root/arch/arm/kernel/unwind.c

DEFINITIONS

1. __aeabi_unwind_cpp_pr0
2. __aeabi_unwind_cpp_pr1
3. __aeabi_unwind_cpp_pr2
4. search_index
5. unwind_find_origin
6. unwind_find_idx
7. unwind_get_byte
8. unwind_pop_register
9. unwind_exec_pop_subset_r4_to_r13
10. unwind_exec_pop_r4_to_rN
11. unwind_exec_pop_subset_r0_to_r3
12. unwind_exec_insn
13. unwind_frame
14. unwind_backtrace
15. unwind_table_add
16. unwind_table_del

   1 // SPDX-License-Identifier: GPL-2.0-only
   2 /*
   3  * arch/arm/kernel/unwind.c
   4  *
   5  * Copyright (C) 2008 ARM Limited
   6  *
   7  * Stack unwinding support for ARM
   8  *
   9  * An ARM EABI version of gcc is required to generate the unwind
  10  * tables. For information about the structure of the unwind tables,
  11  * see "Exception Handling ABI for the ARM Architecture" at:
  12  *
  13  * http://infocenter.arm.com/help/topic/com.arm.doc.subset.swdev.abi/index.html
  14  */
  15 
  16 #ifndef __CHECKER__
  17 #if !defined (__ARM_EABI__)
  18 #warning Your compiler does not have EABI support.
  19 #warning    ARM unwind is known to compile only with EABI compilers.
  20 #warning    Change compiler or disable ARM_UNWIND option.
  21 #elif (__GNUC__ == 4 && __GNUC_MINOR__ <= 2) && !defined(__clang__)
  22 #warning Your compiler is too buggy; it is known to not compile ARM unwind support.
  23 #warning    Change compiler or disable ARM_UNWIND option.
  24 #endif
  25 #endif /* __CHECKER__ */
  26 
  27 #include <linux/kernel.h>
  28 #include <linux/init.h>
  29 #include <linux/export.h>
  30 #include <linux/sched.h>
  31 #include <linux/slab.h>
  32 #include <linux/spinlock.h>
  33 #include <linux/list.h>
  34 
  35 #include <asm/stacktrace.h>
  36 #include <asm/traps.h>
  37 #include <asm/unwind.h>
  38 
  39 /* Dummy functions to avoid linker complaints */
  40 void __aeabi_unwind_cpp_pr0(void)
  41 {
  42 };
  43 EXPORT_SYMBOL(__aeabi_unwind_cpp_pr0);
  44 
  45 void __aeabi_unwind_cpp_pr1(void)
  46 {
  47 };
  48 EXPORT_SYMBOL(__aeabi_unwind_cpp_pr1);
  49 
  50 void __aeabi_unwind_cpp_pr2(void)
  51 {
  52 };
  53 EXPORT_SYMBOL(__aeabi_unwind_cpp_pr2);
  54 
  55 struct unwind_ctrl_block {
  56         unsigned long vrs[16];          /* virtual register set */
  57         const unsigned long *insn;      /* pointer to the current instructions word */
  58         unsigned long sp_high;          /* highest value of sp allowed */
  59         /*
  60          * 1 : check for stack overflow for each register pop.
  61          * 0 : save overhead if there is plenty of stack remaining.
  62          */
  63         int check_each_pop;
  64         int entries;                    /* number of entries left to interpret */
  65         int byte;                       /* current byte number in the instructions word */
  66 };
  67 
  68 enum regs {
  69 #ifdef CONFIG_THUMB2_KERNEL
  70         FP = 7,
  71 #else
  72         FP = 11,
  73 #endif
  74         SP = 13,
  75         LR = 14,
  76         PC = 15
  77 };
  78 
  79 extern const struct unwind_idx __start_unwind_idx[];
  80 static const struct unwind_idx *__origin_unwind_idx;
  81 extern const struct unwind_idx __stop_unwind_idx[];
  82 
  83 static DEFINE_RAW_SPINLOCK(unwind_lock);
  84 static LIST_HEAD(unwind_tables);
  85 
  86 /* Convert a prel31 symbol to an absolute address */
  87 #define prel31_to_addr(ptr)                             \
  88 ({                                                      \
  89         /* sign-extend to 32 bits */                    \
  90         long offset = (((long)*(ptr)) << 1) >> 1;       \
  91         (unsigned long)(ptr) + offset;                  \
  92 })
  93 
  94 /*
  95  * Binary search in the unwind index. The entries are
  96  * guaranteed to be sorted in ascending order by the linker.
