1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 *
25 * Copyright 2018 Joyent, Inc.
26 */
27
28 /*
29 * Management of KMDB's IDT, which is installed upon KMDB activation.
30 *
31 * Debugger activation has two flavors, which cover the cases where KMDB is
32 * loaded at boot, and when it is loaded after boot. In brief, in both cases,
33 * the KDI needs to interpose upon several handlers in the IDT. When
34 * mod-loaded KMDB is deactivated, we undo the IDT interposition, restoring the
35 * handlers to what they were before we started.
36 *
37 * We also take over the entirety of IDT (except the double-fault handler) on
38 * the active CPU when we're in kmdb so we can handle things like page faults
39 * sensibly.
40 *
41 * Boot-loaded KMDB
42 *
43 * When we're first activated, we're running on boot's IDT. We need to be able
44 * to function in this world, so we'll install our handlers into boot's IDT.
45 * This is a little complicated: we're using the fake cpu_t set up by
46 * boot_kdi_tmpinit(), so we can't access cpu_idt directly. Instead,
47 * kdi_idt_write() notices that cpu_idt is NULL, and works around this problem.
48 *
49 * Later, when we're about to switch to the kernel's IDT, it'll call us via
50 * kdi_idt_sync(), allowing us to add our handlers to the new IDT. While
51 * boot-loaded KMDB can't be unloaded, we still need to save the descriptors we
52 * replace so we can pass traps back to the kernel as necessary.
53 *
54 * The last phase of boot-loaded KMDB activation occurs at non-boot CPU
55 * startup. We will be called on each non-boot CPU, thus allowing us to set up
56 * any watchpoints that may have been configured on the boot CPU and interpose
57 * on the given CPU's IDT. We don't save the interposed descriptors in this
58 * case -- see kdi_cpu_init() for details.
59 *
60 * Mod-loaded KMDB
61 *
62 * This style of activation is much simpler, as the CPUs are already running,
63 * and are using their own copy of the kernel's IDT. We simply interpose upon
64 * each CPU's IDT. We save the handlers we replace, both for deactivation and
65 * for passing traps back to the kernel. Note that for the hypervisors'
66 * benefit, we need to xcall to the other CPUs to do this, since we need to
67 * actively set the trap entries in its virtual IDT from that vcpu's context
68 * rather than just modifying the IDT table from the CPU running kdi_activate().
69 */
70
71 #include <sys/types.h>
72 #include <sys/segments.h>
73 #include <sys/trap.h>
74 #include <sys/cpuvar.h>
75 #include <sys/reboot.h>
76 #include <sys/sunddi.h>
77 #include <sys/archsystm.h>
78 #include <sys/kdi_impl.h>
79 #include <sys/x_call.h>
80 #include <sys/psw.h>
81 #include <vm/hat_i86.h>
82
83 #define KDI_GATE_NVECS 3
84
85 #define KDI_IDT_NOSAVE 0
86 #define KDI_IDT_SAVE 1
87
88 #define KDI_IDT_DTYPE_KERNEL 0
89 #define KDI_IDT_DTYPE_BOOT 1
90
91 /* Solely to keep kdiregs_t in the CTF, otherwise unused. */
92 kdiregs_t kdi_regs;
93
94 kdi_cpusave_t *kdi_cpusave;
95 int kdi_ncpusave;
96
97 static kdi_main_t kdi_kmdb_main;
98
99 kdi_drreg_t kdi_drreg;
100
101
102 uintptr_t kdi_kernel_handler;
103
104 int kdi_trap_switch;
105
106 #define KDI_MEMRANGES_MAX 2
107
108 kdi_memrange_t kdi_memranges[KDI_MEMRANGES_MAX];
109 int kdi_nmemranges;
110
111 typedef void idt_hdlr_f(void);
112
113 extern idt_hdlr_f kdi_trap0, kdi_trap1, kdi_int2, kdi_trap3, kdi_trap4;
114 extern idt_hdlr_f kdi_trap5, kdi_trap6, kdi_trap7, kdi_trap9;
115 extern idt_hdlr_f kdi_traperr10, kdi_traperr11, kdi_traperr12;
116 extern idt_hdlr_f kdi_traperr13, kdi_traperr14, kdi_trap16, kdi_traperr17;
117 extern idt_hdlr_f kdi_trap18, kdi_trap19, kdi_trap20, kdi_ivct32;
118 extern idt_hdlr_f kdi_invaltrap;
119 extern size_t kdi_ivct_size;
120
121 typedef struct kdi_gate_spec {
122 uint_t kgs_vec;
123 uint_t kgs_dpl;
124 } kdi_gate_spec_t;
125
126 /*
127 * Beware: kdi_pass_to_kernel() has unpleasant knowledge of this list.
