xref: /openbmc/linux/arch/s390/kernel/ptrace.c (revision 8365a898)
1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  *  Ptrace user space interface.
4  *
5  *    Copyright IBM Corp. 1999, 2010
6  *    Author(s): Denis Joseph Barrow
7  *               Martin Schwidefsky (schwidefsky@de.ibm.com)
8  */
9 
10 #include <linux/kernel.h>
11 #include <linux/sched.h>
12 #include <linux/sched/task_stack.h>
13 #include <linux/mm.h>
14 #include <linux/smp.h>
15 #include <linux/errno.h>
16 #include <linux/ptrace.h>
17 #include <linux/user.h>
18 #include <linux/security.h>
19 #include <linux/audit.h>
20 #include <linux/signal.h>
21 #include <linux/elf.h>
22 #include <linux/regset.h>
23 #include <linux/tracehook.h>
24 #include <linux/seccomp.h>
25 #include <linux/compat.h>
26 #include <trace/syscall.h>
27 #include <asm/page.h>
28 #include <asm/pgalloc.h>
29 #include <linux/uaccess.h>
30 #include <asm/unistd.h>
31 #include <asm/switch_to.h>
32 #include <asm/runtime_instr.h>
33 #include <asm/facility.h>
34 
35 #include "entry.h"
36 
37 #ifdef CONFIG_COMPAT
38 #include "compat_ptrace.h"
39 #endif
40 
41 #define CREATE_TRACE_POINTS
42 #include <trace/events/syscalls.h>
43 
44 void update_cr_regs(struct task_struct *task)
45 {
46 	struct pt_regs *regs = task_pt_regs(task);
47 	struct thread_struct *thread = &task->thread;
48 	struct per_regs old, new;
49 	union ctlreg0 cr0_old, cr0_new;
50 	union ctlreg2 cr2_old, cr2_new;
51 	int cr0_changed, cr2_changed;
52 
53 	__ctl_store(cr0_old.val, 0, 0);
54 	__ctl_store(cr2_old.val, 2, 2);
55 	cr0_new = cr0_old;
56 	cr2_new = cr2_old;
57 	/* Take care of the enable/disable of transactional execution. */
58 	if (MACHINE_HAS_TE) {
59 		/* Set or clear transaction execution TXC bit 8. */
60 		cr0_new.tcx = 1;
61 		if (task->thread.per_flags & PER_FLAG_NO_TE)
62 			cr0_new.tcx = 0;
63 		/* Set or clear transaction execution TDC bits 62 and 63. */
64 		cr2_new.tdc = 0;
65 		if (task->thread.per_flags & PER_FLAG_TE_ABORT_RAND) {
66 			if (task->thread.per_flags & PER_FLAG_TE_ABORT_RAND_TEND)
67 				cr2_new.tdc = 1;
68 			else
69 				cr2_new.tdc = 2;
70 		}
71 	}
72 	/* Take care of enable/disable of guarded storage. */
73 	if (MACHINE_HAS_GS) {
74 		cr2_new.gse = 0;
75 		if (task->thread.gs_cb)
76 			cr2_new.gse = 1;
77 	}
78 	/* Load control register 0/2 iff changed */
79 	cr0_changed = cr0_new.val != cr0_old.val;
80 	cr2_changed = cr2_new.val != cr2_old.val;
81 	if (cr0_changed)
82 		__ctl_load(cr0_new.val, 0, 0);
83 	if (cr2_changed)
84 		__ctl_load(cr2_new.val, 2, 2);
85 	/* Copy user specified PER registers */
86 	new.control = thread->per_user.control;
87 	new.start = thread->per_user.start;
88 	new.end = thread->per_user.end;
89 
90 	/* merge TIF_SINGLE_STEP into user specified PER registers. */
91 	if (test_tsk_thread_flag(task, TIF_SINGLE_STEP) ||
92 	    test_tsk_thread_flag(task, TIF_UPROBE_SINGLESTEP)) {
93 		if (test_tsk_thread_flag(task, TIF_BLOCK_STEP))
94 			new.control |= PER_EVENT_BRANCH;
95 		else
96 			new.control |= PER_EVENT_IFETCH;
97 		new.control |= PER_CONTROL_SUSPENSION;
98 		new.control |= PER_EVENT_TRANSACTION_END;
99 		if (test_tsk_thread_flag(task, TIF_UPROBE_SINGLESTEP))
100 			new.control |= PER_EVENT_IFETCH;
101 		new.start = 0;
102 		new.end = -1UL;
103 	}
104 
105 	/* Take care of the PER enablement bit in the PSW. */
106 	if (!(new.control & PER_EVENT_MASK)) {
107 		regs->psw.mask &= ~PSW_MASK_PER;
108 		return;
109 	}
110 	regs->psw.mask |= PSW_MASK_PER;
111 	__ctl_store(old, 9, 11);
112 	if (memcmp(&new, &old, sizeof(struct per_regs)) != 0)
113 		__ctl_load(new, 9, 11);
114 }
115 
116 void user_enable_single_step(struct task_struct *task)
117 {
118 	clear_tsk_thread_flag(task, TIF_BLOCK_STEP);
119 	set_tsk_thread_flag(task, TIF_SINGLE_STEP);
120 }
121 
122 void user_disable_single_step(struct task_struct *task)
123 {
124 	clear_tsk_thread_flag(task, TIF_BLOCK_STEP);
125 	clear_tsk_thread_flag(task, TIF_SINGLE_STEP);
126 }
127 
128 void user_enable_block_step(struct task_struct *task)
129 {
130 	set_tsk_thread_flag(task, TIF_SINGLE_STEP);
131 	set_tsk_thread_flag(task, TIF_BLOCK_STEP);
132 }
133 
134 /*
135  * Called by kernel/ptrace.c when detaching..
136  *
137  * Clear all debugging related fields.
138  */
139 void ptrace_disable(struct task_struct *task)
140 {
141 	memset(&task->thread.per_user, 0, sizeof(task->thread.per_user));
142 	memset(&task->thread.per_event, 0, sizeof(task->thread.per_event));
143 	clear_tsk_thread_flag(task, TIF_SINGLE_STEP);
144 	clear_pt_regs_flag(task_pt_regs(task), PIF_PER_TRAP);
145 	task->thread.per_flags = 0;
146 }
147 
148 #define __ADDR_MASK 7
149 
150 static inline unsigned long __peek_user_per(struct task_struct *child,
151 					    addr_t addr)
152 {
153 	struct per_struct_kernel *dummy = NULL;
154 
155 	if (addr == (addr_t) &dummy->cr9)
156 		/* Control bits of the active per set. */
157 		return test_thread_flag(TIF_SINGLE_STEP) ?
158 			PER_EVENT_IFETCH : child->thread.per_user.control;
159 	else if (addr == (addr_t) &dummy->cr10)
160 		/* Start address of the active per set. */
161 		return test_thread_flag(TIF_SINGLE_STEP) ?
162 			0 : child->thread.per_user.start;
163 	else if (addr == (addr_t) &dummy->cr11)
164 		/* End address of the active per set. */
165 		return test_thread_flag(TIF_SINGLE_STEP) ?
166 			-1UL : child->thread.per_user.end;
167 	else if (addr == (addr_t) &dummy->bits)
168 		/* Single-step bit. */
169 		return test_thread_flag(TIF_SINGLE_STEP) ?
170 			(1UL << (BITS_PER_LONG - 1)) : 0;
171 	else if (addr == (addr_t) &dummy->starting_addr)
172 		/* Start address of the user specified per set. */
173 		return child->thread.per_user.start;
174 	else if (addr == (addr_t) &dummy->ending_addr)
175 		/* End address of the user specified per set. */
176 		return child->thread.per_user.end;
177 	else if (addr == (addr_t) &dummy->perc_atmid)
178 		/* PER code, ATMID and AI of the last PER trap */
179 		return (unsigned long)
180 			child->thread.per_event.cause << (BITS_PER_LONG - 16);
181 	else if (addr == (addr_t) &dummy->address)
182 		/* Address of the last PER trap */
183 		return child->thread.per_event.address;
184 	else if (addr == (addr_t) &dummy->access_id)
185 		/* Access id of the last PER trap */
186 		return (unsigned long)
187 			child->thread.per_event.paid << (BITS_PER_LONG - 8);
188 	return 0;
189 }
190 
191 /*
192  * Read the word at offset addr from the user area of a process. The
193  * trouble here is that the information is littered over different
194  * locations. The process registers are found on the kernel stack,
195  * the floating point stuff and the trace settings are stored in
196  * the task structure. In addition the different structures in
197  * struct user contain pad bytes that should be read as zeroes.
198  * Lovely...
