[linux-block.git] / arch / sparc / mm / fault_32.c

// SPDX-License-Identifier: GPL-2.0
/*
 * fault.c:  Page fault handlers for the Sparc.
 *
 * Copyright (C) 1995 David S. Miller (davem@caip.rutgers.edu)
 * Copyright (C) 1996 Eddie C. Dost (ecd@skynet.be)
 * Copyright (C) 1997 Jakub Jelinek (jj@sunsite.mff.cuni.cz)
 */

#include <asm/head.h>

#include <linux/string.h>
#include <linux/types.h>
#include <linux/sched.h>
#include <linux/ptrace.h>
#include <linux/mman.h>
#include <linux/threads.h>
#include <linux/kernel.h>
#include <linux/signal.h>
#include <linux/mm.h>
#include <linux/smp.h>
#include <linux/perf_event.h>
#include <linux/interrupt.h>
#include <linux/kdebug.h>
#include <linux/uaccess.h>

#include <asm/page.h>
#include <asm/pgtable.h>
#include <asm/openprom.h>
#include <asm/oplib.h>
#include <asm/setup.h>
#include <asm/smp.h>
#include <asm/traps.h>

#include "mm_32.h"

int show_unhandled_signals = 1;

static void __noreturn unhandled_fault(unsigned long address,
				       struct task_struct *tsk,
				       struct pt_regs *regs)
{
	if ((unsigned long) address < PAGE_SIZE) {
		printk(KERN_ALERT
		    "Unable to handle kernel NULL pointer dereference\n");
	} else {
		printk(KERN_ALERT "Unable to handle kernel paging request at virtual address %08lx\n",
		       address);
	}
	printk(KERN_ALERT "tsk->{mm,active_mm}->context = %08lx\n",
		(tsk->mm ? tsk->mm->context : tsk->active_mm->context));
	printk(KERN_ALERT "tsk->{mm,active_mm}->pgd = %08lx\n",
		(tsk->mm ? (unsigned long) tsk->mm->pgd :
			(unsigned long) tsk->active_mm->pgd));
	die_if_kernel("Oops", regs);
}

asmlinkage int lookup_fault(unsigned long pc, unsigned long ret_pc,
			    unsigned long address)
{
	struct pt_regs regs;
	unsigned long g2;
	unsigned int insn;
	int i;

	i = search_extables_range(ret_pc, &g2);
	switch (i) {
	case 3:
		/* load & store will be handled by fixup */
		return 3;

	case 1:
		/* store will be handled by fixup, load will bump out */
		/* for _to_ macros */
		insn = *((unsigned int *) pc);
		if ((insn >> 21) & 1)
			return 1;
		break;

	case 2:
		/* load will be handled by fixup, store will bump out */
		/* for _from_ macros */
		insn = *((unsigned int *) pc);
		if (!((insn >> 21) & 1) || ((insn>>19)&0x3f) == 15)
			return 2;
		break;

	default:
		break;
	}

	memset(&regs, 0, sizeof(regs));
	regs.pc = pc;
	regs.npc = pc + 4;
	__asm__ __volatile__(
		"rd %%psr, %0\n\t"
		"nop\n\t"
		"nop\n\t"
		"nop\n" : "=r" (regs.psr));
	unhandled_fault(address, current, &regs);

	/* Not reached */
	return 0;
}

static inline void
show_signal_msg(struct pt_regs *regs, int sig, int code,
		unsigned long address, struct task_struct *tsk)
{
	if (!unhandled_signal(tsk, sig))
		return;

	if (!printk_ratelimit())
		return;

	printk("%s%s[%d]: segfault at %lx ip %px (rpc %px) sp %px error %x",
	       task_pid_nr(tsk) > 1 ? KERN_INFO : KERN_EMERG,
	       tsk->comm, task_pid_nr(tsk), address,
	       (void *)regs->pc, (void *)regs->u_regs[UREG_I7],
	       (void *)regs->u_regs[UREG_FP], code);

	print_vma_addr(KERN_CONT " in ", regs->pc);

	printk(KERN_CONT "\n");
}

static void __do_fault_siginfo(int code, int sig, struct pt_regs *regs,
			       unsigned long addr)
{
	siginfo_t info;

