projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
iwlwifi: don't include iwl-dev.h from iwl-devtrace.h
[linux-2.6-block.git] / arch / x86 / kernel / alternative.c
CommitLineData
9a0b5817 1#include <linux/module.h>
f6a57033 2#include <linux/sched.h>
2f1dafe5 3#include <linux/mutex.h>
9a0b5817 4#include <linux/list.h>
8b5a10fc 5#include <linux/stringify.h>
19d36ccd
AK		 6#include <linux/kprobes.h>
7#include <linux/mm.h>
8#include <linux/vmalloc.h>
3945dab4 9#include <linux/memory.h>
3d55cc8a 10#include <linux/stop_machine.h>
9a0b5817
GH		 11#include <asm/alternative.h>
12#include <asm/sections.h>
19d36ccd 13#include <asm/pgtable.h>
8f4e956b
AK		 14#include <asm/mce.h>
15#include <asm/nmi.h>
b097976e 16#include <asm/vsyscall.h>
e587cadd 17#include <asm/cacheflush.h>
78ff7fae 18#include <asm/tlbflush.h>
e587cadd 19#include <asm/io.h>
78ff7fae 20#include <asm/fixmap.h>
9a0b5817 21
ab144f5e
AK		 22#define MAX_PATCH_LEN (255-1)
23
09488165
JB		 24#ifdef CONFIG_HOTPLUG_CPU
25static int smp_alt_once;
9a0b5817 26
d167a518
GH		 27static int __init bootonly(char *str)
28{
29 smp_alt_once = 1;
30 return 1;
31}
b7fb4af0 32__setup("smp-alt-boot", bootonly);
09488165
JB		 33#else
34#define smp_alt_once 1
35#endif
36
8b5a10fc 37static int __initdata_or_module debug_alternative;
b7fb4af0 38
d167a518
GH		 39static int __init debug_alt(char *str)
40{
41 debug_alternative = 1;
42 return 1;
43}
d167a518
GH		 44__setup("debug-alternative", debug_alt);
45
09488165
JB		 46static int noreplace_smp;
47
b7fb4af0
JF		 48static int __init setup_noreplace_smp(char *str)
49{
50 noreplace_smp = 1;
51 return 1;
52}
53__setup("noreplace-smp", setup_noreplace_smp);
54
959b4fdf 55#ifdef CONFIG_PARAVIRT
8b5a10fc 56static int __initdata_or_module noreplace_paravirt = 0;
959b4fdf
JF		 57
58static int __init setup_noreplace_paravirt(char *str)
59{
60 noreplace_paravirt = 1;
61 return 1;
62}
63__setup("noreplace-paravirt", setup_noreplace_paravirt);
64#endif
b7fb4af0 65
d167a518
GH		 66#define DPRINTK(fmt, args...) if (debug_alternative) \
67 printk(KERN_DEBUG fmt, args)
68
8b5a10fc 69#if defined(GENERIC_NOP1) && !defined(CONFIG_X86_64)
9a0b5817
GH		 70/* Use inline assembly to define this because the nops are defined
71 as inline assembly strings in the include files and we cannot
72 get them easily into strings. */
8b5a10fc 73asm("\t" __stringify(__INITRODATA_OR_MODULE) "\nintelnops: "
9a0b5817 74 GENERIC_NOP1 GENERIC_NOP2 GENERIC_NOP3 GENERIC_NOP4 GENERIC_NOP5 GENERIC_NOP6
f4be31ec
SR		 75 GENERIC_NOP7 GENERIC_NOP8
76 "\t.previous");
121d7bf5 77extern const unsigned char intelnops[];
8b5a10fc
JB		 78static const unsigned char *const __initconst_or_module
79intel_nops[ASM_NOP_MAX+1] = {
9a0b5817
GH		 80 NULL,
81 intelnops,
82 intelnops + 1,
83 intelnops + 1 + 2,
84 intelnops + 1 + 2 + 3,
85 intelnops + 1 + 2 + 3 + 4,
86 intelnops + 1 + 2 + 3 + 4 + 5,
87 intelnops + 1 + 2 + 3 + 4 + 5 + 6,
