1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | /* |
3 | * wuf.S: Window underflow trap handler for the Sparc. |
4 | * |
5 | * Copyright (C) 1995 David S. Miller |
6 | */ |
7 | |
8 | #include <asm/contregs.h> |
9 | #include <asm/page.h> |
10 | #include <asm/ptrace.h> |
11 | #include <asm/psr.h> |
12 | #include <asm/smp.h> |
13 | #include <asm/asi.h> |
14 | #include <asm/winmacro.h> |
15 | #include <asm/asmmacro.h> |
16 | #include <asm/thread_info.h> |
17 | |
18 | /* Just like the overflow handler we define macros for registers |
19 | * with fixed meanings in this routine. |
20 | */ |
21 | #define t_psr l0 |
22 | #define t_pc l1 |
23 | #define t_npc l2 |
24 | #define t_wim l3 |
25 | /* Don't touch the above registers or else you die horribly... */ |
26 | |
27 | /* Now macros for the available scratch registers in this routine. */ |
28 | #define twin_tmp1 l4 |
29 | #define twin_tmp2 l5 |
30 | |
31 | #define curptr g6 |
32 | |
33 | .text |
34 | .align 4 |
35 | |
36 | /* The trap entry point has executed the following: |
37 | * |
38 | * rd %psr, %l0 |
39 | * rd %wim, %l3 |
40 | * b fill_window_entry |
41 | * andcc %l0, PSR_PS, %g0 |
42 | */ |
43 | |
44 | /* Datum current_thread_info->uwinmask contains at all times a bitmask |
45 | * where if any user windows are active, at least one bit will |
46 | * be set in to mask. If no user windows are active, the bitmask |
47 | * will be all zeroes. |
48 | */ |
49 | |
50 | /* To get an idea of what has just happened to cause this |
51 | * trap take a look at this diagram: |
52 | * |
53 | * 1 2 3 4 <-- Window number |
54 | * ---------- |
55 | * T O W I <-- Symbolic name |
56 | * |
57 | * O == the window that execution was in when |
58 | * the restore was attempted |
59 | * |
60 | * T == the trap itself has save'd us into this |
61 | * window |
62 | * |
63 | * W == this window is the one which is now invalid |
64 | * and must be made valid plus loaded from the |
65 | * stack |
66 | * |
67 | * I == this window will be the invalid one when we |
68 | * are done and return from trap if successful |
69 | */ |
70 | |
71 | /* BEGINNING OF PATCH INSTRUCTIONS */ |
72 | |
73 | /* On 7-window Sparc the boot code patches fnwin_patch1 |
74 | * with the following instruction. |
75 | */ |
76 | .globl fnwin_patch1_7win, fnwin_patch2_7win |
77 | fnwin_patch1_7win: srl %t_wim, 6, %twin_tmp2 |
78 | fnwin_patch2_7win: and %twin_tmp1, 0x7f, %twin_tmp1 |
79 | /* END OF PATCH INSTRUCTIONS */ |
80 | |
81 | .globl fill_window_entry, fnwin_patch1, fnwin_patch2 |
82 | fill_window_entry: |
83 | /* LOCATION: Window 'T' */ |
84 | |
85 | /* Compute what the new %wim is going to be if we retrieve |
86 | * the proper window off of the stack. |
87 | */ |
88 | sll %t_wim, 1, %twin_tmp1 |
89 | fnwin_patch1: srl %t_wim, 7, %twin_tmp2 |
90 | or %twin_tmp1, %twin_tmp2, %twin_tmp1 |
91 | fnwin_patch2: and %twin_tmp1, 0xff, %twin_tmp1 |
92 | |
93 | wr %twin_tmp1, 0x0, %wim /* Make window 'I' invalid */ |
94 | |
95 | andcc %t_psr, PSR_PS, %g0 |
96 | be fwin_from_user |
97 | restore %g0, %g0, %g0 /* Restore to window 'O' */ |
98 | |
99 | /* Trapped from kernel, we trust that the kernel does not |
100 | * 'over restore' sorta speak and just grab the window |
101 | * from the stack and return. Easy enough. |
102 | */ |
103 | fwin_from_kernel: |
104 | /* LOCATION: Window 'O' */ |
105 | |
106 | restore %g0, %g0, %g0 |
107 | |
108 | /* LOCATION: Window 'W' */ |
109 | |
110 | LOAD_WINDOW(sp) /* Load it up */ |
111 | |
