1 /*
2 * Copyright (C) 2000-2007, Axis Communications AB.
3 */
4
5 #include <linux/kernel.h>
6 #include <linux/sched.h>
7 #include <linux/mm.h>
8 #include <linux/smp.h>
9 #include <linux/errno.h>
10 #include <linux/ptrace.h>
11 #include <linux/user.h>
12 #include <linux/signal.h>
13 #include <linux/security.h>
14
15 #include <asm/uaccess.h>
16 #include <asm/page.h>
17 #include <asm/pgtable.h>
18 #include <asm/processor.h>
19 #include <arch/hwregs/supp_reg.h>
20
21 /*
22 * Determines which bits in CCS the user has access to.
23 * 1 = access, 0 = no access.
24 */
25 #define CCS_MASK 0x00087c00 /* SXNZVC */
26
27 #define SBIT_USER (1 << (S_CCS_BITNR + CCS_SHIFT))
28
29 static int put_debugreg(long pid, unsigned int regno, long data);
30 static long get_debugreg(long pid, unsigned int regno);
31 static unsigned long get_pseudo_pc(struct task_struct *child);
32 void deconfigure_bp(long pid);
33
34 extern unsigned long cris_signal_return_page;
35
36 /*
37 * Get contents of register REGNO in task TASK.
38 */
get_reg(struct task_struct * task,unsigned int regno)39 long get_reg(struct task_struct *task, unsigned int regno)
40 {
41 /* USP is a special case, it's not in the pt_regs struct but
42 * in the tasks thread struct
43 */
44 unsigned long ret;
45
46 if (regno <= PT_EDA)
47 ret = ((unsigned long *)task_pt_regs(task))[regno];
48 else if (regno == PT_USP)
49 ret = task->thread.usp;
50 else if (regno == PT_PPC)
51 ret = get_pseudo_pc(task);
52 else if (regno <= PT_MAX)
53 ret = get_debugreg(task->pid, regno);
54 else
55 ret = 0;
56
57 return ret;
58 }
59
60 /*
61 * Write contents of register REGNO in task TASK.
62 */
put_reg(struct task_struct * task,unsigned int regno,unsigned long data)63 int put_reg(struct task_struct *task, unsigned int regno, unsigned long data)
64 {
65 if (regno <= PT_EDA)
66 ((unsigned long *)task_pt_regs(task))[regno] = data;
67 else if (regno == PT_USP)
68 task->thread.usp = data;
69 else if (regno == PT_PPC) {
70 /* Write pseudo-PC to ERP only if changed. */
71 if (data != get_pseudo_pc(task))
72 task_pt_regs(task)->erp = data;
73 } else if (regno <= PT_MAX)
74 return put_debugreg(task->pid, regno, data);
75 else
76 return -1;
77 return 0;
78 }
79
user_enable_single_step(struct task_struct * child)80 void user_enable_single_step(struct task_struct *child)
81 {
82 unsigned long tmp;
83
84 /*
85 * Set up SPC if not set already (in which case we have no other
86 * choice but to trust it).
87 */
88 if (!get_reg(child, PT_SPC)) {
89 /* In case we're stopped in a delay slot. */
90 tmp = get_reg(child, PT_ERP) & ~1;
91 put_reg(child, PT_SPC, tmp);
92 }
93 tmp = get_reg(child, PT_CCS) | SBIT_USER;
94 put_reg(child, PT_CCS, tmp);
95 }
96
user_disable_single_step(struct task_struct * child)97 void user_disable_single_step(struct task_struct *child)
98 {
99 put_reg(child, PT_SPC, 0);
100
101 if (!get_debugreg(child->pid, PT_BP_CTRL)) {
102 unsigned long tmp;
103 /* If no h/w bp configured, disable S bit. */
104 tmp = get_reg(child, PT_CCS) & ~SBIT_USER;
105 put_reg(child, PT_CCS, tmp);
106 }
107 }
108
109 /*
110 * Called by kernel/ptrace.c when detaching.
