]>
Commit | Line | Data |
---|---|---|
caab277b | 1 | // SPDX-License-Identifier: GPL-2.0-only |
b3901d54 CM |
2 | /* |
3 | * Based on arch/arm/mm/context.c | |
4 | * | |
5 | * Copyright (C) 2002-2003 Deep Blue Solutions Ltd, all rights reserved. | |
6 | * Copyright (C) 2012 ARM Ltd. | |
b3901d54 CM |
7 | */ |
8 | ||
25b92693 | 9 | #include <linux/bitfield.h> |
5aec715d | 10 | #include <linux/bitops.h> |
b3901d54 | 11 | #include <linux/sched.h> |
5aec715d | 12 | #include <linux/slab.h> |
b3901d54 | 13 | #include <linux/mm.h> |
b3901d54 | 14 | |
5aec715d | 15 | #include <asm/cpufeature.h> |
b3901d54 | 16 | #include <asm/mmu_context.h> |
13f417f3 | 17 | #include <asm/smp.h> |
b3901d54 | 18 | #include <asm/tlbflush.h> |
b3901d54 | 19 | |
5aec715d WD |
20 | static u32 asid_bits; |
21 | static DEFINE_RAW_SPINLOCK(cpu_asid_lock); | |
b3901d54 | 22 | |
5aec715d WD |
23 | static atomic64_t asid_generation; |
24 | static unsigned long *asid_map; | |
b3901d54 | 25 | |
5aec715d WD |
26 | static DEFINE_PER_CPU(atomic64_t, active_asids); |
27 | static DEFINE_PER_CPU(u64, reserved_asids); | |
28 | static cpumask_t tlb_flush_pending; | |
b3901d54 | 29 | |
48118151 JPB |
30 | static unsigned long max_pinned_asids; |
31 | static unsigned long nr_pinned_asids; | |
32 | static unsigned long *pinned_asid_map; | |
33 | ||
5aec715d WD |
34 | #define ASID_MASK (~GENMASK(asid_bits - 1, 0)) |
35 | #define ASID_FIRST_VERSION (1UL << asid_bits) | |
0c8ea531 | 36 | |
f88f42f8 | 37 | #define NUM_USER_ASIDS ASID_FIRST_VERSION |
0c8ea531 WD |
38 | #define asid2idx(asid) ((asid) & ~ASID_MASK) |
39 | #define idx2asid(idx) asid2idx(idx) | |
5aec715d | 40 | |
038dc9c6 SP |
41 | /* Get the ASIDBits supported by the current CPU */ |
42 | static u32 get_cpu_asid_bits(void) | |
43 | { | |
44 | u32 asid; | |
1cc6ed90 | 45 | int fld = cpuid_feature_extract_unsigned_field(read_cpuid(ID_AA64MMFR0_EL1), |
038dc9c6 SP |
46 | ID_AA64MMFR0_ASID_SHIFT); |
47 | ||
48 | switch (fld) { | |
49 | default: | |
50 | pr_warn("CPU%d: Unknown ASID size (%d); assuming 8-bit\n", | |
51 | smp_processor_id(), fld); | |
df561f66 | 52 | fallthrough; |
038dc9c6 SP |
53 | case 0: |
54 | asid = 8; | |
55 | break; | |
56 | case 2: | |
57 | asid = 16; | |
58 | } | |
59 | ||
60 | return asid; | |
61 | } | |
62 | ||
13f417f3 SP |
63 | /* Check if the current cpu's ASIDBits is compatible with asid_bits */ |
64 | void verify_cpu_asid_bits(void) | |
65 | { | |
66 | u32 asid = get_cpu_asid_bits(); | |
67 | ||
68 | if (asid < asid_bits) { | |
69 | /* | |
70 | * We cannot decrease the ASID size at runtime, so panic if we support | |
71 | * fewer ASID bits than the boot CPU. | |
72 | */ | |
73 | pr_crit("CPU%d: smaller ASID size(%u) than boot CPU (%u)\n", | |
74 | smp_processor_id(), asid, asid_bits); | |
17eebd1a | 75 | cpu_panic_kernel(); |
13f417f3 SP |
76 | } |
77 | } | |
78 | ||
48118151 | 79 | static void set_kpti_asid_bits(unsigned long *map) |
f88f42f8 VM |
80 | { |
81 | unsigned int len = BITS_TO_LONGS(NUM_USER_ASIDS) * sizeof(unsigned long); | |
82 | /* | |
83 | * In case of KPTI kernel/user ASIDs are allocated in | |
84 | * pairs, the bottom bit distinguishes the two: if it | |
85 | * is set, then the ASID will map only userspace. Thus | |
86 | * mark even as reserved for kernel. | |
