1 /* By Ross Biro 1/23/92 */
3 * Pentium III FXSR, SSE support
4 * Gareth Hughes <gareth@valinux.com>, May 2000
7 * Markus Metzger <markus.t.metzger@intel.com>, Dec 2007
10 #include <linux/kernel.h>
11 #include <linux/sched.h>
13 #include <linux/smp.h>
14 #include <linux/errno.h>
15 #include <linux/ptrace.h>
16 #include <linux/regset.h>
17 #include <linux/tracehook.h>
18 #include <linux/user.h>
19 #include <linux/elf.h>
20 #include <linux/security.h>
21 #include <linux/audit.h>
22 #include <linux/seccomp.h>
23 #include <linux/signal.h>
24 #include <linux/workqueue.h>
26 #include <asm/uaccess.h>
27 #include <asm/pgtable.h>
28 #include <asm/system.h>
29 #include <asm/processor.h>
31 #include <asm/debugreg.h>
34 #include <asm/prctl.h>
35 #include <asm/proto.h>
37 #include <asm/hw_breakpoint.h>
39 #include <trace/syscall.h>
47 REGSET_IOPERM64
= REGSET_XFP
,
53 * does not yet catch signals sent when the child dies.
54 * in exit.c or in signal.c.
58 * Determines which flags the user has access to [1 = access, 0 = no access].
60 #define FLAG_MASK_32 ((unsigned long) \
61 (X86_EFLAGS_CF | X86_EFLAGS_PF | \
62 X86_EFLAGS_AF | X86_EFLAGS_ZF | \
63 X86_EFLAGS_SF | X86_EFLAGS_TF | \
64 X86_EFLAGS_DF | X86_EFLAGS_OF | \
65 X86_EFLAGS_RF | X86_EFLAGS_AC))
68 * Determines whether a value may be installed in a segment register.
70 static inline bool invalid_selector(u16 value
)
72 return unlikely(value
!= 0 && (value
& SEGMENT_RPL_MASK
) != USER_RPL
);
77 #define FLAG_MASK FLAG_MASK_32
79 static unsigned long *pt_regs_access(struct pt_regs
*regs
, unsigned long regno
)
81 BUILD_BUG_ON(offsetof(struct pt_regs
, bx
) != 0);
82 return ®s
->bx
+ (regno
>> 2);
85 static u16
get_segment_reg(struct task_struct
*task
, unsigned long offset
)
88 * Returning the value truncates it to 16 bits.
91 if (offset
!= offsetof(struct user_regs_struct
, gs
))
92 retval
= *pt_regs_access(task_pt_regs(task
), offset
);
95 retval
= get_user_gs(task_pt_regs(task
));
97 retval
= task_user_gs(task
);
102 static int set_segment_reg(struct task_struct
*task
,
103 unsigned long offset
, u16 value
)
106 * The value argument was already truncated to 16 bits.
108 if (invalid_selector(value
))
112 * For %cs and %ss we cannot permit a null selector.
113 * We can permit a bogus selector as long as it has USER_RPL.
114 * Null selectors are fine for other segment registers, but
115 * we will never get back to user mode with invalid %cs or %ss
116 * and will take the trap in iret instead. Much code relies
117 * on user_mode() to distinguish a user trap frame (which can
118 * safely use invalid selectors) from a kernel trap frame.
121 case offsetof(struct user_regs_struct
, cs
):
122 case offsetof(struct user_regs_struct
, ss
):
123 if (unlikely(value
== 0))
127 *pt_regs_access(task_pt_regs(task
), offset
) = value
;
130 case offsetof(struct user_regs_struct
, gs
):
132 set_user_gs(task_pt_regs(task
), value
);
134 task_user_gs(task
) = value
;
140 #else /* CONFIG_X86_64 */
142 #define FLAG_MASK (FLAG_MASK_32 | X86_EFLAGS_NT)
144 static unsigned long *pt_regs_access(struct pt_regs
*regs
, unsigned long offset
)
146 BUILD_BUG_ON(offsetof(struct pt_regs
, r15
) != 0);
147 return ®s
->r15
+ (offset
/ sizeof(regs
->r15
));
150 static u16
get_segment_reg(struct task_struct
*task
, unsigned long offset
)
153 * Returning the value truncates it to 16 bits.
158 case offsetof(struct user_regs_struct
, fs
):
159 if (task
== current
) {
160 /* Older gas can't assemble movq %?s,%r?? */
161 asm("movl %%fs,%0" : "=r" (seg
));
164 return task
->thread
.fsindex
;
165 case offsetof(struct user_regs_struct
, gs
):
166 if (task
== current
) {
167 asm("movl %%gs,%0" : "=r" (seg
));
170 return task
->thread
.gsindex
;
171 case offsetof(struct user_regs_struct
, ds
):
172 if (task
== current
) {
173 asm("movl %%ds,%0" : "=r" (seg
));
176 return task
->thread
.ds
;
177 case offsetof(struct user_regs_struct
, es
):
178 if (task
== current
) {
179 asm("movl %%es,%0" : "=r" (seg
));
182 return task
->thread
.es
;
184 case offsetof(struct user_regs_struct
, cs
):
185 case offsetof(struct user_regs_struct
, ss
):
188 return *pt_regs_access(task_pt_regs(task
), offset
);
191 static int set_segment_reg(struct task_struct
*task
,
192 unsigned long offset
, u16 value
)
195 * The value argument was already truncated to 16 bits.
197 if (invalid_selector(value
))
201 case offsetof(struct user_regs_struct
,fs
):
203 * If this is setting fs as for normal 64-bit use but
204 * setting fs_base has implicitly changed it, leave it.
