![[bottom]](../icons/bottom.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[first]](../icons/n_first.png){kind=icon}
![[last]](../icons/n_last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
1 /* $Id: wuf.S,v 1.13 1995/11/25 00:58:51 davem Exp $ 2 * wuf.S: Window underflow trap handler for the Sparc. 3 * 4 * Copyright (C) 1995 David S. Miller 5 */ 6 7 #include <asm/cprefix.h> 8 #include <asm/contregs.h> 9 #include <asm/page.h> 10 #include <asm/ptrace.h> 11 #include <asm/psr.h> 12 #include <asm/asi.h> 13 #include <asm/winmacro.h> 14 15 /* Just like the overflow handler we define macros for registers 16 * with fixed meanings in this routine. 17 */ 18 #define t_psr l0 19 #define t_pc l1 20 #define t_npc l2 21 #define t_wim l3 22 /* Don`t touch the above registers or else you die horribly... */ 23 24 /* Now macros for the available scratch registers in this routine. */ 25 #define twin_tmp1 l4 26 #define twin_tmp2 l5 27 28 .text 29 .align 4 30 31 /* The trap entry point has executed the following: 32 * 33 * rd %psr, %l0 34 * rd %wim, %l3 35 * b fill_window_entry 36 * andcc %l0, PSR_PS, %g0 37 */ 38 39 /* Datum current->tss.uwinmask contains at all times a bitmask 40 * where if any user windows are active, at least one bit will 41 * be set in to mask. If no user windows are active, the bitmask 42 * will be all zeroes. 43 */ 44 45 /* To get an idea of what has just happened to cause this 46 * trap take a look at this diagram: 47 * 48 * 1 2 3 4 <-- Window number 49 * ---------- 50 * T O W I <-- Symbolic name 51 * 52 * O == the window that execution was in when 53 * the restore was attempted 54 * 55 * T == the trap itself has save'd us into this 56 * window 57 * 58 * W == this window is the one which is now invalid 59 * and must be made valid plus loaded from the 60 * stack 61 * 62 * I == this window will be the invalid one when we 63 * are done and return from trap if successful 64 */ 65 66 /* BEGINNING OF PATCH INSTRUCTIONS */ 67 68 /* On 7-window Sparc the boot code patches fnwin_patch1 69 * with the following instruction. 70 */ 71 .globl fnwin_patch1_7win, fnwin_patch2_7win 72 fnwin_patch1_7win: srl %t_wim, 6, %twin_tmp2 73 fnwin_patch2_7win: and %twin_tmp1, 0x7f, %twin_tmp1 74 /* END OF PATCH INSTRUCTIONS */ 75 76 .globl fill_window_entry, fnwin_patch1, fnwin_patch2 77 fill_window_entry: 78 /* LOCATION: Window 'T' */ 79 80 /* Compute what the new %wim is going to be if we retrieve 81 * the proper window off of the stack. 82 */ 83 sll %t_wim, 1, %twin_tmp1 84 fnwin_patch1: srl %t_wim, 7, %twin_tmp2 85 or %twin_tmp1, %twin_tmp2, %twin_tmp1 86 fnwin_patch2: and %twin_tmp1, 0xff, %twin_tmp1 87 88 wr %twin_tmp1, 0x0, %wim /* Make window 'I' invalid */ 89 WRITE_PAUSE 90 91 andcc %t_psr, PSR_PS, %g0 92 be fwin_from_user 93 restore %g0, %g0, %g0 /* Restore to window 'O' */ 94 95 /* Trapped from kernel, we trust that the kernel does not 96 * 'over restore' sorta speak and just grab the window 97 * from the stack and return. Easy enough. 98 */ 99 fwin_from_kernel: 100 /* LOCATION: Window 'O' */ 101 102 restore %g0, %g0, %g0 103 104 /* LOCATION: Window 'W' */ 105 106 LOAD_WINDOW(sp) /* Load it up */ 107 108 /* Spin the wheel... */ 109 save %g0, %g0, %g0 110 save %g0, %g0, %g0 111 /* I'd like to buy a vowel please... */ 112 113 /* LOCATION: Window 'T' */ 114 115 /* Now preserve the condition codes in %psr, pause, and 116 * return from trap. This is the simplest case of all. 117 */ 118 wr %t_psr, 0x0, %psr 119 WRITE_PAUSE 120 121 jmp %t_pc 122 rett %t_npc 123 124 fwin_from_user: 125 /* LOCATION: Window 'O' */ 126 127 restore %g0, %g0, %g0 /* Restore to window 'W' */ 128 129 /* LOCATION: Window 'W' */ 130 131 /* Branch to the architecture specific stack validation 132 * routine. They can be found below... 