17568cb4eSPaul Mackerras /* 27568cb4eSPaul Mackerras * Kernel Probes (KProbes) 37568cb4eSPaul Mackerras * 47568cb4eSPaul Mackerras * This program is free software; you can redistribute it and/or modify 57568cb4eSPaul Mackerras * it under the terms of the GNU General Public License as published by 67568cb4eSPaul Mackerras * the Free Software Foundation; either version 2 of the License, or 77568cb4eSPaul Mackerras * (at your option) any later version. 87568cb4eSPaul Mackerras * 97568cb4eSPaul Mackerras * This program is distributed in the hope that it will be useful, 107568cb4eSPaul Mackerras * but WITHOUT ANY WARRANTY; without even the implied warranty of 117568cb4eSPaul Mackerras * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 127568cb4eSPaul Mackerras * GNU General Public License for more details. 137568cb4eSPaul Mackerras * 147568cb4eSPaul Mackerras * You should have received a copy of the GNU General Public License 157568cb4eSPaul Mackerras * along with this program; if not, write to the Free Software 167568cb4eSPaul Mackerras * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 177568cb4eSPaul Mackerras * 187568cb4eSPaul Mackerras * Copyright (C) IBM Corporation, 2002, 2004 197568cb4eSPaul Mackerras * 207568cb4eSPaul Mackerras * 2002-Oct Created by Vamsi Krishna S <vamsi_krishna@in.ibm.com> Kernel 217568cb4eSPaul Mackerras * Probes initial implementation ( includes contributions from 227568cb4eSPaul Mackerras * Rusty Russell). 237568cb4eSPaul Mackerras * 2004-July Suparna Bhattacharya <suparna@in.ibm.com> added jumper probes 247568cb4eSPaul Mackerras * interface to access function arguments. 257568cb4eSPaul Mackerras * 2004-Nov Ananth N Mavinakayanahalli <ananth@in.ibm.com> kprobes port 267568cb4eSPaul Mackerras * for PPC64 277568cb4eSPaul Mackerras */ 287568cb4eSPaul Mackerras 297568cb4eSPaul Mackerras #include <linux/kprobes.h> 307568cb4eSPaul Mackerras #include <linux/ptrace.h> 317568cb4eSPaul Mackerras #include <linux/preempt.h> 3250e21f2bSPrasanna S Panchamukhi #include <linux/module.h> 331eeb66a1SChristoph Hellwig #include <linux/kdebug.h> 347568cb4eSPaul Mackerras #include <asm/cacheflush.h> 357568cb4eSPaul Mackerras #include <asm/sstep.h> 3650e21f2bSPrasanna S Panchamukhi #include <asm/uaccess.h> 377568cb4eSPaul Mackerras 387568cb4eSPaul Mackerras DEFINE_PER_CPU(struct kprobe *, current_kprobe) = NULL; 397568cb4eSPaul Mackerras DEFINE_PER_CPU(struct kprobe_ctlblk, kprobe_ctlblk); 407568cb4eSPaul Mackerras 417568cb4eSPaul Mackerras int __kprobes arch_prepare_kprobe(struct kprobe *p) 427568cb4eSPaul Mackerras { 437568cb4eSPaul Mackerras int ret = 0; 447568cb4eSPaul Mackerras kprobe_opcode_t insn = *p->addr; 457568cb4eSPaul Mackerras 467568cb4eSPaul Mackerras if ((unsigned long)p->addr & 0x03) { 477568cb4eSPaul Mackerras printk("Attempt to register kprobe at an unaligned address\n"); 487568cb4eSPaul Mackerras ret = -EINVAL; 4982090035SKumar Gala } else if (IS_MTMSRD(insn) || IS_RFID(insn) || IS_RFI(insn)) { 5082090035SKumar Gala printk("Cannot register a kprobe on rfi/rfid or mtmsr[d]\n"); 517568cb4eSPaul Mackerras ret = -EINVAL; 527568cb4eSPaul Mackerras } 537568cb4eSPaul Mackerras 547568cb4eSPaul Mackerras /* insn must be on a special executable page on ppc64 */ 557568cb4eSPaul Mackerras if (!ret) { 567568cb4eSPaul Mackerras p->ainsn.insn = get_insn_slot(); 577568cb4eSPaul Mackerras if (!p->ainsn.insn) 587568cb4eSPaul Mackerras ret = -ENOMEM; 597568cb4eSPaul Mackerras } 607568cb4eSPaul Mackerras 6149a2a1b8SAnil S Keshavamurthy if (!ret) { 62e6349a95SAnanth N Mavinakayanahalli memcpy(p->ainsn.insn, p->addr, 63e6349a95SAnanth N Mavinakayanahalli MAX_INSN_SIZE * sizeof(kprobe_opcode_t)); 647568cb4eSPaul Mackerras p->opcode = *p->addr; 6583db3ddeSAnanth N Mavinakayanahalli flush_icache_range((unsigned long)p->ainsn.insn, 