]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* By Ross Biro 1/23/92 */ |
2 | /* | |
3 | * Pentium III FXSR, SSE support | |
4 | * Gareth Hughes <gareth@valinux.com>, May 2000 | |
5 | */ | |
6 | ||
7 | #include <linux/kernel.h> | |
8 | #include <linux/sched.h> | |
9 | #include <linux/mm.h> | |
10 | #include <linux/smp.h> | |
1da177e4 LT |
11 | #include <linux/errno.h> |
12 | #include <linux/ptrace.h> | |
13 | #include <linux/user.h> | |
14 | #include <linux/security.h> | |
15 | #include <linux/audit.h> | |
16 | #include <linux/seccomp.h> | |
7ed20e1a | 17 | #include <linux/signal.h> |
1da177e4 LT |
18 | |
19 | #include <asm/uaccess.h> | |
20 | #include <asm/pgtable.h> | |
21 | #include <asm/system.h> | |
22 | #include <asm/processor.h> | |
23 | #include <asm/i387.h> | |
24 | #include <asm/debugreg.h> | |
25 | #include <asm/ldt.h> | |
26 | #include <asm/desc.h> | |
27 | ||
28 | /* | |
29 | * does not yet catch signals sent when the child dies. | |
30 | * in exit.c or in signal.c. | |
31 | */ | |
32 | ||
9f155b98 CE |
33 | /* |
34 | * Determines which flags the user has access to [1 = access, 0 = no access]. | |
9f155b98 | 35 | */ |
e39c2891 RM |
36 | #define FLAG_MASK_32 ((unsigned long) \ |
37 | (X86_EFLAGS_CF | X86_EFLAGS_PF | \ | |
38 | X86_EFLAGS_AF | X86_EFLAGS_ZF | \ | |
39 | X86_EFLAGS_SF | X86_EFLAGS_TF | \ | |
40 | X86_EFLAGS_DF | X86_EFLAGS_OF | \ | |
41 | X86_EFLAGS_RF | X86_EFLAGS_AC)) | |
42 | ||
43 | #define FLAG_MASK FLAG_MASK_32 | |
1da177e4 | 44 | |
62a97d44 | 45 | static long *pt_regs_access(struct pt_regs *regs, unsigned long regno) |
1da177e4 | 46 | { |
65ea5b03 | 47 | BUILD_BUG_ON(offsetof(struct pt_regs, bx) != 0); |
06ee1b68 | 48 | regno >>= 2; |
62a97d44 RM |
49 | if (regno > FS) |
50 | --regno; | |
65ea5b03 | 51 | return ®s->bx + regno; |
1da177e4 LT |
52 | } |
53 | ||
06ee1b68 | 54 | static u16 get_segment_reg(struct task_struct *task, unsigned long offset) |
1da177e4 | 55 | { |
06ee1b68 RM |
56 | /* |
57 | * Returning the value truncates it to 16 bits. | |
58 | */ | |
59 | unsigned int retval; | |
60 | if (offset != offsetof(struct user_regs_struct, gs)) | |
61 | retval = *pt_regs_access(task_pt_regs(task), offset); | |
62 | else { | |
63 | retval = task->thread.gs; | |
64 | if (task == current) | |
65 | savesegment(gs, retval); | |
66 | } | |
67 | return retval; | |
68 | } | |
69 | ||
70 | static int set_segment_reg(struct task_struct *task, | |
71 | unsigned long offset, u16 value) | |
72 | { | |
73 | /* | |
74 | * The value argument was already truncated to 16 bits. | |
75 | */ | |
76 | if (value && (value & 3) != 3) | |
77 | return -EIO; | |
78 | ||
79 | if (offset != offsetof(struct user_regs_struct, gs)) | |
80 | *pt_regs_access(task_pt_regs(task), offset) = value; | |
81 | else { | |
82 | task->thread.gs = value; | |
83 | if (task == current) | |
5fd4d16b RM |
84 | /* |
85 | * The user-mode %gs is not affected by | |
86 | * kernel entry, so we must update the CPU. | |
87 | */ | |
88 | loadsegment(gs, value); | |
1da177e4 | 89 | } |
06ee1b68 | 90 | |
1da177e4 LT |
91 | return 0; |
92 | } | |
93 | ||
06ee1b68 | 94 | static unsigned long get_flags(struct task_struct *task) |
