]>
Commit | Line | Data |
---|---|---|
c767a54b JP |
1 | #define pr_fmt(fmt) "SMP alternatives: " fmt |
2 | ||
9a0b5817 | 3 | #include <linux/module.h> |
f6a57033 | 4 | #include <linux/sched.h> |
2f1dafe5 | 5 | #include <linux/mutex.h> |
9a0b5817 | 6 | #include <linux/list.h> |
8b5a10fc | 7 | #include <linux/stringify.h> |
19d36ccd AK |
8 | #include <linux/mm.h> |
9 | #include <linux/vmalloc.h> | |
3945dab4 | 10 | #include <linux/memory.h> |
3d55cc8a | 11 | #include <linux/stop_machine.h> |
5a0e3ad6 | 12 | #include <linux/slab.h> |
fd4363ff | 13 | #include <linux/kdebug.h> |
c13324a5 | 14 | #include <linux/kprobes.h> |
b3fd8e83 | 15 | #include <linux/mmu_context.h> |
35de5b06 | 16 | #include <asm/text-patching.h> |
9a0b5817 GH |
17 | #include <asm/alternative.h> |
18 | #include <asm/sections.h> | |
19d36ccd | 19 | #include <asm/pgtable.h> |
8f4e956b AK |
20 | #include <asm/mce.h> |
21 | #include <asm/nmi.h> | |
e587cadd | 22 | #include <asm/cacheflush.h> |
78ff7fae | 23 | #include <asm/tlbflush.h> |
e587cadd | 24 | #include <asm/io.h> |
78ff7fae | 25 | #include <asm/fixmap.h> |
9a0b5817 | 26 | |
5e907bb0 IM |
27 | int __read_mostly alternatives_patched; |
28 | ||
29 | EXPORT_SYMBOL_GPL(alternatives_patched); | |
30 | ||
ab144f5e AK |
31 | #define MAX_PATCH_LEN (255-1) |
32 | ||
8b5a10fc | 33 | static int __initdata_or_module debug_alternative; |
b7fb4af0 | 34 | |
d167a518 GH |
35 | static int __init debug_alt(char *str) |
36 | { | |
37 | debug_alternative = 1; | |
38 | return 1; | |
39 | } | |
d167a518 GH |
40 | __setup("debug-alternative", debug_alt); |
41 | ||
09488165 JB |
42 | static int noreplace_smp; |
43 | ||
b7fb4af0 JF |
44 | static int __init setup_noreplace_smp(char *str) |
45 | { | |
46 | noreplace_smp = 1; | |
47 | return 1; | |
48 | } | |
49 | __setup("noreplace-smp", setup_noreplace_smp); | |
50 | ||
db477a33 BP |
51 | #define DPRINTK(fmt, args...) \ |
52 | do { \ | |
53 | if (debug_alternative) \ | |
54 | printk(KERN_DEBUG "%s: " fmt "\n", __func__, ##args); \ | |
c767a54b | 55 | } while (0) |
d167a518 | 56 | |
48c7a250 BP |
57 | #define DUMP_BYTES(buf, len, fmt, args...) \ |
58 | do { \ | |
59 | if (unlikely(debug_alternative)) { \ | |
60 | int j; \ | |
61 | \ | |
62 | if (!(len)) \ | |
63 | break; \ | |
64 | \ | |
65 | printk(KERN_DEBUG fmt, ##args); \ | |
66 | for (j = 0; j < (len) - 1; j++) \ | |
67 | printk(KERN_CONT "%02hhx ", buf[j]); \ | |
68 | printk(KERN_CONT "%02hhx\n", buf[j]); \ | |
69 | } \ | |
70 | } while (0) | |
71 | ||
dc326fca PA |
72 | /* |
73 | * Each GENERIC_NOPX is of X bytes, and defined as an array of bytes | |
74 | * that correspond to that nop. Getting from one nop to the next, we | |
75 | * add to the array the offset that is equal to the sum of all sizes of | |
76 | * nops preceding the one we are after. | |
77 | * | |
78 | * Note: The GENERIC_NOP5_ATOMIC is at the end, as it breaks the | |
79 | * nice symmetry of sizes of the previous nops. | |
80 | */ | |
8b5a10fc | 81 | #if defined(GENERIC_NOP1) && !defined(CONFIG_X86_64) |
dc326fca PA |
82 | static const unsigned char intelnops[] = |
83 | { | |
84 | GENERIC_NOP1, | |
85 | GENERIC_NOP2, | |
86 | GENERIC_NOP3, | |
87 | GENERIC_NOP4, | |
88 | GENERIC_NOP5, | |
89 | GENERIC_NOP6, | |
90 | GENERIC_NOP7, | |
91 | GENERIC_NOP8, | |
92 | GENERIC_NOP5_ATOMIC | |
93 | }; | |
94 | static const unsigned char * const intel_nops[ASM_NOP_MAX+2] = | |
95 | { | |
9a0b5817 GH |
96 | NULL, |
97 | intelnops, | |
98 | intelnops + 1, | |
99 | intelnops + 1 + 2, | |
100 | intelnops + 1 + 2 + 3, | |
101 | intelnops + 1 + 2 + 3 + 4, | |
102 | intelnops + 1 + 2 + 3 + 4 + 5, | |
103 | intelnops + 1 + 2 + 3 + 4 + 5 + 6, | |
104 | intelnops + 1 + 2 + 3 + 4 + 5 + 6 + 7, | |
dc326fca | 105 | intelnops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8, |
9a0b5817 | 106 | }; |
d167a518 GH |
107 | #endif |
108 | ||
109 | #ifdef K8_NOP1 | |
dc326fca PA |
110 | static const unsigned char k8nops[] = |
111 | { | |
112 | K8_NOP1, | |
113 | K8_NOP2, | |
114 | K8_NOP3, | |
115 | K8_NOP4, | |
116 | K8_NOP5, | |
117 | K8_NOP6, | |
118 | K8_NOP7, | |
119 | K8_NOP8, | |
120 | K8_NOP5_ATOMIC | |
121 | }; | |
122 | static const unsigned char * const k8_nops[ASM_NOP_MAX+2] = | |
123 | { | |
9a0b5817 GH |
124 | NULL, |
125 | k8nops, | |
126 | k8nops + 1, | |
127 | k8nops + 1 + 2, | |
