1 /* 2 * Based on arch/arm/kernel/traps.c 3 * 4 * Copyright (C) 1995-2009 Russell King 5 * Copyright (C) 2012 ARM Ltd. 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License version 2 as 9 * published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program. If not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #include <linux/bug.h> 21 #include <linux/signal.h> 22 #include <linux/personality.h> 23 #include <linux/kallsyms.h> 24 #include <linux/spinlock.h> 25 #include <linux/uaccess.h> 26 #include <linux/hardirq.h> 27 #include <linux/kdebug.h> 28 #include <linux/module.h> 29 #include <linux/kexec.h> 30 #include <linux/delay.h> 31 #include <linux/init.h> 32 #include <linux/sched/signal.h> 33 #include <linux/sched/debug.h> 34 #include <linux/sched/task_stack.h> 35 #include <linux/sizes.h> 36 #include <linux/syscalls.h> 37 #include <linux/mm_types.h> 38 39 #include <asm/atomic.h> 40 #include <asm/bug.h> 41 #include <asm/cpufeature.h> 42 #include <asm/daifflags.h> 43 #include <asm/debug-monitors.h> 44 #include <asm/esr.h> 45 #include <asm/insn.h> 46 #include <asm/traps.h> 47 #include <asm/smp.h> 48 #include <asm/stack_pointer.h> 49 #include <asm/stacktrace.h> 50 #include <asm/exception.h> 51 #include <asm/system_misc.h> 52 #include <asm/sysreg.h> 53 54 static const char *handler[]= { 55 "Synchronous Abort", 56 "IRQ", 57 "FIQ", 58 "Error" 59 }; 60 61 int show_unhandled_signals = 0; 62 63 static void dump_backtrace_entry(unsigned long where) 64 { 65 printk(" %pS\n", (void *)where); 66 } 67 68 static void __dump_instr(const char *lvl, struct pt_regs *regs) 69 { 70 unsigned long addr = instruction_pointer(regs); 71 char str[sizeof("00000000 ") * 5 + 2 + 1], *p = str; 72 int i; 73 74 for (i = -4; i < 1; i++) { 75 unsigned int val, bad; 76 77 bad = get_user(val, &((u32 *)addr)[i]); 78 79 if (!bad) 80 p += sprintf(p, i == 0 ? "(%08x) " : "%08x ", val); 81 else { 82 p += sprintf(p, "bad PC value"); 83 break; 84 } 85 } 86 printk("%sCode: %s\n", lvl, str); 87 } 88 89 static void dump_instr(const char *lvl, struct pt_regs *regs) 90 { 91 if (!user_mode(regs)) { 92 mm_segment_t fs = get_fs(); 93 set_fs(KERNEL_DS); 94 __dump_instr(lvl, regs); 95 set_fs(fs); 96 } else { 97 __dump_instr(lvl, regs); 98 } 99 } 100 101 void dump_backtrace(struct pt_regs *regs, struct task_struct *tsk) 102 { 103 struct stackframe frame; 104 int skip; 105 106 pr_debug("%s(regs = %p tsk = %p)\n", __func__, regs, tsk); 107 108 if (!tsk) 109 tsk = current; 110 111 if (!try_get_task_stack(tsk)) 112 return; 113 114 if (tsk == current) { 115 frame.fp = (unsigned long)__builtin_frame_address(0); 116 frame.pc = (unsigned long)dump_backtrace; 117 } else { 118 /* 119 * task blocked in __switch_to 120 */ 121 frame.fp = thread_saved_fp(tsk); 122 frame.pc = thread_saved_pc(tsk); 123 } 124 #ifdef CONFIG_FUNCTION_GRAPH_TRACER 125 frame.graph = tsk->curr_ret_stack; 126 #endif 127 128 skip = !!regs; 129 printk("Call trace:\n"); 130 do { 131 /* skip until specified stack frame */ 132 if (!skip) { 133 dump_backtrace_entry(frame.pc); 134 } else if (frame.fp == regs->regs[29]) { 135 skip = 0; 136 /* 137 * Mostly, this is the case where this function is 138 * called in panic/abort. As exception handler's 139 * stack frame does not contain the corresponding pc 140 * at which an exception has taken place, use regs->pc 141 * instead. 