From patchwork Tue Sep 30 16:47:25 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 38165 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-lb0-f198.google.com (mail-lb0-f198.google.com [209.85.217.198]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id D40F02032C for ; Tue, 30 Sep 2014 16:49:29 +0000 (UTC) Received: by mail-lb0-f198.google.com with SMTP id b6sf732263lbj.1 for ; Tue, 30 Sep 2014 09:49:28 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:cc:subject :precedence:list-id:list-unsubscribe:list-post:list-help :list-subscribe:mime-version:sender:errors-to:x-original-sender :x-original-authentication-results:mailing-list:list-archive :content-type:content-transfer-encoding; bh=99GcGtyn6J3MxF/yFtVDbQw4sLDloaQqc6oD9xaOdX8=; b=Rbi9Z3mmx+j4qFipQwZehFazie32xbFiLDw/tAr6Y4rO/BfLKCeo4RBOxg9r/ClUAI 7RBpbNPVXFFz+JXlorXwm+d+1ep/2vzpRGTRxKuHb/w9jT156lOBHKP9e/81jPs5hZLq l0lj3yOQKiyVjnCNB2zM1W2Oye6BTZef6Yq6UxO5BLC7D3pAWqfG3wlS7zAAMxQZ6fv+ FWnu01qiaA6nH4lx+92YfhqgY792wxWoWI+5b5H4QDbF/WZgJMKYSI+8lNXynUYej+Yg ftm5p02mSoFmac1IPBOG9K76EoerXH/Jvf7qWvBkiOl/OpUaaQlzZnS+D/Q+qsv1WoFw 1TYw== X-Gm-Message-State: ALoCoQnG59EuLx4Qb6qGMMG7z8cloFyjMM0daKINPuIsk1sb0hKF9q7oz2JXMc81Cc7MCmuF+e5E X-Received: by 10.152.23.166 with SMTP id n6mr258587laf.9.1412095767897; Tue, 30 Sep 2014 09:49:27 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.18.227 with SMTP id z3ls65870lad.44.gmail; Tue, 30 Sep 2014 09:49:27 -0700 (PDT) X-Received: by 10.152.203.204 with SMTP id ks12mr50081866lac.65.1412095767697; Tue, 30 Sep 2014 09:49:27 -0700 (PDT) Received: from mail-la0-f45.google.com (mail-la0-f45.google.com [209.85.215.45]) by mx.google.com with ESMTPS id z8si17072439lbf.132.2014.09.30.09.49.27 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 30 Sep 2014 09:49:27 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.45 as permitted sender) client-ip=209.85.215.45; Received: by mail-la0-f45.google.com with SMTP id q1so8830367lam.4 for ; Tue, 30 Sep 2014 09:49:27 -0700 (PDT) X-Received: by 10.112.4.33 with SMTP id h1mr45046906lbh.67.1412095767283; Tue, 30 Sep 2014 09:49:27 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.130.169 with SMTP id of9csp383665lbb; Tue, 30 Sep 2014 09:49:26 -0700 (PDT) X-Received: by 10.220.196.212 with SMTP id eh20mr19833289vcb.7.1412095765942; Tue, 30 Sep 2014 09:49:25 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id op4si7192042vcb.43.2014.09.30.09.49.25 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 30 Sep 2014 09:49:25 -0700 (PDT) Received-SPF: none (google.com: xen-devel-bounces@lists.xen.org does not designate permitted sender hosts) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XZ0aP-0002eo-DA; Tue, 30 Sep 2014 16:47:37 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XZ0aN-0002ea-Mc for xen-devel@lists.xenproject.org; Tue, 30 Sep 2014 16:47:35 +0000 Received: from [85.158.139.211:31772] by server-17.bemta-5.messagelabs.com id C2/44-08943-7AEDA245; Tue, 30 Sep 2014 16:47:35 +0000 X-Env-Sender: julien.grall@linaro.org X-Msg-Ref: server-14.tower-206.messagelabs.com!1412095653!5784082!1 X-Originating-IP: [209.85.212.181] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.12.2; banners=-,-,- X-VirusChecked: Checked Received: (qmail 17352 invoked from network); 30 Sep 2014 16:47:34 -0000 Received: from mail-wi0-f181.google.com (HELO