199  */
200 static unsigned long __peek_user(struct task_struct *child, addr_t addr)
201 {
202 	struct user *dummy = NULL;
203 	addr_t offset, tmp;
204 
205 	if (addr < (addr_t) &dummy->regs.acrs) {
206 		/*
207 		 * psw and gprs are stored on the stack
208 		 */
209 		tmp = *(addr_t *)((addr_t) &task_pt_regs(child)->psw + addr);
210 		if (addr == (addr_t) &dummy->regs.psw.mask) {
211 			/* Return a clean psw mask. */
212 			tmp &= PSW_MASK_USER | PSW_MASK_RI;
213 			tmp |= PSW_USER_BITS;
214 		}
215 
216 	} else if (addr < (addr_t) &dummy->regs.orig_gpr2) {
217 		/*
218 		 * access registers are stored in the thread structure
219 		 */
220 		offset = addr - (addr_t) &dummy->regs.acrs;
221 		/*
222 		 * Very special case: old & broken 64 bit gdb reading
223 		 * from acrs[15]. Result is a 64 bit value. Read the
224 		 * 32 bit acrs[15] value and shift it by 32. Sick...
225 		 */
226 		if (addr == (addr_t) &dummy->regs.acrs[15])
227 			tmp = ((unsigned long) child->thread.acrs[15]) << 32;
228 		else
229 			tmp = *(addr_t *)((addr_t) &child->thread.acrs + offset);
230 
231 	} else if (addr == (addr_t) &dummy->regs.orig_gpr2) {
232 		/*
233 		 * orig_gpr2 is stored on the kernel stack
234 		 */
235 		tmp = (addr_t) task_pt_regs(child)->orig_gpr2;
236 
237 	} else if (addr < (addr_t) &dummy->regs.fp_regs) {
238 		/*
239 		 * prevent reads of padding hole between
240 		 * orig_gpr2 and fp_regs on s390.
241 		 */
242 		tmp = 0;
243 
244 	} else if (addr == (addr_t) &dummy->regs.fp_regs.fpc) {
245 		/*
246 		 * floating point control reg. is in the thread structure
247 		 */
248 		tmp = child->thread.fpu.fpc;
249 		tmp <<= BITS_PER_LONG - 32;
250 
251 	} else if (addr < (addr_t) (&dummy->regs.fp_regs + 1)) {
252 		/*
253 		 * floating point regs. are either in child->thread.fpu
254 		 * or the child->thread.fpu.vxrs array
255 		 */
256 		offset = addr - (addr_t) &dummy->regs.fp_regs.fprs;
257 		if (MACHINE_HAS_VX)
258 			tmp = *(addr_t *)
259 			       ((addr_t) child->thread.fpu.vxrs + 2*offset);
260 		else
261 			tmp = *(addr_t *)
262 			       ((addr_t) child->thread.fpu.fprs + offset);
263 
264 	} else if (addr < (addr_t) (&dummy->regs.per_info + 1)) {
265 		/*
266 		 * Handle access to the per_info structure.
267 		 */
268 		addr -= (addr_t) &dummy->regs.per_info;
269 		tmp = __peek_user_per(child, addr);
270 
271 	} else
272 		tmp = 0;
273 
274 	return tmp;
275 }
276 
277 static int
278 peek_user(struct task_struct *child, addr_t addr, addr_t data)
279 {
280 	addr_t tmp, mask;
281 
282 	/*
283 	 * Stupid gdb peeks/pokes the access registers in 64 bit with
284 	 * an alignment of 4. Programmers from hell...
285 	 */
286 	mask = __ADDR_MASK;
287 	if (addr >= (addr_t) &((struct user *) NULL)->regs.acrs &&
288 	    addr < (addr_t) &((struct user *) NULL)->regs.orig_gpr2)
289 		mask = 3;
290 	if ((addr & mask) || addr > sizeof(struct user) - __ADDR_MASK)
291 		return -EIO;
292 
293 	tmp = __peek_user(child, addr);
294 	return put_user(tmp, (addr_t __user *) data);
295 }
296 
297 static inline void __poke_user_per(struct task_struct *child,
298 				   addr_t addr, addr_t data)
299 {
300 	struct per_struct_kernel *dummy = NULL;
301 
302 	/*
303 	 * There are only three fields in the per_info struct that the
304 	 * debugger user can write to.
305 	 * 1) cr9: the debugger wants to set a new PER event mask
306 	 * 2) starting_addr: the debugger wants to set a new starting
307 	 *    address to use with the PER event mask.
308 	 * 3) ending_addr: the debugger wants to set a new ending
309 	 *    address to use with the PER event mask.
310 	 * The user specified PER event mask and the start and end
311 	 * addresses are used only if single stepping is not in effect.
312 	 * Writes to any other field in per_info are ignored.
313 	 */
314 	if (addr == (addr_t) &dummy->cr9)
315 		/* PER event mask of the user specified per set. */
316 		child->thread.per_user.control =
317 			data & (PER_EVENT_MASK | PER_CONTROL_MASK);
318 	else if (addr == (addr_t) &dummy->starting_addr)
319 		/* Starting address of the user specified per set. */
320 		child->thread.per_user.start = data;
321 	else if (addr == (addr_t) &dummy->ending_addr)
322 		/* Ending address of the user specified per set. */
323 		child->thread.per_user.end = data;
324 }
325 
326 static void fixup_int_code(struct task_struct *child, addr_t data)
327 {
328 	struct pt_regs *regs = task_pt_regs(child);
329 	int ilc = regs->int_code >> 16;
330 	u16 insn;
331 
332 	if (ilc > 6)
333 		return;
334 
335 	if (ptrace_access_vm(child, regs->psw.addr - (regs->int_code >> 16),
336 			&insn, sizeof(insn), FOLL_FORCE) != sizeof(insn))
337 		return;
338 
339 	/* double check that tracee stopped on svc instruction */
340 	if ((insn >> 8) != 0xa)
341 		return;
342 
343 	regs->int_code = 0x20000 | (data & 0xffff);
344 }
345 /*
346  * Write a word to the user area of a process at location addr. This
347  * operation does have an additional problem compared to peek_user.
348  * Stores to the program status word and on the floating point
349  * control register needs to get checked for validity.
350  */
351 static int __poke_user(struct task_struct *child, addr_t addr, addr_t data)
352 {
353 	struct user *dummy = NULL;
354 	addr_t offset;
355 
356 
357 	if (addr < (addr_t) &dummy->regs.acrs) {
358 		struct pt_regs *regs = task_pt_regs(child);
359 		/*
360 		 * psw and gprs are stored on the stack
361 		 */
362 		if (addr == (addr_t) &dummy->regs.psw.mask) {
363 			unsigned long mask = PSW_MASK_USER;
364 
365 			mask |= is_ri_task(child) ? PSW_MASK_RI : 0;
366 			if ((data ^ PSW_USER_BITS) & ~mask)
367 				/* Invalid psw mask. */
368 				return -EINVAL;
369 			if ((data & PSW_MASK_ASC) == PSW_ASC_HOME)
370 				/* Invalid address-space-control bits */
371 				return -EINVAL;
372 			if ((data & PSW_MASK_EA) && !(data & PSW_MASK_BA))
373 				/* Invalid addressing mode bits */
374 				return -EINVAL;
375 		}
376 
377 		if (test_pt_regs_flag(regs, PIF_SYSCALL) &&
378 			addr == offsetof(struct user, regs.gprs[2]))
379 			fixup_int_code(child, data);
380 		*(addr_t *)((addr_t) &regs->psw + addr) = data;
381 
382 	} else if (addr < (addr_t) (&dummy->regs.orig_gpr2)) {
383 		/*
384 		 * access registers are stored in the thread structure
385 		 */
386 		offset = addr - (addr_t) &dummy->regs.acrs;
387 		/*
388 		 * Very special case: old & broken 64 bit gdb writing
389 		 * to acrs[15] with a 64 bit value. Ignore the lower
390 		 * half of the value and write the upper 32 bit to
391 		 * acrs[15]. Sick...
392 		 */
393 		if (addr == (addr_t) &dummy->regs.acrs[15])
394 			child->thread.acrs[15] = (unsigned int) (data >> 32);
395 		else
396 			*(addr_t *)((addr_t) &child->thread.acrs + offset) = data;
397 
398 	} else if (addr == (addr_t) &dummy->regs.orig_gpr2) {
399 		/*
400 		 * orig_gpr2 is stored on the kernel stack
401 		 */
402 		task_pt_regs(child)->orig_gpr2 = data;
403 
404 	} else if (addr < (addr_t) &dummy->regs.fp_regs) {
405 		/*
406 		 * prevent writes of padding hole between
407 		 * orig_gpr2 and fp_regs on s390.