142 */ 143 dump_backtrace_entry(regs->pc); 144 } 145 } while (!unwind_frame(tsk, &frame)); 146 147 put_task_stack(tsk); 148 } 149 150 void show_stack(struct task_struct *tsk, unsigned long *sp) 151 { 152 dump_backtrace(NULL, tsk); 153 barrier(); 154 } 155 156 #ifdef CONFIG_PREEMPT 157 #define S_PREEMPT " PREEMPT" 158 #else 159 #define S_PREEMPT "" 160 #endif 161 #define S_SMP " SMP" 162 163 static int __die(const char *str, int err, struct pt_regs *regs) 164 { 165 struct task_struct *tsk = current; 166 static int die_counter; 167 int ret; 168 169 pr_emerg("Internal error: %s: %x [#%d]" S_PREEMPT S_SMP "\n", 170 str, err, ++die_counter); 171 172 /* trap and error numbers are mostly meaningless on ARM */ 173 ret = notify_die(DIE_OOPS, str, regs, err, 0, SIGSEGV); 174 if (ret == NOTIFY_STOP) 175 return ret; 176 177 print_modules(); 178 __show_regs(regs); 179 pr_emerg("Process %.*s (pid: %d, stack limit = 0x%p)\n", 180 TASK_COMM_LEN, tsk->comm, task_pid_nr(tsk), 181 end_of_stack(tsk)); 182 183 if (!user_mode(regs)) { 184 dump_backtrace(regs, tsk); 185 dump_instr(KERN_EMERG, regs); 186 } 187 188 return ret; 189 } 190 191 static DEFINE_RAW_SPINLOCK(die_lock); 192 193 /* 194 * This function is protected against re-entrancy. 195 */ 196 void die(const char *str, struct pt_regs *regs, int err) 197 { 198 int ret; 199 unsigned long flags; 200 201 raw_spin_lock_irqsave(&die_lock, flags); 202 203 oops_enter(); 204 205 console_verbose(); 206 bust_spinlocks(1); 207 ret = __die(str, err, regs); 208 209 if (regs && kexec_should_crash(current)) 210 crash_kexec(regs); 211 212 bust_spinlocks(0); 213 add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE); 214 oops_exit(); 215 216 if (in_interrupt()) 217 panic("Fatal exception in interrupt"); 218 if (panic_on_oops) 219 panic("Fatal exception"); 220 221 raw_spin_unlock_irqrestore(&die_lock, flags); 222 223 if (ret != NOTIFY_STOP) 224 do_exit(SIGSEGV); 225 } 226 227 static bool show_unhandled_signals_ratelimited(void) 228 { 229 static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, 230 DEFAULT_RATELIMIT_BURST); 231 return show_unhandled_signals && __ratelimit(&rs); 232 } 233 234 void arm64_force_sig_info(struct siginfo *info, const char *str, 235 struct task_struct *tsk) 236 { 237 unsigned int esr = tsk->thread.fault_code; 238 struct pt_regs *regs = task_pt_regs(tsk); 239 240 if (!unhandled_signal(tsk, info->si_signo)) 241 goto send_sig; 242 243 if (!show_unhandled_signals_ratelimited()) 244 goto send_sig; 245 246 pr_info("%s[%d]: unhandled exception: ", tsk->comm, task_pid_nr(tsk)); 247 if (esr) 248 pr_cont("%s, ESR 0x%08x, ", esr_get_class_string(esr), esr); 249 250 pr_cont("%s", str); 251 print_vma_addr(KERN_CONT " in ", regs->pc); 252 pr_cont("\n"); 253 __show_regs(regs); 254 255 send_sig: 256 force_sig_info(info->si_signo, info, tsk); 257 } 258 259 void arm64_notify_die(const char *str, struct pt_regs *regs, 260 struct siginfo *info, int err) 261 { 262 if (user_mode(regs)) { 263 WARN_ON(regs != current_pt_regs()); 