arch/powerpc/lib/code-patching.c

   1 /*
   2  *  Copyright 2008 Michael Ellerman, IBM Corporation.
   3  *
   4  *  This program is free software; you can redistribute it and/or
   5  *  modify it under the terms of the GNU General Public License
   6  *  as published by the Free Software Foundation; either version
   7  *  2 of the License, or (at your option) any later version.
   8  */
   9
  10 #include <linux/kernel.h>
  11 #include <linux/kprobes.h>
  12 #include <linux/vmalloc.h>
  13 #include <linux/init.h>
  14 #include <linux/mm.h>
  15 #include <linux/cpuhotplug.h>
  16 #include <linux/slab.h>
  17 #include <linux/uaccess.h>
  18 #include <linux/kprobes.h>
  19
  20 #include <asm/pgtable.h>
  21 #include <asm/tlbflush.h>
  22 #include <asm/page.h>
  23 #include <asm/code-patching.h>
  24 #include <asm/setup.h>
  25
  26 static int __patch_instruction(unsigned int *exec_addr, unsigned int instr,
  27                                unsigned int *patch_addr)
  28 {
  29         int err;
  30
  31         __put_user_size(instr, patch_addr, 4, err);
  32         if (err)
  33                 return err;
  34
  35         asm ("dcbst 0, %0; sync; icbi 0,%1; sync; isync" :: "r" (patch_addr),
  36                                                             "r" (exec_addr));
  37
  38         return 0;
  39 }
  40
  41 int raw_patch_instruction(unsigned int *addr, unsigned int instr)
  42 {
  43         return __patch_instruction(addr, instr, addr);
  44 }
  45
  46 #ifdef CONFIG_STRICT_KERNEL_RWX
  47 static DEFINE_PER_CPU(struct vm_struct *, text_poke_area);
  48
  49 static int text_area_cpu_up(unsigned int cpu)
  50 {
  51         struct vm_struct *area;
  52
  53         area = get_vm_area(PAGE_SIZE, VM_ALLOC);
  54         if (!area) {
  55                 WARN_ONCE(1, "Failed to create text area for cpu %d\n",
  56                         cpu);
  57                 return -1;
  58         }
  59         this_cpu_write(text_poke_area, area);
  60
  61         return 0;
  62 }
  63
  64 static int text_area_cpu_down(unsigned int cpu)
  65 {
  66         free_vm_area(this_cpu_read(text_poke_area));
  67         return 0;
  68 }
  69
  70 /*
  71  * Run as a late init call. This allows all the boot time patching to be done
  72  * simply by patching the code, and then we're called here prior to
  73  * mark_rodata_ro(), which happens after all init calls are run. Although
  74  * BUG_ON() is rude, in this case it should only happen if ENOMEM, and we judge
  75  * it as being preferable to a kernel that will crash later when someone tries
  76  * to use patch_instruction().
  77  */
  78 static int __init setup_text_poke_area(void)
  79 {
  80         BUG_ON(!cpuhp_setup_state(CPUHP_AP_ONLINE_DYN,
  81                 "powerpc/text_poke:online", text_area_cpu_up,
  82                 text_area_cpu_down));
  83
  84         return 0;
  85 }
  86 late_initcall(setup_text_poke_area);
  87
  88 /*
  89  * This can be called for kernel text or a module.