206 if ((value
== FS_TLS_SEL
&& task
->thread
.fsindex
== 0 &&
207 task
->thread
.fs
!= 0) ||
208 (value
== 0 && task
->thread
.fsindex
== FS_TLS_SEL
&&
209 task
->thread
.fs
== 0))
211 task
->thread
.fsindex
= value
;
213 loadsegment(fs
, task
->thread
.fsindex
);
215 case offsetof(struct user_regs_struct
,gs
):
217 * If this is setting gs as for normal 64-bit use but
218 * setting gs_base has implicitly changed it, leave it.
220 if ((value
== GS_TLS_SEL
&& task
->thread
.gsindex
== 0 &&
221 task
->thread
.gs
!= 0) ||
222 (value
== 0 && task
->thread
.gsindex
== GS_TLS_SEL
&&
223 task
->thread
.gs
== 0))
225 task
->thread
.gsindex
= value
;
227 load_gs_index(task
->thread
.gsindex
);
229 case offsetof(struct user_regs_struct
,ds
):
230 task
->thread
.ds
= value
;
232 loadsegment(ds
, task
->thread
.ds
);
234 case offsetof(struct user_regs_struct
,es
):
235 task
->thread
.es
= value
;
237 loadsegment(es
, task
->thread
.es
);
241 * Can't actually change these in 64-bit mode.
243 case offsetof(struct user_regs_struct
,cs
):
244 if (unlikely(value
== 0))
246 #ifdef CONFIG_IA32_EMULATION
247 if (test_tsk_thread_flag(task
, TIF_IA32
))
248 task_pt_regs(task
)->cs
= value
;
251 case offsetof(struct user_regs_struct
,ss
):
252 if (unlikely(value
== 0))
254 #ifdef CONFIG_IA32_EMULATION
255 if (test_tsk_thread_flag(task
, TIF_IA32
))
256 task_pt_regs(task
)->ss
= value
;
264 #endif /* CONFIG_X86_32 */
266 static unsigned long get_flags(struct task_struct
*task
)
268 unsigned long retval
= task_pt_regs(task
)->flags
;
271 * If the debugger set TF, hide it from the readout.
273 if (test_tsk_thread_flag(task
, TIF_FORCED_TF
))
274 retval
&= ~X86_EFLAGS_TF
;
279 static int set_flags(struct task_struct
*task
, unsigned long value
)
281 struct pt_regs
*regs
= task_pt_regs(task
);
284 * If the user value contains TF, mark that
285 * it was not "us" (the debugger) that set it.
286 * If not, make sure it stays set if we had.
288 if (value
& X86_EFLAGS_TF
)
289 clear_tsk_thread_flag(task
, TIF_FORCED_TF
);
290 else if (test_tsk_thread_flag(task
, TIF_FORCED_TF
))
291 value
|= X86_EFLAGS_TF
;
293 regs
->flags
= (regs
->flags
& ~FLAG_MASK
) | (value
& FLAG_MASK
);
298 static int putreg(struct task_struct
*child
,
299 unsigned long offset
, unsigned long value
)
302 case offsetof(struct user_regs_struct
, cs
):
303 case offsetof(struct user_regs_struct
, ds
):
304 case offsetof(struct user_regs_struct
, es
):
305 case offsetof(struct user_regs_struct
, fs
):
306 case offsetof(struct user_regs_struct
, gs
):
307 case offsetof(struct user_regs_struct
, ss
):
308 return set_segment_reg(child
, offset
, value
);
310 case offsetof(struct user_regs_struct
, flags
):
311 return set_flags(child
, value
);
315 * Orig_ax is really just a flag with small positive and
316 * negative values, so make sure to always sign-extend it
317 * from 32 bits so that it works correctly regardless of
318 * whether we come from a 32-bit environment or not.
320 case offsetof(struct user_regs_struct
, orig_ax
):
321 value
= (long) (s32
) value
;
324 case offsetof(struct user_regs_struct
,fs_base
):
325 if (value
>= TASK_SIZE_OF(child
))
328 * When changing the segment base, use do_arch_prctl
329 * to set either thread.fs or thread.fsindex and the
330 * corresponding GDT slot.
332 if (child
->thread
.fs
!= value
)
333 return do_arch_prctl(child
, ARCH_SET_FS
, value
);
335 case offsetof(struct user_regs_struct
,gs_base
):
337 * Exactly the same here as the %fs handling above.
339 if (value
>= TASK_SIZE_OF(child
))
341 if (child
->thread
.gs
!= value
)
342 return do_arch_prctl(child
, ARCH_SET_GS
, value
);
347 *pt_regs_access(task_pt_regs(child
), offset
) = value
;
351 static unsigned long getreg(struct task_struct
*task
, unsigned long offset
)
354 case offsetof(struct user_regs_struct
, cs
):
355 case offsetof(struct user_regs_struct
, ds
):
356 case offsetof(struct user_regs_struct
, es
):
357 case offsetof(struct user_regs_struct
, fs
):
358 case offsetof(struct user_regs_struct
, gs
):
359 case offsetof(struct user_regs_struct
, ss
):
360 return get_segment_reg(task
, offset
);
362 case offsetof(struct user_regs_struct
, flags
):
363 return get_flags(task
);
366 case offsetof(struct user_regs_struct
, fs_base
): {
368 * do_arch_prctl may have used a GDT slot instead of
369 * the MSR. To userland, it appears the same either
370 * way, except the %fs segment selector might not be 0.
