projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
X86: drivers: remove __dev* attributes.
[deliverable/linux.git] / arch / x86 / kernel / alternative.c
CommitLineData
c767a54b
JP		 1#define pr_fmt(fmt) "SMP alternatives: " fmt
2
9a0b5817 3#include <linux/module.h>
f6a57033 4#include <linux/sched.h>
2f1dafe5 5#include <linux/mutex.h>
9a0b5817 6#include <linux/list.h>
8b5a10fc 7#include <linux/stringify.h>
19d36ccd
AK		 8#include <linux/kprobes.h>
9#include <linux/mm.h>
10#include <linux/vmalloc.h>
3945dab4 11#include <linux/memory.h>
3d55cc8a 12#include <linux/stop_machine.h>
5a0e3ad6 13#include <linux/slab.h>
9a0b5817
GH		 14#include <asm/alternative.h>
15#include <asm/sections.h>
19d36ccd 16#include <asm/pgtable.h>
8f4e956b
AK		 17#include <asm/mce.h>
18#include <asm/nmi.h>
e587cadd 19#include <asm/cacheflush.h>
78ff7fae 20#include <asm/tlbflush.h>
e587cadd 21#include <asm/io.h>
78ff7fae 22#include <asm/fixmap.h>
9a0b5817 23
ab144f5e
AK		 24#define MAX_PATCH_LEN (255-1)
25
8b5a10fc 26static int __initdata_or_module debug_alternative;
b7fb4af0 27
d167a518
GH		 28static int __init debug_alt(char *str)
29{
30 debug_alternative = 1;
31 return 1;
32}
d167a518
GH		 33__setup("debug-alternative", debug_alt);
34
09488165
JB		 35static int noreplace_smp;
36
b7fb4af0
JF		 37static int __init setup_noreplace_smp(char *str)
38{
39 noreplace_smp = 1;
40 return 1;
41}
42__setup("noreplace-smp", setup_noreplace_smp);
43
959b4fdf 44#ifdef CONFIG_PARAVIRT
8b5a10fc 45static int __initdata_or_module noreplace_paravirt = 0;
959b4fdf
JF		 46
47static int __init setup_noreplace_paravirt(char *str)
48{
49 noreplace_paravirt = 1;
50 return 1;
51}
52__setup("noreplace-paravirt", setup_noreplace_paravirt);
53#endif
b7fb4af0 54
c767a54b
JP		 55#define DPRINTK(fmt, ...) \
56do { \
57 if (debug_alternative) \
58 printk(KERN_DEBUG fmt, ##__VA_ARGS__); \
59} while (0)
d167a518 60
dc326fca
PA		 61/*
62 * Each GENERIC_NOPX is of X bytes, and defined as an array of bytes
63 * that correspond to that nop. Getting from one nop to the next, we
64 * add to the array the offset that is equal to the sum of all sizes of
65 * nops preceding the one we are after.
66 *
67 * Note: The GENERIC_NOP5_ATOMIC is at the end, as it breaks the
68 * nice symmetry of sizes of the previous nops.
69 */
8b5a10fc 70#if defined(GENERIC_NOP1) && !defined(CONFIG_X86_64)
dc326fca
PA		 71static const unsigned char intelnops[] =
72{
73 GENERIC_NOP1,
74 GENERIC_NOP2,
75 GENERIC_NOP3,
76 GENERIC_NOP4,
77 GENERIC_NOP5,
78 GENERIC_NOP6,
79 GENERIC_NOP7,
80 GENERIC_NOP8,
81 GENERIC_NOP5_ATOMIC
82};
83static const unsigned char * const intel_nops[ASM_NOP_MAX+2] =
84{
9a0b5817
GH		 85 NULL,
86 intelnops,
87 intelnops + 1,
88 intelnops + 1 + 2,