6683db3ddeSAnanth N Mavinakayanahalli (unsigned long)p->ainsn.insn + sizeof(kprobe_opcode_t)); 677568cb4eSPaul Mackerras } 687568cb4eSPaul Mackerras 69e6349a95SAnanth N Mavinakayanahalli p->ainsn.boostable = 0; 7049a2a1b8SAnil S Keshavamurthy return ret; 7149a2a1b8SAnil S Keshavamurthy } 7249a2a1b8SAnil S Keshavamurthy 737568cb4eSPaul Mackerras void __kprobes arch_arm_kprobe(struct kprobe *p) 747568cb4eSPaul Mackerras { 757568cb4eSPaul Mackerras *p->addr = BREAKPOINT_INSTRUCTION; 767568cb4eSPaul Mackerras flush_icache_range((unsigned long) p->addr, 777568cb4eSPaul Mackerras (unsigned long) p->addr + sizeof(kprobe_opcode_t)); 787568cb4eSPaul Mackerras } 797568cb4eSPaul Mackerras 807568cb4eSPaul Mackerras void __kprobes arch_disarm_kprobe(struct kprobe *p) 817568cb4eSPaul Mackerras { 827568cb4eSPaul Mackerras *p->addr = p->opcode; 837568cb4eSPaul Mackerras flush_icache_range((unsigned long) p->addr, 847568cb4eSPaul Mackerras (unsigned long) p->addr + sizeof(kprobe_opcode_t)); 857568cb4eSPaul Mackerras } 867568cb4eSPaul Mackerras 870498b635SAnanth N Mavinakayanahalli void __kprobes arch_remove_kprobe(struct kprobe *p) 887568cb4eSPaul Mackerras { 897a7d1cf9SIngo Molnar mutex_lock(&kprobe_mutex); 90b4c6c34aSMasami Hiramatsu free_insn_slot(p->ainsn.insn, 0); 917a7d1cf9SIngo Molnar mutex_unlock(&kprobe_mutex); 927568cb4eSPaul Mackerras } 937568cb4eSPaul Mackerras 9446dbe2f4SPrasanna S Panchamukhi static void __kprobes prepare_singlestep(struct kprobe *p, struct pt_regs *regs) 957568cb4eSPaul Mackerras { 967568cb4eSPaul Mackerras regs->msr |= MSR_SE; 977568cb4eSPaul Mackerras 980ccde0a2SAnanth N Mavinakayanahalli /* 990ccde0a2SAnanth N Mavinakayanahalli * On powerpc we should single step on the original 1000ccde0a2SAnanth N Mavinakayanahalli * instruction even if the probed insn is a trap 1010ccde0a2SAnanth N Mavinakayanahalli * variant as values in regs could play a part in 1020ccde0a2SAnanth N Mavinakayanahalli * if the trap is taken or not 1030ccde0a2SAnanth N Mavinakayanahalli */ 1047568cb4eSPaul Mackerras regs->nip = (unsigned long)p->ainsn.insn; 1057568cb4eSPaul Mackerras } 1067568cb4eSPaul Mackerras 10746dbe2f4SPrasanna S Panchamukhi static void __kprobes save_previous_kprobe(struct kprobe_ctlblk *kcb) 1087568cb4eSPaul Mackerras { 1097568cb4eSPaul Mackerras kcb->prev_kprobe.kp = kprobe_running(); 1107568cb4eSPaul Mackerras kcb->prev_kprobe.status = kcb->kprobe_status; 1117568cb4eSPaul Mackerras kcb->prev_kprobe.saved_msr = kcb->kprobe_saved_msr; 1127568cb4eSPaul Mackerras } 1137568cb4eSPaul Mackerras 11446dbe2f4SPrasanna S Panchamukhi static void __kprobes restore_previous_kprobe(struct kprobe_ctlblk *kcb) 1157568cb4eSPaul Mackerras { 1167568cb4eSPaul Mackerras __get_cpu_var(current_kprobe) = kcb->prev_kprobe.kp; 1177568cb4eSPaul Mackerras kcb->kprobe_status = kcb->prev_kprobe.status; 1187568cb4eSPaul Mackerras kcb->kprobe_saved_msr = kcb->prev_kprobe.saved_msr; 1197568cb4eSPaul Mackerras } 1207568cb4eSPaul Mackerras 12146dbe2f4SPrasanna S Panchamukhi static void __kprobes set_current_kprobe(struct kprobe *p, struct pt_regs *regs, 1227568cb4eSPaul Mackerras struct kprobe_ctlblk *kcb) 1237568cb4eSPaul Mackerras { 1247568cb4eSPaul Mackerras __get_cpu_var(current_kprobe) = p; 1257568cb4eSPaul Mackerras kcb->kprobe_saved_msr = regs->msr; 1267568cb4eSPaul Mackerras } 1277568cb4eSPaul Mackerras 1287568cb4eSPaul Mackerras /* Called with kretprobe_lock held */ 1297568cb4eSPaul Mackerras void __kprobes arch_prepare_kretprobe(struct kretprobe *rp, 1307568cb4eSPaul Mackerras struct pt_regs *regs) 1317568cb4eSPaul Mackerras { 1327568cb4eSPaul Mackerras struct kretprobe_instance *ri; 1337568cb4eSPaul Mackerras 1347568cb4eSPaul Mackerras if ((ri = get_free_rp_inst(rp)) != NULL) { 1357568cb4eSPaul Mackerras ri->rp = rp; 1367568cb4eSPaul Mackerras