1*2a0a5b22SJan Willeke /* 2*2a0a5b22SJan Willeke * User-space Probes (UProbes) for s390 3*2a0a5b22SJan Willeke * 4*2a0a5b22SJan Willeke * Copyright IBM Corp. 2014 5*2a0a5b22SJan Willeke * Author(s): Jan Willeke, 6*2a0a5b22SJan Willeke */ 7*2a0a5b22SJan Willeke 8*2a0a5b22SJan Willeke #include <linux/kprobes.h> 9*2a0a5b22SJan Willeke #include <linux/uaccess.h> 10*2a0a5b22SJan Willeke #include <linux/uprobes.h> 11*2a0a5b22SJan Willeke #include <linux/compat.h> 12*2a0a5b22SJan Willeke #include <linux/kdebug.h> 13*2a0a5b22SJan Willeke #include <asm/switch_to.h> 14*2a0a5b22SJan Willeke #include <asm/facility.h> 15*2a0a5b22SJan Willeke #include <asm/dis.h> 16*2a0a5b22SJan Willeke #include "entry.h" 17*2a0a5b22SJan Willeke 18*2a0a5b22SJan Willeke #define UPROBE_TRAP_NR UINT_MAX 19*2a0a5b22SJan Willeke 20*2a0a5b22SJan Willeke int arch_uprobe_analyze_insn(struct arch_uprobe *auprobe, struct mm_struct *mm, 21*2a0a5b22SJan Willeke unsigned long addr) 22*2a0a5b22SJan Willeke { 23*2a0a5b22SJan Willeke return probe_is_prohibited_opcode(auprobe->insn); 24*2a0a5b22SJan Willeke } 25*2a0a5b22SJan Willeke 26*2a0a5b22SJan Willeke int arch_uprobe_pre_xol(struct arch_uprobe *auprobe, struct pt_regs *regs) 27*2a0a5b22SJan Willeke { 28*2a0a5b22SJan Willeke if (psw_bits(regs->psw).eaba == PSW_AMODE_24BIT) 29*2a0a5b22SJan Willeke return -EINVAL; 30*2a0a5b22SJan Willeke if (!is_compat_task() && psw_bits(regs->psw).eaba == PSW_AMODE_31BIT) 31*2a0a5b22SJan Willeke return -EINVAL; 32*2a0a5b22SJan Willeke clear_pt_regs_flag(regs, PIF_PER_TRAP); 33*2a0a5b22SJan Willeke auprobe->saved_per = psw_bits(regs->psw).r; 34*2a0a5b22SJan Willeke auprobe->saved_int_code = regs->int_code; 35*2a0a5b22SJan Willeke regs->int_code = UPROBE_TRAP_NR; 36*2a0a5b22SJan Willeke regs->psw.addr = current->utask->xol_vaddr; 37*2a0a5b22SJan Willeke set_tsk_thread_flag(current, TIF_UPROBE_SINGLESTEP); 38*2a0a5b22SJan Willeke update_cr_regs(current); 39*2a0a5b22SJan Willeke return 0; 40*2a0a5b22SJan Willeke } 41*2a0a5b22SJan Willeke 42*2a0a5b22SJan Willeke bool arch_uprobe_xol_was_trapped(struct task_struct *tsk) 43*2a0a5b22SJan Willeke { 44*2a0a5b22SJan Willeke struct pt_regs *regs = task_pt_regs(tsk); 45*2a0a5b22SJan Willeke 46*2a0a5b22SJan Willeke if (regs->int_code != UPROBE_TRAP_NR) 47*2a0a5b22SJan Willeke return true; 48*2a0a5b22SJan Willeke return false; 49*2a0a5b22SJan Willeke } 50*2a0a5b22SJan Willeke 51*2a0a5b22SJan Willeke int arch_uprobe_post_xol(struct arch_uprobe *auprobe, struct pt_regs *regs) 52*2a0a5b22SJan Willeke { 53*2a0a5b22SJan Willeke int fixup = probe_get_fixup_type(auprobe->insn); 54*2a0a5b22SJan Willeke struct uprobe_task *utask = current->utask; 55*2a0a5b22SJan