1 /* SPDX-License-Identifier: GPL-2.0-only */
2 /*
3 * Copyright (C) 2014 Linaro Ltd. <ard.biesheuvel@linaro.org>
4 */
5
6 #ifndef __ASM_CPUFEATURE_H
7 #define __ASM_CPUFEATURE_H
8
9 #include <asm/alternative-macros.h>
10 #include <asm/cpucaps.h>
11 #include <asm/cputype.h>
12 #include <asm/hwcap.h>
13 #include <asm/sysreg.h>
14
15 #define MAX_CPU_FEATURES 128
16 #define cpu_feature(x) KERNEL_HWCAP_ ## x
17
18 #define ARM64_SW_FEATURE_OVERRIDE_NOKASLR 0
19 #define ARM64_SW_FEATURE_OVERRIDE_HVHE 4
20
21 #ifndef __ASSEMBLY__
22
23 #include <linux/bug.h>
24 #include <linux/jump_label.h>
25 #include <linux/kernel.h>
26
27 /*
28 * CPU feature register tracking
29 *
30 * The safe value of a CPUID feature field is dependent on the implications
31 * of the values assigned to it by the architecture. Based on the relationship
32 * between the values, the features are classified into 3 types - LOWER_SAFE,
33 * HIGHER_SAFE and EXACT.
34 *
35 * The lowest value of all the CPUs is chosen for LOWER_SAFE and highest
36 * for HIGHER_SAFE. It is expected that all CPUs have the same value for
37 * a field when EXACT is specified, failing which, the safe value specified
38 * in the table is chosen.
39 */
40
41 enum ftr_type {
42 FTR_EXACT, /* Use a predefined safe value */
43 FTR_LOWER_SAFE, /* Smaller value is safe */
44 FTR_HIGHER_SAFE, /* Bigger value is safe */
45 FTR_HIGHER_OR_ZERO_SAFE, /* Bigger value is safe, but 0 is biggest */
46 };
47
48 #define FTR_STRICT true /* SANITY check strict matching required */
49 #define FTR_NONSTRICT false /* SANITY check ignored */
50
51 #define FTR_SIGNED true /* Value should be treated as signed */
52 #define FTR_UNSIGNED false /* Value should be treated as unsigned */
53
54 #define FTR_VISIBLE true /* Feature visible to the user space */
55 #define FTR_HIDDEN false /* Feature is hidden from the user */
56
57 #define FTR_VISIBLE_IF_IS_ENABLED(config) \
58 (IS_ENABLED(config) ? FTR_VISIBLE : FTR_HIDDEN)
59
60 struct arm64_ftr_bits {
61 bool sign; /* Value is signed ? */
62 bool visible;
63 bool strict; /* CPU Sanity check: strict matching required ? */
64 enum ftr_type type;
65 u8 shift;
66 u8 width;
67 s64 safe_val; /* safe value for FTR_EXACT features */
68 };
69
70 /*
71 * Describe the early feature override to the core override code:
72 *
73 * @val Values that are to be merged into the final
74 * sanitised value of the register. Only the bitfields
75 * set to 1 in @mask are valid
76 * @mask Mask of the features that are overridden by @val
77 *
78 * A @mask field set to full-1 indicates that the corresponding field
79 * in @val is a valid override.
80 *
81 * A @mask field set to full-0 with the corresponding @val field set
82 * to full-0 denotes that this field has no override
83 *
84 * A @mask field set to full-0 with the corresponding @val field set
85 * to full-1 denotes thath this field has an invalid override.
86 */
87 struct arm64_ftr_override {
88 u64 val;
89 u64 mask;
90 };
91
92 /*
93 * @arm64_ftr_reg - Feature register
94 * @strict_mask Bits which should match across all CPUs for sanity.
95 * @sys_val Safe value across the CPUs (system view)
96 */
97 struct arm64_ftr_reg {
98 const char *name;
99 u64 strict_mask;
100 u64 user_mask;
101 u64 sys_val;
102 u64 user_val;
103 struct arm64_ftr_override *override;
104 const struct arm64_ftr_bits *ftr_bits;
105 };
106
107 extern struct arm64_ftr_reg arm64_ftr_reg_ctrel0;
108
109 /*
110 * CPU capabilities:
111 *
112 * We use arm64_cpu_capabilities to represent system features, errata work
113 * arounds (both used internally by kernel and tracked in system_cpucaps) and
114 * ELF HWCAPs (which are exposed to user).
115 *
116 * To support systems with heterogeneous CPUs, we need to make sure that we
117 * detect the capabilities correctly on the system and take appropriate
118 * measures to ensure there are no incompatibilities.
119 *
120 * This comment tries to explain how we treat the capabilities.
121 * Each capability has the following list of attributes :
122 *
123 * 1) Scope of Detection : The system detects a given capability by
124 * performing some checks at runtime. This could be, e.g, checking the
125 * value of a field in CPU ID feature register or checking the cpu
126 * model. The capability provides a call back ( @matches() ) to
127 * perform the check. Scope defines how the checks should be performed.
