2 * Based on arch/arm/kernel/ptrace.c
5 * edited by Linus Torvalds
6 * ARM modifications Copyright (C) 2000 Russell King
7 * Copyright (C) 2012 ARM Ltd.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include <linux/audit.h>
23 #include <linux/compat.h>
24 #include <linux/kernel.h>
25 #include <linux/sched/signal.h>
26 #include <linux/sched/task_stack.h>
28 #include <linux/nospec.h>
29 #include <linux/smp.h>
30 #include <linux/ptrace.h>
31 #include <linux/user.h>
32 #include <linux/seccomp.h>
33 #include <linux/security.h>
34 #include <linux/init.h>
35 #include <linux/signal.h>
36 #include <linux/string.h>
37 #include <linux/uaccess.h>
38 #include <linux/perf_event.h>
39 #include <linux/hw_breakpoint.h>
40 #include <linux/regset.h>
41 #include <linux/tracehook.h>
42 #include <linux/elf.h>
44 #include <asm/compat.h>
45 #include <asm/cpufeature.h>
46 #include <asm/debug-monitors.h>
47 #include <asm/fpsimd.h>
48 #include <asm/pgtable.h>
49 #include <asm/stacktrace.h>
50 #include <asm/syscall.h>
51 #include <asm/traps.h>
52 #include <asm/system_misc.h>
54 #define CREATE_TRACE_POINTS
55 #include <trace/events/syscalls.h>
57 struct pt_regs_offset {
62 #define REG_OFFSET_NAME(r) {.name = #r, .offset = offsetof(struct pt_regs, r)}
63 #define REG_OFFSET_END {.name = NULL, .offset = 0}
64 #define GPR_OFFSET_NAME(r) \
65 {.name = "x" #r, .offset = offsetof(struct pt_regs, regs[r])}
67 static const struct pt_regs_offset regoffset_table[] = {
99 {.name = "lr", .offset = offsetof(struct pt_regs, regs[30])},
102 REG_OFFSET_NAME(pstate),
107 * regs_query_register_offset() - query register offset from its name
108 * @name: the name of a register
110 * regs_query_register_offset() returns the offset of a register in struct
111 * pt_regs from its name. If the name is invalid, this returns -EINVAL;
113 int regs_query_register_offset(const char *name)
115 const struct pt_regs_offset *roff;
117 for (roff = regoffset_table; roff->name != NULL; roff++)
118 if (!strcmp(roff->name, name))
124 * regs_within_kernel_stack() - check the address in the stack
125 * @regs: pt_regs which contains kernel stack pointer.
126 * @addr: address which is checked.
128 * regs_within_kernel_stack() checks @addr is within the kernel stack page(s).
129 * If @addr is within the kernel stack, it returns true. If not, returns false.
131 static bool regs_within_kernel_stack(struct pt_regs *regs, unsigned long addr)
133 return ((addr & ~(THREAD_SIZE - 1)) ==
134 (kernel_stack_pointer(regs) & ~(THREAD_SIZE - 1))) ||
135 on_irq_stack(addr, NULL);
139 * regs_get_kernel_stack_nth() - get Nth entry of the stack
140 * @regs: pt_regs which contains kernel stack pointer.
141 * @n: stack entry number.
143 * regs_get_kernel_stack_nth() returns @n th entry of the kernel stack which
144 * is specified by @regs. If the @n th entry is NOT in the kernel stack,
147 unsigned long regs_get_kernel_stack_nth(struct pt_regs *regs, unsigned int n)
149 unsigned long *addr = (unsigned long *)kernel_stack_pointer(regs);
152 if (regs_within_kernel_stack(regs, (unsigned long)addr))
159 * TODO: does not yet catch signals sent when the child dies.
160 * in exit.c or in signal.c.
164 * Called by kernel/ptrace.c when detaching..
166 void ptrace_disable(struct task_struct *child)
169 * This would be better off in core code, but PTRACE_DETACH has
170 * grown its fair share of arch-specific worts and changing it
171 * is likely to cause regressions on obscure architectures.
173 user_disable_single_step(child);
176 #ifdef CONFIG_HAVE_HW_BREAKPOINT
178 * Handle hitting a HW-breakpoint.