111 *
112 * Make sure the single step bit is not set.
113 */
114 void
ptrace_disable(struct task_struct * child)115 ptrace_disable(struct task_struct *child)
116 {
117 /* Deconfigure SPC and S-bit. */
118 user_disable_single_step(child);
119 put_reg(child, PT_SPC, 0);
120
121 /* Deconfigure any watchpoints associated with the child. */
122 deconfigure_bp(child->pid);
123 }
124
125
arch_ptrace(struct task_struct * child,long request,unsigned long addr,unsigned long data)126 long arch_ptrace(struct task_struct *child, long request,
127 unsigned long addr, unsigned long data)
128 {
129 int ret;
130 unsigned int regno = addr >> 2;
131 unsigned long __user *datap = (unsigned long __user *)data;
132
133 switch (request) {
134 /* Read word at location address. */
135 case PTRACE_PEEKTEXT:
136 case PTRACE_PEEKDATA: {
137 unsigned long tmp;
138 int copied;
139
140 ret = -EIO;
141
142 /* The signal trampoline page is outside the normal user-addressable
143 * space but still accessible. This is hack to make it possible to
144 * access the signal handler code in GDB.
145 */
146 if ((addr & PAGE_MASK) == cris_signal_return_page) {
147 /* The trampoline page is globally mapped, no page table to traverse.*/
148 tmp = *(unsigned long*)addr;
149 } else {
150 copied = access_process_vm(child, addr, &tmp, sizeof(tmp), 0);
151
152 if (copied != sizeof(tmp))
153 break;
154 }
155
156 ret = put_user(tmp,datap);
157 break;
158 }
159
160 /* Read the word at location address in the USER area. */
161 case PTRACE_PEEKUSR: {
162 unsigned long tmp;
163
164 ret = -EIO;
165 if ((addr & 3) || regno > PT_MAX)
166 break;
167
168 tmp = get_reg(child, regno);
169 ret = put_user(tmp, datap);
170 break;
171 }
172
173 /* Write the word at location address. */
174 case PTRACE_POKETEXT:
175 case PTRACE_POKEDATA:
176 ret = generic_ptrace_pokedata(child, addr, data);
177 break;
178
179 /* Write the word at location address in the USER area. */
180 case PTRACE_POKEUSR:
181 ret = -EIO;
182 if ((addr & 3) || regno > PT_MAX)
183 break;
184
185 if (regno == PT_CCS) {
186 /* don't allow the tracing process to change stuff like
187 * interrupt enable, kernel/user bit, dma enables etc.
188 */
189 data &= CCS_MASK;
190 data |= get_reg(child, PT_CCS) & ~CCS_MASK;
191 }
192 if (put_reg(child, regno, data))
193 break;
194 ret = 0;
195 break;
196
197 /* Get all GP registers from the child. */
198 case PTRACE_GETREGS: {
199 int i;
200 unsigned long tmp;
201
202 for (i = 0; i <= PT_MAX; i++) {
203 tmp = get_reg(child, i);
204
205 if (put_user(tmp, datap)) {
206 ret = -EFAULT;
207 goto out_tsk;
208 }
209
210 datap++;
211 }
212
213 ret = 0;
214 break;
215 }
216
217 /* Set all GP registers in the child. */
218 case PTRACE_SETREGS: {
219 int i;
220 unsigned long tmp;
221
222 for (i = 0; i <= PT_MAX; i++) {
223 if (get_user(tmp, datap)) {
224 ret = -EFAULT;
225 goto out_tsk;
226 }
227
228 if (i == PT_CCS) {
229 tmp &= CCS_MASK;
230 tmp |= get_reg(child, PT_CCS) & ~CCS_MASK;
231 }
232
233 put_reg(child, i, tmp);
234 datap++;
235 }
236
237 ret = 0;
238 break;
239 }
240
241 default:
242 ret = ptrace_request(child, request, addr, data);
243 break;
244 }
245
246 out_tsk:
247 return ret;
248 }
249
do_syscall_trace(void)250 void do_syscall_trace(void)
251 {
252 if (!test_thread_flag(TIF_SYSCALL_TRACE))
253 return;
254
255 if (!(current->ptrace & PT_PTRACED))
256 return;
257
258 /* the 0x80 provides a way for the tracing parent to distinguish
259 between a syscall stop and SIGTRAP delivery */
260 ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD)
261 ? 0x80 : 0));
262
263 /*
264 * This isn't the same as continuing with a signal, but it will do for
265 * normal use.