128 * There are three cases:
129 *
130 * a) SCOPE_LOCAL_CPU: check all the CPUs and "detect" if at least one
131 * matches. This implies, we have to run the check on all the
132 * booting CPUs, until the system decides that state of the
133 * capability is finalised. (See section 2 below)
134 * Or
135 * b) SCOPE_SYSTEM: check all the CPUs and "detect" if all the CPUs
136 * matches. This implies, we run the check only once, when the
137 * system decides to finalise the state of the capability. If the
138 * capability relies on a field in one of the CPU ID feature
139 * registers, we use the sanitised value of the register from the
140 * CPU feature infrastructure to make the decision.
141 * Or
142 * c) SCOPE_BOOT_CPU: Check only on the primary boot CPU to detect the
143 * feature. This category is for features that are "finalised"
144 * (or used) by the kernel very early even before the SMP cpus
145 * are brought up.
146 *
147 * The process of detection is usually denoted by "update" capability
148 * state in the code.
149 *
150 * 2) Finalise the state : The kernel should finalise the state of a
151 * capability at some point during its execution and take necessary
152 * actions if any. Usually, this is done, after all the boot-time
153 * enabled CPUs are brought up by the kernel, so that it can make
154 * better decision based on the available set of CPUs. However, there
155 * are some special cases, where the action is taken during the early
156 * boot by the primary boot CPU. (e.g, running the kernel at EL2 with
157 * Virtualisation Host Extensions). The kernel usually disallows any
158 * changes to the state of a capability once it finalises the capability
159 * and takes any action, as it may be impossible to execute the actions
160 * safely. A CPU brought up after a capability is "finalised" is
161 * referred to as "Late CPU" w.r.t the capability. e.g, all secondary
162 * CPUs are treated "late CPUs" for capabilities determined by the boot
163 * CPU.
164 *
165 * At the moment there are two passes of finalising the capabilities.
166 * a) Boot CPU scope capabilities - Finalised by primary boot CPU via
167 * setup_boot_cpu_capabilities().
168 * b) Everything except (a) - Run via setup_system_capabilities().
169 *
170 * 3) Verification: When a CPU is brought online (e.g, by user or by the
171 * kernel), the kernel should make sure that it is safe to use the CPU,
172 * by verifying that the CPU is compliant with the state of the
173 * capabilities finalised already. This happens via :
174 *
175 * secondary_start_kernel()-> check_local_cpu_capabilities()
176 *
177 * As explained in (2) above, capabilities could be finalised at
178 * different points in the execution. Each newly booted CPU is verified
179 * against the capabilities that have been finalised by the time it
180 * boots.
181 *
182 * a) SCOPE_BOOT_CPU : All CPUs are verified against the capability
183 * except for the primary boot CPU.
184 *
185 * b) SCOPE_LOCAL_CPU, SCOPE_SYSTEM: All CPUs hotplugged on by the
186 * user after the kernel boot are verified against the capability.
187 *
188 * If there is a conflict, the kernel takes an action, based on the
189 * severity (e.g, a CPU could be prevented from booting or cause a
190 * kernel panic). The CPU is allowed to "affect" the state of the
191 * capability, if it has not been finalised already. See section 5
192 * for more details on conflicts.
193 *
194 * 4) Action: As mentioned in (2), the kernel can take an action for each
195 * detected capability, on all CPUs on the system. Appropriate actions
196 * include, turning on an architectural feature, modifying the control
197 * registers (e.g, SCTLR, TCR etc.) or patching the kernel via
198 * alternatives. The kernel patching is batched and performed at later
199 * point. The actions are always initiated only after the capability
200 * is finalised. This is usally denoted by "enabling" the capability.
201 * The actions are initiated as follows :
202 * a) Action is triggered on all online CPUs, after the capability is
203 * finalised, invoked within the stop_machine() context from
204 * enable_cpu_capabilitie().
205 *
206 * b) Any late CPU, brought up after (1), the action is triggered via:
207 *
208 * check_local_cpu_capabilities() -> verify_local_cpu_capabilities()
209 *
210 * 5) Conflicts: Based on the state of the capability on a late CPU vs.
211 * the system state, we could have the following combinations :
212 *
213 * x-----------------------------x
214 * | Type | System | Late CPU |
215 * |-----------------------------|
216 * | a | y | n |
217 * |-----------------------------|
218 * | b | n | y |
219 * x-----------------------------x
220 *
221 * Two separate flag bits are defined to indicate whether each kind of
222 * conflict can be allowed:
223 * ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU - Case(a) is allowed
224 * ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU - Case(b) is allowed
225 *
226 * Case (a) is not permitted for a capability that the system requires
227 * all CPUs to have in order for the capability to be enabled. This is
228 * typical for capabilities that represent enhanced functionality.
229 *
230 * Case (b) is not permitted for a capability that must be enabled
231 * during boot if any CPU in the system requires it in order to run
232 * safely. This is typical for erratum work arounds that cannot be
233 * enabled after the corresponding capability is finalised.
234 *
235 * In some non-typical cases either both (a) and (b), or neither,
236 * should be permitted. This can be described by including neither
237 * or both flags in the capability's type field.
