1 /* SPDX-License-Identifier: GPL-2.0 */ 2 #ifndef __LINUX_COMPILER_H 3 #define __LINUX_COMPILER_H 4 5 #include <linux/compiler_types.h> 6 7 #ifndef __ASSEMBLY__ 8 9 #ifdef __KERNEL__ 10 11 /* 12 * Note: DISABLE_BRANCH_PROFILING can be used by special lowlevel code 13 * to disable branch tracing on a per file basis. 14 */ 15 #if defined(CONFIG_TRACE_BRANCH_PROFILING) \ 16 && !defined(DISABLE_BRANCH_PROFILING) && !defined(__CHECKER__) 17 void ftrace_likely_update(struct ftrace_likely_data *f, int val, 18 int expect, int is_constant); 19 20 #define likely_notrace(x) __builtin_expect(!!(x), 1) 21 #define unlikely_notrace(x) __builtin_expect(!!(x), 0) 22 23 #define __branch_check__(x, expect, is_constant) ({ \ 24 long ______r; \ 25 static struct ftrace_likely_data \ 26 __aligned(4) \ 27 __section(_ftrace_annotated_branch) \ 28 ______f = { \ 29 .data.func = __func__, \ 30 .data.file = __FILE__, \ 31 .data.line = __LINE__, \ 32 }; \ 33 ______r = __builtin_expect(!!(x), expect); \ 34 ftrace_likely_update(&______f, ______r, \ 35 expect, is_constant); \ 36 ______r; \ 37 }) 38 39 /* 40 * Using __builtin_constant_p(x) to ignore cases where the return 41 * value is always the same. This idea is taken from a similar patch 42 * written by Daniel Walker. 43 */ 44 # ifndef likely 45 # define likely(x) (__branch_check__(x, 1, __builtin_constant_p(x))) 46 # endif 47 # ifndef unlikely 48 # define unlikely(x) (__branch_check__(x, 0, __builtin_constant_p(x))) 49 # endif 50 51 #ifdef CONFIG_PROFILE_ALL_BRANCHES 52 /* 53 * "Define 'is'", Bill Clinton 54 * "Define 'if'", Steven Rostedt 55 */ 56 #define if(cond, ...) if ( __trace_if_var( !!(cond , ## __VA_ARGS__) ) ) 57 58 #define __trace_if_var(cond) (__builtin_constant_p(cond) ? (cond) : __trace_if_value(cond)) 59 60 #define __trace_if_value(cond) ({ \ 61 static struct ftrace_branch_data \ 62 __aligned(4) \ 63 __section(_ftrace_branch) \ 64 __if_trace = { \ 65 .func = __func__, \ 66 .file = __FILE__, \ 67 .line = __LINE__, \ 68 }; \ 69 (cond) ? \ 70 (__if_trace.miss_hit[1]++,1) : \ 71 (__if_trace.miss_hit[0]++,0); \ 72 }) 73 74 #endif /* CONFIG_PROFILE_ALL_BRANCHES */ 75 76 #else 77 # define likely(x) __builtin_expect(!!(x), 1) 78 # define unlikely(x) __builtin_expect(!!(x), 0) 79 #endif 80 81 /* Optimization barrier */ 82 #ifndef barrier 83 # define barrier() __memory_barrier() 84 #endif 85 86 #ifndef barrier_data 87 # define barrier_data(ptr) barrier() 88 #endif 89 90 /* workaround for GCC PR82365 if needed */ 91 #ifndef barrier_before_unreachable 92 # define barrier_before_unreachable() do { } while (0) 93 #endif 94 95 /* Unreachable code */ 96 #ifdef CONFIG_STACK_VALIDATION 97 /* 98 * These macros help objtool understand GCC code flow for unreachable code. 99 * The __COUNTER__ based labels are a hack to make each instance of the macros 100 * unique, to convince GCC not to merge duplicate inline asm statements. 101 */ 102 #define annotate_reachable() ({ \ 103 asm volatile("%c0:\n\t" \ 104 ".pushsection .discard.reachable\n\t" \ 105 ".long %c0b - .\n\t" \ 106 ".popsection\n\t" : : "i" (__COUNTER__)); \ 107 }) 108 #define annotate_unreachable() ({ \ 109 asm volatile("%c0:\n\t" \ 110 ".pushsection .discard.unreachable\n\t" \ 111 ".long %c0b - .\n\t" \ 112 ".popsection\n\t" : : "i" (__COUNTER__)); \ 113 }) 114 #define ASM_UNREACHABLE \ 115 "999:\n\t" \ 116 ".pushsection .discard.unreachable\n\t" \ 117 ".long 999b - .