1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3 * Copyright (C) 2014 Linaro Ltd. <ard.biesheuvel@linaro.org>
4 */
5
6 #ifndef __ASM_CPUFEATURE_H
7 #define __ASM_CPUFEATURE_H
8
9 #include <asm/alternative-macros.h>
10 #include <asm/cpucaps.h>
11 #include <asm/cputype.h>
12 #include <asm/hwcap.h>
13 #include <asm/sysreg.h>
14
15 #define MAX_CPU_FEATURES 192
16 #define cpu_feature(x) KERNEL_HWCAP_ ## x
17
18 #define ARM64_SW_FEATURE_OVERRIDE_NOKASLR 0
19 #define ARM64_SW_FEATURE_OVERRIDE_HVHE 4
20 #define ARM64_SW_FEATURE_OVERRIDE_RODATA_OFF 8
21
22 #ifndef __ASSEMBLY__
23
24 #include <linux/bug.h>
25 #include <linux/jump_label.h>
26 #include <linux/kernel.h>
27 #include <linux/cpumask.h>
28
29 /*
30 * CPU feature register tracking
31 *
32 * The safe value of a CPUID feature field is dependent on the implications
33 * of the values assigned to it by the architecture. Based on the relationship
34 * between the values, the features are classified into 3 types - LOWER_SAFE,
35 * HIGHER_SAFE and EXACT.
36 *
37 * The lowest value of all the CPUs is chosen for LOWER_SAFE and highest
38 * for HIGHER_SAFE. It is expected that all CPUs have the same value for
39 * a field when EXACT is specified, failing which, the safe value specified
40 * in the table is chosen.
41 */
42
43 enum ftr_type {
44 FTR_EXACT, /* Use a predefined safe value */
45 FTR_LOWER_SAFE, /* Smaller value is safe */
46 FTR_HIGHER_SAFE, /* Bigger value is safe */
47 FTR_HIGHER_OR_ZERO_SAFE, /* Bigger value is safe, but 0 is biggest */
48 };
49
50 #define FTR_STRICT true /* SANITY check strict matching required */
51 #define FTR_NONSTRICT false /* SANITY check ignored */
52
53 #define FTR_SIGNED true /* Value should be treated as signed */
54 #define FTR_UNSIGNED false /* Value should be treated as unsigned */
55
56 #define FTR_VISIBLE true /* Feature visible to the user space */
57 #define FTR_HIDDEN false /* Feature is hidden from the user */
58
59 #define FTR_VISIBLE_IF_IS_ENABLED(config) \
60 (IS_ENABLED(config) ? FTR_VISIBLE : FTR_HIDDEN)
61
62 struct arm64_ftr_bits {
63 bool sign; /* Value is signed ? */
64 bool visible;
65 bool strict; /* CPU Sanity check: strict matching required ? */
66 enum ftr_type type;
67 u8 shift;
68 u8 width;
69 s64 safe_val; /* safe value for FTR_EXACT features */
70 };
71
72 /*
73 * Describe the early feature override to the core override code:
74 *
75 * @val Values that are to be merged into the final
76 * sanitised value of the register. Only the bitfields
77 * set to 1 in @mask are valid
78 * @mask Mask of the features that are overridden by @val
79 *
80 * A @mask field set to full-1 indicates that the corresponding field
81 * in @val is a valid override.
82 *
83 * A @mask field set to full-0 with the corresponding @val field set
84 * to full-0 denotes that this field has no override
85 *
86 * A @mask field set to full-0 with the corresponding @val field set
87 * to full-1 denotes that this field has an invalid override.
88 */
89 struct arm64_ftr_override {
90 u64 val;
91 u64 mask;
92 };
93
94 /*
95 * @arm64_ftr_reg - Feature register
96 * @strict_mask Bits which should match across all CPUs for sanity.
97 * @sys_val Safe value across the CPUs (system view)
98 */
99 struct arm64_ftr_reg {
100 const char *name;
101 u64 strict_mask;
102 u64 user_mask;
103 u64 sys_val;
104 u64 user_val;
105 struct arm64_ftr_override *override;
106 const struct arm64_ftr_bits *ftr_bits;
107 };
108
109 extern struct arm64_ftr_reg arm64_ftr_reg_ctrel0;
110
111 /*
112 * CPU capabilities:
113 *
114 * We use arm64_cpu_capabilities to represent system features, errata work
115 * arounds (both used internally by kernel and tracked in system_cpucaps) and
116 * ELF HWCAPs (which are exposed to user).
117 *
118 * To support systems with heterogeneous CPUs, we need to make sure that we
119 * detect the capabilities correctly on the system and take appropriate
120 * measures to ensure there are no incompatibilities.
121 *
122 * This comment tries to explain how we treat the capabilities.
123 * Each capability has the following list of attributes :
124 *
125 * 1) Scope of Detection : The system detects a given capability by
126 * performing some checks at runtime. This could be, e.g, checking the
127 * value of a field in CPU ID feature register or checking the cpu
128 * model. The capability provides a call back ( @matches() ) to
129 * perform the check. Scope defines how the checks should be performed.
130 * There are three cases:
131 *
132 * a) SCOPE_LOCAL_CPU: check all the CPUs and "detect" if at least one
133 * matches. This implies, we have to run the check on all the
134 * booting CPUs, until the system decides that state of the
135 * capability is finalised. (See section 2 below)
136 * Or
137 * b) SCOPE_SYSTEM: check all the CPUs and "detect" if all the CPUs
138 * matches. This implies, we run the check only once, when the
139 * system decides to finalise the state of the capability. If the
140 * capability relies on a field in one of the CPU ID feature
141 * registers, we use the sanitised value of the register from the
142 * CPU feature infrastructure to make the decision.