264 current->thread.fault_address = 0; 265 current->thread.fault_code = err; 266 arm64_force_sig_info(info, str, current); 267 } else { 268 die(str, regs, err); 269 } 270 } 271 272 void arm64_skip_faulting_instruction(struct pt_regs *regs, unsigned long size) 273 { 274 regs->pc += size; 275 276 /* 277 * If we were single stepping, we want to get the step exception after 278 * we return from the trap. 279 */ 280 user_fastforward_single_step(current); 281 } 282 283 static LIST_HEAD(undef_hook); 284 static DEFINE_RAW_SPINLOCK(undef_lock); 285 286 void register_undef_hook(struct undef_hook *hook) 287 { 288 unsigned long flags; 289 290 raw_spin_lock_irqsave(&undef_lock, flags); 291 list_add(&hook->node, &undef_hook); 292 raw_spin_unlock_irqrestore(&undef_lock, flags); 293 } 294 295 void unregister_undef_hook(struct undef_hook *hook) 296 { 297 unsigned long flags; 298 299 raw_spin_lock_irqsave(&undef_lock, flags); 300 list_del(&hook->node); 301 raw_spin_unlock_irqrestore(&undef_lock, flags); 302 } 303 304 static int call_undef_hook(struct pt_regs *regs) 305 { 306 struct undef_hook *hook; 307 unsigned long flags; 308 u32 instr; 309 int (*fn)(struct pt_regs *regs, u32 instr) = NULL; 310 void __user *pc = (void __user *)instruction_pointer(regs); 311 312 if (!user_mode(regs)) 313 return 1; 314 315 if (compat_thumb_mode(regs)) { 316 /* 16-bit Thumb instruction */ 317 __le16 instr_le; 318 if (get_user(instr_le, (__le16 __user *)pc)) 319 goto exit; 320 instr = le16_to_cpu(instr_le); 321 if (aarch32_insn_is_wide(instr)) { 322 u32 instr2; 323 324 if (get_user(instr_le, (__le16 __user *)(pc + 2))) 325 goto exit; 326 instr2 = le16_to_cpu(instr_le); 327 instr = (instr << 16) | instr2; 328 } 329 } else { 330 /* 32-bit ARM instruction */ 331 __le32 instr_le; 332 if (get_user(instr_le, (__le32 __user *)pc)) 333 goto exit; 334 instr = le32_to_cpu(instr_le); 335 } 336 337 raw_spin_lock_irqsave(&undef_lock, flags); 338 list_for_each_entry(hook, &undef_hook, node) 339 if ((instr & hook->instr_mask) == hook->instr_val && 340 (regs->pstate & hook->pstate_mask) == hook->pstate_val) 341 fn = hook->fn; 342 343 raw_spin_unlock_irqrestore(&undef_lock, flags); 344 exit: 345 return fn ? fn(regs, instr) : 1; 346 } 347 348 void force_signal_inject(int signal, int code, unsigned long address) 349 { 350 siginfo_t info; 351 const char *desc; 352 struct pt_regs *regs = current_pt_regs(); 353 354 clear_siginfo(&info); 355 356 switch (signal) { 357 case SIGILL: 358 desc = "undefined instruction"; 359 break; 360 case SIGSEGV: 361 desc = "illegal memory access"; 362 break; 363 default: 364 desc = "unknown or unrecoverable error"; 365 break; 366 } 367 368 /* Force signals we don't understand to SIGKILL */ 369 if (WARN_ON(signal != SIGKILL || 370 siginfo_layout(signal, code) != SIL_FAULT)) { 371 signal = SIGKILL; 372 } 373 374 info.si_signo = signal; 375 info.si_errno = 0; 376 info.si_code = code; 377 info.si_addr = (void __user *)address; 378 379 arm64_notify_die(desc, regs, &info, 0); 380 } 381 382 /* 383 * Set up process info to signal segmentation fault - called on access error. 