2 * Copyright (C) 2001 Ben. Herrenschmidt (benh@kernel.crashing.org)
4 * Modifications for ppc64:
5 * Copyright (C) 2003 Dave Engebretsen <engebret@us.ibm.com>
7 * Copyright 2008 Michael Ellerman, IBM Corporation.
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License
11 * as published by the Free Software Foundation; either version
12 * 2 of the License, or (at your option) any later version.
15 #include <linux/types.h>
16 #include <linux/jump_label.h>
17 #include <linux/kernel.h>
18 #include <linux/string.h>
19 #include <linux/init.h>
20 #include <linux/sched/mm.h>
21 #include <asm/cputable.h>
22 #include <asm/code-patching.h>
24 #include <asm/sections.h>
25 #include <asm/setup.h>
26 #include <asm/security_features.h>
27 #include <asm/firmware.h>
38 static unsigned int *calc_addr(struct fixup_entry
*fcur
, long offset
)
41 * We store the offset to the code as a negative offset from
42 * the start of the alt_entry, to support the VDSO. This
43 * routine converts that back into an actual address.
45 return (unsigned int *)((unsigned long)fcur
+ offset
);
48 static int patch_alt_instruction(unsigned int *src
, unsigned int *dest
,
49 unsigned int *alt_start
, unsigned int *alt_end
)
55 if (instr_is_relative_branch(*src
)) {
56 unsigned int *target
= (unsigned int *)branch_target(src
);
58 /* Branch within the section doesn't need translating */
59 if (target
< alt_start
|| target
> alt_end
) {
60 instr
= translate_branch(dest
, src
);
66 patch_instruction(dest
, instr
);
71 static int patch_feature_section(unsigned long value
, struct fixup_entry
*fcur
)
73 unsigned int *start
, *end
, *alt_start
, *alt_end
, *src
, *dest
;
75 start
= calc_addr(fcur
, fcur
->start_off
);
76 end
= calc_addr(fcur
, fcur
->end_off
);
77 alt_start
= calc_addr(fcur
, fcur
->alt_start_off
);
78 alt_end
= calc_addr(fcur
, fcur
->alt_end_off
);
80 if ((alt_end
- alt_start
) > (end
- start
))
83 if ((value
& fcur
->mask
) == fcur
->value
)
89 for (; src
< alt_end
; src
++, dest
++) {
90 if (patch_alt_instruction(src
, dest
, alt_start
, alt_end
))
94 for (; dest
< end
; dest
++)
95 patch_instruction(dest
, PPC_INST_NOP
);
100 void do_feature_fixups(unsigned long value
, void *fixup_start
, void *fixup_end
)
102 struct fixup_entry
*fcur
, *fend
;
107 for (; fcur
< fend
; fcur
++) {
108 if (patch_feature_section(value
, fcur
)) {
110 printk("Unable to patch feature section at %p - %p" \
112 calc_addr(fcur
, fcur
->start_off
),
113 calc_addr(fcur
, fcur
->end_off
),
114 calc_addr(fcur
, fcur
->alt_start_off
),
115 calc_addr(fcur
, fcur
->alt_end_off
));
120 #ifdef CONFIG_PPC_BOOK3S_64
121 void do_stf_entry_barrier_fixups(enum stf_barrier_type types
)
123 unsigned int instrs
[3], *dest
;
127 start
= PTRRELOC(&__start___stf_entry_barrier_fixup
),
128 end
= PTRRELOC(&__stop___stf_entry_barrier_fixup
);
130 instrs
[0] = 0x60000000; /* nop */
131 instrs
[1] = 0x60000000; /* nop */
132 instrs
[2] = 0x60000000; /* nop */
135 if (types
& STF_BARRIER_FALLBACK
) {
136 instrs
[i
++] = 0x7d4802a6; /* mflr r10 */
137 instrs
[i
++] = 0x60000000; /* branch patched below */
138 instrs
[i
++] = 0x7d4803a6; /* mtlr r10 */
