WIP FPC-III support
[linux/fpc-iii.git] / arch / arm64 / kernel / ptrace.c
blob8ac487c84e3793ea539c857db114ba37f02d794f
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Based on arch/arm/kernel/ptrace.c
5 * By Ross Biro 1/23/92
6 * edited by Linus Torvalds
7 * ARM modifications Copyright (C) 2000 Russell King
8 * Copyright (C) 2012 ARM Ltd.
9 */
11 #include <linux/audit.h>
12 #include <linux/compat.h>
13 #include <linux/kernel.h>
14 #include <linux/sched/signal.h>
15 #include <linux/sched/task_stack.h>
16 #include <linux/mm.h>
17 #include <linux/nospec.h>
18 #include <linux/smp.h>
19 #include <linux/ptrace.h>
20 #include <linux/user.h>
21 #include <linux/seccomp.h>
22 #include <linux/security.h>
23 #include <linux/init.h>
24 #include <linux/signal.h>
25 #include <linux/string.h>
26 #include <linux/uaccess.h>
27 #include <linux/perf_event.h>
28 #include <linux/hw_breakpoint.h>
29 #include <linux/regset.h>
30 #include <linux/tracehook.h>
31 #include <linux/elf.h>
33 #include <asm/compat.h>
34 #include <asm/cpufeature.h>
35 #include <asm/debug-monitors.h>
36 #include <asm/fpsimd.h>
37 #include <asm/mte.h>
38 #include <asm/pointer_auth.h>
39 #include <asm/stacktrace.h>
40 #include <asm/syscall.h>
41 #include <asm/traps.h>
42 #include <asm/system_misc.h>
44 #define CREATE_TRACE_POINTS
45 #include <trace/events/syscalls.h>
47 struct pt_regs_offset {
48 const char *name;
49 int offset;
52 #define REG_OFFSET_NAME(r) {.name = #r, .offset = offsetof(struct pt_regs, r)}
53 #define REG_OFFSET_END {.name = NULL, .offset = 0}
54 #define GPR_OFFSET_NAME(r) \
55 {.name = "x" #r, .offset = offsetof(struct pt_regs, regs[r])}
57 static const struct pt_regs_offset regoffset_table[] = {
58 GPR_OFFSET_NAME(0),
59 GPR_OFFSET_NAME(1),
60 GPR_OFFSET_NAME(2),
61 GPR_OFFSET_NAME(3),
62 GPR_OFFSET_NAME(4),
63 GPR_OFFSET_NAME(5),
64 GPR_OFFSET_NAME(6),
65 GPR_OFFSET_NAME(7),
66 GPR_OFFSET_NAME(8),
67 GPR_OFFSET_NAME(9),
68 GPR_OFFSET_NAME(10),
69 GPR_OFFSET_NAME(11),
70 GPR_OFFSET_NAME(12),
71 GPR_OFFSET_NAME(13),
72 GPR_OFFSET_NAME(14),
73 GPR_OFFSET_NAME(15),
74 GPR_OFFSET_NAME(16),
75 GPR_OFFSET_NAME(17),
76 GPR_OFFSET_NAME(18),
77 GPR_OFFSET_NAME(19),
78 GPR_OFFSET_NAME(20),
79 GPR_OFFSET_NAME(21),
80 GPR_OFFSET_NAME(22),
81 GPR_OFFSET_NAME(23),
82 GPR_OFFSET_NAME(24),
83 GPR_OFFSET_NAME(25),
84 GPR_OFFSET_NAME(26),
85 GPR_OFFSET_NAME(27),
86 GPR_OFFSET_NAME(28),
87 GPR_OFFSET_NAME(29),
88 GPR_OFFSET_NAME(30),
89 {.name = "lr", .offset = offsetof(struct pt_regs, regs[30])},
90 REG_OFFSET_NAME(sp),
91 REG_OFFSET_NAME(pc),
92 REG_OFFSET_NAME(pstate),
93 REG_OFFSET_END,
96 /**
97 * regs_query_register_offset() - query register offset from its name
98 * @name: the name of a register
100 * regs_query_register_offset() returns the offset of a register in struct
101 * pt_regs from its name. If the name is invalid, this returns -EINVAL;
103 int regs_query_register_offset(const char *name)
105 const struct pt_regs_offset *roff;
107 for (roff = regoffset_table; roff->name != NULL; roff++)
108 if (!strcmp(roff->name, name))
109 return roff->offset;
110 return -EINVAL;
114 * regs_within_kernel_stack() - check the address in the stack
115 * @regs: pt_regs which contains kernel stack pointer.
116 * @addr: address which is checked.
118 * regs_within_kernel_stack() checks @addr is within the kernel stack page(s).
119 * If @addr is within the kernel stack, it returns true. If not, returns false.
121 static bool regs_within_kernel_stack(struct pt_regs *regs, unsigned long addr)
123 return ((addr & ~(THREAD_SIZE - 1)) ==
124 (kernel_stack_pointer(regs) & ~(THREAD_SIZE - 1))) ||
125 on_irq_stack(addr, NULL);
129 * regs_get_kernel_stack_nth() - get Nth entry of the stack
130 * @regs: pt_regs which contains kernel stack pointer.
131 * @n: stack entry number.
133 * regs_get_kernel_stack_nth() returns @n th entry of the kernel stack which
134 * is specified by @regs. If the @n th entry is NOT in the kernel stack,
135 * this returns 0.
137 unsigned long regs_get_kernel_stack_nth(struct pt_regs *regs, unsigned int n)
139 unsigned long *addr = (unsigned long *)kernel_stack_pointer(regs);
141 addr += n;
142 if (regs_within_kernel_stack(regs, (unsigned long)addr))
143 return *addr;
144 else
145 return 0;
149 * TODO: does not yet catch signals sent when the child dies.
150 * in exit.c or in signal.c.
154 * Called by kernel/ptrace.c when detaching..
156 void ptrace_disable(struct task_struct *child)
159 * This would be better off in core code, but PTRACE_DETACH has
160 * grown its fair share of arch-specific worts and changing it
161 * is likely to cause regressions on obscure architectures.
163 user_disable_single_step(child);
166 #ifdef CONFIG_HAVE_HW_BREAKPOINT
168 * Handle hitting a HW-breakpoint.
170 static void ptrace_hbptriggered(struct perf_event *bp,
171 struct perf_sample_data *data,
172 struct pt_regs *regs)
174 struct arch_hw_breakpoint *bkpt = counter_arch_bp(bp);
175 const char *desc = "Hardware breakpoint trap (ptrace)";
177 #ifdef CONFIG_COMPAT
178 if (is_compat_task()) {
179 int si_errno = 0;
180 int i;
182 for (i = 0; i < ARM_MAX_BRP; ++i) {
183 if (current->thread.debug.hbp_break[i] == bp) {
184 si_errno = (i << 1) + 1;
185 break;
189 for (i = 0; i < ARM_MAX_WRP; ++i) {
190 if (current->thread.debug.hbp_watch[i] == bp) {
191 si_errno = -((i << 1) + 1);
192 break;
195 arm64_force_sig_ptrace_errno_trap(si_errno, bkpt->trigger,
196 desc);
198 #endif
199 arm64_force_sig_fault(SIGTRAP, TRAP_HWBKPT, bkpt->trigger, desc);
203 * Unregister breakpoints from this task and reset the pointers in
204 * the thread_struct.
