xref: /linux/arch/arm64/kernel/pi/idreg-override.c (revision e78f70bad29c5ae1e1076698b690b15794e9b81e) 
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * Early cpufeature override framework
4  *
5  * Copyright (C) 2020 Google LLC
6  * Author: Marc Zyngier <maz@kernel.org>
7  */
8 
9 #include <linux/ctype.h>
10 #include <linux/kernel.h>
11 #include <linux/libfdt.h>
12 
13 #include <asm/cacheflush.h>
14 #include <asm/cpufeature.h>
15 #include <asm/setup.h>
16 
17 #include "pi.h"
18 
19 #define FTR_DESC_NAME_LEN	20
20 #define FTR_DESC_FIELD_LEN	10
21 #define FTR_ALIAS_NAME_LEN	30
22 #define FTR_ALIAS_OPTION_LEN	116
23 
24 static u64 __boot_status __initdata;
25 
26 typedef bool filter_t(u64 val);
27 
28 struct ftr_set_desc {
29 	char 				name[FTR_DESC_NAME_LEN];
30 	PREL64(struct arm64_ftr_override, override);
31 	struct {
32 		char			name[FTR_DESC_FIELD_LEN];
33 		u8			shift;
34 		u8			width;
35 		PREL64(filter_t,	filter);
36 	} 				fields[];
37 };
38 
39 #define FIELD(n, s, f)	{ .name = n, .shift = s, .width = 4, .filter = f }
40 
41 static const struct ftr_set_desc mmfr0 __prel64_initconst = {
42 	.name		= "id_aa64mmfr0",
43 	.override	= &id_aa64mmfr0_override,
44 	.fields		= {
45 		FIELD("ecv", ID_AA64MMFR0_EL1_ECV_SHIFT, NULL),
46 		{}
47 	},
48 };
49 
50 static bool __init mmfr1_vh_filter(u64 val)
51 {
52 	/*
53 	 * If we ever reach this point while running VHE, we're
54 	 * guaranteed to be on one of these funky, VHE-stuck CPUs. If
55 	 * the user was trying to force nVHE on us, proceed with
56 	 * attitude adjustment.
57 	 */
58 	return !(__boot_status == (BOOT_CPU_FLAG_E2H | BOOT_CPU_MODE_EL2) &&
59 		 val == 0);
60 }
61 
62 static const struct ftr_set_desc mmfr1 __prel64_initconst = {
63 	.name		= "id_aa64mmfr1",
64 	.override	= &id_aa64mmfr1_override,
65 	.fields		= {
66 		FIELD("vh", ID_AA64MMFR1_EL1_VH_SHIFT, mmfr1_vh_filter),
67 		{}
68 	},
69 };
70 
71 
72 static bool __init mmfr2_varange_filter(u64 val)
73 {
74 	int __maybe_unused feat;
75 
76 	if (val)
77 		return false;
78 
79 #ifdef CONFIG_ARM64_LPA2
80 	feat = cpuid_feature_extract_signed_field(read_sysreg(id_aa64mmfr0_el1),
81 						  ID_AA64MMFR0_EL1_TGRAN_SHIFT);
82 	if (feat >= ID_AA64MMFR0_EL1_TGRAN_LPA2) {
83 		id_aa64mmfr0_override.val |=
84 			(ID_AA64MMFR0_EL1_TGRAN_LPA2 - 1) << ID_AA64MMFR0_EL1_TGRAN_SHIFT;
85 		id_aa64mmfr0_override.mask |= 0xfU << ID_AA64MMFR0_EL1_TGRAN_SHIFT;
86 
87 		/*
88 		 * Override PARange to 48 bits - the override will just be
89 		 * ignored if the actual PARange is smaller, but this is
90 		 * unlikely to be the case for LPA2 capable silicon.
91 		 */
92 		id_aa64mmfr0_override.val |=
93 			ID_AA64MMFR0_EL1_PARANGE_48 << ID_AA64MMFR0_EL1_PARANGE_SHIFT;
94 		id_aa64mmfr0_override.mask |= 0xfU << ID_AA64MMFR0_EL1_PARANGE_SHIFT;
95 	}
96 #endif
97 	return true;
98 }
99 
100 static const struct ftr_set_desc mmfr2 __prel64_initconst = {
101 	.name		= "id_aa64mmfr2",
102 	.override	= &id_aa64mmfr2_override,
103 	.fields		= {
104 		FIELD("varange", ID_AA64MMFR2_EL1_VARange_SHIFT, mmfr2_varange_filter),
105 		{}
106 	},
107 };
108 
109 static bool __init pfr0_sve_filter(u64 val)
110 {
111 	/*
112 	 * Disabling SVE also means disabling all the features that
113 	 * are associated with it. The easiest way to do it is just to
114 	 * override id_aa64zfr0_el1 to be 0.
