LXR linux/arch/sh/kernel/hw

   1// SPDX-License-Identifier: GPL-2.0
   2/*
   3 * arch/sh/kernel/hw_breakpoint.c
   4 *
   5 * Unified kernel/user-space hardware breakpoint facility for the on-chip UBC.
   6 *
   7 * Copyright (C) 2009 - 2010  Paul Mundt
   8 */
   9#include <linux/init.h>
  10#include <linux/perf_event.h>
  11#include <linux/sched/signal.h>
  12#include <linux/hw_breakpoint.h>
  13#include <linux/percpu.h>
  14#include <linux/kallsyms.h>
  15#include <linux/notifier.h>
  16#include <linux/kprobes.h>
  17#include <linux/kdebug.h>
  18#include <linux/io.h>
  19#include <linux/clk.h>
  20#include <asm/hw_breakpoint.h>
  21#include <asm/mmu_context.h>
  22#include <asm/ptrace.h>
  23#include <asm/traps.h>
  24
  25/*
  26 * Stores the breakpoints currently in use on each breakpoint address
  27 * register for each cpus
  28 */
  29static DEFINE_PER_CPU(struct perf_event *, bp_per_reg[HBP_NUM]);
  30
  31/*
  32 * A dummy placeholder for early accesses until the CPUs get a chance to
  33 * register their UBCs later in the boot process.
  34 */
  35static struct sh_ubc ubc_dummy = { .num_events = 0 };
  36
  37static struct sh_ubc *sh_ubc __read_mostly = &ubc_dummy;
  38
  39/*
  40 * Install a perf counter breakpoint.
  41 *
  42 * We seek a free UBC channel and use it for this breakpoint.
  43 *
  44 * Atomic: we hold the counter->ctx->lock and we only handle variables
  45 * and registers local to this cpu.
  46 */
  47int arch_install_hw_breakpoint(struct perf_event *bp)
  48{
  49        struct arch_hw_breakpoint *info = counter_arch_bp(bp);
  50        int i;
  51
  52        for (i = 0; i < sh_ubc->num_events; i++) {
  53                struct perf_event **slot = this_cpu_ptr(&bp_per_reg[i]);
  54
  55                if (!*slot) {
  56                        *slot = bp;
  57                        break;
  58                }
  59        }
  60
  61        if (WARN_ONCE(i == sh_ubc->num_events, "Can't find any breakpoint slot"))
  62                return -EBUSY;
  63
  64        clk_enable(sh_ubc->clk);
  65        sh_ubc->enable(info, i);
  66
  67        return 0;
  68}
  69
  70/*
  71 * Uninstall the breakpoint contained in the given counter.
  72 *
  73 * First we search the debug address register it uses and then we disable
  74 * it.
  75 *
  76 * Atomic: we hold the counter->ctx->lock and we only handle variables
  77 * and registers local to this cpu.
  78 */
  79void arch_uninstall_hw_breakpoint(struct perf_event *bp)
  80{
  81        struct arch_hw_breakpoint *info = counter_arch_bp(bp);
  82        int i;
  83
  84        for (i = 0; i < sh_ubc->num_events; i++) {
  85                struct perf_event **slot = this_cpu_ptr(&bp_per_reg[i]);
  86
  87                if (*slot == bp) {
  88                        *slot = NULL;
  89                        break;
  90                }
  91        }
  92
  93        if (WARN_ONCE(i == sh_ubc->num_events, "Can't find any breakpoint slot"))
  94                return;
  95
  96        sh_ubc->disable(info, i);
  97        clk_disable(sh_ubc->clk);
  98}
  99
 100static int get_hbp_len(u16 hbp_len)
 101{
 102        unsigned int len_in_bytes = 0;
 103
 104        switch (hbp_len) {
 105        case SH_BREAKPOINT_LEN_1:
 106                len_in_bytes = 1;
 107                break;
 108        case SH_BREAKPOINT_LEN_2:
 109                len_in_bytes = 2;
 110                break;
 111        case SH_BREAKPOINT_LEN_4:
 112                len_in_bytes = 4;
 113                break;
 114        case SH_BREAKPOINT_LEN_8:
 115                len_in_bytes = 8;
 116                break;
 117        }
 118        return len_in_bytes;
 119}
 120
 121/*
 122 * Check for virtual address in kernel space.