  97  *
  98  * start = first entry
  99  * origin = first entry with positive offset (or stop if there is no such entry)
 100  * stop - 1 = last entry
 101  */
 102 static const struct unwind_idx *search_index(unsigned long addr,
 103                                        const struct unwind_idx *start,
 104                                        const struct unwind_idx *origin,
 105                                        const struct unwind_idx *stop)
 106 {
 107         unsigned long addr_prel31;
 108 
 109         pr_debug("%s(%08lx, %p, %p, %p)\n",
 110                         __func__, addr, start, origin, stop);
 111 
 112         /*
 113          * only search in the section with the matching sign. This way the
 114          * prel31 numbers can be compared as unsigned longs.
 115          */
 116         if (addr < (unsigned long)start)
 117                 /* negative offsets: [start; origin) */
 118                 stop = origin;
 119         else
 120                 /* positive offsets: [origin; stop) */
 121                 start = origin;
 122 
 123         /* prel31 for address relavive to start */
 124         addr_prel31 = (addr - (unsigned long)start) & 0x7fffffff;
 125 
 126         while (start < stop - 1) {
 127                 const struct unwind_idx *mid = start + ((stop - start) >> 1);
 128 
 129                 /*
 130                  * As addr_prel31 is relative to start an offset is needed to
 131                  * make it relative to mid.
 132                  */
 133                 if (addr_prel31 - ((unsigned long)mid - (unsigned long)start) <
 134                                 mid->addr_offset)
 135                         stop = mid;
 136                 else {
 137                         /* keep addr_prel31 relative to start */
 138                         addr_prel31 -= ((unsigned long)mid -
 139                                         (unsigned long)start);
 140                         start = mid;
 141                 }
 142         }
 143 
 144         if (likely(start->addr_offset <= addr_prel31))
 145                 return start;
 146         else {
 147                 pr_warn("unwind: Unknown symbol address %08lx\n", addr);
 148                 return NULL;
 149         }
 150 }
 151 
 152 static const struct unwind_idx *unwind_find_origin(
 153                 const struct unwind_idx *start, const struct unwind_idx *stop)
 154 {
 155         pr_debug("%s(%p, %p)\n", __func__, start, stop);
 156         while (start < stop) {
 157                 const struct unwind_idx *mid = start + ((stop - start) >> 1);
 158 
 159                 if (mid->addr_offset >= 0x40000000)
 160                         /* negative offset */
 161                         start = mid + 1;
 162                 else
 163                         /* positive offset */
 164                         stop = mid;
 165         }
 166         pr_debug("%s -> %p\n", __func__, stop);
 167         return stop;
 168 }
 169 
 170 static const struct unwind_idx *unwind_find_idx(unsigned long addr)
 171 {
 172         const struct unwind_idx *idx = NULL;
 173         unsigned long flags;
 174 
 175         pr_debug("%s(%08lx)\n", __func__, addr);
 176 
 177         if (core_kernel_text(addr)) {
 178                 if (unlikely(!__origin_unwind_idx))
 179                         __origin_unwind_idx =
 180                                 unwind_find_origin(__start_unwind_idx,
 181                                                 __stop_unwind_idx);
 182 
 183                 /* main unwind table */
 184                 idx = search_index(addr, __start_unwind_idx,
 185                                    __origin_unwind_idx,
 186                                    __stop_unwind_idx);
 187         } else {
 188                 /* module unwind tables */
 189                 struct unwind_table *table;
 190 
 191                 raw_spin_lock_irqsave(&unwind_lock, flags);
 192                 list_for_each_entry(table, &unwind_tables, list) {