ri->task = current; 1377568cb4eSPaul Mackerras ri->ret_addr = (kprobe_opcode_t *)regs->link; 1387568cb4eSPaul Mackerras 1397568cb4eSPaul Mackerras /* Replace the return addr with trampoline addr */ 1407568cb4eSPaul Mackerras regs->link = (unsigned long)kretprobe_trampoline; 1417568cb4eSPaul Mackerras add_rp_inst(ri); 1427568cb4eSPaul Mackerras } else { 1437568cb4eSPaul Mackerras rp->nmissed++; 1447568cb4eSPaul Mackerras } 1457568cb4eSPaul Mackerras } 1467568cb4eSPaul Mackerras 14746dbe2f4SPrasanna S Panchamukhi static int __kprobes kprobe_handler(struct pt_regs *regs) 1487568cb4eSPaul Mackerras { 1497568cb4eSPaul Mackerras struct kprobe *p; 1507568cb4eSPaul Mackerras int ret = 0; 1517568cb4eSPaul Mackerras unsigned int *addr = (unsigned int *)regs->nip; 1527568cb4eSPaul Mackerras struct kprobe_ctlblk *kcb; 1537568cb4eSPaul Mackerras 1547568cb4eSPaul Mackerras /* 1557568cb4eSPaul Mackerras * We don't want to be preempted for the entire 1567568cb4eSPaul Mackerras * duration of kprobe processing 1577568cb4eSPaul Mackerras */ 1587568cb4eSPaul Mackerras preempt_disable(); 1597568cb4eSPaul Mackerras kcb = get_kprobe_ctlblk(); 1607568cb4eSPaul Mackerras 1617568cb4eSPaul Mackerras /* Check we're not actually recursing */ 1627568cb4eSPaul Mackerras if (kprobe_running()) { 1637568cb4eSPaul Mackerras p = get_kprobe(addr); 1647568cb4eSPaul Mackerras if (p) { 1657568cb4eSPaul Mackerras kprobe_opcode_t insn = *p->ainsn.insn; 1667568cb4eSPaul Mackerras if (kcb->kprobe_status == KPROBE_HIT_SS && 1677568cb4eSPaul Mackerras is_trap(insn)) { 1687568cb4eSPaul Mackerras regs->msr &= ~MSR_SE; 1697568cb4eSPaul Mackerras regs->msr |= kcb->kprobe_saved_msr; 1707568cb4eSPaul Mackerras goto no_kprobe; 1717568cb4eSPaul Mackerras } 1727568cb4eSPaul Mackerras /* We have reentered the kprobe_handler(), since 1737568cb4eSPaul Mackerras * another probe was hit while within the handler. 1747568cb4eSPaul Mackerras * We here save the original kprobes variables and 1757568cb4eSPaul Mackerras * just single step on the instruction of the new probe 1767568cb4eSPaul Mackerras * without calling any user handlers. 1777568cb4eSPaul Mackerras */ 1787568cb4eSPaul Mackerras save_previous_kprobe(kcb); 1797568cb4eSPaul Mackerras set_current_kprobe(p, regs, kcb); 1807568cb4eSPaul Mackerras kcb->kprobe_saved_msr = regs->msr; 181bf8d5c52SKeshavamurthy Anil S kprobes_inc_nmissed_count(p); 1827568cb4eSPaul Mackerras prepare_singlestep(p, regs); 1837568cb4eSPaul Mackerras kcb->kprobe_status = KPROBE_REENTER; 1847568cb4eSPaul Mackerras return 1; 1857568cb4eSPaul Mackerras } else { 186eb3a7292SKeshavamurthy Anil S if (*addr != BREAKPOINT_INSTRUCTION) { 187eb3a7292SKeshavamurthy Anil S /* If trap variant, then it belongs not to us */ 188eb3a7292SKeshavamurthy Anil S kprobe_opcode_t cur_insn = *addr; 189eb3a7292SKeshavamurthy Anil S if (is_trap(cur_insn)) 190eb3a7292SKeshavamurthy Anil S goto no_kprobe; 191eb3a7292SKeshavamurthy Anil S /* The breakpoint instruction was removed by 192eb3a7292SKeshavamurthy Anil S * another cpu right after we hit, no further 193eb3a7292SKeshavamurthy Anil S * handling of this interrupt is appropriate 194eb3a7292SKeshavamurthy Anil S */ 195eb3a7292SKeshavamurthy Anil S ret = 1; 196eb3a7292SKeshavamurthy Anil S goto no_kprobe; 197eb3a7292SKeshavamurthy Anil S } 1987568cb4eSPaul Mackerras p = __get_cpu_var(current_kprobe); 1997568cb4eSPaul Mackerras if (p->break_handler && p->break_handler(p, regs)) { 2007568cb4eSPaul Mackerras goto ss_probe; 2017568cb4eSPaul Mackerras } 2027568cb4eSPaul Mackerras } 2037568cb4eSPaul Mackerras goto no_kprobe; 2047568cb4eSPaul Mackerras } 2057568cb4eSPaul Mackerras 2067568cb4eSPaul Mackerras p = get_kprobe(addr); 2077568cb4eSPaul Mackerras if (!p) { 2087568cb4eSPaul Mackerras if (*addr != BREAKPOINT_INSTRUCTION) { 2097568cb4eSPaul