1da177e4 | 95 | { |
06ee1b68 RM |
96 | unsigned long retval = task_pt_regs(task)->flags; |
97 | ||
98 | /* | |
99 | * If the debugger set TF, hide it from the readout. | |
100 | */ | |
101 | if (test_tsk_thread_flag(task, TIF_FORCED_TF)) | |
102 | retval &= ~X86_EFLAGS_TF; | |
1da177e4 | 103 | |
1da177e4 LT |
104 | return retval; |
105 | } | |
106 | ||
06ee1b68 RM |
107 | static int set_flags(struct task_struct *task, unsigned long value) |
108 | { | |
109 | struct pt_regs *regs = task_pt_regs(task); | |
110 | ||
111 | /* | |
112 | * If the user value contains TF, mark that | |
113 | * it was not "us" (the debugger) that set it. | |
114 | * If not, make sure it stays set if we had. | |
115 | */ | |
116 | if (value & X86_EFLAGS_TF) | |
117 | clear_tsk_thread_flag(task, TIF_FORCED_TF); | |
118 | else if (test_tsk_thread_flag(task, TIF_FORCED_TF)) | |
119 | value |= X86_EFLAGS_TF; | |
120 | ||
121 | regs->flags = (regs->flags & ~FLAG_MASK) | (value & FLAG_MASK); | |
122 | ||
123 | return 0; | |
124 | } | |
125 | ||
126 | static int putreg(struct task_struct *child, | |
127 | unsigned long offset, unsigned long value) | |
128 | { | |
129 | switch (offset) { | |
130 | case offsetof(struct user_regs_struct, cs): | |
131 | case offsetof(struct user_regs_struct, ds): | |
132 | case offsetof(struct user_regs_struct, es): | |
133 | case offsetof(struct user_regs_struct, fs): | |
134 | case offsetof(struct user_regs_struct, gs): | |
135 | case offsetof(struct user_regs_struct, ss): | |
136 | return set_segment_reg(child, offset, value); | |
137 | ||
138 | case offsetof(struct user_regs_struct, flags): | |
139 | return set_flags(child, value); | |
140 | } | |
141 | ||
142 | *pt_regs_access(task_pt_regs(child), offset) = value; | |
143 | return 0; | |
144 | } | |
145 | ||
146 | static unsigned long getreg(struct task_struct *task, unsigned long offset) | |
147 | { | |
148 | switch (offset) { | |
149 | case offsetof(struct user_regs_struct, cs): | |
150 | case offsetof(struct user_regs_struct, ds): | |
151 | case offsetof(struct user_regs_struct, es): | |
152 | case offsetof(struct user_regs_struct, fs): | |
153 | case offsetof(struct user_regs_struct, gs): | |
154 | case offsetof(struct user_regs_struct, ss): | |
155 | return get_segment_reg(task, offset); | |
156 | ||
157 | case offsetof(struct user_regs_struct, flags): | |
158 | return get_flags(task); | |
159 | } | |
160 | ||
161 | return *pt_regs_access(task_pt_regs(task), offset); | |
162 | } | |
163 | ||
d9771e8c RM |
164 | /* |
165 | * This function is trivial and will be inlined by the compiler. | |
166 | * Having it separates the implementation details of debug | |
167 | * registers from the interface details of ptrace. | |
168 | */ | |
169 | static unsigned long ptrace_get_debugreg(struct task_struct *child, int n) | |
170 | { | |
0f534093 RM |
171 | switch (n) { |
172 | case 0: return child->thread.debugreg0; | |
173 | case 1: return child->thread.debugreg1; | |
174 | case 2: return child->thread.debugreg2; | |
175 | case 3: return child->thread.debugreg3; | |
176 | case 6: return child->thread.debugreg6; | |
177 | case 7: return child->thread.debugreg7; | |
178 | } | |