143 * Or
144 * c) SCOPE_BOOT_CPU: Check only on the primary boot CPU to detect the
145 * feature. This category is for features that are "finalised"
146 * (or used) by the kernel very early even before the SMP cpus
147 * are brought up.
148 *
149 * The process of detection is usually denoted by "update" capability
150 * state in the code.
151 *
152 * 2) Finalise the state : The kernel should finalise the state of a
153 * capability at some point during its execution and take necessary
154 * actions if any. Usually, this is done, after all the boot-time
155 * enabled CPUs are brought up by the kernel, so that it can make
156 * better decision based on the available set of CPUs. However, there
157 * are some special cases, where the action is taken during the early
158 * boot by the primary boot CPU. (e.g, running the kernel at EL2 with
159 * Virtualisation Host Extensions). The kernel usually disallows any
160 * changes to the state of a capability once it finalises the capability
161 * and takes any action, as it may be impossible to execute the actions
162 * safely. A CPU brought up after a capability is "finalised" is
163 * referred to as "Late CPU" w.r.t the capability. e.g, all secondary
164 * CPUs are treated "late CPUs" for capabilities determined by the boot
165 * CPU.
166 *
167 * At the moment there are two passes of finalising the capabilities.
168 * a) Boot CPU scope capabilities - Finalised by primary boot CPU via
169 * setup_boot_cpu_capabilities().
170 * b) Everything except (a) - Run via setup_system_capabilities().
171 *
172 * 3) Verification: When a CPU is brought online (e.g, by user or by the
173 * kernel), the kernel should make sure that it is safe to use the CPU,
174 * by verifying that the CPU is compliant with the state of the
175 * capabilities finalised already. This happens via :
176 *
177 * secondary_start_kernel()-> check_local_cpu_capabilities()
178 *
179 * As explained in (2) above, capabilities could be finalised at
180 * different points in the execution. Each newly booted CPU is verified
181 * against the capabilities that have been finalised by the time it
182 * boots.
183 *
184 * a) SCOPE_BOOT_CPU : All CPUs are verified against the capability
185 * except for the primary boot CPU.
186 *
187 * b) SCOPE_LOCAL_CPU, SCOPE_SYSTEM: All CPUs hotplugged on by the
188 * user after the kernel boot are verified against the capability.
189 *
190 * If there is a conflict, the kernel takes an action, based on the
191 * severity (e.g, a CPU could be prevented from booting or cause a
192 * kernel panic). The CPU is allowed to "affect" the state of the
193 * capability, if it has not been finalised already. See section 5
194 * for more details on conflicts.
195 *
196 * 4) Action: As mentioned in (2), the kernel can take an action for each
197 * detected capability, on all CPUs on the system. Appropriate actions
198 * include, turning on an architectural feature, modifying the control
199 * registers (e.g, SCTLR, TCR etc.) or patching the kernel via
200 * alternatives. The kernel patching is batched and performed at later
201 * point. The actions are always initiated only after the capability
202 * is finalised. This is usally denoted by "enabling" the capability.
203 * The actions are initiated as follows :
204 * a) Action is triggered on all online CPUs, after the capability is
205 * finalised, invoked within the stop_machine() context from
206 * enable_cpu_capabilitie().
207 *
208 * b) Any late CPU, brought up after (1), the action is triggered via:
209 *
210 * check_local_cpu_capabilities() -> verify_local_cpu_capabilities()
211 *
212 * 5) Conflicts: Based on the state of the capability on a late CPU vs.
213 * the system state, we could have the following combinations :
214 *
215 * x-----------------------------x
216 * | Type | System | Late CPU |
217 * |-----------------------------|
218 * | a | y | n |
219 * |-----------------------------|
220 * | b | n | y |
221 * x-----------------------------x
222 *
223 * Two separate flag bits are defined to indicate whether each kind of
224 * conflict can be allowed:
225 * ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU - Case(a) is allowed
226 * ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU - Case(b) is allowed
227 *
228 * Case (a) is not permitted for a capability that the system requires
229 * all CPUs to have in order for the capability to be enabled. This is
230 * typical for capabilities that represent enhanced functionality.
231 *
232 * Case (b) is not permitted for a capability that must be enabled
233 * during boot if any CPU in the system requires it in order to run
234 * safely. This is typical for erratum work arounds that cannot be
235 * enabled after the corresponding capability is finalised.
236 *
237 * In some non-typical cases either both (a) and (b), or neither,
238 * should be permitted. This can be described by including neither
239 * or both flags in the capability's type field.
240 *
241 * In case of a conflict, the CPU is prevented from booting. If the
242 * ARM64_CPUCAP_PANIC_ON_CONFLICT flag is specified for the capability,
243 * then a kernel panic is triggered.
244 */
245
246
247 /*
248 * Decide how the capability is detected.
249 * On any local CPU vs System wide vs the primary boot CPU
250 */
251 #define ARM64_CPUCAP_SCOPE_LOCAL_CPU ((u16)BIT(0))
252 #define ARM64_CPUCAP_SCOPE_SYSTEM ((u16)BIT(1))
253 /*
254 * The capabilitiy is detected on the Boot CPU and is used by kernel
255 * during early boot. i.e, the capability should be "detected" and
256 * "enabled" as early as possibly on all booting CPUs.
257 */
258 #define ARM64_CPUCAP_SCOPE_BOOT_CPU ((u16)BIT(2))
259 #define ARM64_CPUCAP_SCOPE_MASK \
260 (ARM64_CPUCAP_SCOPE_SYSTEM | \
261 ARM64_CPUCAP_SCOPE_LOCAL_CPU | \
262 ARM64_CPUCAP_SCOPE_BOOT_CPU)
263
264 #define SCOPE_SYSTEM ARM64_CPUCAP_SCOPE_SYSTEM
265 #define SCOPE_LOCAL_CPU ARM64_CPUCAP_SCOPE_LOCAL_CPU
266 #define SCOPE_BOOT_CPU ARM64_CPUCAP_SCOPE_BOOT_CPU
267 #define SCOPE_ALL ARM64_CPUCAP_SCOPE_MASK
268
269 /*
270 * Is it permitted for a late CPU to have this capability when system
271 * hasn't already enabled it ?
