2 * linux/arch/x86_64/entry.S
4 * Copyright (C) 1991, 1992 Linus Torvalds
5 * Copyright (C) 2000, 2001, 2002 Andi Kleen SuSE Labs
6 * Copyright (C) 2000 Pavel Machek <pavel@suse.cz>
10 * entry.S contains the system-call and fault low-level handling routines.
12 * Some of this is documented in Documentation/x86/entry_64.txt
14 * NOTE: This code handles signal-recognition, which happens every time
15 * after an interrupt and after each system call.
17 * A note on terminology:
18 * - top of stack: Architecture defined interrupt frame from SS to RIP
19 * at the top of the kernel process stack.
20 * - partial stack frame: partially saved registers up to R11.
21 * - full stack frame: Like partial stack frame, but all register saved.
24 * - CFI macros are used to generate dwarf2 unwind information for better
25 * backtraces. They don't change any code.
26 * - ENTRY/END Define functions in the symbol table.
27 * - FIXUP_TOP_OF_STACK/RESTORE_TOP_OF_STACK - Fix up the hardware stack
28 * frame that is otherwise undefined after a SYSCALL
29 * - TRACE_IRQ_* - Trace hard interrupt state for lock debugging.
30 * - idtentry - Define exception entry points.
33 #include <linux/linkage.h>
34 #include <asm/segment.h>
35 #include <asm/cache.h>
36 #include <asm/errno.h>
37 #include <asm/dwarf2.h>
38 #include <asm/calling.h>
39 #include <asm/asm-offsets.h>
41 #include <asm/unistd.h>
42 #include <asm/thread_info.h>
43 #include <asm/hw_irq.h>
44 #include <asm/page_types.h>
45 #include <asm/irqflags.h>
46 #include <asm/paravirt.h>
47 #include <asm/percpu.h>
49 #include <asm/context_tracking.h>
51 #include <asm/pgtable_types.h>
52 #include <linux/err.h>
54 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this. */
55 #include <linux/elf-em.h>
56 #define AUDIT_ARCH_X86_64 (EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
57 #define __AUDIT_ARCH_64BIT 0x80000000
58 #define __AUDIT_ARCH_LE 0x40000000
61 .section .entry.text, "ax"
64 #ifndef CONFIG_PREEMPT
65 #define retint_kernel retint_restore_args
68 #ifdef CONFIG_PARAVIRT
69 ENTRY(native_usergs_sysret64)
72 ENDPROC(native_usergs_sysret64)
73 #endif /* CONFIG_PARAVIRT */
76 .macro TRACE_IRQS_IRETQ
77 #ifdef CONFIG_TRACE_IRQFLAGS
78 bt $9,EFLAGS(%rsp) /* interrupts off? */
86 * When dynamic function tracer is enabled it will add a breakpoint
87 * to all locations that it is about to modify, sync CPUs, update
88 * all the code, sync CPUs, then remove the breakpoints. In this time
89 * if lockdep is enabled, it might jump back into the debug handler
90 * outside the updating of the IST protection. (TRACE_IRQS_ON/OFF).
92 * We need to change the IDT table before calling TRACE_IRQS_ON/OFF to
93 * make sure the stack pointer does not get reset back to the top
94 * of the debug stack, and instead just reuses the current stack.
96 #if defined(CONFIG_DYNAMIC_FTRACE) && defined(CONFIG_TRACE_IRQFLAGS)
98 .macro TRACE_IRQS_OFF_DEBUG
99 call debug_stack_set_zero
101 call debug_stack_reset
104 .macro TRACE_IRQS_ON_DEBUG
105 call debug_stack_set_zero
107 call debug_stack_reset
110 .macro TRACE_IRQS_IRETQ_DEBUG
111 bt $9,EFLAGS(%rsp) /* interrupts off? */
118 # define TRACE_IRQS_OFF_DEBUG TRACE_IRQS_OFF
119 # define TRACE_IRQS_ON_DEBUG TRACE_IRQS_ON
120 # define TRACE_IRQS_IRETQ_DEBUG TRACE_IRQS_IRETQ
124 * C code is not supposed to know about undefined top of stack. Every time
125 * a C function with an pt_regs argument is called from the SYSCALL based
126 * fast path FIXUP_TOP_OF_STACK is needed.
127 * RESTORE_TOP_OF_STACK syncs the syscall state after any possible ptregs
131 /* %rsp:at FRAMEEND */
132 .macro FIXUP_TOP_OF_STACK tmp offset=0
133 movq PER_CPU_VAR(old_rsp),\tmp
134 movq \tmp,RSP+\offset(%rsp)
135 movq $__USER_DS,SS+\offset(%rsp)
136 movq $__USER_CS,CS+\offset(%rsp)
137 movq RIP+\offset(%rsp),\tmp /* get rip */
138 movq \tmp,RCX+\offset(%rsp) /* copy it to rcx as sysret would do */
139 movq R11+\offset(%rsp),\tmp /* get eflags */
140 movq \tmp,EFLAGS+\offset(%rsp)
143 .macro RESTORE_TOP_OF_STACK tmp offset=0
144 movq RSP+\offset(%rsp),\tmp
145 movq \tmp,PER_CPU_VAR(old_rsp)
146 movq EFLAGS+\offset(%rsp),\tmp
147 movq \tmp,R11+\offset(%rsp)
153 .macro EMPTY_FRAME start=1 offset=0
157 CFI_DEF_CFA rsp,8+\offset
159 CFI_DEF_CFA_OFFSET 8+\offset
164 * initial frame state for interrupts (and exceptions without error code)
166 .macro INTR_FRAME start=1 offset=0
167 EMPTY_FRAME \start, 5*8+\offset
168 /*CFI_REL_OFFSET ss, 4*8+\offset*/
169 CFI_REL_OFFSET rsp, 3*8+\offset
170 /*CFI_REL_OFFSET rflags, 2*8+\offset*/
171 /*CFI_REL_OFFSET cs, 1*8+\offset*/
172 CFI_REL_OFFSET rip, 0*8+\offset
176 * initial frame state for exceptions with error code (and interrupts
177 * with vector already pushed)
179 .macro XCPT_FRAME start=1 offset=0
180 INTR_FRAME \start, 1*8+\offset
184 * frame that enables passing a complete pt_regs to a C function.
