LXR linux/arch/x86/kernel/ptrace.c

   1/* By Ross Biro 1/23/92 */
   2/*
   3 * Pentium III FXSR, SSE support
   4 *      Gareth Hughes <gareth@valinux.com>, May 2000
   5 *
   6 * BTS tracing
   7 *      Markus Metzger <markus.t.metzger@intel.com>, Dec 2007
   8 */
   9
  10#include <linux/kernel.h>
  11#include <linux/sched.h>
  12#include <linux/mm.h>
  13#include <linux/smp.h>
  14#include <linux/errno.h>
  15#include <linux/slab.h>
  16#include <linux/ptrace.h>
  17#include <linux/regset.h>
  18#include <linux/tracehook.h>
  19#include <linux/user.h>
  20#include <linux/elf.h>
  21#include <linux/security.h>
  22#include <linux/audit.h>
  23#include <linux/seccomp.h>
  24#include <linux/signal.h>
  25#include <linux/workqueue.h>
  26#include <linux/perf_event.h>
  27#include <linux/hw_breakpoint.h>
  28
  29#include <asm/uaccess.h>
  30#include <asm/pgtable.h>
  31#include <asm/system.h>
  32#include <asm/processor.h>
  33#include <asm/i387.h>
  34#include <asm/debugreg.h>
  35#include <asm/ldt.h>
  36#include <asm/desc.h>
  37#include <asm/prctl.h>
  38#include <asm/proto.h>
  39#include <asm/ds.h>
  40#include <asm/hw_breakpoint.h>
  41
  42#include "tls.h"
  43
  44#define CREATE_TRACE_POINTS
  45#include <trace/events/syscalls.h>
  46
  47enum x86_regset {
  48        REGSET_GENERAL,
  49        REGSET_FP,
  50        REGSET_XFP,
  51        REGSET_IOPERM64 = REGSET_XFP,
  52        REGSET_XSTATE,
  53        REGSET_TLS,
  54        REGSET_IOPERM32,
  55};
  56
  57struct pt_regs_offset {
  58        const char *name;
  59        int offset;
  60};
  61
  62#define REG_OFFSET_NAME(r) {.name = #r, .offset = offsetof(struct pt_regs, r)}
  63#define REG_OFFSET_END {.name = NULL, .offset = 0}
  64
  65static const struct pt_regs_offset regoffset_table[] = {
  66#ifdef CONFIG_X86_64
  67        REG_OFFSET_NAME(r15),
  68        REG_OFFSET_NAME(r14),
  69        REG_OFFSET_NAME(r13),
  70        REG_OFFSET_NAME(r12),
  71        REG_OFFSET_NAME(r11),
  72        REG_OFFSET_NAME(r10),
  73        REG_OFFSET_NAME(r9),
  74        REG_OFFSET_NAME(r8),
  75#endif
  76        REG_OFFSET_NAME(bx),
  77        REG_OFFSET_NAME(cx),
  78        REG_OFFSET_NAME(dx),
  79        REG_OFFSET_NAME(si),
  80        REG_OFFSET_NAME(di),
  81        REG_OFFSET_NAME(bp),
  82        REG_OFFSET_NAME(ax),
  83#ifdef CONFIG_X86_32
  84        REG_OFFSET_NAME(ds),
  85        REG_OFFSET_NAME(es),
  86        REG_OFFSET_NAME(fs),
  87        REG_OFFSET_NAME(gs),
  88#endif
  89        REG_OFFSET_NAME(orig_ax),
  90        REG_OFFSET_NAME(ip),
  91        REG_OFFSET_NAME(cs),
  92        REG_OFFSET_NAME(flags),
  93        REG_OFFSET_NAME(sp),
  94        REG_OFFSET_NAME(ss),
  95        REG_OFFSET_END,
  96};
  97
  98/**
  99 * regs_query_register_offset() - query register offset from its name
 100 * @name:       the name of a register
 101 *
 102 * regs_query_register_offset() returns the offset of a register in struct
 103 * pt_regs from its name. If the name is invalid, this returns -EINVAL;
 104 */
 105int regs_query_register_offset(const char *name)
 106{
 107        const struct pt_regs_offset *roff;
 108        for (roff = regoffset_table; roff->name != NULL; roff++)
 109                if (!strcmp(roff->name, name))
 110                        return roff->offset;
 111        return -EINVAL;
 112}
 113
 114/**
 115 * regs_query_register_name() - query register name from its offset
 116 * @offset:     the offset of a register in struct pt_regs.
 117 *
 118 * regs_query_register_name() returns the name of a register from its
 119 * offset in struct pt_regs. If the @offset is invalid, this returns NULL;
 120 */
 121const char *regs_query_register_name(unsigned int offset)
 122{
 123        const struct pt_regs_offset *roff;
 124        for (roff = regoffset_table; roff->name != NULL; roff++)
 125                if (roff->offset == offset)
 126                        return roff->name;
 127        return NULL;
 128}
 129
 130static const int arg_offs_table[] = {
 131#ifdef CONFIG_X86_32
 132        [0] = offsetof(struct pt_regs, ax),
 133        [1] = offsetof(struct pt_regs, dx),
 134        [2] = offsetof(struct pt_regs, cx)
 135#else /* CONFIG_X86_64 */
 136        [0] = offsetof(struct pt_regs, di),
 137        [1] = offsetof(struct pt_regs, si),
 138        [2] = offsetof(struct pt_regs, dx),
 139        [3] = offsetof(struct pt_regs, cx),
 140        [4] = offsetof(struct pt_regs, r8),
 141        [5] = offsetof(struct pt_regs, r9)
 142#endif
 143};
 144
 145/*
 146 * does not yet catch signals sent when the child dies.
 147 * in exit.c or in signal.c.
 148 */
 149
 150/*
 151 * Determines which flags the user has access to [1 = access, 0 = no access].
 152 */
 153#define FLAG_MASK_32            ((unsigned long)                        \
 154                                 (X86_EFLAGS_CF | X86_EFLAGS_PF |       \
 155                                  X86_EFLAGS_AF | X86_EFLAGS_ZF |       \
 156                                  X86_EFLAGS_SF | X86_EFLAGS_TF |       \
 157                                  X86_EFLAGS_DF | X86_EFLAGS_OF |       \
 158                                  X86_EFLAGS_RF | X86_EFLAGS_AC))
 159
 160/*
 161 * Determines whether a value may be installed in a segment register.
 162 */
 163static inline bool invalid_selector(u16 value)
 164{
 165        return unlikely(value != 0 && (value & SEGMENT_RPL_MASK) != USER_RPL);
 166}
 167
 168#ifdef CONFIG_X86_32
 169
 170#define FLAG_MASK               FLAG_MASK_32
 171
 172static unsigned long *pt_regs_access(struct pt_regs *regs, unsigned long regno)
 173{
 174        BUILD_BUG_ON(offsetof(struct pt_regs, bx) != 0);
 175        return &regs->bx + (regno >> 2);
 176}
 177
 178static u16 get_segment_reg(struct task_struct *task, unsigned long offset)
 179{
 180        /*
 181         * Returning the value truncates it to 16 bits.
 182         */
 183        unsigned int retval;
 184        if (offset != offsetof(struct user_regs_struct, gs))
 185                retval = *pt_regs_access(task_pt_regs(task), offset);
 186        else {
 187                if (task == current)
 188                        retval = get_user_gs(task_pt_regs(task));
 189                else
 190                        retval = task_user_gs(task);
 191        }
 192        return retval;
 193}
 194
 195static int set_segment_reg(struct task_struct *task,
 196                           unsigned long offset, u16 value)
 197{
 198        /*
 199         * The value argument was already truncated to 16 bits.
 200         */
 201        if (invalid_selector(value))
 202                return -EIO;
 203
 204        /*
 205         * For %cs and %ss we cannot permit a null selector.
 206         * We can permit a bogus selector as long as it has USER_RPL.
 207         * Null selectors are fine for other segment registers, but
 208         * we will never get back to user mode with invalid %cs or %ss
 209         * and will take the trap in iret instead.  Much code relies
 210         * on user_mode() to distinguish a user trap frame (which can
 211         * safely use invalid selectors) from a kernel trap frame.