238 *
239 * In case of a conflict, the CPU is prevented from booting. If the
240 * ARM64_CPUCAP_PANIC_ON_CONFLICT flag is specified for the capability,
241 * then a kernel panic is triggered.
242 */
243
244
245 /*
246 * Decide how the capability is detected.
247 * On any local CPU vs System wide vs the primary boot CPU
248 */
249 #define ARM64_CPUCAP_SCOPE_LOCAL_CPU ((u16)BIT(0))
250 #define ARM64_CPUCAP_SCOPE_SYSTEM ((u16)BIT(1))
251 /*
252 * The capabilitiy is detected on the Boot CPU and is used by kernel
253 * during early boot. i.e, the capability should be "detected" and
254 * "enabled" as early as possibly on all booting CPUs.
255 */
256 #define ARM64_CPUCAP_SCOPE_BOOT_CPU ((u16)BIT(2))
257 #define ARM64_CPUCAP_SCOPE_MASK \
258 (ARM64_CPUCAP_SCOPE_SYSTEM | \
259 ARM64_CPUCAP_SCOPE_LOCAL_CPU | \
260 ARM64_CPUCAP_SCOPE_BOOT_CPU)
261
262 #define SCOPE_SYSTEM ARM64_CPUCAP_SCOPE_SYSTEM
263 #define SCOPE_LOCAL_CPU ARM64_CPUCAP_SCOPE_LOCAL_CPU
264 #define SCOPE_BOOT_CPU ARM64_CPUCAP_SCOPE_BOOT_CPU
265 #define SCOPE_ALL ARM64_CPUCAP_SCOPE_MASK
266
267 /*
268 * Is it permitted for a late CPU to have this capability when system
269 * hasn't already enabled it ?
270 */
271 #define ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU ((u16)BIT(4))
272 /* Is it safe for a late CPU to miss this capability when system has it */
273 #define ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU ((u16)BIT(5))
274 /* Panic when a conflict is detected */
275 #define ARM64_CPUCAP_PANIC_ON_CONFLICT ((u16)BIT(6))
276
277 /*
278 * CPU errata workarounds that need to be enabled at boot time if one or
279 * more CPUs in the system requires it. When one of these capabilities
280 * has been enabled, it is safe to allow any CPU to boot that doesn't
281 * require the workaround. However, it is not safe if a "late" CPU
282 * requires a workaround and the system hasn't enabled it already.
283 */
284 #define ARM64_CPUCAP_LOCAL_CPU_ERRATUM \
285 (ARM64_CPUCAP_SCOPE_LOCAL_CPU | ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU)
286 /*
287 * CPU feature detected at boot time based on system-wide value of a
288 * feature. It is safe for a late CPU to have this feature even though
289 * the system hasn't enabled it, although the feature will not be used
290 * by Linux in this case. If the system has enabled this feature already,
291 * then every late CPU must have it.
292 */
293 #define ARM64_CPUCAP_SYSTEM_FEATURE \
294 (ARM64_CPUCAP_SCOPE_SYSTEM | ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU)
295 /*
296 * CPU feature detected at boot time based on feature of one or more CPUs.
297 * All possible conflicts for a late CPU are ignored.
298 * NOTE: this means that a late CPU with the feature will *not* cause the
299 * capability to be advertised by cpus_have_*cap()!
300 */
301 #define ARM64_CPUCAP_WEAK_LOCAL_CPU_FEATURE \
302 (ARM64_CPUCAP_SCOPE_LOCAL_CPU | \
303 ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU | \
304 ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU)
305
306 /*
307 * CPU feature detected at boot time, on one or more CPUs. A late CPU
308 * is not allowed to have the capability when the system doesn't have it.
309 * It is Ok for a late CPU to miss the feature.
310 */
311 #define ARM64_CPUCAP_BOOT_RESTRICTED_CPU_LOCAL_FEATURE \
312 (ARM64_CPUCAP_SCOPE_LOCAL_CPU | \
313 ARM64_CPUCAP_OPTIONAL_FOR_LATE_CPU)
314
315 /*
316 * CPU feature used early in the boot based on the boot CPU. All secondary
317 * CPUs must match the state of the capability as detected by the boot CPU. In
318 * case of a conflict, a kernel panic is triggered.
319 */
320 #define ARM64_CPUCAP_STRICT_BOOT_CPU_FEATURE \
321 (ARM64_CPUCAP_SCOPE_BOOT_CPU | ARM64_CPUCAP_PANIC_ON_CONFLICT)
322
323 /*
324 * CPU feature used early in the boot based on the boot CPU. It is safe for a
325 * late CPU to have this feature even though the boot CPU hasn't enabled it,
326 * although the feature will not be used by Linux in this case. If the boot CPU
327 * has enabled this feature already, then every late CPU must have it.
