1 // SPDX-License-Identifier: GPL-2.0
3 * Code for replacing ftrace calls with jumps.
5 * Copyright (C) 2007-2008 Steven Rostedt <srostedt@redhat.com>
7 * Thanks goes out to P.A. Semi, Inc for supplying me with a PPC64 box.
9 * Added function graph tracer code, taken from x86 that was written
10 * by Frederic Weisbecker, and ported to PPC by Steven Rostedt.
14 #define pr_fmt(fmt) "ftrace-powerpc: " fmt
16 #include <linux/spinlock.h>
17 #include <linux/hardirq.h>
18 #include <linux/uaccess.h>
19 #include <linux/module.h>
20 #include <linux/ftrace.h>
21 #include <linux/percpu.h>
22 #include <linux/init.h>
23 #include <linux/list.h>
25 #include <asm/cacheflush.h>
26 #include <asm/code-patching.h>
27 #include <asm/ftrace.h>
28 #include <asm/syscall.h>
32 * We generally only have a single long_branch tramp and at most 2 or 3 plt
33 * tramps generated. But, we don't use the plt tramps currently. We also allot
34 * 2 tramps after .text and .init.text. So, we only end up with around 3 usable
35 * tramps in total. Set aside 8 just to be sure.
37 #define NUM_FTRACE_TRAMPS 8
38 static unsigned long ftrace_tramps[NUM_FTRACE_TRAMPS];
41 ftrace_call_replace(unsigned long ip, unsigned long addr, int link)
45 addr = ppc_function_entry((void *)addr);
47 /* if (link) set op to 'bl' else 'b' */
48 create_branch(&op, (u32 *)ip, addr, link ? BRANCH_SET_LINK : 0);
54 ftrace_modify_code(unsigned long ip, ppc_inst_t old, ppc_inst_t new)
60 * We are paranoid about modifying text, as if a bug was to happen, it
61 * could cause us to read or write to someplace that could cause harm.
62 * Carefully read and modify the code with probe_kernel_*(), and make
63 * sure what we read is what we expected it to be before modifying it.
66 /* read the text we want to modify */
67 if (copy_inst_from_kernel_nofault(&replaced, (void *)ip))
70 /* Make sure it is what we expect it to be */
71 if (!ppc_inst_equal(replaced, old)) {
72 pr_err("%p: replaced (%08lx) != old (%08lx)", (void *)ip,
73 ppc_inst_as_ulong(replaced), ppc_inst_as_ulong(old));
77 /* replace the text with the new text */
78 return patch_instruction((u32 *)ip, new);
82 * Helper functions that are the same for both PPC64 and PPC32.
84 static int test_24bit_addr(unsigned long ip, unsigned long addr)
86 addr = ppc_function_entry((void *)addr);
88 return is_offset_in_branch_range(addr - ip);
91 static int is_bl_op(ppc_inst_t op)
93 return (ppc_inst_val(op) & ~PPC_LI_MASK) == PPC_RAW_BL(0);
96 static int is_b_op(ppc_inst_t op)
98 return (ppc_inst_val(op) & ~PPC_LI_MASK) == PPC_RAW_BRANCH(0);
101 static unsigned long find_bl_target(unsigned long ip, ppc_inst_t op)
105 offset = PPC_LI(ppc_inst_val(op));
107 if (offset & 0x02000000)
108 offset |= 0xfe000000;
110 return ip + (long)offset;
113 #ifdef CONFIG_MODULES
115 __ftrace_make_nop(struct module *mod,
116 struct dyn_ftrace *rec, unsigned long addr)
118 unsigned long entry, ptr, tramp;
119 unsigned long ip = rec->ip;
122 /* read where this goes */
123 if (copy_inst_from_kernel_nofault(&op, (void *)ip)) {
124 pr_err("Fetching opcode failed.\n");
128 /* Make sure that this is still a 24bit jump */
130 pr_err("Not expected bl: opcode is %08lx\n", ppc_inst_as_ulong(op));
134 /* lets find where the pointer goes */
135 tramp = find_bl_target(ip, op);
137 pr_devel("ip:%lx jumps to %lx", ip, tramp);
139 if (module_trampoline_target(mod, tramp, &ptr)) {
140 pr_err("Failed to get trampoline target\n");
144 pr_devel("trampoline target %lx", ptr);
146 entry = ppc_global_function_entry((void *)addr);
147 /* This should match what was called */
149 pr_err("addr %lx does not match expected %lx\n", ptr, entry);
153 if (IS_ENABLED(CONFIG_MPROFILE_KERNEL)) {
154 if (copy_inst_from_kernel_nofault(&op, (void *)(ip - 4))) {
155 pr_err("Fetching instruction at %lx failed.\n", ip - 4);
159 /* We expect either a mflr r0, or a std r0, LRSAVE(r1) */
160 if (!ppc_inst_equal(op, ppc_inst(PPC_RAW_MFLR(_R0))) &&
161 !ppc_inst_equal(op, ppc_inst(PPC_INST_STD_LR))) {
162 pr_err("Unexpected instruction %08lx around bl _mcount\n",
163 ppc_inst_as_ulong(op));
166 } else if (IS_ENABLED(CONFIG_PPC64)) {
168 * Check what is in the next instruction. We can see ld r2,40(r1), but
169 * on first pass after boot we will see mflr r0.
