search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
staging: rtl8192u: remove redundant assignment to pointer crypt
[linux/fpc-iii.git] / arch / arm64 / kernel / hw_breakpoint.c
blob38ee1514cd9cde9135dc6e272b72a50ee702eb91
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * HW_breakpoint: a unified kernel/user-space hardware breakpoint facility,
4 * using the CPU's debug registers.
5 *
6 * Copyright (C) 2012 ARM Limited
7 * Author: Will Deacon <will.deacon@arm.com>
8 */
9
10 #define pr_fmt(fmt) "hw-breakpoint: " fmt
11
12 #include <linux/compat.h>
13 #include <linux/cpu_pm.h>
14 #include <linux/errno.h>
15 #include <linux/hw_breakpoint.h>
16 #include <linux/kprobes.h>
17 #include <linux/perf_event.h>
18 #include <linux/ptrace.h>
19 #include <linux/smp.h>
20 #include <linux/uaccess.h>
21
22 #include <asm/current.h>
23 #include <asm/debug-monitors.h>
24 #include <asm/hw_breakpoint.h>
25 #include <asm/traps.h>
26 #include <asm/cputype.h>
27 #include <asm/system_misc.h>
28
29 /* Breakpoint currently in use for each BRP. */
30 static DEFINE_PER_CPU(struct perf_event *, bp_on_reg[ARM_MAX_BRP]);
31
32 /* Watchpoint currently in use for each WRP. */
33 static DEFINE_PER_CPU(struct perf_event *, wp_on_reg[ARM_MAX_WRP]);
34
35 /* Currently stepping a per-CPU kernel breakpoint. */
36 static DEFINE_PER_CPU(int, stepping_kernel_bp);
37
38 /* Number of BRP/WRP registers on this CPU. */
39 static int core_num_brps;
40 static int core_num_wrps;
41
42 int hw_breakpoint_slots(int type)
43 {
44 /*
45 * We can be called early, so don't rely on
46 * our static variables being initialised.
47 */
48 switch (type) {
49 case TYPE_INST:
50 return get_num_brps();
51 case TYPE_DATA:
52 return get_num_wrps();
53 default:
54 pr_warning("unknown slot type: %d\n", type);
55 return 0;
56 }
57 }
58
59 #define READ_WB_REG_CASE(OFF, N, REG, VAL) \
60 case (OFF + N): \
61 AARCH64_DBG_READ(N, REG, VAL); \
62 break
63
64 #define WRITE_WB_REG_CASE(OFF, N, REG, VAL) \
65 case (OFF + N): \
66 AARCH64_DBG_WRITE(N, REG, VAL); \
67 break
68
69 #define GEN_READ_WB_REG_CASES(OFF, REG, VAL) \
70 READ_WB_REG_CASE(OFF, 0, REG, VAL); \
71 READ_WB_REG_CASE(OFF, 1, REG, VAL); \
72 READ_WB_REG_CASE(OFF, 2, REG, VAL); \
73 READ_WB_REG_CASE(OFF, 3, REG, VAL); \
74 READ_WB_REG_CASE(OFF, 4, REG, VAL); \
75 READ_WB_REG_CASE(OFF, 5, REG, VAL); \
76 READ_WB_REG_CASE(OFF, 6, REG, VAL); \
77 READ_WB_REG_CASE(OFF, 7, REG, VAL); \
78 READ_WB_REG_CASE(OFF, 8, REG, VAL); \
79 READ_WB_REG_CASE(OFF, 9, REG, VAL); \
80 READ_WB_REG_CASE(OFF, 10, REG, VAL); \
81 READ_WB_REG_CASE(OFF, 11, REG, VAL); \
82 READ_WB_REG_CASE(OFF, 12, REG, VAL); \
83 READ_WB_REG_CASE(OFF, 13, REG, VAL); \
84 READ_WB_REG_CASE(OFF, 14, REG, VAL); \
85 READ_WB_REG_CASE(OFF, 15, REG, VAL)
86
87 #define GEN_WRITE_WB_REG_CASES(OFF, REG, VAL) \