	clear_siginfo(&info);
	info.si_signo = sig;
	info.si_code = code;
	info.si_errno = 0;
	info.si_addr = (void __user *) addr;
	info.si_trapno = 0;

	if (unlikely(show_unhandled_signals))
		show_signal_msg(regs, sig, info.si_code,
				addr, current);

	force_sig_info (sig, &info, current);
}

static unsigned long compute_si_addr(struct pt_regs *regs, int text_fault)
{
	unsigned int insn;

	if (text_fault)
		return regs->pc;

	if (regs->psr & PSR_PS)
		insn = *(unsigned int *) regs->pc;
	else
		__get_user(insn, (unsigned int *) regs->pc);

	return safe_compute_effective_address(regs, insn);
}

static noinline void do_fault_siginfo(int code, int sig, struct pt_regs *regs,
				      int text_fault)
{
	unsigned long addr = compute_si_addr(regs, text_fault);

	__do_fault_siginfo(code, sig, regs, addr);
}

asmlinkage void do_sparc_fault(struct pt_regs *regs, int text_fault, int write,
			       unsigned long address)
{
	struct vm_area_struct *vma;
	struct task_struct *tsk = current;
	struct mm_struct *mm = tsk->mm;
	unsigned int fixup;
	unsigned long g2;
	int from_user = !(regs->psr & PSR_PS);
	int fault, code;
	unsigned int flags = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_KILLABLE;

	if (text_fault)
		address = regs->pc;

	/*
	 * We fault-in kernel-space virtual memory on-demand. The
	 * 'reference' page table is init_mm.pgd.
	 *
	 * NOTE! We MUST NOT take any locks for this case. We may
	 * be in an interrupt or a critical region, and should
	 * only copy the information from the master page table,
	 * nothing more.
	 */
	code = SEGV_MAPERR;
	if (address >= TASK_SIZE)
		goto vmalloc_fault;

	/*
	 * If we're in an interrupt or have no user
	 * context, we must not take the fault..
	 */
	if (pagefault_disabled() || !mm)
		goto no_context;

	perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);

retry:
	down_read(&mm->mmap_sem);

	if (!from_user && address >= PAGE_OFFSET)
		goto bad_area;

	vma = find_vma(mm, address);
	if (!vma)
		goto bad_area;
	if (vma->vm_start <= address)
		goto good_area;
	if (!(vma->vm_flags & VM_GROWSDOWN))
		goto bad_area;
	if (expand_stack(vma, address))
		goto bad_area;
	/*
	 * Ok, we have a good vm_area for this memory access, so
	 * we can handle it..
	 */
good_area:
	code = SEGV_ACCERR;
	if (write) {
		if (!(vma->vm_flags & VM_WRITE))
			goto bad_area;
	} else {
		/* Allow reads even for write-only mappings */
		if (!(vma->vm_flags & (VM_READ | VM_EXEC)))
			goto bad_area;
	}

	if (from_user)
		flags |= FAULT_FLAG_USER;
	if (write)
		flags |= FAULT_FLAG_WRITE;

	/*
	 * If for any reason at all we couldn't handle the fault,
	 * make sure we exit gracefully rather than endlessly redo
	 * the fault.
	 */
	fault = handle_mm_fault(vma, address, flags);

	if ((fault & VM_FAULT_RETRY) && fatal_signal_pending(current))
		return;

	if (unlikely(fault & VM_FAULT_ERROR)) {
		if (fault & VM_FAULT_OOM)
			goto out_of_memory;
		else if (fault & VM_FAULT_SIGSEGV)
			goto bad_area;
		else if (fault & VM_FAULT_SIGBUS)
			goto do_sigbus;
		BUG();
	}

	if (flags & FAULT_FLAG_ALLOW_RETRY) {
		if (fault & VM_FAULT_MAJOR) {
			current->maj_flt++;
			perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS_MAJ,
				      1, regs, address);
		} else {
			current->min_flt++;
			perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS_MIN,
				      1, regs, address);
		}
		if (fault & VM_FAULT_RETRY) {
			flags &= ~FAULT_FLAG_ALLOW_RETRY;
			flags |= FAULT_FLAG_TRIED;

			/* No need to up_read(&mm->mmap_sem) as we would
			 * have already released it in __lock_page_or_retry
			 * in mm/filemap.c.
			 */

			goto retry;
		}
	}

	up_read(&mm->mmap_sem);
	return;

