2 * Based on arch/arm/kernel/ptrace.c
5 * edited by Linus Torvalds
6 * ARM modifications Copyright (C) 2000 Russell King
7 * Copyright (C) 2012 ARM Ltd.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License version 2 as
11 * published by the Free Software Foundation.
13 * This program is distributed in the hope that it will be useful,
14 * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 * GNU General Public License for more details.
18 * You should have received a copy of the GNU General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 #include <linux/audit.h>
23 #include <linux/compat.h>
24 #include <linux/kernel.h>
25 #include <linux/sched/signal.h>
26 #include <linux/sched/task_stack.h>
28 #include <linux/smp.h>
29 #include <linux/ptrace.h>
30 #include <linux/user.h>
31 #include <linux/seccomp.h>
32 #include <linux/security.h>
33 #include <linux/init.h>
34 #include <linux/signal.h>
35 #include <linux/string.h>
36 #include <linux/uaccess.h>
37 #include <linux/perf_event.h>
38 #include <linux/hw_breakpoint.h>
39 #include <linux/regset.h>
40 #include <linux/tracehook.h>
41 #include <linux/elf.h>
43 #include <asm/compat.h>
44 #include <asm/cpufeature.h>
45 #include <asm/debug-monitors.h>
46 #include <asm/pgtable.h>
47 #include <asm/stacktrace.h>
48 #include <asm/syscall.h>
49 #include <asm/traps.h>
50 #include <asm/system_misc.h>
52 #define CREATE_TRACE_POINTS
53 #include <trace/events/syscalls.h>
55 struct pt_regs_offset {
60 #define REG_OFFSET_NAME(r) {.name = #r, .offset = offsetof(struct pt_regs, r)}
61 #define REG_OFFSET_END {.name = NULL, .offset = 0}
62 #define GPR_OFFSET_NAME(r) \
63 {.name = "x" #r, .offset = offsetof(struct pt_regs, regs[r])}
65 static const struct pt_regs_offset regoffset_table[] = {
97 {.name = "lr", .offset = offsetof(struct pt_regs, regs[30])},
100 REG_OFFSET_NAME(pstate),
105 * regs_query_register_offset() - query register offset from its name
106 * @name: the name of a register
108 * regs_query_register_offset() returns the offset of a register in struct
109 * pt_regs from its name. If the name is invalid, this returns -EINVAL;
111 int regs_query_register_offset(const char *name)
113 const struct pt_regs_offset *roff;
115 for (roff = regoffset_table; roff->name != NULL; roff++)
116 if (!strcmp(roff->name, name))
122 * regs_within_kernel_stack() - check the address in the stack
123 * @regs: pt_regs which contains kernel stack pointer.
124 * @addr: address which is checked.
126 * regs_within_kernel_stack() checks @addr is within the kernel stack page(s).
127 * If @addr is within the kernel stack, it returns true. If not, returns false.
129 static bool regs_within_kernel_stack(struct pt_regs *regs, unsigned long addr)
131 return ((addr & ~(THREAD_SIZE - 1)) ==
132 (kernel_stack_pointer(regs) & ~(THREAD_SIZE - 1))) ||
137 * regs_get_kernel_stack_nth() - get Nth entry of the stack
138 * @regs: pt_regs which contains kernel stack pointer.
139 * @n: stack entry number.
141 * regs_get_kernel_stack_nth() returns @n th entry of the kernel stack which
142 * is specified by @regs. If the @n th entry is NOT in the kernel stack,
145 unsigned long regs_get_kernel_stack_nth(struct pt_regs *regs, unsigned int n)
147 unsigned long *addr = (unsigned long *)kernel_stack_pointer(regs);
150 if (regs_within_kernel_stack(regs, (unsigned long)addr))
157 * TODO: does not yet catch signals sent when the child dies.
158 * in exit.c or in signal.c.
162 * Called by kernel/ptrace.c when detaching..
164 void ptrace_disable(struct task_struct *child)
167 * This would be better off in core code, but PTRACE_DETACH has
168 * grown its fair share of arch-specific worts and changing it
169 * is likely to cause regressions on obscure architectures.
171 user_disable_single_step(child);
174 #ifdef CONFIG_HAVE_HW_BREAKPOINT
176 * Handle hitting a HW-breakpoint.