372 unsigned int seg
= task
->thread
.fsindex
;
373 if (task
->thread
.fs
!= 0)
374 return task
->thread
.fs
;
376 asm("movl %%fs,%0" : "=r" (seg
));
377 if (seg
!= FS_TLS_SEL
)
379 return get_desc_base(&task
->thread
.tls_array
[FS_TLS
]);
381 case offsetof(struct user_regs_struct
, gs_base
): {
383 * Exactly the same here as the %fs handling above.
385 unsigned int seg
= task
->thread
.gsindex
;
386 if (task
->thread
.gs
!= 0)
387 return task
->thread
.gs
;
389 asm("movl %%gs,%0" : "=r" (seg
));
390 if (seg
!= GS_TLS_SEL
)
392 return get_desc_base(&task
->thread
.tls_array
[GS_TLS
]);
397 return *pt_regs_access(task_pt_regs(task
), offset
);
400 static int genregs_get(struct task_struct
*target
,
401 const struct user_regset
*regset
,
402 unsigned int pos
, unsigned int count
,
403 void *kbuf
, void __user
*ubuf
)
406 unsigned long *k
= kbuf
;
408 *k
++ = getreg(target
, pos
);
413 unsigned long __user
*u
= ubuf
;
415 if (__put_user(getreg(target
, pos
), u
++))
425 static int genregs_set(struct task_struct
*target
,
426 const struct user_regset
*regset
,
427 unsigned int pos
, unsigned int count
,
428 const void *kbuf
, const void __user
*ubuf
)
432 const unsigned long *k
= kbuf
;
433 while (count
> 0 && !ret
) {
434 ret
= putreg(target
, pos
, *k
++);
439 const unsigned long __user
*u
= ubuf
;
440 while (count
> 0 && !ret
) {
442 ret
= __get_user(word
, u
++);
445 ret
= putreg(target
, pos
, word
);
454 * Decode the length and type bits for a particular breakpoint as
455 * stored in debug register 7. Return the "enabled" status.
457 static int decode_dr7(unsigned long dr7
, int bpnum
, unsigned *len
,
460 int bp_info
= dr7
>> (DR_CONTROL_SHIFT
+ bpnum
* DR_CONTROL_SIZE
);
462 *len
= (bp_info
& 0xc) | 0x40;
463 *type
= (bp_info
& 0x3) | 0x80;
464 return (dr7
>> (bpnum
* DR_ENABLE_SIZE
)) & 0x3;
467 static void ptrace_triggered(struct hw_breakpoint
*bp
, struct pt_regs
*regs
)
469 struct thread_struct
*thread
= &(current
->thread
);
473 * Store in the virtual DR6 register the fact that the breakpoint
474 * was hit so the thread's debugger will see it.
476 for (i
= 0; i
< hbp_kernel_pos
; i
++)
478 * We will check bp->info.address against the address stored in
479 * thread's hbp structure and not debugreg[i]. This is to ensure
480 * that the corresponding bit for 'i' in DR7 register is enabled
482 if (bp
->info
.address
== thread
->hbp
[i
]->info
.address
)
485 thread
->debugreg6
|= (DR_TRAP0
<< i
);
489 * Handle ptrace writes to debug register 7.
491 static int ptrace_write_dr7(struct task_struct
*tsk
, unsigned long data
)
493 struct thread_struct
*thread
= &(tsk
->thread
);
494 unsigned long old_dr7
= thread
->debugreg7
;
495 int i
, orig_ret
= 0, rc
= 0;
496 int enabled
, second_pass
= 0;
498 struct hw_breakpoint
*bp
;
500 data
&= ~DR_CONTROL_RESERVED
;
503 * Loop through all the hardware breakpoints, making the
504 * appropriate changes to each.
506 for (i
= 0; i
< HBP_NUM
; i
++) {
507 enabled
= decode_dr7(data
, i
, &len
, &type
);
512 /* Don't unregister the breakpoints right-away,
513 * unless all register_user_hw_breakpoint()
514 * requests have succeeded. This prevents
515 * any window of opportunity for debug
516 * register grabbing by other users.
520 unregister_user_hw_breakpoint(tsk
, bp
);
527 bp
= kzalloc(sizeof(struct hw_breakpoint
), GFP_KERNEL
);
529 bp
->info
.address
= thread
->debugreg
[i
];
530 bp
->triggered
= ptrace_triggered
;
532 bp
->info
.type
= type
;
533 rc
= register_user_hw_breakpoint(tsk
, bp
);
538 rc
= modify_user_hw_breakpoint(tsk
, bp
);
543 * Make a second pass to free the remaining unused breakpoints
544 * or to restore the original breakpoints if an error occurred.
554 return ((orig_ret
< 0) ? orig_ret
: rc
);
558 * Handle PTRACE_PEEKUSR calls for the debug register area.
560 unsigned long ptrace_get_debugreg(struct task_struct
*tsk
, int n
)
562 struct thread_struct
*thread
= &(tsk
->thread
);
563 unsigned long val
= 0;
566 val
= thread
->debugreg
[n
];
568 val
= thread
->debugreg6
;
570 val
= thread
->debugreg7
;
575 * Handle PTRACE_POKEUSR calls for the debug register area.
577 int ptrace_set_debugreg(struct task_struct
*tsk
, int n
, unsigned long val
)
579 struct thread_struct
*thread
= &(tsk
->thread
);
582 /* There are no DR4 or DR5 registers */
583 if (n
== 4 || n
== 5)
587 tsk
->thread
.debugreg6
= val
;
591 if (thread
->hbp
[n
]) {
592 if (arch_check_va_in_userspace(val
,
593 thread
->hbp
[n
]->info
.len
) == 0) {
597 thread
->hbp
[n
]->info
.address
= val
;
599 thread
->debugreg
[n
] = val
;
601 /* All that's left is DR7 */
603 rc
= ptrace_write_dr7(tsk
, val
);
610 * These access the current or another (stopped) task's io permission
611 * bitmap for debugging or core dump.