Mackerras /* 2107568cb4eSPaul Mackerras * PowerPC has multiple variants of the "trap" 2117568cb4eSPaul Mackerras * instruction. If the current instruction is a 2127568cb4eSPaul Mackerras * trap variant, it could belong to someone else 2137568cb4eSPaul Mackerras */ 2147568cb4eSPaul Mackerras kprobe_opcode_t cur_insn = *addr; 2157568cb4eSPaul Mackerras if (is_trap(cur_insn)) 2167568cb4eSPaul Mackerras goto no_kprobe; 2177568cb4eSPaul Mackerras /* 2187568cb4eSPaul Mackerras * The breakpoint instruction was removed right 2197568cb4eSPaul Mackerras * after we hit it. Another cpu has removed 2207568cb4eSPaul Mackerras * either a probepoint or a debugger breakpoint 2217568cb4eSPaul Mackerras * at this address. In either case, no further 2227568cb4eSPaul Mackerras * handling of this interrupt is appropriate. 2237568cb4eSPaul Mackerras */ 2247568cb4eSPaul Mackerras ret = 1; 2257568cb4eSPaul Mackerras } 2267568cb4eSPaul Mackerras /* Not one of ours: let kernel handle it */ 2277568cb4eSPaul Mackerras goto no_kprobe; 2287568cb4eSPaul Mackerras } 2297568cb4eSPaul Mackerras 2307568cb4eSPaul Mackerras kcb->kprobe_status = KPROBE_HIT_ACTIVE; 2317568cb4eSPaul Mackerras set_current_kprobe(p, regs, kcb); 2327568cb4eSPaul Mackerras if (p->pre_handler && p->pre_handler(p, regs)) 2337568cb4eSPaul Mackerras /* handler has already set things up, so skip ss setup */ 2347568cb4eSPaul Mackerras return 1; 2357568cb4eSPaul Mackerras 2367568cb4eSPaul Mackerras ss_probe: 237e6349a95SAnanth N Mavinakayanahalli if (p->ainsn.boostable >= 0) { 238e6349a95SAnanth N Mavinakayanahalli unsigned int insn = *p->ainsn.insn; 239e6349a95SAnanth N Mavinakayanahalli 240e6349a95SAnanth N Mavinakayanahalli /* regs->nip is also adjusted if emulate_step returns 1 */ 241e6349a95SAnanth N Mavinakayanahalli ret = emulate_step(regs, insn); 242e6349a95SAnanth N Mavinakayanahalli if (ret > 0) { 243e6349a95SAnanth N Mavinakayanahalli /* 244e6349a95SAnanth N Mavinakayanahalli * Once this instruction has been boosted 245e6349a95SAnanth N Mavinakayanahalli * successfully, set the boostable flag 246e6349a95SAnanth N Mavinakayanahalli */ 247e6349a95SAnanth N Mavinakayanahalli if (unlikely(p->ainsn.boostable == 0)) 248e6349a95SAnanth N Mavinakayanahalli p->ainsn.boostable = 1; 249e6349a95SAnanth N Mavinakayanahalli 250e6349a95SAnanth N Mavinakayanahalli if (p->post_handler) 251e6349a95SAnanth N Mavinakayanahalli p->post_handler(p, regs, 0); 252e6349a95SAnanth N Mavinakayanahalli 253e6349a95SAnanth N Mavinakayanahalli kcb->kprobe_status = KPROBE_HIT_SSDONE; 254e6349a95SAnanth N Mavinakayanahalli reset_current_kprobe(); 255e6349a95SAnanth N Mavinakayanahalli preempt_enable_no_resched(); 256e6349a95SAnanth N Mavinakayanahalli return 1; 257e6349a95SAnanth N Mavinakayanahalli } else if (ret < 0) { 258e6349a95SAnanth N Mavinakayanahalli /* 259e6349a95SAnanth N Mavinakayanahalli * We don't allow kprobes on mtmsr(d)/rfi(d), etc. 260e6349a95SAnanth N Mavinakayanahalli * So, we should never get here... but, its still 261e6349a95SAnanth N Mavinakayanahalli * good to catch them, just in case... 262e6349a95SAnanth N Mavinakayanahalli */ 263e6349a95SAnanth N Mavinakayanahalli printk("Can't step on instruction %x\n", insn); 264e6349a95SAnanth N Mavinakayanahalli BUG(); 265e6349a95SAnanth N Mavinakayanahalli } else if (ret == 0) 266e6349a95SAnanth N Mavinakayanahalli /* This instruction can't be boosted */ 267e6349a95SAnanth N Mavinakayanahalli p->ainsn.boostable = -1; 268e6349a95SAnanth N Mavinakayanahalli } 2697568cb4eSPaul Mackerras prepare_singlestep(p, regs); 2707568cb4eSPaul Mackerras kcb->kprobe_status = KPROBE_HIT_SS; 2717568cb4eSPaul Mackerras return 1; 2727568cb4eSPaul Mackerras 2737568cb4eSPaul Mackerras no_kprobe: 2747568cb4eSPaul Mackerras preempt_enable_no_resched(); 2757568cb4eSPaul Mackerras return