178 static void ptrace_hbptriggered(struct perf_event *bp,
179 struct perf_sample_data *data,
180 struct pt_regs *regs)
182 struct arch_hw_breakpoint *bkpt = counter_arch_bp(bp);
186 .si_code = TRAP_HWBKPT,
187 .si_addr = (void __user *)(bkpt->trigger),
193 if (!is_compat_task())
196 for (i = 0; i < ARM_MAX_BRP; ++i) {
197 if (current->thread.debug.hbp_break[i] == bp) {
198 info.si_errno = (i << 1) + 1;
203 for (i = 0; i < ARM_MAX_WRP; ++i) {
204 if (current->thread.debug.hbp_watch[i] == bp) {
205 info.si_errno = -((i << 1) + 1);
212 force_sig_info(SIGTRAP, &info, current);
216 * Unregister breakpoints from this task and reset the pointers in
219 void flush_ptrace_hw_breakpoint(struct task_struct *tsk)
222 struct thread_struct *t = &tsk->thread;
224 for (i = 0; i < ARM_MAX_BRP; i++) {
225 if (t->debug.hbp_break[i]) {
226 unregister_hw_breakpoint(t->debug.hbp_break[i]);
227 t->debug.hbp_break[i] = NULL;
231 for (i = 0; i < ARM_MAX_WRP; i++) {
232 if (t->debug.hbp_watch[i]) {
233 unregister_hw_breakpoint(t->debug.hbp_watch[i]);
234 t->debug.hbp_watch[i] = NULL;
239 void ptrace_hw_copy_thread(struct task_struct *tsk)
241 memset(&tsk->thread.debug, 0, sizeof(struct debug_info));
244 static struct perf_event *ptrace_hbp_get_event(unsigned int note_type,
245 struct task_struct *tsk,
248 struct perf_event *bp = ERR_PTR(-EINVAL);
251 case NT_ARM_HW_BREAK:
252 if (idx < ARM_MAX_BRP)
253 bp = tsk->thread.debug.hbp_break[idx];
255 case NT_ARM_HW_WATCH:
256 if (idx < ARM_MAX_WRP)
257 bp = tsk->thread.debug.hbp_watch[idx];
264 static int ptrace_hbp_set_event(unsigned int note_type,
265 struct task_struct *tsk,
267 struct perf_event *bp)
272 case NT_ARM_HW_BREAK:
273 if (idx < ARM_MAX_BRP) {
274 tsk->thread.debug.hbp_break[idx] = bp;
278 case NT_ARM_HW_WATCH:
279 if (idx < ARM_MAX_WRP) {
280 tsk->thread.debug.hbp_watch[idx] = bp;
289 static struct perf_event *ptrace_hbp_create(unsigned int note_type,
290 struct task_struct *tsk,
293 struct perf_event *bp;
294 struct perf_event_attr attr;
298 case NT_ARM_HW_BREAK:
299 type = HW_BREAKPOINT_X;
301 case NT_ARM_HW_WATCH:
302 type = HW_BREAKPOINT_RW;
305 return ERR_PTR(-EINVAL);
308 ptrace_breakpoint_init(&attr);
311 * Initialise fields to sane defaults
312 * (i.e. values that will pass validation).
315 attr.bp_len = HW_BREAKPOINT_LEN_4;
319 bp = register_user_hw_breakpoint(&attr, ptrace_hbptriggered, NULL, tsk);
323 err = ptrace_hbp_set_event(note_type, tsk, idx, bp);
330 static int ptrace_hbp_fill_attr_ctrl(unsigned int note_type,
331 struct arch_hw_breakpoint_ctrl ctrl,
332 struct perf_event_attr *attr)
334 int err, len, type, offset, disabled = !ctrl.enabled;
336 attr->disabled = disabled;
340 err = arch_bp_generic_fields(ctrl, &len, &type, &offset);
345 case NT_ARM_HW_BREAK:
346 if ((type & HW_BREAKPOINT_X) != type)
349 case NT_ARM_HW_WATCH:
350 if ((type & HW_BREAKPOINT_RW) != type)
358 attr->bp_type = type;
359 attr->bp_addr += offset;
364 static int ptrace_hbp_get_resource_info(unsigned int note_type, u32 *info)
370 case NT_ARM_HW_BREAK:
371 num = hw_breakpoint_slots(TYPE_INST);
373 case NT_ARM_HW_WATCH:
374 num = hw_breakpoint_slots(TYPE_DATA);
380 reg |= debug_monitors_arch();
388 static int ptrace_hbp_get_ctrl(unsigned int note_type,
389 struct task_struct *tsk,
393 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
398 *ctrl = bp ? encode_ctrl_reg(counter_arch_bp(bp)->ctrl) : 0;
402 static int ptrace_hbp_get_addr(unsigned int note_type,
403 struct task_struct *tsk,
407 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
412 *addr = bp ? counter_arch_bp(bp)->address : 0;
416 static struct perf_event *ptrace_hbp_get_initialised_bp(unsigned int note_type,
417 struct task_struct *tsk,
420 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
423 bp = ptrace_hbp_create(note_type, tsk, idx);
428 static int ptrace_hbp_set_ctrl(unsigned int note_type,
429 struct task_struct *tsk,
434 struct perf_event *bp;
435 struct perf_event_attr attr;
436 struct arch_hw_breakpoint_ctrl ctrl;
438 bp = ptrace_hbp_get_initialised_bp(note_type, tsk, idx);
445 decode_ctrl_reg(uctrl, &ctrl);
446 err = ptrace_hbp_fill_attr_ctrl(note_type, ctrl, &attr);
450 return modify_user_hw_breakpoint(bp, &attr);
453 static int ptrace_hbp_set_addr(unsigned int note_type,
454 struct task_struct *tsk,
459 struct perf_event *bp;
460 struct perf_event_attr attr;
462 bp = ptrace_hbp_get_initialised_bp(note_type, tsk, idx);
470 err = modify_user_hw_breakpoint(bp, &attr);
474 #define PTRACE_HBP_ADDR_SZ sizeof(u64)
475 #define PTRACE_HBP_CTRL_SZ sizeof(u32)
476 #define PTRACE_HBP_PAD_SZ sizeof(u32)
478 static int hw_break_get(struct task_struct *target,
479 const struct user_regset *regset,
480 unsigned int pos, unsigned int count,
481 void *kbuf, void __user *ubuf)
483 unsigned int note_type = regset->core_note_type;
484 int ret, idx = 0, offset, limit;
489 ret = ptrace_hbp_get_resource_info(note_type, &info);
493 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &info, 0,
499 offset = offsetof(struct user_hwdebug_state, pad);
500 ret = user_regset_copyout_zero(&pos, &count, &kbuf, &ubuf, offset,
501 offset + PTRACE_HBP_PAD_SZ);
505 /* (address, ctrl) registers */
506 offset = offsetof(struct user_hwdebug_state, dbg_regs);
507 limit = regset->n * regset->size;
508 while (count && offset < limit) {
509 ret = ptrace_hbp_get_addr(note_type, target, idx, &addr);
512 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &addr,
513 offset, offset + PTRACE_HBP_ADDR_SZ);
516 offset += PTRACE_HBP_ADDR_SZ;