180 static void ptrace_hbptriggered(struct perf_event *bp,
181 struct perf_sample_data *data,
182 struct pt_regs *regs)
184 struct arch_hw_breakpoint *bkpt = counter_arch_bp(bp);
185 const char *desc = "Hardware breakpoint trap (ptrace)";
188 if (is_compat_task()) {
192 for (i = 0; i < ARM_MAX_BRP; ++i) {
193 if (current->thread.debug.hbp_break[i] == bp) {
194 si_errno = (i << 1) + 1;
199 for (i = 0; i < ARM_MAX_WRP; ++i) {
200 if (current->thread.debug.hbp_watch[i] == bp) {
201 si_errno = -((i << 1) + 1);
205 arm64_force_sig_ptrace_errno_trap(si_errno,
206 (void __user *)bkpt->trigger,
210 arm64_force_sig_fault(SIGTRAP, TRAP_HWBKPT,
211 (void __user *)(bkpt->trigger),
216 * Unregister breakpoints from this task and reset the pointers in
219 void flush_ptrace_hw_breakpoint(struct task_struct *tsk)
222 struct thread_struct *t = &tsk->thread;
224 for (i = 0; i < ARM_MAX_BRP; i++) {
225 if (t->debug.hbp_break[i]) {
226 unregister_hw_breakpoint(t->debug.hbp_break[i]);
227 t->debug.hbp_break[i] = NULL;
231 for (i = 0; i < ARM_MAX_WRP; i++) {
232 if (t->debug.hbp_watch[i]) {
233 unregister_hw_breakpoint(t->debug.hbp_watch[i]);
234 t->debug.hbp_watch[i] = NULL;
239 void ptrace_hw_copy_thread(struct task_struct *tsk)
241 memset(&tsk->thread.debug, 0, sizeof(struct debug_info));
244 static struct perf_event *ptrace_hbp_get_event(unsigned int note_type,
245 struct task_struct *tsk,
248 struct perf_event *bp = ERR_PTR(-EINVAL);
251 case NT_ARM_HW_BREAK:
252 if (idx >= ARM_MAX_BRP)
254 idx = array_index_nospec(idx, ARM_MAX_BRP);
255 bp = tsk->thread.debug.hbp_break[idx];
257 case NT_ARM_HW_WATCH:
258 if (idx >= ARM_MAX_WRP)
260 idx = array_index_nospec(idx, ARM_MAX_WRP);
261 bp = tsk->thread.debug.hbp_watch[idx];
269 static int ptrace_hbp_set_event(unsigned int note_type,
270 struct task_struct *tsk,
272 struct perf_event *bp)
277 case NT_ARM_HW_BREAK:
278 if (idx >= ARM_MAX_BRP)
280 idx = array_index_nospec(idx, ARM_MAX_BRP);
281 tsk->thread.debug.hbp_break[idx] = bp;
284 case NT_ARM_HW_WATCH:
285 if (idx >= ARM_MAX_WRP)
287 idx = array_index_nospec(idx, ARM_MAX_WRP);
288 tsk->thread.debug.hbp_watch[idx] = bp;
297 static struct perf_event *ptrace_hbp_create(unsigned int note_type,
298 struct task_struct *tsk,
301 struct perf_event *bp;
302 struct perf_event_attr attr;
306 case NT_ARM_HW_BREAK:
307 type = HW_BREAKPOINT_X;
309 case NT_ARM_HW_WATCH:
310 type = HW_BREAKPOINT_RW;
313 return ERR_PTR(-EINVAL);
316 ptrace_breakpoint_init(&attr);
319 * Initialise fields to sane defaults
320 * (i.e. values that will pass validation).
323 attr.bp_len = HW_BREAKPOINT_LEN_4;
327 bp = register_user_hw_breakpoint(&attr, ptrace_hbptriggered, NULL, tsk);
331 err = ptrace_hbp_set_event(note_type, tsk, idx, bp);
338 static int ptrace_hbp_fill_attr_ctrl(unsigned int note_type,
339 struct arch_hw_breakpoint_ctrl ctrl,
340 struct perf_event_attr *attr)
342 int err, len, type, offset, disabled = !ctrl.enabled;
344 attr->disabled = disabled;
348 err = arch_bp_generic_fields(ctrl, &len, &type, &offset);
353 case NT_ARM_HW_BREAK:
354 if ((type & HW_BREAKPOINT_X) != type)
357 case NT_ARM_HW_WATCH:
358 if ((type & HW_BREAKPOINT_RW) != type)
366 attr->bp_type = type;
367 attr->bp_addr += offset;
372 static int ptrace_hbp_get_resource_info(unsigned int note_type, u32 *info)
378 case NT_ARM_HW_BREAK:
379 num = hw_breakpoint_slots(TYPE_INST);
381 case NT_ARM_HW_WATCH:
382 num = hw_breakpoint_slots(TYPE_DATA);
388 reg |= debug_monitors_arch();
396 static int ptrace_hbp_get_ctrl(unsigned int note_type,
397 struct task_struct *tsk,
401 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
406 *ctrl = bp ? encode_ctrl_reg(counter_arch_bp(bp)->ctrl) : 0;
410 static int ptrace_hbp_get_addr(unsigned int note_type,
411 struct task_struct *tsk,
415 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
420 *addr = bp ? counter_arch_bp(bp)->address : 0;
424 static struct perf_event *ptrace_hbp_get_initialised_bp(unsigned int note_type,
425 struct task_struct *tsk,
428 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
431 bp = ptrace_hbp_create(note_type, tsk, idx);
436 static int ptrace_hbp_set_ctrl(unsigned int note_type,
437 struct task_struct *tsk,
442 struct perf_event *bp;
443 struct perf_event_attr attr;
444 struct arch_hw_breakpoint_ctrl ctrl;
446 bp = ptrace_hbp_get_initialised_bp(note_type, tsk, idx);
453 decode_ctrl_reg(uctrl, &ctrl);
454 err = ptrace_hbp_fill_attr_ctrl(note_type, ctrl, &attr);
458 return modify_user_hw_breakpoint(bp, &attr);
461 static int ptrace_hbp_set_addr(unsigned int note_type,
462 struct task_struct *tsk,
467 struct perf_event *bp;
468 struct perf_event_attr attr;
470 bp = ptrace_hbp_get_initialised_bp(note_type, tsk, idx);
478 err = modify_user_hw_breakpoint(bp, &attr);
482 #define PTRACE_HBP_ADDR_SZ sizeof(u64)
483 #define PTRACE_HBP_CTRL_SZ sizeof(u32)
484 #define PTRACE_HBP_PAD_SZ sizeof(u32)
486 static int hw_break_get(struct task_struct *target,
487 const struct user_regset *regset,
488 unsigned int pos, unsigned int count,
489 void *kbuf, void __user *ubuf)
491 unsigned int note_type = regset->core_note_type;
492 int ret, idx = 0, offset, limit;
497 ret = ptrace_hbp_get_resource_info(note_type, &info);
501 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &info, 0,
507 offset = offsetof(struct user_hwdebug_state, pad);
508 ret = user_regset_copyout_zero(&pos, &count, &kbuf, &ubuf, offset,
509 offset + PTRACE_HBP_PAD_SZ);
513 /* (address, ctrl) registers */
514 offset = offsetof(struct user_hwdebug_state, dbg_regs);
515 limit = regset->n * regset->size;
516 while (count && offset < limit) {
517 ret = ptrace_hbp_get_addr(note_type, target, idx, &addr);
