1/* SPDX-License-Identifier: GPL-2.0 */
2#ifndef _LINUX_OBJTOOL_H
3#define _LINUX_OBJTOOL_H
4
5#include <linux/objtool_types.h>
6
7#ifdef CONFIG_OBJTOOL
8
9#include <asm/asm.h>
10
11#ifndef __ASSEMBLY__
12
13#define UNWIND_HINT(type, sp_reg, sp_offset, signal) \
14 "987: \n\t" \
15 ".pushsection .discard.unwind_hints\n\t" \
16 /* struct unwind_hint */ \
17 ".long 987b - .\n\t" \
18 ".short " __stringify(sp_offset) "\n\t" \
19 ".byte " __stringify(sp_reg) "\n\t" \
20 ".byte " __stringify(type) "\n\t" \
21 ".byte " __stringify(signal) "\n\t" \
22 ".balign 4 \n\t" \
23 ".popsection\n\t"
24
25/*
26 * This macro marks the given function's stack frame as "non-standard", which
27 * tells objtool to ignore the function when doing stack metadata validation.
28 * It should only be used in special cases where you're 100% sure it won't
29 * affect the reliability of frame pointers and kernel stack traces.
30 *
31 * For more information, see tools/objtool/Documentation/objtool.txt.
32 */
33#define STACK_FRAME_NON_STANDARD(func) \
34 static void __used __section(".discard.func_stack_frame_non_standard") \
35 *__func_stack_frame_non_standard_##func = func
36
37/*
38 * STACK_FRAME_NON_STANDARD_FP() is a frame-pointer-specific function ignore
39 * for the case where a function is intentionally missing frame pointer setup,
40 * but otherwise needs objtool/ORC coverage when frame pointers are disabled.
41 */
42#ifdef CONFIG_FRAME_POINTER
43#define STACK_FRAME_NON_STANDARD_FP(func) STACK_FRAME_NON_STANDARD(func)
44#else
45#define STACK_FRAME_NON_STANDARD_FP(func)
46#endif
47
48#define ASM_REACHABLE \
49 "998:\n\t" \
50 ".pushsection .discard.reachable\n\t" \
51 ".long 998b\n\t" \
52 ".popsection\n\t"
53
54#define __ASM_BREF(label) label ## b
55
56#define __ASM_ANNOTATE(label, type) \
57 ".pushsection .discard.annotate_insn,\"M\",@progbits,8\n\t" \
58 ".long " __stringify(label) " - .\n\t" \
59 ".long " __stringify(type) "\n\t" \
60 ".popsection\n\t"
61
62#define ASM_ANNOTATE(type) \
63 "911:\n\t" \
64 __ASM_ANNOTATE(911b, type)
65
66#else /* __ASSEMBLY__ */
67
68/*
69 * In asm, there are two kinds of code: normal C-type callable functions and
70 * the rest. The normal callable functions can be called by other code, and
71 * don't do anything unusual with the stack. Such normal callable functions
72 * are annotated with SYM_FUNC_{START,END}. Most asm code falls in this
73 * category. In this case, no special debugging annotations are needed because
74 * objtool can automatically generate the ORC data for the ORC unwinder to read
75 * at runtime.
76 *
77 * Anything which doesn't fall into the above category, such as syscall and
78 * interrupt handlers, tends to not be called directly by other functions, and
79 * often does unusual non-C-function-type things with the stack pointer. Such
80 * code needs to be annotated such that objtool can understand it. The
81 * following CFI hint macros are for this type of code.
82 *
83 * These macros provide hints to objtool about the state of the stack at each
84 * instruction. Objtool starts from the hints and follows the code flow,
85 * making automatic CFI adjustments when it sees pushes and pops, filling out
86 * the debuginfo as necessary. It will also warn if it sees any
87 * inconsistencies.
88 */
89.macro UNWIND_HINT type:req sp_reg=0 sp_offset=0 signal=0
90.Lhere_\@:
91 .pushsection .discard.unwind_hints
92 /* struct unwind_hint */
93 .long .Lhere_\@ - .
94 .short \sp_offset
95 .byte \sp_reg
96 .byte \type
97 .byte \signal
98 .balign 4
99 .popsection
100.endm
101
102.macro STACK_FRAME_NON_STANDARD func:req
103 .pushsection .discard.func_stack_frame_non_standard, "aw"
104 .long \func - .
105 .popsection
106.endm
107
108.macro STACK_FRAME_NON_STANDARD_FP func:req
109#ifdef CONFIG_FRAME_POINTER
110 STACK_FRAME_NON_STANDARD \func
111#endif
112.endm
113
114.macro ANNOTATE type:req
115.Lhere_\@:
116 .pushsection .discard.annotate_insn,"M",@progbits,8
117 .long .Lhere_\@ - .