 123 */
 124int arch_check_bp_in_kernelspace(struct arch_hw_breakpoint *hw)
 125{
 126        unsigned int len;
 127        unsigned long va;
 128
 129        va = hw->address;
 130        len = get_hbp_len(hw->len);
 131
 132        return (va >= TASK_SIZE) && ((va + len - 1) >= TASK_SIZE);
 133}
 134
 135int arch_bp_generic_fields(int sh_len, int sh_type,
 136                           int *gen_len, int *gen_type)
 137{
 138        /* Len */
 139        switch (sh_len) {
 140        case SH_BREAKPOINT_LEN_1:
 141                *gen_len = HW_BREAKPOINT_LEN_1;
 142                break;
 143        case SH_BREAKPOINT_LEN_2:
 144                *gen_len = HW_BREAKPOINT_LEN_2;
 145                break;
 146        case SH_BREAKPOINT_LEN_4:
 147                *gen_len = HW_BREAKPOINT_LEN_4;
 148                break;
 149        case SH_BREAKPOINT_LEN_8:
 150                *gen_len = HW_BREAKPOINT_LEN_8;
 151                break;
 152        default:
 153                return -EINVAL;
 154        }
 155
 156        /* Type */
 157        switch (sh_type) {
 158        case SH_BREAKPOINT_READ:
 159                *gen_type = HW_BREAKPOINT_R;
 160                break;
 161        case SH_BREAKPOINT_WRITE:
 162                *gen_type = HW_BREAKPOINT_W;
 163                break;
 164        case SH_BREAKPOINT_RW:
 165                *gen_type = HW_BREAKPOINT_W | HW_BREAKPOINT_R;
 166                break;
 167        default:
 168                return -EINVAL;
 169        }
 170
 171        return 0;
 172}
 173
 174static int arch_build_bp_info(struct perf_event *bp,
 175                              const struct perf_event_attr *attr,
 176                              struct arch_hw_breakpoint *hw)
 177{
 178        hw->address = attr->bp_addr;
 179
 180        /* Len */
 181        switch (attr->bp_len) {
 182        case HW_BREAKPOINT_LEN_1:
 183                hw->len = SH_BREAKPOINT_LEN_1;
 184                break;
 185        case HW_BREAKPOINT_LEN_2:
 186                hw->len = SH_BREAKPOINT_LEN_2;
 187                break;
 188        case HW_BREAKPOINT_LEN_4:
 189                hw->len = SH_BREAKPOINT_LEN_4;
 190                break;
 191        case HW_BREAKPOINT_LEN_8:
 192                hw->len = SH_BREAKPOINT_LEN_8;
 193                break;
 194        default:
 195                return -EINVAL;
 196        }
 197
 198        /* Type */
 199        switch (attr->bp_type) {
 200        case HW_BREAKPOINT_R:
 201                hw->type = SH_BREAKPOINT_READ;
 202                break;
 203        case HW_BREAKPOINT_W:
 204                hw->type = SH_BREAKPOINT_WRITE;
 205                break;
 206        case HW_BREAKPOINT_W | HW_BREAKPOINT_R:
 207                hw->type = SH_BREAKPOINT_RW;
 208                break;
 209        default:
 210                return -EINVAL;
 211        }
 212
 213        return 0;
 214}
 215
 216/*
 217 * Validate the arch-specific HW Breakpoint register settings
 218 */
 219int hw_breakpoint_arch_parse(struct perf_event *bp,
 220                             const struct perf_event_attr *attr,
 221                             struct arch_hw_breakpoint *hw)
 222{
 223        unsigned int align;
 224        int ret;
 225
 226        ret = arch_build_bp_info(bp, attr, hw);
 227        if (ret)
 228                return ret;
 229
 230        ret = -EINVAL;
 231
 232        switch (hw->len) {
 233        case SH_BREAKPOINT_LEN_1:
 234                align = 0;
 235                break;
 236        case SH_BREAKPOINT_LEN_2:
 237                align = 1;
 238                break;
 239        case SH_BREAKPOINT_LEN_4:
 240                align = 3;
 241                break;
 242        case SH_BREAKPOINT_LEN_8:
 243                align = 7;
 244                break;
 245        default:
 246                return ret;
 247        }
 248
 249        /*
 250         * Check that the low-order bits of the address are appropriate
 251         * for the alignment implied by len.
 252         */
 253        if (hw->address & align)
 254                return -EINVAL;
 255
 256        return 0;
 257}
 258
 259/*
 260 * Release the user breakpoints used by ptrace
 261 */
 262void flush_ptrace_hw_breakpoint(struct task_struct *tsk)
 263{
 264        int i;
 265        struct thread_struct *t = &tsk->thread;
 266
 267        for (i = 0; i < sh_ubc->num_events; i++) {
 268                unregister_hw_breakpoint(t->ptrace_bps[i]);
 269                t->ptrace_bps[i] = NULL;
 270        }
 271}
 272
 273static int __kprobes hw_breakpoint_handler(struct die_args *args)
 274{
 275        int cpu, i, rc = NOTIFY_STOP;
 276        struct perf_event *bp;
 277        unsigned int cmf, resume_mask;
 278
 279        /*
 280         * Do an early return if none of the channels triggered.