\n\t" \ 118 ".popsection\n\t" 119 120 /* Annotate a C jump table to allow objtool to follow the code flow */ 121 #define __annotate_jump_table __section(.rodata..c_jump_table) 122 123 #ifdef CONFIG_DEBUG_ENTRY 124 /* Begin/end of an instrumentation safe region */ 125 #define instrumentation_begin() ({ \ 126 asm volatile("%c0:\n\t" \ 127 ".pushsection .discard.instr_begin\n\t" \ 128 ".long %c0b - .\n\t" \ 129 ".popsection\n\t" : : "i" (__COUNTER__)); \ 130 }) 131 132 /* 133 * Because instrumentation_{begin,end}() can nest, objtool validation considers 134 * _begin() a +1 and _end() a -1 and computes a sum over the instructions. 135 * When the value is greater than 0, we consider instrumentation allowed. 136 * 137 * There is a problem with code like: 138 * 139 * noinstr void foo() 140 * { 141 * instrumentation_begin(); 142 * ... 143 * if (cond) { 144 * instrumentation_begin(); 145 * ... 146 * instrumentation_end(); 147 * } 148 * bar(); 149 * instrumentation_end(); 150 * } 151 * 152 * If instrumentation_end() would be an empty label, like all the other 153 * annotations, the inner _end(), which is at the end of a conditional block, 154 * would land on the instruction after the block. 155 * 156 * If we then consider the sum of the !cond path, we'll see that the call to 157 * bar() is with a 0-value, even though, we meant it to happen with a positive 158 * value. 159 * 160 * To avoid this, have _end() be a NOP instruction, this ensures it will be 161 * part of the condition block and does not escape. 162 */ 163 #define instrumentation_end() ({ \ 164 asm volatile("%c0: nop\n\t" \ 165 ".pushsection .discard.instr_end\n\t" \ 166 ".long %c0b - .\n\t" \ 167 ".popsection\n\t" : : "i" (__COUNTER__)); \ 168 }) 169 #endif /* CONFIG_DEBUG_ENTRY */ 170 171 #else 172 #define annotate_reachable() 173 #define annotate_unreachable() 174 #define __annotate_jump_table 175 #endif 176 177 #ifndef instrumentation_begin 178 #define instrumentation_begin() do { } while(0) 179 #define instrumentation_end() do { } while(0) 180 #endif 181 182 #ifndef ASM_UNREACHABLE 183 # define ASM_UNREACHABLE 184 #endif 185 #ifndef unreachable 186 # define unreachable() do { \ 187 annotate_unreachable(); \ 188 __builtin_unreachable(); \ 189 } while (0) 190 #endif 191 192 /* 193 * KENTRY - kernel entry point 194 * This can be used to annotate symbols (functions or data) that are used 195 * without their linker symbol being referenced explicitly. For example, 196 * interrupt vector handlers, or functions in the kernel image that are found 197 * programatically. 198 * 199 * Not required for symbols exported with EXPORT_SYMBOL, or initcalls. Those 200 * are handled in their own way (with KEEP() in linker scripts). 201 * 202 * KENTRY can be avoided if the symbols in question are marked as KEEP() in the 203 * linker script. For example an architecture could KEEP() its entire 204 * boot/exception vector code rather than annotate each function and data. 205 */ 206 #ifndef KENTRY 207 # define KENTRY(sym) \ 208 extern typeof(sym) sym; \ 209 static const unsigned long __kentry_##sym \ 210 __used \ 211 __section("___kentry" "+" #sym ) \ 212 = (unsigned long)&sym; 213 #endif 214 215 #ifndef RELOC_HIDE 216 # define RELOC_HIDE(ptr, off) \ 217 ({ unsigned long __ptr; \ 