kernel/ptrace/ptrace.c

0001 /*
0002  *  PowerPC version
0003  *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
0004  *
0005  *  Derived from "arch/m68k/kernel/ptrace.c"
0006  *  Copyright (C) 1994 by Hamish Macdonald
0007  *  Taken from linux/kernel/ptrace.c and modified for M680x0.
0008  *  linux/kernel/ptrace.c is by Ross Biro 1/23/92, edited by Linus Torvalds
0009  *
0010  * Modified by Cort Dougan (cort@hq.fsmlabs.com)
0011  * and Paul Mackerras (paulus@samba.org).
0012  *
0013  * This file is subject to the terms and conditions of the GNU General
0014  * Public License.  See the file README.legal in the main directory of
0015  * this archive for more details.
0016  */
0017
0018 #include <linux/regset.h>
0019 #include <linux/ptrace.h>
0020 #include <linux/audit.h>
0021 #include <linux/context_tracking.h>
0022 #include <linux/syscalls.h>
0023
0024 #include <asm/switch_to.h>
0025 #include <asm/debug.h>
0026
0027 #define CREATE_TRACE_POINTS
0028 #include <trace/events/syscalls.h>
0029
0030 #include "ptrace-decl.h"
0031
0032 /*
0033  * Called by kernel/ptrace.c when detaching..
0034  *
0035  * Make sure single step bits etc are not set.
0036  */
0037 void ptrace_disable(struct task_struct *child)
0038 {
0039     /* make sure the single step bit is not set. */
0040     user_disable_single_step(child);
0041 }
0042
0043 long arch_ptrace(struct task_struct *child, long request,
0044          unsigned long addr, unsigned long data)
0045 {
0046     int ret = -EPERM;
0047     void __user *datavp = (void __user *) data;
0048     unsigned long __user *datalp = datavp;
0049
0050     switch (request) {
0051     /* read the word at location addr in the USER area. */
0052     case PTRACE_PEEKUSR: {
0053         unsigned long index, tmp;
0054
0055         ret = -EIO;
0056         /* convert to index and check */
0057         index = addr / sizeof(long);
0058         if ((addr & (sizeof(long) - 1)) || !child->thread.regs)
0059             break;
0060
0061         if (index < PT_FPR0)
0062             ret = ptrace_get_reg(child, (int) index, &tmp);
0063         else
0064             ret = ptrace_get_fpr(child, index, &tmp);
0065
0066         if (ret)
0067             break;
0068         ret = put_user(tmp, datalp);
0069         break;
0070     }
0071
0072     /* write the word at location addr in the USER area */
0073     case PTRACE_POKEUSR: {
0074         unsigned long index;
0075
0076         ret = -EIO;
0077         /* convert to index and check */
0078         index = addr / sizeof(long);
0079         if ((addr & (sizeof(long) - 1)) || !child->thread.regs)
0080             break;
0081
0082         if (index < PT_FPR0)
0083             ret = ptrace_put_reg(child, index, data);
0084         else
0085             ret = ptrace_put_fpr(child, index, data);
0086         break;
0087     }
0088
0089     case PPC_PTRACE_GETHWDBGINFO: {
0090         struct ppc_debug_info dbginfo;
0091
0092         ppc_gethwdinfo(&dbginfo);
0093
0094         if (copy_to_user(datavp, &dbginfo,
0095                  sizeof(struct ppc_debug_info)))
0096             return -EFAULT;
0097         return 0;
0098     }
0099
0100     case PPC_PTRACE_SETHWDEBUG: {
0101         struct ppc_hw_breakpoint bp_info;
0102
0103         if (copy_from_user(&bp_info, datavp,
0104                    sizeof(struct ppc_hw_breakpoint)))
0105             return -EFAULT;
0106         return ppc_set_hwdebug(child, &bp_info);
0107     }
0108
0109     case PPC_PTRACE_DELHWDEBUG: {
0110         ret = ppc_del_hwdebug(child, data);
0111         break;
0112     }
0113
0114     case PTRACE_GET_DEBUGREG:
0115         ret = ptrace_get_debugreg(child, addr, datalp);
0116         break;
0117
0118     case PTRACE_SET_DEBUGREG:
0119         ret = ptrace_set_debugreg(child, addr, data);
0120         break;
0121
0122 #ifdef CONFIG_PPC64
0123     case PTRACE_GETREGS64:
0124 #endif
0125     case PTRACE_GETREGS:    /* Get all pt_regs from the child. */
0126         return copy_regset_to_user(child, &user_ppc_native_view,
0127                        REGSET_GPR,
0128                        0, sizeof(struct user_pt_regs),
0129                        datavp);
0130
0131 #ifdef CONFIG_PPC64
0132     case PTRACE_SETREGS64:
0133 #endif
0134     case PTRACE_SETREGS:    /* Set all gp regs in the child. */
0135         return copy_regset_from_user(child, &user_ppc_native_view,
0136                          REGSET_GPR,
