![[bottom]](../icons/bottom.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[first]](../icons/n_first.png){kind=icon}
![[last]](../icons/n_last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
1 /* $Id: wof.S,v 1.20 1996/02/20 07:45:18 davem Exp $ 2 * wof.S: Sparc window overflow handler. 3 * 4 * Copyright (C) 1995 David S. Miller (davem@caip.rutgers.edu) 5 */ 6 7 #include <asm/cprefix.h> 8 #include <asm/contregs.h> 9 #include <asm/page.h> 10 #include <asm/ptrace.h> 11 #include <asm/psr.h> 12 #include <asm/asi.h> 13 #include <asm/winmacro.h> 14 15 /* WARNING: This routine is hairy and _very_ complicated, but it 16 * must be as fast as possible as it handles the allocation 17 * of register windows to the user and kernel. If you touch 18 * this code be _very_ careful as many other pieces of the 19 * kernel depend upon how this code behaves. You have been 20 * duly warned... 21 */ 22 23 /* We define macro's for registers which have a fixed 24 * meaning throughout this entire routine. The 'T' in 25 * the comments mean that the register can only be 26 * accessed when in the 'trap' window, 'G' means 27 * accessible in any window. Do not change these registers 28 * after they have been set, until you are ready to return 29 * from the trap. 30 */ 31 #define t_psr l0 /* %psr at trap time T */ 32 #define t_pc l1 /* PC for trap return T */ 33 #define t_npc l2 /* NPC for trap return T */ 34 #define t_wim l3 /* %wim at trap time T */ 35 #define saved_g5 l5 /* Global save register T */ 36 #define saved_g6 l6 /* Global save register T */ 37 #define curptr g6 /* Gets set to 'current' then stays G */ 38 39 /* Now registers whose values can change within the handler. */ 40 #define twin_tmp l4 /* Temp reg, only usable in trap window T */ 41 #define glob_tmp g5 /* Global temporary reg, usable anywhere G */ 42 43 .text 44 .align 4 45 /* BEGINNING OF PATCH INSTRUCTIONS */ 46 /* On a 7-window Sparc the boot code patches spnwin_* 47 * instructions with the following ones. 48 */ 49 .globl spnwin_patch1_7win, spnwin_patch2_7win, spnwin_patch3_7win 50 spnwin_patch1_7win: sll %t_wim, 6, %glob_tmp 51 spnwin_patch2_7win: and %glob_tmp, 0x7f, %glob_tmp 52 spnwin_patch3_7win: and %twin_tmp, 0x7f, %twin_tmp 53 /* END OF PATCH INSTRUCTIONS */ 54 55 /* The trap entry point has done the following: 56 * 57 * rd %psr, %l0 58 * rd %wim, %l3 59 * b spill_window_entry 60 * andcc %l0, PSR_PS, %g0 61 */ 62 63 /* Datum current->tss.uwinmask contains at all times a bitmask 64 * where if any user windows are active, at least one bit will 65 * be set in to mask. If no user windows are active, the bitmask 66 * will be all zeroes. 67 */ 68 .globl spill_window_entry 69 .globl spnwin_patch1, spnwin_patch2, spnwin_patch3 70 spill_window_entry: 71 /* LOCATION: Trap Window */ 72 73 mov %g5, %saved_g5 ! save away global temp register 74 mov %g6, %saved_g6 ! save away 'current' ptr register 75 76 /* Compute what the new %wim will be if we save the 77 * window properly in this trap handler. 78 * 79 * newwim = ((%wim>>1) | (%wim<<(nwindows - 1))); 80 */ 81 srl %t_wim, 0x1, %twin_tmp 82 spnwin_patch1: sll %t_wim, 7, %glob_tmp 83 or %glob_tmp, %twin_tmp, %glob_tmp 84 spnwin_patch2: and %glob_tmp, 0xff, %glob_tmp 85 86 /* The trap entry point has set the condition codes 87 * up for us to see if this is from user or kernel. 