115 	 */
116 	if (!val) {
117 		id_aa64zfr0_override.val = 0;
118 		id_aa64zfr0_override.mask = GENMASK(63, 0);
119 	}
120 
121 	return true;
122 }
123 
124 static const struct ftr_set_desc pfr0 __prel64_initconst = {
125 	.name		= "id_aa64pfr0",
126 	.override	= &id_aa64pfr0_override,
127 	.fields		= {
128 	        FIELD("sve", ID_AA64PFR0_EL1_SVE_SHIFT, pfr0_sve_filter),
129 		FIELD("el0", ID_AA64PFR0_EL1_EL0_SHIFT, NULL),
130 		FIELD("mpam", ID_AA64PFR0_EL1_MPAM_SHIFT, NULL),
131 		{}
132 	},
133 };
134 
135 static bool __init pfr1_sme_filter(u64 val)
136 {
137 	/*
138 	 * Similarly to SVE, disabling SME also means disabling all
139 	 * the features that are associated with it. Just set
140 	 * id_aa64smfr0_el1 to 0 and don't look back.
141 	 */
142 	if (!val) {
143 		id_aa64smfr0_override.val = 0;
144 		id_aa64smfr0_override.mask = GENMASK(63, 0);
145 	}
146 
147 	return true;
148 }
149 
150 static const struct ftr_set_desc pfr1 __prel64_initconst = {
151 	.name		= "id_aa64pfr1",
152 	.override	= &id_aa64pfr1_override,
153 	.fields		= {
154 		FIELD("bt", ID_AA64PFR1_EL1_BT_SHIFT, NULL ),
155 		FIELD("gcs", ID_AA64PFR1_EL1_GCS_SHIFT, NULL),
156 		FIELD("mte", ID_AA64PFR1_EL1_MTE_SHIFT, NULL),
157 		FIELD("sme", ID_AA64PFR1_EL1_SME_SHIFT, pfr1_sme_filter),
158 		FIELD("mpam_frac", ID_AA64PFR1_EL1_MPAM_frac_SHIFT, NULL),
159 		{}
160 	},
161 };
162 
163 static const struct ftr_set_desc isar1 __prel64_initconst = {
164 	.name		= "id_aa64isar1",
165 	.override	= &id_aa64isar1_override,
166 	.fields		= {
167 		FIELD("gpi", ID_AA64ISAR1_EL1_GPI_SHIFT, NULL),
168 		FIELD("gpa", ID_AA64ISAR1_EL1_GPA_SHIFT, NULL),
169 		FIELD("api", ID_AA64ISAR1_EL1_API_SHIFT, NULL),
170 		FIELD("apa", ID_AA64ISAR1_EL1_APA_SHIFT, NULL),
171 		{}
172 	},
173 };
174 
175 static const struct ftr_set_desc isar2 __prel64_initconst = {
176 	.name		= "id_aa64isar2",
177 	.override	= &id_aa64isar2_override,
178 	.fields		= {
179 		FIELD("gpa3", ID_AA64ISAR2_EL1_GPA3_SHIFT, NULL),
180 		FIELD("apa3", ID_AA64ISAR2_EL1_APA3_SHIFT, NULL),
181 		FIELD("mops", ID_AA64ISAR2_EL1_MOPS_SHIFT, NULL),
182 		{}
183 	},
184 };
185 
186 static const struct ftr_set_desc smfr0 __prel64_initconst = {
187 	.name		= "id_aa64smfr0",
188 	.override	= &id_aa64smfr0_override,
189 	.fields		= {
190 		FIELD("smever", ID_AA64SMFR0_EL1_SMEver_SHIFT, NULL),
191 		/* FA64 is a one bit field... :-/ */
192 		{ "fa64", ID_AA64SMFR0_EL1_FA64_SHIFT, 1, },
193 		{}
194 	},
195 };
196 
197 static bool __init hvhe_filter(u64 val)
198 {
199 	u64 mmfr1 = read_sysreg(id_aa64mmfr1_el1);
200 
201 	return (val == 1 &&
202 		lower_32_bits(__boot_status) == BOOT_CPU_MODE_EL2 &&
203 		cpuid_feature_extract_unsigned_field(mmfr1,
204 						     ID_AA64MMFR1_EL1_VH_SHIFT));
205 }
206 
207 static const struct ftr_set_desc sw_features __prel64_initconst = {
