Loading...
1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Copyright (C) 2007 Alan Stern
4 * Copyright (C) IBM Corporation, 2009
5 * Copyright (C) 2009, Frederic Weisbecker <fweisbec@gmail.com>
6 *
7 * Thanks to Ingo Molnar for his many suggestions.
8 *
9 * Authors: Alan Stern <stern@rowland.harvard.edu>
10 * K.Prasad <prasad@linux.vnet.ibm.com>
11 * Frederic Weisbecker <fweisbec@gmail.com>
12 */
13
14/*
15 * HW_breakpoint: a unified kernel/user-space hardware breakpoint facility,
16 * using the CPU's debug registers.
17 * This file contains the arch-independent routines.
18 */
19
20#include <linux/hw_breakpoint.h>
21
22#include <linux/atomic.h>
23#include <linux/bug.h>
24#include <linux/cpu.h>
25#include <linux/export.h>
26#include <linux/init.h>
27#include <linux/irqflags.h>
28#include <linux/kdebug.h>
29#include <linux/kernel.h>
30#include <linux/mutex.h>
31#include <linux/notifier.h>
32#include <linux/percpu-rwsem.h>
33#include <linux/percpu.h>
34#include <linux/rhashtable.h>
35#include <linux/sched.h>
36#include <linux/slab.h>
37
38/*
39 * Datastructure to track the total uses of N slots across tasks or CPUs;
40 * bp_slots_histogram::count[N] is the number of assigned N+1 breakpoint slots.
41 */
42struct bp_slots_histogram {
43#ifdef hw_breakpoint_slots
44 atomic_t count[hw_breakpoint_slots(0)];
45#else
46 atomic_t *count;
47#endif
48};
49
50/*
51 * Per-CPU constraints data.
52 */
53struct bp_cpuinfo {
54 /* Number of pinned CPU breakpoints in a CPU. */
55 unsigned int cpu_pinned;
56 /* Histogram of pinned task breakpoints in a CPU. */
57 struct bp_slots_histogram tsk_pinned;
58};
59
60static DEFINE_PER_CPU(struct bp_cpuinfo, bp_cpuinfo[TYPE_MAX]);
61
62static struct bp_cpuinfo *get_bp_info(int cpu, enum bp_type_idx type)
63{
64 return per_cpu_ptr(bp_cpuinfo + type, cpu);
65}
66
67/* Number of pinned CPU breakpoints globally. */
68static struct bp_slots_histogram cpu_pinned[TYPE_MAX];
69/* Number of pinned CPU-independent task breakpoints. */
70static struct bp_slots_histogram tsk_pinned_all[TYPE_MAX];
71
72/* Keep track of the breakpoints attached to tasks */
73static struct rhltable task_bps_ht;
74static const struct rhashtable_params task_bps_ht_params = {
75 .head_offset = offsetof(struct hw_perf_event, bp_list),
76 .key_offset = offsetof(struct hw_perf_event, target),
77 .key_len = sizeof_field(struct hw_perf_event, target),
78 .automatic_shrinking = true,
79};
80
81static bool constraints_initialized __ro_after_init;
82
83/*
84 * Synchronizes accesses to the per-CPU constraints; the locking rules are:
85 *
86 * 1. Atomic updates to bp_cpuinfo::tsk_pinned only require a held read-lock
87 * (due to bp_slots_histogram::count being atomic, no update are lost).
88 *
89 * 2. Holding a write-lock is required for computations that require a
90 * stable snapshot of all bp_cpuinfo::tsk_pinned.
91 *
92 * 3. In all other cases, non-atomic accesses require the appropriately held
93 * lock (read-lock for read-only accesses; write-lock for reads/writes).
94 */
95DEFINE_STATIC_PERCPU_RWSEM(bp_cpuinfo_sem);
96
97/*
98 * Return mutex to serialize accesses to per-task lists in task_bps_ht. Since
99 * rhltable synchronizes concurrent insertions/deletions, independent tasks may
100 * insert/delete concurrently; therefore, a mutex per task is sufficient.
101 *
102 * Uses task_struct::perf_event_mutex, to avoid extending task_struct with a
103 * hw_breakpoint-only mutex, which may be infrequently used. The caveat here is
104 * that hw_breakpoint may contend with per-task perf event list management. The
105 * assumption is that perf usecases involving hw_breakpoints are very unlikely
106 * to result in unnecessary contention.
107 */
108static inline struct mutex *get_task_bps_mutex(struct perf_event *bp)
109{
110 struct task_struct *tsk = bp->hw.target;
111
112 return tsk ? &tsk->perf_event_mutex : NULL;
113}
114
115static struct mutex *bp_constraints_lock(struct perf_event *bp)
116{
117 struct mutex *tsk_mtx = get_task_bps_mutex(bp);
118
119 if (tsk_mtx) {
120 /*
121 * Fully analogous to the perf_try_init_event() nesting
122 * argument in the comment near perf_event_ctx_lock_nested();
123 * this child->perf_event_mutex cannot ever deadlock against
124 * the parent->perf_event_mutex usage from
125 * perf_event_task_{en,dis}able().
126 *
127 * Specifically, inherited events will never occur on
128 * ->perf_event_list.
129 */
130 mutex_lock_nested(tsk_mtx, SINGLE_DEPTH_NESTING);
131 percpu_down_read(&bp_cpuinfo_sem);
132 } else {
133 percpu_down_write(&bp_cpuinfo_sem);
134 }
135
136 return tsk_mtx;
137}
138
139static void bp_constraints_unlock(struct mutex *tsk_mtx)
140{
141 if (tsk_mtx) {
142 percpu_up_read(&bp_cpuinfo_sem);
143 mutex_unlock(tsk_mtx);
144 } else {
145 percpu_up_write(&bp_cpuinfo_sem);
146 }
147}
148
149static bool bp_constraints_is_locked(struct perf_event *bp)
150{
151 struct mutex *tsk_mtx = get_task_bps_mutex(bp);
152
153 return percpu_is_write_locked(&bp_cpuinfo_sem) ||
154 (tsk_mtx ? mutex_is_locked(tsk_mtx) :
155 percpu_is_read_locked(&bp_cpuinfo_sem));
156}
157
158static inline void assert_bp_constraints_lock_held(struct perf_event *bp)
159{
160 struct mutex *tsk_mtx = get_task_bps_mutex(bp);
161
162 if (tsk_mtx)
163 lockdep_assert_held(tsk_mtx);
164 lockdep_assert_held(&bp_cpuinfo_sem);
165}
166
167#ifdef hw_breakpoint_slots
168/*
169 * Number of breakpoint slots is constant, and the same for all types.
170 */
171static_assert(hw_breakpoint_slots(TYPE_INST) == hw_breakpoint_slots(TYPE_DATA));
172static inline int hw_breakpoint_slots_cached(int type) { return hw_breakpoint_slots(type); }
173static inline int init_breakpoint_slots(void) { return 0; }
174#else
175/*
176 * Dynamic number of breakpoint slots.