88 WRITE_WB_REG_CASE(OFF, 0, REG, VAL); \
89 WRITE_WB_REG_CASE(OFF, 1, REG, VAL); \
90 WRITE_WB_REG_CASE(OFF, 2, REG, VAL); \
91 WRITE_WB_REG_CASE(OFF, 3, REG, VAL); \
92 WRITE_WB_REG_CASE(OFF, 4, REG, VAL); \
93 WRITE_WB_REG_CASE(OFF, 5, REG, VAL); \
94 WRITE_WB_REG_CASE(OFF, 6, REG, VAL); \
95 WRITE_WB_REG_CASE(OFF, 7, REG, VAL); \
96 WRITE_WB_REG_CASE(OFF, 8, REG, VAL); \
97 WRITE_WB_REG_CASE(OFF, 9, REG, VAL); \
98 WRITE_WB_REG_CASE(OFF, 10, REG, VAL); \
99 WRITE_WB_REG_CASE(OFF, 11, REG, VAL); \
100 WRITE_WB_REG_CASE(OFF, 12, REG, VAL); \
101 WRITE_WB_REG_CASE(OFF, 13, REG, VAL); \
102 WRITE_WB_REG_CASE(OFF, 14, REG, VAL); \
103 WRITE_WB_REG_CASE(OFF, 15, REG, VAL)
104
105 static u64 read_wb_reg(int reg, int n)
106 {
107 u64 val = 0;
108
109 switch (reg + n) {
110 GEN_READ_WB_REG_CASES(AARCH64_DBG_REG_BVR, AARCH64_DBG_REG_NAME_BVR, val);
111 GEN_READ_WB_REG_CASES(AARCH64_DBG_REG_BCR, AARCH64_DBG_REG_NAME_BCR, val);
112 GEN_READ_WB_REG_CASES(AARCH64_DBG_REG_WVR, AARCH64_DBG_REG_NAME_WVR, val);
113 GEN_READ_WB_REG_CASES(AARCH64_DBG_REG_WCR, AARCH64_DBG_REG_NAME_WCR, val);
114 default:
115 pr_warning("attempt to read from unknown breakpoint register %d\n", n);
116 }
117
118 return val;
119 }
120 NOKPROBE_SYMBOL(read_wb_reg);
121
122 static void write_wb_reg(int reg, int n, u64 val)
123 {
124 switch (reg + n) {
125 GEN_WRITE_WB_REG_CASES(AARCH64_DBG_REG_BVR, AARCH64_DBG_REG_NAME_BVR, val);
126 GEN_WRITE_WB_REG_CASES(AARCH64_DBG_REG_BCR, AARCH64_DBG_REG_NAME_BCR, val);
127 GEN_WRITE_WB_REG_CASES(AARCH64_DBG_REG_WVR, AARCH64_DBG_REG_NAME_WVR, val);
128 GEN_WRITE_WB_REG_CASES(AARCH64_DBG_REG_WCR, AARCH64_DBG_REG_NAME_WCR, val);
129 default:
130 pr_warning("attempt to write to unknown breakpoint register %d\n", n);
131 }
132 isb();
133 }
134 NOKPROBE_SYMBOL(write_wb_reg);
135
136 /*
137 * Convert a breakpoint privilege level to the corresponding exception
138 * level.
139 */
140 static enum dbg_active_el debug_exception_level(int privilege)
141 {
142 switch (privilege) {
143 case AARCH64_BREAKPOINT_EL0:
144 return DBG_ACTIVE_EL0;
145 case AARCH64_BREAKPOINT_EL1:
146 return DBG_ACTIVE_EL1;
147 default:
148 pr_warning("invalid breakpoint privilege level %d\n", privilege);
149 return -EINVAL;
150 }
151 }
152 NOKPROBE_SYMBOL(debug_exception_level);
153
154 enum hw_breakpoint_ops {
155 HW_BREAKPOINT_INSTALL,
156 HW_BREAKPOINT_UNINSTALL,
157 HW_BREAKPOINT_RESTORE
158 };
159
160 static int is_compat_bp(struct perf_event *bp)
161 {
162 struct task_struct *tsk = bp->hw.target;
163
164 /*
165 * tsk can be NULL for per-cpu (non-ptrace) breakpoints.
166 * In this case, use the native interface, since we don't have
167 * the notion of a "compat CPU" and could end up relying on
168 * deprecated behaviour if we use unaligned watchpoints in
169 * AArch64 state.