89 intelnops + 1 + 2 + 3,
90 intelnops + 1 + 2 + 3 + 4,
91 intelnops + 1 + 2 + 3 + 4 + 5,
92 intelnops + 1 + 2 + 3 + 4 + 5 + 6,
93 intelnops + 1 + 2 + 3 + 4 + 5 + 6 + 7,
dc326fca 94 intelnops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8,
9a0b5817 95};
d167a518
GH		 96#endif
97
98#ifdef K8_NOP1
dc326fca
PA		 99static const unsigned char k8nops[] =
100{
101 K8_NOP1,
102 K8_NOP2,
103 K8_NOP3,
104 K8_NOP4,
105 K8_NOP5,
106 K8_NOP6,
107 K8_NOP7,
108 K8_NOP8,
109 K8_NOP5_ATOMIC
110};
111static const unsigned char * const k8_nops[ASM_NOP_MAX+2] =
112{
9a0b5817
GH		 113 NULL,
114 k8nops,
115 k8nops + 1,
116 k8nops + 1 + 2,
117 k8nops + 1 + 2 + 3,
118 k8nops + 1 + 2 + 3 + 4,
119 k8nops + 1 + 2 + 3 + 4 + 5,
120 k8nops + 1 + 2 + 3 + 4 + 5 + 6,
121 k8nops + 1 + 2 + 3 + 4 + 5 + 6 + 7,
dc326fca 122 k8nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8,
9a0b5817 123};
d167a518
GH		 124#endif
125
8b5a10fc 126#if defined(K7_NOP1) && !defined(CONFIG_X86_64)
dc326fca
PA		 127static const unsigned char k7nops[] =
128{
129 K7_NOP1,
130 K7_NOP2,
131 K7_NOP3,
132 K7_NOP4,
133 K7_NOP5,
134 K7_NOP6,
135 K7_NOP7,
136 K7_NOP8,
137 K7_NOP5_ATOMIC
138};
139static const unsigned char * const k7_nops[ASM_NOP_MAX+2] =
140{
9a0b5817
GH		 141 NULL,
142 k7nops,
143 k7nops + 1,
144 k7nops + 1 + 2,
145 k7nops + 1 + 2 + 3,
146 k7nops + 1 + 2 + 3 + 4,
147 k7nops + 1 + 2 + 3 + 4 + 5,
148 k7nops + 1 + 2 + 3 + 4 + 5 + 6,
149 k7nops + 1 + 2 + 3 + 4 + 5 + 6 + 7,
dc326fca 150 k7nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8,
9a0b5817 151};
d167a518
GH		 152#endif
153
32c464f5 154#ifdef P6_NOP1
cb09cad4 155static const unsigned char p6nops[] =
dc326fca
PA		 156{
157 P6_NOP1,
158 P6_NOP2,
159 P6_NOP3,
160 P6_NOP4,
161 P6_NOP5,
162 P6_NOP6,
163 P6_NOP7,
164 P6_NOP8,
165 P6_NOP5_ATOMIC
166};
167static const unsigned char * const p6_nops[ASM_NOP_MAX+2] =
168{
32c464f5
JB		 169 NULL,
170 p6nops,
171 p6nops + 1,
172 p6nops + 1 + 2,
173 p6nops + 1 + 2 + 3,
174 p6nops + 1 + 2 + 3 + 4,
175 p6nops + 1 + 2 + 3 + 4 + 5,
176 p6nops + 1 + 2 + 3 + 4 + 5 + 6,
177 p6nops + 1 + 2 + 3 + 4 + 5 + 6 + 7,
dc326fca 178 p6nops + 1 + 2 + 3 + 4 + 5 + 6 + 7 + 8,
32c464f5
JB		 179};
180#endif
181
dc326fca 182/* Initialize these to a safe default */
d167a518 183#ifdef CONFIG_X86_64
dc326fca
PA		 184const unsigned char * const *ideal_nops = p6_nops;
185#else
186const unsigned char * const *ideal_nops = intel_nops;
187#endif
d167a518 188
dc326fca 189void __init arch_init_ideal_nops(void)
d167a518 190{
dc326fca
PA		 191 switch (boot_cpu_data.x86_vendor) {
192 case X86_VENDOR_INTEL:
d8d9766c
PA		 193 /*
194 * Due to a decoder implementation quirk, some
195 * specific Intel CPUs actually perform better with
196 * the "k8_nops" than with the SDM-recommended NOPs.