613 static int ioperm_active(struct task_struct
*target
,
614 const struct user_regset
*regset
)
616 return target
->thread
.io_bitmap_max
/ regset
->size
;
619 static int ioperm_get(struct task_struct
*target
,
620 const struct user_regset
*regset
,
621 unsigned int pos
, unsigned int count
,
622 void *kbuf
, void __user
*ubuf
)
624 if (!target
->thread
.io_bitmap_ptr
)
627 return user_regset_copyout(&pos
, &count
, &kbuf
, &ubuf
,
628 target
->thread
.io_bitmap_ptr
,
632 #ifdef CONFIG_X86_PTRACE_BTS
634 * A branch trace store context.
636 * Contexts may only be installed by ptrace_bts_config() and only for
639 * Contexts are destroyed when the tracee is detached from the tracer.
640 * The actual destruction work requires interrupts enabled, so the
641 * work is deferred and will be scheduled during __ptrace_unlink().
643 * Contexts hold an additional task_struct reference on the traced
644 * task, as well as a reference on the tracer's mm.
646 * Ptrace already holds a task_struct for the duration of ptrace operations,
647 * but since destruction is deferred, it may be executed after both
648 * tracer and tracee exited.
651 /* The branch trace handle. */
652 struct bts_tracer
*tracer
;
654 /* The buffer used to store the branch trace and its size. */
658 /* The mm that paid for the above buffer. */
659 struct mm_struct
*mm
;
661 /* The task this context belongs to. */
662 struct task_struct
*task
;
664 /* The signal to send on a bts buffer overflow. */
665 unsigned int bts_ovfl_signal
;
667 /* The work struct to destroy a context. */
668 struct work_struct work
;
671 static int alloc_bts_buffer(struct bts_context
*context
, unsigned int size
)
676 err
= account_locked_memory(current
->mm
, current
->signal
->rlim
, size
);
680 buffer
= kzalloc(size
, GFP_KERNEL
);
684 context
->buffer
= buffer
;
685 context
->size
= size
;
686 context
->mm
= get_task_mm(current
);
691 refund_locked_memory(current
->mm
, size
);
695 static inline void free_bts_buffer(struct bts_context
*context
)
697 if (!context
->buffer
)
700 kfree(context
->buffer
);
701 context
->buffer
= NULL
;
703 refund_locked_memory(context
->mm
, context
->size
);
710 static void free_bts_context_work(struct work_struct
*w
)
712 struct bts_context
*context
;
714 context
= container_of(w
, struct bts_context
, work
);
716 ds_release_bts(context
->tracer
);
717 put_task_struct(context
->task
);
718 free_bts_buffer(context
);
722 static inline void free_bts_context(struct bts_context
*context
)
724 INIT_WORK(&context
->work
, free_bts_context_work
);
725 schedule_work(&context
->work
);
728 static inline struct bts_context
*alloc_bts_context(struct task_struct
*task
)
730 struct bts_context
*context
= kzalloc(sizeof(*context
), GFP_KERNEL
);
732 context
->task
= task
;
735 get_task_struct(task
);
741 static int ptrace_bts_read_record(struct task_struct
*child
, size_t index
,
742 struct bts_struct __user
*out
)
744 struct bts_context
*context
;
745 const struct bts_trace
*trace
;
746 struct bts_struct bts
;
747 const unsigned char *at
;
750 context
= child
->bts
;
754 trace
= ds_read_bts(context
->tracer
);
758 at
= trace
->ds
.top
- ((index
+ 1) * trace
->ds
.size
);
759 if ((void *)at
< trace
->ds
.begin
)
760 at
+= (trace
->ds
.n
* trace
->ds
.size
);
765 error
= trace
->read(context
->tracer
, at
, &bts
);
769 if (copy_to_user(out
, &bts
, sizeof(bts
)))
775 static int ptrace_bts_drain(struct task_struct
*child
,
777 struct bts_struct __user
*out
)
779 struct bts_context
*context
;
780 const struct bts_trace
*trace
;
781 const unsigned char *at
;
782 int error
, drained
= 0;
784 context
= child
->bts
;
788 trace
= ds_read_bts(context
->tracer
);
795 if (size
< (trace
->ds
.top
- trace
->ds
.begin
))
798 for (at
= trace
->ds
.begin
; (void *)at
< trace
->ds
.top
;
799 out
++, drained
++, at
+= trace
->ds
.size
) {
800 struct bts_struct bts
;
802 error
= trace
->read(context
->tracer
, at
, &bts
);
806 if (copy_to_user(out
, &bts
, sizeof(bts
)))
810 memset(trace
->ds
.begin
, 0, trace
->ds
.n
* trace
->ds
.size
);
812 error
= ds_reset_bts(context
->tracer
);
819 static int ptrace_bts_config(struct task_struct
*child
,
821 const struct ptrace_bts_config __user
*ucfg
)
823 struct bts_context
*context
;
824 struct ptrace_bts_config cfg
;
825 unsigned int flags
= 0;
827 if (cfg_size
< sizeof(cfg
))
830 if (copy_from_user(&cfg
, ucfg
, sizeof(cfg
)))
833 context
= child
->bts
;
835 context
= alloc_bts_context(child
);
839 if (cfg
.flags
& PTRACE_BTS_O_SIGNAL
) {
844 context
->bts_ovfl_signal
= cfg
.signal
;
847 ds_release_bts(context
->tracer
);
848 context
->tracer
= NULL
;
850 if ((cfg
.flags
& PTRACE_BTS_O_ALLOC
) && (cfg
.size
!= context
->size
)) {
853 free_bts_buffer(context
);
857 err
= alloc_bts_buffer(context
, cfg
.size
);
862 if (cfg
.flags
& PTRACE_BTS_O_TRACE
)
865 if (cfg
.flags
& PTRACE_BTS_O_SCHED
)
866 flags
|= BTS_TIMESTAMPS
;
869 ds_request_bts_task(child
, context
->buffer
