hw_breakpoint.c revision 235584b6f3b71bc1381be13a963a16f7107650cf
1/* 2 * This program is free software; you can redistribute it and/or modify 3 * it under the terms of the GNU General Public License version 2 as 4 * published by the Free Software Foundation. 5 * 6 * This program is distributed in the hope that it will be useful, 7 * but WITHOUT ANY WARRANTY; without even the implied warranty of 8 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 9 * GNU General Public License for more details. 10 * 11 * You should have received a copy of the GNU General Public License 12 * along with this program; if not, write to the Free Software 13 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 14 * 15 * Copyright (C) 2009, 2010 ARM Limited 16 * 17 * Author: Will Deacon <will.deacon@arm.com> 18 */ 19 20/* 21 * HW_breakpoint: a unified kernel/user-space hardware breakpoint facility, 22 * using the CPU's debug registers. 23 */ 24#define pr_fmt(fmt) "hw-breakpoint: " fmt 25 26#include <linux/errno.h> 27#include <linux/perf_event.h> 28#include <linux/hw_breakpoint.h> 29#include <linux/smp.h> 30 31#include <asm/cacheflush.h> 32#include <asm/cputype.h> 33#include <asm/current.h> 34#include <asm/hw_breakpoint.h> 35#include <asm/kdebug.h> 36#include <asm/system.h> 37#include <asm/traps.h> 38 39/* Breakpoint currently in use for each BRP. */ 40static DEFINE_PER_CPU(struct perf_event *, bp_on_reg[ARM_MAX_BRP]); 41 42/* Watchpoint currently in use for each WRP. */ 43static DEFINE_PER_CPU(struct perf_event *, wp_on_reg[ARM_MAX_WRP]); 44 45/* Number of BRP/WRP registers on this CPU. */ 46static int core_num_brps; 47static int core_num_wrps; 48 49/* Debug architecture version. */ 50static u8 debug_arch; 51 52/* Maximum supported watchpoint length. */ 53static u8 max_watchpoint_len; 54 55/* Determine number of BRP registers available. */ 56static int get_num_brps(void) 57{ 58 u32 didr; 59 ARM_DBG_READ(c0, 0, didr); 60 return ((didr >> 24) & 0xf) + 1; 61} 62 63/* Determine number of WRP registers available. */ 64static int get_num_wrps(void) 65{ 66 /* 67 * FIXME: When a watchpoint fires, the only way to work out which 68 * watchpoint it was is by disassembling the faulting instruction 69 * and working out the address of the memory access. 70 * 71 * Furthermore, we can only do this if the watchpoint was precise 72 * since imprecise watchpoints prevent us from calculating register 73 * based addresses. 74 * 75 * For the time being, we only report 1 watchpoint register so we 76 * always know which watchpoint fired. In the future we can either 77 * add a disassembler and address generation emulator, or we can 78 * insert a check to see if the DFAR is set on watchpoint exception 79 * entry [the ARM ARM states that the DFAR is UNKNOWN, but 80 * experience shows that it is set on some implementations]. 81 */ 82 83#if 0 84 u32 didr, wrps; 85 ARM_DBG_READ(c0, 0, didr); 86 return ((didr >> 28) & 0xf) + 1; 87#endif 88 89 return 1; 90} 91 92int hw_breakpoint_slots(int type) 93{ 94 /* 95 * We can be called early, so don't rely on 96 * our static variables being initialised. 