328 */
329 #define ARM64_CPUCAP_BOOT_CPU_FEATURE \
330 (ARM64_CPUCAP_SCOPE_BOOT_CPU | ARM64_CPUCAP_PERMITTED_FOR_LATE_CPU)
331
332 struct arm64_cpu_capabilities {
333 const char *desc;
334 u16 capability;
335 u16 type;
336 bool (*matches)(const struct arm64_cpu_capabilities *caps, int scope);
337 /*
338 * Take the appropriate actions to configure this capability
339 * for this CPU. If the capability is detected by the kernel
340 * this will be called on all the CPUs in the system,
341 * including the hotplugged CPUs, regardless of whether the
342 * capability is available on that specific CPU. This is
343 * useful for some capabilities (e.g, working around CPU
344 * errata), where all the CPUs must take some action (e.g,
345 * changing system control/configuration). Thus, if an action
346 * is required only if the CPU has the capability, then the
347 * routine must check it before taking any action.
348 */
349 void (*cpu_enable)(const struct arm64_cpu_capabilities *cap);
350 union {
351 struct { /* To be used for erratum handling only */
352 struct midr_range midr_range;
353 const struct arm64_midr_revidr {
354 u32 midr_rv; /* revision/variant */
355 u32 revidr_mask;
356 } * const fixed_revs;
357 };
358
359 const struct midr_range *midr_range_list;
360 struct { /* Feature register checking */
361 u32 sys_reg;
362 u8 field_pos;
363 u8 field_width;
364 u8 min_field_value;
365 u8 hwcap_type;
366 bool sign;
367 unsigned long hwcap;
368 };
369 };
370
371 /*
372 * An optional list of "matches/cpu_enable" pair for the same
373 * "capability" of the same "type" as described by the parent.
374 * Only matches(), cpu_enable() and fields relevant to these
375 * methods are significant in the list. The cpu_enable is
376 * invoked only if the corresponding entry "matches()".
377 * However, if a cpu_enable() method is associated
378 * with multiple matches(), care should be taken that either
379 * the match criteria are mutually exclusive, or that the
380 * method is robust against being called multiple times.
381 */
382 const struct arm64_cpu_capabilities *match_list;
383 };
384
cpucap_default_scope(const struct arm64_cpu_capabilities * cap)385 static inline int cpucap_default_scope(const struct arm64_cpu_capabilities *cap)
386 {
387 return cap->type & ARM64_CPUCAP_SCOPE_MASK;
388 }
389
390 /*
391 * Generic helper for handling capabilities with multiple (match,enable) pairs
392 * of call backs, sharing the same capability bit.
393 * Iterate over each entry to see if at least one matches.
394 */
395 static inline bool
cpucap_multi_entry_cap_matches(const struct arm64_cpu_capabilities * entry,int scope)396 cpucap_multi_entry_cap_matches(const struct arm64_cpu_capabilities *entry,
397 int scope)
398 {
399 const struct arm64_cpu_capabilities *caps;
400
401 for (caps = entry->match_list; caps->matches; caps++)
402 if (caps->matches(caps, scope))
403 return true;
404
405 return false;
406 }
407
is_vhe_hyp_code(void)408 static __always_inline bool is_vhe_hyp_code(void)
409 {
410 /* Only defined for code run in VHE hyp context */
411 return __is_defined(__KVM_VHE_HYPERVISOR__);
412 }
413
is_nvhe_hyp_code(void)414 static __always_inline bool is_nvhe_hyp_code(void)
415 {
416 /* Only defined for code run in NVHE hyp context */
417 return __is_defined(__KVM_NVHE_HYPERVISOR__);
418 }
419
is_hyp_code(void)420 static __always_inline bool is_hyp_code(void)
421 {
422 return is_vhe_hyp_code() || is_nvhe_hyp_code();
423 }
424
425 extern DECLARE_BITMAP(system_cpucaps, ARM64_NCAPS);
426
427 extern DECLARE_BITMAP(boot_cpucaps, ARM64_NCAPS);
428
429 #define for_each_available_cap(cap) \
430 for_each_set_bit(cap, system_cpucaps, ARM64_NCAPS)
431
432 bool this_cpu_has_cap(unsigned int cap);
433 void cpu_set_feature(unsigned int num);
434 bool cpu_have_feature(unsigned int num);
435 unsigned long cpu_get_elf_hwcap(void);
436 unsigned long cpu_get_elf_hwcap2(void);
437
438 #define cpu_set_named_feature(name) cpu_set_feature(cpu_feature(name))
439 #define cpu_have_named_feature(name) cpu_have_feature(cpu_feature(name))
440
system_capabilities_finalized(void)441 static __always_inline bool system_capabilities_finalized(void)
442 {
443 return alternative_has_cap_likely(ARM64_ALWAYS_SYSTEM);
444 }
445
446 /*
447 * Test for a capability with a runtime check.
448 *
449 * Before the capability is detected, this returns false.
450 */
cpus_have_cap(unsigned int num)451 static __always_inline bool cpus_have_cap(unsigned int num)
452 {
453 if (num >= ARM64_NCAPS)
454 return false;
455 return arch_test_bit(num, system_cpucaps);
456 }
457
458 /*
459 * Test for a capability without a runtime check.
460 *
461 * Before capabilities are finalized, this returns false.
462 * After capabilities are finalized, this is patched to avoid a runtime check.
463 *
464 * @num must be a compile-time constant.