128 | k8nops + 1 + 2 + 3, | |
129 | k8nops + 1 + 2 + 3 + 4, | |
130 | k8nops + 1 + 2 + 3 + 4 + 5, | |
131 | k8nops + 1 + 2 + 3 + 4 + 5 + 6, | |
132 | k8nops + 1 + 2 + 3 + 4 + 5 + 6 + 7, | |
dc326fca | 133 | k8nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8, |
9a0b5817 | 134 | }; |
d167a518 GH |
135 | #endif |
136 | ||
8b5a10fc | 137 | #if defined(K7_NOP1) && !defined(CONFIG_X86_64) |
dc326fca PA |
138 | static const unsigned char k7nops[] = |
139 | { | |
140 | K7_NOP1, | |
141 | K7_NOP2, | |
142 | K7_NOP3, | |
143 | K7_NOP4, | |
144 | K7_NOP5, | |
145 | K7_NOP6, | |
146 | K7_NOP7, | |
147 | K7_NOP8, | |
148 | K7_NOP5_ATOMIC | |
149 | }; | |
150 | static const unsigned char * const k7_nops[ASM_NOP_MAX+2] = | |
151 | { | |
9a0b5817 GH |
152 | NULL, |
153 | k7nops, | |
154 | k7nops + 1, | |
155 | k7nops + 1 + 2, | |
156 | k7nops + 1 + 2 + 3, | |
157 | k7nops + 1 + 2 + 3 + 4, | |
158 | k7nops + 1 + 2 + 3 + 4 + 5, | |
159 | k7nops + 1 + 2 + 3 + 4 + 5 + 6, | |
160 | k7nops + 1 + 2 + 3 + 4 + 5 + 6 + 7, | |
dc326fca | 161 | k7nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8, |
9a0b5817 | 162 | }; |
d167a518 GH |
163 | #endif |
164 | ||
32c464f5 | 165 | #ifdef P6_NOP1 |
cb09cad4 | 166 | static const unsigned char p6nops[] = |
dc326fca PA |
167 | { |
168 | P6_NOP1, | |
169 | P6_NOP2, | |
170 | P6_NOP3, | |
171 | P6_NOP4, | |
172 | P6_NOP5, | |
173 | P6_NOP6, | |
174 | P6_NOP7, | |
175 | P6_NOP8, | |
176 | P6_NOP5_ATOMIC | |
177 | }; | |
178 | static const unsigned char * const p6_nops[ASM_NOP_MAX+2] = | |
179 | { | |
32c464f5 JB |
180 | NULL, |
181 | p6nops, | |
182 | p6nops + 1, | |
183 | p6nops + 1 + 2, | |
184 | p6nops + 1 + 2 + 3, | |
185 | p6nops + 1 + 2 + 3 + 4, | |
186 | p6nops + 1 + 2 + 3 + 4 + 5, | |
187 | p6nops + 1 + 2 + 3 + 4 + 5 + 6, | |
188 | p6nops + 1 + 2 + 3 + 4 + 5 + 6 + 7, | |
dc326fca | 189 | p6nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8, |
32c464f5 JB |
190 | }; |
191 | #endif | |
192 | ||
dc326fca | 193 | /* Initialize these to a safe default */ |
d167a518 | 194 | #ifdef CONFIG_X86_64 |
dc326fca PA |
195 | const unsigned char * const *ideal_nops = p6_nops; |
196 | #else | |
197 | const unsigned char * const *ideal_nops = intel_nops; | |
198 | #endif | |
d167a518 | 199 | |
dc326fca | 200 | void __init arch_init_ideal_nops(void) |
d167a518 | 201 | { |
dc326fca PA |
202 | switch (boot_cpu_data.x86_vendor) { |
203 | case X86_VENDOR_INTEL: | |
d8d9766c PA |
204 | /* |
205 | * Due to a decoder implementation quirk, some | |
206 | * specific Intel CPUs actually perform better with | |
207 | * the "k8_nops" than with the SDM-recommended NOPs. | |
208 | */ | |
209 | if (boot_cpu_data.x86 == 6 && | |
210 | boot_cpu_data.x86_model >= 0x0f && | |
211 | boot_cpu_data.x86_model != 0x1c && | |
212 | boot_cpu_data.x86_model != 0x26 && | |
213 | boot_cpu_data.x86_model != 0x27 && | |
214 | boot_cpu_data.x86_model < 0x30) { | |
215 | ideal_nops = k8_nops; | |
216 | } else if (boot_cpu_has(X86_FEATURE_NOPL)) { | |
dc326fca PA |
217 | ideal_nops = p6_nops; |
218 | } else { | |
219 | #ifdef CONFIG_X86_64 | |
220 | ideal_nops = k8_nops; | |
221 | #else | |
222 | ideal_nops = intel_nops; | |
223 | #endif | |
224 | } | |
d6250a3f | 225 | break; |
f21262b8 | 226 | |
c3fecca4 PW |
227 | case X86_VENDOR_HYGON: |
228 | ideal_nops = p6_nops; | |
229 | return; | |
230 | ||
f21262b8 BP |
231 | case X86_VENDOR_AMD: |
232 | if (boot_cpu_data.x86 > 0xf) { | |
233 | ideal_nops = p6_nops; | |
234 | return; | |
235 | } | |
236 | ||
237 | /* fall through */ | |
238 | ||
dc326fca PA |
239 | default: |
240 | #ifdef CONFIG_X86_64 | |
241 | ideal_nops = k8_nops; | |
242 | #else | |
243 | if (boot_cpu_has(X86_FEATURE_K8)) | |
244 | ideal_nops = k8_nops; | |
245 | else if (boot_cpu_has(X86_FEATURE_K7)) | |
246 | ideal_nops = k7_nops; | |
247 | else | |
248 | ideal_nops = intel_nops; | |
249 | #endif | |
250 | } | |
9a0b5817 GH |
251 | } |
252 | ||
ab144f5e | 253 | /* Use this to add nops to a buffer, then text_poke the whole buffer. */ |
8b5a10fc | 254 | static void __init_or_module add_nops(void *insns, unsigned int len) |
139ec7c4 | 255 | { |
139ec7c4 RR |
256 | while (len > 0) { |
257 | unsigned int noplen = len; | |
258 | if (noplen > ASM_NOP_MAX) | |
259 | noplen = ASM_NOP_MAX; | |
dc326fca | 260 | memcpy(insns, ideal_nops[noplen], noplen); |