266 */
267 if (current->exit_code) {
268 send_sig(current->exit_code, current, 1);
269 current->exit_code = 0;
270 }
271 }
272
273 /* Returns the size of an instruction that has a delay slot. */
274
insn_size(struct task_struct * child,unsigned long pc)275 static int insn_size(struct task_struct *child, unsigned long pc)
276 {
277 unsigned long opcode;
278 int copied;
279 int opsize = 0;
280
281 /* Read the opcode at pc (do what PTRACE_PEEKTEXT would do). */
282 copied = access_process_vm(child, pc, &opcode, sizeof(opcode), 0);
283 if (copied != sizeof(opcode))
284 return 0;
285
286 switch ((opcode & 0x0f00) >> 8) {
287 case 0x0:
288 case 0x9:
289 case 0xb:
290 opsize = 2;
291 break;
292 case 0xe:
293 case 0xf:
294 opsize = 6;
295 break;
296 case 0xd:
297 /* Could be 4 or 6; check more bits. */
298 if ((opcode & 0xff) == 0xff)
299 opsize = 4;
300 else
301 opsize = 6;
302 break;
303 default:
304 panic("ERROR: Couldn't find size of opcode 0x%lx at 0x%lx\n",
305 opcode, pc);
306 }
307
308 return opsize;
309 }
310
get_pseudo_pc(struct task_struct * child)311 static unsigned long get_pseudo_pc(struct task_struct *child)
312 {
313 /* Default value for PC is ERP. */
314 unsigned long pc = get_reg(child, PT_ERP);
315
316 if (pc & 0x1) {
317 unsigned long spc = get_reg(child, PT_SPC);
318 /* Delay slot bit set. Report as stopped on proper
319 instruction. */
320 if (spc) {
321 /* Rely on SPC if set. FIXME: We might want to check
322 that EXS indicates we stopped due to a single-step
323 exception. */
324 pc = spc;
325 } else {
326 /* Calculate the PC from the size of the instruction
327 that the delay slot we're in belongs to. */
328 pc += insn_size(child, pc & ~1) - 1;
329 }
330 }
331 return pc;
332 }
333
334 static long bp_owner = 0;
335
336 /* Reachable from exit_thread in signal.c, so not static. */
deconfigure_bp(long pid)337 void deconfigure_bp(long pid)
338 {
339 int bp;
340
341 /* Only deconfigure if the pid is the owner. */
342 if (bp_owner != pid)
343 return;
344
345 for (bp = 0; bp < 6; bp++) {
346 unsigned long tmp;
347 /* Deconfigure start and end address (also gets rid of ownership). */
348 put_debugreg(pid, PT_BP + 3 + (bp * 2), 0);
349 put_debugreg(pid, PT_BP + 4 + (bp * 2), 0);
350
351 /* Deconfigure relevant bits in control register. */
352 tmp = get_debugreg(pid, PT_BP_CTRL) & ~(3 << (2 + (bp * 4)));
353 put_debugreg(pid, PT_BP_CTRL, tmp);
354 }
355 /* No owner now. */
356 bp_owner = 0;
357 }
358
put_debugreg(long pid,unsigned int regno,long data)359 static int put_debugreg(long pid, unsigned int regno, long data)
360 {
361 int ret = 0;
362 register int old_srs;
363
364 #ifdef CONFIG_ETRAX_KGDB
365 /* Ignore write, but pretend it was ok if value is 0