87 | */ | |
48118151 | 88 | memset(map, 0xaa, len); |
f88f42f8 VM |
89 | } |
90 | ||
91 | static void set_reserved_asid_bits(void) | |
92 | { | |
48118151 JPB |
93 | if (pinned_asid_map) |
94 | bitmap_copy(asid_map, pinned_asid_map, NUM_USER_ASIDS); | |
95 | else if (arm64_kernel_unmapped_at_el0()) | |
96 | set_kpti_asid_bits(asid_map); | |
f88f42f8 VM |
97 | else |
98 | bitmap_clear(asid_map, 0, NUM_USER_ASIDS); | |
99 | } | |
100 | ||
4fc92254 JPB |
101 | #define asid_gen_match(asid) \ |
102 | (!(((asid) ^ atomic64_read(&asid_generation)) >> asid_bits)) | |
103 | ||
742fafa5 | 104 | static void flush_context(void) |
b3901d54 | 105 | { |
5aec715d WD |
106 | int i; |
107 | u64 asid; | |
108 | ||
109 | /* Update the list of reserved ASIDs and the ASID bitmap. */ | |
f88f42f8 | 110 | set_reserved_asid_bits(); |
5aec715d | 111 | |
5aec715d WD |
112 | for_each_possible_cpu(i) { |
113 | asid = atomic64_xchg_relaxed(&per_cpu(active_asids, i), 0); | |
114 | /* | |
115 | * If this CPU has already been through a | |
116 | * rollover, but hasn't run another task in | |
117 | * the meantime, we must preserve its reserved | |
118 | * ASID, as this is the only trace we have of | |
119 | * the process it is still running. | |
120 | */ | |
121 | if (asid == 0) | |
122 | asid = per_cpu(reserved_asids, i); | |
0c8ea531 | 123 | __set_bit(asid2idx(asid), asid_map); |
5aec715d WD |
124 | per_cpu(reserved_asids, i) = asid; |
125 | } | |
126 | ||
f81a3487 MR |
127 | /* |
128 | * Queue a TLB invalidation for each CPU to perform on next | |
129 | * context-switch | |
130 | */ | |
5aec715d | 131 | cpumask_setall(&tlb_flush_pending); |
b3901d54 CM |
132 | } |
133 | ||
0ebea808 | 134 | static bool check_update_reserved_asid(u64 asid, u64 newasid) |
b3901d54 | 135 | { |
5aec715d | 136 | int cpu; |
0ebea808 WD |
137 | bool hit = false; |
138 | ||
139 | /* | |
140 | * Iterate over the set of reserved ASIDs looking for a match. | |
141 | * If we find one, then we can update our mm to use newasid | |
142 | * (i.e. the same ASID in the current generation) but we can't | |
143 | * exit the loop early, since we need to ensure that all copies | |
144 | * of the old ASID are updated to reflect the mm. Failure to do | |
145 | * so could result in us missing the reserved ASID in a future | |
146 | * generation. | |
147 | */ | |
148 | for_each_possible_cpu(cpu) { | |
149 | if (per_cpu(reserved_asids, cpu) == asid) { | |
150 | hit = true; | |
151 | per_cpu(reserved_asids, cpu) = newasid; | |
152 | } | |
153 | } | |
154 | ||
155 | return hit; | |
b3901d54 CM |
156 | } |
157 | ||
742fafa5 | 158 | static u64 new_context(struct mm_struct *mm) |
b3901d54 | 159 | { |
5aec715d WD |
160 | static u32 cur_idx = 1; |
161 | u64 asid = atomic64_read(&mm->context.id); | |
162 | u64 generation = atomic64_read(&asid_generation); | |
b3901d54 | 163 | |
5aec715d | 164 | if (asid != 0) { |
0ebea808 WD |
165 | u64 newasid = generation | (asid & ~ASID_MASK); |
166 | ||
b3901d54 | 167 | /* |
5aec715d WD |
168 | * If our current ASID was active during a rollover, we |
169 | * can continue to use it and this was just a false alarm. | |
b3901d54 | 170 | */ |
0ebea808 WD |
171 | if (check_update_reserved_asid(asid, newasid)) |
172 | return newasid; | |
5aec715d | 173 | |