272 */
273 #define ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU ((u16)BIT(4))
274 /* Is it safe for a late CPU to miss this capability when system has it */
275 #define ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU ((u16)BIT(5))
276 /* Panic when a conflict is detected */
277 #define ARM64_CPUCAP_PANIC_ON_CONFLICT ((u16)BIT(6))
278
279 /*
280 * CPU errata workarounds that need to be enabled at boot time if one or
281 * more CPUs in the system requires it. When one of these capabilities
282 * has been enabled, it is safe to allow any CPU to boot that doesn't
283 * require the workaround. However, it is not safe if a "late" CPU
284 * requires a workaround and the system hasn't enabled it already.
285 */
286 #define ARM64_CPUCAP_LOCAL_CPU_ERRATUM \
287 (ARM64_CPUCAP_SCOPE_LOCAL_CPU | ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU)
288 /*
289 * CPU feature detected at boot time based on system-wide value of a
290 * feature. It is safe for a late CPU to have this feature even though
291 * the system hasn't enabled it, although the feature will not be used
292 * by Linux in this case. If the system has enabled this feature already,
293 * then every late CPU must have it.
294 */
295 #define ARM64_CPUCAP_SYSTEM_FEATURE \
296 (ARM64_CPUCAP_SCOPE_SYSTEM | ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU)
297 /*
298 * CPU feature detected at boot time based on feature of one or more CPUs.
299 * All possible conflicts for a late CPU are ignored.
300 * NOTE: this means that a late CPU with the feature will *not* cause the
301 * capability to be advertised by cpus_have_*cap()!
302 */
303 #define ARM64_CPUCAP_WEAK_LOCAL_CPU_FEATURE \
304 (ARM64_CPUCAP_SCOPE_LOCAL_CPU | \
305 ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU | \
306 ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU)
307
308 /*
309 * CPU feature detected at boot time, on one or more CPUs. A late CPU
310 * is not allowed to have the capability when the system doesn't have it.
311 * It is Ok for a late CPU to miss the feature.
312 */
313 #define ARM64_CPUCAP_BOOT_RESTRICTED_CPU_LOCAL_FEATURE \
314 (ARM64_CPUCAP_SCOPE_LOCAL_CPU | \
315 ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU)
316
317 /*
318 * CPU feature used early in the boot based on the boot CPU. All secondary
319 * CPUs must match the state of the capability as detected by the boot CPU. In
320 * case of a conflict, a kernel panic is triggered.
321 */
322 #define ARM64_CPUCAP_STRICT_BOOT_CPU_FEATURE \
323 (ARM64_CPUCAP_SCOPE_BOOT_CPU | ARM64_CPUCAP_PANIC_ON_CONFLICT)
324
325 /*
326 * CPU feature used early in the boot based on the boot CPU. It is safe for a
327 * late CPU to have this feature even though the boot CPU hasn't enabled it,
328 * although the feature will not be used by Linux in this case. If the boot CPU
329 * has enabled this feature already, then every late CPU must have it.
330 */
331 #define ARM64_CPUCAP_BOOT_CPU_FEATURE \
332 (ARM64_CPUCAP_SCOPE_BOOT_CPU | ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU)
333
334 struct arm64_cpu_capabilities {
335 const char *desc;
336 u16 capability;
337 u16 type;
338 bool (*matches)(const struct arm64_cpu_capabilities *caps, int scope);
339 /*
340 * Take the appropriate actions to configure this capability
341 * for this CPU. If the capability is detected by the kernel
342 * this will be called on all the CPUs in the system,
343 * including the hotplugged CPUs, regardless of whether the
344 * capability is available on that specific CPU. This is
345 * useful for some capabilities (e.g, working around CPU
346 * errata), where all the CPUs must take some action (e.g,
347 * changing system control/configuration). Thus, if an action
348 * is required only if the CPU has the capability, then the
349 * routine must check it before taking any action.
350 */
351 void (*cpu_enable)(const struct arm64_cpu_capabilities *cap);
352 union {
353 struct { /* To be used for erratum handling only */
354 struct midr_range midr_range;
355 const struct arm64_midr_revidr {
356 u32 midr_rv; /* revision/variant */
357 u32 revidr_mask;
358 } * const fixed_revs;
359 };
360
361 const struct midr_range *midr_range_list;
362 struct { /* Feature register checking */
363 u32 sys_reg;
364 u8 field_pos;
365 u8 field_width;
366 u8 min_field_value;
367 u8 max_field_value;
368 u8 hwcap_type;
369 bool sign;
370 unsigned long hwcap;
371 };
372 };
373
374 /*
375 * An optional list of "matches/cpu_enable" pair for the same
376 * "capability" of the same "type" as described by the parent.
377 * Only matches(), cpu_enable() and fields relevant to these
378 * methods are significant in the list. The cpu_enable is
379 * invoked only if the corresponding entry "matches()".
380 * However, if a cpu_enable() method is associated
381 * with multiple matches(), care should be taken that either
382 * the match criteria are mutually exclusive, or that the
383 * method is robust against being called multiple times.
