fault.c revision 67ddb4052daac9d449caf2643ac365d42a04219a
1/* MN10300 MMU Fault handler 2 * 3 * Copyright (C) 2007 Matsushita Electric Industrial Co., Ltd. 4 * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. 5 * Modified by David Howells (dhowells@redhat.com) 6 * 7 * This program is free software; you can redistribute it and/or 8 * modify it under the terms of the GNU General Public Licence 9 * as published by the Free Software Foundation; either version 10 * 2 of the Licence, or (at your option) any later version. 11 */ 12 13#include <linux/signal.h> 14#include <linux/sched.h> 15#include <linux/kernel.h> 16#include <linux/errno.h> 17#include <linux/string.h> 18#include <linux/types.h> 19#include <linux/ptrace.h> 20#include <linux/mman.h> 21#include <linux/mm.h> 22#include <linux/smp.h> 23#include <linux/interrupt.h> 24#include <linux/init.h> 25#include <linux/vt_kern.h> /* For unblank_screen() */ 26 27#include <asm/system.h> 28#include <asm/uaccess.h> 29#include <asm/pgalloc.h> 30#include <asm/hardirq.h> 31#include <asm/cpu-regs.h> 32#include <asm/debugger.h> 33#include <asm/gdb-stub.h> 34 35/* 36 * Unlock any spinlocks which will prevent us from getting the 37 * message out 38 */ 39void bust_spinlocks(int yes) 40{ 41 if (yes) { 42 oops_in_progress = 1; 43 } else { 44 int loglevel_save = console_loglevel; 45#ifdef CONFIG_VT 46 unblank_screen(); 47#endif 48 oops_in_progress = 0; 49 /* 50 * OK, the message is on the console. Now we call printk() 51 * without oops_in_progress set so that printk will give klogd 52 * a poke. Hold onto your hats... 53 */ 54 console_loglevel = 15; /* NMI oopser may have shut the console 55 * up */ 56 printk(" "); 57 console_loglevel = loglevel_save; 58 } 59} 60 61void do_BUG(const char *file, int line) 62{ 63 bust_spinlocks(1); 64 printk(KERN_EMERG "------------[ cut here ]------------\n"); 65 printk(KERN_EMERG "kernel BUG at %s:%d!\n", file, line); 66} 67 68#if 0 69static void print_pagetable_entries(pgd_t *pgdir, unsigned long address) 70{ 71 pgd_t *pgd; 72 pmd_t *pmd; 73 pte_t *pte; 74 75 pgd = pgdir + __pgd_offset(address); 76 printk(KERN_DEBUG "pgd entry %p: %016Lx\n", 77 pgd, (long long) pgd_val(*pgd)); 78 79 if (!pgd_present(*pgd)) { 80 printk(KERN_DEBUG "... pgd not present!\n"); 81 return; 82 } 83 pmd = pmd_offset(pgd, address); 84 printk(KERN_DEBUG "pmd entry %p: %016Lx\n", 85 pmd, (long long)pmd_val(*pmd)); 86 87 if (!pmd_present(*pmd)) { 88 printk(KERN_DEBUG "... pmd not present!\n"); 89 return; 90 } 91 pte = pte_offset(pmd, address); 92 printk(KERN_DEBUG "pte entry %p: %016Lx\n", 93 pte, (long long) pte_val(*pte)); 94 95 if (!pte_present(*pte)) 96 printk(KERN_DEBUG "... pte not present!\n"); 97} 98#endif 99 100/* 101 * This routine handles page faults. It determines the address, 102 * and the problem, and then passes it off to one of the appropriate 103 * routines. 104 * 105 * fault_code: 106 * - LSW: either MMUFCR_IFC or MMUFCR_DFC as appropriate 107 * - MSW: 0 if data access, 1 if instruction access 108 * - bit 0: TLB miss flag 109 * - bit 1: initial write 110 * - bit 2: page invalid 111 * - bit 3: protection violation 112 * - bit 4: accessor (0=user 1=kernel) 113 * - bit 5: 0=read 1=write 114 * - bit 6-8: page protection spec 115 * - bit 9: illegal address 116 * - bit 16: 0=data 1=ins 117 * 118 */ 119asmlinkage void do_page_fault(struct pt_regs *regs, unsigned long fault_code, 120 unsigned long address) 121{ 122 struct vm_area_struct *vma; 123 struct task_struct *tsk; 124 struct mm_struct *mm; 125 unsigned long page; 126 siginfo_t info; 127 int