File: /usr/src/linux/arch/ia64/kernel/ptrace.c
1 /*
2 * Kernel support for the ptrace() and syscall tracing interfaces.
3 *
4 * Copyright (C) 1999-2001 Hewlett-Packard Co
5 * Copyright (C) 1999-2001 David Mosberger-Tang <davidm@hpl.hp.com>
6 *
7 * Derived from the x86 and Alpha versions. Most of the code in here
8 * could actually be factored into a common set of routines.
9 */
10 #include <linux/config.h>
11 #include <linux/kernel.h>
12 #include <linux/sched.h>
13 #include <linux/mm.h>
14 #include <linux/errno.h>
15 #include <linux/ptrace.h>
16 #include <linux/smp_lock.h>
17 #include <linux/user.h>
18
19 #include <asm/pgtable.h>
20 #include <asm/processor.h>
21 #include <asm/ptrace_offsets.h>
22 #include <asm/rse.h>
23 #include <asm/system.h>
24 #include <asm/uaccess.h>
25 #include <asm/unwind.h>
26
27 /*
28 * Bits in the PSR that we allow ptrace() to change:
29 * be, up, ac, mfl, mfh (the user mask; five bits total)
30 * db (debug breakpoint fault; one bit)
31 * id (instruction debug fault disable; one bit)
32 * dd (data debug fault disable; one bit)
33 * ri (restart instruction; two bits)
34 * is (instruction set; one bit)
35 */
36 #define IPSR_WRITE_MASK \
37 (IA64_PSR_UM | IA64_PSR_DB | IA64_PSR_IS | IA64_PSR_ID | IA64_PSR_DD | IA64_PSR_RI)
38 #define IPSR_READ_MASK IPSR_WRITE_MASK
39
40 #define PTRACE_DEBUG 1
41
42 #if PTRACE_DEBUG
43 # define dprintk(format...) printk(format)
44 # define inline
45 #else
46 # define dprintk(format...)
47 #endif
48
49 /*
50 * Collect the NaT bits for r1-r31 from scratch_unat and return a NaT
51 * bitset where bit i is set iff the NaT bit of register i is set.
52 */
53 unsigned long
54 ia64_get_scratch_nat_bits (struct pt_regs *pt, unsigned long scratch_unat)
55 {
56 # define GET_BITS(first, last, unat) \
57 ({ \
58 unsigned long bit = ia64_unat_pos(&pt->r##first); \
59 unsigned long mask = ((1UL << (last - first + 1)) - 1) << first; \
60 (ia64_rotl(unat, first) >> bit) & mask; \
61 })
62 unsigned long val;
63
64 val = GET_BITS( 1, 3, scratch_unat);
65 val |= GET_BITS(12, 15, scratch_unat);
66 val |= GET_BITS( 8, 11, scratch_unat);
67 val |= GET_BITS(16, 31, scratch_unat);
68 return val;
69
70 # undef GET_BITS
71 }
72
73 /*
74 * Set the NaT bits for the scratch registers according to NAT and
75 * return the resulting unat (assuming the scratch registers are
76 * stored in PT).
77 */
78 unsigned long
79 ia64_put_scratch_nat_bits (struct pt_regs *pt, unsigned long nat)
80 {
81 unsigned long scratch_unat;
82
83 # define PUT_BITS(first, last, nat) \
84 ({ \
85 unsigned long bit = ia64_unat_pos(&pt->r##first); \
86 unsigned long mask = ((1UL << (last - first + 1)) - 1) << bit; \
87 (ia64_rotr(nat, first) << bit) & mask; \
88 })
89 scratch_unat = PUT_BITS( 1, 3, nat);
90 scratch_unat |= PUT_BITS(12, 15, nat);
91 scratch_unat |= PUT_BITS( 8, 11, nat);
92 scratch_unat |= PUT_BITS(16, 31, nat);
93
94 return scratch_unat;
95
96 # undef PUT_BITS
97 }
98
99 #define IA64_MLX_TEMPLATE 0x2
100 #define IA64_MOVL_OPCODE 6
101
102 void
103 ia64_increment_ip (struct pt_regs *regs)
104 {
105 unsigned long w0, ri = ia64_psr(regs)->ri + 1;
106
107 if (ri > 2) {
108 ri = 0;
109 regs->cr_iip += 16;
110 } else if (ri == 2) {
111 get_user(w0, (char *) regs->cr_iip + 0);
112 if (((w0 >> 1) & 0xf) == IA64_MLX_TEMPLATE) {
113 /*
114 * rfi'ing to slot 2 of an MLX bundle causes
115 * an illegal operation fault. We don't want
116 * that to happen...
117 */
118 ri = 0;
119 regs->cr_iip += 16;
120 }
121 }
122 ia64_psr(regs)->ri = ri;
123 }
124
125 void
126 ia64_decrement_ip (struct pt_regs *regs)
127 {
128 unsigned long w0, ri = ia64_psr(regs)->ri - 1;
129
130 if (ia64_psr(regs)->ri == 0) {
131 regs->cr_iip -= 16;
132 ri = 2;
133 get_user(w0, (char *) regs->cr_iip + 0);
134 if (((w0 >> 1) & 0xf) == IA64_MLX_TEMPLATE) {
135 /*
136 * rfi'ing to slot 2 of an MLX bundle causes
137 * an illegal operation fault. We don't want
138 * that to happen...