139 } else if (types
& STF_BARRIER_EIEIO
) {
140 instrs
[i
++] = 0x7e0006ac; /* eieio + bit 6 hint */
141 } else if (types
& STF_BARRIER_SYNC_ORI
) {
142 instrs
[i
++] = 0x7c0004ac; /* hwsync */
143 instrs
[i
++] = 0xe94d0000; /* ld r10,0(r13) */
144 instrs
[i
++] = 0x63ff0000; /* ori 31,31,0 speculation barrier */
147 for (i
= 0; start
< end
; start
++, i
++) {
148 dest
= (void *)start
+ *start
;
150 pr_devel("patching dest %lx\n", (unsigned long)dest
);
152 patch_instruction(dest
, instrs
[0]);
154 if (types
& STF_BARRIER_FALLBACK
)
155 patch_branch(dest
+ 1, (unsigned long)&stf_barrier_fallback
,
158 patch_instruction(dest
+ 1, instrs
[1]);
160 patch_instruction(dest
+ 2, instrs
[2]);
163 printk(KERN_DEBUG
"stf-barrier: patched %d entry locations (%s barrier)\n", i
,
164 (types
== STF_BARRIER_NONE
) ? "no" :
165 (types
== STF_BARRIER_FALLBACK
) ? "fallback" :
166 (types
== STF_BARRIER_EIEIO
) ? "eieio" :
167 (types
== (STF_BARRIER_SYNC_ORI
)) ? "hwsync"
171 void do_stf_exit_barrier_fixups(enum stf_barrier_type types
)
173 unsigned int instrs
[6], *dest
;
177 start
= PTRRELOC(&__start___stf_exit_barrier_fixup
),
178 end
= PTRRELOC(&__stop___stf_exit_barrier_fixup
);
180 instrs
[0] = 0x60000000; /* nop */
181 instrs
[1] = 0x60000000; /* nop */
182 instrs
[2] = 0x60000000; /* nop */
183 instrs
[3] = 0x60000000; /* nop */
184 instrs
[4] = 0x60000000; /* nop */
185 instrs
[5] = 0x60000000; /* nop */
188 if (types
& STF_BARRIER_FALLBACK
|| types
& STF_BARRIER_SYNC_ORI
) {
189 if (cpu_has_feature(CPU_FTR_HVMODE
)) {
190 instrs
[i
++] = 0x7db14ba6; /* mtspr 0x131, r13 (HSPRG1) */
191 instrs
[i
++] = 0x7db04aa6; /* mfspr r13, 0x130 (HSPRG0) */
193 instrs
[i
++] = 0x7db243a6; /* mtsprg 2,r13 */
194 instrs
[i
++] = 0x7db142a6; /* mfsprg r13,1 */
196 instrs
[i
++] = 0x7c0004ac; /* hwsync */
197 instrs
[i
++] = 0xe9ad0000; /* ld r13,0(r13) */
198 instrs
[i
++] = 0x63ff0000; /* ori 31,31,0 speculation barrier */
199 if (cpu_has_feature(CPU_FTR_HVMODE
)) {
200 instrs
[i
++] = 0x7db14aa6; /* mfspr r13, 0x131 (HSPRG1) */
202 instrs
[i
++] = 0x7db242a6; /* mfsprg r13,2 */
204 } else if (types
& STF_BARRIER_EIEIO
) {
205 instrs
[i
++] = 0x7e0006ac; /* eieio + bit 6 hint */
208 for (i
= 0; start
< end
; start
++, i
++) {
209 dest
= (void *)start
+ *start
;
211 pr_devel("patching dest %lx\n", (unsigned long)dest
);
213 patch_instruction(dest
, instrs
[0]);
214 patch_instruction(dest
+ 1, instrs
[1]);
215 patch_instruction(dest
+ 2, instrs
[2]);
216 patch_instruction(dest
+ 3, instrs
[3]);
217 patch_instruction(dest
+ 4, instrs
[4]);
218 patch_instruction(dest
+ 5, instrs
[5]);
220 printk(KERN_DEBUG
"stf-barrier: patched %d exit locations (%s barrier)\n", i
,
221 (types
== STF_BARRIER_NONE
) ? "no" :
222 (types
== STF_BARRIER_FALLBACK
) ? "fallback" :
223 (types
== STF_BARRIER_EIEIO
) ? "eieio" :
224 (types
== (STF_BARRIER_SYNC_ORI
)) ? "hwsync"
229 void do_stf_barrier_fixups(enum stf_barrier_type types
)
231 do_stf_entry_barrier_fixups(types
);
232 do_stf_exit_barrier_fixups(types
);
235 void do_rfi_flush_fixups(enum l1d_flush_type types
)
237 unsigned int instrs
[3], *dest