384 */
385 const struct arm64_cpu_capabilities *match_list;
386 const struct cpumask *cpus;
387 };
388
cpucap_default_scope(const struct arm64_cpu_capabilities * cap)389 static inline int cpucap_default_scope(const struct arm64_cpu_capabilities *cap)
390 {
391 return cap->type & ARM64_CPUCAP_SCOPE_MASK;
392 }
393
394 /*
395 * Generic helper for handling capabilities with multiple (match,enable) pairs
396 * of call backs, sharing the same capability bit.
397 * Iterate over each entry to see if at least one matches.
398 */
399 static inline bool
cpucap_multi_entry_cap_matches(const struct arm64_cpu_capabilities * entry,int scope)400 cpucap_multi_entry_cap_matches(const struct arm64_cpu_capabilities *entry,
401 int scope)
402 {
403 const struct arm64_cpu_capabilities *caps;
404
405 for (caps = entry->match_list; caps->matches; caps++)
406 if (caps->matches(caps, scope))
407 return true;
408
409 return false;
410 }
411
is_vhe_hyp_code(void)412 static __always_inline bool is_vhe_hyp_code(void)
413 {
414 /* Only defined for code run in VHE hyp context */
415 return __is_defined(__KVM_VHE_HYPERVISOR__);
416 }
417
is_nvhe_hyp_code(void)418 static __always_inline bool is_nvhe_hyp_code(void)
419 {
420 /* Only defined for code run in NVHE hyp context */
421 return __is_defined(__KVM_NVHE_HYPERVISOR__);
422 }
423
is_hyp_code(void)424 static __always_inline bool is_hyp_code(void)
425 {
426 return is_vhe_hyp_code() || is_nvhe_hyp_code();
427 }
428
429 extern DECLARE_BITMAP(system_cpucaps, ARM64_NCAPS);
430
431 extern DECLARE_BITMAP(boot_cpucaps, ARM64_NCAPS);
432
433 #define for_each_available_cap(cap) \
434 for_each_set_bit(cap, system_cpucaps, ARM64_NCAPS)
435
436 bool this_cpu_has_cap(unsigned int cap);
437 void cpu_set_feature(unsigned int num);
438 bool cpu_have_feature(unsigned int num);
439 unsigned long cpu_get_elf_hwcap(void);
440 unsigned long cpu_get_elf_hwcap2(void);
441 unsigned long cpu_get_elf_hwcap3(void);
442
443 #define cpu_set_named_feature(name) cpu_set_feature(cpu_feature(name))
444 #define cpu_have_named_feature(name) cpu_have_feature(cpu_feature(name))
445
boot_capabilities_finalized(void)446 static __always_inline bool boot_capabilities_finalized(void)
447 {
448 return alternative_has_cap_likely(ARM64_ALWAYS_BOOT);
449 }
450
system_capabilities_finalized(void)451 static __always_inline bool system_capabilities_finalized(void)
452 {
453 return alternative_has_cap_likely(ARM64_ALWAYS_SYSTEM);
454 }
455
456 /*
457 * Test for a capability with a runtime check.
458 *
459 * Before the capability is detected, this returns false.
460 */
cpus_have_cap(unsigned int num)461 static __always_inline bool cpus_have_cap(unsigned int num)
462 {
463 if (__builtin_constant_p(num) && !cpucap_is_possible(num))
464 return false;
465 if (num >= ARM64_NCAPS)
466 return false;
467 return arch_test_bit(num, system_cpucaps);
468 }
469
470 /*
471 * Test for a capability without a runtime check.
472 *
473 * Before boot capabilities are finalized, this will BUG().
474 * After boot capabilities are finalized, this is patched to avoid a runtime
475 * check.
476 *
477 * @num must be a compile-time constant.
478 */
cpus_have_final_boot_cap(int num)479 static __always_inline bool cpus_have_final_boot_cap(int num)
480 {
481 if (boot_capabilities_finalized())
482 return alternative_has_cap_unlikely(num);
483 else
484 BUG();
485 }
486
487 /*
488 * Test for a capability without a runtime check.
489 *
490 * Before system capabilities are finalized, this will BUG().
491 * After system capabilities are finalized, this is patched to avoid a runtime
492 * check.
493 *
494 * @num must be a compile-time constant.
495 */
cpus_have_final_cap(int num)496 static __always_inline bool cpus_have_final_cap(int num)
497 {
498 if (system_capabilities_finalized())
499 return alternative_has_cap_unlikely(num);
500 else
501 BUG();
502 }
503
504 static inline int __attribute_const__
cpuid_feature_extract_signed_field_width(u64 features,int field,int width)505 cpuid_feature_extract_signed_field_width(u64 features, int field, int width)
506 {
507 return (s64)(features << (64 - width - field)) >> (64 - width);
508 }
509
510 static inline int __attribute_const__
cpuid_feature_extract_signed_field(u64 features,int field)511 cpuid_feature_extract_signed_field(u64 features, int field)
512 {
513 return cpuid_feature_extract_signed_field_width(features, field, 4);
514 }
515
516 static __always_inline unsigned int __attribute_const__
cpuid_feature_extract_unsigned_field_width(u64 features,int field,int width)517 cpuid_feature_extract_unsigned_field_width(u64 features, int field, int width)
518 {
519 return (u64)(features << (64 - width - field)) >> (64 - width);
520 }
521
522 static __always_inline unsigned int __attribute_const__
cpuid_feature_extract_unsigned_field(u64 features,int field)523 cpuid_feature_extract_unsigned_field(u64 features, int field)
524 {
525 return cpuid_feature_extract_unsigned_field_width(features, field, 4);
526 }
527
528 /*
529 * Fields that identify the version of the Performance Monitors Extension do
530 * not follow the standard ID scheme. See ARM DDI 0487E.a page D13-2825,
531 * "Alternative ID scheme used for the Performance Monitors Extension version".