170 */
171 return tsk && is_compat_thread(task_thread_info(tsk));
172 }
173
174 /**
175 * hw_breakpoint_slot_setup - Find and setup a perf slot according to
176 * operations
177 *
178 * @slots: pointer to array of slots
179 * @max_slots: max number of slots
180 * @bp: perf_event to setup
181 * @ops: operation to be carried out on the slot
182 *
183 * Return:
184 * slot index on success
185 * -ENOSPC if no slot is available/matches
186 * -EINVAL on wrong operations parameter
187 */
188 static int hw_breakpoint_slot_setup(struct perf_event **slots, int max_slots,
189 struct perf_event *bp,
190 enum hw_breakpoint_ops ops)
191 {
192 int i;
193 struct perf_event **slot;
194
195 for (i = 0; i < max_slots; ++i) {
196 slot = &slots[i];
197 switch (ops) {
198 case HW_BREAKPOINT_INSTALL:
199 if (!*slot) {
200 *slot = bp;
201 return i;
202 }
203 break;
204 case HW_BREAKPOINT_UNINSTALL:
205 if (*slot == bp) {
206 *slot = NULL;
207 return i;
208 }
209 break;
210 case HW_BREAKPOINT_RESTORE:
211 if (*slot == bp)
212 return i;
213 break;
214 default:
215 pr_warn_once("Unhandled hw breakpoint ops %d\n", ops);
216 return -EINVAL;
217 }
218 }
219 return -ENOSPC;
220 }
221
222 static int hw_breakpoint_control(struct perf_event *bp,
223 enum hw_breakpoint_ops ops)
224 {
225 struct arch_hw_breakpoint *info = counter_arch_bp(bp);
226 struct perf_event **slots;
227 struct debug_info *debug_info = &current->thread.debug;
228 int i, max_slots, ctrl_reg, val_reg, reg_enable;
229 enum dbg_active_el dbg_el = debug_exception_level(info->ctrl.privilege);
230 u32 ctrl;
231
232 if (info->ctrl.type == ARM_BREAKPOINT_EXECUTE) {
233 /* Breakpoint */
234 ctrl_reg = AARCH64_DBG_REG_BCR;
235 val_reg = AARCH64_DBG_REG_BVR;
236 slots = this_cpu_ptr(bp_on_reg);
237 max_slots = core_num_brps;
238 reg_enable = !debug_info->bps_disabled;
239 } else {
240 /* Watchpoint */
241 ctrl_reg = AARCH64_DBG_REG_WCR;
242 val_reg = AARCH64_DBG_REG_WVR;
243 slots = this_cpu_ptr(wp_on_reg);
244 max_slots = core_num_wrps;
245 reg_enable = !debug_info->wps_disabled;
246 }
247
248 i = hw_breakpoint_slot_setup(slots, max_slots, bp, ops);
249
250 if (WARN_ONCE(i < 0, "Can't find any breakpoint slot"))
251 return i;
252
253 switch (ops) {
254 case HW_BREAKPOINT_INSTALL:
255 /*
256 * Ensure debug monitors are enabled at the correct exception
257 * level.
258 */
259 enable_debug_monitors(dbg_el);
260 /* Fall through */
261 case HW_BREAKPOINT_RESTORE:
262 /* Setup the address register. */
263 write_wb_reg(val_reg, i, info->address);
264
265 /* Setup the control register. */
266 ctrl = encode_ctrl_reg(info->ctrl);
267 write_wb_reg(ctrl_reg, i,
268 reg_enable ? ctrl | 0x1 : ctrl & ~0x1);
269 break;
270 case HW_BREAKPOINT_UNINSTALL:
271 /* Reset the control register. */
272 write_wb_reg(ctrl_reg, i, 0);
273
274 /*
275 * Release the debug monitors for the correct exception
276 * level.
277 */
278 disable_debug_monitors(dbg_el);
279 break;
280 }
281
282 return 0;
283 }
284
285 /*
286 * Install a perf counter breakpoint.
287 */
288 int arch_install_hw_breakpoint(struct perf_event *bp)
289 {
290 return hw_breakpoint_control(bp, HW_BREAKPOINT_INSTALL);
291 }
292
293 void arch_uninstall_hw_breakpoint(struct perf_event *bp)
294 {
295 hw_breakpoint_control(bp, HW_BREAKPOINT_UNINSTALL);
296 }
297
298 static int get_hbp_len(u8 hbp_len)
299 {
300 unsigned int len_in_bytes = 0;
301
302 switch (hbp_len) {
303 case ARM_BREAKPOINT_LEN_1:
304 len_in_bytes = 1;
305 break;
306 case ARM_BREAKPOINT_LEN_2:
307 len_in_bytes = 2;
308 break;
309 case ARM_BREAKPOINT_LEN_3:
310 len_in_bytes = 3;
311 break;
312 case ARM_BREAKPOINT_LEN_4:
313 len_in_bytes = 4;
314 break;
315 case ARM_BREAKPOINT_LEN_5:
316 len_in_bytes = 5;
317 break;
318 case ARM_BREAKPOINT_LEN_6:
319 len_in_bytes = 6;
320 break;
321 case ARM_BREAKPOINT_LEN_7:
322 len_in_bytes = 7;
323 break;
324 case ARM_BREAKPOINT_LEN_8:
325 len_in_bytes = 8;
326 break;
327 }
328
329 return len_in_bytes;
330 }
331
332 /*
333 * Check whether bp virtual address is in kernel space.
334 */
335 int arch_check_bp_in_kernelspace(struct arch_hw_breakpoint *hw)
336 {
337 unsigned int len;
338 unsigned long va;
339
340 va = hw->address;
341 len = get_hbp_len(hw->ctrl.len);
342
343 return (va >= TASK_SIZE) && ((va + len - 1) >= TASK_SIZE);
344 }
345
346 /*
347 * Extract generic type and length encodings from an arch_hw_breakpoint_ctrl.
348 * Hopefully this will disappear when ptrace can bypass the conversion
349 * to generic breakpoint descriptions.
