11a59d1b8SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-or-later 25aae8a53SK.Prasad /* 35aae8a53SK.Prasad * HW_breakpoint: a unified kernel/user-space hardware breakpoint facility, 45aae8a53SK.Prasad * using the CPU's debug registers. Derived from 55aae8a53SK.Prasad * "arch/x86/kernel/hw_breakpoint.c" 65aae8a53SK.Prasad * 75aae8a53SK.Prasad * Copyright 2010 IBM Corporation 85aae8a53SK.Prasad * Author: K.Prasad <prasad@linux.vnet.ibm.com> 95aae8a53SK.Prasad */ 105aae8a53SK.Prasad 115aae8a53SK.Prasad #include <linux/hw_breakpoint.h> 125aae8a53SK.Prasad #include <linux/notifier.h> 135aae8a53SK.Prasad #include <linux/kprobes.h> 145aae8a53SK.Prasad #include <linux/percpu.h> 155aae8a53SK.Prasad #include <linux/kernel.h> 165aae8a53SK.Prasad #include <linux/sched.h> 175aae8a53SK.Prasad #include <linux/smp.h> 18c1fe190cSMichael Neuling #include <linux/debugfs.h> 19c1fe190cSMichael Neuling #include <linux/init.h> 205aae8a53SK.Prasad 215aae8a53SK.Prasad #include <asm/hw_breakpoint.h> 225aae8a53SK.Prasad #include <asm/processor.h> 235aae8a53SK.Prasad #include <asm/sstep.h> 2485ce9a5dSMichael Neuling #include <asm/debug.h> 25c1fe190cSMichael Neuling #include <asm/debugfs.h> 26c1fe190cSMichael Neuling #include <asm/hvcall.h> 2775346251SJordan Niethe #include <asm/inst.h> 287c0f6ba6SLinus Torvalds #include <linux/uaccess.h> 295aae8a53SK.Prasad 305aae8a53SK.Prasad /* 315aae8a53SK.Prasad * Stores the breakpoints currently in use on each breakpoint address 325aae8a53SK.Prasad * register for every cpu 335aae8a53SK.Prasad */ 3474c68810SRavi Bangoria static DEFINE_PER_CPU(struct perf_event *, bp_per_reg[HBP_NUM_MAX]); 355aae8a53SK.Prasad 365aae8a53SK.Prasad /* 37d09ec738SPaul Mackerras * Returns total number of data or instruction breakpoints available. 38d09ec738SPaul Mackerras */ 39d09ec738SPaul Mackerras int hw_breakpoint_slots(int type) 40d09ec738SPaul Mackerras { 41d09ec738SPaul Mackerras if (type == TYPE_DATA) 42a6ba44e8SRavi Bangoria return nr_wp_slots(); 43d09ec738SPaul Mackerras return 0; /* no instruction breakpoints available */ 44d09ec738SPaul Mackerras } 45d09ec738SPaul Mackerras 4674c68810SRavi Bangoria static bool single_step_pending(void) 4774c68810SRavi Bangoria { 4874c68810SRavi Bangoria int i; 4974c68810SRavi Bangoria 5074c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 5174c68810SRavi Bangoria if (current->thread.last_hit_ubp[i]) 5274c68810SRavi Bangoria return true; 5374c68810SRavi Bangoria } 5474c68810SRavi Bangoria return false; 5574c68810SRavi Bangoria } 5674c68810SRavi Bangoria 57d09ec738SPaul Mackerras /* 585aae8a53SK.Prasad * Install a perf counter breakpoint. 595aae8a53SK.Prasad * 605aae8a53SK.Prasad * We seek a free debug address register and use it for this 615aae8a53SK.Prasad * breakpoint. 625aae8a53SK.Prasad * 635aae8a53SK.Prasad * Atomic: we hold the counter->ctx->lock and we only handle variables 645aae8a53SK.Prasad * and registers local to this cpu. 655aae8a53SK.Prasad */ 665aae8a53SK.Prasad int arch_install_hw_breakpoint(struct perf_event *bp) 675aae8a53SK.Prasad { 685aae8a53SK.Prasad struct arch_hw_breakpoint *info = counter_arch_bp(bp); 6974c68810SRavi Bangoria struct perf_event **slot; 7074c68810SRavi Bangoria int i; 715aae8a53SK.Prasad 7274c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 7374c68810SRavi Bangoria slot = this_cpu_ptr(&bp_per_reg[i]); 7474c68810SRavi Bangoria if (!*slot) { 755aae8a53SK.Prasad *slot = bp; 7674c68810SRavi Bangoria break; 7774c68810SRavi Bangoria } 7874c68810SRavi Bangoria } 7974c68810SRavi Bangoria 8074c68810SRavi Bangoria if (WARN_ONCE(i == nr_wp_slots(), "Can't find any breakpoint slot")) 8174c68810SRavi Bangoria return -EBUSY; 825aae8a53SK.Prasad 835aae8a53SK.Prasad /* 845aae8a53SK.Prasad * Do not install DABR values if the instruction must be single-stepped. 855aae8a53SK.Prasad * If so, DABR will be populated in single_step_dabr_instruction(). 865aae8a53SK.Prasad */ 8774c68810SRavi Bangoria if (!single_step_pending()) 8874c68810SRavi Bangoria __set_breakpoint(i, info); 895aae8a53SK.Prasad 905aae8a53SK.Prasad return 0; 915aae8a53SK.Prasad } 925aae8a53SK.Prasad 935aae8a53SK.Prasad /* 945aae8a53SK.Prasad * Uninstall the breakpoint contained in the given counter. 