179 | return 0; | |
d9771e8c RM |
180 | } |
181 | ||
182 | static int ptrace_set_debugreg(struct task_struct *child, | |
183 | int n, unsigned long data) | |
184 | { | |
0f534093 RM |
185 | int i; |
186 | ||
d9771e8c RM |
187 | if (unlikely(n == 4 || n == 5)) |
188 | return -EIO; | |
189 | ||
190 | if (n < 4 && unlikely(data >= TASK_SIZE - 3)) | |
191 | return -EIO; | |
192 | ||
0f534093 RM |
193 | switch (n) { |
194 | case 0: child->thread.debugreg0 = data; break; | |
195 | case 1: child->thread.debugreg1 = data; break; | |
196 | case 2: child->thread.debugreg2 = data; break; | |
197 | case 3: child->thread.debugreg3 = data; break; | |
198 | ||
199 | case 6: | |
200 | child->thread.debugreg6 = data; | |
201 | break; | |
202 | ||
203 | case 7: | |
d9771e8c RM |
204 | /* |
205 | * Sanity-check data. Take one half-byte at once with | |
206 | * check = (val >> (16 + 4*i)) & 0xf. It contains the | |
207 | * R/Wi and LENi bits; bits 0 and 1 are R/Wi, and bits | |
208 | * 2 and 3 are LENi. Given a list of invalid values, | |
209 | * we do mask |= 1 << invalid_value, so that | |
210 | * (mask >> check) & 1 is a correct test for invalid | |
211 | * values. | |
212 | * | |
213 | * R/Wi contains the type of the breakpoint / | |
214 | * watchpoint, LENi contains the length of the watched | |
215 | * data in the watchpoint case. | |
216 | * | |
217 | * The invalid values are: | |
218 | * - LENi == 0x10 (undefined), so mask |= 0x0f00. | |
219 | * - R/Wi == 0x10 (break on I/O reads or writes), so | |
220 | * mask |= 0x4444. | |
221 | * - R/Wi == 0x00 && LENi != 0x00, so we have mask |= | |
222 | * 0x1110. | |
223 | * | |
224 | * Finally, mask = 0x0f00 | 0x4444 | 0x1110 == 0x5f54. | |
225 | * | |
226 | * See the Intel Manual "System Programming Guide", | |
227 | * 15.2.4 | |
228 | * | |
229 | * Note that LENi == 0x10 is defined on x86_64 in long | |
230 | * mode (i.e. even for 32-bit userspace software, but | |
231 | * 64-bit kernel), so the x86_64 mask value is 0x5454. | |
232 | * See the AMD manual no. 24593 (AMD64 System Programming) | |
233 | */ | |
d9771e8c RM |
234 | data &= ~DR_CONTROL_RESERVED; |
235 | for (i = 0; i < 4; i++) | |
236 | if ((0x5f54 >> ((data >> (16 + 4*i)) & 0xf)) & 1) | |
237 | return -EIO; | |
0f534093 | 238 | child->thread.debugreg7 = data; |
d9771e8c RM |
239 | if (data) |
240 | set_tsk_thread_flag(child, TIF_DEBUG); | |
241 | else | |
242 | clear_tsk_thread_flag(child, TIF_DEBUG); | |
0f534093 | 243 | break; |
d9771e8c RM |
244 | } |
245 | ||
d9771e8c RM |
246 | return 0; |
247 | } | |
248 | ||
1da177e4 LT |
249 | /* |
250 | * Called by kernel/ptrace.c when detaching.. | |
251 | * | |
252 | * Make sure the single step bit is not set. | |
253 | */ | |
254 | void ptrace_disable(struct task_struct *child) | |
9e714bed | 255 | { |
7f232343 | 256 | user_disable_single_step(child); |
ab1c23c2 | 257 | clear_tsk_thread_flag(child, TIF_SYSCALL_EMU); |
1da177e4 LT |
258 | } |
259 | ||
481bed45 | 260 | long arch_ptrace(struct task_struct *child, long request, long addr, long data) |
1da177e4 | 261 | { |
1da177e4 LT |
262 | struct user * dummy = NULL; |
263 | int i, ret; | |
264 | unsigned long __user *datap = (unsigned long __user *)data; | |