206 void flush_ptrace_hw_breakpoint(struct task_struct *tsk)
208 int i;
209 struct thread_struct *t = &tsk->thread;
211 for (i = 0; i < ARM_MAX_BRP; i++) {
212 if (t->debug.hbp_break[i]) {
213 unregister_hw_breakpoint(t->debug.hbp_break[i]);
214 t->debug.hbp_break[i] = NULL;
218 for (i = 0; i < ARM_MAX_WRP; i++) {
219 if (t->debug.hbp_watch[i]) {
220 unregister_hw_breakpoint(t->debug.hbp_watch[i]);
221 t->debug.hbp_watch[i] = NULL;
226 void ptrace_hw_copy_thread(struct task_struct *tsk)
228 memset(&tsk->thread.debug, 0, sizeof(struct debug_info));
231 static struct perf_event *ptrace_hbp_get_event(unsigned int note_type,
232 struct task_struct *tsk,
233 unsigned long idx)
235 struct perf_event *bp = ERR_PTR(-EINVAL);
237 switch (note_type) {
238 case NT_ARM_HW_BREAK:
239 if (idx >= ARM_MAX_BRP)
240 goto out;
241 idx = array_index_nospec(idx, ARM_MAX_BRP);
242 bp = tsk->thread.debug.hbp_break[idx];
243 break;
244 case NT_ARM_HW_WATCH:
245 if (idx >= ARM_MAX_WRP)
246 goto out;
247 idx = array_index_nospec(idx, ARM_MAX_WRP);
248 bp = tsk->thread.debug.hbp_watch[idx];
249 break;
252 out:
253 return bp;
256 static int ptrace_hbp_set_event(unsigned int note_type,
257 struct task_struct *tsk,
258 unsigned long idx,
259 struct perf_event *bp)
261 int err = -EINVAL;
263 switch (note_type) {
264 case NT_ARM_HW_BREAK:
265 if (idx >= ARM_MAX_BRP)
266 goto out;
267 idx = array_index_nospec(idx, ARM_MAX_BRP);
268 tsk->thread.debug.hbp_break[idx] = bp;
269 err = 0;
270 break;
271 case NT_ARM_HW_WATCH:
272 if (idx >= ARM_MAX_WRP)
273 goto out;
274 idx = array_index_nospec(idx, ARM_MAX_WRP);
275 tsk->thread.debug.hbp_watch[idx] = bp;
276 err = 0;
277 break;
280 out:
281 return err;
284 static struct perf_event *ptrace_hbp_create(unsigned int note_type,
285 struct task_struct *tsk,
286 unsigned long idx)
288 struct perf_event *bp;
289 struct perf_event_attr attr;
290 int err, type;
292 switch (note_type) {
293 case NT_ARM_HW_BREAK:
294 type = HW_BREAKPOINT_X;
295 break;
296 case NT_ARM_HW_WATCH:
297 type = HW_BREAKPOINT_RW;
298 break;
299 default:
300 return ERR_PTR(-EINVAL);
303 ptrace_breakpoint_init(&attr);
306 * Initialise fields to sane defaults
307 * (i.e. values that will pass validation).
309 attr.bp_addr = 0;
310 attr.bp_len = HW_BREAKPOINT_LEN_4;
311 attr.bp_type = type;
312 attr.disabled = 1;
314 bp = register_user_hw_breakpoint(&attr, ptrace_hbptriggered, NULL, tsk);
315 if (IS_ERR(bp))
316 return bp;
318 err = ptrace_hbp_set_event(note_type, tsk, idx, bp);
319 if (err)
320 return ERR_PTR(err);
322 return bp;
325 static int ptrace_hbp_fill_attr_ctrl(unsigned int note_type,
326 struct arch_hw_breakpoint_ctrl ctrl,
327 struct perf_event_attr *attr)
329 int err, len, type, offset, disabled = !ctrl.enabled;
331 attr->disabled = disabled;
332 if (disabled)
333 return 0;
335 err = arch_bp_generic_fields(ctrl, &len, &type, &offset);
336 if (err)
337 return err;
339 switch (note_type) {
340 case NT_ARM_HW_BREAK:
341 if ((type & HW_BREAKPOINT_X) != type)
342 return -EINVAL;
343 break;
344 case NT_ARM_HW_WATCH:
345 if ((type & HW_BREAKPOINT_RW) != type)
346 return -EINVAL;
347 break;
348 default:
349 return -EINVAL;
352 attr->bp_len = len;
353 attr->bp_type = type;
354 attr->bp_addr += offset;
356 return 0;
359 static int ptrace_hbp_get_resource_info(unsigned int note_type, u32 *info)
361 u8 num;
362 u32 reg = 0;
364 switch (note_type) {
365 case NT_ARM_HW_BREAK:
366 num = hw_breakpoint_slots(TYPE_INST);
367 break;
368 case NT_ARM_HW_WATCH:
369 num = hw_breakpoint_slots(TYPE_DATA);
370 break;
371 default:
372 return -EINVAL;
375 reg |= debug_monitors_arch();
376 reg <<= 8;
377 reg |= num;
379 *info = reg;
380 return 0;
383 static int ptrace_hbp_get_ctrl(unsigned int note_type,
384 struct task_struct *tsk,
385 unsigned long idx,
386 u32 *ctrl)
388 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
390 if (IS_ERR(bp))
391 return PTR_ERR(bp);
393 *ctrl = bp ? encode_ctrl_reg(counter_arch_bp(bp)->ctrl) : 0;
394 return 0;
397 static int ptrace_hbp_get_addr(unsigned int note_type,
398 struct task_struct *tsk,
399 unsigned long idx,
400 u64 *addr)
402 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
404 if (IS_ERR(bp))
405 return PTR_ERR(bp);
407 *addr = bp ? counter_arch_bp(bp)->address : 0;
408 return 0;
411 static struct perf_event *ptrace_hbp_get_initialised_bp(unsigned int note_type,
412 struct task_struct *tsk,
413 unsigned long idx)
415 struct perf_event *bp = ptrace_hbp_get_event(note_type, tsk, idx);
417 if (!bp)
418 bp = ptrace_hbp_create(note_type, tsk, idx);
420 return bp;
423 static int ptrace_hbp_set_ctrl(unsigned int note_type,
424 struct task_struct *tsk,
425 unsigned long idx,
426 u32 uctrl)
428 int err;
429 struct perf_event *bp;
430 struct perf_event_attr attr;
431 struct arch_hw_breakpoint_ctrl ctrl;
433 bp = ptrace_hbp_get_initialised_bp(note_type, tsk, idx);
434 if (IS_ERR(bp)) {
435 err = PTR_ERR(bp);
436 return err;
439 attr = bp->attr;
440 decode_ctrl_reg(uctrl, &ctrl);
441 err = ptrace_hbp_fill_attr_ctrl(note_type, ctrl, &attr);
442 if (err)
443 return err;
445 return modify_user_hw_breakpoint(bp, &attr);
448 static int ptrace_hbp_set_addr(unsigned int note_type,
449 struct task_struct *tsk,
450 unsigned long idx,
451 u64 addr)
453 int err;
454 struct perf_event *bp;
455 struct perf_event_attr attr;
457 bp = ptrace_hbp_get_initialised_bp(note_type, tsk, idx);
458 if (IS_ERR(bp)) {
459 err = PTR_ERR(bp);
460 return err;
463 attr = bp->attr;
464 attr.bp_addr = addr;
465 err = modify_user_hw_breakpoint(bp, &attr);
466 return err;
469 #define PTRACE_HBP_ADDR_SZ sizeof(u64)
470 #define PTRACE_HBP_CTRL_SZ sizeof(u32)
471 #define PTRACE_HBP_PAD_SZ sizeof(u32)
473 static int hw_break_get(struct task_struct *target,
474 const struct user_regset *regset,
475 struct membuf to)
477 unsigned int note_type = regset->core_note_type;
478 int ret, idx = 0;
479 u32 info, ctrl;
480 u64 addr;
482 /* Resource info */
483 ret = ptrace_hbp_get_resource_info(note_type, &info);