171 if (copy_inst_from_kernel_nofault(&op, (void *)(ip + 4))) {
172 pr_err("Fetching op failed.\n");
176 if (!ppc_inst_equal(op, ppc_inst(PPC_INST_LD_TOC))) {
177 pr_err("Expected %08lx found %08lx\n", PPC_INST_LD_TOC,
178 ppc_inst_as_ulong(op));
184 * When using -mprofile-kernel or PPC32 there is no load to jump over.
186 * Otherwise our original call site looks like:
191 * Milton Miller pointed out that we can not simply nop the branch.
192 * If a task was preempted when calling a trace function, the nops
193 * will remove the way to restore the TOC in r2 and the r2 TOC will
196 * Use a b +8 to jump over the load.
197 * XXX: could make PCREL depend on MPROFILE_KERNEL
198 * XXX: check PCREL && MPROFILE_KERNEL calling sequence
200 if (IS_ENABLED(CONFIG_MPROFILE_KERNEL) || IS_ENABLED(CONFIG_PPC32))
201 pop = ppc_inst(PPC_RAW_NOP());
203 pop = ppc_inst(PPC_RAW_BRANCH(8)); /* b +8 */
205 if (patch_instruction((u32 *)ip, pop)) {
206 pr_err("Patching NOP failed.\n");
213 static int __ftrace_make_nop(struct module *mod, struct dyn_ftrace *rec, unsigned long addr)
217 #endif /* CONFIG_MODULES */
219 static unsigned long find_ftrace_tramp(unsigned long ip)
224 * We have the compiler generated long_branch tramps at the end
225 * and we prefer those
227 for (i = NUM_FTRACE_TRAMPS - 1; i >= 0; i--)
228 if (!ftrace_tramps[i])
230 else if (is_offset_in_branch_range(ftrace_tramps[i] - ip))
231 return ftrace_tramps[i];
236 static int add_ftrace_tramp(unsigned long tramp)
240 for (i = 0; i < NUM_FTRACE_TRAMPS; i++)
241 if (!ftrace_tramps[i]) {
242 ftrace_tramps[i] = tramp;
250 * If this is a compiler generated long_branch trampoline (essentially, a
251 * trampoline that has a branch to _mcount()), we re-write the branch to
252 * instead go to ftrace_[regs_]caller() and note down the location of this
255 static int setup_mcount_compiler_tramp(unsigned long tramp)
261 /* Is this a known long jump tramp? */
262 for (i = 0; i < NUM_FTRACE_TRAMPS; i++)
263 if (ftrace_tramps[i] == tramp)
266 /* New trampoline -- read where this goes */
267 if (copy_inst_from_kernel_nofault(&op, (void *)tramp)) {
268 pr_debug("Fetching opcode failed.\n");
272 /* Is this a 24 bit branch? */
274 pr_debug("Trampoline is not a long branch tramp.\n");
278 /* lets find where the pointer goes */
279 ptr = find_bl_target(tramp, op);
281 if (ptr != ppc_global_function_entry((void *)_mcount)) {
282 pr_debug("Trampoline target %p is not _mcount\n", (void *)ptr);