955aae8a53SK.Prasad * 965aae8a53SK.Prasad * First we search the debug address register it uses and then we disable 975aae8a53SK.Prasad * it. 985aae8a53SK.Prasad * 995aae8a53SK.Prasad * Atomic: we hold the counter->ctx->lock and we only handle variables 1005aae8a53SK.Prasad * and registers local to this cpu. 1015aae8a53SK.Prasad */ 1025aae8a53SK.Prasad void arch_uninstall_hw_breakpoint(struct perf_event *bp) 1035aae8a53SK.Prasad { 10474c68810SRavi Bangoria struct arch_hw_breakpoint null_brk = {0}; 10574c68810SRavi Bangoria struct perf_event **slot; 10674c68810SRavi Bangoria int i; 1075aae8a53SK.Prasad 10874c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 10974c68810SRavi Bangoria slot = this_cpu_ptr(&bp_per_reg[i]); 11074c68810SRavi Bangoria if (*slot == bp) { 11174c68810SRavi Bangoria *slot = NULL; 11274c68810SRavi Bangoria break; 11374c68810SRavi Bangoria } 1145aae8a53SK.Prasad } 1155aae8a53SK.Prasad 11674c68810SRavi Bangoria if (WARN_ONCE(i == nr_wp_slots(), "Can't find any breakpoint slot")) 11774c68810SRavi Bangoria return; 11874c68810SRavi Bangoria 11974c68810SRavi Bangoria __set_breakpoint(i, &null_brk); 1205aae8a53SK.Prasad } 1215aae8a53SK.Prasad 122c9e82aebSRavi Bangoria static bool is_ptrace_bp(struct perf_event *bp) 123c9e82aebSRavi Bangoria { 124c9e82aebSRavi Bangoria return bp->overflow_handler == ptrace_triggered; 125c9e82aebSRavi Bangoria } 126c9e82aebSRavi Bangoria 12729da4f91SRavi Bangoria struct breakpoint { 12829da4f91SRavi Bangoria struct list_head list; 12929da4f91SRavi Bangoria struct perf_event *bp; 13029da4f91SRavi Bangoria bool ptrace_bp; 13129da4f91SRavi Bangoria }; 13229da4f91SRavi Bangoria 13329da4f91SRavi Bangoria static DEFINE_PER_CPU(struct breakpoint *, cpu_bps[HBP_NUM_MAX]); 13429da4f91SRavi Bangoria static LIST_HEAD(task_bps); 13529da4f91SRavi Bangoria 13629da4f91SRavi Bangoria static struct breakpoint *alloc_breakpoint(struct perf_event *bp) 13729da4f91SRavi Bangoria { 13829da4f91SRavi Bangoria struct breakpoint *tmp; 13929da4f91SRavi Bangoria 14029da4f91SRavi Bangoria tmp = kzalloc(sizeof(*tmp), GFP_KERNEL); 14129da4f91SRavi Bangoria if (!tmp) 14229da4f91SRavi Bangoria return ERR_PTR(-ENOMEM); 14329da4f91SRavi Bangoria tmp->bp = bp; 14429da4f91SRavi Bangoria tmp->ptrace_bp = is_ptrace_bp(bp); 14529da4f91SRavi Bangoria return tmp; 14629da4f91SRavi Bangoria } 14729da4f91SRavi Bangoria 14829da4f91SRavi Bangoria static bool bp_addr_range_overlap(struct perf_event *bp1, struct perf_event *bp2) 14929da4f91SRavi Bangoria { 15029da4f91SRavi Bangoria __u64 bp1_saddr, bp1_eaddr, bp2_saddr, bp2_eaddr; 15129da4f91SRavi Bangoria 15229da4f91SRavi Bangoria bp1_saddr = ALIGN_DOWN(bp1->attr.bp_addr, HW_BREAKPOINT_SIZE); 15329da4f91SRavi Bangoria bp1_eaddr = ALIGN(bp1->attr.bp_addr + bp1->attr.bp_len, HW_BREAKPOINT_SIZE); 15429da4f91SRavi Bangoria bp2_saddr = ALIGN_DOWN(bp2->attr.bp_addr, HW_BREAKPOINT_SIZE); 15529da4f91SRavi Bangoria bp2_eaddr = ALIGN(bp2->attr.bp_addr + bp2->attr.bp_len, HW_BREAKPOINT_SIZE); 15629da4f91SRavi Bangoria 15729da4f91SRavi Bangoria return (bp1_saddr < bp2_eaddr && bp1_eaddr > bp2_saddr); 15829da4f91SRavi Bangoria } 15929da4f91SRavi Bangoria 16029da4f91SRavi Bangoria static bool alternate_infra_bp(struct breakpoint *b, struct perf_event *bp) 16129da4f91SRavi Bangoria { 16229da4f91SRavi Bangoria return is_ptrace_bp(bp) ? !b->ptrace_bp : b->ptrace_bp; 16329da4f91SRavi Bangoria } 16429da4f91SRavi Bangoria 16529da4f91SRavi Bangoria static bool can_co_exist(struct breakpoint *b, struct perf_event *bp) 16629da4f91SRavi Bangoria { 16729da4f91SRavi Bangoria return !(alternate_infra_bp(b, bp) && bp_addr_range_overlap(b->bp, bp)); 16829da4f91SRavi Bangoria } 16929da4f91SRavi Bangoria 17029da4f91SRavi Bangoria static int task_bps_add(struct perf_event *bp) 17129da4f91SRavi Bangoria { 17229da4f91SRavi Bangoria struct breakpoint *tmp; 17329da4f91SRavi Bangoria 17429da4f91SRavi Bangoria tmp = alloc_breakpoint(bp); 17529da4f91SRavi Bangoria if (IS_ERR(tmp)) 17629da4f91SRavi Bangoria return PTR_ERR(tmp); 17729da4f91SRavi Bangoria 17829da4f91SRavi Bangoria list_add(&tmp->list, &task_bps); 17929da4f91SRavi Bangoria return 0; 18029da4f91SRavi Bangoria } 18129da4f91SRavi Bangoria 18229da4f91SRavi Bangoria static void task_bps_remove(struct perf_event *bp) 18329da4f91SRavi Bangoria { 18429da4f91SRavi Bangoria struct list_head *pos, *q; 18529da4f91SRavi Bangoria 18629da4f91SRavi Bangoria list_for_each_safe(pos, q, &task_bps) { 18729da4f91SRavi Bangoria struct breakpoint *tmp = list_entry(pos, struct breakpoint, list); 18829da4f91SRavi Bangoria 18929da4f91SRavi Bangoria if (tmp->bp == bp) { 19029da4f91SRavi Bangoria list_del(&tmp->list); 19129da4f91SRavi Bangoria kfree(tmp); 19229da4f91SRavi Bangoria break; 19329da4f91SRavi Bangoria } 19429da4f91SRavi Bangoria } 19529da4f91SRavi Bangoria } 19629da4f91SRavi Bangoria 19729da4f91SRavi Bangoria /* 19829da4f91SRavi Bangoria * If any task has breakpoint from alternate infrastructure, 19929da4f91SRavi Bangoria * return true. Otherwise return false. 