133 */ 134 .globl C_LABEL(fwin_mmu_patchme) 135 C_LABEL(fwin_mmu_patchme): b C_LABEL(sun4c_fwin_stackchk) 136 andcc %sp, 0x7, %g0 137 138 fwin_user_stack_is_bolixed: 139 /* LOCATION: Window 'W' */ 140 141 /* Place a pt_regs frame on the kernel stack, save back 142 * to the trap window and call c-code to deal with this. 143 */ 144 LOAD_CURRENT(l4) 145 ld [%l4 + TASK_KSTACK_PG], %l5 146 add %l5, (PAGE_SIZE - TRACEREG_SZ - STACKFRAME_SZ), %l5 147 148 /* Store globals into pt_regs frame. */ 149 STORE_PT_GLOBALS(l5) 150 STORE_PT_YREG(l5, g3) 151 152 /* Save kernel %sp in global while we change windows */ 153 mov %l5, %g2 154 155 save %g0, %g0, %g0 156 157 /* LOCATION: Window 'O' */ 158 159 rd %psr, %g3 /* Read %psr in live user window */ 160 161 save %g0, %g0, %g0 162 163 /* LOCATION: Window 'T' */ 164 165 mov %g2, %sp /* Jump onto kernel %sp being held */ 166 167 /* Build rest of pt_regs. */ 168 STORE_PT_INS(sp) 169 STORE_PT_PRIV(sp, t_psr, t_pc, t_npc, t_wim) 170 171 /* re-set trap time %wim value */ 172 wr %t_wim, 0x0, %wim 173 174 /* Fix users window mask and buffer save count. */ 175 mov 0x1, %g5 176 sll %g5, %g3, %g5 177 LOAD_CURRENT(twin_tmp1) 178 st %g5, [%twin_tmp1 + THREAD_UMASK] ! one live user window still 179 st %g0, [%twin_tmp1 + THREAD_W_SAVED] ! no windows in the buffer 180 181 wr %t_psr, 0x0, %psr 182 wr %t_psr, PSR_ET, %psr ! enable traps 183 WRITE_PAUSE 184 185 mov 2, %o1 186 call C_LABEL(do_sparc_winfault) ! call c-code 187 add %sp, STACKFRAME_SZ, %o0 ! pt_regs ptr is arg0 188 189 /* Return from trap if C-code actually fixes things, if it 190 * doesn't then we never get this far as the process will 191 * be given the look of death from Commander Peanut. 192 */ 193 b ret_trap_entry 194 nop 195 196 fwin_user_stack_is_ok: 197 /* LOCATION: Window 'W' */ 198 199 /* The users stack area is kosher and mapped, load the 200 * window and fall through to the finish up routine. 201 */ 202 LOAD_WINDOW(sp) 203 204 /* Round and round she goes... */ 205 save %g0, %g0, %g0 /* Save to window 'O' */ 206 save %g0, %g0, %g0 /* Save to window 'T' */ 207 /* Where she'll trap nobody knows... */ 208 209 /* LOCATION: Window 'T' */ 210 211 fwin_user_finish_up: 212 /* LOCATION: Window 'T' */ 213 214 wr %t_psr, 0x0, %psr 215 WRITE_PAUSE 216 217 jmp %t_pc 218 rett %t_npc 219 220 /* Here come the architecture specific checks for stack. 221 * mappings. Note that unlike the window overflow handler 222 * we only need to check whether the user can read from 223 * the appropriate addresses. Also note that we are in 224 * an invalid window which will be loaded, and this means 225 * that until we actually load the window up we are free 226 * to use any of the local registers contained within. 227 * 228 * On success these routine branch to fwin_user_stack_is_ok 229 * if the area at %sp is user readable and the window still 230 * needs to be loaded, else fwin_user_finish_up if the 231 * routine has done the loading itself. On failure (bogus 232 * user stack) the routine shall branch to the label called 233 * fwin_user_stack_is_bolixed. 