350 */
351 int arch_bp_generic_fields(struct arch_hw_breakpoint_ctrl ctrl,
352 int *gen_len, int *gen_type, int *offset)
353 {
354 /* Type */
355 switch (ctrl.type) {
356 case ARM_BREAKPOINT_EXECUTE:
357 *gen_type = HW_BREAKPOINT_X;
358 break;
359 case ARM_BREAKPOINT_LOAD:
360 *gen_type = HW_BREAKPOINT_R;
361 break;
362 case ARM_BREAKPOINT_STORE:
363 *gen_type = HW_BREAKPOINT_W;
364 break;
365 case ARM_BREAKPOINT_LOAD | ARM_BREAKPOINT_STORE:
366 *gen_type = HW_BREAKPOINT_RW;
367 break;
368 default:
369 return -EINVAL;
370 }
371
372 if (!ctrl.len)
373 return -EINVAL;
374 *offset = __ffs(ctrl.len);
375
376 /* Len */
377 switch (ctrl.len >> *offset) {
378 case ARM_BREAKPOINT_LEN_1:
379 *gen_len = HW_BREAKPOINT_LEN_1;
380 break;
381 case ARM_BREAKPOINT_LEN_2:
382 *gen_len = HW_BREAKPOINT_LEN_2;
383 break;
384 case ARM_BREAKPOINT_LEN_3:
385 *gen_len = HW_BREAKPOINT_LEN_3;
386 break;
387 case ARM_BREAKPOINT_LEN_4:
388 *gen_len = HW_BREAKPOINT_LEN_4;
389 break;
390 case ARM_BREAKPOINT_LEN_5:
391 *gen_len = HW_BREAKPOINT_LEN_5;
392 break;
393 case ARM_BREAKPOINT_LEN_6:
394 *gen_len = HW_BREAKPOINT_LEN_6;
395 break;
396 case ARM_BREAKPOINT_LEN_7:
397 *gen_len = HW_BREAKPOINT_LEN_7;
398 break;
399 case ARM_BREAKPOINT_LEN_8:
400 *gen_len = HW_BREAKPOINT_LEN_8;
401 break;
402 default:
403 return -EINVAL;
404 }
405
406 return 0;
407 }
408
409 /*
410 * Construct an arch_hw_breakpoint from a perf_event.
411 */
412 static int arch_build_bp_info(struct perf_event *bp,
413 const struct perf_event_attr *attr,
414 struct arch_hw_breakpoint *hw)
415 {
416 /* Type */
417 switch (attr->bp_type) {
418 case HW_BREAKPOINT_X:
419 hw->ctrl.type = ARM_BREAKPOINT_EXECUTE;
420 break;
421 case HW_BREAKPOINT_R:
422 hw->ctrl.type = ARM_BREAKPOINT_LOAD;
423 break;
424 case HW_BREAKPOINT_W:
425 hw->ctrl.type = ARM_BREAKPOINT_STORE;
426 break;
427 case HW_BREAKPOINT_RW:
428 hw->ctrl.type = ARM_BREAKPOINT_LOAD | ARM_BREAKPOINT_STORE;
429 break;
430 default:
431 return -EINVAL;
432 }
433
434 /* Len */
435 switch (attr->bp_len) {
436 case HW_BREAKPOINT_LEN_1:
437 hw->ctrl.len = ARM_BREAKPOINT_LEN_1;
438 break;
439 case HW_BREAKPOINT_LEN_2:
440 hw->ctrl.len = ARM_BREAKPOINT_LEN_2;
441 break;
442 case HW_BREAKPOINT_LEN_3:
443 hw->ctrl.len = ARM_BREAKPOINT_LEN_3;
444 break;
445 case HW_BREAKPOINT_LEN_4:
446 hw->ctrl.len = ARM_BREAKPOINT_LEN_4;
447 break;
448 case HW_BREAKPOINT_LEN_5:
449 hw->ctrl.len = ARM_BREAKPOINT_LEN_5;
450 break;
451 case HW_BREAKPOINT_LEN_6:
452 hw->ctrl.len = ARM_BREAKPOINT_LEN_6;
453 break;
454 case HW_BREAKPOINT_LEN_7:
455 hw->ctrl.len = ARM_BREAKPOINT_LEN_7;
456 break;
457 case HW_BREAKPOINT_LEN_8:
458 hw->ctrl.len = ARM_BREAKPOINT_LEN_8;
459 break;
460 default:
461 return -EINVAL;
462 }
463
464 /*
465 * On AArch64, we only permit breakpoints of length 4, whereas
466 * AArch32 also requires breakpoints of length 2 for Thumb.
467 * Watchpoints can be of length 1, 2, 4 or 8 bytes.
468 */
469 if (hw->ctrl.type == ARM_BREAKPOINT_EXECUTE) {
470 if (is_compat_bp(bp)) {
471 if (hw->ctrl.len != ARM_BREAKPOINT_LEN_2 &&
472 hw->ctrl.len != ARM_BREAKPOINT_LEN_4)
473 return -EINVAL;
474 } else if (hw->ctrl.len != ARM_BREAKPOINT_LEN_4) {
475 /*
476 * FIXME: Some tools (I'm looking at you perf) assume
477 * that breakpoints should be sizeof(long). This
478 * is nonsense. For now, we fix up the parameter
479 * but we should probably return -EINVAL instead.
