LXR linux/arch/cris/arch-v32/kernel/ptrace.c

   1// SPDX-License-Identifier: GPL-2.0
   2/*
   3 * Copyright (C) 2000-2007, Axis Communications AB.
   4 */
   5
   6#include <linux/kernel.h>
   7#include <linux/sched.h>
   8#include <linux/sched/task_stack.h>
   9#include <linux/mm.h>
  10#include <linux/smp.h>
  11#include <linux/errno.h>
  12#include <linux/ptrace.h>
  13#include <linux/user.h>
  14#include <linux/signal.h>
  15#include <linux/security.h>
  16
  17#include <linux/uaccess.h>
  18#include <asm/page.h>
  19#include <asm/pgtable.h>
  20#include <asm/processor.h>
  21#include <arch/hwregs/supp_reg.h>
  22
  23/*
  24 * Determines which bits in CCS the user has access to.
  25 * 1 = access, 0 = no access.
  26 */
  27#define CCS_MASK 0x00087c00     /* SXNZVC */
  28
  29#define SBIT_USER (1 << (S_CCS_BITNR + CCS_SHIFT))
  30
  31static int put_debugreg(long pid, unsigned int regno, long data);
  32static long get_debugreg(long pid, unsigned int regno);
  33static unsigned long get_pseudo_pc(struct task_struct *child);
  34void deconfigure_bp(long pid);
  35
  36extern unsigned long cris_signal_return_page;
  37
  38/*
  39 * Get contents of register REGNO in task TASK.
  40 */
  41long get_reg(struct task_struct *task, unsigned int regno)
  42{
  43        /* USP is a special case, it's not in the pt_regs struct but
  44         * in the tasks thread struct
  45         */
  46        unsigned long ret;
  47
  48        if (regno <= PT_EDA)
  49                ret = ((unsigned long *)task_pt_regs(task))[regno];
  50        else if (regno == PT_USP)
  51                ret = task->thread.usp;
  52        else if (regno == PT_PPC)
  53                ret = get_pseudo_pc(task);
  54        else if (regno <= PT_MAX)
  55                ret = get_debugreg(task->pid, regno);
  56        else
  57                ret = 0;
  58
  59        return ret;
  60}
  61
  62/*
  63 * Write contents of register REGNO in task TASK.
  64 */
  65int put_reg(struct task_struct *task, unsigned int regno, unsigned long data)
  66{
  67        if (regno <= PT_EDA)
  68                ((unsigned long *)task_pt_regs(task))[regno] = data;
  69        else if (regno == PT_USP)
  70                task->thread.usp = data;
  71        else if (regno == PT_PPC) {
  72                /* Write pseudo-PC to ERP only if changed. */
  73                if (data != get_pseudo_pc(task))
  74                        task_pt_regs(task)->erp = data;
  75        } else if (regno <= PT_MAX)
  76                return put_debugreg(task->pid, regno, data);
  77        else
  78                return -1;
  79        return 0;
  80}
  81
  82void user_enable_single_step(struct task_struct *child)
  83{
  84        unsigned long tmp;
  85
  86        /*
  87         * Set up SPC if not set already (in which case we have no other
  88         * choice but to trust it).
  89         */
  90        if (!get_reg(child, PT_SPC)) {
  91                /* In case we're stopped in a delay slot. */
  92                tmp = get_reg(child, PT_ERP) & ~1;
  93                put_reg(child, PT_SPC, tmp);
  94        }
  95        tmp = get_reg(child, PT_CCS) | SBIT_USER;
  96        put_reg(child, PT_CCS, tmp);
  97}
  98
  99void user_disable_single_step(struct task_struct *child)
 100{
 101        put_reg(child, PT_SPC, 0);
 102
 103        if (!get_debugreg(child->pid, PT_BP_CTRL)) {
 104                unsigned long tmp;
 105                /* If no h/w bp configured, disable S bit. */
 106                tmp = get_reg(child, PT_CCS) & ~SBIT_USER;
 107                put_reg(child, PT_CCS, tmp);
 108        }
 109}
 110
 111/*
 112 * Called by kernel/ptrace.c when detaching.