ret; 2767568cb4eSPaul Mackerras } 2777568cb4eSPaul Mackerras 2787568cb4eSPaul Mackerras /* 2797568cb4eSPaul Mackerras * Function return probe trampoline: 2807568cb4eSPaul Mackerras * - init_kprobes() establishes a probepoint here 2817568cb4eSPaul Mackerras * - When the probed function returns, this probe 2827568cb4eSPaul Mackerras * causes the handlers to fire 2837568cb4eSPaul Mackerras */ 2847568cb4eSPaul Mackerras void kretprobe_trampoline_holder(void) 2857568cb4eSPaul Mackerras { 2867568cb4eSPaul Mackerras asm volatile(".global kretprobe_trampoline\n" 2877568cb4eSPaul Mackerras "kretprobe_trampoline:\n" 2887568cb4eSPaul Mackerras "nop\n"); 2897568cb4eSPaul Mackerras } 2907568cb4eSPaul Mackerras 2917568cb4eSPaul Mackerras /* 2927568cb4eSPaul Mackerras * Called when the probe at kretprobe trampoline is hit 2937568cb4eSPaul Mackerras */ 2947568cb4eSPaul Mackerras int __kprobes trampoline_probe_handler(struct kprobe *p, struct pt_regs *regs) 2957568cb4eSPaul Mackerras { 2967568cb4eSPaul Mackerras struct kretprobe_instance *ri = NULL; 29799219a3fSbibo,mao struct hlist_head *head, empty_rp; 2987568cb4eSPaul Mackerras struct hlist_node *node, *tmp; 2997568cb4eSPaul Mackerras unsigned long flags, orig_ret_address = 0; 3007568cb4eSPaul Mackerras unsigned long trampoline_address =(unsigned long)&kretprobe_trampoline; 3017568cb4eSPaul Mackerras 30299219a3fSbibo,mao INIT_HLIST_HEAD(&empty_rp); 3037568cb4eSPaul Mackerras spin_lock_irqsave(&kretprobe_lock, flags); 3047568cb4eSPaul Mackerras head = kretprobe_inst_table_head(current); 3057568cb4eSPaul Mackerras 3067568cb4eSPaul Mackerras /* 3077568cb4eSPaul Mackerras * It is possible to have multiple instances associated with a given 3087568cb4eSPaul Mackerras * task either because an multiple functions in the call path 3097568cb4eSPaul Mackerras * have a return probe installed on them, and/or more then one return 3107568cb4eSPaul Mackerras * return probe was registered for a target function. 3117568cb4eSPaul Mackerras * 3127568cb4eSPaul Mackerras * We can handle this because: 3137568cb4eSPaul Mackerras * - instances are always inserted at the head of the list 3147568cb4eSPaul Mackerras * - when multiple return probes are registered for the same 3157568cb4eSPaul Mackerras * function, the first instance's ret_addr will point to the 3167568cb4eSPaul Mackerras * real return address, and all the rest will point to 3177568cb4eSPaul Mackerras * kretprobe_trampoline 3187568cb4eSPaul Mackerras */ 3197568cb4eSPaul Mackerras hlist_for_each_entry_safe(ri, node, tmp, head, hlist) { 3207568cb4eSPaul Mackerras if (ri->task != current) 3217568cb4eSPaul Mackerras /* another task is sharing our hash bucket */ 3227568cb4eSPaul Mackerras continue; 3237568cb4eSPaul Mackerras 3247568cb4eSPaul Mackerras if (ri->rp && ri->rp->handler) 3257568cb4eSPaul Mackerras ri->rp->handler(ri, regs); 3267568cb4eSPaul Mackerras 3277568cb4eSPaul Mackerras orig_ret_address = (unsigned long)ri->ret_addr; 32899219a3fSbibo,mao recycle_rp_inst(ri, &empty_rp); 3297568cb4eSPaul Mackerras 3307568cb4eSPaul Mackerras if (orig_ret_address != trampoline_address) 3317568cb4eSPaul Mackerras /* 3327568cb4eSPaul Mackerras * This is the real return address. Any other 3337568cb4eSPaul Mackerras * instances associated with this task are for 3347568cb4eSPaul Mackerras * other calls deeper on the call stack 3357568cb4eSPaul Mackerras */ 3367568cb4eSPaul Mackerras break; 3377568cb4eSPaul Mackerras } 3387568cb4eSPaul Mackerras 339*0f95b7fcSAnanth N Mavinakayanahalli kretprobe_assert(ri, orig_ret_address, trampoline_address); 3407568cb4eSPaul Mackerras regs->nip = orig_ret_address; 3417568cb4eSPaul Mackerras 3427568cb4eSPaul Mackerras reset_current_kprobe(); 3437568cb4eSPaul Mackerras spin_unlock_irqrestore(&kretprobe_lock, flags); 3447568cb4eSPaul Mackerras