177 */
178static int __nr_bp_slots[TYPE_MAX] __ro_after_init;
179
180static inline int hw_breakpoint_slots_cached(int type)
181{
182 return __nr_bp_slots[type];
183}
184
185static __init bool
186bp_slots_histogram_alloc(struct bp_slots_histogram *hist, enum bp_type_idx type)
187{
188 hist->count = kcalloc(hw_breakpoint_slots_cached(type), sizeof(*hist->count), GFP_KERNEL);
189 return hist->count;
190}
191
192static __init void bp_slots_histogram_free(struct bp_slots_histogram *hist)
193{
194 kfree(hist->count);
195}
196
197static __init int init_breakpoint_slots(void)
198{
199 int i, cpu, err_cpu;
200
201 for (i = 0; i < TYPE_MAX; i++)
202 __nr_bp_slots[i] = hw_breakpoint_slots(i);
203
204 for_each_possible_cpu(cpu) {
205 for (i = 0; i < TYPE_MAX; i++) {
206 struct bp_cpuinfo *info = get_bp_info(cpu, i);
207
208 if (!bp_slots_histogram_alloc(&info->tsk_pinned, i))
209 goto err;
210 }
211 }
212 for (i = 0; i < TYPE_MAX; i++) {
213 if (!bp_slots_histogram_alloc(&cpu_pinned[i], i))
214 goto err;
215 if (!bp_slots_histogram_alloc(&tsk_pinned_all[i], i))
216 goto err;
217 }
218
219 return 0;
220err:
221 for_each_possible_cpu(err_cpu) {
222 for (i = 0; i < TYPE_MAX; i++)
223 bp_slots_histogram_free(&get_bp_info(err_cpu, i)->tsk_pinned);
224 if (err_cpu == cpu)
225 break;
226 }
227 for (i = 0; i < TYPE_MAX; i++) {
228 bp_slots_histogram_free(&cpu_pinned[i]);
229 bp_slots_histogram_free(&tsk_pinned_all[i]);
230 }
231
232 return -ENOMEM;
233}
234#endif
235
236static inline void
237bp_slots_histogram_add(struct bp_slots_histogram *hist, int old, int val)
238{
239 const int old_idx = old - 1;
240 const int new_idx = old_idx + val;
241
242 if (old_idx >= 0)
243 WARN_ON(atomic_dec_return_relaxed(&hist->count[old_idx]) < 0);
244 if (new_idx >= 0)
245 WARN_ON(atomic_inc_return_relaxed(&hist->count[new_idx]) < 0);
246}
247
248static int
249bp_slots_histogram_max(struct bp_slots_histogram *hist, enum bp_type_idx type)
250{
251 for (int i = hw_breakpoint_slots_cached(type) - 1; i >= 0; i--) {
252 const int count = atomic_read(&hist->count[i]);
253
254 /* Catch unexpected writers; we want a stable snapshot. */
255 ASSERT_EXCLUSIVE_WRITER(hist->count[i]);
256 if (count > 0)
257 return i + 1;
258 WARN(count < 0, "inconsistent breakpoint slots histogram");
259 }
260
261 return 0;
262}
263
264static int
265bp_slots_histogram_max_merge(struct bp_slots_histogram *hist1, struct bp_slots_histogram *hist2,
266 enum bp_type_idx type)
267{
268 for (int i = hw_breakpoint_slots_cached(type) - 1; i >= 0; i--) {
269 const int count1 = atomic_read(&hist1->count[i]);
270 const int count2 = atomic_read(&hist2->count[i]);
271
272 /* Catch unexpected writers; we want a stable snapshot. */
273 ASSERT_EXCLUSIVE_WRITER(hist1->count[i]);
274 ASSERT_EXCLUSIVE_WRITER(hist2->count[i]);
275 if (count1 + count2 > 0)
276 return i + 1;
277 WARN(count1 < 0, "inconsistent breakpoint slots histogram");
278 WARN(count2 < 0, "inconsistent breakpoint slots histogram");
279 }
280
281 return 0;
282}
283
284#ifndef hw_breakpoint_weight
285static inline int hw_breakpoint_weight(struct perf_event *bp)
286{
287 return 1;
288}
289#endif
290
291static inline enum bp_type_idx find_slot_idx(u64 bp_type)
292{
293 if (bp_type & HW_BREAKPOINT_RW)
294 return TYPE_DATA;
295
296 return TYPE_INST;
297}
298
299/*
300 * Return the maximum number of pinned breakpoints a task has in this CPU.
301 */
302static unsigned int max_task_bp_pinned(int cpu, enum bp_type_idx type)
303{
304 struct bp_slots_histogram *tsk_pinned = &get_bp_info(cpu, type)->tsk_pinned;
305
306 /*
307 * At this point we want to have acquired the bp_cpuinfo_sem as a
308 * writer to ensure that there are no concurrent writers in
309 * toggle_bp_task_slot() to tsk_pinned, and we get a stable snapshot.
310 */
311 lockdep_assert_held_write(&bp_cpuinfo_sem);
312 return bp_slots_histogram_max_merge(tsk_pinned, &tsk_pinned_all[type], type);
313}
314
315/*
316 * Count the number of breakpoints of the same type and same task.
317 * The given event must be not on the list.
318 *
319 * If @cpu is -1, but the result of task_bp_pinned() is not CPU-independent,
320 * returns a negative value.
321 */
322static int task_bp_pinned(int cpu, struct perf_event *bp, enum bp_type_idx type)
323{
324 struct rhlist_head *head, *pos;
325 struct perf_event *iter;
326 int count = 0;
327
328 /*
329 * We need a stable snapshot of the per-task breakpoint list.
330 */
331 assert_bp_constraints_lock_held(bp);
332
333 rcu_read_lock();
334 head = rhltable_lookup(&task_bps_ht, &bp->hw.target, task_bps_ht_params);
335 if (!head)
336 goto out;
337
338 rhl_for_each_entry_rcu(iter, pos, head, hw.bp_list) {
339 if (find_slot_idx(iter->attr.bp_type) != type)
340 continue;
341
342 if (iter->cpu >= 0) {
343 if (cpu == -1) {
344 count = -1;
345 goto out;
346 } else if (cpu != iter->cpu)
347 continue;
348 }
349
350 count += hw_breakpoint_weight(iter);
351 }
352
353out:
354 rcu_read_unlock();
355 return count;
356}
357
358static const struct cpumask *cpumask_of_bp(struct perf_event *bp)
359{
360 if (bp->cpu >= 0)
361 return cpumask_of(bp->cpu);
362 return cpu_possible_mask;
363}
364
365/*
366 * Returns the max pinned breakpoint slots in a given
367 * CPU (cpu > -1) or across all of them (cpu = -1).
368 */
369static int
370max_bp_pinned_slots(struct perf_event *bp, enum bp_type_idx type)
371{
372 const struct cpumask *cpumask = cpumask_of_bp(bp);
373 int pinned_slots = 0;
374 int cpu;
375
376 if (bp->hw.target && bp->cpu < 0) {
377 int max_pinned = task_bp_pinned(-1, bp, type);
378
379 if (max_pinned >= 0) {
380 /*
381 * Fast path: task_bp_pinned() is CPU-independent and
382 * returns the same value for any CPU.