384 */ 385 void arm64_notify_segfault(unsigned long addr) 386 { 387 int code; 388 389 down_read(¤t->mm->mmap_sem); 390 if (find_vma(current->mm, addr) == NULL) 391 code = SEGV_MAPERR; 392 else 393 code = SEGV_ACCERR; 394 up_read(¤t->mm->mmap_sem); 395 396 force_signal_inject(SIGSEGV, code, addr); 397 } 398 399 asmlinkage void __exception do_undefinstr(struct pt_regs *regs) 400 { 401 /* check for AArch32 breakpoint instructions */ 402 if (!aarch32_break_handler(regs)) 403 return; 404 405 if (call_undef_hook(regs) == 0) 406 return; 407 408 force_signal_inject(SIGILL, ILL_ILLOPC, regs->pc); 409 } 410 411 void cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) 412 { 413 config_sctlr_el1(SCTLR_EL1_UCI, 0); 414 } 415 416 #define __user_cache_maint(insn, address, res) \ 417 if (address >= user_addr_max()) { \ 418 res = -EFAULT; \ 419 } else { \ 420 uaccess_ttbr0_enable(); \ 421 asm volatile ( \ 422 "1: " insn ", %1\n" \ 423 " mov %w0, #0\n" \ 424 "2:\n" \ 425 " .pushsection .fixup,\"ax\"\n" \ 426 " .align 2\n" \ 427 "3: mov %w0, %w2\n" \ 428 " b 2b\n" \ 429 " .popsection\n" \ 430 _ASM_EXTABLE(1b, 3b) \ 431 : "=r" (res) \ 432 : "r" (address), "i" (-EFAULT)); \ 433 uaccess_ttbr0_disable(); \ 434 } 435 436 static void user_cache_maint_handler(unsigned int esr, struct pt_regs *regs) 437 { 438 unsigned long address; 439 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; 440 int crm = (esr & ESR_ELx_SYS64_ISS_CRM_MASK) >> ESR_ELx_SYS64_ISS_CRM_SHIFT; 441 int ret = 0; 442 443 address = untagged_addr(pt_regs_read_reg(regs, rt)); 444 445 switch (crm) { 446 case ESR_ELx_SYS64_ISS_CRM_DC_CVAU: /* DC CVAU, gets promoted */ 447 __user_cache_maint("dc civac", address, ret); 448 break; 449 case ESR_ELx_SYS64_ISS_CRM_DC_CVAC: /* DC CVAC, gets promoted */ 450 __user_cache_maint("dc civac", address, ret); 451 break; 452 case ESR_ELx_SYS64_ISS_CRM_DC_CVAP: /* DC CVAP */ 453 __user_cache_maint("sys 3, c7, c12, 1", address, ret); 454 break; 455 case ESR_ELx_SYS64_ISS_CRM_DC_CIVAC: /* DC CIVAC */ 456 __user_cache_maint("dc civac", address, ret); 457 break; 458 case ESR_ELx_SYS64_ISS_CRM_IC_IVAU: /* IC IVAU */ 459 __user_cache_maint("ic ivau", address, ret); 460 break; 461 default: 462 force_signal_inject(SIGILL, ILL_ILLOPC, regs->pc); 463 return; 464 } 465 466 if (ret) 467 arm64_notify_segfault(address); 468 else 469 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 470 } 471 472 static void ctr_read_handler(unsigned int esr, struct pt_regs *regs) 473 { 474 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; 475 unsigned long val = arm64_ftr_reg_user_value(&arm64_ftr_reg_ctrel0); 476 477 pt_regs_write_reg(regs, rt, val); 478 479 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 480 } 481 482 static void cntvct_read_handler(unsigned int esr, struct pt_regs *regs) 483 { 484 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; 485 486 pt_regs_write_reg(regs, rt, arch_counter_get_cntvct()); 487 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 488 } 489 490 static void cntfrq_read_handler(unsigned int esr, struct pt_regs *regs) 491 { 492 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; 493 494 pt_regs_write_reg(regs, rt, arch_timer_get_rate()); 495 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 