hw_breakpoint.c revision ed19b739c5c76ad241d30f6c6a5ee96fb284f4cf
1/* 2 * This program is free software; you can redistribute it and/or modify 3 * it under the terms of the GNU General Public License version 2 as 4 * published by the Free Software Foundation. 5 * 6 * This program is distributed in the hope that it will be useful, 7 * but WITHOUT ANY WARRANTY; without even the implied warranty of 8 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 9 * GNU General Public License for more details. 10 * 11 * You should have received a copy of the GNU General Public License 12 * along with this program; if not, write to the Free Software 13 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 14 * 15 * Copyright (C) 2009, 2010 ARM Limited 16 * 17 * Author: Will Deacon <will.deacon@arm.com> 18 */ 19 20/* 21 * HW_breakpoint: a unified kernel/user-space hardware breakpoint facility, 22 * using the CPU's debug registers. 23 */ 24#define pr_fmt(fmt) "hw-breakpoint: " fmt 25 26#include <linux/errno.h> 27#include <linux/hardirq.h> 28#include <linux/perf_event.h> 29#include <linux/hw_breakpoint.h> 30#include <linux/smp.h> 31 32#include <asm/cacheflush.h> 33#include <asm/cputype.h> 34#include <asm/current.h> 35#include <asm/hw_breakpoint.h> 36#include <asm/kdebug.h> 37#include <asm/system.h> 38#include <asm/traps.h> 39 40/* Breakpoint currently in use for each BRP. */ 41static DEFINE_PER_CPU(struct perf_event *, bp_on_reg[ARM_MAX_BRP]); 42 43/* Watchpoint currently in use for each WRP. */ 44static DEFINE_PER_CPU(struct perf_event *, wp_on_reg[ARM_MAX_WRP]); 45 46/* Number of BRP/WRP registers on this CPU. */ 47static int core_num_brps; 48static int core_num_reserved_brps; 49static int core_num_wrps; 50 51/* Debug architecture version. */ 52static u8 debug_arch; 53 54/* Maximum supported watchpoint length. */ 55static u8 max_watchpoint_len; 56 57#define READ_WB_REG_CASE(OP2, M, VAL) \ 58 case ((OP2 << 4) + M): \ 59 ARM_DBG_READ(c ## M, OP2, VAL); \ 60 break 61 62#define WRITE_WB_REG_CASE(OP2, M, VAL) \ 63 case ((OP2 << 4) + M): \ 64 ARM_DBG_WRITE(c ## M, OP2, VAL);\ 65 break 66 67#define GEN_READ_WB_REG_CASES(OP2, VAL) \ 68 READ_WB_REG_CASE(OP2, 0, VAL); \ 69 READ_WB_REG_CASE(OP2, 1, VAL); \ 70 READ_WB_REG_CASE(OP2, 2, VAL); \ 71 READ_WB_REG_CASE(OP2, 3, VAL); \ 72 READ_WB_REG_CASE(OP2, 4, VAL); \ 73 READ_WB_REG_CASE(OP2, 5, VAL); \ 74 READ_WB_REG_CASE(OP2, 6, VAL); \ 75 READ_WB_REG_CASE(OP2, 7, VAL); \ 76 READ_WB_REG_CASE(OP2, 8, VAL); \ 77 READ_WB_REG_CASE(OP2, 9, VAL); \ 78 READ_WB_REG_CASE(OP2, 10, VAL); \ 79 READ_WB_REG_CASE(OP2, 11, VAL); \ 80 READ_WB_REG_CASE(OP2, 12, VAL); \ 81 READ_WB_REG_CASE(OP2, 13, VAL); \ 82 READ_WB_REG_CASE(OP2, 14, VAL); \ 83 READ_WB_REG_CASE(OP2, 15, VAL) 84 85#define GEN_WRITE_WB_REG_CASES(OP2, VAL) \ 86 WRITE_WB_REG_CASE(OP2, 0, VAL); \ 87 WRITE_WB_REG_CASE(OP2, 1, VAL); \ 88 WRITE_WB_REG_CASE(OP2, 2, VAL); \ 89 WRITE_WB_REG_CASE(OP2, 3, VAL); \ 90 WRITE_WB_REG_CASE(OP2, 4, VAL); \ 91 WRITE_WB_REG_CASE(OP2, 5, VAL); \ 92 WRITE_WB_REG_CASE(OP2, 6, VAL); \ 93 WRITE_WB_REG_CASE(OP2, 7, VAL); \ 94 WRITE_WB_REG_CASE(OP2, 8, VAL); \ 95 WRITE_WB_REG_CASE(OP2, 9, VAL); \ 96 WRITE_WB_REG_CASE(OP2, 10, VAL); \ 97 