383 */
384 max_pinned += bp_slots_histogram_max(&cpu_pinned[type], type);
385 return max_pinned;
386 }
387 }
388
389 for_each_cpu(cpu, cpumask) {
390 struct bp_cpuinfo *info = get_bp_info(cpu, type);
391 int nr;
392
393 nr = info->cpu_pinned;
394 if (!bp->hw.target)
395 nr += max_task_bp_pinned(cpu, type);
396 else
397 nr += task_bp_pinned(cpu, bp, type);
398
399 pinned_slots = max(nr, pinned_slots);
400 }
401
402 return pinned_slots;
403}
404
405/*
406 * Add/remove the given breakpoint in our constraint table
407 */
408static int
409toggle_bp_slot(struct perf_event *bp, bool enable, enum bp_type_idx type, int weight)
410{
411 int cpu, next_tsk_pinned;
412
413 if (!enable)
414 weight = -weight;
415
416 if (!bp->hw.target) {
417 /*
418 * Update the pinned CPU slots, in per-CPU bp_cpuinfo and in the
419 * global histogram.
420 */
421 struct bp_cpuinfo *info = get_bp_info(bp->cpu, type);
422
423 lockdep_assert_held_write(&bp_cpuinfo_sem);
424 bp_slots_histogram_add(&cpu_pinned[type], info->cpu_pinned, weight);
425 info->cpu_pinned += weight;
426 return 0;
427 }
428
429 /*
430 * If bp->hw.target, tsk_pinned is only modified, but not used
431 * otherwise. We can permit concurrent updates as long as there are no
432 * other uses: having acquired bp_cpuinfo_sem as a reader allows
433 * concurrent updates here. Uses of tsk_pinned will require acquiring
434 * bp_cpuinfo_sem as a writer to stabilize tsk_pinned's value.
435 */
436 lockdep_assert_held_read(&bp_cpuinfo_sem);
437
438 /*
439 * Update the pinned task slots, in per-CPU bp_cpuinfo and in the global
440 * histogram. We need to take care of 4 cases:
441 *
442 * 1. This breakpoint targets all CPUs (cpu < 0), and there may only
443 * exist other task breakpoints targeting all CPUs. In this case we
444 * can simply update the global slots histogram.
445 *
446 * 2. This breakpoint targets a specific CPU (cpu >= 0), but there may
447 * only exist other task breakpoints targeting all CPUs.
448 *
449 * a. On enable: remove the existing breakpoints from the global
450 * slots histogram and use the per-CPU histogram.
451 *
452 * b. On disable: re-insert the existing breakpoints into the global
453 * slots histogram and remove from per-CPU histogram.
454 *
455 * 3. Some other existing task breakpoints target specific CPUs. Only
456 * update the per-CPU slots histogram.
457 */
458
459 if (!enable) {
460 /*
461 * Remove before updating histograms so we can determine if this
462 * was the last task breakpoint for a specific CPU.
463 */
464 int ret = rhltable_remove(&task_bps_ht, &bp->hw.bp_list, task_bps_ht_params);
465
466 if (ret)
467 return ret;
468 }
469 /*
470 * Note: If !enable, next_tsk_pinned will not count the to-be-removed breakpoint.
471 */
472 next_tsk_pinned = task_bp_pinned(-1, bp, type);
473
474 if (next_tsk_pinned >= 0) {
475 if (bp->cpu < 0) { /* Case 1: fast path */
476 if (!enable)
477 next_tsk_pinned += hw_breakpoint_weight(bp);
478 bp_slots_histogram_add(&tsk_pinned_all[type], next_tsk_pinned, weight);
479 } else if (enable) { /* Case 2.a: slow path */
480 /* Add existing to per-CPU histograms. */
481 for_each_possible_cpu(cpu) {
482 bp_slots_histogram_add(&get_bp_info(cpu, type)->tsk_pinned,
483 0, next_tsk_pinned);
484 }
485 /* Add this first CPU-pinned task breakpoint. */
486 bp_slots_histogram_add(&get_bp_info(bp->cpu, type)->tsk_pinned,
487 next_tsk_pinned, weight);
488 /* Rebalance global task pinned histogram. */
489 bp_slots_histogram_add(&tsk_pinned_all[type], next_tsk_pinned,
490 -next_tsk_pinned);
491 } else { /* Case 2.b: slow path */
492 /* Remove this last CPU-pinned task breakpoint. */
493 bp_slots_histogram_add(&get_bp_info(bp->cpu, type)->tsk_pinned,
494 next_tsk_pinned + hw_breakpoint_weight(bp), weight);
495 /* Remove all from per-CPU histograms. */
496 for_each_possible_cpu(cpu) {
497 bp_slots_histogram_add(&get_bp_info(cpu, type)->tsk_pinned,
498 next_tsk_pinned, -next_tsk_pinned);
499 }
500 /* Rebalance global task pinned histogram. */
501 bp_slots_histogram_add(&tsk_pinned_all[type], 0, next_tsk_pinned);
502 }
503 } else { /* Case 3: slow path */
504 const struct cpumask *cpumask = cpumask_of_bp(bp);
505
506 for_each_cpu(cpu, cpumask) {
507 next_tsk_pinned = task_bp_pinned(cpu, bp, type);
508 if (!enable)
509 next_tsk_pinned += hw_breakpoint_weight(bp);
510 bp_slots_histogram_add(&get_bp_info(cpu, type)->tsk_pinned,
511 next_tsk_pinned, weight);
512 }
513 }
514
515 /*
516 * Readers want a stable snapshot of the per-task breakpoint list.
517 */
518 assert_bp_constraints_lock_held(bp);
519
520 if (enable)
521 return rhltable_insert(&task_bps_ht, &bp->hw.bp_list, task_bps_ht_params);
522
523 return 0;
524}
525
526/*
527 * Constraints to check before allowing this new breakpoint counter.
528 *
529 * Note: Flexible breakpoints are currently unimplemented, but outlined in the
530 * below algorithm for completeness. The implementation treats flexible as
531 * pinned due to no guarantee that we currently always schedule flexible events
532 * before a pinned event in a same CPU.
533 *
534 * == Non-pinned counter == (Considered as pinned for now)
535 *
536 * - If attached to a single cpu, check:
537 *
538 * (per_cpu(info->flexible, cpu) || (per_cpu(info->cpu_pinned, cpu)
539 * + max(per_cpu(info->tsk_pinned, cpu)))) < HBP_NUM
540 *
541 * -> If there are already non-pinned counters in this cpu, it means
542 * there is already a free slot for them.
543 * Otherwise, we check that the maximum number of per task
544 * breakpoints (for this cpu) plus the number of per cpu breakpoint
545 * (for this cpu) doesn't cover every registers.
546 *
547 * - If attached to every cpus, check:
548 *
549 * (per_cpu(info->flexible, *) || (max(per_cpu(info->cpu_pinned, *))
550 * + max(per_cpu(info->tsk_pinned, *)))) < HBP_NUM
551 *
552 * -> This is roughly the same, except we check the number of per cpu
553 * bp for every cpu and we keep the max one. Same for the per tasks
554 * breakpoints.
555 *
556 *
557 * == Pinned counter ==
558 *
559 * - If attached to a single cpu, check:
560 *
561 * ((per_cpu(info->flexible, cpu) > 1) + per_cpu(info->cpu_pinned, cpu)
562 * + max(per_cpu(info->tsk_pinned, cpu))) < HBP_NUM
563 *
564 * -> Same checks as before. But now the info->flexible, if any, must keep
565 * one register at least (or they will never be fed).