520 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &addr,
521 offset, offset + PTRACE_HBP_ADDR_SZ);
524 offset += PTRACE_HBP_ADDR_SZ;
526 ret = ptrace_hbp_get_ctrl(note_type, target, idx, &ctrl);
529 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &ctrl,
530 offset, offset + PTRACE_HBP_CTRL_SZ);
533 offset += PTRACE_HBP_CTRL_SZ;
535 ret = user_regset_copyout_zero(&pos, &count, &kbuf, &ubuf,
537 offset + PTRACE_HBP_PAD_SZ);
540 offset += PTRACE_HBP_PAD_SZ;
547 static int hw_break_set(struct task_struct *target,
548 const struct user_regset *regset,
549 unsigned int pos, unsigned int count,
550 const void *kbuf, const void __user *ubuf)
552 unsigned int note_type = regset->core_note_type;
553 int ret, idx = 0, offset, limit;
557 /* Resource info and pad */
558 offset = offsetof(struct user_hwdebug_state, dbg_regs);
559 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf, 0, offset);
563 /* (address, ctrl) registers */
564 limit = regset->n * regset->size;
565 while (count && offset < limit) {
566 if (count < PTRACE_HBP_ADDR_SZ)
568 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &addr,
569 offset, offset + PTRACE_HBP_ADDR_SZ);
572 ret = ptrace_hbp_set_addr(note_type, target, idx, addr);
575 offset += PTRACE_HBP_ADDR_SZ;
579 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &ctrl,
580 offset, offset + PTRACE_HBP_CTRL_SZ);
583 ret = ptrace_hbp_set_ctrl(note_type, target, idx, ctrl);
586 offset += PTRACE_HBP_CTRL_SZ;
588 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
590 offset + PTRACE_HBP_PAD_SZ);
593 offset += PTRACE_HBP_PAD_SZ;
599 #endif /* CONFIG_HAVE_HW_BREAKPOINT */
601 static int gpr_get(struct task_struct *target,
602 const struct user_regset *regset,
603 unsigned int pos, unsigned int count,
604 void *kbuf, void __user *ubuf)
606 struct user_pt_regs *uregs = &task_pt_regs(target)->user_regs;
607 return user_regset_copyout(&pos, &count, &kbuf, &ubuf, uregs, 0, -1);
610 static int gpr_set(struct task_struct *target, const struct user_regset *regset,
611 unsigned int pos, unsigned int count,
612 const void *kbuf, const void __user *ubuf)
615 struct user_pt_regs newregs = task_pt_regs(target)->user_regs;
617 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &newregs, 0, -1);
621 if (!valid_user_regs(&newregs, target))
624 task_pt_regs(target)->user_regs = newregs;
629 * TODO: update fp accessors for lazy context switching (sync/flush hwstate)
631 static int __fpr_get(struct task_struct *target,
632 const struct user_regset *regset,
633 unsigned int pos, unsigned int count,
634 void *kbuf, void __user *ubuf, unsigned int start_pos)
636 struct user_fpsimd_state *uregs;
638 sve_sync_to_fpsimd(target);
640 uregs = &target->thread.uw.fpsimd_state;
642 return user_regset_copyout(&pos, &count, &kbuf, &ubuf, uregs,
643 start_pos, start_pos + sizeof(*uregs));
646 static int fpr_get(struct task_struct *target, const struct user_regset *regset,
647 unsigned int pos, unsigned int count,
648 void *kbuf, void __user *ubuf)
650 if (target == current)
651 fpsimd_preserve_current_state();
653 return __fpr_get(target, regset, pos, count, kbuf, ubuf, 0);
656 static int __fpr_set(struct task_struct *target,
657 const struct user_regset *regset,
658 unsigned int pos, unsigned int count,
659 const void *kbuf, const void __user *ubuf,
660 unsigned int start_pos)
663 struct user_fpsimd_state newstate;
666 * Ensure target->thread.uw.fpsimd_state is up to date, so that a
667 * short copyin can't resurrect stale data.
669 sve_sync_to_fpsimd(target);
671 newstate = target->thread.uw.fpsimd_state;
673 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &newstate,
674 start_pos, start_pos + sizeof(newstate));
678 target->thread.uw.fpsimd_state = newstate;
683 static int fpr_set(struct task_struct *target, const struct user_regset *regset,
684 unsigned int pos, unsigned int count,
685 const void *kbuf, const void __user *ubuf)
689 ret = __fpr_set(target, regset, pos, count, kbuf, ubuf, 0);
693 sve_sync_from_fpsimd_zeropad(target);
694 fpsimd_flush_task_state(target);
699 static int tls_get(struct task_struct *target, const struct user_regset *regset,
700 unsigned int pos, unsigned int count,
701 void *kbuf, void __user *ubuf)
703 unsigned long *tls = &target->thread.uw.tp_value;
705 if (target == current)
706 tls_preserve_current_state();
708 return user_regset_copyout(&pos, &count, &kbuf, &ubuf, tls, 0, -1);
711 static int tls_set(struct task_struct *target, const struct user_regset *regset,
712 unsigned int pos, unsigned int count,
713 const void *kbuf, const void __user *ubuf)
716 unsigned long tls = target->thread.uw.tp_value;
718 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
722 target->thread.uw.tp_value = tls;
726 static int system_call_get(struct task_struct *target,
727 const struct user_regset *regset,
728 unsigned int pos, unsigned int count,
729 void *kbuf, void __user *ubuf)
731 int syscallno = task_pt_regs(target)->syscallno;
733 return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
737 static int system_call_set(struct task_struct *target,
738 const struct user_regset *regset,
739 unsigned int pos, unsigned int count,
740 const void *kbuf, const void __user *ubuf)
742 int syscallno = task_pt_regs(target)->syscallno;
745 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &syscallno, 0, -1);
749 task_pt_regs(target)->syscallno = syscallno;
753 #ifdef CONFIG_ARM64_SVE
755 static void sve_init_header_from_task(struct user_sve_header *header,
756 struct task_struct *target)
760 memset(header, 0, sizeof(*header));
762 header->flags = test_tsk_thread_flag(target, TIF_SVE) ?
