1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * S390 version 4 * Copyright IBM Corp. 1999, 2000 5 * Author(s): Martin Schwidefsky (schwidefsky@de.ibm.com), 6 * Denis Joseph Barrow (djbarrow@de.ibm.com,barrow_dj@yahoo.com), 7 * 8 * Derived from "arch/i386/kernel/traps.c" 9 * Copyright (C) 1991, 1992 Linus Torvalds 10 */ 11 12 /* 13 * 'Traps.c' handles hardware traps and faults after we have saved some 14 * state in 'asm.s'. 15 */ 16 #include "asm/irqflags.h" 17 #include "asm/ptrace.h" 18 #include <linux/kprobes.h> 19 #include <linux/kdebug.h> 20 #include <linux/randomize_kstack.h> 21 #include <linux/extable.h> 22 #include <linux/ptrace.h> 23 #include <linux/sched.h> 24 #include <linux/sched/debug.h> 25 #include <linux/mm.h> 26 #include <linux/slab.h> 27 #include <linux/uaccess.h> 28 #include <linux/cpu.h> 29 #include <linux/entry-common.h> 30 #include <linux/kmsan.h> 31 #include <asm/asm-extable.h> 32 #include <asm/vtime.h> 33 #include <asm/fpu.h> 34 #include "entry.h" 35 36 static inline void __user *get_trap_ip(struct pt_regs *regs) 37 { 38 unsigned long address; 39 40 if (regs->int_code & 0x200) 41 address = current->thread.trap_tdb.data[3]; 42 else 43 address = regs->psw.addr; 44 return (void __user *) (address - (regs->int_code >> 16)); 45 } 46 47 #ifdef CONFIG_GENERIC_BUG 48 int is_valid_bugaddr(unsigned long addr) 49 { 50 return 1; 51 } 52 #endif 53 54 void do_report_trap(struct pt_regs *regs, int si_signo, int si_code, char *str) 55 { 56 if (user_mode(regs)) { 57 force_sig_fault(si_signo, si_code, get_trap_ip(regs)); 58 report_user_fault(regs, si_signo, 0); 59 } else { 60 if (!fixup_exception(regs)) 61 die(regs, str); 62 } 63 } 64 65 static void do_trap(struct pt_regs *regs, int si_signo, int si_code, char *str) 66 { 67 if (notify_die(DIE_TRAP, str, regs, 0, 68 regs->int_code, si_signo) == NOTIFY_STOP) 69 return; 70 do_report_trap(regs, si_signo, si_code, str); 71 } 72 NOKPROBE_SYMBOL(do_trap); 73 74 void do_per_trap(struct pt_regs *regs) 75 { 76 if (notify_die(DIE_SSTEP, "sstep", regs, 0, 0, SIGTRAP) == NOTIFY_STOP) 77 return; 78 if (!current->ptrace) 79 return; 80 force_sig_fault(SIGTRAP, TRAP_HWBKPT, 81 (void __force __user *) current->thread.per_event.address); 82 } 83 NOKPROBE_SYMBOL(do_per_trap); 84 85 static void default_trap_handler(struct pt_regs *regs) 86 { 87 if (user_mode(regs)) { 88 report_user_fault(regs, SIGSEGV, 0); 89 force_exit_sig(SIGSEGV); 90 } else 91 die(regs, "Unknown program exception"); 92 } 93 94 #define DO_ERROR_INFO(name, signr, sicode, str) \ 95 static void name(struct pt_regs *regs) \ 96 { \ 97 do_trap(regs, signr, sicode, str); \ 98 } 99 100 DO_ERROR_INFO(addressing_exception, SIGILL, ILL_ILLADR, 101 "addressing exception") 102 DO_ERROR_INFO(execute_exception, SIGILL, ILL_ILLOPN, 103 "execute exception") 104 DO_ERROR_INFO(divide_exception, SIGFPE, FPE_INTDIV, 105 "fixpoint divide exception") 106 DO_ERROR_INFO(overflow_exception, SIGFPE, FPE_INTOVF, 107 "fixpoint overflow exception") 108 DO_ERROR_INFO(hfp_overflow_exception, SIGFPE, FPE_FLTOVF, 109 "HFP overflow exception") 110 DO_ERROR_INFO(hfp_underflow_exception, SIGFPE, FPE_FLTUND, 111 "HFP underflow exception") 112 DO_ERROR_INFO(hfp_significance_exception, SIGFPE, FPE_FLTRES, 113 "HFP significance exception") 114 DO_ERROR_INFO(hfp_divide_exception, SIGFPE, FPE_FLTDIV, 115 "HFP divide exception") 116 DO_ERROR_INFO(hfp_sqrt_exception, SIGFPE, FPE_FLTINV, 117 "HFP square root exception") 118 DO_ERROR_INFO(operand_exception, SIGILL, ILL_ILLOPN, 119 "operand exception") 120 DO_ERROR_INFO(privileged_op, SIGILL, ILL_PRVOPC, 121 "privileged operation") 122 DO_ERROR_INFO(special_op_exception, SIGILL, ILL_ILLOPN, 123 "special operation exception") 124 DO_ERROR_INFO(transaction_exception, SIGILL, ILL_ILLOPN, 125 "transaction constraint exception") 126 127 static inline void do_fp_trap(struct pt_regs *regs, __u32 fpc) 128 { 129 int si_code = 0; 130 /* FPC[2] is Data Exception Code */ 131 if ((fpc & 0x00000300) == 0) { 132 /* bits 6 and 7 of DXC are 0 iff IEEE exception */ 133 if (fpc & 0x8000) /* invalid fp operation */ 134 si_code = FPE_FLTINV; 135 else if (fpc & 0x4000) /* div by 0 */ 136 si_code = FPE_FLTDIV; 137 else if (fpc & 0x2000) /* overflow */ 138 si_code = FPE_FLTOVF; 139 else if (fpc & 0x1000) /* underflow */ 140 si_code = FPE_FLTUND; 141 else if (fpc & 0x0800) /* inexact */ 142 si_code = FPE_FLTRES; 143 } 144 do_trap(regs, SIGFPE, si_code, "floating point exception"); 145 } 146 147 static void translation_specification_exception(struct pt_regs *regs) 148 { 149 /* May never happen. */ 150 panic("Translation-Specification Exception"); 151 } 152 153 static void illegal_op(struct pt_regs *regs) 154 { 155 __u8 opcode[6]; 156 __u16 __user *location; 157 int is_uprobe_insn = 0; 158 int signal = 0; 159 160 location = get_trap_ip(regs); 161 162 if (user_mode(regs)) { 163 if (get_user(*((__u16 *) opcode), (__u16 __user *) location)) 164 return; 165 if (*((__u16 *) opcode) == S390_BREAKPOINT_U16) { 166 if (current->ptrace) 167 force_sig_fault(SIGTRAP, TRAP_BRKPT, location); 168 else 169 signal = SIGILL; 170 #ifdef CONFIG_UPROBES 171 } else if (*((__u16 *) opcode) == UPROBE_SWBP_INSN) { 172 is_uprobe_insn = 1; 173 #endif 174 } else 175 signal = SIGILL; 176 } 177 /* 178 * We got either an illegal op in kernel mode, or user space trapped 179 * on a uprobes illegal instruction. See if kprobes or uprobes picks 180 * it up. If not, SIGILL. 181 */ 182 if (is_uprobe_insn || !user_mode(regs)) { 183 if (notify_die(DIE_BPT, "bpt", regs, 0, 184 3, SIGTRAP) != NOTIFY_STOP) 185 signal = SIGILL; 186 } 187 if (signal) 188 do_trap(regs, signal, ILL_ILLOPC, "illegal operation"); 189 } 190 NOKPROBE_SYMBOL(illegal_op); 191 192 DO_ERROR_INFO(specification_exception, SIGILL, ILL_ILLOPN, 193 "specification exception"); 194 195 static void vector_exception(struct pt_regs *regs) 196 { 197 int si_code, vic; 198 199 if (!cpu_has_vx()) { 200 do_trap(regs, SIGILL, ILL_ILLOPN, "illegal operation"); 201 return; 202 } 203 204 /* get vector interrupt code from fpc */ 205 save_user_fpu_regs(); 206 vic = (current->thread.ufpu.fpc & 0xf00) >> 8; 207 switch (vic) { 208 case 1: /* invalid vector operation */ 209 si_code = FPE_FLTINV; 210 break; 211 case 2: /* division by zero */ 212 si_code = FPE_FLTDIV; 213 break; 214 case 3: /* overflow */ 215 si_code = FPE_FLTOVF; 216 break; 217 case 4: /* underflow */ 218 si_code = FPE_FLTUND; 219 break; 220 case 5: /* inexact */ 221 si_code = FPE_FLTRES; 222 break; 223 default: /* unknown cause */ 224 si_code = 0; 225 } 226 do_trap(regs, SIGFPE, si_code, "vector exception"); 227 } 228 229 static void data_exception(struct pt_regs *regs) 230 { 231 save_user_fpu_regs(); 232 if (current->thread.ufpu.fpc & FPC_DXC_MASK) 233 do_fp_trap(regs, current->thread.ufpu.fpc); 234 else 235 do_trap(regs, SIGILL, ILL_ILLOPN, "data exception"); 236 } 237 238 static void space_switch_exception(struct pt_regs *regs) 239 { 240 /* Set user psw back to home space mode. */ 241 if (user_mode(regs)) 242 regs->psw.mask |= PSW_ASC_HOME; 243 /* Send SIGILL. */ 244 do_trap(regs, SIGILL, ILL_PRVOPC, "space switch event"); 245 } 246 247 static void monitor_event_exception(struct pt_regs *regs) 248 { 249 if (user_mode(regs)) 250 return; 251 252 switch (report_bug(regs->psw.addr - (regs->int_code >> 16), regs)) { 253 case BUG_TRAP_TYPE_NONE: 254 fixup_exception(regs); 255 break; 256 case BUG_TRAP_TYPE_WARN: 257 break; 258 case BUG_TRAP_TYPE_BUG: 259 die(regs, "monitor event"); 260 break; 261 } 262 } 263 264 void kernel_stack_overflow(struct pt_regs *regs) 265 { 266 /* 267 * Normally regs are unpoisoned by the generic entry code, but 268 * kernel_stack_overflow() is a rare case that is called bypassing it. 269 */ 270 kmsan_unpoison_entry_regs(regs); 271 bust_spinlocks(1); 272 printk("Kernel stack overflow.\n"); 273 show_regs(regs); 274 bust_spinlocks(0); 275 panic("Corrupt kernel stack, can't continue."); 276 } 277 NOKPROBE_SYMBOL(kernel_stack_overflow); 278 279 static void __init test_monitor_call(void) 280 { 281 int val = 1; 282 283 if (!IS_ENABLED(CONFIG_BUG)) 284 return; 285 asm volatile( 286 " mc 0,0\n" 287 "0: xgr %0,%0\n" 288 "1:\n" 289 EX_TABLE(0b,1b) 290 : "+d" (val)); 291 if (!val) 292 panic("Monitor call doesn't work!\n"); 293 } 294 295 void __init trap_init(void) 296 { 297 struct lowcore *lc = get_lowcore(); 298 unsigned long flags; 299 struct ctlreg cr0; 300 301 local_irq_save(flags); 302 cr0 = local_ctl_clear_bit(0, CR0_LOW_ADDRESS_PROTECTION_BIT); 303 psw_bits(lc->external_new_psw).mcheck = 1; 304 psw_bits(lc->program_new_psw).mcheck = 1; 305 psw_bits(lc->svc_new_psw).mcheck = 1; 306 psw_bits(lc->io_new_psw).mcheck = 1; 307 local_ctl_load(0, &cr0); 308 local_irq_restore(flags); 309 local_mcck_enable(); 310 test_monitor_call(); 311 } 312 313 static void (*pgm_check_table[128])(struct pt_regs *regs); 314 315 void noinstr __do_pgm_check(struct pt_regs *regs) 316 { 317 struct lowcore *lc = get_lowcore(); 318 irqentry_state_t state; 319 unsigned int trapnr; 320 321 regs->int_code = lc->pgm_int_code; 322 regs->int_parm_long = lc->trans_exc_code; 323 324 state = irqentry_enter(regs); 325 326 if (user_mode(regs)) { 