97 */ 98 switch (type) { 99 case TYPE_INST: 100 return get_num_brps(); 101 case TYPE_DATA: 102 return get_num_wrps(); 103 default: 104 pr_warning("unknown slot type: %d\n", type); 105 return 0; 106 } 107} 108 109/* Determine debug architecture. */ 110static u8 get_debug_arch(void) 111{ 112 u32 didr; 113 114 /* Do we implement the extended CPUID interface? */ 115 if (((read_cpuid_id() >> 16) & 0xf) != 0xf) { 116 pr_warning("CPUID feature registers not supported. " 117 "Assuming v6 debug is present.\n"); 118 return ARM_DEBUG_ARCH_V6; 119 } 120 121 ARM_DBG_READ(c0, 0, didr); 122 return (didr >> 16) & 0xf; 123} 124 125/* Does this core support mismatch breakpoints? */ 126static int core_has_mismatch_bps(void) 127{ 128 return debug_arch >= ARM_DEBUG_ARCH_V7_ECP14 && core_num_brps > 1; 129} 130 131u8 arch_get_debug_arch(void) 132{ 133 return debug_arch; 134} 135 136#define READ_WB_REG_CASE(OP2, M, VAL) \ 137 case ((OP2 << 4) + M): \ 138 ARM_DBG_READ(c ## M, OP2, VAL); \ 139 break 140 141#define WRITE_WB_REG_CASE(OP2, M, VAL) \ 142 case ((OP2 << 4) + M): \ 143 ARM_DBG_WRITE(c ## M, OP2, VAL);\ 144 break 145 146#define GEN_READ_WB_REG_CASES(OP2, VAL) \ 147 READ_WB_REG_CASE(OP2, 0, VAL); \ 148 READ_WB_REG_CASE(OP2, 1, VAL); \ 149 READ_WB_REG_CASE(OP2, 2, VAL); \ 150 READ_WB_REG_CASE(OP2, 3, VAL); \ 151 READ_WB_REG_CASE(OP2, 4, VAL); \ 152 READ_WB_REG_CASE(OP2, 5, VAL); \ 153 READ_WB_REG_CASE(OP2, 6, VAL); \ 154 READ_WB_REG_CASE(OP2, 7, VAL); \ 155 READ_WB_REG_CASE(OP2, 8, VAL); \ 156 READ_WB_REG_CASE(OP2, 9, VAL); \ 157 READ_WB_REG_CASE(OP2, 10, VAL); \ 158 READ_WB_REG_CASE(OP2, 11, VAL); \ 159 READ_WB_REG_CASE(OP2, 12, VAL); \ 160 READ_WB_REG_CASE(OP2, 13, VAL); \ 161 READ_WB_REG_CASE(OP2, 14, VAL); \ 162 READ_WB_REG_CASE(OP2, 15, VAL) 163 164#define GEN_WRITE_WB_REG_CASES(OP2, VAL) \ 165 WRITE_WB_REG_CASE(OP2, 0, VAL); \ 166 WRITE_WB_REG_CASE(OP2, 1, VAL); \ 167 WRITE_WB_REG_CASE(OP2, 2, VAL); \ 168 WRITE_WB_REG_CASE(OP2, 3, VAL); \ 169 WRITE_WB_REG_CASE(OP2, 4, VAL); \ 170 WRITE_WB_REG_CASE(OP2, 5, VAL); \ 171 WRITE_WB_REG_CASE(OP2, 6, VAL); \ 172 WRITE_WB_REG_CASE(OP2, 7, VAL); \ 173 WRITE_WB_REG_CASE(OP2, 8, VAL); \ 174 WRITE_WB_REG_CASE(OP2, 9, VAL); \ 175 WRITE_WB_REG_CASE(OP2, 10, VAL); \ 176 WRITE_WB_REG_CASE(OP2, 11, VAL); \ 177 WRITE_WB_REG_CASE(OP2, 12, VAL); \ 178 WRITE_WB_REG_CASE(OP2, 13, VAL); \ 179 WRITE_WB_REG_CASE(OP2, 14, VAL); \ 180 WRITE_WB_REG_CASE(OP2, 15, VAL) 181 182static u32 read_wb_reg(int n) 183{ 184 u32 val = 0; 185 186 switch (n) { 187 GEN_READ_WB_REG_CASES(ARM_OP2_BVR, val); 188 GEN_READ_WB_REG_CASES(ARM_OP2_BCR, val); 189 GEN_READ_WB_REG_CASES(ARM_OP2_WVR, val); 190 GEN_READ_WB_REG_CASES(ARM_OP2_WCR, val); 191 default: 192 pr_warning("attempt to read from unknown breakpoint " 193 "register %d\n", n); 194 } 195 196 return val; 197} 198 199static void write_wb_reg(int n, u32 val) 200{ 201 switch (n) { 202 GEN_WRITE_WB_REG_CASES(ARM_OP2_BVR, val); 203 GEN_WRITE_WB_REG_CASES(ARM_OP2_BCR, val); 204 GEN_WRITE_WB_REG_CASES(ARM_OP2_WVR, val); 205 GEN_WRITE_WB_REG_CASES(ARM_OP2_WCR, val); 206 default: 207 pr_warning("attempt to write to unknown breakpoint " 208 "register %d\n", n); 209 } 210 isb(); 211} 212 213/* 214 * In order to access the breakpoint/watchpoint control registers, 215 * we must be running in debug monitor mode. Unfortunately, we can 216 * be put into halting debug mode at any time by an external debugger 217 * but there is nothing we can do to prevent that. 218 */ 219static int enable_monitor_mode(void) 220{ 221 u32 dscr; 222 int ret = 0; 223 224 ARM_DBG_READ(c1, 0, dscr); 225 226 /* Ensure that halting mode is disabled. */ 227 if (WARN_ONCE(dscr & ARM_DSCR_HDBGEN, "halting debug mode enabled." 