465 */
__cpus_have_const_cap(int num)466 static __always_inline bool __cpus_have_const_cap(int num)
467 {
468 if (num >= ARM64_NCAPS)
469 return false;
470 return alternative_has_cap_unlikely(num);
471 }
472
473 /*
474 * Test for a capability without a runtime check.
475 *
476 * Before capabilities are finalized, this will BUG().
477 * After capabilities are finalized, this is patched to avoid a runtime check.
478 *
479 * @num must be a compile-time constant.
480 */
cpus_have_final_cap(int num)481 static __always_inline bool cpus_have_final_cap(int num)
482 {
483 if (system_capabilities_finalized())
484 return __cpus_have_const_cap(num);
485 else
486 BUG();
487 }
488
489 /*
490 * Test for a capability, possibly with a runtime check for non-hyp code.
491 *
492 * For hyp code, this behaves the same as cpus_have_final_cap().
493 *
494 * For non-hyp code:
495 * Before capabilities are finalized, this behaves as cpus_have_cap().
496 * After capabilities are finalized, this is patched to avoid a runtime check.
497 *
498 * @num must be a compile-time constant.
499 */
cpus_have_const_cap(int num)500 static __always_inline bool cpus_have_const_cap(int num)
501 {
502 if (is_hyp_code())
503 return cpus_have_final_cap(num);
504 else if (system_capabilities_finalized())
505 return __cpus_have_const_cap(num);
506 else
507 return cpus_have_cap(num);
508 }
509
510 static inline int __attribute_const__
cpuid_feature_extract_signed_field_width(u64 features,int field,int width)511 cpuid_feature_extract_signed_field_width(u64 features, int field, int width)
512 {
513 return (s64)(features << (64 - width - field)) >> (64 - width);
514 }
515
516 static inline int __attribute_const__
cpuid_feature_extract_signed_field(u64 features,int field)517 cpuid_feature_extract_signed_field(u64 features, int field)
518 {
519 return cpuid_feature_extract_signed_field_width(features, field, 4);
520 }
521
522 static __always_inline unsigned int __attribute_const__
cpuid_feature_extract_unsigned_field_width(u64 features,int field,int width)523 cpuid_feature_extract_unsigned_field_width(u64 features, int field, int width)
524 {
525 return (u64)(features << (64 - width - field)) >> (64 - width);
526 }
527
528 static __always_inline unsigned int __attribute_const__
cpuid_feature_extract_unsigned_field(u64 features,int field)529 cpuid_feature_extract_unsigned_field(u64 features, int field)
530 {
531 return cpuid_feature_extract_unsigned_field_width(features, field, 4);
532 }
533
534 /*
535 * Fields that identify the version of the Performance Monitors Extension do
536 * not follow the standard ID scheme. See ARM DDI 0487E.a page D13-2825,
537 * "Alternative ID scheme used for the Performance Monitors Extension version".
538 */
539 static inline u64 __attribute_const__
cpuid_feature_cap_perfmon_field(u64 features,int field,u64 cap)540 cpuid_feature_cap_perfmon_field(u64 features, int field, u64 cap)
541 {
542 u64 val = cpuid_feature_extract_unsigned_field(features, field);
543 u64 mask = GENMASK_ULL(field + 3, field);
544
545 /* Treat IMPLEMENTATION DEFINED functionality as unimplemented */
546 if (val == ID_AA64DFR0_EL1_PMUVer_IMP_DEF)
547 val = 0;
548
549 if (val > cap) {
550 features &= ~mask;
551 features |= (cap << field) & mask;
552 }
553
554 return features;
555 }
556
arm64_ftr_mask(const struct arm64_ftr_bits * ftrp)557 static inline u64 arm64_ftr_mask(const struct arm64_ftr_bits *ftrp)
558 {
559 return (u64)GENMASK(ftrp->shift + ftrp->width - 1, ftrp->shift);
560 }
561
arm64_ftr_reg_user_value(const struct arm64_ftr_reg * reg)562 static inline u64 arm64_ftr_reg_user_value(const struct arm64_ftr_reg *reg)
563 {
564 return (reg->user_val | (reg->sys_val & reg->user_mask));
565 }
566
567 static inline int __attribute_const__
cpuid_feature_extract_field_width(u64 features,int field,int width,bool sign)568 cpuid_feature_extract_field_width(u64 features, int field, int width, bool sign)
569 {
570 if (WARN_ON_ONCE(!width))
571 width = 4;
572 return (sign) ?