186 .macro DEFAULT_FRAME start=1 offset=0
187 XCPT_FRAME \start, ORIG_RAX+\offset
188 CFI_REL_OFFSET rdi, RDI+\offset
189 CFI_REL_OFFSET rsi, RSI+\offset
190 CFI_REL_OFFSET rdx, RDX+\offset
191 CFI_REL_OFFSET rcx, RCX+\offset
192 CFI_REL_OFFSET rax, RAX+\offset
193 CFI_REL_OFFSET r8, R8+\offset
194 CFI_REL_OFFSET r9, R9+\offset
195 CFI_REL_OFFSET r10, R10+\offset
196 CFI_REL_OFFSET r11, R11+\offset
197 CFI_REL_OFFSET rbx, RBX+\offset
198 CFI_REL_OFFSET rbp, RBP+\offset
199 CFI_REL_OFFSET r12, R12+\offset
200 CFI_REL_OFFSET r13, R13+\offset
201 CFI_REL_OFFSET r14, R14+\offset
202 CFI_REL_OFFSET r15, R15+\offset
206 * 64bit SYSCALL instruction entry. Up to 6 arguments in registers.
208 * 64bit SYSCALL saves rip to rcx, clears rflags.RF, then saves rflags to r11,
209 * then loads new ss, cs, and rip from previously programmed MSRs.
210 * rflags gets masked by a value from another MSR (so CLD and CLAC
211 * are not needed). SYSCALL does not save anything on the stack
212 * and does not change rsp.
214 * Registers on entry:
215 * rax system call number
217 * r11 saved rflags (note: r11 is callee-clobbered register in C ABI)
221 * r10 arg3 (needs to be moved to rcx to conform to C ABI)
224 * (note: r12-r15,rbp,rbx are callee-preserved in C ABI)
226 * Interrupts are off on entry.
227 * Only called from user space.
229 * XXX if we had a free scratch register we could save the RSP into the stack frame
230 * and report it properly in ps. Unfortunately we haven't.
232 * When user can change the frames always force IRET. That is because
233 * it deals with uncanonical addresses better. SYSRET has trouble
234 * with them due to bugs in both AMD and Intel CPUs.
240 CFI_DEF_CFA rsp,KERNEL_STACK_OFFSET
242 /*CFI_REGISTER rflags,r11*/
245 * A hypervisor implementation might want to use a label
246 * after the swapgs, so that it can do the swapgs
247 * for the guest and jump here on syscall.
249 GLOBAL(system_call_after_swapgs)
251 movq %rsp,PER_CPU_VAR(old_rsp)
252 /* kernel_stack is set so that 5 slots (iret frame) are preallocated */
253 movq PER_CPU_VAR(kernel_stack),%rsp
255 * No need to follow this irqs off/on section - it's straight
258 ENABLE_INTERRUPTS(CLBR_NONE)
259 ALLOC_PT_GPREGS_ON_STACK 8 /* +8: space for orig_ax */
260 SAVE_C_REGS_EXCEPT_RAX_RCX
261 movq $-ENOSYS,RAX(%rsp)
262 movq_cfi rax,ORIG_RAX
264 CFI_REL_OFFSET rip,RIP
265 testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags+THREAD_INFO(%rsp,RIP)
267 system_call_fastpath:
268 #if __SYSCALL_MASK == ~0
269 cmpq $__NR_syscall_max,%rax
271 andl $__SYSCALL_MASK,%eax
272 cmpl $__NR_syscall_max,%eax
274 ja ret_from_sys_call /* and return regs->ax */
276 call *sys_call_table(,%rax,8) # XXX: rip relative
279 * Syscall return path ending with SYSRET (fast path)
280 * Has incomplete stack frame and undefined top of stack.
283 testl $_TIF_ALLWORK_MASK,TI_flags+THREAD_INFO(%rsp,RIP)
284 jnz int_ret_from_sys_call_fixup /* Go the the slow path */
287 DISABLE_INTERRUPTS(CLBR_NONE)
291 * sysretq will re-enable interrupts:
294 RESTORE_C_REGS_EXCEPT_RCX
297 /*CFI_REGISTER rflags,r11*/
298 movq PER_CPU_VAR(old_rsp), %rsp
300 * 64bit SYSRET restores rip from rcx,
301 * rflags from r11 (but RF and VM bits are forced to 0),
302 * cs and ss are loaded from MSRs.
308 int_ret_from_sys_call_fixup:
309 FIXUP_TOP_OF_STACK %r11
310 jmp int_ret_from_sys_call
312 /* Do syscall tracing */
315 movq $AUDIT_ARCH_X86_64, %rsi
316 call syscall_trace_enter_phase1
318 jnz tracesys_phase2 /* if needed, run the slow path */
319 RESTORE_C_REGS_EXCEPT_RAX /* else restore clobbered regs */
320 movq ORIG_RAX(%rsp), %rax
321 jmp system_call_fastpath /* and return to the fast path */
325 FIXUP_TOP_OF_STACK %rdi
327 movq $AUDIT_ARCH_X86_64, %rsi
329 call syscall_trace_enter_phase2
332 * Reload registers from stack in case ptrace changed them.
333 * We don't reload %rax because syscall_trace_entry_phase2() returned
334 * the value it wants us to use in the table lookup.