  90  */
  91 static int map_patch_area(void *addr, unsigned long text_poke_addr)
  92 {
  93         unsigned long pfn;
  94         int err;
  95
  96         if (is_vmalloc_addr(addr))
  97                 pfn = vmalloc_to_pfn(addr);
  98         else
  99                 pfn = __pa_symbol(addr) >> PAGE_SHIFT;
 100
 101         err = map_kernel_page(text_poke_addr, (pfn << PAGE_SHIFT),
 102                                 pgprot_val(PAGE_KERNEL));
 103
 104         pr_devel("Mapped addr %lx with pfn %lx:%d\n", text_poke_addr, pfn, err);
 105         if (err)
 106                 return -1;
 107
 108         return 0;
 109 }
 110
 111 static inline int unmap_patch_area(unsigned long addr)
 112 {
 113         pte_t *ptep;
 114         pmd_t *pmdp;
 115         pud_t *pudp;
 116         pgd_t *pgdp;
 117
 118         pgdp = pgd_offset_k(addr);
 119         if (unlikely(!pgdp))
 120                 return -EINVAL;
 121
 122         pudp = pud_offset(pgdp, addr);
 123         if (unlikely(!pudp))
 124                 return -EINVAL;
 125
 126         pmdp = pmd_offset(pudp, addr);
 127         if (unlikely(!pmdp))
 128                 return -EINVAL;
 129
 130         ptep = pte_offset_kernel(pmdp, addr);
 131         if (unlikely(!ptep))
 132                 return -EINVAL;
 133
 134         pr_devel("clearing mm %p, pte %p, addr %lx\n", &init_mm, ptep, addr);
 135
 136         /*
 137          * In hash, pte_clear flushes the tlb, in radix, we have to
 138          */
 139         pte_clear(&init_mm, addr, ptep);
 140         flush_tlb_kernel_range(addr, addr + PAGE_SIZE);
 141
 142         return 0;
 143 }
 144
 145 int patch_instruction(unsigned int *addr, unsigned int instr)
 146 {
 147         int err;
 148         unsigned int *patch_addr = NULL;
 149         unsigned long flags;
 150         unsigned long text_poke_addr;
 151         unsigned long kaddr = (unsigned long)addr;
 152
 153         /*
 154          * During early early boot patch_instruction is called
 155          * when text_poke_area is not ready, but we still need
 156          * to allow patching. We just do the plain old patching
 157          */
 158         if (!this_cpu_read(text_poke_area))
 159                 return raw_patch_instruction(addr, instr);
 160
 161         local_irq_save(flags);
 162
 163         text_poke_addr = (unsigned long)__this_cpu_read(text_poke_area)->addr;
 164         if (map_patch_area(addr, text_poke_addr)) {
 165                 err = -1;
 166                 goto out;
 167         }
 168
 169         patch_addr = (unsigned int *)(text_poke_addr) +
 170                         ((kaddr & ~PAGE_MASK) / sizeof(unsigned int));
 171
 172         __patch_instruction(addr, instr, patch_addr);
 173
 174         err = unmap_patch_area(text_poke_addr);
 175         if (err)
 176                 pr_warn("failed to unmap %lx\n", text_poke_addr);
 177
 178 out:
 179         local_irq_restore(flags);
 180
 181         return err;
 182 }
 183 #else /* !CONFIG_STRICT_KERNEL_RWX */
 184
 185 int patch_instruction(unsigned int *addr, unsigned int instr)
 186 {
 187         return raw_patch_instruction(addr, instr);
 188 }
 189
 190 #endif /* CONFIG_STRICT_KERNEL_RWX */
 191 NOKPROBE_SYMBOL(patch_instruction);
 192
 193 int patch_branch(unsigned int *addr, unsigned long target, int flags)
 194 {
 195         return patch_instruction(addr, create_branch(addr, target, flags));
 196 }
 197
 198 bool is_offset_in_branch_range(long offset)
 199 {
 200         /*
 201          * Powerpc branch instruction is :
 202          *
 203          *  0         6                 30   31
 204          *  +---------+----------------+---+---+
 205          *  | opcode  |     LI         |AA |LK |
 206          *  +---------+----------------+---+---+
 207          *  Where AA = 0 and LK = 0
 208          *
 209          * LI is a signed 24 bits integer. The real branch offset is computed
 210          * by: imm32 = SignExtend(LI:'0b00', 32);
 211          *
 212          * So the maximum forward branch should be:
 213          *   (0x007fffff << 2) = 0x01fffffc =  0x1fffffc
 214          * The maximum backward branch should be:
 215          *   (0xff800000 << 2) = 0xfe000000 = -0x2000000
 216          */
 217         return (offset >= -0x2000000 && offset <= 0x1fffffc && !(offset & 0x3));
 218 }
 219
 220 /*
 221  * Helper to check if a given instruction is a conditional branch