228 "Unable to access hardware resources.")) { 229 ret = -EPERM; 230 goto out; 231 } 232 233 /* Write to the corresponding DSCR. */ 234 switch (debug_arch) { 235 case ARM_DEBUG_ARCH_V6: 236 case ARM_DEBUG_ARCH_V6_1: 237 ARM_DBG_WRITE(c1, 0, (dscr | ARM_DSCR_MDBGEN)); 238 break; 239 case ARM_DEBUG_ARCH_V7_ECP14: 240 ARM_DBG_WRITE(c2, 2, (dscr | ARM_DSCR_MDBGEN)); 241 break; 242 default: 243 ret = -ENODEV; 244 goto out; 245 } 246 247 /* Check that the write made it through. */ 248 ARM_DBG_READ(c1, 0, dscr); 249 if (WARN_ONCE(!(dscr & ARM_DSCR_MDBGEN), 250 "failed to enable monitor mode.")) { 251 ret = -EPERM; 252 } 253 254out: 255 return ret; 256} 257 258/* 259 * Check if 8-bit byte-address select is available. 260 * This clobbers WRP 0. 261 */ 262static u8 get_max_wp_len(void) 263{ 264 u32 ctrl_reg; 265 struct arch_hw_breakpoint_ctrl ctrl; 266 u8 size = 4; 267 268 if (debug_arch < ARM_DEBUG_ARCH_V7_ECP14) 269 goto out; 270 271 if (enable_monitor_mode()) 272 goto out; 273 274 memset(&ctrl, 0, sizeof(ctrl)); 275 ctrl.len = ARM_BREAKPOINT_LEN_8; 276 ctrl_reg = encode_ctrl_reg(ctrl); 277 278 write_wb_reg(ARM_BASE_WVR, 0); 279 write_wb_reg(ARM_BASE_WCR, ctrl_reg); 280 if ((read_wb_reg(ARM_BASE_WCR) & ctrl_reg) == ctrl_reg) 281 size = 8; 282 283out: 284 return size; 285} 286 287u8 arch_get_max_wp_len(void) 288{ 289 return max_watchpoint_len; 290} 291 292/* 293 * Handler for reactivating a suspended watchpoint when the single 294 * step `mismatch' breakpoint is triggered. 295 */ 296static void wp_single_step_handler(struct perf_event *bp, int unused, 297 struct perf_sample_data *data, 298 struct pt_regs *regs) 299{ 300 perf_event_enable(counter_arch_bp(bp)->suspended_wp); 301 unregister_hw_breakpoint(bp); 302} 303 304static int bp_is_single_step(struct perf_event *bp) 305{ 306 return bp->overflow_handler == wp_single_step_handler; 307} 308 309/* 310 * Install a perf counter breakpoint. 311 */ 312int arch_install_hw_breakpoint(struct perf_event *bp) 313{ 314 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 315 struct perf_event **slot, **slots; 316 int i, max_slots, ctrl_base, val_base, ret = 0; 317 318 /* Ensure that we are in monitor mode and halting mode is disabled. */ 319 ret = enable_monitor_mode(); 320 if (ret) 321 goto out; 322 323 if (info->ctrl.type == ARM_BREAKPOINT_EXECUTE) { 324 /* Breakpoint */ 325 ctrl_base = ARM_BASE_BCR; 326 val_base = ARM_BASE_BVR; 327 slots = __get_cpu_var(bp_on_reg); 328 max_slots = core_num_brps - 1; 329 330 if (bp_is_single_step(bp)) { 331 info->ctrl.mismatch = 1; 332 i = max_slots; 333 slots[i] = bp; 334 goto setup; 335 } 336 } else { 337 /* Watchpoint */ 338 ctrl_base = ARM_BASE_WCR; 339 val_base = ARM_BASE_WVR; 340 slots = __get_cpu_var(wp_on_reg); 341 max_slots = core_num_wrps; 342 } 343 344 for (i = 0; i < max_slots; ++i) { 345 slot = &slots[i]; 346 347 if (!