xref: /linux/arch/arm64/kernel/pi/idreg-override.c (revision f96a974170b749e3a56844e25b31d46a7233b6f6) 
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Early cpufeature override framework
4  *
5  * Copyright (C) 2020 Google LLC
6  * Author: Marc Zyngier <maz@kernel.org>
7  */
8 
9 #include <linux/ctype.h>
10 #include <linux/kernel.h>
11 #include <linux/libfdt.h>
12 
13 #include <asm/cacheflush.h>
14 #include <asm/cpufeature.h>
15 #include <asm/setup.h>
16 
17 #include "pi.h"
18 
19 #define FTR_DESC_NAME_LEN	20
20 #define FTR_DESC_FIELD_LEN	10
21 #define FTR_ALIAS_NAME_LEN	30
22 #define FTR_ALIAS_OPTION_LEN	116
23 
24 static u64 __boot_status __initdata;
25 
26 typedef bool filter_t(u64 val);
27 
28 struct ftr_set_desc {
29 	char 				name[FTR_DESC_NAME_LEN];
30 	PREL64(struct arm64_ftr_override, override);
31 	struct {
32 		char			name[FTR_DESC_FIELD_LEN];
33 		u8			shift;
34 		u8			width;
35 		PREL64(filter_t,	filter);
36 	} 				fields[];
37 };
38 
39 #define FIELD(n, s, f)	{ .name = n, .shift = s, .width = 4, .filter = f }
40 
41 static const struct ftr_set_desc mmfr0 __prel64_initconst = {
42 	.name		= "id_aa64mmfr0",
43 	.override	= &id_aa64mmfr0_override,
44 	.fields		= {
45 		FIELD("ecv", ID_AA64MMFR0_EL1_ECV_SHIFT, NULL),
46 		{}
47 	},
48 };
49 
50 static bool __init mmfr1_vh_filter(u64 val)
51 {
52 	/*
53 	 * If we ever reach this point while running VHE, we're
54 	 * guaranteed to be on one of these funky, VHE-stuck CPUs. If
55 	 * the user was trying to force nVHE on us, proceed with
56 	 * attitude adjustment.
57 	 */
58 	return !(__boot_status == (BOOT_CPU_FLAG_E2H | BOOT_CPU_MODE_EL2) &&
59 		 val == 0);
60 }
61 
62 static const struct ftr_set_desc mmfr1 __prel64_initconst = {
63 	.name		= "id_aa64mmfr1",
64 	.override	= &id_aa64mmfr1_override,
65 	.fields		= {
66 		FIELD("vh", ID_AA64MMFR1_EL1_VH_SHIFT, mmfr1_vh_filter),
67 		{}
68 	},
69 };
70 
71 
72 static bool __init mmfr2_varange_filter(u64 val)
73 {
74 	int __maybe_unused feat;
75 
76 	if (val)
77 		return false;
78 
79 #ifdef CONFIG_ARM64_LPA2
80 	feat = cpuid_feature_extract_signed_field(read_sysreg(id_aa64mmfr0_el1),
81 						  ID_AA64MMFR0_EL1_TGRAN_SHIFT);
82 	if (feat >= ID_AA64MMFR0_EL1_TGRAN_LPA2) {
83 		id_aa64mmfr0_override.val |=
84 			(ID_AA64MMFR0_EL1_TGRAN_LPA2 - 1) << ID_AA64MMFR0_EL1_TGRAN_SHIFT;
85 		id_aa64mmfr0_override.mask |= 0xfU << ID_AA64MMFR0_EL1_TGRAN_SHIFT;
86 
87 		/*
88 		 * Override PARange to 48 bits - the override will just be
89 		 * ignored if the actual PARange is smaller, but this is
90 		 * unlikely to be the case for LPA2 capable silicon.
91 		 */
92 		id_aa64mmfr0_override.val |=
93 			ID_AA64MMFR0_EL1_PARANGE_48 << ID_AA64MMFR0_EL1_PARANGE_SHIFT;
94 		id_aa64mmfr0_override.mask |= 0xfU << ID_AA64MMFR0_EL1_PARANGE_SHIFT;
95 	}
96 #endif
97 	return true;
98 }
99 
100 static const struct ftr_set_desc mmfr2 __prel64_initconst = {
101 	.name		= "id_aa64mmfr2",
102 	.override	= &id_aa64mmfr2_override,
103 	.fields		= {
104 		FIELD("varange", ID_AA64MMFR2_EL1_VARange_SHIFT, mmfr2_varange_filter),
105 		{}
106 	},
107 };
108 
109 static bool __init pfr0_sve_filter(u64 val)
110 {
111 	/*
112 	 * Disabling SVE also means disabling all the features that
113 	 * are associated with it. The easiest way to do it is just to
114 	 * override id_aa64zfr0_el1 to be 0.
