2 * Compatibility mode system call entry point for x86-64.
4 * Copyright 2000-2002 Andi Kleen, SuSE Labs.
7 #include <asm/asm-offsets.h>
8 #include <asm/current.h>
10 #include <asm/ia32_unistd.h>
11 #include <asm/thread_info.h>
12 #include <asm/segment.h>
13 #include <asm/irqflags.h>
16 #include <linux/linkage.h>
17 #include <linux/err.h>
19 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */
20 #include <linux/elf-em.h>
21 #define AUDIT_ARCH_I386 (EM_386|__AUDIT_ARCH_LE)
22 #define __AUDIT_ARCH_LE 0x40000000
24 #ifndef CONFIG_AUDITSYSCALL
25 # define sysexit_audit ia32_ret_from_sys_call
26 # define sysretl_audit ia32_ret_from_sys_call
29 .section .entry.text, "ax"
31 #ifdef CONFIG_PARAVIRT
32 ENTRY(native_usergs_sysret32)
35 ENDPROC(native_usergs_sysret32)
39 * 32-bit SYSENTER instruction entry.
41 * SYSENTER loads ss, rsp, cs, and rip from previously programmed MSRs.
42 * IF and VM in rflags are cleared (IOW: interrupts are off).
43 * SYSENTER does not save anything on the stack,
44 * and does not save old rip (!!!) and rflags.
47 * eax system call number
56 * This is purely a fast path. For anything complicated we use the int 0x80
57 * path below. We set up a complete hardware stack frame to share code
58 * with the int 0x80 path.
60 ENTRY(entry_SYSENTER_compat)
62 * Interrupts are off on entry.
63 * We do not frame this tiny irq-off block with TRACE_IRQS_OFF/ON,
64 * it is too small to ever cause noticeable irq latency.
67 movq PER_CPU_VAR(cpu_current_top_of_stack), %rsp
68 ENABLE_INTERRUPTS(CLBR_NONE)
70 /* Zero-extending 32-bit regs, do not remove */
74 movl ASM_THREAD_INFO(TI_sysenter_return, %rsp, 0), %r10d
76 /* Construct struct pt_regs on stack */
77 pushq $__USER32_DS /* pt_regs->ss */
78 pushq %rbp /* pt_regs->sp */
79 pushfq /* pt_regs->flags */
80 pushq $__USER32_CS /* pt_regs->cs */
81 pushq %r10 /* pt_regs->ip = thread_info->sysenter_return */
82 pushq %rax /* pt_regs->orig_ax */
83 pushq %rdi /* pt_regs->di */
84 pushq %rsi /* pt_regs->si */
85 pushq %rdx /* pt_regs->dx */
86 pushq %rcx /* pt_regs->cx */
87 pushq $-ENOSYS /* pt_regs->ax */
89 sub $(10*8), %rsp /* pt_regs->r8-11, bp, bx, r12-15 not saved */
92 * no need to do an access_ok check here because rbp has been
93 * 32-bit zero extended
97 _ASM_EXTABLE(1b, ia32_badarg)
101 * Sysenter doesn't filter flags, so we need to clear NT
102 * ourselves. To save a few cycles, we can check whether
103 * NT was set instead of doing an unconditional popfq.
105 testl $X86_EFLAGS_NT, EFLAGS(%rsp)
106 jnz sysenter_fix_flags
107 sysenter_flags_fixed:
109 orl $TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)
110 testl $_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
111 jnz sysenter_tracesys
114 /* 32-bit syscall -> 64-bit C ABI argument conversion */
115 movl %edi, %r8d /* arg5 */
116 movl %ebp, %r9d /* arg6 */
117 xchg %ecx, %esi /* rsi:arg2, rcx:arg4 */
118 movl %ebx, %edi /* arg1 */
119 movl %edx, %edx /* arg3 (zero extension) */
121 cmpq $(IA32_NR_syscalls-1), %rax
123 call *ia32_sys_call_table(, %rax, 8)
126 DISABLE_INTERRUPTS(CLBR_NONE)
128 testl $_TIF_ALLWORK_MASK, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
130 sysexit_from_sys_call:
132 * NB: SYSEXIT is not obviously safe for 64-bit kernels -- an
133 * NMI between STI and SYSEXIT has poorly specified behavior,
134 * and and NMI followed by an IRQ with usergs is fatal. So
135 * we just pretend we're using SYSEXIT but we really use
138 * This code path is still called 'sysexit' because it pairs
139 * with 'sysenter' and it uses the SYSENTER calling convention.