 113 *
 114 * Make sure the single step bit is not set.
 115 */
 116void
 117ptrace_disable(struct task_struct *child)
 118{
 119        /* Deconfigure SPC and S-bit. */
 120        user_disable_single_step(child);
 121        put_reg(child, PT_SPC, 0);
 122
 123        /* Deconfigure any watchpoints associated with the child. */
 124        deconfigure_bp(child->pid);
 125}
 126
 127
 128long arch_ptrace(struct task_struct *child, long request,
 129                 unsigned long addr, unsigned long data)
 130{
 131        int ret;
 132        unsigned int regno = addr >> 2;
 133        unsigned long __user *datap = (unsigned long __user *)data;
 134
 135        switch (request) {
 136                /* Read word at location address. */
 137                case PTRACE_PEEKTEXT:
 138                case PTRACE_PEEKDATA: {
 139                        unsigned long tmp;
 140                        int copied;
 141
 142                        ret = -EIO;
 143
 144                        /* The signal trampoline page is outside the normal user-addressable
 145                         * space but still accessible. This is hack to make it possible to
 146                         * access the signal handler code in GDB.
 147                         */
 148                        if ((addr & PAGE_MASK) == cris_signal_return_page) {
 149                                /* The trampoline page is globally mapped, no page table to traverse.*/
 150                                tmp = *(unsigned long*)addr;
 151                        } else {
 152                                copied = ptrace_access_vm(child, addr, &tmp, sizeof(tmp), FOLL_FORCE);
 153
 154                                if (copied != sizeof(tmp))
 155                                        break;
 156                        }
 157
 158                        ret = put_user(tmp,datap);
 159                        break;
 160                }
 161
 162                /* Read the word at location address in the USER area. */
 163                case PTRACE_PEEKUSR: {
 164                        unsigned long tmp;
 165
 166                        ret = -EIO;
 167                        if ((addr & 3) || regno > PT_MAX)
 168                                break;
 169
 170                        tmp = get_reg(child, regno);
 171                        ret = put_user(tmp, datap);
 172                        break;
 173                }
 174
 175                /* Write the word at location address. */
 176                case PTRACE_POKETEXT:
 177                case PTRACE_POKEDATA:
 178                        ret = generic_ptrace_pokedata(child, addr, data);
 179                        break;
 180
 181                /* Write the word at location address in the USER area. */
 182                case PTRACE_POKEUSR:
 183                        ret = -EIO;
 184                        if ((addr & 3) || regno > PT_MAX)
 185                                break;
 186
 187                        if (regno == PT_CCS) {
 188                                /* don't allow the tracing process to change stuff like
 189                                 * interrupt enable, kernel/user bit, dma enables etc.
 190                                 */
 191                                data &= CCS_MASK;
 192                                data |= get_reg(child, PT_CCS) & ~CCS_MASK;
 193                        }
 194                        if (put_reg(child, regno, data))
 195                                break;
 196                        ret = 0;
 197                        break;
 198
 199                /* Get all GP registers from the child. */
 200                case PTRACE_GETREGS: {
 201                        int i;
 202                        unsigned long tmp;
 203
 204                        for (i = 0; i <= PT_MAX; i++) {
 205                                tmp = get_reg(child, i);
 206
 207                                if (put_user(tmp, datap)) {
 208                                        ret = -EFAULT;
 209                                        goto out_tsk;
 210                                }
 211
 212                                datap++;
 213                        }
 214
 215                        ret = 0;
 216                        break;
 217                }
 218
 219                /* Set all GP registers in the child. */
 220                case PTRACE_SETREGS: {
 221                        int i;
 222                        unsigned long tmp;
 223
 224                        for (i = 0; i <= PT_MAX; i++) {
 225                                if (get_user(tmp, datap)) {
 226                                        ret = -EFAULT;
 227                                        goto out_tsk;
 228                                }
 229
 230                                if (i == PT_CCS) {
 231                                        tmp &= CCS_MASK;
 232                                        tmp |= get_reg(child, PT_CCS) & ~CCS_MASK;
 233                                }
 234
 235                                put_reg(child, i, tmp);
 236                                datap++;
 237                        }
 238
 239                        ret = 0;
 240                        break;
 241                }
 242
 243                default:
 244                        ret = ptrace_request(child, request, addr, data);
 245                        break;
 246        }
 247
 248out_tsk:
 249        return ret;
 250}
 251
 252void do_syscall_trace(void)
 253{
 254        if (!test_thread_flag(TIF_SYSCALL_TRACE))
 255                return;
 256
 257        if (!(current->ptrace & PT_PTRACED))
 258                return;
 259
 260        /* the 0x80 provides a way for the tracing parent to distinguish
 261           between a syscall stop and SIGTRAP delivery */
 262        ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD)
 263                                 ? 0x80 : 0));
 264
 265        /*
 266         * This isn't the same as continuing with a signal, but it will do for
 267         * normal use.