234 * 235 * Contrary to the arch-specific window overflow stack 236 * check routines in wof.S, these routines are free to use 237 * any of the local registers they want to as this window 238 * does not belong to anyone at this point, however the 239 * outs and ins are still verbotten as they are part of 240 * 'someone elses' window possibly. 241 */ 242 243 .align 4 244 .globl C_LABEL(sun4c_fwin_stackchk) 245 C_LABEL(sun4c_fwin_stackchk): 246 /* LOCATION: Window 'W' */ 247 248 /* Caller did 'andcc %sp, 0x7, %g0' */ 249 be 1f 250 and %sp, 0xfff, %l0 ! delay slot 251 252 b fwin_user_stack_is_bolixed 253 nop 254 255 /* See if we have to check the sanity of one page or two */ 256 1: 257 add %l0, 0x38, %l0 258 sra %sp, 29, %l5 259 add %l5, 0x1, %l5 260 andncc %l5, 0x1, %g0 261 be 1f 262 andncc %l0, 0xff8, %g0 263 264 b fwin_user_stack_is_bolixed /* %sp is in vma hole, yuck */ 265 nop 266 267 1: 268 be sun4c_fwin_onepage /* Only one page to check */ 269 lda [%sp] ASI_PTE, %l1 270 sun4c_fwin_twopages: 271 add %sp, 0x38, %l0 272 sra %l0, 29, %l5 273 add %l5, 0x1, %l5 274 andncc %l5, 0x1, %g0 275 be 1f 276 lda [%l0] ASI_PTE, %l1 277 278 b fwin_user_stack_is_bolixed /* Second page in vma hole */ 279 nop 280 281 1: 282 srl %l1, 29, %l1 283 andcc %l1, 0x4, %g0 284 bne sun4c_fwin_onepage 285 lda [%sp] ASI_PTE, %l1 286 287 b fwin_user_stack_is_bolixed /* Second page has bad perms */ 288 nop 289 290 sun4c_fwin_onepage: 291 srl %l1, 29, %l1 292 andcc %l1, 0x4, %g0 293 bne fwin_user_stack_is_ok 294 nop 295 296 /* A page had bad page permissions, losing... */ 297 b fwin_user_stack_is_bolixed 298 nop 299 300 .globl C_LABEL(srmmu_fwin_stackchk) 301 C_LABEL(srmmu_fwin_stackchk): 302 /* LOCATION: Window 'W' */ 303 304 /* Caller did 'andcc %sp, 0x7, %g0' */ 305 bne fwin_user_stack_is_bolixed 306 nop 307 308 /* Check if the users stack is in kernel vma, then our 309 * trial and error technique below would succeed for 310 * the 'wrong' reason. 311 */ 312 sethi %hi(KERNBASE), %l5 ! delay slot for above 313 mov AC_M_SFSR, %l4 314 cmp %l5, %sp 315 bleu fwin_user_stack_is_bolixed 316 lda [%l4] ASI_M_MMUREGS, %g0 ! clear fault status 317 318 /* The technique is, turn off faults on this processor, 319 * just let the load rip, then check the sfsr to see if 320 * a fault did occur. Then we turn on fault traps again 321 * and branch conditionally based upon what happened. 322 */ 323 lda [%g0] ASI_M_MMUREGS, %l5 ! read mmu-ctrl reg 324 or %l5, 0x2, %l5 ! turn on no-fault bit 325 sta %l5, [%g0] ASI_M_MMUREGS ! store it 326 327 /* Cross fingers and go for it. */ 328 LOAD_WINDOW(sp) 329 330 /* A penny 'saved'... */ 331 save %g0, %g0, %g0 332 save %g0, %g0, %g0 333 /* Is a BADTRAP earned... */ 334 335 /* LOCATION: Window 'T' */ 336 337 lda [%g0] ASI_M_MMUREGS, %twin_tmp1 ! load mmu-ctrl again 338 andn %twin_tmp1, 0x2, %twin_tmp1 ! clear no-fault bit 339 sta %twin_tmp1, [%g0] ASI_M_MMUREGS ! store it 340 341 mov AC_M_SFAR, %twin_tmp2 342 lda [%twin_tmp2] ASI_M_MMUREGS, %g0 ! read fault address 343 344 mov AC_M_SFSR, %twin_tmp2 345 lda [%twin_tmp2] ASI_M_MMUREGS, %twin_tmp2 ! read fault status 346 andcc %twin_tmp2, 0x2, %g0 ! did fault occur? 347 be fwin_user_finish_up 348 nop 349 350 b fwin_user_stack_is_bolixed ! oh well 351 nop
![[top]](../icons/top.png){kind=icon}
![[bottom]](../icons/n_bottom.png){kind=icon}
*/