 212         */
 213        switch (offset) {
 214        case offsetof(struct user_regs_struct, cs):
 215        case offsetof(struct user_regs_struct, ss):
 216                if (unlikely(value == 0))
 217                        return -EIO;
 218
 219        default:
 220                *pt_regs_access(task_pt_regs(task), offset) = value;
 221                break;
 222
 223        case offsetof(struct user_regs_struct, gs):
 224                if (task == current)
 225                        set_user_gs(task_pt_regs(task), value);
 226                else
 227                        task_user_gs(task) = value;
 228        }
 229
 230        return 0;
 231}
 232
 233#else  /* CONFIG_X86_64 */
 234
 235#define FLAG_MASK               (FLAG_MASK_32 | X86_EFLAGS_NT)
 236
 237static unsigned long *pt_regs_access(struct pt_regs *regs, unsigned long offset)
 238{
 239        BUILD_BUG_ON(offsetof(struct pt_regs, r15) != 0);
 240        return &regs->r15 + (offset / sizeof(regs->r15));
 241}
 242
 243static u16 get_segment_reg(struct task_struct *task, unsigned long offset)
 244{
 245        /*
 246         * Returning the value truncates it to 16 bits.
 247         */
 248        unsigned int seg;
 249
 250        switch (offset) {
 251        case offsetof(struct user_regs_struct, fs):
 252                if (task == current) {
 253                        /* Older gas can't assemble movq %?s,%r?? */
 254                        asm("movl %%fs,%0" : "=r" (seg));
 255                        return seg;
 256                }
 257                return task->thread.fsindex;
 258        case offsetof(struct user_regs_struct, gs):
 259                if (task == current) {
 260                        asm("movl %%gs,%0" : "=r" (seg));
 261                        return seg;
 262                }
 263                return task->thread.gsindex;
 264        case offsetof(struct user_regs_struct, ds):
 265                if (task == current) {
 266                        asm("movl %%ds,%0" : "=r" (seg));
 267                        return seg;
 268                }
 269                return task->thread.ds;
 270        case offsetof(struct user_regs_struct, es):
 271                if (task == current) {
 272                        asm("movl %%es,%0" : "=r" (seg));
 273                        return seg;
 274                }
 275                return task->thread.es;
 276
 277        case offsetof(struct user_regs_struct, cs):
 278        case offsetof(struct user_regs_struct, ss):
 279                break;
 280        }
 281        return *pt_regs_access(task_pt_regs(task), offset);
 282}
 283
 284static int set_segment_reg(struct task_struct *task,
 285                           unsigned long offset, u16 value)
 286{
 287        /*
 288         * The value argument was already truncated to 16 bits.
 289         */
 290        if (invalid_selector(value))
 291                return -EIO;
 292
 293        switch (offset) {
 294        case offsetof(struct user_regs_struct,fs):
 295                /*
 296                 * If this is setting fs as for normal 64-bit use but
 297                 * setting fs_base has implicitly changed it, leave it.
 298                 */
 299                if ((value == FS_TLS_SEL && task->thread.fsindex == 0 &&
 300                     task->thread.fs != 0) ||
 301                    (value == 0 && task->thread.fsindex == FS_TLS_SEL &&
 302                     task->thread.fs == 0))
 303                        break;
 304                task->thread.fsindex = value;
 305                if (task == current)
 306                        loadsegment(fs, task->thread.fsindex);
 307                break;
 308        case offsetof(struct user_regs_struct,gs):
 309                /*
 310                 * If this is setting gs as for normal 64-bit use but
 311                 * setting gs_base has implicitly changed it, leave it.
 312                 */
 313                if ((value == GS_TLS_SEL && task->thread.gsindex == 0 &&
 314                     task->thread.gs != 0) ||
 315                    (value == 0 && task->thread.gsindex == GS_TLS_SEL &&
 316                     task->thread.gs == 0))
 317                        break;
 318                task->thread.gsindex = value;
 319                if (task == current)
 320                        load_gs_index(task->thread.gsindex);
 321                break;
 322        case offsetof(struct user_regs_struct,ds):
 323                task->thread.ds = value;
 324                if (task == current)
 325                        loadsegment(ds, task->thread.ds);
 326                break;
 327        case offsetof(struct user_regs_struct,es):
 328                task->thread.es = value;
 329                if (task == current)
 330                        loadsegment(es, task->thread.es);
 331                break;
 332
 333                /*
 334                 * Can't actually change these in 64-bit mode.
 335                 */
 336        case offsetof(struct user_regs_struct,cs):
 337                if (unlikely(value == 0))
 338                        return -EIO;
 339#ifdef CONFIG_IA32_EMULATION
 340                if (test_tsk_thread_flag(task, TIF_IA32))
 341                        task_pt_regs(task)->cs = value;
 342#endif
 343                break;
 344        case offsetof(struct user_regs_struct,ss):
 345                if (unlikely(value == 0))
 346                        return -EIO;
 347#ifdef CONFIG_IA32_EMULATION
 348                if (test_tsk_thread_flag(task, TIF_IA32))
 349                        task_pt_regs(task)->ss = value;
 350#endif
 351                break;
 352        }
 353
 354        return 0;
 355}
 356
 357#endif  /* CONFIG_X86_32 */
 358
 359static unsigned long get_flags(struct task_struct *task)
 360{
 361        unsigned long retval = task_pt_regs(task)->flags;
 362
 363        /*
 364         * If the debugger set TF, hide it from the readout.
 365         */
 366        if (test_tsk_thread_flag(task, TIF_FORCED_TF))
 367                retval &= ~X86_EFLAGS_TF;
 368
 369        return retval;
 370}
 371
 372static int set_flags(struct task_struct *task, unsigned long value)
 373{
 374        struct pt_regs *regs = task_pt_regs(task);
 375
 376        /*
 377         * If the user value contains TF, mark that
 378         * it was not "us" (the debugger) that set it.
 379         * If not, make sure it stays set if we had.
 380         */
 381        if (value & X86_EFLAGS_TF)
 382                clear_tsk_thread_flag(task, TIF_FORCED_TF);
 383        else if (test_tsk_thread_flag(task, TIF_FORCED_TF))
 384                value |= X86_EFLAGS_TF;
 385
 386        regs->flags = (regs->flags & ~FLAG_MASK) | (value & FLAG_MASK);
 387
 388        return 0;
 389}
 390
 391static int putreg(struct task_struct *child,
 392                  unsigned long offset, unsigned long value)
 393{
 394        switch (offset) {
 395        case offsetof(struct user_regs_struct, cs):
 396        case offsetof(struct user_regs_struct, ds):
 397        case offsetof(struct user_regs_struct, es):
 398        case offsetof(struct user_regs_struct, fs):
 399        case offsetof(struct user_regs_struct, gs):
 400        case offsetof(struct user_regs_struct, ss):
 401                return set_segment_reg(child, offset, value);
 402
 403        case offsetof(struct user_regs_struct, flags):
 404                return set_flags(child, value);
 405
 406#ifdef CONFIG_X86_64
 407        case offsetof(struct user_regs_struct,fs_base):
 408                if (value >= TASK_SIZE_OF(child))
 409                        return -EIO;
 410                /*
 411                 * When changing the segment base, use do_arch_prctl
 412                 * to set either thread.fs or thread.fsindex and the
 413                 * corresponding GDT slot.
 414                 */
 415                if (child->thread.fs != value)
 416                        return do_arch_prctl(child, ARCH_SET_FS, value);
 417                return 0;
 418        case offsetof(struct user_regs_struct,gs_base):
 419                /*
 420                 * Exactly the same here as the %fs handling above.