Willeke 56*2a0a5b22SJan Willeke clear_tsk_thread_flag(current, TIF_UPROBE_SINGLESTEP); 57*2a0a5b22SJan Willeke update_cr_regs(current); 58*2a0a5b22SJan Willeke psw_bits(regs->psw).r = auprobe->saved_per; 59*2a0a5b22SJan Willeke regs->int_code = auprobe->saved_int_code; 60*2a0a5b22SJan Willeke 61*2a0a5b22SJan Willeke if (fixup & FIXUP_PSW_NORMAL) 62*2a0a5b22SJan Willeke regs->psw.addr += utask->vaddr - utask->xol_vaddr; 63*2a0a5b22SJan Willeke if (fixup & FIXUP_RETURN_REGISTER) { 64*2a0a5b22SJan Willeke int reg = (auprobe->insn[0] & 0xf0) >> 4; 65*2a0a5b22SJan Willeke 66*2a0a5b22SJan Willeke regs->gprs[reg] += utask->vaddr - utask->xol_vaddr; 67*2a0a5b22SJan Willeke } 68*2a0a5b22SJan Willeke if (fixup & FIXUP_BRANCH_NOT_TAKEN) { 69*2a0a5b22SJan Willeke int ilen = insn_length(auprobe->insn[0] >> 8); 70*2a0a5b22SJan Willeke 71*2a0a5b22SJan Willeke if (regs->psw.addr - utask->xol_vaddr == ilen) 72*2a0a5b22SJan Willeke regs->psw.addr = utask->vaddr + ilen; 73*2a0a5b22SJan Willeke } 74*2a0a5b22SJan Willeke /* If per tracing was active generate trap */ 75*2a0a5b22SJan Willeke if (regs->psw.mask & PSW_MASK_PER) 76*2a0a5b22SJan Willeke do_per_trap(regs); 77*2a0a5b22SJan Willeke return 0; 78*2a0a5b22SJan Willeke } 79*2a0a5b22SJan Willeke 80*2a0a5b22SJan Willeke int arch_uprobe_exception_notify(struct notifier_block *self, unsigned long val, 81*2a0a5b22SJan Willeke void *data) 82*2a0a5b22SJan Willeke { 83*2a0a5b22SJan Willeke struct die_args *args = data; 84*2a0a5b22SJan Willeke struct pt_regs *regs = args->regs; 85*2a0a5b22SJan Willeke 86*2a0a5b22SJan Willeke if (!user_mode(regs)) 87*2a0a5b22SJan Willeke return NOTIFY_DONE; 88*2a0a5b22SJan Willeke if (regs->int_code & 0x200) /* Trap during transaction */ 89*2a0a5b22SJan Willeke return NOTIFY_DONE; 90*2a0a5b22SJan Willeke switch (val) { 91*2a0a5b22SJan Willeke case DIE_BPT: 92*2a0a5b22SJan Willeke if (uprobe_pre_sstep_notifier(regs)) 93*2a0a5b22SJan Willeke return NOTIFY_STOP; 94*2a0a5b22SJan Willeke break; 95*2a0a5b22SJan Willeke case DIE_SSTEP: 96*2a0a5b22SJan Willeke if (uprobe_post_sstep_notifier(regs)) 97*2a0a5b22SJan Willeke return NOTIFY_STOP; 98*2a0a5b22SJan Willeke default: 99*2a0a5b22SJan Willeke break; 100*2a0a5b22SJan Willeke } 101*2a0a5b22SJan Willeke return NOTIFY_DONE; 102*2a0a5b22SJan Willeke } 103*2a0a5b22SJan Willeke 104*2a0a5b22SJan Willeke void arch_uprobe_abort_xol(struct arch_uprobe *auprobe, struct pt_regs *regs) 105*2a0a5b22SJan Willeke { 106*2a0a5b22SJan Willeke clear_thread_flag(TIF_UPROBE_SINGLESTEP); 107*2a0a5b22SJan Willeke regs->int_code = auprobe->saved_int_code; 108*2a0a5b22SJan Willeke regs->psw.addr = current->utask->vaddr; 109*2a0a5b22SJan