566 *
567 * - If attached to every cpus, check:
568 *
569 * ((per_cpu(info->flexible, *) > 1) + max(per_cpu(info->cpu_pinned, *))
570 * + max(per_cpu(info->tsk_pinned, *))) < HBP_NUM
571 */
572static int __reserve_bp_slot(struct perf_event *bp, u64 bp_type)
573{
574 enum bp_type_idx type;
575 int max_pinned_slots;
576 int weight;
577
578 /* We couldn't initialize breakpoint constraints on boot */
579 if (!constraints_initialized)
580 return -ENOMEM;
581
582 /* Basic checks */
583 if (bp_type == HW_BREAKPOINT_EMPTY ||
584 bp_type == HW_BREAKPOINT_INVALID)
585 return -EINVAL;
586
587 type = find_slot_idx(bp_type);
588 weight = hw_breakpoint_weight(bp);
589
590 /* Check if this new breakpoint can be satisfied across all CPUs. */
591 max_pinned_slots = max_bp_pinned_slots(bp, type) + weight;
592 if (max_pinned_slots > hw_breakpoint_slots_cached(type))
593 return -ENOSPC;
594
595 return toggle_bp_slot(bp, true, type, weight);
596}
597
598int reserve_bp_slot(struct perf_event *bp)
599{
600 struct mutex *mtx = bp_constraints_lock(bp);
601 int ret = __reserve_bp_slot(bp, bp->attr.bp_type);
602
603 bp_constraints_unlock(mtx);
604 return ret;
605}
606
607static void __release_bp_slot(struct perf_event *bp, u64 bp_type)
608{
609 enum bp_type_idx type;
610 int weight;
611
612 type = find_slot_idx(bp_type);
613 weight = hw_breakpoint_weight(bp);
614 WARN_ON(toggle_bp_slot(bp, false, type, weight));
615}
616
617void release_bp_slot(struct perf_event *bp)
618{
619 struct mutex *mtx = bp_constraints_lock(bp);
620
621 __release_bp_slot(bp, bp->attr.bp_type);
622 bp_constraints_unlock(mtx);
623}
624
625static int __modify_bp_slot(struct perf_event *bp, u64 old_type, u64 new_type)
626{
627 int err;
628
629 __release_bp_slot(bp, old_type);
630
631 err = __reserve_bp_slot(bp, new_type);
632 if (err) {
633 /*
634 * Reserve the old_type slot back in case
635 * there's no space for the new type.
636 *
637 * This must succeed, because we just released
638 * the old_type slot in the __release_bp_slot
639 * call above. If not, something is broken.
640 */
641 WARN_ON(__reserve_bp_slot(bp, old_type));
642 }
643
644 return err;
645}
646
647static int modify_bp_slot(struct perf_event *bp, u64 old_type, u64 new_type)
648{
649 struct mutex *mtx = bp_constraints_lock(bp);
650 int ret = __modify_bp_slot(bp, old_type, new_type);
651
652 bp_constraints_unlock(mtx);
653 return ret;
654}
655
656/*
657 * Allow the kernel debugger to reserve breakpoint slots without
658 * taking a lock using the dbg_* variant of for the reserve and
659 * release breakpoint slots.
660 */
661int dbg_reserve_bp_slot(struct perf_event *bp)
662{
663 int ret;
664
665 if (bp_constraints_is_locked(bp))
666 return -1;
667
668 /* Locks aren't held; disable lockdep assert checking. */
669 lockdep_off();
670 ret = __reserve_bp_slot(bp, bp->attr.bp_type);
671 lockdep_on();
672
673 return ret;
674}
675
676int dbg_release_bp_slot(struct perf_event *bp)
677{
678 if (bp_constraints_is_locked(bp))
679 return -1;
680
681 /* Locks aren't held; disable lockdep assert checking. */
682 lockdep_off();
683 __release_bp_slot(bp, bp->attr.bp_type);
684 lockdep_on();
685
686 return 0;
687}
688
689static int hw_breakpoint_parse(struct perf_event *bp,
690 const struct perf_event_attr *attr,
691 struct arch_hw_breakpoint *hw)
692{
693 int err;
694
695 err = hw_breakpoint_arch_parse(bp, attr, hw);
696 if (err)
697 return err;
698
699 if (arch_check_bp_in_kernelspace(hw)) {
700 if (attr->exclude_kernel)
701 return -EINVAL;
702 /*
703 * Don't let unprivileged users set a breakpoint in the trap
704 * path to avoid trap recursion attacks.
705 */
706 if (!capable(CAP_SYS_ADMIN))
707 return -EPERM;
708 }
709
710 return 0;
711}
712
713int register_perf_hw_breakpoint(struct perf_event *bp)
714{
715 struct arch_hw_breakpoint hw = { };
716 int err;
717
718 err = reserve_bp_slot(bp);
719 if (err)
720 return err;
721
722 err = hw_breakpoint_parse(bp, &bp->attr, &hw);
723 if (err) {
724 release_bp_slot(bp);
725 return err;
726 }
727
728 bp->hw.info = hw;
729
730 return 0;
731}
732
733/**
734 * register_user_hw_breakpoint - register a hardware breakpoint for user space
735 * @attr: breakpoint attributes
736 * @triggered: callback to trigger when we hit the breakpoint
737 * @context: context data could be used in the triggered callback
738 * @tsk: pointer to 'task_struct' of the process to which the address belongs
739 */
740struct perf_event *
741register_user_hw_breakpoint(struct perf_event_attr *attr,
742 perf_overflow_handler_t triggered,
743 void *context,
744 struct task_struct *tsk)
745{
746 return perf_event_create_kernel_counter(attr, -1, tsk, triggered,
747 context);
748}
749EXPORT_SYMBOL_GPL(register_user_hw_breakpoint);
750
751static void hw_breakpoint_copy_attr(struct perf_event_attr *to,
752 struct perf_event_attr *from)
753{
754 to->bp_addr = from->bp_addr;
755 to->bp_type = from->bp_type;
756 to->bp_len = from->bp_len;
757 to->disabled = from->disabled;
758}
759
760int
761modify_user_hw_breakpoint_check(struct perf_event *bp, struct perf_event_attr *attr,
762 bool check)
763{
764 struct arch_hw_breakpoint hw = { };
765 int err;
766
767 err = hw_breakpoint_parse(bp, attr, &hw);
768 if (err)
769 return err;
770
771 if (check) {
772 struct perf_event_attr old_attr;
773
774 old_attr = bp->attr;
775 hw_breakpoint_copy_attr(&old_attr, attr);
776 if (memcmp(&old_attr, attr, sizeof(*attr)))
777 return -EINVAL;
778 }
779
780 if (bp->attr.bp_type != attr->bp_type) {
781 err = modify_bp_slot(bp, bp->attr.bp_type, attr->bp_type);
782 if (err)
783 return err;
784 }
785
786 hw_breakpoint_copy_attr(&bp->attr, attr);
787 bp->hw.info = hw;
788
789 return 0;
790}
791
792/**
793 * modify_user_hw_breakpoint - modify a user-space hardware breakpoint
794 * @bp: the breakpoint structure to modify
795 * @attr: new breakpoint attributes
796 */
797int modify_user_hw_breakpoint(struct perf_event *bp, struct perf_event_attr *attr)
798{
799 int err;
800
801 /*
802 * modify_user_hw_breakpoint can be invoked with IRQs disabled and hence it
803 * will not be possible to raise IPIs that invoke __perf_event_disable.
804 * So call the function directly after making sure we are targeting the
805 * current task.