218 __ptr = (unsigned long) (ptr); \ 219 (typeof(ptr)) (__ptr + (off)); }) 220 #endif 221 222 #ifndef OPTIMIZER_HIDE_VAR 223 /* Make the optimizer believe the variable can be manipulated arbitrarily. */ 224 #define OPTIMIZER_HIDE_VAR(var) \ 225 __asm__ ("" : "=r" (var) : "0" (var)) 226 #endif 227 228 /* Not-quite-unique ID. */ 229 #ifndef __UNIQUE_ID 230 # define __UNIQUE_ID(prefix) __PASTE(__PASTE(__UNIQUE_ID_, prefix), __LINE__) 231 #endif 232 233 /* 234 * Prevent the compiler from merging or refetching reads or writes. The 235 * compiler is also forbidden from reordering successive instances of 236 * READ_ONCE and WRITE_ONCE, but only when the compiler is aware of some 237 * particular ordering. One way to make the compiler aware of ordering is to 238 * put the two invocations of READ_ONCE or WRITE_ONCE in different C 239 * statements. 240 * 241 * These two macros will also work on aggregate data types like structs or 242 * unions. 243 * 244 * Their two major use cases are: (1) Mediating communication between 245 * process-level code and irq/NMI handlers, all running on the same CPU, 246 * and (2) Ensuring that the compiler does not fold, spindle, or otherwise 247 * mutilate accesses that either do not require ordering or that interact 248 * with an explicit memory barrier or atomic instruction that provides the 249 * required ordering. 250 */ 251 #include <asm/barrier.h> 252 #include <linux/kasan-checks.h> 253 254 /* 255 * Use __READ_ONCE() instead of READ_ONCE() if you do not require any 256 * atomicity or dependency ordering guarantees. Note that this may result 257 * in tears! 258 */ 259 #define __READ_ONCE(x) (*(const volatile __unqual_scalar_typeof(x) *)&(x)) 260 261 #define __READ_ONCE_SCALAR(x) \ 262 ({ \ 263 __unqual_scalar_typeof(x) __x = __READ_ONCE(x); \ 264 smp_read_barrier_depends(); \ 265 (typeof(x))__x; \ 266 }) 267 268 #define READ_ONCE(x) \ 269 ({ \ 270 compiletime_assert_rwonce_type(x); \ 271 __READ_ONCE_SCALAR(x); \ 272 }) 273 274 #define __WRITE_ONCE(x, val) \ 275 do { \ 276 *(volatile typeof(x) *)&(x) = (val); \ 277 } while (0) 278 279 #define WRITE_ONCE(x, val) \ 280 do { \ 281 compiletime_assert_rwonce_type(x); \ 282 __WRITE_ONCE(x, val); \ 283 } while (0) 284 285 #ifdef CONFIG_KASAN 286 /* 287 * We can't declare function 'inline' because __no_sanitize_address conflicts 288 * with inlining. Attempt to inline it may cause a build failure. 289 * https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67368 290 * '__maybe_unused' allows us to avoid defined-but-not-used warnings. 291 */ 292 # define __no_kasan_or_inline __no_sanitize_address notrace __maybe_unused 293 #else 294 # define __no_kasan_or_inline __always_inline 295 #endif 296 297 static __no_kasan_or_inline 298 unsigned long __read_once_word_nocheck(const void *addr) 299 { 300 return __READ_ONCE(*(unsigned long *)addr); 301 } 302 303 /* 304 * Use READ_ONCE_NOCHECK() instead of READ_ONCE() if you need to load a 305 * word from memory atomically but without telling KASAN. This is usually 306 * used by unwinding code when walking the stack of a running process. 