WRITE_WB_REG_CASE(OP2, 11, VAL); \ 98 WRITE_WB_REG_CASE(OP2, 12, VAL); \ 99 WRITE_WB_REG_CASE(OP2, 13, VAL); \ 100 WRITE_WB_REG_CASE(OP2, 14, VAL); \ 101 WRITE_WB_REG_CASE(OP2, 15, VAL) 102 103static u32 read_wb_reg(int n) 104{ 105 u32 val = 0; 106 107 switch (n) { 108 GEN_READ_WB_REG_CASES(ARM_OP2_BVR, val); 109 GEN_READ_WB_REG_CASES(ARM_OP2_BCR, val); 110 GEN_READ_WB_REG_CASES(ARM_OP2_WVR, val); 111 GEN_READ_WB_REG_CASES(ARM_OP2_WCR, val); 112 default: 113 pr_warning("attempt to read from unknown breakpoint " 114 "register %d\n", n); 115 } 116 117 return val; 118} 119 120static void write_wb_reg(int n, u32 val) 121{ 122 switch (n) { 123 GEN_WRITE_WB_REG_CASES(ARM_OP2_BVR, val); 124 GEN_WRITE_WB_REG_CASES(ARM_OP2_BCR, val); 125 GEN_WRITE_WB_REG_CASES(ARM_OP2_WVR, val); 126 GEN_WRITE_WB_REG_CASES(ARM_OP2_WCR, val); 127 default: 128 pr_warning("attempt to write to unknown breakpoint " 129 "register %d\n", n); 130 } 131 isb(); 132} 133 134/* Determine debug architecture. */ 135static u8 get_debug_arch(void) 136{ 137 u32 didr; 138 139 /* Do we implement the extended CPUID interface? */ 140 if (((read_cpuid_id() >> 16) & 0xf) != 0xf) { 141 pr_warning("CPUID feature registers not supported. " 142 "Assuming v6 debug is present.\n"); 143 return ARM_DEBUG_ARCH_V6; 144 } 145 146 ARM_DBG_READ(c0, 0, didr); 147 return (didr >> 16) & 0xf; 148} 149 150u8 arch_get_debug_arch(void) 151{ 152 return debug_arch; 153} 154 155/* Determine number of BRP register available. */ 156static int get_num_brp_resources(void) 157{ 158 u32 didr; 159 ARM_DBG_READ(c0, 0, didr); 160 return ((didr >> 24) & 0xf) + 1; 161} 162 163/* Does this core support mismatch breakpoints? */ 164static int core_has_mismatch_brps(void) 165{ 166 return (get_debug_arch() >= ARM_DEBUG_ARCH_V7_ECP14 && 167 get_num_brp_resources() > 1); 168} 169 170/* Determine number of usable WRPs available. */ 171static int get_num_wrps(void) 172{ 173 /* 174 * FIXME: When a watchpoint fires, the only way to work out which 175 * watchpoint it was is by disassembling the faulting instruction 176 * and working out the address of the memory access. 177 * 178 * Furthermore, we can only do this if the watchpoint was precise 179 * since imprecise watchpoints prevent us from calculating register 180 * based addresses. 181 * 182 * Providing we have more than 1 breakpoint register, we only report 183 * a single watchpoint register for the time being. This way, we always 184 * know which watchpoint fired. In the future we can either add a 185 * disassembler and address generation emulator, or we can insert a 186 * check to see if the DFAR is set on watchpoint exception entry 187 * [the ARM ARM states that the DFAR is UNKNOWN, but experience shows 188 * that it is set on some implementations]. 