1 /* 2 * Based on arch/arm/kernel/traps.c 3 * 4 * Copyright (C) 1995-2009 Russell King 5 * Copyright (C) 2012 ARM Ltd. 6 * 7 * This program is free software; you can redistribute it and/or modify 8 * it under the terms of the GNU General Public License version 2 as 9 * published by the Free Software Foundation. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program. If not, see <http://www.gnu.org/licenses/>. 18 */ 19 20 #include <linux/bug.h> 21 #include <linux/signal.h> 22 #include <linux/personality.h> 23 #include <linux/kallsyms.h> 24 #include <linux/spinlock.h> 25 #include <linux/uaccess.h> 26 #include <linux/hardirq.h> 27 #include <linux/kdebug.h> 28 #include <linux/module.h> 29 #include <linux/kexec.h> 30 #include <linux/delay.h> 31 #include <linux/init.h> 32 #include <linux/sched/signal.h> 33 #include <linux/sched/debug.h> 34 #include <linux/sched/task_stack.h> 35 #include <linux/sizes.h> 36 #include <linux/syscalls.h> 37 #include <linux/mm_types.h> 38 39 #include <asm/atomic.h> 40 #include <asm/bug.h> 41 #include <asm/cpufeature.h> 42 #include <asm/daifflags.h> 43 #include <asm/debug-monitors.h> 44 #include <asm/esr.h> 45 #include <asm/insn.h> 46 #include <asm/traps.h> 47 #include <asm/smp.h> 48 #include <asm/stack_pointer.h> 49 #include <asm/stacktrace.h> 50 #include <asm/exception.h> 51 #include <asm/system_misc.h> 52 #include <asm/sysreg.h> 53 54 static const char *handler[]= { 55 "Synchronous Abort", 56 "IRQ", 57 "FIQ", 58 "Error" 59 }; 60 61 int show_unhandled_signals = 0; 62 63 static void dump_backtrace_entry(unsigned long where) 64 { 65 printk(" %pS\n", (void *)where); 66 } 67 68 static void __dump_instr(const char *lvl, struct pt_regs *regs) 69 { 70 unsigned long addr = instruction_pointer(regs); 71 char str[sizeof("00000000 ") * 5 + 2 + 1], *p = str; 72 int i; 73 74 for (i = -4; i < 1; i++) { 75 unsigned int val, bad; 76 77 bad = get_user(val, &((u32 *)addr)[i]); 78 79 if (!bad) 80 p += sprintf(p, i == 0 ? "(%08x) " : "%08x ", val); 81 else { 82 p += sprintf(p, "bad PC value"); 83 break; 84 } 85 } 86 printk("%sCode: %s\n", lvl, str); 87 } 88 89 static void dump_instr(const char *lvl, struct pt_regs *regs) 90 { 91 if (!user_mode(regs)) { 92 mm_segment_t fs = get_fs(); 93 set_fs(KERNEL_DS); 94 __dump_instr(lvl, regs); 95 set_fs(fs); 96 } else { 97 __dump_instr(lvl, regs); 98 } 99 } 100 101 void dump_backtrace(struct pt_regs *regs, struct task_struct *tsk) 102 { 103 struct stackframe frame; 104 int skip; 105 106 pr_debug("%s(regs = %p tsk = %p)\n", __func__, regs, tsk); 107 108 if (!tsk) 109 tsk = current; 110 111 if (!try_get_task_stack(tsk)) 112 return; 113 114 if (tsk == current) { 115 frame.fp = (unsigned long)__builtin_frame_address(0); 116 frame.pc = (unsigned long)dump_backtrace; 117 } else { 118 /* 119 * task blocked in __switch_to 120 */ 121 frame.fp = thread_saved_fp(tsk); 122 frame.pc = thread_saved_pc(tsk); 123 } 124 #ifdef CONFIG_FUNCTION_GRAPH_TRACER 125 frame.graph = tsk->curr_ret_stack; 126 #endif 127 128 skip = !!regs; 129 printk("Call trace:\n"); 130 do { 131 /* skip until specified stack frame */ 132 if (!skip) { 133 dump_backtrace_entry(frame.pc); 134 } else if (frame.fp == regs->regs[29]) { 135 skip = 0; 136 /* 137 * Mostly, this is the case where this function is 138 * called in panic/abort. As exception handler's 139 * stack frame does not contain the corresponding pc 140 * at which an exception has taken place, use regs->pc 141 * instead. 