573 cpuid_feature_extract_signed_field_width(features, field, width) :
574 cpuid_feature_extract_unsigned_field_width(features, field, width);
575 }
576
577 static inline int __attribute_const__
cpuid_feature_extract_field(u64 features,int field,bool sign)578 cpuid_feature_extract_field(u64 features, int field, bool sign)
579 {
580 return cpuid_feature_extract_field_width(features, field, 4, sign);
581 }
582
arm64_ftr_value(const struct arm64_ftr_bits * ftrp,u64 val)583 static inline s64 arm64_ftr_value(const struct arm64_ftr_bits *ftrp, u64 val)
584 {
585 return (s64)cpuid_feature_extract_field_width(val, ftrp->shift, ftrp->width, ftrp->sign);
586 }
587
id_aa64mmfr0_mixed_endian_el0(u64 mmfr0)588 static inline bool id_aa64mmfr0_mixed_endian_el0(u64 mmfr0)
589 {
590 return cpuid_feature_extract_unsigned_field(mmfr0, ID_AA64MMFR0_EL1_BIGEND_SHIFT) == 0x1 ||
591 cpuid_feature_extract_unsigned_field(mmfr0, ID_AA64MMFR0_EL1_BIGENDEL0_SHIFT) == 0x1;
592 }
593
id_aa64pfr0_32bit_el1(u64 pfr0)594 static inline bool id_aa64pfr0_32bit_el1(u64 pfr0)
595 {
596 u32 val = cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_EL1_EL1_SHIFT);
597
598 return val == ID_AA64PFR0_EL1_ELx_32BIT_64BIT;
599 }
600
id_aa64pfr0_32bit_el0(u64 pfr0)601 static inline bool id_aa64pfr0_32bit_el0(u64 pfr0)
602 {
603 u32 val = cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_EL1_EL0_SHIFT);
604
605 return val == ID_AA64PFR0_EL1_ELx_32BIT_64BIT;
606 }
607
id_aa64pfr0_sve(u64 pfr0)608 static inline bool id_aa64pfr0_sve(u64 pfr0)
609 {
610 u32 val = cpuid_feature_extract_unsigned_field(pfr0, ID_AA64PFR0_EL1_SVE_SHIFT);
611
612 return val > 0;
613 }
614
id_aa64pfr1_sme(u64 pfr1)615 static inline bool id_aa64pfr1_sme(u64 pfr1)
616 {
617 u32 val = cpuid_feature_extract_unsigned_field(pfr1, ID_AA64PFR1_EL1_SME_SHIFT);
618
619 return val > 0;
620 }
621
id_aa64pfr1_mte(u64 pfr1)622 static inline bool id_aa64pfr1_mte(u64 pfr1)
623 {
624 u32 val = cpuid_feature_extract_unsigned_field(pfr1, ID_AA64PFR1_EL1_MTE_SHIFT);
625
626 return val >= ID_AA64PFR1_EL1_MTE_MTE2;
627 }
628
629 void __init setup_cpu_features(void);
630 void check_local_cpu_capabilities(void);
631
632 u64 read_sanitised_ftr_reg(u32 id);
633 u64 __read_sysreg_by_encoding(u32 sys_id);
634
cpu_supports_mixed_endian_el0(void)635 static inline bool cpu_supports_mixed_endian_el0(void)
636 {
637 return id_aa64mmfr0_mixed_endian_el0(read_cpuid(ID_AA64MMFR0_EL1));
638 }
639
640
supports_csv2p3(int scope)641 static inline bool supports_csv2p3(int scope)
642 {
643 u64 pfr0;
644 u8 csv2_val;
645
646 if (scope == SCOPE_LOCAL_CPU)
647 pfr0 = read_sysreg_s(SYS_ID_AA64PFR0_EL1);
648 else
649 pfr0 = read_sanitised_ftr_reg(SYS_ID_AA64PFR0_EL1);
650
651 csv2_val = cpuid_feature_extract_unsigned_field(pfr0,
652 ID_AA64PFR0_EL1_CSV2_SHIFT);
653 return csv2_val == 3;
654 }
655
supports_clearbhb(int scope)656 static inline bool supports_clearbhb(int scope)
657 {
658 u64 isar2;
659
660 if (scope == SCOPE_LOCAL_CPU)
661 isar2 = read_sysreg_s(SYS_ID_AA64ISAR2_EL1);
662 else
663 isar2 = read_sanitised_ftr_reg(SYS_ID_AA64ISAR2_EL1);
664
665 return cpuid_feature_extract_unsigned_field(isar2,
666 ID_AA64ISAR2_EL1_CLRBHB_SHIFT);
667 }
668
669 const struct cpumask *system_32bit_el0_cpumask(void);
670 DECLARE_STATIC_KEY_FALSE(arm64_mismatched_32bit_el0);
671
system_supports_32bit_el0(void)672 static inline bool system_supports_32bit_el0(void)
673 {
674 u64 pfr0 = read_sanitised_ftr_reg(SYS_ID_AA64PFR0_EL1);
675
676 return static_branch_unlikely(&arm64_mismatched_32bit_el0) ||
677 id_aa64pfr0_32bit_el0(pfr0);
678 }
679
system_supports_4kb_granule(void)680 static inline bool system_supports_4kb_granule(void)
681 {
682 u64 mmfr0;
683 u32 val;
684
685 mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1);
686 val = cpuid_feature_extract_unsigned_field(mmfr0,
687 ID_AA64MMFR0_EL1_TGRAN4_SHIFT);
688
689 return (val >= ID_AA64MMFR0_EL1_TGRAN4_SUPPORTED_MIN) &&
