2 * linux/arch/arm/kernel/ptrace.c
5 * edited by Linus Torvalds
6 * ARM modifications Copyright (C) 2000 Russell King
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
12 #include <linux/kernel.h>
13 #include <linux/sched.h>
15 #include <linux/smp.h>
16 #include <linux/smp_lock.h>
17 #include <linux/ptrace.h>
18 #include <linux/user.h>
19 #include <linux/security.h>
20 #include <linux/init.h>
22 #include <asm/uaccess.h>
23 #include <asm/pgtable.h>
24 #include <asm/system.h>
25 #include <asm/traps.h>
32 * does not yet catch signals sent when the child dies.
33 * in exit.c or in signal.c.
38 * Breakpoint SWI instruction: SWI &9F0001
40 #define BREAKINST_ARM 0xef9f0001
41 #define BREAKINST_THUMB 0xdf00 /* fill this in later */
44 * New breakpoints - use an undefined instruction. The ARM architecture
45 * reference manual guarantees that the following instruction space
46 * will produce an undefined instruction exception on all CPUs:
48 * ARM: xxxx 0111 1111 xxxx xxxx xxxx 1111 xxxx
49 * Thumb: 1101 1110 xxxx xxxx
51 #define BREAKINST_ARM 0xe7f001f0
52 #define BREAKINST_THUMB 0xde01
56 * Get the address of the live pt_regs for the specified task.
57 * These are saved onto the top kernel stack when the process
60 * Note: if a user thread is execve'd from kernel space, the
61 * kernel stack will not be empty on entry to the kernel, so
62 * ptracing these tasks will fail.
64 static inline struct pt_regs *
65 get_user_regs(struct task_struct *task)
67 return (struct pt_regs *)
68 ((unsigned long)task->thread_info + THREAD_SIZE -
69 8 - sizeof(struct pt_regs));
73 * this routine will get a word off of the processes privileged stack.
74 * the offset is how far from the base addr as stored in the THREAD.
75 * this routine assumes that all the privileged stacks are in our
78 static inline long get_user_reg(struct task_struct *task, int offset)
80 return get_user_regs(task)->uregs[offset];
84 * this routine will put a word on the processes privileged stack.
85 * the offset is how far from the base addr as stored in the THREAD.
86 * this routine assumes that all the privileged stacks are in our
90 put_user_reg(struct task_struct *task, int offset, long data)
92 struct pt_regs newregs, *regs = get_user_regs(task);
96 newregs.uregs[offset] = data;
98 if (valid_user_regs(&newregs)) {
99 regs->uregs[offset] = data;
107 read_u32(struct task_struct *task, unsigned long addr, u32 *res)
111 ret = access_process_vm(task, addr, res, sizeof(*res), 0);
113 return ret == sizeof(*res) ? 0 : -EIO;
117 read_instr(struct task_struct *task, unsigned long addr, u32 *res)
123 ret = access_process_vm(task, addr & ~1, &val, sizeof(val), 0);
124 ret = ret == sizeof(val) ? 0 : -EIO;
128 ret = access_process_vm(task, addr & ~3, &val, sizeof(val), 0);
129 ret = ret == sizeof(val) ? 0 : -EIO;
136 * Get value of register `rn' (in the instruction)
139 ptrace_getrn(struct task_struct *child, unsigned long insn)
141 unsigned int reg = (insn >> 16) & 15;
144 val = get_user_reg(child, reg);
146 val = pc_pointer(val + 8);
152 * Get value of operand 2 (in an ALU instruction)
155 ptrace_getaluop2(struct task_struct *child, unsigned long insn)
161 if (insn & 1 << 25) {
163 shift = (insn >> 8) & 15;
166 val = get_user_reg (child, insn & 15);
169 shift = (int)get_user_reg (child, (insn >> 8) & 15);
171 shift = (insn >> 7) & 31;
173 type = (insn >> 5) & 3;
177 case 0: val <<= shift; break;
178 case 1: val >>= shift; break;
180 val = (((signed long)val) >> shift);
183 val = (val >> shift) | (val << (32 - shift));
190 * Get value of operand 2 (in a LDR instruction)
193 ptrace_getldrop2(struct task_struct *child, unsigned long insn)
199 val = get_user_reg(child, insn & 15);
200 shift = (insn >> 7) & 31;
201 type = (insn >> 5) & 3;
204 case 0: val <<= shift; break;
205 case 1: val >>= shift; break;
207 val = (((signed long)val) >> shift);
210 val = (val >> shift) | (val << (32 - shift));
216 #define OP_MASK 0x01e00000
217 #define OP_AND 0x00000000
218 #define OP_EOR 0x00200000
219 #define OP_SUB 0x00400000
220 #define OP_RSB 0x00600000
221 #define OP_ADD 0x00800000