112 | /* Spin the wheel... */ |
113 | save %g0, %g0, %g0 |
114 | save %g0, %g0, %g0 |
115 | /* I'd like to buy a vowel please... */ |
116 | |
117 | /* LOCATION: Window 'T' */ |
118 | |
119 | /* Now preserve the condition codes in %psr, pause, and |
120 | * return from trap. This is the simplest case of all. |
121 | */ |
122 | wr %t_psr, 0x0, %psr |
123 | WRITE_PAUSE |
124 | |
125 | jmp %t_pc |
126 | rett %t_npc |
127 | |
128 | fwin_from_user: |
129 | /* LOCATION: Window 'O' */ |
130 | |
131 | restore %g0, %g0, %g0 /* Restore to window 'W' */ |
132 | |
133 | /* LOCATION: Window 'W' */ |
134 | |
135 | /* Branch to the stack validation routine */ |
136 | b srmmu_fwin_stackchk |
137 | andcc %sp, 0x7, %g0 |
138 | |
139 | #define STACK_OFFSET (THREAD_SIZE - TRACEREG_SZ - STACKFRAME_SZ) |
140 | |
141 | fwin_user_stack_is_bolixed: |
142 | /* LOCATION: Window 'W' */ |
143 | |
144 | /* Place a pt_regs frame on the kernel stack, save back |
145 | * to the trap window and call c-code to deal with this. |
146 | */ |
147 | LOAD_CURRENT(l4, l5) |
148 | |
149 | sethi %hi(STACK_OFFSET), %l5 |
150 | or %l5, %lo(STACK_OFFSET), %l5 |
151 | add %l4, %l5, %l5 |
152 | |
153 | /* Store globals into pt_regs frame. */ |
154 | STORE_PT_GLOBALS(l5) |
155 | STORE_PT_YREG(l5, g3) |
156 | |
157 | /* Save current in a global while we change windows. */ |
158 | mov %l4, %curptr |
159 | |
160 | save %g0, %g0, %g0 |
161 | |
162 | /* LOCATION: Window 'O' */ |
163 | |
164 | rd %psr, %g3 /* Read %psr in live user window */ |
165 | mov %fp, %g4 /* Save bogus frame pointer. */ |
166 | |
167 | save %g0, %g0, %g0 |
168 | |
169 | /* LOCATION: Window 'T' */ |
170 | |
171 | sethi %hi(STACK_OFFSET), %l5 |
172 | or %l5, %lo(STACK_OFFSET), %l5 |
173 | add %curptr, %l5, %sp |
174 | |
175 | /* Build rest of pt_regs. */ |
176 | STORE_PT_INS(sp) |
177 | STORE_PT_PRIV(sp, t_psr, t_pc, t_npc) |
178 | |
179 | /* re-set trap time %wim value */ |
180 | wr %t_wim, 0x0, %wim |
181 | |
182 | /* Fix users window mask and buffer save count. */ |
183 | mov 0x1, %g5 |
184 | sll %g5, %g3, %g5 |
185 | st %g5, [%curptr + TI_UWINMASK] ! one live user window still |
186 | st %g0, [%curptr + TI_W_SAVED] ! no windows in the buffer |
187 | |
188 | wr %t_psr, PSR_ET, %psr ! enable traps |
189 | nop |
190 | call window_underflow_fault |
191 | mov %g4, %o0 |
192 | |
193 | b ret_trap_entry |
194 | clr %l6 |
195 | |
196 | fwin_user_stack_is_ok: |
197 | /* LOCATION: Window 'W' */ |
198 | |
199 | /* The users stack area is kosher and mapped, load the |
200 | * window and fall through to the finish up routine. |
201 | */ |
202 | LOAD_WINDOW(sp) |
203 | |
204 | /* Round and round she goes... */ |
205 | save %g0, %g0, %g0 /* Save to window 'O' */ |
206 | save %g0, %g0, %g0 /* Save to window 'T' */ |
207 | /* Where she'll trap nobody knows... */ |
208 | |
209 | /* LOCATION: Window 'T' */ |
210 | |
211 | fwin_user_finish_up: |
212 | /* LOCATION: Window 'T' */ |
213 | |
214 | wr %t_psr, 0x0, %psr |
215 | WRITE_PAUSE |
216 | |
217 | jmp %t_pc |
218 | rett %t_npc |
219 | |
220 | /* Here come the architecture specific checks for stack. |
221 | * mappings. Note that unlike the window overflow handler |
222 | * we only need to check whether the user can read from |
223 | * the appropriate addresses. Also note that we are in |
224 | * an invalid window which will be loaded, and this means |
225 | * that until we actually load the window up we are free |
226 | * to use any of the local registers contained within. |
227 | * |
