1 /* 2 * OpenRISC fault.c 3 * 4 * Linux architectural port borrowing liberally from similar works of 5 * others. All original copyrights apply as per the original source 6 * declaration. 7 * 8 * Modifications for the OpenRISC architecture: 9 * Copyright (C) 2003 Matjaz Breskvar <phoenix@bsemi.com> 10 * Copyright (C) 2010-2011 Jonas Bonn <jonas@southpole.se> 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License 14 * as published by the Free Software Foundation; either version 15 * 2 of the License, or (at your option) any later version. 16 */ 17 18 #include <linux/mm.h> 19 #include <linux/interrupt.h> 20 #include <linux/extable.h> 21 #include <linux/sched/signal.h> 22 23 #include <linux/uaccess.h> 24 #include <asm/siginfo.h> 25 #include <asm/signal.h> 26 27 #define NUM_TLB_ENTRIES 64 28 #define TLB_OFFSET(add) (((add) >> PAGE_SHIFT) & (NUM_TLB_ENTRIES-1)) 29 30 unsigned long pte_misses; /* updated by do_page_fault() */ 31 unsigned long pte_errors; /* updated by do_page_fault() */ 32 33 /* __PHX__ :: - check the vmalloc_fault in do_page_fault() 34 * - also look into include/asm-or32/mmu_context.h 35 */ 36 volatile pgd_t *current_pgd[NR_CPUS]; 37 38 extern void die(char *, struct pt_regs *, long); 39 40 /* 41 * This routine handles page faults. It determines the address, 42 * and the problem, and then passes it off to one of the appropriate 43 * routines. 44 * 45 * If this routine detects a bad access, it returns 1, otherwise it 46 * returns 0. 47 */ 48 49 asmlinkage void do_page_fault(struct pt_regs *regs, unsigned long address, 50 unsigned long vector, int write_acc) 51 { 52 struct task_struct *tsk; 53 struct mm_struct *mm; 54 struct vm_area_struct *vma; 55 siginfo_t info; 56 int fault; 57 unsigned int flags = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_KILLABLE; 58 59 clear_siginfo(&info); 60 tsk = current; 61 62 /* 63 * We fault-in kernel-space virtual memory on-demand. The 64 * 'reference' page table is init_mm.pgd. 65 * 66 * NOTE! We MUST NOT take any locks for this case. We may 67 * be in an interrupt or a critical region, and should 68 * only copy the information from the master page table, 69 * nothing more. 70 * 71 * NOTE2: This is done so that, when updating the vmalloc 72 * mappings we don't have to walk all processes pgdirs and 73 * add the high mappings all at once. Instead we do it as they 74 * are used. However vmalloc'ed page entries have the PAGE_GLOBAL 75 * bit set so sometimes the TLB can use a lingering entry. 76 * 77 * This verifies that the fault happens in kernel space 78 * and that the fault was not a protection error. 79 */ 80 81 if (address >= VMALLOC_START && 82 (vector != 0x300 && vector != 0x400) && 83 !user_mode(regs)) 84 goto vmalloc_fault; 85 86 /* If exceptions were enabled, we can reenable them here */ 87 if (user_mode(regs)) { 88 /* Exception was in userspace: reenable interrupts */ 89 local_irq_enable(); 90 flags |= FAULT_FLAG_USER; 91 } else { 92 /* If exception was in a syscall, then IRQ's may have 93 * been enabled or disabled. If they were enabled, 94 * reenable them. 95 */ 96 if (regs->sr && (SPR_SR_IEE | SPR_SR_TEE)) 97 local_irq_enable(); 98 } 99 100 mm = tsk->mm; 101 info.si_code = SEGV_MAPERR; 102 103 /* 104 * If we're in an interrupt or have no user 105 * context, we must not take the fault.. 