xref: /openbmc/linux/tools/testing/selftests/powerpc/mm/bad_accesses.c (revision cdd38c5f1ce4398ec58fec95904b75824daab7b5) 
15eb7cfb3SMichael Ellerman // SPDX-License-Identifier: GPL-2.0+
25eb7cfb3SMichael Ellerman //
35eb7cfb3SMichael Ellerman // Copyright 2019, Michael Ellerman, IBM Corp.
45eb7cfb3SMichael Ellerman //
55eb7cfb3SMichael Ellerman // Test that out-of-bounds reads/writes behave as expected.
65eb7cfb3SMichael Ellerman 
75eb7cfb3SMichael Ellerman #include <setjmp.h>
85eb7cfb3SMichael Ellerman #include <stdbool.h>
95eb7cfb3SMichael Ellerman #include <stdio.h>
105eb7cfb3SMichael Ellerman #include <stdlib.h>
115eb7cfb3SMichael Ellerman #include <string.h>
125eb7cfb3SMichael Ellerman #include <sys/types.h>
135eb7cfb3SMichael Ellerman #include <sys/wait.h>
145eb7cfb3SMichael Ellerman #include <unistd.h>
155eb7cfb3SMichael Ellerman 
165eb7cfb3SMichael Ellerman #include "utils.h"
175eb7cfb3SMichael Ellerman 
185eb7cfb3SMichael Ellerman // Old distros (Ubuntu 16.04 at least) don't define this
195eb7cfb3SMichael Ellerman #ifndef SEGV_BNDERR
205eb7cfb3SMichael Ellerman #define SEGV_BNDERR	3
215eb7cfb3SMichael Ellerman #endif
225eb7cfb3SMichael Ellerman 
235eb7cfb3SMichael Ellerman // 64-bit kernel is always here
245eb7cfb3SMichael Ellerman #define PAGE_OFFSET	(0xcul << 60)
255eb7cfb3SMichael Ellerman 
265eb7cfb3SMichael Ellerman static unsigned long kernel_virt_end;
275eb7cfb3SMichael Ellerman 
285eb7cfb3SMichael Ellerman static volatile int fault_code;
295eb7cfb3SMichael Ellerman static volatile unsigned long fault_addr;
305eb7cfb3SMichael Ellerman static jmp_buf setjmp_env;
315eb7cfb3SMichael Ellerman 
segv_handler(int n,siginfo_t * info,void * ctxt_v)325eb7cfb3SMichael Ellerman static void segv_handler(int n, siginfo_t *info, void *ctxt_v)
335eb7cfb3SMichael Ellerman {
345eb7cfb3SMichael Ellerman 	fault_code = info->si_code;
355eb7cfb3SMichael Ellerman 	fault_addr = (unsigned long)info->si_addr;
365eb7cfb3SMichael Ellerman 	siglongjmp(setjmp_env, 1);
375eb7cfb3SMichael Ellerman }
385eb7cfb3SMichael Ellerman 
bad_access(char * p,bool write)395eb7cfb3SMichael Ellerman int bad_access(char *p, bool write)
405eb7cfb3SMichael Ellerman {
41*c9344769SHarish 	char x = 0;
425eb7cfb3SMichael Ellerman 
435eb7cfb3SMichael Ellerman 	fault_code = 0;
445eb7cfb3SMichael Ellerman 	fault_addr = 0;
455eb7cfb3SMichael Ellerman 
465eb7cfb3SMichael Ellerman 	if (sigsetjmp(setjmp_env, 1) == 0) {
475eb7cfb3SMichael Ellerman 		if (write)
485eb7cfb3SMichael Ellerman 			*p = 1;
495eb7cfb3SMichael Ellerman 		else
505eb7cfb3SMichael Ellerman 			x = *p;
515eb7cfb3SMichael Ellerman 
525eb7cfb3SMichael Ellerman 		printf("Bad - no SEGV! (%c)\n", x);
535eb7cfb3SMichael Ellerman 		return 1;
545eb7cfb3SMichael Ellerman 	}
555eb7cfb3SMichael Ellerman 
565eb7cfb3SMichael Ellerman 	// If we see MAPERR that means we took a page fault rather than an SLB
575eb7cfb3SMichael Ellerman 	// miss. We only expect to take page faults for addresses within the
585eb7cfb3SMichael Ellerman 	// valid kernel range.
