xref: /openbmc/linux/arch/powerpc/kernel/hw_breakpoint.c (revision 5aae8a53708025d4e718f0d2e7c2f766779ddc71) 
1 /*
2  * HW_breakpoint: a unified kernel/user-space hardware breakpoint facility,
3  * using the CPU's debug registers. Derived from
4  * "arch/x86/kernel/hw_breakpoint.c"
5  *
6  * This program is free software; you can redistribute it and/or modify
7  * it under the terms of the GNU General Public License as published by
8  * the Free Software Foundation; either version 2 of the License, or
9  * (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14  * GNU General Public License for more details.
15  *
16  * You should have received a copy of the GNU General Public License
17  * along with this program; if not, write to the Free Software
18  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
19  *
20  * Copyright 2010 IBM Corporation
21  * Author: K.Prasad <prasad@linux.vnet.ibm.com>
22  *
23  */
24 
25 #include <linux/hw_breakpoint.h>
26 #include <linux/notifier.h>
27 #include <linux/kprobes.h>
28 #include <linux/percpu.h>
29 #include <linux/kernel.h>
30 #include <linux/module.h>
31 #include <linux/sched.h>
32 #include <linux/init.h>
33 #include <linux/smp.h>
34 
35 #include <asm/hw_breakpoint.h>
36 #include <asm/processor.h>
37 #include <asm/sstep.h>
38 #include <asm/uaccess.h>
39 
40 /*
41  * Stores the breakpoints currently in use on each breakpoint address
42  * register for every cpu
43  */
44 static DEFINE_PER_CPU(struct perf_event *, bp_per_reg);
45 
46 /*
47  * Install a perf counter breakpoint.
48  *
49  * We seek a free debug address register and use it for this
50  * breakpoint.
51  *
52  * Atomic: we hold the counter->ctx->lock and we only handle variables
53  * and registers local to this cpu.
54  */
55 int arch_install_hw_breakpoint(struct perf_event *bp)
56 {
57 	struct arch_hw_breakpoint *info = counter_arch_bp(bp);
58 	struct perf_event **slot = &__get_cpu_var(bp_per_reg);
59 
60 	*slot = bp;
61 
62 	/*
63 	 * Do not install DABR values if the instruction must be single-stepped.
64 	 * If so, DABR will be populated in single_step_dabr_instruction().
65 	 */
66 	if (current->thread.last_hit_ubp != bp)
67 		set_dabr(info->address | info->type | DABR_TRANSLATION);
68 
69 	return 0;
70 }
71 
72 /*
73  * Uninstall the breakpoint contained in the given counter.
74  *
75  * First we search the debug address register it uses and then we disable
76  * it.
77  *
78  * Atomic: we hold the counter->ctx->lock and we only handle variables
79  * and registers local to this cpu.
80  */
81 void arch_uninstall_hw_breakpoint(struct perf_event *bp)
82 {
83 	struct perf_event **slot = &__get_cpu_var(bp_per_reg);
84 
85 	if (*slot != bp) {
86 		WARN_ONCE(1, "Can't find the breakpoint");
87 		return;
88 	}
89 
90 	*slot = NULL;
91 	set_dabr(0);
92 }
93 
94 /*
95  * Perform cleanup of arch-specific counters during unregistration
96  * of the perf-event
97  */
98 void arch_unregister_hw_breakpoint(struct perf_event *bp)
99 {
100 	/*
101 	 * If the breakpoint is unregistered between a hw_breakpoint_handler()
102 	 * and the single_step_dabr_instruction(), then cleanup the breakpoint
103 	 * restoration variables to prevent dangling pointers.
104 	 */
105 	if (bp->ctx->task)
106 		bp->ctx->task->thread.last_hit_ubp = NULL;
107 }
108 
109 /*
110  * Check for virtual address in kernel space.
111  */
112 int arch_check_bp_in_kernelspace(struct perf_event *bp)
113 {
114 	struct arch_hw_breakpoint *info = counter_arch_bp(bp);
115 
116 	return is_kernel_addr(info->address);
117 }
118 
119 int arch_bp_generic_fields(int type, int *gen_bp_type)
120 {
121 	switch (type) {
122 	case DABR_DATA_READ:
123 		*gen_bp_type = HW_BREAKPOINT_R;
124 		break;
125 	case DABR_DATA_WRITE:
126 		*gen_bp_type = HW_BREAKPOINT_W;
127 		break;
128 	case (DABR_DATA_WRITE | DABR_DATA_READ):
129 		*gen_bp_type = (HW_BREAKPOINT_W | HW_BREAKPOINT_R);
130 		break;
131 	default:
132 		return -EINVAL;
133 	}
134 	return 0;
135 }
136 
137 /*
138  * Validate the arch-specific HW Breakpoint register settings
139  */
140 int arch_validate_hwbkpt_settings(struct perf_event *bp)
141 {
142 	int ret = -EINVAL;
143 	struct arch_hw_breakpoint *info = counter_arch_bp(bp);
144 
145 	if (!bp)
146 		return ret;
147 
148 	switch (bp->attr.bp_type) {
149 	case HW_BREAKPOINT_R:
150 		info->type = DABR_DATA_READ;
151 		break;
152 	case HW_BREAKPOINT_W:
153 		info->type = DABR_DATA_WRITE;
154 		break;
155 	case HW_BREAKPOINT_R | HW_BREAKPOINT_W:
156 		info->type = (DABR_DATA_READ | DABR_DATA_WRITE);
157 		break;
158 	default:
159 		return ret;
160 	}
161 
162 	info->address = bp->attr.bp_addr;
163 	info->len = bp->attr.bp_len;
164 
165 	/*
166 	 * Since breakpoint length can be a maximum of HW_BREAKPOINT_LEN(8)
167 	 * and breakpoint addresses are aligned to nearest double-word
168 	 * HW_BREAKPOINT_ALIGN by rounding off to the lower address, the
169 	 * 'symbolsize' should satisfy the check below.