*slot) { 348 *slot = bp; 349 break; 350 } 351 } 352 353 if (WARN_ONCE(i == max_slots, "Can't find any breakpoint slot")) { 354 ret = -EBUSY; 355 goto out; 356 } 357 358setup: 359 /* Setup the address register. */ 360 write_wb_reg(val_base + i, info->address); 361 362 /* Setup the control register. */ 363 write_wb_reg(ctrl_base + i, encode_ctrl_reg(info->ctrl) | 0x1); 364 365out: 366 return ret; 367} 368 369void arch_uninstall_hw_breakpoint(struct perf_event *bp) 370{ 371 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 372 struct perf_event **slot, **slots; 373 int i, max_slots, base; 374 375 if (info->ctrl.type == ARM_BREAKPOINT_EXECUTE) { 376 /* Breakpoint */ 377 base = ARM_BASE_BCR; 378 slots = __get_cpu_var(bp_on_reg); 379 max_slots = core_num_brps - 1; 380 381 if (bp_is_single_step(bp)) { 382 i = max_slots; 383 slots[i] = NULL; 384 goto reset; 385 } 386 } else { 387 /* Watchpoint */ 388 base = ARM_BASE_WCR; 389 slots = __get_cpu_var(wp_on_reg); 390 max_slots = core_num_wrps; 391 } 392 393 /* Remove the breakpoint. */ 394 for (i = 0; i < max_slots; ++i) { 395 slot = &slots[i]; 396 397 if (*slot == bp) { 398 *slot = NULL; 399 break; 400 } 401 } 402 403 if (WARN_ONCE(i == max_slots, "Can't find any breakpoint slot")) 404 return; 405 406reset: 407 /* Reset the control register. */ 408 write_wb_reg(base + i, 0); 409} 410 411static int get_hbp_len(u8 hbp_len) 412{ 413 unsigned int len_in_bytes = 0; 414 415 switch (hbp_len) { 416 case ARM_BREAKPOINT_LEN_1: 417 len_in_bytes = 1; 418 break; 419 case ARM_BREAKPOINT_LEN_2: 420 len_in_bytes = 2; 421 break; 422 case ARM_BREAKPOINT_LEN_4: 423 len_in_bytes = 4; 424 break; 425 case ARM_BREAKPOINT_LEN_8: 426 len_in_bytes = 8; 427 break; 428 } 429 430 return len_in_bytes; 431} 432 433/* 434 * Check whether bp virtual address is in kernel space. 435 */ 436int arch_check_bp_in_kernelspace(struct perf_event *bp) 437{ 438 unsigned int len; 439 unsigned long va; 440 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 441 442 va = info->address; 443 len = get_hbp_len(info->ctrl.len); 444 445 return (va >= TASK_SIZE) && ((va + len - 1) >= TASK_SIZE); 446} 447 448/* 449 * Extract generic type and length encodings from an arch_hw_breakpoint_ctrl. 450 * Hopefully this will disappear when ptrace can bypass the conversion 451 * to generic breakpoint descriptions. 452 */ 453int arch_bp_generic_fields(struct arch_hw_breakpoint_ctrl ctrl, 454 int *gen_len, int *gen_type) 455{ 456 /* Type */ 457 switch (ctrl.type) { 458 case ARM_BREAKPOINT_EXECUTE: 459 *gen_type = HW_BREAKPOINT_X; 460 break; 461 case ARM_BREAKPOINT_LOAD: 462 *gen_type = HW_BREAKPOINT_R; 463 break; 464 case ARM_BREAKPOINT_STORE: 465 *gen_type = HW_BREAKPOINT_W; 466 break; 467 case ARM_BREAKPOINT_LOAD | ARM_BREAKPOINT_STORE: 468 *gen_type = HW_BREAKPOINT_RW; 469 break; 470 default: 471 return -EINVAL; 472 } 473 474 /* Len */ 475 switch (ctrl.len) { 476 case ARM_BREAKPOINT_LEN_1: 477 *gen_len = HW_BREAKPOINT_LEN_1; 478 break; 479 case ARM_BREAKPOINT_LEN_2: 480 *gen_len = HW_BREAKPOINT_LEN_2; 481 break; 482 case ARM_BREAKPOINT_LEN_4: 483 *gen_len = HW_BREAKPOINT_LEN_4; 484 break; 485 case ARM_BREAKPOINT_LEN_8: 486 *gen_len = HW_BREAKPOINT_LEN_8; 487 break; 488 default: 489 return -EINVAL; 490 } 491 492 return 0; 493} 494 495/* 496 * Construct an arch_hw_breakpoint from a perf_event. 