2 * Copyright (c) 2003 Peter Wemm.
3 * Copyright (c) 1993 The Regents of the University of California.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. Neither the name of the University nor the names of its contributors
15 * may be used to endorse or promote products derived from this software
16 * without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 #include <machine/asmacros.h>
36 #include <machine/specialreg.h>
37 #include <machine/pmap.h>
45 * void bzero(void *buf, u_int len)
67 movq $PAGE_SIZE/8,%rcx
83 * The loop takes 29 bytes. Ensure that it doesn't cross a 32-byte
88 movnti %rax,(%rdi,%rdx)
89 movnti %rax,8(%rdi,%rdx)
90 movnti %rax,16(%rdi,%rdx)
91 movnti %rax,24(%rdi,%rdx)
108 movzbl (%rdi,%rcx,1),%eax
109 movzbl (%rsi,%rcx,1),%r8d
142 * bcopy(src, dst, cnt)
144 * ws@tools.de (Wolfgang Solfrank, TooLs GmbH) +49-228-985800
153 cmpq %rcx,%rax /* overlapping && src < dst? */
156 shrq $3,%rcx /* copy by 64-bit words */
160 andq $7,%rcx /* any bytes left? */
168 addq %rcx,%rdi /* copy backwards */
172 andq $7,%rcx /* any fractional bytes? */
176 movq %rdx,%rcx /* copy remainder by 32-bit words */
188 * memmove(dst, src, cnt)
190 * Adapted from bcopy written by:
191 * ws@tools.de (Wolfgang Solfrank, TooLs GmbH) +49-228-985800
200 cmpq %rcx,%rax /* overlapping && src < dst? */
203 shrq $3,%rcx /* copy by 64-bit words */
207 andq $7,%rcx /* any bytes left? */
216 addq %rcx,%rdi /* copy backwards */
220 andq $7,%rcx /* any fractional bytes? */
224 movq %rdx,%rcx /* copy remainder by 32-bit words */
237 * memcpy(dst, src, len)
240 * Note: memcpy does not support overlapping copies
246 shrq $3,%rcx /* copy by 64-bit words */
250 andq $7,%rcx /* any bytes left? */
258 * memset(dst, c, len)
265 movabs $0x0101010101010101,%rax
280 * pagecopy(%rdi=from, %rsi=to)
284 movq $-PAGE_SIZE,%rax
289 prefetchnta (%rdi,%rax)
293 movq (%rdi,%rdx),%rax
294 movnti %rax,(%rsi,%rdx)
295 movq 8(%rdi,%rdx),%rax
296 movnti %rax,8(%rsi,%rdx)
297 movq 16(%rdi,%rdx),%rax
298 movnti %rax,16(%rsi,%rdx)
299 movq 24(%rdi,%rdx),%rax
300 movnti %rax,24(%rsi,%rdx)
308 /* fillw(pat, base, cnt) */
309 /* %rdi,%rsi, %rdx */
321 /*****************************************************************************/
322 /* copyout and fubyte family */
323 /*****************************************************************************/
325 * Access user memory from inside the kernel. These routines should be
326 * the only places that do this.
328 * These routines set curpcb->pcb_onfault for the time they execute. When a
329 * protection violation occurs inside the functions, the trap handler
330 * returns to *curpcb->pcb_onfault instead of the function.
334 * copyout(from_kernel, to_user, len)
339 movq PCPU(CURPCB),%rax
340 movq $copyout_fault,PCB_ONFAULT(%rax)
341 testq %rdx,%rdx /* anything to do? */
345 * Check explicitly for non-user addresses. This check is essential
346 * because it prevents usermode from writing into the kernel. We do
347 * not verify anywhere else that the user did not specify a rogue
351 * First, prevent address wrapping.
357 * XXX STOP USING VM_MAXUSER_ADDRESS.
358 * It is an end address, not a max, so every time it is used correctly it
359 * looks like there is an off by one error, and of course it caused an off
360 * by one error in several places.