 421                 */
 422                if (value >= TASK_SIZE_OF(child))
 423                        return -EIO;
 424                if (child->thread.gs != value)
 425                        return do_arch_prctl(child, ARCH_SET_GS, value);
 426                return 0;
 427#endif
 428        }
 429
 430        *pt_regs_access(task_pt_regs(child), offset) = value;
 431        return 0;
 432}
 433
 434static unsigned long getreg(struct task_struct *task, unsigned long offset)
 435{
 436        switch (offset) {
 437        case offsetof(struct user_regs_struct, cs):
 438        case offsetof(struct user_regs_struct, ds):
 439        case offsetof(struct user_regs_struct, es):
 440        case offsetof(struct user_regs_struct, fs):
 441        case offsetof(struct user_regs_struct, gs):
 442        case offsetof(struct user_regs_struct, ss):
 443                return get_segment_reg(task, offset);
 444
 445        case offsetof(struct user_regs_struct, flags):
 446                return get_flags(task);
 447
 448#ifdef CONFIG_X86_64
 449        case offsetof(struct user_regs_struct, fs_base): {
 450                /*
 451                 * do_arch_prctl may have used a GDT slot instead of
 452                 * the MSR.  To userland, it appears the same either
 453                 * way, except the %fs segment selector might not be 0.
 454                 */
 455                unsigned int seg = task->thread.fsindex;
 456                if (task->thread.fs != 0)
 457                        return task->thread.fs;
 458                if (task == current)
 459                        asm("movl %%fs,%0" : "=r" (seg));
 460                if (seg != FS_TLS_SEL)
 461                        return 0;
 462                return get_desc_base(&task->thread.tls_array[FS_TLS]);
 463        }
 464        case offsetof(struct user_regs_struct, gs_base): {
 465                /*
 466                 * Exactly the same here as the %fs handling above.
 467                 */
 468                unsigned int seg = task->thread.gsindex;
 469                if (task->thread.gs != 0)
 470                        return task->thread.gs;
 471                if (task == current)
 472                        asm("movl %%gs,%0" : "=r" (seg));
 473                if (seg != GS_TLS_SEL)
 474                        return 0;
 475                return get_desc_base(&task->thread.tls_array[GS_TLS]);
 476        }
 477#endif
 478        }
 479
 480        return *pt_regs_access(task_pt_regs(task), offset);
 481}
 482
 483static int genregs_get(struct task_struct *target,
 484                       const struct user_regset *regset,
 485                       unsigned int pos, unsigned int count,
 486                       void *kbuf, void __user *ubuf)
 487{
 488        if (kbuf) {
 489                unsigned long *k = kbuf;
 490                while (count >= sizeof(*k)) {
 491                        *k++ = getreg(target, pos);
 492                        count -= sizeof(*k);
 493                        pos += sizeof(*k);
 494                }
 495        } else {
 496                unsigned long __user *u = ubuf;
 497                while (count >= sizeof(*u)) {
 498                        if (__put_user(getreg(target, pos), u++))
 499                                return -EFAULT;
 500                        count -= sizeof(*u);
 501                        pos += sizeof(*u);
 502                }
 503        }
 504
 505        return 0;
 506}
 507
 508static int genregs_set(struct task_struct *target,
 509                       const struct user_regset *regset,
 510                       unsigned int pos, unsigned int count,
 511                       const void *kbuf, const void __user *ubuf)
 512{
 513        int ret = 0;
 514        if (kbuf) {
 515                const unsigned long *k = kbuf;
 516                while (count >= sizeof(*k) && !ret) {
 517                        ret = putreg(target, pos, *k++);
 518                        count -= sizeof(*k);
 519                        pos += sizeof(*k);
 520                }
 521        } else {
 522                const unsigned long  __user *u = ubuf;
 523                while (count >= sizeof(*u) && !ret) {
 524                        unsigned long word;
 525                        ret = __get_user(word, u++);
 526                        if (ret)
 527                                break;
 528                        ret = putreg(target, pos, word);
 529                        count -= sizeof(*u);
 530                        pos += sizeof(*u);
 531                }
 532        }
 533        return ret;
 534}
 535
 536static void ptrace_triggered(struct perf_event *bp, int nmi,
 537                             struct perf_sample_data *data,
 538                             struct pt_regs *regs)
 539{
 540        int i;
 541        struct thread_struct *thread = &(current->thread);
 542
 543        /*
 544         * Store in the virtual DR6 register the fact that the breakpoint
 545         * was hit so the thread's debugger will see it.
 546         */
 547        for (i = 0; i < HBP_NUM; i++) {
 548                if (thread->ptrace_bps[i] == bp)
 549                        break;
 550        }
 551
 552        thread->debugreg6 |= (DR_TRAP0 << i);
 553}
 554
 555/*
 556 * Walk through every ptrace breakpoints for this thread and
 557 * build the dr7 value on top of their attributes.
 558 *
 559 */
 560static unsigned long ptrace_get_dr7(struct perf_event *bp[])
 561{
 562        int i;
 563        int dr7 = 0;
 564        struct arch_hw_breakpoint *info;
 565
 566        for (i = 0; i < HBP_NUM; i++) {
 567                if (bp[i] && !bp[i]->attr.disabled) {
 568                        info = counter_arch_bp(bp[i]);
 569                        dr7 |= encode_dr7(i, info->len, info->type);
 570                }
 571        }
 572
 573        return dr7;
 574}
 575
 576static int
 577ptrace_modify_breakpoint(struct perf_event *bp, int len, int type,
 578                         struct task_struct *tsk, int disabled)
 579{
 580        int err;
 581        int gen_len, gen_type;
 582        struct perf_event_attr attr;
 583
 584        /*
 585         * We should have at least an inactive breakpoint at this
 586         * slot. It means the user is writing dr7 without having
 587         * written the address register first
 588         */
 589        if (!bp)
 590                return -EINVAL;
 591
 592        err = arch_bp_generic_fields(len, type, &gen_len, &gen_type);
 593        if (err)
 594                return err;
 595
 596        attr = bp->attr;
 597        attr.bp_len = gen_len;
 598        attr.bp_type = gen_type;
 599        attr.disabled = disabled;
 600
 601        return modify_user_hw_breakpoint(bp, &attr);
 602}
 603
 604/*
 605 * Handle ptrace writes to debug register 7.
 606 */
 607static int ptrace_write_dr7(struct task_struct *tsk, unsigned long data)
 608{
 609        struct thread_struct *thread = &(tsk->thread);
 610        unsigned long old_dr7;
 611        int i, orig_ret = 0, rc = 0;
 612        int enabled, second_pass = 0;
 613        unsigned len, type;
 614        struct perf_event *bp;
 615
 616        data &= ~DR_CONTROL_RESERVED;
 617        old_dr7 = ptrace_get_dr7(thread->ptrace_bps);
 618restore:
 619        /*
 620         * Loop through all the hardware breakpoints, making the
 621         * appropriate changes to each.
 622         */
 623        for (i = 0; i < HBP_NUM; i++) {
 624                enabled = decode_dr7(data, i, &len, &type);
 625                bp = thread->ptrace_bps[i];
 626
 627                if (!enabled) {
 628                        if (bp) {
 629                                /*
 630                                 * Don't unregister the breakpoints right-away,
 631                                 * unless all register_user_hw_breakpoint()
 632                                 * requests have succeeded. This prevents
 633                                 * any window of opportunity for debug
 634                                 * register grabbing by other users.
 635                                 */
 636                                if (!second_pass)
 637                                        continue;
 638
 639                                rc = ptrace_modify_breakpoint(bp, len, type,
 640                                                              tsk, 1);
 641                                if (rc)
 642                                        break;
 643                        }
 644                        continue;
 645                }
 646
 647                rc = ptrace_modify_breakpoint(bp, len, type, tsk, 0);
 648                if (rc)
 649                        break;
 650        }
 651        /*
 652         * Make a second pass to free the remaining unused breakpoints
 653         * or to restore the original breakpoints if an error occurred.
 654         */
 655        if (!second_pass) {
 656                second_pass = 1;
 657                if (rc < 0) {
 658                        orig_ret = rc;
 659                        data = old_dr7;
 660                }
 661                goto restore;
 662        }
 663        return ((orig_ret < 0) ? orig_ret : rc);
 664}
 665
 666/*
 667 * Handle PTRACE_PEEKUSR calls for the debug register area.