484 if (ret)
485 return ret;
487 membuf_write(&to, &info, sizeof(info));
488 membuf_zero(&to, sizeof(u32));
489 /* (address, ctrl) registers */
490 while (to.left) {
491 ret = ptrace_hbp_get_addr(note_type, target, idx, &addr);
492 if (ret)
493 return ret;
494 ret = ptrace_hbp_get_ctrl(note_type, target, idx, &ctrl);
495 if (ret)
496 return ret;
497 membuf_store(&to, addr);
498 membuf_store(&to, ctrl);
499 membuf_zero(&to, sizeof(u32));
500 idx++;
502 return 0;
505 static int hw_break_set(struct task_struct *target,
506 const struct user_regset *regset,
507 unsigned int pos, unsigned int count,
508 const void *kbuf, const void __user *ubuf)
510 unsigned int note_type = regset->core_note_type;
511 int ret, idx = 0, offset, limit;
512 u32 ctrl;
513 u64 addr;
515 /* Resource info and pad */
516 offset = offsetof(struct user_hwdebug_state, dbg_regs);
517 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf, 0, offset);
518 if (ret)
519 return ret;
521 /* (address, ctrl) registers */
522 limit = regset->n * regset->size;
523 while (count && offset < limit) {
524 if (count < PTRACE_HBP_ADDR_SZ)
525 return -EINVAL;
526 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &addr,
527 offset, offset + PTRACE_HBP_ADDR_SZ);
528 if (ret)
529 return ret;
530 ret = ptrace_hbp_set_addr(note_type, target, idx, addr);
531 if (ret)
532 return ret;
533 offset += PTRACE_HBP_ADDR_SZ;
535 if (!count)
536 break;
537 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &ctrl,
538 offset, offset + PTRACE_HBP_CTRL_SZ);
539 if (ret)
540 return ret;
541 ret = ptrace_hbp_set_ctrl(note_type, target, idx, ctrl);
542 if (ret)
543 return ret;
544 offset += PTRACE_HBP_CTRL_SZ;
546 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
547 offset,
548 offset + PTRACE_HBP_PAD_SZ);
549 if (ret)
550 return ret;
551 offset += PTRACE_HBP_PAD_SZ;
552 idx++;
555 return 0;
557 #endif /* CONFIG_HAVE_HW_BREAKPOINT */
559 static int gpr_get(struct task_struct *target,
560 const struct user_regset *regset,
561 struct membuf to)
563 struct user_pt_regs *uregs = &task_pt_regs(target)->user_regs;
564 return membuf_write(&to, uregs, sizeof(*uregs));
567 static int gpr_set(struct task_struct *target, const struct user_regset *regset,
568 unsigned int pos, unsigned int count,
569 const void *kbuf, const void __user *ubuf)
571 int ret;
572 struct user_pt_regs newregs = task_pt_regs(target)->user_regs;
574 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &newregs, 0, -1);
575 if (ret)
576 return ret;
578 if (!valid_user_regs(&newregs, target))
579 return -EINVAL;
581 task_pt_regs(target)->user_regs = newregs;
582 return 0;
585 static int fpr_active(struct task_struct *target, const struct user_regset *regset)
587 if (!system_supports_fpsimd())
588 return -ENODEV;
589 return regset->n;
593 * TODO: update fp accessors for lazy context switching (sync/flush hwstate)
595 static int __fpr_get(struct task_struct *target,
596 const struct user_regset *regset,
597 struct membuf to)
599 struct user_fpsimd_state *uregs;
601 sve_sync_to_fpsimd(target);
603 uregs = &target->thread.uw.fpsimd_state;
605 return membuf_write(&to, uregs, sizeof(*uregs));
608 static int fpr_get(struct task_struct *target, const struct user_regset *regset,
609 struct membuf to)
611 if (!system_supports_fpsimd())
612 return -EINVAL;
614 if (target == current)
615 fpsimd_preserve_current_state();
617 return __fpr_get(target, regset, to);
620 static int __fpr_set(struct task_struct *target,
621 const struct user_regset *regset,
622 unsigned int pos, unsigned int count,
623 const void *kbuf, const void __user *ubuf,
624 unsigned int start_pos)
626 int ret;
627 struct user_fpsimd_state newstate;
630 * Ensure target->thread.uw.fpsimd_state is up to date, so that a
631 * short copyin can't resurrect stale data.
633 sve_sync_to_fpsimd(target);
635 newstate = target->thread.uw.fpsimd_state;
637 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &newstate,
638 start_pos, start_pos + sizeof(newstate));
639 if (ret)
640 return ret;
642 target->thread.uw.fpsimd_state = newstate;
644 return ret;
647 static int fpr_set(struct task_struct *target, const struct user_regset *regset,
648 unsigned int pos, unsigned int count,
649 const void *kbuf, const void __user *ubuf)
651 int ret;
653 if (!system_supports_fpsimd())
654 return -EINVAL;
656 ret = __fpr_set(target, regset, pos, count, kbuf, ubuf, 0);
657 if (ret)
658 return ret;
660 sve_sync_from_fpsimd_zeropad(target);
661 fpsimd_flush_task_state(target);
663 return ret;
666 static int tls_get(struct task_struct *target, const struct user_regset *regset,
667 struct membuf to)
669 if (target == current)
670 tls_preserve_current_state();
672 return membuf_store(&to, target->thread.uw.tp_value);
675 static int tls_set(struct task_struct *target, const struct user_regset *regset,
676 unsigned int pos, unsigned int count,
677 const void *kbuf, const void __user *ubuf)
679 int ret;
680 unsigned long tls = target->thread.uw.tp_value;
682 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
683 if (ret)
684 return ret;
686 target->thread.uw.tp_value = tls;
687 return ret;
690 static int system_call_get(struct task_struct *target,
691 const struct user_regset *regset,
692 struct membuf to)
694 return membuf_store(&to, task_pt_regs(target)->syscallno);
697 static int system_call_set(struct task_struct *target,
698 const struct user_regset *regset,
699 unsigned int pos, unsigned int count,
700 const void *kbuf, const void __user *ubuf)
702 int syscallno = task_pt_regs(target)->syscallno;
703 int ret;
705 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &syscallno, 0, -1);
706 if (ret)
707 return ret;
709 task_pt_regs(target)->syscallno = syscallno;
710 return ret;
713 #ifdef CONFIG_ARM64_SVE
715 static void sve_init_header_from_task(struct user_sve_header *header,
716 struct task_struct *target)
718 unsigned int vq;
720 memset(header, 0, sizeof(*header));
722 header->flags = test_tsk_thread_flag(target, TIF_SVE) ?