 193                         if (addr >= table->begin_addr &&
 194                             addr < table->end_addr) {
 195                                 idx = search_index(addr, table->start,
 196                                                    table->origin,
 197                                                    table->stop);
 198                                 /* Move-to-front to exploit common traces */
 199                                 list_move(&table->list, &unwind_tables);
 200                                 break;
 201                         }
 202                 }
 203                 raw_spin_unlock_irqrestore(&unwind_lock, flags);
 204         }
 205 
 206         pr_debug("%s: idx = %p\n", __func__, idx);
 207         return idx;
 208 }
 209 
 210 static unsigned long unwind_get_byte(struct unwind_ctrl_block *ctrl)
 211 {
 212         unsigned long ret;
 213 
 214         if (ctrl->entries <= 0) {
 215                 pr_warn("unwind: Corrupt unwind table\n");
 216                 return 0;
 217         }
 218 
 219         ret = (*ctrl->insn >> (ctrl->byte * 8)) & 0xff;
 220 
 221         if (ctrl->byte == 0) {
 222                 ctrl->insn++;
 223                 ctrl->entries--;
 224                 ctrl->byte = 3;
 225         } else
 226                 ctrl->byte--;
 227 
 228         return ret;
 229 }
 230 
 231 /* Before poping a register check whether it is feasible or not */
 232 static int unwind_pop_register(struct unwind_ctrl_block *ctrl,
 233                                 unsigned long **vsp, unsigned int reg)
 234 {
 235         if (unlikely(ctrl->check_each_pop))
 236                 if (*vsp >= (unsigned long *)ctrl->sp_high)
 237                         return -URC_FAILURE;
 238 
 239         ctrl->vrs[reg] = *(*vsp)++;
 240         return URC_OK;
 241 }
 242 
 243 /* Helper functions to execute the instructions */
 244 static int unwind_exec_pop_subset_r4_to_r13(struct unwind_ctrl_block *ctrl,
 245                                                 unsigned long mask)
 246 {
 247         unsigned long *vsp = (unsigned long *)ctrl->vrs[SP];
 248         int load_sp, reg = 4;
 249 
 250         load_sp = mask & (1 << (13 - 4));
 251         while (mask) {
 252                 if (mask & 1)
 253                         if (unwind_pop_register(ctrl, &vsp, reg))
 254                                 return -URC_FAILURE;
 255                 mask >>= 1;
 256                 reg++;
 257         }
 258         if (!load_sp)
 259                 ctrl->vrs[SP] = (unsigned long)vsp;
 260 
 261         return URC_OK;
 262 }
 263 
 264 static int unwind_exec_pop_r4_to_rN(struct unwind_ctrl_block *ctrl,
 265                                         unsigned long insn)
 266 {
 267         unsigned long *vsp = (unsigned long *)ctrl->vrs[SP];
 268         int reg;
 269 
 270         /* pop R4-R[4+bbb] */
 271         for (reg = 4; reg <= 4 + (insn & 7); reg++)
 272                 if (unwind_pop_register(ctrl, &vsp, reg))
 273                                 return -URC_FAILURE;
 274 
 275         if (insn & 0x8)
 276                 if (unwind_pop_register(ctrl, &vsp, 14))
 277                                 return -URC_FAILURE;
 278 
 279         ctrl->vrs[SP] = (unsigned long)vsp;
 280 
 281         return URC_OK;
 282 }
 283 
 284 static int unwind_exec_pop_subset_r0_to_r3(struct unwind_ctrl_block *ctrl,
 285                                                 unsigned long mask)
 286 {
 287         unsigned long *vsp = (unsigned long *)ctrl->vrs[SP];
 288         int reg = 0;
 289 
 290         /* pop R0-R3 according to mask */
 291         while (mask) {
 292                 if (mask & 1)
 293                         if (unwind_pop_register(ctrl, &vsp, reg))
 294                                 return -URC_FAILURE;
 295                 mask >>= 1;
 296                 reg++;
 297         }
 298         ctrl->vrs[SP] = (unsigned long)vsp;
 299 
 300         return URC_OK;
 301 }
 302 
 303 /*
 304  * Execute the current unwind instruction.