265 | ||
1da177e4 LT |
266 | switch (request) { |
267 | /* when I and D space are separate, these will need to be fixed. */ | |
9e714bed | 268 | case PTRACE_PEEKTEXT: /* read word at location addr. */ |
76647323 AD |
269 | case PTRACE_PEEKDATA: |
270 | ret = generic_ptrace_peekdata(child, addr, data); | |
1da177e4 | 271 | break; |
1da177e4 LT |
272 | |
273 | /* read the word at location addr in the USER area. */ | |
274 | case PTRACE_PEEKUSR: { | |
275 | unsigned long tmp; | |
276 | ||
277 | ret = -EIO; | |
9e714bed | 278 | if ((addr & 3) || addr < 0 || |
1da177e4 LT |
279 | addr > sizeof(struct user) - 3) |
280 | break; | |
281 | ||
282 | tmp = 0; /* Default return condition */ | |
283 | if(addr < FRAME_SIZE*sizeof(long)) | |
284 | tmp = getreg(child, addr); | |
285 | if(addr >= (long) &dummy->u_debugreg[0] && | |
286 | addr <= (long) &dummy->u_debugreg[7]){ | |
287 | addr -= (long) &dummy->u_debugreg[0]; | |
288 | addr = addr >> 2; | |
d9771e8c | 289 | tmp = ptrace_get_debugreg(child, addr); |
1da177e4 LT |
290 | } |
291 | ret = put_user(tmp, datap); | |
292 | break; | |
293 | } | |
294 | ||
295 | /* when I and D space are separate, this will have to be fixed. */ | |
296 | case PTRACE_POKETEXT: /* write the word at location addr. */ | |
297 | case PTRACE_POKEDATA: | |
f284ce72 | 298 | ret = generic_ptrace_pokedata(child, addr, data); |
1da177e4 LT |
299 | break; |
300 | ||
301 | case PTRACE_POKEUSR: /* write the word at location addr in the USER area */ | |
302 | ret = -EIO; | |
9e714bed | 303 | if ((addr & 3) || addr < 0 || |
1da177e4 LT |
304 | addr > sizeof(struct user) - 3) |
305 | break; | |
306 | ||
307 | if (addr < FRAME_SIZE*sizeof(long)) { | |
308 | ret = putreg(child, addr, data); | |
309 | break; | |
310 | } | |
311 | /* We need to be very careful here. We implicitly | |
312 | want to modify a portion of the task_struct, and we | |
313 | have to be selective about what portions we allow someone | |
314 | to modify. */ | |
315 | ||
316 | ret = -EIO; | |
317 | if(addr >= (long) &dummy->u_debugreg[0] && | |
318 | addr <= (long) &dummy->u_debugreg[7]){ | |
1da177e4 LT |
319 | addr -= (long) &dummy->u_debugreg; |
320 | addr = addr >> 2; | |
d9771e8c | 321 | ret = ptrace_set_debugreg(child, addr, data); |
1da177e4 LT |
322 | } |
323 | break; | |
324 | ||
1da177e4 LT |
325 | case PTRACE_GETREGS: { /* Get all gp regs from the child. */ |
326 | if (!access_ok(VERIFY_WRITE, datap, FRAME_SIZE*sizeof(long))) { | |
327 | ret = -EIO; | |
328 | break; | |
329 | } | |
330 | for ( i = 0; i < FRAME_SIZE*sizeof(long); i += sizeof(long) ) { | |
331 | __put_user(getreg(child, i), datap); | |
332 | datap++; | |
333 | } | |
334 | ret = 0; | |
335 | break; | |
336 | } | |
337 | ||
338 | case PTRACE_SETREGS: { /* Set all gp regs in the child. */ | |
339 | unsigned long tmp; | |
340 | if (!access_ok(VERIFY_READ, datap, FRAME_SIZE*sizeof(long))) { | |
341 | ret = -EIO; | |
342 | break; | |
343 | } | |
344 | for ( i = 0; i < FRAME_SIZE*sizeof(long); i += sizeof(long) ) { | |
345 | __get_user(tmp, datap); | |
346 | putreg(child, i, tmp); | |
347 | datap++; | |
348 | } | |
349 | ret = 0; | |
350 | break; | |