 668 */
 669static unsigned long ptrace_get_debugreg(struct task_struct *tsk, int n)
 670{
 671        struct thread_struct *thread = &(tsk->thread);
 672        unsigned long val = 0;
 673
 674        if (n < HBP_NUM) {
 675                struct perf_event *bp;
 676                bp = thread->ptrace_bps[n];
 677                if (!bp)
 678                        return 0;
 679                val = bp->hw.info.address;
 680        } else if (n == 6) {
 681                val = thread->debugreg6;
 682         } else if (n == 7) {
 683                val = thread->ptrace_dr7;
 684        }
 685        return val;
 686}
 687
 688static int ptrace_set_breakpoint_addr(struct task_struct *tsk, int nr,
 689                                      unsigned long addr)
 690{
 691        struct perf_event *bp;
 692        struct thread_struct *t = &tsk->thread;
 693        struct perf_event_attr attr;
 694
 695        if (!t->ptrace_bps[nr]) {
 696                hw_breakpoint_init(&attr);
 697                /*
 698                 * Put stub len and type to register (reserve) an inactive but
 699                 * correct bp
 700                 */
 701                attr.bp_addr = addr;
 702                attr.bp_len = HW_BREAKPOINT_LEN_1;
 703                attr.bp_type = HW_BREAKPOINT_W;
 704                attr.disabled = 1;
 705
 706                bp = register_user_hw_breakpoint(&attr, ptrace_triggered, tsk);
 707
 708                /*
 709                 * CHECKME: the previous code returned -EIO if the addr wasn't
 710                 * a valid task virtual addr. The new one will return -EINVAL in
 711                 *  this case.
 712                 * -EINVAL may be what we want for in-kernel breakpoints users,
 713                 * but -EIO looks better for ptrace, since we refuse a register
 714                 * writing for the user. And anyway this is the previous
 715                 * behaviour.
 716                 */
 717                if (IS_ERR(bp))
 718                        return PTR_ERR(bp);
 719
 720                t->ptrace_bps[nr] = bp;
 721        } else {
 722                int err;
 723
 724                bp = t->ptrace_bps[nr];
 725
 726                attr = bp->attr;
 727                attr.bp_addr = addr;
 728                err = modify_user_hw_breakpoint(bp, &attr);
 729                if (err)
 730                        return err;
 731        }
 732
 733
 734        return 0;
 735}
 736
 737/*
 738 * Handle PTRACE_POKEUSR calls for the debug register area.
 739 */
 740int ptrace_set_debugreg(struct task_struct *tsk, int n, unsigned long val)
 741{
 742        struct thread_struct *thread = &(tsk->thread);
 743        int rc = 0;
 744
 745        /* There are no DR4 or DR5 registers */
 746        if (n == 4 || n == 5)
 747                return -EIO;
 748
 749        if (n == 6) {
 750                thread->debugreg6 = val;
 751                goto ret_path;
 752        }
 753        if (n < HBP_NUM) {
 754                rc = ptrace_set_breakpoint_addr(tsk, n, val);
 755                if (rc)
 756                        return rc;
 757        }
 758        /* All that's left is DR7 */
 759        if (n == 7) {
 760                rc = ptrace_write_dr7(tsk, val);
 761                if (!rc)
 762                        thread->ptrace_dr7 = val;
 763        }
 764
 765ret_path:
 766        return rc;
 767}
 768
 769/*
 770 * These access the current or another (stopped) task's io permission
 771 * bitmap for debugging or core dump.
 772 */
 773static int ioperm_active(struct task_struct *target,
 774                         const struct user_regset *regset)
 775{
 776        return target->thread.io_bitmap_max / regset->size;
 777}
 778
 779static int ioperm_get(struct task_struct *target,
 780                      const struct user_regset *regset,
 781                      unsigned int pos, unsigned int count,
 782                      void *kbuf, void __user *ubuf)
 783{
 784        if (!target->thread.io_bitmap_ptr)
 785                return -ENXIO;
 786
 787        return user_regset_copyout(&pos, &count, &kbuf, &ubuf,
 788                                   target->thread.io_bitmap_ptr,
 789                                   0, IO_BITMAP_BYTES);
 790}
 791
 792#ifdef CONFIG_X86_PTRACE_BTS
 793/*
 794 * A branch trace store context.
 795 *
 796 * Contexts may only be installed by ptrace_bts_config() and only for
 797 * ptraced tasks.
 798 *
 799 * Contexts are destroyed when the tracee is detached from the tracer.
 800 * The actual destruction work requires interrupts enabled, so the
 801 * work is deferred and will be scheduled during __ptrace_unlink().
 802 *
 803 * Contexts hold an additional task_struct reference on the traced
 804 * task, as well as a reference on the tracer's mm.
 805 *
 806 * Ptrace already holds a task_struct for the duration of ptrace operations,
 807 * but since destruction is deferred, it may be executed after both
 808 * tracer and tracee exited.
 809 */
 810struct bts_context {
 811        /* The branch trace handle. */
 812        struct bts_tracer       *tracer;
 813
 814        /* The buffer used to store the branch trace and its size. */
 815        void                    *buffer;
 816        unsigned int            size;
 817
 818        /* The mm that paid for the above buffer. */
 819        struct mm_struct        *mm;
 820
 821        /* The task this context belongs to. */
 822        struct task_struct      *task;
 823
 824        /* The signal to send on a bts buffer overflow. */
 825        unsigned int            bts_ovfl_signal;
 826
 827        /* The work struct to destroy a context. */
 828        struct work_struct      work;
 829};
 830
 831static int alloc_bts_buffer(struct bts_context *context, unsigned int size)
 832{
 833        void *buffer = NULL;
 834        int err = -ENOMEM;
 835
 836        err = account_locked_memory(current->mm, current->signal->rlim, size);
 837        if (err < 0)
 838                return err;
 839
 840        buffer = kzalloc(size, GFP_KERNEL);
 841        if (!buffer)
 842                goto out_refund;
 843
 844        context->buffer = buffer;
 845        context->size = size;
 846        context->mm = get_task_mm(current);
 847
 848        return 0;
 849
 850 out_refund:
 851        refund_locked_memory(current->mm, size);
 852        return err;
 853}
 854
 855static inline void free_bts_buffer(struct bts_context *context)
 856{
 857        if (!context->buffer)
 858                return;
 859
 860        kfree(context->buffer);
 861        context->buffer = NULL;
 862
 863        refund_locked_memory(context->mm, context->size);
 864        context->size = 0;
 865
 866        mmput(context->mm);
 867        context->mm = NULL;
 868}
 869
 870static void free_bts_context_work(struct work_struct *w)
 871{
 872        struct bts_context *context;
 873
 874        context = container_of(w, struct bts_context, work);
 875
 876        ds_release_bts(context->tracer);
 877        put_task_struct(context->task);
 878        free_bts_buffer(context);
 879        kfree(context);
 880}
 881
 882static inline void free_bts_context(struct bts_context *context)
 883{
 884        INIT_WORK(&context->work, free_bts_context_work);
 885        schedule_work(&context->work);
 886}
 887
 888static inline struct bts_context *alloc_bts_context(struct task_struct *task)
 889{
 890        struct bts_context *context = kzalloc(sizeof(*context), GFP_KERNEL);