286 /* Let's re-write the tramp to go to ftrace_[regs_]caller */
287 if (IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_REGS))
288 ptr = ppc_global_function_entry((void *)ftrace_regs_caller);
290 ptr = ppc_global_function_entry((void *)ftrace_caller);
292 if (patch_branch((u32 *)tramp, ptr, 0)) {
293 pr_debug("REL24 out of range!\n");
297 if (add_ftrace_tramp(tramp)) {
298 pr_debug("No tramp locations left\n");
305 static int __ftrace_make_nop_kernel(struct dyn_ftrace *rec, unsigned long addr)
307 unsigned long tramp, ip = rec->ip;
310 /* Read where this goes */
311 if (copy_inst_from_kernel_nofault(&op, (void *)ip)) {
312 pr_err("Fetching opcode failed.\n");
316 /* Make sure that this is still a 24bit jump */
318 pr_err("Not expected bl: opcode is %08lx\n", ppc_inst_as_ulong(op));
322 /* Let's find where the pointer goes */
323 tramp = find_bl_target(ip, op);
325 pr_devel("ip:%lx jumps to %lx", ip, tramp);
327 if (setup_mcount_compiler_tramp(tramp)) {
328 /* Are other trampolines reachable? */
329 if (!find_ftrace_tramp(ip)) {
330 pr_err("No ftrace trampolines reachable from %ps\n",
336 if (patch_instruction((u32 *)ip, ppc_inst(PPC_RAW_NOP()))) {
337 pr_err("Patching NOP failed.\n");
344 int ftrace_make_nop(struct module *mod,
345 struct dyn_ftrace *rec, unsigned long addr)
347 unsigned long ip = rec->ip;
351 * If the calling address is more that 24 bits away,
352 * then we had to use a trampoline to make the call.
353 * Otherwise just update the call site.
355 if (test_24bit_addr(ip, addr)) {
357 old = ftrace_call_replace(ip, addr, 1);
358 new = ppc_inst(PPC_RAW_NOP());
359 return ftrace_modify_code(ip, old, new);
360 } else if (core_kernel_text(ip)) {
361 return __ftrace_make_nop_kernel(rec, addr);
362 } else if (!IS_ENABLED(CONFIG_MODULES)) {
367 * Out of range jumps are called from modules.
368 * We should either already have a pointer to the module
369 * or it has been passed in.
371 if (!rec->arch.mod) {
373 pr_err("No module loaded addr=%lx\n", addr);
378 if (mod != rec->arch.mod) {
379 pr_err("Record mod %p not equal to passed in mod %p\n",
383 /* nothing to do if mod == rec->arch.mod */
387 return __ftrace_make_nop(mod, rec, addr);
390 #ifdef CONFIG_MODULES
392 * Examine the existing instructions for __ftrace_make_call.
393 * They should effectively be a NOP, and follow formal constraints,
394 * depending on the ABI. Return false if they don't.