128 */
129 static const kdi_gate_spec_t kdi_gate_specs[KDI_GATE_NVECS] = {
130 { T_SGLSTP, TRP_KPL },
131 { T_BPTFLT, TRP_UPL },
132 { T_DBGENTR, TRP_KPL }
133 };
134
135 static gate_desc_t kdi_kgates[KDI_GATE_NVECS];
136
137 extern gate_desc_t kdi_idt[NIDT];
138
139 struct idt_description {
140 uint_t id_low;
141 uint_t id_high;
142 idt_hdlr_f *id_basehdlr;
143 size_t *id_incrp;
144 } idt_description[] = {
145 { T_ZERODIV, 0, kdi_trap0, NULL },
146 { T_SGLSTP, 0, kdi_trap1, NULL },
147 { T_NMIFLT, 0, kdi_int2, NULL },
148 { T_BPTFLT, 0, kdi_trap3, NULL },
149 { T_OVFLW, 0, kdi_trap4, NULL },
150 { T_BOUNDFLT, 0, kdi_trap5, NULL },
151 { T_ILLINST, 0, kdi_trap6, NULL },
152 { T_NOEXTFLT, 0, kdi_trap7, NULL },
153 #if !defined(__xpv)
154 { T_DBLFLT, 0, syserrtrap, NULL },
155 #endif
156 { T_EXTOVRFLT, 0, kdi_trap9, NULL },
157 { T_TSSFLT, 0, kdi_traperr10, NULL },
158 { T_SEGFLT, 0, kdi_traperr11, NULL },
159 { T_STKFLT, 0, kdi_traperr12, NULL },
160 { T_GPFLT, 0, kdi_traperr13, NULL },
161 { T_PGFLT, 0, kdi_traperr14, NULL },
162 { 15, 0, kdi_invaltrap, NULL },
163 { T_EXTERRFLT, 0, kdi_trap16, NULL },
164 { T_ALIGNMENT, 0, kdi_traperr17, NULL },
165 { T_MCE, 0, kdi_trap18, NULL },
166 { T_SIMDFPE, 0, kdi_trap19, NULL },
167 { T_DBGENTR, 0, kdi_trap20, NULL },
168 { 21, 31, kdi_invaltrap, NULL },
169 { 32, 255, kdi_ivct32, &kdi_ivct_size },
170 { 0, 0, NULL },
171 };
172
173 void
kdi_idt_init(selector_t sel)174 kdi_idt_init(selector_t sel)
175 {
176 struct idt_description *id;
177 int i;
178
179 for (id = idt_description; id->id_basehdlr != NULL; id++) {
180 uint_t high = id->id_high != 0 ? id->id_high : id->id_low;
181 size_t incr = id->id_incrp != NULL ? *id->id_incrp : 0;
182
183 #if !defined(__xpv)
184 if (kpti_enable && sel == KCS_SEL && id->id_low == T_DBLFLT)
185 id->id_basehdlr = tr_syserrtrap;
186 #endif
187
188 for (i = id->id_low; i <= high; i++) {
189 caddr_t hdlr = (caddr_t)id->id_basehdlr +
190 incr * (i - id->id_low);
191 set_gatesegd(&kdi_idt[i], (void (*)())hdlr, sel,
192 SDT_SYSIGT, TRP_KPL, IST_DBG);
193 }
194 }
195 }
196
197 static void
kdi_idt_gates_install(selector_t sel,int saveold)198 kdi_idt_gates_install(selector_t sel, int saveold)
199 {
200 gate_desc_t gates[KDI_GATE_NVECS];
201 int i;
202
203 bzero(gates, sizeof (*gates));
204
205 for (i = 0; i < KDI_GATE_NVECS; i++) {
206 const kdi_gate_spec_t *gs = &kdi_gate_specs[i];
207 uintptr_t func = GATESEG_GETOFFSET(&kdi_idt[gs->kgs_vec]);
208 set_gatesegd(&gates[i], (void (*)())func, sel, SDT_SYSIGT,
209 gs->kgs_dpl, IST_DBG);
210 }
211
212 for (i = 0; i < KDI_GATE_NVECS; i++) {
213 uint_t vec = kdi_gate_specs[i].kgs_vec;
214
215 if (saveold)
216 kdi_kgates[i] = CPU->cpu_m.mcpu_idt[vec];
217
218 kdi_idt_write(&gates[i], vec);
219 }
220 }
221
222 static void
kdi_idt_gates_restore(void)223 kdi_idt_gates_restore(void)
224 {
225 int i;
226
227 for (i = 0; i < KDI_GATE_NVECS; i++)
228 kdi_idt_write(&kdi_kgates[i], kdi_gate_specs[i].kgs_vec);
229 }
230
231 /*
232 * Called when we switch to the kernel's IDT. We need to interpose on the
233 * kernel's IDT entries and stop using KMDBCODE_SEL.
