Commit Graph

1228 Commits

Author SHA1 Message Date
Jon Medhurst
3c48fbb147 ARM: kprobes: Add new versions of emulate_ldr() and emulate_str()
These use the register calling conventions required by the new decoding
table framework for calling simulated instructions.

We rename the old versions of these functions to *_old for now.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:50 +00:00
Jon Medhurst
12ce5d3388 ARM: kprobes: Add emulate_rdlo12rdhi16rn0rm8_rwflags_nopc()
This is the emulation function for the instruction format used by the
ARM multiply long instructions. It replaces use of
prep_emulate_rdhi16rdlo12rs8rm0_wflags().

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:50 +00:00
Jon Medhurst
c82584ebdf ARM: kprobes: Add emulate_rd12rm0_noflags_nopc()
This is the emulation function for the instruction format used by the
ARM bit-field manipulation instructions.

Various other instruction forms can also make use of this and it is used
to replace use of prep_emulate_rd12{rm0}{_modify}

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:50 +00:00
Jon Medhurst
35fab77469 ARM: kprobes: Replace use of prep_emulate_rd12rn16rm0_wflags()
These can now use emulate_rd12rn16rm0_rwflags_nopc().

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:50 +00:00
Jon Medhurst
6091dfae4f ARM: kprobes: Add emulate_rd16rn12rm0rs8_rwflags_nopc()
This is the emulation function for the instruction format used by the
ARM multiply-accumulate instructions. These don't allow use of PC so we
don't have to add special cases for this.

This function is used to replace use of prep_emulate_rd16rs8rm0_wflags
and prep_emulate_rd16rn12rs8rm0_wflags.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:50 +00:00
Jon Medhurst
e9a92859e9 ARM: kprobes: Migrate remaining instruction decoding functions to tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:50 +00:00
Jon Medhurst
0d32e7d11b ARM: kprobes: Migrate ARM space_cccc_100x to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:50 +00:00
Jon Medhurst
56d8fbddc2 ARM: kprobes: Migrate ARM space_cccc_01xx to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:49 +00:00
Jon Medhurst
ad2e81a78d ARM: kprobes: Migrate ARM space_cccc_0111__1 to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:49 +00:00
Jon Medhurst
2ce5d03307 ARM: kprobes: Migrate ARM space_cccc_0110__1 to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:49 +00:00
Jon Medhurst
0e44e9a0fa ARM: kprobes: Add emulate_rd12rn16rm0_rwflags_nopc()
This is the emulation function for the instruction format used by the
ARM media instructions.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:49 +00:00
Jon Medhurst
c038f3af50 ARM: kprobes: Migrate ARM space_cccc_001x to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:49 +00:00
Jon Medhurst
75f115c087 ARM: kprobes: Migrate ARM space_cccc_000x to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:49 +00:00
Jon Medhurst
6c8a192929 ARM: kprobes: Migrate ARM LDRD and STRD to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:49 +00:00
Jon Medhurst
8723942f7b ARM: kprobes: Add emulate_ldrdstrd()
This is an emulation function for the LDRD and STRD instructions.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:48 +00:00
Jon Medhurst
3535a89ab2 ARM: kprobes: Migrate ARM data-processing (register) instructions to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:48 +00:00
Jon Medhurst
9f596e5126 ARM: kprobes: Add emulate_rd12rn16rm0rs8_rwflags()
This is the emulation function for the instruction format used by the
ARM data-processing instructions.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:48 +00:00
Jon Medhurst
7be7ee2d29 ARM: kprobes: Add BLX macro
This is for use by inline assembler which will be added to kprobes-arm.c
It saves memory when used on newer ARM architectures and also provides
correct interworking should ARM probes be required on Thumb kernels in
the future.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:48 +00:00
Jon Medhurst
df4fa1f8dd ARM: kprobes: Add alu_write_pc()
This writes a new value to PC which was obtained as the result of an ARM
ALU instruction. For ARMv7 and later this performs interworking.