 305  */
 306 static int unwind_exec_insn(struct unwind_ctrl_block *ctrl)
 307 {
 308         unsigned long insn = unwind_get_byte(ctrl);
 309         int ret = URC_OK;
 310 
 311         pr_debug("%s: insn = %08lx\n", __func__, insn);
 312 
 313         if ((insn & 0xc0) == 0x00)
 314                 ctrl->vrs[SP] += ((insn & 0x3f) << 2) + 4;
 315         else if ((insn & 0xc0) == 0x40)
 316                 ctrl->vrs[SP] -= ((insn & 0x3f) << 2) + 4;
 317         else if ((insn & 0xf0) == 0x80) {
 318                 unsigned long mask;
 319 
 320                 insn = (insn << 8) | unwind_get_byte(ctrl);
 321                 mask = insn & 0x0fff;
 322                 if (mask == 0) {
 323                         pr_warn("unwind: 'Refuse to unwind' instruction %04lx\n",
 324                                 insn);
 325                         return -URC_FAILURE;
 326                 }
 327 
 328                 ret = unwind_exec_pop_subset_r4_to_r13(ctrl, mask);
 329                 if (ret)
 330                         goto error;
 331         } else if ((insn & 0xf0) == 0x90 &&
 332                    (insn & 0x0d) != 0x0d)
 333                 ctrl->vrs[SP] = ctrl->vrs[insn & 0x0f];
 334         else if ((insn & 0xf0) == 0xa0) {
 335                 ret = unwind_exec_pop_r4_to_rN(ctrl, insn);
 336                 if (ret)
 337                         goto error;
 338         } else if (insn == 0xb0) {
 339                 if (ctrl->vrs[PC] == 0)
 340                         ctrl->vrs[PC] = ctrl->vrs[LR];
 341                 /* no further processing */
 342                 ctrl->entries = 0;
 343         } else if (insn == 0xb1) {
 344                 unsigned long mask = unwind_get_byte(ctrl);
 345 
 346                 if (mask == 0 || mask & 0xf0) {
 347                         pr_warn("unwind: Spare encoding %04lx\n",
 348                                 (insn << 8) | mask);
 349                         return -URC_FAILURE;
 350                 }
 351 
 352                 ret = unwind_exec_pop_subset_r0_to_r3(ctrl, mask);
 353                 if (ret)
 354                         goto error;
 355         } else if (insn == 0xb2) {
 356                 unsigned long uleb128 = unwind_get_byte(ctrl);
 357 
 358                 ctrl->vrs[SP] += 0x204 + (uleb128 << 2);
 359         } else {
 360                 pr_warn("unwind: Unhandled instruction %02lx\n", insn);
 361                 return -URC_FAILURE;
 362         }
 363 
 364         pr_debug("%s: fp = %08lx sp = %08lx lr = %08lx pc = %08lx\n", __func__,
 365                  ctrl->vrs[FP], ctrl->vrs[SP], ctrl->vrs[LR], ctrl->vrs[PC]);
 366 
 367 error:
 368         return ret;
 369 }
 370 
 371 /*
 372  * Unwind a single frame starting with *sp for the symbol at *pc. It
 373  * updates the *pc and *sp with the new values.
 374  */
 375 int unwind_frame(struct stackframe *frame)
 376 {
 377         unsigned long low;
 378         const struct unwind_idx *idx;
 379         struct unwind_ctrl_block ctrl;
 380 
 381         /* store the highest address on the stack to avoid crossing it*/
 382         low = frame->sp;
 383         ctrl.sp_high = ALIGN(low, THREAD_SIZE);
 384 
 385         pr_debug("%s(pc = %08lx lr = %08lx sp = %08lx)\n", __func__,
 386                  frame->pc, frame->lr, frame->sp);
 387 
 388         if (!kernel_text_address(frame->pc))
 389                 return -URC_FAILURE;
 390 
 391         idx = unwind_find_idx(frame->pc);
 392         if (!idx) {
 393                 pr_warn("unwind: Index not found %08lx\n", frame->pc);
 394                 return -URC_FAILURE;
 395         }
 396 
 397         ctrl.vrs[FP] = frame->fp;
 398         ctrl.vrs[SP] = frame->sp;
 399         ctrl.vrs[LR] = frame->lr;
 400         ctrl.vrs[PC] = 0;
 401 
 402         if (idx->insn == 1)
 403                 /* can't unwind */
 404                 return -URC_FAILURE;
 405         else if ((idx->insn & 0x80000000) == 0)
 406                 /* prel31 to the unwind table */
 407                 ctrl.insn = (unsigned long *)prel31_to_addr(&idx->insn);
 408         else if ((idx->insn & 0xff000000) == 0x80000000)
 409                 /* only personality routine 0 supported in the index */
 410                 ctrl.insn = &idx->insn;
 411         else {
 412                 pr_warn("unwind: Unsupported personality routine %08lx in the index at %p\n",
 413                         idx->insn, idx);
 414                 return -URC_FAILURE;
 415         }
 416 
 417         /* check the personality routine */
