xref: /linux/arch/s390/kernel/traps.c (revision 79d2e1919a2728ef49d938eb20ebd5903c14dfb0) 
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *  S390 version
4  *    Copyright IBM Corp. 1999, 2000
5  *    Author(s): Martin Schwidefsky (schwidefsky@de.ibm.com),
6  *               Denis Joseph Barrow (djbarrow@de.ibm.com,barrow_dj@yahoo.com),
7  *
8  *  Derived from "arch/i386/kernel/traps.c"
9  *    Copyright (C) 1991, 1992 Linus Torvalds
10  */
11 
12 /*
13  * 'Traps.c' handles hardware traps and faults after we have saved some
14  * state in 'asm.s'.
15  */
16 #include "asm/irqflags.h"
17 #include "asm/ptrace.h"
18 #include <linux/kprobes.h>
19 #include <linux/kdebug.h>
20 #include <linux/randomize_kstack.h>
21 #include <linux/extable.h>
22 #include <linux/ptrace.h>
23 #include <linux/sched.h>
24 #include <linux/sched/debug.h>
25 #include <linux/mm.h>
26 #include <linux/slab.h>
27 #include <linux/uaccess.h>
28 #include <linux/cpu.h>
29 #include <linux/entry-common.h>
30 #include <linux/kmsan.h>
31 #include <asm/asm-extable.h>
32 #include <asm/vtime.h>
33 #include <asm/fpu.h>
34 #include <asm/fault.h>
35 #include "entry.h"
36 
37 static inline void __user *get_trap_ip(struct pt_regs *regs)
38 {
39 	unsigned long address;
40 
41 	if (regs->int_code & 0x200)
42 		address = current->thread.trap_tdb.data[3];
43 	else
44 		address = regs->psw.addr;
45 	return (void __user *) (address - (regs->int_code >> 16));
46 }
47 
48 #ifdef CONFIG_GENERIC_BUG
49 int is_valid_bugaddr(unsigned long addr)
50 {
51 	return 1;
52 }
53 #endif
54 
55 void do_report_trap(struct pt_regs *regs, int si_signo, int si_code, char *str)
56 {
57 	if (user_mode(regs)) {
58 		force_sig_fault(si_signo, si_code, get_trap_ip(regs));
59 		report_user_fault(regs, si_signo, 0);
60         } else {
61 		if (!fixup_exception(regs))
62 			die(regs, str);
63         }
64 }
65 
66 static void do_trap(struct pt_regs *regs, int si_signo, int si_code, char *str)
67 {
68 	if (notify_die(DIE_TRAP, str, regs, 0,
69 		       regs->int_code, si_signo) == NOTIFY_STOP)
70 		return;
71 	do_report_trap(regs, si_signo, si_code, str);
72 }
73 NOKPROBE_SYMBOL(do_trap);
74 
75 void do_per_trap(struct pt_regs *regs)
76 {
77 	if (notify_die(DIE_SSTEP, "sstep", regs, 0, 0, SIGTRAP) == NOTIFY_STOP)
78 		return;
79 	if (!current->ptrace)
80 		return;
81 	force_sig_fault(SIGTRAP, TRAP_HWBKPT,
82 		(void __force __user *) current->thread.per_event.address);
83 }
84 NOKPROBE_SYMBOL(do_per_trap);
85 
86 static void default_trap_handler(struct pt_regs *regs)
87 {
88 	if (user_mode(regs)) {
89 		report_user_fault(regs, SIGSEGV, 0);
90 		force_exit_sig(SIGSEGV);
91 	} else
92 		die(regs, "Unknown program exception");
93 }
94 
95 #define DO_ERROR_INFO(name, signr, sicode, str) \
96 static void name(struct pt_regs *regs)		\
97 {						\
98 	do_trap(regs, signr, sicode, str);	\
99 }
100 
101 DO_ERROR_INFO(addressing_exception, SIGILL, ILL_ILLADR,