362 movq $VM_MAXUSER_ADDRESS,%rcx
367 /* bcopy(%rsi, %rdi, %rdx) */
380 movq PCPU(CURPCB),%rdx
381 movq %rax,PCB_ONFAULT(%rdx)
387 movq PCPU(CURPCB),%rdx
388 movq $0,PCB_ONFAULT(%rdx)
395 * copyin(from_user, to_kernel, len)
400 movq PCPU(CURPCB),%rax
401 movq $copyin_fault,PCB_ONFAULT(%rax)
402 testq %rdx,%rdx /* anything to do? */
406 * make sure address is valid
411 movq $VM_MAXUSER_ADDRESS,%rcx
418 shrq $3,%rcx /* copy longword-wise */
422 andb $7,%cl /* copy remaining bytes */
428 movq PCPU(CURPCB),%rdx
429 movq %rax,PCB_ONFAULT(%rdx)
435 movq PCPU(CURPCB),%rdx
436 movq $0,PCB_ONFAULT(%rdx)
443 * casueword32. Compare and set user integer. Returns -1 on fault,
444 * 0 if access was successful. Old value is written to *oldp.
445 * dst = %rdi, old = %esi, oldp = %rdx, new = %ecx
449 movq PCPU(CURPCB),%r8
450 movq $fusufault,PCB_ONFAULT(%r8)
452 movq $VM_MAXUSER_ADDRESS-4,%rax
453 cmpq %rax,%rdi /* verify address is valid */
456 movl %esi,%eax /* old */
460 cmpxchgl %ecx,(%rdi) /* new = %ecx */
463 * The old value is in %eax. If the store succeeded it will be the
464 * value we expected (old) from before the store, otherwise it will
465 * be the current value. Save %eax into %esi to prepare the return
470 movq %rax,PCB_ONFAULT(%r8)
473 * Access the oldp after the pcb_onfault is cleared, to correctly
474 * catch corrupted pointer.
476 movl %esi,(%rdx) /* oldp = %rdx */
482 * casueword. Compare and set user long. Returns -1 on fault,
483 * 0 if access was successful. Old value is written to *oldp.
484 * dst = %rdi, old = %rsi, oldp = %rdx, new = %rcx
488 movq PCPU(CURPCB),%r8
489 movq $fusufault,PCB_ONFAULT(%r8)
491 movq $VM_MAXUSER_ADDRESS-4,%rax
492 cmpq %rax,%rdi /* verify address is valid */
495 movq %rsi,%rax /* old */
499 cmpxchgq %rcx,(%rdi) /* new = %rcx */
502 * The old value is in %rax. If the store succeeded it will be the
503 * value we expected (old) from before the store, otherwise it will
504 * be the current value.
508 movq %rax,PCB_ONFAULT(%r8)
515 * Fetch (load) a 64-bit word, a 32-bit word, a 16-bit word, or an 8-bit
516 * byte from user memory.
517 * addr = %rdi, valp = %rsi
523 movq PCPU(CURPCB),%rcx
524 movq $fusufault,PCB_ONFAULT(%rcx)
526 movq $VM_MAXUSER_ADDRESS-8,%rax
527 cmpq %rax,%rdi /* verify address is valid */
532 movq %rax,PCB_ONFAULT(%rcx)
541 movq PCPU(CURPCB),%rcx
542 movq $fusufault,PCB_ONFAULT(%rcx)
544 movq $VM_MAXUSER_ADDRESS-4,%rax
545 cmpq %rax,%rdi /* verify address is valid */
550 movq %rax,PCB_ONFAULT(%rcx)
558 movq PCPU(CURPCB),%rcx
559 movq $fusufault,PCB_ONFAULT(%rcx)
561 movq $VM_MAXUSER_ADDRESS-2,%rax
566 movq $0,PCB_ONFAULT(%rcx)
573 movq PCPU(CURPCB),%rcx
574 movq $fusufault,PCB_ONFAULT(%rcx)
576 movq $VM_MAXUSER_ADDRESS-1,%rax
581 movq $0,PCB_ONFAULT(%rcx)
588 movq PCPU(CURPCB),%rcx
590 movq %rax,PCB_ONFAULT(%rcx)
596 * Store a 64-bit word, a 32-bit word, a 16-bit word, or an 8-bit byte to
598 * addr = %rdi, value = %rsi
603 movq PCPU(CURPCB),%rcx
604 movq $fusufault,PCB_ONFAULT(%rcx)
606 movq $VM_MAXUSER_ADDRESS-8,%rax
607 cmpq %rax,%rdi /* verify address validity */
612 movq PCPU(CURPCB),%rcx
613 movq %rax,PCB_ONFAULT(%rcx)
621 movq PCPU(CURPCB),%rcx
622 movq $fusufault,PCB_ONFAULT(%rcx)
624 movq $VM_MAXUSER_ADDRESS-4,%rax
625 cmpq %rax,%rdi /* verify address validity */
630 movq PCPU(CURPCB),%rcx
631 movq %rax,PCB_ONFAULT(%rcx)
638 movq PCPU(CURPCB),%rcx
639 movq $fusufault,PCB_ONFAULT(%rcx)
641 movq $VM_MAXUSER_ADDRESS-2,%rax
642 cmpq %rax,%rdi /* verify address validity */
647 movq PCPU(CURPCB),%rcx /* restore trashed register */
648 movq %rax,PCB_ONFAULT(%rcx)
655 movq PCPU(CURPCB),%rcx
656 movq $fusufault,PCB_ONFAULT(%rcx)
658 movq $VM_MAXUSER_ADDRESS-1,%rax
659 cmpq %rax,%rdi /* verify address validity */
665 movq PCPU(CURPCB),%rcx /* restore trashed register */
666 movq %rax,PCB_ONFAULT(%rcx)
672 * copyinstr(from, to, maxlen, int *lencopied)
673 * %rdi, %rsi, %rdx, %rcx
675 * copy a string from 'from' to 'to', stop when a 0 character is reached.