366 (we don't want POKEUSR/SETREGS failing unnessecarily). */
367 return (data == 0) ? ret : -1;
368 #endif
369
370 /* Simple owner management. */
371 if (!bp_owner)
372 bp_owner = pid;
373 else if (bp_owner != pid) {
374 /* Ignore write, but pretend it was ok if value is 0
375 (we don't want POKEUSR/SETREGS failing unnessecarily). */
376 return (data == 0) ? ret : -1;
377 }
378
379 /* Remember old SRS. */
380 SPEC_REG_RD(SPEC_REG_SRS, old_srs);
381 /* Switch to BP bank. */
382 SUPP_BANK_SEL(BANK_BP);
383
384 switch (regno - PT_BP) {
385 case 0:
386 SUPP_REG_WR(0, data); break;
387 case 1:
388 case 2:
389 if (data)
390 ret = -1;
391 break;
392 case 3:
393 SUPP_REG_WR(3, data); break;
394 case 4:
395 SUPP_REG_WR(4, data); break;
396 case 5:
397 SUPP_REG_WR(5, data); break;
398 case 6:
399 SUPP_REG_WR(6, data); break;
400 case 7:
401 SUPP_REG_WR(7, data); break;
402 case 8:
403 SUPP_REG_WR(8, data); break;
404 case 9:
405 SUPP_REG_WR(9, data); break;
406 case 10:
407 SUPP_REG_WR(10, data); break;
408 case 11:
409 SUPP_REG_WR(11, data); break;
410 case 12:
411 SUPP_REG_WR(12, data); break;
412 case 13:
413 SUPP_REG_WR(13, data); break;
414 case 14:
415 SUPP_REG_WR(14, data); break;
416 default:
417 ret = -1;
418 break;
419 }
420
421 /* Restore SRS. */
422 SPEC_REG_WR(SPEC_REG_SRS, old_srs);
423 /* Just for show. */
424 NOP();
425 NOP();
426 NOP();
427
428 return ret;
429 }
430
get_debugreg(long pid,unsigned int regno)431 static long get_debugreg(long pid, unsigned int regno)
432 {
433 register int old_srs;
434 register long data;
435
436 if (pid != bp_owner) {
437 return 0;
438 }
439
440 /* Remember old SRS. */
441 SPEC_REG_RD(SPEC_REG_SRS, old_srs);
442 /* Switch to BP bank. */
443 SUPP_BANK_SEL(BANK_BP);
444
445 switch (regno - PT_BP) {
446 case 0:
447 SUPP_REG_RD(0, data); break;
448 case 1:
449 case 2:
450 /* error return value? */
451 data = 0;
452 break;
453 case 3:
454 SUPP_REG_RD(3, data); break;
455 case 4:
456 SUPP_REG_RD(4, data); break;
457 case 5:
458 SUPP_REG_RD(5, data); break;
459 case 6:
460 SUPP_REG_RD(6, data); break;
461 case 7:
462 SUPP_REG_RD(7, data); break;
463 case 8:
464 SUPP_REG_RD(8, data); break;
465 case 9:
466 SUPP_REG_RD(9, data); break;
467 case 10:
468 SUPP_REG_RD(10, data); break;
469 case 11:
470 SUPP_REG_RD(11, data); break;
471 case 12:
472 SUPP_REG_RD(12, data); break;
473 case 13:
474 SUPP_REG_RD(13, data); break;
475 case 14:
476 SUPP_REG_RD(14, data); break;
477 default:
478 /* error return value? */
479 data = 0;
480 }
481
482 /* Restore SRS. */
483 SPEC_REG_WR(SPEC_REG_SRS, old_srs);
484 /* Just for show. */
485 NOP();
486 NOP();
487 NOP();
488
489 return data;
490 }
491