102 	      "addressing exception")
103 DO_ERROR_INFO(execute_exception, SIGILL, ILL_ILLOPN,
104 	      "execute exception")
105 DO_ERROR_INFO(divide_exception, SIGFPE, FPE_INTDIV,
106 	      "fixpoint divide exception")
107 DO_ERROR_INFO(overflow_exception, SIGFPE, FPE_INTOVF,
108 	      "fixpoint overflow exception")
109 DO_ERROR_INFO(hfp_overflow_exception, SIGFPE, FPE_FLTOVF,
110 	      "HFP overflow exception")
111 DO_ERROR_INFO(hfp_underflow_exception, SIGFPE, FPE_FLTUND,
112 	      "HFP underflow exception")
113 DO_ERROR_INFO(hfp_significance_exception, SIGFPE, FPE_FLTRES,
114 	      "HFP significance exception")
115 DO_ERROR_INFO(hfp_divide_exception, SIGFPE, FPE_FLTDIV,
116 	      "HFP divide exception")
117 DO_ERROR_INFO(hfp_sqrt_exception, SIGFPE, FPE_FLTINV,
118 	      "HFP square root exception")
119 DO_ERROR_INFO(operand_exception, SIGILL, ILL_ILLOPN,
120 	      "operand exception")
121 DO_ERROR_INFO(privileged_op, SIGILL, ILL_PRVOPC,
122 	      "privileged operation")
123 DO_ERROR_INFO(special_op_exception, SIGILL, ILL_ILLOPN,
124 	      "special operation exception")
125 DO_ERROR_INFO(transaction_exception, SIGILL, ILL_ILLOPN,
126 	      "transaction constraint exception")
127 
128 static inline void do_fp_trap(struct pt_regs *regs, __u32 fpc)
129 {
130 	int si_code = 0;
131 	/* FPC[2] is Data Exception Code */
132 	if ((fpc & 0x00000300) == 0) {
133 		/* bits 6 and 7 of DXC are 0 iff IEEE exception */
134 		if (fpc & 0x8000) /* invalid fp operation */
135 			si_code = FPE_FLTINV;
136 		else if (fpc & 0x4000) /* div by 0 */
137 			si_code = FPE_FLTDIV;
138 		else if (fpc & 0x2000) /* overflow */
139 			si_code = FPE_FLTOVF;
140 		else if (fpc & 0x1000) /* underflow */
141 			si_code = FPE_FLTUND;
142 		else if (fpc & 0x0800) /* inexact */
143 			si_code = FPE_FLTRES;
144 	}
145 	do_trap(regs, SIGFPE, si_code, "floating point exception");
146 }
147 
148 static void translation_specification_exception(struct pt_regs *regs)
149 {
150 	/* May never happen. */
151 	panic("Translation-Specification Exception");
152 }
153 
154 static void illegal_op(struct pt_regs *regs)
155 {
156         __u8 opcode[6];
157 	__u16 __user *location;
158 	int is_uprobe_insn = 0;
159 	int signal = 0;
160 
161 	location = get_trap_ip(regs);
162 
163 	if (user_mode(regs)) {
164 		if (get_user(*((__u16 *) opcode), (__u16 __user *) location))
165 			return;
166 		if (*((__u16 *) opcode) == S390_BREAKPOINT_U16) {
167 			if (current->ptrace)
168 				force_sig_fault(SIGTRAP, TRAP_BRKPT, location);
169 			else
170 				signal = SIGILL;
171 #ifdef CONFIG_UPROBES
172 		} else if (*((__u16 *) opcode) == UPROBE_SWBP_INSN) {
173 			is_uprobe_insn = 1;
174 #endif
175 		} else
176 			signal = SIGILL;
177 	}
178 	/*
179 	 * We got either an illegal op in kernel mode, or user space trapped
180 	 * on a uprobes illegal instruction. See if kprobes or uprobes picks
181 	 * it up. If not, SIGILL.