115 	 */
116 	if (!val) {
117 		id_aa64zfr0_override.val = 0;
118 		id_aa64zfr0_override.mask = GENMASK(63, 0);
119 	}
120 
121 	return true;
122 }
123 
124 static const struct ftr_set_desc pfr0 __prel64_initconst = {
125 	.name		= "id_aa64pfr0",
126 	.override	= &id_aa64pfr0_override,
127 	.fields		= {
128 	        FIELD("sve", ID_AA64PFR0_EL1_SVE_SHIFT, pfr0_sve_filter),
129 		FIELD("el0", ID_AA64PFR0_EL1_EL0_SHIFT, NULL),
130 		{}
131 	},
132 };
133 
134 static bool __init pfr1_sme_filter(u64 val)
135 {
136 	/*
137 	 * Similarly to SVE, disabling SME also means disabling all
138 	 * the features that are associated with it. Just set
139 	 * id_aa64smfr0_el1 to 0 and don't look back.
140 	 */
141 	if (!val) {
142 		id_aa64smfr0_override.val = 0;
143 		id_aa64smfr0_override.mask = GENMASK(63, 0);
144 	}
145 
146 	return true;
147 }
148 
149 static const struct ftr_set_desc pfr1 __prel64_initconst = {
150 	.name		= "id_aa64pfr1",
151 	.override	= &id_aa64pfr1_override,
152 	.fields		= {
153 		FIELD("bt", ID_AA64PFR1_EL1_BT_SHIFT, NULL ),
154 		FIELD("gcs", ID_AA64PFR1_EL1_GCS_SHIFT, NULL),
155 		FIELD("mte", ID_AA64PFR1_EL1_MTE_SHIFT, NULL),
156 		FIELD("sme", ID_AA64PFR1_EL1_SME_SHIFT, pfr1_sme_filter),
157 		{}
158 	},
159 };
160 
161 static const struct ftr_set_desc isar1 __prel64_initconst = {
162 	.name		= "id_aa64isar1",
163 	.override	= &id_aa64isar1_override,
164 	.fields		= {
165 		FIELD("gpi", ID_AA64ISAR1_EL1_GPI_SHIFT, NULL),
166 		FIELD("gpa", ID_AA64ISAR1_EL1_GPA_SHIFT, NULL),
167 		FIELD("api", ID_AA64ISAR1_EL1_API_SHIFT, NULL),
168 		FIELD("apa", ID_AA64ISAR1_EL1_APA_SHIFT, NULL),
169 		{}
170 	},
171 };
172 
173 static const struct ftr_set_desc isar2 __prel64_initconst = {
174 	.name		= "id_aa64isar2",
175 	.override	= &id_aa64isar2_override,
176 	.fields		= {
177 		FIELD("gpa3", ID_AA64ISAR2_EL1_GPA3_SHIFT, NULL),
178 		FIELD("apa3", ID_AA64ISAR2_EL1_APA3_SHIFT, NULL),
179 		FIELD("mops", ID_AA64ISAR2_EL1_MOPS_SHIFT, NULL),
180 		{}
181 	},
182 };
183 
184 static const struct ftr_set_desc smfr0 __prel64_initconst = {
185 	.name		= "id_aa64smfr0",
186 	.override	= &id_aa64smfr0_override,
187 	.fields		= {
188 		FIELD("smever", ID_AA64SMFR0_EL1_SMEver_SHIFT, NULL),
189 		/* FA64 is a one bit field... :-/ */
190 		{ "fa64", ID_AA64SMFR0_EL1_FA64_SHIFT, 1, },
191 		{}
192 	},
193 };
194 
195 static bool __init hvhe_filter(u64 val)
196 {
197 	u64 mmfr1 = read_sysreg(id_aa64mmfr1_el1);
198 
199 	return (val == 1 &&
200 		lower_32_bits(__boot_status) == BOOT_CPU_MODE_EL2 &&
201 		cpuid_feature_extract_unsigned_field(mmfr1,
202 						     ID_AA64MMFR1_EL1_VH_SHIFT));
203 }
204 
205 static const struct ftr_set_desc sw_features __prel64_initconst = {
206 	.name		= "arm64_sw",