	/*
	 * Something tried to access memory that isn't in our memory map..
	 * Fix it, but check if it's kernel or user first..
	 */
bad_area:
	up_read(&mm->mmap_sem);

bad_area_nosemaphore:
	/* User mode accesses just cause a SIGSEGV */
	if (from_user) {
		do_fault_siginfo(code, SIGSEGV, regs, text_fault);
		return;
	}

	/* Is this in ex_table? */
no_context:
	g2 = regs->u_regs[UREG_G2];
	if (!from_user) {
		fixup = search_extables_range(regs->pc, &g2);
		/* Values below 10 are reserved for other things */
		if (fixup > 10) {
			extern const unsigned int __memset_start[];
			extern const unsigned int __memset_end[];
			extern const unsigned int __csum_partial_copy_start[];
			extern const unsigned int __csum_partial_copy_end[];

#ifdef DEBUG_EXCEPTIONS
			printk("Exception: PC<%08lx> faddr<%08lx>\n",
			       regs->pc, address);
			printk("EX_TABLE: insn<%08lx> fixup<%08x> g2<%08lx>\n",
				regs->pc, fixup, g2);
#endif
			if ((regs->pc >= (unsigned long)__memset_start &&
			     regs->pc < (unsigned long)__memset_end) ||
			    (regs->pc >= (unsigned long)__csum_partial_copy_start &&
			     regs->pc < (unsigned long)__csum_partial_copy_end)) {
				regs->u_regs[UREG_I4] = address;
				regs->u_regs[UREG_I5] = regs->pc;
			}
			regs->u_regs[UREG_G2] = g2;
			regs->pc = fixup;
			regs->npc = regs->pc + 4;
			return;
		}
	}

	unhandled_fault(address, tsk, regs);
	do_exit(SIGKILL);

/*
 * We ran out of memory, or some other thing happened to us that made
 * us unable to handle the page fault gracefully.
 */
out_of_memory:
	up_read(&mm->mmap_sem);
	if (from_user) {
		pagefault_out_of_memory();
		return;
	}
	goto no_context;

do_sigbus:
	up_read(&mm->mmap_sem);
	do_fault_siginfo(BUS_ADRERR, SIGBUS, regs, text_fault);
	if (!from_user)
		goto no_context;

vmalloc_fault:
	{
		/*
		 * Synchronize this task's top level page-table
		 * with the 'reference' page table.
		 */
		int offset = pgd_index(address);
		pgd_t *pgd, *pgd_k;
		pmd_t *pmd, *pmd_k;

		pgd = tsk->active_mm->pgd + offset;
		pgd_k = init_mm.pgd + offset;

		if (!pgd_present(*pgd)) {
			if (!pgd_present(*pgd_k))
				goto bad_area_nosemaphore;
			pgd_val(*pgd) = pgd_val(*pgd_k);
			return;
		}

		pmd = pmd_offset(pgd, address);
		pmd_k = pmd_offset(pgd_k, address);

		if (pmd_present(*pmd) || !pmd_present(*pmd_k))
			goto bad_area_nosemaphore;

		*pmd = *pmd_k;
		return;
	}
}

/* This always deals with user addresses. */
static void force_user_fault(unsigned long address, int write)
{
	struct vm_area_struct *vma;
	struct task_struct *tsk = current;
	struct mm_struct *mm = tsk->mm;
	unsigned int flags = FAULT_FLAG_USER;
	int code;

	code = SEGV_MAPERR;

	down_read(&mm->mmap_sem);
	vma = find_vma(mm, address);
	if (!vma)
		goto bad_area;
	if (vma->vm_start <= address)
		goto good_area;
	if (!(vma->vm_flags & VM_GROWSDOWN))
		goto bad_area;
	if (expand_stack(vma, address))
		goto bad_area;
good_area:
	code = SEGV_ACCERR;
	if (write) {
		if (!(vma->vm_flags & VM_WRITE))
			goto bad_area;
		flags |= FAULT_FLAG_WRITE;
	} else {
		if (!(vma->vm_flags & (VM_READ | VM_EXEC)))
			goto bad_area;
	}
	switch (handle_mm_fault(vma, address, flags)) {
	case VM_FAULT_SIGBUS:
	case VM_FAULT_OOM:
		goto do_sigbus;
	}
	up_read(&mm->mmap_sem);
	return;
bad_area:
	up_read(&mm->mmap_sem);
	__do_fault_siginfo(code, SIGSEGV, tsk->thread.kregs, address);
	return;