480 */
481 hw->ctrl.len = ARM_BREAKPOINT_LEN_4;
482 }
483 }
484
485 /* Address */
486 hw->address = attr->bp_addr;
487
488 /*
489 * Privilege
490 * Note that we disallow combined EL0/EL1 breakpoints because
491 * that would complicate the stepping code.
492 */
493 if (arch_check_bp_in_kernelspace(hw))
494 hw->ctrl.privilege = AARCH64_BREAKPOINT_EL1;
495 else
496 hw->ctrl.privilege = AARCH64_BREAKPOINT_EL0;
497
498 /* Enabled? */
499 hw->ctrl.enabled = !attr->disabled;
500
501 return 0;
502 }
503
504 /*
505 * Validate the arch-specific HW Breakpoint register settings.
506 */
507 int hw_breakpoint_arch_parse(struct perf_event *bp,
508 const struct perf_event_attr *attr,
509 struct arch_hw_breakpoint *hw)
510 {
511 int ret;
512 u64 alignment_mask, offset;
513
514 /* Build the arch_hw_breakpoint. */
515 ret = arch_build_bp_info(bp, attr, hw);
516 if (ret)
517 return ret;
518
519 /*
520 * Check address alignment.
521 * We don't do any clever alignment correction for watchpoints
522 * because using 64-bit unaligned addresses is deprecated for
523 * AArch64.
524 *
525 * AArch32 tasks expect some simple alignment fixups, so emulate
526 * that here.
527 */
528 if (is_compat_bp(bp)) {
529 if (hw->ctrl.len == ARM_BREAKPOINT_LEN_8)
530 alignment_mask = 0x7;
531 else
532 alignment_mask = 0x3;
533 offset = hw->address & alignment_mask;
534 switch (offset) {
535 case 0:
536 /* Aligned */
537 break;
538 case 1:
539 case 2:
540 /* Allow halfword watchpoints and breakpoints. */
541 if (hw->ctrl.len == ARM_BREAKPOINT_LEN_2)
542 break;
543
544 /* Fallthrough */
545 case 3:
546 /* Allow single byte watchpoint. */
547 if (hw->ctrl.len == ARM_BREAKPOINT_LEN_1)
548 break;
549
550 /* Fallthrough */
551 default:
552 return -EINVAL;
553 }
554 } else {
555 if (hw->ctrl.type == ARM_BREAKPOINT_EXECUTE)
556 alignment_mask = 0x3;
557 else
558 alignment_mask = 0x7;
559 offset = hw->address & alignment_mask;
560 }
561
562 hw->address &= ~alignment_mask;
563 hw->ctrl.len <<= offset;
564
565 /*
566 * Disallow per-task kernel breakpoints since these would
567 * complicate the stepping code.
568 */
569 if (hw->ctrl.privilege == AARCH64_BREAKPOINT_EL1 && bp->hw.target)
570 return -EINVAL;
571
572 return 0;
573 }
574
575 /*
576 * Enable/disable all of the breakpoints active at the specified
577 * exception level at the register level.
578 * This is used when single-stepping after a breakpoint exception.
579 */
580 static void toggle_bp_registers(int reg, enum dbg_active_el el, int enable)
581 {
582 int i, max_slots, privilege;
583 u32 ctrl;
584 struct perf_event **slots;
585
586 switch (reg) {
587 case AARCH64_DBG_REG_BCR:
588 slots = this_cpu_ptr(bp_on_reg);
589 max_slots = core_num_brps;
590 break;
591 case AARCH64_DBG_REG_WCR:
592 slots = this_cpu_ptr(wp_on_reg);
593 max_slots = core_num_wrps;
594 break;
595 default:
596 return;
597 }
598
599 for (i = 0; i < max_slots; ++i) {
600 if (!slots[i])
601 continue;
602
603 privilege = counter_arch_bp(slots[i])->ctrl.privilege;
604 if (debug_exception_level(privilege) != el)
605 continue;
606
607 ctrl = read_wb_reg(reg, i);
608 if (enable)
609 ctrl |= 0x1;
610 else
611 ctrl &= ~0x1;
612 write_wb_reg(reg, i, ctrl);
613 }
614 }
615 NOKPROBE_SYMBOL(toggle_bp_registers);
616
617 /*
618 * Debug exception handlers.
