1d19e789fSIngo Molnar /* SPDX-License-Identifier: GPL-2.0 */ 2d19e789fSIngo Molnar #ifndef __LINUX_INSTRUMENTATION_H 3d19e789fSIngo Molnar #define __LINUX_INSTRUMENTATION_H 4d19e789fSIngo Molnar 50f620cefSJosh Poimboeuf #ifdef CONFIG_NOINSTR_VALIDATION 6d19e789fSIngo Molnar 7317f2a64SPeter Zijlstra #include <linux/objtool.h> 8c199f64fSVasily Gorbik #include <linux/stringify.h> 9c199f64fSVasily Gorbik 10d19e789fSIngo Molnar /* Begin/end of an instrumentation safe region */ 11c199f64fSVasily Gorbik #define __instrumentation_begin(c) ({ \ 12c199f64fSVasily Gorbik asm volatile(__stringify(c) ": nop\n\t" \ 13*bb817006SPeter Zijlstra ANNOTATE_INSTR_BEGIN(__ASM_BREF(c)) \ 14317f2a64SPeter Zijlstra : : "i" (c)); \ 15d19e789fSIngo Molnar }) 16c199f64fSVasily Gorbik #define instrumentation_begin() __instrumentation_begin(__COUNTER__) 17d19e789fSIngo Molnar 18d19e789fSIngo Molnar /* 19d19e789fSIngo Molnar * Because instrumentation_{begin,end}() can nest, objtool validation considers 20d19e789fSIngo Molnar * _begin() a +1 and _end() a -1 and computes a sum over the instructions. 21d19e789fSIngo Molnar * When the value is greater than 0, we consider instrumentation allowed. 22d19e789fSIngo Molnar * 23d19e789fSIngo Molnar * There is a problem with code like: 24d19e789fSIngo Molnar * 25d19e789fSIngo Molnar * noinstr void foo() 26d19e789fSIngo Molnar * { 27d19e789fSIngo Molnar * instrumentation_begin(); 28d19e789fSIngo Molnar * ... 29d19e789fSIngo Molnar * if (cond) { 30d19e789fSIngo Molnar * instrumentation_begin(); 31d19e789fSIngo Molnar * ... 32d19e789fSIngo Molnar * instrumentation_end(); 33d19e789fSIngo Molnar * } 34d19e789fSIngo Molnar * bar(); 35d19e789fSIngo Molnar * instrumentation_end(); 36d19e789fSIngo Molnar * } 37d19e789fSIngo Molnar * 38d19e789fSIngo Molnar * If instrumentation_end() would be an empty label, like all the other 39d19e789fSIngo Molnar * annotations, the inner _end(), which is at the end of a conditional block, 40d19e789fSIngo Molnar * would land on the instruction after the block. 41d19e789fSIngo Molnar * 42d19e789fSIngo Molnar * If we then consider the sum of the !cond path, we'll see that the call to 43d19e789fSIngo Molnar * bar() is with a 0-value, even though, we meant it to happen with a positive 44d19e789fSIngo Molnar * value. 45d19e789fSIngo Molnar * 46d19e789fSIngo Molnar * To avoid this, have _end() be a NOP instruction, this ensures it will be 47d19e789fSIngo Molnar * part of the condition block and does not escape. 48d19e789fSIngo Molnar */ 49c199f64fSVasily Gorbik #define __instrumentation_end(c) ({ \ 50c199f64fSVasily Gorbik asm volatile(__stringify(c) ": nop\n\t" \ 51*bb817006SPeter Zijlstra ANNOTATE_INSTR_END(__ASM_BREF(c)) \ 52317f2a64SPeter Zijlstra : : "i" (c)); \ 53d19e789fSIngo Molnar }) 54c199f64fSVasily Gorbik #define instrumentation_end() __instrumentation_end(__COUNTER__) 550f620cefSJosh Poimboeuf #else /* !CONFIG_NOINSTR_VALIDATION */ 56d19e789fSIngo Molnar # define instrumentation_begin() do { } while(0) 57d19e789fSIngo Molnar # define instrumentation_end() do { } while(0) 580f620cefSJosh Poimboeuf #endif /* CONFIG_NOINSTR_VALIDATION */ 59d19e789fSIngo Molnar 60d19e789fSIngo Molnar #endif /* __LINUX_INSTRUMENTATION_H */ 61