518 ret = ptrace_hbp_get_ctrl(note_type, target, idx, &ctrl);
521 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &ctrl,
522 offset, offset + PTRACE_HBP_CTRL_SZ);
525 offset += PTRACE_HBP_CTRL_SZ;
527 ret = user_regset_copyout_zero(&pos, &count, &kbuf, &ubuf,
529 offset + PTRACE_HBP_PAD_SZ);
532 offset += PTRACE_HBP_PAD_SZ;
539 static int hw_break_set(struct task_struct *target,
540 const struct user_regset *regset,
541 unsigned int pos, unsigned int count,
542 const void *kbuf, const void __user *ubuf)
544 unsigned int note_type = regset->core_note_type;
545 int ret, idx = 0, offset, limit;
549 /* Resource info and pad */
550 offset = offsetof(struct user_hwdebug_state, dbg_regs);
551 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf, 0, offset);
555 /* (address, ctrl) registers */
556 limit = regset->n * regset->size;
557 while (count && offset < limit) {
558 if (count < PTRACE_HBP_ADDR_SZ)
560 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &addr,
561 offset, offset + PTRACE_HBP_ADDR_SZ);
564 ret = ptrace_hbp_set_addr(note_type, target, idx, addr);
567 offset += PTRACE_HBP_ADDR_SZ;
571 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &ctrl,
572 offset, offset + PTRACE_HBP_CTRL_SZ);
575 ret = ptrace_hbp_set_ctrl(note_type, target, idx, ctrl);
578 offset += PTRACE_HBP_CTRL_SZ;
580 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
582 offset + PTRACE_HBP_PAD_SZ);
585 offset += PTRACE_HBP_PAD_SZ;
591 #endif /* CONFIG_HAVE_HW_BREAKPOINT */
593 static int gpr_get(struct task_struct *target,
594 const struct user_regset *regset,
595 unsigned int pos, unsigned int count,
596 void *kbuf, void __user *ubuf)
598 struct user_pt_regs *uregs = &task_pt_regs(target)->user_regs;
599 return user_regset_copyout(&pos, &count, &kbuf, &ubuf, uregs, 0, -1);
602 static int gpr_set(struct task_struct *target, const struct user_regset *regset,
603 unsigned int pos, unsigned int count,
604 const void *kbuf, const void __user *ubuf)
607 struct user_pt_regs newregs = task_pt_regs(target)->user_regs;
609 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &newregs, 0, -1);
613 if (!valid_user_regs(&newregs, target))
616 task_pt_regs(target)->user_regs = newregs;
621 * TODO: update fp accessors for lazy context switching (sync/flush hwstate)
623 static int __fpr_get(struct task_struct *target,
624 const struct user_regset *regset,
625 unsigned int pos, unsigned int count,
626 void *kbuf, void __user *ubuf, unsigned int start_pos)
628 struct user_fpsimd_state *uregs;
630 sve_sync_to_fpsimd(target);
632 uregs = &target->thread.fpsimd_state.user_fpsimd;
634 return user_regset_copyout(&pos, &count, &kbuf, &ubuf, uregs,
635 start_pos, start_pos + sizeof(*uregs));
638 static int fpr_get(struct task_struct *target, const struct user_regset *regset,
639 unsigned int pos, unsigned int count,
640 void *kbuf, void __user *ubuf)
642 if (target == current)
643 fpsimd_preserve_current_state();
645 return __fpr_get(target, regset, pos, count, kbuf, ubuf, 0);
648 static int __fpr_set(struct task_struct *target,
649 const struct user_regset *regset,
650 unsigned int pos, unsigned int count,
651 const void *kbuf, const void __user *ubuf,
652 unsigned int start_pos)
655 struct user_fpsimd_state newstate;
658 * Ensure target->thread.fpsimd_state is up to date, so that a
659 * short copyin can't resurrect stale data.
661 sve_sync_to_fpsimd(target);
663 newstate = target->thread.fpsimd_state.user_fpsimd;
665 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &newstate,
666 start_pos, start_pos + sizeof(newstate));
670 target->thread.fpsimd_state.user_fpsimd = newstate;
675 static int fpr_set(struct task_struct *target, const struct user_regset *regset,
676 unsigned int pos, unsigned int count,
677 const void *kbuf, const void __user *ubuf)
681 ret = __fpr_set(target, regset, pos, count, kbuf, ubuf, 0);
685 sve_sync_from_fpsimd_zeropad(target);
686 fpsimd_flush_task_state(target);
691 static int tls_get(struct task_struct *target, const struct user_regset *regset,
692 unsigned int pos, unsigned int count,
693 void *kbuf, void __user *ubuf)
695 unsigned long *tls = &target->thread.tp_value;
697 if (target == current)
698 tls_preserve_current_state();
700 return user_regset_copyout(&pos, &count, &kbuf, &ubuf, tls, 0, -1);
703 static int tls_set(struct task_struct *target, const struct user_regset *regset,
704 unsigned int pos, unsigned int count,
705 const void *kbuf, const void __user *ubuf)
708 unsigned long tls = target->thread.tp_value;
710 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
714 target->thread.tp_value = tls;
718 static int system_call_get(struct task_struct *target,
719 const struct user_regset *regset,
720 unsigned int pos, unsigned int count,
721 void *kbuf, void __user *ubuf)
723 int syscallno = task_pt_regs(target)->syscallno;
725 return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
729 static int system_call_set(struct task_struct *target,
730 const struct user_regset *regset,
731 unsigned int pos, unsigned int count,
732 const void *kbuf, const void __user *ubuf)
734 int syscallno = task_pt_regs(target)->syscallno;
737 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &syscallno, 0, -1);
741 task_pt_regs(target)->syscallno = syscallno;
745 #ifdef CONFIG_ARM64_SVE
747 static void sve_init_header_from_task(struct user_sve_header *header,
748 struct task_struct *target)
752 memset(header, 0, sizeof(*header));
754 header->flags = test_tsk_thread_flag(target, TIF_SVE) ?