208 	.name		= "arm64_sw",
209 	.override	= &arm64_sw_feature_override,
210 	.fields		= {
211 		FIELD("nokaslr", ARM64_SW_FEATURE_OVERRIDE_NOKASLR, NULL),
212 		FIELD("hvhe", ARM64_SW_FEATURE_OVERRIDE_HVHE, hvhe_filter),
213 		FIELD("rodataoff", ARM64_SW_FEATURE_OVERRIDE_RODATA_OFF, NULL),
214 		{}
215 	},
216 };
217 
218 static const
219 PREL64(const struct ftr_set_desc, reg) regs[] __prel64_initconst = {
220 	{ &mmfr0	},
221 	{ &mmfr1	},
222 	{ &mmfr2	},
223 	{ &pfr0 	},
224 	{ &pfr1 	},
225 	{ &isar1	},
226 	{ &isar2	},
227 	{ &smfr0	},
228 	{ &sw_features	},
229 };
230 
231 static const struct {
232 	char	alias[FTR_ALIAS_NAME_LEN];
233 	char	feature[FTR_ALIAS_OPTION_LEN];
234 } aliases[] __initconst = {
235 	{ "kvm_arm.mode=nvhe",		"arm64_sw.hvhe=0 id_aa64mmfr1.vh=0" },
236 	{ "kvm_arm.mode=protected",	"arm64_sw.hvhe=1" },
237 	{ "arm64.nosve",		"id_aa64pfr0.sve=0" },
238 	{ "arm64.nosme",		"id_aa64pfr1.sme=0" },
239 	{ "arm64.nobti",		"id_aa64pfr1.bt=0" },
240 	{ "arm64.nogcs",		"id_aa64pfr1.gcs=0" },
241 	{ "arm64.nopauth",
242 	  "id_aa64isar1.gpi=0 id_aa64isar1.gpa=0 "
243 	  "id_aa64isar1.api=0 id_aa64isar1.apa=0 "
244 	  "id_aa64isar2.gpa3=0 id_aa64isar2.apa3=0"	   },
245 	{ "arm64.nomops",		"id_aa64isar2.mops=0" },
246 	{ "arm64.nomte",		"id_aa64pfr1.mte=0" },
247 	{ "nokaslr",			"arm64_sw.nokaslr=1" },
248 	{ "rodata=off",			"arm64_sw.rodataoff=1" },
249 	{ "arm64.nolva",		"id_aa64mmfr2.varange=0" },
250 	{ "arm64.no32bit_el0",		"id_aa64pfr0.el0=1" },
251 	{ "arm64.nompam",		"id_aa64pfr0.mpam=0 id_aa64pfr1.mpam_frac=0" },
252 };
253 
254 static int __init parse_hexdigit(const char *p, u64 *v)
255 {
256 	// skip "0x" if it comes next
257 	if (p[0] == '0' && tolower(p[1]) == 'x')
258 		p += 2;
259 
260 	// check whether the RHS is a single hex digit
261 	if (!isxdigit(p[0]) || (p[1] && !isspace(p[1])))
262 		return -EINVAL;
263 
264 	*v = tolower(*p) - (isdigit(*p) ? '0' : 'a' - 10);
265 	return 0;
266 }
267 
268 static int __init find_field(const char *cmdline, char *opt, int len,
269 			     const struct ftr_set_desc *reg, int f, u64 *v)
270 {
271 	int flen = strlen(reg->fields[f].name);
272 
273 	// append '<fieldname>=' to obtain '<name>.<fieldname>='
274 	memcpy(opt + len, reg->fields[f].name, flen);
275 	len += flen;
276 	opt[len++] = '=';
277 
278 	if (memcmp(cmdline, opt, len))
279 		return -1;
280 
281 	return parse_hexdigit(cmdline + len, v);
282 }
283 
284 static void __init match_options(const char *cmdline)
285 {
286 	char opt[FTR_DESC_NAME_LEN + FTR_DESC_FIELD_LEN + 2];
287 	int i;
288 
289 	for (i = 0; i < ARRAY_SIZE(regs); i++) {
290 		const struct ftr_set_desc *reg = prel64_pointer(regs[i].reg);
291 		struct arm64_ftr_override *override;
292 		int len = strlen(reg->name);
293 		int f;
294 
295 		override = prel64_pointer(reg->override);
296 
297 		// set opt[] to '<name>.'