197 */
198 if (boot_cpu_data.x86 == 6 &&
199 boot_cpu_data.x86_model >= 0x0f &&
200 boot_cpu_data.x86_model != 0x1c &&
201 boot_cpu_data.x86_model != 0x26 &&
202 boot_cpu_data.x86_model != 0x27 &&
203 boot_cpu_data.x86_model < 0x30) {
204 ideal_nops = k8_nops;
205 } else if (boot_cpu_has(X86_FEATURE_NOPL)) {
dc326fca
PA		 206 ideal_nops = p6_nops;
207 } else {
208#ifdef CONFIG_X86_64
209 ideal_nops = k8_nops;
210#else
211 ideal_nops = intel_nops;
212#endif
213 }
d6250a3f 214 break;
dc326fca
PA		 215 default:
216#ifdef CONFIG_X86_64
217 ideal_nops = k8_nops;
218#else
219 if (boot_cpu_has(X86_FEATURE_K8))
220 ideal_nops = k8_nops;
221 else if (boot_cpu_has(X86_FEATURE_K7))
222 ideal_nops = k7_nops;
223 else
224 ideal_nops = intel_nops;
225#endif
226 }
9a0b5817
GH		 227}
228
ab144f5e 229/* Use this to add nops to a buffer, then text_poke the whole buffer. */
8b5a10fc 230static void __init_or_module add_nops(void *insns, unsigned int len)
139ec7c4 231{
139ec7c4
RR		 232 while (len > 0) {
233 unsigned int noplen = len;
234 if (noplen > ASM_NOP_MAX)
235 noplen = ASM_NOP_MAX;
dc326fca 236 memcpy(insns, ideal_nops[noplen], noplen);
139ec7c4
RR		 237 insns += noplen;
238 len -= noplen;
239 }
240}
241
d167a518 242extern struct alt_instr __alt_instructions[], __alt_instructions_end[];
5967ed87 243extern s32 __smp_locks[], __smp_locks_end[];
fa6f2cc7 244void *text_poke_early(void *addr, const void *opcode, size_t len);
d167a518 245
9a0b5817
GH		 246/* Replace instructions with better alternatives for this CPU type.
247 This runs before SMP is initialized to avoid SMP problems with
0d2eb44f 248 self modifying code. This implies that asymmetric systems where
9a0b5817
GH		 249 APs have less capabilities than the boot processor are not handled.
250 Tough. Make sure you disable such features by hand. */
251
8b5a10fc
JB		 252void __init_or_module apply_alternatives(struct alt_instr *start,
253 struct alt_instr *end)
9a0b5817 254{
9a0b5817 255 struct alt_instr *a;
59e97e4d 256 u8 *instr, *replacement;
1b1d9258 257 u8 insnbuf[MAX_PATCH_LEN];
9a0b5817 258
77bf90ed 259 DPRINTK("%s: alt table %p -> %p\n", __func__, start, end);
50973133
FY		 260 /*
261 * The scan order should be from start to end. A later scanned
262 * alternative code can overwrite a previous scanned alternative code.
263 * Some kernel functions (e.g. memcpy, memset, etc) use this order to
264 * patch code.
265 *
266 * So be careful if you want to change the scan order to any other
267 * order.
268 */
9a0b5817 269 for (a = start; a < end; a++) {
59e97e4d
AL		 270 instr = (u8 *)&a->instr_offset + a->instr_offset;
271 replacement = (u8 *)&a->repl_offset + a->repl_offset;
9a0b5817 272 BUG_ON(a->replacementlen > a->instrlen);
ab144f5e 273 BUG_ON(a->instrlen > sizeof(insnbuf));
3b770a21 274 BUG_ON(a->cpuid >= NCAPINTS*32);
9a0b5817
GH		 275 if (!boot_cpu_has(a->cpuid))
276 continue;
59e97e4d
AL		 277
278 memcpy(insnbuf, replacement, a->replacementlen);
279
280 /* 0xe8 is a relative jump; fix the offset. */
281 if (*insnbuf == 0xe8 && a->replacementlen == 5)
282 *(s32 *)(insnbuf + 1) += replacement - instr;
283
284 add_nops(insnbuf + a->replacementlen,
285 a->instrlen - a->replacementlen);
286
e587cadd 287 text_poke_early(instr, insnbuf, a->instrlen);
9a0b5817
GH		 288 }
289}
290
8ec4d41f
GH		 291#ifdef CONFIG_SMP
292
5967ed87
JB		 293static void alternatives_smp_lock(const s32 *start, const s32 *end,
294 u8 *text, u8 *text_end)
9a0b5817 295{
5967ed87 296 const s32 *poff;
9a0b5817 297