763 SVE_PT_REGS_SVE : SVE_PT_REGS_FPSIMD;
764 if (test_tsk_thread_flag(target, TIF_SVE_VL_INHERIT))
765 header->flags |= SVE_PT_VL_INHERIT;
767 header->vl = target->thread.sve_vl;
768 vq = sve_vq_from_vl(header->vl);
770 header->max_vl = sve_max_vl;
771 header->size = SVE_PT_SIZE(vq, header->flags);
772 header->max_size = SVE_PT_SIZE(sve_vq_from_vl(header->max_vl),
776 static unsigned int sve_size_from_header(struct user_sve_header const *header)
778 return ALIGN(header->size, SVE_VQ_BYTES);
781 static unsigned int sve_get_size(struct task_struct *target,
782 const struct user_regset *regset)
784 struct user_sve_header header;
786 if (!system_supports_sve())
789 sve_init_header_from_task(&header, target);
790 return sve_size_from_header(&header);
793 static int sve_get(struct task_struct *target,
794 const struct user_regset *regset,
795 unsigned int pos, unsigned int count,
796 void *kbuf, void __user *ubuf)
799 struct user_sve_header header;
801 unsigned long start, end;
803 if (!system_supports_sve())
807 sve_init_header_from_task(&header, target);
808 vq = sve_vq_from_vl(header.vl);
810 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &header,
815 if (target == current)
816 fpsimd_preserve_current_state();
818 /* Registers: FPSIMD-only case */
820 BUILD_BUG_ON(SVE_PT_FPSIMD_OFFSET != sizeof(header));
821 if ((header.flags & SVE_PT_REGS_MASK) == SVE_PT_REGS_FPSIMD)
822 return __fpr_get(target, regset, pos, count, kbuf, ubuf,
823 SVE_PT_FPSIMD_OFFSET);
825 /* Otherwise: full SVE case */
827 BUILD_BUG_ON(SVE_PT_SVE_OFFSET != sizeof(header));
828 start = SVE_PT_SVE_OFFSET;
829 end = SVE_PT_SVE_FFR_OFFSET(vq) + SVE_PT_SVE_FFR_SIZE(vq);
830 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf,
831 target->thread.sve_state,
837 end = SVE_PT_SVE_FPSR_OFFSET(vq);
838 ret = user_regset_copyout_zero(&pos, &count, &kbuf, &ubuf,
844 * Copy fpsr, and fpcr which must follow contiguously in
845 * struct fpsimd_state:
848 end = SVE_PT_SVE_FPCR_OFFSET(vq) + SVE_PT_SVE_FPCR_SIZE;
849 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf,
850 &target->thread.uw.fpsimd_state.fpsr,
856 end = sve_size_from_header(&header);
857 return user_regset_copyout_zero(&pos, &count, &kbuf, &ubuf,
861 static int sve_set(struct task_struct *target,
862 const struct user_regset *regset,
863 unsigned int pos, unsigned int count,
864 const void *kbuf, const void __user *ubuf)
867 struct user_sve_header header;
869 unsigned long start, end;
871 if (!system_supports_sve())
875 if (count < sizeof(header))
877 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &header,
883 * Apart from PT_SVE_REGS_MASK, all PT_SVE_* flags are consumed by
884 * sve_set_vector_length(), which will also validate them for us:
886 ret = sve_set_vector_length(target, header.vl,
887 ((unsigned long)header.flags & ~SVE_PT_REGS_MASK) << 16);
891 /* Actual VL set may be less than the user asked for: */
892 vq = sve_vq_from_vl(target->thread.sve_vl);
894 /* Registers: FPSIMD-only case */
896 BUILD_BUG_ON(SVE_PT_FPSIMD_OFFSET != sizeof(header));
897 if ((header.flags & SVE_PT_REGS_MASK) == SVE_PT_REGS_FPSIMD) {
898 ret = __fpr_set(target, regset, pos, count, kbuf, ubuf,
899 SVE_PT_FPSIMD_OFFSET);
900 clear_tsk_thread_flag(target, TIF_SVE);
904 /* Otherwise: full SVE case */
907 * If setting a different VL from the requested VL and there is
908 * register data, the data layout will be wrong: don't even
909 * try to set the registers in this case.