806 */
807 if (irqs_disabled() && bp->ctx && bp->ctx->task == current)
808 perf_event_disable_local(bp);
809 else
810 perf_event_disable(bp);
811
812 err = modify_user_hw_breakpoint_check(bp, attr, false);
813
814 if (!bp->attr.disabled)
815 perf_event_enable(bp);
816
817 return err;
818}
819EXPORT_SYMBOL_GPL(modify_user_hw_breakpoint);
820
821/**
822 * unregister_hw_breakpoint - unregister a user-space hardware breakpoint
823 * @bp: the breakpoint structure to unregister
824 */
825void unregister_hw_breakpoint(struct perf_event *bp)
826{
827 if (!bp)
828 return;
829 perf_event_release_kernel(bp);
830}
831EXPORT_SYMBOL_GPL(unregister_hw_breakpoint);
832
833/**
834 * register_wide_hw_breakpoint - register a wide breakpoint in the kernel
835 * @attr: breakpoint attributes
836 * @triggered: callback to trigger when we hit the breakpoint
837 * @context: context data could be used in the triggered callback
838 *
839 * @return a set of per_cpu pointers to perf events
840 */
841struct perf_event * __percpu *
842register_wide_hw_breakpoint(struct perf_event_attr *attr,
843 perf_overflow_handler_t triggered,
844 void *context)
845{
846 struct perf_event * __percpu *cpu_events, *bp;
847 long err = 0;
848 int cpu;
849
850 cpu_events = alloc_percpu(typeof(*cpu_events));
851 if (!cpu_events)
852 return ERR_PTR_PCPU(-ENOMEM);
853
854 cpus_read_lock();
855 for_each_online_cpu(cpu) {
856 bp = perf_event_create_kernel_counter(attr, cpu, NULL,
857 triggered, context);
858 if (IS_ERR(bp)) {
859 err = PTR_ERR(bp);
860 break;
861 }
862
863 per_cpu(*cpu_events, cpu) = bp;
864 }
865 cpus_read_unlock();
866
867 if (likely(!err))
868 return cpu_events;
869
870 unregister_wide_hw_breakpoint(cpu_events);
871 return ERR_PTR_PCPU(err);
872}
873EXPORT_SYMBOL_GPL(register_wide_hw_breakpoint);
874
875/**
876 * unregister_wide_hw_breakpoint - unregister a wide breakpoint in the kernel
877 * @cpu_events: the per cpu set of events to unregister
878 */
879void unregister_wide_hw_breakpoint(struct perf_event * __percpu *cpu_events)
880{
881 int cpu;
882
883 for_each_possible_cpu(cpu)
884 unregister_hw_breakpoint(per_cpu(*cpu_events, cpu));
885
886 free_percpu(cpu_events);
887}
888EXPORT_SYMBOL_GPL(unregister_wide_hw_breakpoint);
889
890/**
891 * hw_breakpoint_is_used - check if breakpoints are currently used
892 *
893 * Returns: true if breakpoints are used, false otherwise.
894 */
895bool hw_breakpoint_is_used(void)
896{
897 int cpu;
898
899 if (!constraints_initialized)
900 return false;
901
902 for_each_possible_cpu(cpu) {
903 for (int type = 0; type < TYPE_MAX; ++type) {
904 struct bp_cpuinfo *info = get_bp_info(cpu, type);
905
906 if (info->cpu_pinned)
907 return true;
908
909 for (int slot = 0; slot < hw_breakpoint_slots_cached(type); ++slot) {
910 if (atomic_read(&info->tsk_pinned.count[slot]))
911 return true;
912 }
913 }
914 }
915
916 for (int type = 0; type < TYPE_MAX; ++type) {
917 for (int slot = 0; slot < hw_breakpoint_slots_cached(type); ++slot) {
918 /*
919 * Warn, because if there are CPU pinned counters,
920 * should never get here; bp_cpuinfo::cpu_pinned should
921 * be consistent with the global cpu_pinned histogram.
922 */
923 if (WARN_ON(atomic_read(&cpu_pinned[type].count[slot])))
924 return true;
925
926 if (atomic_read(&tsk_pinned_all[type].count[slot]))
927 return true;
928 }
929 }
930
931 return false;
932}
933
934static struct notifier_block hw_breakpoint_exceptions_nb = {
935 .notifier_call = hw_breakpoint_exceptions_notify,
936 /* we need to be notified first */
937 .priority = 0x7fffffff
938};
939
940static void bp_perf_event_destroy(struct perf_event *event)
941{
942 release_bp_slot(event);
943}
944
945static int hw_breakpoint_event_init(struct perf_event *bp)
946{
947 int err;
948
949 if (bp->attr.type != PERF_TYPE_BREAKPOINT)
950 return -ENOENT;
951
952 /*
953 * no branch sampling for breakpoint events
954 */
955 if (has_branch_stack(bp))
956 return -EOPNOTSUPP;
957
958 err = register_perf_hw_breakpoint(bp);
959 if (err)
960 return err;
961
962 bp->destroy = bp_perf_event_destroy;
963
964 return 0;
965}
966
967static int hw_breakpoint_add(struct perf_event *bp, int flags)
968{
969 if (!(flags & PERF_EF_START))
970 bp->hw.state = PERF_HES_STOPPED;
971
972 if (is_sampling_event(bp)) {
973 bp->hw.last_period = bp->hw.sample_period;
974 perf_swevent_set_period(bp);
975 }
976
977 return arch_install_hw_breakpoint(bp);
978}
979
980static void hw_breakpoint_del(struct perf_event *bp, int flags)
981{
982 arch_uninstall_hw_breakpoint(bp);
983}
984
985static void hw_breakpoint_start(struct perf_event *bp, int flags)
986{
987 bp->hw.state = 0;
988}
989
990static void hw_breakpoint_stop(struct perf_event *bp, int flags)
991{
992 bp->hw.state = PERF_HES_STOPPED;
993}
994
995static struct pmu perf_breakpoint = {
996 .task_ctx_nr = perf_sw_context, /* could eventually get its own */
997
998 .event_init = hw_breakpoint_event_init,
999 .add = hw_breakpoint_add,
1000 .del = hw_breakpoint_del,
1001 .start = hw_breakpoint_start,
1002 .stop = hw_breakpoint_stop,
1003 .read = hw_breakpoint_pmu_read,
1004};
1005
1006int __init init_hw_breakpoint(void)
1007{
1008 int ret;
1009
1010 ret = rhltable_init(&task_bps_ht, &task_bps_ht_params);
1011 if (ret)
1012 return ret;
1013
1014 ret = init_breakpoint_slots();
1015 if (ret)
1016 return ret;
1017
1018 constraints_initialized = true;
1019
1020 perf_pmu_register(&perf_breakpoint, "breakpoint", PERF_TYPE_BREAKPOINT);
1021
1022 return register_die_notifier(&hw_breakpoint_exceptions_nb);
1023}
1/*
2 * This program is free software; you can redistribute it and/or modify
3 * it under the terms of the GNU General Public License as published by
4 * the Free Software Foundation; either version 2 of the License, or
5 * (at your option) any later version.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * along with this program; if not, write to the Free Software
14 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
15 *
16 * Copyright (C) 2007 Alan Stern
17 * Copyright (C) IBM Corporation, 2009
18 * Copyright (C) 2009, Frederic Weisbecker <fweisbec@gmail.com>
19 *
20 * Thanks to Ingo Molnar for his many suggestions.