3945dab4 298 mutex_lock(&text_mutex);
5967ed87
JB		 299 for (poff = start; poff < end; poff++) {
300 u8 *ptr = (u8 *)poff + *poff;
301
302 if (!*poff || ptr < text || ptr >= text_end)
9a0b5817 303 continue;
f88f07e0 304 /* turn DS segment override prefix into lock prefix */
d9c5841e
PA		 305 if (*ptr == 0x3e)
306 text_poke(ptr, ((unsigned char []){0xf0}), 1);
4b8073e4 307 }
3945dab4 308 mutex_unlock(&text_mutex);
9a0b5817
GH		 309}
310
5967ed87
JB		 311static void alternatives_smp_unlock(const s32 *start, const s32 *end,
312 u8 *text, u8 *text_end)
9a0b5817 313{
5967ed87 314 const s32 *poff;
9a0b5817 315
3945dab4 316 mutex_lock(&text_mutex);
5967ed87
JB		 317 for (poff = start; poff < end; poff++) {
318 u8 *ptr = (u8 *)poff + *poff;
319
320 if (!*poff || ptr < text || ptr >= text_end)
9a0b5817 321 continue;
f88f07e0 322 /* turn lock prefix into DS segment override prefix */
d9c5841e
PA		 323 if (*ptr == 0xf0)
324 text_poke(ptr, ((unsigned char []){0x3E}), 1);
4b8073e4 325 }
3945dab4 326 mutex_unlock(&text_mutex);
9a0b5817
GH		 327}
328
329struct smp_alt_module {
330 /* what is this ??? */
331 struct module *mod;
332 char *name;
333
334 /* ptrs to lock prefixes */
5967ed87
JB		 335 const s32 *locks;
336 const s32 *locks_end;
9a0b5817
GH		 337
338 /* .text segment, needed to avoid patching init code ;) */
339 u8 *text;
340 u8 *text_end;
341
342 struct list_head next;
343};
344static LIST_HEAD(smp_alt_modules);
2f1dafe5 345static DEFINE_MUTEX(smp_alt);
816afe4f 346static bool uniproc_patched = false; /* protected by smp_alt */
9a0b5817 347
8b5a10fc
JB		 348void __init_or_module alternatives_smp_module_add(struct module *mod,
349 char *name,
350 void *locks, void *locks_end,
351 void *text, void *text_end)
9a0b5817
GH		 352{
353 struct smp_alt_module *smp;
9a0b5817 354
816afe4f
RR		 355 mutex_lock(&smp_alt);
356 if (!uniproc_patched)
357 goto unlock;
b7fb4af0 358
816afe4f
RR		 359 if (num_possible_cpus() == 1)
360 /* Don't bother remembering, we'll never have to undo it. */
361 goto smp_unlock;
9a0b5817
GH		 362
363 smp = kzalloc(sizeof(*smp), GFP_KERNEL);
364 if (NULL == smp)
816afe4f
RR		 365 /* we'll run the (safe but slow) SMP code then ... */
366 goto unlock;
9a0b5817
GH		 367
368 smp->mod = mod;
369 smp->name = name;
370 smp->locks = locks;
371 smp->locks_end = locks_end;
372 smp->text = text;
373 smp->text_end = text_end;
374 DPRINTK("%s: locks %p -> %p, text %p -> %p, name %s\n",
77bf90ed 375 __func__, smp->locks, smp->locks_end,
9a0b5817
GH		 376 smp->text, smp->text_end, smp->name);
377
9a0b5817 378 list_add_tail(&smp->next, &smp_alt_modules);
816afe4f
RR		 379smp_unlock:
380 alternatives_smp_unlock(locks, locks_end, text, text_end);
381unlock:
2f1dafe5 382 mutex_unlock(&smp_alt);
9a0b5817
GH		 383}
384
8b5a10fc 385void __init_or_module alternatives_smp_module_del(struct module *mod)
9a0b5817
GH		 386{
387 struct smp_alt_module *item;
9a0b5817 388
2f1dafe5 389 mutex_lock(&smp_alt);
9a0b5817
GH		 390 list_for_each_entry(item, &smp_alt_modules, next) {
391 if (mod != item->mod)
392 continue;
393 list_del(&item->next);
9a0b5817 394 kfree(item);
816afe4f 395 break;
9a0b5817 396 }
2f1dafe5 397 mutex_unlock(&smp_alt);
9a0b5817
GH		 398}
399
816afe4f 400void alternatives_enable_smp(void)
9a0b5817
GH		 401{
402 struct smp_alt_module *mod;
9a0b5817 403
3047e99e
IM		 404#ifdef CONFIG_LOCKDEP
405 /*
17abecfe
IM		 406 * Older binutils section handling bug prevented
407 * alternatives-replacement from working reliably.