911 if (count && vq != sve_vq_from_vl(header.vl)) {
919 * Ensure target->thread.sve_state is up to date with target's
920 * FPSIMD regs, so that a short copyin leaves trailing registers
923 fpsimd_sync_to_sve(target);
924 set_tsk_thread_flag(target, TIF_SVE);
926 BUILD_BUG_ON(SVE_PT_SVE_OFFSET != sizeof(header));
927 start = SVE_PT_SVE_OFFSET;
928 end = SVE_PT_SVE_FFR_OFFSET(vq) + SVE_PT_SVE_FFR_SIZE(vq);
929 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
930 target->thread.sve_state,
936 end = SVE_PT_SVE_FPSR_OFFSET(vq);
937 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
943 * Copy fpsr, and fpcr which must follow contiguously in
944 * struct fpsimd_state:
947 end = SVE_PT_SVE_FPCR_OFFSET(vq) + SVE_PT_SVE_FPCR_SIZE;
948 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
949 &target->thread.uw.fpsimd_state.fpsr,
953 fpsimd_flush_task_state(target);
957 #endif /* CONFIG_ARM64_SVE */
959 enum aarch64_regset {
963 #ifdef CONFIG_HAVE_HW_BREAKPOINT
968 #ifdef CONFIG_ARM64_SVE
973 static const struct user_regset aarch64_regsets[] = {
975 .core_note_type = NT_PRSTATUS,
976 .n = sizeof(struct user_pt_regs) / sizeof(u64),
978 .align = sizeof(u64),
983 .core_note_type = NT_PRFPREG,
984 .n = sizeof(struct user_fpsimd_state) / sizeof(u32),
986 * We pretend we have 32-bit registers because the fpsr and
987 * fpcr are 32-bits wide.
990 .align = sizeof(u32),
995 .core_note_type = NT_ARM_TLS,
997 .size = sizeof(void *),
998 .align = sizeof(void *),
1002 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1003 [REGSET_HW_BREAK] = {
1004 .core_note_type = NT_ARM_HW_BREAK,
1005 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1006 .size = sizeof(u32),
1007 .align = sizeof(u32),
1008 .get = hw_break_get,
1009 .set = hw_break_set,
1011 [REGSET_HW_WATCH] = {
1012 .core_note_type = NT_ARM_HW_WATCH,
1013 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1014 .size = sizeof(u32),
1015 .align = sizeof(u32),
1016 .get = hw_break_get,
1017 .set = hw_break_set,
1020 [REGSET_SYSTEM_CALL] = {
1021 .core_note_type = NT_ARM_SYSTEM_CALL,
1023 .size = sizeof(int),
1024 .align = sizeof(int),
1025 .get = system_call_get,
1026 .set = system_call_set,
1028 #ifdef CONFIG_ARM64_SVE
1029 [REGSET_SVE] = { /* Scalable Vector Extension */
1030 .core_note_type = NT_ARM_SVE,
1031 .n = DIV_ROUND_UP(SVE_PT_SIZE(SVE_VQ_MAX, SVE_PT_REGS_SVE),
1033 .size = SVE_VQ_BYTES,
1034 .align = SVE_VQ_BYTES,
1037 .get_size = sve_get_size,
1042 static const struct user_regset_view user_aarch64_view = {
1043 .name = "aarch64", .e_machine = EM_AARCH64,
1044 .regsets = aarch64_regsets, .n = ARRAY_SIZE(aarch64_regsets)
1047 #ifdef CONFIG_COMPAT
1048 enum compat_regset {
1053 static int compat_gpr_get(struct task_struct *target,
1054 const struct user_regset *regset,
1055 unsigned int pos, unsigned int count,
1056 void *kbuf, void __user *ubuf)
1059 unsigned int i, start, num_regs;
1061 /* Calculate the number of AArch32 registers contained in count */
1062 num_regs = count / regset->size;
1064 /* Convert pos into an register number */
1065 start = pos / regset->size;
1067 if (start + num_regs > regset->n)
1070 for (i = 0; i < num_regs; ++i) {
1071 unsigned int idx = start + i;
1076 reg = task_pt_regs(target)->pc;
1079 reg = task_pt_regs(target)->pstate;
1080 reg = pstate_to_compat_psr(reg);
1083 reg = task_pt_regs(target)->orig_x0;
1086 reg = task_pt_regs(target)->regs[idx];
1090 memcpy(kbuf, ®, sizeof(reg));
1091 kbuf += sizeof(reg);
1093 ret = copy_to_user(ubuf, ®, sizeof(reg));
1099 ubuf += sizeof(reg);
1106 static int compat_gpr_set(struct task_struct *target,
1107 const struct user_regset *regset,
1108 unsigned int pos, unsigned int count,
1109 const void *kbuf, const void __user *ubuf)
1111 struct pt_regs newregs;
1113 unsigned int i, start, num_regs;
1115 /* Calculate the number of AArch32 registers contained in count */
1116 num_regs = count / regset->size;
1118 /* Convert pos into an register number */
1119 start = pos / regset->size;
1121 if (start + num_regs > regset->n)
1124 newregs = *task_pt_regs(target);
1126 for (i = 0; i < num_regs; ++i) {
1127 unsigned int idx = start + i;
1131 memcpy(®, kbuf, sizeof(reg));
1132 kbuf += sizeof(reg);
1134 ret = copy_from_user(®, ubuf, sizeof(reg));
1140 ubuf += sizeof(reg);
1148 reg = compat_psr_to_pstate(reg);
1149 newregs.pstate = reg;
1152 newregs.orig_x0 = reg;
1155 newregs.regs[idx] = reg;
1160 if (valid_user_regs(&newregs.user_regs, target))
1161 *task_pt_regs(target) = newregs;
1168 static int compat_vfp_get(struct task_struct *target,
1169 const struct user_regset *regset,
1170 unsigned int pos, unsigned int count,
1171 void *kbuf, void __user *ubuf)
1173 struct user_fpsimd_state *uregs;
1174 compat_ulong_t fpscr;
1175 int ret, vregs_end_pos;
1177 uregs = &target->thread.uw.fpsimd_state;
1179 if (target == current)
1180 fpsimd_preserve_current_state();
1183 * The VFP registers are packed into the fpsimd_state, so they all sit
1184 * nicely together for us. We just need to create the fpscr separately.