139ec7c4 RR |
261 | insns += noplen; |
262 | len -= noplen; | |
263 | } | |
264 | } | |
265 | ||
d167a518 | 266 | extern struct alt_instr __alt_instructions[], __alt_instructions_end[]; |
5967ed87 | 267 | extern s32 __smp_locks[], __smp_locks_end[]; |
fa6f2cc7 | 268 | void *text_poke_early(void *addr, const void *opcode, size_t len); |
d167a518 | 269 | |
48c7a250 BP |
270 | /* |
271 | * Are we looking at a near JMP with a 1 or 4-byte displacement. | |
272 | */ | |
273 | static inline bool is_jmp(const u8 opcode) | |
274 | { | |
275 | return opcode == 0xeb || opcode == 0xe9; | |
276 | } | |
277 | ||
278 | static void __init_or_module | |
279 | recompute_jump(struct alt_instr *a, u8 *orig_insn, u8 *repl_insn, u8 *insnbuf) | |
280 | { | |
281 | u8 *next_rip, *tgt_rip; | |
282 | s32 n_dspl, o_dspl; | |
283 | int repl_len; | |
284 | ||
285 | if (a->replacementlen != 5) | |
286 | return; | |
287 | ||
288 | o_dspl = *(s32 *)(insnbuf + 1); | |
289 | ||
290 | /* next_rip of the replacement JMP */ | |
291 | next_rip = repl_insn + a->replacementlen; | |
292 | /* target rip of the replacement JMP */ | |
293 | tgt_rip = next_rip + o_dspl; | |
294 | n_dspl = tgt_rip - orig_insn; | |
295 | ||
0e6c16c6 | 296 | DPRINTK("target RIP: %px, new_displ: 0x%x", tgt_rip, n_dspl); |
48c7a250 BP |
297 | |
298 | if (tgt_rip - orig_insn >= 0) { | |
299 | if (n_dspl - 2 <= 127) | |
300 | goto two_byte_jmp; | |
301 | else | |
302 | goto five_byte_jmp; | |
303 | /* negative offset */ | |
304 | } else { | |
305 | if (((n_dspl - 2) & 0xff) == (n_dspl - 2)) | |
306 | goto two_byte_jmp; | |
307 | else | |
308 | goto five_byte_jmp; | |
309 | } | |
310 | ||
311 | two_byte_jmp: | |
312 | n_dspl -= 2; | |
313 | ||
314 | insnbuf[0] = 0xeb; | |
315 | insnbuf[1] = (s8)n_dspl; | |
316 | add_nops(insnbuf + 2, 3); | |
317 | ||
318 | repl_len = 2; | |
319 | goto done; | |
320 | ||
321 | five_byte_jmp: | |
322 | n_dspl -= 5; | |
323 | ||
324 | insnbuf[0] = 0xe9; | |
325 | *(s32 *)&insnbuf[1] = n_dspl; | |
326 | ||
327 | repl_len = 5; | |
328 | ||
329 | done: | |
330 | ||
331 | DPRINTK("final displ: 0x%08x, JMP 0x%lx", | |
332 | n_dspl, (unsigned long)orig_insn + n_dspl + repl_len); | |
333 | } | |
334 | ||
34bfab0e BP |
335 | /* |
336 | * "noinline" to cause control flow change and thus invalidate I$ and | |
337 | * cause refetch after modification. | |
338 | */ | |
339 | static void __init_or_module noinline optimize_nops(struct alt_instr *a, u8 *instr) | |
4fd4b6e5 | 340 | { |
66c117d7 | 341 | unsigned long flags; |
612e8e93 | 342 | int i; |
66c117d7 | 343 | |
612e8e93 BP |
344 | for (i = 0; i < a->padlen; i++) { |
345 | if (instr[i] != 0x90) | |
346 | return; | |
347 | } | |
69df353f | 348 | |
66c117d7 | 349 | local_irq_save(flags); |
4fd4b6e5 | 350 | add_nops(instr + (a->instrlen - a->padlen), a->padlen); |
66c117d7 | 351 | local_irq_restore(flags); |
4fd4b6e5 | 352 | |
0e6c16c6 | 353 | DUMP_BYTES(instr, a->instrlen, "%px: [%d:%d) optimized NOPs: ", |
4fd4b6e5 BP |
354 | instr, a->instrlen - a->padlen, a->padlen); |
355 | } | |
356 | ||
db477a33 BP |
357 | /* |
358 | * Replace instructions with better alternatives for this CPU type. This runs | |
359 | * before SMP is initialized to avoid SMP problems with self modifying code. | |
360 | * This implies that asymmetric systems where APs have less capabilities than | |
361 | * the boot processor are not handled. Tough. Make sure you disable such | |
362 | * features by hand. | |
34bfab0e BP |
363 | * |
364 | * Marked "noinline" to cause control flow change and thus insn cache | |
365 | * to refetch changed I$ lines. | |
db477a33 | 366 | */ |
34bfab0e BP |
367 | void __init_or_module noinline apply_alternatives(struct alt_instr *start, |
368 | struct alt_instr *end) | |
9a0b5817 | 369 | { |
9a0b5817 | 370 | struct alt_instr *a; |
59e97e4d | 371 | u8 *instr, *replacement; |
1b1d9258 | 372 | u8 insnbuf[MAX_PATCH_LEN]; |
9a0b5817 | 373 | |
0e6c16c6 | 374 | DPRINTK("alt table %px, -> %px", start, end); |
50973133 FY |
375 | /* |
376 | * The scan order should be from start to end. A later scanned | |
db477a33 | 377 | * alternative code can overwrite previously scanned alternative code. |
50973133 FY |
378 | * Some kernel functions (e.g. memcpy, memset, etc) use this order to |
379 | * patch code. | |
380 | * | |
381 | * So be careful if you want to change the scan order to any other | |