20029da4f91SRavi Bangoria */ 20129da4f91SRavi Bangoria static bool all_task_bps_check(struct perf_event *bp) 20229da4f91SRavi Bangoria { 20329da4f91SRavi Bangoria struct breakpoint *tmp; 20429da4f91SRavi Bangoria 20529da4f91SRavi Bangoria list_for_each_entry(tmp, &task_bps, list) { 20629da4f91SRavi Bangoria if (!can_co_exist(tmp, bp)) 20729da4f91SRavi Bangoria return true; 20829da4f91SRavi Bangoria } 20929da4f91SRavi Bangoria return false; 21029da4f91SRavi Bangoria } 21129da4f91SRavi Bangoria 21229da4f91SRavi Bangoria /* 21329da4f91SRavi Bangoria * If same task has breakpoint from alternate infrastructure, 21429da4f91SRavi Bangoria * return true. Otherwise return false. 21529da4f91SRavi Bangoria */ 21629da4f91SRavi Bangoria static bool same_task_bps_check(struct perf_event *bp) 21729da4f91SRavi Bangoria { 21829da4f91SRavi Bangoria struct breakpoint *tmp; 21929da4f91SRavi Bangoria 22029da4f91SRavi Bangoria list_for_each_entry(tmp, &task_bps, list) { 22129da4f91SRavi Bangoria if (tmp->bp->hw.target == bp->hw.target && 22229da4f91SRavi Bangoria !can_co_exist(tmp, bp)) 22329da4f91SRavi Bangoria return true; 22429da4f91SRavi Bangoria } 22529da4f91SRavi Bangoria return false; 22629da4f91SRavi Bangoria } 22729da4f91SRavi Bangoria 22829da4f91SRavi Bangoria static int cpu_bps_add(struct perf_event *bp) 22929da4f91SRavi Bangoria { 23029da4f91SRavi Bangoria struct breakpoint **cpu_bp; 23129da4f91SRavi Bangoria struct breakpoint *tmp; 23229da4f91SRavi Bangoria int i = 0; 23329da4f91SRavi Bangoria 23429da4f91SRavi Bangoria tmp = alloc_breakpoint(bp); 23529da4f91SRavi Bangoria if (IS_ERR(tmp)) 23629da4f91SRavi Bangoria return PTR_ERR(tmp); 23729da4f91SRavi Bangoria 23829da4f91SRavi Bangoria cpu_bp = per_cpu_ptr(cpu_bps, bp->cpu); 23929da4f91SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 24029da4f91SRavi Bangoria if (!cpu_bp[i]) { 24129da4f91SRavi Bangoria cpu_bp[i] = tmp; 24229da4f91SRavi Bangoria break; 24329da4f91SRavi Bangoria } 24429da4f91SRavi Bangoria } 24529da4f91SRavi Bangoria return 0; 24629da4f91SRavi Bangoria } 24729da4f91SRavi Bangoria 24829da4f91SRavi Bangoria static void cpu_bps_remove(struct perf_event *bp) 24929da4f91SRavi Bangoria { 25029da4f91SRavi Bangoria struct breakpoint **cpu_bp; 25129da4f91SRavi Bangoria int i = 0; 25229da4f91SRavi Bangoria 25329da4f91SRavi Bangoria cpu_bp = per_cpu_ptr(cpu_bps, bp->cpu); 25429da4f91SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 25529da4f91SRavi Bangoria if (!cpu_bp[i]) 25629da4f91SRavi Bangoria continue; 25729da4f91SRavi Bangoria 25829da4f91SRavi Bangoria if (cpu_bp[i]->bp == bp) { 25929da4f91SRavi Bangoria kfree(cpu_bp[i]); 26029da4f91SRavi Bangoria cpu_bp[i] = NULL; 26129da4f91SRavi Bangoria break; 26229da4f91SRavi Bangoria } 26329da4f91SRavi Bangoria } 26429da4f91SRavi Bangoria } 26529da4f91SRavi Bangoria 26629da4f91SRavi Bangoria static bool cpu_bps_check(int cpu, struct perf_event *bp) 26729da4f91SRavi Bangoria { 26829da4f91SRavi Bangoria struct breakpoint **cpu_bp; 26929da4f91SRavi Bangoria int i; 27029da4f91SRavi Bangoria 27129da4f91SRavi Bangoria cpu_bp = per_cpu_ptr(cpu_bps, cpu); 27229da4f91SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 27329da4f91SRavi Bangoria if (cpu_bp[i] && !can_co_exist(cpu_bp[i], bp)) 27429da4f91SRavi Bangoria return true; 27529da4f91SRavi Bangoria } 27629da4f91SRavi Bangoria return false; 27729da4f91SRavi Bangoria } 27829da4f91SRavi Bangoria 27929da4f91SRavi Bangoria static bool all_cpu_bps_check(struct perf_event *bp) 28029da4f91SRavi Bangoria { 28129da4f91SRavi Bangoria int cpu; 28229da4f91SRavi Bangoria 28329da4f91SRavi Bangoria for_each_online_cpu(cpu) { 28429da4f91SRavi Bangoria if (cpu_bps_check(cpu, bp)) 28529da4f91SRavi Bangoria return true; 28629da4f91SRavi Bangoria } 28729da4f91SRavi Bangoria return false; 28829da4f91SRavi Bangoria } 28929da4f91SRavi Bangoria 29029da4f91SRavi Bangoria /* 29129da4f91SRavi Bangoria * We don't use any locks to serialize accesses to cpu_bps or task_bps 29229da4f91SRavi Bangoria * because are already inside nr_bp_mutex. 