write, fault; 128 129#ifdef CONFIG_GDBSTUB 130 /* handle GDB stub causing a fault */ 131 if (gdbstub_busy) { 132 gdbstub_exception(regs, TBR & TBR_INT_CODE); 133 return; 134 } 135#endif 136 137#if 0 138 printk(KERN_DEBUG "--- do_page_fault(%p,%s:%04lx,%08lx)\n", 139 regs, 140 fault_code & 0x10000 ? "ins" : "data", 141 fault_code & 0xffff, address); 142#endif 143 144 tsk = current; 145 146 /* 147 * We fault-in kernel-space virtual memory on-demand. The 148 * 'reference' page table is init_mm.pgd. 149 * 150 * NOTE! We MUST NOT take any locks for this case. We may 151 * be in an interrupt or a critical region, and should 152 * only copy the information from the master page table, 153 * nothing more. 154 * 155 * This verifies that the fault happens in kernel space 156 * and that the fault was a page not present (invalid) error 157 */ 158 if (address >= VMALLOC_START && address < VMALLOC_END && 159 (fault_code & MMUFCR_xFC_ACCESS) == MMUFCR_xFC_ACCESS_SR && 160 (fault_code & MMUFCR_xFC_PGINVAL) == MMUFCR_xFC_PGINVAL 161 ) 162 goto vmalloc_fault; 163 164 mm = tsk->mm; 165 info.si_code = SEGV_MAPERR; 166 167 /* 168 * If we're in an interrupt or have no user 169 * context, we must not take the fault.. 170 */ 171 if (in_atomic() || !mm) 172 goto no_context; 173 174 down_read(&mm->mmap_sem); 175 176 vma = find_vma(mm, address); 177 if (!vma) 178 goto bad_area; 179 if (vma->vm_start <= address) 180 goto good_area; 181 if (!(vma->vm_flags & VM_GROWSDOWN)) 182 goto bad_area; 183 184 if ((fault_code & MMUFCR_xFC_ACCESS) == MMUFCR_xFC_ACCESS_USR) { 185 /* accessing the stack below the stack pointer is always a 186 * bug */ 187 if ((address & PAGE_MASK) + 2 * PAGE_SIZE < regs->sp) { 188#if 0 189 printk(KERN_WARNING 190 "[%d] ### Access below stack @%lx (sp=%lx)\n", 191 current->pid, address, regs->sp); 192 printk(KERN_WARNING 193 "vma [%08x - %08x]\n", 194 vma->vm_start, vma->vm_end); 195 show_registers(regs); 196 printk(KERN_WARNING 197 "[%d] ### Code: [%08lx]" 198 " %02x %02x %02x %02x %02x %02x %02x %02x\n", 199 current->pid, 200 regs->pc, 201 ((u8 *) regs->pc)[0], 202 ((u8 *) regs->pc)[1], 203 ((u8 *) regs->pc)[2], 204 ((u8 *) regs->pc)[3], 205 ((u8 *) regs->pc)[4], 206 ((u8 *) regs->pc)[5], 207 ((u8 *) regs->pc)[6], 208 ((u8 *) regs->pc)[7] 209 ); 210#endif 211 goto bad_area; 212 } 213 } 214 215 if (expand_stack(vma, address)) 216 goto bad_area; 217 218/* 219 * Ok, we have a good vm_area for this memory access, so 220 * we can handle it.. 221 */ 222good_area: 223 info.si_code = SEGV_ACCERR; 224 write = 0; 225 switch (fault_code & (MMUFCR_xFC_PGINVAL|MMUFCR_xFC_TYPE)) { 226 default: /* 3: write, present */ 227 case MMUFCR_xFC_TYPE_WRITE: 228#ifdef TEST_VERIFY_AREA 229 if ((fault_code & MMUFCR_xFC_ACCESS) == MMUFCR_xFC_ACCESS_SR) 230 printk(KERN_DEBUG "WP fault at %08lx\n", regs->pc); 231#endif 232 /* write to absent page */ 233 case MMUFCR_xFC_PGINVAL | MMUFCR_xFC_TYPE_WRITE: 234 if (!(vma->vm_flags & VM_WRITE)) 235 goto bad_area; 236 write++; 237 break; 238 239 /* read from protected page */ 240 case MMUFCR_xFC_TYPE_READ: 241 goto bad_area; 242 243 /* read from absent page present */ 244 case MMUFCR_xFC_PGINVAL | MMUFCR_xFC_TYPE_READ: 245 if (!(vma->vm_flags & (VM_READ | VM_EXEC))) 246 goto bad_area; 247 break; 248 } 249 250 /* 251 * If for any reason at all we couldn't handle the fault, 252 * make sure we exit gracefully rather than endlessly redo 253 * the fault. 