 268         */
 269        if (current->exit_code) {
 270                send_sig(current->exit_code, current, 1);
 271                current->exit_code = 0;
 272        }
 273}
 274
 275/* Returns the size of an instruction that has a delay slot. */
 276
 277static int insn_size(struct task_struct *child, unsigned long pc)
 278{
 279  unsigned long opcode;
 280  int copied;
 281  int opsize = 0;
 282
 283  /* Read the opcode at pc (do what PTRACE_PEEKTEXT would do). */
 284  copied = access_process_vm(child, pc, &opcode, sizeof(opcode), FOLL_FORCE);
 285  if (copied != sizeof(opcode))
 286    return 0;
 287
 288  switch ((opcode & 0x0f00) >> 8) {
 289  case 0x0:
 290  case 0x9:
 291  case 0xb:
 292          opsize = 2;
 293          break;
 294  case 0xe:
 295  case 0xf:
 296          opsize = 6;
 297          break;
 298  case 0xd:
 299          /* Could be 4 or 6; check more bits. */
 300          if ((opcode & 0xff) == 0xff)
 301                  opsize = 4;
 302          else
 303                  opsize = 6;
 304          break;
 305  default:
 306          panic("ERROR: Couldn't find size of opcode 0x%lx at 0x%lx\n",
 307                opcode, pc);
 308  }
 309
 310  return opsize;
 311}
 312
 313static unsigned long get_pseudo_pc(struct task_struct *child)
 314{
 315        /* Default value for PC is ERP. */
 316        unsigned long pc = get_reg(child, PT_ERP);
 317
 318        if (pc & 0x1) {
 319                unsigned long spc = get_reg(child, PT_SPC);
 320                /* Delay slot bit set. Report as stopped on proper
 321                   instruction. */
 322                if (spc) {
 323                        /* Rely on SPC if set. FIXME: We might want to check
 324                           that EXS indicates we stopped due to a single-step
 325                           exception. */
 326                        pc = spc;
 327                } else {
 328                        /* Calculate the PC from the size of the instruction
 329                           that the delay slot we're in belongs to. */
 330                        pc += insn_size(child, pc & ~1) - 1;
 331                }
 332        }
 333        return pc;
 334}
 335
 336static long bp_owner = 0;
 337
 338/* Reachable from exit_thread in signal.c, so not static. */
 339void deconfigure_bp(long pid)
 340{
 341        int bp;
 342
 343        /* Only deconfigure if the pid is the owner. */
 344        if (bp_owner != pid)
 345                return;
 346
 347        for (bp = 0; bp < 6; bp++) {
 348                unsigned long tmp;
 349                /* Deconfigure start and end address (also gets rid of ownership). */
 350                put_debugreg(pid, PT_BP + 3 + (bp * 2), 0);
 351                put_debugreg(pid, PT_BP + 4 + (bp * 2), 0);
 352
 353                /* Deconfigure relevant bits in control register. */
 354                tmp = get_debugreg(pid, PT_BP_CTRL) & ~(3 << (2 + (bp * 4)));
 355                put_debugreg(pid, PT_BP_CTRL, tmp);
 356        }
 357        /* No owner now. */
 358        bp_owner = 0;
 359}
 360
 361static int put_debugreg(long pid, unsigned int regno, long data)
 362{
 363        int ret = 0;
 364        register int old_srs;
 365
 366#ifdef CONFIG_ETRAX_KGDB
 367        /* Ignore write, but pretend it was ok if value is 0
 368           (we don't want POKEUSR/SETREGS failing unnessecarily). */
 369        return (data == 0) ? ret : -1;
 370#endif
 371
 372        /* Simple owner management. */
 373        if (!bp_owner)
 374                bp_owner = pid;
 375        else if (bp_owner != pid) {