0137                          0, sizeof(struct user_pt_regs),
0138                          datavp);
0139
0140     case PTRACE_GETFPREGS: /* Get the child FPU state (FPR0...31 + FPSCR) */
0141         return copy_regset_to_user(child, &user_ppc_native_view,
0142                        REGSET_FPR,
0143                        0, sizeof(elf_fpregset_t),
0144                        datavp);
0145
0146     case PTRACE_SETFPREGS: /* Set the child FPU state (FPR0...31 + FPSCR) */
0147         return copy_regset_from_user(child, &user_ppc_native_view,
0148                          REGSET_FPR,
0149                          0, sizeof(elf_fpregset_t),
0150                          datavp);
0151
0152 #ifdef CONFIG_ALTIVEC
0153     case PTRACE_GETVRREGS:
0154         return copy_regset_to_user(child, &user_ppc_native_view,
0155                        REGSET_VMX,
0156                        0, (33 * sizeof(vector128) +
0157                            sizeof(u32)),
0158                        datavp);
0159
0160     case PTRACE_SETVRREGS:
0161         return copy_regset_from_user(child, &user_ppc_native_view,
0162                          REGSET_VMX,
0163                          0, (33 * sizeof(vector128) +
0164                          sizeof(u32)),
0165                          datavp);
0166 #endif
0167 #ifdef CONFIG_VSX
0168     case PTRACE_GETVSRREGS:
0169         return copy_regset_to_user(child, &user_ppc_native_view,
0170                        REGSET_VSX,
0171                        0, 32 * sizeof(double),
0172                        datavp);
0173
0174     case PTRACE_SETVSRREGS:
0175         return copy_regset_from_user(child, &user_ppc_native_view,
0176                          REGSET_VSX,
0177                          0, 32 * sizeof(double),
0178                          datavp);
0179 #endif
0180 #ifdef CONFIG_SPE
0181     case PTRACE_GETEVRREGS:
0182         /* Get the child spe register state. */
0183         return copy_regset_to_user(child, &user_ppc_native_view,
0184                        REGSET_SPE, 0, 35 * sizeof(u32),
0185                        datavp);
0186
0187     case PTRACE_SETEVRREGS:
0188         /* Set the child spe register state. */
0189         return copy_regset_from_user(child, &user_ppc_native_view,
0190                          REGSET_SPE, 0, 35 * sizeof(u32),
0191                          datavp);
0192 #endif
0193
0194     default:
0195         ret = ptrace_request(child, request, addr, data);
0196         break;
0197     }
0198     return ret;
0199 }
0200
0201 #ifdef CONFIG_SECCOMP
0202 static int do_seccomp(struct pt_regs *regs)
0203 {
0204     if (!test_thread_flag(TIF_SECCOMP))
0205         return 0;
0206
0207     /*
0208      * The ABI we present to seccomp tracers is that r3 contains
0209      * the syscall return value and orig_gpr3 contains the first
0210      * syscall parameter. This is different to the ptrace ABI where
0211      * both r3 and orig_gpr3 contain the first syscall parameter.
0212      */
0213     regs->gpr[3] = -ENOSYS;
0214
0215     /*
0216      * We use the __ version here because we have already checked
0217      * TIF_SECCOMP. If this fails, there is nothing left to do, we
0218      * have already loaded -ENOSYS into r3, or seccomp has put
0219      * something else in r3 (via SECCOMP_RET_ERRNO/TRACE).
0220      */
0221     if (__secure_computing(NULL))
0222         return -1;
0223
0224     /*
0225      * The syscall was allowed by seccomp, restore the register
0226      * state to what audit expects.
0227      * Note that we use orig_gpr3, which means a seccomp tracer can
0228      * modify the first syscall parameter (in orig_gpr3) and also
0229      * allow the syscall to proceed.
0230      */
0231     regs->gpr[3] = regs->orig_gpr3;
0232
0233     return 0;
0234 }
0235 #else
0236 static inline int do_seccomp(struct pt_regs *regs) { return 0; }
0237 #endif /* CONFIG_SECCOMP */
0238
0239 /**
0240  * do_syscall_trace_enter() - Do syscall tracing on kernel entry.
0241  * @regs: the pt_regs of the task to trace (current)
0242  *
0243  * Performs various types of tracing on syscall entry. This includes seccomp,
0244  * ptrace, syscall tracepoints and audit.
0245  *
0246  * The pt_regs are potentially visible to userspace via ptrace, so their
0247  * contents is ABI.
0248  *
0249  * One or more of the tracers may modify the contents of pt_regs, in particular
0250  * to modify arguments or even the syscall number itself.