, context
->size
,
870 NULL
, (size_t)-1, flags
);
871 if (unlikely(IS_ERR(context
->tracer
))) {
872 int error
= PTR_ERR(context
->tracer
);
874 free_bts_buffer(context
);
875 context
->tracer
= NULL
;
882 static int ptrace_bts_status(struct task_struct
*child
,
884 struct ptrace_bts_config __user
*ucfg
)
886 struct bts_context
*context
;
887 const struct bts_trace
*trace
;
888 struct ptrace_bts_config cfg
;
890 context
= child
->bts
;
894 if (cfg_size
< sizeof(cfg
))
897 trace
= ds_read_bts(context
->tracer
);
901 memset(&cfg
, 0, sizeof(cfg
));
902 cfg
.size
= trace
->ds
.end
- trace
->ds
.begin
;
903 cfg
.signal
= context
->bts_ovfl_signal
;
904 cfg
.bts_size
= sizeof(struct bts_struct
);
907 cfg
.flags
|= PTRACE_BTS_O_SIGNAL
;
909 if (trace
->ds
.flags
& BTS_USER
)
910 cfg
.flags
|= PTRACE_BTS_O_TRACE
;
912 if (trace
->ds
.flags
& BTS_TIMESTAMPS
)
913 cfg
.flags
|= PTRACE_BTS_O_SCHED
;
915 if (copy_to_user(ucfg
, &cfg
, sizeof(cfg
)))
921 static int ptrace_bts_clear(struct task_struct
*child
)
923 struct bts_context
*context
;
924 const struct bts_trace
*trace
;
926 context
= child
->bts
;
930 trace
= ds_read_bts(context
->tracer
);
934 memset(trace
->ds
.begin
, 0, trace
->ds
.n
* trace
->ds
.size
);
936 return ds_reset_bts(context
->tracer
);
939 static int ptrace_bts_size(struct task_struct
*child
)
941 struct bts_context
*context
;
942 const struct bts_trace
*trace
;
944 context
= child
->bts
;
948 trace
= ds_read_bts(context
->tracer
);
952 return (trace
->ds
.top
- trace
->ds
.begin
) / trace
->ds
.size
;
956 * Called from __ptrace_unlink() after the child has been moved back
957 * to its original parent.
959 void ptrace_bts_untrace(struct task_struct
*child
)
961 if (unlikely(child
->bts
)) {
962 free_bts_context(child
->bts
);
966 #endif /* CONFIG_X86_PTRACE_BTS */
969 * Called by kernel/ptrace.c when detaching..
971 * Make sure the single step bit is not set.
973 void ptrace_disable(struct task_struct
*child
)
975 user_disable_single_step(child
);
976 #ifdef TIF_SYSCALL_EMU
977 clear_tsk_thread_flag(child
, TIF_SYSCALL_EMU
);
981 #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
982 static const struct user_regset_view user_x86_32_view
; /* Initialized below. */
985 long arch_ptrace(struct task_struct
*child
, long request
, long addr
, long data
)
988 unsigned long __user
*datap
= (unsigned long __user
*)data
;
991 /* read the word at location addr in the USER area. */
992 case PTRACE_PEEKUSR
: {
996 if ((addr
& (sizeof(data
) - 1)) || addr
< 0 ||
997 addr
>= sizeof(struct user
))
1000 tmp
= 0; /* Default return condition */
1001 if (addr
< sizeof(struct user_regs_struct
))
1002 tmp
= getreg(child
, addr
);
1003 else if (addr
>= offsetof(struct user
, u_debugreg
[0]) &&
1004 addr
<= offsetof(struct user
, u_debugreg
[7])) {
1005 addr
-= offsetof(struct user
, u_debugreg
[0]);
1006 tmp
= ptrace_get_debugreg(child
, addr
/ sizeof(data
));
1008 ret
= put_user(tmp
, datap
);
1012 case PTRACE_POKEUSR
: /* write the word at location addr in the USER area */
1014 if ((addr
& (sizeof(data
) - 1)) || addr
< 0 ||
1015 addr
>= sizeof(struct user
))
1018 if (addr
< sizeof(struct user_regs_struct
))
1019 ret
= putreg(child
, addr
, data
);
1020 else if (addr
>= offsetof(struct user
, u_debugreg
[0]) &&
1021 addr
<= offsetof(struct user
, u_debugreg
[7])) {
1022 addr
-= offsetof(struct user
, u_debugreg
[0]);
1023 ret
= ptrace_set_debugreg(child
,
1024 addr
/ sizeof(data
), data
);
1028 case PTRACE_GETREGS
: /* Get all gp regs from the child. */
1029 return copy_regset_to_user(child
,
1030 task_user_regset_view(current
),
1032 0, sizeof(struct user_regs_struct
),
1035 case PTRACE_SETREGS
: /* Set all gp regs in the child. */
1036 return copy_regset_from_user(child
,
1037 task_user_regset_view(current
),
1039 0, sizeof(struct user_regs_struct
),
1042 case PTRACE_GETFPREGS
: /* Get the child FPU state. */
1043 return copy_regset_to_user(child
,
1044 task_user_regset_view(current
),
1046 0, sizeof(struct user_i387_struct
),
1049 case PTRACE_SETFPREGS
: /* Set the child FPU state. */
1050 return copy_regset_from_user(child
,
1051 task_user_regset_view(current
),
1053 0, sizeof(struct user_i387_struct
),
1056 #ifdef CONFIG_X86_32
1057 case PTRACE_GETFPXREGS
: /* Get the child extended FPU state. */
1058 return copy_regset_to_user(child
, &user_x86_32_view
,
1060 0, sizeof(struct user_fxsr_struct
),
1063 case PTRACE_SETFPXREGS
: /* Set the child extended FPU state. */
1064 return copy_regset_from_user(child
, &user_x86_32_view
,
1066 0, sizeof(struct user_fxsr_struct
),
1070 #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
1071 case PTRACE_GET_THREAD_AREA
:
1074 ret
= do_get_thread_area(child
, addr
,
1075 (struct user_desc __user
*) data
);
1078 case PTRACE_SET_THREAD_AREA
:
1081 ret
= do_set_thread_area(child
, addr
,
1082 (struct user_desc __user
*) data
, 0);
1086 #ifdef CONFIG_X86_64
1087 /* normal 64bit interface to access TLS data.