595eb7cfb3SMichael Ellerman 	FAIL_IF(fault_code == SEGV_MAPERR && \
605eb7cfb3SMichael Ellerman 		(fault_addr < PAGE_OFFSET || fault_addr >= kernel_virt_end));
615eb7cfb3SMichael Ellerman 
625eb7cfb3SMichael Ellerman 	FAIL_IF(fault_code != SEGV_MAPERR && fault_code != SEGV_BNDERR);
635eb7cfb3SMichael Ellerman 
645eb7cfb3SMichael Ellerman 	return 0;
655eb7cfb3SMichael Ellerman }
665eb7cfb3SMichael Ellerman 
test(void)675eb7cfb3SMichael Ellerman static int test(void)
685eb7cfb3SMichael Ellerman {
695eb7cfb3SMichael Ellerman 	unsigned long i, j, addr, region_shift, page_shift, page_size;
705eb7cfb3SMichael Ellerman 	struct sigaction sig;
715eb7cfb3SMichael Ellerman 	bool hash_mmu;
725eb7cfb3SMichael Ellerman 
735eb7cfb3SMichael Ellerman 	sig = (struct sigaction) {
745eb7cfb3SMichael Ellerman 		.sa_sigaction = segv_handler,
755eb7cfb3SMichael Ellerman 		.sa_flags = SA_SIGINFO,
765eb7cfb3SMichael Ellerman 	};
775eb7cfb3SMichael Ellerman 
785eb7cfb3SMichael Ellerman 	FAIL_IF(sigaction(SIGSEGV, &sig, NULL) != 0);
795eb7cfb3SMichael Ellerman 
805eb7cfb3SMichael Ellerman 	FAIL_IF(using_hash_mmu(&hash_mmu));
815eb7cfb3SMichael Ellerman 
825eb7cfb3SMichael Ellerman 	page_size = sysconf(_SC_PAGESIZE);
835eb7cfb3SMichael Ellerman 	if (page_size == (64 * 1024))
845eb7cfb3SMichael Ellerman 		page_shift = 16;
855eb7cfb3SMichael Ellerman 	else
865eb7cfb3SMichael Ellerman 		page_shift = 12;
875eb7cfb3SMichael Ellerman 
885eb7cfb3SMichael Ellerman 	if (page_size == (64 * 1024) || !hash_mmu) {
895eb7cfb3SMichael Ellerman 		region_shift = 52;
905eb7cfb3SMichael Ellerman 
915eb7cfb3SMichael Ellerman 		// We have 7 512T regions (4 kernel linear, vmalloc, io, vmemmap)
925eb7cfb3SMichael Ellerman 		kernel_virt_end = PAGE_OFFSET + (7 * (512ul << 40));
935eb7cfb3SMichael Ellerman 	} else if (page_size == (4 * 1024) && hash_mmu) {
945eb7cfb3SMichael Ellerman 		region_shift = 46;
955eb7cfb3SMichael Ellerman 
965eb7cfb3SMichael Ellerman 		// We have 7 64T regions (4 kernel linear, vmalloc, io, vmemmap)
975eb7cfb3SMichael Ellerman 		kernel_virt_end = PAGE_OFFSET + (7 * (64ul << 40));
985eb7cfb3SMichael Ellerman 	} else
995eb7cfb3SMichael Ellerman 		FAIL_IF(true);
1005eb7cfb3SMichael Ellerman 
1015eb7cfb3SMichael Ellerman 	printf("Using %s MMU, PAGE_SIZE = %dKB start address 0x%016lx\n",
1025eb7cfb3SMichael Ellerman 	       hash_mmu ? "hash" : "radix",
1035eb7cfb3SMichael Ellerman 	       (1 << page_shift) >> 10,
1045eb7cfb3SMichael Ellerman 	       1ul << region_shift);
1055eb7cfb3SMichael Ellerman 
1065eb7cfb3SMichael Ellerman 	// This generates access patterns like:
1075eb7cfb3SMichael Ellerman 	//   0x0010000000000000
1085eb7cfb3SMichael Ellerman 	//   0x0010000000010000
1095eb7cfb3SMichael Ellerman 	//   0x0010000000020000
1105eb7cfb3SMichael Ellerman 	//   ...
1115eb7cfb3SMichael Ellerman 	//   0x0014000000000000
1125eb7cfb3SMichael Ellerman 	//   0x0018000000000000
1135eb7cfb3SMichael Ellerman 	//   0x0020000000000000
1145eb7cfb3SMichael Ellerman 	//   0x0020000000010000
1155eb7cfb3SMichael Ellerman 	//   0x0020000000020000
1165eb7cfb3SMichael Ellerman 	//   ...
1175eb7cfb3SMichael Ellerman 	//   0xf400000000000000
1185eb7cfb3SMichael Ellerman 	//   0xf800000000000000
1195eb7cfb3SMichael Ellerman 
1205eb7cfb3SMichael Ellerman 	for (i = 1; i <= ((0xful << 60) >> region_shift); i++) {
1215eb7cfb3SMichael Ellerman 		for (j = page_shift - 1; j < 60; j++) {
1225eb7cfb3SMichael Ellerman 			unsigned long base, delta;
1235eb7cfb3SMichael Ellerman 
1245eb7cfb3SMichael Ellerman 			base  = i << region_shift;
1255eb7cfb3SMichael Ellerman 			delta = 1ul << j;
1265eb7cfb3SMichael Ellerman 
1275eb7cfb3SMichael Ellerman 			if (delta >= base)
1285eb7cfb3SMichael Ellerman 				break;
1295eb7cfb3SMichael Ellerman 
1305eb7cfb3SMichael Ellerman 			addr = (base | delta) & ~((1 << page_shift) - 1);
1315eb7cfb3SMichael Ellerman 
1325eb7cfb3SMichael Ellerman 			FAIL_IF(bad_access((char *)addr, false));
1335eb7cfb3SMichael Ellerman 			FAIL_IF(bad_access((char *)addr, true));
1345eb7cfb3SMichael Ellerman 		}
1355eb7cfb3SMichael Ellerman 	}
1365eb7cfb3SMichael Ellerman 
1375eb7cfb3SMichael Ellerman 	return 0;
1385eb7cfb3SMichael Ellerman }
1395eb7cfb3SMichael Ellerman 
main(void)1405eb7cfb3SMichael Ellerman int main(void)
1415eb7cfb3SMichael Ellerman {
14217c98a54SMichael Ellerman 	test_harness_set_timeout(300);
1435eb7cfb3SMichael Ellerman 	return test_harness(test, "bad_accesses");
1445eb7cfb3SMichael Ellerman }
145