141 andl $~TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)
142 movl RIP(%rsp), %ecx /* User %eip */
144 xorl %edx, %edx /* Do not leak kernel information */
148 movl EFLAGS(%rsp), %r11d /* User eflags */
152 * SYSRETL works even on Intel CPUs. Use it in preference to SYSEXIT,
153 * since it avoids a dicey window with interrupts enabled.
158 * USERGS_SYSRET32 does:
159 * gsbase = user's gs base
165 * The prologue set RIP(%rsp) to VDSO32_SYSENTER_RETURN, which does:
171 * Therefore, we invoke SYSRETL with EDX and R8-R10 zeroed to
172 * avoid info leaks. R11 ends up with VDSO32_SYSENTER_RETURN's
173 * address (already known to user code), and R12-R15 are
174 * callee-saved and therefore don't contain any interesting
179 #ifdef CONFIG_AUDITSYSCALL
180 .macro auditsys_entry_common
182 * At this point, registers hold syscall args in the 32-bit syscall ABI:
183 * EAX is syscall number, the 6 args are in EBX,ECX,EDX,ESI,EDI,EBP.
185 * We want to pass them to __audit_syscall_entry(), which is a 64-bit
186 * C function with 5 parameters, so shuffle them to match what
187 * the function expects: RDI,RSI,RDX,RCX,R8.
189 movl %esi, %r8d /* arg5 (R8 ) <= 4th syscall arg (ESI) */
190 xchg %ecx, %edx /* arg4 (RCX) <= 3rd syscall arg (EDX) */
191 /* arg3 (RDX) <= 2nd syscall arg (ECX) */
192 movl %ebx, %esi /* arg2 (RSI) <= 1st syscall arg (EBX) */
193 movl %eax, %edi /* arg1 (RDI) <= syscall number (EAX) */
194 call __audit_syscall_entry
197 * We are going to jump back to the syscall dispatch code.
198 * Prepare syscall args as required by the 64-bit C ABI.
199 * Registers clobbered by __audit_syscall_entry() are
200 * loaded from pt_regs on stack:
202 movl ORIG_RAX(%rsp), %eax /* syscall number */
203 movl %ebx, %edi /* arg1 */
204 movl RCX(%rsp), %esi /* arg2 */
205 movl RDX(%rsp), %edx /* arg3 */
206 movl RSI(%rsp), %ecx /* arg4 */
207 movl RDI(%rsp), %r8d /* arg5 */
210 .macro auditsys_exit exit
211 testl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT), ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
212 jnz ia32_ret_from_sys_call
214 ENABLE_INTERRUPTS(CLBR_NONE)
215 movl %eax, %esi /* second arg, syscall return value */
216 cmpl $-MAX_ERRNO, %eax /* is it an error ? */
218 movslq %eax, %rsi /* if error sign extend to 64 bits */
219 1: setbe %al /* 1 if error, 0 if not */
220 movzbl %al, %edi /* zero-extend that into %edi */
221 call __audit_syscall_exit
222 movq RAX(%rsp), %rax /* reload syscall return value */
223 movl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT), %edi
224 DISABLE_INTERRUPTS(CLBR_NONE)
226 testl %edi, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
228 xorl %eax, %eax /* Do not leak kernel information */
237 auditsys_entry_common
238 movl %ebp, %r9d /* reload 6th syscall arg */
239 jmp sysenter_dispatch
242 auditsys_exit sysexit_from_sys_call
246 pushq $(X86_EFLAGS_IF|X86_EFLAGS_FIXED)
248 jmp sysenter_flags_fixed
251 #ifdef CONFIG_AUDITSYSCALL
252 testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT), ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
256 xorl %eax, %eax /* Do not leak kernel information */
261 movq %rsp, %rdi /* &pt_regs -> arg1 */
262 call syscall_trace_enter
264 /* Reload arg registers from stack. (see sysenter_tracesys) */
269 movl %eax, %eax /* zero extension */
273 ENDPROC(entry_SYSENTER_compat)
276 * 32-bit SYSCALL instruction entry.