29329da4f91SRavi Bangoria */ 29429da4f91SRavi Bangoria int arch_reserve_bp_slot(struct perf_event *bp) 29529da4f91SRavi Bangoria { 29629da4f91SRavi Bangoria int ret; 29729da4f91SRavi Bangoria 29829da4f91SRavi Bangoria /* ptrace breakpoint */ 29929da4f91SRavi Bangoria if (is_ptrace_bp(bp)) { 30029da4f91SRavi Bangoria if (all_cpu_bps_check(bp)) 30129da4f91SRavi Bangoria return -ENOSPC; 30229da4f91SRavi Bangoria 30329da4f91SRavi Bangoria if (same_task_bps_check(bp)) 30429da4f91SRavi Bangoria return -ENOSPC; 30529da4f91SRavi Bangoria 30629da4f91SRavi Bangoria return task_bps_add(bp); 30729da4f91SRavi Bangoria } 30829da4f91SRavi Bangoria 30929da4f91SRavi Bangoria /* perf breakpoint */ 31029da4f91SRavi Bangoria if (is_kernel_addr(bp->attr.bp_addr)) 31129da4f91SRavi Bangoria return 0; 31229da4f91SRavi Bangoria 31329da4f91SRavi Bangoria if (bp->hw.target && bp->cpu == -1) { 31429da4f91SRavi Bangoria if (same_task_bps_check(bp)) 31529da4f91SRavi Bangoria return -ENOSPC; 31629da4f91SRavi Bangoria 31729da4f91SRavi Bangoria return task_bps_add(bp); 31829da4f91SRavi Bangoria } else if (!bp->hw.target && bp->cpu != -1) { 31929da4f91SRavi Bangoria if (all_task_bps_check(bp)) 32029da4f91SRavi Bangoria return -ENOSPC; 32129da4f91SRavi Bangoria 32229da4f91SRavi Bangoria return cpu_bps_add(bp); 32329da4f91SRavi Bangoria } 32429da4f91SRavi Bangoria 32529da4f91SRavi Bangoria if (same_task_bps_check(bp)) 32629da4f91SRavi Bangoria return -ENOSPC; 32729da4f91SRavi Bangoria 32829da4f91SRavi Bangoria ret = cpu_bps_add(bp); 32929da4f91SRavi Bangoria if (ret) 33029da4f91SRavi Bangoria return ret; 33129da4f91SRavi Bangoria ret = task_bps_add(bp); 33229da4f91SRavi Bangoria if (ret) 33329da4f91SRavi Bangoria cpu_bps_remove(bp); 33429da4f91SRavi Bangoria 33529da4f91SRavi Bangoria return ret; 33629da4f91SRavi Bangoria } 33729da4f91SRavi Bangoria 33829da4f91SRavi Bangoria void arch_release_bp_slot(struct perf_event *bp) 33929da4f91SRavi Bangoria { 34029da4f91SRavi Bangoria if (!is_kernel_addr(bp->attr.bp_addr)) { 34129da4f91SRavi Bangoria if (bp->hw.target) 34229da4f91SRavi Bangoria task_bps_remove(bp); 34329da4f91SRavi Bangoria if (bp->cpu != -1) 34429da4f91SRavi Bangoria cpu_bps_remove(bp); 34529da4f91SRavi Bangoria } 34629da4f91SRavi Bangoria } 34729da4f91SRavi Bangoria 3485aae8a53SK.Prasad /* 3495aae8a53SK.Prasad * Perform cleanup of arch-specific counters during unregistration 3505aae8a53SK.Prasad * of the perf-event 3515aae8a53SK.Prasad */ 3525aae8a53SK.Prasad void arch_unregister_hw_breakpoint(struct perf_event *bp) 3535aae8a53SK.Prasad { 3545aae8a53SK.Prasad /* 3555aae8a53SK.Prasad * If the breakpoint is unregistered between a hw_breakpoint_handler() 3565aae8a53SK.Prasad * and the single_step_dabr_instruction(), then cleanup the breakpoint 3575aae8a53SK.Prasad * restoration variables to prevent dangling pointers. 358fb822e60SRavi Bangoria * FIXME, this should not be using bp->ctx at all! Sayeth peterz. 3595aae8a53SK.Prasad */ 36074c68810SRavi Bangoria if (bp->ctx && bp->ctx->task && bp->ctx->task != ((void *)-1L)) { 36174c68810SRavi Bangoria int i; 36274c68810SRavi Bangoria 36374c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 36474c68810SRavi Bangoria if (bp->ctx->task->thread.last_hit_ubp[i] == bp) 36574c68810SRavi Bangoria bp->ctx->task->thread.last_hit_ubp[i] = NULL; 36674c68810SRavi Bangoria } 36774c68810SRavi Bangoria } 3685aae8a53SK.Prasad } 3695aae8a53SK.Prasad 3705aae8a53SK.Prasad /* 3715aae8a53SK.Prasad * Check for virtual address in kernel space. 3725aae8a53SK.Prasad */ 3738e983ff9SFrederic Weisbecker int arch_check_bp_in_kernelspace(struct arch_hw_breakpoint *hw) 3745aae8a53SK.Prasad { 3758e983ff9SFrederic Weisbecker return is_kernel_addr(hw->address); 3765aae8a53SK.Prasad } 3775aae8a53SK.Prasad 3785aae8a53SK.Prasad int arch_bp_generic_fields(int type, int *gen_bp_type) 3795aae8a53SK.Prasad { 3809422de3eSMichael Neuling *gen_bp_type = 0; 3819422de3eSMichael Neuling if (type & HW_BRK_TYPE_READ) 3829422de3eSMichael Neuling *gen_bp_type |= HW_BREAKPOINT_R; 3839422de3eSMichael Neuling if (type & HW_BRK_TYPE_WRITE) 3849422de3eSMichael Neuling *gen_bp_type |= HW_BREAKPOINT_W; 3859422de3eSMichael Neuling if (*gen_bp_type == 0) 3865aae8a53SK.Prasad return -EINVAL; 3875aae8a53SK.Prasad return 0; 3885aae8a53SK.Prasad } 3895aae8a53SK.Prasad 3905aae8a53SK.Prasad /* 391b57aeab8SRavi Bangoria * Watchpoint match range is always doubleword(8 bytes) aligned on 392b57aeab8SRavi Bangoria * powerpc. If the given range is crossing doubleword boundary, we 393b57aeab8SRavi Bangoria * need to increase the length such that next doubleword also get 394b57aeab8SRavi Bangoria * covered. Ex, 395b57aeab8SRavi Bangoria * 396b57aeab8SRavi Bangoria * address len = 6 bytes 397b57aeab8SRavi Bangoria * |=========. 