723 SVE_PT_REGS_SVE : SVE_PT_REGS_FPSIMD;
724 if (test_tsk_thread_flag(target, TIF_SVE_VL_INHERIT))
725 header->flags |= SVE_PT_VL_INHERIT;
727 header->vl = target->thread.sve_vl;
728 vq = sve_vq_from_vl(header->vl);
730 header->max_vl = sve_max_vl;
731 header->size = SVE_PT_SIZE(vq, header->flags);
732 header->max_size = SVE_PT_SIZE(sve_vq_from_vl(header->max_vl),
733 SVE_PT_REGS_SVE);
736 static unsigned int sve_size_from_header(struct user_sve_header const *header)
738 return ALIGN(header->size, SVE_VQ_BYTES);
741 static int sve_get(struct task_struct *target,
742 const struct user_regset *regset,
743 struct membuf to)
745 struct user_sve_header header;
746 unsigned int vq;
747 unsigned long start, end;
749 if (!system_supports_sve())
750 return -EINVAL;
752 /* Header */
753 sve_init_header_from_task(&header, target);
754 vq = sve_vq_from_vl(header.vl);
756 membuf_write(&to, &header, sizeof(header));
758 if (target == current)
759 fpsimd_preserve_current_state();
761 /* Registers: FPSIMD-only case */
763 BUILD_BUG_ON(SVE_PT_FPSIMD_OFFSET != sizeof(header));
764 if ((header.flags & SVE_PT_REGS_MASK) == SVE_PT_REGS_FPSIMD)
765 return __fpr_get(target, regset, to);
767 /* Otherwise: full SVE case */
769 BUILD_BUG_ON(SVE_PT_SVE_OFFSET != sizeof(header));
770 start = SVE_PT_SVE_OFFSET;
771 end = SVE_PT_SVE_FFR_OFFSET(vq) + SVE_PT_SVE_FFR_SIZE(vq);
772 membuf_write(&to, target->thread.sve_state, end - start);
774 start = end;
775 end = SVE_PT_SVE_FPSR_OFFSET(vq);
776 membuf_zero(&to, end - start);
779 * Copy fpsr, and fpcr which must follow contiguously in
780 * struct fpsimd_state:
782 start = end;
783 end = SVE_PT_SVE_FPCR_OFFSET(vq) + SVE_PT_SVE_FPCR_SIZE;
784 membuf_write(&to, &target->thread.uw.fpsimd_state.fpsr, end - start);
786 start = end;
787 end = sve_size_from_header(&header);
788 return membuf_zero(&to, end - start);
791 static int sve_set(struct task_struct *target,
792 const struct user_regset *regset,
793 unsigned int pos, unsigned int count,
794 const void *kbuf, const void __user *ubuf)
796 int ret;
797 struct user_sve_header header;
798 unsigned int vq;
799 unsigned long start, end;
801 if (!system_supports_sve())
802 return -EINVAL;
804 /* Header */
805 if (count < sizeof(header))
806 return -EINVAL;
807 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &header,
808 0, sizeof(header));
809 if (ret)
810 goto out;
813 * Apart from SVE_PT_REGS_MASK, all SVE_PT_* flags are consumed by
814 * sve_set_vector_length(), which will also validate them for us:
816 ret = sve_set_vector_length(target, header.vl,
817 ((unsigned long)header.flags & ~SVE_PT_REGS_MASK) << 16);
818 if (ret)
819 goto out;
821 /* Actual VL set may be less than the user asked for: */
822 vq = sve_vq_from_vl(target->thread.sve_vl);
824 /* Registers: FPSIMD-only case */
826 BUILD_BUG_ON(SVE_PT_FPSIMD_OFFSET != sizeof(header));
827 if ((header.flags & SVE_PT_REGS_MASK) == SVE_PT_REGS_FPSIMD) {
828 ret = __fpr_set(target, regset, pos, count, kbuf, ubuf,
829 SVE_PT_FPSIMD_OFFSET);
830 clear_tsk_thread_flag(target, TIF_SVE);
831 goto out;
834 /* Otherwise: full SVE case */
837 * If setting a different VL from the requested VL and there is
838 * register data, the data layout will be wrong: don't even
839 * try to set the registers in this case.
841 if (count && vq != sve_vq_from_vl(header.vl)) {
842 ret = -EIO;
843 goto out;
846 sve_alloc(target);
849 * Ensure target->thread.sve_state is up to date with target's
850 * FPSIMD regs, so that a short copyin leaves trailing registers
851 * unmodified.
853 fpsimd_sync_to_sve(target);
854 set_tsk_thread_flag(target, TIF_SVE);
856 BUILD_BUG_ON(SVE_PT_SVE_OFFSET != sizeof(header));
857 start = SVE_PT_SVE_OFFSET;
858 end = SVE_PT_SVE_FFR_OFFSET(vq) + SVE_PT_SVE_FFR_SIZE(vq);
859 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
860 target->thread.sve_state,
861 start, end);
862 if (ret)
863 goto out;
865 start = end;
866 end = SVE_PT_SVE_FPSR_OFFSET(vq);
867 ret = user_regset_copyin_ignore(&pos, &count, &kbuf, &ubuf,
868 start, end);
869 if (ret)
870 goto out;
873 * Copy fpsr, and fpcr which must follow contiguously in
874 * struct fpsimd_state:
876 start = end;
877 end = SVE_PT_SVE_FPCR_OFFSET(vq) + SVE_PT_SVE_FPCR_SIZE;
878 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
879 &target->thread.uw.fpsimd_state.fpsr,
880 start, end);
882 out:
883 fpsimd_flush_task_state(target);
884 return ret;
887 #endif /* CONFIG_ARM64_SVE */
889 #ifdef CONFIG_ARM64_PTR_AUTH
890 static int pac_mask_get(struct task_struct *target,
891 const struct user_regset *regset,
892 struct membuf to)
895 * The PAC bits can differ across data and instruction pointers
896 * depending on TCR_EL1.TBID*, which we may make use of in future, so
897 * we expose separate masks.
899 unsigned long mask = ptrauth_user_pac_mask();
900 struct user_pac_mask uregs = {
901 .data_mask = mask,
902 .insn_mask = mask,
905 if (!system_supports_address_auth())
906 return -EINVAL;
908 return membuf_write(&to, &uregs, sizeof(uregs));
911 #ifdef CONFIG_CHECKPOINT_RESTORE
912 static __uint128_t pac_key_to_user(const struct ptrauth_key *key)
914 return (__uint128_t)key->hi << 64 | key->lo;
917 static struct ptrauth_key pac_key_from_user(__uint128_t ukey)
919 struct ptrauth_key key = {
920 .lo = (unsigned long)ukey,
921 .hi = (unsigned long)(ukey >> 64),
924 return key;
927 static void pac_address_keys_to_user(struct user_pac_address_keys *ukeys,
928 const struct ptrauth_keys_user *keys)
930 ukeys->apiakey = pac_key_to_user(&keys->apia);
931 ukeys->apibkey = pac_key_to_user(&keys->apib);
932 ukeys->apdakey = pac_key_to_user(&keys->apda);
933 ukeys->apdbkey = pac_key_to_user(&keys->apdb);
936 static void pac_address_keys_from_user(struct ptrauth_keys_user *keys,
937 const struct user_pac_address_keys *ukeys)
939 keys->apia = pac_key_from_user(ukeys->apiakey);
940 keys->apib = pac_key_from_user(ukeys->apibkey);
941 keys->apda = pac_key_from_user(ukeys->apdakey);
942 keys->apdb = pac_key_from_user(ukeys->apdbkey);
945 static int pac_address_keys_get(struct task_struct *target,
946 const struct user_regset *regset,
947 struct membuf to)
949 struct ptrauth_keys_user *keys = &target->thread.keys_user;
950 struct user_pac_address_keys user_keys;
952 if (!system_supports_address_auth())
953 return -EINVAL;
955 pac_address_keys_to_user(&user_keys, keys);
957 return membuf_write(&to, &user_keys, sizeof(user_keys));
960 static int pac_address_keys_set(struct task_struct *target,
961 const struct user_regset *regset,
962 unsigned int pos, unsigned int count,
963 const void *kbuf, const void __user *ubuf)
965 struct ptrauth_keys_user *keys = &target->thread.keys_user;
966 struct user_pac_address_keys user_keys;
967 int ret;
969 if (!system_supports_address_auth())
970 return -EINVAL;
972 pac_address_keys_to_user(&user_keys, keys);
973 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
974 &user_keys, 0, -1);
975 if (ret)
976 return ret;
977 pac_address_keys_from_user(keys, &user_keys);
979 return 0;
982 static void pac_generic_keys_to_user(struct user_pac_generic_keys *ukeys,
983 const struct ptrauth_keys_user *keys)
985 ukeys->apgakey = pac_key_to_user(&keys->apga);
988 static void pac_generic_keys_from_user(struct ptrauth_keys_user *keys,
989 const struct user_pac_generic_keys *ukeys)
991 keys->apga = pac_key_from_user(ukeys->apgakey);
994 static int pac_generic_keys_get(struct task_struct *target,
995 const struct user_regset *regset,
996 struct membuf to)
998 struct ptrauth_keys_user *keys = &target->thread.keys_user;
999 struct user_pac_generic_keys user_keys;
1001 if (!system_supports_generic_auth())
1002 return -EINVAL;
1004 pac_generic_keys_to_user(&user_keys, keys);