142 */ 143 dump_backtrace_entry(regs->pc); 144 } 145 } while (!unwind_frame(tsk, &frame)); 146 147 put_task_stack(tsk); 148 } 149 150 void show_stack(struct task_struct *tsk, unsigned long *sp) 151 { 152 dump_backtrace(NULL, tsk); 153 barrier(); 154 } 155 156 #ifdef CONFIG_PREEMPT 157 #define S_PREEMPT " PREEMPT" 158 #else 159 #define S_PREEMPT "" 160 #endif 161 #define S_SMP " SMP" 162 163 static int __die(const char *str, int err, struct pt_regs *regs) 164 { 165 struct task_struct *tsk = current; 166 static int die_counter; 167 int ret; 168 169 pr_emerg("Internal error: %s: %x [#%d]" S_PREEMPT S_SMP "\n", 170 str, err, ++die_counter); 171 172 /* trap and error numbers are mostly meaningless on ARM */ 173 ret = notify_die(DIE_OOPS, str, regs, err, 0, SIGSEGV); 174 if (ret == NOTIFY_STOP) 175 return ret; 176 177 print_modules(); 178 __show_regs(regs); 179 pr_emerg("Process %.*s (pid: %d, stack limit = 0x%p)\n", 180 TASK_COMM_LEN, tsk->comm, task_pid_nr(tsk), 181 end_of_stack(tsk)); 182 183 if (!user_mode(regs)) { 184 dump_backtrace(regs, tsk); 185 dump_instr(KERN_EMERG, regs); 186 } 187 188 return ret; 189 } 190 191 static DEFINE_RAW_SPINLOCK(die_lock); 192 193 /* 194 * This function is protected against re-entrancy. 195 */ 196 void die(const char *str, struct pt_regs *regs, int err) 197 { 198 int ret; 199 unsigned long flags; 200 201 raw_spin_lock_irqsave(&die_lock, flags); 202 203 oops_enter(); 204 205 console_verbose(); 206 bust_spinlocks(1); 207 ret = __die(str, err, regs); 208 209 if (regs && kexec_should_crash(current)) 210 crash_kexec(regs); 211 212 bust_spinlocks(0); 213 add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE); 214 oops_exit(); 215 216 if (in_interrupt()) 217 panic("Fatal exception in interrupt"); 218 if (panic_on_oops) 219 panic("Fatal exception"); 220 221 raw_spin_unlock_irqrestore(&die_lock, flags); 222 223 if (ret != NOTIFY_STOP) 224 do_exit(SIGSEGV); 225 } 226 227 static bool show_unhandled_signals_ratelimited(void) 228 { 229 static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL, 230 DEFAULT_RATELIMIT_BURST); 231 return show_unhandled_signals && __ratelimit(&rs); 232 } 233 234 void arm64_force_sig_info(struct siginfo *info, const char *str, 235 struct task_struct *tsk) 236 { 237 unsigned int esr = tsk->thread.fault_code; 238 struct pt_regs *regs = task_pt_regs(tsk); 239 240 if (!unhandled_signal(tsk, info->si_signo)) 241 goto send_sig; 242 243 if (!show_unhandled_signals_ratelimited()) 244 goto send_sig; 245 246 pr_info("%s[%d]: unhandled exception: ", tsk->comm, task_pid_nr(tsk)); 247 if (esr) 248 pr_cont("%s, ESR 0x%08x, ", esr_get_class_string(esr), esr); 249 250 pr_cont("%s", str); 251 print_vma_addr(KERN_CONT " in ", regs->pc); 252 pr_cont("\n"); 253 __show_regs(regs); 254 255 send_sig: 256 force_sig_info(info->si_signo, info, tsk); 257 } 258 259 void arm64_notify_die(const char *str, struct pt_regs *regs, 260 struct siginfo *info, int err) 261 { 262 if (user_mode(regs)) { 263 WARN_ON(regs != current_pt_regs()); 264 current->thread.fault_address = 0; 265 current->thread.fault_code = err; 266 arm64_force_sig_info(info, str, current); 267 } else { 268 die(str, regs, err); 269 } 270 } 271 272 void arm64_skip_faulting_instruction(struct pt_regs *regs, unsigned long size) 273 { 274 regs->pc += size; 275 276 /* 277 * If we were single stepping, we want to get the step exception after 278 * we return from the trap. 279 */ 280 if (user_mode(regs)) 281 user_fastforward_single_step(current); 282 } 283 284 static LIST_HEAD(undef_hook); 285 static DEFINE_RAW_SPINLOCK(undef_lock); 286 287 void register_undef_hook(struct undef_hook *hook) 288 { 289 unsigned long flags; 290 291 raw_spin_lock_irqsave(&undef_lock, flags); 292 list_add(&hook->node, &undef_hook); 293 raw_spin_unlock_irqrestore(&undef_lock, flags); 294 } 295 296 void unregister_undef_hook(struct undef_hook *hook) 297 { 298 unsigned long flags; 299 300 raw_spin_lock_irqsave(&undef_lock, flags); 301 list_del(&hook->node); 302 raw_spin_unlock_irqrestore(&undef_lock, flags); 303 } 304 305 static int call_undef_hook(struct pt_regs *regs) 306 { 307 struct undef_hook *hook; 308 unsigned long flags; 309 u32 instr; 310 int (*fn)(struct pt_regs *regs, u32 instr) = NULL; 311 void __user *pc = (void __user *)instruction_pointer(regs); 312 313 if (!user_mode(regs)) 314 return 1; 315 316 if (compat_thumb_mode(regs)) { 317 /* 16-bit Thumb instruction */ 318 __le16 instr_le; 319 if (get_user(instr_le, (__le16 __user *)pc)) 320 goto exit; 321 instr = le16_to_cpu(instr_le); 322 if (aarch32_insn_is_wide(instr)) { 323 u32 instr2; 324 325 if (get_user(instr_le, (__le16 __user *)(pc + 2))) 326 goto exit; 327 instr2 = le16_to_cpu(instr_le); 328 instr = (instr << 16) | instr2; 329 } 330 } else { 331 /* 32-bit ARM instruction */ 332 __le32 instr_le; 333 if (get_user(instr_le, (__le32 __user *)pc)) 334 goto exit; 335 instr = le32_to_cpu(instr_le); 336 } 337 338 raw_spin_lock_irqsave(&undef_lock, flags); 339 list_for_each_entry(hook, &undef_hook, node) 340 if ((instr & hook->instr_mask) == hook->instr_val && 341 (regs->pstate & hook->pstate_mask) == hook->pstate_val) 342 fn = hook->fn; 343 344 raw_spin_unlock_irqrestore(&undef_lock, flags); 345 exit: 346 return fn ? fn(regs, instr) : 1; 347 } 348 349 void force_signal_inject(int signal, int code, unsigned long address) 350 { 351 siginfo_t info; 352 const char *desc; 353 struct pt_regs *regs = current_pt_regs(); 354 355 clear_siginfo(&info); 356 357 switch (signal) { 358 case SIGILL: 359 desc = "undefined instruction"; 360 break; 361 case SIGSEGV: 362 desc = "illegal memory access"; 363 break; 364 default: 365 desc = "unknown or unrecoverable error"; 366 break; 367 } 368 369 /* Force signals we don't understand to SIGKILL */ 370 if (WARN_ON(signal != SIGKILL && 371 siginfo_layout(signal, code) != SIL_FAULT)) { 372 signal = SIGKILL; 373 } 374 375 info.si_signo = signal; 376 info.si_errno = 0; 377 info.si_code = code; 378 info.si_addr = (void __user *)address; 379 380 arm64_notify_die(desc, regs, &info, 0); 381 } 382 383 /* 384 * Set up process info to signal segmentation fault - called on access error. 