408 *
409 * If this still occurs then you should see a hang
410 * or crash shortly after this line:
3047e99e 411 */
c767a54b 412 pr_info("lockdep: fixing up alternatives\n");
3047e99e
IM		 413#endif
414
816afe4f
RR		 415 /* Why bother if there are no other CPUs? */
416 BUG_ON(num_possible_cpus() == 1);
9a0b5817 417
2f1dafe5 418 mutex_lock(&smp_alt);
ca74a6f8 419
816afe4f 420 if (uniproc_patched) {
c767a54b 421 pr_info("switching to SMP code\n");
816afe4f 422 BUG_ON(num_online_cpus() != 1);
53756d37
JF		 423 clear_cpu_cap(&boot_cpu_data, X86_FEATURE_UP);
424 clear_cpu_cap(&cpu_data(0), X86_FEATURE_UP);
9a0b5817
GH		 425 list_for_each_entry(mod, &smp_alt_modules, next)
426 alternatives_smp_lock(mod->locks, mod->locks_end,
427 mod->text, mod->text_end);
816afe4f 428 uniproc_patched = false;
9a0b5817 429 }
2f1dafe5 430 mutex_unlock(&smp_alt);
9a0b5817
GH		 431}
432
2cfa1978
MH		 433/* Return 1 if the address range is reserved for smp-alternatives */
434int alternatives_text_reserved(void *start, void *end)
435{
436 struct smp_alt_module *mod;
5967ed87 437 const s32 *poff;
076dc4a6
MH		 438 u8 *text_start = start;
439 u8 *text_end = end;
2cfa1978
MH		 440
441 list_for_each_entry(mod, &smp_alt_modules, next) {
076dc4a6 442 if (mod->text > text_end || mod->text_end < text_start)
2cfa1978 443 continue;
5967ed87
JB		 444 for (poff = mod->locks; poff < mod->locks_end; poff++) {
445 const u8 *ptr = (const u8 *)poff + *poff;
446
447 if (text_start <= ptr && text_end > ptr)
2cfa1978 448 return 1;
5967ed87 449 }
2cfa1978
MH		 450 }
451
452 return 0;
453}
8ec4d41f
GH		 454#endif
455
139ec7c4 456#ifdef CONFIG_PARAVIRT
8b5a10fc
JB		 457void __init_or_module apply_paravirt(struct paravirt_patch_site *start,
458 struct paravirt_patch_site *end)
139ec7c4 459{
98de032b 460 struct paravirt_patch_site *p;
ab144f5e 461 char insnbuf[MAX_PATCH_LEN];
139ec7c4 462
959b4fdf
JF		 463 if (noreplace_paravirt)
464 return;
465
139ec7c4
RR		 466 for (p = start; p < end; p++) {
467 unsigned int used;
468
ab144f5e 469 BUG_ON(p->len > MAX_PATCH_LEN);
d34fda4a
CW		 470 /* prep the buffer with the original instructions */
471 memcpy(insnbuf, p->instr, p->len);
93b1eab3
JF		 472 used = pv_init_ops.patch(p->instrtype, p->clobbers, insnbuf,
473 (unsigned long)p->instr, p->len);
7f63c41c 474
63f70270
JF		 475 BUG_ON(used > p->len);
476
139ec7c4 477 /* Pad the rest with nops */
ab144f5e 478 add_nops(insnbuf + used, p->len - used);
e587cadd 479 text_poke_early(p->instr, insnbuf, p->len);
139ec7c4 480 }
139ec7c4 481}
98de032b 482extern struct paravirt_patch_site __start_parainstructions[],
139ec7c4
RR		 483 __stop_parainstructions[];
484#endif /* CONFIG_PARAVIRT */
485
9a0b5817
GH		 486void __init alternative_instructions(void)
487{
8f4e956b
AK		 488 /* The patching is not fully atomic, so try to avoid local interruptions
489 that might execute the to be patched code.
490 Other CPUs are not running. */
491 stop_nmi();
123aa76e
AK		 492
493 /*
494 * Don't stop machine check exceptions while patching.
495 * MCEs only happen when something got corrupted and in this
496 * case we must do something about the corruption.
497 * Ignoring it is worse than a unlikely patching race.
498 * Also machine checks tend to be broadcast and if one CPU
499 * goes into machine check the others follow quickly, so we don't
500 * expect a machine check to cause undue problems during to code
501 * patching.