182 	 */
183 	if (is_uprobe_insn || !user_mode(regs)) {
184 		if (notify_die(DIE_BPT, "bpt", regs, 0,
185 			       3, SIGTRAP) != NOTIFY_STOP)
186 			signal = SIGILL;
187 	}
188 	if (signal)
189 		do_trap(regs, signal, ILL_ILLOPC, "illegal operation");
190 }
191 NOKPROBE_SYMBOL(illegal_op);
192 
193 DO_ERROR_INFO(specification_exception, SIGILL, ILL_ILLOPN,
194 	      "specification exception");
195 
196 static void vector_exception(struct pt_regs *regs)
197 {
198 	int si_code, vic;
199 
200 	if (!cpu_has_vx()) {
201 		do_trap(regs, SIGILL, ILL_ILLOPN, "illegal operation");
202 		return;
203 	}
204 
205 	/* get vector interrupt code from fpc */
206 	save_user_fpu_regs();
207 	vic = (current->thread.ufpu.fpc & 0xf00) >> 8;
208 	switch (vic) {
209 	case 1: /* invalid vector operation */
210 		si_code = FPE_FLTINV;
211 		break;
212 	case 2: /* division by zero */
213 		si_code = FPE_FLTDIV;
214 		break;
215 	case 3: /* overflow */
216 		si_code = FPE_FLTOVF;
217 		break;
218 	case 4: /* underflow */
219 		si_code = FPE_FLTUND;
220 		break;
221 	case 5:	/* inexact */
222 		si_code = FPE_FLTRES;
223 		break;
224 	default: /* unknown cause */
225 		si_code = 0;
226 	}
227 	do_trap(regs, SIGFPE, si_code, "vector exception");
228 }
229 
230 static void data_exception(struct pt_regs *regs)
231 {
232 	save_user_fpu_regs();
233 	if (current->thread.ufpu.fpc & FPC_DXC_MASK)
234 		do_fp_trap(regs, current->thread.ufpu.fpc);
235 	else
236 		do_trap(regs, SIGILL, ILL_ILLOPN, "data exception");
237 }
238 
239 static void space_switch_exception(struct pt_regs *regs)
240 {
241 	/* Set user psw back to home space mode. */
242 	if (user_mode(regs))
243 		regs->psw.mask |= PSW_ASC_HOME;
244 	/* Send SIGILL. */
245 	do_trap(regs, SIGILL, ILL_PRVOPC, "space switch event");
246 }
247 
248 static void monitor_event_exception(struct pt_regs *regs)
249 {
250 	if (user_mode(regs))
251 		return;
252 
253 	switch (report_bug(regs->psw.addr - (regs->int_code >> 16), regs)) {
254 	case BUG_TRAP_TYPE_NONE:
255 		fixup_exception(regs);
256 		break;
257 	case BUG_TRAP_TYPE_WARN:
258 		break;
259 	case BUG_TRAP_TYPE_BUG:
260 		die(regs, "monitor event");
261 		break;
262 	}
263 }
264 
265 void kernel_stack_overflow(struct pt_regs *regs)
266 {
267 	/*
268 	 * Normally regs are unpoisoned by the generic entry code, but
269 	 * kernel_stack_overflow() is a rare case that is called bypassing it.
270 	 */
271 	kmsan_unpoison_entry_regs(regs);
272 	bust_spinlocks(1);
273 	printk("Kernel stack overflow.\n");
274 	show_regs(regs);
275 	bust_spinlocks(0);
276 	panic("Corrupt kernel stack, can't continue.");
277 }
278 NOKPROBE_SYMBOL(kernel_stack_overflow);
279 
280 static void __init test_monitor_call(void)
281 {
282 	int val = 1;
283 
284 	if (!IS_ENABLED(CONFIG_BUG))
285 		return;
286 	asm volatile(
287 		"	mc	0,0\n"
288 		"0:	xgr	%0,%0\n"
289 		"1:\n"
290 		EX_TABLE(0b,1b)
291 		: "+d" (val));
292 	if (!val)
293 		panic("Monitor call doesn't work!\n");
294 }
295 
296 void __init trap_init(void)
297 {
298 	struct lowcore *lc = get_lowcore();
299 	unsigned long flags;
300 	struct ctlreg cr0;
301 
302 	local_irq_save(flags);
303 	cr0 = local_ctl_clear_bit(0, CR0_LOW_ADDRESS_PROTECTION_BIT);
304 	psw_bits(lc->external_new_psw).mcheck = 1;
305 	psw_bits(lc->program_new_psw).mcheck = 1;
306 	psw_bits(lc->svc_new_psw).mcheck = 1;
307 	psw_bits(lc->io_new_psw).mcheck = 1;
308 	local_ctl_load(0, &cr0);
309 	local_irq_restore(flags);
310 	local_mcck_enable();
311 	test_monitor_call();
312 }
313 
314 static void (*pgm_check_table[128])(struct pt_regs *regs);
315 
316 void noinstr __do_pgm_check(struct pt_regs *regs)
317 {
318 	struct lowcore *lc = get_lowcore();
319 	irqentry_state_t state;
320 	unsigned int trapnr;
321 	union teid teid;
322 
323 	teid.val = lc->trans_exc_code;
324 	regs->int_code = lc->pgm_int_code;
325 	regs->int_parm_long = teid.val;
326 
327 	/*
328 	 * In case of a guest fault, short-circuit the fault handler and return.
329 	 * This way the sie64a() function will return 0; fault address and
330 	 * other relevant bits are saved in current->thread.gmap_teid, and
331 	 * the fault number in current->thread.gmap_int_code. KVM will be
332 	 * able to use this information to handle the fault.