;
241 start
= PTRRELOC(&__start___rfi_flush_fixup
),
242 end
= PTRRELOC(&__stop___rfi_flush_fixup
);
244 instrs
[0] = 0x60000000; /* nop */
245 instrs
[1] = 0x60000000; /* nop */
246 instrs
[2] = 0x60000000; /* nop */
248 if (types
& L1D_FLUSH_FALLBACK
)
249 /* b .+16 to fallback flush */
250 instrs
[0] = 0x48000010;
253 if (types
& L1D_FLUSH_ORI
) {
254 instrs
[i
++] = 0x63ff0000; /* ori 31,31,0 speculation barrier */
255 instrs
[i
++] = 0x63de0000; /* ori 30,30,0 L1d flush*/
258 if (types
& L1D_FLUSH_MTTRIG
)
259 instrs
[i
++] = 0x7c12dba6; /* mtspr TRIG2,r0 (SPR #882) */
261 for (i
= 0; start
< end
; start
++, i
++) {
262 dest
= (void *)start
+ *start
;
264 pr_devel("patching dest %lx\n", (unsigned long)dest
);
266 patch_instruction(dest
, instrs
[0]);
267 patch_instruction(dest
+ 1, instrs
[1]);
268 patch_instruction(dest
+ 2, instrs
[2]);
271 printk(KERN_DEBUG
"rfi-flush: patched %d locations (%s flush)\n", i
,
272 (types
== L1D_FLUSH_NONE
) ? "no" :
273 (types
== L1D_FLUSH_FALLBACK
) ? "fallback displacement" :
274 (types
& L1D_FLUSH_ORI
) ? (types
& L1D_FLUSH_MTTRIG
)
277 (types
& L1D_FLUSH_MTTRIG
) ? "mttrig type"
281 void do_barrier_nospec_fixups_range(bool enable
, void *fixup_start
, void *fixup_end
)
283 unsigned int instr
, *dest
;
290 instr
= 0x60000000; /* nop */
293 pr_info("barrier-nospec: using ORI speculation barrier\n");
294 instr
= 0x63ff0000; /* ori 31,31,0 speculation barrier */
297 for (i
= 0; start
< end
; start
++, i
++) {
298 dest
= (void *)start
+ *start
;
300 pr_devel("patching dest %lx\n", (unsigned long)dest
);
301 patch_instruction(dest
, instr
);
304 printk(KERN_DEBUG
"barrier-nospec: patched %d locations\n", i
);
307 #endif /* CONFIG_PPC_BOOK3S_64 */
309 #ifdef CONFIG_PPC_BARRIER_NOSPEC
310 void do_barrier_nospec_fixups(bool enable
)
314 start
= PTRRELOC(&__start___barrier_nospec_fixup
),
315 end
= PTRRELOC(&__stop___barrier_nospec_fixup
);
317 do_barrier_nospec_fixups_range(enable
, start
, end
);
319 #endif /* CONFIG_PPC_BARRIER_NOSPEC */
321 void do_lwsync_fixups(unsigned long value
, void *fixup_start
, void *fixup_end
)
326 if (!(value
& CPU_FTR_LWSYNC
))
332 for (; start
< end
; start
++) {
333 dest
= (void *)start
+ *start
;
334 patch_instruction(dest
, PPC_INST_LWSYNC
);
338 static void do_final_fixups(void)
340 #if defined(CONFIG_PPC64) && defined(CONFIG_RELOCATABLE)
342 unsigned long length
;
344 if (PHYSICAL_START
== 0)
347 src
= (int *)(KERNELBASE
+ PHYSICAL_START
);
348 dest
= (int *)KERNELBASE
;
349 length
= (__end_interrupts
- _stext
) / sizeof(int);
352 patch_instruction(dest
, *src
);
359 static unsigned long __initdata saved_cpu_features
;
360 static unsigned int __initdata saved_mmu_features
;
362 static unsigned long __initdata saved_firmware_features
;
365 void __init
apply_feature_fixups(void)
367 struct cpu_spec
*spec
= PTRRELOC(*PTRRELOC(&cur_cpu_spec
));
369 *PTRRELOC(&saved_cpu_features
) = spec
->cpu_features
;
370 *PTRRELOC(&saved_mmu_features
) = spec
->mmu_features
;
373 * Apply the CPU-specific and firmware specific fixups to kernel text
374 * (nop out sections not relevant to this CPU or this firmware).