88 * Get the load of 'curptr' out of the way. 89 */ 90 LOAD_CURRENT(curptr, twin_tmp) 91 92 andcc %t_psr, PSR_PS, %g0 93 be spwin_fromuser ! all user wins, branch 94 nop 95 96 /* See if any user windows are active in the set. */ 97 ld [%curptr + THREAD_UMASK], %twin_tmp ! grab win mask 98 orcc %g0, %twin_tmp, %g0 ! check for set bits 99 bne spwin_exist_uwins ! yep, there are some 100 nop 101 102 /* Save into the window which must be saved and do it. 103 * Basically if we are here, this means that we trapped 104 * from kernel mode with only kernel windows in the register 105 * file. 106 */ 107 save %g0, %g0, %g0 ! save into the window to stash away 108 wr %glob_tmp, 0x0, %wim ! set new %wim, this is safe now 109 WRITE_PAUSE ! burn cpu cycles due to bad engineering 110 111 spwin_no_userwins_from_kernel: 112 /* LOCATION: Window to be saved */ 113 114 STORE_WINDOW(sp) ! stash the window 115 restore %g0, %g0, %g0 ! go back into trap window 116 117 /* LOCATION: Trap window */ 118 mov %saved_g5, %g5 ! restore %glob_tmp 119 mov %saved_g6, %g6 ! restore %curptr 120 wr %t_psr, 0x0, %psr ! restore condition codes in %psr 121 WRITE_PAUSE ! waste some time 122 jmp %t_pc ! Return from trap 123 rett %t_npc ! we are done 124 125 spwin_exist_uwins: 126 /* LOCATION: Trap window */ 127 128 /* Wow, user windows have to be dealt with, this is dirty 129 * and messy as all hell. And difficult to follow if you 130 * are approaching the infamous register window trap handling 131 * problem for the first time. DONT LOOK! 132 * 133 * Note that how the execution path works out, the new %wim 134 * will be left for us in the global temporary register, 135 * %glob_tmp. We cannot set the new %wim first because we 136 * need to save into the appropriate window without inducing 137 * a trap (traps are off, we'd get a watchdog wheee)... 138 * But first, store the new user window mask calculated 139 * above. 140 */ 141 andn %twin_tmp, %glob_tmp, %twin_tmp ! compute new umask 142 st %twin_tmp, [%curptr + THREAD_UMASK] 143 144 spwin_fromuser: 145 /* LOCATION: Trap window */ 146 save %g0, %g0, %g0 ! Go to where the saving will occur 147 148 /* LOCATION: Window to be saved */ 149 wr %glob_tmp, 0x0, %wim ! Now it is safe to set new %wim 150 WRITE_PAUSE ! burn baby burn 151 152 /* LOCATION: Window to be saved */ 153 154 /* This instruction branches to a routine which will check 155 * to validity of the users stack pointer by whatever means 156 * are necessary. This means that this is architecture 157 * specific and thus this branch instruction will need to 158 * be patched at boot time once the machine type is known. 159 * This routine _shall not_ touch %curptr under any 160 * circumstances whatsoever! It will branch back to the 161 * label 'spwin_good_ustack' if the stack is ok but still 162 * needs to be dumped (SRMMU for instance will not need to 163 * do this) or 'spwin_finish_up' if the stack is ok and the 164 * registers have already been saved. If the stack is found 165 * to be bogus for some reason the routine shall branch to 166 * the label 'spwin_user_stack_is_bolixed' which will take 167 * care of things at that point. 168 */ 169 .globl C_LABEL(spwin_mmu_patchme) 170 C_LABEL(spwin_mmu_patchme): b C_LABEL(spwin_sun4c_stackchk) 171 andcc %sp, 0x7, %g0 172 173 spwin_good_ustack: 174 /* LOCATION: Window to be saved */ 175 176 /* The users stack is ok and we can safely save it at 177 * %sp. 178 */ 179 STORE_WINDOW(sp) 180 181 spwin_finish_up: 182 restore %g0, %g0, %g0 /* Back to trap window. */ 183 184 /* LOCATION: Trap window */ 185 186 /* We have spilled successfully, and we have properly stored 187 * the appropriate window onto the stack. 