690 (val <= ID_AA64MMFR0_EL1_TGRAN4_SUPPORTED_MAX);
691 }
692
system_supports_64kb_granule(void)693 static inline bool system_supports_64kb_granule(void)
694 {
695 u64 mmfr0;
696 u32 val;
697
698 mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1);
699 val = cpuid_feature_extract_unsigned_field(mmfr0,
700 ID_AA64MMFR0_EL1_TGRAN64_SHIFT);
701
702 return (val >= ID_AA64MMFR0_EL1_TGRAN64_SUPPORTED_MIN) &&
703 (val <= ID_AA64MMFR0_EL1_TGRAN64_SUPPORTED_MAX);
704 }
705
system_supports_16kb_granule(void)706 static inline bool system_supports_16kb_granule(void)
707 {
708 u64 mmfr0;
709 u32 val;
710
711 mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1);
712 val = cpuid_feature_extract_unsigned_field(mmfr0,
713 ID_AA64MMFR0_EL1_TGRAN16_SHIFT);
714
715 return (val >= ID_AA64MMFR0_EL1_TGRAN16_SUPPORTED_MIN) &&
716 (val <= ID_AA64MMFR0_EL1_TGRAN16_SUPPORTED_MAX);
717 }
718
system_supports_mixed_endian_el0(void)719 static inline bool system_supports_mixed_endian_el0(void)
720 {
721 return id_aa64mmfr0_mixed_endian_el0(read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1));
722 }
723
system_supports_mixed_endian(void)724 static inline bool system_supports_mixed_endian(void)
725 {
726 u64 mmfr0;
727 u32 val;
728
729 mmfr0 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR0_EL1);
730 val = cpuid_feature_extract_unsigned_field(mmfr0,
731 ID_AA64MMFR0_EL1_BIGEND_SHIFT);
732
733 return val == 0x1;
734 }
735
system_supports_fpsimd(void)736 static __always_inline bool system_supports_fpsimd(void)
737 {
738 return !cpus_have_const_cap(ARM64_HAS_NO_FPSIMD);
739 }
740
system_uses_hw_pan(void)741 static inline bool system_uses_hw_pan(void)
742 {
743 return IS_ENABLED(CONFIG_ARM64_PAN) &&
744 cpus_have_const_cap(ARM64_HAS_PAN);
745 }
746
system_uses_ttbr0_pan(void)747 static inline bool system_uses_ttbr0_pan(void)
748 {
749 return IS_ENABLED(CONFIG_ARM64_SW_TTBR0_PAN) &&
750 !system_uses_hw_pan();
751 }
752
system_supports_sve(void)753 static __always_inline bool system_supports_sve(void)
754 {
755 return IS_ENABLED(CONFIG_ARM64_SVE) &&
756 cpus_have_const_cap(ARM64_SVE);
757 }
758
system_supports_sme(void)759 static __always_inline bool system_supports_sme(void)
760 {
761 return IS_ENABLED(CONFIG_ARM64_SME) &&
762 cpus_have_const_cap(ARM64_SME);
763 }
764
system_supports_sme2(void)765 static __always_inline bool system_supports_sme2(void)
766 {
767 return IS_ENABLED(CONFIG_ARM64_SME) &&
768 cpus_have_const_cap(ARM64_SME2);
769 }
770
system_supports_fa64(void)771 static __always_inline bool system_supports_fa64(void)
772 {
773 return IS_ENABLED(CONFIG_ARM64_SME) &&
774 cpus_have_const_cap(ARM64_SME_FA64);
775 }
776
system_supports_tpidr2(void)777 static __always_inline bool system_supports_tpidr2(void)
778 {
779 return system_supports_sme();
780 }
781
system_supports_cnp(void)782 static __always_inline bool system_supports_cnp(void)
783 {
784 return IS_ENABLED(CONFIG_ARM64_CNP) &&
785 cpus_have_const_cap(ARM64_HAS_CNP);
786 }
787
system_supports_address_auth(void)788 static inline bool system_supports_address_auth(void)
789 {
790 return IS_ENABLED(CONFIG_ARM64_PTR_AUTH) &&
791 cpus_have_const_cap(ARM64_HAS_ADDRESS_AUTH);
792 }
793
system_supports_generic_auth(void)794 static inline bool system_supports_generic_auth(void)
795 {
796 return IS_ENABLED(CONFIG_ARM64_PTR_AUTH) &&
797 cpus_have_const_cap(ARM64_HAS_GENERIC_AUTH);
798 }
799
system_has_full_ptr_auth(void)800 static inline bool system_has_full_ptr_auth(void)
801 {
802 return system_supports_address_auth() && system_supports_generic_auth();
803 }
804
system_uses_irq_prio_masking(void)805 static __always_inline bool system_uses_irq_prio_masking(void)
806 {
807 return IS_ENABLED(CONFIG_ARM64_PSEUDO_NMI) &&
808 cpus_have_const_cap(ARM64_HAS_GIC_PRIO_MASKING);
809 }
810
system_supports_mte(void)811 static inline bool system_supports_mte(void)
812 {