333 	 */
334 	if (test_pt_regs_flag(regs, PIF_GUEST_FAULT)) {
335 		current->thread.gmap_teid.val = regs->int_parm_long;
336 		current->thread.gmap_int_code = regs->int_code & 0xffff;
337 		return;
338 	}
339 
340 	state = irqentry_enter(regs);
341 
342 	if (user_mode(regs)) {
343 		update_timer_sys();
344 		if (!static_branch_likely(&cpu_has_bear)) {
345 			if (regs->last_break < 4096)
346 				regs->last_break = 1;
347 		}
348 		current->thread.last_break = regs->last_break;
349 	}
350 
351 	if (lc->pgm_code & 0x0200) {
352 		/* transaction abort */
353 		current->thread.trap_tdb = lc->pgm_tdb;
354 	}
355 
356 	if (lc->pgm_code & PGM_INT_CODE_PER) {
357 		if (user_mode(regs)) {
358 			struct per_event *ev = &current->thread.per_event;
359 
360 			set_thread_flag(TIF_PER_TRAP);
361 			ev->address = lc->per_address;
362 			ev->cause = lc->per_code_combined;
363 			ev->paid = lc->per_access_id;
364 		} else {
365 			/* PER event in kernel is kprobes */
366 			__arch_local_irq_ssm(regs->psw.mask & ~PSW_MASK_PER);
367 			do_per_trap(regs);
368 			goto out;
369 		}
370 	}
371 
372 	if (!irqs_disabled_flags(regs->psw.mask))
373 		trace_hardirqs_on();
374 	__arch_local_irq_ssm(regs->psw.mask & ~PSW_MASK_PER);
375 
376 	trapnr = regs->int_code & PGM_INT_CODE_MASK;
377 	if (trapnr)
378 		pgm_check_table[trapnr](regs);
379 out:
380 	local_irq_disable();
381 	irqentry_exit(regs, state);
382 }
383 
384 /*
385  * The program check table contains exactly 128 (0x00-0x7f) entries. Each
386  * line defines the function to be called corresponding to the program check
387  * interruption code.
388  */
389 static void (*pgm_check_table[128])(struct pt_regs *regs) = {
390 	[0x00]		= default_trap_handler,
391 	[0x01]		= illegal_op,
392 	[0x02]		= privileged_op,
393 	[0x03]		= execute_exception,
394 	[0x04]		= do_protection_exception,
395 	[0x05]		= addressing_exception,
396 	[0x06]		= specification_exception,
397 	[0x07]		= data_exception,
398 	[0x08]		= overflow_exception,
399 	[0x09]		= divide_exception,
400 	[0x0a]		= overflow_exception,
401 	[0x0b]		= divide_exception,
402 	[0x0c]		= hfp_overflow_exception,
403 	[0x0d]		= hfp_underflow_exception,
404 	[0x0e]		= hfp_significance_exception,
405 	[0x0f]		= hfp_divide_exception,
406 	[0x10]		= do_dat_exception,
407 	[0x11]		= do_dat_exception,
408 	[0x12]		= translation_specification_exception,
409 	[0x13]		= special_op_exception,
410 	[0x14]		= default_trap_handler,
411 	[0x15]		= operand_exception,
412 	[0x16]		= default_trap_handler,
413 	[0x17]		= default_trap_handler,
414 	[0x18]		= transaction_exception,
415 	[0x19]		= default_trap_handler,
416 	[0x1a]		= default_trap_handler,
417 	[0x1b]		= vector_exception,
418 	[0x1c]		= space_switch_exception,
419 	[0x1d]		= hfp_sqrt_exception,
420 	[0x1e ... 0x37] = default_trap_handler,
421 	[0x38]		= do_dat_exception,
422 	[0x39]		= do_dat_exception,
423 	[0x3a]		= do_dat_exception,
424 	[0x3b]		= do_dat_exception,
425 	[0x3c]		= default_trap_handler,
426 	[0x3d]		= do_secure_storage_access,
427 	[0x3e]		= default_trap_handler,
428 	[0x3f]		= default_trap_handler,
429 	[0x40]		= monitor_event_exception,
430 	[0x41 ... 0x7f] = default_trap_handler,
431 };
432 
433 #define COND_TRAP(x) asm(			\
434 	".weak " __stringify(x) "\n\t"		\
435 	".set  " __stringify(x) ","		\
436 	__stringify(default_trap_handler))
437 
438 COND_TRAP(do_secure_storage_access);
439