1
/* SPDX-License-Identifier: GPL-2.0 */
2
#ifndef _ASM_X86_ALTERNATIVE_H
3
#define _ASM_X86_ALTERNATIVE_H
4

5
#include <linux/types.h>
6
#include <linux/stringify.h>
7
#include <linux/objtool.h>
8
#include <asm/asm.h>
9
#include <asm/bug.h>
10

11
#define ALT_FLAGS_SHIFT		16
12

13
#define ALT_FLAG_NOT		(1 << 0)
14
#define ALT_NOT(feature)	((ALT_FLAG_NOT << ALT_FLAGS_SHIFT) | (feature))
15
#define ALT_FLAG_DIRECT_CALL	(1 << 1)
16
#define ALT_DIRECT_CALL(feature) ((ALT_FLAG_DIRECT_CALL << ALT_FLAGS_SHIFT) | (feature))
17
#define ALT_CALL_ALWAYS		ALT_DIRECT_CALL(X86_FEATURE_ALWAYS)
18

19
#ifndef __ASSEMBLER__
20

21
#include <linux/stddef.h>
22

23
/*
24
 * Alternative inline assembly for SMP.
25
 *
26
 * The LOCK_PREFIX macro defined here replaces the LOCK and
27
 * LOCK_PREFIX macros used everywhere in the source tree.
28
 *
29
 * SMP alternatives use the same data structures as the other
30
 * alternatives and the X86_FEATURE_UP flag to indicate the case of a
31
 * UP system running a SMP kernel.  The existing apply_alternatives()
32
 * works fine for patching a SMP kernel for UP.
33
 *
34
 * The SMP alternative tables can be kept after boot and contain both
35
 * UP and SMP versions of the instructions to allow switching back to
36
 * SMP at runtime, when hotplugging in a new CPU, which is especially
37
 * useful in virtualized environments.
38
 *
39
 * The very common lock prefix is handled as special case in a
40
 * separate table which is a pure address list without replacement ptr
41
 * and size information.  That keeps the table sizes small.
42
 */
43

44
#ifdef CONFIG_SMP
45
#define LOCK_PREFIX_HERE \
46
		".pushsection .smp_locks,\"a\"\n"	\
47
		".balign 4\n"				\
48
		".long 671f - .\n" /* offset */		\
49
		".popsection\n"				\
50
		"671:"
51

52
#define LOCK_PREFIX LOCK_PREFIX_HERE "\n\tlock "
53

54
#else /* ! CONFIG_SMP */
55
#define LOCK_PREFIX_HERE ""
56
#define LOCK_PREFIX ""
57
#endif
58

59
/*
60
 * The patching flags are part of the upper bits of the @ft_flags parameter when
61
 * specifying them. The split is currently like this:
62
 *
63
 * [31... flags ...16][15... CPUID feature bit ...0]
64
 *
65
 * but since this is all hidden in the macros argument being split, those fields can be
66
 * extended in the future to fit in a u64 or however the need arises.
67
 */
68
struct alt_instr {
69
	s32 instr_offset;	/* original instruction */
70
	s32 repl_offset;	/* offset to replacement instruction */
71

72
	union {
73
		struct {
74
			u32 cpuid: 16;	/* CPUID bit set for replacement */
75
			u32 flags: 16;	/* patching control flags */
76
		};
77
		u32 ft_flags;
78
	};
79

80
	u8  instrlen;		/* length of original instruction */
81
	u8  replacementlen;	/* length of new instruction */
82
} __packed;
83

84
extern struct alt_instr __alt_instructions[], __alt_instructions_end[];
85

86
extern s32 __retpoline_sites[], __retpoline_sites_end[];
87
extern s32 __return_sites[],	__return_sites_end[];
88
extern s32 __cfi_sites[],	__cfi_sites_end[];
89
extern s32 __ibt_endbr_seal[],	__ibt_endbr_seal_end[];
90
extern s32 __smp_locks[],	__smp_locks_end[];
91

92
/*
93
 * Debug flag that can be tested to see whether alternative
94
 * instructions were patched in already:
95
 */
96
extern int alternatives_patched;
97

98
extern void alternative_instructions(void);
99
extern void apply_alternatives(struct alt_instr *start, struct alt_instr *end);
100
extern void apply_retpolines(s32 *start, s32 *end);
101
extern void apply_returns(s32 *start, s32 *end);
102
extern void apply_seal_endbr(s32 *start, s32 *end);
103
extern void apply_fineibt(s32 *start_retpoline, s32 *end_retpoine,
104
			  s32 *start_cfi, s32 *end_cfi);
105