139 */
140 ri = 1;
141 }
142 }
143 ia64_psr(regs)->ri = ri;
144 }
145
146 /*
147 * This routine is used to read an rnat bits that are stored on the kernel backing store.
148 * Since, in general, the alignment of the user and kernel are different, this is not
149 * completely trivial. In essence, we need to construct the user RNAT based on up to two
150 * kernel RNAT values and/or the RNAT value saved in the child's pt_regs.
151 *
152 * user rbs
153 *
154 * +--------+ <-- lowest address
155 * | slot62 |
156 * +--------+
157 * | rnat | 0x....1f8
158 * +--------+
159 * | slot00 | \
160 * +--------+ |
161 * | slot01 | > child_regs->ar_rnat
162 * +--------+ |
163 * | slot02 | / kernel rbs
164 * +--------+ +--------+
165 * <- child_regs->ar_bspstore | slot61 | <-- krbs
166 * +- - - - + +--------+
167 * | slot62 |
168 * +- - - - + +--------+
169 * | rnat |
170 * +- - - - + +--------+
171 * vrnat | slot00 |
172 * +- - - - + +--------+
173 * = =
174 * +--------+
175 * | slot00 | \
176 * +--------+ |
177 * | slot01 | > child_stack->ar_rnat
178 * +--------+ |
179 * | slot02 | /
180 * +--------+
181 * <--- child_stack->ar_bspstore
182 *
183 * The way to think of this code is as follows: bit 0 in the user rnat corresponds to some
184 * bit N (0 <= N <= 62) in one of the kernel rnat value. The kernel rnat value holding
185 * this bit is stored in variable rnat0. rnat1 is loaded with the kernel rnat value that
186 * form the upper bits of the user rnat value.
187 *
188 * Boundary cases:
189 *
190 * o when reading the rnat "below" the first rnat slot on the kernel backing store,
191 * rnat0/rnat1 are set to 0 and the low order bits are merged in from pt->ar_rnat.
192 *
193 * o when reading the rnat "above" the last rnat slot on the kernel backing store,
194 * rnat0/rnat1 gets its value from sw->ar_rnat.
195 */
196 static unsigned long
197 get_rnat (struct pt_regs *pt, struct switch_stack *sw,
198 unsigned long *krbs, unsigned long *urnat_addr)
199 {
200 unsigned long rnat0 = 0, rnat1 = 0, urnat = 0, *slot0_kaddr, kmask = ~0UL;
201 unsigned long *kbsp, *ubspstore, *rnat0_kaddr, *rnat1_kaddr, shift;
202 long num_regs;
203
204 kbsp = (unsigned long *) sw->ar_bspstore;
205 ubspstore = (unsigned long *) pt->ar_bspstore;
206 /*
207 * First, figure out which bit number slot 0 in user-land maps
208 * to in the kernel rnat. Do this by figuring out how many
209 * register slots we're beyond the user's backingstore and
210 * then computing the equivalent address in kernel space.
211 */
212 num_regs = ia64_rse_num_regs(ubspstore, urnat_addr + 1);
213 slot0_kaddr = ia64_rse_skip_regs(krbs, num_regs);
214 shift = ia64_rse_slot_num(slot0_kaddr);
215 rnat1_kaddr = ia64_rse_rnat_addr(slot0_kaddr);
216 rnat0_kaddr = rnat1_kaddr - 64;
217
218 if (ubspstore + 63 > urnat_addr) {
219 /* some bits need to be merged in from pt->ar_rnat */
220 kmask = ~((1UL << ia64_rse_slot_num(ubspstore)) - 1);
221 urnat = (pt->ar_rnat & ~kmask);
222 }
223 if (rnat0_kaddr >= kbsp) {
224 rnat0 = sw->ar_rnat;
225 } else if (rnat0_kaddr > krbs) {
226 rnat0 = *rnat0_kaddr;
227 }
228 if (rnat1_kaddr >= kbsp) {
229 rnat1 = sw->ar_rnat;
230 } else if (rnat1_kaddr > krbs) {
231 rnat1 = *rnat1_kaddr;
232 }
233 urnat |= ((rnat1 << (63 - shift)) | (rnat0 >> shift)) & kmask;
234 return urnat;
235 }
236
237 /*
238 * The reverse of get_rnat.
239 */
240 static void
241 put_rnat (struct pt_regs *pt, struct switch_stack *sw,
242 unsigned long *krbs, unsigned long *urnat_addr, unsigned long urnat)
243 {
244 unsigned long rnat0 = 0, rnat1 = 0, rnat = 0, *slot0_kaddr, kmask = ~0UL, mask;
245 unsigned long *kbsp, *ubspstore, *rnat0_kaddr, *rnat1_kaddr, shift;
246 long num_regs;
247
248 kbsp = (unsigned long *) sw->ar_bspstore;
249 ubspstore = (unsigned long *) pt->ar_bspstore;
250 /*
251 * First, figure out which bit number slot 0 in user-land maps
252 * to in the kernel rnat. Do this by figuring out how many
253 * register slots we're beyond the user's backingstore and
254 * then computing the equivalent address in kernel space.
