	     ".type " #func ", @function\n\t"		\
344	     ASM_FUNC_ALIGN "\n"			\
345	     #func ":\n\t"				\
346	     ASM_ENDBR					\
347	     instr "\n\t"				\
348	     ASM_RET					\
349	     ".size " #func ", . - " #func "\n\t"	\
350	     ".popsection")
351
352void BUG_func(void);
353void nop_func(void);
354
355#else /* __ASSEMBLY__ */
356
357#ifdef CONFIG_SMP
358	.macro LOCK_PREFIX
359672:	lock
360	.pushsection .smp_locks,"a"
361	.balign 4
362	.long 672b - .
363	.popsection
364	.endm
365#else
366	.macro LOCK_PREFIX
367	.endm
368#endif
369
370/*
371 * objtool annotation to ignore the alternatives and only consider the original
372 * instruction(s).
373 */
374.macro ANNOTATE_IGNORE_ALTERNATIVE
375	.Lannotate_\@:
376	.pushsection .discard.ignore_alts
377	.long .Lannotate_\@
378	.popsection
379.endm
380
381/*
382 * Issue one struct alt_instr descriptor entry (need to put it into
383 * the section .altinstructions, see below). This entry contains
384 * enough information for the alternatives patching code to patch an
385 * instruction. See apply_alternatives().
386 */
387.macro altinstr_entry orig alt ft_flags orig_len alt_len
388	.long \orig - .
389	.long \alt - .
390	.4byte \ft_flags
391	.byte \orig_len
392	.byte \alt_len
393.endm
394
395.macro ALT_CALL_INSTR
396	call BUG_func
397.endm
398
399/*
400 * Define an alternative between two instructions. If @feature is
401 * present, early code in apply_alternatives() replaces @oldinstr with
402 * @newinstr. ".skip" directive takes care of proper instruction padding
403 * in case @newinstr is longer than @oldinstr.
404 */
405.macro ALTERNATIVE oldinstr, newinstr, ft_flags
406140:
407	\oldinstr
408141:
409	.skip -(((144f-143f)-(141b-140b)) > 0) * ((144f-143f)-(141b-140b)),0x90
410142:
411
412	.pushsection .altinstructions,"a"
413	altinstr_entry 140b,143f,\ft_flags,142b-140b,144f-143f
414	.popsection
415
416	.pushsection .altinstr_replacement,"ax"
417143:
418	\newinstr
419144:
420	.popsection
421.endm
422
423#define old_len			141b-140b
424#define new_len1		144f-143f
425#define new_len2		145f-144f
426#define new_len3		146f-145f
427
428/*
429 * gas compatible max based on the idea from:
430 * http://graphics.stanford.edu/~seander/bithacks.html#IntegerMinOrMax
431 *
432 * The additional "-" is needed because gas uses a "true" value of -1.
433 */
434#define alt_max_2(a, b)		((a) ^ (((a) ^ (b)) & -(-((a) < (b)))))
435#define alt_max_3(a, b, c)	(alt_max_2(alt_max_2(a, b), c))
436
437
438/*
439 * Same as ALTERNATIVE macro above but for two alternatives. If CPU
440 * has @feature1, it replaces @oldinstr with @newinstr1. If CPU has
441 * @feature2, it replaces @oldinstr with @feature2.
442 */
443.macro ALTERNATIVE_2 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2
444140:
445	\oldinstr
446141:
447	.skip -((alt_max_2(new_len1, new_len2) - (old_len)) > 0) * \
448		(alt_max_2(new_len1, new_len2) - (old_len)),0x90
449142:
450
451	.pushsection .altinstructions,"a"
452	altinstr_entry 140b,143f,\ft_flags1,142b-140b,144f-143f
453	altinstr_entry 140b,144f,\ft_flags2,142b-140b,145f-144f
454	.popsection
455
456	.pushsection .altinstr_replacement,"ax"
457143:
458	\newinstr1
459144:
460	\newinstr2
461145:
462	.popsection
463.endm
464
465.macro ALTERNATIVE_3 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2, newinstr3, ft_flags3
466140:
467	\oldinstr
468141:
469	.skip -((alt_max_3(new_len1, new_len2, new_len3) - (old_len)) > 0) * \
470		(alt_max_3(new_len1, new_len2, new_len3) - (old_len)),0x90
471142:
472
473	.pushsection .altinstructions,"a"
474	altinstr_entry 140b,143f,\ft_flags1,142b-140b,144f-143f
475	altinstr_entry 140b,144f,\ft_flags2,142b-140b,145f-144f
476	altinstr_entry 140b,145f,\ft_flags3,142b-140b,146f-145f
477	.popsection
478
479	.pushsection .altinstr_replacement,"ax"
480143:
481	\newinstr1
482144:
483	\newinstr2
484145:
485	\newinstr3
486146:
487	.popsection
488.endm
489
490/* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */
491#define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
492	ALTERNATIVE_2 oldinstr, newinstr_no, X86_FEATURE_ALWAYS,	\
493	newinstr_yes, ft_flags
494
495#endif /* __ASSEMBLY__ */
496
497#endif /* _ASM_X86_ALTERNATIVE_H */
498