336 RESTORE_C_REGS_EXCEPT_RAX
338 #if __SYSCALL_MASK == ~0
339 cmpq $__NR_syscall_max,%rax
341 andl $__SYSCALL_MASK,%eax
342 cmpl $__NR_syscall_max,%eax
344 ja int_ret_from_sys_call /* RAX(%rsp) is already set */
345 movq %r10,%rcx /* fixup for C */
346 call *sys_call_table(,%rax,8)
348 /* Use IRET because user could have changed frame */
351 * Syscall return path ending with IRET.
352 * Has correct top of stack, but partial stack frame.
354 GLOBAL(int_ret_from_sys_call)
355 DISABLE_INTERRUPTS(CLBR_NONE)
357 movl $_TIF_ALLWORK_MASK,%edi
358 /* edi: mask to check */
359 GLOBAL(int_with_check)
361 GET_THREAD_INFO(%rcx)
362 movl TI_flags(%rcx),%edx
365 andl $~TS_COMPAT,TI_status(%rcx)
368 /* Either reschedule or signal or syscall exit tracking needed. */
369 /* First do a reschedule test. */
370 /* edx: work, edi: workmask */
372 bt $TIF_NEED_RESCHED,%edx
375 ENABLE_INTERRUPTS(CLBR_NONE)
379 DISABLE_INTERRUPTS(CLBR_NONE)
383 /* handle signals and tracing -- both require a full stack frame */
386 ENABLE_INTERRUPTS(CLBR_NONE)
388 /* Check for syscall exit trace */
389 testl $_TIF_WORK_SYSCALL_EXIT,%edx
392 leaq 8(%rsp),%rdi # &ptregs -> arg1
393 call syscall_trace_leave
395 andl $~(_TIF_WORK_SYSCALL_EXIT|_TIF_SYSCALL_EMU),%edi
399 testl $_TIF_DO_NOTIFY_MASK,%edx
401 movq %rsp,%rdi # &ptregs -> arg1
402 xorl %esi,%esi # oldset -> arg2
403 call do_notify_resume
404 1: movl $_TIF_WORK_MASK,%edi
407 DISABLE_INTERRUPTS(CLBR_NONE)
413 .macro FORK_LIKE func
416 DEFAULT_FRAME 0, 8 /* offset 8: return address */
418 FIXUP_TOP_OF_STACK %r11, 8
420 RESTORE_TOP_OF_STACK %r11, 8
426 .macro FIXED_FRAME label,func
429 DEFAULT_FRAME 0, 8 /* offset 8: return address */
430 FIXUP_TOP_OF_STACK %r11, 8
432 RESTORE_TOP_OF_STACK %r11, 8
441 FIXED_FRAME stub_iopl, sys_iopl
448 FIXUP_TOP_OF_STACK %r11
452 jmp int_ret_from_sys_call
461 FIXUP_TOP_OF_STACK %r11
463 RESTORE_TOP_OF_STACK %r11
466 jmp int_ret_from_sys_call
471 * sigreturn is special because it needs to restore all registers on return.
472 * This cannot be done with SYSRET, so use the IRET return path instead.
474 ENTRY(stub_rt_sigreturn)
479 FIXUP_TOP_OF_STACK %r11
480 call sys_rt_sigreturn
481 movq %rax,RAX(%rsp) # fixme, this could be done at the higher layer
483 jmp int_ret_from_sys_call
485 END(stub_rt_sigreturn)
487 #ifdef CONFIG_X86_X32_ABI
488 ENTRY(stub_x32_rt_sigreturn)
493 FIXUP_TOP_OF_STACK %r11
494 call sys32_x32_rt_sigreturn
495 movq %rax,RAX(%rsp) # fixme, this could be done at the higher layer
497 jmp int_ret_from_sys_call
499 END(stub_x32_rt_sigreturn)
501 ENTRY(stub_x32_execve)
506 FIXUP_TOP_OF_STACK %r11
507 call compat_sys_execve
508 RESTORE_TOP_OF_STACK %r11
511 jmp int_ret_from_sys_call
515 ENTRY(stub_x32_execveat)
520 FIXUP_TOP_OF_STACK %r11
521 call compat_sys_execveat
522 RESTORE_TOP_OF_STACK %r11
525 jmp int_ret_from_sys_call
527 END(stub_x32_execveat)
532 * A newly forked process directly context switches into this address.
534 * rdi: prev task we switched from
539 LOCK ; btr $TIF_FORK,TI_flags(%r8)
542 popfq_cfi # reset kernel eflags
544 call schedule_tail # rdi: 'prev' task parameter
546 GET_THREAD_INFO(%rcx)
550 testl $3,CS(%rsp) # from kernel_thread?
554 * By the time we get here, we have no idea whether our pt_regs,
555 * ti flags, and ti status came from the 64-bit SYSCALL fast path,
556 * the slow path, or one of the ia32entry paths.
557 * Use int_ret_from_sys_call to return, since it can safely handle
560 jmp int_ret_from_sys_call
567 jmp int_ret_from_sys_call
572 * Build the entry stubs and pointer table with some assembler magic.
573 * We pack 7 stubs into a single 32-byte chunk, which will fit in a
574 * single cache line on all modern x86 implementations.
576 .section .init.rodata,"a"
580 .p2align CONFIG_X86_L1_CACHE_SHIFT
581 ENTRY(irq_entries_start)
583 vector=FIRST_EXTERNAL_VECTOR
584 .rept (FIRST_SYSTEM_VECTOR-FIRST_EXTERNAL_VECTOR+6)/7
587 .if vector < FIRST_SYSTEM_VECTOR
588 .if vector <> FIRST_EXTERNAL_VECTOR
589 CFI_ADJUST_CFA_OFFSET -8
591 1: pushq_cfi $(~vector+0x80) /* Note: always in signed byte range */
592 .if ((vector-FIRST_EXTERNAL_VECTOR)%7) <> 6
601 2: jmp common_interrupt
604 END(irq_entries_start)
611 * Interrupt entry/exit.