On ARM kernels we shouldn't encounter any ALU instructions trying to
switch to Thumb mode so support for this isn't strictly necessary.
However, the approach taken in all other instruction decoding is for us
to avoid unpredictable modification of the PC for security reasons. This
is usually achieved by rejecting insertion of probes on problematic
instruction, but for ALU instructions we can't do this as it depends on
the contents of the CPU registers at the time the probe is hit. So, as
we require some form of run-time checking to trap undesirable PC
modification, we may as well simulate the instructions correctly, i.e.
in the way they would behave in the absence of a probe.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:48 +00:00
Jon Medhurst
9a5c1284a3 ARM: kprobes: Migrate ARM space_1111 to decoding tables
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:48 +00:00
Jon Medhurst
bb1085f827 ARM: kprobes: Decode 32-bit Thumb multiply and absolute difference instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:48 +00:00
Jon Medhurst
231fb150c6 ARM: kprobes: Decode 32-bit Thumb long multiply and divide instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:47 +00:00
Jon Medhurst
31656c1a9a ARM: kprobes: Decode 32-bit Thumb data-processing (register) instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:47 +00:00
Jon Medhurst
d691023b62 ARM: kprobes: Decode 32-bit Thumb load/store single data item instructions
We will reject probing of unprivileged load and store instructions.
These rarely occur and writing test cases for them is difficult.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:47 +00:00
Jon Medhurst
46009cc5c5 ARM: kprobes: Decode 32-bit Thumb memory hint instructions
We'll treat the preload instructions as nops as they are just
performance hints.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:47 +00:00
Jon Medhurst
6a0d1a1c56 ARM: kprobes: Reject 32-bit Thumb coprocessor and SIMD instructions
The kernel doesn't currently support VFP or Neon code, and probing of
code with CP15 operations is fraught with bad consequences. So we will
just reject probing these instructions.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:47 +00:00
Jon Medhurst
ce715c772f ARM: kprobes: Decode 32-bit Thumb branch instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:46 +00:00
Jon Medhurst
b06f3ee34d ARM: kprobes: Decode 32-bit miscellaneous control instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:46 +00:00
Jon Medhurst
7848786a7a ARM: kprobes: Decode 32-bit Thumb data-processing (plain binary immediate) instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:46 +00:00
Jon Medhurst
2fcaf7e758 ARM: kprobes: Decode 32-bit Thumb data-processing (modified immediate) instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:46 +00:00
Jon Medhurst
080e001326 ARM: kprobes: Decode 32-bit Thumb data-processing (shifted register) instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:46 +00:00
Jon Medhurst
dd212bd3cb ARM: kprobes: Decode 32-bit Thumb table branch instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:46 +00:00
Jon Medhurst
b48354d358 ARM: kprobes: Decode 32-bit Thumb load/store dual and load/store exclusive instructions
We reject probing of load/store exclusive instructions because any
emulation routine could never succeed in gaining exclusive access as the
exception framework clears the exclusivity monitor when a probes
breakpoint is hit.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:46 +00:00
Jon Medhurst
eaf1d06500 ARM: kprobes: Decode 32-bit Thumb load/store multiple instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:45 +00:00
Jon Medhurst
3d4a99785a ARM: kprobes: Optimise emulation of LDM and STM
This patch improves the performance of LDM and STM instruction
emulation. This is desirable because.

- jprobes and kretprobes probe the first instruction in a function and,
  when the frame pointer is omitted, this instruction is often a STM
  used to push registers onto the stack.

- The STM and LDM instructions are common in the body and tail of
  functions.

- At the same time as being a common instruction form, they also have
  one of the slowest and most complicated simulation routines.

The approach taken to optimisation is to use emulation rather than
simulation, that is, a modified form of the instruction is run with
an appropriate register context.

Benchmarking on an OMAP3530 shows the optimised emulation is between 2
and 3 times faster than the simulation routines. On a Kirkwood based
device the relative performance was very significantly better than this.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:45 +00:00
Jon Medhurst
235a4ce79f ARM: kprobes: Add common decoding function for LDM and STM
The encoding of these instructions is substantially the same for both
ARM and Thumb, so we can have common decoding and simulation functions.

This patch moves the simulation functions from kprobes-arm.c to
kprobes-common.c. It also adds a new simulation function
(simulate_ldm1_pc) for the case where we load into PC because this may
need to interwork.

The instruction decoding is done by a custom function
(kprobe_decode_ldmstm) rather than just relying on decoding table
entries because we will later be adding optimisation code.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:45 +00:00
Jon Medhurst
263e368a2f ARM: kprobes: Add load_write_pc()
This writes a value to PC which was obtained as the result of a
LDR or LDM instruction. For ARMv5T and later this must perform
interworking.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:45 +00:00
Jon Medhurst
f39ca8b488 ARM: kprobes: Decode 32-bit Thumb hint instructions
For hints which may have observable effects, like SEV (send event), we
use kprobe_emulate_none which emulates the hint by executing the
original instruction.