408 		 */
409 		return 0;
410 
411 	} else if (addr == (addr_t) &dummy->regs.fp_regs.fpc) {
412 		/*
413 		 * floating point control reg. is in the thread structure
414 		 */
415 		if ((unsigned int) data != 0 ||
416 		    test_fp_ctl(data >> (BITS_PER_LONG - 32)))
417 			return -EINVAL;
418 		child->thread.fpu.fpc = data >> (BITS_PER_LONG - 32);
419 
420 	} else if (addr < (addr_t) (&dummy->regs.fp_regs + 1)) {
421 		/*
422 		 * floating point regs. are either in child->thread.fpu
423 		 * or the child->thread.fpu.vxrs array
424 		 */
425 		offset = addr - (addr_t) &dummy->regs.fp_regs.fprs;
426 		if (MACHINE_HAS_VX)
427 			*(addr_t *)((addr_t)
428 				child->thread.fpu.vxrs + 2*offset) = data;
429 		else
430 			*(addr_t *)((addr_t)
431 				child->thread.fpu.fprs + offset) = data;
432 
433 	} else if (addr < (addr_t) (&dummy->regs.per_info + 1)) {
434 		/*
435 		 * Handle access to the per_info structure.
436 		 */
437 		addr -= (addr_t) &dummy->regs.per_info;
438 		__poke_user_per(child, addr, data);
439 
440 	}
441 
442 	return 0;
443 }
444 
445 static int poke_user(struct task_struct *child, addr_t addr, addr_t data)
446 {
447 	addr_t mask;
448 
449 	/*
450 	 * Stupid gdb peeks/pokes the access registers in 64 bit with
451 	 * an alignment of 4. Programmers from hell indeed...
452 	 */
453 	mask = __ADDR_MASK;
454 	if (addr >= (addr_t) &((struct user *) NULL)->regs.acrs &&
455 	    addr < (addr_t) &((struct user *) NULL)->regs.orig_gpr2)
456 		mask = 3;
457 	if ((addr & mask) || addr > sizeof(struct user) - __ADDR_MASK)
458 		return -EIO;
459 
460 	return __poke_user(child, addr, data);
461 }
462 
463 long arch_ptrace(struct task_struct *child, long request,
464 		 unsigned long addr, unsigned long data)
465 {
466 	ptrace_area parea;
467 	int copied, ret;
468 
469 	switch (request) {
470 	case PTRACE_PEEKUSR:
471 		/* read the word at location addr in the USER area. */
472 		return peek_user(child, addr, data);
473 
474 	case PTRACE_POKEUSR:
475 		/* write the word at location addr in the USER area */
476 		return poke_user(child, addr, data);
477 
478 	case PTRACE_PEEKUSR_AREA:
479 	case PTRACE_POKEUSR_AREA:
480 		if (copy_from_user(&parea, (void __force __user *) addr,
481 							sizeof(parea)))
482 			return -EFAULT;
483 		addr = parea.kernel_addr;
484 		data = parea.process_addr;
485 		copied = 0;
486 		while (copied < parea.len) {
487 			if (request == PTRACE_PEEKUSR_AREA)
488 				ret = peek_user(child, addr, data);
489 			else {
490 				addr_t utmp;
491 				if (get_user(utmp,
492 					     (addr_t __force __user *) data))
493 					return -EFAULT;
494 				ret = poke_user(child, addr, utmp);
495 			}
496 			if (ret)
497 				return ret;
498 			addr += sizeof(unsigned long);
499 			data += sizeof(unsigned long);
500 			copied += sizeof(unsigned long);
501 		}
502 		return 0;
503 	case PTRACE_GET_LAST_BREAK:
504 		put_user(child->thread.last_break,
505 			 (unsigned long __user *) data);
506 		return 0;
507 	case PTRACE_ENABLE_TE:
508 		if (!MACHINE_HAS_TE)
509 			return -EIO;
510 		child->thread.per_flags &= ~PER_FLAG_NO_TE;
511 		return 0;
512 	case PTRACE_DISABLE_TE:
513 		if (!MACHINE_HAS_TE)
514 			return -EIO;
515 		child->thread.per_flags |= PER_FLAG_NO_TE;
516 		child->thread.per_flags &= ~PER_FLAG_TE_ABORT_RAND;
517 		return 0;
518 	case PTRACE_TE_ABORT_RAND:
519 		if (!MACHINE_HAS_TE || (child->thread.per_flags & PER_FLAG_NO_TE))
520 			return -EIO;
521 		switch (data) {
522 		case 0UL:
523 			child->thread.per_flags &= ~PER_FLAG_TE_ABORT_RAND;
524 			break;
525 		case 1UL:
526 			child->thread.per_flags |= PER_FLAG_TE_ABORT_RAND;
527 			child->thread.per_flags |= PER_FLAG_TE_ABORT_RAND_TEND;
528 			break;
529 		case 2UL:
530 			child->thread.per_flags |= PER_FLAG_TE_ABORT_RAND;
531 			child->thread.per_flags &= ~PER_FLAG_TE_ABORT_RAND_TEND;
532 			break;
533 		default:
534 			return -EINVAL;
535 		}
536 		return 0;
537 	default:
538 		return ptrace_request(child, request, addr, data);
539 	}
540 }
541 
542 #ifdef CONFIG_COMPAT
543 /*
544  * Now the fun part starts... a 31 bit program running in the
545  * 31 bit emulation tracing another program. PTRACE_PEEKTEXT,
546  * PTRACE_PEEKDATA, PTRACE_POKETEXT and PTRACE_POKEDATA are easy
547  * to handle, the difference to the 64 bit versions of the requests
548  * is that the access is done in multiples of 4 byte instead of
549  * 8 bytes (sizeof(unsigned long) on 31/64 bit).
550  * The ugly part are PTRACE_PEEKUSR, PTRACE_PEEKUSR_AREA,
551  * PTRACE_POKEUSR and PTRACE_POKEUSR_AREA. If the traced program
552  * is a 31 bit program too, the content of struct user can be
553  * emulated. A 31 bit program peeking into the struct user of
554  * a 64 bit program is a no-no.
555  */
556 
557 /*
558  * Same as peek_user_per but for a 31 bit program.
559  */
560 static inline __u32 __peek_user_per_compat(struct task_struct *child,
561 					   addr_t addr)
562 {
563 	struct compat_per_struct_kernel *dummy32 = NULL;
564 
565 	if (addr == (addr_t) &dummy32->cr9)
566 		/* Control bits of the active per set. */
567 		return (__u32) test_thread_flag(TIF_SINGLE_STEP) ?
568 			PER_EVENT_IFETCH : child->thread.per_user.control;
569 	else if (addr == (addr_t) &dummy32->cr10)
570 		/* Start address of the active per set. */
571 		return (__u32) test_thread_flag(TIF_SINGLE_STEP) ?
572 			0 : child->thread.per_user.start;
573 	else if (addr == (addr_t) &dummy32->cr11)
574 		/* End address of the active per set. */
575 		return test_thread_flag(TIF_SINGLE_STEP) ?
576 			PSW32_ADDR_INSN : child->thread.per_user.end;
577 	else if (addr == (addr_t) &dummy32->bits)
578 		/* Single-step bit. */
579 		return (__u32) test_thread_flag(TIF_SINGLE_STEP) ?
580 			0x80000000 : 0;
581 	else if (addr == (addr_t) &dummy32->starting_addr)
582 		/* Start address of the user specified per set. */
583 		return (__u32) child->thread.per_user.start;
584 	else if (addr == (addr_t) &dummy32->ending_addr)
585 		/* End address of the user specified per set. */
586 		return (__u32) child->thread.per_user.end;
587 	else if (addr == (addr_t) &dummy32->perc_atmid)
588 		/* PER code, ATMID and AI of the last PER trap */
589 		return (__u32) child->thread.per_event.cause << 16;
590 	else if (addr == (addr_t) &dummy32->address)
591 		/* Address of the last PER trap */
592 		return (__u32) child->thread.per_event.address;
593 	else if (addr == (addr_t) &dummy32->access_id)
594 		/* Access id of the last PER trap */
595 		return (__u32) child->thread.per_event.paid << 24;
596 	return 0;
597 }
598 
599 /*
600  * Same as peek_user but for a 31 bit program.
601  */
602 static u32 __peek_user_compat(struct task_struct *child, addr_t addr)
603 {
604 	struct compat_user *dummy32 = NULL;
605 	addr_t offset;
606 	__u32 tmp;
607 
608 	if (addr < (addr_t) &dummy32->regs.acrs) {
609 		struct pt_regs *regs = task_pt_regs(child);
610 		/*
611 		 * psw and gprs are stored on the stack
612 		 */
613 		if (addr == (addr_t) &dummy32->regs.psw.mask) {
614 			/* Fake a 31 bit psw mask. */
615 			tmp = (__u32)(regs->psw.mask >> 32);
616 			tmp &= PSW32_MASK_USER | PSW32_MASK_RI;
617 			tmp |= PSW32_USER_BITS;
618 		} else if (addr == (addr_t) &dummy32->regs.psw.addr) {
619 			/* Fake a 31 bit psw address. */
620 			tmp = (__u32) regs->psw.addr |
621 				(__u32)(regs->psw.mask & PSW_MASK_BA);
622 		} else {
623 			/* gpr 0-15 */
624 			tmp = *(__u32 *)((addr_t) &regs->psw + addr*2 + 4);
625 		}
626 	} else if (addr < (addr_t) (&dummy32->regs.orig_gpr2)) {
627 		/*
628 		 * access registers are stored in the thread structure
629 		 */
630 		offset = addr - (addr_t) &dummy32->regs.acrs;
631 		tmp = *(__u32*)((addr_t) &child->thread.acrs + offset);
632 
633 	} else if (addr == (addr_t) (&dummy32->regs.orig_gpr2)) {
634 		/*
635 		 * orig_gpr2 is stored on the kernel stack
636 		 */
637 		tmp = *(__u32*)((addr_t) &task_pt_regs(child)->orig_gpr2 + 4);
638 
639 	} else if (addr < (addr_t) &dummy32->regs.fp_regs) {
640 		/*
641 		 * prevent reads of padding hole between
642 		 * orig_gpr2 and fp_regs on s390.