189 */ 190 191#if 0 192 int wrps; 193 u32 didr; 194 ARM_DBG_READ(c0, 0, didr); 195 wrps = ((didr >> 28) & 0xf) + 1; 196#endif 197 int wrps = 1; 198 199 if (core_has_mismatch_brps() && wrps >= get_num_brp_resources()) 200 wrps = get_num_brp_resources() - 1; 201 202 return wrps; 203} 204 205/* We reserve one breakpoint for each watchpoint. */ 206static int get_num_reserved_brps(void) 207{ 208 if (core_has_mismatch_brps()) 209 return get_num_wrps(); 210 return 0; 211} 212 213/* Determine number of usable BRPs available. */ 214static int get_num_brps(void) 215{ 216 int brps = get_num_brp_resources(); 217 if (core_has_mismatch_brps()) 218 brps -= get_num_reserved_brps(); 219 return brps; 220} 221 222/* 223 * In order to access the breakpoint/watchpoint control registers, 224 * we must be running in debug monitor mode. Unfortunately, we can 225 * be put into halting debug mode at any time by an external debugger 226 * but there is nothing we can do to prevent that. 227 */ 228static int enable_monitor_mode(void) 229{ 230 u32 dscr; 231 int ret = 0; 232 233 ARM_DBG_READ(c1, 0, dscr); 234 235 /* Ensure that halting mode is disabled. */ 236 if (WARN_ONCE(dscr & ARM_DSCR_HDBGEN, "halting debug mode enabled." 237 "Unable to access hardware resources.")) { 238 ret = -EPERM; 239 goto out; 240 } 241 242 /* If monitor mode is already enabled, just return. */ 243 if (dscr & ARM_DSCR_MDBGEN) 244 goto out; 245 246 /* Write to the corresponding DSCR. */ 247 switch (get_debug_arch()) { 248 case ARM_DEBUG_ARCH_V6: 249 case ARM_DEBUG_ARCH_V6_1: 250 ARM_DBG_WRITE(c1, 0, (dscr | ARM_DSCR_MDBGEN)); 251 break; 252 case ARM_DEBUG_ARCH_V7_ECP14: 253 ARM_DBG_WRITE(c2, 2, (dscr | ARM_DSCR_MDBGEN)); 254 break; 255 default: 256 ret = -ENODEV; 257 goto out; 258 } 259 260 /* Check that the write made it through. */ 261 ARM_DBG_READ(c1, 0, dscr); 262 if (!(dscr & ARM_DSCR_MDBGEN)) 263 ret = -EPERM; 264 265out: 266 return ret; 267} 268 269int hw_breakpoint_slots(int type) 270{ 271 /* 272 * We can be called early, so don't rely on 273 * our static variables being initialised. 274 */ 275 switch (type) { 276 case TYPE_INST: 277 return get_num_brps(); 278 case TYPE_DATA: 279 return get_num_wrps(); 280 default: 281 pr_warning("unknown slot type: %d\n", type); 282 return 0; 283 } 284} 285 286/* 287 * Check if 8-bit byte-address select is available. 288 * This clobbers WRP 0. 289 */ 290static u8 get_max_wp_len(void) 291{ 292 u32 ctrl_reg; 293 struct arch_hw_breakpoint_ctrl ctrl; 294 u8 size = 4; 295 296 if (debug_arch < ARM_DEBUG_ARCH_V7_ECP14) 297 goto out; 298 299 memset(&ctrl, 0, sizeof(ctrl)); 300 ctrl.len = ARM_BREAKPOINT_LEN_8; 301 ctrl_reg = encode_ctrl_reg(ctrl); 302 303 write_wb_reg(ARM_BASE_WVR, 0); 304 write_wb_reg(ARM_BASE_WCR, ctrl_reg); 305 if ((read_wb_reg(ARM_BASE_WCR) & ctrl_reg) == ctrl_reg) 306 size = 8; 307 308out: 309 return size; 310} 311 312u8 arch_get_max_wp_len(void) 313{ 314 return max_watchpoint_len; 315} 316 317/* 318 * Install a perf counter breakpoint. 319 */ 320int arch_install_hw_breakpoint(struct perf_event *bp) 321{ 322 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 323 struct perf_event **slot, **slots; 324 int i, max_slots, ctrl_base, val_base, ret = 0; 325 u32 addr, ctrl; 326 327 /* Ensure that we are in monitor mode and halting mode is disabled. */ 328 ret = enable_monitor_mode(); 329 if (ret) 330 goto out; 331 332 addr = info->address; 333 ctrl = encode_ctrl_reg(info->ctrl) | 0x1; 334 335 if (info->ctrl.type == ARM_BREAKPOINT_EXECUTE) { 336 /* Breakpoint */ 337 ctrl_base = ARM_BASE_BCR; 338 val_base = ARM_BASE_BVR; 339 slots = (struct perf_event **)__get_cpu_var(bp_on_reg); 340 