1006 return membuf_write(&to, &user_keys, sizeof(user_keys));
1009 static int pac_generic_keys_set(struct task_struct *target,
1010 const struct user_regset *regset,
1011 unsigned int pos, unsigned int count,
1012 const void *kbuf, const void __user *ubuf)
1014 struct ptrauth_keys_user *keys = &target->thread.keys_user;
1015 struct user_pac_generic_keys user_keys;
1016 int ret;
1018 if (!system_supports_generic_auth())
1019 return -EINVAL;
1021 pac_generic_keys_to_user(&user_keys, keys);
1022 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
1023 &user_keys, 0, -1);
1024 if (ret)
1025 return ret;
1026 pac_generic_keys_from_user(keys, &user_keys);
1028 return 0;
1030 #endif /* CONFIG_CHECKPOINT_RESTORE */
1031 #endif /* CONFIG_ARM64_PTR_AUTH */
1033 #ifdef CONFIG_ARM64_TAGGED_ADDR_ABI
1034 static int tagged_addr_ctrl_get(struct task_struct *target,
1035 const struct user_regset *regset,
1036 struct membuf to)
1038 long ctrl = get_tagged_addr_ctrl(target);
1040 if (IS_ERR_VALUE(ctrl))
1041 return ctrl;
1043 return membuf_write(&to, &ctrl, sizeof(ctrl));
1046 static int tagged_addr_ctrl_set(struct task_struct *target, const struct
1047 user_regset *regset, unsigned int pos,
1048 unsigned int count, const void *kbuf, const
1049 void __user *ubuf)
1051 int ret;
1052 long ctrl;
1054 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &ctrl, 0, -1);
1055 if (ret)
1056 return ret;
1058 return set_tagged_addr_ctrl(target, ctrl);
1060 #endif
1062 enum aarch64_regset {
1063 REGSET_GPR,
1064 REGSET_FPR,
1065 REGSET_TLS,
1066 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1067 REGSET_HW_BREAK,
1068 REGSET_HW_WATCH,
1069 #endif
1070 REGSET_SYSTEM_CALL,
1071 #ifdef CONFIG_ARM64_SVE
1072 REGSET_SVE,
1073 #endif
1074 #ifdef CONFIG_ARM64_PTR_AUTH
1075 REGSET_PAC_MASK,
1076 #ifdef CONFIG_CHECKPOINT_RESTORE
1077 REGSET_PACA_KEYS,
1078 REGSET_PACG_KEYS,
1079 #endif
1080 #endif
1081 #ifdef CONFIG_ARM64_TAGGED_ADDR_ABI
1082 REGSET_TAGGED_ADDR_CTRL,
1083 #endif
1086 static const struct user_regset aarch64_regsets[] = {
1087 [REGSET_GPR] = {
1088 .core_note_type = NT_PRSTATUS,
1089 .n = sizeof(struct user_pt_regs) / sizeof(u64),
1090 .size = sizeof(u64),
1091 .align = sizeof(u64),
1092 .regset_get = gpr_get,
1093 .set = gpr_set
1095 [REGSET_FPR] = {
1096 .core_note_type = NT_PRFPREG,
1097 .n = sizeof(struct user_fpsimd_state) / sizeof(u32),
1099 * We pretend we have 32-bit registers because the fpsr and
1100 * fpcr are 32-bits wide.
1102 .size = sizeof(u32),
1103 .align = sizeof(u32),
1104 .active = fpr_active,
1105 .regset_get = fpr_get,
1106 .set = fpr_set
1108 [REGSET_TLS] = {
1109 .core_note_type = NT_ARM_TLS,
1110 .n = 1,
1111 .size = sizeof(void *),
1112 .align = sizeof(void *),
1113 .regset_get = tls_get,
1114 .set = tls_set,
1116 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1117 [REGSET_HW_BREAK] = {
1118 .core_note_type = NT_ARM_HW_BREAK,
1119 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1120 .size = sizeof(u32),
1121 .align = sizeof(u32),
1122 .regset_get = hw_break_get,
1123 .set = hw_break_set,
1125 [REGSET_HW_WATCH] = {
1126 .core_note_type = NT_ARM_HW_WATCH,
1127 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1128 .size = sizeof(u32),
1129 .align = sizeof(u32),
1130 .regset_get = hw_break_get,
1131 .set = hw_break_set,
1133 #endif
1134 [REGSET_SYSTEM_CALL] = {
1135 .core_note_type = NT_ARM_SYSTEM_CALL,
1136 .n = 1,
1137 .size = sizeof(int),
1138 .align = sizeof(int),
1139 .regset_get = system_call_get,
1140 .set = system_call_set,
1142 #ifdef CONFIG_ARM64_SVE
1143 [REGSET_SVE] = { /* Scalable Vector Extension */
1144 .core_note_type = NT_ARM_SVE,
1145 .n = DIV_ROUND_UP(SVE_PT_SIZE(SVE_VQ_MAX, SVE_PT_REGS_SVE),
1146 SVE_VQ_BYTES),
1147 .size = SVE_VQ_BYTES,
1148 .align = SVE_VQ_BYTES,
1149 .regset_get = sve_get,
1150 .set = sve_set,
1152 #endif
1153 #ifdef CONFIG_ARM64_PTR_AUTH
1154 [REGSET_PAC_MASK] = {
1155 .core_note_type = NT_ARM_PAC_MASK,
1156 .n = sizeof(struct user_pac_mask) / sizeof(u64),
1157 .size = sizeof(u64),
1158 .align = sizeof(u64),
1159 .regset_get = pac_mask_get,
1160 /* this cannot be set dynamically */
1162 #ifdef CONFIG_CHECKPOINT_RESTORE
1163 [REGSET_PACA_KEYS] = {
1164 .core_note_type = NT_ARM_PACA_KEYS,
1165 .n = sizeof(struct user_pac_address_keys) / sizeof(__uint128_t),
1166 .size = sizeof(__uint128_t),
1167 .align = sizeof(__uint128_t),
1168 .regset_get = pac_address_keys_get,
1169 .set = pac_address_keys_set,
1171 [REGSET_PACG_KEYS] = {
1172 .core_note_type = NT_ARM_PACG_KEYS,
1173 .n = sizeof(struct user_pac_generic_keys) / sizeof(__uint128_t),
1174 .size = sizeof(__uint128_t),
1175 .align = sizeof(__uint128_t),
1176 .regset_get = pac_generic_keys_get,
1177 .set = pac_generic_keys_set,
1179 #endif
1180 #endif
1181 #ifdef CONFIG_ARM64_TAGGED_ADDR_ABI
1182 [REGSET_TAGGED_ADDR_CTRL] = {
1183 .core_note_type = NT_ARM_TAGGED_ADDR_CTRL,
1184 .n = 1,
1185 .size = sizeof(long),
1186 .align = sizeof(long),
1187 .regset_get = tagged_addr_ctrl_get,
1188 .set = tagged_addr_ctrl_set,
1190 #endif
1193 static const struct user_regset_view user_aarch64_view = {
1194 .name = "aarch64", .e_machine = EM_AARCH64,
1195 .regsets = aarch64_regsets, .n = ARRAY_SIZE(aarch64_regsets)
1198 #ifdef CONFIG_COMPAT
1199 enum compat_regset {
1200 REGSET_COMPAT_GPR,
1201 REGSET_COMPAT_VFP,
1204 static inline compat_ulong_t compat_get_user_reg(struct task_struct *task, int idx)
1206 struct pt_regs *regs = task_pt_regs(task);
1208 switch (idx) {
1209 case 15:
1210 return regs->pc;
1211 case 16:
1212 return pstate_to_compat_psr(regs->pstate);
1213 case 17:
1214 return regs->orig_x0;
1215 default:
1216 return regs->regs[idx];
1220 static int compat_gpr_get(struct task_struct *target,
1221 const struct user_regset *regset,
1222 struct membuf to)
1224 int i = 0;
1226 while (to.left)
1227 membuf_store(&to, compat_get_user_reg(target, i++));
1228 return 0;
1231 static int compat_gpr_set(struct task_struct *target,
1232 const struct user_regset *regset,
1233 unsigned int pos, unsigned int count,
1234 const void *kbuf, const void __user *ubuf)
1236 struct pt_regs newregs;
1237 int ret = 0;
1238 unsigned int i, start, num_regs;
1240 /* Calculate the number of AArch32 registers contained in count */
1241 num_regs = count / regset->size;
1243 /* Convert pos into an register number */
1244 start = pos / regset->size;
1246 if (start + num_regs > regset->n)
1247 return -EIO;
1249 newregs = *task_pt_regs(target);
1251 for (i = 0; i < num_regs; ++i) {
1252 unsigned int idx = start + i;
1253 compat_ulong_t reg;
1255 if (kbuf) {
1256 memcpy(&reg, kbuf, sizeof(reg));
1257 kbuf += sizeof(reg);
1258 } else {
1259 ret = copy_from_user(&reg, ubuf, sizeof(reg));
1260 if (ret) {
1261 ret = -EFAULT;
1262 break;
1265 ubuf += sizeof(reg);
1268 switch (idx) {
1269 case 15:
1270 newregs.pc = reg;
1271 break;
1272 case 16:
1273 reg = compat_psr_to_pstate(reg);
1274 newregs.pstate = reg;
1275 break;
1276 case 17:
1277 newregs.orig_x0 = reg;
1278 break;
1279 default:
1280 newregs.regs[idx] = reg;
1285 if (valid_user_regs(&newregs.user_regs, target))
1286 *task_pt_regs(target) = newregs;
1287 else
1288 ret = -EINVAL;
1290 return ret;
1293 static int compat_vfp_get(struct task_struct *target,
1294 const struct user_regset *regset,
1295 struct membuf to)
1297 struct user_fpsimd_state *uregs;
1298 compat_ulong_t fpscr;
1300 if (!system_supports_fpsimd())
1301 return -EINVAL;
1303 uregs = &target->thread.uw.fpsimd_state;
1305 if (target == current)
1306 fpsimd_preserve_current_state();
1309 * The VFP registers are packed into the fpsimd_state, so they all sit
1310 * nicely together for us. We just need to create the fpscr separately.