118 .long \type
119 .popsection
120.endm
121
122#endif /* __ASSEMBLY__ */
123
124#else /* !CONFIG_OBJTOOL */
125
126#ifndef __ASSEMBLY__
127
128#define UNWIND_HINT(type, sp_reg, sp_offset, signal) "\n\t"
129#define STACK_FRAME_NON_STANDARD(func)
130#define STACK_FRAME_NON_STANDARD_FP(func)
131#define __ASM_ANNOTATE(label, type) ""
132#define ASM_ANNOTATE(type)
133#else
134.macro UNWIND_HINT type:req sp_reg=0 sp_offset=0 signal=0
135.endm
136.macro STACK_FRAME_NON_STANDARD func:req
137.endm
138.macro ANNOTATE type:req
139.endm
140#endif
141
142#endif /* CONFIG_OBJTOOL */
143
144#ifndef __ASSEMBLY__
145/*
146 * Annotate away the various 'relocation to !ENDBR` complaints; knowing that
147 * these relocations will never be used for indirect calls.
148 */
149#define ANNOTATE_NOENDBR ASM_ANNOTATE(ANNOTYPE_NOENDBR)
150#define ANNOTATE_NOENDBR_SYM(sym) asm(__ASM_ANNOTATE(sym, ANNOTYPE_NOENDBR))
151
152/*
153 * This should be used immediately before an indirect jump/call. It tells
154 * objtool the subsequent indirect jump/call is vouched safe for retpoline
155 * builds.
156 */
157#define ANNOTATE_RETPOLINE_SAFE ASM_ANNOTATE(ANNOTYPE_RETPOLINE_SAFE)
158/*
159 * See linux/instrumentation.h
160 */
161#define ANNOTATE_INSTR_BEGIN(label) __ASM_ANNOTATE(label, ANNOTYPE_INSTR_BEGIN)
162#define ANNOTATE_INSTR_END(label) __ASM_ANNOTATE(label, ANNOTYPE_INSTR_END)
163/*
164 * objtool annotation to ignore the alternatives and only consider the original
165 * instruction(s).
166 */
167#define ANNOTATE_IGNORE_ALTERNATIVE ASM_ANNOTATE(ANNOTYPE_IGNORE_ALTS)
168/*
169 * This macro indicates that the following intra-function call is valid.
170 * Any non-annotated intra-function call will cause objtool to issue a warning.
171 */
172#define ANNOTATE_INTRA_FUNCTION_CALL ASM_ANNOTATE(ANNOTYPE_INTRA_FUNCTION_CALL)
173/*
174 * Use objtool to validate the entry requirement that all code paths do
175 * VALIDATE_UNRET_END before RET.
176 *
177 * NOTE: The macro must be used at the beginning of a global symbol, otherwise
178 * it will be ignored.
179 */
180#define ANNOTATE_UNRET_BEGIN ASM_ANNOTATE(ANNOTYPE_UNRET_BEGIN)
181/*
182 * This should be used to refer to an instruction that is considered
183 * terminating, like a noreturn CALL or UD2 when we know they are not -- eg
184 * WARN using UD2.
185 */
186#define ANNOTATE_REACHABLE(label) __ASM_ANNOTATE(label, ANNOTYPE_REACHABLE)
187/*
188 * This should not be used; it annotates away CFI violations. There are a few
189 * valid use cases like kexec handover to the next kernel image, and there is
190 * no security concern there.
191 *
192 * There are also a few real issues annotated away, like EFI because we can't
193 * control the EFI code.
194 */
195#define ANNOTATE_NOCFI_SYM(sym) asm(__ASM_ANNOTATE(sym, ANNOTYPE_NOCFI))
196
197#else
198#define ANNOTATE_NOENDBR ANNOTATE type=ANNOTYPE_NOENDBR
199#define ANNOTATE_RETPOLINE_SAFE ANNOTATE type=ANNOTYPE_RETPOLINE_SAFE
200/* ANNOTATE_INSTR_BEGIN ANNOTATE type=ANNOTYPE_INSTR_BEGIN */
201/* ANNOTATE_INSTR_END ANNOTATE type=ANNOTYPE_INSTR_END */
202#define ANNOTATE_IGNORE_ALTERNATIVE ANNOTATE type=ANNOTYPE_IGNORE_ALTS
203#define ANNOTATE_INTRA_FUNCTION_CALL ANNOTATE type=ANNOTYPE_INTRA_FUNCTION_CALL
204#define ANNOTATE_UNRET_BEGIN ANNOTATE type=ANNOTYPE_UNRET_BEGIN
205#define ANNOTATE_REACHABLE ANNOTATE type=ANNOTYPE_REACHABLE
206#define ANNOTATE_NOCFI_SYM ANNOTATE type=ANNOTYPE_NOCFI
207#endif
208
209#if defined(CONFIG_NOINSTR_VALIDATION) && \
210 (defined(CONFIG_MITIGATION_UNRET_ENTRY) || defined(CONFIG_MITIGATION_SRSO))
211#define VALIDATE_UNRET_BEGIN ANNOTATE_UNRET_BEGIN
212#else
213#define VALIDATE_UNRET_BEGIN
214#endif
215
216#endif /* _LINUX_OBJTOOL_H */
217