max_slots = core_num_brps; 341 if (info->step_ctrl.enabled) { 342 /* Override the breakpoint data with the step data. */ 343 addr = info->trigger & ~0x3; 344 ctrl = encode_ctrl_reg(info->step_ctrl); 345 } 346 } else { 347 /* Watchpoint */ 348 if (info->step_ctrl.enabled) { 349 /* Install into the reserved breakpoint region. */ 350 ctrl_base = ARM_BASE_BCR + core_num_brps; 351 val_base = ARM_BASE_BVR + core_num_brps; 352 /* Override the watchpoint data with the step data. */ 353 addr = info->trigger & ~0x3; 354 ctrl = encode_ctrl_reg(info->step_ctrl); 355 } else { 356 ctrl_base = ARM_BASE_WCR; 357 val_base = ARM_BASE_WVR; 358 } 359 slots = (struct perf_event **)__get_cpu_var(wp_on_reg); 360 max_slots = core_num_wrps; 361 } 362 363 for (i = 0; i < max_slots; ++i) { 364 slot = &slots[i]; 365 366 if (!*slot) { 367 *slot = bp; 368 break; 369 } 370 } 371 372 if (WARN_ONCE(i == max_slots, "Can't find any breakpoint slot")) { 373 ret = -EBUSY; 374 goto out; 375 } 376 377 /* Setup the address register. */ 378 write_wb_reg(val_base + i, addr); 379 380 /* Setup the control register. */ 381 write_wb_reg(ctrl_base + i, ctrl); 382 383out: 384 return ret; 385} 386 387void arch_uninstall_hw_breakpoint(struct perf_event *bp) 388{ 389 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 390 struct perf_event **slot, **slots; 391 int i, max_slots, base; 392 393 if (info->ctrl.type == ARM_BREAKPOINT_EXECUTE) { 394 /* Breakpoint */ 395 base = ARM_BASE_BCR; 396 slots = (struct perf_event **)__get_cpu_var(bp_on_reg); 397 max_slots = core_num_brps; 398 } else { 399 /* Watchpoint */ 400 if (info->step_ctrl.enabled) 401 base = ARM_BASE_BCR + core_num_brps; 402 else 403 base = ARM_BASE_WCR; 404 slots = (struct perf_event **)__get_cpu_var(wp_on_reg); 405 max_slots = core_num_wrps; 406 } 407 408 /* Remove the breakpoint. */ 409 for (i = 0; i < max_slots; ++i) { 410 slot = &slots[i]; 411 412 if (*slot == bp) { 413 *slot = NULL; 414 break; 415 } 416 } 417 418 if (WARN_ONCE(i == max_slots, "Can't find any breakpoint slot")) 419 return; 420 421 /* Reset the control register. */ 422 write_wb_reg(base + i, 0); 423} 424 425static int get_hbp_len(u8 hbp_len) 426{ 427 unsigned int len_in_bytes = 0; 428 429 switch (hbp_len) { 430 case ARM_BREAKPOINT_LEN_1: 431 len_in_bytes = 1; 432 break; 433 case ARM_BREAKPOINT_LEN_2: 434 len_in_bytes = 2; 435 break; 436 case ARM_BREAKPOINT_LEN_4: 437 len_in_bytes = 4; 438 break; 439 case ARM_BREAKPOINT_LEN_8: 440 len_in_bytes = 8; 441 break; 442 } 443 444 return len_in_bytes; 445} 446 447/* 448 * Check whether bp virtual address is in kernel space. 449 */ 450int arch_check_bp_in_kernelspace(struct perf_event *bp) 451{ 452 unsigned int len; 453 unsigned long va; 454 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 455 456 va = info->address; 457 len = get_hbp_len(info->ctrl.len); 458 459 return (va >= TASK_SIZE) && ((va + len - 1) >= TASK_SIZE); 460} 461 462/* 463 * Extract generic type and length encodings from an arch_hw_breakpoint_ctrl. 464 * Hopefully this will disappear when ptrace can bypass the conversion 465 * to generic breakpoint descriptions. 