255 */
256 num_regs = (long) ia64_rse_num_regs(ubspstore, urnat_addr + 1);
257 slot0_kaddr = ia64_rse_skip_regs(krbs, num_regs);
258 shift = ia64_rse_slot_num(slot0_kaddr);
259 rnat1_kaddr = ia64_rse_rnat_addr(slot0_kaddr);
260 rnat0_kaddr = rnat1_kaddr - 64;
261
262 if (ubspstore + 63 > urnat_addr) {
263 /* some bits need to be place in pt->ar_rnat: */
264 kmask = ~((1UL << ia64_rse_slot_num(ubspstore)) - 1);
265 pt->ar_rnat = (pt->ar_rnat & kmask) | (rnat & ~kmask);
266 }
267 /*
268 * Note: Section 11.1 of the EAS guarantees that bit 63 of an
269 * rnat slot is ignored. so we don't have to clear it here.
270 */
271 rnat0 = (urnat << shift);
272 mask = ~0UL << shift;
273 if (rnat0_kaddr >= kbsp) {
274 sw->ar_rnat = (sw->ar_rnat & ~mask) | (rnat0 & mask);
275 } else if (rnat0_kaddr > krbs) {
276 *rnat0_kaddr = ((*rnat0_kaddr & ~mask) | (rnat0 & mask));
277 }
278
279 rnat1 = (urnat >> (63 - shift));
280 mask = ~0UL >> (63 - shift);
281 if (rnat1_kaddr >= kbsp) {
282 sw->ar_rnat = (sw->ar_rnat & ~mask) | (rnat1 & mask);
283 } else if (rnat1_kaddr > krbs) {
284 *rnat1_kaddr = ((*rnat1_kaddr & ~mask) | (rnat1 & mask));
285 }
286 }
287
288 /*
289 * Read a word from the user-level backing store of task CHILD. ADDR is the user-level
290 * address to read the word from, VAL a pointer to the return value, and USER_BSP gives
291 * the end of the user-level backing store (i.e., it's the address that would be in ar.bsp
292 * after the user executed a "cover" instruction).
293 *
294 * This routine takes care of accessing the kernel register backing store for those
295 * registers that got spilled there. It also takes care of calculating the appropriate
296 * RNaT collection words.
297 */
298 long
299 ia64_peek (struct task_struct *child, struct switch_stack *child_stack, unsigned long user_rbs_end,
300 unsigned long addr, long *val)
301 {
302 unsigned long *bspstore, *krbs, regnum, *laddr, *urbs_end, *rnat_addr;
303 struct pt_regs *child_regs;
304 size_t copied;
305 long ret;
306
307 urbs_end = (long *) user_rbs_end;
308 laddr = (unsigned long *) addr;
309 child_regs = ia64_task_regs(child);
310 bspstore = (unsigned long *) child_regs->ar_bspstore;
311 krbs = (unsigned long *) child + IA64_RBS_OFFSET/8;
312 if (laddr >= bspstore && laddr <= ia64_rse_rnat_addr(urbs_end)) {
313 /*
314 * Attempt to read the RBS in an area that's actually on the kernel RBS =>
315 * read the corresponding bits in the kernel RBS.
316 */
317 rnat_addr = ia64_rse_rnat_addr(laddr);
318 ret = get_rnat(child_regs, child_stack, krbs, rnat_addr);
319
320 if (laddr == rnat_addr) {
321 /* return NaT collection word itself */
322 *val = ret;
323 return 0;
324 }
325
326 if (((1UL << ia64_rse_slot_num(laddr)) & ret) != 0) {
327 /*
328 * It is implementation dependent whether the data portion of a
329 * NaT value gets saved on a st8.spill or RSE spill (e.g., see
330 * EAS 2.6, 4.4.4.6 Register Spill and Fill). To get consistent
331 * behavior across all possible IA-64 implementations, we return
332 * zero in this case.
333 */
334 *val = 0;
335 return 0;
336 }
337
338 if (laddr < urbs_end) {
339 /* the desired word is on the kernel RBS and is not a NaT */
340 regnum = ia64_rse_num_regs(bspstore, laddr);
341 *val = *ia64_rse_skip_regs(krbs, regnum);
342 return 0;
343 }
344 }
345 copied = access_process_vm(child, addr, &ret, sizeof(ret), 0);
346 if (copied != sizeof(ret))
347 return -EIO;
348 *val = ret;
349 return 0;
350 }
351
352 long
353 ia64_poke (struct task_struct *child, struct switch_stack *child_stack, unsigned long user_rbs_end,
354 unsigned long addr, long val)
355 {
356 unsigned long *bspstore, *krbs, regnum, *laddr, *urbs_end = (long *) user_rbs_end;
357 struct pt_regs *child_regs;
358
359 laddr = (unsigned long *) addr;
360 child_regs = ia64_task_regs(child);
361 bspstore = (unsigned long *) child_regs->ar_bspstore;
362 krbs = (unsigned long *) child + IA64_RBS_OFFSET/8;
363 if (laddr >= bspstore && laddr <= ia64_rse_rnat_addr(urbs_end)) {
364 /*
365 * Attempt to write the RBS in an area that's actually on the kernel RBS
366 * => write the corresponding bits in the kernel RBS.