 891        if (context) {
 892                context->task = task;
 893                task->bts = context;
 894
 895                get_task_struct(task);
 896        }
 897
 898        return context;
 899}
 900
 901static int ptrace_bts_read_record(struct task_struct *child, size_t index,
 902                                  struct bts_struct __user *out)
 903{
 904        struct bts_context *context;
 905        const struct bts_trace *trace;
 906        struct bts_struct bts;
 907        const unsigned char *at;
 908        int error;
 909
 910        context = child->bts;
 911        if (!context)
 912                return -ESRCH;
 913
 914        trace = ds_read_bts(context->tracer);
 915        if (!trace)
 916                return -ESRCH;
 917
 918        at = trace->ds.top - ((index + 1) * trace->ds.size);
 919        if ((void *)at < trace->ds.begin)
 920                at += (trace->ds.n * trace->ds.size);
 921
 922        if (!trace->read)
 923                return -EOPNOTSUPP;
 924
 925        error = trace->read(context->tracer, at, &bts);
 926        if (error < 0)
 927                return error;
 928
 929        if (copy_to_user(out, &bts, sizeof(bts)))
 930                return -EFAULT;
 931
 932        return sizeof(bts);
 933}
 934
 935static int ptrace_bts_drain(struct task_struct *child,
 936                            long size,
 937                            struct bts_struct __user *out)
 938{
 939        struct bts_context *context;
 940        const struct bts_trace *trace;
 941        const unsigned char *at;
 942        int error, drained = 0;
 943
 944        context = child->bts;
 945        if (!context)
 946                return -ESRCH;
 947
 948        trace = ds_read_bts(context->tracer);
 949        if (!trace)
 950                return -ESRCH;
 951
 952        if (!trace->read)
 953                return -EOPNOTSUPP;
 954
 955        if (size < (trace->ds.top - trace->ds.begin))
 956                return -EIO;
 957
 958        for (at = trace->ds.begin; (void *)at < trace->ds.top;
 959             out++, drained++, at += trace->ds.size) {
 960                struct bts_struct bts;
 961
 962                error = trace->read(context->tracer, at, &bts);
 963                if (error < 0)
 964                        return error;
 965
 966                if (copy_to_user(out, &bts, sizeof(bts)))
 967                        return -EFAULT;
 968        }
 969
 970        memset(trace->ds.begin, 0, trace->ds.n * trace->ds.size);
 971
 972        error = ds_reset_bts(context->tracer);
 973        if (error < 0)
 974                return error;
 975
 976        return drained;
 977}
 978
 979static int ptrace_bts_config(struct task_struct *child,
 980                             long cfg_size,
 981                             const struct ptrace_bts_config __user *ucfg)
 982{
 983        struct bts_context *context;
 984        struct ptrace_bts_config cfg;
 985        unsigned int flags = 0;
 986
 987        if (cfg_size < sizeof(cfg))
 988                return -EIO;
 989
 990        if (copy_from_user(&cfg, ucfg, sizeof(cfg)))
 991                return -EFAULT;
 992
 993        context = child->bts;
 994        if (!context)
 995                context = alloc_bts_context(child);
 996        if (!context)
 997                return -ENOMEM;
 998
 999        if (cfg.flags & PTRACE_BTS_O_SIGNAL) {
1000                if (!cfg.signal)

1001                        return -EINVAL;
1002
1003                return -EOPNOTSUPP;
1004                context->bts_ovfl_signal = cfg.signal;
1005        }
1006
1007        ds_release_bts(context->tracer);
1008        context->tracer = NULL;
1009
1010        if ((cfg.flags & PTRACE_BTS_O_ALLOC) && (cfg.size != context->size)) {
1011                int err;
1012
1013                free_bts_buffer(context);
1014                if (!cfg.size)
1015                        return 0;
1016
1017                err = alloc_bts_buffer(context, cfg.size);
1018                if (err < 0)
1019                        return err;
1020        }
1021
1022        if (cfg.flags & PTRACE_BTS_O_TRACE)
1023                flags |= BTS_USER;
1024
1025        if (cfg.flags & PTRACE_BTS_O_SCHED)
1026                flags |= BTS_TIMESTAMPS;
1027
1028        context->tracer =
1029                ds_request_bts_task(child, context->buffer, context->size,
1030                                    NULL, (size_t)-1, flags);
1031        if (unlikely(IS_ERR(context->tracer))) {
1032                int error = PTR_ERR(context->tracer);
1033
1034                free_bts_buffer(context);
1035                context->tracer = NULL;
1036                return error;
1037        }
1038
1039        return sizeof(cfg);
1040}
1041
1042static int ptrace_bts_status(struct task_struct *child,
1043                             long cfg_size,
1044                             struct ptrace_bts_config __user *ucfg)
1045{
1046        struct bts_context *context;
1047        const struct bts_trace *trace;
1048        struct ptrace_bts_config cfg;
1049
1050        context = child->bts;
1051        if (!context)
1052                return -ESRCH;
1053
1054        if (cfg_size < sizeof(cfg))
1055                return -EIO;
1056
1057        trace = ds_read_bts(context->tracer);
1058        if (!trace)
1059                return -ESRCH;
1060
1061        memset(&cfg, 0, sizeof(cfg));
1062        cfg.size        = trace->ds.end - trace->ds.begin;
1063        cfg.signal      = context->bts_ovfl_signal;
1064        cfg.bts_size    = sizeof(struct bts_struct);
1065
1066        if (cfg.signal)
1067                cfg.flags |= PTRACE_BTS_O_SIGNAL;
1068
1069        if (trace->ds.flags & BTS_USER)
1070                cfg.flags |= PTRACE_BTS_O_TRACE;
1071
1072        if (trace->ds.flags & BTS_TIMESTAMPS)
1073                cfg.flags |= PTRACE_BTS_O_SCHED;
1074
1075        if (copy_to_user(ucfg, &cfg, sizeof(cfg)))
1076                return -EFAULT;
1077
1078        return sizeof(cfg);
1079}
1080
1081static int ptrace_bts_clear(struct task_struct *child)
1082{
1083        struct bts_context *context;
1084        const struct bts_trace *trace;
1085
1086        context = child->bts;
1087        if (!context)
1088                return -ESRCH;
1089
1090        trace = ds_read_bts(context->tracer);
1091        if (!trace)
1092                return -ESRCH;
1093
1094        memset(trace->ds.begin, 0, trace->ds.n * trace->ds.size);
1095
1096        return ds_reset_bts(context->tracer);
1097}
1098
1099static int ptrace_bts_size(struct task_struct *child)
1100{
1101        struct bts_context *context;
1102        const struct bts_trace *trace;
1103
1104        context = child->bts;
1105        if (!context)
1106                return -ESRCH;
1107
1108        trace = ds_read_bts(context->tracer);
1109        if (!trace)
1110                return -ESRCH;
1111
1112        return (trace->ds.top - trace->ds.begin) / trace->ds.size;
1113}
1114
1115/*
1116 * Called from __ptrace_unlink() after the child has been moved back
1117 * to its original parent.
1118 */
1119void ptrace_bts_untrace(struct task_struct *child)
1120{
1121        if (unlikely(child->bts)) {
1122                free_bts_context(child->bts);
1123                child->bts = NULL;
1124        }
1125}
1126#endif /* CONFIG_X86_PTRACE_BTS */
1127
1128/*
1129 * Called by kernel/ptrace.c when detaching..
1130 *
1131 * Make sure the single step bit is not set.