613 * Interrupt entry points save only callee clobbered registers in fast path.
615 * Entry runs with interrupts off.
618 /* 0(%rsp): ~(interrupt number) */
619 .macro interrupt func
622 * Since nothing in interrupt handling code touches r12...r15 members
623 * of "struct pt_regs", and since interrupts can nest, we can save
624 * four stack slots and simultaneously provide
625 * an unwind-friendly stack layout by saving "truncated" pt_regs
626 * exactly up to rbp slot, without these members.
628 ALLOC_PT_GPREGS_ON_STACK -RBP
630 /* this goes to 0(%rsp) for unwinder, not for saving the value: */
631 SAVE_EXTRA_REGS_RBP -RBP
633 leaq -RBP(%rsp),%rdi /* arg1 for \func (pointer to pt_regs) */
635 testl $3, CS-RBP(%rsp)
640 * Save previous stack pointer, optionally switch to interrupt stack.
641 * irq_count is used to check if a CPU is already on an interrupt stack
642 * or not. While this is essentially redundant with preempt_count it is
643 * a little cheaper to use a separate counter in the PDA (short of
644 * moving irq_enter into assembly, which would be too much work)
647 incl PER_CPU_VAR(irq_count)
648 cmovzq PER_CPU_VAR(irq_stack_ptr),%rsp
649 CFI_DEF_CFA_REGISTER rsi
653 * "CFA (Current Frame Address) is the value on stack + offset"
655 CFI_ESCAPE 0x0f /* DW_CFA_def_cfa_expression */, 6, \
656 0x77 /* DW_OP_breg7 (rsp) */, 0, \
657 0x06 /* DW_OP_deref */, \
658 0x08 /* DW_OP_const1u */, SIZEOF_PTREGS-RBP, \
659 0x22 /* DW_OP_plus */
660 /* We entered an interrupt context - irqs are off: */
667 * The interrupt stubs push (~vector+0x80) onto the stack and
668 * then jump to common_interrupt.
670 .p2align CONFIG_X86_L1_CACHE_SHIFT
674 addq $-0x80,(%rsp) /* Adjust vector to [-256,-1] range */
676 /* 0(%rsp): old_rsp */
678 DISABLE_INTERRUPTS(CLBR_NONE)
680 decl PER_CPU_VAR(irq_count)
682 /* Restore saved previous stack */
684 CFI_DEF_CFA rsi,SIZEOF_PTREGS-RBP /* reg/off reset after def_cfa_expr */
685 /* return code expects complete pt_regs - adjust rsp accordingly: */
687 CFI_DEF_CFA_REGISTER rsp
688 CFI_ADJUST_CFA_OFFSET RBP
691 GET_THREAD_INFO(%rcx)
695 /* Interrupt came from user space */
697 * Has a correct top of stack.
698 * %rcx: thread info. Interrupts off.
700 retint_with_reschedule:
701 movl $_TIF_WORK_MASK,%edi
704 movl TI_flags(%rcx),%edx
709 retint_swapgs: /* return to user-space */
711 * The iretq could re-enable interrupts:
713 DISABLE_INTERRUPTS(CLBR_ANY)
717 * Try to use SYSRET instead of IRET if we're returning to
718 * a completely clean 64-bit userspace context.
721 cmpq %rcx,RIP(%rsp) /* RCX == RIP */
722 jne opportunistic_sysret_failed
725 * On Intel CPUs, sysret with non-canonical RCX/RIP will #GP
726 * in kernel space. This essentially lets the user take over
727 * the kernel, since userspace controls RSP. It's not worth
728 * testing for canonicalness exactly -- this check detects any
729 * of the 17 high bits set, which is true for non-canonical
730 * or kernel addresses. (This will pessimize vsyscall=native.
733 * If virtual addresses ever become wider, this will need
734 * to be updated to remain correct on both old and new CPUs.
736 .ifne __VIRTUAL_MASK_SHIFT - 47
737 .error "virtual address width changed -- sysret checks need update"
739 shr $__VIRTUAL_MASK_SHIFT, %rcx
740 jnz opportunistic_sysret_failed
742 cmpq $__USER_CS,CS(%rsp) /* CS must match SYSRET */
743 jne opportunistic_sysret_failed
746 cmpq %r11,EFLAGS(%rsp) /* R11 == RFLAGS */
747 jne opportunistic_sysret_failed
749 testq $X86_EFLAGS_RF,%r11 /* sysret can't restore RF */
750 jnz opportunistic_sysret_failed
752 /* nothing to check for RSP */
754 cmpq $__USER_DS,SS(%rsp) /* SS must match SYSRET */
755 jne opportunistic_sysret_failed
758 * We win! This label is here just for ease of understanding
759 * perf profiles. Nothing jumps here.
761 irq_return_via_sysret:
763 /* r11 is already restored (see code above) */
764 RESTORE_C_REGS_EXCEPT_R11
769 opportunistic_sysret_failed:
773 retint_restore_args: /* return to kernel space */
774 DISABLE_INTERRUPTS(CLBR_ANY)
776 * The iretq could re-enable interrupts:
781 REMOVE_PT_GPREGS_FROM_STACK 8
788 * Are we returning to a stack segment from the LDT? Note: in
789 * 64-bit mode SS:RSP on the exception stack is always valid.
791 #ifdef CONFIG_X86_ESPFIX64
792 testb $4,(SS-RIP)(%rsp)
793 jnz native_irq_return_ldt
796 .global native_irq_return_iret
797 native_irq_return_iret:
799 * This may fault. Non-paranoid faults on return to userspace are
800 * handled by fixup_bad_iret. These include #SS, #GP, and #NP.
801 * Double-faults due to espfix64 are handled in do_double_fault.
802 * Other faults here are fatal.
