Loading...
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 | /* $Id: wuf.S,v 1.38 1999/08/14 03:51:36 anton Exp $ * wuf.S: Window underflow trap handler for the Sparc. * * Copyright (C) 1995 David S. Miller */ #include <asm/cprefix.h> #include <asm/contregs.h> #include <asm/page.h> #include <asm/ptrace.h> #include <asm/psr.h> #include <asm/smp.h> #include <asm/asi.h> #include <asm/winmacro.h> #include <asm/asmmacro.h> /* Just like the overflow handler we define macros for registers * with fixed meanings in this routine. */ #define t_psr l0 #define t_pc l1 #define t_npc l2 #define t_wim l3 /* Don't touch the above registers or else you die horribly... */ /* Now macros for the available scratch registers in this routine. */ #define twin_tmp1 l4 #define twin_tmp2 l5 #define curptr g6 .text .align 4 /* The trap entry point has executed the following: * * rd %psr, %l0 * rd %wim, %l3 * b fill_window_entry * andcc %l0, PSR_PS, %g0 */ /* Datum current->thread.uwinmask contains at all times a bitmask * where if any user windows are active, at least one bit will * be set in to mask. If no user windows are active, the bitmask * will be all zeroes. */ /* To get an idea of what has just happened to cause this * trap take a look at this diagram: * * 1 2 3 4 <-- Window number * ---------- * T O W I <-- Symbolic name * * O == the window that execution was in when * the restore was attempted * * T == the trap itself has save'd us into this * window * * W == this window is the one which is now invalid * and must be made valid plus loaded from the * stack * * I == this window will be the invalid one when we * are done and return from trap if successful */ /* BEGINNING OF PATCH INSTRUCTIONS */ /* On 7-window Sparc the boot code patches fnwin_patch1 * with the following instruction. */ .globl fnwin_patch1_7win, fnwin_patch2_7win fnwin_patch1_7win: srl %t_wim, 6, %twin_tmp2 fnwin_patch2_7win: and %twin_tmp1, 0x7f, %twin_tmp1 /* END OF PATCH INSTRUCTIONS */ .globl fill_window_entry, fnwin_patch1, fnwin_patch2 fill_window_entry: /* LOCATION: Window 'T' */ /* Compute what the new %wim is going to be if we retrieve * the proper window off of the stack. */ sll %t_wim, 1, %twin_tmp1 fnwin_patch1: srl %t_wim, 7, %twin_tmp2 or %twin_tmp1, %twin_tmp2, %twin_tmp1 fnwin_patch2: and %twin_tmp1, 0xff, %twin_tmp1 wr %twin_tmp1, 0x0, %wim /* Make window 'I' invalid */ andcc %t_psr, PSR_PS, %g0 be fwin_from_user restore %g0, %g0, %g0 /* Restore to window 'O' */ /* Trapped from kernel, we trust that the kernel does not * 'over restore' sorta speak and just grab the window * from the stack and return. Easy enough. */ fwin_from_kernel: /* LOCATION: Window 'O' */ restore %g0, %g0, %g0 /* LOCATION: Window 'W' */ LOAD_WINDOW(sp) /* Load it up */ /* Spin the wheel... */ save %g0, %g0, %g0 save %g0, %g0, %g0 /* I'd like to buy a vowel please... */ /* LOCATION: Window 'T' */ /* Now preserve the condition codes in %psr, pause, and * return from trap. This is the simplest case of all. */ wr %t_psr, 0x0, %psr WRITE_PAUSE jmp %t_pc rett %t_npc fwin_from_user: /* LOCATION: Window 'O' */ restore %g0, %g0, %g0 /* Restore to window 'W' */ /* LOCATION: Window 'W' */ /* Branch to the architecture specific stack validation * routine. They can be found below... */ .globl C_LABEL(fwin_mmu_patchme) C_LABEL(fwin_mmu_patchme): b C_LABEL(sun4c_fwin_stackchk) andcc %sp, 0x7, %g0 #define STACK_OFFSET (TASK_UNION_SIZE - TRACEREG_SZ - REGWIN_SZ) fwin_user_stack_is_bolixed: /* LOCATION: Window 'W' */ /* Place a pt_regs frame on the kernel stack, save back * to the trap window and call c-code to deal with this. */ LOAD_CURRENT(l4, l5) sethi %hi(STACK_OFFSET), %l5 or %l5, %lo(STACK_OFFSET), %l5 add %l4, %l5, %l5 /* Store globals into pt_regs frame. */ STORE_PT_GLOBALS(l5) STORE_PT_YREG(l5, g3) /* Save current in a global while we change windows. */ mov %l4, %curptr save %g0, %g0, %g0 /* LOCATION: Window 'O' */ rd %psr, %g3 /* Read %psr in live user window */ mov %fp, %g4 /* Save bogus frame pointer. */ save %g0, %g0, %g0 /* LOCATION: Window 'T' */ sethi %hi(STACK_OFFSET), %l5 or %l5, %lo(STACK_OFFSET), %l5 add %curptr, %l5, %sp /* Build rest of pt_regs. */ STORE_PT_INS(sp) STORE_PT_PRIV(sp, t_psr, t_pc, t_npc) /* re-set trap time %wim value */ wr %t_wim, 0x0, %wim /* Fix users window mask and buffer save count. */ mov 0x1, %g5 sll %g5, %g3, %g5 st %g5, [%curptr + AOFF_task_thread + AOFF_thread_uwinmask] ! one