88 intelnops + 1 + 2 + 3 + 4 + 5 + 6 + 7,
89};
d167a518
GH		 90#endif
91
92#ifdef K8_NOP1
8b5a10fc 93asm("\t" __stringify(__INITRODATA_OR_MODULE) "\nk8nops: "
d167a518 94 K8_NOP1 K8_NOP2 K8_NOP3 K8_NOP4 K8_NOP5 K8_NOP6
f4be31ec
SR		 95 K8_NOP7 K8_NOP8
96 "\t.previous");
121d7bf5 97extern const unsigned char k8nops[];
8b5a10fc
JB		 98static const unsigned char *const __initconst_or_module
99k8_nops[ASM_NOP_MAX+1] = {
9a0b5817
GH		 100 NULL,
101 k8nops,
102 k8nops + 1,
103 k8nops + 1 + 2,
104 k8nops + 1 + 2 + 3,
105 k8nops + 1 + 2 + 3 + 4,
106 k8nops + 1 + 2 + 3 + 4 + 5,
107 k8nops + 1 + 2 + 3 + 4 + 5 + 6,
108 k8nops + 1 + 2 + 3 + 4 + 5 + 6 + 7,
109};
d167a518
GH		 110#endif
111
8b5a10fc
JB		 112#if defined(K7_NOP1) && !defined(CONFIG_X86_64)
113asm("\t" __stringify(__INITRODATA_OR_MODULE) "\nk7nops: "
d167a518 114 K7_NOP1 K7_NOP2 K7_NOP3 K7_NOP4 K7_NOP5 K7_NOP6
f4be31ec
SR		 115 K7_NOP7 K7_NOP8
116 "\t.previous");
121d7bf5 117extern const unsigned char k7nops[];
8b5a10fc
JB		 118static const unsigned char *const __initconst_or_module
119k7_nops[ASM_NOP_MAX+1] = {
9a0b5817
GH		 120 NULL,
121 k7nops,
122 k7nops + 1,
123 k7nops + 1 + 2,
124 k7nops + 1 + 2 + 3,
125 k7nops + 1 + 2 + 3 + 4,
126 k7nops + 1 + 2 + 3 + 4 + 5,
127 k7nops + 1 + 2 + 3 + 4 + 5 + 6,
128 k7nops + 1 + 2 + 3 + 4 + 5 + 6 + 7,
129};
d167a518
GH		 130#endif
131
32c464f5 132#ifdef P6_NOP1
8b5a10fc 133asm("\t" __stringify(__INITRODATA_OR_MODULE) "\np6nops: "
32c464f5 134 P6_NOP1 P6_NOP2 P6_NOP3 P6_NOP4 P6_NOP5 P6_NOP6
f4be31ec
SR		 135 P6_NOP7 P6_NOP8
136 "\t.previous");
32c464f5 137extern const unsigned char p6nops[];
8b5a10fc
JB		 138static const unsigned char *const __initconst_or_module
139p6_nops[ASM_NOP_MAX+1] = {
32c464f5
JB		 140 NULL,
141 p6nops,
142 p6nops + 1,
143 p6nops + 1 + 2,
144 p6nops + 1 + 2 + 3,
145 p6nops + 1 + 2 + 3 + 4,
146 p6nops + 1 + 2 + 3 + 4 + 5,
147 p6nops + 1 + 2 + 3 + 4 + 5 + 6,
148 p6nops + 1 + 2 + 3 + 4 + 5 + 6 + 7,
149};
150#endif
151
d167a518
GH		 152#ifdef CONFIG_X86_64
153
154extern char __vsyscall_0;
8b5a10fc 155static const unsigned char *const *__init_or_module find_nop_table(void)
d167a518 156{
f31d731e
PA		 157 if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL &&
158 boot_cpu_has(X86_FEATURE_NOPL))
159 return p6_nops;
160 else
161 return k8_nops;
d167a518
GH		 162}
163
164#else /* CONFIG_X86_64 */
165
8b5a10fc 166static const unsigned char *const *__init_or_module find_nop_table(void)
9a0b5817 167{
f31d731e
PA		 168 if (boot_cpu_has(X86_FEATURE_K8))
169 return k8_nops;
170 else if (boot_cpu_has(X86_FEATURE_K7))
171 return k7_nops;
172 else if (boot_cpu_has(X86_FEATURE_NOPL))
173 return p6_nops;
174 else
175 return intel_nops;
9a0b5817
GH		 176}
177
d167a518
GH		 178#endif /* CONFIG_X86_64 */
179
ab144f5e 180/* Use this to add nops to a buffer, then text_poke the whole buffer. */
8b5a10fc 181static void __init_or_module add_nops(void *insns, unsigned int len)