755 SVE_PT_REGS_SVE : SVE_PT_REGS_FPSIMD;
756 if (test_tsk_thread_flag(target, TIF_SVE_VL_INHERIT))
757 header->flags |= SVE_PT_VL_INHERIT;
759 header->vl = target->thread.sve_vl;
760 vq = sve_vq_from_vl(header->vl);
762 header->max_vl = sve_max_vl;
763 if (WARN_ON(!sve_vl_valid(sve_max_vl)))
764 header->max_vl = header->vl;
766 header->size = SVE_PT_SIZE(vq, header->flags);
767 header->max_size = SVE_PT_SIZE(sve_vq_from_vl(header->max_vl),
771 static unsigned int sve_size_from_header(struct user_sve_header const *header)
773 return ALIGN(header->size, SVE_VQ_BYTES);
776 static unsigned int sve_get_size(struct task_struct *target,
777 const struct user_regset *regset)
779 struct user_sve_header header;
781 if (!system_supports_sve())
784 sve_init_header_from_task(&header, target);
785 return sve_size_from_header(&header);
788 static int sve_get(struct task_struct *target,
789 const struct user_regset *regset,
790 unsigned int pos, unsigned int count,
791 void *kbuf, void __user *ubuf)
794 struct user_sve_header header;
796 unsigned long start, end;
798 if (!system_supports_sve())
802 sve_init_header_from_task(&header, target);
803 vq = sve_vq_from_vl(header.vl);
805 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &header,
810 if (target == current)
811 fpsimd_preserve_current_state();
813 /* Registers: FPSIMD-only case */
815 BUILD_BUG_ON(SVE_PT_FPSIMD_OFFSET != sizeof(header));
816 if ((header.flags & SVE_PT_REGS_MASK) == SVE_PT_REGS_FPSIMD)
817 return __fpr_get(target, regset, pos, count, kbuf, ubuf,
818 SVE_PT_FPSIMD_OFFSET);
820 /* Otherwise: full SVE case */
822 BUILD_BUG_ON(SVE_PT_SVE_OFFSET != sizeof(header));
823 start = SVE_PT_SVE_OFFSET;
824 end = SVE_PT_SVE_FFR_OFFSET(vq) + SVE_PT_SVE_FFR_SIZE(vq);
825 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf,
826 target->thread.sve_state,
832 end = SVE_PT_SVE_FPSR_OFFSET(vq);
833 ret = user_regset_copyout_zero(&pos, &count, &kbuf, &ubuf,
839 * Copy fpsr, and fpcr which must follow contiguously in
840 * struct fpsimd_state:
843 end = SVE_PT_SVE_FPCR_OFFSET(vq) + SVE_PT_SVE_FPCR_SIZE;
844 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf,
845 &target->thread.fpsimd_state.fpsr,
851 end = sve_size_from_header(&header);
852 return user_regset_copyout_zero(&pos, &count, &kbuf, &ubuf,
856 static int sve_set(struct task_struct *target,
857 const struct user_regset *regset,
858 unsigned int pos, unsigned int count,
859 const void *kbuf, const void __user *ubuf)
862 struct user_sve_header header;
864 unsigned long start, end;
866 if (!system_supports_sve())
870 if (count < sizeof(header))
872 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &header,
878 * Apart from PT_SVE_REGS_MASK, all PT_SVE_* flags are consumed by
879 * sve_set_vector_length(), which will also validate them for us:
881 ret = sve_set_vector_length(target, header.vl,
882 ((unsigned long)header.flags & ~SVE_PT_REGS_MASK) << 16);
886 /* Actual VL set may be less than the user asked for: */
887 vq = sve_vq_from_vl(target->thread.sve_vl);
889 /* Registers: FPSIMD-only case */
891 BUILD_BUG_ON(SVE_PT_FPSIMD_OFFSET != sizeof(header));
892 if ((header.flags & SVE_PT_REGS_MASK) == SVE_PT_REGS_FPSIMD) {
893 ret = __fpr_set(target, regset, pos, count, kbuf, ubuf,
894 SVE_PT_FPSIMD_OFFSET);
895 clear_tsk_thread_flag(target, TIF_SVE);
899 /* Otherwise: full SVE case */
902 * If setting a different VL from the requested VL and there is
903 * register data, the data layout will be wrong: don't even
904 * try to set the registers in this case.
