2 * Copyright (c) 2003 Peter Wemm.
3 * Copyright (c) 1993 The Regents of the University of California.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 3. Neither the name of the University nor the names of its contributors
15 * may be used to endorse or promote products derived from this software
16 * without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 #include <machine/asmacros.h>
36 #include <machine/pmap.h>
44 * void bzero(void *buf, u_int len)
67 movq $PAGE_SIZE/8,%rcx
83 * The loop takes 29 bytes. Ensure that it doesn't cross a 32-byte
88 movnti %rax,(%rdi,%rdx)
89 movnti %rax,8(%rdi,%rdx)
90 movnti %rax,16(%rdi,%rdx)
91 movnti %rax,24(%rdi,%rdx)
103 cld /* compare forwards */
120 * bcopy(src, dst, cnt)
122 * ws@tools.de (Wolfgang Solfrank, TooLs GmbH) +49-228-985800
131 cmpq %rcx,%rax /* overlapping && src < dst? */
134 shrq $3,%rcx /* copy by 64-bit words */
135 cld /* nope, copy forwards */
139 andq $7,%rcx /* any bytes left? */
147 addq %rcx,%rdi /* copy backwards */
151 andq $7,%rcx /* any fractional bytes? */
155 movq %rdx,%rcx /* copy remainder by 32-bit words */
167 * Note: memcpy does not support overlapping copies
173 shrq $3,%rcx /* copy by 64-bit words */
174 cld /* copy forwards */
178 andq $7,%rcx /* any bytes left? */
186 * pagecopy(%rdi=from, %rsi=to)
190 movq $-PAGE_SIZE,%rax
195 prefetchnta (%rdi,%rax)
199 movq (%rdi,%rdx),%rax
200 movnti %rax,(%rsi,%rdx)
201 movq 8(%rdi,%rdx),%rax
202 movnti %rax,8(%rsi,%rdx)
203 movq 16(%rdi,%rdx),%rax
204 movnti %rax,16(%rsi,%rdx)
205 movq 24(%rdi,%rdx),%rax
206 movnti %rax,24(%rsi,%rdx)
214 /* fillw(pat, base, cnt) */
215 /* %rdi,%rsi, %rdx */
228 /*****************************************************************************/
229 /* copyout and fubyte family */
230 /*****************************************************************************/
232 * Access user memory from inside the kernel. These routines should be
233 * the only places that do this.
235 * These routines set curpcb->pcb_onfault for the time they execute. When a
236 * protection violation occurs inside the functions, the trap handler
237 * returns to *curpcb->pcb_onfault instead of the function.
241 * copyout(from_kernel, to_user, len)
246 movq PCPU(CURPCB),%rax
247 movq $copyout_fault,PCB_ONFAULT(%rax)
248 testq %rdx,%rdx /* anything to do? */
252 * Check explicitly for non-user addresses. This check is essential
253 * because it prevents usermode from writing into kernel. We do not
254 * verify that user did not specified a rogue address anywhere else.
257 * First, prevent address wrapping.
263 * XXX STOP USING VM_MAXUSER_ADDRESS.
264 * It is an end address, not a max, so every time it is used correctly it
265 * looks like there is an off by one error, and of course it caused an off
266 * by one error in several places.
268 movq $VM_MAXUSER_ADDRESS,%rcx
273 /* bcopy(%rsi, %rdi, %rdx) */
287 movq PCPU(CURPCB),%rdx
288 movq %rax,PCB_ONFAULT(%rdx)
294 movq PCPU(CURPCB),%rdx
295 movq $0,PCB_ONFAULT(%rdx)
302 * copyin(from_user, to_kernel, len)
307 movq PCPU(CURPCB),%rax
308 movq $copyin_fault,PCB_ONFAULT(%rax)
309 testq %rdx,%rdx /* anything to do? */
313 * make sure address is valid
318 movq $VM_MAXUSER_ADDRESS,%rcx
325 shrq $3,%rcx /* copy longword-wise */
330 andb $7,%cl /* copy remaining bytes */
336 movq PCPU(CURPCB),%rdx
337 movq %rax,PCB_ONFAULT(%rdx)
343 movq PCPU(CURPCB),%rdx
344 movq $0,PCB_ONFAULT(%rdx)
351 * casueword32. Compare and set user integer. Returns -1 on fault,
352 * 0 if access was successful. Old value is written to *oldp.