398b57aeab8SRavi Bangoria * |------------v--|------v--------| 399b57aeab8SRavi Bangoria * | | | | | | | | | | | | | | | | | 400b57aeab8SRavi Bangoria * |---------------|---------------| 401b57aeab8SRavi Bangoria * <---8 bytes---> 402b57aeab8SRavi Bangoria * 403b57aeab8SRavi Bangoria * In this case, we should configure hw as: 404e68ef121SRavi Bangoria * start_addr = address & ~(HW_BREAKPOINT_SIZE - 1) 405b57aeab8SRavi Bangoria * len = 16 bytes 406b57aeab8SRavi Bangoria * 407e68ef121SRavi Bangoria * @start_addr is inclusive but @end_addr is exclusive. 408b57aeab8SRavi Bangoria */ 409b57aeab8SRavi Bangoria static int hw_breakpoint_validate_len(struct arch_hw_breakpoint *hw) 410b57aeab8SRavi Bangoria { 411b57aeab8SRavi Bangoria u16 max_len = DABR_MAX_LEN; 412b57aeab8SRavi Bangoria u16 hw_len; 413b57aeab8SRavi Bangoria unsigned long start_addr, end_addr; 414b57aeab8SRavi Bangoria 415e68ef121SRavi Bangoria start_addr = ALIGN_DOWN(hw->address, HW_BREAKPOINT_SIZE); 416e68ef121SRavi Bangoria end_addr = ALIGN(hw->address + hw->len, HW_BREAKPOINT_SIZE); 417e68ef121SRavi Bangoria hw_len = end_addr - start_addr; 418b57aeab8SRavi Bangoria 419b57aeab8SRavi Bangoria if (dawr_enabled()) { 420b57aeab8SRavi Bangoria max_len = DAWR_MAX_LEN; 4213f31e49dSRavi Bangoria /* DAWR region can't cross 512 bytes boundary on p10 predecessors */ 4223f31e49dSRavi Bangoria if (!cpu_has_feature(CPU_FTR_ARCH_31) && 4233f31e49dSRavi Bangoria (ALIGN_DOWN(start_addr, SZ_512) != ALIGN_DOWN(end_addr - 1, SZ_512))) 424b57aeab8SRavi Bangoria return -EINVAL; 42539413ae0SChristophe Leroy } else if (IS_ENABLED(CONFIG_PPC_8xx)) { 42639413ae0SChristophe Leroy /* 8xx can setup a range without limitation */ 42739413ae0SChristophe Leroy max_len = U16_MAX; 428b57aeab8SRavi Bangoria } 429b57aeab8SRavi Bangoria 430b57aeab8SRavi Bangoria if (hw_len > max_len) 431b57aeab8SRavi Bangoria return -EINVAL; 432b57aeab8SRavi Bangoria 433b57aeab8SRavi Bangoria hw->hw_len = hw_len; 434b57aeab8SRavi Bangoria return 0; 435b57aeab8SRavi Bangoria } 436b57aeab8SRavi Bangoria 437b57aeab8SRavi Bangoria /* 4385aae8a53SK.Prasad * Validate the arch-specific HW Breakpoint register settings 4395aae8a53SK.Prasad */ 4405d5176baSFrederic Weisbecker int hw_breakpoint_arch_parse(struct perf_event *bp, 4415d5176baSFrederic Weisbecker const struct perf_event_attr *attr, 4425d5176baSFrederic Weisbecker struct arch_hw_breakpoint *hw) 4435aae8a53SK.Prasad { 444b57aeab8SRavi Bangoria int ret = -EINVAL; 4455aae8a53SK.Prasad 446b57aeab8SRavi Bangoria if (!bp || !attr->bp_len) 4475aae8a53SK.Prasad return ret; 4485aae8a53SK.Prasad 4495d5176baSFrederic Weisbecker hw->type = HW_BRK_TYPE_TRANSLATE; 4505d5176baSFrederic Weisbecker if (attr->bp_type & HW_BREAKPOINT_R) 4515d5176baSFrederic Weisbecker hw->type |= HW_BRK_TYPE_READ; 4525d5176baSFrederic Weisbecker if (attr->bp_type & HW_BREAKPOINT_W) 4535d5176baSFrederic Weisbecker hw->type |= HW_BRK_TYPE_WRITE; 4545d5176baSFrederic Weisbecker if (hw->type == HW_BRK_TYPE_TRANSLATE) 4559422de3eSMichael Neuling /* must set alteast read or write */ 4565aae8a53SK.Prasad return ret; 4575d5176baSFrederic Weisbecker if (!attr->exclude_user) 4585d5176baSFrederic Weisbecker hw->type |= HW_BRK_TYPE_USER; 4595d5176baSFrederic Weisbecker if (!attr->exclude_kernel) 4605d5176baSFrederic Weisbecker hw->type |= HW_BRK_TYPE_KERNEL; 4615d5176baSFrederic Weisbecker if (!attr->exclude_hv) 4625d5176baSFrederic Weisbecker hw->type |= HW_BRK_TYPE_HYP; 4635d5176baSFrederic Weisbecker hw->address = attr->bp_addr; 4645d5176baSFrederic Weisbecker hw->len = attr->bp_len; 4655aae8a53SK.Prasad 46685ce9a5dSMichael Neuling if (!ppc_breakpoint_available()) 46785ce9a5dSMichael Neuling return -ENODEV; 468b57aeab8SRavi Bangoria 469b57aeab8SRavi Bangoria return hw_breakpoint_validate_len(hw); 4705aae8a53SK.Prasad } 4715aae8a53SK.Prasad 4725aae8a53SK.Prasad /* 47306532a67SK.Prasad * Restores the breakpoint on the debug registers. 47406532a67SK.Prasad * Invoke this function if it is known that the execution context is 47506532a67SK.Prasad * about to change to cause loss of MSR_SE settings. 