906 if (count && vq != sve_vq_from_vl(header.vl)) {
914 * Ensure target->thread.sve_state is up to date with target's
915 * FPSIMD regs, so that a short copyin leaves trailing registers
918 fpsimd_sync_to_sve(target);
919 set_tsk_thread_flag(target, TIF_SVE);
921 BUILD_BUG_ON(SVE_PT_SVE_OFFSET != sizeof(header));
922 start = SVE_PT_SVE_OFFSET;
923 end = SVE_PT_SVE_FFR_OFFSET(vq) + SVE_PT_SVE_FFR_SIZE(vq);
924 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
925 target->thread.sve_state,
931 end = SVE_PT_SVE_FPSR_OFFSET(vq);
932 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
938 * Copy fpsr, and fpcr which must follow contiguously in
939 * struct fpsimd_state:
942 end = SVE_PT_SVE_FPCR_OFFSET(vq) + SVE_PT_SVE_FPCR_SIZE;
943 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
944 &target->thread.fpsimd_state.fpsr,
948 fpsimd_flush_task_state(target);
952 #endif /* CONFIG_ARM64_SVE */
954 enum aarch64_regset {
958 #ifdef CONFIG_HAVE_HW_BREAKPOINT
963 #ifdef CONFIG_ARM64_SVE
968 static const struct user_regset aarch64_regsets[] = {
970 .core_note_type = NT_PRSTATUS,
971 .n = sizeof(struct user_pt_regs) / sizeof(u64),
973 .align = sizeof(u64),
978 .core_note_type = NT_PRFPREG,
979 .n = sizeof(struct user_fpsimd_state) / sizeof(u32),
981 * We pretend we have 32-bit registers because the fpsr and
982 * fpcr are 32-bits wide.
985 .align = sizeof(u32),
990 .core_note_type = NT_ARM_TLS,
992 .size = sizeof(void *),
993 .align = sizeof(void *),
997 #ifdef CONFIG_HAVE_HW_BREAKPOINT
998 [REGSET_HW_BREAK] = {
999 .core_note_type = NT_ARM_HW_BREAK,
1000 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1001 .size = sizeof(u32),
1002 .align = sizeof(u32),
1003 .get = hw_break_get,
1004 .set = hw_break_set,
1006 [REGSET_HW_WATCH] = {
1007 .core_note_type = NT_ARM_HW_WATCH,
1008 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1009 .size = sizeof(u32),
1010 .align = sizeof(u32),
1011 .get = hw_break_get,
1012 .set = hw_break_set,
1015 [REGSET_SYSTEM_CALL] = {
1016 .core_note_type = NT_ARM_SYSTEM_CALL,
1018 .size = sizeof(int),
1019 .align = sizeof(int),
1020 .get = system_call_get,
1021 .set = system_call_set,
1023 #ifdef CONFIG_ARM64_SVE
1024 [REGSET_SVE] = { /* Scalable Vector Extension */
1025 .core_note_type = NT_ARM_SVE,
1026 .n = DIV_ROUND_UP(SVE_PT_SIZE(SVE_VQ_MAX, SVE_PT_REGS_SVE),
1028 .size = SVE_VQ_BYTES,
1029 .align = SVE_VQ_BYTES,
1032 .get_size = sve_get_size,
1037 static const struct user_regset_view user_aarch64_view = {
1038 .name = "aarch64", .e_machine = EM_AARCH64,
1039 .regsets = aarch64_regsets, .n = ARRAY_SIZE(aarch64_regsets)
1042 #ifdef CONFIG_COMPAT
1043 #include <linux/compat.h>
1045 enum compat_regset {
1050 static int compat_gpr_get(struct task_struct *target,
1051 const struct user_regset *regset,
1052 unsigned int pos, unsigned int count,
1053 void *kbuf, void __user *ubuf)
1056 unsigned int i, start, num_regs;
1058 /* Calculate the number of AArch32 registers contained in count */
1059 num_regs = count / regset->size;
1061 /* Convert pos into an register number */
1062 start = pos / regset->size;
1064 if (start + num_regs > regset->n)
1067 for (i = 0; i < num_regs; ++i) {
1068 unsigned int idx = start + i;
1073 reg = task_pt_regs(target)->pc;
1076 reg = task_pt_regs(target)->pstate;
1079 reg = task_pt_regs(target)->orig_x0;
1082 reg = task_pt_regs(target)->regs[idx];
1086 memcpy(kbuf, ®, sizeof(reg));
1087 kbuf += sizeof(reg);
1089 ret = copy_to_user(ubuf, ®, sizeof(reg));
1095 ubuf += sizeof(reg);
1102 static int compat_gpr_set(struct task_struct *target,
1103 const struct user_regset *regset,
1104 unsigned int pos, unsigned int count,
1105 const void *kbuf, const void __user *ubuf)
1107 struct pt_regs newregs;
1109 unsigned int i, start, num_regs;
1111 /* Calculate the number of AArch32 registers contained in count */
1112 num_regs = count / regset->size;
1114 /* Convert pos into an register number */
1115 start = pos / regset->size;
1117 if (start + num_regs > regset->n)
1120 newregs = *task_pt_regs(target);
1122 for (i = 0; i < num_regs; ++i) {
1123 unsigned int idx = start + i;
1127 memcpy(®, kbuf, sizeof(reg));
1128 kbuf += sizeof(reg);
1130 ret = copy_from_user(®, ubuf, sizeof(reg));
1136 ubuf += sizeof(reg);
1144 newregs.pstate = reg;
1147 newregs.orig_x0 = reg;
1150 newregs.regs[idx] = reg;
1155 if (valid_user_regs(&newregs.user_regs, target))
1156 *task_pt_regs(target) = newregs;
1163 static int compat_vfp_get(struct task_struct *target,
1164 const struct user_regset *regset,
1165 unsigned int pos, unsigned int count,
1166 void *kbuf, void __user *ubuf)
1168 struct user_fpsimd_state *uregs;
1169 compat_ulong_t fpscr;
1170 int ret, vregs_end_pos;
1172 uregs = &target->thread.fpsimd_state.user_fpsimd;
1174 if (target == current)
1175 fpsimd_preserve_current_state();
1178 * The VFP registers are packed into the fpsimd_state, so they all sit
1179 * nicely together for us. We just need to create the fpscr separately.