1186 vregs_end_pos = VFP_STATE_SIZE - sizeof(compat_ulong_t);
1187 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, uregs,
1190 if (count && !ret) {
1191 fpscr = (uregs->fpsr & VFP_FPSCR_STAT_MASK) |
1192 (uregs->fpcr & VFP_FPSCR_CTRL_MASK);
1194 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &fpscr,
1195 vregs_end_pos, VFP_STATE_SIZE);
1201 static int compat_vfp_set(struct task_struct *target,
1202 const struct user_regset *regset,
1203 unsigned int pos, unsigned int count,
1204 const void *kbuf, const void __user *ubuf)
1206 struct user_fpsimd_state *uregs;
1207 compat_ulong_t fpscr;
1208 int ret, vregs_end_pos;
1210 uregs = &target->thread.uw.fpsimd_state;
1212 vregs_end_pos = VFP_STATE_SIZE - sizeof(compat_ulong_t);
1213 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, uregs, 0,
1216 if (count && !ret) {
1217 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &fpscr,
1218 vregs_end_pos, VFP_STATE_SIZE);
1220 uregs->fpsr = fpscr & VFP_FPSCR_STAT_MASK;
1221 uregs->fpcr = fpscr & VFP_FPSCR_CTRL_MASK;
1225 fpsimd_flush_task_state(target);
1229 static int compat_tls_get(struct task_struct *target,
1230 const struct user_regset *regset, unsigned int pos,
1231 unsigned int count, void *kbuf, void __user *ubuf)
1233 compat_ulong_t tls = (compat_ulong_t)target->thread.uw.tp_value;
1234 return user_regset_copyout(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
1237 static int compat_tls_set(struct task_struct *target,
1238 const struct user_regset *regset, unsigned int pos,
1239 unsigned int count, const void *kbuf,
1240 const void __user *ubuf)
1243 compat_ulong_t tls = target->thread.uw.tp_value;
1245 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
1249 target->thread.uw.tp_value = tls;
1253 static const struct user_regset aarch32_regsets[] = {
1254 [REGSET_COMPAT_GPR] = {
1255 .core_note_type = NT_PRSTATUS,
1256 .n = COMPAT_ELF_NGREG,
1257 .size = sizeof(compat_elf_greg_t),
1258 .align = sizeof(compat_elf_greg_t),
1259 .get = compat_gpr_get,
1260 .set = compat_gpr_set
1262 [REGSET_COMPAT_VFP] = {
1263 .core_note_type = NT_ARM_VFP,
1264 .n = VFP_STATE_SIZE / sizeof(compat_ulong_t),
1265 .size = sizeof(compat_ulong_t),
1266 .align = sizeof(compat_ulong_t),
1267 .get = compat_vfp_get,
1268 .set = compat_vfp_set
1272 static const struct user_regset_view user_aarch32_view = {
1273 .name = "aarch32", .e_machine = EM_ARM,
1274 .regsets = aarch32_regsets, .n = ARRAY_SIZE(aarch32_regsets)
1277 static const struct user_regset aarch32_ptrace_regsets[] = {
1279 .core_note_type = NT_PRSTATUS,
1280 .n = COMPAT_ELF_NGREG,
1281 .size = sizeof(compat_elf_greg_t),
1282 .align = sizeof(compat_elf_greg_t),
1283 .get = compat_gpr_get,
1284 .set = compat_gpr_set
1287 .core_note_type = NT_ARM_VFP,
1288 .n = VFP_STATE_SIZE / sizeof(compat_ulong_t),
1289 .size = sizeof(compat_ulong_t),
1290 .align = sizeof(compat_ulong_t),
1291 .get = compat_vfp_get,
1292 .set = compat_vfp_set
1295 .core_note_type = NT_ARM_TLS,
1297 .size = sizeof(compat_ulong_t),
1298 .align = sizeof(compat_ulong_t),
1299 .get = compat_tls_get,
1300 .set = compat_tls_set,
1302 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1303 [REGSET_HW_BREAK] = {
1304 .core_note_type = NT_ARM_HW_BREAK,
1305 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1306 .size = sizeof(u32),
1307 .align = sizeof(u32),
1308 .get = hw_break_get,
1309 .set = hw_break_set,
1311 [REGSET_HW_WATCH] = {
1312 .core_note_type = NT_ARM_HW_WATCH,
1313 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1314 .size = sizeof(u32),
1315 .align = sizeof(u32),
1316 .get = hw_break_get,
1317 .set = hw_break_set,
1320 [REGSET_SYSTEM_CALL] = {
1321 .core_note_type = NT_ARM_SYSTEM_CALL,
1323 .size = sizeof(int),
1324 .align = sizeof(int),
1325 .get = system_call_get,
1326 .set = system_call_set,
1330 static const struct user_regset_view user_aarch32_ptrace_view = {
1331 .name = "aarch32", .e_machine = EM_ARM,
1332 .regsets = aarch32_ptrace_regsets, .n = ARRAY_SIZE(aarch32_ptrace_regsets)
1335 static int compat_ptrace_read_user(struct task_struct *tsk, compat_ulong_t off,
1336 compat_ulong_t __user *ret)
1343 if (off == COMPAT_PT_TEXT_ADDR)
1344 tmp = tsk->mm->start_code;
1345 else if (off == COMPAT_PT_DATA_ADDR)
1346 tmp = tsk->mm->start_data;
1347 else if (off == COMPAT_PT_TEXT_END_ADDR)
1348 tmp = tsk->mm->end_code;
1349 else if (off < sizeof(compat_elf_gregset_t))
1350 return copy_regset_to_user(tsk, &user_aarch32_view,
1351 REGSET_COMPAT_GPR, off,
1352 sizeof(compat_ulong_t), ret);
1353 else if (off >= COMPAT_USER_SZ)
1358 return put_user(tmp, ret);
1361 static int compat_ptrace_write_user(struct task_struct *tsk, compat_ulong_t off,
1365 mm_segment_t old_fs = get_fs();
1367 if (off & 3 || off >= COMPAT_USER_SZ)
1370 if (off >= sizeof(compat_elf_gregset_t))
1374 ret = copy_regset_from_user(tsk, &user_aarch32_view,
1375 REGSET_COMPAT_GPR, off,
1376 sizeof(compat_ulong_t),
1383 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1386 * Convert a virtual register number into an index for a thread_info
1387 * breakpoint array. Breakpoints are identified using positive numbers
1388 * whilst watchpoints are negative. The registers are laid out as pairs
1389 * of (address, control), each pair mapping to a unique hw_breakpoint struct.
