Branch data Line data Source code
1 : : /*
2 : : * arch/arm/kernel/probes.h
3 : : *
4 : : * Copyright (C) 2011 Jon Medhurst <tixy@yxit.co.uk>.
5 : : *
6 : : * Some contents moved here from arch/arm/include/asm/kprobes.h which is
7 : : * Copyright (C) 2006, 2007 Motorola Inc.
8 : : *
9 : : * This program is free software; you can redistribute it and/or modify
10 : : * it under the terms of the GNU General Public License version 2 as
11 : : * published by the Free Software Foundation.
12 : : *
13 : : * This program is distributed in the hope that it will be useful,
14 : : * but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : : * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 : : * General Public License for more details.
17 : : */
18 : :
19 : : #ifndef _ARM_KERNEL_PROBES_H
20 : : #define _ARM_KERNEL_PROBES_H
21 : :
22 : : #include <linux/types.h>
23 : : #include <linux/stddef.h>
24 : : #include <asm/probes.h>
25 : :
26 : : void __init arm_probes_decode_init(void);
27 : :
28 : : extern probes_check_cc * const probes_condition_checks[16];
29 : :
30 : : #if __LINUX_ARM_ARCH__ >= 7
31 : :
32 : : /* str_pc_offset is architecturally defined from ARMv7 onwards */
33 : : #define str_pc_offset 8
34 : : #define find_str_pc_offset()
35 : :
36 : : #else /* __LINUX_ARM_ARCH__ < 7 */
37 : :
38 : : /* We need a run-time check to determine str_pc_offset */
39 : : extern int str_pc_offset;
40 : : void __init find_str_pc_offset(void);
41 : :
42 : : #endif
43 : :
44 : :
45 : : /*
46 : : * Update ITSTATE after normal execution of an IT block instruction.
47 : : *
48 : : * The 8 IT state bits are split into two parts in CPSR:
49 : : * ITSTATE<1:0> are in CPSR<26:25>
50 : : * ITSTATE<7:2> are in CPSR<15:10>
51 : : */
52 : : static inline unsigned long it_advance(unsigned long cpsr)
53 : : {
54 [ # # # # ]: 0 : if ((cpsr & 0x06000400) == 0) {
[ # # ]
55 : : /* ITSTATE<2:0> == 0 means end of IT block, so clear IT state */
56 : 0 : cpsr &= ~PSR_IT_MASK;
57 : : } else {
58 : : /* We need to shift left ITSTATE<4:0> */
59 : : const unsigned long mask = 0x06001c00; /* Mask ITSTATE<4:0> */
60 : 0 : unsigned long it = cpsr & mask;
61 : 0 : it <<= 1;
62 : 0 : it |= it >> (27 - 10); /* Carry ITSTATE<2> to correct place */
63 : 0 : it &= mask;
64 : 0 : cpsr &= ~mask;
65 : 0 : cpsr |= it;
66 : : }
67 : : return cpsr;
68 : : }
69 : :
70 : : static inline void __kprobes bx_write_pc(long pcv, struct pt_regs *regs)
71 : : {
72 : 0 : long cpsr = regs->ARM_cpsr;
73 [ # # ][ # # ]: 0 : if (pcv & 0x1) {
[ # # # # ]
[ # # ][ # # ]
[ # # ]
74 : 0 : cpsr |= PSR_T_BIT;
75 : 0 : pcv &= ~0x1;
76 : : } else {
77 : 0 : cpsr &= ~PSR_T_BIT;
78 : 0 : pcv &= ~0x2; /* Avoid UNPREDICTABLE address allignment */
79 : : }
80 : 0 : regs->ARM_cpsr = cpsr;
81 : 0 : regs->ARM_pc = pcv;
82 : : }
83 : :
84 : :
85 : : #if __LINUX_ARM_ARCH__ >= 6
86 : :
87 : : /* Kernels built for >= ARMv6 should never run on <= ARMv5 hardware, so... */
88 : : #define load_write_pc_interworks true
89 : : #define test_load_write_pc_interworking()
90 : :
91 : : #else /* __LINUX_ARM_ARCH__ < 6 */
92 : :
93 : : /* We need run-time testing to determine if load_write_pc() should interwork. */
94 : : extern bool load_write_pc_interworks;
95 : : void __init test_load_write_pc_interworking(void);
96 : :
97 : : #endif
98 : :
99 : : static inline void __kprobes load_write_pc(long pcv, struct pt_regs *regs)
100 : : {
101 : : if (load_write_pc_interworks)
102 : : bx_write_pc(pcv, regs);
103 : : else
104 : : regs->ARM_pc = pcv;
105 : : }
106 : :
107 : :
108 : : #if __LINUX_ARM_ARCH__ >= 7
109 : :
110 : : #define alu_write_pc_interworks true
111 : : #define test_alu_write_pc_interworking()
112 : :
113 : : #elif __LINUX_ARM_ARCH__ <= 5
114 : :
115 : : /* Kernels built for <= ARMv5 should never run on >= ARMv6 hardware, so... */
116 : : #define alu_write_pc_interworks false
117 : : #define test_alu_write_pc_interworking()
118 : :
119 : : #else /* __LINUX_ARM_ARCH__ == 6 */
120 : :
121 : : /* We could be an ARMv6 binary on ARMv7 hardware so we need a run-time check. */
122 : : extern bool alu_write_pc_interworks;
123 : : void __init test_alu_write_pc_interworking(void);
124 : :
125 : : #endif /* __LINUX_ARM_ARCH__ == 6 */
126 : :
127 : : static inline void __kprobes alu_write_pc(long pcv, struct pt_regs *regs)
128 : : {
129 : : if (alu_write_pc_interworks)
130 : : bx_write_pc(pcv, regs);
131 : : else
132 : : regs->ARM_pc = pcv;
133 : : }
134 : :
135 : :
136 : : /*
137 : : * Test if load/store instructions writeback the address register.