676 * return ENAMETOOLONG if string is longer than maxlen, and
677 * EFAULT on protection violations. If lencopied is non-zero,
678 * return the actual length in *lencopied.
682 movq %rdx,%r8 /* %r8 = maxlen */
683 movq %rcx,%r9 /* %r9 = *len */
684 xchgq %rdi,%rsi /* %rdi = from, %rsi = to */
685 movq PCPU(CURPCB),%rcx
686 movq $cpystrflt,PCB_ONFAULT(%rcx)
688 movq $VM_MAXUSER_ADDRESS,%rax
690 /* make sure 'from' is within bounds */
694 /* restrict maxlen to <= VM_MAXUSER_ADDRESS-from */
711 /* Success -- 0 byte reached */
716 /* rdx is zero - return ENAMETOOLONG or EFAULT */
717 movq $VM_MAXUSER_ADDRESS,%rax
721 movq $ENAMETOOLONG,%rax
728 /* set *lencopied and return %eax */
729 movq PCPU(CURPCB),%rcx
730 movq $0,PCB_ONFAULT(%rcx)
742 * copystr(from, to, maxlen, int *lencopied)
743 * %rdi, %rsi, %rdx, %rcx
747 movq %rdx,%r8 /* %r8 = maxlen */
759 /* Success -- 0 byte reached */
764 /* rdx is zero -- return ENAMETOOLONG */
765 movq $ENAMETOOLONG,%rax
771 /* set *lencopied and return %rax */
780 * Handling of special amd64 registers and descriptor tables etc
782 /* void lgdt(struct region_descriptor *rdp); */
784 /* reload the descriptor table */
787 /* flush the prefetch q */
794 movl %eax,%fs /* Beware, use wrmsr to set 64 bit base */
798 /* reload code selector by turning return into intersegmental return */
806 /*****************************************************************************/
807 /* setjump, longjump */
808 /*****************************************************************************/
811 movq %rbx,0(%rdi) /* save rbx */
812 movq %rsp,8(%rdi) /* save rsp */
813 movq %rbp,16(%rdi) /* save rbp */
814 movq %r12,24(%rdi) /* save r12 */
815 movq %r13,32(%rdi) /* save r13 */
816 movq %r14,40(%rdi) /* save r14 */
817 movq %r15,48(%rdi) /* save r15 */
818 movq 0(%rsp),%rdx /* get rta */
819 movq %rdx,56(%rdi) /* save rip */
820 xorl %eax,%eax /* return(0); */
825 movq 0(%rdi),%rbx /* restore rbx */
826 movq 8(%rdi),%rsp /* restore rsp */
827 movq 16(%rdi),%rbp /* restore rbp */
828 movq 24(%rdi),%r12 /* restore r12 */
829 movq 32(%rdi),%r13 /* restore r13 */
830 movq 40(%rdi),%r14 /* restore r14 */
831 movq 48(%rdi),%r15 /* restore r15 */
832 movq 56(%rdi),%rdx /* get rta */
833 movq %rdx,0(%rsp) /* put in return frame */
834 xorl %eax,%eax /* return(1); */
840 * Support for reading MSRs in the safe manner. (Instead of panic on #gp,
844 /* int rdmsr_safe(u_int msr, uint64_t *data) */
846 movq PCPU(CURPCB),%r8
847 movq $msr_onfault,PCB_ONFAULT(%r8)
849 rdmsr /* Read MSR pointed by %ecx. Returns