 222  * Derived from the conditional checks in analyse_instr()
 223  */
 224 bool is_conditional_branch(unsigned int instr)
 225 {
 226         unsigned int opcode = instr >> 26;
 227
 228         if (opcode == 16)       /* bc, bca, bcl, bcla */
 229                 return true;
 230         if (opcode == 19) {
 231                 switch ((instr >> 1) & 0x3ff) {
 232                 case 16:        /* bclr, bclrl */
 233                 case 528:       /* bcctr, bcctrl */
 234                 case 560:       /* bctar, bctarl */
 235                         return true;
 236                 }
 237         }
 238         return false;
 239 }
 240 NOKPROBE_SYMBOL(is_conditional_branch);
 241
 242 unsigned int create_branch(const unsigned int *addr,
 243                            unsigned long target, int flags)
 244 {
 245         unsigned int instruction;
 246         long offset;
 247
 248         offset = target;
 249         if (! (flags & BRANCH_ABSOLUTE))
 250                 offset = offset - (unsigned long)addr;
 251
 252         /* Check we can represent the target in the instruction format */
 253         if (!is_offset_in_branch_range(offset))
 254                 return 0;
 255
 256         /* Mask out the flags and target, so they don't step on each other. */
 257         instruction = 0x48000000 | (flags & 0x3) | (offset & 0x03FFFFFC);
 258
 259         return instruction;
 260 }
 261
 262 unsigned int create_cond_branch(const unsigned int *addr,
 263                                 unsigned long target, int flags)
 264 {
 265         unsigned int instruction;
 266         long offset;
 267
 268         offset = target;
 269         if (! (flags & BRANCH_ABSOLUTE))
 270                 offset = offset - (unsigned long)addr;
 271
 272         /* Check we can represent the target in the instruction format */
 273         if (offset < -0x8000 || offset > 0x7FFF || offset & 0x3)
 274                 return 0;
 275
 276         /* Mask out the flags and target, so they don't step on each other. */
 277         instruction = 0x40000000 | (flags & 0x3FF0003) | (offset & 0xFFFC);
 278
 279         return instruction;
 280 }
 281
 282 static unsigned int branch_opcode(unsigned int instr)
 283 {
 284         return (instr >> 26) & 0x3F;
 285 }
 286
 287 static int instr_is_branch_iform(unsigned int instr)
 288 {
 289         return branch_opcode(instr) == 18;
 290 }
 291
 292 static int instr_is_branch_bform(unsigned int instr)
 293 {
 294         return branch_opcode(instr) == 16;
 295 }
 296
 297 int instr_is_relative_branch(unsigned int instr)
 298 {
 299         if (instr & BRANCH_ABSOLUTE)
 300                 return 0;
 301
 302         return instr_is_branch_iform(instr) || instr_is_branch_bform(instr);
 303 }
 304
 305 int instr_is_relative_link_branch(unsigned int instr)
 306 {
 307         return instr_is_relative_branch(instr) && (instr & BRANCH_SET_LINK);
 308 }
 309
 310 static unsigned long branch_iform_target(const unsigned int *instr)
 311 {
 312         signed long imm;
 313
 314         imm = *instr & 0x3FFFFFC;
 315
 316         /* If the top bit of the immediate value is set this is negative */
 317         if (imm & 0x2000000)
 318                 imm -= 0x4000000;
 319
 320         if ((*instr & BRANCH_ABSOLUTE) == 0)
 321                 imm += (unsigned long)instr;
 322
 323         return (unsigned long)imm;
 324 }
 325
 326 static unsigned long branch_bform_target(const unsigned int *instr)
 327 {
 328         signed long imm;
 329
 330         imm = *instr & 0xFFFC;
 331
 332         /* If the top bit of the immediate value is set this is negative */
 333         if (imm & 0x8000)
 334                 imm -= 0x10000;
 335
 336         if ((*instr & BRANCH_ABSOLUTE) == 0)
 337                 imm += (unsigned long)instr;
 338
 339         return (unsigned long)imm;
 340 }
 341
 342 unsigned long branch_target(const unsigned int *instr)
 343 {
 344         if (instr_is_branch_iform(*instr))
 345                 return branch_iform_target(instr);
 346         else if (instr_is_branch_bform(*instr))
 347                 return branch_bform_target(instr);
 348
 349         return 0;
 350 }
 351
 352 int instr_is_branch_to_addr(const unsigned int *instr, unsigned long addr)
 353 {
 354         if (instr_is_branch_iform(*instr) || instr_is_branch_bform(*instr))