106
struct module;
107

108
struct callthunk_sites {
109
	s32				*call_start, *call_end;
110
};
111

112
#ifdef CONFIG_CALL_THUNKS
113
extern void callthunks_patch_builtin_calls(void);
114
extern void callthunks_patch_module_calls(struct callthunk_sites *sites,
115
					  struct module *mod);
116
extern void *callthunks_translate_call_dest(void *dest);
117
extern int x86_call_depth_emit_accounting(u8 **pprog, void *func, void *ip);
118
#else
119
static __always_inline void callthunks_patch_builtin_calls(void) {}
120
static __always_inline void
121
callthunks_patch_module_calls(struct callthunk_sites *sites,
122
			      struct module *mod) {}
123
static __always_inline void *callthunks_translate_call_dest(void *dest)
124
{
125
	return dest;
126
}
127
static __always_inline int x86_call_depth_emit_accounting(u8 **pprog,
128
							  void *func, void *ip)
129
{
130
	return 0;
131
}
132
#endif
133

134
#ifdef CONFIG_MITIGATION_ITS
135
extern void its_init_mod(struct module *mod);
136
extern void its_fini_mod(struct module *mod);
137
extern void its_free_mod(struct module *mod);
138
extern u8 *its_static_thunk(int reg);
139
#else /* CONFIG_MITIGATION_ITS */
140
static inline void its_init_mod(struct module *mod) { }
141
static inline void its_fini_mod(struct module *mod) { }
142
static inline void its_free_mod(struct module *mod) { }
143
static inline u8 *its_static_thunk(int reg)
144
{
145
	WARN_ONCE(1, "ITS not compiled in");
146

147
	return NULL;
148
}
149
#endif
150

151
#if defined(CONFIG_MITIGATION_RETHUNK) && defined(CONFIG_OBJTOOL)
152
extern bool cpu_wants_rethunk(void);
153
extern bool cpu_wants_rethunk_at(void *addr);
154
#else
155
static __always_inline bool cpu_wants_rethunk(void)
156
{
157
	return false;
158
}
159
static __always_inline bool cpu_wants_rethunk_at(void *addr)
160
{
161
	return false;
162
}
163
#endif
164

165
#ifdef CONFIG_SMP
166
extern void alternatives_smp_module_add(struct module *mod, char *name,
167
					void *locks, void *locks_end,
168
					void *text, void *text_end);
169
extern void alternatives_smp_module_del(struct module *mod);
170
extern void alternatives_enable_smp(void);
171
extern int alternatives_text_reserved(void *start, void *end);
172
extern bool skip_smp_alternatives;
173
#else
174
static inline void alternatives_smp_module_add(struct module *mod, char *name,
175
					       void *locks, void *locks_end,
176
					       void *text, void *text_end) {}
177
static inline void alternatives_smp_module_del(struct module *mod) {}
178
static inline void alternatives_enable_smp(void) {}
179
static inline int alternatives_text_reserved(void *start, void *end)
180
{
181
	return 0;
182
}
183
#endif	/* CONFIG_SMP */
184

185
#define ALT_CALL_INSTR		"call BUG_func"
186

187
#define alt_slen		"772b-771b"
188
#define alt_total_slen		"773b-771b"
189
#define alt_rlen		"775f-774f"
190

191
#define OLDINSTR(oldinstr)						\
192
	"# ALT: oldinstr\n"						\
193
	"771:\n\t" oldinstr "\n772:\n"					\
194
	"# ALT: padding\n"						\
195
	".skip -(((" alt_rlen ")-(" alt_slen ")) > 0) * "		\
196
		"((" alt_rlen ")-(" alt_slen ")),0x90\n"		\
197
	"773:\n"
198

199
#define ALTINSTR_ENTRY(ft_flags)					      \
200
	".pushsection .altinstructions, \"aM\", @progbits, "		      \
201
		      __stringify(ALT_INSTR_SIZE) "\n"			      \
202
	" .long 771b - .\n"				/* label           */ \
203
	" .long 774f - .\n"				/* new instruction */ \
204
	" .4byte " __stringify(ft_flags) "\n"		/* feature + flags */ \
205
	" .byte " alt_total_slen "\n"			/* source len      */ \
206
	" .byte " alt_rlen "\n"				/* replacement len */ \
207
	".popsection\n"
208