466 */ 467int arch_bp_generic_fields(struct arch_hw_breakpoint_ctrl ctrl, 468 int *gen_len, int *gen_type) 469{ 470 /* Type */ 471 switch (ctrl.type) { 472 case ARM_BREAKPOINT_EXECUTE: 473 *gen_type = HW_BREAKPOINT_X; 474 break; 475 case ARM_BREAKPOINT_LOAD: 476 *gen_type = HW_BREAKPOINT_R; 477 break; 478 case ARM_BREAKPOINT_STORE: 479 *gen_type = HW_BREAKPOINT_W; 480 break; 481 case ARM_BREAKPOINT_LOAD | ARM_BREAKPOINT_STORE: 482 *gen_type = HW_BREAKPOINT_RW; 483 break; 484 default: 485 return -EINVAL; 486 } 487 488 /* Len */ 489 switch (ctrl.len) { 490 case ARM_BREAKPOINT_LEN_1: 491 *gen_len = HW_BREAKPOINT_LEN_1; 492 break; 493 case ARM_BREAKPOINT_LEN_2: 494 *gen_len = HW_BREAKPOINT_LEN_2; 495 break; 496 case ARM_BREAKPOINT_LEN_4: 497 *gen_len = HW_BREAKPOINT_LEN_4; 498 break; 499 case ARM_BREAKPOINT_LEN_8: 500 *gen_len = HW_BREAKPOINT_LEN_8; 501 break; 502 default: 503 return -EINVAL; 504 } 505 506 return 0; 507} 508 509/* 510 * Construct an arch_hw_breakpoint from a perf_event. 511 */ 512static int arch_build_bp_info(struct perf_event *bp) 513{ 514 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 515 516 /* Type */ 517 switch (bp->attr.bp_type) { 518 case HW_BREAKPOINT_X: 519 info->ctrl.type = ARM_BREAKPOINT_EXECUTE; 520 break; 521 case HW_BREAKPOINT_R: 522 info->ctrl.type = ARM_BREAKPOINT_LOAD; 523 break; 524 case HW_BREAKPOINT_W: 525 info->ctrl.type = ARM_BREAKPOINT_STORE; 526 break; 527 case HW_BREAKPOINT_RW: 528 info->ctrl.type = ARM_BREAKPOINT_LOAD | ARM_BREAKPOINT_STORE; 529 break; 530 default: 531 return -EINVAL; 532 } 533 534 /* Len */ 535 switch (bp->attr.bp_len) { 536 case HW_BREAKPOINT_LEN_1: 537 info->ctrl.len = ARM_BREAKPOINT_LEN_1; 538 break; 539 case HW_BREAKPOINT_LEN_2: 540 info->ctrl.len = ARM_BREAKPOINT_LEN_2; 541 break; 542 case HW_BREAKPOINT_LEN_4: 543 info->ctrl.len = ARM_BREAKPOINT_LEN_4; 544 break; 545 case HW_BREAKPOINT_LEN_8: 546 info->ctrl.len = ARM_BREAKPOINT_LEN_8; 547 if ((info->ctrl.type != ARM_BREAKPOINT_EXECUTE) 548 && max_watchpoint_len >= 8) 549 break; 550 default: 551 return -EINVAL; 552 } 553 554 /* 555 * Breakpoints must be of length 2 (thumb) or 4 (ARM) bytes. 556 * Watchpoints can be of length 1, 2, 4 or 8 bytes if supported 557 * by the hardware and must be aligned to the appropriate number of 558 * bytes. 559 */ 560 if (info->ctrl.type == ARM_BREAKPOINT_EXECUTE && 561 info->ctrl.len != ARM_BREAKPOINT_LEN_2 && 562 info->ctrl.len != ARM_BREAKPOINT_LEN_4) 563 return -EINVAL; 564 565 /* Address */ 566 info->address = bp->attr.bp_addr; 567 568 /* Privilege */ 569 info->ctrl.privilege = ARM_BREAKPOINT_USER; 570 if (arch_check_bp_in_kernelspace(bp)) 571 info->ctrl.privilege |= ARM_BREAKPOINT_PRIV; 572 573 /* Enabled? */ 574 info->ctrl.enabled = !bp->attr.disabled; 575 576 /* Mismatch */ 577 info->ctrl.mismatch = 0; 578 579 return 0; 580} 581 582/* 583 * Validate the arch-specific HW Breakpoint register settings. 