 355                 return branch_target(instr) == addr;
 356
 357         return 0;
 358 }
 359
 360 unsigned int translate_branch(const unsigned int *dest, const unsigned int *src)
 361 {
 362         unsigned long target;
 363
 364         target = branch_target(src);
 365
 366         if (instr_is_branch_iform(*src))
 367                 return create_branch(dest, target, *src);
 368         else if (instr_is_branch_bform(*src))
 369                 return create_cond_branch(dest, target, *src);
 370
 371         return 0;
 372 }
 373
 374 #ifdef CONFIG_PPC_BOOK3E_64
 375 void __patch_exception(int exc, unsigned long addr)
 376 {
 377         extern unsigned int interrupt_base_book3e;
 378         unsigned int *ibase = &interrupt_base_book3e;
 379
 380         /* Our exceptions vectors start with a NOP and -then- a branch
 381          * to deal with single stepping from userspace which stops on
 382          * the second instruction. Thus we need to patch the second
 383          * instruction of the exception, not the first one
 384          */
 385
 386         patch_branch(ibase + (exc / 4) + 1, addr, 0);
 387 }
 388 #endif
 389
 390 #ifdef CONFIG_CODE_PATCHING_SELFTEST
 391
 392 static void __init test_trampoline(void)
 393 {
 394         asm ("nop;\n");
 395 }
 396
 397 #define check(x)        \
 398         if (!(x)) printk("code-patching: test failed at line %d\n", __LINE__);
 399
 400 static void __init test_branch_iform(void)
 401 {
 402         unsigned int instr;
 403         unsigned long addr;
 404
 405         addr = (unsigned long)&instr;
 406
 407         /* The simplest case, branch to self, no flags */
 408         check(instr_is_branch_iform(0x48000000));
 409         /* All bits of target set, and flags */
 410         check(instr_is_branch_iform(0x4bffffff));
 411         /* High bit of opcode set, which is wrong */
 412         check(!instr_is_branch_iform(0xcbffffff));
 413         /* Middle bits of opcode set, which is wrong */
 414         check(!instr_is_branch_iform(0x7bffffff));
 415
 416         /* Simplest case, branch to self with link */
 417         check(instr_is_branch_iform(0x48000001));
 418         /* All bits of targets set */
 419         check(instr_is_branch_iform(0x4bfffffd));
 420         /* Some bits of targets set */
 421         check(instr_is_branch_iform(0x4bff00fd));
 422         /* Must be a valid branch to start with */
 423         check(!instr_is_branch_iform(0x7bfffffd));
 424
 425         /* Absolute branch to 0x100 */
 426         instr = 0x48000103;
 427         check(instr_is_branch_to_addr(&instr, 0x100));
 428         /* Absolute branch to 0x420fc */
 429         instr = 0x480420ff;
 430         check(instr_is_branch_to_addr(&instr, 0x420fc));
 431         /* Maximum positive relative branch, + 20MB - 4B */
 432         instr = 0x49fffffc;
 433         check(instr_is_branch_to_addr(&instr, addr + 0x1FFFFFC));
 434         /* Smallest negative relative branch, - 4B */
 435         instr = 0x4bfffffc;
 436         check(instr_is_branch_to_addr(&instr, addr - 4));
 437         /* Largest negative relative branch, - 32 MB */
 438         instr = 0x4a000000;
 439         check(instr_is_branch_to_addr(&instr, addr - 0x2000000));
 440
 441         /* Branch to self, with link */
 442         instr = create_branch(&instr, addr, BRANCH_SET_LINK);
 443         check(instr_is_branch_to_addr(&instr, addr));
 444
 445         /* Branch to self - 0x100, with link */
 446         instr = create_branch(&instr, addr - 0x100, BRANCH_SET_LINK);
 447         check(instr_is_branch_to_addr(&instr, addr - 0x100));
 448
 449         /* Branch to self + 0x100, no link */
 450         instr = create_branch(&instr, addr + 0x100, 0);
 451         check(instr_is_branch_to_addr(&instr, addr + 0x100));
 452
 453         /* Maximum relative negative offset, - 32 MB */
 454         instr = create_branch(&instr, addr - 0x2000000, BRANCH_SET_LINK);
 455         check(instr_is_branch_to_addr(&instr, addr - 0x2000000));
 456
 457         /* Out of range relative negative offset, - 32 MB + 4*/
 458         instr = create_branch(&instr, addr - 0x2000004, BRANCH_SET_LINK);
 459         check(instr == 0);
 460
 461         /* Out of range relative positive offset, + 32 MB */
 462         instr = create_branch(&instr, addr + 0x2000000, BRANCH_SET_LINK);
 463         check(instr == 0);