278 * 32-bit SYSCALL saves rip to rcx, clears rflags.RF, then saves rflags to r11,
279 * then loads new ss, cs, and rip from previously programmed MSRs.
280 * rflags gets masked by a value from another MSR (so CLD and CLAC
281 * are not needed). SYSCALL does not save anything on the stack
282 * and does not change rsp.
284 * Note: rflags saving+masking-with-MSR happens only in Long mode
285 * (in legacy 32-bit mode, IF, RF and VM bits are cleared and that's it).
286 * Don't get confused: rflags saving+masking depends on Long Mode Active bit
287 * (EFER.LMA=1), NOT on bitness of userspace where SYSCALL executes
288 * or target CS descriptor's L bit (SYSCALL does not read segment descriptors).
291 * eax system call number
294 * ebp arg2 (note: not saved in the stack frame, should not be touched)
301 * This is purely a fast path. For anything complicated we use the int 0x80
302 * path below. We set up a complete hardware stack frame to share code
303 * with the int 0x80 path.
305 ENTRY(entry_SYSCALL_compat)
307 * Interrupts are off on entry.
308 * We do not frame this tiny irq-off block with TRACE_IRQS_OFF/ON,
309 * it is too small to ever cause noticeable irq latency.
313 movq PER_CPU_VAR(cpu_current_top_of_stack), %rsp
314 ENABLE_INTERRUPTS(CLBR_NONE)
316 /* Zero-extending 32-bit regs, do not remove */
319 /* Construct struct pt_regs on stack */
320 pushq $__USER32_DS /* pt_regs->ss */
321 pushq %r8 /* pt_regs->sp */
322 pushq %r11 /* pt_regs->flags */
323 pushq $__USER32_CS /* pt_regs->cs */
324 pushq %rcx /* pt_regs->ip */
325 pushq %rax /* pt_regs->orig_ax */
326 pushq %rdi /* pt_regs->di */
327 pushq %rsi /* pt_regs->si */
328 pushq %rdx /* pt_regs->dx */
329 pushq %rbp /* pt_regs->cx */
331 pushq $-ENOSYS /* pt_regs->ax */
332 sub $(10*8), %rsp /* pt_regs->r8-11, bp, bx, r12-15 not saved */
335 * No need to do an access_ok check here because r8 has been
336 * 32-bit zero extended:
340 _ASM_EXTABLE(1b, ia32_badarg)
342 orl $TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)
343 testl $_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
347 /* 32-bit syscall -> 64-bit C ABI argument conversion */
348 movl %edi, %r8d /* arg5 */
349 /* r9 already loaded */ /* arg6 */
350 xchg %ecx, %esi /* rsi:arg2, rcx:arg4 */
351 movl %ebx, %edi /* arg1 */
352 movl %edx, %edx /* arg3 (zero extension) */
355 cmpq $(IA32_NR_syscalls-1), %rax
358 call *ia32_sys_call_table(, %rax, 8)
361 DISABLE_INTERRUPTS(CLBR_NONE)
363 testl $_TIF_ALLWORK_MASK, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
366 sysretl_from_sys_call:
367 andl $~TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)
370 movl EFLAGS(%rsp), %r11d
377 * 64-bit->32-bit SYSRET restores eip from ecx,
378 * eflags from r11 (but RF and VM bits are forced to 0),
379 * cs and ss are loaded from MSRs.
380 * (Note: 32-bit->32-bit SYSRET is different: since r11
381 * does not exist, it merely sets eflags.IF=1).
383 * NB: On AMD CPUs with the X86_BUG_SYSRET_SS_ATTRS bug, the ss
384 * descriptor is not reinitialized. This means that we must
385 * avoid SYSRET with SS == NULL, which could happen if we schedule,
386 * exit the kernel, and re-enter using an interrupt vector. (All
387 * interrupt entries on x86_64 set SS to NULL.) We prevent that
388 * from happening by reloading SS in __switch_to.