188 */ 189 190 /* Restore saved globals */ 191 mov %saved_g5, %g5 192 mov %saved_g6, %g6 193 wr %t_psr, 0x0, %psr 194 WRITE_PAUSE 195 jmp %t_pc 196 rett %t_npc 197 198 spwin_user_stack_is_bolixed: 199 /* LOCATION: Window to be saved */ 200 201 /* Wheee, user has trashed his/her stack. We have to decide 202 * how to proceed based upon whether we came from kernel mode 203 * or not. If we came from kernel mode, toss the window into 204 * a special buffer and proceed, the kernel _needs_ a window 205 * and we could be in an interrupt handler so timing is crucial. 206 * If we came from user land we build a full stack frame and call 207 * c-code to gun down the process. 208 */ 209 rd %psr, %glob_tmp 210 andcc %glob_tmp, PSR_PS, %g0 211 bne spwin_bad_ustack_from_kernel 212 nop 213 214 /* Oh well, throw this one window into the per-task window 215 * buffer, the first one. 216 */ 217 st %sp, [%curptr + THREAD_STACK_PTRS] 218 STORE_WINDOW(curptr + THREAD_REG_WINDOW) 219 restore %g0, %g0, %g0 220 221 /* LOCATION: Trap Window */ 222 223 /* Back in the trap window, update winbuffer save count. */ 224 mov 1, %glob_tmp 225 st %glob_tmp, [%curptr + THREAD_W_SAVED] 226 227 /* Compute new user window mask. What we are basically 228 * doing is taking two windows, the invalid one at trap 229 * time and the one we attempted to throw onto the users 230 * stack, and saying that everything else is an ok user 231 * window. umask = ((~(%t_wim | %wim)) & valid_wim_bits) 232 */ 233 rd %wim, %twin_tmp 234 or %twin_tmp, %t_wim, %twin_tmp 235 not %twin_tmp 236 spnwin_patch3: and %twin_tmp, 0xff, %twin_tmp ! patched on 7win Sparcs 237 st %twin_tmp, [%curptr + THREAD_UMASK] 238 239 /* Jump onto kernel stack for this process... */ 240 ld [%curptr + TASK_SAVED_KSTACK], %sp 241 242 /* Restore the saved globals and build a pt_regs frame. */ 243 mov %saved_g5, %g5 244 mov %saved_g6, %g6 245 STORE_PT_ALL(sp, t_psr, t_pc, t_npc, g1) 246 247 /* Turn on traps and call c-code to deal with it. */ 248 wr %t_psr, PSR_ET, %psr 249 WRITE_PAUSE 250 251 #if 0 252 mov 0, %o1 253 call C_LABEL(try_to_clear_window_buffer) 254 add %sp, REGWIN_SZ, %o0 255 #else 256 call C_LABEL(window_overflow_fault) 257 nop 258 #endif 259 260 /* Return from trap if C-code actually fixes things, if it 261 * doesn't then we never get this far as the process will 262 * be given the look of death from Commander Peanut. 263 */ 264 b ret_trap_entry 265 nop 266 267 spwin_bad_ustack_from_kernel: 268 /* LOCATION: Window to be saved */ 269 270 /* The kernel provoked a spill window trap, but the window we 271 * need to save is a user one and the process has trashed its 272 * stack pointer. We need to be quick, so we throw it into 273 * a per-process window buffer until we can properly handle 274 * this later on. 275 */ 276 SAVE_BOLIXED_USER_STACK(curptr, glob_tmp) 277 restore %g0, %g0, %g0 278 279 /* LOCATION: Trap window */ 280 281 /* Restore globals, condition codes in the %psr and 282 * return from trap. 283 */ 284 mov %saved_g5, %g5 285 mov %saved_g6, %g6 286 287 wr %t_psr, 0x0, %psr 288 WRITE_PAUSE 289 290 jmp %t_pc 291 rett %t_npc 292 293 /* Undefine the register macros which would only cause trouble 294 * if used below. This helps find 'stupid' coding errors that 295 * produce 'odd' behavior. The routines below are allowed to 296 * make usage of glob_tmp and t_psr so we leave them defined. 297 */ 298 #undef twin_tmp 299 #undef curptr 300 #undef t_pc 301 #undef t_npc 302 #undef t_wim 303 #undef saved_g5 304 #undef saved_g6 305 306 /* Now come the per-architecture window overflow stack checking routines. 