 464
 465         /* Unaligned target */
 466         instr = create_branch(&instr, addr + 3, BRANCH_SET_LINK);
 467         check(instr == 0);
 468
 469         /* Check flags are masked correctly */
 470         instr = create_branch(&instr, addr, 0xFFFFFFFC);
 471         check(instr_is_branch_to_addr(&instr, addr));
 472         check(instr == 0x48000000);
 473 }
 474
 475 static void __init test_create_function_call(void)
 476 {
 477         unsigned int *iptr;
 478         unsigned long dest;
 479
 480         /* Check we can create a function call */
 481         iptr = (unsigned int *)ppc_function_entry(test_trampoline);
 482         dest = ppc_function_entry(test_create_function_call);
 483         patch_instruction(iptr, create_branch(iptr, dest, BRANCH_SET_LINK));
 484         check(instr_is_branch_to_addr(iptr, dest));
 485 }
 486
 487 static void __init test_branch_bform(void)
 488 {
 489         unsigned long addr;
 490         unsigned int *iptr, instr, flags;
 491
 492         iptr = &instr;
 493         addr = (unsigned long)iptr;
 494
 495         /* The simplest case, branch to self, no flags */
 496         check(instr_is_branch_bform(0x40000000));
 497         /* All bits of target set, and flags */
 498         check(instr_is_branch_bform(0x43ffffff));
 499         /* High bit of opcode set, which is wrong */
 500         check(!instr_is_branch_bform(0xc3ffffff));
 501         /* Middle bits of opcode set, which is wrong */
 502         check(!instr_is_branch_bform(0x7bffffff));
 503
 504         /* Absolute conditional branch to 0x100 */
 505         instr = 0x43ff0103;
 506         check(instr_is_branch_to_addr(&instr, 0x100));
 507         /* Absolute conditional branch to 0x20fc */
 508         instr = 0x43ff20ff;
 509         check(instr_is_branch_to_addr(&instr, 0x20fc));
 510         /* Maximum positive relative conditional branch, + 32 KB - 4B */
 511         instr = 0x43ff7ffc;
 512         check(instr_is_branch_to_addr(&instr, addr + 0x7FFC));
 513         /* Smallest negative relative conditional branch, - 4B */
 514         instr = 0x43fffffc;
 515         check(instr_is_branch_to_addr(&instr, addr - 4));
 516         /* Largest negative relative conditional branch, - 32 KB */
 517         instr = 0x43ff8000;
 518         check(instr_is_branch_to_addr(&instr, addr - 0x8000));
 519
 520         /* All condition code bits set & link */
 521         flags = 0x3ff000 | BRANCH_SET_LINK;
 522
 523         /* Branch to self */
 524         instr = create_cond_branch(iptr, addr, flags);
 525         check(instr_is_branch_to_addr(&instr, addr));
 526
 527         /* Branch to self - 0x100 */
 528         instr = create_cond_branch(iptr, addr - 0x100, flags);
 529         check(instr_is_branch_to_addr(&instr, addr - 0x100));
 530
 531         /* Branch to self + 0x100 */
 532         instr = create_cond_branch(iptr, addr + 0x100, flags);
 533         check(instr_is_branch_to_addr(&instr, addr + 0x100));
 534
 535         /* Maximum relative negative offset, - 32 KB */
 536         instr = create_cond_branch(iptr, addr - 0x8000, flags);
 537         check(instr_is_branch_to_addr(&instr, addr - 0x8000));
 538
 539         /* Out of range relative negative offset, - 32 KB + 4*/
 540         instr = create_cond_branch(iptr, addr - 0x8004, flags);
 541         check(instr == 0);
 542
 543         /* Out of range relative positive offset, + 32 KB */
 544         instr = create_cond_branch(iptr, addr + 0x8000, flags);
 545         check(instr == 0);
 546
 547         /* Unaligned target */
 548         instr = create_cond_branch(iptr, addr + 3, flags);
 549         check(instr == 0);
 550
 551         /* Check flags are masked correctly */
 552         instr = create_cond_branch(iptr, addr, 0xFFFFFFFC);
 553         check(instr_is_branch_to_addr(&instr, addr));
 554         check(instr == 0x43FF0000);
 555 }
 556
 557 static void __init test_translate_branch(void)
 558 {
 559         unsigned long addr;
 560         unsigned int *p, *q;
 561         void *buf;
 562
 563         buf = vmalloc(PAGE_ALIGN(0x2000000 + 1));
 564         check(buf);
 565         if (!buf)
 566                 return;
 567
 568         /* Simple case, branch to self moved a little */
 569         p = buf;
 570         addr = (unsigned long)p;
 571         patch_branch(p, addr, 0);
 572         check(instr_is_branch_to_addr(p, addr));