643 		 */
644 		tmp = 0;
645 
646 	} else if (addr == (addr_t) &dummy32->regs.fp_regs.fpc) {
647 		/*
648 		 * floating point control reg. is in the thread structure
649 		 */
650 		tmp = child->thread.fpu.fpc;
651 
652 	} else if (addr < (addr_t) (&dummy32->regs.fp_regs + 1)) {
653 		/*
654 		 * floating point regs. are either in child->thread.fpu
655 		 * or the child->thread.fpu.vxrs array
656 		 */
657 		offset = addr - (addr_t) &dummy32->regs.fp_regs.fprs;
658 		if (MACHINE_HAS_VX)
659 			tmp = *(__u32 *)
660 			       ((addr_t) child->thread.fpu.vxrs + 2*offset);
661 		else
662 			tmp = *(__u32 *)
663 			       ((addr_t) child->thread.fpu.fprs + offset);
664 
665 	} else if (addr < (addr_t) (&dummy32->regs.per_info + 1)) {
666 		/*
667 		 * Handle access to the per_info structure.
668 		 */
669 		addr -= (addr_t) &dummy32->regs.per_info;
670 		tmp = __peek_user_per_compat(child, addr);
671 
672 	} else
673 		tmp = 0;
674 
675 	return tmp;
676 }
677 
678 static int peek_user_compat(struct task_struct *child,
679 			    addr_t addr, addr_t data)
680 {
681 	__u32 tmp;
682 
683 	if (!is_compat_task() || (addr & 3) || addr > sizeof(struct user) - 3)
684 		return -EIO;
685 
686 	tmp = __peek_user_compat(child, addr);
687 	return put_user(tmp, (__u32 __user *) data);
688 }
689 
690 /*
691  * Same as poke_user_per but for a 31 bit program.
692  */
693 static inline void __poke_user_per_compat(struct task_struct *child,
694 					  addr_t addr, __u32 data)
695 {
696 	struct compat_per_struct_kernel *dummy32 = NULL;
697 
698 	if (addr == (addr_t) &dummy32->cr9)
699 		/* PER event mask of the user specified per set. */
700 		child->thread.per_user.control =
701 			data & (PER_EVENT_MASK | PER_CONTROL_MASK);
702 	else if (addr == (addr_t) &dummy32->starting_addr)
703 		/* Starting address of the user specified per set. */
704 		child->thread.per_user.start = data;
705 	else if (addr == (addr_t) &dummy32->ending_addr)
706 		/* Ending address of the user specified per set. */
707 		child->thread.per_user.end = data;
708 }
709 
710 /*
711  * Same as poke_user but for a 31 bit program.
712  */
713 static int __poke_user_compat(struct task_struct *child,
714 			      addr_t addr, addr_t data)
715 {
716 	struct compat_user *dummy32 = NULL;
717 	__u32 tmp = (__u32) data;
718 	addr_t offset;
719 
720 	if (addr < (addr_t) &dummy32->regs.acrs) {
721 		struct pt_regs *regs = task_pt_regs(child);
722 		/*
723 		 * psw, gprs, acrs and orig_gpr2 are stored on the stack
724 		 */
725 		if (addr == (addr_t) &dummy32->regs.psw.mask) {
726 			__u32 mask = PSW32_MASK_USER;
727 
728 			mask |= is_ri_task(child) ? PSW32_MASK_RI : 0;
729 			/* Build a 64 bit psw mask from 31 bit mask. */
730 			if ((tmp ^ PSW32_USER_BITS) & ~mask)
731 				/* Invalid psw mask. */
732 				return -EINVAL;
733 			if ((data & PSW32_MASK_ASC) == PSW32_ASC_HOME)
734 				/* Invalid address-space-control bits */
735 				return -EINVAL;
736 			regs->psw.mask = (regs->psw.mask & ~PSW_MASK_USER) |
737 				(regs->psw.mask & PSW_MASK_BA) |
738 				(__u64)(tmp & mask) << 32;
739 		} else if (addr == (addr_t) &dummy32->regs.psw.addr) {
740 			/* Build a 64 bit psw address from 31 bit address. */
741 			regs->psw.addr = (__u64) tmp & PSW32_ADDR_INSN;
742 			/* Transfer 31 bit amode bit to psw mask. */
743 			regs->psw.mask = (regs->psw.mask & ~PSW_MASK_BA) |
744 				(__u64)(tmp & PSW32_ADDR_AMODE);
745 		} else {
746 
747 			if (test_pt_regs_flag(regs, PIF_SYSCALL) &&
748 				addr == offsetof(struct compat_user, regs.gprs[2]))
749 				fixup_int_code(child, data);
750 			/* gpr 0-15 */
751 			*(__u32*)((addr_t) &regs->psw + addr*2 + 4) = tmp;
752 		}
753 	} else if (addr < (addr_t) (&dummy32->regs.orig_gpr2)) {
754 		/*
755 		 * access registers are stored in the thread structure
756 		 */
757 		offset = addr - (addr_t) &dummy32->regs.acrs;
758 		*(__u32*)((addr_t) &child->thread.acrs + offset) = tmp;
759 
760 	} else if (addr == (addr_t) (&dummy32->regs.orig_gpr2)) {
761 		/*
762 		 * orig_gpr2 is stored on the kernel stack
763 		 */
764 		*(__u32*)((addr_t) &task_pt_regs(child)->orig_gpr2 + 4) = tmp;
765 
766 	} else if (addr < (addr_t) &dummy32->regs.fp_regs) {
767 		/*
768 		 * prevent writess of padding hole between
769 		 * orig_gpr2 and fp_regs on s390.
770 		 */
771 		return 0;
772 
773 	} else if (addr == (addr_t) &dummy32->regs.fp_regs.fpc) {
774 		/*
775 		 * floating point control reg. is in the thread structure
776 		 */
777 		if (test_fp_ctl(tmp))
778 			return -EINVAL;
779 		child->thread.fpu.fpc = data;
780 
781 	} else if (addr < (addr_t) (&dummy32->regs.fp_regs + 1)) {
782 		/*
783 		 * floating point regs. are either in child->thread.fpu
784 		 * or the child->thread.fpu.vxrs array
785 		 */
786 		offset = addr - (addr_t) &dummy32->regs.fp_regs.fprs;
787 		if (MACHINE_HAS_VX)
788 			*(__u32 *)((addr_t)
789 				child->thread.fpu.vxrs + 2*offset) = tmp;
790 		else
791 			*(__u32 *)((addr_t)
792 				child->thread.fpu.fprs + offset) = tmp;
793 
794 	} else if (addr < (addr_t) (&dummy32->regs.per_info + 1)) {
795 		/*
796 		 * Handle access to the per_info structure.
797 		 */
798 		addr -= (addr_t) &dummy32->regs.per_info;
799 		__poke_user_per_compat(child, addr, data);
800 	}
801 
802 	return 0;
803 }
804 
805 static int poke_user_compat(struct task_struct *child,
806 			    addr_t addr, addr_t data)
807 {
808 	if (!is_compat_task() || (addr & 3) ||
809 	    addr > sizeof(struct compat_user) - 3)
810 		return -EIO;
811 
812 	return __poke_user_compat(child, addr, data);
813 }
814 
815 long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
816 			compat_ulong_t caddr, compat_ulong_t cdata)
817 {
818 	unsigned long addr = caddr;
819 	unsigned long data = cdata;
820 	compat_ptrace_area parea;
821 	int copied, ret;
822 
823 	switch (request) {
824 	case PTRACE_PEEKUSR:
825 		/* read the word at location addr in the USER area. */
826 		return peek_user_compat(child, addr, data);
827 
828 	case PTRACE_POKEUSR:
829 		/* write the word at location addr in the USER area */
830 		return poke_user_compat(child, addr, data);
831 
832 	case PTRACE_PEEKUSR_AREA:
833 	case PTRACE_POKEUSR_AREA:
834 		if (copy_from_user(&parea, (void __force __user *) addr,
835 							sizeof(parea)))
836 			return -EFAULT;
837 		addr = parea.kernel_addr;
838 		data = parea.process_addr;
839 		copied = 0;
840 		while (copied < parea.len) {
841 			if (request == PTRACE_PEEKUSR_AREA)
842 				ret = peek_user_compat(child, addr, data);
843 			else {
844 				__u32 utmp;
845 				if (get_user(utmp,
846 					     (__u32 __force __user *) data))
847 					return -EFAULT;
848 				ret = poke_user_compat(child, addr, utmp);
849 			}
850 			if (ret)
851 				return ret;
852 			addr += sizeof(unsigned int);
853 			data += sizeof(unsigned int);
854 			copied += sizeof(unsigned int);
855 		}
856 		return 0;
857 	case PTRACE_GET_LAST_BREAK:
858 		put_user(child->thread.last_break,
859 			 (unsigned int __user *) data);
860 		return 0;
861 	}
862 	return compat_ptrace_request(child, request, addr, data);
863 }
864 #endif
865 
866 asmlinkage long do_syscall_trace_enter(struct pt_regs *regs)
867 {
868 	unsigned long mask = -1UL;
869 	long ret = -1;
870 
871 	if (is_compat_task())
872 		mask = 0xffffffff;
873 
874 	/*
875 	 * The sysc_tracesys code in entry.S stored the system
876 	 * call number to gprs[2].