139ec7c4 182{
121d7bf5 183 const unsigned char *const *noptable = find_nop_table();
139ec7c4
RR		 184
185 while (len > 0) {
186 unsigned int noplen = len;
187 if (noplen > ASM_NOP_MAX)
188 noplen = ASM_NOP_MAX;
ab144f5e 189 memcpy(insns, noptable[noplen], noplen);
139ec7c4
RR		 190 insns += noplen;
191 len -= noplen;
192 }
193}
194
d167a518 195extern struct alt_instr __alt_instructions[], __alt_instructions_end[];
d167a518 196extern u8 *__smp_locks[], *__smp_locks_end[];
8b5a10fc 197static void *text_poke_early(void *addr, const void *opcode, size_t len);
d167a518 198
9a0b5817
GH		 199/* Replace instructions with better alternatives for this CPU type.
200 This runs before SMP is initialized to avoid SMP problems with
201 self modifying code. This implies that assymetric systems where
202 APs have less capabilities than the boot processor are not handled.
203 Tough. Make sure you disable such features by hand. */
204
8b5a10fc
JB		 205void __init_or_module apply_alternatives(struct alt_instr *start,
206 struct alt_instr *end)
9a0b5817 207{
9a0b5817 208 struct alt_instr *a;
1b1d9258 209 u8 insnbuf[MAX_PATCH_LEN];
9a0b5817 210
77bf90ed 211 DPRINTK("%s: alt table %p -> %p\n", __func__, start, end);
9a0b5817 212 for (a = start; a < end; a++) {
ab144f5e 213 u8 *instr = a->instr;
9a0b5817 214 BUG_ON(a->replacementlen > a->instrlen);
ab144f5e 215 BUG_ON(a->instrlen > sizeof(insnbuf));
9a0b5817
GH		 216 if (!boot_cpu_has(a->cpuid))
217 continue;
d167a518
GH		 218#ifdef CONFIG_X86_64
219 /* vsyscall code is not mapped yet. resolve it manually. */
220 if (instr >= (u8 *)VSYSCALL_START && instr < (u8*)VSYSCALL_END) {
221 instr = __va(instr - (u8*)VSYSCALL_START + (u8*)__pa_symbol(&__vsyscall_0));
222 DPRINTK("%s: vsyscall fixup: %p => %p\n",
77bf90ed 223 __func__, a->instr, instr);
d167a518
GH		 224 }
225#endif
ab144f5e 226 memcpy(insnbuf, a->replacement, a->replacementlen);
1b1d9258
JB		 227 if (*insnbuf == 0xe8 && a->replacementlen == 5)
228 *(s32 *)(insnbuf + 1) += a->replacement - a->instr;
ab144f5e
AK		 229 add_nops(insnbuf + a->replacementlen,
230 a->instrlen - a->replacementlen);
e587cadd 231 text_poke_early(instr, insnbuf, a->instrlen);
9a0b5817
GH		 232 }
233}
234
8ec4d41f
GH		 235#ifdef CONFIG_SMP
236
9a0b5817
GH		 237static void alternatives_smp_lock(u8 **start, u8 **end, u8 *text, u8 *text_end)
238{
239 u8 **ptr;
240
3945dab4 241 mutex_lock(&text_mutex);
9a0b5817
GH		 242 for (ptr = start; ptr < end; ptr++) {
243 if (*ptr < text)
244 continue;
245 if (*ptr > text_end)
246 continue;
f88f07e0
MD		 247 /* turn DS segment override prefix into lock prefix */
248 text_poke(*ptr, ((unsigned char []){0xf0}), 1);
9a0b5817 249 };
3945dab4 250 mutex_unlock(&text_mutex);
9a0b5817
GH		 251}
252
253static void alternatives_smp_unlock(u8 **start, u8 **end, u8 *text, u8 *text_end)
254{
9a0b5817
GH		 255 u8 **ptr;
256
b7fb4af0
JF		 257 if (noreplace_smp)