367 */
368 if (ia64_rse_is_rnat_slot(laddr))
369 put_rnat(child_regs, child_stack, krbs, laddr, val);
370 else {
371 if (laddr < urbs_end) {
372 regnum = ia64_rse_num_regs(bspstore, laddr);
373 *ia64_rse_skip_regs(krbs, regnum) = val;
374 }
375 }
376 } else if (access_process_vm(child, addr, &val, sizeof(val), 1) != sizeof(val)) {
377 return -EIO;
378 }
379 return 0;
380 }
381
382 /*
383 * Calculate the address of the end of the user-level register backing store. This is the
384 * address that would have been stored in ar.bsp if the user had executed a "cover"
385 * instruction right before entering the kernel. If CFMP is not NULL, it is used to
386 * return the "current frame mask" that was active at the time the kernel was entered.
387 */
388 unsigned long
389 ia64_get_user_rbs_end (struct task_struct *child, struct pt_regs *pt, unsigned long *cfmp)
390 {
391 unsigned long *krbs, *bspstore, cfm;
392 struct unw_frame_info info;
393 long ndirty;
394
395 krbs = (unsigned long *) child + IA64_RBS_OFFSET/8;
396 bspstore = (unsigned long *) pt->ar_bspstore;
397 ndirty = ia64_rse_num_regs(krbs, krbs + (pt->loadrs >> 19));
398 cfm = pt->cr_ifs & ~(1UL << 63);
399
400 if ((long) pt->cr_ifs >= 0) {
401 /*
402 * If bit 63 of cr.ifs is cleared, the kernel was entered via a system
403 * call and we need to recover the CFM that existed on entry to the
404 * kernel by unwinding the kernel stack.
405 */
406 unw_init_from_blocked_task(&info, child);
407 if (unw_unwind_to_user(&info) == 0) {
408 unw_get_cfm(&info, &cfm);
409 ndirty += (cfm & 0x7f);
410 }
411 }
412 if (cfmp)
413 *cfmp = cfm;
414 return (unsigned long) ia64_rse_skip_regs(bspstore, ndirty);
415 }
416
417 /*
418 * Synchronize (i.e, write) the RSE backing store living in kernel space to the VM of the
419 * CHILD task. SW and PT are the pointers to the switch_stack and pt_regs structures,
420 * respectively. USER_RBS_END is the user-level address at which the backing store ends.
421 */
422 long
423 ia64_sync_user_rbs (struct task_struct *child, struct switch_stack *sw,
424 unsigned long user_rbs_start, unsigned long user_rbs_end)
425 {
426 unsigned long addr, val;
427 long ret;
428
429 /* now copy word for word from kernel rbs to user rbs: */
430 for (addr = user_rbs_start; addr < user_rbs_end; addr += 8) {
431 ret = ia64_peek(child, sw, user_rbs_end, addr, &val);
432 if (ret < 0)
433 return ret;
434 if (access_process_vm(child, addr, &val, sizeof(val), 1) != sizeof(val))
435 return -EIO;
436 }
437 return 0;
438 }
439
440 /*
441 * Simulate user-level "flushrs". Note: we can't just add pt->loadrs>>16 to
442 * pt->ar_bspstore because the kernel backing store and the user-level backing store may
443 * have different alignments (and therefore a different number of intervening rnat slots).
444 */
445 static void
446 user_flushrs (struct task_struct *task, struct pt_regs *pt)
447 {
448 unsigned long *krbs;
449 long ndirty;
450
451 krbs = (unsigned long *) task + IA64_RBS_OFFSET/8;
452 ndirty = ia64_rse_num_regs(krbs, krbs + (pt->loadrs >> 19));
453
454 pt->ar_bspstore = (unsigned long) ia64_rse_skip_regs((unsigned long *) pt->ar_bspstore,
455 ndirty);
456 pt->loadrs = 0;
457 }
458
459 /*
460 * Synchronize the RSE backing store of CHILD and all tasks that share the address space
461 * with it. CHILD_URBS_END is the address of the end of the register backing store of
462 * CHILD. If MAKE_WRITABLE is set, a user-level "flushrs" is simulated such that the VM
463 * can be written via ptrace() and the tasks will pick up the newly written values. It
464 * would be OK to unconditionally simulate a "flushrs", but this would be more intrusive
465 * than strictly necessary (e.g., it would make it impossible to obtain the original value
466 * of ar.bspstore).