502 */
8f4e956b 503
9a0b5817
GH		 504 apply_alternatives(__alt_instructions, __alt_instructions_end);
505
8ec4d41f 506#ifdef CONFIG_SMP
816afe4f
RR		 507 /* Patch to UP if other cpus not imminent. */
508 if (!noreplace_smp && (num_present_cpus() == 1 || setup_max_cpus <= 1)) {
509 uniproc_patched = true;
9a0b5817
GH		 510 alternatives_smp_module_add(NULL, "core kernel",
511 __smp_locks, __smp_locks_end,
512 _text, _etext);
9a0b5817 513 }
8f4e956b 514
816afe4f 515 if (!uniproc_patched || num_possible_cpus() == 1)
f68fd5f4
FW		 516 free_init_pages("SMP alternatives",
517 (unsigned long)__smp_locks,
518 (unsigned long)__smp_locks_end);
816afe4f
RR		 519#endif
520
521 apply_paravirt(__parainstructions, __parainstructions_end);
f68fd5f4 522
8f4e956b 523 restart_nmi();
9a0b5817 524}
19d36ccd 525
e587cadd
MD		 526/**
527 * text_poke_early - Update instructions on a live kernel at boot time
528 * @addr: address to modify
529 * @opcode: source of the copy
530 * @len: length to copy
531 *
19d36ccd
AK		 532 * When you use this code to patch more than one byte of an instruction
533 * you need to make sure that other CPUs cannot execute this code in parallel.
e587cadd
MD		 534 * Also no thread must be currently preempted in the middle of these
535 * instructions. And on the local CPU you need to be protected again NMI or MCE
536 * handlers seeing an inconsistent instruction while you patch.
19d36ccd 537 */
fa6f2cc7 538void *__init_or_module text_poke_early(void *addr, const void *opcode,
8b5a10fc 539 size_t len)
19d36ccd 540{
e587cadd
MD		 541 unsigned long flags;
542 local_irq_save(flags);
19d36ccd 543 memcpy(addr, opcode, len);
e587cadd 544 sync_core();
5367b688 545 local_irq_restore(flags);
e587cadd
MD		 546 /* Could also do a CLFLUSH here to speed up CPU recovery; but
547 that causes hangs on some VIA CPUs. */
548 return addr;
549}
550
551/**
552 * text_poke - Update instructions on a live kernel
553 * @addr: address to modify
554 * @opcode: source of the copy
555 * @len: length to copy
556 *
557 * Only atomic text poke/set should be allowed when not doing early patching.
558 * It means the size must be writable atomically and the address must be aligned
559 * in a way that permits an atomic write. It also makes sure we fit on a single
560 * page.
78ff7fae
MH		 561 *
562 * Note: Must be called under text_mutex.
e587cadd
MD		 563 */
564void *__kprobes text_poke(void *addr, const void *opcode, size_t len)
565{
78ff7fae 566 unsigned long flags;
e587cadd 567 char *vaddr;
b7b66baa
MD		 568 struct page *pages[2];
569 int i;
e587cadd 570
b7b66baa
MD		 571 if (!core_kernel_text((unsigned long)addr)) {
572 pages[0] = vmalloc_to_page(addr);
573 pages[1] = vmalloc_to_page(addr + PAGE_SIZE);
15a601eb 574 } else {
b7b66baa 575 pages[0] = virt_to_page(addr);
00c6b2d5 576 WARN_ON(!PageReserved(pages[0]));
b7b66baa 577 pages[1] = virt_to_page(addr + PAGE_SIZE);
e587cadd 578 }
b7b66baa 579 BUG_ON(!pages[0]);
7cf49427 580 local_irq_save(flags);
78ff7fae
MH		 581 set_fixmap(FIX_TEXT_POKE0, page_to_phys(pages[0]));
582 if (pages[1])
583 set_fixmap(FIX_TEXT_POKE1, page_to_phys(pages[1]));
584 vaddr = (char *)fix_to_virt(FIX_TEXT_POKE0);
b7b66baa 585 memcpy(&vaddr[(unsigned long)addr & ~PAGE_MASK], opcode, len);
78ff7fae
MH		 586 clear_fixmap(FIX_TEXT_POKE0);
587 if (pages[1])
588 clear_fixmap(FIX_TEXT_POKE1);
589 local_flush_tlb();
19d36ccd 590 sync_core();
a534b679
AK		 591 /* Could also do a CLFLUSH here to speed up CPU recovery; but
592 that causes hangs on some VIA CPUs. */
b7b66baa
MD		 593 for (i = 0; i < len; i++)
594 BUG_ON(((char *)addr)[i] != ((char *)opcode)[i]);
7cf49427 595 local_irq_restore(flags);
e587cadd 596 return addr;
19d36ccd 597}
3d55cc8a
MH		 598
599/*
600 * Cross-modifying kernel text with stop_machine().