298 		memcpy(opt, reg->name, len);
299 		opt[len++] = '.';
300 
301 		for (f = 0; reg->fields[f].name[0] != '\0'; f++) {
302 			u64 shift = reg->fields[f].shift;
303 			u64 width = reg->fields[f].width ?: 4;
304 			u64 mask = GENMASK_ULL(shift + width - 1, shift);
305 			bool (*filter)(u64 val);
306 			u64 v;
307 
308 			if (find_field(cmdline, opt, len, reg, f, &v))
309 				continue;
310 
311 			/*
312 			 * If an override gets filtered out, advertise
313 			 * it by setting the value to the all-ones while
314 			 * clearing the mask... Yes, this is fragile.
315 			 */
316 			filter = prel64_pointer(reg->fields[f].filter);
317 			if (filter && !filter(v)) {
318 				override->val  |= mask;
319 				override->mask &= ~mask;
320 				continue;
321 			}
322 
323 			override->val  &= ~mask;
324 			override->val  |= (v << shift) & mask;
325 			override->mask |= mask;
326 
327 			return;
328 		}
329 	}
330 }
331 
332 static __init void __parse_cmdline(const char *cmdline, bool parse_aliases)
333 {
334 	do {
335 		char buf[256];
336 		size_t len;
337 		int i;
338 
339 		cmdline = skip_spaces(cmdline);
340 
341 		/* terminate on "--" appearing on the command line by itself */
342 		if (cmdline[0] == '-' && cmdline[1] == '-' && isspace(cmdline[2]))
343 			return;
344 
345 		for (len = 0; cmdline[len] && !isspace(cmdline[len]); len++) {
346 			if (len >= sizeof(buf) - 1)
347 				break;
348 			if (cmdline[len] == '-')
349 				buf[len] = '_';
350 			else
351 				buf[len] = cmdline[len];
352 		}
353 		if (!len)
354 			return;
355 
356 		buf[len] = 0;
357 
358 		cmdline += len;
359 
360 		match_options(buf);
361 
362 		for (i = 0; parse_aliases && i < ARRAY_SIZE(aliases); i++)
363 			if (!memcmp(buf, aliases[i].alias, len + 1))
364 				__parse_cmdline(aliases[i].feature, false);
365 	} while (1);
366 }
367 
368 static __init const u8 *get_bootargs_cmdline(const void *fdt, int node)
369 {
370 	static char const bootargs[] __initconst = "bootargs";
371 	const u8 *prop;
372 
373 	if (node < 0)
374 		return NULL;
375 
376 	prop = fdt_getprop(fdt, node, bootargs, NULL);
377 	if (!prop)
378 		return NULL;
379 
380 	return strlen(prop) ? prop : NULL;
381 }
382 
383 static __init void parse_cmdline(const void *fdt, int chosen)
384 {
385 	static char const cmdline[] __initconst = CONFIG_CMDLINE;
386 	const u8 *prop = get_bootargs_cmdline(fdt, chosen);
387 
388 	if (IS_ENABLED(CONFIG_CMDLINE_FORCE) || !prop)
389 		__parse_cmdline(cmdline, true);
390 
391 	if (!IS_ENABLED(CONFIG_CMDLINE_FORCE) && prop)
392 		__parse_cmdline(prop, true);
393 }
394 
395 void __init init_feature_override(u64 boot_status, const void *fdt,
396 				  int chosen)
397 {
398 	struct arm64_ftr_override *override;
399 	const struct ftr_set_desc *reg;
400 	int i;
401 
402 	for (i = 0; i < ARRAY_SIZE(regs); i++) {
403 		reg = prel64_pointer(regs[i].reg);
404 		override = prel64_pointer(reg->override);
405 
406 		override->val  = 0;
407 		override->mask = 0;
408 	}
409 
410 	__boot_status = boot_status;
411 
412 	parse_cmdline(fdt, chosen);
413 
414 	for (i = 0; i < ARRAY_SIZE(regs); i++) {
415 		reg = prel64_pointer(regs[i].reg);
416 		override = prel64_pointer(reg->override);
417 		dcache_clean_inval_poc((unsigned long)override,
418 				       (unsigned long)(override + 1));
419 	}
420 }
421 
422 char * __init skip_spaces(const char *str)
423 {
424 	while (isspace(*str))
425 		++str;
426 	return (char *)str;
427 }
428