1181 vregs_end_pos = VFP_STATE_SIZE - sizeof(compat_ulong_t);
1182 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, uregs,
1185 if (count && !ret) {
1186 fpscr = (uregs->fpsr & VFP_FPSCR_STAT_MASK) |
1187 (uregs->fpcr & VFP_FPSCR_CTRL_MASK);
1189 ret = user_regset_copyout(&pos, &count, &kbuf, &ubuf, &fpscr,
1190 vregs_end_pos, VFP_STATE_SIZE);
1196 static int compat_vfp_set(struct task_struct *target,
1197 const struct user_regset *regset,
1198 unsigned int pos, unsigned int count,
1199 const void *kbuf, const void __user *ubuf)
1201 struct user_fpsimd_state *uregs;
1202 compat_ulong_t fpscr;
1203 int ret, vregs_end_pos;
1205 uregs = &target->thread.fpsimd_state.user_fpsimd;
1207 vregs_end_pos = VFP_STATE_SIZE - sizeof(compat_ulong_t);
1208 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, uregs, 0,
1211 if (count && !ret) {
1212 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &fpscr,
1213 vregs_end_pos, VFP_STATE_SIZE);
1215 uregs->fpsr = fpscr & VFP_FPSCR_STAT_MASK;
1216 uregs->fpcr = fpscr & VFP_FPSCR_CTRL_MASK;
1220 fpsimd_flush_task_state(target);
1224 static int compat_tls_get(struct task_struct *target,
1225 const struct user_regset *regset, unsigned int pos,
1226 unsigned int count, void *kbuf, void __user *ubuf)
1228 compat_ulong_t tls = (compat_ulong_t)target->thread.tp_value;
1229 return user_regset_copyout(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
1232 static int compat_tls_set(struct task_struct *target,
1233 const struct user_regset *regset, unsigned int pos,
1234 unsigned int count, const void *kbuf,
1235 const void __user *ubuf)
1238 compat_ulong_t tls = target->thread.tp_value;
1240 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
1244 target->thread.tp_value = tls;
1248 static const struct user_regset aarch32_regsets[] = {
1249 [REGSET_COMPAT_GPR] = {
1250 .core_note_type = NT_PRSTATUS,
1251 .n = COMPAT_ELF_NGREG,
1252 .size = sizeof(compat_elf_greg_t),
1253 .align = sizeof(compat_elf_greg_t),
1254 .get = compat_gpr_get,
1255 .set = compat_gpr_set
1257 [REGSET_COMPAT_VFP] = {
1258 .core_note_type = NT_ARM_VFP,
1259 .n = VFP_STATE_SIZE / sizeof(compat_ulong_t),
1260 .size = sizeof(compat_ulong_t),
1261 .align = sizeof(compat_ulong_t),
1262 .get = compat_vfp_get,
1263 .set = compat_vfp_set
1267 static const struct user_regset_view user_aarch32_view = {
1268 .name = "aarch32", .e_machine = EM_ARM,
1269 .regsets = aarch32_regsets, .n = ARRAY_SIZE(aarch32_regsets)
1272 static const struct user_regset aarch32_ptrace_regsets[] = {
1274 .core_note_type = NT_PRSTATUS,
1275 .n = COMPAT_ELF_NGREG,
1276 .size = sizeof(compat_elf_greg_t),
1277 .align = sizeof(compat_elf_greg_t),
1278 .get = compat_gpr_get,
1279 .set = compat_gpr_set
1282 .core_note_type = NT_ARM_VFP,
1283 .n = VFP_STATE_SIZE / sizeof(compat_ulong_t),
1284 .size = sizeof(compat_ulong_t),
1285 .align = sizeof(compat_ulong_t),
1286 .get = compat_vfp_get,
1287 .set = compat_vfp_set
1290 .core_note_type = NT_ARM_TLS,
1292 .size = sizeof(compat_ulong_t),
1293 .align = sizeof(compat_ulong_t),
1294 .get = compat_tls_get,
1295 .set = compat_tls_set,
1297 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1298 [REGSET_HW_BREAK] = {
1299 .core_note_type = NT_ARM_HW_BREAK,
1300 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1301 .size = sizeof(u32),
1302 .align = sizeof(u32),
1303 .get = hw_break_get,
1304 .set = hw_break_set,
1306 [REGSET_HW_WATCH] = {
1307 .core_note_type = NT_ARM_HW_WATCH,
1308 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1309 .size = sizeof(u32),
1310 .align = sizeof(u32),
1311 .get = hw_break_get,
1312 .set = hw_break_set,
1315 [REGSET_SYSTEM_CALL] = {
1316 .core_note_type = NT_ARM_SYSTEM_CALL,
1318 .size = sizeof(int),
1319 .align = sizeof(int),
1320 .get = system_call_get,
1321 .set = system_call_set,
1325 static const struct user_regset_view user_aarch32_ptrace_view = {
1326 .name = "aarch32", .e_machine = EM_ARM,
1327 .regsets = aarch32_ptrace_regsets, .n = ARRAY_SIZE(aarch32_ptrace_regsets)
1330 static int compat_ptrace_read_user(struct task_struct *tsk, compat_ulong_t off,
1331 compat_ulong_t __user *ret)
1338 if (off == COMPAT_PT_TEXT_ADDR)
1339 tmp = tsk->mm->start_code;
1340 else if (off == COMPAT_PT_DATA_ADDR)
1341 tmp = tsk->mm->start_data;
1342 else if (off == COMPAT_PT_TEXT_END_ADDR)
1343 tmp = tsk->mm->end_code;
1344 else if (off < sizeof(compat_elf_gregset_t))
1345 return copy_regset_to_user(tsk, &user_aarch32_view,
1346 REGSET_COMPAT_GPR, off,
1347 sizeof(compat_ulong_t), ret);
1348 else if (off >= COMPAT_USER_SZ)
1353 return put_user(tmp, ret);
1356 static int compat_ptrace_write_user(struct task_struct *tsk, compat_ulong_t off,
1360 mm_segment_t old_fs = get_fs();
1362 if (off & 3 || off >= COMPAT_USER_SZ)
1365 if (off >= sizeof(compat_elf_gregset_t))
1369 ret = copy_regset_from_user(tsk, &user_aarch32_view,
1370 REGSET_COMPAT_GPR, off,
1371 sizeof(compat_ulong_t),
1378 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1381 * Convert a virtual register number into an index for a thread_info
1382 * breakpoint array. Breakpoints are identified using positive numbers
1383 * whilst watchpoints are negative. The registers are laid out as pairs
1384 * of (address, control), each pair mapping to a unique hw_breakpoint struct.