806 #ifdef CONFIG_X86_ESPFIX64
807 native_irq_return_ldt:
811 movq PER_CPU_VAR(espfix_waddr),%rdi
812 movq %rax,(0*8)(%rdi) /* RAX */
813 movq (2*8)(%rsp),%rax /* RIP */
814 movq %rax,(1*8)(%rdi)
815 movq (3*8)(%rsp),%rax /* CS */
816 movq %rax,(2*8)(%rdi)
817 movq (4*8)(%rsp),%rax /* RFLAGS */
818 movq %rax,(3*8)(%rdi)
819 movq (6*8)(%rsp),%rax /* SS */
820 movq %rax,(5*8)(%rdi)
821 movq (5*8)(%rsp),%rax /* RSP */
822 movq %rax,(4*8)(%rdi)
823 andl $0xffff0000,%eax
825 orq PER_CPU_VAR(espfix_stack),%rax
829 jmp native_irq_return_iret
832 /* edi: workmask, edx: work */
835 bt $TIF_NEED_RESCHED,%edx
838 ENABLE_INTERRUPTS(CLBR_NONE)
842 GET_THREAD_INFO(%rcx)
843 DISABLE_INTERRUPTS(CLBR_NONE)
848 testl $_TIF_DO_NOTIFY_MASK,%edx
851 ENABLE_INTERRUPTS(CLBR_NONE)
853 movq $-1,ORIG_RAX(%rsp)
854 xorl %esi,%esi # oldset
855 movq %rsp,%rdi # &pt_regs
856 call do_notify_resume
858 DISABLE_INTERRUPTS(CLBR_NONE)
860 GET_THREAD_INFO(%rcx)
861 jmp retint_with_reschedule
863 #ifdef CONFIG_PREEMPT
864 /* Returning to kernel space. Check if we need preemption */
865 /* rcx: threadinfo. interrupts off. */
867 cmpl $0,PER_CPU_VAR(__preempt_count)
868 jnz retint_restore_args
869 bt $9,EFLAGS(%rsp) /* interrupts off? */
870 jnc retint_restore_args
871 call preempt_schedule_irq
875 END(common_interrupt)
880 .macro apicinterrupt3 num sym do_sym
892 #ifdef CONFIG_TRACING
893 #define trace(sym) trace_##sym
894 #define smp_trace(sym) smp_trace_##sym
896 .macro trace_apicinterrupt num sym
897 apicinterrupt3 \num trace(\sym) smp_trace(\sym)
900 .macro trace_apicinterrupt num sym do_sym
904 .macro apicinterrupt num sym do_sym
905 apicinterrupt3 \num \sym \do_sym
906 trace_apicinterrupt \num \sym
910 apicinterrupt3 IRQ_MOVE_CLEANUP_VECTOR \
911 irq_move_cleanup_interrupt smp_irq_move_cleanup_interrupt
912 apicinterrupt3 REBOOT_VECTOR \
913 reboot_interrupt smp_reboot_interrupt
917 apicinterrupt3 UV_BAU_MESSAGE \
918 uv_bau_message_intr1 uv_bau_message_interrupt
920 apicinterrupt LOCAL_TIMER_VECTOR \
921 apic_timer_interrupt smp_apic_timer_interrupt
922 apicinterrupt X86_PLATFORM_IPI_VECTOR \
923 x86_platform_ipi smp_x86_platform_ipi
925 #ifdef CONFIG_HAVE_KVM
926 apicinterrupt3 POSTED_INTR_VECTOR \
927 kvm_posted_intr_ipi smp_kvm_posted_intr_ipi
930 #ifdef CONFIG_X86_MCE_THRESHOLD
931 apicinterrupt THRESHOLD_APIC_VECTOR \
932 threshold_interrupt smp_threshold_interrupt
935 #ifdef CONFIG_X86_THERMAL_VECTOR
936 apicinterrupt THERMAL_APIC_VECTOR \
937 thermal_interrupt smp_thermal_interrupt
941 apicinterrupt CALL_FUNCTION_SINGLE_VECTOR \
942 call_function_single_interrupt smp_call_function_single_interrupt
943 apicinterrupt CALL_FUNCTION_VECTOR \
944 call_function_interrupt smp_call_function_interrupt
945 apicinterrupt RESCHEDULE_VECTOR \
946 reschedule_interrupt smp_reschedule_interrupt
949 apicinterrupt ERROR_APIC_VECTOR \
950 error_interrupt smp_error_interrupt
951 apicinterrupt SPURIOUS_APIC_VECTOR \
952 spurious_interrupt smp_spurious_interrupt
954 #ifdef CONFIG_IRQ_WORK
955 apicinterrupt IRQ_WORK_VECTOR \
956 irq_work_interrupt smp_irq_work_interrupt
960 * Exception entry points.
962 #define INIT_TSS_IST(x) PER_CPU_VAR(cpu_tss) + (TSS_ist + ((x) - 1) * 8)
964 .macro idtentry sym do_sym has_error_code:req paranoid=0 shift_ist=-1
967 .if \shift_ist != -1 && \paranoid == 0
968 .error "using shift_ist requires paranoid=1"
978 PARAVIRT_ADJUST_EXCEPTION_FRAME
980 .ifeq \has_error_code
981 pushq_cfi $-1 /* ORIG_RAX: no syscall to restart */
984 ALLOC_PT_GPREGS_ON_STACK
989 testl $3, CS(%rsp) /* If coming from userspace, switch */
996 /* returned flag: ebx=0: need swapgs on exit, ebx=1: don't need it */
1001 .if \shift_ist != -1
1002 TRACE_IRQS_OFF_DEBUG /* reload IDT in case of recursion */
1008 movq %rsp,%rdi /* pt_regs pointer */
1011 movq ORIG_RAX(%rsp),%rsi /* get error code */
1012 movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
1014 xorl %esi,%esi /* no error code */
1017 .if \shift_ist != -1
1018 subq $EXCEPTION_STKSZ, INIT_TSS_IST(\shift_ist)
1023 .if \shift_ist != -1
1024 addq $EXCEPTION_STKSZ, INIT_TSS_IST(\shift_ist)
1027 /* these procedures expect "no swapgs" flag in ebx */
1037 * Paranoid entry from userspace. Switch stacks and treat it
1038 * as a normal entry. This means that paranoid handlers
1039 * run in real process context if user_mode(regs).