532 */
533 static inline u64 __attribute_const__
cpuid_feature_cap_perfmon_field(u64 features,int field,u64 cap)534 cpuid_feature_cap_perfmon_field(u64 features, int field, u64 cap)
535 {
536 u64 val = cpuid_feature_extract_unsigned_field(features, field);
537 u64 mask = GENMASK_ULL(field + 3, field);
538
539 /* Treat IMPLEMENTATION DEFINED functionality as unimplemented */
540 if (val == ID_AA64DFR0_EL1_PMUVer_IMP_DEF)
541 val = 0;
542
543 if (val > cap) {
544 features &= ~mask;
545 features |= (cap << field) & mask;
546 }
547
548 return features;
549 }
550
arm64_ftr_mask(const struct arm64_ftr_bits * ftrp)551 static inline u64 arm64_ftr_mask(const struct arm64_ftr_bits *ftrp)
552 {
553 return (u64)GENMASK(ftrp->shift + ftrp->width - 1, ftrp->shift);
554 }
555
arm64_ftr_reg_user_value(const struct arm64_ftr_reg * reg)556 static inline u64 arm64_ftr_reg_user_value(const struct arm64_ftr_reg *reg)
557 {
558 return (reg->user_val | (reg->sys_val & reg->user_mask));
559 }
560
561 static inline int __attribute_const__
cpuid_feature_extract_field_width(u64 features,int field,int width,bool sign)562 cpuid_feature_extract_field_width(u64 features, int field, int width, bool sign)
563 {
564 if (WARN_ON_ONCE(!width))
565 width = 4;
566 return (sign) ?
567 cpuid_feature_extract_signed_field_width(features, field, width) :
568 cpuid_feature_extract_unsigned_field_width(features, field, width);
569 }
570
571 static inline int __attribute_const__
cpuid_feature_extract_field(u64 features,int field,bool sign)572 cpuid_feature_extract_field(u64 features, int field, bool sign)
573 {
574 return cpuid_feature_extract_field_width(features, field, 4, sign);
575 }
576
arm64_ftr_value(const struct arm64_ftr_bits * ftrp,u64 val)577 static inline s64 arm64_ftr_value(const struct arm64_ftr_bits *ftrp, u64 val)
578 {
579 return (s64)cpuid_feature_extract_field_width(val, ftrp->shift, ftrp->width, ftrp->sign);
580 }
581
id_aa64mmfr0_mixed_endian_el0(u64 mmfr0)582 static inline bool id_aa64mmfr0_mixed_endian_el0(u64 mmfr0)
583 {
584 return cpuid_feature_extract_unsigned_field(mmfr0, ID_AA64MMFR0_EL1_BIGEND_SHIFT) == 0x1 ||
585 cpuid_feature_extract_unsigned_field(mmfr0, ID_AA64MMFR0_EL1_BIGENDEL0_SHIFT) == 0x1;
586 }
587
id_aa64pfr0_32bit_el1(u64 pfr0)588 static inline bool id_aa64pfr0_32bit_el1(u64 pfr0)
589 {
590 u32 val = cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_EL1_EL1_SHIFT);
591
592 return val == ID_AA64PFR0_EL1_EL1_AARCH32;
593 }
594
id_aa64pfr0_32bit_el0(u64 pfr0)595 static inline bool id_aa64pfr0_32bit_el0(u64 pfr0)
596 {
597 u32 val = cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_EL1_EL0_SHIFT);
598
599 return val == ID_AA64PFR0_EL1_EL0_AARCH32;
600 }
601
id_aa64pfr0_sve(u64 pfr0)602 static inline bool id_aa64pfr0_sve(u64 pfr0)
603 {
604 u32 val = cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_EL1_SVE_SHIFT);
605
606 return val > 0;
607 }
608
id_aa64pfr1_sme(u64 pfr1)609 static inline bool id_aa64pfr1_sme(u64 pfr1)
610 {
611 u32 val = cpuid_feature_extract_unsigned_field(pfr1, ID_AA64PFR1_EL1_SME_SHIFT);
612
613 return val > 0;
614 }
615
id_aa64pfr0_mpam(u64 pfr0)616 static inline bool id_aa64pfr0_mpam(u64 pfr0)
617 {
618 u32 val = cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_EL1_MPAM_SHIFT);
619
620 return val > 0;
621 }
622
id_aa64pfr1_mte(u64 pfr1)623 static inline bool id_aa64pfr1_mte(u64 pfr1)
624 {
625 u32 val = cpuid_feature_extract_unsigned_field(pfr1, ID_AA64PFR1_EL1_MTE_SHIFT);
626
627 return val >= ID_AA64PFR1_EL1_MTE_MTE2;
628 }
629
630 void __init setup_boot_cpu_features(void);
631 void __init setup_system_features(void);
632 void __init setup_user_features(void);
633
634 void check_local_cpu_capabilities(void);
635
636 u64 read_sanitised_ftr_reg(u32 id);
637 u64 __read_sysreg_by_encoding(u32 sys_id);
638
cpu_supports_mixed_endian_el0(void)639 static inline bool cpu_supports_mixed_endian_el0(void)
640 {
641 return id_aa64mmfr0_mixed_endian_el0(read_cpuid(ID_AA64MMFR0_EL1));
642 }
643
644
supports_csv2p3(int scope)645 static inline bool supports_csv2p3(int scope)
646 {
647 u64 pfr0;
648 u8 csv2_val;
649
650 if (scope == SCOPE_LOCAL_CPU)
651 pfr0 = read_sysreg_s(SYS_ID_AA64PFR0_EL1);
652 else
653 pfr0 = read_sanitised_ftr_reg(SYS_ID_AA64PFR0_EL1);
654
655 csv2_val = cpuid_feature_extract_unsigned_field(pfr0,
656 ID_AA64PFR0_EL1_CSV2_SHIFT);
657 return csv2_val == 3;
658 }
659
supports_clearbhb(int scope)660 static inline bool supports_clearbhb(int scope)
661 {