21 *
22 * Authors: Alan Stern <stern@rowland.harvard.edu>
23 * K.Prasad <prasad@linux.vnet.ibm.com>
24 * Frederic Weisbecker <fweisbec@gmail.com>
25 */
26
27/*
28 * HW_breakpoint: a unified kernel/user-space hardware breakpoint facility,
29 * using the CPU's debug registers.
30 * This file contains the arch-independent routines.
31 */
32
33#include <linux/irqflags.h>
34#include <linux/kallsyms.h>
35#include <linux/notifier.h>
36#include <linux/kprobes.h>
37#include <linux/kdebug.h>
38#include <linux/kernel.h>
39#include <linux/module.h>
40#include <linux/percpu.h>
41#include <linux/sched.h>
42#include <linux/init.h>
43#include <linux/slab.h>
44#include <linux/list.h>
45#include <linux/cpu.h>
46#include <linux/smp.h>
47#include <linux/bug.h>
48
49#include <linux/hw_breakpoint.h>
50/*
51 * Constraints data
52 */
53struct bp_cpuinfo {
54 /* Number of pinned cpu breakpoints in a cpu */
55 unsigned int cpu_pinned;
56 /* tsk_pinned[n] is the number of tasks having n+1 breakpoints */
57 unsigned int *tsk_pinned;
58 /* Number of non-pinned cpu/task breakpoints in a cpu */
59 unsigned int flexible; /* XXX: placeholder, see fetch_this_slot() */
60};
61
62static DEFINE_PER_CPU(struct bp_cpuinfo, bp_cpuinfo[TYPE_MAX]);
63static int nr_slots[TYPE_MAX];
64
65static struct bp_cpuinfo *get_bp_info(int cpu, enum bp_type_idx type)
66{
67 return per_cpu_ptr(bp_cpuinfo + type, cpu);
68}
69
70/* Keep track of the breakpoints attached to tasks */
71static LIST_HEAD(bp_task_head);
72
73static int constraints_initialized;
74
75/* Gather the number of total pinned and un-pinned bp in a cpuset */
76struct bp_busy_slots {
77 unsigned int pinned;
78 unsigned int flexible;
79};
80
81/* Serialize accesses to the above constraints */
82static DEFINE_MUTEX(nr_bp_mutex);
83
84__weak int hw_breakpoint_weight(struct perf_event *bp)
85{
86 return 1;
87}
88
89static inline enum bp_type_idx find_slot_idx(u64 bp_type)
90{
91 if (bp_type & HW_BREAKPOINT_RW)
92 return TYPE_DATA;
93
94 return TYPE_INST;
95}
96
97/*
98 * Report the maximum number of pinned breakpoints a task
99 * have in this cpu
100 */
101static unsigned int max_task_bp_pinned(int cpu, enum bp_type_idx type)
102{
103 unsigned int *tsk_pinned = get_bp_info(cpu, type)->tsk_pinned;
104 int i;
105
106 for (i = nr_slots[type] - 1; i >= 0; i--) {
107 if (tsk_pinned[i] > 0)
108 return i + 1;
109 }
110
111 return 0;
112}
113
114/*
115 * Count the number of breakpoints of the same type and same task.
116 * The given event must be not on the list.
117 */
118static int task_bp_pinned(int cpu, struct perf_event *bp, enum bp_type_idx type)
119{
120 struct task_struct *tsk = bp->hw.target;
121 struct perf_event *iter;
122 int count = 0;
123
124 list_for_each_entry(iter, &bp_task_head, hw.bp_list) {
125 if (iter->hw.target == tsk &&
126 find_slot_idx(iter->attr.bp_type) == type &&
127 (iter->cpu < 0 || cpu == iter->cpu))
128 count += hw_breakpoint_weight(iter);
129 }
130
131 return count;
132}
133
134static const struct cpumask *cpumask_of_bp(struct perf_event *bp)
135{
136 if (bp->cpu >= 0)
137 return cpumask_of(bp->cpu);
138 return cpu_possible_mask;
139}
140
141/*
142 * Report the number of pinned/un-pinned breakpoints we have in
143 * a given cpu (cpu > -1) or in all of them (cpu = -1).
144 */
145static void
146fetch_bp_busy_slots(struct bp_busy_slots *slots, struct perf_event *bp,
147 enum bp_type_idx type)
148{
149 const struct cpumask *cpumask = cpumask_of_bp(bp);
150 int cpu;
151
152 for_each_cpu(cpu, cpumask) {
153 struct bp_cpuinfo *info = get_bp_info(cpu, type);
154 int nr;
155
156 nr = info->cpu_pinned;
157 if (!bp->hw.target)
158 nr += max_task_bp_pinned(cpu, type);
159 else
160 nr += task_bp_pinned(cpu, bp, type);
161
162 if (nr > slots->pinned)
163 slots->pinned = nr;
164
165 nr = info->flexible;
166 if (nr > slots->flexible)
167 slots->flexible = nr;
168 }
169}
170
171/*
172 * For now, continue to consider flexible as pinned, until we can
173 * ensure no flexible event can ever be scheduled before a pinned event
174 * in a same cpu.
175 */
176static void
177fetch_this_slot(struct bp_busy_slots *slots, int weight)
178{
179 slots->pinned += weight;
180}
181
182/*
183 * Add a pinned breakpoint for the given task in our constraint table
184 */
185static void toggle_bp_task_slot(struct perf_event *bp, int cpu,
186 enum bp_type_idx type, int weight)
187{
188 unsigned int *tsk_pinned = get_bp_info(cpu, type)->tsk_pinned;
189 int old_idx, new_idx;
190
191 old_idx = task_bp_pinned(cpu, bp, type) - 1;
192 new_idx = old_idx + weight;
193
194 if (old_idx >= 0)
195 tsk_pinned[old_idx]--;
196 if (new_idx >= 0)
197 tsk_pinned[new_idx]++;
198}
199
200/*
201 * Add/remove the given breakpoint in our constraint table
202 */
203static void
204toggle_bp_slot(struct perf_event *bp, bool enable, enum bp_type_idx type,
205 int weight)
206{
207 const struct cpumask *cpumask = cpumask_of_bp(bp);
208 int cpu;
209
210 if (!enable)
211 weight = -weight;
212
213 /* Pinned counter cpu profiling */
214 if (!bp->hw.target) {
215 get_bp_info(bp->cpu, type)->cpu_pinned += weight;
216 return;
217 }
218
219 /* Pinned counter task profiling */
220 for_each_cpu(cpu, cpumask)
221 toggle_bp_task_slot(bp, cpu, type, weight);
222
223 if (enable)
224 list_add_tail(&bp->hw.bp_list, &bp_task_head);
225 else
226 list_del(&bp->hw.bp_list);
227}
228
229/*
230 * Function to perform processor-specific cleanup during unregistration
231 */
232__weak void arch_unregister_hw_breakpoint(struct perf_event *bp)
233{
234 /*
235 * A weak stub function here for those archs that don't define
236 * it inside arch/.../kernel/hw_breakpoint.c
237 */
238}
239
240/*
241 * Contraints to check before allowing this new breakpoint counter:
242 *
243 * == Non-pinned counter == (Considered as pinned for now)
244 *
245 * - If attached to a single cpu, check:
246 *
247 * (per_cpu(info->flexible, cpu) || (per_cpu(info->cpu_pinned, cpu)
248 * + max(per_cpu(info->tsk_pinned, cpu)))) < HBP_NUM
249 *
250 * -> If there are already non-pinned counters in this cpu, it means
251 * there is already a free slot for them.