1390 * Register 0 is reserved for describing resource information.
1392 static int compat_ptrace_hbp_num_to_idx(compat_long_t num)
1394 return (abs(num) - 1) >> 1;
1397 static int compat_ptrace_hbp_get_resource_info(u32 *kdata)
1399 u8 num_brps, num_wrps, debug_arch, wp_len;
1402 num_brps = hw_breakpoint_slots(TYPE_INST);
1403 num_wrps = hw_breakpoint_slots(TYPE_DATA);
1405 debug_arch = debug_monitors_arch();
1419 static int compat_ptrace_hbp_get(unsigned int note_type,
1420 struct task_struct *tsk,
1427 int err, idx = compat_ptrace_hbp_num_to_idx(num);
1430 err = ptrace_hbp_get_addr(note_type, tsk, idx, &addr);
1433 err = ptrace_hbp_get_ctrl(note_type, tsk, idx, &ctrl);
1440 static int compat_ptrace_hbp_set(unsigned int note_type,
1441 struct task_struct *tsk,
1448 int err, idx = compat_ptrace_hbp_num_to_idx(num);
1452 err = ptrace_hbp_set_addr(note_type, tsk, idx, addr);
1455 err = ptrace_hbp_set_ctrl(note_type, tsk, idx, ctrl);
1461 static int compat_ptrace_gethbpregs(struct task_struct *tsk, compat_long_t num,
1462 compat_ulong_t __user *data)
1469 ret = compat_ptrace_hbp_get(NT_ARM_HW_WATCH, tsk, num, &kdata);
1471 } else if (num == 0) {
1472 ret = compat_ptrace_hbp_get_resource_info(&kdata);
1475 ret = compat_ptrace_hbp_get(NT_ARM_HW_BREAK, tsk, num, &kdata);
1479 ret = put_user(kdata, data);
1484 static int compat_ptrace_sethbpregs(struct task_struct *tsk, compat_long_t num,
1485 compat_ulong_t __user *data)
1493 ret = get_user(kdata, data);
1498 ret = compat_ptrace_hbp_set(NT_ARM_HW_WATCH, tsk, num, &kdata);
1500 ret = compat_ptrace_hbp_set(NT_ARM_HW_BREAK, tsk, num, &kdata);
1504 #endif /* CONFIG_HAVE_HW_BREAKPOINT */
1506 long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
1507 compat_ulong_t caddr, compat_ulong_t cdata)
1509 unsigned long addr = caddr;
1510 unsigned long data = cdata;
1511 void __user *datap = compat_ptr(data);
1515 case PTRACE_PEEKUSR:
1516 ret = compat_ptrace_read_user(child, addr, datap);
1519 case PTRACE_POKEUSR:
1520 ret = compat_ptrace_write_user(child, addr, data);
1523 case COMPAT_PTRACE_GETREGS:
1524 ret = copy_regset_to_user(child,
1527 0, sizeof(compat_elf_gregset_t),
1531 case COMPAT_PTRACE_SETREGS:
1532 ret = copy_regset_from_user(child,
1535 0, sizeof(compat_elf_gregset_t),
1539 case COMPAT_PTRACE_GET_THREAD_AREA:
1540 ret = put_user((compat_ulong_t)child->thread.uw.tp_value,
1541 (compat_ulong_t __user *)datap);
1544 case COMPAT_PTRACE_SET_SYSCALL:
1545 task_pt_regs(child)->syscallno = data;
1549 case COMPAT_PTRACE_GETVFPREGS:
1550 ret = copy_regset_to_user(child,
1557 case COMPAT_PTRACE_SETVFPREGS:
1558 ret = copy_regset_from_user(child,
1565 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1566 case COMPAT_PTRACE_GETHBPREGS:
1567 ret = compat_ptrace_gethbpregs(child, addr, datap);
1570 case COMPAT_PTRACE_SETHBPREGS:
1571 ret = compat_ptrace_sethbpregs(child, addr, datap);
1576 ret = compat_ptrace_request(child, request, addr,
1583 #endif /* CONFIG_COMPAT */
1585 const struct user_regset_view *task_user_regset_view(struct task_struct *task)
1587 #ifdef CONFIG_COMPAT
1589 * Core dumping of 32-bit tasks or compat ptrace requests must use the
1590 * user_aarch32_view compatible with arm32. Native ptrace requests on
1591 * 32-bit children use an extended user_aarch32_ptrace_view to allow
1592 * access to the TLS register.