813 return IS_ENABLED(CONFIG_ARM64_MTE) &&
814 cpus_have_const_cap(ARM64_MTE);
815 }
816
system_has_prio_mask_debugging(void)817 static inline bool system_has_prio_mask_debugging(void)
818 {
819 return IS_ENABLED(CONFIG_ARM64_DEBUG_PRIORITY_MASKING) &&
820 system_uses_irq_prio_masking();
821 }
822
system_supports_bti(void)823 static inline bool system_supports_bti(void)
824 {
825 return IS_ENABLED(CONFIG_ARM64_BTI) && cpus_have_const_cap(ARM64_BTI);
826 }
827
system_supports_tlb_range(void)828 static inline bool system_supports_tlb_range(void)
829 {
830 return IS_ENABLED(CONFIG_ARM64_TLB_RANGE) &&
831 cpus_have_const_cap(ARM64_HAS_TLB_RANGE);
832 }
833
834 int do_emulate_mrs(struct pt_regs *regs, u32 sys_reg, u32 rt);
835 bool try_emulate_mrs(struct pt_regs *regs, u32 isn);
836
id_aa64mmfr0_parange_to_phys_shift(int parange)837 static inline u32 id_aa64mmfr0_parange_to_phys_shift(int parange)
838 {
839 switch (parange) {
840 case ID_AA64MMFR0_EL1_PARANGE_32: return 32;
841 case ID_AA64MMFR0_EL1_PARANGE_36: return 36;
842 case ID_AA64MMFR0_EL1_PARANGE_40: return 40;
843 case ID_AA64MMFR0_EL1_PARANGE_42: return 42;
844 case ID_AA64MMFR0_EL1_PARANGE_44: return 44;
845 case ID_AA64MMFR0_EL1_PARANGE_48: return 48;
846 case ID_AA64MMFR0_EL1_PARANGE_52: return 52;
847 /*
848 * A future PE could use a value unknown to the kernel.
849 * However, by the "D10.1.4 Principles of the ID scheme
850 * for fields in ID registers", ARM DDI 0487C.a, any new
851 * value is guaranteed to be higher than what we know already.
852 * As a safe limit, we return the limit supported by the kernel.
853 */
854 default: return CONFIG_ARM64_PA_BITS;
855 }
856 }
857
858 /* Check whether hardware update of the Access flag is supported */
cpu_has_hw_af(void)859 static inline bool cpu_has_hw_af(void)
860 {
861 u64 mmfr1;
862
863 if (!IS_ENABLED(CONFIG_ARM64_HW_AFDBM))
864 return false;
865
866 /*
867 * Use cached version to avoid emulated msr operation on KVM
868 * guests.
869 */
870 mmfr1 = read_sanitised_ftr_reg(SYS_ID_AA64MMFR1_EL1);
871 return cpuid_feature_extract_unsigned_field(mmfr1,
872 ID_AA64MMFR1_EL1_HAFDBS_SHIFT);
873 }
874
cpu_has_pan(void)875 static inline bool cpu_has_pan(void)
876 {
877 u64 mmfr1 = read_cpuid(ID_AA64MMFR1_EL1);
878 return cpuid_feature_extract_unsigned_field(mmfr1,
879 ID_AA64MMFR1_EL1_PAN_SHIFT);
880 }
881
882 #ifdef CONFIG_ARM64_AMU_EXTN
883 /* Check whether the cpu supports the Activity Monitors Unit (AMU) */
884 extern bool cpu_has_amu_feat(int cpu);
885 #else
cpu_has_amu_feat(int cpu)886 static inline bool cpu_has_amu_feat(int cpu)
887 {
888 return false;
889 }
890 #endif
891
892 /* Get a cpu that supports the Activity Monitors Unit (AMU) */
893 extern int get_cpu_with_amu_feat(void);
894
get_vmid_bits(u64 mmfr1)895 static inline unsigned int get_vmid_bits(u64 mmfr1)
896 {
897 int vmid_bits;
898
899 vmid_bits = cpuid_feature_extract_unsigned_field(mmfr1,
900 ID_AA64MMFR1_EL1_VMIDBits_SHIFT);
901 if (vmid_bits == ID_AA64MMFR1_EL1_VMIDBits_16)
902 return 16;
903
904 /*
905 * Return the default here even if any reserved
906 * value is fetched from the system register.
907 */
908 return 8;
909 }
910
911 s64 arm64_ftr_safe_value(const struct arm64_ftr_bits *ftrp, s64 new, s64 cur);
912 struct arm64_ftr_reg *get_arm64_ftr_reg(u32 sys_id);
913
914 extern struct arm64_ftr_override id_aa64mmfr1_override;
915 extern struct arm64_ftr_override id_aa64pfr0_override;
916 extern struct arm64_ftr_override id_aa64pfr1_override;
917 extern struct arm64_ftr_override id_aa64zfr0_override;
918 extern struct arm64_ftr_override id_aa64smfr0_override;
919 extern struct arm64_ftr_override id_aa64isar1_override;
920 extern struct arm64_ftr_override id_aa64isar2_override;
921
922 extern struct arm64_ftr_override arm64_sw_feature_override;
923
924 u32 get_kvm_ipa_limit(void);
925 void dump_cpu_features(void);
926
927 #endif /* __ASSEMBLY__ */
928
929 #endif
930