396 static bool expected_nop_sequence(void *ip, ppc_inst_t op0, ppc_inst_t op1)
398 if (IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_REGS))
399 return ppc_inst_equal(op0, ppc_inst(PPC_RAW_NOP()));
401 return ppc_inst_equal(op0, ppc_inst(PPC_RAW_BRANCH(8))) &&
402 ppc_inst_equal(op1, ppc_inst(PPC_INST_LD_TOC));
406 __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr)
409 void *ip = (void *)rec->ip;
410 unsigned long entry, ptr, tramp;
411 struct module *mod = rec->arch.mod;
413 /* read where this goes */
414 if (copy_inst_from_kernel_nofault(op, ip))
417 if (!IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_REGS) &&
418 copy_inst_from_kernel_nofault(op + 1, ip + 4))
421 if (!expected_nop_sequence(ip, op[0], op[1])) {
422 pr_err("Unexpected call sequence at %p: %08lx %08lx\n", ip,
423 ppc_inst_as_ulong(op[0]), ppc_inst_as_ulong(op[1]));
427 /* If we never set up ftrace trampoline(s), then bail */
428 if (!mod->arch.tramp ||
429 (IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_REGS) && !mod->arch.tramp_regs)) {
430 pr_err("No ftrace trampoline\n");
434 if (IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_REGS) && rec->flags & FTRACE_FL_REGS)
435 tramp = mod->arch.tramp_regs;
437 tramp = mod->arch.tramp;
439 if (module_trampoline_target(mod, tramp, &ptr)) {
440 pr_err("Failed to get trampoline target\n");
444 pr_devel("trampoline target %lx", ptr);
446 entry = ppc_global_function_entry((void *)addr);
447 /* This should match what was called */
449 pr_err("addr %lx does not match expected %lx\n", ptr, entry);
453 if (patch_branch(ip, tramp, BRANCH_SET_LINK)) {
454 pr_err("REL24 out of range!\n");
461 static int __ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr)
465 #endif /* CONFIG_MODULES */
467 static int __ftrace_make_call_kernel(struct dyn_ftrace *rec, unsigned long addr)
470 void *ip = (void *)rec->ip;
471 unsigned long tramp, entry, ptr;
473 /* Make sure we're being asked to patch branch to a known ftrace addr */
474 entry = ppc_global_function_entry((void *)ftrace_caller);
475 ptr = ppc_global_function_entry((void *)addr);
477 if (ptr != entry && IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_REGS))
478 entry = ppc_global_function_entry((void *)ftrace_regs_caller);
481 pr_err("Unknown ftrace addr to patch: %ps\n", (void *)ptr);
485 /* Make sure we have a nop */
486 if (copy_inst_from_kernel_nofault(&op, ip)) {
487 pr_err("Unable to read ftrace location %p\n", ip);
491 if (!ppc_inst_equal(op, ppc_inst(PPC_RAW_NOP()))) {
492 pr_err("Unexpected call sequence at %p: %08lx\n",
493 ip, ppc_inst_as_ulong(op));
497 tramp = find_ftrace_tramp((unsigned long)ip);
499 pr_err("No ftrace trampolines reachable from %ps\n", ip);
503 if (patch_branch(ip, tramp, BRANCH_SET_LINK)) {
504 pr_err("Error patching branch to ftrace tramp!\n");
511 int ftrace_make_call(struct dyn_ftrace *rec, unsigned long addr)
513 unsigned long ip = rec->ip;
517 * If the calling address is more that 24 bits away,
518 * then we had to use a trampoline to make the call.
519 * Otherwise just update the call site.
521 if (test_24bit_addr(ip, addr)) {
523 old = ppc_inst(PPC_RAW_NOP());
524 new = ftrace_call_replace(ip, addr, 1);
525 return ftrace_modify_code(ip, old, new);
526 } else if (core_kernel_text(ip)) {
527 return __ftrace_make_call_kernel(rec, addr);
528 } else if (!IS_ENABLED(CONFIG_MODULES)) {
529 /* We should not get here without modules */
534 * Out of range jumps are called from modules.
535 * Being that we are converting from nop, it had better
536 * already have a module defined.