252 * Otherwise, we check that the maximum number of per task
253 * breakpoints (for this cpu) plus the number of per cpu breakpoint
254 * (for this cpu) doesn't cover every registers.
255 *
256 * - If attached to every cpus, check:
257 *
258 * (per_cpu(info->flexible, *) || (max(per_cpu(info->cpu_pinned, *))
259 * + max(per_cpu(info->tsk_pinned, *)))) < HBP_NUM
260 *
261 * -> This is roughly the same, except we check the number of per cpu
262 * bp for every cpu and we keep the max one. Same for the per tasks
263 * breakpoints.
264 *
265 *
266 * == Pinned counter ==
267 *
268 * - If attached to a single cpu, check:
269 *
270 * ((per_cpu(info->flexible, cpu) > 1) + per_cpu(info->cpu_pinned, cpu)
271 * + max(per_cpu(info->tsk_pinned, cpu))) < HBP_NUM
272 *
273 * -> Same checks as before. But now the info->flexible, if any, must keep
274 * one register at least (or they will never be fed).
275 *
276 * - If attached to every cpus, check:
277 *
278 * ((per_cpu(info->flexible, *) > 1) + max(per_cpu(info->cpu_pinned, *))
279 * + max(per_cpu(info->tsk_pinned, *))) < HBP_NUM
280 */
281static int __reserve_bp_slot(struct perf_event *bp, u64 bp_type)
282{
283 struct bp_busy_slots slots = {0};
284 enum bp_type_idx type;
285 int weight;
286
287 /* We couldn't initialize breakpoint constraints on boot */
288 if (!constraints_initialized)
289 return -ENOMEM;
290
291 /* Basic checks */
292 if (bp_type == HW_BREAKPOINT_EMPTY ||
293 bp_type == HW_BREAKPOINT_INVALID)
294 return -EINVAL;
295
296 type = find_slot_idx(bp_type);
297 weight = hw_breakpoint_weight(bp);
298
299 fetch_bp_busy_slots(&slots, bp, type);
300 /*
301 * Simulate the addition of this breakpoint to the constraints
302 * and see the result.
303 */
304 fetch_this_slot(&slots, weight);
305
306 /* Flexible counters need to keep at least one slot */
307 if (slots.pinned + (!!slots.flexible) > nr_slots[type])
308 return -ENOSPC;
309
310 toggle_bp_slot(bp, true, type, weight);
311
312 return 0;
313}
314
315int reserve_bp_slot(struct perf_event *bp)
316{
317 int ret;
318
319 mutex_lock(&nr_bp_mutex);
320
321 ret = __reserve_bp_slot(bp, bp->attr.bp_type);
322
323 mutex_unlock(&nr_bp_mutex);
324
325 return ret;
326}
327
328static void __release_bp_slot(struct perf_event *bp, u64 bp_type)
329{
330 enum bp_type_idx type;
331 int weight;
332
333 type = find_slot_idx(bp_type);
334 weight = hw_breakpoint_weight(bp);
335 toggle_bp_slot(bp, false, type, weight);
336}
337
338void release_bp_slot(struct perf_event *bp)
339{
340 mutex_lock(&nr_bp_mutex);
341
342 arch_unregister_hw_breakpoint(bp);
343 __release_bp_slot(bp, bp->attr.bp_type);
344
345 mutex_unlock(&nr_bp_mutex);
346}
347
348static int __modify_bp_slot(struct perf_event *bp, u64 old_type)
349{
350 int err;
351
352 __release_bp_slot(bp, old_type);
353
354 err = __reserve_bp_slot(bp, bp->attr.bp_type);
355 if (err) {
356 /*
357 * Reserve the old_type slot back in case
358 * there's no space for the new type.
359 *
360 * This must succeed, because we just released
361 * the old_type slot in the __release_bp_slot
362 * call above. If not, something is broken.
363 */
364 WARN_ON(__reserve_bp_slot(bp, old_type));
365 }
366
367 return err;
368}
369
370static int modify_bp_slot(struct perf_event *bp, u64 old_type)
371{
372 int ret;
373
374 mutex_lock(&nr_bp_mutex);
375 ret = __modify_bp_slot(bp, old_type);
376 mutex_unlock(&nr_bp_mutex);
377 return ret;
378}
379
380/*
381 * Allow the kernel debugger to reserve breakpoint slots without
382 * taking a lock using the dbg_* variant of for the reserve and
383 * release breakpoint slots.
384 */
385int dbg_reserve_bp_slot(struct perf_event *bp)
386{
387 if (mutex_is_locked(&nr_bp_mutex))
388 return -1;
389
390 return __reserve_bp_slot(bp, bp->attr.bp_type);
391}
392
393int dbg_release_bp_slot(struct perf_event *bp)
394{
395 if (mutex_is_locked(&nr_bp_mutex))
396 return -1;
397
398 __release_bp_slot(bp, bp->attr.bp_type);
399
400 return 0;
401}
402
403static int validate_hw_breakpoint(struct perf_event *bp)
404{
405 int ret;
406
407 ret = arch_validate_hwbkpt_settings(bp);
408 if (ret)
409 return ret;
410
411 if (arch_check_bp_in_kernelspace(bp)) {
412 if (bp->attr.exclude_kernel)
413 return -EINVAL;
414 /*
415 * Don't let unprivileged users set a breakpoint in the trap
416 * path to avoid trap recursion attacks.
417 */
418 if (!capable(CAP_SYS_ADMIN))
419 return -EPERM;
420 }
421
422 return 0;
423}
424
425int register_perf_hw_breakpoint(struct perf_event *bp)
426{
427 int ret;
428
429 ret = reserve_bp_slot(bp);
430 if (ret)
431 return ret;
432
433 ret = validate_hw_breakpoint(bp);
434
435 /* if arch_validate_hwbkpt_settings() fails then release bp slot */
436 if (ret)
437 release_bp_slot(bp);
438
439 return ret;
440}
441
442/**
443 * register_user_hw_breakpoint - register a hardware breakpoint for user space
444 * @attr: breakpoint attributes
445 * @triggered: callback to trigger when we hit the breakpoint
446 * @tsk: pointer to 'task_struct' of the process to which the address belongs
447 */
448struct perf_event *
449register_user_hw_breakpoint(struct perf_event_attr *attr,
450 perf_overflow_handler_t triggered,
451 void *context,
452 struct task_struct *tsk)
453{
454 return perf_event_create_kernel_counter(attr, -1, tsk, triggered,
455 context);
456}
457EXPORT_SYMBOL_GPL(register_user_hw_breakpoint);
458
459int
460modify_user_hw_breakpoint_check(struct perf_event *bp, struct perf_event_attr *attr,
461 bool check)
462{
463 u64 old_addr = bp->attr.bp_addr;
464 u64 old_len = bp->attr.bp_len;
465 int old_type = bp->attr.bp_type;
466 bool modify = attr->bp_type != old_type;
467 int err = 0;
468
469 bp->attr.bp_addr = attr->bp_addr;
470 bp->attr.bp_type = attr->bp_type;
471 bp->attr.bp_len = attr->bp_len;
472
473 if (check && memcmp(&bp->attr, attr, sizeof(*attr)))
474 return -EINVAL;
475
476 err = validate_hw_breakpoint(bp);
477 if (!err && modify)
478 err = modify_bp_slot(bp, old_type);
479
480 if (err) {
481 bp->attr.bp_addr = old_addr;
482 bp->attr.bp_type = old_type;
483 bp->attr.bp_len = old_len;
484 return err;
485 }
486
487 bp->attr.disabled = attr->disabled;
488 return 0;
489}
490
491/**
492 * modify_user_hw_breakpoint - modify a user-space hardware breakpoint
493 * @bp: the breakpoint structure to modify
494 * @attr: new breakpoint attributes
495 */
496int modify_user_hw_breakpoint(struct perf_event *bp, struct perf_event_attr *attr)
497{
498 /*
499 * modify_user_hw_breakpoint can be invoked with IRQs disabled and hence it
500 * will not be possible to raise IPIs that invoke __perf_event_disable.