170 	 */
171 	if (info->len >
172 	    (HW_BREAKPOINT_LEN - (info->address & HW_BREAKPOINT_ALIGN)))
173 		return -EINVAL;
174 	return 0;
175 }
176 
177 /*
178  * Handle debug exception notifications.
179  */
180 int __kprobes hw_breakpoint_handler(struct die_args *args)
181 {
182 	bool is_ptrace_bp = false;
183 	int rc = NOTIFY_STOP;
184 	struct perf_event *bp;
185 	struct pt_regs *regs = args->regs;
186 	int stepped = 1;
187 	struct arch_hw_breakpoint *info;
188 	unsigned int instr;
189 
190 	/* Disable breakpoints during exception handling */
191 	set_dabr(0);
192 	/*
193 	 * The counter may be concurrently released but that can only
194 	 * occur from a call_rcu() path. We can then safely fetch
195 	 * the breakpoint, use its callback, touch its counter
196 	 * while we are in an rcu_read_lock() path.
197 	 */
198 	rcu_read_lock();
199 
200 	bp = __get_cpu_var(bp_per_reg);
201 	if (!bp)
202 		goto out;
203 	info = counter_arch_bp(bp);
204 	is_ptrace_bp = (bp->overflow_handler == ptrace_triggered) ?
205 			true : false;
206 
207 	/*
208 	 * Return early after invoking user-callback function without restoring
209 	 * DABR if the breakpoint is from ptrace which always operates in
210 	 * one-shot mode. The ptrace-ed process will receive the SIGTRAP signal
211 	 * generated in do_dabr().
212 	 */
213 	if (is_ptrace_bp) {
214 		perf_bp_event(bp, regs);
215 		rc = NOTIFY_DONE;
216 		goto out;
217 	}
218 
219 	/* Do not emulate user-space instructions, instead single-step them */
220 	if (user_mode(regs)) {
221 		bp->ctx->task->thread.last_hit_ubp = bp;
222 		regs->msr |= MSR_SE;
223 		goto out;
224 	}
225 
226 	stepped = 0;
227 	instr = 0;
228 	if (!__get_user_inatomic(instr, (unsigned int *) regs->nip))
229 		stepped = emulate_step(regs, instr);
230 
231 	/*
232 	 * emulate_step() could not execute it. We've failed in reliably
233 	 * handling the hw-breakpoint. Unregister it and throw a warning
234 	 * message to let the user know about it.
235 	 */
236 	if (!stepped) {
237 		WARN(1, "Unable to handle hardware breakpoint. Breakpoint at "
238 			"0x%lx will be disabled.", info->address);
239 		perf_event_disable(bp);
240 		goto out;
241 	}
242 	/*
243 	 * As a policy, the callback is invoked in a 'trigger-after-execute'
244 	 * fashion
245 	 */
246 	perf_bp_event(bp, regs);
247 
248 	set_dabr(info->address | info->type | DABR_TRANSLATION);
249 out:
250 	rcu_read_unlock();
251 	return rc;
252 }
253 
254 /*
255  * Handle single-step exceptions following a DABR hit.
256  */
257 int __kprobes single_step_dabr_instruction(struct die_args *args)
258 {
259 	struct pt_regs *regs = args->regs;
260 	struct perf_event *bp = NULL;
261 	struct arch_hw_breakpoint *bp_info;
262 
263 	bp = current->thread.last_hit_ubp;
264 	/*
265 	 * Check if we are single-stepping as a result of a
266 	 * previous HW Breakpoint exception
267 	 */
268 	if (!bp)
269 		return NOTIFY_DONE;
270 
271 	bp_info = counter_arch_bp(bp);
272 
273 	/*
274 	 * We shall invoke the user-defined callback function in the single
275 	 * stepping handler to confirm to 'trigger-after-execute' semantics
276 	 */
277 	perf_bp_event(bp, regs);
278 
279 	/*
280 	 * Do not disable MSR_SE if the process was already in
281 	 * single-stepping mode.
282 	 */
283 	if (!test_thread_flag(TIF_SINGLESTEP))
284 		regs->msr &= ~MSR_SE;
285 
286 	set_dabr(bp_info->address | bp_info->type | DABR_TRANSLATION);
287 	current->thread.last_hit_ubp = NULL;
288 	return NOTIFY_STOP;
289 }
290 
291 /*
292  * Handle debug exception notifications.
293  */
294 int __kprobes hw_breakpoint_exceptions_notify(
295 		struct notifier_block *unused, unsigned long val, void *data)
296 {
297 	int ret = NOTIFY_DONE;
298 
299 	switch (val) {
300 	case DIE_DABR_MATCH:
301 		ret = hw_breakpoint_handler(data);
302 		break;
303 	case DIE_SSTEP:
304 		ret = single_step_dabr_instruction(data);
305 		break;
306 	}
307 
308 	return ret;
309 }
310 
311 /*
312  * Release the user breakpoints used by ptrace
313  */
314 void flush_ptrace_hw_breakpoint(struct task_struct *tsk)
315 {
316 	struct thread_struct *t = &tsk->thread;
317 
318 	unregister_hw_breakpoint(t->ptrace_bps[0]);
319 	t->ptrace_bps[0] = NULL;
320 }
321 
322 void hw_breakpoint_pmu_read(struct perf_event *bp)
323 {
324 	/* TODO */
325 }
326