47606532a67SK.Prasad */ 47706532a67SK.Prasad void thread_change_pc(struct task_struct *tsk, struct pt_regs *regs) 47806532a67SK.Prasad { 47906532a67SK.Prasad struct arch_hw_breakpoint *info; 48074c68810SRavi Bangoria int i; 48106532a67SK.Prasad 48274c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 48374c68810SRavi Bangoria if (unlikely(tsk->thread.last_hit_ubp[i])) 48474c68810SRavi Bangoria goto reset; 48574c68810SRavi Bangoria } 48606532a67SK.Prasad return; 48706532a67SK.Prasad 48874c68810SRavi Bangoria reset: 48906532a67SK.Prasad regs->msr &= ~MSR_SE; 49074c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 49174c68810SRavi Bangoria info = counter_arch_bp(__this_cpu_read(bp_per_reg[i])); 49274c68810SRavi Bangoria __set_breakpoint(i, info); 49374c68810SRavi Bangoria tsk->thread.last_hit_ubp[i] = NULL; 49474c68810SRavi Bangoria } 49506532a67SK.Prasad } 49606532a67SK.Prasad 497f6780ce6SRavi Bangoria static bool is_larx_stcx_instr(int type) 498f6780ce6SRavi Bangoria { 499f6780ce6SRavi Bangoria return type == LARX || type == STCX; 50074c68810SRavi Bangoria } 50174c68810SRavi Bangoria 502658d029dSChristophe Leroy /* 503bc01bdf6SRavi Bangoria * We've failed in reliably handling the hw-breakpoint. Unregister 504bc01bdf6SRavi Bangoria * it and throw a warning message to let the user know about it. 505658d029dSChristophe Leroy */ 50674c68810SRavi Bangoria static void handler_error(struct perf_event *bp, struct arch_hw_breakpoint *info) 50774c68810SRavi Bangoria { 50874c68810SRavi Bangoria WARN(1, "Unable to handle hardware breakpoint. Breakpoint at 0x%lx will be disabled.", 50974c68810SRavi Bangoria info->address); 510658d029dSChristophe Leroy perf_event_disable_inatomic(bp); 51174c68810SRavi Bangoria } 51274c68810SRavi Bangoria 51374c68810SRavi Bangoria static void larx_stcx_err(struct perf_event *bp, struct arch_hw_breakpoint *info) 51474c68810SRavi Bangoria { 51574c68810SRavi Bangoria printk_ratelimited("Breakpoint hit on instruction that can't be emulated. Breakpoint at 0x%lx will be disabled.\n", 51674c68810SRavi Bangoria info->address); 51774c68810SRavi Bangoria perf_event_disable_inatomic(bp); 51874c68810SRavi Bangoria } 51974c68810SRavi Bangoria 52074c68810SRavi Bangoria static bool stepping_handler(struct pt_regs *regs, struct perf_event **bp, 52174c68810SRavi Bangoria struct arch_hw_breakpoint **info, int *hit, 52274c68810SRavi Bangoria struct ppc_inst instr) 52374c68810SRavi Bangoria { 52474c68810SRavi Bangoria int i; 52574c68810SRavi Bangoria int stepped; 52674c68810SRavi Bangoria 52774c68810SRavi Bangoria /* Do not emulate user-space instructions, instead single-step them */ 52874c68810SRavi Bangoria if (user_mode(regs)) { 52974c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 53074c68810SRavi Bangoria if (!hit[i]) 53174c68810SRavi Bangoria continue; 53274c68810SRavi Bangoria current->thread.last_hit_ubp[i] = bp[i]; 53374c68810SRavi Bangoria info[i] = NULL; 53474c68810SRavi Bangoria } 53574c68810SRavi Bangoria regs->msr |= MSR_SE; 536658d029dSChristophe Leroy return false; 537658d029dSChristophe Leroy } 538658d029dSChristophe Leroy 53974c68810SRavi Bangoria stepped = emulate_step(regs, instr); 54074c68810SRavi Bangoria if (!stepped) { 54174c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 54274c68810SRavi Bangoria if (!hit[i]) 54374c68810SRavi Bangoria continue; 54474c68810SRavi Bangoria handler_error(bp[i], info[i]); 54574c68810SRavi Bangoria info[i] = NULL; 54674c68810SRavi Bangoria } 54774c68810SRavi Bangoria return false; 54874c68810SRavi Bangoria } 54974c68810SRavi Bangoria return true; 55074c68810SRavi Bangoria } 55174c68810SRavi Bangoria 55203465f89SNicholas Piggin int hw_breakpoint_handler(struct die_args *args) 5535aae8a53SK.Prasad { 55474c68810SRavi Bangoria bool err = false; 5555aae8a53SK.Prasad int rc = NOTIFY_STOP; 55674c68810SRavi Bangoria struct perf_event *bp[HBP_NUM_MAX] = { NULL }; 5575aae8a53SK.Prasad struct pt_regs *regs = args->regs; 55874c68810SRavi Bangoria struct arch_hw_breakpoint *info[HBP_NUM_MAX] = { NULL }; 55974c68810SRavi Bangoria int i; 56074c68810SRavi Bangoria int hit[HBP_NUM_MAX] = {0}; 56174c68810SRavi Bangoria int nr_hit = 0; 56274c68810SRavi Bangoria bool ptrace_bp = false; 56374c68810SRavi Bangoria struct ppc_inst instr = ppc_inst(0); 56474c68810SRavi Bangoria int type = 0; 56574c68810SRavi Bangoria int size = 0; 566f6780ce6SRavi Bangoria unsigned long ea; 5675aae8a53SK.Prasad 5685aae8a53SK.Prasad /* Disable breakpoints during exception handling */ 5699422de3eSMichael Neuling hw_breakpoint_disable(); 570574cb248SPaul Mackerras 5715aae8a53SK.Prasad /* 5725aae8a53SK.Prasad * The counter may be concurrently released but that can only 5735aae8a53SK.Prasad * occur from a call_rcu() path. We can then safely fetch 5745aae8a53SK.Prasad * the breakpoint, use its callback, touch its counter 5755aae8a53SK.Prasad * while we are in an rcu_read_lock() path. 5765aae8a53SK.Prasad */ 5775aae8a53SK.Prasad