619 */
620 static int breakpoint_handler(unsigned long unused, unsigned int esr,
621 struct pt_regs *regs)
622 {
623 int i, step = 0, *kernel_step;
624 u32 ctrl_reg;
625 u64 addr, val;
626 struct perf_event *bp, **slots;
627 struct debug_info *debug_info;
628 struct arch_hw_breakpoint_ctrl ctrl;
629
630 slots = this_cpu_ptr(bp_on_reg);
631 addr = instruction_pointer(regs);
632 debug_info = &current->thread.debug;
633
634 for (i = 0; i < core_num_brps; ++i) {
635 rcu_read_lock();
636
637 bp = slots[i];
638
639 if (bp == NULL)
640 goto unlock;
641
642 /* Check if the breakpoint value matches. */
643 val = read_wb_reg(AARCH64_DBG_REG_BVR, i);
644 if (val != (addr & ~0x3))
645 goto unlock;
646
647 /* Possible match, check the byte address select to confirm. */
648 ctrl_reg = read_wb_reg(AARCH64_DBG_REG_BCR, i);
649 decode_ctrl_reg(ctrl_reg, &ctrl);
650 if (!((1 << (addr & 0x3)) & ctrl.len))
651 goto unlock;
652
653 counter_arch_bp(bp)->trigger = addr;
654 perf_bp_event(bp, regs);
655
656 /* Do we need to handle the stepping? */
657 if (is_default_overflow_handler(bp))
658 step = 1;
659 unlock:
660 rcu_read_unlock();
661 }
662
663 if (!step)
664 return 0;
665
666 if (user_mode(regs)) {
667 debug_info->bps_disabled = 1;
668 toggle_bp_registers(AARCH64_DBG_REG_BCR, DBG_ACTIVE_EL0, 0);
669
670 /* If we're already stepping a watchpoint, just return. */
671 if (debug_info->wps_disabled)
672 return 0;
673
674 if (test_thread_flag(TIF_SINGLESTEP))
675 debug_info->suspended_step = 1;
676 else
677 user_enable_single_step(current);
678 } else {
679 toggle_bp_registers(AARCH64_DBG_REG_BCR, DBG_ACTIVE_EL1, 0);
680 kernel_step = this_cpu_ptr(&stepping_kernel_bp);
681
682 if (*kernel_step != ARM_KERNEL_STEP_NONE)
683 return 0;
684
685 if (kernel_active_single_step()) {
686 *kernel_step = ARM_KERNEL_STEP_SUSPEND;
687 } else {
688 *kernel_step = ARM_KERNEL_STEP_ACTIVE;
689 kernel_enable_single_step(regs);
690 }
691 }
692
693 return 0;
694 }
695 NOKPROBE_SYMBOL(breakpoint_handler);
696
697 /*
698 * Arm64 hardware does not always report a watchpoint hit address that matches
699 * one of the watchpoints set. It can also report an address "near" the
700 * watchpoint if a single instruction access both watched and unwatched
701 * addresses. There is no straight-forward way, short of disassembling the
702 * offending instruction, to map that address back to the watchpoint. This
703 * function computes the distance of the memory access from the watchpoint as a
704 * heuristic for the likelyhood that a given access triggered the watchpoint.
705 *
706 * See Section D2.10.5 "Determining the memory location that caused a Watchpoint
707 * exception" of ARMv8 Architecture Reference Manual for details.
708 *
709 * The function returns the distance of the address from the bytes watched by
710 * the watchpoint. In case of an exact match, it returns 0.
711 */
712 static u64 get_distance_from_watchpoint(unsigned long addr, u64 val,
713 struct arch_hw_breakpoint_ctrl *ctrl)
714 {
715 u64 wp_low, wp_high;
716 u32 lens, lene;
717
718 addr = untagged_addr(addr);
719
720 lens = __ffs(ctrl->len);
721 lene = __fls(ctrl->len);
722
723 wp_low = val + lens;
724 wp_high = val + lene;
725 if (addr < wp_low)
726 return wp_low - addr;
727 else if (addr > wp_high)
728 return addr - wp_high;
729 else
730 return 0;
731 }
732
733 static int watchpoint_handler(unsigned long addr, unsigned int esr,
734 struct pt_regs *regs)
735 {
736 int i, step = 0, *kernel_step, access, closest_match = 0;
737 u64 min_dist = -1, dist;
738 u32 ctrl_reg;
739 u64 val;
740 struct perf_event *wp, **slots;
741 struct debug_info *debug_info;
742 struct arch_hw_breakpoint *info;
743 struct arch_hw_breakpoint_ctrl ctrl;
744
745 slots = this_cpu_ptr(wp_on_reg);
746 debug_info = &current->thread.debug;
747
748 /*
749 * Find all watchpoints that match the reported address. If no exact
750 * match is found. Attribute the hit to the closest watchpoint.
751 */
752 rcu_read_lock();
753 for (i = 0; i < core_num_wrps; ++i) {
754 wp = slots[i];
755 if (wp == NULL)
756 continue;
757
758 /*
759 * Check that the access type matches.