do_sigbus:
	up_read(&mm->mmap_sem);
	__do_fault_siginfo(BUS_ADRERR, SIGBUS, tsk->thread.kregs, address);
}

static void check_stack_aligned(unsigned long sp)
{
	if (sp & 0x7UL)
		force_sig(SIGILL, current);
}

void window_overflow_fault(void)
{
	unsigned long sp;

	sp = current_thread_info()->rwbuf_stkptrs[0];
	if (((sp + 0x38) & PAGE_MASK) != (sp & PAGE_MASK))
		force_user_fault(sp + 0x38, 1);
	force_user_fault(sp, 1);

	check_stack_aligned(sp);
}

void window_underflow_fault(unsigned long sp)
{
	if (((sp + 0x38) & PAGE_MASK) != (sp & PAGE_MASK))
		force_user_fault(sp + 0x38, 0);
	force_user_fault(sp, 0);

	check_stack_aligned(sp);
}

void window_ret_fault(struct pt_regs *regs)
{
	unsigned long sp;

	sp = regs->u_regs[UREG_FP];
	if (((sp + 0x38) & PAGE_MASK) != (sp & PAGE_MASK))
		force_user_fault(sp + 0x38, 0);
	force_user_fault(sp, 0);

	check_stack_aligned(sp);
}
Commit	Line	Data
b2441318	1	// SPDX-License-Identifier: GPL-2.0
88278ca2	2	/*
1da177e4 LT	3	* fault.c: Page fault handlers for the Sparc.
	4	*
	5	* Copyright (C) 1995 David S. Miller (davem@caip.rutgers.edu)
	6	* Copyright (C) 1996 Eddie C. Dost (ecd@skynet.be)
	7	* Copyright (C) 1997 Jakub Jelinek (jj@sunsite.mff.cuni.cz)
	8	*/
	9
	10	#include <asm/head.h>
	11
	12	#include <linux/string.h>
	13	#include <linux/types.h>
	14	#include <linux/sched.h>
	15	#include <linux/ptrace.h>
	16	#include <linux/mman.h>
	17	#include <linux/threads.h>
	18	#include <linux/kernel.h>
	19	#include <linux/signal.h>
	20	#include <linux/mm.h>
	21	#include <linux/smp.h>
a084b667	22	#include <linux/perf_event.h>
1da177e4	23	#include <linux/interrupt.h>
1eeb66a1	24	#include <linux/kdebug.h>
70ffdb93	25	#include <linux/uaccess.h>
1da177e4	26
1da177e4 LT	27	#include <asm/page.h>
1da177e4 LT	28	#include <asm/pgtable.h>
1da177e4 LT	29	#include <asm/openprom.h>
1da177e4 LT	30	#include <asm/oplib.h>
9edfae3f	31	#include <asm/setup.h>
1da177e4 LT	32	#include <asm/smp.h>
1da177e4 LT	33	#include <asm/traps.h>
1da177e4	34
e1b2f134	35	#include "mm_32.h"
4b177647	36
e1b2f134	37	int show_unhandled_signals = 1;
1da177e4	38
70168dfa SR	39	static void __noreturn unhandled_fault(unsigned long address,
	40	struct task_struct *tsk,
	41	struct pt_regs *regs)
1da177e4	42	{
70168dfa	43	if ((unsigned long) address < PAGE_SIZE) {
1da177e4 LT	44	printk(KERN_ALERT
	45	"Unable to handle kernel NULL pointer dereference\n");
	46	} else {
70168dfa SR	47	printk(KERN_ALERT "Unable to handle kernel paging request at virtual address %08lx\n",
70168dfa SR	48	address);
1da177e4 LT	49	}
	50	printk(KERN_ALERT "tsk->{mm,active_mm}->context = %08lx\n",
	51	(tsk->mm ? tsk->mm->context : tsk->active_mm->context));
	52	printk(KERN_ALERT "tsk->{mm,active_mm}->pgd = %08lx\n",
	53	(tsk->mm ? (unsigned long) tsk->mm->pgd :
70168dfa	54	(unsigned long) tsk->active_mm->pgd));
1da177e4 LT	55	die_if_kernel("Oops", regs);
	56	}
	57
70168dfa	58	asmlinkage int lookup_fault(unsigned long pc, unsigned long ret_pc,
1da177e4 LT	59	unsigned long address)
	60	{
	61	struct pt_regs regs;
	62	unsigned long g2;