rcu_read_lock(); 5785aae8a53SK.Prasad 57974c68810SRavi Bangoria if (!IS_ENABLED(CONFIG_PPC_8xx)) 580*edc8dd99SRavi Bangoria wp_get_instr_detail(regs, &instr, &type, &size, &ea); 58174c68810SRavi Bangoria 58274c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 58374c68810SRavi Bangoria bp[i] = __this_cpu_read(bp_per_reg[i]); 58474c68810SRavi Bangoria if (!bp[i]) 58574c68810SRavi Bangoria continue; 58674c68810SRavi Bangoria 58774c68810SRavi Bangoria info[i] = counter_arch_bp(bp[i]); 58874c68810SRavi Bangoria info[i]->type &= ~HW_BRK_TYPE_EXTRANEOUS_IRQ; 58974c68810SRavi Bangoria 590*edc8dd99SRavi Bangoria if (wp_check_constraints(regs, instr, ea, type, size, info[i])) { 59174c68810SRavi Bangoria if (!IS_ENABLED(CONFIG_PPC_8xx) && 59274c68810SRavi Bangoria ppc_inst_equal(instr, ppc_inst(0))) { 59374c68810SRavi Bangoria handler_error(bp[i], info[i]); 59474c68810SRavi Bangoria info[i] = NULL; 59574c68810SRavi Bangoria err = 1; 59674c68810SRavi Bangoria continue; 59774c68810SRavi Bangoria } 59874c68810SRavi Bangoria 59974c68810SRavi Bangoria if (is_ptrace_bp(bp[i])) 60074c68810SRavi Bangoria ptrace_bp = true; 60174c68810SRavi Bangoria hit[i] = 1; 60274c68810SRavi Bangoria nr_hit++; 60374c68810SRavi Bangoria } 60474c68810SRavi Bangoria } 60574c68810SRavi Bangoria 60674c68810SRavi Bangoria if (err) 60774c68810SRavi Bangoria goto reset; 60874c68810SRavi Bangoria 60974c68810SRavi Bangoria if (!nr_hit) { 610c21a493aSRavi Bangoria rc = NOTIFY_DONE; 6115aae8a53SK.Prasad goto out; 612c21a493aSRavi Bangoria } 6135aae8a53SK.Prasad 6145aae8a53SK.Prasad /* 6155aae8a53SK.Prasad * Return early after invoking user-callback function without restoring 6165aae8a53SK.Prasad * DABR if the breakpoint is from ptrace which always operates in 6175aae8a53SK.Prasad * one-shot mode. The ptrace-ed process will receive the SIGTRAP signal 6185aae8a53SK.Prasad * generated in do_dabr(). 6195aae8a53SK.Prasad */ 62074c68810SRavi Bangoria if (ptrace_bp) { 62174c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 62274c68810SRavi Bangoria if (!hit[i]) 62374c68810SRavi Bangoria continue; 62474c68810SRavi Bangoria perf_bp_event(bp[i], regs); 62574c68810SRavi Bangoria info[i] = NULL; 62674c68810SRavi Bangoria } 6275aae8a53SK.Prasad rc = NOTIFY_DONE; 62874c68810SRavi Bangoria goto reset; 6295aae8a53SK.Prasad } 6305aae8a53SK.Prasad 63174c68810SRavi Bangoria if (!IS_ENABLED(CONFIG_PPC_8xx)) { 632f6780ce6SRavi Bangoria if (is_larx_stcx_instr(type)) { 63374c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 63474c68810SRavi Bangoria if (!hit[i]) 63574c68810SRavi Bangoria continue; 63674c68810SRavi Bangoria larx_stcx_err(bp[i], info[i]); 63774c68810SRavi Bangoria info[i] = NULL; 63874c68810SRavi Bangoria } 63974c68810SRavi Bangoria goto reset; 64074c68810SRavi Bangoria } 64174c68810SRavi Bangoria 64274c68810SRavi Bangoria if (!stepping_handler(regs, bp, info, hit, instr)) 64374c68810SRavi Bangoria goto reset; 644e08658a6SRavi Bangoria } 6455aae8a53SK.Prasad 6465aae8a53SK.Prasad /* 6475aae8a53SK.Prasad * As a policy, the callback is invoked in a 'trigger-after-execute' 6485aae8a53SK.Prasad * fashion 6495aae8a53SK.Prasad */ 65074c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 65174c68810SRavi Bangoria if (!hit[i]) 65274c68810SRavi Bangoria continue; 65374c68810SRavi Bangoria if (!(info[i]->type & HW_BRK_TYPE_EXTRANEOUS_IRQ)) 65474c68810SRavi Bangoria perf_bp_event(bp[i], regs); 65574c68810SRavi Bangoria } 6565aae8a53SK.Prasad 65774c68810SRavi Bangoria reset: 65874c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 65974c68810SRavi Bangoria if (!info[i]) 66074c68810SRavi Bangoria continue; 66174c68810SRavi Bangoria __set_breakpoint(i, info[i]); 66274c68810SRavi Bangoria } 66374c68810SRavi Bangoria 6645aae8a53SK.Prasad out: 6655aae8a53SK.Prasad rcu_read_unlock(); 6665aae8a53SK.Prasad return rc; 6675aae8a53SK.Prasad } 66803465f89SNicholas Piggin NOKPROBE_SYMBOL(hw_breakpoint_handler); 6695aae8a53SK.Prasad 6705aae8a53SK.Prasad /* 6715aae8a53SK.Prasad * Handle single-step exceptions following a DABR hit. 6725aae8a53SK.Prasad */ 67303465f89SNicholas Piggin static int single_step_dabr_instruction(struct die_args *args) 6745aae8a53SK.Prasad { 6755aae8a53SK.Prasad struct pt_regs *regs = args->regs; 6765aae8a53SK.Prasad struct perf_event *bp = NULL; 6773f4693eeSMichael Neuling struct arch_hw_breakpoint *info; 67874c68810SRavi Bangoria int i; 67974c68810SRavi Bangoria bool found = false; 6805aae8a53SK.Prasad 6815aae8a53SK.Prasad /* 6825aae8a53SK.Prasad * Check