1132 */
1133void ptrace_disable(struct task_struct *child)
1134{
1135        user_disable_single_step(child);
1136#ifdef TIF_SYSCALL_EMU
1137        clear_tsk_thread_flag(child, TIF_SYSCALL_EMU);
1138#endif
1139}
1140
1141#if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
1142static const struct user_regset_view user_x86_32_view; /* Initialized below. */
1143#endif
1144
1145long arch_ptrace(struct task_struct *child, long request, long addr, long data)
1146{
1147        int ret;
1148        unsigned long __user *datap = (unsigned long __user *)data;
1149
1150        switch (request) {
1151        /* read the word at location addr in the USER area. */
1152        case PTRACE_PEEKUSR: {
1153                unsigned long tmp;
1154
1155                ret = -EIO;
1156                if ((addr & (sizeof(data) - 1)) || addr < 0 ||
1157                    addr >= sizeof(struct user))
1158                        break;
1159
1160                tmp = 0;  /* Default return condition */
1161                if (addr < sizeof(struct user_regs_struct))
1162                        tmp = getreg(child, addr);
1163                else if (addr >= offsetof(struct user, u_debugreg[0]) &&
1164                         addr <= offsetof(struct user, u_debugreg[7])) {
1165                        addr -= offsetof(struct user, u_debugreg[0]);
1166                        tmp = ptrace_get_debugreg(child, addr / sizeof(data));
1167                }
1168                ret = put_user(tmp, datap);
1169                break;
1170        }
1171
1172        case PTRACE_POKEUSR: /* write the word at location addr in the USER area */
1173                ret = -EIO;
1174                if ((addr & (sizeof(data) - 1)) || addr < 0 ||
1175                    addr >= sizeof(struct user))
1176                        break;
1177
1178                if (addr < sizeof(struct user_regs_struct))
1179                        ret = putreg(child, addr, data);
1180                else if (addr >= offsetof(struct user, u_debugreg[0]) &&
1181                         addr <= offsetof(struct user, u_debugreg[7])) {
1182                        addr -= offsetof(struct user, u_debugreg[0]);
1183                        ret = ptrace_set_debugreg(child,
1184                                                  addr / sizeof(data), data);
1185                }
1186                break;
1187
1188        case PTRACE_GETREGS:    /* Get all gp regs from the child. */
1189                return copy_regset_to_user(child,
1190                                           task_user_regset_view(current),
1191                                           REGSET_GENERAL,
1192                                           0, sizeof(struct user_regs_struct),
1193                                           datap);
1194
1195        case PTRACE_SETREGS:    /* Set all gp regs in the child. */
1196                return copy_regset_from_user(child,
1197                                             task_user_regset_view(current),
1198                                             REGSET_GENERAL,
1199                                             0, sizeof(struct user_regs_struct),
1200                                             datap);
1201
1202        case PTRACE_GETFPREGS:  /* Get the child FPU state. */
1203                return copy_regset_to_user(child,
1204                                           task_user_regset_view(current),
1205                                           REGSET_FP,
1206                                           0, sizeof(struct user_i387_struct),
1207                                           datap);
1208
1209        case PTRACE_SETFPREGS:  /* Set the child FPU state. */
1210                return copy_regset_from_user(child,
1211                                             task_user_regset_view(current),
1212                                             REGSET_FP,
1213                                             0, sizeof(struct user_i387_struct),
1214                                             datap);
1215
1216#ifdef CONFIG_X86_32
1217        case PTRACE_GETFPXREGS: /* Get the child extended FPU state. */
1218                return copy_regset_to_user(child, &user_x86_32_view,
1219                                           REGSET_XFP,
1220                                           0, sizeof(struct user_fxsr_struct),
1221                                           datap) ? -EIO : 0;
1222
1223        case PTRACE_SETFPXREGS: /* Set the child extended FPU state. */
1224                return copy_regset_from_user(child, &user_x86_32_view,
1225                                             REGSET_XFP,
1226                                             0, sizeof(struct user_fxsr_struct),
1227                                             datap) ? -EIO : 0;
1228#endif
1229
1230#if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
1231        case PTRACE_GET_THREAD_AREA:
1232                if (addr < 0)
1233                        return -EIO;
1234                ret = do_get_thread_area(child, addr,
1235                                         (struct user_desc __user *) data);
1236                break;
1237
1238        case PTRACE_SET_THREAD_AREA:
1239                if (addr < 0)
1240                        return -EIO;
1241                ret = do_set_thread_area(child, addr,
1242                                         (struct user_desc __user *) data, 0);
1243                break;
1244#endif
1245
1246#ifdef CONFIG_X86_64
1247                /* normal 64bit interface to access TLS data.
1248                   Works just like arch_prctl, except that the arguments
1249                   are reversed. */
1250        case PTRACE_ARCH_PRCTL:
1251                ret = do_arch_prctl(child, data, addr);
1252                break;
1253#endif
1254
1255        /*
1256         * These bits need more cooking - not enabled yet:
1257         */
1258#ifdef CONFIG_X86_PTRACE_BTS
1259        case PTRACE_BTS_CONFIG:
1260                ret = ptrace_bts_config
1261                        (child, data, (struct ptrace_bts_config __user *)addr);
1262                break;
1263
1264        case PTRACE_BTS_STATUS:
1265                ret = ptrace_bts_status
1266                        (child, data, (struct ptrace_bts_config __user *)addr);
1267                break;
1268
1269        case PTRACE_BTS_SIZE:
1270                ret = ptrace_bts_size(child);
1271                break;
1272
1273        case PTRACE_BTS_GET:
1274                ret = ptrace_bts_read_record
1275                        (child, data, (struct bts_struct __user *) addr);
1276                break;
1277
1278        case PTRACE_BTS_CLEAR:
1279                ret = ptrace_bts_clear(child);
1280                break;
1281
1282        case PTRACE_BTS_DRAIN:
1283                ret = ptrace_bts_drain
1284                        (child, data, (struct bts_struct __user *) addr);
1285                break;
1286#endif /* CONFIG_X86_PTRACE_BTS */
1287
1288        default:
1289                ret = ptrace_request(child, request, addr, data);
1290                break;
1291        }
1292
1293        return ret;
1294}
1295
1296#ifdef CONFIG_IA32_EMULATION
1297
1298#include <linux/compat.h>
1299#include <linux/syscalls.h>
1300#include <asm/ia32.h>
1301#include <asm/user32.h>
1302
1303#define R32(l,q)                                                        \
1304        case offsetof(struct user32, regs.l):                           \
1305                regs->q = value; break
1306
1307#define SEG32(rs)                                                       \
1308        case offsetof(struct user32, regs.rs):                          \
1309                return set_segment_reg(child,                           \
1310                                       offsetof(struct user_regs_struct, rs), \
1311                                       value);                          \
1312                break
1313
1314static int putreg32(struct task_struct *child, unsigned regno, u32 value)
1315{
1316        struct pt_regs *regs = task_pt_regs(child);
1317
1318        switch (regno) {
1319
1320        SEG32(cs);
1321        SEG32(ds);
1322        SEG32(es);
1323        SEG32(fs);
1324        SEG32(gs);
1325        SEG32(ss);
1326
1327        R32(ebx, bx);
1328        R32(ecx, cx);
1329        R32(edx, dx);
1330        R32(edi, di);
1331        R32(esi, si);
1332        R32(ebp, bp);
1333        R32(eax, ax);
1334        R32(eip, ip);
1335        R32(esp, sp);
1336
1337        case offsetof(struct user32, regs.orig_eax):
1338                /*
1339                 * A 32-bit debugger setting orig_eax means to restore
1340                 * the state of the task restarting a 32-bit syscall.
1341                 * Make sure we interpret the -ERESTART* codes correctly
1342                 * in case the task is not actually still sitting at the
1343                 * exit from a 32-bit syscall with TS_COMPAT still set.
1344                 */
1345                regs->orig_ax = value;
1346                if (syscall_get_nr(child, regs) >= 0)
1347                        task_thread_info(child)->status |= TS_COMPAT;
1348                break;
1349
1350        case offsetof(struct user32, regs.eflags):
1351                return set_flags(child, value);
1352
1353        case offsetof(struct user32, u_debugreg[0]) ...
1354                offsetof(struct user32, u_debugreg[7]):
1355                regno -= offsetof(struct user32, u_debugreg[0]);
1356                return ptrace_set_debugreg(child, regno / 4, value);
1357
1358        default:
1359                if (regno > sizeof(struct user32) || (regno & 3))
1360                        return -EIO;
1361
1362                /*
1363                 * Other dummy fields in the virtual user structure
1364                 * are ignored
1365                 */
1366                break;
1367        }
1368        return 0;
1369}
1370
1371#undef R32
1372#undef SEG32
1373
1374#define R32(l,q)                                                        \
1375        case offsetof(struct user32, regs.l):                           \
1376                *val = regs->q; break
1377
1378#define SEG32(rs)                                                       \
1379        case offsetof(struct user32, regs.rs):                          \
1380                *val = get_segment_reg(child,                           \
1381                                       offsetof(struct user_regs_struct, rs)); \
1382                break
1383
1384static int getreg32(struct task_struct *child, unsigned regno, u32 *val)
1385{
1386        struct pt_regs *regs = task_pt_regs(child);
1387
1388        switch (regno) {
1389
1390        SEG32(ds);
1391        SEG32(es);
1392        SEG32(fs);
1393        SEG32(gs);
1394
1395        R32(cs, cs);
1396        R32(ss, ss);
1397        R32(ebx, bx);
1398        R32(ecx, cx);
1399        R32(edx, dx);
1400        R32(edi, di);
1401        R32(esi, si);
1402        R32(ebp, bp);
1403        R32(eax, ax);
1404        R32(orig_eax, orig_ax);
1405        R32(eip, ip);
1406        R32(esp, sp);
1407
1408        case offsetof(struct user32, regs.eflags):
1409                *val = get_flags(child);
1410                break;
1411
1412        case offsetof(struct user32, u_debugreg[0]) ...