327 update_timer_sys(); 328 if (!static_branch_likely(&cpu_has_bear)) { 329 if (regs->last_break < 4096) 330 regs->last_break = 1; 331 } 332 current->thread.last_break = regs->last_break; 333 } 334 335 if (lc->pgm_code & 0x0200) { 336 /* transaction abort */ 337 current->thread.trap_tdb = lc->pgm_tdb; 338 } 339 340 if (lc->pgm_code & PGM_INT_CODE_PER) { 341 if (user_mode(regs)) { 342 struct per_event *ev = ¤t->thread.per_event; 343 344 set_thread_flag(TIF_PER_TRAP); 345 ev->address = lc->per_address; 346 ev->cause = lc->per_code_combined; 347 ev->paid = lc->per_access_id; 348 } else { 349 /* PER event in kernel is kprobes */ 350 __arch_local_irq_ssm(regs->psw.mask & ~PSW_MASK_PER); 351 do_per_trap(regs); 352 goto out; 353 } 354 } 355 356 if (!irqs_disabled_flags(regs->psw.mask)) 357 trace_hardirqs_on(); 358 __arch_local_irq_ssm(regs->psw.mask & ~PSW_MASK_PER); 359 360 trapnr = regs->int_code & PGM_INT_CODE_MASK; 361 if (trapnr) 362 pgm_check_table[trapnr](regs); 363 out: 364 local_irq_disable(); 365 irqentry_exit(regs, state); 366 } 367 368 /* 369 * The program check table contains exactly 128 (0x00-0x7f) entries. Each 370 * line defines the function to be called corresponding to the program check 371 * interruption code. 372 */ 373 static void (*pgm_check_table[128])(struct pt_regs *regs) = { 374 [0x00] = default_trap_handler, 375 [0x01] = illegal_op, 376 [0x02] = privileged_op, 377 [0x03] = execute_exception, 378 [0x04] = do_protection_exception, 379 [0x05] = addressing_exception, 380 [0x06] = specification_exception, 381 [0x07] = data_exception, 382 [0x08] = overflow_exception, 383 [0x09] = divide_exception, 384 [0x0a] = overflow_exception, 385 [0x0b] = divide_exception, 386 [0x0c] = hfp_overflow_exception, 387 [0x0d] = hfp_underflow_exception, 388 [0x0e] = hfp_significance_exception, 389 [0x0f] = hfp_divide_exception, 390 [0x10] = do_dat_exception, 391 [0x11] = do_dat_exception, 392 [0x12] = translation_specification_exception, 393 [0x13] = special_op_exception, 394 [0x14] = default_trap_handler, 395 [0x15] = operand_exception, 396 [0x16] = default_trap_handler, 397 [0x17] = default_trap_handler, 398 [0x18] = transaction_exception, 399 [0x19] = default_trap_handler, 400 [0x1a] = default_trap_handler, 401 [0x1b] = vector_exception, 402 [0x1c] = space_switch_exception, 403 [0x1d] = hfp_sqrt_exception, 404 [0x1e ... 0x37] = default_trap_handler, 405 [0x38] = do_dat_exception, 406 [0x39] = do_dat_exception, 407 [0x3a] = do_dat_exception, 408 [0x3b] = do_dat_exception, 409 [0x3c] = default_trap_handler, 410 [0x3d] = do_secure_storage_access, 411 [0x3e] = do_non_secure_storage_access, 412 [0x3f] = do_secure_storage_violation, 413 [0x40] = monitor_event_exception, 414 [0x41 ... 0x7f] = default_trap_handler, 415 }; 416 417 #define COND_TRAP(x) asm( \ 418 ".weak " __stringify(x) "\n\t" \ 419 ".set " __stringify(x) "," \ 420 __stringify(default_trap_handler)) 421 422 COND_TRAP(do_secure_storage_access); 423 COND_TRAP(do_non_secure_storage_access); 424 COND_TRAP(do_secure_storage_violation); 425