376 do_feature_fixups(spec
->cpu_features
,
377 PTRRELOC(&__start___ftr_fixup
),
378 PTRRELOC(&__stop___ftr_fixup
));
380 do_feature_fixups(spec
->mmu_features
,
381 PTRRELOC(&__start___mmu_ftr_fixup
),
382 PTRRELOC(&__stop___mmu_ftr_fixup
));
384 do_lwsync_fixups(spec
->cpu_features
,
385 PTRRELOC(&__start___lwsync_fixup
),
386 PTRRELOC(&__stop___lwsync_fixup
));
389 saved_firmware_features
= powerpc_firmware_features
;
390 do_feature_fixups(powerpc_firmware_features
,
391 &__start___fw_ftr_fixup
, &__stop___fw_ftr_fixup
);
396 void __init
setup_feature_keys(void)
399 * Initialise jump label. This causes all the cpu/mmu_has_feature()
400 * checks to take on their correct polarity based on the current set of
404 cpu_feature_keys_init();
405 mmu_feature_keys_init();
408 static int __init
check_features(void)
410 WARN(saved_cpu_features
!= cur_cpu_spec
->cpu_features
,
411 "CPU features changed after feature patching!\n");
412 WARN(saved_mmu_features
!= cur_cpu_spec
->mmu_features
,
413 "MMU features changed after feature patching!\n");
415 WARN(saved_firmware_features
!= powerpc_firmware_features
,
416 "Firmware features changed after feature patching!\n");
421 late_initcall(check_features
);
423 #ifdef CONFIG_FTR_FIXUP_SELFTEST
426 if (!(x)) printk("feature-fixups: test failed at line %d\n", __LINE__);
428 /* This must be after the text it fixes up, vmlinux.lds.S enforces that atm */
429 static struct fixup_entry fixup
;
431 static long calc_offset(struct fixup_entry
*entry
, unsigned int *p
)
433 return (unsigned long)p
- (unsigned long)entry
;
436 static void test_basic_patching(void)
438 extern unsigned int ftr_fixup_test1
[];
439 extern unsigned int end_ftr_fixup_test1
[];
440 extern unsigned int ftr_fixup_test1_orig
[];
441 extern unsigned int ftr_fixup_test1_expected
[];
442 int size
= end_ftr_fixup_test1
- ftr_fixup_test1
;
444 fixup
.value
= fixup
.mask
= 8;
445 fixup
.start_off
= calc_offset(&fixup
, ftr_fixup_test1
+ 1);
446 fixup
.end_off
= calc_offset(&fixup
, ftr_fixup_test1
+ 2);
447 fixup
.alt_start_off
= fixup
.alt_end_off
= 0;
450 check(memcmp(ftr_fixup_test1
, ftr_fixup_test1_orig
, size
) == 0);
452 /* Check we don't patch if the value matches */
453 patch_feature_section(8, &fixup
);
454 check(memcmp(ftr_fixup_test1
, ftr_fixup_test1_orig
, size
) == 0);
456 /* Check we do patch if the value doesn't match */
457 patch_feature_section(0, &fixup
);
458 check(memcmp(ftr_fixup_test1
, ftr_fixup_test1_expected
, size
) == 0);
460 /* Check we do patch if the mask doesn't match */
461 memcpy(ftr_fixup_test1
, ftr_fixup_test1_orig
, size
);
462 check(memcmp(ftr_fixup_test1
, ftr_fixup_test1_orig
, size
) == 0);
463 patch_feature_section(~8, &fixup
);
464 check(memcmp(ftr_fixup_test1
, ftr_fixup_test1_expected
, size
) == 0);
467 static void test_alternative_patching(void)
469 extern unsigned int ftr_fixup_test2
[];
470 extern unsigned int end_ftr_fixup_test2
[];
471 extern unsigned int ftr_fixup_test2_orig
[];
472 extern unsigned int ftr_fixup_test2_alt
[];
473 extern unsigned int ftr_fixup_test2_expected
[];