662 u64 isar2;
663
664 if (scope == SCOPE_LOCAL_CPU)
665 isar2 = read_sysreg_s(SYS_ID_AA64ISAR2_EL1);
666 else
667 isar2 = read_sanitised_ftr_reg(SYS_ID_AA64ISAR2_EL1);
668
669 return cpuid_feature_extract_unsigned_field(isar2,
670 ID_AA64ISAR2_EL1_CLRBHB_SHIFT);
671 }
672
673 const struct cpumask *system_32bit_el0_cpumask(void);
674 const struct cpumask *fallback_32bit_el0_cpumask(void);
675 DECLARE_STATIC_KEY_FALSE(arm64_mismatched_32bit_el0);
676
system_supports_32bit_el0(void)677 static inline bool system_supports_32bit_el0(void)
678 {
679 u64 pfr0 = read_sanitised_ftr_reg(SYS_ID_AA64PFR0_EL1);
680
681 return static_branch_unlikely(&arm64_mismatched_32bit_el0) ||
682 id_aa64pfr0_32bit_el0(pfr0);
683 }
684
system_supports_4kb_granule(void)685 static inline bool system_supports_4kb_granule(void)
686 {
687 u64 mmfr0;
688 u32 val;
689
690 mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1);
691 val = cpuid_feature_extract_unsigned_field(mmfr0,
692 ID_AA64MMFR0_EL1_TGRAN4_SHIFT);
693
694 return (val >= ID_AA64MMFR0_EL1_TGRAN4_SUPPORTED_MIN) &&
695 (val <= ID_AA64MMFR0_EL1_TGRAN4_SUPPORTED_MAX);
696 }
697
system_supports_64kb_granule(void)698 static inline bool system_supports_64kb_granule(void)
699 {
700 u64 mmfr0;
701 u32 val;
702
703 mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1);
704 val = cpuid_feature_extract_unsigned_field(mmfr0,
705 ID_AA64MMFR0_EL1_TGRAN64_SHIFT);
706
707 return (val >= ID_AA64MMFR0_EL1_TGRAN64_SUPPORTED_MIN) &&
708 (val <= ID_AA64MMFR0_EL1_TGRAN64_SUPPORTED_MAX);
709 }
710
system_supports_16kb_granule(void)711 static inline bool system_supports_16kb_granule(void)
712 {
713 u64 mmfr0;
714 u32 val;
715
716 mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1);
717 val = cpuid_feature_extract_unsigned_field(mmfr0,
718 ID_AA64MMFR0_EL1_TGRAN16_SHIFT);
719
720 return (val >= ID_AA64MMFR0_EL1_TGRAN16_SUPPORTED_MIN) &&
721 (val <= ID_AA64MMFR0_EL1_TGRAN16_SUPPORTED_MAX);
722 }
723
system_supports_mixed_endian_el0(void)724 static inline bool system_supports_mixed_endian_el0(void)
725 {
726 return id_aa64mmfr0_mixed_endian_el0(read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1));
727 }
728
system_supports_mixed_endian(void)729 static inline bool system_supports_mixed_endian(void)
730 {
731 u64 mmfr0;
732 u32 val;
733
734 mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1);
735 val = cpuid_feature_extract_unsigned_field(mmfr0,
736 ID_AA64MMFR0_EL1_BIGEND_SHIFT);
737
738 return val == 0x1;
739 }
740
system_supports_fpsimd(void)741 static __always_inline bool system_supports_fpsimd(void)
742 {
743 return alternative_has_cap_likely(ARM64_HAS_FPSIMD);
744 }
745
system_uses_hw_pan(void)746 static inline bool system_uses_hw_pan(void)
747 {
748 return alternative_has_cap_unlikely(ARM64_HAS_PAN);
749 }
750
system_uses_ttbr0_pan(void)751 static inline bool system_uses_ttbr0_pan(void)
752 {
753 return IS_ENABLED(CONFIG_ARM64_SW_TTBR0_PAN) &&
754 !system_uses_hw_pan();
755 }
756
system_supports_sve(void)757 static __always_inline bool system_supports_sve(void)
758 {
759 return alternative_has_cap_unlikely(ARM64_SVE);
760 }
761
system_supports_sme(void)762 static __always_inline bool system_supports_sme(void)
763 {
764 return alternative_has_cap_unlikely(ARM64_SME);
765 }
766
system_supports_sme2(void)767 static __always_inline bool system_supports_sme2(void)
768 {
769 return alternative_has_cap_unlikely(ARM64_SME2);
770 }
771
system_supports_fa64(void)772 static __always_inline bool system_supports_fa64(void)
773 {
774 return alternative_has_cap_unlikely(ARM64_SME_FA64);
775 }
776
system_supports_tpidr2(void)777 static __always_inline bool system_supports_tpidr2(void)
778 {
779 return system_supports_sme();
780 }
781
system_supports_fpmr(void)782 static __always_inline bool system_supports_fpmr(void)
783 {
784 return alternative_has_cap_unlikely(ARM64_HAS_FPMR);
785 }
786
system_supports_cnp(void)787 static __always_inline bool system_supports_cnp(void)
788 {
789 return alternative_has_cap_unlikely(ARM64_HAS_CNP);
790 }
791
system_supports_address_auth(void)792 static inline bool system_supports_address_auth(void)
793 {
794 return cpus_have_final_boot_cap(ARM64_HAS_ADDRESS_AUTH);
795 }
796
system_supports_generic_auth(void)797 static inline bool system_supports_generic_auth(void)
798 {
799 return alternative_has_cap_unlikely(ARM64_HAS_GENERIC_AUTH);
800 }
801
system_has_full_ptr_auth(void)802 static inline bool system_has_full_ptr_auth(void)
803 {