106 */ 107 108 if (in_interrupt() || !mm) 109 goto no_context; 110 111 retry: 112 down_read(&mm->mmap_sem); 113 vma = find_vma(mm, address); 114 115 if (!vma) 116 goto bad_area; 117 118 if (vma->vm_start <= address) 119 goto good_area; 120 121 if (!(vma->vm_flags & VM_GROWSDOWN)) 122 goto bad_area; 123 124 if (user_mode(regs)) { 125 /* 126 * accessing the stack below usp is always a bug. 127 * we get page-aligned addresses so we can only check 128 * if we're within a page from usp, but that might be 129 * enough to catch brutal errors at least. 130 */ 131 if (address + PAGE_SIZE < regs->sp) 132 goto bad_area; 133 } 134 if (expand_stack(vma, address)) 135 goto bad_area; 136 137 /* 138 * Ok, we have a good vm_area for this memory access, so 139 * we can handle it.. 140 */ 141 142 good_area: 143 info.si_code = SEGV_ACCERR; 144 145 /* first do some preliminary protection checks */ 146 147 if (write_acc) { 148 if (!(vma->vm_flags & VM_WRITE)) 149 goto bad_area; 150 flags |= FAULT_FLAG_WRITE; 151 } else { 152 /* not present */ 153 if (!(vma->vm_flags & (VM_READ | VM_EXEC))) 154 goto bad_area; 155 } 156 157 /* are we trying to execute nonexecutable area */ 158 if ((vector == 0x400) && !(vma->vm_page_prot.pgprot & _PAGE_EXEC)) 159 goto bad_area; 160 161 /* 162 * If for any reason at all we couldn't handle the fault, 163 * make sure we exit gracefully rather than endlessly redo 164 * the fault. 165 */ 166 167 fault = handle_mm_fault(vma, address, flags); 168 169 if ((fault & VM_FAULT_RETRY) && fatal_signal_pending(current)) 170 return; 171 172 if (unlikely(fault & VM_FAULT_ERROR)) { 173 if (fault & VM_FAULT_OOM) 174 goto out_of_memory; 175 else if (fault & VM_FAULT_SIGSEGV) 176 goto bad_area; 177 else if (fault & VM_FAULT_SIGBUS) 178 goto do_sigbus; 179 BUG(); 180 } 181 182 if (flags & FAULT_FLAG_ALLOW_RETRY) { 183 /*RGD modeled on Cris */ 184 if (fault & VM_FAULT_MAJOR) 185 tsk->maj_flt++; 186 else 187 tsk->min_flt++; 188 if (fault & VM_FAULT_RETRY) { 189 flags &= ~FAULT_FLAG_ALLOW_RETRY; 190 flags |= FAULT_FLAG_TRIED; 191 192 /* No need to up_read(&mm->mmap_sem) as we would 193 * have already released it in __lock_page_or_retry 194 * in mm/filemap.c. 195 */ 196 197 goto retry; 198 } 199 } 200 201 up_read(&mm->mmap_sem); 202 return; 203 204 /* 205 * Something tried to access memory that isn't in our memory map.. 206 * Fix it, but check if it's kernel or user first.. 207 */ 208 209 bad_area: 210 up_read(&mm->mmap_sem); 211 212 bad_area_nosemaphore: 213 214 /* User mode accesses just cause a SIGSEGV */ 215 216 if (user_mode(regs)) { 217 info.si_signo = SIGSEGV; 218 info.si_errno = 0; 219 /* info.si_code has been set above */ 220 info.si_addr = (void *)address; 221 force_sig_info(SIGSEGV, &info, tsk); 222 return; 223 } 224 225 no_context: 226 227 /* Are we prepared to handle this kernel fault? 228 * 229 * (The kernel has valid exception-points in the source 230 * when it acesses user-memory. When it fails in one 231 * of those points, we find it in a table and do a jump 232 * to some fixup code that loads an appropriate error 233 * code) 234 */ 235 236 { 237 const struct exception_table_entry *entry; 238 239 __asm__ __volatile__("l.nop 42"); 240 241 if ((entry = search_exception_tables(regs->pc)) != NULL) { 242 /* Adjust the instruction pointer in the stackframe */ 243 regs->pc = entry->fixup; 244 return; 245 } 246 } 247 248 /* 249 * Oops. The kernel tried to access some bad page. We'll have to 250 * terminate things with extreme prejudice. 