467 */
468 static void
469 threads_sync_user_rbs (struct task_struct *child, unsigned long child_urbs_end, int make_writable)
470 {
471 struct switch_stack *sw;
472 unsigned long urbs_end;
473 struct task_struct *p;
474 struct mm_struct *mm;
475 struct pt_regs *pt;
476 long multi_threaded;
477
478 task_lock(child);
479 {
480 mm = child->mm;
481 multi_threaded = mm && (atomic_read(&mm->mm_users) > 1);
482 }
483 task_unlock(child);
484
485 if (!multi_threaded) {
486 sw = (struct switch_stack *) (child->thread.ksp + 16);
487 pt = ia64_task_regs(child);
488 ia64_sync_user_rbs(child, sw, pt->ar_bspstore, child_urbs_end);
489 if (make_writable)
490 user_flushrs(child, pt);
491 } else {
492 read_lock(&tasklist_lock);
493 {
494 for_each_task(p) {
495 if (p->mm == mm && p->state != TASK_RUNNING) {
496 sw = (struct switch_stack *) (p->thread.ksp + 16);
497 pt = ia64_task_regs(p);
498 urbs_end = ia64_get_user_rbs_end(p, pt, NULL);
499 ia64_sync_user_rbs(p, sw, pt->ar_bspstore, urbs_end);
500 if (make_writable)
501 user_flushrs(p, pt);
502 }
503 }
504 }
505 read_unlock(&tasklist_lock);
506 }
507 child->thread.flags |= IA64_THREAD_KRBS_SYNCED; /* set the flag in the child thread only */
508 }
509
510 /*
511 * Write f32-f127 back to task->thread.fph if it has been modified.
512 */
513 inline void
514 ia64_flush_fph (struct task_struct *task)
515 {
516 struct ia64_psr *psr = ia64_psr(ia64_task_regs(task));
517 #ifdef CONFIG_SMP
518 struct task_struct *fpu_owner = current;
519 #else
520 struct task_struct *fpu_owner = ia64_get_fpu_owner();
521 #endif
522
523 if (task == fpu_owner && psr->mfh) {
524 psr->mfh = 0;
525 ia64_save_fpu(&task->thread.fph[0]);
526 task->thread.flags |= IA64_THREAD_FPH_VALID;
527 }
528 }
529
530 /*
531 * Sync the fph state of the task so that it can be manipulated
532 * through thread.fph. If necessary, f32-f127 are written back to
533 * thread.fph or, if the fph state hasn't been used before, thread.fph
534 * is cleared to zeroes. Also, access to f32-f127 is disabled to
535 * ensure that the task picks up the state from thread.fph when it
536 * executes again.
537 */
538 void
539 ia64_sync_fph (struct task_struct *task)
540 {
541 struct ia64_psr *psr = ia64_psr(ia64_task_regs(task));
542
543 ia64_flush_fph(task);
544 if (!(task->thread.flags & IA64_THREAD_FPH_VALID)) {
545 task->thread.flags |= IA64_THREAD_FPH_VALID;
546 memset(&task->thread.fph, 0, sizeof(task->thread.fph));
547 }
548 #ifndef CONFIG_SMP
549 if (ia64_get_fpu_owner() == task)
550 ia64_set_fpu_owner(0);
551 #endif
552 psr->dfh = 1;
553 }
554
555 static int
556 access_fr (struct unw_frame_info *info, int regnum, int hi, unsigned long *data, int write_access)
557 {
558 struct ia64_fpreg fpval;
559 int ret;
560
561 ret = unw_get_fr(info, regnum, &fpval);
562 if (ret < 0)
563 return ret;
564
565 if (write_access) {
566 fpval.u.bits[hi] = *data;
567 ret = unw_set_fr(info, regnum, fpval);
568 } else
569 *data = fpval.u.bits[hi];
570 return ret;
571 }
572
573 static int
574 access_uarea (struct task_struct *child, unsigned long addr, unsigned long *data, int write_access)
575 {
576 unsigned long *ptr, regnum, urbs_end, rnat_addr;
577 struct switch_stack *sw;
578 struct unw_frame_info info;
579 struct pt_regs *pt;
580
581 pt = ia64_task_regs(child);
582 sw = (struct switch_stack *) (child->thread.ksp + 16);
583
584 if ((addr & 0x7) != 0) {
585 dprintk("ptrace: unaligned register address 0x%lx\n", addr);
586 return -1;
587 }
588
589 if (addr < PT_F127 + 16) {
590 /* accessing fph */
591 if (write_access)
592 ia64_sync_fph(child);
593 else
594 ia64_flush_fph(child);
595 ptr = (unsigned long *) ((unsigned long) &child->thread.fph + addr);
596 } else if (addr >= PT_F10 && addr < PT_F15 + 16) {
597 /* scratch registers untouched by kernel (saved in switch_stack) */
598 ptr = (unsigned long *) ((long) sw + addr - PT_NAT_BITS);
599 } else if (addr < PT_AR_LC + 8) {
600 /* preserved state: */