474 int size
= end_ftr_fixup_test2
- ftr_fixup_test2
;
476 fixup
.value
= fixup
.mask
= 0xF;
477 fixup
.start_off
= calc_offset(&fixup
, ftr_fixup_test2
+ 1);
478 fixup
.end_off
= calc_offset(&fixup
, ftr_fixup_test2
+ 2);
479 fixup
.alt_start_off
= calc_offset(&fixup
, ftr_fixup_test2_alt
);
480 fixup
.alt_end_off
= calc_offset(&fixup
, ftr_fixup_test2_alt
+ 1);
483 check(memcmp(ftr_fixup_test2
, ftr_fixup_test2_orig
, size
) == 0);
485 /* Check we don't patch if the value matches */
486 patch_feature_section(0xF, &fixup
);
487 check(memcmp(ftr_fixup_test2
, ftr_fixup_test2_orig
, size
) == 0);
489 /* Check we do patch if the value doesn't match */
490 patch_feature_section(0, &fixup
);
491 check(memcmp(ftr_fixup_test2
, ftr_fixup_test2_expected
, size
) == 0);
493 /* Check we do patch if the mask doesn't match */
494 memcpy(ftr_fixup_test2
, ftr_fixup_test2_orig
, size
);
495 check(memcmp(ftr_fixup_test2
, ftr_fixup_test2_orig
, size
) == 0);
496 patch_feature_section(~0xF, &fixup
);
497 check(memcmp(ftr_fixup_test2
, ftr_fixup_test2_expected
, size
) == 0);
500 static void test_alternative_case_too_big(void)
502 extern unsigned int ftr_fixup_test3
[];
503 extern unsigned int end_ftr_fixup_test3
[];
504 extern unsigned int ftr_fixup_test3_orig
[];
505 extern unsigned int ftr_fixup_test3_alt
[];
506 int size
= end_ftr_fixup_test3
- ftr_fixup_test3
;
508 fixup
.value
= fixup
.mask
= 0xC;
509 fixup
.start_off
= calc_offset(&fixup
, ftr_fixup_test3
+ 1);
510 fixup
.end_off
= calc_offset(&fixup
, ftr_fixup_test3
+ 2);
511 fixup
.alt_start_off
= calc_offset(&fixup
, ftr_fixup_test3_alt
);
512 fixup
.alt_end_off
= calc_offset(&fixup
, ftr_fixup_test3_alt
+ 2);
515 check(memcmp(ftr_fixup_test3
, ftr_fixup_test3_orig
, size
) == 0);
517 /* Expect nothing to be patched, and the error returned to us */
518 check(patch_feature_section(0xF, &fixup
) == 1);
519 check(memcmp(ftr_fixup_test3
, ftr_fixup_test3_orig
, size
) == 0);
520 check(patch_feature_section(0, &fixup
) == 1);
521 check(memcmp(ftr_fixup_test3
, ftr_fixup_test3_orig
, size
) == 0);
522 check(patch_feature_section(~0xF, &fixup
) == 1);
523 check(memcmp(ftr_fixup_test3
, ftr_fixup_test3_orig
, size
) == 0);
526 static void test_alternative_case_too_small(void)
528 extern unsigned int ftr_fixup_test4
[];
529 extern unsigned int end_ftr_fixup_test4
[];
530 extern unsigned int ftr_fixup_test4_orig
[];
531 extern unsigned int ftr_fixup_test4_alt
[];
532 extern unsigned int ftr_fixup_test4_expected
[];
533 int size
= end_ftr_fixup_test4
- ftr_fixup_test4
;
536 /* Check a high-bit flag */
537 flag
= 1UL << ((sizeof(unsigned long) - 1) * 8);
538 fixup
.value
= fixup
.mask
= flag
;
539 fixup
.start_off
= calc_offset(&fixup
, ftr_fixup_test4
+ 1);
540 fixup
.end_off
= calc_offset(&fixup
, ftr_fixup_test4
+ 5);
541 fixup
.alt_start_off
= calc_offset(&fixup
, ftr_fixup_test4_alt
);
542 fixup
.alt_end_off
= calc_offset(&fixup
, ftr_fixup_test4_alt
+ 2);
545 check(memcmp(ftr_fixup_test4
, ftr_fixup_test4_orig
, size
) == 0);
547 /* Check we don't patch if the value matches */