1594 if (is_compat_task())
1595 return &user_aarch32_view;
1596 else if (is_compat_thread(task_thread_info(task)))
1597 return &user_aarch32_ptrace_view;
1599 return &user_aarch64_view;
1602 long arch_ptrace(struct task_struct *child, long request,
1603 unsigned long addr, unsigned long data)
1605 return ptrace_request(child, request, addr, data);
1608 enum ptrace_syscall_dir {
1609 PTRACE_SYSCALL_ENTER = 0,
1610 PTRACE_SYSCALL_EXIT,
1613 static void tracehook_report_syscall(struct pt_regs *regs,
1614 enum ptrace_syscall_dir dir)
1617 unsigned long saved_reg;
1620 * A scratch register (ip(r12) on AArch32, x7 on AArch64) is
1621 * used to denote syscall entry/exit:
1623 regno = (is_compat_task() ? 12 : 7);
1624 saved_reg = regs->regs[regno];
1625 regs->regs[regno] = dir;
1627 if (dir == PTRACE_SYSCALL_EXIT)
1628 tracehook_report_syscall_exit(regs, 0);
1629 else if (tracehook_report_syscall_entry(regs))
1630 forget_syscall(regs);
1632 regs->regs[regno] = saved_reg;
1635 int syscall_trace_enter(struct pt_regs *regs)
1637 if (test_thread_flag(TIF_SYSCALL_TRACE))
1638 tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
1640 /* Do the secure computing after ptrace; failures should be fast. */
1641 if (secure_computing(NULL) == -1)
1644 if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
1645 trace_sys_enter(regs, regs->syscallno);
1647 audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1],
1648 regs->regs[2], regs->regs[3]);
1650 return regs->syscallno;
1653 void syscall_trace_exit(struct pt_regs *regs)
1655 audit_syscall_exit(regs);
1657 if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
1658 trace_sys_exit(regs, regs_return_value(regs));
1660 if (test_thread_flag(TIF_SYSCALL_TRACE))
1661 tracehook_report_syscall(regs, PTRACE_SYSCALL_EXIT);
1667 * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487C.a
1668 * We also take into account DIT (bit 24), which is not yet documented, and
1669 * treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may be
1670 * allocated an EL0 meaning in future.
1671 * Userspace cannot use these until they have an architectural meaning.
1672 * Note that this follows the SPSR_ELx format, not the AArch32 PSR format.
1673 * We also reserve IL for the kernel; SS is handled dynamically.
1675 #define SPSR_EL1_AARCH64_RES0_BITS \
1676 (GENMASK_ULL(63,32) | GENMASK_ULL(27, 25) | GENMASK_ULL(23, 22) | \
1677 GENMASK_ULL(20, 10) | GENMASK_ULL(5, 5))
1678 #define SPSR_EL1_AARCH32_RES0_BITS \
1679 (GENMASK_ULL(63,32) | GENMASK_ULL(23, 22) | GENMASK_ULL(20,20))
1681 static int valid_compat_regs(struct user_pt_regs *regs)
1683 regs->pstate &= ~SPSR_EL1_AARCH32_RES0_BITS;
1685 if (!system_supports_mixed_endian_el0()) {
1686 if (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN))
1687 regs->pstate |= PSR_AA32_E_BIT;
1689 regs->pstate &= ~PSR_AA32_E_BIT;
1692 if (user_mode(regs) && (regs->pstate & PSR_MODE32_BIT) &&
1693 (regs->pstate & PSR_AA32_A_BIT) == 0 &&
1694 (regs->pstate & PSR_AA32_I_BIT) == 0 &&
1695 (regs->pstate & PSR_AA32_F_BIT) == 0) {
1700 * Force PSR to a valid 32-bit EL0t, preserving the same bits as
1703 regs->pstate &= PSR_AA32_N_BIT | PSR_AA32_Z_BIT |
1704 PSR_AA32_C_BIT | PSR_AA32_V_BIT |
1705 PSR_AA32_Q_BIT | PSR_AA32_IT_MASK |
1706 PSR_AA32_GE_MASK | PSR_AA32_E_BIT |
1708 regs->pstate |= PSR_MODE32_BIT;
1713 static int valid_native_regs(struct user_pt_regs *regs)
1715 regs->pstate &= ~SPSR_EL1_AARCH64_RES0_BITS;
1717 if (user_mode(regs) && !(regs->pstate & PSR_MODE32_BIT) &&
1718 (regs->pstate & PSR_D_BIT) == 0 &&
1719 (regs->pstate & PSR_A_BIT) == 0 &&
1720 (regs->pstate & PSR_I_BIT) == 0 &&
1721 (regs->pstate & PSR_F_BIT) == 0) {
1725 /* Force PSR to a valid 64-bit EL0t */
1726 regs->pstate &= PSR_N_BIT | PSR_Z_BIT | PSR_C_BIT | PSR_V_BIT;
1732 * Are the current registers suitable for user mode? (used to maintain
1733 * security in signal handlers)
1735 int valid_user_regs(struct user_pt_regs *regs, struct task_struct *task)
1737 if (!test_tsk_thread_flag(task, TIF_SINGLESTEP))
1738 regs->pstate &= ~DBG_SPSR_SS;
1740 if (is_compat_thread(task_thread_info(task)))
1741 return valid_compat_regs(regs);
1743 return valid_native_regs(regs);
git.samba.org / sfrench / cifs-2.6.git / blob