497 */ 498static int arch_build_bp_info(struct perf_event *bp) 499{ 500 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 501 502 /* Type */ 503 switch (bp->attr.bp_type) { 504 case HW_BREAKPOINT_X: 505 info->ctrl.type = ARM_BREAKPOINT_EXECUTE; 506 break; 507 case HW_BREAKPOINT_R: 508 info->ctrl.type = ARM_BREAKPOINT_LOAD; 509 break; 510 case HW_BREAKPOINT_W: 511 info->ctrl.type = ARM_BREAKPOINT_STORE; 512 break; 513 case HW_BREAKPOINT_RW: 514 info->ctrl.type = ARM_BREAKPOINT_LOAD | ARM_BREAKPOINT_STORE; 515 break; 516 default: 517 return -EINVAL; 518 } 519 520 /* Len */ 521 switch (bp->attr.bp_len) { 522 case HW_BREAKPOINT_LEN_1: 523 info->ctrl.len = ARM_BREAKPOINT_LEN_1; 524 break; 525 case HW_BREAKPOINT_LEN_2: 526 info->ctrl.len = ARM_BREAKPOINT_LEN_2; 527 break; 528 case HW_BREAKPOINT_LEN_4: 529 info->ctrl.len = ARM_BREAKPOINT_LEN_4; 530 break; 531 case HW_BREAKPOINT_LEN_8: 532 info->ctrl.len = ARM_BREAKPOINT_LEN_8; 533 if ((info->ctrl.type != ARM_BREAKPOINT_EXECUTE) 534 && max_watchpoint_len >= 8) 535 break; 536 default: 537 return -EINVAL; 538 } 539 540 /* Address */ 541 info->address = bp->attr.bp_addr; 542 543 /* Privilege */ 544 info->ctrl.privilege = ARM_BREAKPOINT_USER; 545 if (arch_check_bp_in_kernelspace(bp) && !bp_is_single_step(bp)) 546 info->ctrl.privilege |= ARM_BREAKPOINT_PRIV; 547 548 /* Enabled? */ 549 info->ctrl.enabled = !bp->attr.disabled; 550 551 /* Mismatch */ 552 info->ctrl.mismatch = 0; 553 554 return 0; 555} 556 557/* 558 * Validate the arch-specific HW Breakpoint register settings. 559 */ 560int arch_validate_hwbkpt_settings(struct perf_event *bp) 561{ 562 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 563 int ret = 0; 564 u32 bytelen, max_len, offset, alignment_mask = 0x3; 565 566 /* Build the arch_hw_breakpoint. */ 567 ret = arch_build_bp_info(bp); 568 if (ret) 569 goto out; 570 571 /* Check address alignment. */ 572 if (info->ctrl.len == ARM_BREAKPOINT_LEN_8) 573 alignment_mask = 0x7; 574 if (info->address & alignment_mask) { 575 /* 576 * Try to fix the alignment. This may result in a length 577 * that is too large, so we must check for that. 578 */ 579 bytelen = get_hbp_len(info->ctrl.len); 580 max_len = info->ctrl.type == ARM_BREAKPOINT_EXECUTE ? 4 : 581 max_watchpoint_len; 582 583 if (max_len >= 8) 584 offset = info->address & 0x7; 585 else 586 offset = info->address & 0x3; 587 588 if (bytelen > (1 << ((max_len - (offset + 1)) >> 1))) { 589 ret = -EFBIG; 590 goto out; 591 } 592 593 info->ctrl.len <<= offset; 594 info->address &= ~offset; 595 596 pr_debug("breakpoint alignment fixup: length = 0x%x, " 597 "address = 0x%x\n", info->ctrl.len, info->address); 598 } 599 600 /* 601 * Currently we rely on an overflow handler to take 602 * care of single-stepping the breakpoint when it fires. 