preempt_enable_no_resched(); 3457568cb4eSPaul Mackerras 34699219a3fSbibo,mao hlist_for_each_entry_safe(ri, node, tmp, &empty_rp, hlist) { 34799219a3fSbibo,mao hlist_del(&ri->hlist); 34899219a3fSbibo,mao kfree(ri); 34999219a3fSbibo,mao } 3507568cb4eSPaul Mackerras /* 3517568cb4eSPaul Mackerras * By returning a non-zero value, we are telling 3527568cb4eSPaul Mackerras * kprobe_handler() that we don't want the post_handler 3537568cb4eSPaul Mackerras * to run (and have re-enabled preemption) 3547568cb4eSPaul Mackerras */ 3557568cb4eSPaul Mackerras return 1; 3567568cb4eSPaul Mackerras } 3577568cb4eSPaul Mackerras 3587568cb4eSPaul Mackerras /* 3597568cb4eSPaul Mackerras * Called after single-stepping. p->addr is the address of the 3607568cb4eSPaul Mackerras * instruction whose first byte has been replaced by the "breakpoint" 3617568cb4eSPaul Mackerras * instruction. To avoid the SMP problems that can occur when we 3627568cb4eSPaul Mackerras * temporarily put back the original opcode to single-step, we 3637568cb4eSPaul Mackerras * single-stepped a copy of the instruction. The address of this 3647568cb4eSPaul Mackerras * copy is p->ainsn.insn. 3657568cb4eSPaul Mackerras */ 3667568cb4eSPaul Mackerras static void __kprobes resume_execution(struct kprobe *p, struct pt_regs *regs) 3677568cb4eSPaul Mackerras { 3687568cb4eSPaul Mackerras int ret; 3697568cb4eSPaul Mackerras unsigned int insn = *p->ainsn.insn; 3707568cb4eSPaul Mackerras 3717568cb4eSPaul Mackerras regs->nip = (unsigned long)p->addr; 3727568cb4eSPaul Mackerras ret = emulate_step(regs, insn); 3737568cb4eSPaul Mackerras if (ret == 0) 3747568cb4eSPaul Mackerras regs->nip = (unsigned long)p->addr + 4; 3757568cb4eSPaul Mackerras } 3767568cb4eSPaul Mackerras 37746dbe2f4SPrasanna S Panchamukhi static int __kprobes post_kprobe_handler(struct pt_regs *regs) 3787568cb4eSPaul Mackerras { 3797568cb4eSPaul Mackerras struct kprobe *cur = kprobe_running(); 3807568cb4eSPaul Mackerras struct kprobe_ctlblk *kcb = get_kprobe_ctlblk(); 3817568cb4eSPaul Mackerras 3827568cb4eSPaul Mackerras if (!cur) 3837568cb4eSPaul Mackerras return 0; 3847568cb4eSPaul Mackerras 3857568cb4eSPaul Mackerras if ((kcb->kprobe_status != KPROBE_REENTER) && cur->post_handler) { 3867568cb4eSPaul Mackerras kcb->kprobe_status = KPROBE_HIT_SSDONE; 3877568cb4eSPaul Mackerras cur->post_handler(cur, regs, 0); 3887568cb4eSPaul Mackerras } 3897568cb4eSPaul Mackerras 3907568cb4eSPaul Mackerras resume_execution(cur, regs); 3917568cb4eSPaul Mackerras regs->msr |= kcb->kprobe_saved_msr; 3927568cb4eSPaul Mackerras 3937568cb4eSPaul Mackerras /*Restore back the original saved kprobes variables and continue. */ 3947568cb4eSPaul Mackerras if (kcb->kprobe_status == KPROBE_REENTER) { 3957568cb4eSPaul Mackerras restore_previous_kprobe(kcb); 3967568cb4eSPaul Mackerras goto out; 3977568cb4eSPaul Mackerras } 3987568cb4eSPaul Mackerras reset_current_kprobe(); 3997568cb4eSPaul Mackerras out: 4007568cb4eSPaul Mackerras preempt_enable_no_resched(); 4017568cb4eSPaul Mackerras 4027568cb4eSPaul Mackerras /* 4037568cb4eSPaul Mackerras * if somebody else is singlestepping across a probe point, msr 4047568cb4eSPaul Mackerras * will have SE set, in which case, continue the remaining processing 4057568cb4eSPaul Mackerras * of do_debug, as if this is not a probe hit. 4067568cb4eSPaul Mackerras */ 4077568cb4eSPaul Mackerras if (regs->msr & MSR_SE) 4087568cb4eSPaul Mackerras return 0; 4097568cb4eSPaul Mackerras 4107568cb4eSPaul Mackerras return 1; 4117568cb4eSPaul Mackerras } 4127568cb4eSPaul Mackerras 41346dbe2f4SPrasanna S Panchamukhi static int __kprobes kprobe_fault_handler(struct pt_regs *regs, int trapnr) 4147568cb4eSPaul Mackerras { 4157568cb4eSPaul Mackerras struct kprobe *cur = kprobe_running(); 4167568cb4eSPaul Mackerras struct kprobe_ctlblk *kcb = get_kprobe_ctlblk(); 