228 | * On success these routine branch to fwin_user_stack_is_ok |
229 | * if the area at %sp is user readable and the window still |
230 | * needs to be loaded, else fwin_user_finish_up if the |
231 | * routine has done the loading itself. On failure (bogus |
232 | * user stack) the routine shall branch to the label called |
233 | * fwin_user_stack_is_bolixed. |
234 | * |
235 | * Contrary to the arch-specific window overflow stack |
236 | * check routines in wof.S, these routines are free to use |
237 | * any of the local registers they want to as this window |
238 | * does not belong to anyone at this point, however the |
239 | * outs and ins are still verboten as they are part of |
240 | * 'someone elses' window possibly. |
241 | */ |
242 | |
243 | .globl srmmu_fwin_stackchk |
244 | srmmu_fwin_stackchk: |
245 | /* LOCATION: Window 'W' */ |
246 | |
247 | /* Caller did 'andcc %sp, 0x7, %g0' */ |
248 | bne fwin_user_stack_is_bolixed |
249 | sethi %hi(PAGE_OFFSET), %l5 |
250 | |
251 | /* Check if the users stack is in kernel vma, then our |
252 | * trial and error technique below would succeed for |
253 | * the 'wrong' reason. |
254 | */ |
255 | mov AC_M_SFSR, %l4 |
256 | cmp %l5, %sp |
257 | bleu fwin_user_stack_is_bolixed |
258 | LEON_PI( lda [%l4] ASI_LEON_MMUREGS, %g0) ! clear fault status |
259 | SUN_PI_( lda [%l4] ASI_M_MMUREGS, %g0) ! clear fault status |
260 | |
261 | /* The technique is, turn off faults on this processor, |
262 | * just let the load rip, then check the sfsr to see if |
263 | * a fault did occur. Then we turn on fault traps again |
264 | * and branch conditionally based upon what happened. |
265 | */ |
266 | LEON_PI(lda [%g0] ASI_LEON_MMUREGS, %l5) ! read mmu-ctrl reg |
267 | SUN_PI_(lda [%g0] ASI_M_MMUREGS, %l5) ! read mmu-ctrl reg |
268 | or %l5, 0x2, %l5 ! turn on no-fault bit |
269 | LEON_PI(sta %l5, [%g0] ASI_LEON_MMUREGS) ! store it |
270 | SUN_PI_(sta %l5, [%g0] ASI_M_MMUREGS) ! store it |
271 | |
272 | /* Cross fingers and go for it. */ |
273 | LOAD_WINDOW(sp) |
274 | |
275 | /* A penny 'saved'... */ |
276 | save %g0, %g0, %g0 |
277 | save %g0, %g0, %g0 |
278 | /* Is a BADTRAP earned... */ |
279 | |
280 | /* LOCATION: Window 'T' */ |
281 | |
282 | LEON_PI(lda [%g0] ASI_LEON_MMUREGS, %twin_tmp1) ! load mmu-ctrl again |
283 | SUN_PI_(lda [%g0] ASI_M_MMUREGS, %twin_tmp1) ! load mmu-ctrl again |
284 | andn %twin_tmp1, 0x2, %twin_tmp1 ! clear no-fault bit |
285 | LEON_PI(sta %twin_tmp1, [%g0] ASI_LEON_MMUREGS) ! store it |
286 | SUN_PI_(sta %twin_tmp1, [%g0] ASI_M_MMUREGS) ! store it |
287 | |
288 | mov AC_M_SFAR, %twin_tmp2 |
289 | LEON_PI(lda [%twin_tmp2] ASI_LEON_MMUREGS, %g0) ! read fault address |
290 | SUN_PI_(lda [%twin_tmp2] ASI_M_MMUREGS, %g0) ! read fault address |
291 | |
292 | mov AC_M_SFSR, %twin_tmp2 |
293 | LEON_PI(lda [%twin_tmp2] ASI_LEON_MMUREGS, %twin_tmp2) ! read fault status |
294 | SUN_PI_(lda [%twin_tmp2] ASI_M_MMUREGS, %twin_tmp2) ! read fault status |
295 | andcc %twin_tmp2, 0x2, %g0 ! did fault occur? |
296 | |
297 | bne 1f ! yep, cleanup |
298 | nop |
299 | |
300 | wr %t_psr, 0x0, %psr |
301 | nop |
302 | b fwin_user_finish_up + 0x4 |
303 | nop |
304 | |
305 | /* Did I ever tell you about my window lobotomy? |
306 | * anyways... fwin_user_stack_is_bolixed expects |
307 | * to be in window 'W' so make it happy or else |
308 | * we watchdog badly. |
309 | */ |
310 | 1: |
311 | restore %g0, %g0, %g0 |
312 | b fwin_user_stack_is_bolixed ! oh well |
313 | restore %g0, %g0, %g0 |
314 | |