501 * So call the function directly after making sure we are targeting the
502 * current task.
503 */
504 if (irqs_disabled() && bp->ctx && bp->ctx->task == current)
505 perf_event_disable_local(bp);
506 else
507 perf_event_disable(bp);
508
509 if (!attr->disabled) {
510 int err = modify_user_hw_breakpoint_check(bp, attr, false);
511
512 if (err)
513 return err;
514 perf_event_enable(bp);
515 bp->attr.disabled = 0;
516 }
517 return 0;
518}
519EXPORT_SYMBOL_GPL(modify_user_hw_breakpoint);
520
521/**
522 * unregister_hw_breakpoint - unregister a user-space hardware breakpoint
523 * @bp: the breakpoint structure to unregister
524 */
525void unregister_hw_breakpoint(struct perf_event *bp)
526{
527 if (!bp)
528 return;
529 perf_event_release_kernel(bp);
530}
531EXPORT_SYMBOL_GPL(unregister_hw_breakpoint);
532
533/**
534 * register_wide_hw_breakpoint - register a wide breakpoint in the kernel
535 * @attr: breakpoint attributes
536 * @triggered: callback to trigger when we hit the breakpoint
537 *
538 * @return a set of per_cpu pointers to perf events
539 */
540struct perf_event * __percpu *
541register_wide_hw_breakpoint(struct perf_event_attr *attr,
542 perf_overflow_handler_t triggered,
543 void *context)
544{
545 struct perf_event * __percpu *cpu_events, *bp;
546 long err = 0;
547 int cpu;
548
549 cpu_events = alloc_percpu(typeof(*cpu_events));
550 if (!cpu_events)
551 return (void __percpu __force *)ERR_PTR(-ENOMEM);
552
553 get_online_cpus();
554 for_each_online_cpu(cpu) {
555 bp = perf_event_create_kernel_counter(attr, cpu, NULL,
556 triggered, context);
557 if (IS_ERR(bp)) {
558 err = PTR_ERR(bp);
559 break;
560 }
561
562 per_cpu(*cpu_events, cpu) = bp;
563 }
564 put_online_cpus();
565
566 if (likely(!err))
567 return cpu_events;
568
569 unregister_wide_hw_breakpoint(cpu_events);
570 return (void __percpu __force *)ERR_PTR(err);
571}
572EXPORT_SYMBOL_GPL(register_wide_hw_breakpoint);
573
574/**
575 * unregister_wide_hw_breakpoint - unregister a wide breakpoint in the kernel
576 * @cpu_events: the per cpu set of events to unregister
577 */
578void unregister_wide_hw_breakpoint(struct perf_event * __percpu *cpu_events)
579{
580 int cpu;
581
582 for_each_possible_cpu(cpu)
583 unregister_hw_breakpoint(per_cpu(*cpu_events, cpu));
584
585 free_percpu(cpu_events);
586}
587EXPORT_SYMBOL_GPL(unregister_wide_hw_breakpoint);
588
589static struct notifier_block hw_breakpoint_exceptions_nb = {
590 .notifier_call = hw_breakpoint_exceptions_notify,
591 /* we need to be notified first */
592 .priority = 0x7fffffff
593};
594
595static void bp_perf_event_destroy(struct perf_event *event)
596{
597 release_bp_slot(event);
598}
599
600static int hw_breakpoint_event_init(struct perf_event *bp)
601{
602 int err;
603
604 if (bp->attr.type != PERF_TYPE_BREAKPOINT)
605 return -ENOENT;
606
607 /*
608 * no branch sampling for breakpoint events
609 */
610 if (has_branch_stack(bp))
611 return -EOPNOTSUPP;
612
613 err = register_perf_hw_breakpoint(bp);
614 if (err)
615 return err;
616
617 bp->destroy = bp_perf_event_destroy;
618
619 return 0;
620}
621
622static int hw_breakpoint_add(struct perf_event *bp, int flags)
623{
624 if (!(flags & PERF_EF_START))
625 bp->hw.state = PERF_HES_STOPPED;
626
627 if (is_sampling_event(bp)) {
628 bp->hw.last_period = bp->hw.sample_period;
629 perf_swevent_set_period(bp);
630 }
631
632 return arch_install_hw_breakpoint(bp);
633}
634
635static void hw_breakpoint_del(struct perf_event *bp, int flags)
636{
637 arch_uninstall_hw_breakpoint(bp);
638}
639
640static void hw_breakpoint_start(struct perf_event *bp, int flags)
641{
642 bp->hw.state = 0;
643}
644
645static void hw_breakpoint_stop(struct perf_event *bp, int flags)
646{
647 bp->hw.state = PERF_HES_STOPPED;
648}
649
650static struct pmu perf_breakpoint = {
651 .task_ctx_nr = perf_sw_context, /* could eventually get its own */
652
653 .event_init = hw_breakpoint_event_init,
654 .add = hw_breakpoint_add,
655 .del = hw_breakpoint_del,
656 .start = hw_breakpoint_start,
657 .stop = hw_breakpoint_stop,
658 .read = hw_breakpoint_pmu_read,
659};
660
661int __init init_hw_breakpoint(void)
662{
663 int cpu, err_cpu;
664 int i;
665
666 for (i = 0; i < TYPE_MAX; i++)
667 nr_slots[i] = hw_breakpoint_slots(i);
668
669 for_each_possible_cpu(cpu) {
670 for (i = 0; i < TYPE_MAX; i++) {
671 struct bp_cpuinfo *info = get_bp_info(cpu, i);
672
673 info->tsk_pinned = kcalloc(nr_slots[i], sizeof(int),
674 GFP_KERNEL);
675 if (!info->tsk_pinned)
676 goto err_alloc;
677 }
678 }
679
680 constraints_initialized = 1;
681
682 perf_pmu_register(&perf_breakpoint, "breakpoint", PERF_TYPE_BREAKPOINT);
683
684 return register_die_notifier(&hw_breakpoint_exceptions_nb);
685
686 err_alloc:
687 for_each_possible_cpu(err_cpu) {
688 for (i = 0; i < TYPE_MAX; i++)
689 kfree(get_bp_info(err_cpu, i)->tsk_pinned);
690 if (err_cpu == cpu)
691 break;
692 }
693
694 return -ENOMEM;
695}
696
697