760 * 0 => load, otherwise => store
761 */
762 access = (esr & AARCH64_ESR_ACCESS_MASK) ? HW_BREAKPOINT_W :
763 HW_BREAKPOINT_R;
764 if (!(access & hw_breakpoint_type(wp)))
765 continue;
766
767 /* Check if the watchpoint value and byte select match. */
768 val = read_wb_reg(AARCH64_DBG_REG_WVR, i);
769 ctrl_reg = read_wb_reg(AARCH64_DBG_REG_WCR, i);
770 decode_ctrl_reg(ctrl_reg, &ctrl);
771 dist = get_distance_from_watchpoint(addr, val, &ctrl);
772 if (dist < min_dist) {
773 min_dist = dist;
774 closest_match = i;
775 }
776 /* Is this an exact match? */
777 if (dist != 0)
778 continue;
779
780 info = counter_arch_bp(wp);
781 info->trigger = addr;
782 perf_bp_event(wp, regs);
783
784 /* Do we need to handle the stepping? */
785 if (is_default_overflow_handler(wp))
786 step = 1;
787 }
788 if (min_dist > 0 && min_dist != -1) {
789 /* No exact match found. */
790 wp = slots[closest_match];
791 info = counter_arch_bp(wp);
792 info->trigger = addr;
793 perf_bp_event(wp, regs);
794
795 /* Do we need to handle the stepping? */
796 if (is_default_overflow_handler(wp))
797 step = 1;
798 }
799 rcu_read_unlock();
800
801 if (!step)
802 return 0;
803
804 /*
805 * We always disable EL0 watchpoints because the kernel can
806 * cause these to fire via an unprivileged access.
807 */
808 toggle_bp_registers(AARCH64_DBG_REG_WCR, DBG_ACTIVE_EL0, 0);
809
810 if (user_mode(regs)) {
811 debug_info->wps_disabled = 1;
812
813 /* If we're already stepping a breakpoint, just return. */
814 if (debug_info->bps_disabled)
815 return 0;
816
817 if (test_thread_flag(TIF_SINGLESTEP))
818 debug_info->suspended_step = 1;
819 else
820 user_enable_single_step(current);
821 } else {
822 toggle_bp_registers(AARCH64_DBG_REG_WCR, DBG_ACTIVE_EL1, 0);
823 kernel_step = this_cpu_ptr(&stepping_kernel_bp);
824
825 if (*kernel_step != ARM_KERNEL_STEP_NONE)
826 return 0;
827
828 if (kernel_active_single_step()) {
829 *kernel_step = ARM_KERNEL_STEP_SUSPEND;
830 } else {
831 *kernel_step = ARM_KERNEL_STEP_ACTIVE;
832 kernel_enable_single_step(regs);
833 }
834 }
835
836 return 0;
837 }
838 NOKPROBE_SYMBOL(watchpoint_handler);
839
840 /*
841 * Handle single-step exception.
842 */
843 int reinstall_suspended_bps(struct pt_regs *regs)
844 {
845 struct debug_info *debug_info = &current->thread.debug;
846 int handled_exception = 0, *kernel_step;
847
848 kernel_step = this_cpu_ptr(&stepping_kernel_bp);
849
850 /*
851 * Called from single-step exception handler.
852 * Return 0 if execution can resume, 1 if a SIGTRAP should be
853 * reported.
854 */
855 if (user_mode(regs)) {
856 if (debug_info->bps_disabled) {
857 debug_info->bps_disabled = 0;
858 toggle_bp_registers(AARCH64_DBG_REG_BCR, DBG_ACTIVE_EL0, 1);
859 handled_exception = 1;
860 }
861
862 if (debug_info->wps_disabled) {
863 debug_info->wps_disabled = 0;
864 toggle_bp_registers(AARCH64_DBG_REG_WCR, DBG_ACTIVE_EL0, 1);
865 handled_exception = 1;
866 }
867
868 if (handled_exception) {
869 if (debug_info->suspended_step) {
870 debug_info->suspended_step = 0;
871 /* Allow exception handling to fall-through. */
872 handled_exception = 0;
873 } else {
874 user_disable_single_step(current);
875 }
876 }
877 } else if (*kernel_step != ARM_KERNEL_STEP_NONE) {
878 toggle_bp_registers(AARCH64_DBG_REG_BCR, DBG_ACTIVE_EL1, 1);
879 toggle_bp_registers(AARCH64_DBG_REG_WCR, DBG_ACTIVE_EL1, 1);
880
881 if (!debug_info->wps_disabled)
882 toggle_bp_registers(AARCH64_DBG_REG_WCR, DBG_ACTIVE_EL0, 1);
883
884 if (*kernel_step != ARM_KERNEL_STEP_SUSPEND) {
885 kernel_disable_single_step();
886 handled_exception = 1;
887 } else {
888 handled_exception = 0;
889 }
890
891 *kernel_step = ARM_KERNEL_STEP_NONE;
892 }
893
894 return !handled_exception;
895 }
896 NOKPROBE_SYMBOL(reinstall_suspended_bps);
897
898 /*
899 * Context-switcher for restoring suspended breakpoints.