0251  *
0252  * It's also possible that a tracer can choose to reject the system call. In
0253  * that case this function will return an illegal syscall number, and will put
0254  * an appropriate return value in regs->r3.
0255  *
0256  * Return: the (possibly changed) syscall number.
0257  */
0258 long do_syscall_trace_enter(struct pt_regs *regs)
0259 {
0260     u32 flags;
0261
0262     flags = read_thread_flags() & (_TIF_SYSCALL_EMU | _TIF_SYSCALL_TRACE);
0263
0264     if (flags) {
0265         int rc = ptrace_report_syscall_entry(regs);
0266
0267         if (unlikely(flags & _TIF_SYSCALL_EMU)) {
0268             /*
0269              * A nonzero return code from
0270              * ptrace_report_syscall_entry() tells us to prevent
0271              * the syscall execution, but we are not going to
0272              * execute it anyway.
0273              *
0274              * Returning -1 will skip the syscall execution. We want
0275              * to avoid clobbering any registers, so we don't goto
0276              * the skip label below.
0277              */
0278             return -1;
0279         }
0280
0281         if (rc) {
0282             /*
0283              * The tracer decided to abort the syscall. Note that
0284              * the tracer may also just change regs->gpr[0] to an
0285              * invalid syscall number, that is handled below on the
0286              * exit path.
0287              */
0288             goto skip;
0289         }
0290     }
0291
0292     /* Run seccomp after ptrace; allow it to set gpr[3]. */
0293     if (do_seccomp(regs))
0294         return -1;
0295
0296     /* Avoid trace and audit when syscall is invalid. */
0297     if (regs->gpr[0] >= NR_syscalls)
0298         goto skip;
0299
0300     if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
0301         trace_sys_enter(regs, regs->gpr[0]);
0302
0303     if (!is_32bit_task())
0304         audit_syscall_entry(regs->gpr[0], regs->gpr[3], regs->gpr[4],
0305                     regs->gpr[5], regs->gpr[6]);
0306     else
0307         audit_syscall_entry(regs->gpr[0],
0308                     regs->gpr[3] & 0xffffffff,
0309                     regs->gpr[4] & 0xffffffff,
0310                     regs->gpr[5] & 0xffffffff,
0311                     regs->gpr[6] & 0xffffffff);
0312
0313     /* Return the possibly modified but valid syscall number */
0314     return regs->gpr[0];
0315
0316 skip:
0317     /*
0318      * If we are aborting explicitly, or if the syscall number is
0319      * now invalid, set the return value to -ENOSYS.
0320      */
0321     regs->gpr[3] = -ENOSYS;
0322     return -1;
0323 }
0324
0325 void do_syscall_trace_leave(struct pt_regs *regs)
0326 {
0327     int step;
0328
0329     audit_syscall_exit(regs);
0330
0331     if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
0332         trace_sys_exit(regs, regs->result);
0333
0334     step = test_thread_flag(TIF_SINGLESTEP);
0335     if (step || test_thread_flag(TIF_SYSCALL_TRACE))
0336         ptrace_report_syscall_exit(regs, step);
0337 }
0338
0339 void __init pt_regs_check(void);
0340
0341 /*
0342  * Dummy function, its purpose is to break the build if struct pt_regs and
0343  * struct user_pt_regs don't match.
0344  */
0345 void __init pt_regs_check(void)
0346 {
0347     BUILD_BUG_ON(offsetof(struct pt_regs, gpr) !=
0348              offsetof(struct user_pt_regs, gpr));
0349     BUILD_BUG_ON(offsetof(struct pt_regs, nip) !=
0350              offsetof(struct user_pt_regs, nip));
0351     BUILD_BUG_ON(offsetof(struct pt_regs, msr) !=
0352              offsetof(struct user_pt_regs, msr));
0353     BUILD_BUG_ON(offsetof(struct pt_regs, orig_gpr3) !=
0354              offsetof(struct user_pt_regs, orig_gpr3));
0355     BUILD_BUG_ON(offsetof(struct pt_regs, ctr) !=
0356              offsetof(struct user_pt_regs, ctr));