1312 membuf_write(&to, uregs, VFP_STATE_SIZE - sizeof(compat_ulong_t));
1313 fpscr = (uregs->fpsr & VFP_FPSCR_STAT_MASK) |
1314 (uregs->fpcr & VFP_FPSCR_CTRL_MASK);
1315 return membuf_store(&to, fpscr);
1318 static int compat_vfp_set(struct task_struct *target,
1319 const struct user_regset *regset,
1320 unsigned int pos, unsigned int count,
1321 const void *kbuf, const void __user *ubuf)
1323 struct user_fpsimd_state *uregs;
1324 compat_ulong_t fpscr;
1325 int ret, vregs_end_pos;
1327 if (!system_supports_fpsimd())
1328 return -EINVAL;
1330 uregs = &target->thread.uw.fpsimd_state;
1332 vregs_end_pos = VFP_STATE_SIZE - sizeof(compat_ulong_t);
1333 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, uregs, 0,
1334 vregs_end_pos);
1336 if (count && !ret) {
1337 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &fpscr,
1338 vregs_end_pos, VFP_STATE_SIZE);
1339 if (!ret) {
1340 uregs->fpsr = fpscr & VFP_FPSCR_STAT_MASK;
1341 uregs->fpcr = fpscr & VFP_FPSCR_CTRL_MASK;
1345 fpsimd_flush_task_state(target);
1346 return ret;
1349 static int compat_tls_get(struct task_struct *target,
1350 const struct user_regset *regset,
1351 struct membuf to)
1353 return membuf_store(&to, (compat_ulong_t)target->thread.uw.tp_value);
1356 static int compat_tls_set(struct task_struct *target,
1357 const struct user_regset *regset, unsigned int pos,
1358 unsigned int count, const void *kbuf,
1359 const void __user *ubuf)
1361 int ret;
1362 compat_ulong_t tls = target->thread.uw.tp_value;
1364 ret = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &tls, 0, -1);
1365 if (ret)
1366 return ret;
1368 target->thread.uw.tp_value = tls;
1369 return ret;
1372 static const struct user_regset aarch32_regsets[] = {
1373 [REGSET_COMPAT_GPR] = {
1374 .core_note_type = NT_PRSTATUS,
1375 .n = COMPAT_ELF_NGREG,
1376 .size = sizeof(compat_elf_greg_t),
1377 .align = sizeof(compat_elf_greg_t),
1378 .regset_get = compat_gpr_get,
1379 .set = compat_gpr_set
1381 [REGSET_COMPAT_VFP] = {
1382 .core_note_type = NT_ARM_VFP,
1383 .n = VFP_STATE_SIZE / sizeof(compat_ulong_t),
1384 .size = sizeof(compat_ulong_t),
1385 .align = sizeof(compat_ulong_t),
1386 .active = fpr_active,
1387 .regset_get = compat_vfp_get,
1388 .set = compat_vfp_set
1392 static const struct user_regset_view user_aarch32_view = {
1393 .name = "aarch32", .e_machine = EM_ARM,
1394 .regsets = aarch32_regsets, .n = ARRAY_SIZE(aarch32_regsets)
1397 static const struct user_regset aarch32_ptrace_regsets[] = {
1398 [REGSET_GPR] = {
1399 .core_note_type = NT_PRSTATUS,
1400 .n = COMPAT_ELF_NGREG,
1401 .size = sizeof(compat_elf_greg_t),
1402 .align = sizeof(compat_elf_greg_t),
1403 .regset_get = compat_gpr_get,
1404 .set = compat_gpr_set
1406 [REGSET_FPR] = {
1407 .core_note_type = NT_ARM_VFP,
1408 .n = VFP_STATE_SIZE / sizeof(compat_ulong_t),
1409 .size = sizeof(compat_ulong_t),
1410 .align = sizeof(compat_ulong_t),
1411 .regset_get = compat_vfp_get,
1412 .set = compat_vfp_set
1414 [REGSET_TLS] = {
1415 .core_note_type = NT_ARM_TLS,
1416 .n = 1,
1417 .size = sizeof(compat_ulong_t),
1418 .align = sizeof(compat_ulong_t),
1419 .regset_get = compat_tls_get,
1420 .set = compat_tls_set,
1422 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1423 [REGSET_HW_BREAK] = {
1424 .core_note_type = NT_ARM_HW_BREAK,
1425 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1426 .size = sizeof(u32),
1427 .align = sizeof(u32),
1428 .regset_get = hw_break_get,
1429 .set = hw_break_set,
1431 [REGSET_HW_WATCH] = {
1432 .core_note_type = NT_ARM_HW_WATCH,
1433 .n = sizeof(struct user_hwdebug_state) / sizeof(u32),
1434 .size = sizeof(u32),
1435 .align = sizeof(u32),
1436 .regset_get = hw_break_get,
1437 .set = hw_break_set,
1439 #endif
1440 [REGSET_SYSTEM_CALL] = {
1441 .core_note_type = NT_ARM_SYSTEM_CALL,
1442 .n = 1,
1443 .size = sizeof(int),
1444 .align = sizeof(int),
1445 .regset_get = system_call_get,
1446 .set = system_call_set,
1450 static const struct user_regset_view user_aarch32_ptrace_view = {
1451 .name = "aarch32", .e_machine = EM_ARM,
1452 .regsets = aarch32_ptrace_regsets, .n = ARRAY_SIZE(aarch32_ptrace_regsets)
1455 static int compat_ptrace_read_user(struct task_struct *tsk, compat_ulong_t off,
1456 compat_ulong_t __user *ret)
1458 compat_ulong_t tmp;
1460 if (off & 3)
1461 return -EIO;
1463 if (off == COMPAT_PT_TEXT_ADDR)
1464 tmp = tsk->mm->start_code;
1465 else if (off == COMPAT_PT_DATA_ADDR)
1466 tmp = tsk->mm->start_data;
1467 else if (off == COMPAT_PT_TEXT_END_ADDR)
1468 tmp = tsk->mm->end_code;
1469 else if (off < sizeof(compat_elf_gregset_t))
1470 tmp = compat_get_user_reg(tsk, off >> 2);
1471 else if (off >= COMPAT_USER_SZ)
1472 return -EIO;
1473 else
1474 tmp = 0;
1476 return put_user(tmp, ret);
1479 static int compat_ptrace_write_user(struct task_struct *tsk, compat_ulong_t off,
1480 compat_ulong_t val)
1482 struct pt_regs newregs = *task_pt_regs(tsk);
1483 unsigned int idx = off / 4;
1485 if (off & 3 || off >= COMPAT_USER_SZ)
1486 return -EIO;
1488 if (off >= sizeof(compat_elf_gregset_t))
1489 return 0;
1491 switch (idx) {
1492 case 15:
1493 newregs.pc = val;
1494 break;
1495 case 16:
1496 newregs.pstate = compat_psr_to_pstate(val);
1497 break;
1498 case 17:
1499 newregs.orig_x0 = val;
1500 break;
1501 default:
1502 newregs.regs[idx] = val;
1505 if (!valid_user_regs(&newregs.user_regs, tsk))
1506 return -EINVAL;
1508 *task_pt_regs(tsk) = newregs;
1509 return 0;
1512 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1515 * Convert a virtual register number into an index for a thread_info
1516 * breakpoint array. Breakpoints are identified using positive numbers
1517 * whilst watchpoints are negative. The registers are laid out as pairs
1518 * of (address, control), each pair mapping to a unique hw_breakpoint struct.