258 return;
259
3945dab4 260 mutex_lock(&text_mutex);
9a0b5817
GH		 261 for (ptr = start; ptr < end; ptr++) {
262 if (*ptr < text)
263 continue;
264 if (*ptr > text_end)
265 continue;
f88f07e0
MD		 266 /* turn lock prefix into DS segment override prefix */
267 text_poke(*ptr, ((unsigned char []){0x3E}), 1);
9a0b5817 268 };
3945dab4 269 mutex_unlock(&text_mutex);
9a0b5817
GH		 270}
271
272struct smp_alt_module {
273 /* what is this ??? */
274 struct module *mod;
275 char *name;
276
277 /* ptrs to lock prefixes */
278 u8 **locks;
279 u8 **locks_end;
280
281 /* .text segment, needed to avoid patching init code ;) */
282 u8 *text;
283 u8 *text_end;
284
285 struct list_head next;
286};
287static LIST_HEAD(smp_alt_modules);
2f1dafe5 288static DEFINE_MUTEX(smp_alt);
ca74a6f8 289static int smp_mode = 1; /* protected by smp_alt */
9a0b5817 290
8b5a10fc
JB		 291void __init_or_module alternatives_smp_module_add(struct module *mod,
292 char *name,
293 void *locks, void *locks_end,
294 void *text, void *text_end)
9a0b5817
GH		 295{
296 struct smp_alt_module *smp;
9a0b5817 297
b7fb4af0
JF		 298 if (noreplace_smp)
299 return;
300
9a0b5817
GH		 301 if (smp_alt_once) {
302 if (boot_cpu_has(X86_FEATURE_UP))
303 alternatives_smp_unlock(locks, locks_end,
304 text, text_end);
305 return;
306 }
307
308 smp = kzalloc(sizeof(*smp), GFP_KERNEL);
309 if (NULL == smp)
310 return; /* we'll run the (safe but slow) SMP code then ... */
311
312 smp->mod = mod;
313 smp->name = name;
314 smp->locks = locks;
315 smp->locks_end = locks_end;
316 smp->text = text;
317 smp->text_end = text_end;
318 DPRINTK("%s: locks %p -> %p, text %p -> %p, name %s\n",
77bf90ed 319 __func__, smp->locks, smp->locks_end,
9a0b5817
GH		 320 smp->text, smp->text_end, smp->name);
321
2f1dafe5 322 mutex_lock(&smp_alt);
9a0b5817
GH		 323 list_add_tail(&smp->next, &smp_alt_modules);
324 if (boot_cpu_has(X86_FEATURE_UP))
325 alternatives_smp_unlock(smp->locks, smp->locks_end,
326 smp->text, smp->text_end);
2f1dafe5 327 mutex_unlock(&smp_alt);
9a0b5817
GH		 328}
329
8b5a10fc 330void __init_or_module alternatives_smp_module_del(struct module *mod)
9a0b5817
GH		 331{
332 struct smp_alt_module *item;
9a0b5817 333
b7fb4af0 334 if (smp_alt_once || noreplace_smp)
9a0b5817
GH		 335 return;
336
2f1dafe5 337 mutex_lock(&smp_alt);
9a0b5817
GH		 338 list_for_each_entry(item, &smp_alt_modules, next) {
339 if (mod != item->mod)
340 continue;
341 list_del(&item->next);
2f1dafe5 342 mutex_unlock(&smp_alt);
77bf90ed 343 DPRINTK("%s: %s\n", __func__, item->name);
9a0b5817
GH		 344 kfree(item);
345 return;
346 }
2f1dafe5 347 mutex_unlock(&smp_alt);
9a0b5817
GH		 348}
349
350void alternatives_smp_switch(int smp)
351{
352 struct smp_alt_module *mod;
9a0b5817 353
3047e99e
IM		 354#ifdef CONFIG_LOCKDEP
355 /*
17abecfe
IM		 356 * Older binutils section handling bug prevented
357 * alternatives-replacement from working reliably.