138 : : * if P (bit 24) == 0 or W (bit 21) == 1
139 : : */
140 : : #define is_writeback(insn) ((insn ^ 0x01000000) & 0x01200000)
141 : :
142 : : /*
143 : : * The following definitions and macros are used to build instruction
144 : : * decoding tables for use by probes_decode_insn.
145 : : *
146 : : * These tables are a concatenation of entries each of which consist of one of
147 : : * the decode_* structs. All of the fields in every type of decode structure
148 : : * are of the union type decode_item, therefore the entire decode table can be
149 : : * viewed as an array of these and declared like:
150 : : *
151 : : * static const union decode_item table_name[] = {};
152 : : *
153 : : * In order to construct each entry in the table, macros are used to
154 : : * initialise a number of sequential decode_item values in a layout which
155 : : * matches the relevant struct. E.g. DECODE_SIMULATE initialise a struct
156 : : * decode_simulate by initialising four decode_item objects like this...
157 : : *
158 : : * {.bits = _type},
159 : : * {.bits = _mask},
160 : : * {.bits = _value},
161 : : * {.action = _handler},
162 : : *
163 : : * Initialising a specified member of the union means that the compiler
164 : : * will produce a warning if the argument is of an incorrect type.
165 : : *
166 : : * Below is a list of each of the macros used to initialise entries and a
167 : : * description of the action performed when that entry is matched to an
168 : : * instruction. A match is found when (instruction & mask) == value.
169 : : *
170 : : * DECODE_TABLE(mask, value, table)
171 : : * Instruction decoding jumps to parsing the new sub-table 'table'.
172 : : *
173 : : * DECODE_CUSTOM(mask, value, decoder)
174 : : * The value of 'decoder' is used as an index into the array of
175 : : * action functions, and the retrieved decoder function is invoked
176 : : * to complete decoding of the instruction.
177 : : *
178 : : * DECODE_SIMULATE(mask, value, handler)
179 : : * The probes instruction handler is set to the value found by
180 : : * indexing into the action array using the value of 'handler'. This
181 : : * will be used to simulate the instruction when the probe is hit.
182 : : * Decoding returns with INSN_GOOD_NO_SLOT.
183 : : *
184 : : * DECODE_EMULATE(mask, value, handler)
185 : : * The probes instruction handler is set to the value found by
186 : : * indexing into the action array using the value of 'handler'. This
187 : : * will be used to emulate the instruction when the probe is hit. The
188 : : * modified instruction (see below) is placed in the probes instruction
189 : : * slot so it may be called by the emulation code. Decoding returns
190 : : * with INSN_GOOD.
191 : : *
192 : : * DECODE_REJECT(mask, value)
193 : : * Instruction decoding fails with INSN_REJECTED
194 : : *
195 : : * DECODE_OR(mask, value)
196 : : * This allows the mask/value test of multiple table entries to be
197 : : * logically ORed. Once an 'or' entry is matched the decoding action to
198 : : * be performed is that of the next entry which isn't an 'or'. E.g.
199 : : *
200 : : * DECODE_OR (mask1, value1)
201 : : * DECODE_OR (mask2, value2)
202 : : * DECODE_SIMULATE (mask3, value3, simulation_handler)
203 : : *
204 : : * This means that if any of the three mask/value pairs match the
205 : : * instruction being decoded, then 'simulation_handler' will be used
206 : : * for it.