234 */
235 void
kdi_idt_sync(void)236 kdi_idt_sync(void)
237 {
238 kdi_idt_init(KCS_SEL);
239 kdi_idt_gates_install(KCS_SEL, KDI_IDT_SAVE);
240 }
241
242 void
kdi_update_drreg(kdi_drreg_t * drreg)243 kdi_update_drreg(kdi_drreg_t *drreg)
244 {
245 kdi_drreg = *drreg;
246 }
247
248 void
kdi_memrange_add(caddr_t base,size_t len)249 kdi_memrange_add(caddr_t base, size_t len)
250 {
251 kdi_memrange_t *mr = &kdi_memranges[kdi_nmemranges];
252
253 ASSERT(kdi_nmemranges != KDI_MEMRANGES_MAX);
254
255 mr->mr_base = base;
256 mr->mr_lim = base + len - 1;
257 kdi_nmemranges++;
258 }
259
260 void
kdi_idt_switch(kdi_cpusave_t * cpusave)261 kdi_idt_switch(kdi_cpusave_t *cpusave)
262 {
263 if (cpusave == NULL)
264 kdi_idtr_set(kdi_idt, sizeof (kdi_idt) - 1);
265 else
266 kdi_idtr_set(cpusave->krs_idt, (sizeof (*idt0) * NIDT) - 1);
267 }
268
269 /*
270 * Activation for CPUs other than the boot CPU, called from that CPU's
271 * mp_startup(). We saved the kernel's descriptors when we initialized the
272 * boot CPU, so we don't want to do it again. Saving the handlers from this
273 * CPU's IDT would actually be dangerous with the CPU initialization method in
274 * use at the time of this writing. With that method, the startup code creates
275 * the IDTs for slave CPUs by copying the one used by the boot CPU, which has
276 * already been interposed upon by KMDB. Were we to interpose again, we'd
277 * replace the kernel's descriptors with our own in the save area. By not
278 * saving, but still overwriting, we'll work in the current world, and in any
279 * future world where the IDT is generated from scratch.
280 */
281 void
kdi_cpu_init(void)282 kdi_cpu_init(void)
283 {
284 kdi_idt_gates_install(KCS_SEL, KDI_IDT_NOSAVE);
285 /* Load the debug registers. */
286 kdi_cpu_debug_init(&kdi_cpusave[CPU->cpu_id]);
287 }
288
289 /*
290 * Activation for all CPUs for mod-loaded kmdb, i.e. a kmdb that wasn't
291 * loaded at boot.