601 * This code originally comes from immediate value.
602 */
603static atomic_t stop_machine_first;
604static int wrote_text;
605
606struct text_poke_params {
7deb18dc
MH		 607 struct text_poke_param *params;
608 int nparams;
3d55cc8a
MH		 609};
610
611static int __kprobes stop_machine_text_poke(void *data)
612{
613 struct text_poke_params *tpp = data;
7deb18dc
MH		 614 struct text_poke_param *p;
615 int i;
3d55cc8a 616
2f747590 617 if (atomic_xchg(&stop_machine_first, 0)) {
7deb18dc
MH		 618 for (i = 0; i < tpp->nparams; i++) {
619 p = &tpp->params[i];
620 text_poke(p->addr, p->opcode, p->len);
621 }
3d55cc8a
MH		 622 smp_wmb(); /* Make sure other cpus see that this has run */
623 wrote_text = 1;
624 } else {
625 while (!wrote_text)
e5a11016
MH		 626 cpu_relax();
627 smp_mb(); /* Load wrote_text before following execution */
3d55cc8a
MH		 628 }
629
7deb18dc
MH		 630 for (i = 0; i < tpp->nparams; i++) {
631 p = &tpp->params[i];
632 flush_icache_range((unsigned long)p->addr,
633 (unsigned long)p->addr + p->len);
634 }
0e00f7ae
MD		 635 /*
636 * Intel Archiecture Software Developer's Manual section 7.1.3 specifies
637 * that a core serializing instruction such as "cpuid" should be
638 * executed on _each_ core before the new instruction is made visible.
639 */
640 sync_core();
3d55cc8a
MH		 641 return 0;
642}
643
644/**
645 * text_poke_smp - Update instructions on a live kernel on SMP
646 * @addr: address to modify
647 * @opcode: source of the copy
648 * @len: length to copy
649 *
650 * Modify multi-byte instruction by using stop_machine() on SMP. This allows
651 * user to poke/set multi-byte text on SMP. Only non-NMI/MCE code modifying
652 * should be allowed, since stop_machine() does _not_ protect code against
653 * NMI and MCE.
654 *
655 * Note: Must be called under get_online_cpus() and text_mutex.
656 */
657void *__kprobes text_poke_smp(void *addr, const void *opcode, size_t len)
658{
659 struct text_poke_params tpp;
7deb18dc 660 struct text_poke_param p;
3d55cc8a 661
7deb18dc
MH		 662 p.addr = addr;
663 p.opcode = opcode;
664 p.len = len;
665 tpp.params = &p;
666 tpp.nparams = 1;
3d55cc8a
MH		 667 atomic_set(&stop_machine_first, 1);
668 wrote_text = 0;
3caa3751 669 /* Use __stop_machine() because the caller already got online_cpus. */
404ba5d7 670 __stop_machine(stop_machine_text_poke, (void *)&tpp, cpu_online_mask);
3d55cc8a
MH		 671 return addr;
672}
673
7deb18dc
MH		 674/**
675 * text_poke_smp_batch - Update instructions on a live kernel on SMP
676 * @params: an array of text_poke parameters
677 * @n: the number of elements in params.
678 *
679 * Modify multi-byte instruction by using stop_machine() on SMP. Since the
680 * stop_machine() is heavy task, it is better to aggregate text_poke requests
681 * and do it once if possible.
682 *
683 * Note: Must be called under get_online_cpus() and text_mutex.
684 */
685void __kprobes text_poke_smp_batch(struct text_poke_param *params, int n)
686{
687 struct text_poke_params tpp = {.params = params, .nparams = n};
688
689 atomic_set(&stop_machine_first, 1);
690 wrote_text = 0;
78345d2e 691 __stop_machine(stop_machine_text_poke, (void *)&tpp, cpu_online_mask);
7deb18dc 692}
Linux kernel - Deliverables
This page took 0.638273 seconds and 5 git commands to generate.