358 *
359 * If this still occurs then you should see a hang
360 * or crash shortly after this line:
3047e99e 361 */
17abecfe 362 printk("lockdep: fixing up alternatives.\n");
3047e99e
IM		 363#endif
364
b7fb4af0 365 if (noreplace_smp || smp_alt_once)
9a0b5817
GH		 366 return;
367 BUG_ON(!smp && (num_online_cpus() > 1));
368
2f1dafe5 369 mutex_lock(&smp_alt);
ca74a6f8
AK		 370
371 /*
372 * Avoid unnecessary switches because it forces JIT based VMs to
373 * throw away all cached translations, which can be quite costly.
374 */
375 if (smp == smp_mode) {
376 /* nothing */
377 } else if (smp) {
9a0b5817 378 printk(KERN_INFO "SMP alternatives: switching to SMP code\n");
53756d37
JF		 379 clear_cpu_cap(&boot_cpu_data, X86_FEATURE_UP);
380 clear_cpu_cap(&cpu_data(0), X86_FEATURE_UP);
9a0b5817
GH		 381 list_for_each_entry(mod, &smp_alt_modules, next)
382 alternatives_smp_lock(mod->locks, mod->locks_end,
383 mod->text, mod->text_end);
384 } else {
385 printk(KERN_INFO "SMP alternatives: switching to UP code\n");
53756d37
JF		 386 set_cpu_cap(&boot_cpu_data, X86_FEATURE_UP);
387 set_cpu_cap(&cpu_data(0), X86_FEATURE_UP);
9a0b5817
GH		 388 list_for_each_entry(mod, &smp_alt_modules, next)
389 alternatives_smp_unlock(mod->locks, mod->locks_end,
390 mod->text, mod->text_end);
391 }
ca74a6f8 392 smp_mode = smp;
2f1dafe5 393 mutex_unlock(&smp_alt);
9a0b5817
GH		 394}
395
2cfa1978
MH		 396/* Return 1 if the address range is reserved for smp-alternatives */
397int alternatives_text_reserved(void *start, void *end)
398{
399 struct smp_alt_module *mod;
400 u8 **ptr;
076dc4a6
MH		 401 u8 *text_start = start;
402 u8 *text_end = end;
2cfa1978
MH		 403
404 list_for_each_entry(mod, &smp_alt_modules, next) {
076dc4a6 405 if (mod->text > text_end || mod->text_end < text_start)
2cfa1978
MH		 406 continue;
407 for (ptr = mod->locks; ptr < mod->locks_end; ptr++)
076dc4a6 408 if (text_start <= *ptr && text_end >= *ptr)
2cfa1978
MH		 409 return 1;
410 }
411
412 return 0;
413}
8ec4d41f
GH		 414#endif
415
139ec7c4 416#ifdef CONFIG_PARAVIRT
8b5a10fc
JB		 417void __init_or_module apply_paravirt(struct paravirt_patch_site *start,
418 struct paravirt_patch_site *end)
139ec7c4 419{
98de032b 420 struct paravirt_patch_site *p;
ab144f5e 421 char insnbuf[MAX_PATCH_LEN];
139ec7c4 422
959b4fdf
JF		 423 if (noreplace_paravirt)
424 return;
425
139ec7c4
RR		 426 for (p = start; p < end; p++) {
427 unsigned int used;
428
ab144f5e 429 BUG_ON(p->len > MAX_PATCH_LEN);
d34fda4a
CW		 430 /* prep the buffer with the original instructions */
431 memcpy(insnbuf, p->instr, p->len);
93b1eab3
JF		 432 used = pv_init_ops.patch(p->instrtype, p->clobbers, insnbuf,
433 (unsigned long)p->instr, p->len);
7f63c41c 434
63f70270
JF		 435 BUG_ON(used > p->len);
436
139ec7c4 437 /* Pad the rest with nops */
ab144f5e 438 add_nops(insnbuf + used, p->len - used);
e587cadd 439 text_poke_early(p->instr, insnbuf, p->len);
139ec7c4 440 }
139ec7c4 441}
98de032b 442extern struct paravirt_patch_site __start_parainstructions[],
139ec7c4
RR		 443 __stop_parainstructions[];
444#endif /* CONFIG_PARAVIRT */
445
9a0b5817
GH		 446void __init alternative_instructions(void)
447{
8f4e956b
AK		 448 /* The patching is not fully atomic, so try to avoid local interruptions
449 that might execute the to be patched code.