207 : : *
208 : : * Both the SIMULATE and EMULATE macros have a second form which take an
209 : : * additional 'regs' argument.
210 : : *
211 : : * DECODE_SIMULATEX(mask, value, handler, regs)
212 : : * DECODE_EMULATEX (mask, value, handler, regs)
213 : : *
214 : : * These are used to specify what kind of CPU register is encoded in each of the
215 : : * least significant 5 nibbles of the instruction being decoded. The regs value
216 : : * is specified using the REGS macro, this takes any of the REG_TYPE_* values
217 : : * from enum decode_reg_type as arguments; only the '*' part of the name is
218 : : * given. E.g.
219 : : *
220 : : * REGS(0, ANY, NOPC, 0, ANY)
221 : : *
222 : : * This indicates an instruction is encoded like:
223 : : *
224 : : * bits 19..16 ignore
225 : : * bits 15..12 any register allowed here
226 : : * bits 11.. 8 any register except PC allowed here
227 : : * bits 7.. 4 ignore
228 : : * bits 3.. 0 any register allowed here
229 : : *
230 : : * This register specification is checked after a decode table entry is found to
231 : : * match an instruction (through the mask/value test). Any invalid register then
232 : : * found in the instruction will cause decoding to fail with INSN_REJECTED. In
233 : : * the above example this would happen if bits 11..8 of the instruction were
234 : : * 1111, indicating R15 or PC.
235 : : *
236 : : * As well as checking for legal combinations of registers, this data is also
237 : : * used to modify the registers encoded in the instructions so that an
238 : : * emulation routines can use it. (See decode_regs() and INSN_NEW_BITS.)
239 : : *
240 : : * Here is a real example which matches ARM instructions of the form
241 : : * "AND <Rd>,<Rn>,<Rm>,<shift> <Rs>"
242 : : *
243 : : * DECODE_EMULATEX (0x0e000090, 0x00000010, PROBES_DATA_PROCESSING_REG,
244 : : * REGS(ANY, ANY, NOPC, 0, ANY)),
245 : : * ^ ^ ^ ^
246 : : * Rn Rd Rs Rm
247 : : *
248 : : * Decoding the instruction "AND R4, R5, R6, ASL R15" will be rejected because
249 : : * Rs == R15
250 : : *
251 : : * Decoding the instruction "AND R4, R5, R6, ASL R7" will be accepted and the
252 : : * instruction will be modified to "AND R0, R2, R3, ASL R1" and then placed into
253 : : * the kprobes instruction slot. This can then be called later by the handler
254 : : * function emulate_rd12rn16rm0rs8_rwflags (a pointer to which is retrieved from
255 : : * the indicated slot in the action array), in order to simulate the instruction.
256 : : */
257 : :
258 : : enum decode_type {
259 : : DECODE_TYPE_END,
260 : : DECODE_TYPE_TABLE,
261 : : DECODE_TYPE_CUSTOM,
262 : : DECODE_TYPE_SIMULATE,
263 : : DECODE_TYPE_EMULATE,
264 : : DECODE_TYPE_OR,
265 : : DECODE_TYPE_REJECT,
266 : : NUM_DECODE_TYPES /* Must be last enum */
267 : : };
268 : :
269 : : #define DECODE_TYPE_BITS 4
270 : : #define DECODE_TYPE_MASK ((1 << DECODE_TYPE_BITS) - 1)
271 : :
272 : : enum decode_reg_type {
273 : : REG_TYPE_NONE = 0, /* Not a register, ignore */
274 : : REG_TYPE_ANY, /* Any register allowed */
275 : : REG_TYPE_SAMEAS16, /* Register should be same as that at bits 19..16 */
276 : : REG_TYPE_SP, /* Register must be SP */
277 : : REG_TYPE_PC, /* Register must be PC */
278 : : REG_TYPE_NOSP, /* Register must not be SP */
279 : : REG_TYPE_NOSPPC, /* Register must not be SP or PC */
280 : : REG_TYPE_NOPC, /* Register must not be PC */
281 : : REG_TYPE_NOPCWB, /* No PC if load/store write-back flag also set */
282 : :
283 : : /* The following types are used when the encoding for PC indicates
284 : : * another instruction form. This distiction only matters for test
285 : : * case coverage checks.