207 	.override	= &arm64_sw_feature_override,
208 	.fields		= {
209 		FIELD("nokaslr", ARM64_SW_FEATURE_OVERRIDE_NOKASLR, NULL),
210 		FIELD("hvhe", ARM64_SW_FEATURE_OVERRIDE_HVHE, hvhe_filter),
211 		FIELD("rodataoff", ARM64_SW_FEATURE_OVERRIDE_RODATA_OFF, NULL),
212 		{}
213 	},
214 };
215 
216 static const
217 PREL64(const struct ftr_set_desc, reg) regs[] __prel64_initconst = {
218 	{ &mmfr0	},
219 	{ &mmfr1	},
220 	{ &mmfr2	},
221 	{ &pfr0 	},
222 	{ &pfr1 	},
223 	{ &isar1	},
224 	{ &isar2	},
225 	{ &smfr0	},
226 	{ &sw_features	},
227 };
228 
229 static const struct {
230 	char	alias[FTR_ALIAS_NAME_LEN];
231 	char	feature[FTR_ALIAS_OPTION_LEN];
232 } aliases[] __initconst = {
233 	{ "kvm_arm.mode=nvhe",		"arm64_sw.hvhe=0 id_aa64mmfr1.vh=0" },
234 	{ "kvm_arm.mode=protected",	"arm64_sw.hvhe=1" },
235 	{ "arm64.nosve",		"id_aa64pfr0.sve=0" },
236 	{ "arm64.nosme",		"id_aa64pfr1.sme=0" },
237 	{ "arm64.nobti",		"id_aa64pfr1.bt=0" },
238 	{ "arm64.nogcs",		"id_aa64pfr1.gcs=0" },
239 	{ "arm64.nopauth",
240 	  "id_aa64isar1.gpi=0 id_aa64isar1.gpa=0 "
241 	  "id_aa64isar1.api=0 id_aa64isar1.apa=0 "
242 	  "id_aa64isar2.gpa3=0 id_aa64isar2.apa3=0"	   },
243 	{ "arm64.nomops",		"id_aa64isar2.mops=0" },
244 	{ "arm64.nomte",		"id_aa64pfr1.mte=0" },
245 	{ "nokaslr",			"arm64_sw.nokaslr=1" },
246 	{ "rodata=off",			"arm64_sw.rodataoff=1" },
247 	{ "arm64.nolva",		"id_aa64mmfr2.varange=0" },
248 	{ "arm64.no32bit_el0",		"id_aa64pfr0.el0=1" },
249 };
250 
251 static int __init parse_hexdigit(const char *p, u64 *v)
252 {
253 	// skip "0x" if it comes next
254 	if (p[0] == '0' && tolower(p[1]) == 'x')
255 		p += 2;
256 
257 	// check whether the RHS is a single hex digit
258 	if (!isxdigit(p[0]) || (p[1] && !isspace(p[1])))
259 		return -EINVAL;
260 
261 	*v = tolower(*p) - (isdigit(*p) ? '0' : 'a' - 10);
262 	return 0;
263 }
264 
265 static int __init find_field(const char *cmdline, char *opt, int len,
266 			     const struct ftr_set_desc *reg, int f, u64 *v)
267 {
268 	int flen = strlen(reg->fields[f].name);
269 
270 	// append '<fieldname>=' to obtain '<name>.<fieldname>='
271 	memcpy(opt + len, reg->fields[f].name, flen);
272 	len += flen;
273 	opt[len++] = '=';
274 
275 	if (memcmp(cmdline, opt, len))
276 		return -1;
277 
278 	return parse_hexdigit(cmdline + len, v);
279 }
280 
281 static void __init match_options(const char *cmdline)
282 {
283 	char opt[FTR_DESC_NAME_LEN + FTR_DESC_FIELD_LEN + 2];
284 	int i;
285 
286 	for (i = 0; i < ARRAY_SIZE(regs); i++) {
287 		const struct ftr_set_desc *reg = prel64_pointer(regs[i].reg);
288 		struct arm64_ftr_override *override;
289 		int len = strlen(reg->name);
290 		int f;
291 
292 		override = prel64_pointer(reg->override);
293 
294 		// set opt[] to '<name>.'