496 } 497 498 struct sys64_hook { 499 unsigned int esr_mask; 500 unsigned int esr_val; 501 void (*handler)(unsigned int esr, struct pt_regs *regs); 502 }; 503 504 static struct sys64_hook sys64_hooks[] = { 505 { 506 .esr_mask = ESR_ELx_SYS64_ISS_EL0_CACHE_OP_MASK, 507 .esr_val = ESR_ELx_SYS64_ISS_EL0_CACHE_OP_VAL, 508 .handler = user_cache_maint_handler, 509 }, 510 { 511 /* Trap read access to CTR_EL0 */ 512 .esr_mask = ESR_ELx_SYS64_ISS_SYS_OP_MASK, 513 .esr_val = ESR_ELx_SYS64_ISS_SYS_CTR_READ, 514 .handler = ctr_read_handler, 515 }, 516 { 517 /* Trap read access to CNTVCT_EL0 */ 518 .esr_mask = ESR_ELx_SYS64_ISS_SYS_OP_MASK, 519 .esr_val = ESR_ELx_SYS64_ISS_SYS_CNTVCT, 520 .handler = cntvct_read_handler, 521 }, 522 { 523 /* Trap read access to CNTFRQ_EL0 */ 524 .esr_mask = ESR_ELx_SYS64_ISS_SYS_OP_MASK, 525 .esr_val = ESR_ELx_SYS64_ISS_SYS_CNTFRQ, 526 .handler = cntfrq_read_handler, 527 }, 528 {}, 529 }; 530 531 asmlinkage void __exception do_sysinstr(unsigned int esr, struct pt_regs *regs) 532 { 533 struct sys64_hook *hook; 534 535 for (hook = sys64_hooks; hook->handler; hook++) 536 if ((hook->esr_mask & esr) == hook->esr_val) { 537 hook->handler(esr, regs); 538 return; 539 } 540 541 /* 542 * New SYS instructions may previously have been undefined at EL0. Fall 543 * back to our usual undefined instruction handler so that we handle 544 * these consistently. 545 */ 546 do_undefinstr(regs); 547 } 548 549 long compat_arm_syscall(struct pt_regs *regs); 550 551 asmlinkage long do_ni_syscall(struct pt_regs *regs) 552 { 553 #ifdef CONFIG_COMPAT 554 long ret; 555 if (is_compat_task()) { 556 ret = compat_arm_syscall(regs); 557 if (ret != -ENOSYS) 558 return ret; 559 } 560 #endif 561 562 return sys_ni_syscall(); 563 } 564 565 static const char *esr_class_str[] = { 566 [0 ... ESR_ELx_EC_MAX] = "UNRECOGNIZED EC", 567 [ESR_ELx_EC_UNKNOWN] = "Unknown/Uncategorized", 568 [ESR_ELx_EC_WFx] = "WFI/WFE", 569 [ESR_ELx_EC_CP15_32] = "CP15 MCR/MRC", 570 [ESR_ELx_EC_CP15_64] = "CP15 MCRR/MRRC", 571 [ESR_ELx_EC_CP14_MR] = "CP14 MCR/MRC", 572 [ESR_ELx_EC_CP14_LS] = "CP14 LDC/STC", 573 [ESR_ELx_EC_FP_ASIMD] = "ASIMD", 574 [ESR_ELx_EC_CP10_ID] = "CP10 MRC/VMRS", 575 [ESR_ELx_EC_CP14_64] = "CP14 MCRR/MRRC", 576 [ESR_ELx_EC_ILL] = "PSTATE.IL", 577 [ESR_ELx_EC_SVC32] = "SVC (AArch32)", 578 [ESR_ELx_EC_HVC32] = "HVC (AArch32)", 579 [ESR_ELx_EC_SMC32] = "SMC (AArch32)", 580 [ESR_ELx_EC_SVC64] = "SVC (AArch64)", 581 [ESR_ELx_EC_HVC64] = "HVC (AArch64)", 582 [ESR_ELx_EC_SMC64] = "SMC (AArch64)", 583 [ESR_ELx_EC_SYS64] = "MSR/MRS (AArch64)", 584 [ESR_ELx_EC_SVE] = "SVE", 585 [ESR_ELx_EC_IMP_DEF] = "EL3 IMP DEF", 586 [ESR_ELx_EC_IABT_LOW] = "IABT (lower EL)", 587 [ESR_ELx_EC_IABT_CUR] = "IABT (current EL)", 588 [ESR_ELx_EC_PC_ALIGN] = "PC Alignment", 589 [ESR_ELx_EC_DABT_LOW] = "DABT (lower EL)", 590 [ESR_ELx_EC_DABT_CUR] = "DABT (current EL)", 591 [ESR_ELx_EC_SP_ALIGN] = "SP Alignment", 592 [ESR_ELx_EC_FP_EXC32] = "FP (AArch32)", 593 [ESR_ELx_EC_FP_EXC64] = "FP (AArch64)", 594 [ESR_ELx_EC_SERROR] = "SError", 595 [ESR_ELx_EC_BREAKPT_LOW] = "Breakpoint (lower EL)", 596 [ESR_ELx_EC_BREAKPT_CUR] = "Breakpoint (current EL)", 597 [ESR_ELx_EC_SOFTSTP_LOW] = "Software Step (lower EL)", 598 [ESR_ELx_EC_SOFTSTP_CUR] = "Software Step (current EL)", 599 [ESR_ELx_EC_WATCHPT_LOW] = "Watchpoint (lower EL)", 600 [ESR_ELx_EC_WATCHPT_CUR] = "Watchpoint (current EL)", 601 [ESR_ELx_EC_BKPT32] = "BKPT (AArch32)", 602 [ESR_ELx_EC_VECTOR32] = "Vector catch (AArch32)", 603 [ESR_ELx_EC_BRK64] = "BRK (AArch64)", 604 }; 605 606 const char *esr_get_class_string(u32 esr) 607 { 608 return esr_class_str[ESR_ELx_EC(esr)]; 609 } 610 611 /* 612 * bad_mode handles the impossible case in the exception vector. This is always 613 * fatal. 614 */ 615 asmlinkage void bad_mode(struct pt_regs *regs, int reason, unsigned int esr) 616 { 617 console_verbose(); 618 619 pr_crit("Bad mode in %s handler detected on CPU%d, code 0x%08x -- %s\n", 620 handler[reason], smp_processor_id(), esr, 621 esr_get_class_string(esr)); 622 623 die("Oops - bad mode", regs, 0); 624 local_daif_mask(); 625 panic("bad mode"); 626 } 627 628 /* 629 * bad_el0_sync handles unexpected, but potentially recoverable synchronous 630 * exceptions taken from EL0. Unlike bad_mode, this returns. 631 */ 632 asmlinkage void bad_el0_sync(struct pt_regs *regs, int reason, unsigned int esr) 633 { 634 siginfo_t info; 635 void __user *pc = (void __user *)instruction_pointer(regs); 636 637 info.si_signo = SIGILL; 638 info.si_errno = 0; 639 info.si_code = ILL_ILLOPC; 640 info.si_addr = pc; 641 642 current->thread.fault_address = 0; 643 current->thread.fault_code = esr; 644 645 arm64_force_sig_info(&info, "Bad EL0 synchronous exception", current); 646 } 647 648 #ifdef CONFIG_VMAP_STACK 649 650 DEFINE_PER_CPU(unsigned long [OVERFLOW_STACK_SIZE/sizeof(long)], overflow_stack) 651 __aligned(16); 652 653 asmlinkage void handle_bad_stack(struct pt_regs *regs) 654 { 655 unsigned long tsk_stk = (unsigned long)current->stack; 656 unsigned long irq_stk = (unsigned long)this_cpu_read(irq_stack_ptr); 657 unsigned long ovf_stk = (unsigned long)this_cpu_ptr(overflow_stack); 658 unsigned int esr = read_sysreg(esr_el1); 659 unsigned long far = read_sysreg(far_el1); 660 661 console_verbose(); 662 pr_emerg("Insufficient stack space to handle exception!"); 663 664 pr_emerg("ESR: 0x%08x -- %s\n", esr, esr_get_class_string(esr)); 665 pr_emerg("FAR: 0x%016lx\n", far); 666 667 pr_emerg("Task stack: [0x%016lx..0x%016lx]\n", 668 tsk_stk, tsk_stk + THREAD_SIZE); 669 pr_emerg("IRQ stack: [0x%016lx..0x%016lx]\n", 670 irq_stk, irq_stk + THREAD_SIZE); 671 pr_emerg("Overflow stack: [0x%016lx..0x%016lx]\n", 672 ovf_stk, ovf_stk + OVERFLOW_STACK_SIZE); 673 674 __show_regs(regs); 675 676 /* 677 * We use nmi_panic to limit the potential for recusive overflows, and 678 * to get a better stack trace. 679 */ 680 nmi_panic(NULL, "kernel stack overflow"); 681 cpu_park_loop(); 682 } 683 #endif 684 685 void __noreturn arm64_serror_panic(struct pt_regs *regs, u32 esr) 686 { 687 console_verbose(); 688 689 pr_crit("SError Interrupt on CPU%d, code 0x%08x -- %s\n", 690 smp_processor_id(), esr, esr_get_class_string(esr)); 691 if (regs) 692 __show_regs(regs); 693 694 nmi_panic(regs, "Asynchronous SError Interrupt"); 695 696 cpu_park_loop(); 697 unreachable(); 698 } 699 700 bool arm64_is_fatal_ras_serror(struct pt_regs *regs, unsigned int esr) 701 { 702 u32 aet = arm64_ras_serror_get_severity(esr); 703 704 switch (aet) { 705 case ESR_ELx_AET_CE: /* corrected error */ 706 case ESR_ELx_AET_UEO: /* restartable, not yet consumed */ 707 /* 708 * The CPU can make progress. We may take UEO again as 709 * a more severe error. 