222 #define OP_ADC 0x00a00000
223 #define OP_SBC 0x00c00000
224 #define OP_RSC 0x00e00000
225 #define OP_ORR 0x01800000
226 #define OP_MOV 0x01a00000
227 #define OP_BIC 0x01c00000
228 #define OP_MVN 0x01e00000
231 get_branch_address(struct task_struct *child, unsigned long pc, unsigned long insn)
235 switch (insn & 0x0e000000) {
241 long aluop1, aluop2, ccbit;
243 if ((insn & 0xf000) != 0xf000)
246 aluop1 = ptrace_getrn(child, insn);
247 aluop2 = ptrace_getaluop2(child, insn);
248 ccbit = get_user_reg(child, REG_PSR) & PSR_C_BIT ? 1 : 0;
250 switch (insn & OP_MASK) {
251 case OP_AND: alt = aluop1 & aluop2; break;
252 case OP_EOR: alt = aluop1 ^ aluop2; break;
253 case OP_SUB: alt = aluop1 - aluop2; break;
254 case OP_RSB: alt = aluop2 - aluop1; break;
255 case OP_ADD: alt = aluop1 + aluop2; break;
256 case OP_ADC: alt = aluop1 + aluop2 + ccbit; break;
257 case OP_SBC: alt = aluop1 - aluop2 + ccbit; break;
258 case OP_RSC: alt = aluop2 - aluop1 + ccbit; break;
259 case OP_ORR: alt = aluop1 | aluop2; break;
260 case OP_MOV: alt = aluop2; break;
261 case OP_BIC: alt = aluop1 & ~aluop2; break;
262 case OP_MVN: alt = ~aluop2; break;
272 if ((insn & 0x0010f000) == 0x0010f000) {
275 base = ptrace_getrn(child, insn);
276 if (insn & 1 << 24) {
279 if (insn & 0x02000000)
280 aluop2 = ptrace_getldrop2(child, insn);
282 aluop2 = insn & 0xfff;
289 if (read_u32(child, base, &alt) == 0)
290 alt = pc_pointer(alt);
298 if ((insn & 0x00108000) == 0x00108000) {
300 unsigned int nr_regs;
302 if (insn & (1 << 23)) {
303 nr_regs = hweight16(insn & 65535) << 2;
305 if (!(insn & (1 << 24)))
308 if (insn & (1 << 24))
314 base = ptrace_getrn(child, insn);
316 if (read_u32(child, base + nr_regs, &alt) == 0)
317 alt = pc_pointer(alt);
327 /* It's a branch/branch link: instead of trying to
328 * figure out whether the branch will be taken or not,
329 * we'll put a breakpoint at both locations. This is
330 * simpler, more reliable, and probably not a whole lot
331 * slower than the alternative approach of emulating the
334 displ = (insn & 0x00ffffff) << 8;
335 displ = (displ >> 6) + 8;
336 if (displ != 0 && displ != 4)
346 swap_insn(struct task_struct *task, unsigned long addr,
347 void *old_insn, void *new_insn, int size)
351 ret = access_process_vm(task, addr, old_insn, size, 0);
353 ret = access_process_vm(task, addr, new_insn, size, 1);
358 add_breakpoint(struct task_struct *task, struct debug_info *dbg, unsigned long addr)
360 int nr = dbg->nsaved;
363 u32 new_insn = BREAKINST_ARM;
366 res = swap_insn(task, addr, &dbg->bp[nr].insn, &new_insn, 4);
369 dbg->bp[nr].address = addr;
373 printk(KERN_ERR "ptrace: too many breakpoints\n");
377 * Clear one breakpoint in the user program. We copy what the hardware
378 * does and use bit 0 of the address to indicate whether this is a Thumb
379 * breakpoint or an ARM breakpoint.
381 static void clear_breakpoint(struct task_struct *task, struct debug_entry *bp)
383 unsigned long addr = bp->address;
384 union debug_insn old_insn;
388 ret = swap_insn(task, addr & ~1, &old_insn.thumb,
391 if (ret != 2 || old_insn.thumb != BREAKINST_THUMB)
392 printk(KERN_ERR "%s:%d: corrupted Thumb breakpoint at "
393 "0x%08lx (0x%04x)\n", task->comm, task->pid,
394 addr, old_insn.thumb);
396 ret = swap_insn(task, addr & ~3, &old_insn.arm,
399 if (ret != 4 || old_insn.arm != BREAKINST_ARM)
400 printk(KERN_ERR "%s:%d: corrupted ARM breakpoint at "
401 "0x%08lx (0x%08x)\n", task->comm, task->pid,
406 void ptrace_set_bpt(struct task_struct *child)
408 struct pt_regs *regs;
413 regs = get_user_regs(child);
414 pc = instruction_pointer(regs);
416 if (thumb_mode(regs)) {
417 printk(KERN_WARNING "ptrace: can't handle thumb mode\n");
421 res = read_instr(child, pc, &insn);
423 struct debug_info *dbg = &child->thread.debug;
428 alt = get_branch_address(child, pc, insn);
430 add_breakpoint(child, dbg, alt);
433 * Note that we ignore the result of setting the above
434 * breakpoint since it may fail. When it does, this is
435 * not so much an error, but a forewarning that we may
436 * be receiving a prefetch abort shortly.