	63	unsigned int insn;
	64	int i;
70168dfa	65
1da177e4 LT	66	i = search_extables_range(ret_pc, &g2);
	67	switch (i) {
	68	case 3:
	69	/* load & store will be handled by fixup */
	70	return 3;
	71
	72	case 1:
	73	/* store will be handled by fixup, load will bump out */
	74	/* for _to_ macros */
	75	insn = ((unsigned int ) pc);
	76	if ((insn >> 21) & 1)
	77	return 1;
	78	break;
	79
	80	case 2:
	81	/* load will be handled by fixup, store will bump out */
	82	/* for _from_ macros */
	83	insn = ((unsigned int ) pc);
	84	if (!((insn >> 21) & 1) \|\| ((insn>>19)&0x3f) == 15)
70168dfa SR	85	return 2;
70168dfa SR	86	break;
1da177e4 LT	87
	88	default:
	89	break;
6cb79b3f	90	}
1da177e4	91
70168dfa	92	memset(&regs, 0, sizeof(regs));
1da177e4 LT	93	regs.pc = pc;
	94	regs.npc = pc + 4;
	95	__asm__ __volatile__(
	96	"rd %%psr, %0\n\t"
	97	"nop\n\t"
	98	"nop\n\t"
	99	"nop\n" : "=r" (regs.psr));
	100	unhandled_fault(address, current, &regs);
	101
	102	/* Not reached */
	103	return 0;
	104	}
	105
4b177647 DM	106	static inline void
	107	show_signal_msg(struct pt_regs *regs, int sig, int code,
	108	unsigned long address, struct task_struct *tsk)
	109	{
	110	if (!unhandled_signal(tsk, sig))
	111	return;
	112
	113	if (!printk_ratelimit())
	114	return;
	115
10a7e9d8	116	printk("%s%s[%d]: segfault at %lx ip %px (rpc %px) sp %px error %x",
4b177647 DM	117	task_pid_nr(tsk) > 1 ? KERN_INFO : KERN_EMERG,
	118	tsk->comm, task_pid_nr(tsk), address,
	119	(void )regs->pc, (void )regs->u_regs[UREG_I7],
	120	(void *)regs->u_regs[UREG_FP], code);
	121
	122	print_vma_addr(KERN_CONT " in ", regs->pc);
	123
	124	printk(KERN_CONT "\n");
	125	}
	126
	127	static void __do_fault_siginfo(int code, int sig, struct pt_regs *regs,
	128	unsigned long addr)
	129	{
	130	siginfo_t info;
	131
3eb0f519	132	clear_siginfo(&info);
4b177647 DM	133	info.si_signo = sig;
	134	info.si_code = code;
	135	info.si_errno = 0;
	136	info.si_addr = (void __user *) addr;
	137	info.si_trapno = 0;
	138
	139	if (unlikely(show_unhandled_signals))
	140	show_signal_msg(regs, sig, info.si_code,
	141	addr, current);
	142
	143	force_sig_info (sig, &info, current);
	144	}
	145
1da177e4 LT	146	static unsigned long compute_si_addr(struct pt_regs *regs, int text_fault)
	147	{
	148	unsigned int insn;
	149
	150	if (text_fault)
	151	return regs->pc;
	152
70168dfa	153	if (regs->psr & PSR_PS)
1da177e4	154	insn = (unsigned int ) regs->pc;
70168dfa	155	else
1da177e4	156	__get_user(insn, (unsigned int *) regs->pc);
1da177e4 LT	157
	158	return safe_compute_effective_address(regs, insn);
	159	}
	160
4b177647 DM	161	static noinline void do_fault_siginfo(int code, int sig, struct pt_regs *regs,
	162	int text_fault)
	163	{
	164	unsigned long addr = compute_si_addr(regs, text_fault);
	165
	166	__do_fault_siginfo(code, sig, regs, addr);
	167	}
	168
1da177e4 LT	169	asmlinkage void do_sparc_fault(struct pt_regs *regs, int text_fault, int write,
	170	unsigned long address)
	171	{
	172	struct vm_area_struct *vma;
	173	struct task_struct *tsk = current;
	174	struct mm_struct *mm = tsk->mm;