1519 * Register 0 is reserved for describing resource information.
1521 static int compat_ptrace_hbp_num_to_idx(compat_long_t num)
1523 return (abs(num) - 1) >> 1;
1526 static int compat_ptrace_hbp_get_resource_info(u32 *kdata)
1528 u8 num_brps, num_wrps, debug_arch, wp_len;
1529 u32 reg = 0;
1531 num_brps = hw_breakpoint_slots(TYPE_INST);
1532 num_wrps = hw_breakpoint_slots(TYPE_DATA);
1534 debug_arch = debug_monitors_arch();
1535 wp_len = 8;
1536 reg |= debug_arch;
1537 reg <<= 8;
1538 reg |= wp_len;
1539 reg <<= 8;
1540 reg |= num_wrps;
1541 reg <<= 8;
1542 reg |= num_brps;
1544 *kdata = reg;
1545 return 0;
1548 static int compat_ptrace_hbp_get(unsigned int note_type,
1549 struct task_struct *tsk,
1550 compat_long_t num,
1551 u32 *kdata)
1553 u64 addr = 0;
1554 u32 ctrl = 0;
1556 int err, idx = compat_ptrace_hbp_num_to_idx(num);
1558 if (num & 1) {
1559 err = ptrace_hbp_get_addr(note_type, tsk, idx, &addr);
1560 *kdata = (u32)addr;
1561 } else {
1562 err = ptrace_hbp_get_ctrl(note_type, tsk, idx, &ctrl);
1563 *kdata = ctrl;
1566 return err;
1569 static int compat_ptrace_hbp_set(unsigned int note_type,
1570 struct task_struct *tsk,
1571 compat_long_t num,
1572 u32 *kdata)
1574 u64 addr;
1575 u32 ctrl;
1577 int err, idx = compat_ptrace_hbp_num_to_idx(num);
1579 if (num & 1) {
1580 addr = *kdata;
1581 err = ptrace_hbp_set_addr(note_type, tsk, idx, addr);
1582 } else {
1583 ctrl = *kdata;
1584 err = ptrace_hbp_set_ctrl(note_type, tsk, idx, ctrl);
1587 return err;
1590 static int compat_ptrace_gethbpregs(struct task_struct *tsk, compat_long_t num,
1591 compat_ulong_t __user *data)
1593 int ret;
1594 u32 kdata;
1596 /* Watchpoint */
1597 if (num < 0) {
1598 ret = compat_ptrace_hbp_get(NT_ARM_HW_WATCH, tsk, num, &kdata);
1599 /* Resource info */
1600 } else if (num == 0) {
1601 ret = compat_ptrace_hbp_get_resource_info(&kdata);
1602 /* Breakpoint */
1603 } else {
1604 ret = compat_ptrace_hbp_get(NT_ARM_HW_BREAK, tsk, num, &kdata);
1607 if (!ret)
1608 ret = put_user(kdata, data);
1610 return ret;
1613 static int compat_ptrace_sethbpregs(struct task_struct *tsk, compat_long_t num,
1614 compat_ulong_t __user *data)
1616 int ret;
1617 u32 kdata = 0;
1619 if (num == 0)
1620 return 0;
1622 ret = get_user(kdata, data);
1623 if (ret)
1624 return ret;
1626 if (num < 0)
1627 ret = compat_ptrace_hbp_set(NT_ARM_HW_WATCH, tsk, num, &kdata);
1628 else
1629 ret = compat_ptrace_hbp_set(NT_ARM_HW_BREAK, tsk, num, &kdata);
1631 return ret;
1633 #endif /* CONFIG_HAVE_HW_BREAKPOINT */
1635 long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
1636 compat_ulong_t caddr, compat_ulong_t cdata)
1638 unsigned long addr = caddr;
1639 unsigned long data = cdata;
1640 void __user *datap = compat_ptr(data);
1641 int ret;
1643 switch (request) {
1644 case PTRACE_PEEKUSR:
1645 ret = compat_ptrace_read_user(child, addr, datap);
1646 break;
1648 case PTRACE_POKEUSR:
1649 ret = compat_ptrace_write_user(child, addr, data);
1650 break;
1652 case COMPAT_PTRACE_GETREGS:
1653 ret = copy_regset_to_user(child,
1654 &user_aarch32_view,
1655 REGSET_COMPAT_GPR,
1656 0, sizeof(compat_elf_gregset_t),
1657 datap);
1658 break;
1660 case COMPAT_PTRACE_SETREGS:
1661 ret = copy_regset_from_user(child,
1662 &user_aarch32_view,
1663 REGSET_COMPAT_GPR,
1664 0, sizeof(compat_elf_gregset_t),
1665 datap);
1666 break;
1668 case COMPAT_PTRACE_GET_THREAD_AREA:
1669 ret = put_user((compat_ulong_t)child->thread.uw.tp_value,
1670 (compat_ulong_t __user *)datap);
1671 break;
1673 case COMPAT_PTRACE_SET_SYSCALL:
1674 task_pt_regs(child)->syscallno = data;
1675 ret = 0;
1676 break;
1678 case COMPAT_PTRACE_GETVFPREGS:
1679 ret = copy_regset_to_user(child,
1680 &user_aarch32_view,
1681 REGSET_COMPAT_VFP,
1682 0, VFP_STATE_SIZE,
1683 datap);
1684 break;
1686 case COMPAT_PTRACE_SETVFPREGS:
1687 ret = copy_regset_from_user(child,
1688 &user_aarch32_view,
1689 REGSET_COMPAT_VFP,
1690 0, VFP_STATE_SIZE,
1691 datap);
1692 break;
1694 #ifdef CONFIG_HAVE_HW_BREAKPOINT
1695 case COMPAT_PTRACE_GETHBPREGS:
1696 ret = compat_ptrace_gethbpregs(child, addr, datap);
1697 break;
1699 case COMPAT_PTRACE_SETHBPREGS:
1700 ret = compat_ptrace_sethbpregs(child, addr, datap);
1701 break;
1702 #endif
1704 default:
1705 ret = compat_ptrace_request(child, request, addr,
1706 data);
1707 break;
1710 return ret;
1712 #endif /* CONFIG_COMPAT */
1714 const struct user_regset_view *task_user_regset_view(struct task_struct *task)
1716 #ifdef CONFIG_COMPAT
1718 * Core dumping of 32-bit tasks or compat ptrace requests must use the
1719 * user_aarch32_view compatible with arm32. Native ptrace requests on
1720 * 32-bit children use an extended user_aarch32_ptrace_view to allow
1721 * access to the TLS register.