Willeke } 110*2a0a5b22SJan Willeke 111*2a0a5b22SJan Willeke unsigned long arch_uretprobe_hijack_return_addr(unsigned long trampoline, 112*2a0a5b22SJan Willeke struct pt_regs *regs) 113*2a0a5b22SJan Willeke { 114*2a0a5b22SJan Willeke unsigned long orig; 115*2a0a5b22SJan Willeke 116*2a0a5b22SJan Willeke orig = regs->gprs[14]; 117*2a0a5b22SJan Willeke regs->gprs[14] = trampoline; 118*2a0a5b22SJan Willeke return orig; 119*2a0a5b22SJan Willeke } 120*2a0a5b22SJan Willeke 121*2a0a5b22SJan Willeke /* Instruction Emulation */ 122*2a0a5b22SJan Willeke 123*2a0a5b22SJan Willeke static void adjust_psw_addr(psw_t *psw, unsigned long len) 124*2a0a5b22SJan Willeke { 125*2a0a5b22SJan Willeke psw->addr = __rewind_psw(*psw, -len); 126*2a0a5b22SJan Willeke } 127*2a0a5b22SJan Willeke 128*2a0a5b22SJan Willeke #define EMU_ILLEGAL_OP 1 129*2a0a5b22SJan Willeke #define EMU_SPECIFICATION 2 130*2a0a5b22SJan Willeke #define EMU_ADDRESSING 3 131*2a0a5b22SJan Willeke 132*2a0a5b22SJan Willeke #define emu_load_ril(ptr, output) \ 133*2a0a5b22SJan Willeke ({ \ 134*2a0a5b22SJan Willeke unsigned int mask = sizeof(*(ptr)) - 1; \ 135*2a0a5b22SJan Willeke __typeof__(*(ptr)) input; \ 136*2a0a5b22SJan Willeke int __rc = 0; \ 137*2a0a5b22SJan Willeke \ 138*2a0a5b22SJan Willeke if (!test_facility(34)) \ 139*2a0a5b22SJan Willeke __rc = EMU_ILLEGAL_OP; \ 140*2a0a5b22SJan Willeke else if ((u64 __force)ptr & mask) \ 141*2a0a5b22SJan Willeke __rc = EMU_SPECIFICATION; \ 142*2a0a5b22SJan Willeke else if (get_user(input, ptr)) \ 143*2a0a5b22SJan Willeke __rc = EMU_ADDRESSING; \ 144*2a0a5b22SJan Willeke else \ 145*2a0a5b22SJan Willeke *(output) = input; \ 146*2a0a5b22SJan Willeke __rc; \ 147*2a0a5b22SJan Willeke }) 148*2a0a5b22SJan Willeke 149*2a0a5b22SJan Willeke #define emu_store_ril(ptr, input) \ 150*2a0a5b22SJan Willeke ({ \ 151*2a0a5b22SJan Willeke unsigned int mask = sizeof(*(ptr)) - 1; \ 152*2a0a5b22SJan Willeke int __rc = 0; \ 153*2a0a5b22SJan Willeke \ 154*2a0a5b22SJan Willeke if (!test_facility(34)) \ 155*2a0a5b22SJan Willeke __rc = EMU_ILLEGAL_OP; \ 156*2a0a5b22SJan Willeke else if ((u64 __force)ptr & mask) \ 157*2a0a5b22SJan Willeke __rc = EMU_SPECIFICATION; \ 158*2a0a5b22SJan Willeke else if (put_user(*(input), ptr)) \ 159*2a0a5b22SJan Willeke __rc = EMU_ADDRESSING; \ 160*2a0a5b22SJan Willeke __rc; \ 161*2a0a5b22SJan Willeke }) 162*2a0a5b22SJan Willeke 163*2a0a5b22SJan Willeke #define emu_cmp_ril(regs, ptr, cmp) \ 164*2a0a5b22SJan Willeke ({ \ 165*2a0a5b22SJan Willeke unsigned int mask = sizeof(*(ptr)) - 1; \ 166*2a0a5b22SJan Willeke __typeof__(*(ptr)) input; \ 167*2a0a5b22SJan Willeke int __rc = 0; \ 168*2a0a5b22SJan Willeke \ 169*2a0a5b22SJan Willeke if (!test_facility(34)) \ 170*2a0a5b22SJan Willeke __rc = EMU_ILLEGAL_OP; \ 171*2a0a5b22SJan Willeke else if ((u64 __force)ptr & mask) \ 172*2a0a5b22SJan Willeke __rc = EMU_SPECIFICATION; \ 173*2a0a5b22SJan Willeke else if (get_user(input, ptr)) \ 174*2a0a5b22SJan Willeke __rc = EMU_ADDRESSING; \ 175*2a0a5b22SJan Willeke else if (input > *(cmp)) \ 176*2a0a5b22SJan Willeke psw_bits((regs)->psw).cc = 1; \ 177*2a0a5b22SJan Willeke else if (input < *(cmp)) \ 178*2a0a5b22SJan Willeke psw_bits((regs)->psw).cc = 2; \ 179*2a0a5b22SJan Willeke else \ 180*2a0a5b22SJan Willeke psw_bits((regs)->psw).cc = 0; \ 181*2a0a5b22SJan Willeke __rc; \ 182*2a0a5b22SJan Willeke }) 183*2a0a5b22SJan Willeke 184*2a0a5b22SJan Willeke struct insn_ril { 185*2a0a5b22SJan Willeke u8 opc0; 186*2a0a5b22SJan Willeke u8 reg : 4; 187*2a0a5b22SJan Willeke u8 opc1 : 4; 188*2a0a5b22SJan Willeke s32 disp; 189*2a0a5b22SJan Willeke } __packed; 190*2a0a5b22SJan Willeke 191*2a0a5b22SJan Willeke union split_register { 192*2a0a5b22SJan Willeke u64 u64; 193*2a0a5b22SJan Willeke u32 u32[2]; 194*2a0a5b22SJan Willeke u16 u16[4]; 195*2a0a5b22SJan Willeke s64 s64; 196*2a0a5b22SJan Willeke s32 s32[2]; 197*2a0a5b22SJan Willeke s16 s16[4]; 198*2a0a5b22SJan Willeke }; 199*2a0a5b22SJan Willeke 200*2a0a5b22SJan Willeke /* 201*2a0a5b22SJan Willeke * pc relative instructions are emulated, since parameters may not be 202*2a0a5b22SJan Willeke * accessible from the xol area due to range limitations. 203*2a0a5b22SJan Willeke */ 204*2a0a5b22SJan Willeke static void handle_insn_ril(struct arch_uprobe *auprobe, struct pt_regs *regs) 205*2a0a5b22SJan Willeke { 206*2a0a5b22SJan Willeke union split_register *rx; 207*2a0a5b22SJan Willeke struct insn_ril *insn; 208*2a0a5b22SJan Willeke unsigned int ilen; 209*2a0a5b22SJan Willeke void *uptr; 210*2a0a5b22SJan Willeke int rc = 0; 211*2a0a5b22SJan Willeke 212*2a0a5b22SJan Willeke insn = (struct insn_ril *) &auprobe->insn; 213*2a0a5b22SJan Willeke rx = (union split_register *) ®s->gprs[insn->reg]; 214*2a0a5b22SJan Willeke uptr = (void *)(regs->psw.addr + (insn->disp * 2)); 215*2a0a5b22SJan Willeke ilen = insn_length(insn->opc0); 216*2a0a5b22SJan Willeke 217*2a0a5b22SJan Willeke switch (insn->opc0) { 218*2a0a5b22SJan Willeke case 0xc0: 219*2a0a5b22SJan Willeke switch (insn->opc1) { 220*2a0a5b22SJan Willeke case 0x00: /* larl */ 221*2a0a5b22SJan Willeke rx->u64 = (unsigned long)uptr; 222*2a0a5b22SJan Willeke break; 223*2a0a5b22SJan Willeke } 224*2a0a5b22SJan Willeke break; 225*2a0a5b22SJan Willeke case 0xc4: 226*2a0a5b22SJan Willeke switch (insn->opc1) { 227*2a0a5b22SJan Willeke case 0x02: /* llhrl */ 228*2a0a5b22SJan Willeke rc = emu_load_ril((u16 __user *)uptr, &rx->u32[1]); 229*2a0a5b22SJan Willeke break; 230*2a0a5b22SJan Willeke case 0x04: /* lghrl */ 231*2a0a5b22SJan Willeke rc = emu_load_ril((s16 __user *)uptr, &rx->u64); 232*2a0a5b22SJan Willeke break; 233*2a0a5b22SJan Willeke case 0x05: /* lhrl */ 234*2a0a5b22SJan Willeke rc = emu_load_ril((s16 __user *)uptr, &rx->u32[1]); 235*2a0a5b22SJan Willeke break; 236*2a0a5b22SJan Willeke case 0x06: /* llghrl */ 237*2a0a5b22SJan Willeke rc = emu_load_ril((u16 __user *)uptr, &rx->u64); 238*2a0a5b22SJan Willeke break; 239*2a0a5b22SJan Willeke case 0x08: /* lgrl */ 240*2a0a5b22SJan Willeke rc = emu_load_ril((u64 __user *)uptr, &rx->u64); 241*2a0a5b22SJan Willeke break; 242*2a0a5b22SJan Willeke case 0x0c: /* lgfrl */ 243*2a0a5b22SJan Willeke rc = emu_load_ril((s32 __user *)uptr, &rx->u64); 244*2a0a5b22SJan Willeke break; 245*2a0a5b22SJan Willeke case 0x0d: /* lrl */ 246*2a0a5b22SJan Willeke rc = emu_load_ril((u32 __user *)uptr, &rx->u32[1]); 247*2a0a5b22SJan Willeke break; 248*2a0a5b22SJan Willeke case 0x0e: /* llgfrl */ 249*2a0a5b22SJan Willeke rc = emu_load_ril((u32 __user *)uptr, &rx->u64); 250*2a0a5b22SJan Willeke break; 251*2a0a5b22SJan Willeke case 0x07: /* sthrl */ 252*2a0a5b22SJan Willeke rc = emu_store_ril((u16 __user *)uptr, &rx->u16[3]); 253*2a0a5b22SJan Willeke break; 254*2a0a5b22SJan Willeke case 0x0b: /* stgrl */ 255*2a0a5b22SJan Willeke rc = emu_store_ril((u64 __user *)uptr, &rx->u64); 256*2a0a5b22SJan Willeke break; 257*2a0a5b22SJan Willeke case 0x0f: /* strl */ 258*2a0a5b22SJan Willeke rc = emu_store_ril((u32 __user *)uptr, &rx->u32[1]); 259*2a0a5b22SJan Willeke break; 260*2a0a5b22SJan Willeke } 261*2a0a5b22SJan Willeke break; 262*2a0a5b22SJan Willeke case 0xc6: 263*2a0a5b22SJan Willeke switch (insn->opc1) { 264*2a0a5b22SJan Willeke case 0x02: /* pfdrl */ 265*2a0a5b22SJan Willeke if (!test_facility(34)) 266*2a0a5b22SJan Willeke rc = EMU_ILLEGAL_OP; 267*2a0a5b22SJan Willeke break; 268*2a0a5b22SJan Willeke case 0x04: /* cghrl */ 269*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (s16 __user *)uptr, &rx->s64); 270*2a0a5b22SJan Willeke break; 271*2a0a5b22SJan Willeke case 0x05: /* chrl */ 272*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (s16 __user *)uptr, &rx->s32[1]); 273*2a0a5b22SJan Willeke break; 274*2a0a5b22SJan Willeke case 0x06: /* clghrl */ 275*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (u16 __user *)uptr, &rx->u64); 276*2a0a5b22SJan Willeke break; 277*2a0a5b22SJan Willeke case 0x07: /* clhrl */ 278*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (u16 __user *)uptr, &rx->u32[1]); 279*2a0a5b22SJan Willeke break; 280*2a0a5b22SJan Willeke case 0x08: /* cgrl */ 