353 * dst = %rdi, old = %esi, oldp = %rdx, new = %ecx
357 movq PCPU(CURPCB),%r8
358 movq $fusufault,PCB_ONFAULT(%r8)
360 movq $VM_MAXUSER_ADDRESS-4,%rax
361 cmpq %rax,%rdi /* verify address is valid */
364 movl %esi,%eax /* old */
368 cmpxchgl %ecx,(%rdi) /* new = %ecx */
371 * The old value is in %eax. If the store succeeded it will be the
372 * value we expected (old) from before the store, otherwise it will
373 * be the current value. Save %eax into %esi to prepare the return
378 movq %rax,PCB_ONFAULT(%r8)
381 * Access the oldp after the pcb_onfault is cleared, to correctly
382 * catch corrupted pointer.
384 movl %esi,(%rdx) /* oldp = %rdx */
390 * casueword. Compare and set user long. Returns -1 on fault,
391 * 0 if access was successful. Old value is written to *oldp.
392 * dst = %rdi, old = %rsi, oldp = %rdx, new = %rcx
396 movq PCPU(CURPCB),%r8
397 movq $fusufault,PCB_ONFAULT(%r8)
399 movq $VM_MAXUSER_ADDRESS-4,%rax
400 cmpq %rax,%rdi /* verify address is valid */
403 movq %rsi,%rax /* old */
407 cmpxchgq %rcx,(%rdi) /* new = %rcx */
410 * The old value is in %rax. If the store succeeded it will be the
411 * value we expected (old) from before the store, otherwise it will
412 * be the current value.
416 movq %rax,PCB_ONFAULT(%r8)
423 * Fetch (load) a 64-bit word, a 32-bit word, a 16-bit word, or an 8-bit
424 * byte from user memory.
425 * addr = %rdi, valp = %rsi
431 movq PCPU(CURPCB),%rcx
432 movq $fusufault,PCB_ONFAULT(%rcx)
434 movq $VM_MAXUSER_ADDRESS-8,%rax
435 cmpq %rax,%rdi /* verify address is valid */
440 movq %rax,PCB_ONFAULT(%rcx)
449 movq PCPU(CURPCB),%rcx
450 movq $fusufault,PCB_ONFAULT(%rcx)
452 movq $VM_MAXUSER_ADDRESS-4,%rax
453 cmpq %rax,%rdi /* verify address is valid */
458 movq %rax,PCB_ONFAULT(%rcx)
465 * fuswintr() and suswintr() are specialized variants of fuword16() and
466 * suword16(), respectively. They are called from the profiling code,
467 * potentially at interrupt time. If they fail, that's okay; good things
468 * will happen later. They always fail for now, until the trap code is
469 * able to deal with this.
480 movq PCPU(CURPCB),%rcx
481 movq $fusufault,PCB_ONFAULT(%rcx)
483 movq $VM_MAXUSER_ADDRESS-2,%rax
488 movq $0,PCB_ONFAULT(%rcx)
495 movq PCPU(CURPCB),%rcx
496 movq $fusufault,PCB_ONFAULT(%rcx)
498 movq $VM_MAXUSER_ADDRESS-1,%rax
503 movq $0,PCB_ONFAULT(%rcx)
510 movq PCPU(CURPCB),%rcx
512 movq %rax,PCB_ONFAULT(%rcx)
518 * Store a 64-bit word, a 32-bit word, a 16-bit word, or an 8-bit byte to
520 * addr = %rdi, value = %rsi
525 movq PCPU(CURPCB),%rcx
526 movq $fusufault,PCB_ONFAULT(%rcx)
528 movq $VM_MAXUSER_ADDRESS-8,%rax
529 cmpq %rax,%rdi /* verify address validity */
534 movq PCPU(CURPCB),%rcx
535 movq %rax,PCB_ONFAULT(%rcx)
543 movq PCPU(CURPCB),%rcx
544 movq $fusufault,PCB_ONFAULT(%rcx)
546 movq $VM_MAXUSER_ADDRESS-4,%rax
547 cmpq %rax,%rdi /* verify address validity */
552 movq PCPU(CURPCB),%rcx
553 movq %rax,PCB_ONFAULT(%rcx)
560 movq PCPU(CURPCB),%rcx
561 movq $fusufault,PCB_ONFAULT(%rcx)
563 movq $VM_MAXUSER_ADDRESS-2,%rax
564 cmpq %rax,%rdi /* verify address validity */
569 movq PCPU(CURPCB),%rcx /* restore trashed register */
570 movq %rax,PCB_ONFAULT(%rcx)
577 movq PCPU(CURPCB),%rcx
578 movq $fusufault,PCB_ONFAULT(%rcx)
580 movq $VM_MAXUSER_ADDRESS-1,%rax
581 cmpq %rax,%rdi /* verify address validity */
587 movq PCPU(CURPCB),%rcx /* restore trashed register */
588 movq %rax,PCB_ONFAULT(%rcx)
594 * copyinstr(from, to, maxlen, int *lencopied)
595 * %rdi, %rsi, %rdx, %rcx
597 * copy a string from 'from' to 'to', stop when a 0 character is reached.