385 */ 386 void arm64_notify_segfault(unsigned long addr) 387 { 388 int code; 389 390 down_read(¤t->mm->mmap_sem); 391 if (find_vma(current->mm, addr) == NULL) 392 code = SEGV_MAPERR; 393 else 394 code = SEGV_ACCERR; 395 up_read(¤t->mm->mmap_sem); 396 397 force_signal_inject(SIGSEGV, code, addr); 398 } 399 400 asmlinkage void __exception do_undefinstr(struct pt_regs *regs) 401 { 402 /* check for AArch32 breakpoint instructions */ 403 if (!aarch32_break_handler(regs)) 404 return; 405 406 if (call_undef_hook(regs) == 0) 407 return; 408 409 force_signal_inject(SIGILL, ILL_ILLOPC, regs->pc); 410 } 411 412 void cpu_enable_cache_maint_trap(const struct arm64_cpu_capabilities *__unused) 413 { 414 config_sctlr_el1(SCTLR_EL1_UCI, 0); 415 } 416 417 #define __user_cache_maint(insn, address, res) \ 418 if (address >= user_addr_max()) { \ 419 res = -EFAULT; \ 420 } else { \ 421 uaccess_ttbr0_enable(); \ 422 asm volatile ( \ 423 "1: " insn ", %1\n" \ 424 " mov %w0, #0\n" \ 425 "2:\n" \ 426 " .pushsection .fixup,\"ax\"\n" \ 427 " .align 2\n" \ 428 "3: mov %w0, %w2\n" \ 429 " b 2b\n" \ 430 " .popsection\n" \ 431 _ASM_EXTABLE(1b, 3b) \ 432 : "=r" (res) \ 433 : "r" (address), "i" (-EFAULT)); \ 434 uaccess_ttbr0_disable(); \ 435 } 436 437 static void user_cache_maint_handler(unsigned int esr, struct pt_regs *regs) 438 { 439 unsigned long address; 440 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; 441 int crm = (esr & ESR_ELx_SYS64_ISS_CRM_MASK) >> ESR_ELx_SYS64_ISS_CRM_SHIFT; 442 int ret = 0; 443 444 address = untagged_addr(pt_regs_read_reg(regs, rt)); 445 446 switch (crm) { 447 case ESR_ELx_SYS64_ISS_CRM_DC_CVAU: /* DC CVAU, gets promoted */ 448 __user_cache_maint("dc civac", address, ret); 449 break; 450 case ESR_ELx_SYS64_ISS_CRM_DC_CVAC: /* DC CVAC, gets promoted */ 451 __user_cache_maint("dc civac", address, ret); 452 break; 453 case ESR_ELx_SYS64_ISS_CRM_DC_CVAP: /* DC CVAP */ 454 __user_cache_maint("sys 3, c7, c12, 1", address, ret); 455 break; 456 case ESR_ELx_SYS64_ISS_CRM_DC_CIVAC: /* DC CIVAC */ 457 __user_cache_maint("dc civac", address, ret); 458 break; 459 case ESR_ELx_SYS64_ISS_CRM_IC_IVAU: /* IC IVAU */ 460 __user_cache_maint("ic ivau", address, ret); 461 break; 462 default: 463 force_signal_inject(SIGILL, ILL_ILLOPC, regs->pc); 464 return; 465 } 466 467 if (ret) 468 arm64_notify_segfault(address); 469 else 470 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 471 } 472 473 static void ctr_read_handler(unsigned int esr, struct pt_regs *regs) 474 { 475 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; 476 unsigned long val = arm64_ftr_reg_user_value(&arm64_ftr_reg_ctrel0); 477 478 pt_regs_write_reg(regs, rt, val); 479 480 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 481 } 482 483 static void cntvct_read_handler(unsigned int esr, struct pt_regs *regs) 484 { 485 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; 486 487 pt_regs_write_reg(regs, rt, arch_counter_get_cntvct()); 488 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 489 } 490 491 static void cntfrq_read_handler(unsigned int esr, struct pt_regs *regs) 492 { 493 int rt = (esr & ESR_ELx_SYS64_ISS_RT_MASK) >> ESR_ELx_SYS64_ISS_RT_SHIFT; 494 495 pt_regs_write_reg(regs, rt, arch_timer_get_rate()); 