 281         */
 282        cmf = sh_ubc->triggered_mask();
 283        if (unlikely(!cmf))
 284                return NOTIFY_DONE;
 285
 286        /*
 287         * By default, resume all of the active channels.
 288         */
 289        resume_mask = sh_ubc->active_mask();
 290
 291        /*
 292         * Disable breakpoints during exception handling.
 293         */
 294        sh_ubc->disable_all();
 295
 296        cpu = get_cpu();
 297        for (i = 0; i < sh_ubc->num_events; i++) {
 298                unsigned long event_mask = (1 << i);
 299
 300                if (likely(!(cmf & event_mask)))
 301                        continue;
 302
 303                /*
 304                 * The counter may be concurrently released but that can only
 305                 * occur from a call_rcu() path. We can then safely fetch
 306                 * the breakpoint, use its callback, touch its counter
 307                 * while we are in an rcu_read_lock() path.
 308                 */
 309                rcu_read_lock();
 310
 311                bp = per_cpu(bp_per_reg[i], cpu);
 312                if (bp)
 313                        rc = NOTIFY_DONE;
 314
 315                /*
 316                 * Reset the condition match flag to denote completion of
 317                 * exception handling.
 318                 */
 319                sh_ubc->clear_triggered_mask(event_mask);
 320
 321                /*
 322                 * bp can be NULL due to concurrent perf counter
 323                 * removing.
 324                 */
 325                if (!bp) {
 326                        rcu_read_unlock();
 327                        break;
 328                }
 329
 330                /*
 331                 * Don't restore the channel if the breakpoint is from
 332                 * ptrace, as it always operates in one-shot mode.
 333                 */
 334                if (bp->overflow_handler == ptrace_triggered)
 335                        resume_mask &= ~(1 << i);
 336
 337                perf_bp_event(bp, args->regs);
 338
 339                /* Deliver the signal to userspace */
 340                if (!arch_check_bp_in_kernelspace(&bp->hw.info)) {
 341                        force_sig_fault(SIGTRAP, TRAP_HWBKPT,
 342                                        (void __user *)NULL);
 343                }
 344
 345                rcu_read_unlock();
 346        }
 347
 348        if (cmf == 0)
 349                rc = NOTIFY_DONE;
 350
 351        sh_ubc->enable_all(resume_mask);
 352
 353        put_cpu();
 354
 355        return rc;
 356}
 357
 358BUILD_TRAP_HANDLER(breakpoint)
 359{
 360        unsigned long ex = lookup_exception_vector();
 361        TRAP_HANDLER_DECL;
 362
 363        notify_die(DIE_BREAKPOINT, "breakpoint", regs, 0, ex, SIGTRAP);
 364}
 365
 366/*
 367 * Handle debug exception notifications.
 368 */
 369int __kprobes hw_breakpoint_exceptions_notify(struct notifier_block *unused,
 370                                    unsigned long val, void *data)
 371{
 372        struct die_args *args = data;
 373
 374        if (val != DIE_BREAKPOINT)
 375                return NOTIFY_DONE;
 376
 377        /*
 378         * If the breakpoint hasn't been triggered by the UBC, it's
 379         * probably from a debugger, so don't do anything more here.
 380         *
 381         * This also permits the UBC interface clock to remain off for
 382         * non-UBC breakpoints, as we don't need to check the triggered
 383         * or active channel masks.
 384         */
 385        if (args->trapnr != sh_ubc->trap_nr)
 386                return NOTIFY_DONE;
 387
 388        return hw_breakpoint_handler(data);
 389}
 390
 391void hw_breakpoint_pmu_read(struct perf_event *bp)
 392{
 393        /* TODO */
 394}
 395
 396int register_sh_ubc(struct sh_ubc *ubc)
 397{
 398        /* Bail if it's already assigned */
 399        if (sh_ubc != &ubc_dummy)
 400                return -EBUSY;
 401        sh_ubc = ubc;
 402
 403        pr_info("HW Breakpoints: %s UBC support registered\n", ubc->name);
 404
 405        WARN_ON(ubc->num_events > HBP_NUM);
 406
 407        return 0;
 408}
 409