1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef _ASM_X86_IBT_H
3 #define _ASM_X86_IBT_H
4
5 #include <linux/types.h>
6
7 /*
8 * The rules for enabling IBT are:
9 *
10 * - CC_HAS_IBT: the toolchain supports it
11 * - X86_KERNEL_IBT: it is selected in Kconfig
12 * - !__DISABLE_EXPORTS: this is regular kernel code
13 *
14 * Esp. that latter one is a bit non-obvious, but some code like compressed,
15 * purgatory, realmode etc.. is built with custom CFLAGS that do not include
16 * -fcf-protection=branch and things will go *bang*.
17 *
18 * When all the above are satisfied, HAS_KERNEL_IBT will be 1, otherwise 0.
19 */
20 #if defined(CONFIG_X86_KERNEL_IBT) && !defined(__DISABLE_EXPORTS)
21
22 #define HAS_KERNEL_IBT 1
23
24 #ifndef __ASSEMBLY__
25
26 #ifdef CONFIG_X86_64
27 #define ASM_ENDBR "endbr64\n\t"
28 #else
29 #define ASM_ENDBR "endbr32\n\t"
30 #endif
31
32 #define __noendbr __attribute__((nocf_check))
33
34 /*
35 * Create a dummy function pointer reference to prevent objtool from marking
36 * the function as needing to be "sealed" (i.e. ENDBR converted to NOP by
37 * apply_seal_endbr()).
38 */
39 #define IBT_NOSEAL(fname) \
40 ".pushsection .discard.ibt_endbr_noseal\n\t" \
41 _ASM_PTR fname "\n\t" \
42 ".popsection\n\t"
43
44 static inline __attribute_const__ u32 gen_endbr(void)
45 {
46 u32 endbr;
47
48 /*
49 * Generate ENDBR64 in a way that is sure to not result in
50 * an ENDBR64 instruction as immediate.
51 */
52 asm ( "mov $~0xfa1e0ff3, %[endbr]\n\t"
53 "not %[endbr]\n\t"
54 : [endbr] "=&r" (endbr) );
55
56 return endbr;
57 }
58
59 static inline __attribute_const__ u32 gen_endbr_poison(void)
60 {
61 /*
62 * 4 byte NOP that isn't NOP4 (in fact it is OSP NOP3), such that it
63 * will be unique to (former) ENDBR sites.
64 */
65 return 0x001f0f66; /* osp nopl (%rax) */
66 }
67
68 static inline bool is_endbr(u32 val)
69 {
70 if (val == gen_endbr_poison())
71 return true;
72
73 val &= ~0x01000000U; /* ENDBR32 -> ENDBR64 */
74 return val == gen_endbr();
75 }
76
77 extern __noendbr u64 ibt_save(bool disable);
78 extern __noendbr void ibt_restore(u64 save);
79
80 #else /* __ASSEMBLY__ */
81
82 #ifdef CONFIG_X86_64
83 #define ENDBR endbr64
84 #else
85 #define ENDBR endbr32
86 #endif
87
88 #endif /* __ASSEMBLY__ */
89
90 #else /* !IBT */
91
92 #define HAS_KERNEL_IBT 0
93
94 #ifndef __ASSEMBLY__
95
96 #define ASM_ENDBR
97 #define IBT_NOSEAL(name)
98
99 #define __noendbr
100
101 static inline bool is_endbr(u32 val) { return false; }
102
103 static inline u64 ibt_save(bool disable) { return 0; }
104 static inline void ibt_restore(u64 save) { }
105
106 #else /* __ASSEMBLY__ */
107
108 #define ENDBR
109
110 #endif /* __ASSEMBLY__ */
111
112 #endif /* CONFIG_X86_KERNEL_IBT */
113
114 #define ENDBR_INSN_SIZE (4*HAS_KERNEL_IBT)
115
116 #endif /* _ASM_X86_IBT_H */
117
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.