For NOP we simulate the instruction using kprobe_simulate_nop, which
does nothing. As probes execute with interrupts disabled this is also
used for hints which may block for an indefinite time, like WFE (wait
for event).

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:45 +00:00
Jon Medhurst
0a188ccb5e ARM: kprobes: Reject 16-bit Thumb SETEND, CPS and BKPT instructions
These are very rare and/or problematic to emulate so we will take the
easy option and disallow probing them (as does the existing ARM
implementation).

Rejecting these instructions doesn't actually require any entries in the
decoding table as it is the default case for instructions which aren't
found.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:45 +00:00
Jon Medhurst
396b41f68d ARM: kprobes: Decode 16-bit Thumb branch instructions
We previously changed the behaviour of probes so that conditional
instructions don't fire when the condition isn't met. For ARM branches,
and Thumb branches in IT blocks, this means they don't fire if the
branch isn't taken.

For consistency, we implement the same for Thumb conditional branch
instructions. This involves setting up insn_check_cc to point to the
relevant condition checking function. As the emulation routine is only
called when this condition passes, it doesn't need to check again and
can unconditionally update PC.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:45 +00:00
Jon Medhurst
444956677e ARM: kprobes: Reject 16-bit Thumb SVC and UNDEFINED instructions
SVC (SWI) instructions shouldn't occur in kernel code so we don't
need to be able to probe them.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:44 +00:00
Jon Medhurst
5b94faf8d7 ARM: kprobes: Decode 16-bit Thumb IT instruction
The normal Thumb singlestepping routine updates the IT state after
calling the instruction handler. We don't what this to happen after the
IT instruction simulation sets the IT state, therefore we need to
provide a custom singlestep routine.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:44 +00:00
Jon Medhurst
fd0c8d8a48 ARM: kprobes: Decode 16-bit Thumb PUSH and POP instructions
These instructions are equivalent to

	stmdb sp!,{r0-r7,lr}
	ldmdb sp!,{r0-r7,pc}

and we emulate them by transforming them into the 32-bit Thumb
instructions

	stmdb r9!,{r0-r7,r8}
	ldmdb r9!,{r0-r7,r8}

This is simpler, and almost certainly executes faster, than writing
simulation functions.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:44 +00:00
Jon Medhurst
32818f31f8 ARM: kprobes: Decode 16-bit Thumb CBZ and bit manipulation instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:44 +00:00
Jon Medhurst
2f33582904 ARM: kprobes: Decode 16-bit Thumb PC- and SP-relative address instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:44 +00:00
Jon Medhurst
f869514282 ARM: kprobes: Decode 16-bit Thumb load and store instructions
Most of these instructions only operate on the low registers R0-R7
so they can make use of t16_emulate_loregs_rwflags.

The instructions which use SP or PC for addressing have their own
simulation functions.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:44 +00:00
Jon Medhurst
3b5940e811 ARM: kprobes: Decode 16-bit Thumb special data instructions
These data-processing instructions operate on the full range of CPU
registers, so to simulate them we have to modify the registers used
by the instruction. We can't make use of the decoding table framework to
do this because the registers aren't encoded cleanly in separate
nibbles, therefore we need a custom decode function.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:43 +00:00
Jon Medhurst
a9c3c29e72 ARM: kprobes: Decode 16-bit Thumb BX and BLX instructions
Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:43 +00:00
Jon Medhurst
059987ffa7 ARM: kprobes: Add bx_write_pc()
This writes a value to PC, with interworking. I.e. switches to Thumb or
ARM mode depending on the state of the least significant bit.

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:43 +00:00
Jon Medhurst
02d194f647 ARM: kprobes: Decode 16-bit Thumb data-processing instructions
These instructions only operate on the low registers R0-R7, therefore
it is possible to emulate them by executing the original instruction
unaltered if we restore and save these registers. This is what
t16_emulate_loregs does.

Some of these instructions don't update the PSR when they execute in an
IT block, so there are two flavours of emulation functions:
t16_emulate_loregs_{noit}rwflags

Signed-off-by: Jon Medhurst <tixy@yxit.co.uk>
Acked-by: Nicolas Pitre <nicolas.pitre@linaro.org>
2011-07-13 17:32:43 +00:00