1088 Works just like arch_prctl, except that the arguments
1090 case PTRACE_ARCH_PRCTL
:
1091 ret
= do_arch_prctl(child
, data
, addr
);
1096 * These bits need more cooking - not enabled yet:
1098 #ifdef CONFIG_X86_PTRACE_BTS
1099 case PTRACE_BTS_CONFIG
:
1100 ret
= ptrace_bts_config
1101 (child
, data
, (struct ptrace_bts_config __user
*)addr
);
1104 case PTRACE_BTS_STATUS
:
1105 ret
= ptrace_bts_status
1106 (child
, data
, (struct ptrace_bts_config __user
*)addr
);
1109 case PTRACE_BTS_SIZE
:
1110 ret
= ptrace_bts_size(child
);
1113 case PTRACE_BTS_GET
:
1114 ret
= ptrace_bts_read_record
1115 (child
, data
, (struct bts_struct __user
*) addr
);
1118 case PTRACE_BTS_CLEAR
:
1119 ret
= ptrace_bts_clear(child
);
1122 case PTRACE_BTS_DRAIN
:
1123 ret
= ptrace_bts_drain
1124 (child
, data
, (struct bts_struct __user
*) addr
);
1126 #endif /* CONFIG_X86_PTRACE_BTS */
1129 ret
= ptrace_request(child
, request
, addr
, data
);
1136 #ifdef CONFIG_IA32_EMULATION
1138 #include <linux/compat.h>
1139 #include <linux/syscalls.h>
1140 #include <asm/ia32.h>
1141 #include <asm/user32.h>
1144 case offsetof(struct user32, regs.l): \
1145 regs->q = value; break
1148 case offsetof(struct user32, regs.rs): \
1149 return set_segment_reg(child, \
1150 offsetof(struct user_regs_struct, rs), \
1154 static int putreg32(struct task_struct
*child
, unsigned regno
, u32 value
)
1156 struct pt_regs
*regs
= task_pt_regs(child
);
1177 case offsetof(struct user32
, regs
.orig_eax
):
1179 * Sign-extend the value so that orig_eax = -1
1180 * causes (long)orig_ax < 0 tests to fire correctly.
1182 regs
->orig_ax
= (long) (s32
) value
;
1185 case offsetof(struct user32
, regs
.eflags
):
1186 return set_flags(child
, value
);
1188 case offsetof(struct user32
, u_debugreg
[0]) ...
1189 offsetof(struct user32
, u_debugreg
[7]):
1190 regno
-= offsetof(struct user32
, u_debugreg
[0]);
1191 return ptrace_set_debugreg(child
, regno
/ 4, value
);
1194 if (regno
> sizeof(struct user32
) || (regno
& 3))
1198 * Other dummy fields in the virtual user structure
1210 case offsetof(struct user32, regs.l): \
1211 *val = regs->q; break
1214 case offsetof(struct user32, regs.rs): \
1215 *val = get_segment_reg(child, \
1216 offsetof(struct user_regs_struct, rs)); \
1219 static int getreg32(struct task_struct
*child
, unsigned regno
, u32
*val
)
1221 struct pt_regs
*regs
= task_pt_regs(child
);
1239 R32(orig_eax
, orig_ax
);
1243 case offsetof(struct user32
, regs
.eflags
):
1244 *val
= get_flags(child
);
1247 case offsetof(struct user32
, u_debugreg
[0]) ...