mail-wi0-f181.google.com) (209.85.212.181) by server-14.tower-206.messagelabs.com with RC4-SHA encrypted SMTP; 30 Sep 2014 16:47:34 -0000 Received: by mail-wi0-f181.google.com with SMTP id hi2so316264wib.14 for ; Tue, 30 Sep 2014 09:47:33 -0700 (PDT) X-Received: by 10.194.57.237 with SMTP id l13mr15195998wjq.102.1412095653794; Tue, 30 Sep 2014 09:47:33 -0700 (PDT) Received: from belegaer.uk.xensource.com ([185.25.64.249]) by mx.google.com with ESMTPSA id ew1sm19783730wjb.31.2014.09.30.09.47.31 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 30 Sep 2014 09:47:32 -0700 (PDT) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Tue, 30 Sep 2014 17:47:25 +0100 Message-Id: <1412095645-3018-1-git-send-email-julien.grall@linaro.org> X-Mailer: git-send-email 1.7.10.4 Cc: stefano.stabellini@citrix.com, Julien Grall , tim@xen.org, ian.campbell@citrix.com Subject: [Xen-devel] [PATCH v4 for 4.5] xen/arm: Correctly support WARN_ON X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: julien.grall@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.215.45 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: Currently the hypervisor will hang if it hits a WARN_ON. The implemention uses an undefined instruction, made ourself because ARM doesn't provide one, to implement BUG/ASSERT/WARN_ON, and sets up the different tables (one for each type) which contain useful information. This is based on the x86 implementation (include/asm-x86/bug.h). Unfortunately the structure can't be shared because many ARM{32,64} gcc versions doesn't correctly support %c. The support of executing a function in an exception handler is also keep unimplemented on ARM. Therefore, dump_execution_state is implement as WARN() The current opcode used to go in exception mode may not be undefined on ARM64. Use the instruction "brk" to generate a software debug exception. Signed-off-by: Julien Grall --- This is a bug fix for Xen 4.5. It make WARN_ON working correctly when it has been hit in the hypervisor. Changes in v4: - Check if the regs represents an hyp mode view rather than checking HCR_EL2.TGE and MDCR_EL2.TDE. Changes in v3: - Typoes - Uppercase first letter of each word of do_unexpected_trap - Check that PC is effectly a multiple of 4 for ARM32 - Make BUG_ON/WARN/ASSERT working during early boot (i.e when a current is not correctly set) - Check that HCR.EL2.TGE and MDCR_EL2.TDE are not set - Replace regs->pc by the local variable pc in arch/arm/arm32/traps.c Changes in v2: - Missing static in do_bug_frame prototype - Add support for ARM64 by using the instruction brk - Implement dump_execution_state as WARN --- xen/arch/arm/arm32/traps.c | 23 +++++++++ xen/arch/arm/traps.c | 107 ++++++++++++++++++++++++++++++++++++++- xen/arch/arm/xen.lds.S | 8 +++ xen/include/asm-arm/arm32/bug.h | 13 +++++ xen/include/asm-arm/arm64/bug.h | 10 ++++ xen/include/asm-arm/bug.h | 77 ++++++++++++++++++++++++++-- xen/include/asm-arm/debugger.h | 2 +- xen/include/asm-arm/processor.h | 18 ++++++- 8 files changed, 252 insertions(+), 6 deletions(-) create mode 100644 xen/include/asm-arm/arm32/bug.h create mode 100644 xen/include/asm-arm/arm64/bug.h diff --git a/xen/arch/arm/arm32/traps.c b/xen/arch/arm/arm32/traps.c index ff0b945..f8cf864 100644 --- a/xen/arch/arm/arm32/traps.c +++ b/xen/arch/arm/arm32/traps.c @@ -18,6 +18,7 @@ #include #include +#include #include @@ -25,6 +26,28 @@ asmlinkage void do_trap_undefined_instruction(struct cpu_user_regs *regs) { + uint32_t pc = regs->pc; + uint32_t instr; + + if ( !is_kernel_text(pc) && + (system_state >= SYS_STATE_active || !is_kernel_inittext(pc)) ) + goto die; + + /* PC should be always a multiple of 4, as Xen is using ARM instruction set */ + if ( regs->pc & 0x3 ) + goto die; + + instr = *((uint32_t *)pc); + if ( instr != BUG_OPCODE ) + goto die; + + if ( do_bug_frame(regs, pc) ) + goto die; + + regs->pc += 4; + return; + +die: do_unexpected_trap("Undefined Instruction", regs); } diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c index 4b4b4e0..f6fc8f8 100644 --- a/xen/arch/arm/traps.c +++ b/xen/arch/arm/traps.c @@ -32,6 +32,7 @@ #include #include #include +#include #include #include #include @@ -1050,6 +1051,102 @@ void do_unexpected_trap(const char *msg, struct cpu_user_regs *regs) panic("CPU%d: Unexpected Trap: %s\n", smp_processor_id(), msg); } +int do_bug_frame(struct cpu_user_regs *regs, vaddr_t pc) +{ + const struct bug_frame *bug; + const char *prefix = "", *filename, *predicate; + unsigned long fixup; + int id, lineno; + static const struct bug_frame *const stop_frames[] = { + __stop_bug_frames_0, + __stop_bug_frames_1, + __stop_bug_frames_2, + NULL + }; + + for ( bug = __start_bug_frames, id = 0; stop_frames[id]; ++bug ) + { + while ( unlikely(bug == stop_frames[id]) ) + ++id; + + if ( ((vaddr_t)bug_loc(bug)) == pc ) + break; + } + + if ( !stop_frames[id] ) + return -ENOENT; + + /* WARN, BUG or ASSERT: decode the filename pointer and line number. */ + filename = bug_file(bug); + if ( !is_kernel(filename) ) + return -EINVAL; + fixup = strlen(filename); + if ( fixup > 50 ) + { + filename += fixup - 47; + prefix = "..."; + } + lineno = bug_line(bug); + + switch ( id ) + { + case BUGFRAME_warn: + printk("Xen WARN at %s%s:%d\n", prefix, filename, lineno); + show_execution_state(regs); + return 0; + + case BUGFRAME_bug: + printk("Xen BUG at %s%s:%d\n", prefix, filename, lineno); + + if ( debugger_trap_fatal(TRAP_invalid_op, regs) ) + return 0; + + show_execution_state(regs); + panic("Xen BUG at %s%s:%d", prefix, filename, lineno); + + case BUGFRAME_assert: + /* ASSERT: decode the predicate string pointer. */ + predicate = bug_msg(bug); + if ( !is_kernel(predicate) ) + predicate = ""; + + printk("Assertion '%s' failed at %s%s:%d\n", + predicate, prefix, filename, lineno); + if ( debugger_trap_fatal(TRAP_invalid_op, regs) ) + return 0; + show_execution_state(regs); + panic("Assertion '%s' failed at %s%s:%d", + predicate, prefix, filename, lineno); + } + + return -EINVAL; +} + +#ifdef CONFIG_ARM_64 +static void do_trap_brk(struct cpu_user_regs *regs, union hsr hsr) +{ + /* HCR_EL2.TGE and MDCR_EL2.TDE are not set so we never receive + * software breakpoint exception for EL1 and EL0 here. + */ + BUG_ON(!hyp_mode(regs)); + + switch (hsr.brk.comment) + { + case BRK_BUG_FRAME: + if ( do_bug_frame(regs, regs->pc) ) + goto die; + + regs->pc += 4; + + break; + + default: +die: + do_unexpected_trap("Undefined Breakpoint Value", regs); + } +} +#endif + typedef register_t (*arm_hypercall_fn_t)( register_t, register_t, register_t, register_t, register_t); @@ -1921,7 +2018,8 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs *regs) * correctly (See XSA-102). Until that is resolved we treat any * trap from 