1413                offsetof(struct user32, u_debugreg[7]):
1414                regno -= offsetof(struct user32, u_debugreg[0]);
1415                *val = ptrace_get_debugreg(child, regno / 4);
1416                break;
1417
1418        default:
1419                if (regno > sizeof(struct user32) || (regno & 3))
1420                        return -EIO;
1421
1422                /*
1423                 * Other dummy fields in the virtual user structure
1424                 * are ignored
1425                 */
1426                *val = 0;
1427                break;
1428        }
1429        return 0;
1430}
1431
1432#undef R32
1433#undef SEG32
1434
1435static int genregs32_get(struct task_struct *target,
1436                         const struct user_regset *regset,
1437                         unsigned int pos, unsigned int count,
1438                         void *kbuf, void __user *ubuf)
1439{
1440        if (kbuf) {
1441                compat_ulong_t *k = kbuf;
1442                while (count >= sizeof(*k)) {
1443                        getreg32(target, pos, k++);
1444                        count -= sizeof(*k);
1445                        pos += sizeof(*k);
1446                }
1447        } else {
1448                compat_ulong_t __user *u = ubuf;
1449                while (count >= sizeof(*u)) {
1450                        compat_ulong_t word;
1451                        getreg32(target, pos, &word);
1452                        if (__put_user(word, u++))
1453                                return -EFAULT;
1454                        count -= sizeof(*u);
1455                        pos += sizeof(*u);
1456                }
1457        }
1458
1459        return 0;
1460}
1461
1462static int genregs32_set(struct task_struct *target,
1463                         const struct user_regset *regset,
1464                         unsigned int pos, unsigned int count,
1465                         const void *kbuf, const void __user *ubuf)
1466{
1467        int ret = 0;
1468        if (kbuf) {
1469                const compat_ulong_t *k = kbuf;
1470                while (count >= sizeof(*k) && !ret) {
1471                        ret = putreg32(target, pos, *k++);
1472                        count -= sizeof(*k);
1473                        pos += sizeof(*k);
1474                }
1475        } else {
1476                const compat_ulong_t __user *u = ubuf;
1477                while (count >= sizeof(*u) && !ret) {
1478                        compat_ulong_t word;
1479                        ret = __get_user(word, u++);
1480                        if (ret)
1481                                break;
1482                        ret = putreg32(target, pos, word);
1483                        count -= sizeof(*u);
1484                        pos += sizeof(*u);
1485                }
1486        }
1487        return ret;
1488}
1489
1490long compat_arch_ptrace(struct task_struct *child, compat_long_t request,
1491                        compat_ulong_t caddr, compat_ulong_t cdata)
1492{
1493        unsigned long addr = caddr;
1494        unsigned long data = cdata;
1495        void __user *datap = compat_ptr(data);
1496        int ret;
1497        __u32 val;
1498
1499        switch (request) {
1500        case PTRACE_PEEKUSR:
1501                ret = getreg32(child, addr, &val);
1502                if (ret == 0)
1503                        ret = put_user(val, (__u32 __user *)datap);
1504                break;
1505
1506        case PTRACE_POKEUSR:
1507                ret = putreg32(child, addr, data);
1508                break;
1509
1510        case PTRACE_GETREGS:    /* Get all gp regs from the child. */
1511                return copy_regset_to_user(child, &user_x86_32_view,
1512                                           REGSET_GENERAL,
1513                                           0, sizeof(struct user_regs_struct32),
1514                                           datap);
1515
1516        case PTRACE_SETREGS:    /* Set all gp regs in the child. */
1517                return copy_regset_from_user(child, &user_x86_32_view,
1518                                             REGSET_GENERAL, 0,
1519                                             sizeof(struct user_regs_struct32),
1520                                             datap);
1521
1522        case PTRACE_GETFPREGS:  /* Get the child FPU state. */
1523                return copy_regset_to_user(child, &user_x86_32_view,
1524                                           REGSET_FP, 0,
1525                                           sizeof(struct user_i387_ia32_struct),
1526                                           datap);
1527
1528        case PTRACE_SETFPREGS:  /* Set the child FPU state. */
1529                return copy_regset_from_user(
1530                        child, &user_x86_32_view, REGSET_FP,
1531                        0, sizeof(struct user_i387_ia32_struct), datap);
1532
1533        case PTRACE_GETFPXREGS: /* Get the child extended FPU state. */
1534                return copy_regset_to_user(child, &user_x86_32_view,
1535                                           REGSET_XFP, 0,
1536                                           sizeof(struct user32_fxsr_struct),
1537                                           datap);
1538
1539        case PTRACE_SETFPXREGS: /* Set the child extended FPU state. */
1540                return copy_regset_from_user(child, &user_x86_32_view,
1541                                             REGSET_XFP, 0,
1542                                             sizeof(struct user32_fxsr_struct),
1543                                             datap);
1544
1545        case PTRACE_GET_THREAD_AREA:
1546        case PTRACE_SET_THREAD_AREA:
1547#ifdef CONFIG_X86_PTRACE_BTS
1548        case PTRACE_BTS_CONFIG:
1549        case PTRACE_BTS_STATUS:
1550        case PTRACE_BTS_SIZE:
1551        case PTRACE_BTS_GET:
1552        case PTRACE_BTS_CLEAR:
1553        case PTRACE_BTS_DRAIN:
1554#endif /* CONFIG_X86_PTRACE_BTS */
1555                return arch_ptrace(child, request, addr, data);
1556
1557        default:
1558                return compat_ptrace_request(child, request, addr, data);
1559        }
1560
1561        return ret;
1562}
1563
1564#endif  /* CONFIG_IA32_EMULATION */
1565
1566#ifdef CONFIG_X86_64
1567
1568static struct user_regset x86_64_regsets[] __read_mostly = {
1569        [REGSET_GENERAL] = {
1570                .core_note_type = NT_PRSTATUS,
1571                .n = sizeof(struct user_regs_struct) / sizeof(long),
1572                .size = sizeof(long), .align = sizeof(long),
1573                .get = genregs_get, .set = genregs_set
1574        },
1575        [REGSET_FP] = {
1576                .core_note_type = NT_PRFPREG,
1577                .n = sizeof(struct user_i387_struct) / sizeof(long),
1578                .size = sizeof(long), .align = sizeof(long),
1579                .active = xfpregs_active, .get = xfpregs_get, .set = xfpregs_set
1580        },
1581        [REGSET_XSTATE] = {
1582                .core_note_type = NT_X86_XSTATE,
1583                .size = sizeof(u64), .align = sizeof(u64),
1584                .active = xstateregs_active, .get = xstateregs_get,
1585                .set = xstateregs_set
1586        },
1587        [REGSET_IOPERM64] = {
1588                .core_note_type = NT_386_IOPERM,
1589                .n = IO_BITMAP_LONGS,
1590                .size = sizeof(long), .align = sizeof(long),
1591                .active = ioperm_active, .get = ioperm_get
1592        },
1593};
1594
1595static const struct user_regset_view user_x86_64_view = {
1596        .name = "x86_64", .e_machine = EM_X86_64,
1597        .regsets = x86_64_regsets, .n = ARRAY_SIZE(x86_64_regsets)
1598};
1599
1600#else  /* CONFIG_X86_32 */