	175	unsigned int fixup;
	176	unsigned long g2;
1da177e4	177	int from_user = !(regs->psr & PSR_PS);
4b177647	178	int fault, code;
759496ba	179	unsigned int flags = FAULT_FLAG_ALLOW_RETRY \| FAULT_FLAG_KILLABLE;
1da177e4	180
70168dfa	181	if (text_fault)
1da177e4 LT	182	address = regs->pc;
	183
	184	/*
	185	* We fault-in kernel-space virtual memory on-demand. The
	186	* 'reference' page table is init_mm.pgd.
	187	*
	188	* NOTE! We MUST NOT take any locks for this case. We may
	189	* be in an interrupt or a critical region, and should
	190	* only copy the information from the master page table,
	191	* nothing more.
	192	*/
c816be7b	193	code = SEGV_MAPERR;
582a0bae	194	if (address >= TASK_SIZE)
1da177e4 LT	195	goto vmalloc_fault;
1da177e4 LT	196
1da177e4 LT	197	/*
	198	* If we're in an interrupt or have no user
	199	* context, we must not take the fault..
	200	*/
70ffdb93	201	if (pagefault_disabled() \|\| !mm)
70168dfa	202	goto no_context;
1da177e4	203
a8b0ca17	204	perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, address);
a084b667	205
c29554f5	206	retry:
1da177e4 LT	207	down_read(&mm->mmap_sem);
1da177e4 LT	208
70168dfa	209	if (!from_user && address >= PAGE_OFFSET)
1da177e4 LT	210	goto bad_area;
	211
	212	vma = find_vma(mm, address);
70168dfa	213	if (!vma)
1da177e4	214	goto bad_area;
70168dfa	215	if (vma->vm_start <= address)
1da177e4	216	goto good_area;
70168dfa	217	if (!(vma->vm_flags & VM_GROWSDOWN))
1da177e4	218	goto bad_area;
70168dfa	219	if (expand_stack(vma, address))
1da177e4 LT	220	goto bad_area;
	221	/*
	222	* Ok, we have a good vm_area for this memory access, so
	223	* we can handle it..
	224	*/
	225	good_area:
4b177647	226	code = SEGV_ACCERR;
70168dfa SR	227	if (write) {
70168dfa SR	228	if (!(vma->vm_flags & VM_WRITE))
1da177e4 LT	229	goto bad_area;
	230	} else {
	231	/* Allow reads even for write-only mappings */
70168dfa	232	if (!(vma->vm_flags & (VM_READ \| VM_EXEC)))
1da177e4 LT	233	goto bad_area;
	234	}
	235
759496ba JW	236	if (from_user)
	237	flags \|= FAULT_FLAG_USER;
	238	if (write)
	239	flags \|= FAULT_FLAG_WRITE;
	240
1da177e4 LT	241	/*
	242	* If for any reason at all we couldn't handle the fault,
	243	* make sure we exit gracefully rather than endlessly redo
	244	* the fault.
	245	*/
dcddffd4	246	fault = handle_mm_fault(vma, address, flags);
c29554f5 KC	247
	248	if ((fault & VM_FAULT_RETRY) && fatal_signal_pending(current))
	249	return;
	250
83c54070 NP	251	if (unlikely(fault & VM_FAULT_ERROR)) {
	252	if (fault & VM_FAULT_OOM)
	253	goto out_of_memory;
33692f27 LT	254	else if (fault & VM_FAULT_SIGSEGV)
33692f27 LT	255	goto bad_area;
83c54070 NP	256	else if (fault & VM_FAULT_SIGBUS)
	257	goto do_sigbus;
	258	BUG();
	259	}
c29554f5 KC	260
	261	if (flags & FAULT_FLAG_ALLOW_RETRY) {
	262	if (fault & VM_FAULT_MAJOR) {
	263	current->maj_flt++;
	264	perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS_MAJ,
	265	1, regs, address);
	266	} else {
	267	current->min_flt++;
	268	perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS_MIN,