307 */ 308 #define READ_ONCE_NOCHECK(x) \ 309 ({ \ 310 unsigned long __x; \ 311 compiletime_assert(sizeof(x) == sizeof(__x), \ 312 "Unsupported access size for READ_ONCE_NOCHECK()."); \ 313 __x = __read_once_word_nocheck(&(x)); \ 314 smp_read_barrier_depends(); \ 315 (typeof(x))__x; \ 316 }) 317 318 static __no_kasan_or_inline 319 unsigned long read_word_at_a_time(const void *addr) 320 { 321 kasan_check_read(addr, 1); 322 return *(unsigned long *)addr; 323 } 324 325 #endif /* __KERNEL__ */ 326 327 /* 328 * Force the compiler to emit 'sym' as a symbol, so that we can reference 329 * it from inline assembler. Necessary in case 'sym' could be inlined 330 * otherwise, or eliminated entirely due to lack of references that are 331 * visible to the compiler. 332 */ 333 #define __ADDRESSABLE(sym) \ 334 static void * __section(.discard.addressable) __used \ 335 __PASTE(__addressable_##sym, __LINE__) = (void *)&sym; 336 337 /** 338 * offset_to_ptr - convert a relative memory offset to an absolute pointer 339 * @off: the address of the 32-bit offset value 340 */ 341 static inline void *offset_to_ptr(const int *off) 342 { 343 return (void *)((unsigned long)off + *off); 344 } 345 346 #endif /* __ASSEMBLY__ */ 347 348 /* Compile time object size, -1 for unknown */ 349 #ifndef __compiletime_object_size 350 # define __compiletime_object_size(obj) -1 351 #endif 352 #ifndef __compiletime_warning 353 # define __compiletime_warning(message) 354 #endif 355 #ifndef __compiletime_error 356 # define __compiletime_error(message) 357 #endif 358 359 #ifdef __OPTIMIZE__ 360 # define __compiletime_assert(condition, msg, prefix, suffix) \ 361 do { \ 362 extern void prefix ## suffix(void) __compiletime_error(msg); \ 363 if (!(condition)) \ 364 prefix ## suffix(); \ 365 } while (0) 366 #else 367 # define __compiletime_assert(condition, msg, prefix, suffix) do { } while (0) 368 #endif 369 370 #define _compiletime_assert(condition, msg, prefix, suffix) \ 371 __compiletime_assert(condition, msg, prefix, suffix) 372 373 /** 374 * compiletime_assert - break build and emit msg if condition is false 375 * @condition: a compile-time constant condition to check 376 * @msg: a message to emit if condition is false 377 * 378 * In tradition of POSIX assert, this macro will break the build if the 379 * supplied condition is *false*, emitting the supplied error message if the 380 * compiler has support to do so. 381 */ 382 #define compiletime_assert(condition, msg) \ 383 _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) 384 385 #define compiletime_assert_atomic_type(t) \ 386 compiletime_assert(__native_word(t), \ 387 "Need native word sized stores/loads for atomicity.") 388 389 /* 390 * Yes, this permits 64-bit accesses on 32-bit architectures. These will 391 * actually be atomic in some cases (namely Armv7 + LPAE), but for others we 392 * rely on the access being split into 2x32-bit accesses for a 32-bit quantity 393 * (e.g. a virtual address) and a strong prevailing wind. 394 */ 395 #define compiletime_assert_rwonce_type(t) \ 396 compiletime_assert(__native_word(t) || sizeof(t) == sizeof(long long), \ 397 "Unsupported access size for {READ,WRITE}_ONCE().") 398 399 /* &a[0] degrades to a pointer: a different type from an array */ 400 #define __must_be_array(a) BUILD_BUG_ON_ZERO(__same_type((a), &(a)[0])) 401 402 /* 403 * This is needed in functions which generate the stack canary, see 404 * arch/x86/kernel/smpboot.c::start_secondary() for an example. 405 */ 406 #define prevent_tail_call_optimization() mb() 407 408 #endif /* __LINUX_COMPILER_H */ 409