286 : : */
287 : : REG_TYPE_NOPCX, /* Register must not be PC */
288 : : REG_TYPE_NOSPPCX, /* Register must not be SP or PC */
289 : :
290 : : /* Alias to allow '0' arg to be used in REGS macro. */
291 : : REG_TYPE_0 = REG_TYPE_NONE
292 : : };
293 : :
294 : : #define REGS(r16, r12, r8, r4, r0) \
295 : : (((REG_TYPE_##r16) << 16) + \
296 : : ((REG_TYPE_##r12) << 12) + \
297 : : ((REG_TYPE_##r8) << 8) + \
298 : : ((REG_TYPE_##r4) << 4) + \
299 : : (REG_TYPE_##r0))
300 : :
301 : : union decode_item {
302 : : u32 bits;
303 : : const union decode_item *table;
304 : : int action;
305 : : };
306 : :
307 : : struct decode_header;
308 : : typedef enum probes_insn (probes_custom_decode_t)(probes_opcode_t,
309 : : struct arch_probes_insn *,
310 : : const struct decode_header *);
311 : :
312 : : union decode_action {
313 : : probes_insn_handler_t *handler;
314 : : probes_custom_decode_t *decoder;
315 : : };
316 : :
317 : : #define DECODE_END \
318 : : {.bits = DECODE_TYPE_END}
319 : :
320 : :
321 : : struct decode_header {
322 : : union decode_item type_regs;
323 : : union decode_item mask;
324 : : union decode_item value;
325 : : };
326 : :
327 : : #define DECODE_HEADER(_type, _mask, _value, _regs) \
328 : : {.bits = (_type) | ((_regs) << DECODE_TYPE_BITS)}, \
329 : : {.bits = (_mask)}, \
330 : : {.bits = (_value)}
331 : :
332 : :
333 : : struct decode_table {
334 : : struct decode_header header;
335 : : union decode_item table;
336 : : };
337 : :
338 : : #define DECODE_TABLE(_mask, _value, _table) \
339 : : DECODE_HEADER(DECODE_TYPE_TABLE, _mask, _value, 0), \
340 : : {.table = (_table)}
341 : :
342 : :
343 : : struct decode_custom {
344 : : struct decode_header header;
345 : : union decode_item decoder;
346 : : };
347 : :
348 : : #define DECODE_CUSTOM(_mask, _value, _decoder) \
349 : : DECODE_HEADER(DECODE_TYPE_CUSTOM, _mask, _value, 0), \
350 : : {.action = (_decoder)}
351 : :
352 : :
353 : : struct decode_simulate {
354 : : struct decode_header header;
355 : : union decode_item handler;
356 : : };
357 : :
358 : : #define DECODE_SIMULATEX(_mask, _value, _handler, _regs) \
359 : : DECODE_HEADER(DECODE_TYPE_SIMULATE, _mask, _value, _regs), \
360 : : {.action = (_handler)}
361 : :
362 : : #define DECODE_SIMULATE(_mask, _value, _handler) \
363 : : DECODE_SIMULATEX(_mask, _value, _handler, 0)
364 : :
365 : :
366 : : struct decode_emulate {
367 : : struct decode_header header;
368 : : union decode_item handler;
369 : : };
370 : :
371 : : #define DECODE_EMULATEX(_mask, _value, _handler, _regs) \
372 : : DECODE_HEADER(DECODE_TYPE_EMULATE, _mask, _value, _regs), \
373 : : {.action = (_handler)}
374 : :
375 : : #define DECODE_EMULATE(_mask, _value, _handler) \
376 : : DECODE_EMULATEX(_mask, _value, _handler, 0)
377 : :
378 : :
379 : : struct decode_or {
380 : : struct decode_header header;
381 : : };
382 : :
383 : : #define DECODE_OR(_mask, _value) \
384 : : DECODE_HEADER(DECODE_TYPE_OR, _mask, _value, 0)
385 : :
386 : : enum probes_insn {
387 : : INSN_REJECTED,
388 : : INSN_GOOD,
389 : : INSN_GOOD_NO_SLOT
390 : : };
391 : :
392 : : struct decode_reject {
393 : : struct decode_header header;
394 : : };
395 : :
396 : : #define DECODE_REJECT(_mask, _value) \
397 : : DECODE_HEADER(DECODE_TYPE_REJECT, _mask, _value, 0)
398 : :
399 : : probes_insn_handler_t probes_simulate_nop;
400 : : probes_insn_handler_t probes_emulate_none;
401 : :
402 : : int __kprobes
403 : : probes_decode_insn(probes_opcode_t insn, struct arch_probes_insn *asi,
404 : : const union decode_item *table, bool thumb, bool emulate,
405 : : const union decode_action *actions);
406 : :
407 : : #endif
|