850 hi byte in edx, lo in %eax */
851 salq $32,%rdx /* sign-shift %rdx left */
852 movl %eax,%eax /* zero-extend %eax -> %rax */
856 movq %rax,PCB_ONFAULT(%r8)
861 * Support for writing MSRs in the safe manner. (Instead of panic on #gp,
865 /* int wrmsr_safe(u_int msr, uint64_t data) */
867 movq PCPU(CURPCB),%r8
868 movq $msr_onfault,PCB_ONFAULT(%r8)
873 wrmsr /* Write MSR pointed by %ecx. Accepts
874 hi byte in edx, lo in %eax. */
876 movq %rax,PCB_ONFAULT(%r8)
881 * MSR operations fault handler
885 movq $0,PCB_ONFAULT(%r8)
891 * void pmap_pti_pcid_invalidate(uint64_t ucr3, uint64_t kcr3);
892 * Invalidates address space addressed by ucr3, then returns to kcr3.
893 * Done in assembler to ensure no other memory accesses happen while
897 ENTRY(pmap_pti_pcid_invalidate)
900 movq %rdi,%cr3 /* to user page table */
901 movq %rsi,%cr3 /* back to kernel */
906 * void pmap_pti_pcid_invlpg(uint64_t ucr3, uint64_t kcr3, vm_offset_t va);
907 * Invalidates virtual address va in address space ucr3, then returns to kcr3.
910 ENTRY(pmap_pti_pcid_invlpg)
913 movq %rdi,%cr3 /* to user page table */
915 movq %rsi,%cr3 /* back to kernel */
920 * void pmap_pti_pcid_invlrng(uint64_t ucr3, uint64_t kcr3, vm_offset_t sva,
922 * Invalidates virtual addresses between sva and eva in address space ucr3,
923 * then returns to kcr3.
926 ENTRY(pmap_pti_pcid_invlrng)
929 movq %rdi,%cr3 /* to user page table */
934 movq %rsi,%cr3 /* back to kernel */
939 .macro ibrs_seq_label l
942 .macro ibrs_call_label l
945 .macro ibrs_seq count
948 ibrs_call_label %(ll)
956 /* all callers already saved %rax, %rdx, and %rcx */
957 ENTRY(handle_ibrs_entry)
958 cmpb $0,hw_ibrs_active(%rip)
960 movl $MSR_IA32_SPEC_CTRL,%ecx
962 orl $(IA32_SPEC_CTRL_IBRS|IA32_SPEC_CTRL_STIBP),%eax
963 orl $(IA32_SPEC_CTRL_IBRS|IA32_SPEC_CTRL_STIBP)>>32,%edx
965 movb $1,PCPU(IBPB_SET)
966 testl $CPUID_STDEXT_SMEP,cpu_stdext_feature(%rip)
970 END(handle_ibrs_entry)
972 ENTRY(handle_ibrs_exit)
973 cmpb $0,PCPU(IBPB_SET)
975 movl $MSR_IA32_SPEC_CTRL,%ecx
977 andl $~(IA32_SPEC_CTRL_IBRS|IA32_SPEC_CTRL_STIBP),%eax
978 andl $~((IA32_SPEC_CTRL_IBRS|IA32_SPEC_CTRL_STIBP)>>32),%edx
980 movb $0,PCPU(IBPB_SET)
982 END(handle_ibrs_exit)
984 /* registers-neutral version, but needs stack */
985 ENTRY(handle_ibrs_exit_rs)
986 cmpb $0,PCPU(IBPB_SET)
991 movl $MSR_IA32_SPEC_CTRL,%ecx
993 andl $~(IA32_SPEC_CTRL_IBRS|IA32_SPEC_CTRL_STIBP),%eax
994 andl $~((IA32_SPEC_CTRL_IBRS|IA32_SPEC_CTRL_STIBP)>>32),%edx
999 movb $0,PCPU(IBPB_SET)
1001 END(handle_ibrs_exit_rs)
projects / FreeBSD / FreeBSD.git / blob