1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0 */
2*4882a593Smuzhiyun /*
3*4882a593Smuzhiyun * Copyright (C) 2020 ARM Ltd.
4*4882a593Smuzhiyun */
5*4882a593Smuzhiyun #ifndef __ASM_MTE_KASAN_H
6*4882a593Smuzhiyun #define __ASM_MTE_KASAN_H
7*4882a593Smuzhiyun
8*4882a593Smuzhiyun #include <asm/compiler.h>
9*4882a593Smuzhiyun #include <asm/cputype.h>
10*4882a593Smuzhiyun #include <asm/mte-def.h>
11*4882a593Smuzhiyun
12*4882a593Smuzhiyun #ifndef __ASSEMBLY__
13*4882a593Smuzhiyun
14*4882a593Smuzhiyun #include <linux/types.h>
15*4882a593Smuzhiyun
16*4882a593Smuzhiyun #ifdef CONFIG_ARM64_MTE
17*4882a593Smuzhiyun
18*4882a593Smuzhiyun /*
19*4882a593Smuzhiyun * These functions are meant to be only used from KASAN runtime through
20*4882a593Smuzhiyun * the arch_*() interface defined in asm/memory.h.
21*4882a593Smuzhiyun * These functions don't include system_supports_mte() checks,
22*4882a593Smuzhiyun * as KASAN only calls them when MTE is supported and enabled.
23*4882a593Smuzhiyun */
24*4882a593Smuzhiyun
mte_get_ptr_tag(void * ptr)25*4882a593Smuzhiyun static inline u8 mte_get_ptr_tag(void *ptr)
26*4882a593Smuzhiyun {
27*4882a593Smuzhiyun /* Note: The format of KASAN tags is 0xF<x> */
28*4882a593Smuzhiyun u8 tag = 0xF0 | (u8)(((u64)(ptr)) >> MTE_TAG_SHIFT);
29*4882a593Smuzhiyun
30*4882a593Smuzhiyun return tag;
31*4882a593Smuzhiyun }
32*4882a593Smuzhiyun
33*4882a593Smuzhiyun /* Get allocation tag for the address. */
mte_get_mem_tag(void * addr)34*4882a593Smuzhiyun static inline u8 mte_get_mem_tag(void *addr)
35*4882a593Smuzhiyun {
36*4882a593Smuzhiyun asm(__MTE_PREAMBLE "ldg %0, [%0]"
37*4882a593Smuzhiyun : "+r" (addr));
38*4882a593Smuzhiyun
39*4882a593Smuzhiyun return mte_get_ptr_tag(addr);
40*4882a593Smuzhiyun }
41*4882a593Smuzhiyun
42*4882a593Smuzhiyun /* Generate a random tag. */
mte_get_random_tag(void)43*4882a593Smuzhiyun static inline u8 mte_get_random_tag(void)
44*4882a593Smuzhiyun {
45*4882a593Smuzhiyun void *addr;
46*4882a593Smuzhiyun
47*4882a593Smuzhiyun asm(__MTE_PREAMBLE "irg %0, %0"
48*4882a593Smuzhiyun : "=r" (addr));
49*4882a593Smuzhiyun
50*4882a593Smuzhiyun return mte_get_ptr_tag(addr);
51*4882a593Smuzhiyun }
52*4882a593Smuzhiyun
__stg_post(u64 p)53*4882a593Smuzhiyun static inline u64 __stg_post(u64 p)
54*4882a593Smuzhiyun {
55*4882a593Smuzhiyun asm volatile(__MTE_PREAMBLE "stg %0, [%0], #16"
56*4882a593Smuzhiyun : "+r"(p)
57*4882a593Smuzhiyun :
58*4882a593Smuzhiyun : "memory");
59*4882a593Smuzhiyun return p;
60*4882a593Smuzhiyun }