292 */
293 static int
kdi_cpu_activate(xc_arg_t arg1 __unused,xc_arg_t arg2 __unused,xc_arg_t arg3 __unused)294 kdi_cpu_activate(xc_arg_t arg1 __unused, xc_arg_t arg2 __unused,
295 xc_arg_t arg3 __unused)
296 {
297 kdi_idt_gates_install(KCS_SEL, KDI_IDT_SAVE);
298 return (0);
299 }
300
301 void
kdi_activate(kdi_main_t main,kdi_cpusave_t * cpusave,uint_t ncpusave)302 kdi_activate(kdi_main_t main, kdi_cpusave_t *cpusave, uint_t ncpusave)
303 {
304 int i;
305 cpuset_t cpuset;
306
307 CPUSET_ALL(cpuset);
308
309 kdi_cpusave = cpusave;
310 kdi_ncpusave = ncpusave;
311
312 kdi_kmdb_main = main;
313
314 for (i = 0; i < kdi_ncpusave; i++) {
315 kdi_cpusave[i].krs_cpu_id = i;
316
317 kdi_cpusave[i].krs_curcrumb =
318 &kdi_cpusave[i].krs_crumbs[KDI_NCRUMBS - 1];
319 kdi_cpusave[i].krs_curcrumbidx = KDI_NCRUMBS - 1;
320 }
321
322 if (boothowto & RB_KMDB)
323 kdi_idt_init(KMDBCODE_SEL);
324 else
325 kdi_idt_init(KCS_SEL);
326
327 kdi_memranges[0].mr_base = kdi_segdebugbase;
328 kdi_memranges[0].mr_lim = kdi_segdebugbase + kdi_segdebugsize - 1;
329 kdi_nmemranges = 1;
330
331 kdi_drreg.dr_ctl = KDIREG_DRCTL_RESERVED;
332 kdi_drreg.dr_stat = KDIREG_DRSTAT_RESERVED;
333
334 if (boothowto & RB_KMDB) {
335 kdi_idt_gates_install(KMDBCODE_SEL, KDI_IDT_NOSAVE);
336 } else {
337 xc_call(0, 0, 0, CPUSET2BV(cpuset), kdi_cpu_activate);
338 }
339 }
340
341 static int
kdi_cpu_deactivate(xc_arg_t arg1 __unused,xc_arg_t arg2 __unused,xc_arg_t arg3 __unused)342 kdi_cpu_deactivate(xc_arg_t arg1 __unused, xc_arg_t arg2 __unused,
343 xc_arg_t arg3 __unused)
344 {
345 kdi_idt_gates_restore();
346 return (0);
347 }
348
349 void
kdi_deactivate(void)350 kdi_deactivate(void)
351 {
352 cpuset_t cpuset;
353 CPUSET_ALL(cpuset);
354
355 xc_call(0, 0, 0, CPUSET2BV(cpuset), kdi_cpu_deactivate);
356 kdi_nmemranges = 0;
357 }
358
359 /*
360 * We receive all breakpoints and single step traps. Some of them, including
361 * those from userland and those induced by DTrace providers, are intended for
362 * the kernel, and must be processed there. We adopt this
363 * ours-until-proven-otherwise position due to the painful consequences of
364 * sending the kernel an unexpected breakpoint or single step. Unless someone
365 * can prove to us that the kernel is prepared to handle the trap, we'll assume
366 * there's a problem and will give the user a chance to debug it.
367 *
368 * If we return 2, then the calling code should restore the trap-time %cr3: that
369 * is, it really is a kernel-originated trap.
370 */
371 int
kdi_trap_pass(kdi_cpusave_t * cpusave)372 kdi_trap_pass(kdi_cpusave_t *cpusave)
373 {
374 greg_t tt = cpusave->krs_gregs[KDIREG_TRAPNO];
375 greg_t pc = cpusave->krs_gregs[KDIREG_PC];
376 greg_t cs = cpusave->krs_gregs[KDIREG_CS];
377
378 if (USERMODE(cs))
379 return (1);
380
381 if (tt != T_BPTFLT && tt != T_SGLSTP)
382 return (0);
383
384 if (tt == T_BPTFLT && kdi_dtrace_get_state() ==
385 KDI_DTSTATE_DTRACE_ACTIVE)
386 return (2);
387
388 /*
389 * See the comments in the kernel's T_SGLSTP handler for why we need to
390 * do this.
391 */
392 #if !defined(__xpv)
393 if (tt == T_SGLSTP &&
394 (pc == (greg_t)sys_sysenter || pc == (greg_t)brand_sys_sysenter ||
395 pc == (greg_t)tr_sys_sysenter ||
396 pc == (greg_t)tr_brand_sys_sysenter)) {
397 #else
398 if (tt == T_SGLSTP &&
399 (pc == (greg_t)sys_sysenter || pc == (greg_t)brand_sys_sysenter)) {
400 #endif
401 return (1);
402 }
403
404 return (0);
405 }
406
407 /*
408 * State has been saved, and all CPUs are on the CPU-specific stacks. All
409 * CPUs enter here, and head off into the debugger proper.
410 */
411 void
412 kdi_debugger_entry(kdi_cpusave_t *cpusave)
413 {
414 /*
415 * BPTFLT gives us control with %eip set to the instruction *after*
416 * the int 3. Back it off, so we're looking at the instruction that
417 * triggered the fault.
418 */
419 if (cpusave->krs_gregs[KDIREG_TRAPNO] == T_BPTFLT)
420 cpusave->krs_gregs[KDIREG_PC]--;
421
422 kdi_kmdb_main(cpusave);
423 }
424