392 #ifdef CONFIG_AUDITSYSCALL
394 movl %r9d, R9(%rsp) /* register to be clobbered by call */
395 auditsys_entry_common
396 movl R9(%rsp), %r9d /* reload 6th syscall arg */
400 auditsys_exit sysretl_from_sys_call
404 #ifdef CONFIG_AUDITSYSCALL
405 testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT), ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
410 xorl %eax, %eax /* Do not leak kernel information */
415 movq %rsp, %rdi /* &pt_regs -> arg1 */
416 call syscall_trace_enter
419 /* Reload arg registers from stack. (see sysenter_tracesys) */
424 movl %eax, %eax /* zero extension */
429 END(entry_SYSCALL_compat)
433 movq $-EFAULT, RAX(%rsp)
434 ia32_ret_from_sys_call:
435 xorl %eax, %eax /* Do not leak kernel information */
440 jmp int_ret_from_sys_call
443 * Emulated IA32 system calls via int 0x80.
446 * eax system call number
452 * ebp arg6 (note: not saved in the stack frame, should not be touched)
455 * Uses the same stack frame as the x86-64 version.
456 * All registers except eax must be saved (but ptrace may violate that).
457 * Arguments are zero extended. For system calls that want sign extension and
458 * take long arguments a wrapper is needed. Most calls can just be called
460 * Assumes it is only called from user space and entered with interrupts off.
463 ENTRY(entry_INT80_compat)
465 * Interrupts are off on entry.
466 * We do not frame this tiny irq-off block with TRACE_IRQS_OFF/ON,
467 * it is too small to ever cause noticeable irq latency.
469 PARAVIRT_ADJUST_EXCEPTION_FRAME
471 ENABLE_INTERRUPTS(CLBR_NONE)
473 /* Zero-extending 32-bit regs, do not remove */
476 /* Construct struct pt_regs on stack (iret frame is already on stack) */
477 pushq %rax /* pt_regs->orig_ax */
478 pushq %rdi /* pt_regs->di */
479 pushq %rsi /* pt_regs->si */
480 pushq %rdx /* pt_regs->dx */
481 pushq %rcx /* pt_regs->cx */
482 pushq $-ENOSYS /* pt_regs->ax */
483 pushq $0 /* pt_regs->r8 */
484 pushq $0 /* pt_regs->r9 */
485 pushq $0 /* pt_regs->r10 */
486 pushq $0 /* pt_regs->r11 */
488 sub $(6*8), %rsp /* pt_regs->bp, bx, r12-15 not saved */
490 orl $TS_COMPAT, ASM_THREAD_INFO(TI_status, %rsp, SIZEOF_PTREGS)
491 testl $_TIF_WORK_SYSCALL_ENTRY, ASM_THREAD_INFO(TI_flags, %rsp, SIZEOF_PTREGS)
495 /* 32-bit syscall -> 64-bit C ABI argument conversion */
496 movl %edi, %r8d /* arg5 */
497 movl %ebp, %r9d /* arg6 */
498 xchg %ecx, %esi /* rsi:arg2, rcx:arg4 */
499 movl %ebx, %edi /* arg1 */
500 movl %edx, %edx /* arg3 (zero extension) */
501 cmpq $(IA32_NR_syscalls-1), %rax
504 call *ia32_sys_call_table(, %rax, 8)
507 jmp int_ret_from_sys_call
511 movq %rsp, %rdi /* &pt_regs -> arg1 */
512 call syscall_trace_enter
514 * Reload arg registers from stack in case ptrace changed them.
515 * Don't reload %eax because syscall_trace_enter() returned
516 * the %rax value we should see. But do truncate it to 32 bits.
517 * If it's -1 to make us punt the syscall, then (u32)-1 is still
518 * an appropriately invalid value.
524 movl %eax, %eax /* zero extension */
527 END(entry_INT80_compat)
529 .macro PTREGSCALL label, func
532 leaq \func(%rip), %rax
533 jmp ia32_ptregs_common
536 PTREGSCALL stub32_rt_sigreturn, sys32_rt_sigreturn
537 PTREGSCALL stub32_sigreturn, sys32_sigreturn
538 PTREGSCALL stub32_fork, sys_fork
539 PTREGSCALL stub32_vfork, sys_vfork
543 leaq sys_clone(%rip), %rax
545 * The 32-bit clone ABI is: clone(..., int tls_val, int *child_tidptr).
546 * The 64-bit clone ABI is: clone(..., int *child_tidptr, int tls_val).
548 * The native 64-bit kernel's sys_clone() implements the latter,
549 * so we need to swap arguments here before calling it:
552 jmp ia32_ptregs_common
560 END(ia32_ptregs_common)
projects / linux-2.6-block.git / blob