209
#define ALTINSTR_REPLACEMENT(newinstr)		/* replacement */	\
210
	".pushsection .altinstr_replacement, \"ax\"\n"			\
211
	ANNOTATE_DATA_SPECIAL "\n"					\
212
	"# ALT: replacement\n"						\
213
	"774:\n\t" newinstr "\n775:\n"					\
214
	".popsection\n"
215

216
/* alternative assembly primitive: */
217
#define ALTERNATIVE(oldinstr, newinstr, ft_flags)			\
218
	OLDINSTR(oldinstr)						\
219
	ALTINSTR_ENTRY(ft_flags)					\
220
	ALTINSTR_REPLACEMENT(newinstr)
221

222
#define ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \
223
	ALTERNATIVE(ALTERNATIVE(oldinstr, newinstr1, ft_flags1), newinstr2, ft_flags2)
224

225
/* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */
226
#define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
227
	ALTERNATIVE_2(oldinstr, newinstr_no, X86_FEATURE_ALWAYS, newinstr_yes, ft_flags)
228

229
#define ALTERNATIVE_3(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2, \
230
			newinstr3, ft_flags3)				\
231
	ALTERNATIVE(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2), \
232
		      newinstr3, ft_flags3)
233

234
/*
235
 * Alternative instructions for different CPU types or capabilities.
236
 *
237
 * This allows to use optimized instructions even on generic binary
238
 * kernels.
239
 *
240
 * length of oldinstr must be longer or equal the length of newinstr
241
 * It can be padded with nops as needed.
242
 *
243
 * For non barrier like inlines please define new variants
244
 * without volatile and memory clobber.
245
 */
246
#define alternative(oldinstr, newinstr, ft_flags)			\
247
	asm_inline volatile(ALTERNATIVE(oldinstr, newinstr, ft_flags) : : : "memory")
248

249
#define alternative_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) \
250
	asm_inline volatile(ALTERNATIVE_2(oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2) ::: "memory")
251

252
/*
253
 * Alternative inline assembly with input.
254
 *
255
 * Peculiarities:
256
 * No memory clobber here.
257
 * Argument numbers start with 1.
258
 * Leaving an unused argument 0 to keep API compatibility.
259
 */
260
#define alternative_input(oldinstr, newinstr, ft_flags, input...)	\
261
	asm_inline volatile(ALTERNATIVE(oldinstr, newinstr, ft_flags) \
262
		: : "i" (0), ## input)
263

264
/* Like alternative_input, but with a single output argument */
265
#define alternative_io(oldinstr, newinstr, ft_flags, output, input...)	\
266
	asm_inline volatile(ALTERNATIVE(oldinstr, newinstr, ft_flags)	\
267
		: output : "i" (0), ## input)
268

269
/*
270
 * Like alternative_io, but for replacing a direct call with another one.
271
 *
272
 * Use the %c operand modifier which is the generic way to print a bare
273
 * constant expression with all syntax-specific punctuation omitted. %P
274
 * is the x86-specific variant which can handle constants too, for
275
 * historical reasons, but it should be used primarily for PIC
276
 * references: i.e., if used for a function, it would add the PLT
277
 * suffix.
278
 */
279
#define alternative_call(oldfunc, newfunc, ft_flags, output, input, clobbers...)	\
280
	asm_inline volatile(ALTERNATIVE("call %c[old]", "call %c[new]", ft_flags)	\
281
		: ALT_OUTPUT_SP(output)							\
282
		: [old] "i" (oldfunc), [new] "i" (newfunc)				\
283
		  COMMA(input)								\
284
		: clobbers)
285

286
/*
287
 * Like alternative_call, but there are two features and respective functions.
288
 * If CPU has feature2, function2 is used.
289
 * Otherwise, if CPU has feature1, function1 is used.
290
 * Otherwise, old function is used.
291
 */
292
#define alternative_call_2(oldfunc, newfunc1, ft_flags1, newfunc2, ft_flags2,		\
293
			   output, input, clobbers...)					\
294
	asm_inline volatile(ALTERNATIVE_2("call %c[old]", "call %c[new1]", ft_flags1,	\
295
		"call %c[new2]", ft_flags2)						\
296
		: ALT_OUTPUT_SP(output)							\
297
		: [old] "i" (oldfunc), [new1] "i" (newfunc1),				\
298
		  [new2] "i" (newfunc2)							\
299
		  COMMA(input)								\
300
		: clobbers)
301