584 */ 585int arch_validate_hwbkpt_settings(struct perf_event *bp) 586{ 587 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 588 int ret = 0; 589 u32 offset, alignment_mask = 0x3; 590 591 /* Build the arch_hw_breakpoint. */ 592 ret = arch_build_bp_info(bp); 593 if (ret) 594 goto out; 595 596 /* Check address alignment. */ 597 if (info->ctrl.len == ARM_BREAKPOINT_LEN_8) 598 alignment_mask = 0x7; 599 offset = info->address & alignment_mask; 600 switch (offset) { 601 case 0: 602 /* Aligned */ 603 break; 604 case 1: 605 /* Allow single byte watchpoint. */ 606 if (info->ctrl.len == ARM_BREAKPOINT_LEN_1) 607 break; 608 case 2: 609 /* Allow halfword watchpoints and breakpoints. */ 610 if (info->ctrl.len == ARM_BREAKPOINT_LEN_2) 611 break; 612 default: 613 ret = -EINVAL; 614 goto out; 615 } 616 617 info->address &= ~alignment_mask; 618 info->ctrl.len <<= offset; 619 620 /* 621 * Currently we rely on an overflow handler to take 622 * care of single-stepping the breakpoint when it fires. 623 * In the case of userspace breakpoints on a core with V7 debug, 624 * we can use the mismatch feature as a poor-man's hardware 625 * single-step, but this only works for per-task breakpoints. 626 */ 627 if (WARN_ONCE(!bp->overflow_handler && 628 (arch_check_bp_in_kernelspace(bp) || !core_has_mismatch_brps() 629 || !bp->hw.bp_target), 630 "overflow handler required but none found")) { 631 ret = -EINVAL; 632 } 633out: 634 return ret; 635} 636 637/* 638 * Enable/disable single-stepping over the breakpoint bp at address addr. 639 */ 640static void enable_single_step(struct perf_event *bp, u32 addr) 641{ 642 struct arch_hw_breakpoint *info = counter_arch_bp(bp); 643 644 arch_uninstall_hw_breakpoint(bp); 645 info->step_ctrl.mismatch = 1; 646 info->step_ctrl.len = ARM_BREAKPOINT_LEN_4; 647 info->step_ctrl.type = ARM_BREAKPOINT_EXECUTE; 648 info->step_ctrl.privilege = info->ctrl.privilege; 649 info->step_ctrl.enabled = 1; 650 info->trigger = addr; 651 arch_install_hw_breakpoint(bp); 652} 653 654static void disable_single_step(struct perf_event *bp) 655{ 656 arch_uninstall_hw_breakpoint(bp); 657 counter_arch_bp(bp)->step_ctrl.enabled = 0; 658 arch_install_hw_breakpoint(bp); 659} 660 661static void watchpoint_handler(unsigned long unknown, struct pt_regs *regs) 662{ 663 int i; 664 struct perf_event *wp, **slots; 665 struct arch_hw_breakpoint *info; 666 667 slots = (struct perf_event **)__get_cpu_var(wp_on_reg); 668 669 /* Without a disassembler, we can only handle 1 watchpoint. */ 670 BUG_ON(core_num_wrps > 1); 671 672 for (i = 0; i < core_num_wrps; ++i) { 673 rcu_read_lock(); 674 675 wp = slots[i]; 676 677 if (wp == NULL) { 678 rcu_read_unlock(); 679 continue; 680 } 681 682 /* 683 * The DFAR is an unknown value. Since we only allow a 684 * single watchpoint, we can set the trigger to the lowest 685 * possible faulting address. 686 */ 687 info = counter_arch_bp(wp); 688 info->trigger = wp->attr.bp_addr; 689 pr_debug("watchpoint fired: address = 0x%x\n", info->trigger); 690 perf_bp_event(wp, regs); 691 692 /* 693 * If no overflow handler is present, insert a temporary 694 * mismatch breakpoint so we can single-step over the 695 * watchpoint trigger. 