877 	 */
878 	if (test_thread_flag(TIF_SYSCALL_TRACE) &&
879 	    tracehook_report_syscall_entry(regs)) {
880 		/*
881 		 * Tracing decided this syscall should not happen. Skip
882 		 * the system call and the system call restart handling.
883 		 */
884 		goto skip;
885 	}
886 
887 #ifdef CONFIG_SECCOMP
888 	/* Do the secure computing check after ptrace. */
889 	if (unlikely(test_thread_flag(TIF_SECCOMP))) {
890 		struct seccomp_data sd;
891 
892 		if (is_compat_task()) {
893 			sd.instruction_pointer = regs->psw.addr & 0x7fffffff;
894 			sd.arch = AUDIT_ARCH_S390;
895 		} else {
896 			sd.instruction_pointer = regs->psw.addr;
897 			sd.arch = AUDIT_ARCH_S390X;
898 		}
899 
900 		sd.nr = regs->int_code & 0xffff;
901 		sd.args[0] = regs->orig_gpr2 & mask;
902 		sd.args[1] = regs->gprs[3] & mask;
903 		sd.args[2] = regs->gprs[4] & mask;
904 		sd.args[3] = regs->gprs[5] & mask;
905 		sd.args[4] = regs->gprs[6] & mask;
906 		sd.args[5] = regs->gprs[7] & mask;
907 
908 		if (__secure_computing(&sd) == -1)
909 			goto skip;
910 	}
911 #endif /* CONFIG_SECCOMP */
912 
913 	if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
914 		trace_sys_enter(regs, regs->int_code & 0xffff);
915 
916 
917 	audit_syscall_entry(regs->int_code & 0xffff, regs->orig_gpr2 & mask,
918 			    regs->gprs[3] &mask, regs->gprs[4] &mask,
919 			    regs->gprs[5] &mask);
920 
921 	if ((signed long)regs->gprs[2] >= NR_syscalls) {
922 		regs->gprs[2] = -ENOSYS;
923 		ret = -ENOSYS;
924 	}
925 	return regs->gprs[2];
926 skip:
927 	clear_pt_regs_flag(regs, PIF_SYSCALL);
928 	return ret;
929 }
930 
931 asmlinkage void do_syscall_trace_exit(struct pt_regs *regs)
932 {
933 	audit_syscall_exit(regs);
934 
935 	if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
936 		trace_sys_exit(regs, regs->gprs[2]);
937 
938 	if (test_thread_flag(TIF_SYSCALL_TRACE))
939 		tracehook_report_syscall_exit(regs, 0);
940 }
941 
942 /*
943  * user_regset definitions.
944  */
945 
946 static int s390_regs_get(struct task_struct *target,
947 			 const struct user_regset *regset,
948 			 unsigned int pos, unsigned int count,
949 			 void *kbuf, void __user *ubuf)
950 {
951 	if (target == current)
952 		save_access_regs(target->thread.acrs);
953 
954 	if (kbuf) {
955 		unsigned long *k = kbuf;
956 		while (count > 0) {
957 			*k++ = __peek_user(target, pos);
958 			count -= sizeof(*k);
959 			pos += sizeof(*k);
960 		}
961 	} else {
962 		unsigned long __user *u = ubuf;
963 		while (count > 0) {
964 			if (__put_user(__peek_user(target, pos), u++))
965 				return -EFAULT;
966 			count -= sizeof(*u);
967 			pos += sizeof(*u);
968 		}
969 	}
970 	return 0;
971 }
972 
973 static int s390_regs_set(struct task_struct *target,
974 			 const struct user_regset *regset,
975 			 unsigned int pos, unsigned int count,
976 			 const void *kbuf, const void __user *ubuf)
977 {
978 	int rc = 0;
979 
980 	if (target == current)
981 		save_access_regs(target->thread.acrs);
982 
983 	if (kbuf) {
984 		const unsigned long *k = kbuf;
985 		while (count > 0 && !rc) {
986 			rc = __poke_user(target, pos, *k++);
987 			count -= sizeof(*k);
988 			pos += sizeof(*k);
989 		}
990 	} else {
991 		const unsigned long  __user *u = ubuf;
992 		while (count > 0 && !rc) {
993 			unsigned long word;
994 			rc = __get_user(word, u++);
995 			if (rc)
996 				break;
997 			rc = __poke_user(target, pos, word);
998 			count -= sizeof(*u);
999 			pos += sizeof(*u);
1000 		}
1001 	}
1002 
1003 	if (rc == 0 && target == current)
1004 		restore_access_regs(target->thread.acrs);
1005 
1006 	return rc;
1007 }
1008 
1009 static int s390_fpregs_get(struct task_struct *target,
1010 			   const struct user_regset *regset, unsigned int pos,
1011 			   unsigned int count, void *kbuf, void __user *ubuf)
1012 {
1013 	_s390_fp_regs fp_regs;
1014 
1015 	if (target == current)
1016 		save_fpu_regs();
1017 
1018 	fp_regs.fpc = target->thread.fpu.fpc;
1019 	fpregs_store(&fp_regs, &target->thread.fpu);
1020 
1021 	return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
1022 				   &fp_regs, 0, -1);
1023 }
1024 
1025 static int s390_fpregs_set(struct task_struct *target,
1026 			   const struct user_regset *regset, unsigned int pos,
1027 			   unsigned int count, const void *kbuf,
1028 			   const void __user *ubuf)
1029 {
1030 	int rc = 0;
1031 	freg_t fprs[__NUM_FPRS];
1032 
1033 	if (target == current)
1034 		save_fpu_regs();
1035 
1036 	if (MACHINE_HAS_VX)
1037 		convert_vx_to_fp(fprs, target->thread.fpu.vxrs);
1038 	else
1039 		memcpy(&fprs, target->thread.fpu.fprs, sizeof(fprs));
1040 
1041 	/* If setting FPC, must validate it first. */
1042 	if (count > 0 && pos < offsetof(s390_fp_regs, fprs)) {
1043 		u32 ufpc[2] = { target->thread.fpu.fpc, 0 };
1044 		rc = user_regset_copyin(&pos, &count, &kbuf, &ubuf, &ufpc,
1045 					0, offsetof(s390_fp_regs, fprs));
1046 		if (rc)
1047 			return rc;
1048 		if (ufpc[1] != 0 || test_fp_ctl(ufpc[0]))
1049 			return -EINVAL;
1050 		target->thread.fpu.fpc = ufpc[0];
1051 	}
1052 
1053 	if (rc == 0 && count > 0)
1054 		rc = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
1055 					fprs, offsetof(s390_fp_regs, fprs), -1);
1056 	if (rc)
1057 		return rc;
1058 
1059 	if (MACHINE_HAS_VX)
1060 		convert_fp_to_vx(target->thread.fpu.vxrs, fprs);
1061 	else
1062 		memcpy(target->thread.fpu.fprs, &fprs, sizeof(fprs));
1063 
1064 	return rc;
1065 }
1066 
1067 static int s390_last_break_get(struct task_struct *target,
1068 			       const struct user_regset *regset,
1069 			       unsigned int pos, unsigned int count,
1070 			       void *kbuf, void __user *ubuf)
1071 {
1072 	if (count > 0) {
1073 		if (kbuf) {
1074 			unsigned long *k = kbuf;
1075 			*k = target->thread.last_break;
1076 		} else {
1077 			unsigned long  __user *u = ubuf;
1078 			if (__put_user(target->thread.last_break, u))
1079 				return -EFAULT;
1080 		}
1081 	}
1082 	return 0;
1083 }
1084 
1085 static int s390_last_break_set(struct task_struct *target,
1086 			       const struct user_regset *regset,
1087 			       unsigned int pos, unsigned int count,
1088 			       const void *kbuf, const void __user *ubuf)
1089 {
1090 	return 0;
1091 }
1092 
1093 static int s390_tdb_get(struct task_struct *target,
1094 			const struct user_regset *regset,
1095 			unsigned int pos, unsigned int count,
1096 			void *kbuf, void __user *ubuf)
1097 {
1098 	struct pt_regs *regs = task_pt_regs(target);
1099 	unsigned char *data;
1100 
1101 	if (!(regs->int_code & 0x200))
1102 		return -ENODATA;
1103 	data = target->thread.trap_tdb;
1104 	return user_regset_copyout(&pos, &count, &kbuf, &ubuf, data, 0, 256);
1105 }
1106 
1107 static int s390_tdb_set(struct task_struct *target,