302
#define ALT_OUTPUT_SP(...) ASM_CALL_CONSTRAINT, ## __VA_ARGS__
303

304
/* Macro for creating assembler functions avoiding any C magic. */
305
#define DEFINE_ASM_FUNC(func, instr, sec)		\
306
	asm (".pushsection " #sec ", \"ax\"\n"		\
307
	     ".global " #func "\n\t"			\
308
	     ".type " #func ", @function\n\t"		\
309
	     ASM_FUNC_ALIGN "\n"			\
310
	     #func ":\n\t"				\
311
	     ASM_ENDBR					\
312
	     instr "\n\t"				\
313
	     ASM_RET					\
314
	     ".size " #func ", . - " #func "\n\t"	\
315
	     ".popsection")
316

317
void BUG_func(void);
318
void nop_func(void);
319

320
#else /* __ASSEMBLER__ */
321

322
#ifdef CONFIG_SMP
323
	.macro LOCK_PREFIX
324
672:	lock
325
	.pushsection .smp_locks,"a"
326
	.balign 4
327
	.long 672b - .
328
	.popsection
329
	.endm
330
#else
331
	.macro LOCK_PREFIX
332
	.endm
333
#endif
334

335
/*
336
 * Issue one struct alt_instr descriptor entry (need to put it into
337
 * the section .altinstructions, see below). This entry contains
338
 * enough information for the alternatives patching code to patch an
339
 * instruction. See apply_alternatives().
340
 */
341
.macro altinstr_entry orig alt ft_flags orig_len alt_len
342
	.long \orig - .
343
	.long \alt - .
344
	.4byte \ft_flags
345
	.byte \orig_len
346
	.byte \alt_len
347
.endm
348

349
.macro ALT_CALL_INSTR
350
	call BUG_func
351
.endm
352

353
/*
354
 * Define an alternative between two instructions. If @feature is
355
 * present, early code in apply_alternatives() replaces @oldinstr with
356
 * @newinstr. ".skip" directive takes care of proper instruction padding
357
 * in case @newinstr is longer than @oldinstr.
358
 */
359
#define __ALTERNATIVE(oldinst, newinst, flag)				\
360
740:									\
361
	oldinst	;							\
362
741:									\
363
	.skip -(((744f-743f)-(741b-740b)) > 0) * ((744f-743f)-(741b-740b)),0x90	;\
364
742:									\
365
	.pushsection .altinstructions, "aM", @progbits, ALT_INSTR_SIZE ;\
366
	altinstr_entry 740b,743f,flag,742b-740b,744f-743f ;		\
367
	.popsection ;							\
368
	.pushsection .altinstr_replacement,"ax"	;			\
369
743:									\
370
	ANNOTATE_DATA_SPECIAL ;						\
371
	newinst	;							\
372
744:									\
373
	.popsection ;
374

375
.macro ALTERNATIVE oldinstr, newinstr, ft_flags
376
	__ALTERNATIVE(\oldinstr, \newinstr, \ft_flags)
377
.endm
378

379
/*
380
 * Same as ALTERNATIVE macro above but for two alternatives. If CPU
381
 * has @feature1, it replaces @oldinstr with @newinstr1. If CPU has
382
 * @feature2, it replaces @oldinstr with @feature2.
383
 */
384
.macro ALTERNATIVE_2 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2
385
	__ALTERNATIVE(__ALTERNATIVE(\oldinstr, \newinstr1, \ft_flags1),
386
		      \newinstr2, \ft_flags2)
387
.endm
388

389
.macro ALTERNATIVE_3 oldinstr, newinstr1, ft_flags1, newinstr2, ft_flags2, newinstr3, ft_flags3
390
	__ALTERNATIVE(ALTERNATIVE_2(\oldinstr, \newinstr1, \ft_flags1, \newinstr2, \ft_flags2),
391
		      \newinstr3, \ft_flags3)
392
.endm
393

394
/* If @feature is set, patch in @newinstr_yes, otherwise @newinstr_no. */
395
#define ALTERNATIVE_TERNARY(oldinstr, ft_flags, newinstr_yes, newinstr_no) \
396
	ALTERNATIVE_2 oldinstr, newinstr_no, X86_FEATURE_ALWAYS,	\
397
	newinstr_yes, ft_flags
398

399
#endif /* __ASSEMBLER__ */
400

401
#endif /* _ASM_X86_ALTERNATIVE_H */
402

403