382 | * order. | |
383 | */ | |
9a0b5817 | 384 | for (a = start; a < end; a++) { |
48c7a250 BP |
385 | int insnbuf_sz = 0; |
386 | ||
59e97e4d AL |
387 | instr = (u8 *)&a->instr_offset + a->instr_offset; |
388 | replacement = (u8 *)&a->repl_offset + a->repl_offset; | |
ab144f5e | 389 | BUG_ON(a->instrlen > sizeof(insnbuf)); |
65fc985b | 390 | BUG_ON(a->cpuid >= (NCAPINTS + NBUGINTS) * 32); |
4fd4b6e5 BP |
391 | if (!boot_cpu_has(a->cpuid)) { |
392 | if (a->padlen > 1) | |
393 | optimize_nops(a, instr); | |
394 | ||
9a0b5817 | 395 | continue; |
4fd4b6e5 | 396 | } |
59e97e4d | 397 | |
c1d4e419 | 398 | DPRINTK("feat: %d*32+%d, old: (%pS (%px) len: %d), repl: (%px, len: %d), pad: %d", |
db477a33 BP |
399 | a->cpuid >> 5, |
400 | a->cpuid & 0x1f, | |
c1d4e419 | 401 | instr, instr, a->instrlen, |
dbe4058a | 402 | replacement, a->replacementlen, a->padlen); |
db477a33 | 403 | |
0e6c16c6 BP |
404 | DUMP_BYTES(instr, a->instrlen, "%px: old_insn: ", instr); |
405 | DUMP_BYTES(replacement, a->replacementlen, "%px: rpl_insn: ", replacement); | |
48c7a250 | 406 | |
59e97e4d | 407 | memcpy(insnbuf, replacement, a->replacementlen); |
48c7a250 | 408 | insnbuf_sz = a->replacementlen; |
59e97e4d | 409 | |
fc152d22 MJ |
410 | /* |
411 | * 0xe8 is a relative jump; fix the offset. | |
412 | * | |
413 | * Instruction length is checked before the opcode to avoid | |
414 | * accessing uninitialized bytes for zero-length replacements. | |
415 | */ | |
416 | if (a->replacementlen == 5 && *insnbuf == 0xe8) { | |
db477a33 | 417 | *(s32 *)(insnbuf + 1) += replacement - instr; |
48c7a250 BP |
418 | DPRINTK("Fix CALL offset: 0x%x, CALL 0x%lx", |
419 | *(s32 *)(insnbuf + 1), | |
420 | (unsigned long)instr + *(s32 *)(insnbuf + 1) + 5); | |
db477a33 | 421 | } |
59e97e4d | 422 | |
48c7a250 BP |
423 | if (a->replacementlen && is_jmp(replacement[0])) |
424 | recompute_jump(a, instr, replacement, insnbuf); | |
425 | ||
426 | if (a->instrlen > a->replacementlen) { | |
4332195c BP |
427 | add_nops(insnbuf + a->replacementlen, |
428 | a->instrlen - a->replacementlen); | |
48c7a250 BP |
429 | insnbuf_sz += a->instrlen - a->replacementlen; |
430 | } | |
0e6c16c6 | 431 | DUMP_BYTES(insnbuf, insnbuf_sz, "%px: final_insn: ", instr); |
59e97e4d | 432 | |
48c7a250 | 433 | text_poke_early(instr, insnbuf, insnbuf_sz); |
9a0b5817 GH |
434 | } |
435 | } | |
436 | ||
8ec4d41f | 437 | #ifdef CONFIG_SMP |
5967ed87 JB |
438 | static void alternatives_smp_lock(const s32 *start, const s32 *end, |
439 | u8 *text, u8 *text_end) | |
9a0b5817 | 440 | { |
5967ed87 | 441 | const s32 *poff; |
9a0b5817 | 442 | |
5967ed87 JB |
443 | for (poff = start; poff < end; poff++) { |
444 | u8 *ptr = (u8 *)poff + *poff; | |
445 | ||
446 | if (!*poff || ptr < text || ptr >= text_end) | |
9a0b5817 | 447 | continue; |
f88f07e0 | 448 | /* turn DS segment override prefix into lock prefix */ |
d9c5841e PA |
449 | if (*ptr == 0x3e) |
450 | text_poke(ptr, ((unsigned char []){0xf0}), 1); | |
4b8073e4 | 451 | } |
9a0b5817 GH |
452 | } |
453 | ||
5967ed87 JB |
454 | static void alternatives_smp_unlock(const s32 *start, const s32 *end, |
455 | u8 *text, u8 *text_end) | |
9a0b5817 | 456 | { |
5967ed87 | 457 | const s32 *poff; |
9a0b5817 | 458 | |
5967ed87 JB |
459 | for (poff = start; poff < end; poff++) { |
460 | u8 *ptr = (u8 *)poff + *poff; | |
461 | ||
462 | if (!*poff || ptr < text || ptr >= text_end) | |
9a0b5817 | 463 | continue; |
f88f07e0 | 464 | /* turn lock prefix into DS segment override prefix */ |
d9c5841e PA |
465 | if (*ptr == 0xf0) |
466 | text_poke(ptr, ((unsigned char []){0x3E}), 1); | |
4b8073e4 | 467 | } |
9a0b5817 GH |
468 | } |
469 | ||
470 | struct smp_alt_module { | |
471 | /* what is this ??? */ | |
472 | struct module *mod; | |
473 | char *name; | |
474 | ||
475 | /* ptrs to lock prefixes */ | |
5967ed87 JB |
476 | const s32 *locks; |
477 | const s32 *locks_end; | |
9a0b5817 GH |
478 | |
479 | /* .text segment, needed to avoid patching init code ;) */ | |
480 | u8 *text; | |
481 | u8 *text_end; | |
482 | ||
483 | struct list_head next; | |
484 | }; | |
485 | static LIST_HEAD(smp_alt_modules); | |
e846d139 | 486 | static bool uniproc_patched = false; /* protected by text_mutex */ |
9a0b5817 | 487 | |
8b5a10fc JB |
488 | void __init_or_module alternatives_smp_module_add(struct module *mod, |