307 * As noted above %curptr cannot be touched by this routine at all. 308 */ 309 310 .globl C_LABEL(spwin_sun4c_stackchk) 311 C_LABEL(spwin_sun4c_stackchk): 312 /* LOCATION: Window to be saved on the stack */ 313 314 /* See if the stack is in the address space hole but first, 315 * check results of callers andcc %sp, 0x7, %g0 316 */ 317 be 1f 318 sra %sp, 29, %glob_tmp 319 320 b spwin_user_stack_is_bolixed 321 nop 322 323 1: 324 add %glob_tmp, 0x1, %glob_tmp 325 andncc %glob_tmp, 0x1, %g0 326 be 1f 327 and %sp, 0xfff, %glob_tmp ! delay slot 328 329 b spwin_user_stack_is_bolixed 330 nop 331 332 /* See if our dump area will be on more than one 333 * page. 334 */ 335 1: 336 add %glob_tmp, 0x38, %glob_tmp 337 andncc %glob_tmp, 0xff8, %g0 338 be spwin_sun4c_onepage ! only one page to check 339 lda [%sp] ASI_PTE, %glob_tmp ! have to check first page anyways 340 341 spwin_sun4c_twopages: 342 /* Is first page ok permission wise? */ 343 srl %glob_tmp, 29, %glob_tmp 344 cmp %glob_tmp, 0x6 345 be 1f 346 add %sp, 0x38, %glob_tmp /* Is second page in vma hole? */ 347 348 b spwin_user_stack_is_bolixed 349 nop 350 351 1: 352 sra %glob_tmp, 29, %glob_tmp 353 add %glob_tmp, 0x1, %glob_tmp 354 andncc %glob_tmp, 0x1, %g0 355 be 1f 356 add %sp, 0x38, %glob_tmp 357 358 b spwin_user_stack_is_bolixed 359 nop 360 361 1: 362 lda [%glob_tmp] ASI_PTE, %glob_tmp 363 364 spwin_sun4c_onepage: 365 srl %glob_tmp, 29, %glob_tmp 366 cmp %glob_tmp, 0x6 ! can user write to it? 367 be spwin_good_ustack ! success 368 nop 369 370 b spwin_user_stack_is_bolixed 371 nop 372 373 /* This is a generic SRMMU routine. As far as I know this 374 * works for all current v8/srmmu implementations, we'll 375 * see... 376 */ 377 .globl C_LABEL(spwin_srmmu_stackchk) 378 C_LABEL(spwin_srmmu_stackchk): 379 /* LOCATION: Window to be saved on the stack */ 380 381 /* Because of SMP concerns and speed we play a trick. 382 * We disable fault traps in the MMU control register, 383 * Execute the stores, then check the fault registers 384 * to see what happens. I can hear Linus now 385 * "disgusting... broken hardware...". 386 * 387 * But first, check to see if the users stack has ended 388 * up in kernel vma, then we would succeed for the 'wrong' 389 * reason... ;( Note that the 'sethi' below assumes the 390 * kernel is page aligned, which should always be the case. 391 */ 392 /* Check results of callers andcc %sp, 0x7, %g0 */ 393 bne spwin_user_stack_is_bolixed 394 sethi %hi(KERNBASE), %glob_tmp 395 cmp %glob_tmp, %sp 396 bleu spwin_user_stack_is_bolixed 397 mov AC_M_SFSR, %glob_tmp 398 399 /* Clear the fault status and turn on the no_fault bit. */ 400 lda [%glob_tmp] ASI_M_MMUREGS, %g0 ! eat SFSR 401 402 lda [%g0] ASI_M_MMUREGS, %glob_tmp ! read MMU control 403 or %glob_tmp, 0x2, %glob_tmp ! or in no_fault bit 404 sta %glob_tmp, [%g0] ASI_M_MMUREGS ! set it 405 406 /* Dump the registers and cross fingers. */ 407 STORE_WINDOW(sp) 408 409 /* Clear the no_fault bit and check the status. */ 410 andn %glob_tmp, 0x2, %glob_tmp 411 sta %glob_tmp, [%g0] ASI_M_MMUREGS 412 413 mov AC_M_SFAR, %glob_tmp 414 lda [%glob_tmp] ASI_M_MMUREGS, %g0 415 416 mov AC_M_SFSR, %glob_tmp 417 lda [%glob_tmp] ASI_M_MMUREGS, %glob_tmp 418 andcc %glob_tmp, 0x2, %g0 ! did we fault? 419 be spwin_finish_up ! cool beans, success 420 nop 421 422 b spwin_user_stack_is_bolixed ! we faulted, ugh 423 nop
![[top]](../icons/top.png){kind=icon}
![[bottom]](../icons/n_bottom.png){kind=icon}
*/