48118151 JPB |
174 | /* |
175 | * If it is pinned, we can keep using it. Note that reserved | |
176 | * takes priority, because even if it is also pinned, we need to | |
177 | * update the generation into the reserved_asids. | |
178 | */ | |
179 | if (refcount_read(&mm->context.pinned)) | |
180 | return newasid; | |
181 | ||
5aec715d WD |
182 | /* |
183 | * We had a valid ASID in a previous life, so try to re-use | |
184 | * it if possible. | |
185 | */ | |
0c8ea531 | 186 | if (!__test_and_set_bit(asid2idx(asid), asid_map)) |
0ebea808 | 187 | return newasid; |
b3901d54 | 188 | } |
b3901d54 CM |
189 | |
190 | /* | |
5aec715d | 191 | * Allocate a free ASID. If we can't find one, take a note of the |
0c8ea531 WD |
192 | * currently active ASIDs and mark the TLBs as requiring flushes. We |
193 | * always count from ASID #2 (index 1), as we use ASID #0 when setting | |
194 | * a reserved TTBR0 for the init_mm and we allocate ASIDs in even/odd | |
195 | * pairs. | |
b3901d54 | 196 | */ |
5aec715d WD |
197 | asid = find_next_zero_bit(asid_map, NUM_USER_ASIDS, cur_idx); |
198 | if (asid != NUM_USER_ASIDS) | |
199 | goto set_asid; | |
200 | ||
201 | /* We're out of ASIDs, so increment the global generation count */ | |
202 | generation = atomic64_add_return_relaxed(ASID_FIRST_VERSION, | |
203 | &asid_generation); | |
742fafa5 | 204 | flush_context(); |
5aec715d | 205 | |
f7e0efc9 | 206 | /* We have more ASIDs than CPUs, so this will always succeed */ |
5aec715d WD |
207 | asid = find_next_zero_bit(asid_map, NUM_USER_ASIDS, 1); |
208 | ||
209 | set_asid: | |
210 | __set_bit(asid, asid_map); | |
211 | cur_idx = asid; | |
0c8ea531 | 212 | return idx2asid(asid) | generation; |
b3901d54 CM |
213 | } |
214 | ||
c4885bbb | 215 | void check_and_switch_context(struct mm_struct *mm) |
b3901d54 | 216 | { |
5aec715d | 217 | unsigned long flags; |
c4885bbb | 218 | unsigned int cpu; |
a8ffaaa0 | 219 | u64 asid, old_active_asid; |
5aec715d | 220 | |
5ffdfaed VM |
221 | if (system_supports_cnp()) |
222 | cpu_set_reserved_ttbr0(); | |
223 | ||
5aec715d | 224 | asid = atomic64_read(&mm->context.id); |
b3901d54 | 225 | |
565630d5 | 226 | /* |
3a33c760 | 227 | * The memory ordering here is subtle. |
a8ffaaa0 CM |
228 | * If our active_asids is non-zero and the ASID matches the current |
229 | * generation, then we update the active_asids entry with a relaxed | |
230 | * cmpxchg. Racing with a concurrent rollover means that either: | |
3a33c760 | 231 | * |
a8ffaaa0 | 232 | * - We get a zero back from the cmpxchg and end up waiting on the |
3a33c760 WD |
233 | * lock. Taking the lock synchronises with the rollover and so |
234 | * we are forced to see the updated generation. | |
235 | * | |
a8ffaaa0 | 236 | * - We get a valid ASID back from the cmpxchg, which means the |
3a33c760 WD |
237 | * relaxed xchg in flush_context will treat us as reserved |
238 | * because atomic RmWs are totally ordered for a given location. | |
565630d5 | 239 | */ |
c4885bbb | 240 | old_active_asid = atomic64_read(this_cpu_ptr(&active_asids)); |
4fc92254 | 241 | if (old_active_asid && asid_gen_match(asid) && |
c4885bbb | 242 | atomic64_cmpxchg_relaxed(this_cpu_ptr(&active_asids), |
a8ffaaa0 | 243 | old_active_asid, asid)) |
5aec715d WD |
244 | goto switch_mm_fastpath; |