489 | char *name, | |
490 | void *locks, void *locks_end, | |
491 | void *text, void *text_end) | |
9a0b5817 GH |
492 | { |
493 | struct smp_alt_module *smp; | |
9a0b5817 | 494 | |
e846d139 | 495 | mutex_lock(&text_mutex); |
816afe4f RR |
496 | if (!uniproc_patched) |
497 | goto unlock; | |
b7fb4af0 | 498 | |
816afe4f RR |
499 | if (num_possible_cpus() == 1) |
500 | /* Don't bother remembering, we'll never have to undo it. */ | |
501 | goto smp_unlock; | |
9a0b5817 GH |
502 | |
503 | smp = kzalloc(sizeof(*smp), GFP_KERNEL); | |
504 | if (NULL == smp) | |
816afe4f RR |
505 | /* we'll run the (safe but slow) SMP code then ... */ |
506 | goto unlock; | |
9a0b5817 GH |
507 | |
508 | smp->mod = mod; | |
509 | smp->name = name; | |
510 | smp->locks = locks; | |
511 | smp->locks_end = locks_end; | |
512 | smp->text = text; | |
513 | smp->text_end = text_end; | |
db477a33 BP |
514 | DPRINTK("locks %p -> %p, text %p -> %p, name %s\n", |
515 | smp->locks, smp->locks_end, | |
9a0b5817 GH |
516 | smp->text, smp->text_end, smp->name); |
517 | ||
9a0b5817 | 518 | list_add_tail(&smp->next, &smp_alt_modules); |
816afe4f RR |
519 | smp_unlock: |
520 | alternatives_smp_unlock(locks, locks_end, text, text_end); | |
521 | unlock: | |
e846d139 | 522 | mutex_unlock(&text_mutex); |
9a0b5817 GH |
523 | } |
524 | ||
8b5a10fc | 525 | void __init_or_module alternatives_smp_module_del(struct module *mod) |
9a0b5817 GH |
526 | { |
527 | struct smp_alt_module *item; | |
9a0b5817 | 528 | |
e846d139 | 529 | mutex_lock(&text_mutex); |
9a0b5817 GH |
530 | list_for_each_entry(item, &smp_alt_modules, next) { |
531 | if (mod != item->mod) | |
532 | continue; | |
533 | list_del(&item->next); | |
9a0b5817 | 534 | kfree(item); |
816afe4f | 535 | break; |
9a0b5817 | 536 | } |
e846d139 | 537 | mutex_unlock(&text_mutex); |
9a0b5817 GH |
538 | } |
539 | ||
816afe4f | 540 | void alternatives_enable_smp(void) |
9a0b5817 GH |
541 | { |
542 | struct smp_alt_module *mod; | |
9a0b5817 | 543 | |
816afe4f RR |
544 | /* Why bother if there are no other CPUs? */ |
545 | BUG_ON(num_possible_cpus() == 1); | |
9a0b5817 | 546 | |
e846d139 | 547 | mutex_lock(&text_mutex); |
ca74a6f8 | 548 | |
816afe4f | 549 | if (uniproc_patched) { |
c767a54b | 550 | pr_info("switching to SMP code\n"); |
816afe4f | 551 | BUG_ON(num_online_cpus() != 1); |
53756d37 JF |
552 | clear_cpu_cap(&boot_cpu_data, X86_FEATURE_UP); |
553 | clear_cpu_cap(&cpu_data(0), X86_FEATURE_UP); | |
9a0b5817 GH |
554 | list_for_each_entry(mod, &smp_alt_modules, next) |
555 | alternatives_smp_lock(mod->locks, mod->locks_end, | |
556 | mod->text, mod->text_end); | |
816afe4f | 557 | uniproc_patched = false; |
9a0b5817 | 558 | } |
e846d139 | 559 | mutex_unlock(&text_mutex); |
9a0b5817 GH |
560 | } |
561 | ||
e846d139 ZC |
562 | /* |
563 | * Return 1 if the address range is reserved for SMP-alternatives. | |
564 | * Must hold text_mutex. | |
565 | */ | |
2cfa1978 MH |
566 | int alternatives_text_reserved(void *start, void *end) |
567 | { | |
568 | struct smp_alt_module *mod; | |
5967ed87 | 569 | const s32 *poff; |
076dc4a6 MH |
570 | u8 *text_start = start; |
571 | u8 *text_end = end; | |
2cfa1978 | 572 | |
e846d139 ZC |
573 | lockdep_assert_held(&text_mutex); |
574 | ||
2cfa1978 | 575 | list_for_each_entry(mod, &smp_alt_modules, next) { |
076dc4a6 | 576 | if (mod->text > text_end || mod->text_end < text_start) |
2cfa1978 | 577 | continue; |
5967ed87 JB |
578 | for (poff = mod->locks; poff < mod->locks_end; poff++) { |
579 | const u8 *ptr = (const u8 *)poff + *poff; | |
580 | ||
581 | if (text_start <= ptr && text_end > ptr) | |
2cfa1978 | 582 | return 1; |
5967ed87 | 583 | } |
2cfa1978 MH |
584 | } |
585 | ||
586 | return 0; | |
587 | } | |
48c7a250 | 588 | #endif /* CONFIG_SMP */ |
8ec4d41f | 589 | |
139ec7c4 | 590 | #ifdef CONFIG_PARAVIRT |
8b5a10fc JB |
591 | void __init_or_module apply_paravirt(struct paravirt_patch_site *start, |
592 | struct paravirt_patch_site *end) | |
139ec7c4 | 593 | { |
98de032b | 594 | struct paravirt_patch_site *p; |
ab144f5e | 595 | char insnbuf[MAX_PATCH_LEN]; |
139ec7c4 RR |
596 | |
597 | for (p = start; p < end; p++) { | |
598 | unsigned int used; | |
599 | ||
ab144f5e | 600 | BUG_ON(p->len > MAX_PATCH_LEN); |
d34fda4a CW |
601 | /* prep the buffer with the original instructions */ |