281*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (s64 __user *)uptr, &rx->s64); 282*2a0a5b22SJan Willeke break; 283*2a0a5b22SJan Willeke case 0x0a: /* clgrl */ 284*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (u64 __user *)uptr, &rx->u64); 285*2a0a5b22SJan Willeke break; 286*2a0a5b22SJan Willeke case 0x0c: /* cgfrl */ 287*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (s32 __user *)uptr, &rx->s64); 288*2a0a5b22SJan Willeke break; 289*2a0a5b22SJan Willeke case 0x0d: /* crl */ 290*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (s32 __user *)uptr, &rx->s32[1]); 291*2a0a5b22SJan Willeke break; 292*2a0a5b22SJan Willeke case 0x0e: /* clgfrl */ 293*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (u32 __user *)uptr, &rx->u64); 294*2a0a5b22SJan Willeke break; 295*2a0a5b22SJan Willeke case 0x0f: /* clrl */ 296*2a0a5b22SJan Willeke rc = emu_cmp_ril(regs, (u32 __user *)uptr, &rx->u32[1]); 297*2a0a5b22SJan Willeke break; 298*2a0a5b22SJan Willeke } 299*2a0a5b22SJan Willeke break; 300*2a0a5b22SJan Willeke } 301*2a0a5b22SJan Willeke adjust_psw_addr(®s->psw, ilen); 302*2a0a5b22SJan Willeke switch (rc) { 303*2a0a5b22SJan Willeke case EMU_ILLEGAL_OP: 304*2a0a5b22SJan Willeke regs->int_code = ilen << 16 | 0x0001; 305*2a0a5b22SJan Willeke do_report_trap(regs, SIGILL, ILL_ILLOPC, NULL); 306*2a0a5b22SJan Willeke break; 307*2a0a5b22SJan Willeke case EMU_SPECIFICATION: 308*2a0a5b22SJan Willeke regs->int_code = ilen << 16 | 0x0006; 309*2a0a5b22SJan Willeke do_report_trap(regs, SIGILL, ILL_ILLOPC , NULL); 310*2a0a5b22SJan Willeke break; 311*2a0a5b22SJan Willeke case EMU_ADDRESSING: 312*2a0a5b22SJan Willeke regs->int_code = ilen << 16 | 0x0005; 313*2a0a5b22SJan Willeke do_report_trap(regs, SIGSEGV, SEGV_MAPERR, NULL); 314*2a0a5b22SJan Willeke break; 315*2a0a5b22SJan Willeke } 316*2a0a5b22SJan Willeke } 317*2a0a5b22SJan Willeke 318*2a0a5b22SJan Willeke bool arch_uprobe_skip_sstep(struct arch_uprobe *auprobe, struct pt_regs *regs) 319*2a0a5b22SJan Willeke { 320*2a0a5b22SJan Willeke if ((psw_bits(regs->psw).eaba == PSW_AMODE_24BIT) || 321*2a0a5b22SJan Willeke ((psw_bits(regs->psw).eaba == PSW_AMODE_31BIT) && 322*2a0a5b22SJan Willeke !is_compat_task())) { 323*2a0a5b22SJan Willeke regs->psw.addr = __rewind_psw(regs->psw, UPROBE_SWBP_INSN_SIZE); 324*2a0a5b22SJan Willeke do_report_trap(regs, SIGILL, ILL_ILLADR, NULL); 325*2a0a5b22SJan Willeke return true; 326*2a0a5b22SJan Willeke } 327*2a0a5b22SJan Willeke if (probe_is_insn_relative_long(auprobe->insn)) { 328*2a0a5b22SJan Willeke handle_insn_ril(auprobe, regs); 329*2a0a5b22SJan Willeke return true; 330*2a0a5b22SJan Willeke } 331*2a0a5b22SJan Willeke return false; 332*2a0a5b22SJan Willeke } 333