if we are single-stepping as a result of a 6835aae8a53SK.Prasad * previous HW Breakpoint exception 6845aae8a53SK.Prasad */ 68574c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 68674c68810SRavi Bangoria bp = current->thread.last_hit_ubp[i]; 6875aae8a53SK.Prasad 68874c68810SRavi Bangoria if (!bp) 68974c68810SRavi Bangoria continue; 69074c68810SRavi Bangoria 69174c68810SRavi Bangoria found = true; 6923f4693eeSMichael Neuling info = counter_arch_bp(bp); 6935aae8a53SK.Prasad 6945aae8a53SK.Prasad /* 69574c68810SRavi Bangoria * We shall invoke the user-defined callback function in the 69674c68810SRavi Bangoria * single stepping handler to confirm to 'trigger-after-execute' 69774c68810SRavi Bangoria * semantics 6985aae8a53SK.Prasad */ 6999422de3eSMichael Neuling if (!(info->type & HW_BRK_TYPE_EXTRANEOUS_IRQ)) 7005aae8a53SK.Prasad perf_bp_event(bp, regs); 70174c68810SRavi Bangoria current->thread.last_hit_ubp[i] = NULL; 70274c68810SRavi Bangoria } 7035aae8a53SK.Prasad 70474c68810SRavi Bangoria if (!found) 70574c68810SRavi Bangoria return NOTIFY_DONE; 70674c68810SRavi Bangoria 70774c68810SRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 70874c68810SRavi Bangoria bp = __this_cpu_read(bp_per_reg[i]); 70974c68810SRavi Bangoria if (!bp) 71074c68810SRavi Bangoria continue; 71174c68810SRavi Bangoria 71274c68810SRavi Bangoria info = counter_arch_bp(bp); 71374c68810SRavi Bangoria __set_breakpoint(i, info); 71474c68810SRavi Bangoria } 71576b0f133SPaul Mackerras 71676b0f133SPaul Mackerras /* 71776b0f133SPaul Mackerras * If the process was being single-stepped by ptrace, let the 71876b0f133SPaul Mackerras * other single-step actions occur (e.g. generate SIGTRAP). 71976b0f133SPaul Mackerras */ 72076b0f133SPaul Mackerras if (test_thread_flag(TIF_SINGLESTEP)) 72176b0f133SPaul Mackerras return NOTIFY_DONE; 72276b0f133SPaul Mackerras 7235aae8a53SK.Prasad return NOTIFY_STOP; 7245aae8a53SK.Prasad } 72503465f89SNicholas Piggin NOKPROBE_SYMBOL(single_step_dabr_instruction); 7265aae8a53SK.Prasad 7275aae8a53SK.Prasad /* 7285aae8a53SK.Prasad * Handle debug exception notifications. 7295aae8a53SK.Prasad */ 73003465f89SNicholas Piggin int hw_breakpoint_exceptions_notify( 7315aae8a53SK.Prasad struct notifier_block *unused, unsigned long val, void *data) 7325aae8a53SK.Prasad { 7335aae8a53SK.Prasad int ret = NOTIFY_DONE; 7345aae8a53SK.Prasad 7355aae8a53SK.Prasad switch (val) { 7365aae8a53SK.Prasad case DIE_DABR_MATCH: 7375aae8a53SK.Prasad ret = hw_breakpoint_handler(data); 7385aae8a53SK.Prasad break; 7395aae8a53SK.Prasad case DIE_SSTEP: 7405aae8a53SK.Prasad ret = single_step_dabr_instruction(data); 7415aae8a53SK.Prasad break; 7425aae8a53SK.Prasad } 7435aae8a53SK.Prasad 7445aae8a53SK.Prasad return ret; 7455aae8a53SK.Prasad } 74603465f89SNicholas Piggin NOKPROBE_SYMBOL(hw_breakpoint_exceptions_notify); 7475aae8a53SK.Prasad 7485aae8a53SK.Prasad /* 7495aae8a53SK.Prasad * Release the user breakpoints used by ptrace 7505aae8a53SK.Prasad */ 7515aae8a53SK.Prasad void flush_ptrace_hw_breakpoint(struct task_struct *tsk) 7525aae8a53SK.Prasad { 7536b424efaSRavi Bangoria int i; 7545aae8a53SK.Prasad struct thread_struct *t = &tsk->thread; 7555aae8a53SK.Prasad 7566b424efaSRavi Bangoria for (i = 0; i < nr_wp_slots(); i++) { 7576b424efaSRavi Bangoria unregister_hw_breakpoint(t->ptrace_bps[i]); 7586b424efaSRavi Bangoria t->ptrace_bps[i] = NULL; 7596b424efaSRavi Bangoria } 7605aae8a53SK.Prasad } 7615aae8a53SK.Prasad 7625aae8a53SK.Prasad void hw_breakpoint_pmu_read(struct perf_event *bp) 7635aae8a53SK.Prasad { 7645aae8a53SK.Prasad /* TODO */ 7655aae8a53SK.Prasad } 766ccbed90bSChristophe Leroy 767ccbed90bSChristophe Leroy void ptrace_triggered(struct perf_event *bp, 768ccbed90bSChristophe Leroy struct perf_sample_data *data, struct pt_regs *regs) 769ccbed90bSChristophe Leroy { 770ccbed90bSChristophe Leroy struct perf_event_attr attr; 771ccbed90bSChristophe Leroy 772ccbed90bSChristophe Leroy /* 773ccbed90bSChristophe Leroy * Disable the breakpoint request here since ptrace has defined a 774ccbed90bSChristophe Leroy * one-shot behaviour for breakpoint exceptions in PPC64. 775ccbed90bSChristophe Leroy * The SIGTRAP signal is generated automatically for us in do_dabr(). 776ccbed90bSChristophe Leroy * We don't have to do anything about that here 777ccbed90bSChristophe Leroy */ 778ccbed90bSChristophe Leroy attr = bp->attr; 779ccbed90bSChristophe Leroy attr.disabled = true; 780ccbed90bSChristophe Leroy modify_user_hw_breakpoint(bp, &attr); 781ccbed90bSChristophe Leroy } 782