804 return system_supports_address_auth() && system_supports_generic_auth();
805 }
806
system_uses_irq_prio_masking(void)807 static __always_inline bool system_uses_irq_prio_masking(void)
808 {
809 return alternative_has_cap_unlikely(ARM64_HAS_GIC_PRIO_MASKING);
810 }
811
system_supports_mte(void)812 static inline bool system_supports_mte(void)
813 {
814 return alternative_has_cap_unlikely(ARM64_MTE);
815 }
816
system_has_prio_mask_debugging(void)817 static inline bool system_has_prio_mask_debugging(void)
818 {
819 return IS_ENABLED(CONFIG_ARM64_DEBUG_PRIORITY_MASKING) &&
820 system_uses_irq_prio_masking();
821 }
822
system_supports_bti(void)823 static inline bool system_supports_bti(void)
824 {
825 return cpus_have_final_cap(ARM64_BTI);
826 }
827
system_supports_bti_kernel(void)828 static inline bool system_supports_bti_kernel(void)
829 {
830 return IS_ENABLED(CONFIG_ARM64_BTI_KERNEL) &&
831 cpus_have_final_boot_cap(ARM64_BTI);
832 }
833
system_supports_tlb_range(void)834 static inline bool system_supports_tlb_range(void)
835 {
836 return alternative_has_cap_unlikely(ARM64_HAS_TLB_RANGE);
837 }
838
system_supports_lpa2(void)839 static inline bool system_supports_lpa2(void)
840 {
841 return cpus_have_final_cap(ARM64_HAS_LPA2);
842 }
843
system_supports_poe(void)844 static inline bool system_supports_poe(void)
845 {
846 return alternative_has_cap_unlikely(ARM64_HAS_S1POE);
847 }
848
system_supports_gcs(void)849 static inline bool system_supports_gcs(void)
850 {
851 return alternative_has_cap_unlikely(ARM64_HAS_GCS);
852 }
853
system_supports_haft(void)854 static inline bool system_supports_haft(void)
855 {
856 return cpus_have_final_cap(ARM64_HAFT);
857 }
858
system_supports_mpam(void)859 static __always_inline bool system_supports_mpam(void)
860 {
861 return alternative_has_cap_unlikely(ARM64_MPAM);
862 }
863
system_supports_mpam_hcr(void)864 static __always_inline bool system_supports_mpam_hcr(void)
865 {
866 return alternative_has_cap_unlikely(ARM64_MPAM_HCR);
867 }
868
869 int do_emulate_mrs(struct pt_regs *regs, u32 sys_reg, u32 rt);
870 bool try_emulate_mrs(struct pt_regs *regs, u32 isn);
871
id_aa64mmfr0_parange_to_phys_shift(int parange)872 static inline u32 id_aa64mmfr0_parange_to_phys_shift(int parange)
873 {
874 switch (parange) {
875 case ID_AA64MMFR0_EL1_PARANGE_32: return 32;
876 case ID_AA64MMFR0_EL1_PARANGE_36: return 36;
877 case ID_AA64MMFR0_EL1_PARANGE_40: return 40;
878 case ID_AA64MMFR0_EL1_PARANGE_42: return 42;
879 case ID_AA64MMFR0_EL1_PARANGE_44: return 44;
880 case ID_AA64MMFR0_EL1_PARANGE_48: return 48;
881 case ID_AA64MMFR0_EL1_PARANGE_52: return 52;
882 /*
883 * A future PE could use a value unknown to the kernel.
884 * However, by the "D10.1.4 Principles of the ID scheme
885 * for fields in ID registers", ARM DDI 0487C.a, any new
886 * value is guaranteed to be higher than what we know already.
887 * As a safe limit, we return the limit supported by the kernel.
888 */
889 default: return CONFIG_ARM64_PA_BITS;
890 }
891 }
892
893 /* Check whether hardware update of the Access flag is supported */
cpu_has_hw_af(void)894 static inline bool cpu_has_hw_af(void)
895 {
896 u64 mmfr1;
897
898 if (!IS_ENABLED(CONFIG_ARM64_HW_AFDBM))
899 return false;
900
901 /*
902 * Use cached version to avoid emulated msr operation on KVM
903 * guests.
904 */
905 mmfr1 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR1_EL1);
906 return cpuid_feature_extract_unsigned_field(mmfr1,
907 ID_AA64MMFR1_EL1_HAFDBS_SHIFT);
908 }
909
cpu_has_pan(void)910 static inline bool cpu_has_pan(void)
911 {
912 u64 mmfr1 = read_cpuid(ID_AA64MMFR1_EL1);
913 return cpuid_feature_extract_unsigned_field(mmfr1,
914 ID_AA64MMFR1_EL1_PAN_SHIFT);
915 }
916
917 #ifdef CONFIG_ARM64_AMU_EXTN
918 /* Check whether the cpu supports the Activity Monitors Unit (AMU) */
919 extern bool cpu_has_amu_feat(int cpu);
920 #else
cpu_has_amu_feat(int cpu)921 static inline bool cpu_has_amu_feat(int cpu)
922 {
923 return false;
924 }
925 #endif
926
927 /* Get a cpu that supports the Activity Monitors Unit (AMU) */
928 extern int get_cpu_with_amu_feat(void);
929
get_vmid_bits(u64 mmfr1)930 static inline unsigned int get_vmid_bits(u64 mmfr1)
931 {
932 int vmid_bits;
933
934 vmid_bits = cpuid_feature_extract_unsigned_field(mmfr1,
935 ID_AA64MMFR1_EL1_VMIDBits_SHIFT);
936 if (vmid_bits == ID_AA64MMFR1_EL1_VMIDBits_16)
937 return 16;
938
939 /*
940 * Return the default here even if any reserved
941 * value is fetched from the system register.