61*4882a593Smuzhiyun
__stzg_post(u64 p)62*4882a593Smuzhiyun static inline u64 __stzg_post(u64 p)
63*4882a593Smuzhiyun {
64*4882a593Smuzhiyun asm volatile(__MTE_PREAMBLE "stzg %0, [%0], #16"
65*4882a593Smuzhiyun : "+r"(p)
66*4882a593Smuzhiyun :
67*4882a593Smuzhiyun : "memory");
68*4882a593Smuzhiyun return p;
69*4882a593Smuzhiyun }
70*4882a593Smuzhiyun
__dc_gva(u64 p)71*4882a593Smuzhiyun static inline void __dc_gva(u64 p)
72*4882a593Smuzhiyun {
73*4882a593Smuzhiyun asm volatile(__MTE_PREAMBLE "dc gva, %0" : : "r"(p) : "memory");
74*4882a593Smuzhiyun }
75*4882a593Smuzhiyun
__dc_gzva(u64 p)76*4882a593Smuzhiyun static inline void __dc_gzva(u64 p)
77*4882a593Smuzhiyun {
78*4882a593Smuzhiyun asm volatile(__MTE_PREAMBLE "dc gzva, %0" : : "r"(p) : "memory");
79*4882a593Smuzhiyun }
80*4882a593Smuzhiyun
81*4882a593Smuzhiyun /*
82*4882a593Smuzhiyun * Assign allocation tags for a region of memory based on the pointer tag.
83*4882a593Smuzhiyun * Note: The address must be non-NULL and MTE_GRANULE_SIZE aligned and
84*4882a593Smuzhiyun * size must be MTE_GRANULE_SIZE aligned.
85*4882a593Smuzhiyun */
mte_set_mem_tag_range(void * addr,size_t size,u8 tag,bool init)86*4882a593Smuzhiyun static inline void mte_set_mem_tag_range(void *addr, size_t size, u8 tag,
87*4882a593Smuzhiyun bool init)
88*4882a593Smuzhiyun {
89*4882a593Smuzhiyun u64 curr, mask, dczid, dczid_bs, dczid_dzp, end1, end2, end3;
90*4882a593Smuzhiyun
91*4882a593Smuzhiyun /* Read DC G(Z)VA block size from the system register. */
92*4882a593Smuzhiyun dczid = read_cpuid(DCZID_EL0);
93*4882a593Smuzhiyun dczid_bs = 4ul << (dczid & 0xf);
94*4882a593Smuzhiyun dczid_dzp = (dczid >> 4) & 1;
95*4882a593Smuzhiyun
96*4882a593Smuzhiyun curr = (u64)__tag_set(addr, tag);
97*4882a593Smuzhiyun mask = dczid_bs - 1;
98*4882a593Smuzhiyun /* STG/STZG up to the end of the first block. */
99*4882a593Smuzhiyun end1 = curr | mask;
100*4882a593Smuzhiyun end3 = curr + size;
101*4882a593Smuzhiyun /* DC GVA / GZVA in [end1, end2) */
102*4882a593Smuzhiyun end2 = end3 & ~mask;
103*4882a593Smuzhiyun
104*4882a593Smuzhiyun /*
105*4882a593Smuzhiyun * The following code uses STG on the first DC GVA block even if the
106*4882a593Smuzhiyun * start address is aligned - it appears to be faster than an alignment
107*4882a593Smuzhiyun * check + conditional branch. Also, if the range size is at least 2 DC
108*4882a593Smuzhiyun * GVA blocks, the first two loops can use post-condition to save one
109*4882a593Smuzhiyun * branch each.