1046 movq %rsp,%rdi /* pt_regs pointer */
1048 movq %rax,%rsp /* switch stack */
1050 movq %rsp,%rdi /* pt_regs pointer */
1053 movq ORIG_RAX(%rsp),%rsi /* get error code */
1054 movq $-1,ORIG_RAX(%rsp) /* no syscall to restart */
1056 xorl %esi,%esi /* no error code */
1061 jmp error_exit /* %ebx: no swapgs flag */
1068 #ifdef CONFIG_TRACING
1069 .macro trace_idtentry sym do_sym has_error_code:req
1070 idtentry trace(\sym) trace(\do_sym) has_error_code=\has_error_code
1071 idtentry \sym \do_sym has_error_code=\has_error_code
1074 .macro trace_idtentry sym do_sym has_error_code:req
1075 idtentry \sym \do_sym has_error_code=\has_error_code
1079 idtentry divide_error do_divide_error has_error_code=0
1080 idtentry overflow do_overflow has_error_code=0
1081 idtentry bounds do_bounds has_error_code=0
1082 idtentry invalid_op do_invalid_op has_error_code=0
1083 idtentry device_not_available do_device_not_available has_error_code=0
1084 idtentry double_fault do_double_fault has_error_code=1 paranoid=2
1085 idtentry coprocessor_segment_overrun do_coprocessor_segment_overrun has_error_code=0
1086 idtentry invalid_TSS do_invalid_TSS has_error_code=1
1087 idtentry segment_not_present do_segment_not_present has_error_code=1
1088 idtentry spurious_interrupt_bug do_spurious_interrupt_bug has_error_code=0
1089 idtentry coprocessor_error do_coprocessor_error has_error_code=0
1090 idtentry alignment_check do_alignment_check has_error_code=1
1091 idtentry simd_coprocessor_error do_simd_coprocessor_error has_error_code=0
1094 /* Reload gs selector with exception handling */
1095 /* edi: new selector */
1096 ENTRY(native_load_gs_index)
1099 DISABLE_INTERRUPTS(CLBR_ANY & ~CLBR_RDI)
1103 2: mfence /* workaround */
1108 END(native_load_gs_index)
1110 _ASM_EXTABLE(gs_change,bad_gs)
1111 .section .fixup,"ax"
1112 /* running with kernelgs */
1114 SWAPGS /* switch back to user gs */
1120 /* Call softirq on interrupt stack. Interrupts are off. */
1121 ENTRY(do_softirq_own_stack)
1124 CFI_REL_OFFSET rbp,0
1126 CFI_DEF_CFA_REGISTER rbp
1127 incl PER_CPU_VAR(irq_count)
1128 cmove PER_CPU_VAR(irq_stack_ptr),%rsp
1129 push %rbp # backlink for old unwinder
1133 CFI_DEF_CFA_REGISTER rsp
1134 CFI_ADJUST_CFA_OFFSET -8
1135 decl PER_CPU_VAR(irq_count)
1138 END(do_softirq_own_stack)
1141 idtentry xen_hypervisor_callback xen_do_hypervisor_callback has_error_code=0
1144 * A note on the "critical region" in our callback handler.
1145 * We want to avoid stacking callback handlers due to events occurring
1146 * during handling of the last event. To do this, we keep events disabled
1147 * until we've done all processing. HOWEVER, we must enable events before
1148 * popping the stack frame (can't be done atomically) and so it would still
1149 * be possible to get enough handler activations to overflow the stack.
1150 * Although unlikely, bugs of that kind are hard to track down, so we'd
1151 * like to avoid the possibility.
1152 * So, on entry to the handler we detect whether we interrupted an
1153 * existing activation in its critical region -- if so, we pop the current
1154 * activation and restart the handler using the previous one.
1156 ENTRY(xen_do_hypervisor_callback) # do_hypervisor_callback(struct *pt_regs)
1159 * Since we don't modify %rdi, evtchn_do_upall(struct *pt_regs) will
1160 * see the correct pointer to the pt_regs
1162 movq %rdi, %rsp # we don't return, adjust the stack frame
1165 11: incl PER_CPU_VAR(irq_count)
1167 CFI_DEF_CFA_REGISTER rbp
1168 cmovzq PER_CPU_VAR(irq_stack_ptr),%rsp
1169 pushq %rbp # backlink for old unwinder
1170 call xen_evtchn_do_upcall
1172 CFI_DEF_CFA_REGISTER rsp
1173 decl PER_CPU_VAR(irq_count)
1174 #ifndef CONFIG_PREEMPT
1175 call xen_maybe_preempt_hcall
1179 END(xen_do_hypervisor_callback)
1182 * Hypervisor uses this for application faults while it executes.
1183 * We get here for two reasons:
1184 * 1. Fault while reloading DS, ES, FS or GS
1185 * 2. Fault while executing IRET
1186 * Category 1 we do not need to fix up as Xen has already reloaded all segment
1187 * registers that could be reloaded and zeroed the others.
1188 * Category 2 we fix up by killing the current process. We cannot use the
1189 * normal Linux return path in this case because if we use the IRET hypercall
1190 * to pop the stack frame we end up in an infinite loop of failsafe callbacks.
1191 * We distinguish between categories by comparing each saved segment register
1192 * with its current contents: any discrepancy means we in category 1.