696 */ 697 if (!wp->overflow_handler) 698 enable_single_step(wp, instruction_pointer(regs)); 699 700 rcu_read_unlock(); 701 } 702} 703 704static void watchpoint_single_step_handler(unsigned long pc) 705{ 706 int i; 707 struct perf_event *wp, **slots; 708 struct arch_hw_breakpoint *info; 709 710 slots = (struct perf_event **)__get_cpu_var(wp_on_reg); 711 712 for (i = 0; i < core_num_reserved_brps; ++i) { 713 rcu_read_lock(); 714 715 wp = slots[i]; 716 717 if (wp == NULL) 718 goto unlock; 719 720 info = counter_arch_bp(wp); 721 if (!info->step_ctrl.enabled) 722 goto unlock; 723 724 /* 725 * Restore the original watchpoint if we've completed the 726 * single-step. 727 */ 728 if (info->trigger != pc) 729 disable_single_step(wp); 730 731unlock: 732 rcu_read_unlock(); 733 } 734} 735 736static void breakpoint_handler(unsigned long unknown, struct pt_regs *regs) 737{ 738 int i; 739 u32 ctrl_reg, val, addr; 740 struct perf_event *bp, **slots; 741 struct arch_hw_breakpoint *info; 742 struct arch_hw_breakpoint_ctrl ctrl; 743 744 slots = (struct perf_event **)__get_cpu_var(bp_on_reg); 745 746 /* The exception entry code places the amended lr in the PC. */ 747 addr = regs->ARM_pc; 748 749 /* Check the currently installed breakpoints first. */ 750 for (i = 0; i < core_num_brps; ++i) { 751 rcu_read_lock(); 752 753 bp = slots[i]; 754 755 if (bp == NULL) 756 goto unlock; 757 758 info = counter_arch_bp(bp); 759 760 /* Check if the breakpoint value matches. */ 761 val = read_wb_reg(ARM_BASE_BVR + i); 762 if (val != (addr & ~0x3)) 763 goto mismatch; 764 765 /* Possible match, check the byte address select to confirm. */ 766 ctrl_reg = read_wb_reg(ARM_BASE_BCR + i); 767 decode_ctrl_reg(ctrl_reg, &ctrl); 768 if ((1 << (addr & 0x3)) & ctrl.len) { 769 info->trigger = addr; 770 pr_debug("breakpoint fired: address = 0x%x\n", addr); 771 perf_bp_event(bp, regs); 772 if (!bp->overflow_handler) 773 enable_single_step(bp, addr); 774 goto unlock; 775 } 776 777mismatch: 778 /* If we're stepping a breakpoint, it can now be restored. */ 779 if (info->step_ctrl.enabled) 780 disable_single_step(bp); 781unlock: 782 rcu_read_unlock(); 783 } 784 785 /* Handle any pending watchpoint single-step breakpoints. */ 786 watchpoint_single_step_handler(addr); 787} 788 789/* 790 * Called from either the Data Abort Handler [watchpoint] or the 791 * Prefetch Abort Handler [breakpoint] with preemption disabled. 792 */ 793static int hw_breakpoint_pending(unsigned long addr, unsigned int fsr, 794 struct pt_regs *regs) 795{ 796 int ret = 0; 797 u32 dscr; 798 799 /* We must be called with preemption disabled. */ 800 WARN_ON(preemptible()); 801 802 /* We only handle watchpoints and hardware breakpoints. */ 803 ARM_DBG_READ(c1, 0, dscr); 804 805 /* Perform perf callbacks. */ 806 switch (ARM_DSCR_MOE(dscr)) { 807 case ARM_ENTRY_BREAKPOINT: 808 breakpoint_handler(addr, regs); 809 break; 810 case ARM_ENTRY_ASYNC_WATCHPOINT: 811 WARN(1, "Asynchronous watchpoint exception taken. Debugging results may be unreliable\n"); 812 case ARM_ENTRY_SYNC_WATCHPOINT: 813 watchpoint_handler(addr, regs); 814 break; 815 default: 816 ret = 1; /* Unhandled fault. */ 817 } 818 819 /* 820 * Re-enable preemption after it was disabled in the 821 * low-level exception handling code. 822 */ 823 preempt_enable(); 824 825 return ret; 826} 827 828/* 829 * One-time initialisation. 