710 */ 711 return false; 712 713 case ESR_ELx_AET_UEU: /* Uncorrected Unrecoverable */ 714 case ESR_ELx_AET_UER: /* Uncorrected Recoverable */ 715 /* 716 * The CPU can't make progress. The exception may have 717 * been imprecise. 718 */ 719 return true; 720 721 case ESR_ELx_AET_UC: /* Uncontainable or Uncategorized error */ 722 default: 723 /* Error has been silently propagated */ 724 arm64_serror_panic(regs, esr); 725 } 726 } 727 728 asmlinkage void do_serror(struct pt_regs *regs, unsigned int esr) 729 { 730 nmi_enter(); 731 732 /* non-RAS errors are not containable */ 733 if (!arm64_is_ras_serror(esr) || arm64_is_fatal_ras_serror(regs, esr)) 734 arm64_serror_panic(regs, esr); 735 736 nmi_exit(); 737 } 738 739 void __pte_error(const char *file, int line, unsigned long val) 740 { 741 pr_err("%s:%d: bad pte %016lx.\n", file, line, val); 742 } 743 744 void __pmd_error(const char *file, int line, unsigned long val) 745 { 746 pr_err("%s:%d: bad pmd %016lx.\n", file, line, val); 747 } 748 749 void __pud_error(const char *file, int line, unsigned long val) 750 { 751 pr_err("%s:%d: bad pud %016lx.\n", file, line, val); 752 } 753 754 void __pgd_error(const char *file, int line, unsigned long val) 755 { 756 pr_err("%s:%d: bad pgd %016lx.\n", file, line, val); 757 } 758 759 /* GENERIC_BUG traps */ 760 761 int is_valid_bugaddr(unsigned long addr) 762 { 763 /* 764 * bug_handler() only called for BRK #BUG_BRK_IMM. 765 * So the answer is trivial -- any spurious instances with no 766 * bug table entry will be rejected by report_bug() and passed 767 * back to the debug-monitors code and handled as a fatal 768 * unexpected debug exception. 769 */ 770 return 1; 771 } 772 773 static int bug_handler(struct pt_regs *regs, unsigned int esr) 774 { 775 if (user_mode(regs)) 776 return DBG_HOOK_ERROR; 777 778 switch (report_bug(regs->pc, regs)) { 779 case BUG_TRAP_TYPE_BUG: 780 die("Oops - BUG", regs, 0); 781 break; 782 783 case BUG_TRAP_TYPE_WARN: 784 break; 785 786 default: 787 /* unknown/unrecognised bug trap type */ 788 return DBG_HOOK_ERROR; 789 } 790 791 /* If thread survives, skip over the BUG instruction and continue: */ 792 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 793 return DBG_HOOK_HANDLED; 794 } 795 796 static struct break_hook bug_break_hook = { 797 .esr_val = 0xf2000000 | BUG_BRK_IMM, 798 .esr_mask = 0xffffffff, 799 .fn = bug_handler, 800 }; 801 802 /* 803 * Initial handler for AArch64 BRK exceptions 804 * This handler only used until debug_traps_init(). 805 */ 806 int __init early_brk64(unsigned long addr, unsigned int esr, 807 struct pt_regs *regs) 808 { 809 return bug_handler(regs, esr) != DBG_HOOK_HANDLED; 810 } 811 812 /* This registration must happen early, before debug_traps_init(). */ 813 void __init trap_init(void) 814 { 815 register_break_hook(&bug_break_hook); 816 } 817