32-bit userspace on 64-bit kernel as undefined. */ - if ( is_64bit_domain(current->domain) && psr_mode_is_32bit(regs->cpsr) ) + if ( !hyp_mode(regs) && is_64bit_domain(current->domain) && + psr_mode_is_32bit(regs->cpsr) ) { inject_undef_exception(regs, hsr.len); return; @@ -2006,6 +2104,13 @@ asmlinkage void do_trap_hypervisor(struct cpu_user_regs *regs) case HSR_EC_DATA_ABORT_LOWER_EL: do_trap_data_abort_guest(regs, hsr); break; + +#ifdef CONFIG_ARM_64 + case HSR_EC_BRK: + do_trap_brk(regs, hsr); + break; +#endif + default: bad_trap: printk("Hypervisor Trap. HSR=0x%x EC=0x%x IL=%x Syndrome=0x%"PRIx32"\n", diff --git a/xen/arch/arm/xen.lds.S b/xen/arch/arm/xen.lds.S index 079e085..cca1d8c 100644 --- a/xen/arch/arm/xen.lds.S +++ b/xen/arch/arm/xen.lds.S @@ -40,6 +40,14 @@ SECTIONS . = ALIGN(PAGE_SIZE); .rodata : { _srodata = .; /* Read-only data */ + /* Bug frames table */ + __start_bug_frames = .; + *(.bug_frames.0) + __stop_bug_frames_0 = .; + *(.bug_frames.1) + __stop_bug_frames_1 = .; + *(.bug_frames.2) + __stop_bug_frames_2 = .; *(.rodata) *(.rodata.*) _erodata = .; /* End of read-only data */ diff --git a/xen/include/asm-arm/arm32/bug.h b/xen/include/asm-arm/arm32/bug.h new file mode 100644 index 0000000..155b420 --- /dev/null +++ b/xen/include/asm-arm/arm32/bug.h @@ -0,0 +1,13 @@ +#ifndef __ARM_ARM32_BUG_H__ +#define __ARM_ARM32_BUG_H__ + +#include + +/* ARMv7 provides a list of undefined opcode (see A8.8.247 DDI 0406C.b) + * Use one them encoding A1 to go in exception mode + */ +#define BUG_OPCODE 0xe7f00f0 + +#define BUG_INSTR ".word " __stringify(BUG_OPCODE) + +#endif /* __ARM_ARM32_BUG_H__ */ diff --git a/xen/include/asm-arm/arm64/bug.h b/xen/include/asm-arm/arm64/bug.h new file mode 100644 index 0000000..42b0e4f --- /dev/null +++ b/xen/include/asm-arm/arm64/bug.h @@ -0,0 +1,10 @@ +#ifndef __ARM_ARM64_BUG_H__ +#define __ARM_ARM64_BUG_H__ + +#include + +#define BRK_BUG_FRAME 1 + +#define BUG_INSTR "brk " __stringify(BRK_BUG_FRAME) + +#endif /* __ARM_ARM64_BUG_H__ */ diff --git a/xen/include/asm-arm/bug.h b/xen/include/asm-arm/bug.h index 458c818..ab9e811 100644 --- a/xen/include/asm-arm/bug.h +++ b/xen/include/asm-arm/bug.h @@ -1,10 +1,81 @@ #ifndef __ARM_BUG_H__ #define __ARM_BUG_H__ -#define BUG() __bug(__FILE__, __LINE__) -#define WARN() __warn(__FILE__, __LINE__) +#include -#endif /* __X86_BUG_H__ */ +#if defined(CONFIG_ARM_32) +# include +#elif defined(CONFIG_ARM_64) +# include +#else +# error "unknown ARM variant" +#endif + +#define BUG_DISP_WIDTH 24 +#define BUG_LINE_LO_WIDTH (31 - BUG_DISP_WIDTH) +#define BUG_LINE_HI_WIDTH (31 - BUG_DISP_WIDTH) + +struct bug_frame { + signed int loc_disp; /* Relative address to the bug address */ + signed int file_disp; /* Relative address to the filename */ + signed int msg_disp; /* Relative address to the predicate (for ASSERT) */ + uint16_t line; /* Line number */ + uint32_t pad0:16; /* Padding for 8-bytes align */ +}; + +#define bug_loc(b) ((const void *)(b) + (b)->loc_disp) +#define bug_file(b) ((const void *)(b) + (b)->file_disp); +#define bug_line(b) ((b)->line) +#define bug_msg(b) ((const char *)(b) + (b)->msg_disp) + +#define BUGFRAME_warn 0 +#define BUGFRAME_bug 1 +#define BUGFRAME_assert 2 + +/* Many versions of GCC doesn't support the asm %c parameter which would + * be preferable to this unpleasantness. We use mergeable string + * sections to avoid multiple copies of the string appearing in the + * Xen image. + */ +#define BUG_FRAME(type, line, file, has_msg, msg) do { \ + BUILD_BUG_ON((line) >> 16); \ + asm ("1:"BUG_INSTR"\n" \ + ".pushsection .rodata.str, \"aMS\", %progbits, 1\n" \ + "2:\t.asciz " __stringify(file) "\n" \ + "3:\n" \ + ".if " #has_msg "\n" \ + "\t.asciz " #msg "\n" \ + ".endif\n" \ + ".popsection\n" \ + ".pushsection .bug_frames." __stringify(type) ", \"a\", %progbits\n"\ + "4:\n" \ + ".long (1b - 4b)\n" \ + ".long (2b - 4b)\n" \ + ".long (3b - 4b)\n" \ + ".hword " __stringify(line) ", 0\n" \ + ".popsection"); \ +} while (0) + +#define WARN() BUG_FRAME(BUGFRAME_warn, __LINE__, __FILE__, 0, "") + +#define BUG() do { \ + BUG_FRAME(BUGFRAME_bug, __LINE__, __FILE__, 0, ""); \ + unreachable(); \ +} while (0) + +#define assert_failed(msg) do { \ + BUG_FRAME(BUGFRAME_assert, __LINE__, __FILE__, 1, msg); \ + unreachable(); \ +} while (0) + +extern const struct bug_frame __start_bug_frames[], + __stop_bug_frames_0[], + __stop_bug_frames_1[], + __stop_bug_frames_2[]; + +int do_bug_frame(struct cpu_user_regs *regs, vaddr_t pc); + +#endif /* __ARM_BUG_H__ */ /* * Local variables: * mode: C diff --git a/xen/include/asm-arm/debugger.h b/xen/include/asm-arm/debugger.h index 916860b..ac776ef 100644 --- a/xen/include/asm-arm/debugger.h +++ b/xen/include/asm-arm/debugger.h @@ -1,7 +1,7 @@ #ifndef __ARM_DEBUGGER_H__ #define __ARM_DEBUGGER_H__ -#define debugger_trap_fatal(v, r) ((void) 0) +#define debugger_trap_fatal(v, r) (0) #define debugger_trap_immediate() ((void) 0) #endif /* __ARM_DEBUGGER_H__ */ diff --git a/xen/include/asm-arm/processor.h b/xen/include/asm-arm/processor.h index 07a421c..e719c26 100644 --- a/xen/include/asm-arm/processor.h +++ b/xen/include/asm-arm/processor.h @@ -3,6 +3,7 @@ #include #include +#include /* MIDR Main ID Register */ #define MIDR_MASK 0xff0ffff0 @@ -179,6 +180,7 @@ #define HDCR_TDRA (_AC(1,U)<<11) /* Trap Debug ROM access */ #define HDCR_TDOSA (_AC(1,U)<<10) /* Trap Debug-OS-related register access */ #define HDCR_TDA (_AC(1,U)<<9) /* Trap Debug Access */ +#define HDCR_TDE (_AC(1,U)<<8) /* Route Soft Debug exceptions from EL1/EL1 to EL2 */ #define HDCR_TPM (_AC(1,U)<<6) /* Trap Performance Monitors accesses */ #define HDCR_TPMCR (_AC(1,U)<<5) /* Trap PMCR accesses */ @@ -205,6 +207,9 @@ #define HSR_EC_INSTR_ABORT_CURR_EL 0x21 #define HSR_EC_DATA_ABORT_LOWER_EL 0x24 #define HSR_EC_DATA_ABORT_CURR_EL 0x25 +#ifdef CONFIG_ARM_64 +#define HSR_EC_BRK 0x3c +#endif /* FSR format, common */ #define FSR_LPAE (_AC(1,UL)<<9) @@ -452,6 +457,17 @@ union hsr { unsigned long len:1; /* Instruction length */ unsigned long ec:6; /* Exception Class */ } dabt; /* HSR_EC_DATA_ABORT_* */ + +#ifdef CONFIG_ARM_64 + struct hsr_brk { + unsigned long comment:16; /* Comment */ + unsigned long res0:9; + unsigned long len:1; /* Instruction length */ + unsigned long ec:6; /* Exception Class */ + } brk; +#endif + + }; #endif @@ -583,7 +599,7 @@ void panic_PAR(uint64_t par); void show_execution_state(struct cpu_user_regs *regs); void show_registers(struct cpu_user_regs *regs); //#define dump_execution_state() run_in_exception_handler(show_execution_state) -#define dump_execution_state() asm volatile (".word 0xe7f000f0\n"); /* XXX */ +#define dump_execution_state() WARN() #define cpu_relax() barrier() /* Could yield? */