598 * return ENAMETOOLONG if string is longer than maxlen, and
599 * EFAULT on protection violations. If lencopied is non-zero,
600 * return the actual length in *lencopied.
604 movq %rdx,%r8 /* %r8 = maxlen */
605 movq %rcx,%r9 /* %r9 = *len */
606 xchgq %rdi,%rsi /* %rdi = from, %rsi = to */
607 movq PCPU(CURPCB),%rcx
608 movq $cpystrflt,PCB_ONFAULT(%rcx)
610 movq $VM_MAXUSER_ADDRESS,%rax
612 /* make sure 'from' is within bounds */
616 /* restrict maxlen to <= VM_MAXUSER_ADDRESS-from */
634 /* Success -- 0 byte reached */
639 /* rdx is zero - return ENAMETOOLONG or EFAULT */
640 movq $VM_MAXUSER_ADDRESS,%rax
644 movq $ENAMETOOLONG,%rax
651 /* set *lencopied and return %eax */
652 movq PCPU(CURPCB),%rcx
653 movq $0,PCB_ONFAULT(%rcx)
665 * copystr(from, to, maxlen, int *lencopied)
666 * %rdi, %rsi, %rdx, %rcx
670 movq %rdx,%r8 /* %r8 = maxlen */
683 /* Success -- 0 byte reached */
688 /* rdx is zero -- return ENAMETOOLONG */
689 movq $ENAMETOOLONG,%rax
695 /* set *lencopied and return %rax */
704 * Handling of special amd64 registers and descriptor tables etc
706 /* void lgdt(struct region_descriptor *rdp); */
708 /* reload the descriptor table */
711 /* flush the prefetch q */
718 movl %eax,%fs /* Beware, use wrmsr to set 64 bit base */
722 /* reload code selector by turning return into intersegmental return */
730 /*****************************************************************************/
731 /* setjump, longjump */
732 /*****************************************************************************/
735 movq %rbx,0(%rdi) /* save rbx */
736 movq %rsp,8(%rdi) /* save rsp */
737 movq %rbp,16(%rdi) /* save rbp */
738 movq %r12,24(%rdi) /* save r12 */
739 movq %r13,32(%rdi) /* save r13 */
740 movq %r14,40(%rdi) /* save r14 */
741 movq %r15,48(%rdi) /* save r15 */
742 movq 0(%rsp),%rdx /* get rta */
743 movq %rdx,56(%rdi) /* save rip */
744 xorl %eax,%eax /* return(0); */
749 movq 0(%rdi),%rbx /* restore rbx */
750 movq 8(%rdi),%rsp /* restore rsp */
751 movq 16(%rdi),%rbp /* restore rbp */
752 movq 24(%rdi),%r12 /* restore r12 */
753 movq 32(%rdi),%r13 /* restore r13 */
754 movq 40(%rdi),%r14 /* restore r14 */
755 movq 48(%rdi),%r15 /* restore r15 */
756 movq 56(%rdi),%rdx /* get rta */
757 movq %rdx,0(%rsp) /* put in return frame */
758 xorl %eax,%eax /* return(1); */
764 * Support for reading MSRs in the safe manner. (Instead of panic on #gp,
768 /* int rdmsr_safe(u_int msr, uint64_t *data) */
770 movq PCPU(CURPCB),%r8
771 movq $msr_onfault,PCB_ONFAULT(%r8)
773 rdmsr /* Read MSR pointed by %ecx. Returns
774 hi byte in edx, lo in %eax */
775 salq $32,%rdx /* sign-shift %rdx left */
776 movl %eax,%eax /* zero-extend %eax -> %rax */
780 movq %rax,PCB_ONFAULT(%r8)
785 * Support for writing MSRs in the safe manner. (Instead of panic on #gp,
789 /* int wrmsr_safe(u_int msr, uint64_t data) */
791 movq PCPU(CURPCB),%r8
792 movq $msr_onfault,PCB_ONFAULT(%r8)
797 wrmsr /* Write MSR pointed by %ecx. Accepts
798 hi byte in edx, lo in %eax. */
800 movq %rax,PCB_ONFAULT(%r8)
805 * MSR operations fault handler
809 movq $0,PCB_ONFAULT(%r8)
projects / FreeBSD / FreeBSD.git / blob