245 | ||
246 | raw_spin_lock_irqsave(&cpu_asid_lock, flags); | |
247 | /* Check that our ASID belongs to the current generation. */ | |
248 | asid = atomic64_read(&mm->context.id); | |
4fc92254 | 249 | if (!asid_gen_match(asid)) { |
742fafa5 | 250 | asid = new_context(mm); |
5aec715d WD |
251 | atomic64_set(&mm->context.id, asid); |
252 | } | |
565630d5 | 253 | |
c4885bbb | 254 | cpu = smp_processor_id(); |
5aec715d WD |
255 | if (cpumask_test_and_clear_cpu(cpu, &tlb_flush_pending)) |
256 | local_flush_tlb_all(); | |
b3901d54 | 257 | |
c4885bbb | 258 | atomic64_set(this_cpu_ptr(&active_asids), asid); |
5aec715d | 259 | raw_spin_unlock_irqrestore(&cpu_asid_lock, flags); |
b3901d54 | 260 | |
5aec715d | 261 | switch_mm_fastpath: |
a8e4c0a9 MZ |
262 | |
263 | arm64_apply_bp_hardening(); | |
264 | ||
39bc88e5 CM |
265 | /* |
266 | * Defer TTBR0_EL1 setting for user threads to uaccess_enable() when | |
267 | * emulating PAN. | |
268 | */ | |
269 | if (!system_uses_ttbr0_pan()) | |
270 | cpu_switch_mm(mm->pgd, mm); | |
b3901d54 CM |
271 | } |
272 | ||
48118151 JPB |
273 | unsigned long arm64_mm_context_get(struct mm_struct *mm) |
274 | { | |
275 | unsigned long flags; | |
276 | u64 asid; | |
277 | ||
278 | if (!pinned_asid_map) | |
279 | return 0; | |
280 | ||
281 | raw_spin_lock_irqsave(&cpu_asid_lock, flags); | |
282 | ||
283 | asid = atomic64_read(&mm->context.id); | |
284 | ||
285 | if (refcount_inc_not_zero(&mm->context.pinned)) | |
286 | goto out_unlock; | |
287 | ||
288 | if (nr_pinned_asids >= max_pinned_asids) { | |
289 | asid = 0; | |
290 | goto out_unlock; | |
291 | } | |
292 | ||
293 | if (!asid_gen_match(asid)) { | |
294 | /* | |
295 | * We went through one or more rollover since that ASID was | |
296 | * used. Ensure that it is still valid, or generate a new one. | |
297 | */ | |
298 | asid = new_context(mm); | |
299 | atomic64_set(&mm->context.id, asid); | |
300 | } | |
301 | ||
302 | nr_pinned_asids++; | |
303 | __set_bit(asid2idx(asid), pinned_asid_map); | |
304 | refcount_set(&mm->context.pinned, 1); | |
305 | ||
306 | out_unlock: | |
307 | raw_spin_unlock_irqrestore(&cpu_asid_lock, flags); | |
308 | ||
309 | asid &= ~ASID_MASK; | |
310 | ||
311 | /* Set the equivalent of USER_ASID_BIT */ | |
312 | if (asid && arm64_kernel_unmapped_at_el0()) | |
313 | asid |= 1; | |
314 | ||
315 | return asid; | |
316 | } | |
317 | EXPORT_SYMBOL_GPL(arm64_mm_context_get); | |
318 | ||
319 | void arm64_mm_context_put(struct mm_struct *mm) | |
320 | { | |
321 | unsigned long flags; | |
322 | u64 asid = atomic64_read(&mm->context.id); | |
323 | ||
324 | if (!pinned_asid_map) | |
325 | return; | |
326 | ||
327 | raw_spin_lock_irqsave(&cpu_asid_lock, flags); | |
328 | ||
329 | if (refcount_dec_and_test(&mm->context.pinned)) { | |
330 | __clear_bit(asid2idx(asid), pinned_asid_map); | |
331 | nr_pinned_asids--; | |
332 | } | |
333 | ||
334 | raw_spin_unlock_irqrestore(&cpu_asid_lock, flags); | |
335 | } | |
336 | EXPORT_SYMBOL_GPL(arm64_mm_context_put); | |
337 | ||
95e3de35 MZ |
338 | /* Errata workaround post TTBRx_EL1 update. */ |
339 | asmlinkage void post_ttbr_update_workaround(void) | |
340 | { | |
25b92693 MR |
341 | if (!IS_ENABLED(CONFIG_CAVIUM_ERRATUM_27456)) |
342 | return; | |
343 | ||
95e3de35 MZ |