603 * In the case of userspace breakpoints on a core with V7 debug, 604 * we can use the mismatch feature as a poor-man's hardware single-step. 605 */ 606 if (WARN_ONCE(!bp->overflow_handler && 607 (arch_check_bp_in_kernelspace(bp) || !core_has_mismatch_bps()), 608 "overflow handler required but none found")) { 609 ret = -EINVAL; 610 goto out; 611 } 612out: 613 return ret; 614} 615 616static void update_mismatch_flag(int idx, int flag) 617{ 618 struct perf_event *bp = __get_cpu_var(bp_on_reg[idx]); 619 struct arch_hw_breakpoint *info; 620 621 if (bp == NULL) 622 return; 623 624 info = counter_arch_bp(bp); 625 626 /* Update the mismatch field to enter/exit `single-step' mode */ 627 if (!bp->overflow_handler && info->ctrl.mismatch != flag) { 628 info->ctrl.mismatch = flag; 629 write_wb_reg(ARM_BASE_BCR + idx, encode_ctrl_reg(info->ctrl) | 0x1); 630 } 631} 632 633static void watchpoint_handler(unsigned long unknown, struct pt_regs *regs) 634{ 635 int i; 636 struct perf_event *bp, **slots = __get_cpu_var(wp_on_reg); 637 struct arch_hw_breakpoint *info; 638 struct perf_event_attr attr; 639 640 /* Without a disassembler, we can only handle 1 watchpoint. */ 641 BUG_ON(core_num_wrps > 1); 642 643 hw_breakpoint_init(&attr); 644 attr.bp_addr = regs->ARM_pc & ~0x3; 645 attr.bp_len = HW_BREAKPOINT_LEN_4; 646 attr.bp_type = HW_BREAKPOINT_X; 647 648 for (i = 0; i < core_num_wrps; ++i) { 649 rcu_read_lock(); 650 651 if (slots[i] == NULL) { 652 rcu_read_unlock(); 653 continue; 654 } 655 656 /* 657 * The DFAR is an unknown value. Since we only allow a 658 * single watchpoint, we can set the trigger to the lowest 659 * possible faulting address. 660 */ 661 info = counter_arch_bp(slots[i]); 662 info->trigger = slots[i]->attr.bp_addr; 663 pr_debug("watchpoint fired: address = 0x%x\n", info->trigger); 664 perf_bp_event(slots[i], regs); 665 666 /* 667 * If no overflow handler is present, insert a temporary 668 * mismatch breakpoint so we can single-step over the 669 * watchpoint trigger. 670 */ 671 if (!slots[i]->overflow_handler) { 672 bp = register_user_hw_breakpoint(&attr, 673 wp_single_step_handler, 674 current); 675 counter_arch_bp(bp)->suspended_wp = slots[i]; 676 perf_event_disable(slots[i]); 677 } 678 679 rcu_read_unlock(); 680 } 681} 682 683static void breakpoint_handler(unsigned long unknown, struct pt_regs *regs) 684{ 685 int i; 686 int mismatch; 687 u32 ctrl_reg, val, addr; 688 struct perf_event *bp, **slots = __get_cpu_var(bp_on_reg); 689 struct arch_hw_breakpoint *info; 690 struct arch_hw_breakpoint_ctrl ctrl; 691 692 /* The exception entry code places the amended lr in the PC. */ 693 addr = regs->ARM_pc; 694 695 for (i = 0; i < core_num_brps; ++i) { 696 rcu_read_lock(); 697 698 bp = slots[i]; 699 700 if (bp == NULL) { 701 rcu_read_unlock(); 702 continue; 703 } 704 705 mismatch = 0; 706 707 /* Check if the breakpoint value matches. */ 708 val = read_wb_reg(ARM_BASE_BVR + i); 709 if (val != (addr & ~0x3)) 710 goto unlock; 711 712 /* Possible match, check the byte address select to confirm. */ 713 ctrl_reg = read_wb_reg(ARM_BASE_BCR + i); 714 decode_ctrl_reg(ctrl_reg, &ctrl); 715 if ((1 << (addr & 0x3)) & ctrl.len) { 716 mismatch = 1; 717 info = counter_arch_bp(bp); 718 info->trigger = addr; 719 } 720 721unlock: 722 if ((mismatch && !info->ctrl.mismatch) || bp_is_single_step(bp)) { 723 pr_debug("breakpoint fired: address = 0x%x\n", addr); 724 perf_bp_event(bp, regs); 725 } 726 727 update_mismatch_flag(i, mismatch); 728 rcu_read_unlock(); 729 } 730} 731 732/* 733 * Called from either the Data Abort Handler [watchpoint] or the 734 * Prefetch Abort Handler [breakpoint]. 