601 unsigned long nat_bits, scratch_unat, dummy = 0;
602 struct unw_frame_info info;
603 char nat = 0;
604 int ret;
605
606 unw_init_from_blocked_task(&info, child);
607 if (unw_unwind_to_user(&info) < 0)
608 return -1;
609
610 switch (addr) {
611 case PT_NAT_BITS:
612 if (write_access) {
613 nat_bits = *data;
614 scratch_unat = ia64_put_scratch_nat_bits(pt, nat_bits);
615 if (unw_set_ar(&info, UNW_AR_UNAT, scratch_unat) < 0) {
616 dprintk("ptrace: failed to set ar.unat\n");
617 return -1;
618 }
619 for (regnum = 4; regnum <= 7; ++regnum) {
620 unw_get_gr(&info, regnum, &dummy, &nat);
621 unw_set_gr(&info, regnum, dummy, (nat_bits >> regnum) & 1);
622 }
623 } else {
624 if (unw_get_ar(&info, UNW_AR_UNAT, &scratch_unat) < 0) {
625 dprintk("ptrace: failed to read ar.unat\n");
626 return -1;
627 }
628 nat_bits = ia64_get_scratch_nat_bits(pt, scratch_unat);
629 for (regnum = 4; regnum <= 7; ++regnum) {
630 unw_get_gr(&info, regnum, &dummy, &nat);
631 nat_bits |= (nat != 0) << regnum;
632 }
633 *data = nat_bits;
634 }
635 return 0;
636
637 case PT_R4: case PT_R5: case PT_R6: case PT_R7:
638 if (write_access) {
639 /* read NaT bit first: */
640 ret = unw_get_gr(&info, (addr - PT_R4)/8 + 4, data, &nat);
641 if (ret < 0)
642 return ret;
643 }
644 return unw_access_gr(&info, (addr - PT_R4)/8 + 4, data, &nat,
645 write_access);
646
647 case PT_B1: case PT_B2: case PT_B3: case PT_B4: case PT_B5:
648 return unw_access_br(&info, (addr - PT_B1)/8 + 1, data, write_access);
649
650 case PT_AR_EC:
651 return unw_access_ar(&info, UNW_AR_EC, data, write_access);
652
653 case PT_AR_LC:
654 return unw_access_ar(&info, UNW_AR_LC, data, write_access);
655
656 default:
657 if (addr >= PT_F2 && addr < PT_F5 + 16)
658 return access_fr(&info, (addr - PT_F2)/16 + 2, (addr & 8) != 0,
659 data, write_access);
660 else if (addr >= PT_F16 && addr < PT_F31 + 16)
661 return access_fr(&info, (addr - PT_F16)/16 + 16, (addr & 8) != 0,
662 data, write_access);
663 else {
664 dprintk("ptrace: rejecting access to register address 0x%lx\n",
665 addr);
666 return -1;
667 }
668 }
669 } else if (addr < PT_F9+16) {
670 /* scratch state */
671 switch (addr) {
672 case PT_AR_BSP:
673 /*
674 * By convention, we use PT_AR_BSP to refer to the end of the user-level
675 * backing store. Use ia64_rse_skip_regs(PT_AR_BSP, -CFM.sof) to get
676 * the real value of ar.bsp at the time the kernel was entered.
677 */
678 urbs_end = ia64_get_user_rbs_end(child, pt, NULL);
679 if (write_access) {
680 if (*data != urbs_end) {
681 if (ia64_sync_user_rbs(child, sw,
682 pt->ar_bspstore, urbs_end) < 0)
683 return -1;
684 /* simulate user-level write of ar.bsp: */
685 pt->loadrs = 0;
686 pt->ar_bspstore = *data;
687 }
688 } else
689 *data = urbs_end;
690 return 0;
691
692 case PT_CFM:
693 if ((long) pt->cr_ifs < 0) {
694 if (write_access)
695 pt->cr_ifs = ((pt->cr_ifs & ~0x3fffffffffUL)
696 | (*data & 0x3fffffffffUL));
697 else
698 *data = pt->cr_ifs & 0x3fffffffffUL;
699 } else {
700 /* kernel was entered through a system call */
701 unsigned long cfm;
702
703 unw_init_from_blocked_task(&info, child);
704 if (unw_unwind_to_user(&info) < 0)
705 return -1;
706
707 unw_get_cfm(&info, &cfm);
708 if (write_access)
709 unw_set_cfm(&info, ((cfm & ~0x3fffffffffU)
710 | (*data & 0x3fffffffffUL)));
711 else
712 *data = cfm;
713 }
714 return 0;
715
716 case PT_CR_IPSR:
717 if (write_access)
718 pt->cr_ipsr = ((*data & IPSR_WRITE_MASK)
719 | (pt->cr_ipsr & ~IPSR_WRITE_MASK));
720 else
721 *data = (pt->cr_ipsr & IPSR_READ_MASK);
722 return 0;
723
724 case PT_AR_RNAT:
725 urbs_end = ia64_get_user_rbs_end(child, pt, NULL);
726 rnat_addr = (long) ia64_rse_rnat_addr((long *) urbs_end);
727 if (write_access)
728 return ia64_poke(child, sw, urbs_end, rnat_addr, *data);
729 else
730 return ia64_peek(child, sw, urbs_end, rnat_addr, data);
731
732 case PT_R1: case PT_R2: case PT_R3:
733 case PT_R8: case PT_R9: case PT_R10: case PT_R11:
734 case PT_R12: case PT_R13: case PT_R14: case PT_R15:
735 case PT_R16: case PT_R17: case PT_R18: case PT_R19:
736 case PT_R20: case PT_R21: case PT_R22: case PT_R23:
737 case PT_R24: case PT_R25: case PT_R26: case PT_R27:
738 case PT_R28: case PT_R29: case PT_R30: case PT_R31:
739 case PT_B0: case PT_B6: case PT_B7:
740 case PT_F6: case PT_F6+8: case PT_F7: case PT_F7+8:
741 case PT_F8: case PT_F8+8: case PT_F9: case PT_F9+8:
742 case PT_AR_BSPSTORE:
743 case PT_AR_RSC: case PT_AR_UNAT: case PT_AR_PFS:
744 case PT_AR_CCV: case PT_AR_FPSR: case PT_CR_IIP: case PT_PR:
745 /* scratch register */
746 ptr = (unsigned long *) ((long) pt + addr - PT_CR_IPSR);
747 break;
748
749 default:
750 /* disallow accessing anything else... */
751 dprintk("ptrace: rejecting access to register address 0x%lx\n",
752 addr);
753 return -1;
754 }
755 } else {
756 /* access debug registers */
757
758 if (!(child->thread.flags & IA64_THREAD_DBG_VALID)) {
759 child->thread.flags |= IA64_THREAD_DBG_VALID;
760 memset(child->thread.dbr, 0, sizeof(child->thread.dbr));
761 memset(child->thread.ibr, 0, sizeof(child->thread.ibr));
762 }
763 if (addr >= PT_IBR) {
764 regnum = (addr - PT_IBR) >> 3;
765 ptr = &child->thread.ibr[0];
766 } else {
767 regnum = (addr - PT_DBR) >> 3;
768 ptr = &child->thread.dbr[0];
769 }
770
771 if (regnum >= 8) {
772 dprintk("ptrace: rejecting access to register address 0x%lx\n", addr);
773 return -1;
774 }
775
776 ptr += regnum;
777
778 if (write_access)
779 /* don't let the user set kernel-level breakpoints... */
780 *ptr = *data & ~(7UL << 56);
781 else
782 *data = *ptr;
783 return 0;
784 }
785 if (write_access)
786 *ptr = *data;
787 else
788 *data = *ptr;
789 return 0;
790 }
791
792 /*
793 * Called by kernel/ptrace.c when detaching..
794 *
795 * Make sure the single step bit is not set.
796 */
797 void ptrace_disable(struct task_struct *child)
798 {
799 /* make sure the single step/take-branch tra bits are not set: */
800 ia64_psr(pt)->ss = 0;
801 ia64_psr(pt)->tb = 0;
802
803 /* Turn off flag indicating that the KRBS is sync'd with child's VM: */
804 child->thread.flags &= ~IA64_THREAD_KRBS_SYNCED;
805 }
806
807 asmlinkage long
808 sys_ptrace (long request, pid_t pid, unsigned long addr, unsigned long data,
809 long arg4, long arg5, long arg6, long arg7, long stack)
810 {
811 struct pt_regs *pt, *regs = (struct pt_regs *) &stack;
812 unsigned long flags, urbs_end;
813 struct task_struct *child;
814 struct switch_stack *sw;
815 long ret;
816
817 lock_kernel();
818 ret = -EPERM;
819 if (request == PTRACE_TRACEME) {
820 /* are we already being traced? */
821 if (current->ptrace & PT_PTRACED)
822 goto out;
823 current->ptrace |= PT_PTRACED;
824 ret = 0;
825 goto out;
826 }
827
828 ret = -ESRCH;
829 read_lock(&tasklist_lock);
830 {
831 child = find_task_by_pid(pid);
832 if (child)
833 get_task_struct(child);
834 }
835 read_unlock(&tasklist_lock);
836 if (!child)
837 goto out;
838 ret = -EPERM;
839 if (pid == 1) /* no messing around with init! */
840 goto out_tsk;
841
842 if (request == PTRACE_ATTACH) {
843 ret = ptrace_attach(child);
844 goto out_tsk;
845 }
846 ret = -ESRCH;
847 if (!(child->ptrace & PT_PTRACED))
848 goto out_tsk;
849
850 if (child->state != TASK_STOPPED) {
851 if (request != PTRACE_KILL)
852 goto out_tsk;
853 }
854
855 if (child->p_pptr != current)
856 goto out_tsk;
857
858 pt = ia64_task_regs(child);
859 sw = (struct switch_stack *) (child->thread.ksp + 16);
860
861 switch (request) {
862 case PTRACE_PEEKTEXT:
863 case PTRACE_PEEKDATA: /* read word at location addr */
864 urbs_end = ia64_get_user_rbs_end(child, pt, NULL);
865
866 if (!(child->thread.flags & IA64_THREAD_KRBS_SYNCED))
867 threads_sync_user_rbs(child, urbs_end, 0);
868
869 ret = ia64_peek(child, sw, urbs_end, addr, &data);
870 if (ret == 0) {
871 ret = data;
872 regs->r8 = 0; /* ensure "ret" is not mistaken as an error code */
873 }
874 goto out_tsk;
875
876 case PTRACE_POKETEXT:
877 case PTRACE_POKEDATA: /* write the word at location addr */
878 urbs_end = ia64_get_user_rbs_end(child, pt, NULL);
879 if (!(child->thread.flags & IA64_THREAD_KRBS_SYNCED))
880 threads_sync_user_rbs(child, urbs_end, 1);
881
882 ret = ia64_poke(child, sw, urbs_end, addr, data);
883 goto out_tsk;
884
885 case PTRACE_PEEKUSR: /* read the word at addr in the USER area */
886 if (access_uarea(child, addr, &data, 0) < 0) {
887 ret = -EIO;
888 goto out_tsk;
889 }
890 ret = data;
891 regs->r8 = 0; /* ensure "ret" is not mistaken as an error code */
892 goto out_tsk;
893
894 case PTRACE_POKEUSR: /* write the word at addr in the USER area */
895 if (access_uarea(child, addr, &data, 1) < 0) {
896 ret = -EIO;
897 goto out_tsk;
898 }
899 ret = 0;
900 goto out_tsk;
901
902 case PTRACE_GETSIGINFO:
903 ret = -EIO;
904 if (!access_ok(VERIFY_WRITE, data, sizeof (siginfo_t)) || !child->thread.siginfo)
905 goto out_tsk;
906 ret = copy_siginfo_to_user((siginfo_t *) data, child->thread.siginfo);
907 goto out_tsk;
908
909 case PTRACE_SETSIGINFO:
910 ret = -EIO;
911 if (!access_ok(VERIFY_READ, data, sizeof (siginfo_t))
912 || child->thread.siginfo == 0)
913 goto out_tsk;
914 ret = copy_siginfo_from_user(child->thread.siginfo, (siginfo_t *) data);
915 goto out_tsk;
916
917 case PTRACE_SYSCALL: /* continue and stop at next (return from) syscall */
918 case PTRACE_CONT: /* restart after signal. */
919 ret = -EIO;
920 if (data > _NSIG)
921 goto out_tsk;
922 if (request == PTRACE_SYSCALL)
923 child->ptrace |= PT_TRACESYS;
924 else
925 child->ptrace &= ~PT_TRACESYS;
926 child->exit_code = data;
927
928 /* make sure the single step/take-branch tra bits are not set: */
929 ia64_psr(pt)->ss = 0;
930 ia64_psr(pt)->tb = 0;
931
932 /* Turn off flag indicating that the KRBS is sync'd with child's VM: */
933 child->thread.flags &= ~IA64_THREAD_KRBS_SYNCED;
934
935 wake_up_process(child);
936 ret = 0;
937 goto out_tsk;
938
939 case PTRACE_KILL:
940 /*
941 * Make the child exit. Best I can do is send it a
942 * sigkill. Perhaps it should be put in the status
943 * that it wants to exit.
944 */
945 if (child->state == TASK_ZOMBIE) /* already dead */
946 goto out_tsk;
947 child->exit_code = SIGKILL;
948
949 /* make sure the single step/take-branch tra bits are not set: */
950 ia64_psr(pt)->ss = 0;
951 ia64_psr(pt)->tb = 0;
952
953 /* Turn off flag indicating that the KRBS is sync'd with child's VM: */
954 child->thread.flags &= ~IA64_THREAD_KRBS_SYNCED;
955
956 wake_up_process(child);
957 ret = 0;
958 goto out_tsk;
959
960 case PTRACE_SINGLESTEP: /* let child execute for one instruction */
961 case PTRACE_SINGLEBLOCK:
962 ret = -EIO;
963 if (data > _NSIG)
964 goto out_tsk;
965
966 child->ptrace &= ~PT_TRACESYS;
967 if (request == PTRACE_SINGLESTEP) {
968 ia64_psr(pt)->ss = 1;
969 } else {
970 ia64_psr(pt)->tb = 1;
971 }
972 child->exit_code = data;
973
974 /* Turn off flag indicating that the KRBS is sync'd with child's VM: */
975 child->thread.flags &= ~IA64_THREAD_KRBS_SYNCED;
976
977 /* give it a chance to run. */
978 wake_up_process(child);
979 ret = 0;
980 goto out_tsk;
981
982 case PTRACE_DETACH: /* detach a process that was attached. */
983 ret = ptrace_detach(child, data);
984 goto out_tsk;
985
986 default:
987 ret = -EIO;
988 goto out_tsk;
989 }
990 out_tsk:
991 free_task_struct(child);
992 out:
993 unlock_kernel();
994 return ret;
995 }
996
997 void
998 syscall_trace (void)
999 {
1000 if ((current->ptrace & (PT_PTRACED|PT_TRACESYS)) != (PT_PTRACED|PT_TRACESYS))
1001 return;
1002 current->exit_code = SIGTRAP;
1003 set_current_state(TASK_STOPPED);
1004 notify_parent(current, SIGCHLD);
1005 schedule();
1006 /*
1007 * This isn't the same as continuing with a signal, but it
1008 * will do for normal use. strace only continues with a
1009 * signal if the stopping signal is not SIGTRAP. -brl
1010 */
1011 if (current->exit_code) {
1012 send_sig(current->exit_code, current, 1);
1013 current->exit_code = 0;
1014 }
1015 }
1016