900 */
901 void hw_breakpoint_thread_switch(struct task_struct *next)
902 {
903 /*
904 * current next
905 * disabled: 0 0 => The usual case, NOTIFY_DONE
906 * 0 1 => Disable the registers
907 * 1 0 => Enable the registers
908 * 1 1 => NOTIFY_DONE. per-task bps will
909 * get taken care of by perf.
910 */
911
912 struct debug_info *current_debug_info, *next_debug_info;
913
914 current_debug_info = &current->thread.debug;
915 next_debug_info = &next->thread.debug;
916
917 /* Update breakpoints. */
918 if (current_debug_info->bps_disabled != next_debug_info->bps_disabled)
919 toggle_bp_registers(AARCH64_DBG_REG_BCR,
920 DBG_ACTIVE_EL0,
921 !next_debug_info->bps_disabled);
922
923 /* Update watchpoints. */
924 if (current_debug_info->wps_disabled != next_debug_info->wps_disabled)
925 toggle_bp_registers(AARCH64_DBG_REG_WCR,
926 DBG_ACTIVE_EL0,
927 !next_debug_info->wps_disabled);
928 }
929
930 /*
931 * CPU initialisation.
932 */
933 static int hw_breakpoint_reset(unsigned int cpu)
934 {
935 int i;
936 struct perf_event **slots;
937 /*
938 * When a CPU goes through cold-boot, it does not have any installed
939 * slot, so it is safe to share the same function for restoring and
940 * resetting breakpoints; when a CPU is hotplugged in, it goes
941 * through the slots, which are all empty, hence it just resets control
942 * and value for debug registers.
943 * When this function is triggered on warm-boot through a CPU PM
944 * notifier some slots might be initialized; if so they are
945 * reprogrammed according to the debug slots content.
946 */
947 for (slots = this_cpu_ptr(bp_on_reg), i = 0; i < core_num_brps; ++i) {
948 if (slots[i]) {
949 hw_breakpoint_control(slots[i], HW_BREAKPOINT_RESTORE);
950 } else {
951 write_wb_reg(AARCH64_DBG_REG_BCR, i, 0UL);
952 write_wb_reg(AARCH64_DBG_REG_BVR, i, 0UL);
953 }
954 }
955
956 for (slots = this_cpu_ptr(wp_on_reg), i = 0; i < core_num_wrps; ++i) {
957 if (slots[i]) {
958 hw_breakpoint_control(slots[i], HW_BREAKPOINT_RESTORE);
959 } else {
960 write_wb_reg(AARCH64_DBG_REG_WCR, i, 0UL);
961 write_wb_reg(AARCH64_DBG_REG_WVR, i, 0UL);
962 }
963 }
964
965 return 0;
966 }
967
968 #ifdef CONFIG_CPU_PM
969 extern void cpu_suspend_set_dbg_restorer(int (*hw_bp_restore)(unsigned int));
970 #else
971 static inline void cpu_suspend_set_dbg_restorer(int (*hw_bp_restore)(unsigned int))
972 {
973 }
974 #endif
975
976 /*
977 * One-time initialisation.
978 */
979 static int __init arch_hw_breakpoint_init(void)
980 {
981 int ret;
982
983 core_num_brps = get_num_brps();
984 core_num_wrps = get_num_wrps();
985
986 pr_info("found %d breakpoint and %d watchpoint registers.\n",
987 core_num_brps, core_num_wrps);
988
989 /* Register debug fault handlers. */
990 hook_debug_fault_code(DBG_ESR_EVT_HWBP, breakpoint_handler, SIGTRAP,
991 TRAP_HWBKPT, "hw-breakpoint handler");
992 hook_debug_fault_code(DBG_ESR_EVT_HWWP, watchpoint_handler, SIGTRAP,
993 TRAP_HWBKPT, "hw-watchpoint handler");
994
995 /*
996 * Reset the breakpoint resources. We assume that a halting
997 * debugger will leave the world in a nice state for us.
998 */
999 ret = cpuhp_setup_state(CPUHP_AP_PERF_ARM_HW_BREAKPOINT_STARTING,
1000 "perf/arm64/hw_breakpoint:starting",
1001 hw_breakpoint_reset, NULL);
1002 if (ret)
1003 pr_err("failed to register CPU hotplug notifier: %d\n", ret);
1004
1005 /* Register cpu_suspend hw breakpoint restore hook */
1006 cpu_suspend_set_dbg_restorer(hw_breakpoint_reset);
1007
1008 return ret;
1009 }
1010 arch_initcall(arch_hw_breakpoint_init);
1011
1012 void hw_breakpoint_pmu_read(struct perf_event *bp)
1013 {
1014 }
1015
1016 /*
1017 * Dummy function to register with die_notifier.
1018 */
1019 int hw_breakpoint_exceptions_notify(struct notifier_block *unused,
1020 unsigned long val, void *data)
1021 {
1022 return NOTIFY_DONE;
1023 }
Linux with added FPC-III support