1248 offsetof(struct user32
, u_debugreg
[7]):
1249 regno
-= offsetof(struct user32
, u_debugreg
[0]);
1250 *val
= ptrace_get_debugreg(child
, regno
/ 4);
1254 if (regno
> sizeof(struct user32
) || (regno
& 3))
1258 * Other dummy fields in the virtual user structure
1270 static int genregs32_get(struct task_struct
*target
,
1271 const struct user_regset
*regset
,
1272 unsigned int pos
, unsigned int count
,
1273 void *kbuf
, void __user
*ubuf
)
1276 compat_ulong_t
*k
= kbuf
;
1278 getreg32(target
, pos
, k
++);
1279 count
-= sizeof(*k
);
1283 compat_ulong_t __user
*u
= ubuf
;
1285 compat_ulong_t word
;
1286 getreg32(target
, pos
, &word
);
1287 if (__put_user(word
, u
++))
1289 count
-= sizeof(*u
);
1297 static int genregs32_set(struct task_struct
*target
,
1298 const struct user_regset
*regset
,
1299 unsigned int pos
, unsigned int count
,
1300 const void *kbuf
, const void __user
*ubuf
)
1304 const compat_ulong_t
*k
= kbuf
;
1305 while (count
> 0 && !ret
) {
1306 ret
= putreg32(target
, pos
, *k
++);
1307 count
-= sizeof(*k
);
1311 const compat_ulong_t __user
*u
= ubuf
;
1312 while (count
> 0 && !ret
) {
1313 compat_ulong_t word
;
1314 ret
= __get_user(word
, u
++);
1317 ret
= putreg32(target
, pos
, word
);
1318 count
-= sizeof(*u
);
1325 long compat_arch_ptrace(struct task_struct
*child
, compat_long_t request
,
1326 compat_ulong_t caddr
, compat_ulong_t cdata
)
1328 unsigned long addr
= caddr
;
1329 unsigned long data
= cdata
;
1330 void __user
*datap
= compat_ptr(data
);
1335 case PTRACE_PEEKUSR
:
1336 ret
= getreg32(child
, addr
, &val
);
1338 ret
= put_user(val
, (__u32 __user
*)datap
);
1341 case PTRACE_POKEUSR
:
1342 ret
= putreg32(child
, addr
, data
);
1345 case PTRACE_GETREGS
: /* Get all gp regs from the child. */
1346 return copy_regset_to_user(child
, &user_x86_32_view
,
1348 0, sizeof(struct user_regs_struct32
),
1351 case PTRACE_SETREGS
: /* Set all gp regs in the child. */
1352 return copy_regset_from_user(child
, &user_x86_32_view
,
1354 sizeof(struct user_regs_struct32
),
1357 case PTRACE_GETFPREGS
: /* Get the child FPU state. */
1358 return copy_regset_to_user(child
, &user_x86_32_view
,
1360 sizeof(struct user_i387_ia32_struct
),
1363 case PTRACE_SETFPREGS
: /* Set the child FPU state. */
1364 return copy_regset_from_user(
1365 child
, &user_x86_32_view
, REGSET_FP
,
1366 0, sizeof(struct user_i387_ia32_struct
), datap
);
1368 case PTRACE_GETFPXREGS
: /* Get the child extended FPU state. */
1369 return copy_regset_to_user(child
, &user_x86_32_view
,
1371 sizeof(struct user32_fxsr_struct
),
1374 case PTRACE_SETFPXREGS
: /* Set the child extended FPU state. */
1375 return copy_regset_from_user(child
, &user_x86_32_view
,
1377 sizeof(struct user32_fxsr_struct
),
1380 case PTRACE_GET_THREAD_AREA
:
1381 case PTRACE_SET_THREAD_AREA
:
1382 #ifdef CONFIG_X86_PTRACE_BTS
1383 case PTRACE_BTS_CONFIG
:
1384 case PTRACE_BTS_STATUS
:
1385 case PTRACE_BTS_SIZE
:
1386 case PTRACE_BTS_GET
:
1387 case PTRACE_BTS_CLEAR
:
1388 case PTRACE_BTS_DRAIN
:
1389 #endif /* CONFIG_X86_PTRACE_BTS */
1390 return arch_ptrace(child
, request
, addr
, data
);
1393 return compat_ptrace_request(child
, request
, addr
, data
);
1399 #endif /* CONFIG_IA32_EMULATION */
1401 #ifdef CONFIG_X86_64
1403 static const struct user_regset x86_64_regsets
[] = {
1404 [REGSET_GENERAL
] = {
1405 .core_note_type
= NT_PRSTATUS
,
1406 .n
= sizeof(struct user_regs_struct
) / sizeof(long),
1407 .size
= sizeof(long), .align
= sizeof(long),
1408 .get
= genregs_get
, .set
= genregs_set
1411 .core_note_type
= NT_PRFPREG
,
1412 .n
= sizeof(struct user_i387_struct
) / sizeof(long),
1413 .size
= sizeof(long), .align
= sizeof(long),
1414 .active
= xfpregs_active
, .get
= xfpregs_get
, .set
= xfpregs_set
1416 [REGSET_IOPERM64
] = {
1417 .core_note_type
= NT_386_IOPERM
,
1418 .n
= IO_BITMAP_LONGS
,
1419 .size
= sizeof(long), .align
= sizeof(long),
1420 .active
= ioperm_active
, .get
= ioperm_get
1424 static const struct user_regset_view user_x86_64_view
= {
1425 .name
= "x86_64", .e_machine
= EM_X86_64
,
1426 .regsets
= x86_64_regsets
, .n
= ARRAY_SIZE(x86_64_regsets
)
1429 #else /* CONFIG_X86_32 */
1431 #define user_regs_struct32 user_regs_struct
1432 #define genregs32_get genregs_get
1433 #define genregs32_set genregs_set
1435 #define user_i387_ia32_struct user_i387_struct
1436 #define user32_fxsr_struct user_fxsr_struct
1438 #endif /* CONFIG_X86_64 */