1601
1602#define user_regs_struct32      user_regs_struct
1603#define genregs32_get           genregs_get
1604#define genregs32_set           genregs_set
1605
1606#define user_i387_ia32_struct   user_i387_struct
1607#define user32_fxsr_struct      user_fxsr_struct
1608
1609#endif  /* CONFIG_X86_64 */
1610
1611#if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
1612static struct user_regset x86_32_regsets[] __read_mostly = {
1613        [REGSET_GENERAL] = {
1614                .core_note_type = NT_PRSTATUS,
1615                .n = sizeof(struct user_regs_struct32) / sizeof(u32),
1616                .size = sizeof(u32), .align = sizeof(u32),
1617                .get = genregs32_get, .set = genregs32_set
1618        },
1619        [REGSET_FP] = {
1620                .core_note_type = NT_PRFPREG,
1621                .n = sizeof(struct user_i387_ia32_struct) / sizeof(u32),
1622                .size = sizeof(u32), .align = sizeof(u32),
1623                .active = fpregs_active, .get = fpregs_get, .set = fpregs_set
1624        },
1625        [REGSET_XFP] = {
1626                .core_note_type = NT_PRXFPREG,
1627                .n = sizeof(struct user32_fxsr_struct) / sizeof(u32),
1628                .size = sizeof(u32), .align = sizeof(u32),
1629                .active = xfpregs_active, .get = xfpregs_get, .set = xfpregs_set
1630        },
1631        [REGSET_XSTATE] = {
1632                .core_note_type = NT_X86_XSTATE,
1633                .size = sizeof(u64), .align = sizeof(u64),
1634                .active = xstateregs_active, .get = xstateregs_get,
1635                .set = xstateregs_set
1636        },
1637        [REGSET_TLS] = {
1638                .core_note_type = NT_386_TLS,
1639                .n = GDT_ENTRY_TLS_ENTRIES, .bias = GDT_ENTRY_TLS_MIN,
1640                .size = sizeof(struct user_desc),
1641                .align = sizeof(struct user_desc),
1642                .active = regset_tls_active,
1643                .get = regset_tls_get, .set = regset_tls_set
1644        },
1645        [REGSET_IOPERM32] = {
1646                .core_note_type = NT_386_IOPERM,
1647                .n = IO_BITMAP_BYTES / sizeof(u32),
1648                .size = sizeof(u32), .align = sizeof(u32),
1649                .active = ioperm_active, .get = ioperm_get
1650        },
1651};
1652
1653static const struct user_regset_view user_x86_32_view = {
1654        .name = "i386", .e_machine = EM_386,
1655        .regsets = x86_32_regsets, .n = ARRAY_SIZE(x86_32_regsets)
1656};
1657#endif
1658
1659/*
1660 * This represents bytes 464..511 in the memory layout exported through
1661 * the REGSET_XSTATE interface.
1662 */
1663u64 xstate_fx_sw_bytes[USER_XSTATE_FX_SW_WORDS];
1664
1665void update_regset_xstate_info(unsigned int size, u64 xstate_mask)
1666{
1667#ifdef CONFIG_X86_64
1668        x86_64_regsets[REGSET_XSTATE].n = size / sizeof(u64);
1669#endif
1670#if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
1671        x86_32_regsets[REGSET_XSTATE].n = size / sizeof(u64);
1672#endif
1673        xstate_fx_sw_bytes[USER_XSTATE_XCR0_WORD] = xstate_mask;
1674}
1675
1676const struct user_regset_view *task_user_regset_view(struct task_struct *task)
1677{
1678#ifdef CONFIG_IA32_EMULATION
1679        if (test_tsk_thread_flag(task, TIF_IA32))
1680#endif
1681#if defined CONFIG_X86_32 || defined CONFIG_IA32_EMULATION
1682                return &user_x86_32_view;
1683#endif
1684#ifdef CONFIG_X86_64
1685        return &user_x86_64_view;
1686#endif
1687}
1688
1689static void fill_sigtrap_info(struct task_struct *tsk,
1690                                struct pt_regs *regs,
1691                                int error_code, int si_code,
1692                                struct siginfo *info)
1693{
1694        tsk->thread.trap_no = 1;
1695        tsk->thread.error_code = error_code;
1696
1697        memset(info, 0, sizeof(*info));
1698        info->si_signo = SIGTRAP;
1699        info->si_code = si_code;
1700        info->si_addr = user_mode_vm(regs) ? (void __user *)regs->ip : NULL;
1701}
1702
1703void user_single_step_siginfo(struct task_struct *tsk,
1704                                struct pt_regs *regs,
1705                                struct siginfo *info)
1706{
1707        fill_sigtrap_info(tsk, regs, 0, TRAP_BRKPT, info);
1708}
1709
1710void send_sigtrap(struct task_struct *tsk, struct pt_regs *regs,
1711                                         int error_code, int si_code)
1712{
1713        struct siginfo info;
1714
1715        fill_sigtrap_info(tsk, regs, error_code, si_code, &info);
1716        /* Send us the fake SIGTRAP */
1717        force_sig_info(SIGTRAP, &info, tsk);
1718}
1719
1720
1721#ifdef CONFIG_X86_32
1722# define IS_IA32        1
1723#elif defined CONFIG_IA32_EMULATION
1724# define IS_IA32        is_compat_task()
1725#else
1726# define IS_IA32        0
1727#endif
1728
1729/*
1730 * We must return the syscall number to actually look up in the table.
1731 * This can be -1L to skip running any syscall at all.
1732 */
1733asmregparm long syscall_trace_enter(struct pt_regs *regs)
1734{
1735        long ret = 0;
1736
1737        /*
1738         * If we stepped into a sysenter/syscall insn, it trapped in
1739         * kernel mode; do_debug() cleared TF and set TIF_SINGLESTEP.
1740         * If user-mode had set TF itself, then it's still clear from
1741         * do_debug() and we need to set it again to restore the user
1742         * state.  If we entered on the slow path, TF was already set.
1743         */
1744        if (test_thread_flag(TIF_SINGLESTEP))
1745                regs->flags |= X86_EFLAGS_TF;
1746
1747        /* do the secure computing check first */
1748        secure_computing(regs->orig_ax);
1749
1750        if (unlikely(test_thread_flag(TIF_SYSCALL_EMU)))
1751                ret = -1L;
1752
1753        if ((ret || test_thread_flag(TIF_SYSCALL_TRACE)) &&
1754            tracehook_report_syscall_entry(regs))
1755                ret = -1L;
1756
1757        if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
1758                trace_sys_enter(regs, regs->orig_ax);
1759
1760        if (unlikely(current->audit_context)) {
1761                if (IS_IA32)
1762                        audit_syscall_entry(AUDIT_ARCH_I386,
1763                                            regs->orig_ax,
1764                                            regs->bx, regs->cx,
1765                                            regs->dx, regs->si);
1766#ifdef CONFIG_X86_64
1767                else
1768                        audit_syscall_entry(AUDIT_ARCH_X86_64,
1769                                            regs->orig_ax,
1770                                            regs->di, regs->si,
1771                                            regs->dx, regs->r10);
1772#endif
1773        }
1774
1775        return ret ?: regs->orig_ax;
1776}
1777
1778asmregparm void syscall_trace_leave(struct pt_regs *regs)
1779{
1780        bool step;
1781
1782        if (unlikely(current->audit_context))
1783                audit_syscall_exit(AUDITSC_RESULT(regs->ax), regs->ax);
1784
1785        if (unlikely(test_thread_flag(TIF_SYSCALL_TRACEPOINT)))
1786                trace_sys_exit(regs, regs->ax);
1787
1788        /*
1789         * If TIF_SYSCALL_EMU is set, we only get here because of
1790         * TIF_SINGLESTEP (i.e. this is PTRACE_SYSEMU_SINGLESTEP).
1791         * We already reported this syscall instruction in
1792         * syscall_trace_enter().
1793         */
1794        step = unlikely(test_thread_flag(TIF_SINGLESTEP)) &&
1795                        !test_thread_flag(TIF_SYSCALL_EMU);
1796        if (step || test_thread_flag(TIF_SYSCALL_TRACE))
1797                tracehook_report_syscall_exit(regs, step);
1798}
1799