295 		memcpy(opt, reg->name, len);
296 		opt[len++] = '.';
297 
298 		for (f = 0; reg->fields[f].name[0] != '\0'; f++) {
299 			u64 shift = reg->fields[f].shift;
300 			u64 width = reg->fields[f].width ?: 4;
301 			u64 mask = GENMASK_ULL(shift + width - 1, shift);
302 			bool (*filter)(u64 val);
303 			u64 v;
304 
305 			if (find_field(cmdline, opt, len, reg, f, &v))
306 				continue;
307 
308 			/*
309 			 * If an override gets filtered out, advertise
310 			 * it by setting the value to the all-ones while
311 			 * clearing the mask... Yes, this is fragile.
312 			 */
313 			filter = prel64_pointer(reg->fields[f].filter);
314 			if (filter && !filter(v)) {
315 				override->val  |= mask;
316 				override->mask &= ~mask;
317 				continue;
318 			}
319 
320 			override->val  &= ~mask;
321 			override->val  |= (v << shift) & mask;
322 			override->mask |= mask;
323 
324 			return;
325 		}
326 	}
327 }
328 
329 static __init void __parse_cmdline(const char *cmdline, bool parse_aliases)
330 {
331 	do {
332 		char buf[256];
333 		size_t len;
334 		int i;
335 
336 		cmdline = skip_spaces(cmdline);
337 
338 		/* terminate on "--" appearing on the command line by itself */
339 		if (cmdline[0] == '-' && cmdline[1] == '-' && isspace(cmdline[2]))
340 			return;
341 
342 		for (len = 0; cmdline[len] && !isspace(cmdline[len]); len++) {
343 			if (len >= sizeof(buf) - 1)
344 				break;
345 			if (cmdline[len] == '-')
346 				buf[len] = '_';
347 			else
348 				buf[len] = cmdline[len];
349 		}
350 		if (!len)
351 			return;
352 
353 		buf[len] = 0;
354 
355 		cmdline += len;
356 
357 		match_options(buf);
358 
359 		for (i = 0; parse_aliases && i < ARRAY_SIZE(aliases); i++)
360 			if (!memcmp(buf, aliases[i].alias, len + 1))
361 				__parse_cmdline(aliases[i].feature, false);
362 	} while (1);
363 }
364 
365 static __init const u8 *get_bootargs_cmdline(const void *fdt, int node)
366 {
367 	static char const bootargs[] __initconst = "bootargs";
368 	const u8 *prop;
369 
370 	if (node < 0)
371 		return NULL;
372 
373 	prop = fdt_getprop(fdt, node, bootargs, NULL);
374 	if (!prop)
375 		return NULL;
376 
377 	return strlen(prop) ? prop : NULL;
378 }
379 
380 static __init void parse_cmdline(const void *fdt, int chosen)
381 {
382 	static char const cmdline[] __initconst = CONFIG_CMDLINE;
383 	const u8 *prop = get_bootargs_cmdline(fdt, chosen);
384 
385 	if (IS_ENABLED(CONFIG_CMDLINE_FORCE) || !prop)
386 		__parse_cmdline(cmdline, true);
387 
388 	if (!IS_ENABLED(CONFIG_CMDLINE_FORCE) && prop)
389 		__parse_cmdline(prop, true);
390 }
391 
392 void __init init_feature_override(u64 boot_status, const void *fdt,
393 				  int chosen)
394 {
395 	struct arm64_ftr_override *override;
396 	const struct ftr_set_desc *reg;
397 	int i;
398 
399 	for (i = 0; i < ARRAY_SIZE(regs); i++) {
400 		reg = prel64_pointer(regs[i].reg);
401 		override = prel64_pointer(reg->override);
402 
403 		override->val  = 0;
404 		override->mask = 0;
405 	}
406 
407 	__boot_status = boot_status;
408 
409 	parse_cmdline(fdt, chosen);
410 
411 	for (i = 0; i < ARRAY_SIZE(regs); i++) {
412 		reg = prel64_pointer(regs[i].reg);
413 		override = prel64_pointer(reg->override);
414 		dcache_clean_inval_poc((unsigned long)override,
415 				       (unsigned long)(override + 1));
416 	}
417 }
418 
419 char * __init skip_spaces(const char *str)
420 {
421 	while (isspace(*str))
422 		++str;
423 	return (char *)str;
424 }
425