110*4882a593Smuzhiyun */
111*4882a593Smuzhiyun #define SET_MEMTAG_RANGE(stg_post, dc_gva) \
112*4882a593Smuzhiyun do { \
113*4882a593Smuzhiyun if (!dczid_dzp && size >= 2 * dczid_bs) {\
114*4882a593Smuzhiyun do { \
115*4882a593Smuzhiyun curr = stg_post(curr); \
116*4882a593Smuzhiyun } while (curr < end1); \
117*4882a593Smuzhiyun \
118*4882a593Smuzhiyun do { \
119*4882a593Smuzhiyun dc_gva(curr); \
120*4882a593Smuzhiyun curr += dczid_bs; \
121*4882a593Smuzhiyun } while (curr < end2); \
122*4882a593Smuzhiyun } \
123*4882a593Smuzhiyun \
124*4882a593Smuzhiyun while (curr < end3) \
125*4882a593Smuzhiyun curr = stg_post(curr); \
126*4882a593Smuzhiyun } while (0)
127*4882a593Smuzhiyun
128*4882a593Smuzhiyun if (init)
129*4882a593Smuzhiyun SET_MEMTAG_RANGE(__stzg_post, __dc_gzva);
130*4882a593Smuzhiyun else
131*4882a593Smuzhiyun SET_MEMTAG_RANGE(__stg_post, __dc_gva);
132*4882a593Smuzhiyun #undef SET_MEMTAG_RANGE
133*4882a593Smuzhiyun }
134*4882a593Smuzhiyun
135*4882a593Smuzhiyun void mte_enable_kernel_sync(void);
136*4882a593Smuzhiyun void mte_enable_kernel_async(void);
137*4882a593Smuzhiyun
138*4882a593Smuzhiyun void mte_set_report_once(bool state);
139*4882a593Smuzhiyun bool mte_report_once(void);
140*4882a593Smuzhiyun
141*4882a593Smuzhiyun #else /* CONFIG_ARM64_MTE */
142*4882a593Smuzhiyun
mte_get_ptr_tag(void * ptr)143*4882a593Smuzhiyun static inline u8 mte_get_ptr_tag(void *ptr)
144*4882a593Smuzhiyun {
145*4882a593Smuzhiyun return 0xFF;
146*4882a593Smuzhiyun }
147*4882a593Smuzhiyun
mte_get_mem_tag(void * addr)148*4882a593Smuzhiyun static inline u8 mte_get_mem_tag(void *addr)
149*4882a593Smuzhiyun {
150*4882a593Smuzhiyun return 0xFF;
151*4882a593Smuzhiyun }
152*4882a593Smuzhiyun
mte_get_random_tag(void)153*4882a593Smuzhiyun static inline u8 mte_get_random_tag(void)
154*4882a593Smuzhiyun {
155*4882a593Smuzhiyun return 0xFF;
156*4882a593Smuzhiyun }
157*4882a593Smuzhiyun
mte_set_mem_tag_range(void * addr,size_t size,u8 tag,bool init)158*4882a593Smuzhiyun static inline void mte_set_mem_tag_range(void *addr, size_t size,
159*4882a593Smuzhiyun u8 tag, bool init)
160*4882a593Smuzhiyun {
161*4882a593Smuzhiyun }
162*4882a593Smuzhiyun
mte_enable_kernel_sync(void)163*4882a593Smuzhiyun static inline void mte_enable_kernel_sync(void)
164*4882a593Smuzhiyun {
165*4882a593Smuzhiyun }
166*4882a593Smuzhiyun
mte_enable_kernel_async(void)167*4882a593Smuzhiyun static inline void mte_enable_kernel_async(void)
168*4882a593Smuzhiyun {
169*4882a593Smuzhiyun }
170*4882a593Smuzhiyun
mte_set_report_once(bool state)171*4882a593Smuzhiyun static inline void mte_set_report_once(bool state)
172*4882a593Smuzhiyun {
173*4882a593Smuzhiyun }
174*4882a593Smuzhiyun
mte_report_once(void)175*4882a593Smuzhiyun static inline bool mte_report_once(void)
176*4882a593Smuzhiyun {
177*4882a593Smuzhiyun return false;
178*4882a593Smuzhiyun }
179*4882a593Smuzhiyun
180*4882a593Smuzhiyun #endif /* CONFIG_ARM64_MTE */
181*4882a593Smuzhiyun
182*4882a593Smuzhiyun #endif /* __ASSEMBLY__ */
183*4882a593Smuzhiyun
184*4882a593Smuzhiyun #endif /* __ASM_MTE_KASAN_H */
185