538 if (!rec->arch.mod) {
539 pr_err("No module loaded\n");
543 return __ftrace_make_call(rec, addr);
546 #ifdef CONFIG_DYNAMIC_FTRACE_WITH_REGS
547 #ifdef CONFIG_MODULES
549 __ftrace_modify_call(struct dyn_ftrace *rec, unsigned long old_addr,
553 unsigned long ip = rec->ip;
554 unsigned long entry, ptr, tramp;
555 struct module *mod = rec->arch.mod;
557 /* If we never set up ftrace trampolines, then bail */
558 if (!mod->arch.tramp || !mod->arch.tramp_regs) {
559 pr_err("No ftrace trampoline\n");
563 /* read where this goes */
564 if (copy_inst_from_kernel_nofault(&op, (void *)ip)) {
565 pr_err("Fetching opcode failed.\n");
569 /* Make sure that this is still a 24bit jump */
571 pr_err("Not expected bl: opcode is %08lx\n", ppc_inst_as_ulong(op));
575 /* lets find where the pointer goes */
576 tramp = find_bl_target(ip, op);
577 entry = ppc_global_function_entry((void *)old_addr);
579 pr_devel("ip:%lx jumps to %lx", ip, tramp);
581 if (tramp != entry) {
582 /* old_addr is not within range, so we must have used a trampoline */
583 if (module_trampoline_target(mod, tramp, &ptr)) {
584 pr_err("Failed to get trampoline target\n");
588 pr_devel("trampoline target %lx", ptr);
590 /* This should match what was called */
592 pr_err("addr %lx does not match expected %lx\n", ptr, entry);
597 /* The new target may be within range */
598 if (test_24bit_addr(ip, addr)) {
600 if (patch_branch((u32 *)ip, addr, BRANCH_SET_LINK)) {
601 pr_err("REL24 out of range!\n");
608 if (rec->flags & FTRACE_FL_REGS)
609 tramp = mod->arch.tramp_regs;
611 tramp = mod->arch.tramp;
613 if (module_trampoline_target(mod, tramp, &ptr)) {
614 pr_err("Failed to get trampoline target\n");
618 pr_devel("trampoline target %lx", ptr);
620 entry = ppc_global_function_entry((void *)addr);
621 /* This should match what was called */
623 pr_err("addr %lx does not match expected %lx\n", ptr, entry);
627 if (patch_branch((u32 *)ip, tramp, BRANCH_SET_LINK)) {
628 pr_err("REL24 out of range!\n");
635 static int __ftrace_modify_call(struct dyn_ftrace *rec, unsigned long old_addr, unsigned long addr)
641 int ftrace_modify_call(struct dyn_ftrace *rec, unsigned long old_addr,
644 unsigned long ip = rec->ip;
648 * If the calling address is more that 24 bits away,
649 * then we had to use a trampoline to make the call.
650 * Otherwise just update the call site.
652 if (test_24bit_addr(ip, addr) && test_24bit_addr(ip, old_addr)) {
654 old = ftrace_call_replace(ip, old_addr, 1);
655 new = ftrace_call_replace(ip, addr, 1);
656 return ftrace_modify_code(ip, old, new);
657 } else if (core_kernel_text(ip)) {
659 * We always patch out of range locations to go to the regs
660 * variant, so there is nothing to do here
663 } else if (!IS_ENABLED(CONFIG_MODULES)) {
664 /* We should not get here without modules */
669 * Out of range jumps are called from modules.
671 if (!rec->arch.mod) {
672 pr_err("No module loaded\n");
676 return __ftrace_modify_call(rec, old_addr, addr);
680 int ftrace_update_ftrace_func(ftrace_func_t func)
682 unsigned long ip = (unsigned long)(&ftrace_call);
686 old = ppc_inst_read((u32 *)&ftrace_call);
687 new = ftrace_call_replace(ip, (unsigned long)func, 1);
688 ret = ftrace_modify_code(ip, old, new);
690 /* Also update the regs callback function */
691 if (IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_REGS) && !ret) {
692 ip = (unsigned long)(&ftrace_regs_call);
693 old = ppc_inst_read((u32 *)&ftrace_regs_call);
694 new = ftrace_call_replace(ip, (unsigned long)func, 1);
695 ret = ftrace_modify_code(ip, old, new);
702 * Use the default ftrace_modify_all_code, but without
705 void arch_ftrace_update_code(int command)
707 ftrace_modify_all_code(command);