602 | memcpy(insnbuf, p->instr, p->len); | |
5c83511b | 603 | used = pv_ops.init.patch(p->instrtype, insnbuf, |
93b1eab3 | 604 | (unsigned long)p->instr, p->len); |
7f63c41c | 605 | |
63f70270 JF |
606 | BUG_ON(used > p->len); |
607 | ||
139ec7c4 | 608 | /* Pad the rest with nops */ |
ab144f5e | 609 | add_nops(insnbuf + used, p->len - used); |
e587cadd | 610 | text_poke_early(p->instr, insnbuf, p->len); |
139ec7c4 | 611 | } |
139ec7c4 | 612 | } |
98de032b | 613 | extern struct paravirt_patch_site __start_parainstructions[], |
139ec7c4 RR |
614 | __stop_parainstructions[]; |
615 | #endif /* CONFIG_PARAVIRT */ | |
616 | ||
9a0b5817 GH |
617 | void __init alternative_instructions(void) |
618 | { | |
8f4e956b AK |
619 | /* The patching is not fully atomic, so try to avoid local interruptions |
620 | that might execute the to be patched code. | |
621 | Other CPUs are not running. */ | |
622 | stop_nmi(); | |
123aa76e AK |
623 | |
624 | /* | |
625 | * Don't stop machine check exceptions while patching. | |
626 | * MCEs only happen when something got corrupted and in this | |
627 | * case we must do something about the corruption. | |
628 | * Ignoring it is worse than a unlikely patching race. | |
629 | * Also machine checks tend to be broadcast and if one CPU | |
630 | * goes into machine check the others follow quickly, so we don't | |
631 | * expect a machine check to cause undue problems during to code | |
632 | * patching. | |
633 | */ | |
8f4e956b | 634 | |
9a0b5817 GH |
635 | apply_alternatives(__alt_instructions, __alt_instructions_end); |
636 | ||
8ec4d41f | 637 | #ifdef CONFIG_SMP |
816afe4f RR |
638 | /* Patch to UP if other cpus not imminent. */ |
639 | if (!noreplace_smp && (num_present_cpus() == 1 || setup_max_cpus <= 1)) { | |
640 | uniproc_patched = true; | |
9a0b5817 GH |
641 | alternatives_smp_module_add(NULL, "core kernel", |
642 | __smp_locks, __smp_locks_end, | |
643 | _text, _etext); | |
9a0b5817 | 644 | } |
8f4e956b | 645 | |
816afe4f | 646 | if (!uniproc_patched || num_possible_cpus() == 1) |
f68fd5f4 FW |
647 | free_init_pages("SMP alternatives", |
648 | (unsigned long)__smp_locks, | |
649 | (unsigned long)__smp_locks_end); | |
816afe4f RR |
650 | #endif |
651 | ||
652 | apply_paravirt(__parainstructions, __parainstructions_end); | |
f68fd5f4 | 653 | |
8f4e956b | 654 | restart_nmi(); |
5e907bb0 | 655 | alternatives_patched = 1; |
9a0b5817 | 656 | } |
19d36ccd | 657 | |
e587cadd MD |
658 | /** |
659 | * text_poke_early - Update instructions on a live kernel at boot time | |
660 | * @addr: address to modify | |
661 | * @opcode: source of the copy | |
662 | * @len: length to copy | |
663 | * | |
19d36ccd AK |
664 | * When you use this code to patch more than one byte of an instruction |
665 | * you need to make sure that other CPUs cannot execute this code in parallel. | |
e587cadd MD |
666 | * Also no thread must be currently preempted in the middle of these |
667 | * instructions. And on the local CPU you need to be protected again NMI or MCE | |
668 | * handlers seeing an inconsistent instruction while you patch. | |
19d36ccd | 669 | */ |
fa6f2cc7 | 670 | void *__init_or_module text_poke_early(void *addr, const void *opcode, |
8b5a10fc | 671 | size_t len) |
19d36ccd | 672 | { |
e587cadd MD |
673 | unsigned long flags; |
674 | local_irq_save(flags); | |
19d36ccd | 675 | memcpy(addr, opcode, len); |
5367b688 | 676 | local_irq_restore(flags); |
6fffacb3 | 677 | sync_core(); |
e587cadd MD |
678 | /* Could also do a CLFLUSH here to speed up CPU recovery; but |
679 | that causes hangs on some VIA CPUs. */ | |
680 | return addr; | |
681 | } | |
682 | ||
4fc19708 NA |
683 | __ro_after_init struct mm_struct *poking_mm; |
684 | __ro_after_init unsigned long poking_addr; | |
685 | ||
e836673c | 686 | static void *__text_poke(void *addr, const void *opcode, size_t len) |
e587cadd | 687 | { |
b3fd8e83 NA |
688 | bool cross_page_boundary = offset_in_page(addr) + len > PAGE_SIZE; |
689 | struct page *pages[2] = {NULL}; | |
690 | temp_mm_state_t prev; | |
78ff7fae | 691 | unsigned long flags; |
b3fd8e83 NA |
692 | pte_t pte, *ptep; |
693 | spinlock_t *ptl; | |
694 | pgprot_t pgprot; | |
e587cadd | 695 | |
6fffacb3 | 696 | /* |
b3fd8e83 NA |
697 | * While boot memory allocator is running we cannot use struct pages as |