 376                /* Ignore write, but pretend it was ok if value is 0
 377                   (we don't want POKEUSR/SETREGS failing unnessecarily). */
 378                return (data == 0) ? ret : -1;
 379        }
 380
 381        /* Remember old SRS. */
 382        SPEC_REG_RD(SPEC_REG_SRS, old_srs);
 383        /* Switch to BP bank. */
 384        SUPP_BANK_SEL(BANK_BP);
 385
 386        switch (regno - PT_BP) {
 387        case 0:
 388                SUPP_REG_WR(0, data); break;
 389        case 1:
 390        case 2:
 391                if (data)
 392                        ret = -1;
 393                break;
 394        case 3:
 395                SUPP_REG_WR(3, data); break;
 396        case 4:
 397                SUPP_REG_WR(4, data); break;
 398        case 5:
 399                SUPP_REG_WR(5, data); break;
 400        case 6:
 401                SUPP_REG_WR(6, data); break;
 402        case 7:
 403                SUPP_REG_WR(7, data); break;
 404        case 8:
 405                SUPP_REG_WR(8, data); break;
 406        case 9:
 407                SUPP_REG_WR(9, data); break;
 408        case 10:
 409                SUPP_REG_WR(10, data); break;
 410        case 11:
 411                SUPP_REG_WR(11, data); break;
 412        case 12:
 413                SUPP_REG_WR(12, data); break;
 414        case 13:
 415                SUPP_REG_WR(13, data); break;
 416        case 14:
 417                SUPP_REG_WR(14, data); break;
 418        default:
 419                ret = -1;
 420                break;
 421        }
 422
 423        /* Restore SRS. */
 424        SPEC_REG_WR(SPEC_REG_SRS, old_srs);
 425        /* Just for show. */
 426        NOP();
 427        NOP();
 428        NOP();
 429
 430        return ret;
 431}
 432
 433static long get_debugreg(long pid, unsigned int regno)
 434{
 435        register int old_srs;
 436        register long data;
 437
 438        if (pid != bp_owner) {
 439                return 0;
 440        }
 441
 442        /* Remember old SRS. */
 443        SPEC_REG_RD(SPEC_REG_SRS, old_srs);
 444        /* Switch to BP bank. */
 445        SUPP_BANK_SEL(BANK_BP);
 446
 447        switch (regno - PT_BP) {
 448        case 0:
 449                SUPP_REG_RD(0, data); break;
 450        case 1:
 451        case 2:
 452                /* error return value? */
 453                data = 0;
 454                break;
 455        case 3:
 456                SUPP_REG_RD(3, data); break;
 457        case 4:
 458                SUPP_REG_RD(4, data); break;
 459        case 5:
 460                SUPP_REG_RD(5, data); break;
 461        case 6:
 462                SUPP_REG_RD(6, data); break;
 463        case 7:
 464                SUPP_REG_RD(7, data); break;
 465        case 8:
 466                SUPP_REG_RD(8, data); break;
 467        case 9:
 468                SUPP_REG_RD(9, data); break;
 469        case 10:
 470                SUPP_REG_RD(10, data); break;
 471        case 11:
 472                SUPP_REG_RD(11, data); break;
 473        case 12:
 474                SUPP_REG_RD(12, data); break;
 475        case 13:
 476                SUPP_REG_RD(13, data); break;
 477        case 14:
 478                SUPP_REG_RD(14, data); break;
 479        default:
 480                /* error return value? */
 481                data = 0;
 482        }
 483
 484        /* Restore SRS. */
 485        SPEC_REG_WR(SPEC_REG_SRS, old_srs);
 486        /* Just for show. */
 487        NOP();
 488        NOP();
 489        NOP();
 490
 491        return data;
 492}
 493