438 * If we don't set this breakpoint here, then we can
439 * lose control of the thread during single stepping.
441 if (!alt || predicate(insn) != PREDICATE_ALWAYS)
442 add_breakpoint(child, dbg, pc + 4);
447 * Ensure no single-step breakpoint is pending. Returns non-zero
448 * value if child was being single-stepped.
450 void ptrace_cancel_bpt(struct task_struct *child)
452 int i, nsaved = child->thread.debug.nsaved;
454 child->thread.debug.nsaved = 0;
457 printk("ptrace_cancel_bpt: bogus nsaved: %d!\n", nsaved);
461 for (i = 0; i < nsaved; i++)
462 clear_breakpoint(child, &child->thread.debug.bp[i]);
466 * Called by kernel/ptrace.c when detaching..
468 * Make sure the single step bit is not set.
470 void ptrace_disable(struct task_struct *child)
472 child->ptrace &= ~PT_SINGLESTEP;
473 ptrace_cancel_bpt(child);
477 * Handle hitting a breakpoint.
479 void ptrace_break(struct task_struct *tsk, struct pt_regs *regs)
483 ptrace_cancel_bpt(tsk);
485 info.si_signo = SIGTRAP;
487 info.si_code = TRAP_BRKPT;
488 info.si_addr = (void *)instruction_pointer(regs);
490 force_sig_info(SIGTRAP, &info, tsk);
493 static int break_trap(struct pt_regs *regs, unsigned int instr)
495 ptrace_break(current, regs);
499 static struct undef_hook arm_break_hook = {
500 .instr_mask = 0x0fffffff,
501 .instr_val = 0x07f001f0,
502 .cpsr_mask = PSR_T_BIT,
507 static struct undef_hook thumb_break_hook = {
508 .instr_mask = 0xffff,
510 .cpsr_mask = PSR_T_BIT,
511 .cpsr_val = PSR_T_BIT,
515 static int __init ptrace_break_init(void)
517 register_undef_hook(&arm_break_hook);
518 register_undef_hook(&thumb_break_hook);
522 core_initcall(ptrace_break_init);
525 * Read the word at offset "off" into the "struct user". We
526 * actually access the pt_regs stored on the kernel stack.
528 static int ptrace_read_user(struct task_struct *tsk, unsigned long off,
529 unsigned long __user *ret)
533 if (off & 3 || off >= sizeof(struct user))
537 if (off < sizeof(struct pt_regs))
538 tmp = get_user_reg(tsk, off >> 2);
540 return put_user(tmp, ret);
544 * Write the word at offset "off" into "struct user". We
545 * actually access the pt_regs stored on the kernel stack.
547 static int ptrace_write_user(struct task_struct *tsk, unsigned long off,
550 if (off & 3 || off >= sizeof(struct user))
553 if (off >= sizeof(struct pt_regs))
556 return put_user_reg(tsk, off >> 2, val);
560 * Get all user integer registers.
562 static int ptrace_getregs(struct task_struct *tsk, void __user *uregs)
564 struct pt_regs *regs = get_user_regs(tsk);
566 return copy_to_user(uregs, regs, sizeof(struct pt_regs)) ? -EFAULT : 0;
570 * Set all user integer registers.
572 static int ptrace_setregs(struct task_struct *tsk, void __user *uregs)
574 struct pt_regs newregs;
578 if (copy_from_user(&newregs, uregs, sizeof(struct pt_regs)) == 0) {
579 struct pt_regs *regs = get_user_regs(tsk);
582 if (valid_user_regs(&newregs)) {
592 * Get the child FPU state.
594 static int ptrace_getfpregs(struct task_struct *tsk, void __user *ufp)
596 return copy_to_user(ufp, &tsk->thread_info->fpstate,
597 sizeof(struct user_fp)) ? -EFAULT : 0;
601 * Set the child FPU state.