254 */ 255 fault = handle_mm_fault(mm, vma, address, write ? FAULT_FLAG_WRITE : 0); 256 if (unlikely(fault & VM_FAULT_ERROR)) { 257 if (fault & VM_FAULT_OOM) 258 goto out_of_memory; 259 else if (fault & VM_FAULT_SIGBUS) 260 goto do_sigbus; 261 BUG(); 262 } 263 if (fault & VM_FAULT_MAJOR) 264 current->maj_flt++; 265 else 266 current->min_flt++; 267 268 up_read(&mm->mmap_sem); 269 return; 270 271/* 272 * Something tried to access memory that isn't in our memory map.. 273 * Fix it, but check if it's kernel or user first.. 274 */ 275bad_area: 276 up_read(&mm->mmap_sem); 277 278 /* User mode accesses just cause a SIGSEGV */ 279 if ((fault_code & MMUFCR_xFC_ACCESS) == MMUFCR_xFC_ACCESS_USR) { 280 info.si_signo = SIGSEGV; 281 info.si_errno = 0; 282 /* info.si_code has been set above */ 283 info.si_addr = (void *)address; 284 force_sig_info(SIGSEGV, &info, tsk); 285 return; 286 } 287 288no_context: 289 /* Are we prepared to handle this kernel fault? */ 290 if (fixup_exception(regs)) 291 return; 292 293/* 294 * Oops. The kernel tried to access some bad page. We'll have to 295 * terminate things with extreme prejudice. 296 */ 297 298 bust_spinlocks(1); 299 300 if (address < PAGE_SIZE) 301 printk(KERN_ALERT 302 "Unable to handle kernel NULL pointer dereference"); 303 else 304 printk(KERN_ALERT 305 "Unable to handle kernel paging request"); 306 printk(" at virtual address %08lx\n", address); 307 printk(" printing pc:\n"); 308 printk(KERN_ALERT "%08lx\n", regs->pc); 309 310 debugger_intercept(fault_code & 0x00010000 ? EXCEP_IAERROR : EXCEP_DAERROR, 311 SIGSEGV, SEGV_ACCERR, regs); 312 313 page = PTBR; 314 page = ((unsigned long *) __va(page))[address >> 22]; 315 printk(KERN_ALERT "*pde = %08lx\n", page); 316 if (page & 1) { 317 page &= PAGE_MASK; 318 address &= 0x003ff000; 319 page = ((unsigned long *) __va(page))[address >> PAGE_SHIFT]; 320 printk(KERN_ALERT "*pte = %08lx\n", page); 321 } 322 323 die("Oops", regs, fault_code); 324 do_exit(SIGKILL); 325 326/* 327 * We ran out of memory, or some other thing happened to us that made 328 * us unable to handle the page fault gracefully. 329 */ 330out_of_memory: 331 up_read(&mm->mmap_sem); 332 printk(KERN_ALERT "VM: killing process %s\n", tsk->comm); 333 if ((fault_code & MMUFCR_xFC_ACCESS) == MMUFCR_xFC_ACCESS_USR) 334 do_exit(SIGKILL); 335 goto no_context; 336 337do_sigbus: 338 up_read(&mm->mmap_sem); 339 340 /* 341 * Send a sigbus, regardless of whether we were in kernel 342 * or user mode. 343 */ 344 info.si_signo = SIGBUS; 345 info.si_errno = 0; 346 info.si_code = BUS_ADRERR; 347 info.si_addr = (void *)address; 348 force_sig_info(SIGBUS, &info, tsk); 349 350 /* Kernel mode? Handle exceptions or die */ 351 if ((fault_code & MMUFCR_xFC_ACCESS) == MMUFCR_xFC_ACCESS_SR) 352 goto no_context; 353 return; 354 355vmalloc_fault: 356 { 357 /* 358 * Synchronize this task's top level page-table 359 * with the 'reference' page table. 360 * 361 * Do _not_ use "tsk" here. We might be inside 362 * an interrupt in the middle of a task switch.. 363 */ 364 int index = pgd_index(address); 365 pgd_t *pgd, *pgd_k; 366 pud_t *pud, *pud_k; 367 pmd_t *pmd, *pmd_k; 368 pte_t *pte_k; 369 370 pgd_k = init_mm.pgd + index; 371 372 if (!pgd_present(*pgd_k)) 373 goto no_context; 374 375 pud_k = pud_offset(pgd_k, address); 376 if (!pud_present(*pud_k)) 377 goto no_context; 378 379 pmd_k = pmd_offset(pud_k, address); 380 if (!pmd_present(*pmd_k)) 381 goto no_context; 382 383 pgd = (pgd_t *) PTBR + index; 384 pud = pud_offset(pgd, address); 385 pmd = pmd_offset(pud, address); 386 set_pmd(pmd, *pmd_k); 387 388 pte_k = pte_offset_kernel(pmd_k, address); 389 if (!pte_present(*pte_k)) 390 goto no_context; 391 return; 392 } 393} 394