 418         if ((*ctrl.insn & 0xff000000) == 0x80000000) {
 419                 ctrl.byte = 2;
 420                 ctrl.entries = 1;
 421         } else if ((*ctrl.insn & 0xff000000) == 0x81000000) {
 422                 ctrl.byte = 1;
 423                 ctrl.entries = 1 + ((*ctrl.insn & 0x00ff0000) >> 16);
 424         } else {
 425                 pr_warn("unwind: Unsupported personality routine %08lx at %p\n",
 426                         *ctrl.insn, ctrl.insn);
 427                 return -URC_FAILURE;
 428         }
 429 
 430         ctrl.check_each_pop = 0;
 431 
 432         while (ctrl.entries > 0) {
 433                 int urc;
 434                 if ((ctrl.sp_high - ctrl.vrs[SP]) < sizeof(ctrl.vrs))
 435                         ctrl.check_each_pop = 1;
 436                 urc = unwind_exec_insn(&ctrl);
 437                 if (urc < 0)
 438                         return urc;
 439                 if (ctrl.vrs[SP] < low || ctrl.vrs[SP] >= ctrl.sp_high)
 440                         return -URC_FAILURE;
 441         }
 442 
 443         if (ctrl.vrs[PC] == 0)
 444                 ctrl.vrs[PC] = ctrl.vrs[LR];
 445 
 446         /* check for infinite loop */
 447         if (frame->pc == ctrl.vrs[PC])
 448                 return -URC_FAILURE;
 449 
 450         frame->fp = ctrl.vrs[FP];
 451         frame->sp = ctrl.vrs[SP];
 452         frame->lr = ctrl.vrs[LR];
 453         frame->pc = ctrl.vrs[PC];
 454 
 455         return URC_OK;
 456 }
 457 
 458 void unwind_backtrace(struct pt_regs *regs, struct task_struct *tsk)
 459 {
 460         struct stackframe frame;
 461 
 462         pr_debug("%s(regs = %p tsk = %p)\n", __func__, regs, tsk);
 463 
 464         if (!tsk)
 465                 tsk = current;
 466 
 467         if (regs) {
 468                 arm_get_current_stackframe(regs, &frame);
 469                 /* PC might be corrupted, use LR in that case. */
 470                 if (!kernel_text_address(regs->ARM_pc))
 471                         frame.pc = regs->ARM_lr;
 472         } else if (tsk == current) {
 473                 frame.fp = (unsigned long)__builtin_frame_address(0);
 474                 frame.sp = current_stack_pointer;
 475                 frame.lr = (unsigned long)__builtin_return_address(0);
 476                 frame.pc = (unsigned long)unwind_backtrace;
 477         } else {
 478                 /* task blocked in __switch_to */
 479                 frame.fp = thread_saved_fp(tsk);
 480                 frame.sp = thread_saved_sp(tsk);
 481                 /*
 482                  * The function calling __switch_to cannot be a leaf function
 483                  * so LR is recovered from the stack.
 484                  */
 485                 frame.lr = 0;
 486                 frame.pc = thread_saved_pc(tsk);
 487         }
 488 
 489         while (1) {
 490                 int urc;
 491                 unsigned long where = frame.pc;
 492 
 493                 urc = unwind_frame(&frame);
 494                 if (urc < 0)
 495                         break;
 496                 dump_backtrace_entry(where, frame.pc, frame.sp - 4);
 497         }
 498 }
 499 
 500 struct unwind_table *unwind_table_add(unsigned long start, unsigned long size,
 501                                       unsigned long text_addr,
 502                                       unsigned long text_size)
 503 {
 504         unsigned long flags;
 505         struct unwind_table *tab = kmalloc(sizeof(*tab), GFP_KERNEL);
 506 
 507         pr_debug("%s(%08lx, %08lx, %08lx, %08lx)\n", __func__, start, size,
 508                  text_addr, text_size);
 509 
 510         if (!tab)
 511                 return tab;
 512 
 513         tab->start = (const struct unwind_idx *)start;
 514         tab->stop = (const struct unwind_idx *)(start + size);
 515         tab->origin = unwind_find_origin(tab->start, tab->stop);
 516         tab->begin_addr = text_addr;
 517         tab->end_addr = text_addr + text_size;
 518 
 519         raw_spin_lock_irqsave(&unwind_lock, flags);
 520         list_add_tail(&tab->list, &unwind_tables);
 521         raw_spin_unlock_irqrestore(&unwind_lock, flags);
 522 
 523         return tab;
 524 }
 525 
 526 void unwind_table_del(struct unwind_table *tab)
 527 {
 528         unsigned long flags;
 529 
 530         if (!tab)
 531                 return;
 532 
 533         raw_spin_lock_irqsave(&unwind_lock, flags);
 534         list_del(&tab->list);
 535         raw_spin_unlock_irqrestore(&unwind_lock, flags);
 536 
 537         kfree(tab);
 538 }