351 | } | |
352 | ||
353 | case PTRACE_GETFPREGS: { /* Get the child FPU state. */ | |
354 | if (!access_ok(VERIFY_WRITE, datap, | |
355 | sizeof(struct user_i387_struct))) { | |
356 | ret = -EIO; | |
357 | break; | |
358 | } | |
359 | ret = 0; | |
360 | if (!tsk_used_math(child)) | |
361 | init_fpu(child); | |
362 | get_fpregs((struct user_i387_struct __user *)data, child); | |
363 | break; | |
364 | } | |
365 | ||
366 | case PTRACE_SETFPREGS: { /* Set the child FPU state. */ | |
367 | if (!access_ok(VERIFY_READ, datap, | |
368 | sizeof(struct user_i387_struct))) { | |
369 | ret = -EIO; | |
370 | break; | |
371 | } | |
372 | set_stopped_child_used_math(child); | |
373 | set_fpregs(child, (struct user_i387_struct __user *)data); | |
374 | ret = 0; | |
375 | break; | |
376 | } | |
377 | ||
378 | case PTRACE_GETFPXREGS: { /* Get the child extended FPU state. */ | |
379 | if (!access_ok(VERIFY_WRITE, datap, | |
380 | sizeof(struct user_fxsr_struct))) { | |
381 | ret = -EIO; | |
382 | break; | |
383 | } | |
384 | if (!tsk_used_math(child)) | |
385 | init_fpu(child); | |
386 | ret = get_fpxregs((struct user_fxsr_struct __user *)data, child); | |
387 | break; | |
388 | } | |
389 | ||
390 | case PTRACE_SETFPXREGS: { /* Set the child extended FPU state. */ | |
391 | if (!access_ok(VERIFY_READ, datap, | |
392 | sizeof(struct user_fxsr_struct))) { | |
393 | ret = -EIO; | |
394 | break; | |
395 | } | |
396 | set_stopped_child_used_math(child); | |
397 | ret = set_fpxregs(child, (struct user_fxsr_struct __user *)data); | |
398 | break; | |
399 | } | |
400 | ||
401 | case PTRACE_GET_THREAD_AREA: | |
efd1ca52 RM |
402 | if (addr < 0) |
403 | return -EIO; | |
404 | ret = do_get_thread_area(child, addr, | |
405 | (struct user_desc __user *) data); | |
1da177e4 LT |
406 | break; |
407 | ||
408 | case PTRACE_SET_THREAD_AREA: | |
efd1ca52 RM |
409 | if (addr < 0) |
410 | return -EIO; | |
411 | ret = do_set_thread_area(child, addr, | |
412 | (struct user_desc __user *) data, 0); | |
1da177e4 LT |
413 | break; |
414 | ||
415 | default: | |
416 | ret = ptrace_request(child, request, addr, data); | |
417 | break; | |
418 | } | |
d9771e8c | 419 | |
1da177e4 LT |
420 | return ret; |
421 | } | |
422 | ||
423 | void send_sigtrap(struct task_struct *tsk, struct pt_regs *regs, int error_code) | |
424 | { | |
425 | struct siginfo info; | |
426 | ||
427 | tsk->thread.trap_no = 1; | |
428 | tsk->thread.error_code = error_code; | |
429 | ||
430 | memset(&info, 0, sizeof(info)); | |
431 | info.si_signo = SIGTRAP; | |
432 | info.si_code = TRAP_BRKPT; | |
433 | ||
65ea5b03 PA |
434 | /* User-mode ip? */ |
435 | info.si_addr = user_mode_vm(regs) ? (void __user *) regs->ip : NULL; | |
1da177e4 | 436 | |
27b46d76 | 437 | /* Send us the fake SIGTRAP */ |
1da177e4 LT |
438 | force_sig_info(SIGTRAP, &info, tsk); |
439 | } | |
440 | ||
441 | /* notification of system call entry/exit | |
442 | * - triggered by current->work.syscall_trace | |
443 | */ | |
444 | __attribute__((regparm(3))) | |
ed75e8d5 | 445 | int do_syscall_trace(struct pt_regs *regs, int entryexit) |
1da177e4 | 446 | { |
4c7fc722 AA |
447 | int is_sysemu = test_thread_flag(TIF_SYSCALL_EMU); |