735 */ 736static int hw_breakpoint_pending(unsigned long addr, unsigned int fsr, 737 struct pt_regs *regs) 738{ 739 int ret = 1; /* Unhandled fault. */ 740 u32 dscr; 741 742 /* We only handle watchpoints and hardware breakpoints. */ 743 ARM_DBG_READ(c1, 0, dscr); 744 745 /* Perform perf callbacks. */ 746 switch (ARM_DSCR_MOE(dscr)) { 747 case ARM_ENTRY_BREAKPOINT: 748 breakpoint_handler(addr, regs); 749 break; 750 case ARM_ENTRY_ASYNC_WATCHPOINT: 751 WARN(1, "Asynchronous watchpoint exception taken. Debugging results may be unreliable\n"); 752 case ARM_ENTRY_SYNC_WATCHPOINT: 753 watchpoint_handler(addr, regs); 754 break; 755 default: 756 goto out; 757 } 758 759 ret = 0; 760out: 761 return ret; 762} 763 764/* 765 * One-time initialisation. 766 */ 767static void __init reset_ctrl_regs(void *unused) 768{ 769 int i; 770 771 if (enable_monitor_mode()) 772 return; 773 774 for (i = 0; i < core_num_brps; ++i) { 775 write_wb_reg(ARM_BASE_BCR + i, 0UL); 776 write_wb_reg(ARM_BASE_BVR + i, 0UL); 777 } 778 779 for (i = 0; i < core_num_wrps; ++i) { 780 write_wb_reg(ARM_BASE_WCR + i, 0UL); 781 write_wb_reg(ARM_BASE_WVR + i, 0UL); 782 } 783} 784 785static int __init arch_hw_breakpoint_init(void) 786{ 787 int ret = 0; 788 u32 dscr; 789 790 debug_arch = get_debug_arch(); 791 792 if (debug_arch > ARM_DEBUG_ARCH_V7_ECP14) { 793 pr_info("debug architecture 0x%x unsupported.\n", debug_arch); 794 ret = -ENODEV; 795 goto out; 796 } 797 798 /* Determine how many BRPs/WRPs are available. */ 799 core_num_brps = get_num_brps(); 800 core_num_wrps = get_num_wrps(); 801 802 pr_info("found %d breakpoint and %d watchpoint registers.\n", 803 core_num_brps, core_num_wrps); 804 805 if (core_has_mismatch_bps()) 806 pr_info("1 breakpoint reserved for watchpoint single-step.\n"); 807 808 ARM_DBG_READ(c1, 0, dscr); 809 if (dscr & ARM_DSCR_HDBGEN) { 810 pr_warning("halting debug mode enabled. Assuming maximum " 811 "watchpoint size of 4 bytes."); 812 } else { 813 /* Work out the maximum supported watchpoint length. */ 814 max_watchpoint_len = get_max_wp_len(); 815 pr_info("maximum watchpoint size is %u bytes.\n", 816 max_watchpoint_len); 817 818 /* 819 * Reset the breakpoint resources. We assume that a halting 820 * debugger will leave the world in a nice state for us. 821 */ 822 smp_call_function(reset_ctrl_regs, NULL, 1); 823 reset_ctrl_regs(NULL); 824 } 825 826 /* Register debug fault handler. */ 827 hook_fault_code(2, hw_breakpoint_pending, SIGTRAP, TRAP_HWBKPT, 828 "watchpoint debug exception"); 829 hook_ifault_code(2, hw_breakpoint_pending, SIGTRAP, TRAP_HWBKPT, 830 "breakpoint debug exception"); 831 832out: 833 return ret; 834} 835arch_initcall(arch_hw_breakpoint_init); 836 837void hw_breakpoint_pmu_read(struct perf_event *bp) 838{ 839} 840 841/* 842 * Dummy function to register with die_notifier. 843 */ 844int hw_breakpoint_exceptions_notify(struct notifier_block *unused, 845 unsigned long val, void *data) 846{ 847 return NOTIFY_DONE; 848} 849