1723 if (is_compat_task())
1724 return &user_aarch32_view;
1725 else if (is_compat_thread(task_thread_info(task)))
1726 return &user_aarch32_ptrace_view;
1727 #endif
1728 return &user_aarch64_view;
1731 long arch_ptrace(struct task_struct *child, long request,
1732 unsigned long addr, unsigned long data)
1734 switch (request) {
1735 case PTRACE_PEEKMTETAGS:
1736 case PTRACE_POKEMTETAGS:
1737 return mte_ptrace_copy_tags(child, request, addr, data);
1740 return ptrace_request(child, request, addr, data);
1743 enum ptrace_syscall_dir {
1744 PTRACE_SYSCALL_ENTER = 0,
1745 PTRACE_SYSCALL_EXIT,
1748 static void tracehook_report_syscall(struct pt_regs *regs,
1749 enum ptrace_syscall_dir dir)
1751 int regno;
1752 unsigned long saved_reg;
1755 * We have some ABI weirdness here in the way that we handle syscall
1756 * exit stops because we indicate whether or not the stop has been
1757 * signalled from syscall entry or syscall exit by clobbering a general
1758 * purpose register (ip/r12 for AArch32, x7 for AArch64) in the tracee
1759 * and restoring its old value after the stop. This means that:
1761 * - Any writes by the tracer to this register during the stop are
1762 * ignored/discarded.
1764 * - The actual value of the register is not available during the stop,
1765 * so the tracer cannot save it and restore it later.
1767 * - Syscall stops behave differently to seccomp and pseudo-step traps
1768 * (the latter do not nobble any registers).
1770 regno = (is_compat_task() ? 12 : 7);
1771 saved_reg = regs->regs[regno];
1772 regs->regs[regno] = dir;
1774 if (dir == PTRACE_SYSCALL_ENTER) {
1775 if (tracehook_report_syscall_entry(regs))
1776 forget_syscall(regs);
1777 regs->regs[regno] = saved_reg;
1778 } else if (!test_thread_flag(TIF_SINGLESTEP)) {
1779 tracehook_report_syscall_exit(regs, 0);
1780 regs->regs[regno] = saved_reg;
1781 } else {
1782 regs->regs[regno] = saved_reg;
1785 * Signal a pseudo-step exception since we are stepping but
1786 * tracer modifications to the registers may have rewound the
1787 * state machine.
1789 tracehook_report_syscall_exit(regs, 1);
1793 int syscall_trace_enter(struct pt_regs *regs)
1795 unsigned long flags = READ_ONCE(current_thread_info()->flags);
1797 if (flags & (_TIF_SYSCALL_EMU | _TIF_SYSCALL_TRACE)) {
1798 tracehook_report_syscall(regs, PTRACE_SYSCALL_ENTER);
1799 if (!in_syscall(regs) || (flags & _TIF_SYSCALL_EMU))
1800 return NO_SYSCALL;
1803 /* Do the secure computing after ptrace; failures should be fast. */
1804 if (secure_computing() == -1)
1805 return NO_SYSCALL;
1807 if (test_thread_flag(TIF_SYSCALL_TRACEPOINT))
1808 trace_sys_enter(regs, regs->syscallno);
1810 audit_syscall_entry(regs->syscallno, regs->orig_x0, regs->regs[1],
1811 regs->regs[2], regs->regs[3]);
1813 return regs->syscallno;
1816 void syscall_trace_exit(struct pt_regs *regs)
1818 unsigned long flags = READ_ONCE(current_thread_info()->flags);
1820 audit_syscall_exit(regs);
1822 if (flags & _TIF_SYSCALL_TRACEPOINT)
1823 trace_sys_exit(regs, regs_return_value(regs));
1825 if (flags & (_TIF_SYSCALL_TRACE | _TIF_SINGLESTEP))
1826 tracehook_report_syscall(regs, PTRACE_SYSCALL_EXIT);
1828 rseq_syscall(regs);
1832 * SPSR_ELx bits which are always architecturally RES0 per ARM DDI 0487D.a.
1833 * We permit userspace to set SSBS (AArch64 bit 12, AArch32 bit 23) which is
1834 * not described in ARM DDI 0487D.a.
1835 * We treat PAN and UAO as RES0 bits, as they are meaningless at EL0, and may
1836 * be allocated an EL0 meaning in future.
1837 * Userspace cannot use these until they have an architectural meaning.
1838 * Note that this follows the SPSR_ELx format, not the AArch32 PSR format.
1839 * We also reserve IL for the kernel; SS is handled dynamically.
1841 #define SPSR_EL1_AARCH64_RES0_BITS \
1842 (GENMASK_ULL(63, 32) | GENMASK_ULL(27, 26) | GENMASK_ULL(23, 22) | \
1843 GENMASK_ULL(20, 13) | GENMASK_ULL(5, 5))
1844 #define SPSR_EL1_AARCH32_RES0_BITS \
1845 (GENMASK_ULL(63, 32) | GENMASK_ULL(22, 22) | GENMASK_ULL(20, 20))
1847 static int valid_compat_regs(struct user_pt_regs *regs)
1849 regs->pstate &= ~SPSR_EL1_AARCH32_RES0_BITS;
1851 if (!system_supports_mixed_endian_el0()) {
1852 if (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN))
1853 regs->pstate |= PSR_AA32_E_BIT;
1854 else
1855 regs->pstate &= ~PSR_AA32_E_BIT;
1858 if (user_mode(regs) && (regs->pstate & PSR_MODE32_BIT) &&
1859 (regs->pstate & PSR_AA32_A_BIT) == 0 &&
1860 (regs->pstate & PSR_AA32_I_BIT) == 0 &&
1861 (regs->pstate & PSR_AA32_F_BIT) == 0) {
1862 return 1;
1866 * Force PSR to a valid 32-bit EL0t, preserving the same bits as
1867 * arch/arm.
1869 regs->pstate &= PSR_AA32_N_BIT | PSR_AA32_Z_BIT |
1870 PSR_AA32_C_BIT | PSR_AA32_V_BIT |
1871 PSR_AA32_Q_BIT | PSR_AA32_IT_MASK |
1872 PSR_AA32_GE_MASK | PSR_AA32_E_BIT |
1873 PSR_AA32_T_BIT;
1874 regs->pstate |= PSR_MODE32_BIT;
1876 return 0;
1879 static int valid_native_regs(struct user_pt_regs *regs)
1881 regs->pstate &= ~SPSR_EL1_AARCH64_RES0_BITS;
1883 if (user_mode(regs) && !(regs->pstate & PSR_MODE32_BIT) &&
1884 (regs->pstate & PSR_D_BIT) == 0 &&
1885 (regs->pstate & PSR_A_BIT) == 0 &&
1886 (regs->pstate & PSR_I_BIT) == 0 &&
1887 (regs->pstate & PSR_F_BIT) == 0) {
1888 return 1;
1891 /* Force PSR to a valid 64-bit EL0t */
1892 regs->pstate &= PSR_N_BIT | PSR_Z_BIT | PSR_C_BIT | PSR_V_BIT;
1894 return 0;
1898 * Are the current registers suitable for user mode? (used to maintain
1899 * security in signal handlers)
1901 int valid_user_regs(struct user_pt_regs *regs, struct task_struct *task)
1903 /* https://lore.kernel.org/lkml/20191118131525.GA4180@willie-the-truck */
1904 user_regs_reset_single_step(regs, task);
1906 if (is_compat_thread(task_thread_info(task)))
1907 return valid_compat_regs(regs);
1908 else
1909 return valid_native_regs(regs);