	269	1, regs, address);
	270	}
	271	if (fault & VM_FAULT_RETRY) {
	272	flags &= ~FAULT_FLAG_ALLOW_RETRY;
45cac65b	273	flags \|= FAULT_FLAG_TRIED;
c29554f5 KC	274
	275	/* No need to up_read(&mm->mmap_sem) as we would
	276	* have already released it in __lock_page_or_retry
	277	* in mm/filemap.c.
	278	*/
	279
	280	goto retry;
	281	}
a084b667	282	}
c29554f5	283
1da177e4 LT	284	up_read(&mm->mmap_sem);
	285	return;
	286
	287	/*
	288	* Something tried to access memory that isn't in our memory map..
	289	* Fix it, but check if it's kernel or user first..
	290	*/
	291	bad_area:
	292	up_read(&mm->mmap_sem);
	293
	294	bad_area_nosemaphore:
	295	/* User mode accesses just cause a SIGSEGV */
4b177647 DM	296	if (from_user) {
4b177647 DM	297	do_fault_siginfo(code, SIGSEGV, regs, text_fault);
1da177e4 LT	298	return;
	299	}
	300
	301	/* Is this in ex_table? */
	302	no_context:
	303	g2 = regs->u_regs[UREG_G2];
0157141a SR	304	if (!from_user) {
0157141a SR	305	fixup = search_extables_range(regs->pc, &g2);
70168dfa SR	306	/* Values below 10 are reserved for other things */
70168dfa SR	307	if (fixup > 10) {
9ef595d8 JP	308	extern const unsigned int __memset_start[];
	309	extern const unsigned int __memset_end[];
	310	extern const unsigned int __csum_partial_copy_start[];
	311	extern const unsigned int __csum_partial_copy_end[];
1da177e4 LT	312
1da177e4 LT	313	#ifdef DEBUG_EXCEPTIONS
70168dfa SR	314	printk("Exception: PC<%08lx> faddr<%08lx>\n",
70168dfa SR	315	regs->pc, address);
1da177e4 LT	316	printk("EX_TABLE: insn<%08lx> fixup<%08x> g2<%08lx>\n",
	317	regs->pc, fixup, g2);
	318	#endif
	319	if ((regs->pc >= (unsigned long)__memset_start &&
	320	regs->pc < (unsigned long)__memset_end) \|\|
	321	(regs->pc >= (unsigned long)__csum_partial_copy_start &&
	322	regs->pc < (unsigned long)__csum_partial_copy_end)) {
70168dfa	323	regs->u_regs[UREG_I4] = address;
1da177e4 LT	324	regs->u_regs[UREG_I5] = regs->pc;
	325	}
	326	regs->u_regs[UREG_G2] = g2;
	327	regs->pc = fixup;
	328	regs->npc = regs->pc + 4;
	329	return;
	330	}
	331	}
70168dfa SR	332
70168dfa SR	333	unhandled_fault(address, tsk, regs);
1da177e4 LT	334	do_exit(SIGKILL);
	335
	336	/*
	337	* We ran out of memory, or some other thing happened to us that made
	338	* us unable to handle the page fault gracefully.
	339	*/
	340	out_of_memory:
	341	up_read(&mm->mmap_sem);
a923c28f DM	342	if (from_user) {
	343	pagefault_out_of_memory();
	344	return;
	345	}
1da177e4 LT	346	goto no_context;
	347
	348	do_sigbus:
	349	up_read(&mm->mmap_sem);
4b177647	350	do_fault_siginfo(BUS_ADRERR, SIGBUS, regs, text_fault);
1da177e4 LT	351	if (!from_user)
	352	goto no_context;
	353
	354	vmalloc_fault:
	355	{
	356	/*
	357	* Synchronize this task's top level page-table
	358	* with the 'reference' page table.
	359	*/
	360	int offset = pgd_index(address);
	361	pgd_t pgd, pgd_k;
	362	pmd_t pmd, pmd_k;
	363
	364	pgd = tsk->active_mm->pgd + offset;
	365	pgd_k = init_mm.pgd + offset;
	366
	367	if (!pgd_present(*pgd)) {
	368	if (!pgd_present(*pgd_k))
	369	goto bad_area_nosemaphore;