1194 ENTRY(xen_failsafe_callback)
1196 /*CFI_REL_OFFSET gs,GS*/
1197 /*CFI_REL_OFFSET fs,FS*/
1198 /*CFI_REL_OFFSET es,ES*/
1199 /*CFI_REL_OFFSET ds,DS*/
1200 CFI_REL_OFFSET r11,8
1201 CFI_REL_OFFSET rcx,0
1215 /* All segments match their saved values => Category 2 (Bad IRET). */
1221 CFI_ADJUST_CFA_OFFSET -0x30
1222 pushq_cfi $0 /* RIP */
1225 jmp general_protection
1227 1: /* Segment mismatch => Category 1 (Bad segment). Retry the IRET. */
1233 CFI_ADJUST_CFA_OFFSET -0x30
1234 pushq_cfi $-1 /* orig_ax = -1 => not a system call */
1235 ALLOC_PT_GPREGS_ON_STACK
1240 END(xen_failsafe_callback)
1242 apicinterrupt3 HYPERVISOR_CALLBACK_VECTOR \
1243 xen_hvm_callback_vector xen_evtchn_do_upcall
1245 #endif /* CONFIG_XEN */
1247 #if IS_ENABLED(CONFIG_HYPERV)
1248 apicinterrupt3 HYPERVISOR_CALLBACK_VECTOR \
1249 hyperv_callback_vector hyperv_vector_handler
1250 #endif /* CONFIG_HYPERV */
1252 idtentry debug do_debug has_error_code=0 paranoid=1 shift_ist=DEBUG_STACK
1253 idtentry int3 do_int3 has_error_code=0 paranoid=1 shift_ist=DEBUG_STACK
1254 idtentry stack_segment do_stack_segment has_error_code=1
1256 idtentry xen_debug do_debug has_error_code=0
1257 idtentry xen_int3 do_int3 has_error_code=0
1258 idtentry xen_stack_segment do_stack_segment has_error_code=1
1260 idtentry general_protection do_general_protection has_error_code=1
1261 trace_idtentry page_fault do_page_fault has_error_code=1
1262 #ifdef CONFIG_KVM_GUEST
1263 idtentry async_page_fault do_async_page_fault has_error_code=1
1265 #ifdef CONFIG_X86_MCE
1266 idtentry machine_check has_error_code=0 paranoid=1 do_sym=*machine_check_vector(%rip)
1270 * Save all registers in pt_regs, and switch gs if needed.
1271 * Use slow, but surefire "are we in kernel?" check.
1272 * Return: ebx=0: need swapgs on exit, ebx=1: otherwise
1274 ENTRY(paranoid_entry)
1280 movl $MSR_GS_BASE,%ecx
1283 js 1f /* negative -> in kernel */
1291 * "Paranoid" exit path from exception stack. This is invoked
1292 * only on return from non-NMI IST interrupts that came
1293 * from kernel space.
1295 * We may be returning to very strange contexts (e.g. very early
1296 * in syscall entry), so checking for preemption here would
1297 * be complicated. Fortunately, we there's no good reason
1298 * to try to handle preemption here.
1300 /* On entry, ebx is "no swapgs" flag (1: don't need swapgs, 0: need it) */
1301 ENTRY(paranoid_exit)
1303 DISABLE_INTERRUPTS(CLBR_NONE)
1304 TRACE_IRQS_OFF_DEBUG
1305 testl %ebx,%ebx /* swapgs needed? */
1306 jnz paranoid_exit_no_swapgs
1309 jmp paranoid_exit_restore
1310 paranoid_exit_no_swapgs:
1311 TRACE_IRQS_IRETQ_DEBUG
1312 paranoid_exit_restore:
1315 REMOVE_PT_GPREGS_FROM_STACK 8
1321 * Save all registers in pt_regs, and switch gs if needed.
1322 * Return: ebx=0: need swapgs on exit, ebx=1: otherwise
1331 je error_kernelspace
1339 * There are two places in the kernel that can potentially fault with
1340 * usergs. Handle them here. B stepping K8s sometimes report a
1341 * truncated RIP for IRET exceptions returning to compat mode. Check
1342 * for these here too.
1345 CFI_REL_OFFSET rcx, RCX+8
1347 leaq native_irq_return_iret(%rip),%rcx
1348 cmpq %rcx,RIP+8(%rsp)
1350 movl %ecx,%eax /* zero extend */
1351 cmpq %rax,RIP+8(%rsp)
1353 cmpq $gs_change,RIP+8(%rsp)
1358 /* Fix truncated RIP */
1359 movq %rcx,RIP+8(%rsp)
1367 decl %ebx /* Return to usergs */
1373 /* On entry, ebx is "no swapgs" flag (1: don't need swapgs, 0: need it) */
1378 DISABLE_INTERRUPTS(CLBR_NONE)
1380 GET_THREAD_INFO(%rcx)
1383 LOCKDEP_SYS_EXIT_IRQ
1384 movl TI_flags(%rcx),%edx
1385 movl $_TIF_WORK_MASK,%edi
1393 * Test if a given stack is an NMI stack or not.
1395 .macro test_in_nmi reg stack nmi_ret normal_ret
1398 subq $EXCEPTION_STKSZ, %\reg
1404 /* runs on exception stack */
1407 PARAVIRT_ADJUST_EXCEPTION_FRAME
1409 * We allow breakpoints in NMIs. If a breakpoint occurs, then
1410 * the iretq it performs will take us out of NMI context.
1411 * This means that we can have nested NMIs where the next
1412 * NMI is using the top of the stack of the previous NMI. We
1413 * can't let it execute because the nested NMI will corrupt the
1414 * stack of the previous NMI. NMI handlers are not re-entrant
1417 * To handle this case we do the following:
1418 * Check the a special location on the stack that contains
1419 * a variable that is set when NMIs are executing.