live user window still st %g0, [%curptr + AOFF_task_thread + AOFF_thread_w_saved] ! no windows in the buffer wr %t_psr, PSR_ET, %psr ! enable traps nop call C_LABEL(window_underflow_fault) mov %g4, %o0 b ret_trap_entry clr %l6 fwin_user_stack_is_ok: /* LOCATION: Window 'W' */ /* The users stack area is kosher and mapped, load the * window and fall through to the finish up routine. */ LOAD_WINDOW(sp) /* Round and round she goes... */ save %g0, %g0, %g0 /* Save to window 'O' */ save %g0, %g0, %g0 /* Save to window 'T' */ /* Where she'll trap nobody knows... */ /* LOCATION: Window 'T' */ fwin_user_finish_up: /* LOCATION: Window 'T' */ wr %t_psr, 0x0, %psr WRITE_PAUSE jmp %t_pc rett %t_npc /* Here come the architecture specific checks for stack. * mappings. Note that unlike the window overflow handler * we only need to check whether the user can read from * the appropriate addresses. Also note that we are in * an invalid window which will be loaded, and this means * that until we actually load the window up we are free * to use any of the local registers contained within. * * On success these routine branch to fwin_user_stack_is_ok * if the area at %sp is user readable and the window still * needs to be loaded, else fwin_user_finish_up if the * routine has done the loading itself. On failure (bogus * user stack) the routine shall branch to the label called * fwin_user_stack_is_bolixed. * * Contrary to the arch-specific window overflow stack * check routines in wof.S, these routines are free to use * any of the local registers they want to as this window * does not belong to anyone at this point, however the * outs and ins are still verboten as they are part of * 'someone elses' window possibly. */ .align 4 .globl C_LABEL(sun4c_fwin_stackchk) C_LABEL(sun4c_fwin_stackchk): /* LOCATION: Window 'W' */ /* Caller did 'andcc %sp, 0x7, %g0' */ be 1f and %sp, 0xfff, %l0 ! delay slot b,a fwin_user_stack_is_bolixed /* See if we have to check the sanity of one page or two */ 1: add %l0, 0x38, %l0 sra %sp, 29, %l5 add %l5, 0x1, %l5 andncc %l5, 0x1, %g0 be 1f andncc %l0, 0xff8, %g0 b,a fwin_user_stack_is_bolixed /* %sp is in vma hole, yuck */ 1: be sun4c_fwin_onepage /* Only one page to check */ lda [%sp] ASI_PTE, %l1 sun4c_fwin_twopages: add %sp, 0x38, %l0 sra %l0, 29, %l5 add %l5, 0x1, %l5 andncc %l5, 0x1, %g0 be 1f lda [%l0] ASI_PTE, %l1 b,a fwin_user_stack_is_bolixed /* Second page in vma hole */ 1: srl %l1, 29, %l1 andcc %l1, 0x4, %g0 bne sun4c_fwin_onepage lda [%sp] ASI_PTE, %l1 b,a fwin_user_stack_is_bolixed /* Second page has bad perms */ sun4c_fwin_onepage: srl %l1, 29, %l1 andcc %l1, 0x4, %g0 bne fwin_user_stack_is_ok nop /* A page had bad page permissions, losing... */ b,a fwin_user_stack_is_bolixed .globl C_LABEL(srmmu_fwin_stackchk) C_LABEL(srmmu_fwin_stackchk): /* LOCATION: Window 'W' */ /* Caller did 'andcc %sp, 0x7, %g0' */ bne fwin_user_stack_is_bolixed GET_PAGE_OFFSET(l5) /* Check if the users stack is in kernel vma, then our * trial and error technique below would succeed for * the 'wrong' reason. */ mov AC_M_SFSR, %l4 cmp %l5, %sp bleu fwin_user_stack_is_bolixed lda [%l4] ASI_M_MMUREGS, %g0 ! clear fault status /* The technique is, turn off faults on this processor, * just let the load rip, then check the sfsr to see if * a fault did occur. Then we turn on fault traps again * and branch conditionally based upon what happened. */ lda [%g0] ASI_M_MMUREGS, %l5 ! read mmu-ctrl reg or %l5, 0x2, %l5 ! turn on no-fault bit sta %l5, [%g0] ASI_M_MMUREGS ! store it /* Cross fingers and go for it. */ LOAD_WINDOW(sp) /* A penny 'saved'... */ save %g0, %g0, %g0 save %g0, %g0, %g0 /* Is a BADTRAP earned... */ /* LOCATION: Window 'T' */ lda [%g0] ASI_M_MMUREGS, %twin_tmp1 ! load mmu-ctrl again andn %twin_tmp1, 0x2, %twin_tmp1 ! clear no-fault bit sta %twin_tmp1, [%g0] ASI_M_MMUREGS ! store it mov AC_M_SFAR, %twin_tmp2 lda [%twin_tmp2] ASI_M_MMUREGS, %g0 ! read fault address mov AC_M_SFSR, %twin_tmp2 lda [%twin_tmp2] ASI_M_MMUREGS, %twin_tmp2 ! read fault status andcc %twin_tmp2, 0x2, %g0 ! did fault occur? bne 1f ! yep, cleanup nop wr %t_psr, 0x0, %psr nop b fwin_user_finish_up + 0x4 nop /* Did I ever tell you about my window lobotomy? * anyways... fwin_user_stack_is_bolixed expects * to be in window 'W' so make it happy or else * we watchdog badly. */ 1: restore %g0, %g0, %g0 b fwin_user_stack_is_bolixed ! oh well restore %g0, %g0, %g0 |