450 Other CPUs are not running. */
451 stop_nmi();
123aa76e
AK		 452
453 /*
454 * Don't stop machine check exceptions while patching.
455 * MCEs only happen when something got corrupted and in this
456 * case we must do something about the corruption.
457 * Ignoring it is worse than a unlikely patching race.
458 * Also machine checks tend to be broadcast and if one CPU
459 * goes into machine check the others follow quickly, so we don't
460 * expect a machine check to cause undue problems during to code
461 * patching.
462 */
8f4e956b 463
9a0b5817
GH		 464 apply_alternatives(__alt_instructions, __alt_instructions_end);
465
466 /* switch to patch-once-at-boottime-only mode and free the
467 * tables in case we know the number of CPUs will never ever
468 * change */
469#ifdef CONFIG_HOTPLUG_CPU
470 if (num_possible_cpus() < 2)
471 smp_alt_once = 1;
9a0b5817
GH		 472#endif
473
8ec4d41f 474#ifdef CONFIG_SMP
9a0b5817
GH		 475 if (smp_alt_once) {
476 if (1 == num_possible_cpus()) {
477 printk(KERN_INFO "SMP alternatives: switching to UP code\n");
53756d37
JF		 478 set_cpu_cap(&boot_cpu_data, X86_FEATURE_UP);
479 set_cpu_cap(&cpu_data(0), X86_FEATURE_UP);
480
9a0b5817
GH		 481 alternatives_smp_unlock(__smp_locks, __smp_locks_end,
482 _text, _etext);
483 }
9a0b5817 484 } else {
9a0b5817
GH		 485 alternatives_smp_module_add(NULL, "core kernel",
486 __smp_locks, __smp_locks_end,
487 _text, _etext);
ca74a6f8
AK		 488
489 /* Only switch to UP mode if we don't immediately boot others */
649c6653 490 if (num_present_cpus() == 1 || setup_max_cpus <= 1)
ca74a6f8 491 alternatives_smp_switch(0);
9a0b5817 492 }
8ec4d41f 493#endif
441d40dc 494 apply_paravirt(__parainstructions, __parainstructions_end);
8f4e956b 495
f68fd5f4
FW		 496 if (smp_alt_once)
497 free_init_pages("SMP alternatives",
498 (unsigned long)__smp_locks,
499 (unsigned long)__smp_locks_end);
500
8f4e956b 501 restart_nmi();
9a0b5817 502}
19d36ccd 503
e587cadd
MD		 504/**
505 * text_poke_early - Update instructions on a live kernel at boot time
506 * @addr: address to modify
507 * @opcode: source of the copy
508 * @len: length to copy
509 *
19d36ccd
AK		 510 * When you use this code to patch more than one byte of an instruction
511 * you need to make sure that other CPUs cannot execute this code in parallel.
e587cadd
MD		 512 * Also no thread must be currently preempted in the middle of these
513 * instructions. And on the local CPU you need to be protected again NMI or MCE
514 * handlers seeing an inconsistent instruction while you patch.
19d36ccd 515 */
8b5a10fc
JB		 516static void *__init_or_module text_poke_early(void *addr, const void *opcode,
517 size_t len)
19d36ccd 518{
e587cadd
MD		 519 unsigned long flags;
520 local_irq_save(flags);
19d36ccd 521 memcpy(addr, opcode, len);
e587cadd 522 sync_core();
5367b688 523 local_irq_restore(flags);
e587cadd
MD		 524 /* Could also do a CLFLUSH here to speed up CPU recovery; but
525 that causes hangs on some VIA CPUs. */
526 return addr;
527}
528
529/**
530 * text_poke - Update instructions on a live kernel
531 * @addr: address to modify
532 * @opcode: source of the copy
533 * @len: length to copy
534 *
535 * Only atomic text poke/set should be allowed when not doing early patching.
536 * It means the size must be writable atomically and the address must be aligned
537 * in a way that permits an atomic write. It also makes sure we fit on a single
538 * page.