448 | /* | |
449 | * With TIF_SYSCALL_EMU set we want to ignore TIF_SINGLESTEP for syscall | |
450 | * interception | |
451 | */ | |
1b38f006 | 452 | int is_singlestep = !is_sysemu && test_thread_flag(TIF_SINGLESTEP); |
4c7fc722 | 453 | int ret = 0; |
1b38f006 | 454 | |
1da177e4 | 455 | /* do the secure computing check first */ |
4c7fc722 | 456 | if (!entryexit) |
65ea5b03 | 457 | secure_computing(regs->orig_ax); |
1da177e4 | 458 | |
ab1c23c2 BS |
459 | if (unlikely(current->audit_context)) { |
460 | if (entryexit) | |
65ea5b03 PA |
461 | audit_syscall_exit(AUDITSC_RESULT(regs->ax), |
462 | regs->ax); | |
ab1c23c2 BS |
463 | /* Debug traps, when using PTRACE_SINGLESTEP, must be sent only |
464 | * on the syscall exit path. Normally, when TIF_SYSCALL_AUDIT is | |
465 | * not used, entry.S will call us only on syscall exit, not | |
466 | * entry; so when TIF_SYSCALL_AUDIT is used we must avoid | |
467 | * calling send_sigtrap() on syscall entry. | |
468 | * | |
469 | * Note that when PTRACE_SYSEMU_SINGLESTEP is used, | |
470 | * is_singlestep is false, despite his name, so we will still do | |
471 | * the correct thing. | |
472 | */ | |
473 | else if (is_singlestep) | |
474 | goto out; | |
475 | } | |
1da177e4 LT |
476 | |
477 | if (!(current->ptrace & PT_PTRACED)) | |
2fd6f58b | 478 | goto out; |
1da177e4 | 479 | |
1b38f006 BS |
480 | /* If a process stops on the 1st tracepoint with SYSCALL_TRACE |
481 | * and then is resumed with SYSEMU_SINGLESTEP, it will come in | |
482 | * here. We have to check this and return */ | |
483 | if (is_sysemu && entryexit) | |
484 | return 0; | |
ed75e8d5 | 485 | |
1da177e4 | 486 | /* Fake a debug trap */ |
c8c86cec | 487 | if (is_singlestep) |
1da177e4 LT |
488 | send_sigtrap(current, regs, 0); |
489 | ||
c8c86cec | 490 | if (!test_thread_flag(TIF_SYSCALL_TRACE) && !is_sysemu) |
2fd6f58b | 491 | goto out; |
1da177e4 LT |
492 | |
493 | /* the 0x80 provides a way for the tracing parent to distinguish | |
494 | between a syscall stop and SIGTRAP delivery */ | |
ed75e8d5 | 495 | /* Note that the debugger could change the result of test_thread_flag!*/ |
4c7fc722 | 496 | ptrace_notify(SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD) ? 0x80:0)); |
1da177e4 LT |
497 | |
498 | /* | |
499 | * this isn't the same as continuing with a signal, but it will do | |
500 | * for normal use. strace only continues with a signal if the | |
501 | * stopping signal is not SIGTRAP. -brl | |
502 | */ | |
503 | if (current->exit_code) { | |
504 | send_sig(current->exit_code, current, 1); | |
505 | current->exit_code = 0; | |
506 | } | |
ed75e8d5 | 507 | ret = is_sysemu; |
4c7fc722 | 508 | out: |
2fd6f58b | 509 | if (unlikely(current->audit_context) && !entryexit) |
65ea5b03 PA |
510 | audit_syscall_entry(AUDIT_ARCH_I386, regs->orig_ax, |
511 | regs->bx, regs->cx, regs->dx, regs->si); | |
c8c86cec BS |
512 | if (ret == 0) |
513 | return 0; | |
514 | ||
65ea5b03 | 515 | regs->orig_ax = -1; /* force skip of syscall restarting */ |
c8c86cec | 516 | if (unlikely(current->audit_context)) |
65ea5b03 | 517 | audit_syscall_exit(AUDITSC_RESULT(regs->ax), regs->ax); |
c8c86cec | 518 | return 1; |
1da177e4 | 519 | } |