830 */ 831static void reset_ctrl_regs(void *unused) 832{ 833 int i; 834 835 /* 836 * v7 debug contains save and restore registers so that debug state 837 * can be maintained across low-power modes without leaving the debug 838 * logic powered up. It is IMPLEMENTATION DEFINED whether we can access 839 * the debug registers out of reset, so we must unlock the OS Lock 840 * Access Register to avoid taking undefined instruction exceptions 841 * later on. 842 */ 843 if (debug_arch >= ARM_DEBUG_ARCH_V7_ECP14) { 844 /* 845 * Unconditionally clear the lock by writing a value 846 * other than 0xC5ACCE55 to the access register. 847 */ 848 asm volatile("mcr p14, 0, %0, c1, c0, 4" : : "r" (0)); 849 isb(); 850 } 851 852 if (enable_monitor_mode()) 853 return; 854 855 /* We must also reset any reserved registers. */ 856 for (i = 0; i < core_num_brps + core_num_reserved_brps; ++i) { 857 write_wb_reg(ARM_BASE_BCR + i, 0UL); 858 write_wb_reg(ARM_BASE_BVR + i, 0UL); 859 } 860 861 for (i = 0; i < core_num_wrps; ++i) { 862 write_wb_reg(ARM_BASE_WCR + i, 0UL); 863 write_wb_reg(ARM_BASE_WVR + i, 0UL); 864 } 865} 866 867static int __cpuinit dbg_reset_notify(struct notifier_block *self, 868 unsigned long action, void *cpu) 869{ 870 if (action == CPU_ONLINE) 871 smp_call_function_single((int)cpu, reset_ctrl_regs, NULL, 1); 872 return NOTIFY_OK; 873} 874 875static struct notifier_block __cpuinitdata dbg_reset_nb = { 876 .notifier_call = dbg_reset_notify, 877}; 878 879static int __init arch_hw_breakpoint_init(void) 880{ 881 u32 dscr; 882 883 debug_arch = get_debug_arch(); 884 885 if (debug_arch > ARM_DEBUG_ARCH_V7_ECP14) { 886 pr_info("debug architecture 0x%x unsupported.\n", debug_arch); 887 return 0; 888 } 889 890 /* Determine how many BRPs/WRPs are available. */ 891 core_num_brps = get_num_brps(); 892 core_num_reserved_brps = get_num_reserved_brps(); 893 core_num_wrps = get_num_wrps(); 894 895 pr_info("found %d breakpoint and %d watchpoint registers.\n", 896 core_num_brps + core_num_reserved_brps, core_num_wrps); 897 898 if (core_num_reserved_brps) 899 pr_info("%d breakpoint(s) reserved for watchpoint " 900 "single-step.\n", core_num_reserved_brps); 901 902 /* 903 * Reset the breakpoint resources. We assume that a halting 904 * debugger will leave the world in a nice state for us. 905 */ 906 on_each_cpu(reset_ctrl_regs, NULL, 1); 907 908 ARM_DBG_READ(c1, 0, dscr); 909 if (dscr & ARM_DSCR_HDBGEN) { 910 max_watchpoint_len = 4; 911 pr_warning("halting debug mode enabled. Assuming maximum " 912 "watchpoint size of %u bytes.", max_watchpoint_len); 913 } else { 914 /* Work out the maximum supported watchpoint length. */ 915 max_watchpoint_len = get_max_wp_len(); 916 pr_info("maximum watchpoint size is %u bytes.\n", 917 max_watchpoint_len); 918 } 919 920 /* Register debug fault handler. */ 921 hook_fault_code(2, hw_breakpoint_pending, SIGTRAP, TRAP_HWBKPT, 922 "watchpoint debug exception"); 923 hook_ifault_code(2, hw_breakpoint_pending, SIGTRAP, TRAP_HWBKPT, 924 "breakpoint debug exception"); 925 926 /* Register hotplug notifier. */ 927 register_cpu_notifier(&dbg_reset_nb); 928 return 0; 929} 930arch_initcall(arch_hw_breakpoint_init); 931 932void hw_breakpoint_pmu_read(struct perf_event *bp) 933{ 934} 935 936/* 937 * Dummy function to register with die_notifier. 938 */ 939int hw_breakpoint_exceptions_notify(struct notifier_block *unused, 940 unsigned long val, void *data) 941{ 942 return NOTIFY_DONE; 943} 944