698 | * they are not yet initialized. There is no way to recover. | |
6fffacb3 PT |
699 | */ |
700 | BUG_ON(!after_bootmem); | |
701 | ||
b7b66baa MD |
702 | if (!core_kernel_text((unsigned long)addr)) { |
703 | pages[0] = vmalloc_to_page(addr); | |
b3fd8e83 NA |
704 | if (cross_page_boundary) |
705 | pages[1] = vmalloc_to_page(addr + PAGE_SIZE); | |
15a601eb | 706 | } else { |
b7b66baa | 707 | pages[0] = virt_to_page(addr); |
00c6b2d5 | 708 | WARN_ON(!PageReserved(pages[0])); |
b3fd8e83 NA |
709 | if (cross_page_boundary) |
710 | pages[1] = virt_to_page(addr + PAGE_SIZE); | |
e587cadd | 711 | } |
b3fd8e83 NA |
712 | /* |
713 | * If something went wrong, crash and burn since recovery paths are not | |
714 | * implemented. | |
715 | */ | |
716 | BUG_ON(!pages[0] || (cross_page_boundary && !pages[1])); | |
717 | ||
7cf49427 | 718 | local_irq_save(flags); |
b3fd8e83 NA |
719 | |
720 | /* | |
721 | * Map the page without the global bit, as TLB flushing is done with | |
722 | * flush_tlb_mm_range(), which is intended for non-global PTEs. | |
723 | */ | |
724 | pgprot = __pgprot(pgprot_val(PAGE_KERNEL) & ~_PAGE_GLOBAL); | |
725 | ||
726 | /* | |
727 | * The lock is not really needed, but this allows to avoid open-coding. | |
728 | */ | |
729 | ptep = get_locked_pte(poking_mm, poking_addr, &ptl); | |
730 | ||
731 | /* | |
732 | * This must not fail; preallocated in poking_init(). | |
733 | */ | |
734 | VM_BUG_ON(!ptep); | |
735 | ||
736 | pte = mk_pte(pages[0], pgprot); | |
737 | set_pte_at(poking_mm, poking_addr, ptep, pte); | |
738 | ||
739 | if (cross_page_boundary) { | |
740 | pte = mk_pte(pages[1], pgprot); | |
741 | set_pte_at(poking_mm, poking_addr + PAGE_SIZE, ptep + 1, pte); | |
742 | } | |
743 | ||
744 | /* | |
745 | * Loading the temporary mm behaves as a compiler barrier, which | |
746 | * guarantees that the PTE will be set at the time memcpy() is done. | |
747 | */ | |
748 | prev = use_temporary_mm(poking_mm); | |
749 | ||
750 | kasan_disable_current(); | |
751 | memcpy((u8 *)poking_addr + offset_in_page(addr), opcode, len); | |
752 | kasan_enable_current(); | |
753 | ||
754 | /* | |
755 | * Ensure that the PTE is only cleared after the instructions of memcpy | |
756 | * were issued by using a compiler barrier. | |
757 | */ | |
758 | barrier(); | |
759 | ||
760 | pte_clear(poking_mm, poking_addr, ptep); | |
761 | if (cross_page_boundary) | |
762 | pte_clear(poking_mm, poking_addr + PAGE_SIZE, ptep + 1); | |
763 | ||
764 | /* | |
765 | * Loading the previous page-table hierarchy requires a serializing | |
766 | * instruction that already allows the core to see the updated version. | |
767 | * Xen-PV is assumed to serialize execution in a similar manner. | |
768 | */ | |
769 | unuse_temporary_mm(prev); | |
770 | ||
771 | /* | |
772 | * Flushing the TLB might involve IPIs, which would require enabled | |
773 | * IRQs, but not if the mm is not used, as it is in this point. | |
774 | */ | |
775 | flush_tlb_mm_range(poking_mm, poking_addr, poking_addr + | |
776 | (cross_page_boundary ? 2 : 1) * PAGE_SIZE, | |
777 | PAGE_SHIFT, false); | |
778 | ||
779 | /* | |
780 | * If the text does not match what we just wrote then something is | |
781 | * fundamentally screwy; there's nothing we can really do about that. | |
782 | */ | |
783 | BUG_ON(memcmp(addr, opcode, len)); | |
784 | ||
785 | pte_unmap_unlock(ptep, ptl); | |
7cf49427 | 786 | local_irq_restore(flags); |
e587cadd | 787 | return addr; |
19d36ccd | 788 | } |
3d55cc8a | 789 | |
e836673c NA |
790 | /** |
791 | * text_poke - Update instructions on a live kernel | |
792 | * @addr: address to modify | |
793 | * @opcode: source of the copy | |
794 | * @len: length to copy | |
795 | * | |
796 | * Only atomic text poke/set should be allowed when not doing early patching. | |
797 | * It means the size must be writable atomically and the address must be aligned | |
798 | * in a way that permits an atomic write. It also makes sure we fit on a single | |
799 | * page. | |
800 | */ | |
801 | void *text_poke(void *addr, const void *opcode, size_t len) | |
802 | { | |
803 | lockdep_assert_held(&text_mutex); | |
804 | ||
805 | return __text_poke(addr, opcode, len); | |
806 | } | |
807 | ||
808 | /** | |
809 | * text_poke_kgdb - Update instructions on a live kernel by kgdb | |
810 | * @addr: address to modify | |
811 | * @opcode: source of the copy | |