942 */
943 return 8;
944 }
945
946 s64 arm64_ftr_safe_value(const struct arm64_ftr_bits *ftrp, s64 new, s64 cur);
947 struct arm64_ftr_reg *get_arm64_ftr_reg(u32 sys_id);
948
949 extern struct arm64_ftr_override id_aa64mmfr0_override;
950 extern struct arm64_ftr_override id_aa64mmfr1_override;
951 extern struct arm64_ftr_override id_aa64mmfr2_override;
952 extern struct arm64_ftr_override id_aa64pfr0_override;
953 extern struct arm64_ftr_override id_aa64pfr1_override;
954 extern struct arm64_ftr_override id_aa64zfr0_override;
955 extern struct arm64_ftr_override id_aa64smfr0_override;
956 extern struct arm64_ftr_override id_aa64isar1_override;
957 extern struct arm64_ftr_override id_aa64isar2_override;
958
959 extern struct arm64_ftr_override arm64_sw_feature_override;
960
961 static inline
arm64_apply_feature_override(u64 val,int feat,int width,const struct arm64_ftr_override * override)962 u64 arm64_apply_feature_override(u64 val, int feat, int width,
963 const struct arm64_ftr_override *override)
964 {
965 u64 oval = override->val;
966
967 /*
968 * When it encounters an invalid override (e.g., an override that
969 * cannot be honoured due to a missing CPU feature), the early idreg
970 * override code will set the mask to 0x0 and the value to non-zero for
971 * the field in question. In order to determine whether the override is
972 * valid or not for the field we are interested in, we first need to
973 * disregard bits belonging to other fields.
974 */
975 oval &= GENMASK_ULL(feat + width - 1, feat);
976
977 /*
978 * The override is valid if all value bits are accounted for in the
979 * mask. If so, replace the masked bits with the override value.
980 */
981 if (oval == (oval & override->mask)) {
982 val &= ~override->mask;
983 val |= oval;
984 }
985
986 /* Extract the field from the updated value */
987 return cpuid_feature_extract_unsigned_field(val, feat);
988 }
989
arm64_test_sw_feature_override(int feat)990 static inline bool arm64_test_sw_feature_override(int feat)
991 {
992 /*
993 * Software features are pseudo CPU features that have no underlying
994 * CPUID system register value to apply the override to.
995 */
996 return arm64_apply_feature_override(0, feat, 4,
997 &arm64_sw_feature_override);
998 }
999
kaslr_disabled_cmdline(void)1000 static inline bool kaslr_disabled_cmdline(void)
1001 {
1002 return arm64_test_sw_feature_override(ARM64_SW_FEATURE_OVERRIDE_NOKASLR);
1003 }
1004
1005 u32 get_kvm_ipa_limit(void);
1006 void dump_cpu_features(void);
1007
cpu_has_bti(void)1008 static inline bool cpu_has_bti(void)
1009 {
1010 if (!IS_ENABLED(CONFIG_ARM64_BTI))
1011 return false;
1012
1013 return arm64_apply_feature_override(read_cpuid(ID_AA64PFR1_EL1),
1014 ID_AA64PFR1_EL1_BT_SHIFT, 4,
1015 &id_aa64pfr1_override);
1016 }
1017
cpu_has_pac(void)1018 static inline bool cpu_has_pac(void)
1019 {
1020 u64 isar1, isar2;
1021
1022 if (!IS_ENABLED(CONFIG_ARM64_PTR_AUTH))
1023 return false;
1024
1025 isar1 = read_cpuid(ID_AA64ISAR1_EL1);
1026 isar2 = read_cpuid(ID_AA64ISAR2_EL1);
1027
1028 if (arm64_apply_feature_override(isar1, ID_AA64ISAR1_EL1_APA_SHIFT, 4,
1029 &id_aa64isar1_override))
1030 return true;
1031
1032 if (arm64_apply_feature_override(isar1, ID_AA64ISAR1_EL1_API_SHIFT, 4,
1033 &id_aa64isar1_override))
1034 return true;
1035
1036 return arm64_apply_feature_override(isar2, ID_AA64ISAR2_EL1_APA3_SHIFT, 4,
1037 &id_aa64isar2_override);
1038 }
1039
cpu_has_lva(void)1040 static inline bool cpu_has_lva(void)
1041 {
1042 u64 mmfr2;
1043
1044 mmfr2 = read_sysreg_s(SYS_ID_AA64MMFR2_EL1);
1045 mmfr2 &= ~id_aa64mmfr2_override.mask;
1046 mmfr2 |= id_aa64mmfr2_override.val;
1047 return cpuid_feature_extract_unsigned_field(mmfr2,
1048 ID_AA64MMFR2_EL1_VARange_SHIFT);
1049 }
1050
cpu_has_lpa2(void)1051 static inline bool cpu_has_lpa2(void)
1052 {
1053 #ifdef CONFIG_ARM64_LPA2
1054 u64 mmfr0;
1055 int feat;
1056
1057 mmfr0 = read_sysreg(id_aa64mmfr0_el1);
1058 mmfr0 &= ~id_aa64mmfr0_override.mask;
1059 mmfr0 |= id_aa64mmfr0_override.val;
1060 feat = cpuid_feature_extract_signed_field(mmfr0,
1061 ID_AA64MMFR0_EL1_TGRAN_SHIFT);
1062
1063 return feat >= ID_AA64MMFR0_EL1_TGRAN_LPA2;
1064 #else
1065 return false;
1066 #endif
1067 }
1068
1069 #endif /* __ASSEMBLY__ */
1070
1071 #endif
1072