496 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 497 } 498 499 struct sys64_hook { 500 unsigned int esr_mask; 501 unsigned int esr_val; 502 void (*handler)(unsigned int esr, struct pt_regs *regs); 503 }; 504 505 static struct sys64_hook sys64_hooks[] = { 506 { 507 .esr_mask = ESR_ELx_SYS64_ISS_EL0_CACHE_OP_MASK, 508 .esr_val = ESR_ELx_SYS64_ISS_EL0_CACHE_OP_VAL, 509 .handler = user_cache_maint_handler, 510 }, 511 { 512 /* Trap read access to CTR_EL0 */ 513 .esr_mask = ESR_ELx_SYS64_ISS_SYS_OP_MASK, 514 .esr_val = ESR_ELx_SYS64_ISS_SYS_CTR_READ, 515 .handler = ctr_read_handler, 516 }, 517 { 518 /* Trap read access to CNTVCT_EL0 */ 519 .esr_mask = ESR_ELx_SYS64_ISS_SYS_OP_MASK, 520 .esr_val = ESR_ELx_SYS64_ISS_SYS_CNTVCT, 521 .handler = cntvct_read_handler, 522 }, 523 { 524 /* Trap read access to CNTFRQ_EL0 */ 525 .esr_mask = ESR_ELx_SYS64_ISS_SYS_OP_MASK, 526 .esr_val = ESR_ELx_SYS64_ISS_SYS_CNTFRQ, 527 .handler = cntfrq_read_handler, 528 }, 529 {}, 530 }; 531 532 asmlinkage void __exception do_sysinstr(unsigned int esr, struct pt_regs *regs) 533 { 534 struct sys64_hook *hook; 535 536 for (hook = sys64_hooks; hook->handler; hook++) 537 if ((hook->esr_mask & esr) == hook->esr_val) { 538 hook->handler(esr, regs); 539 return; 540 } 541 542 /* 543 * New SYS instructions may previously have been undefined at EL0. Fall 544 * back to our usual undefined instruction handler so that we handle 545 * these consistently. 546 */ 547 do_undefinstr(regs); 548 } 549 550 long compat_arm_syscall(struct pt_regs *regs); 551 552 asmlinkage long do_ni_syscall(struct pt_regs *regs) 553 { 554 #ifdef CONFIG_COMPAT 555 long ret; 556 if (is_compat_task()) { 557 ret = compat_arm_syscall(regs); 558 if (ret != -ENOSYS) 559 return ret; 560 } 561 #endif 562 563 return sys_ni_syscall(); 564 } 565 566 static const char *esr_class_str[] = { 567 [0 ... ESR_ELx_EC_MAX] = "UNRECOGNIZED EC", 568 [ESR_ELx_EC_UNKNOWN] = "Unknown/Uncategorized", 569 [ESR_ELx_EC_WFx] = "WFI/WFE", 570 [ESR_ELx_EC_CP15_32] = "CP15 MCR/MRC", 571 [ESR_ELx_EC_CP15_64] = "CP15 MCRR/MRRC", 572 [ESR_ELx_EC_CP14_MR] = "CP14 MCR/MRC", 573 [ESR_ELx_EC_CP14_LS] = "CP14 LDC/STC", 574 [ESR_ELx_EC_FP_ASIMD] = "ASIMD", 575 [ESR_ELx_EC_CP10_ID] = "CP10 MRC/VMRS", 576 [ESR_ELx_EC_CP14_64] = "CP14 MCRR/MRRC", 577 [ESR_ELx_EC_ILL] = "PSTATE.IL", 578 [ESR_ELx_EC_SVC32] = "SVC (AArch32)", 579 [ESR_ELx_EC_HVC32] = "HVC (AArch32)", 580 [ESR_ELx_EC_SMC32] = "SMC (AArch32)", 581 [ESR_ELx_EC_SVC64] = "SVC (AArch64)", 582 [ESR_ELx_EC_HVC64] = "HVC (AArch64)", 583 [ESR_ELx_EC_SMC64] = "SMC (AArch64)", 584 [ESR_ELx_EC_SYS64] = "MSR/MRS (AArch64)", 585 [ESR_ELx_EC_SVE] = "SVE", 586 [ESR_ELx_EC_IMP_DEF] = "EL3 IMP DEF", 587 [ESR_ELx_EC_IABT_LOW] = "IABT (lower EL)", 588 [ESR_ELx_EC_IABT_CUR] = "IABT (current EL)", 589 [ESR_ELx_EC_PC_ALIGN] = "PC Alignment", 590 [ESR_ELx_EC_DABT_LOW] = "DABT (lower EL)", 591 [ESR_ELx_EC_DABT_CUR] = "DABT (current EL)", 592 [ESR_ELx_EC_SP_ALIGN] = "SP Alignment", 593 [ESR_ELx_EC_FP_EXC32] = "FP (AArch32)", 594 [ESR_ELx_EC_FP_EXC64] = "FP (AArch64)", 595 [ESR_ELx_EC_SERROR] = "SError", 596 [ESR_ELx_EC_BREAKPT_LOW] = "Breakpoint (lower EL)", 597 [ESR_ELx_EC_BREAKPT_CUR] = "Breakpoint (current EL)", 598 [ESR_ELx_EC_SOFTSTP_LOW] = "Software Step (lower EL)", 599 [ESR_ELx_EC_SOFTSTP_CUR] = "Software Step (current EL)", 600 [ESR_ELx_EC_WATCHPT_LOW] = "Watchpoint (lower EL)", 601 [ESR_ELx_EC_WATCHPT_CUR] = "Watchpoint (current EL)", 602 [ESR_ELx_EC_BKPT32] = "BKPT (AArch32)", 603 [ESR_ELx_EC_VECTOR32] = "Vector catch (AArch32)", 604 [ESR_ELx_EC_BRK64] = "BRK (AArch64)", 605 }; 606 607 const char *esr_get_class_string(u32 esr) 608 { 609 return esr_class_str[ESR_ELx_EC(esr)]; 610 } 611 612 /* 613 * bad_mode handles the impossible case in the exception vector. This is always 614 * fatal. 615 */ 616 asmlinkage void bad_mode(struct pt_regs *regs, int reason, unsigned int esr) 617 { 618 console_verbose(); 619 620 pr_crit("Bad mode in %s handler detected on CPU%d, code 0x%08x -- %s\n", 621 handler[reason], smp_processor_id(), esr, 622 esr_get_class_string(esr)); 623 624 die("Oops - bad mode", regs, 0); 625 local_daif_mask(); 626 panic("bad mode"); 627 } 628 629 /* 630 * bad_el0_sync handles unexpected, but potentially recoverable synchronous 631 * exceptions taken from EL0. Unlike bad_mode, this returns. 632 */ 633 asmlinkage void bad_el0_sync(struct pt_regs *regs, int reason, unsigned int esr) 634 { 635 siginfo_t info; 636 void __user *pc = (void __user *)instruction_pointer(regs); 637 638 clear_siginfo(&info); 639 info.si_signo = SIGILL; 640 info.si_errno = 0; 641 info.si_code = ILL_ILLOPC; 642 info.si_addr = pc; 643 644 current->thread.fault_address = 0; 645 current->thread.fault_code = esr; 646 647 arm64_force_sig_info(&info, "Bad EL0 synchronous exception", current); 648 } 649 650 #ifdef CONFIG_VMAP_STACK 651 652 DEFINE_PER_CPU(unsigned long [OVERFLOW_STACK_SIZE/sizeof(long)], overflow_stack) 653 __aligned(16); 654 655 asmlinkage void handle_bad_stack(struct pt_regs *regs) 656 { 657 unsigned long tsk_stk = (unsigned long)current->stack; 658 unsigned long irq_stk = (unsigned long)this_cpu_read(irq_stack_ptr); 659 unsigned long ovf_stk = (unsigned long)this_cpu_ptr(overflow_stack); 660 unsigned int esr = read_sysreg(esr_el1); 661 unsigned long far = read_sysreg(far_el1); 662 663 console_verbose(); 664 pr_emerg("Insufficient stack space to handle exception!"); 665 666 pr_emerg("ESR: 0x%08x -- %s\n", esr, esr_get_class_string(esr)); 667 pr_emerg("FAR: 0x%016lx\n", far); 668 669 pr_emerg("Task stack: [0x%016lx..0x%016lx]\n", 670 tsk_stk, tsk_stk + THREAD_SIZE); 671 pr_emerg("IRQ stack: [0x%016lx..0x%016lx]\n", 672 irq_stk, irq_stk + THREAD_SIZE); 673 pr_emerg("Overflow stack: [0x%016lx..0x%016lx]\n", 674 ovf_stk, ovf_stk + OVERFLOW_STACK_SIZE); 675 676 __show_regs(regs); 677 678 /* 679 * We use nmi_panic to limit the potential for recusive overflows, and 680 * to get a better stack trace. 681 */ 682 nmi_panic(NULL, "kernel stack overflow"); 683 cpu_park_loop(); 684 } 685 #endif 686 687 void __noreturn arm64_serror_panic(struct pt_regs *regs, u32 esr) 688 { 689 console_verbose(); 690 691 pr_crit("SError Interrupt on CPU%d, code 0x%08x -- %s\n", 692 smp_processor_id(), esr, esr_get_class_string(esr)); 693 if (regs) 694 __show_regs(regs); 695 696 nmi_panic(regs, "Asynchronous SError Interrupt"); 697 698 cpu_park_loop(); 699 unreachable(); 700 } 701 702 bool arm64_is_fatal_ras_serror(struct pt_regs *regs, unsigned int esr) 703 { 704 u32 aet = arm64_ras_serror_get_severity(esr); 705 706 switch (aet) { 707 case ESR_ELx_AET_CE: /* corrected error */ 708 case ESR_ELx_AET_UEO: /* restartable, not yet consumed */ 709 /* 710 * The CPU can make progress. We may take UEO again as 711 * a more severe error. 