812 | * @len: length to copy | |
813 | * | |
814 | * Only atomic text poke/set should be allowed when not doing early patching. | |
815 | * It means the size must be writable atomically and the address must be aligned | |
816 | * in a way that permits an atomic write. It also makes sure we fit on a single | |
817 | * page. | |
818 | * | |
819 | * Context: should only be used by kgdb, which ensures no other core is running, | |
820 | * despite the fact it does not hold the text_mutex. | |
821 | */ | |
822 | void *text_poke_kgdb(void *addr, const void *opcode, size_t len) | |
823 | { | |
824 | return __text_poke(addr, opcode, len); | |
825 | } | |
826 | ||
fd4363ff JK |
827 | static void do_sync_core(void *info) |
828 | { | |
829 | sync_core(); | |
830 | } | |
831 | ||
832 | static bool bp_patching_in_progress; | |
833 | static void *bp_int3_handler, *bp_int3_addr; | |
834 | ||
17f41571 | 835 | int poke_int3_handler(struct pt_regs *regs) |
fd4363ff | 836 | { |
01651324 PZ |
837 | /* |
838 | * Having observed our INT3 instruction, we now must observe | |
839 | * bp_patching_in_progress. | |
840 | * | |
841 | * in_progress = TRUE INT3 | |
842 | * WMB RMB | |
843 | * write INT3 if (in_progress) | |
844 | * | |
845 | * Idem for bp_int3_handler. | |
846 | */ | |
fd4363ff JK |
847 | smp_rmb(); |
848 | ||
849 | if (likely(!bp_patching_in_progress)) | |
17f41571 | 850 | return 0; |
fd4363ff | 851 | |
f39b6f0e | 852 | if (user_mode(regs) || regs->ip != (unsigned long)bp_int3_addr) |
17f41571 | 853 | return 0; |
fd4363ff JK |
854 | |
855 | /* set up the specified breakpoint handler */ | |
17f41571 JK |
856 | regs->ip = (unsigned long) bp_int3_handler; |
857 | ||
858 | return 1; | |
fd4363ff | 859 | } |
c13324a5 | 860 | NOKPROBE_SYMBOL(poke_int3_handler); |
17f41571 | 861 | |
fd4363ff JK |
862 | /** |
863 | * text_poke_bp() -- update instructions on live kernel on SMP | |
864 | * @addr: address to patch | |
865 | * @opcode: opcode of new instruction | |
866 | * @len: length to copy | |
867 | * @handler: address to jump to when the temporary breakpoint is hit | |
868 | * | |
869 | * Modify multi-byte instruction by using int3 breakpoint on SMP. | |
ea8596bb MH |
870 | * We completely avoid stop_machine() here, and achieve the |
871 | * synchronization using int3 breakpoint. | |
fd4363ff JK |
872 | * |
873 | * The way it is done: | |
874 | * - add a int3 trap to the address that will be patched | |
875 | * - sync cores | |
876 | * - update all but the first byte of the patched range | |
877 | * - sync cores | |
878 | * - replace the first byte (int3) by the first byte of | |
879 | * replacing opcode | |
880 | * - sync cores | |
fd4363ff JK |
881 | */ |
882 | void *text_poke_bp(void *addr, const void *opcode, size_t len, void *handler) | |
883 | { | |
884 | unsigned char int3 = 0xcc; | |
885 | ||
886 | bp_int3_handler = handler; | |
887 | bp_int3_addr = (u8 *)addr + sizeof(int3); | |
888 | bp_patching_in_progress = true; | |
9222f606 JK |
889 | |
890 | lockdep_assert_held(&text_mutex); | |
891 | ||
fd4363ff | 892 | /* |
01651324 PZ |
893 | * Corresponding read barrier in int3 notifier for making sure the |
894 | * in_progress and handler are correctly ordered wrt. patching. | |
fd4363ff JK |
895 | */ |
896 | smp_wmb(); | |
897 | ||
898 | text_poke(addr, &int3, sizeof(int3)); | |
899 | ||
900 | on_each_cpu(do_sync_core, NULL, 1); | |
901 | ||
902 | if (len - sizeof(int3) > 0) { | |
903 | /* patch all but the first byte */ | |
904 | text_poke((char *)addr + sizeof(int3), | |
905 | (const char *) opcode + sizeof(int3), | |
906 | len - sizeof(int3)); | |
907 | /* | |
908 | * According to Intel, this core syncing is very likely | |
909 | * not necessary and we'd be safe even without it. But | |
910 | * better safe than sorry (plus there's not only Intel). | |
911 | */ | |
912 | on_each_cpu(do_sync_core, NULL, 1); | |
913 | } | |
914 | ||
915 | /* patch the first byte */ | |
916 | text_poke(addr, opcode, sizeof(int3)); | |
917 | ||
918 | on_each_cpu(do_sync_core, NULL, 1); | |
01651324 PZ |
919 | /* |
920 | * sync_core() implies an smp_mb() and orders this store against | |
921 | * the writing of the new instruction. | |
922 | */ | |
fd4363ff | 923 | bp_patching_in_progress = false; |
fd4363ff JK |
924 | |
925 | return addr; | |
926 | } | |
927 |