711 #define PACATOC offsetof(struct paca_struct, kernel_toc)
713 extern unsigned int ftrace_tramp_text[], ftrace_tramp_init[];
715 void ftrace_free_init_tramp(void)
719 for (i = 0; i < NUM_FTRACE_TRAMPS && ftrace_tramps[i]; i++)
720 if (ftrace_tramps[i] == (unsigned long)ftrace_tramp_init) {
721 ftrace_tramps[i] = 0;
726 int __init ftrace_dyn_arch_init(void)
729 unsigned int *tramp[] = { ftrace_tramp_text, ftrace_tramp_init };
730 #ifdef CONFIG_PPC_KERNEL_PCREL
733 PPC_PREFIX_MLS | __PPC_PRFX_R(1),
734 PPC_INST_PADDI | ___PPC_RT(_R12),
740 PPC_RAW_LD(_R12, _R13, PACATOC),
741 PPC_RAW_ADDIS(_R12, _R12, 0),
742 PPC_RAW_ADDI(_R12, _R12, 0),
751 if (IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_REGS))
752 addr = ppc_global_function_entry((void *)ftrace_regs_caller);
754 addr = ppc_global_function_entry((void *)ftrace_caller);
756 if (IS_ENABLED(CONFIG_PPC_KERNEL_PCREL)) {
757 for (i = 0; i < 2; i++) {
758 reladdr = addr - (unsigned long)tramp[i];
760 if (reladdr >= (long)SZ_8G || reladdr < -(long)SZ_8G) {
761 pr_err("Address of %ps out of range of pcrel address.\n",
766 memcpy(tramp[i], stub_insns, sizeof(stub_insns));
767 tramp[i][0] |= IMM_H18(reladdr);
768 tramp[i][1] |= IMM_L(reladdr);
769 add_ftrace_tramp((unsigned long)tramp[i]);
772 reladdr = addr - kernel_toc_addr();
774 if (reladdr >= (long)SZ_2G || reladdr < -(long)SZ_2G) {
775 pr_err("Address of %ps out of range of kernel_toc.\n",
780 for (i = 0; i < 2; i++) {
781 memcpy(tramp[i], stub_insns, sizeof(stub_insns));
782 tramp[i][1] |= PPC_HA(reladdr);
783 tramp[i][2] |= PPC_LO(reladdr);
784 add_ftrace_tramp((unsigned long)tramp[i]);
792 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
794 extern void ftrace_graph_call(void);
795 extern void ftrace_graph_stub(void);
797 static int ftrace_modify_ftrace_graph_caller(bool enable)
799 unsigned long ip = (unsigned long)(&ftrace_graph_call);
800 unsigned long addr = (unsigned long)(&ftrace_graph_caller);
801 unsigned long stub = (unsigned long)(&ftrace_graph_stub);
804 if (IS_ENABLED(CONFIG_DYNAMIC_FTRACE_WITH_ARGS))
807 old = ftrace_call_replace(ip, enable ? stub : addr, 0);
808 new = ftrace_call_replace(ip, enable ? addr : stub, 0);
810 return ftrace_modify_code(ip, old, new);
813 int ftrace_enable_ftrace_graph_caller(void)
815 return ftrace_modify_ftrace_graph_caller(true);
818 int ftrace_disable_ftrace_graph_caller(void)
820 return ftrace_modify_ftrace_graph_caller(false);
824 * Hook the return address and push it in the stack of return addrs
825 * in current thread info. Return the address we want to divert to.
828 __prepare_ftrace_return(unsigned long parent, unsigned long ip, unsigned long sp)
830 unsigned long return_hooker;
833 if (unlikely(ftrace_graph_is_dead()))
836 if (unlikely(atomic_read(¤t->tracing_graph_pause)))
839 bit = ftrace_test_recursion_trylock(ip, parent);
843 return_hooker = ppc_function_entry(return_to_handler);
845 if (!function_graph_enter(parent, ip, 0, (unsigned long *)sp))
846 parent = return_hooker;
848 ftrace_test_recursion_unlock(bit);
853 #ifdef CONFIG_DYNAMIC_FTRACE_WITH_ARGS
854 void ftrace_graph_func(unsigned long ip, unsigned long parent_ip,
855 struct ftrace_ops *op, struct ftrace_regs *fregs)
857 fregs->regs.link = __prepare_ftrace_return(parent_ip, ip, fregs->regs.gpr[1]);
860 unsigned long prepare_ftrace_return(unsigned long parent, unsigned long ip,
863 return __prepare_ftrace_return(parent, ip, sp);
866 #endif /* CONFIG_FUNCTION_GRAPH_TRACER */
868 #ifdef CONFIG_PPC64_ELF_ABI_V1
869 char *arch_ftrace_match_adjust(char *str, const char *search)
871 if (str[0] == '.' && search[0] != '.')
876 #endif /* CONFIG_PPC64_ELF_ABI_V1 */
projects / releases.git / blob