0357     BUILD_BUG_ON(offsetof(struct pt_regs, link) !=
0358              offsetof(struct user_pt_regs, link));
0359     BUILD_BUG_ON(offsetof(struct pt_regs, xer) !=
0360              offsetof(struct user_pt_regs, xer));
0361     BUILD_BUG_ON(offsetof(struct pt_regs, ccr) !=
0362              offsetof(struct user_pt_regs, ccr));
0363 #ifdef __powerpc64__
0364     BUILD_BUG_ON(offsetof(struct pt_regs, softe) !=
0365              offsetof(struct user_pt_regs, softe));
0366 #else
0367     BUILD_BUG_ON(offsetof(struct pt_regs, mq) !=
0368              offsetof(struct user_pt_regs, mq));
0369 #endif
0370     BUILD_BUG_ON(offsetof(struct pt_regs, trap) !=
0371              offsetof(struct user_pt_regs, trap));
0372     BUILD_BUG_ON(offsetof(struct pt_regs, dar) !=
0373              offsetof(struct user_pt_regs, dar));
0374     BUILD_BUG_ON(offsetof(struct pt_regs, dear) !=
0375              offsetof(struct user_pt_regs, dar));
0376     BUILD_BUG_ON(offsetof(struct pt_regs, dsisr) !=
0377              offsetof(struct user_pt_regs, dsisr));
0378     BUILD_BUG_ON(offsetof(struct pt_regs, esr) !=
0379              offsetof(struct user_pt_regs, dsisr));
0380     BUILD_BUG_ON(offsetof(struct pt_regs, result) !=
0381              offsetof(struct user_pt_regs, result));
0382
0383     BUILD_BUG_ON(sizeof(struct user_pt_regs) > sizeof(struct pt_regs));
0384
0385     // Now check that the pt_regs offsets match the uapi #defines
0386     #define CHECK_REG(_pt, _reg) \
0387         BUILD_BUG_ON(_pt != (offsetof(struct user_pt_regs, _reg) / \
0388                      sizeof(unsigned long)));
0389
0390     CHECK_REG(PT_R0,  gpr[0]);
0391     CHECK_REG(PT_R1,  gpr[1]);
0392     CHECK_REG(PT_R2,  gpr[2]);
0393     CHECK_REG(PT_R3,  gpr[3]);
0394     CHECK_REG(PT_R4,  gpr[4]);
0395     CHECK_REG(PT_R5,  gpr[5]);
0396     CHECK_REG(PT_R6,  gpr[6]);
0397     CHECK_REG(PT_R7,  gpr[7]);
0398     CHECK_REG(PT_R8,  gpr[8]);
0399     CHECK_REG(PT_R9,  gpr[9]);
0400     CHECK_REG(PT_R10, gpr[10]);
0401     CHECK_REG(PT_R11, gpr[11]);
0402     CHECK_REG(PT_R12, gpr[12]);
0403     CHECK_REG(PT_R13, gpr[13]);
0404     CHECK_REG(PT_R14, gpr[14]);
0405     CHECK_REG(PT_R15, gpr[15]);
0406     CHECK_REG(PT_R16, gpr[16]);
0407     CHECK_REG(PT_R17, gpr[17]);
0408     CHECK_REG(PT_R18, gpr[18]);
0409     CHECK_REG(PT_R19, gpr[19]);
0410     CHECK_REG(PT_R20, gpr[20]);
0411     CHECK_REG(PT_R21, gpr[21]);
0412     CHECK_REG(PT_R22, gpr[22]);
0413     CHECK_REG(PT_R23, gpr[23]);
0414     CHECK_REG(PT_R24, gpr[24]);
0415     CHECK_REG(PT_R25, gpr[25]);
0416     CHECK_REG(PT_R26, gpr[26]);
0417     CHECK_REG(PT_R27, gpr[27]);
0418     CHECK_REG(PT_R28, gpr[28]);
0419     CHECK_REG(PT_R29, gpr[29]);
0420     CHECK_REG(PT_R30, gpr[30]);
0421     CHECK_REG(PT_R31, gpr[31]);
0422     CHECK_REG(PT_NIP, nip);
0423     CHECK_REG(PT_MSR, msr);
0424     CHECK_REG(PT_ORIG_R3, orig_gpr3);
0425     CHECK_REG(PT_CTR, ctr);
0426     CHECK_REG(PT_LNK, link);
0427     CHECK_REG(PT_XER, xer);
0428     CHECK_REG(PT_CCR, ccr);
0429 #ifdef CONFIG_PPC64
0430     CHECK_REG(PT_SOFTE, softe);
0431 #else
0432     CHECK_REG(PT_MQ, mq);
0433 #endif
0434     CHECK_REG(PT_TRAP, trap);
0435     CHECK_REG(PT_DAR, dar);
0436     CHECK_REG(PT_DSISR, dsisr);
0437     CHECK_REG(PT_RESULT, result);
0438     #undef CHECK_REG
0439
0440     BUILD_BUG_ON(PT_REGS_COUNT != sizeof(struct user_pt_regs) / sizeof(unsigned long));
0441
0442     /*
0443      * PT_DSCR isn't a real reg, but it's important that it doesn't overlap the
0444      * real registers.
0445      */
0446     BUILD_BUG_ON(PT_DSCR < sizeof(struct user_pt_regs) / sizeof(unsigned long));
0447
0448     // ptrace_get/put_fpr() rely on PPC32 and VSX being incompatible
0449     BUILD_BUG_ON(IS_ENABLED(CONFIG_PPC32) && IS_ENABLED(CONFIG_VSX));
0450 }