	370	pgd_val(pgd) = pgd_val(pgd_k);
	371	return;
	372	}
	373
	374	pmd = pmd_offset(pgd, address);
	375	pmd_k = pmd_offset(pgd_k, address);
	376
	377	if (pmd_present(pmd) \|\| !pmd_present(pmd_k))
	378	goto bad_area_nosemaphore;
70168dfa	379
1da177e4 LT	380	pmd = pmd_k;
	381	return;
	382	}
	383	}
	384
1da177e4	385	/* This always deals with user addresses. */
50215d65	386	static void force_user_fault(unsigned long address, int write)
1da177e4 LT	387	{
	388	struct vm_area_struct *vma;
	389	struct task_struct *tsk = current;
	390	struct mm_struct *mm = tsk->mm;
759496ba	391	unsigned int flags = FAULT_FLAG_USER;
4b177647	392	int code;
1da177e4	393
4b177647	394	code = SEGV_MAPERR;
1da177e4	395
1da177e4 LT	396	down_read(&mm->mmap_sem);
1da177e4 LT	397	vma = find_vma(mm, address);
70168dfa	398	if (!vma)
1da177e4	399	goto bad_area;
70168dfa	400	if (vma->vm_start <= address)
1da177e4	401	goto good_area;
70168dfa	402	if (!(vma->vm_flags & VM_GROWSDOWN))
1da177e4	403	goto bad_area;
70168dfa	404	if (expand_stack(vma, address))
1da177e4 LT	405	goto bad_area;
1da177e4 LT	406	good_area:
4b177647	407	code = SEGV_ACCERR;
70168dfa SR	408	if (write) {
70168dfa SR	409	if (!(vma->vm_flags & VM_WRITE))
1da177e4	410	goto bad_area;
759496ba	411	flags \|= FAULT_FLAG_WRITE;
1da177e4	412	} else {
70168dfa	413	if (!(vma->vm_flags & (VM_READ \| VM_EXEC)))
1da177e4 LT	414	goto bad_area;
1da177e4 LT	415	}
dcddffd4	416	switch (handle_mm_fault(vma, address, flags)) {
1da177e4 LT	417	case VM_FAULT_SIGBUS:
	418	case VM_FAULT_OOM:
	419	goto do_sigbus;
	420	}
	421	up_read(&mm->mmap_sem);
	422	return;
	423	bad_area:
	424	up_read(&mm->mmap_sem);
4b177647	425	__do_fault_siginfo(code, SIGSEGV, tsk->thread.kregs, address);
1da177e4 LT	426	return;
	427
	428	do_sigbus:
	429	up_read(&mm->mmap_sem);
4b177647	430	__do_fault_siginfo(BUS_ADRERR, SIGBUS, tsk->thread.kregs, address);
1da177e4 LT	431	}
1da177e4 LT	432
9088333e DM	433	static void check_stack_aligned(unsigned long sp)
	434	{
	435	if (sp & 0x7UL)
	436	force_sig(SIGILL, current);
	437	}
	438
1da177e4 LT	439	void window_overflow_fault(void)
	440	{
	441	unsigned long sp;
	442
	443	sp = current_thread_info()->rwbuf_stkptrs[0];
70168dfa	444	if (((sp + 0x38) & PAGE_MASK) != (sp & PAGE_MASK))
1da177e4 LT	445	force_user_fault(sp + 0x38, 1);
1da177e4 LT	446	force_user_fault(sp, 1);
9088333e DM	447
9088333e DM	448	check_stack_aligned(sp);
1da177e4 LT	449	}
	450
	451	void window_underflow_fault(unsigned long sp)
	452	{
70168dfa	453	if (((sp + 0x38) & PAGE_MASK) != (sp & PAGE_MASK))
1da177e4 LT	454	force_user_fault(sp + 0x38, 0);
1da177e4 LT	455	force_user_fault(sp, 0);
9088333e DM	456
9088333e DM	457	check_stack_aligned(sp);
1da177e4 LT	458	}
	459
	460	void window_ret_fault(struct pt_regs *regs)
	461	{
	462	unsigned long sp;
	463
	464	sp = regs->u_regs[UREG_FP];
70168dfa	465	if (((sp + 0x38) & PAGE_MASK) != (sp & PAGE_MASK))
1da177e4 LT	466	force_user_fault(sp + 0x38, 0);
1da177e4 LT	467	force_user_fault(sp, 0);
9088333e DM	468
9088333e DM	469	check_stack_aligned(sp);
1da177e4	470	}