1420 * The interrupted task's stack is also checked to see if it
1422 * If the variable is not set and the stack is not the NMI
1424 * o Set the special variable on the stack
1425 * o Copy the interrupt frame into a "saved" location on the stack
1426 * o Copy the interrupt frame into a "copy" location on the stack
1427 * o Continue processing the NMI
1428 * If the variable is set or the previous stack is the NMI stack:
1429 * o Modify the "copy" location to jump to the repeate_nmi
1430 * o return back to the first NMI
1432 * Now on exit of the first NMI, we first clear the stack variable
1433 * The NMI stack will tell any nested NMIs at that point that it is
1434 * nested. Then we pop the stack normally with iret, and if there was
1435 * a nested NMI that updated the copy interrupt stack frame, a
1436 * jump will be made to the repeat_nmi code that will handle the second
1440 /* Use %rdx as out temp variable throughout */
1442 CFI_REL_OFFSET rdx, 0
1445 * If %cs was not the kernel segment, then the NMI triggered in user
1446 * space, which means it is definitely not nested.
1448 cmpl $__KERNEL_CS, 16(%rsp)
1452 * Check the special variable on the stack to see if NMIs are
1459 * Now test if the previous stack was an NMI stack.
1460 * We need the double check. We check the NMI stack to satisfy the
1461 * race when the first NMI clears the variable before returning.
1462 * We check the variable because the first NMI could be in a
1463 * breakpoint routine using a breakpoint stack.
1466 test_in_nmi rdx, 4*8(%rsp), nested_nmi, first_nmi
1471 * Do nothing if we interrupted the fixup in repeat_nmi.
1472 * It's about to repeat the NMI handler, so we are fine
1473 * with ignoring this one.
1475 movq $repeat_nmi, %rdx
1478 movq $end_repeat_nmi, %rdx
1483 /* Set up the interrupted NMIs stack to jump to repeat_nmi */
1484 leaq -1*8(%rsp), %rdx
1486 CFI_ADJUST_CFA_OFFSET 1*8
1487 leaq -10*8(%rsp), %rdx
1488 pushq_cfi $__KERNEL_DS
1491 pushq_cfi $__KERNEL_CS
1492 pushq_cfi $repeat_nmi
1494 /* Put stack back */
1496 CFI_ADJUST_CFA_OFFSET -6*8
1502 /* No need to check faults here */
1508 * Because nested NMIs will use the pushed location that we
1509 * stored in rdx, we must keep that space available.
1510 * Here's what our stack frame will look like:
1511 * +-------------------------+
1513 * | original Return RSP |
1514 * | original RFLAGS |
1517 * +-------------------------+
1518 * | temp storage for rdx |
1519 * +-------------------------+
1520 * | NMI executing variable |
1521 * +-------------------------+
1523 * | copied Return RSP |
1527 * +-------------------------+
1529 * | Saved Return RSP |
1533 * +-------------------------+
1535 * +-------------------------+
1537 * The saved stack frame is used to fix up the copied stack frame
1538 * that a nested NMI may change to make the interrupted NMI iret jump
1539 * to the repeat_nmi. The original stack frame and the temp storage
1540 * is also used by nested NMIs and can not be trusted on exit.
1542 /* Do not pop rdx, nested NMIs will corrupt that part of the stack */
1546 /* Set the NMI executing variable on the stack. */
1550 * Leave room for the "copied" frame
1553 CFI_ADJUST_CFA_OFFSET 5*8
1555 /* Copy the stack frame to the Saved frame */
1557 pushq_cfi 11*8(%rsp)
1559 CFI_DEF_CFA_OFFSET 5*8
1561 /* Everything up to here is safe from nested NMIs */
1564 * If there was a nested NMI, the first NMI's iret will return
1565 * here. But NMIs are still enabled and we can take another
1566 * nested NMI. The nested NMI checks the interrupted RIP to see
1567 * if it is between repeat_nmi and end_repeat_nmi, and if so
1568 * it will just return, as we are about to repeat an NMI anyway.
1569 * This makes it safe to copy to the stack frame that a nested
1574 * Update the stack variable to say we are still in NMI (the update
1575 * is benign for the non-repeat case, where 1 was pushed just above
1576 * to this very stack slot).
1580 /* Make another copy, this one may be modified by nested NMIs */
1582 CFI_ADJUST_CFA_OFFSET -10*8
1584 pushq_cfi -6*8(%rsp)
1587 CFI_DEF_CFA_OFFSET 5*8
1591 * Everything below this point can be preempted by a nested
1592 * NMI if the first NMI took an exception and reset our iret stack
1593 * so that we repeat another NMI.
1595 pushq_cfi $-1 /* ORIG_RAX: no syscall to restart */
1596 ALLOC_PT_GPREGS_ON_STACK
1599 * Use paranoid_entry to handle SWAPGS, but no need to use paranoid_exit
1600 * as we should not be calling schedule in NMI context.
1601 * Even with normal interrupts enabled. An NMI should not be
1602 * setting NEED_RESCHED or anything that normal interrupts and
1603 * exceptions might do.
1609 * Save off the CR2 register. If we take a page fault in the NMI then
1610 * it could corrupt the CR2 value. If the NMI preempts a page fault
1611 * handler before it was able to read the CR2 register, and then the
1612 * NMI itself takes a page fault, the page fault that was preempted
1613 * will read the information from the NMI page fault and not the
1614 * origin fault. Save it off and restore it if it changes.
1615 * Use the r12 callee-saved register.
1619 /* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
1624 /* Did the NMI take a page fault? Restore cr2 if it did */
1631 testl %ebx,%ebx /* swapgs needed? */
1638 /* Pop the extra iret frame at once */
1639 REMOVE_PT_GPREGS_FROM_STACK 6*8
1641 /* Clear the NMI executing stack variable */
1647 ENTRY(ignore_sysret)