251 */ 252 253 if ((unsigned long)(address) < PAGE_SIZE) 254 printk(KERN_ALERT 255 "Unable to handle kernel NULL pointer dereference"); 256 else 257 printk(KERN_ALERT "Unable to handle kernel access"); 258 printk(" at virtual address 0x%08lx\n", address); 259 260 die("Oops", regs, write_acc); 261 262 do_exit(SIGKILL); 263 264 /* 265 * We ran out of memory, or some other thing happened to us that made 266 * us unable to handle the page fault gracefully. 267 */ 268 269 out_of_memory: 270 __asm__ __volatile__("l.nop 42"); 271 __asm__ __volatile__("l.nop 1"); 272 273 up_read(&mm->mmap_sem); 274 if (!user_mode(regs)) 275 goto no_context; 276 pagefault_out_of_memory(); 277 return; 278 279 do_sigbus: 280 up_read(&mm->mmap_sem); 281 282 /* 283 * Send a sigbus, regardless of whether we were in kernel 284 * or user mode. 285 */ 286 info.si_signo = SIGBUS; 287 info.si_errno = 0; 288 info.si_code = BUS_ADRERR; 289 info.si_addr = (void *)address; 290 force_sig_info(SIGBUS, &info, tsk); 291 292 /* Kernel mode? Handle exceptions or die */ 293 if (!user_mode(regs)) 294 goto no_context; 295 return; 296 297 vmalloc_fault: 298 { 299 /* 300 * Synchronize this task's top level page-table 301 * with the 'reference' page table. 302 * 303 * Use current_pgd instead of tsk->active_mm->pgd 304 * since the latter might be unavailable if this 305 * code is executed in a misfortunately run irq 306 * (like inside schedule() between switch_mm and 307 * switch_to...). 308 */ 309 310 int offset = pgd_index(address); 311 pgd_t *pgd, *pgd_k; 312 pud_t *pud, *pud_k; 313 pmd_t *pmd, *pmd_k; 314 pte_t *pte_k; 315 316 /* 317 phx_warn("do_page_fault(): vmalloc_fault will not work, " 318 "since current_pgd assign a proper value somewhere\n" 319 "anyhow we don't need this at the moment\n"); 320 321 phx_mmu("vmalloc_fault"); 322 */ 323 pgd = (pgd_t *)current_pgd[smp_processor_id()] + offset; 324 pgd_k = init_mm.pgd + offset; 325 326 /* Since we're two-level, we don't need to do both 327 * set_pgd and set_pmd (they do the same thing). If 328 * we go three-level at some point, do the right thing 329 * with pgd_present and set_pgd here. 330 * 331 * Also, since the vmalloc area is global, we don't 332 * need to copy individual PTE's, it is enough to 333 * copy the pgd pointer into the pte page of the 334 * root task. If that is there, we'll find our pte if 335 * it exists. 336 */ 337 338 pud = pud_offset(pgd, address); 339 pud_k = pud_offset(pgd_k, address); 340 if (!pud_present(*pud_k)) 341 goto no_context; 342 343 pmd = pmd_offset(pud, address); 344 pmd_k = pmd_offset(pud_k, address); 345 346 if (!pmd_present(*pmd_k)) 347 goto bad_area_nosemaphore; 348 349 set_pmd(pmd, *pmd_k); 350 351 /* Make sure the actual PTE exists as well to 352 * catch kernel vmalloc-area accesses to non-mapped 353 * addresses. If we don't do this, this will just 354 * silently loop forever. 355 */ 356 357 pte_k = pte_offset_kernel(pmd_k, address); 358 if (!pte_present(*pte_k)) 359 goto no_context; 360 361 return; 362 } 363 } 364