1108 			const struct user_regset *regset,
1109 			unsigned int pos, unsigned int count,
1110 			const void *kbuf, const void __user *ubuf)
1111 {
1112 	return 0;
1113 }
1114 
1115 static int s390_vxrs_low_get(struct task_struct *target,
1116 			     const struct user_regset *regset,
1117 			     unsigned int pos, unsigned int count,
1118 			     void *kbuf, void __user *ubuf)
1119 {
1120 	__u64 vxrs[__NUM_VXRS_LOW];
1121 	int i;
1122 
1123 	if (!MACHINE_HAS_VX)
1124 		return -ENODEV;
1125 	if (target == current)
1126 		save_fpu_regs();
1127 	for (i = 0; i < __NUM_VXRS_LOW; i++)
1128 		vxrs[i] = *((__u64 *)(target->thread.fpu.vxrs + i) + 1);
1129 	return user_regset_copyout(&pos, &count, &kbuf, &ubuf, vxrs, 0, -1);
1130 }
1131 
1132 static int s390_vxrs_low_set(struct task_struct *target,
1133 			     const struct user_regset *regset,
1134 			     unsigned int pos, unsigned int count,
1135 			     const void *kbuf, const void __user *ubuf)
1136 {
1137 	__u64 vxrs[__NUM_VXRS_LOW];
1138 	int i, rc;
1139 
1140 	if (!MACHINE_HAS_VX)
1141 		return -ENODEV;
1142 	if (target == current)
1143 		save_fpu_regs();
1144 
1145 	for (i = 0; i < __NUM_VXRS_LOW; i++)
1146 		vxrs[i] = *((__u64 *)(target->thread.fpu.vxrs + i) + 1);
1147 
1148 	rc = user_regset_copyin(&pos, &count, &kbuf, &ubuf, vxrs, 0, -1);
1149 	if (rc == 0)
1150 		for (i = 0; i < __NUM_VXRS_LOW; i++)
1151 			*((__u64 *)(target->thread.fpu.vxrs + i) + 1) = vxrs[i];
1152 
1153 	return rc;
1154 }
1155 
1156 static int s390_vxrs_high_get(struct task_struct *target,
1157 			      const struct user_regset *regset,
1158 			      unsigned int pos, unsigned int count,
1159 			      void *kbuf, void __user *ubuf)
1160 {
1161 	__vector128 vxrs[__NUM_VXRS_HIGH];
1162 
1163 	if (!MACHINE_HAS_VX)
1164 		return -ENODEV;
1165 	if (target == current)
1166 		save_fpu_regs();
1167 	memcpy(vxrs, target->thread.fpu.vxrs + __NUM_VXRS_LOW, sizeof(vxrs));
1168 
1169 	return user_regset_copyout(&pos, &count, &kbuf, &ubuf, vxrs, 0, -1);
1170 }
1171 
1172 static int s390_vxrs_high_set(struct task_struct *target,
1173 			      const struct user_regset *regset,
1174 			      unsigned int pos, unsigned int count,
1175 			      const void *kbuf, const void __user *ubuf)
1176 {
1177 	int rc;
1178 
1179 	if (!MACHINE_HAS_VX)
1180 		return -ENODEV;
1181 	if (target == current)
1182 		save_fpu_regs();
1183 
1184 	rc = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
1185 				target->thread.fpu.vxrs + __NUM_VXRS_LOW, 0, -1);
1186 	return rc;
1187 }
1188 
1189 static int s390_system_call_get(struct task_struct *target,
1190 				const struct user_regset *regset,
1191 				unsigned int pos, unsigned int count,
1192 				void *kbuf, void __user *ubuf)
1193 {
1194 	unsigned int *data = &target->thread.system_call;
1195 	return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
1196 				   data, 0, sizeof(unsigned int));
1197 }
1198 
1199 static int s390_system_call_set(struct task_struct *target,
1200 				const struct user_regset *regset,
1201 				unsigned int pos, unsigned int count,
1202 				const void *kbuf, const void __user *ubuf)
1203 {
1204 	unsigned int *data = &target->thread.system_call;
1205 	return user_regset_copyin(&pos, &count, &kbuf, &ubuf,
1206 				  data, 0, sizeof(unsigned int));
1207 }
1208 
1209 static int s390_gs_cb_get(struct task_struct *target,
1210 			  const struct user_regset *regset,
1211 			  unsigned int pos, unsigned int count,
1212 			  void *kbuf, void __user *ubuf)
1213 {
1214 	struct gs_cb *data = target->thread.gs_cb;
1215 
1216 	if (!MACHINE_HAS_GS)
1217 		return -ENODEV;
1218 	if (!data)
1219 		return -ENODATA;
1220 	if (target == current)
1221 		save_gs_cb(data);
1222 	return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
1223 				   data, 0, sizeof(struct gs_cb));
1224 }
1225 
1226 static int s390_gs_cb_set(struct task_struct *target,
1227 			  const struct user_regset *regset,
1228 			  unsigned int pos, unsigned int count,
1229 			  const void *kbuf, const void __user *ubuf)
1230 {
1231 	struct gs_cb gs_cb = { }, *data = NULL;
1232 	int rc;
1233 
1234 	if (!MACHINE_HAS_GS)
1235 		return -ENODEV;
1236 	if (!target->thread.gs_cb) {
1237 		data = kzalloc(sizeof(*data), GFP_KERNEL);
1238 		if (!data)
1239 			return -ENOMEM;
1240 	}
1241 	if (!target->thread.gs_cb)
1242 		gs_cb.gsd = 25;
1243 	else if (target == current)
1244 		save_gs_cb(&gs_cb);
1245 	else
1246 		gs_cb = *target->thread.gs_cb;
1247 	rc = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
1248 				&gs_cb, 0, sizeof(gs_cb));
1249 	if (rc) {
1250 		kfree(data);
1251 		return -EFAULT;
1252 	}
1253 	preempt_disable();
1254 	if (!target->thread.gs_cb)
1255 		target->thread.gs_cb = data;
1256 	*target->thread.gs_cb = gs_cb;
1257 	if (target == current) {
1258 		__ctl_set_bit(2, 4);
1259 		restore_gs_cb(target->thread.gs_cb);
1260 	}
1261 	preempt_enable();
1262 	return rc;
1263 }
1264 
1265 static int s390_gs_bc_get(struct task_struct *target,
1266 			  const struct user_regset *regset,
1267 			  unsigned int pos, unsigned int count,
1268 			  void *kbuf, void __user *ubuf)
1269 {
1270 	struct gs_cb *data = target->thread.gs_bc_cb;
1271 
1272 	if (!MACHINE_HAS_GS)
1273 		return -ENODEV;
1274 	if (!data)
1275 		return -ENODATA;
1276 	return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
1277 				   data, 0, sizeof(struct gs_cb));
1278 }
1279 
1280 static int s390_gs_bc_set(struct task_struct *target,
1281 			  const struct user_regset *regset,
1282 			  unsigned int pos, unsigned int count,
1283 			  const void *kbuf, const void __user *ubuf)
1284 {
1285 	struct gs_cb *data = target->thread.gs_bc_cb;
1286 
1287 	if (!MACHINE_HAS_GS)
1288 		return -ENODEV;
1289 	if (!data) {
1290 		data = kzalloc(sizeof(*data), GFP_KERNEL);
1291 		if (!data)
1292 			return -ENOMEM;
1293 		target->thread.gs_bc_cb = data;
1294 	}
1295 	return user_regset_copyin(&pos, &count, &kbuf, &ubuf,
1296 				  data, 0, sizeof(struct gs_cb));
1297 }
1298 
1299 static bool is_ri_cb_valid(struct runtime_instr_cb *cb)
1300 {
1301 	return (cb->rca & 0x1f) == 0 &&
1302 		(cb->roa & 0xfff) == 0 &&
1303 		(cb->rla & 0xfff) == 0xfff &&
1304 		cb->s == 1 &&
1305 		cb->k == 1 &&
1306 		cb->h == 0 &&
1307 		cb->reserved1 == 0 &&
1308 		cb->ps == 1 &&
1309 		cb->qs == 0 &&
1310 		cb->pc == 1 &&
1311 		cb->qc == 0 &&
1312 		cb->reserved2 == 0 &&
1313 		cb->key == PAGE_DEFAULT_KEY &&
1314 		cb->reserved3 == 0 &&
1315 		cb->reserved4 == 0 &&
1316 		cb->reserved5 == 0 &&
1317 		cb->reserved6 == 0 &&
1318 		cb->reserved7 == 0 &&
1319 		cb->reserved8 == 0 &&
1320 		cb->rla >= cb->roa &&
1321 		cb->rca >= cb->roa &&
1322 		cb->rca <= cb->rla+1 &&