 573         q = p + 1;
 574         patch_instruction(q, translate_branch(q, p));
 575         check(instr_is_branch_to_addr(q, addr));
 576
 577         /* Maximum negative case, move b . to addr + 32 MB */
 578         p = buf;
 579         addr = (unsigned long)p;
 580         patch_branch(p, addr, 0);
 581         q = buf + 0x2000000;
 582         patch_instruction(q, translate_branch(q, p));
 583         check(instr_is_branch_to_addr(p, addr));
 584         check(instr_is_branch_to_addr(q, addr));
 585         check(*q == 0x4a000000);
 586
 587         /* Maximum positive case, move x to x - 32 MB + 4 */
 588         p = buf + 0x2000000;
 589         addr = (unsigned long)p;
 590         patch_branch(p, addr, 0);
 591         q = buf + 4;
 592         patch_instruction(q, translate_branch(q, p));
 593         check(instr_is_branch_to_addr(p, addr));
 594         check(instr_is_branch_to_addr(q, addr));
 595         check(*q == 0x49fffffc);
 596
 597         /* Jump to x + 16 MB moved to x + 20 MB */
 598         p = buf;
 599         addr = 0x1000000 + (unsigned long)buf;
 600         patch_branch(p, addr, BRANCH_SET_LINK);
 601         q = buf + 0x1400000;
 602         patch_instruction(q, translate_branch(q, p));
 603         check(instr_is_branch_to_addr(p, addr));
 604         check(instr_is_branch_to_addr(q, addr));
 605
 606         /* Jump to x + 16 MB moved to x - 16 MB + 4 */
 607         p = buf + 0x1000000;
 608         addr = 0x2000000 + (unsigned long)buf;
 609         patch_branch(p, addr, 0);
 610         q = buf + 4;
 611         patch_instruction(q, translate_branch(q, p));
 612         check(instr_is_branch_to_addr(p, addr));
 613         check(instr_is_branch_to_addr(q, addr));
 614
 615
 616         /* Conditional branch tests */
 617
 618         /* Simple case, branch to self moved a little */
 619         p = buf;
 620         addr = (unsigned long)p;
 621         patch_instruction(p, create_cond_branch(p, addr, 0));
 622         check(instr_is_branch_to_addr(p, addr));
 623         q = p + 1;
 624         patch_instruction(q, translate_branch(q, p));
 625         check(instr_is_branch_to_addr(q, addr));
 626
 627         /* Maximum negative case, move b . to addr + 32 KB */
 628         p = buf;
 629         addr = (unsigned long)p;
 630         patch_instruction(p, create_cond_branch(p, addr, 0xFFFFFFFC));
 631         q = buf + 0x8000;
 632         patch_instruction(q, translate_branch(q, p));
 633         check(instr_is_branch_to_addr(p, addr));
 634         check(instr_is_branch_to_addr(q, addr));
 635         check(*q == 0x43ff8000);
 636
 637         /* Maximum positive case, move x to x - 32 KB + 4 */
 638         p = buf + 0x8000;
 639         addr = (unsigned long)p;
 640         patch_instruction(p, create_cond_branch(p, addr, 0xFFFFFFFC));
 641         q = buf + 4;
 642         patch_instruction(q, translate_branch(q, p));
 643         check(instr_is_branch_to_addr(p, addr));
 644         check(instr_is_branch_to_addr(q, addr));
 645         check(*q == 0x43ff7ffc);
 646
 647         /* Jump to x + 12 KB moved to x + 20 KB */
 648         p = buf;
 649         addr = 0x3000 + (unsigned long)buf;
 650         patch_instruction(p, create_cond_branch(p, addr, BRANCH_SET_LINK));
 651         q = buf + 0x5000;
 652         patch_instruction(q, translate_branch(q, p));
 653         check(instr_is_branch_to_addr(p, addr));
 654         check(instr_is_branch_to_addr(q, addr));
 655
 656         /* Jump to x + 8 KB moved to x - 8 KB + 4 */
 657         p = buf + 0x2000;
 658         addr = 0x4000 + (unsigned long)buf;
 659         patch_instruction(p, create_cond_branch(p, addr, 0));
 660         q = buf + 4;
 661         patch_instruction(q, translate_branch(q, p));
 662         check(instr_is_branch_to_addr(p, addr));
 663         check(instr_is_branch_to_addr(q, addr));
 664
 665         /* Free the buffer we were using */
 666         vfree(buf);
 667 }
 668
 669 static int __init test_code_patching(void)
 670 {
 671         printk(KERN_DEBUG "Running code patching self-tests ...\n");
 672
 673         test_branch_iform();
 674         test_branch_bform();
 675         test_create_function_call();
 676         test_translate_branch();
 677
 678         return 0;
 679 }
 680 late_initcall(test_code_patching);
 681
 682 #endif /* CONFIG_CODE_PATCHING_SELFTEST */