1385 * Register 0 is reserved for describing resource information.
1387 static int compat_ptrace_hbp_num_to_idx(compat_long_t num)
1389 return (abs(num) - 1) >> 1;
1392 static int compat_ptrace_hbp_get_resource_info(u32 *kdata)
1394 u8 num_brps, num_wrps, debug_arch, wp_len;
1397 num_brps = hw_breakpoint_slots(TYPE_INST);
1398 num_wrps = hw_breakpoint_slots(TYPE_DATA);
1400 debug_arch = debug_monitors_arch();
1414 static int compat_ptrace_hbp_get(unsigned int note_type,
1415 struct task_struct *tsk,
1422 int err, idx = compat_ptrace_hbp_num_to_idx(num);;
1425 err = ptrace_hbp_get_addr(note_type, tsk, idx, &addr);
1428 err = ptrace_hbp_get_ctrl(note_type, tsk, idx, &ctrl);
1435 static int compat_ptrace_hbp_set(unsigned int note_type,
1436 struct task_struct *tsk,
1443 int err, idx = compat_ptrace_hbp_num_to_idx(num);
1447 err = ptrace_hbp_set_addr(note_type, tsk, idx, addr);
1450 err = ptrace_hbp_set_ctrl(note_type, tsk, idx, ctrl);
1456 static int compat_ptrace_gethbpregs(struct task_struct *tsk, compat_long_t num,
1457 compat_ulong_t __user *data)
1461 mm_segment_t old_fs = get_fs();
1466 ret = compat_ptrace_hbp_get(NT_ARM_HW_WATCH, tsk, num, &kdata);
1468 } else if (num == 0) {
1469 ret = compat_ptrace_hbp_get_resource_info(&kdata);
1472 ret = compat_ptrace_hbp_get(NT_ARM_HW_BREAK, tsk, num, &kdata);
1477 ret = put_user(kdata, data);
1482 static int compat_ptrace_sethbpregs(struct task_struct *tsk, compat_long_t num,
1483 compat_ulong_t __user *data)
1487 mm_segment_t old_fs = get_fs();
1492 ret = get_user(kdata, data);
1498 ret = compat_ptrace_hbp_set(NT_ARM_HW_WATCH, tsk, num, &kdata);
1500 ret = compat_ptrace_hbp_set(NT_ARM_HW_BREAK, tsk, num, &kdata);
1505 #endif /* CONFIG_HAVE_HW_BREAKPOINT */
1507 long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
1508 compat_ulong_t caddr, compat_ulong_t cdata)
1510 unsigned long addr = caddr;
1511 unsigned long data = cdata;
1512 void __user *datap = compat_ptr(data);
1516 case PTRACE_PEEKUSR:
1517 ret = compat_ptrace_read_user(child, addr, datap);
1520 case PTRACE_POKEUSR:
1521 ret = compat_ptrace_write_user(child, addr, data);
1524 case COMPAT_PTRACE_GETREGS:
1525 ret = copy_regset_to_user(child,
1528 0, sizeof(compat_elf_gregset_t),
1532 case COMPAT_PTRACE_SETREGS:
1533 ret = copy_regset_from_user(child,
1536 0, sizeof(compat_elf_gregset_t),
1540 case COMPAT_PTRACE_GET_THREAD_AREA:
1541 ret = put_user((compat_ulong_t)child->thread.tp_value,
1542 (compat_ulong_t __user *)datap);
1545 case COMPAT_PTRACE_SET_SYSCALL:
1546 task_pt_regs(child)->syscallno = data;
1550 case COMPAT_PTRACE_GETVFPREGS:
1551 ret = copy_regset_to_user(child,
1558 case COMPAT_PTRACE_SETVFPREGS:
1559 ret = copy_regset_from_user(child,
1566 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1567 case COMPAT_PTRACE_GETHBPREGS:
1568 ret = compat_ptrace_gethbpregs(child, addr, datap);
1571 case COMPAT_PTRACE_SETHBPREGS:
1572 ret = compat_ptrace_sethbpregs(child, addr, datap);
1577 ret = compat_ptrace_request(child, request, addr,
1584 #endif /* CONFIG_COMPAT */
1586 const struct user_regset_view *task_user_regset_view(struct task_struct *task)
1588 #ifdef CONFIG_COMPAT
1590 * Core dumping of 32-bit tasks or compat ptrace requests must use the
1591 * user_aarch32_view compatible with arm32. Native ptrace requests on
1592 * 32-bit children use an extended user_aarch32_ptrace_view to allow
1593 * access to the TLS register.