344 | asm(ALTERNATIVE("nop; nop; nop", |
345 | "ic iallu; dsb nsh; isb", | |
25b92693 MR |
346 | ARM64_WORKAROUND_CAVIUM_27456)); |
347 | } | |
348 | ||
349 | void cpu_do_switch_mm(phys_addr_t pgd_phys, struct mm_struct *mm) | |
350 | { | |
351 | unsigned long ttbr1 = read_sysreg(ttbr1_el1); | |
352 | unsigned long asid = ASID(mm); | |
353 | unsigned long ttbr0 = phys_to_ttbr(pgd_phys); | |
354 | ||
355 | /* Skip CNP for the reserved ASID */ | |
356 | if (system_supports_cnp() && asid) | |
357 | ttbr0 |= TTBR_CNP_BIT; | |
358 | ||
359 | /* SW PAN needs a copy of the ASID in TTBR0 for entry */ | |
360 | if (IS_ENABLED(CONFIG_ARM64_SW_TTBR0_PAN)) | |
361 | ttbr0 |= FIELD_PREP(TTBR_ASID_MASK, asid); | |
362 | ||
363 | /* Set ASID in TTBR1 since TCR.A1 is set */ | |
364 | ttbr1 &= ~TTBR_ASID_MASK; | |
365 | ttbr1 |= FIELD_PREP(TTBR_ASID_MASK, asid); | |
366 | ||
367 | write_sysreg(ttbr1, ttbr1_el1); | |
368 | isb(); | |
369 | write_sysreg(ttbr0, ttbr0_el1); | |
370 | isb(); | |
371 | post_ttbr_update_workaround(); | |
95e3de35 MZ |
372 | } |
373 | ||
9abd515a | 374 | static int asids_update_limit(void) |
b3901d54 | 375 | { |
9abd515a JPB |
376 | unsigned long num_available_asids = NUM_USER_ASIDS; |
377 | ||
48118151 | 378 | if (arm64_kernel_unmapped_at_el0()) { |
9abd515a | 379 | num_available_asids /= 2; |
48118151 JPB |
380 | if (pinned_asid_map) |
381 | set_kpti_asid_bits(pinned_asid_map); | |
382 | } | |
f7e0efc9 JPB |
383 | /* |
384 | * Expect allocation after rollover to fail if we don't have at least | |
385 | * one more ASID than CPUs. ASID #0 is reserved for init_mm. | |
386 | */ | |
9abd515a JPB |
387 | WARN_ON(num_available_asids - 1 <= num_possible_cpus()); |
388 | pr_info("ASID allocator initialised with %lu entries\n", | |
389 | num_available_asids); | |
48118151 JPB |
390 | |
391 | /* | |
392 | * There must always be an ASID available after rollover. Ensure that, | |
393 | * even if all CPUs have a reserved ASID and the maximum number of ASIDs | |
394 | * are pinned, there still is at least one empty slot in the ASID map. | |
395 | */ | |
396 | max_pinned_asids = num_available_asids - num_possible_cpus() - 2; | |
9abd515a JPB |
397 | return 0; |
398 | } | |
399 | arch_initcall(asids_update_limit); | |
400 | ||
401 | static int asids_init(void) | |
402 | { | |
403 | asid_bits = get_cpu_asid_bits(); | |
5aec715d | 404 | atomic64_set(&asid_generation, ASID_FIRST_VERSION); |
6396bb22 | 405 | asid_map = kcalloc(BITS_TO_LONGS(NUM_USER_ASIDS), sizeof(*asid_map), |
5aec715d WD |
406 | GFP_KERNEL); |
407 | if (!asid_map) | |
408 | panic("Failed to allocate bitmap for %lu ASIDs\n", | |
409 | NUM_USER_ASIDS); | |
410 | ||
48118151 JPB |
411 | pinned_asid_map = kcalloc(BITS_TO_LONGS(NUM_USER_ASIDS), |
412 | sizeof(*pinned_asid_map), GFP_KERNEL); | |
413 | nr_pinned_asids = 0; | |
414 | ||
f88f42f8 VM |
415 | /* |
416 | * We cannot call set_reserved_asid_bits() here because CPU | |
417 | * caps are not finalized yet, so it is safer to assume KPTI | |
418 | * and reserve kernel ASID's from beginning. | |
419 | */ | |
420 | if (IS_ENABLED(CONFIG_UNMAP_KERNEL_AT_EL0)) | |
48118151 | 421 | set_kpti_asid_bits(asid_map); |
5aec715d | 422 | return 0; |
b3901d54 | 423 | } |
5aec715d | 424 | early_initcall(asids_init); |