548 patch_feature_section(flag
, &fixup
);
549 check(memcmp(ftr_fixup_test4
, ftr_fixup_test4_orig
, size
) == 0);
551 /* Check we do patch if the value doesn't match */
552 patch_feature_section(0, &fixup
);
553 check(memcmp(ftr_fixup_test4
, ftr_fixup_test4_expected
, size
) == 0);
555 /* Check we do patch if the mask doesn't match */
556 memcpy(ftr_fixup_test4
, ftr_fixup_test4_orig
, size
);
557 check(memcmp(ftr_fixup_test4
, ftr_fixup_test4_orig
, size
) == 0);
558 patch_feature_section(~flag
, &fixup
);
559 check(memcmp(ftr_fixup_test4
, ftr_fixup_test4_expected
, size
) == 0);
562 static void test_alternative_case_with_branch(void)
564 extern unsigned int ftr_fixup_test5
[];
565 extern unsigned int end_ftr_fixup_test5
[];
566 extern unsigned int ftr_fixup_test5_expected
[];
567 int size
= end_ftr_fixup_test5
- ftr_fixup_test5
;
569 check(memcmp(ftr_fixup_test5
, ftr_fixup_test5_expected
, size
) == 0);
572 static void test_alternative_case_with_external_branch(void)
574 extern unsigned int ftr_fixup_test6
[];
575 extern unsigned int end_ftr_fixup_test6
[];
576 extern unsigned int ftr_fixup_test6_expected
[];
577 int size
= end_ftr_fixup_test6
- ftr_fixup_test6
;
579 check(memcmp(ftr_fixup_test6
, ftr_fixup_test6_expected
, size
) == 0);
582 static void test_cpu_macros(void)
584 extern u8 ftr_fixup_test_FTR_macros
[];
585 extern u8 ftr_fixup_test_FTR_macros_expected
[];
586 unsigned long size
= ftr_fixup_test_FTR_macros_expected
-
587 ftr_fixup_test_FTR_macros
;
589 /* The fixups have already been done for us during boot */
590 check(memcmp(ftr_fixup_test_FTR_macros
,
591 ftr_fixup_test_FTR_macros_expected
, size
) == 0);
594 static void test_fw_macros(void)
597 extern u8 ftr_fixup_test_FW_FTR_macros
[];
598 extern u8 ftr_fixup_test_FW_FTR_macros_expected
[];
599 unsigned long size
= ftr_fixup_test_FW_FTR_macros_expected
-
600 ftr_fixup_test_FW_FTR_macros
;
602 /* The fixups have already been done for us during boot */
603 check(memcmp(ftr_fixup_test_FW_FTR_macros
,
604 ftr_fixup_test_FW_FTR_macros_expected
, size
) == 0);
608 static void test_lwsync_macros(void)
610 extern u8 lwsync_fixup_test
[];
611 extern u8 end_lwsync_fixup_test
[];
612 extern u8 lwsync_fixup_test_expected_LWSYNC
[];
613 extern u8 lwsync_fixup_test_expected_SYNC
[];
614 unsigned long size
= end_lwsync_fixup_test
-
617 /* The fixups have already been done for us during boot */
618 if (cur_cpu_spec
->cpu_features
& CPU_FTR_LWSYNC
) {
619 check(memcmp(lwsync_fixup_test
,
620 lwsync_fixup_test_expected_LWSYNC
, size
) == 0);
622 check(memcmp(lwsync_fixup_test
,
623 lwsync_fixup_test_expected_SYNC
, size
) == 0);
627 static int __init
test_feature_fixups(void)
629 printk(KERN_DEBUG
"Running feature fixup self-tests ...\n");
631 test_basic_patching();
632 test_alternative_patching();
633 test_alternative_case_too_big();
634 test_alternative_case_too_small();
635 test_alternative_case_with_branch();
636 test_alternative_case_with_external_branch();
639 test_lwsync_macros();
643 late_initcall(test_feature_fixups
);
645 #endif /* CONFIG_FTR_FIXUP_SELFTEST */