41750e21f2bSPrasanna S Panchamukhi const struct exception_table_entry *entry; 4187568cb4eSPaul Mackerras 41950e21f2bSPrasanna S Panchamukhi switch(kcb->kprobe_status) { 42050e21f2bSPrasanna S Panchamukhi case KPROBE_HIT_SS: 42150e21f2bSPrasanna S Panchamukhi case KPROBE_REENTER: 42250e21f2bSPrasanna S Panchamukhi /* 42350e21f2bSPrasanna S Panchamukhi * We are here because the instruction being single 42450e21f2bSPrasanna S Panchamukhi * stepped caused a page fault. We reset the current 42550e21f2bSPrasanna S Panchamukhi * kprobe and the nip points back to the probe address 42650e21f2bSPrasanna S Panchamukhi * and allow the page fault handler to continue as a 42750e21f2bSPrasanna S Panchamukhi * normal page fault. 42850e21f2bSPrasanna S Panchamukhi */ 42950e21f2bSPrasanna S Panchamukhi regs->nip = (unsigned long)cur->addr; 43050e21f2bSPrasanna S Panchamukhi regs->msr &= ~MSR_SE; 43150e21f2bSPrasanna S Panchamukhi regs->msr |= kcb->kprobe_saved_msr; 43250e21f2bSPrasanna S Panchamukhi if (kcb->kprobe_status == KPROBE_REENTER) 43350e21f2bSPrasanna S Panchamukhi restore_previous_kprobe(kcb); 43450e21f2bSPrasanna S Panchamukhi else 43550e21f2bSPrasanna S Panchamukhi reset_current_kprobe(); 43650e21f2bSPrasanna S Panchamukhi preempt_enable_no_resched(); 43750e21f2bSPrasanna S Panchamukhi break; 43850e21f2bSPrasanna S Panchamukhi case KPROBE_HIT_ACTIVE: 43950e21f2bSPrasanna S Panchamukhi case KPROBE_HIT_SSDONE: 44050e21f2bSPrasanna S Panchamukhi /* 44150e21f2bSPrasanna S Panchamukhi * We increment the nmissed count for accounting, 44250e21f2bSPrasanna S Panchamukhi * we can also use npre/npostfault count for accouting 44350e21f2bSPrasanna S Panchamukhi * these specific fault cases. 44450e21f2bSPrasanna S Panchamukhi */ 44550e21f2bSPrasanna S Panchamukhi kprobes_inc_nmissed_count(cur); 44650e21f2bSPrasanna S Panchamukhi 44750e21f2bSPrasanna S Panchamukhi /* 44850e21f2bSPrasanna S Panchamukhi * We come here because instructions in the pre/post 44950e21f2bSPrasanna S Panchamukhi * handler caused the page_fault, this could happen 45050e21f2bSPrasanna S Panchamukhi * if handler tries to access user space by 45150e21f2bSPrasanna S Panchamukhi * copy_from_user(), get_user() etc. Let the 45250e21f2bSPrasanna S Panchamukhi * user-specified handler try to fix it first. 45350e21f2bSPrasanna S Panchamukhi */ 4547568cb4eSPaul Mackerras if (cur->fault_handler && cur->fault_handler(cur, regs, trapnr)) 4557568cb4eSPaul Mackerras return 1; 4567568cb4eSPaul Mackerras 45750e21f2bSPrasanna S Panchamukhi /* 45850e21f2bSPrasanna S Panchamukhi * In case the user-specified fault handler returned 45950e21f2bSPrasanna S Panchamukhi * zero, try to fix up. 46050e21f2bSPrasanna S Panchamukhi */ 46150e21f2bSPrasanna S Panchamukhi if ((entry = search_exception_tables(regs->nip)) != NULL) { 46250e21f2bSPrasanna S Panchamukhi regs->nip = entry->fixup; 46350e21f2bSPrasanna S Panchamukhi return 1; 46450e21f2bSPrasanna S Panchamukhi } 4657568cb4eSPaul Mackerras 46650e21f2bSPrasanna S Panchamukhi /* 46750e21f2bSPrasanna S Panchamukhi * fixup_exception() could not handle it, 46850e21f2bSPrasanna S Panchamukhi * Let do_page_fault() fix it. 46950e21f2bSPrasanna S Panchamukhi */ 47050e21f2bSPrasanna S Panchamukhi break; 47150e21f2bSPrasanna S Panchamukhi default: 47250e21f2bSPrasanna S Panchamukhi break; 4737568cb4eSPaul Mackerras } 4747568cb4eSPaul Mackerras return 0; 4757568cb4eSPaul Mackerras } 4767568cb4eSPaul Mackerras 4777568cb4eSPaul Mackerras /* 4787568cb4eSPaul Mackerras * Wrapper routine to for handling exceptions. 