78ff7fae
MH		 539 *
540 * Note: Must be called under text_mutex.
e587cadd
MD		 541 */
542void *__kprobes text_poke(void *addr, const void *opcode, size_t len)
543{
78ff7fae 544 unsigned long flags;
e587cadd 545 char *vaddr;
b7b66baa
MD		 546 struct page *pages[2];
547 int i;
e587cadd 548
b7b66baa
MD		 549 if (!core_kernel_text((unsigned long)addr)) {
550 pages[0] = vmalloc_to_page(addr);
551 pages[1] = vmalloc_to_page(addr + PAGE_SIZE);
15a601eb 552 } else {
b7b66baa 553 pages[0] = virt_to_page(addr);
00c6b2d5 554 WARN_ON(!PageReserved(pages[0]));
b7b66baa 555 pages[1] = virt_to_page(addr + PAGE_SIZE);
e587cadd 556 }
b7b66baa 557 BUG_ON(!pages[0]);
7cf49427 558 local_irq_save(flags);
78ff7fae
MH		 559 set_fixmap(FIX_TEXT_POKE0, page_to_phys(pages[0]));
560 if (pages[1])
561 set_fixmap(FIX_TEXT_POKE1, page_to_phys(pages[1]));
562 vaddr = (char *)fix_to_virt(FIX_TEXT_POKE0);
b7b66baa 563 memcpy(&vaddr[(unsigned long)addr & ~PAGE_MASK], opcode, len);
78ff7fae
MH		 564 clear_fixmap(FIX_TEXT_POKE0);
565 if (pages[1])
566 clear_fixmap(FIX_TEXT_POKE1);
567 local_flush_tlb();
19d36ccd 568 sync_core();
a534b679
AK		 569 /* Could also do a CLFLUSH here to speed up CPU recovery; but
570 that causes hangs on some VIA CPUs. */
b7b66baa
MD		 571 for (i = 0; i < len; i++)
572 BUG_ON(((char *)addr)[i] != ((char *)opcode)[i]);
7cf49427 573 local_irq_restore(flags);
e587cadd 574 return addr;
19d36ccd 575}
3d55cc8a
MH		 576
577/*
578 * Cross-modifying kernel text with stop_machine().
579 * This code originally comes from immediate value.
580 */
581static atomic_t stop_machine_first;
582static int wrote_text;
583
584struct text_poke_params {
585 void *addr;
586 const void *opcode;
587 size_t len;
588};
589
590static int __kprobes stop_machine_text_poke(void *data)
591{
592 struct text_poke_params *tpp = data;
593
594 if (atomic_dec_and_test(&stop_machine_first)) {
595 text_poke(tpp->addr, tpp->opcode, tpp->len);
596 smp_wmb(); /* Make sure other cpus see that this has run */
597 wrote_text = 1;
598 } else {
599 while (!wrote_text)
e5a11016
MH		 600 cpu_relax();
601 smp_mb(); /* Load wrote_text before following execution */
3d55cc8a
MH		 602 }
603
604 flush_icache_range((unsigned long)tpp->addr,
605 (unsigned long)tpp->addr + tpp->len);
606 return 0;
607}
608
609/**
610 * text_poke_smp - Update instructions on a live kernel on SMP
611 * @addr: address to modify
612 * @opcode: source of the copy
613 * @len: length to copy
614 *
615 * Modify multi-byte instruction by using stop_machine() on SMP. This allows
616 * user to poke/set multi-byte text on SMP. Only non-NMI/MCE code modifying
617 * should be allowed, since stop_machine() does _not_ protect code against
618 * NMI and MCE.
619 *
620 * Note: Must be called under get_online_cpus() and text_mutex.
621 */
622void *__kprobes text_poke_smp(void *addr, const void *opcode, size_t len)
623{
624 struct text_poke_params tpp;
625
626 tpp.addr = addr;
627 tpp.opcode = opcode;
628 tpp.len = len;
629 atomic_set(&stop_machine_first, 1);
630 wrote_text = 0;
631 stop_machine(stop_machine_text_poke, (void *)&tpp, NULL);
632 return addr;
633}
634
Linux 6.x block layer and io_uring tree(s)