1323 		cb->m < 3;
1324 }
1325 
1326 static int s390_runtime_instr_get(struct task_struct *target,
1327 				const struct user_regset *regset,
1328 				unsigned int pos, unsigned int count,
1329 				void *kbuf, void __user *ubuf)
1330 {
1331 	struct runtime_instr_cb *data = target->thread.ri_cb;
1332 
1333 	if (!test_facility(64))
1334 		return -ENODEV;
1335 	if (!data)
1336 		return -ENODATA;
1337 
1338 	return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
1339 				   data, 0, sizeof(struct runtime_instr_cb));
1340 }
1341 
1342 static int s390_runtime_instr_set(struct task_struct *target,
1343 				  const struct user_regset *regset,
1344 				  unsigned int pos, unsigned int count,
1345 				  const void *kbuf, const void __user *ubuf)
1346 {
1347 	struct runtime_instr_cb ri_cb = { }, *data = NULL;
1348 	int rc;
1349 
1350 	if (!test_facility(64))
1351 		return -ENODEV;
1352 
1353 	if (!target->thread.ri_cb) {
1354 		data = kzalloc(sizeof(*data), GFP_KERNEL);
1355 		if (!data)
1356 			return -ENOMEM;
1357 	}
1358 
1359 	if (target->thread.ri_cb) {
1360 		if (target == current)
1361 			store_runtime_instr_cb(&ri_cb);
1362 		else
1363 			ri_cb = *target->thread.ri_cb;
1364 	}
1365 
1366 	rc = user_regset_copyin(&pos, &count, &kbuf, &ubuf,
1367 				&ri_cb, 0, sizeof(struct runtime_instr_cb));
1368 	if (rc) {
1369 		kfree(data);
1370 		return -EFAULT;
1371 	}
1372 
1373 	if (!is_ri_cb_valid(&ri_cb)) {
1374 		kfree(data);
1375 		return -EINVAL;
1376 	}
1377 
1378 	preempt_disable();
1379 	if (!target->thread.ri_cb)
1380 		target->thread.ri_cb = data;
1381 	*target->thread.ri_cb = ri_cb;
1382 	if (target == current)
1383 		load_runtime_instr_cb(target->thread.ri_cb);
1384 	preempt_enable();
1385 
1386 	return 0;
1387 }
1388 
1389 static const struct user_regset s390_regsets[] = {
1390 	{
1391 		.core_note_type = NT_PRSTATUS,
1392 		.n = sizeof(s390_regs) / sizeof(long),
1393 		.size = sizeof(long),
1394 		.align = sizeof(long),
1395 		.get = s390_regs_get,
1396 		.set = s390_regs_set,
1397 	},
1398 	{
1399 		.core_note_type = NT_PRFPREG,
1400 		.n = sizeof(s390_fp_regs) / sizeof(long),
1401 		.size = sizeof(long),
1402 		.align = sizeof(long),
1403 		.get = s390_fpregs_get,
1404 		.set = s390_fpregs_set,
1405 	},
1406 	{
1407 		.core_note_type = NT_S390_SYSTEM_CALL,
1408 		.n = 1,
1409 		.size = sizeof(unsigned int),
1410 		.align = sizeof(unsigned int),
1411 		.get = s390_system_call_get,
1412 		.set = s390_system_call_set,
1413 	},
1414 	{
1415 		.core_note_type = NT_S390_LAST_BREAK,
1416 		.n = 1,
1417 		.size = sizeof(long),
1418 		.align = sizeof(long),
1419 		.get = s390_last_break_get,
1420 		.set = s390_last_break_set,
1421 	},
1422 	{
1423 		.core_note_type = NT_S390_TDB,
1424 		.n = 1,
1425 		.size = 256,
1426 		.align = 1,
1427 		.get = s390_tdb_get,
1428 		.set = s390_tdb_set,
1429 	},
1430 	{
1431 		.core_note_type = NT_S390_VXRS_LOW,
1432 		.n = __NUM_VXRS_LOW,
1433 		.size = sizeof(__u64),
1434 		.align = sizeof(__u64),
1435 		.get = s390_vxrs_low_get,
1436 		.set = s390_vxrs_low_set,
1437 	},
1438 	{
1439 		.core_note_type = NT_S390_VXRS_HIGH,
1440 		.n = __NUM_VXRS_HIGH,
1441 		.size = sizeof(__vector128),
1442 		.align = sizeof(__vector128),
1443 		.get = s390_vxrs_high_get,
1444 		.set = s390_vxrs_high_set,
1445 	},
1446 	{
1447 		.core_note_type = NT_S390_GS_CB,
1448 		.n = sizeof(struct gs_cb) / sizeof(__u64),
1449 		.size = sizeof(__u64),
1450 		.align = sizeof(__u64),
1451 		.get = s390_gs_cb_get,
1452 		.set = s390_gs_cb_set,
1453 	},
1454 	{
1455 		.core_note_type = NT_S390_GS_BC,
1456 		.n = sizeof(struct gs_cb) / sizeof(__u64),
1457 		.size = sizeof(__u64),
1458 		.align = sizeof(__u64),
1459 		.get = s390_gs_bc_get,
1460 		.set = s390_gs_bc_set,
1461 	},
1462 	{
1463 		.core_note_type = NT_S390_RI_CB,
1464 		.n = sizeof(struct runtime_instr_cb) / sizeof(__u64),
1465 		.size = sizeof(__u64),
1466 		.align = sizeof(__u64),
1467 		.get = s390_runtime_instr_get,
1468 		.set = s390_runtime_instr_set,
1469 	},
1470 };
1471 
1472 static const struct user_regset_view user_s390_view = {
1473 	.name = "s390x",
1474 	.e_machine = EM_S390,
1475 	.regsets = s390_regsets,
1476 	.n = ARRAY_SIZE(s390_regsets)
1477 };
1478 
1479 #ifdef CONFIG_COMPAT
1480 static int s390_compat_regs_get(struct task_struct *target,
1481 				const struct user_regset *regset,
1482 				unsigned int pos, unsigned int count,
1483 				void *kbuf, void __user *ubuf)
1484 {
1485 	if (target == current)
1486 		save_access_regs(target->thread.acrs);
1487 
1488 	if (kbuf) {
1489 		compat_ulong_t *k = kbuf;
1490 		while (count > 0) {
1491 			*k++ = __peek_user_compat(target, pos);
1492 			count -= sizeof(*k);
1493 			pos += sizeof(*k);
1494 		}
1495 	} else {
1496 		compat_ulong_t __user *u = ubuf;
1497 		while (count > 0) {
1498 			if (__put_user(__peek_user_compat(target, pos), u++))
1499 				return -EFAULT;
1500 			count -= sizeof(*u);
1501 			pos += sizeof(*u);
1502 		}
1503 	}
1504 	return 0;
1505 }
1506 
1507 static int s390_compat_regs_set(struct task_struct *target,
1508 				const struct user_regset *regset,
1509 				unsigned int pos, unsigned int count,
1510 				const void *kbuf, const void __user *ubuf)
1511 {
1512 	int rc = 0;
1513 
1514 	if (target == current)
1515 		save_access_regs(target->thread.acrs);
1516 
1517 	if (kbuf) {
1518 		const compat_ulong_t *k = kbuf;
1519 		while (count > 0 && !rc) {
1520 			rc = __poke_user_compat(target, pos, *k++);
1521 			count -= sizeof(*k);
1522 			pos += sizeof(*k);
1523 		}
1524 	} else {
1525 		const compat_ulong_t  __user *u = ubuf;
1526 		while (count > 0 && !rc) {
1527 			compat_ulong_t word;
1528 			rc = __get_user(word, u++);
1529 			if (rc)
1530 				break;
1531 			rc = __poke_user_compat(target, pos, word);
1532 			count -= sizeof(*u);
1533 			pos += sizeof(*u);
1534 		}
1535 	}
1536 
1537 	if (rc == 0 && target == current)
1538 		restore_access_regs(target->thread.acrs);
1539 
1540 	return rc;
1541 }
1542 
1543 static int s390_compat_regs_high_get(struct task_struct *target,
1544 				     const struct user_regset *regset,
1545 				     unsigned int pos, unsigned int count,
1546 				     void *kbuf, void __user *ubuf)
1547 {
1548 	compat_ulong_t *gprs_high;
1549 
1550 	gprs_high = (compat_ulong_t *)
1551 		&task_pt_regs(target)->gprs[pos / sizeof(compat_ulong_t)];
1552 	if (kbuf) {
1553 		compat_ulong_t *k = kbuf;
1554 		while (count > 0) {
1555 			*k++ = *gprs_high;
1556 			gprs_high += 2;
1557 			count -= sizeof(*k);
1558 		}
1559 	} else {
1560 		compat_ulong_t __user *u = ubuf;
1561 		while (count > 0) {
1562 			if (__put_user(*gprs_high, u++))
1563 				return -EFAULT;
1564 			gprs_high += 2;