4797568cb4eSPaul Mackerras */ 4807568cb4eSPaul Mackerras int __kprobes kprobe_exceptions_notify(struct notifier_block *self, 4817568cb4eSPaul Mackerras unsigned long val, void *data) 4827568cb4eSPaul Mackerras { 4837568cb4eSPaul Mackerras struct die_args *args = (struct die_args *)data; 4847568cb4eSPaul Mackerras int ret = NOTIFY_DONE; 4857568cb4eSPaul Mackerras 4862326c770Sbibo,mao if (args->regs && user_mode(args->regs)) 4872326c770Sbibo,mao return ret; 4882326c770Sbibo,mao 4897568cb4eSPaul Mackerras switch (val) { 4907568cb4eSPaul Mackerras case DIE_BPT: 4917568cb4eSPaul Mackerras if (kprobe_handler(args->regs)) 4927568cb4eSPaul Mackerras ret = NOTIFY_STOP; 4937568cb4eSPaul Mackerras break; 4947568cb4eSPaul Mackerras case DIE_SSTEP: 4957568cb4eSPaul Mackerras if (post_kprobe_handler(args->regs)) 4967568cb4eSPaul Mackerras ret = NOTIFY_STOP; 4977568cb4eSPaul Mackerras break; 4987568cb4eSPaul Mackerras case DIE_PAGE_FAULT: 4997568cb4eSPaul Mackerras /* kprobe_running() needs smp_processor_id() */ 5007568cb4eSPaul Mackerras preempt_disable(); 5017568cb4eSPaul Mackerras if (kprobe_running() && 5027568cb4eSPaul Mackerras kprobe_fault_handler(args->regs, args->trapnr)) 5037568cb4eSPaul Mackerras ret = NOTIFY_STOP; 5047568cb4eSPaul Mackerras preempt_enable(); 5057568cb4eSPaul Mackerras break; 5067568cb4eSPaul Mackerras default: 5077568cb4eSPaul Mackerras break; 5087568cb4eSPaul Mackerras } 5097568cb4eSPaul Mackerras return ret; 5107568cb4eSPaul Mackerras } 5117568cb4eSPaul Mackerras 5127568cb4eSPaul Mackerras int __kprobes setjmp_pre_handler(struct kprobe *p, struct pt_regs *regs) 5137568cb4eSPaul Mackerras { 5147568cb4eSPaul Mackerras struct jprobe *jp = container_of(p, struct jprobe, kp); 5157568cb4eSPaul Mackerras struct kprobe_ctlblk *kcb = get_kprobe_ctlblk(); 5167568cb4eSPaul Mackerras 5177568cb4eSPaul Mackerras memcpy(&kcb->jprobe_saved_regs, regs, sizeof(struct pt_regs)); 5187568cb4eSPaul Mackerras 5197568cb4eSPaul Mackerras /* setup return addr to the jprobe handler routine */ 52082090035SKumar Gala #ifdef CONFIG_PPC64 5217568cb4eSPaul Mackerras regs->nip = (unsigned long)(((func_descr_t *)jp->entry)->entry); 5227568cb4eSPaul Mackerras regs->gpr[2] = (unsigned long)(((func_descr_t *)jp->entry)->toc); 52382090035SKumar Gala #else 52482090035SKumar Gala regs->nip = (unsigned long)jp->entry; 52582090035SKumar Gala #endif 5267568cb4eSPaul Mackerras 5277568cb4eSPaul Mackerras return 1; 5287568cb4eSPaul Mackerras } 5297568cb4eSPaul Mackerras 5307568cb4eSPaul Mackerras void __kprobes jprobe_return(void) 5317568cb4eSPaul Mackerras { 5327568cb4eSPaul Mackerras asm volatile("trap" ::: "memory"); 5337568cb4eSPaul Mackerras } 5347568cb4eSPaul Mackerras 5357568cb4eSPaul Mackerras void __kprobes jprobe_return_end(void) 5367568cb4eSPaul Mackerras { 5377568cb4eSPaul Mackerras }; 5387568cb4eSPaul Mackerras 5397568cb4eSPaul Mackerras int __kprobes longjmp_break_handler(struct kprobe *p, struct pt_regs *regs) 5407568cb4eSPaul Mackerras { 5417568cb4eSPaul Mackerras struct kprobe_ctlblk *kcb = get_kprobe_ctlblk(); 5427568cb4eSPaul Mackerras 5437568cb4eSPaul Mackerras /* 5447568cb4eSPaul Mackerras * FIXME - we should ideally be validating that we got here 'cos 5457568cb4eSPaul Mackerras * of the "trap" in jprobe_return() above, before restoring the 5467568cb4eSPaul Mackerras * saved regs... 5477568cb4eSPaul Mackerras */ 5487568cb4eSPaul Mackerras memcpy(regs, &kcb->jprobe_saved_regs, sizeof(struct pt_regs)); 5497568cb4eSPaul Mackerras preempt_enable_no_resched(); 5507568cb4eSPaul Mackerras return 1; 5517568cb4eSPaul Mackerras } 5527568cb4eSPaul Mackerras 5537568cb4eSPaul Mackerras static struct kprobe trampoline_p = { 5547568cb4eSPaul Mackerras .addr = (kprobe_opcode_t *) &kretprobe_trampoline, 5557568cb4eSPaul Mackerras .pre_handler = trampoline_probe_handler 5567568cb4eSPaul Mackerras }; 5577568cb4eSPaul Mackerras 5587568cb4eSPaul Mackerras int __init arch_init_kprobes(void) 5597568cb4eSPaul Mackerras { 5607568cb4eSPaul Mackerras return register_kprobe(&trampoline_p); 5617568cb4eSPaul Mackerras } 562