712 */ 713 return false; 714 715 case ESR_ELx_AET_UEU: /* Uncorrected Unrecoverable */ 716 case ESR_ELx_AET_UER: /* Uncorrected Recoverable */ 717 /* 718 * The CPU can't make progress. The exception may have 719 * been imprecise. 720 */ 721 return true; 722 723 case ESR_ELx_AET_UC: /* Uncontainable or Uncategorized error */ 724 default: 725 /* Error has been silently propagated */ 726 arm64_serror_panic(regs, esr); 727 } 728 } 729 730 asmlinkage void do_serror(struct pt_regs *regs, unsigned int esr) 731 { 732 nmi_enter(); 733 734 /* non-RAS errors are not containable */ 735 if (!arm64_is_ras_serror(esr) || arm64_is_fatal_ras_serror(regs, esr)) 736 arm64_serror_panic(regs, esr); 737 738 nmi_exit(); 739 } 740 741 void __pte_error(const char *file, int line, unsigned long val) 742 { 743 pr_err("%s:%d: bad pte %016lx.\n", file, line, val); 744 } 745 746 void __pmd_error(const char *file, int line, unsigned long val) 747 { 748 pr_err("%s:%d: bad pmd %016lx.\n", file, line, val); 749 } 750 751 void __pud_error(const char *file, int line, unsigned long val) 752 { 753 pr_err("%s:%d: bad pud %016lx.\n", file, line, val); 754 } 755 756 void __pgd_error(const char *file, int line, unsigned long val) 757 { 758 pr_err("%s:%d: bad pgd %016lx.\n", file, line, val); 759 } 760 761 /* GENERIC_BUG traps */ 762 763 int is_valid_bugaddr(unsigned long addr) 764 { 765 /* 766 * bug_handler() only called for BRK #BUG_BRK_IMM. 767 * So the answer is trivial -- any spurious instances with no 768 * bug table entry will be rejected by report_bug() and passed 769 * back to the debug-monitors code and handled as a fatal 770 * unexpected debug exception. 771 */ 772 return 1; 773 } 774 775 static int bug_handler(struct pt_regs *regs, unsigned int esr) 776 { 777 if (user_mode(regs)) 778 return DBG_HOOK_ERROR; 779 780 switch (report_bug(regs->pc, regs)) { 781 case BUG_TRAP_TYPE_BUG: 782 die("Oops - BUG", regs, 0); 783 break; 784 785 case BUG_TRAP_TYPE_WARN: 786 break; 787 788 default: 789 /* unknown/unrecognised bug trap type */ 790 return DBG_HOOK_ERROR; 791 } 792 793 /* If thread survives, skip over the BUG instruction and continue: */ 794 arm64_skip_faulting_instruction(regs, AARCH64_INSN_SIZE); 795 return DBG_HOOK_HANDLED; 796 } 797 798 static struct break_hook bug_break_hook = { 799 .esr_val = 0xf2000000 | BUG_BRK_IMM, 800 .esr_mask = 0xffffffff, 801 .fn = bug_handler, 802 }; 803 804 /* 805 * Initial handler for AArch64 BRK exceptions 806 * This handler only used until debug_traps_init(). 807 */ 808 int __init early_brk64(unsigned long addr, unsigned int esr, 809 struct pt_regs *regs) 810 { 811 return bug_handler(regs, esr) != DBG_HOOK_HANDLED; 812 } 813 814 /* This registration must happen early, before debug_traps_init(). */ 815 void __init trap_init(void) 816 { 817 register_break_hook(&bug_break_hook); 818 } 819