603 static int ptrace_setfpregs(struct task_struct *tsk, void __user *ufp)
605 struct thread_info *thread = tsk->thread_info;
606 thread->used_cp[1] = thread->used_cp[2] = 1;
607 return copy_from_user(&thread->fpstate, ufp,
608 sizeof(struct user_fp)) ? -EFAULT : 0;
611 static int do_ptrace(int request, struct task_struct *child, long addr, long data)
618 * read word at location "addr" in the child process.
620 case PTRACE_PEEKTEXT:
621 case PTRACE_PEEKDATA:
622 ret = access_process_vm(child, addr, &tmp,
623 sizeof(unsigned long), 0);
624 if (ret == sizeof(unsigned long))
625 ret = put_user(tmp, (unsigned long *) data);
631 ret = ptrace_read_user(child, addr, (unsigned long __user *)data);
635 * write the word at location addr.
637 case PTRACE_POKETEXT:
638 case PTRACE_POKEDATA:
639 ret = access_process_vm(child, addr, &data,
640 sizeof(unsigned long), 1);
641 if (ret == sizeof(unsigned long))
648 ret = ptrace_write_user(child, addr, data);
652 * continue/restart and stop at next (return from) syscall
657 if ((unsigned long) data > _NSIG)
659 if (request == PTRACE_SYSCALL)
660 set_tsk_thread_flag(child, TIF_SYSCALL_TRACE);
662 clear_tsk_thread_flag(child, TIF_SYSCALL_TRACE);
663 child->exit_code = data;
664 /* make sure single-step breakpoint is gone. */
665 child->ptrace &= ~PT_SINGLESTEP;
666 ptrace_cancel_bpt(child);
667 wake_up_process(child);
672 * make the child exit. Best I can do is send it a sigkill.
673 * perhaps it should be put in the status that it wants to
677 /* make sure single-step breakpoint is gone. */
678 child->ptrace &= ~PT_SINGLESTEP;
679 ptrace_cancel_bpt(child);
680 if (child->state != TASK_ZOMBIE) {
681 child->exit_code = SIGKILL;
682 wake_up_process(child);
688 * execute single instruction.
690 case PTRACE_SINGLESTEP:
692 if ((unsigned long) data > _NSIG)
694 child->ptrace |= PT_SINGLESTEP;
695 clear_tsk_thread_flag(child, TIF_SYSCALL_TRACE);
696 child->exit_code = data;
697 /* give it a chance to run. */
698 wake_up_process(child);
703 ret = ptrace_detach(child, data);
707 ret = ptrace_getregs(child, (void __user *)data);
711 ret = ptrace_setregs(child, (void __user *)data);
714 case PTRACE_GETFPREGS:
715 ret = ptrace_getfpregs(child, (void __user *)data);
718 case PTRACE_SETFPREGS:
719 ret = ptrace_setfpregs(child, (void __user *)data);
723 ret = ptrace_request(child, request, addr, data);
730 asmlinkage int sys_ptrace(long request, long pid, long addr, long data)
732 struct task_struct *child;
737 if (request == PTRACE_TRACEME) {
738 /* are we already being traced? */
739 if (current->ptrace & PT_PTRACED)
741 ret = security_ptrace(current->parent, current);
744 /* set the ptrace bit in the process flags. */
745 current->ptrace |= PT_PTRACED;
750 read_lock(&tasklist_lock);
751 child = find_task_by_pid(pid);
753 get_task_struct(child);
754 read_unlock(&tasklist_lock);
759 if (pid == 1) /* you may not mess with init */
762 if (request == PTRACE_ATTACH) {
763 ret = ptrace_attach(child);
766 ret = ptrace_check_attach(child, request == PTRACE_KILL);
768 ret = do_ptrace(request, child, addr, data);
771 put_task_struct(child);
777 asmlinkage void syscall_trace(int why, struct pt_regs *regs)
781 if (!test_thread_flag(TIF_SYSCALL_TRACE))
783 if (!(current->ptrace & PT_PTRACED))
787 * Save IP. IP is used to denote syscall entry/exit:
788 * IP = 0 -> entry, = 1 -> exit
793 /* the 0x80 provides a way for the tracing parent to distinguish
794 between a syscall stop and SIGTRAP delivery */
795 current->exit_code = SIGTRAP | ((current->ptrace & PT_TRACESYSGOOD)
797 current->state = TASK_STOPPED;
798 notify_parent(current, SIGCHLD);
801 * this isn't the same as continuing with a signal, but it will do
802 * for normal use. strace only continues with a signal if the
803 * stopping signal is not SIGTRAP. -brl
805 if (current->exit_code) {
806 send_sig(current->exit_code, current, 1);
807 current->exit_code = 0;
git://git.onelab.eu / linux-2.6.git / blob