1440 #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
1441 static const struct user_regset x86_32_regsets
[] = {
1442 [REGSET_GENERAL
] = {
1443 .core_note_type
= NT_PRSTATUS
,
1444 .n
= sizeof(struct user_regs_struct32
) / sizeof(u32
),
1445 .size
= sizeof(u32
), .align
= sizeof(u32
),
1446 .get
= genregs32_get
, .set
= genregs32_set
1449 .core_note_type
= NT_PRFPREG
,
1450 .n
= sizeof(struct user_i387_ia32_struct
) / sizeof(u32
),
1451 .size
= sizeof(u32
), .align
= sizeof(u32
),
1452 .active
= fpregs_active
, .get
= fpregs_get
, .set
= fpregs_set
1455 .core_note_type
= NT_PRXFPREG
,
1456 .n
= sizeof(struct user32_fxsr_struct
) / sizeof(u32
),
1457 .size
= sizeof(u32
), .align
= sizeof(u32
),
1458 .active
= xfpregs_active
, .get
= xfpregs_get
, .set
= xfpregs_set
1461 .core_note_type
= NT_386_TLS
,
1462 .n
= GDT_ENTRY_TLS_ENTRIES
, .bias
= GDT_ENTRY_TLS_MIN
,
1463 .size
= sizeof(struct user_desc
),
1464 .align
= sizeof(struct user_desc
),
1465 .active
= regset_tls_active
,
1466 .get
= regset_tls_get
, .set
= regset_tls_set
1468 [REGSET_IOPERM32
] = {
1469 .core_note_type
= NT_386_IOPERM
,
1470 .n
= IO_BITMAP_BYTES
/ sizeof(u32
),
1471 .size
= sizeof(u32
), .align
= sizeof(u32
),
1472 .active
= ioperm_active
, .get
= ioperm_get
1476 static const struct user_regset_view user_x86_32_view
= {
1477 .name
= "i386", .e_machine
= EM_386
,
1478 .regsets
= x86_32_regsets
, .n
= ARRAY_SIZE(x86_32_regsets
)
1482 const struct user_regset_view
*task_user_regset_view(struct task_struct
*task
)
1484 #ifdef CONFIG_IA32_EMULATION
1485 if (test_tsk_thread_flag(task
, TIF_IA32
))
1487 #if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
1488 return &user_x86_32_view
;
1490 #ifdef CONFIG_X86_64
1491 return &user_x86_64_view
;
1495 void send_sigtrap(struct task_struct
*tsk
, struct pt_regs
*regs
,
1496 int error_code
, int si_code
)
1498 struct siginfo info
;
1500 tsk
->thread
.trap_no
= 1;
1501 tsk
->thread
.error_code
= error_code
;
1503 memset(&info
, 0, sizeof(info
));
1504 info
.si_signo
= SIGTRAP
;
1505 info
.si_code
= si_code
;
1508 info
.si_addr
= user_mode_vm(regs
) ? (void __user
*) regs
->ip
: NULL
;
1510 /* Send us the fake SIGTRAP */
1511 force_sig_info(SIGTRAP
, &info
, tsk
);
1515 #ifdef CONFIG_X86_32
1517 #elif defined CONFIG_IA32_EMULATION
1518 # define IS_IA32 is_compat_task()
1524 * We must return the syscall number to actually look up in the table.
1525 * This can be -1L to skip running any syscall at all.
1527 asmregparm
long syscall_trace_enter(struct pt_regs
*regs
)
1532 * If we stepped into a sysenter/syscall insn, it trapped in
1533 * kernel mode; do_debug() cleared TF and set TIF_SINGLESTEP.
1534 * If user-mode had set TF itself, then it's still clear from
1535 * do_debug() and we need to set it again to restore the user
1536 * state. If we entered on the slow path, TF was already set.
1538 if (test_thread_flag(TIF_SINGLESTEP
))
1539 regs
->flags
|= X86_EFLAGS_TF
;
1541 /* do the secure computing check first */
1542 secure_computing(regs
->orig_ax
);
1544 if (unlikely(test_thread_flag(TIF_SYSCALL_EMU
)))
1547 if ((ret
|| test_thread_flag(TIF_SYSCALL_TRACE
)) &&
1548 tracehook_report_syscall_entry(regs
))
1551 if (unlikely(test_thread_flag(TIF_SYSCALL_FTRACE
)))
1552 ftrace_syscall_enter(regs
);
1554 if (unlikely(current
->audit_context
)) {
1556 audit_syscall_entry(AUDIT_ARCH_I386
,
1559 regs
->dx
, regs
->si
);
1560 #ifdef CONFIG_X86_64
1562 audit_syscall_entry(AUDIT_ARCH_X86_64
,
1565 regs
->dx
, regs
->r10
);
1569 return ret
?: regs
->orig_ax
;
1572 asmregparm
void syscall_trace_leave(struct pt_regs
*regs
)
1574 if (unlikely(current
->audit_context
))
1575 audit_syscall_exit(AUDITSC_RESULT(regs
->ax
), regs
->ax
);
1577 if (unlikely(test_thread_flag(TIF_SYSCALL_FTRACE
)))
1578 ftrace_syscall_exit(regs
);
1580 if (test_thread_flag(TIF_SYSCALL_TRACE
))
1581 tracehook_report_syscall_exit(regs
, 0);
1584 * If TIF_SYSCALL_EMU is set, we only get here because of
1585 * TIF_SINGLESTEP (i.e. this is PTRACE_SYSEMU_SINGLESTEP).
1586 * We already reported this syscall instruction in
1587 * syscall_trace_enter(), so don't do any more now.
1589 if (unlikely(test_thread_flag(TIF_SYSCALL_EMU
)))
1593 * If we are single-stepping, synthesize a trap to follow the
1594 * system call instruction.
1596 if (test_thread_flag(TIF_SINGLESTEP
) &&
1597 tracehook_consider_fatal_signal(current
, SIGTRAP
))
1598 send_sigtrap(current
, regs
, 0, TRAP_BRKPT
);