1595 if (is_compat_task())
1596 return &user_aarch32_view;
1597 else if (is_compat_thread(task_thread_info(task)))
1598 return &user_aarch32_ptrace_view;
1600 return &user_aarch64_view;
1603 long arch_ptrace(struct task_struct *child, long request,
1604 unsigned long addr, unsigned long data)
1606 return ptrace_request(child, request, addr, data);
1609 enum ptrace_syscall_dir {
1610 PTRACE_SYSCALL_ENTER = 0,
1611 PTRACE_SYSCALL_EXIT,
1614 static void tracehook_report_syscall(struct pt_regs *regs,
1615 enum ptrace_syscall_dir dir)
1618 unsigned long saved_reg;
1621 * A scratch register (ip(r12) on AArch32, x7 on AArch64) is
1622 * used to denote syscall entry/exit:
1624 regno = (is_compat_task() ? 12 : 7);
1625 saved_reg = regs->regs[regno];
1626 regs->regs[regno] = dir;
1628 if (dir == PTRACE_SYSCALL_EXIT)
1629 tracehook_report_syscall_exit(regs, 0);
1630 else if (tracehook_report_syscall_entry(regs))
1631 forget_syscall(regs);
1633 regs->regs[regno] = saved_reg;
1636 asmlinkage int syscall_trace_enter(struct pt_regs *regs)
1638 if (test_thread_flag(TIF_SYSCALL_TRACE))
1639 tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
1641 /* Do the secure computing after ptrace; failures should be fast. */
1642 if (secure_computing(NULL) == -1)
1645 if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
1646 trace_sys_enter(regs, regs->syscallno);
1648 audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1],
1649 regs->regs[2], regs->regs[3]);
1651 return regs->syscallno;
1654 asmlinkage void syscall_trace_exit(struct pt_regs *regs)
1656 audit_syscall_exit(regs);
1658 if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
1659 trace_sys_exit(regs, regs_return_value(regs));
1661 if (test_thread_flag(TIF_SYSCALL_TRACE))
1662 tracehook_report_syscall(regs, PTRACE_SYSCALL_EXIT);
1666 * Bits which are always architecturally RES0 per ARM DDI 0487A.h
1667 * Userspace cannot use these until they have an architectural meaning.
1668 * We also reserve IL for the kernel; SS is handled dynamically.
1670 #define SPSR_EL1_AARCH64_RES0_BITS \
1671 (GENMASK_ULL(63,32) | GENMASK_ULL(27, 22) | GENMASK_ULL(20, 10) | \
1673 #define SPSR_EL1_AARCH32_RES0_BITS \
1674 (GENMASK_ULL(63,32) | GENMASK_ULL(24, 22) | GENMASK_ULL(20,20))
1676 static int valid_compat_regs(struct user_pt_regs *regs)
1678 regs->pstate &= ~SPSR_EL1_AARCH32_RES0_BITS;
1680 if (!system_supports_mixed_endian_el0()) {
1681 if (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN))
1682 regs->pstate |= COMPAT_PSR_E_BIT;
1684 regs->pstate &= ~COMPAT_PSR_E_BIT;
1687 if (user_mode(regs) && (regs->pstate & PSR_MODE32_BIT) &&
1688 (regs->pstate & COMPAT_PSR_A_BIT) == 0 &&
1689 (regs->pstate & COMPAT_PSR_I_BIT) == 0 &&
1690 (regs->pstate & COMPAT_PSR_F_BIT) == 0) {
1695 * Force PSR to a valid 32-bit EL0t, preserving the same bits as
1698 regs->pstate &= COMPAT_PSR_N_BIT | COMPAT_PSR_Z_BIT |
1699 COMPAT_PSR_C_BIT | COMPAT_PSR_V_BIT |
1700 COMPAT_PSR_Q_BIT | COMPAT_PSR_IT_MASK |
1701 COMPAT_PSR_GE_MASK | COMPAT_PSR_E_BIT |
1703 regs->pstate |= PSR_MODE32_BIT;
1708 static int valid_native_regs(struct user_pt_regs *regs)
1710 regs->pstate &= ~SPSR_EL1_AARCH64_RES0_BITS;
1712 if (user_mode(regs) && !(regs->pstate & PSR_MODE32_BIT) &&
1713 (regs->pstate & PSR_D_BIT) == 0 &&
1714 (regs->pstate & PSR_A_BIT) == 0 &&
1715 (regs->pstate & PSR_I_BIT) == 0 &&
1716 (regs->pstate & PSR_F_BIT) == 0) {
1720 /* Force PSR to a valid 64-bit EL0t */
1721 regs->pstate &= PSR_N_BIT | PSR_Z_BIT | PSR_C_BIT | PSR_V_BIT;
1727 * Are the current registers suitable for user mode? (used to maintain
1728 * security in signal handlers)
1730 int valid_user_regs(struct user_pt_regs *regs, struct task_struct *task)
1732 if (!test_tsk_thread_flag(task, TIF_SINGLESTEP))
1733 regs->pstate &= ~DBG_SPSR_SS;
1735 if (is_compat_thread(task_thread_info(task)))
1736 return valid_compat_regs(regs);
1738 return valid_native_regs(regs);
git.samba.org / sfrench / cifs-2.6.git / blob