1565 			count -= sizeof(*u);
1566 		}
1567 	}
1568 	return 0;
1569 }
1570 
1571 static int s390_compat_regs_high_set(struct task_struct *target,
1572 				     const struct user_regset *regset,
1573 				     unsigned int pos, unsigned int count,
1574 				     const void *kbuf, const void __user *ubuf)
1575 {
1576 	compat_ulong_t *gprs_high;
1577 	int rc = 0;
1578 
1579 	gprs_high = (compat_ulong_t *)
1580 		&task_pt_regs(target)->gprs[pos / sizeof(compat_ulong_t)];
1581 	if (kbuf) {
1582 		const compat_ulong_t *k = kbuf;
1583 		while (count > 0) {
1584 			*gprs_high = *k++;
1585 			*gprs_high += 2;
1586 			count -= sizeof(*k);
1587 		}
1588 	} else {
1589 		const compat_ulong_t  __user *u = ubuf;
1590 		while (count > 0 && !rc) {
1591 			unsigned long word;
1592 			rc = __get_user(word, u++);
1593 			if (rc)
1594 				break;
1595 			*gprs_high = word;
1596 			*gprs_high += 2;
1597 			count -= sizeof(*u);
1598 		}
1599 	}
1600 
1601 	return rc;
1602 }
1603 
1604 static int s390_compat_last_break_get(struct task_struct *target,
1605 				      const struct user_regset *regset,
1606 				      unsigned int pos, unsigned int count,
1607 				      void *kbuf, void __user *ubuf)
1608 {
1609 	compat_ulong_t last_break;
1610 
1611 	if (count > 0) {
1612 		last_break = target->thread.last_break;
1613 		if (kbuf) {
1614 			unsigned long *k = kbuf;
1615 			*k = last_break;
1616 		} else {
1617 			unsigned long  __user *u = ubuf;
1618 			if (__put_user(last_break, u))
1619 				return -EFAULT;
1620 		}
1621 	}
1622 	return 0;
1623 }
1624 
1625 static int s390_compat_last_break_set(struct task_struct *target,
1626 				      const struct user_regset *regset,
1627 				      unsigned int pos, unsigned int count,
1628 				      const void *kbuf, const void __user *ubuf)
1629 {
1630 	return 0;
1631 }
1632 
1633 static const struct user_regset s390_compat_regsets[] = {
1634 	{
1635 		.core_note_type = NT_PRSTATUS,
1636 		.n = sizeof(s390_compat_regs) / sizeof(compat_long_t),
1637 		.size = sizeof(compat_long_t),
1638 		.align = sizeof(compat_long_t),
1639 		.get = s390_compat_regs_get,
1640 		.set = s390_compat_regs_set,
1641 	},
1642 	{
1643 		.core_note_type = NT_PRFPREG,
1644 		.n = sizeof(s390_fp_regs) / sizeof(compat_long_t),
1645 		.size = sizeof(compat_long_t),
1646 		.align = sizeof(compat_long_t),
1647 		.get = s390_fpregs_get,
1648 		.set = s390_fpregs_set,
1649 	},
1650 	{
1651 		.core_note_type = NT_S390_SYSTEM_CALL,
1652 		.n = 1,
1653 		.size = sizeof(compat_uint_t),
1654 		.align = sizeof(compat_uint_t),
1655 		.get = s390_system_call_get,
1656 		.set = s390_system_call_set,
1657 	},
1658 	{
1659 		.core_note_type = NT_S390_LAST_BREAK,
1660 		.n = 1,
1661 		.size = sizeof(long),
1662 		.align = sizeof(long),
1663 		.get = s390_compat_last_break_get,
1664 		.set = s390_compat_last_break_set,
1665 	},
1666 	{
1667 		.core_note_type = NT_S390_TDB,
1668 		.n = 1,
1669 		.size = 256,
1670 		.align = 1,
1671 		.get = s390_tdb_get,
1672 		.set = s390_tdb_set,
1673 	},
1674 	{
1675 		.core_note_type = NT_S390_VXRS_LOW,
1676 		.n = __NUM_VXRS_LOW,
1677 		.size = sizeof(__u64),
1678 		.align = sizeof(__u64),
1679 		.get = s390_vxrs_low_get,
1680 		.set = s390_vxrs_low_set,
1681 	},
1682 	{
1683 		.core_note_type = NT_S390_VXRS_HIGH,
1684 		.n = __NUM_VXRS_HIGH,
1685 		.size = sizeof(__vector128),
1686 		.align = sizeof(__vector128),
1687 		.get = s390_vxrs_high_get,
1688 		.set = s390_vxrs_high_set,
1689 	},
1690 	{
1691 		.core_note_type = NT_S390_HIGH_GPRS,
1692 		.n = sizeof(s390_compat_regs_high) / sizeof(compat_long_t),
1693 		.size = sizeof(compat_long_t),
1694 		.align = sizeof(compat_long_t),
1695 		.get = s390_compat_regs_high_get,
1696 		.set = s390_compat_regs_high_set,
1697 	},
1698 	{
1699 		.core_note_type = NT_S390_GS_CB,
1700 		.n = sizeof(struct gs_cb) / sizeof(__u64),
1701 		.size = sizeof(__u64),
1702 		.align = sizeof(__u64),
1703 		.get = s390_gs_cb_get,
1704 		.set = s390_gs_cb_set,
1705 	},
1706 	{
1707 		.core_note_type = NT_S390_GS_BC,
1708 		.n = sizeof(struct gs_cb) / sizeof(__u64),
1709 		.size = sizeof(__u64),
1710 		.align = sizeof(__u64),
1711 		.get = s390_gs_bc_get,
1712 		.set = s390_gs_bc_set,
1713 	},
1714 	{
1715 		.core_note_type = NT_S390_RI_CB,
1716 		.n = sizeof(struct runtime_instr_cb) / sizeof(__u64),
1717 		.size = sizeof(__u64),
1718 		.align = sizeof(__u64),
1719 		.get = s390_runtime_instr_get,
1720 		.set = s390_runtime_instr_set,
1721 	},
1722 };
1723 
1724 static const struct user_regset_view user_s390_compat_view = {
1725 	.name = "s390",
1726 	.e_machine = EM_S390,
1727 	.regsets = s390_compat_regsets,
1728 	.n = ARRAY_SIZE(s390_compat_regsets)
1729 };
1730 #endif
1731 
1732 const struct user_regset_view *task_user_regset_view(struct task_struct *task)
1733 {
1734 #ifdef CONFIG_COMPAT
1735 	if (test_tsk_thread_flag(task, TIF_31BIT))
1736 		return &user_s390_compat_view;
1737 #endif
1738 	return &user_s390_view;
1739 }
1740 
1741 static const char *gpr_names[NUM_GPRS] = {
1742 	"r0", "r1",  "r2",  "r3",  "r4",  "r5",  "r6",  "r7",
1743 	"r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
1744 };
1745 
1746 unsigned long regs_get_register(struct pt_regs *regs, unsigned int offset)
1747 {
1748 	if (offset >= NUM_GPRS)
1749 		return 0;
1750 	return regs->gprs[offset];
1751 }
1752 
1753 int regs_query_register_offset(const char *name)
1754 {
1755 	unsigned long offset;
1756 
1757 	if (!name || *name != 'r')
1758 		return -EINVAL;
1759 	if (kstrtoul(name + 1, 10, &offset))
1760 		return -EINVAL;
1761 	if (offset >= NUM_GPRS)
1762 		return -EINVAL;
1763 	return offset;
1764 }
1765 
1766 const char *regs_query_register_name(unsigned int offset)
1767 {
1768 	if (offset >= NUM_GPRS)
1769 		return NULL;
1770 	return gpr_names[offset];
1771 }
1772 
1773 static int regs_within_kernel_stack(struct pt_regs *regs, unsigned long addr)
1774 {
1775 	unsigned long ksp = kernel_stack_pointer(regs);
1776 
1777 	return (addr & ~(THREAD_SIZE - 1)) == (ksp & ~(THREAD_SIZE - 1));
1778 }
1779 
1780 /**
1781  * regs_get_kernel_stack_nth() - get Nth entry of the stack
1782  * @regs:pt_regs which contains kernel stack pointer.
1783  * @n:stack entry number.
1784  *
1785  * regs_get_kernel_stack_nth() returns @n th entry of the kernel stack which
1786  * is specifined by @regs. If the @n th entry is NOT in the kernel stack,
1787  * this returns 0.
1788  */
1789 unsigned long regs_get_kernel_stack_nth(struct pt_regs *regs, unsigned int n)
1790 {
1791 	unsigned long addr;
1792 
1793 	addr = kernel_stack_pointer(regs) + n * sizeof(long);
1794 	if (!regs_within_kernel_stack(regs, addr))
1795 		return 0;
1796 	return *(unsigned long *)addr;
1797 }
1798