1/* 2 * arch/ppc/mm/fault.c 3 * 4 * PowerPC version 5 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org) 6 * 7 * Derived from "arch/i386/mm/fault.c" 8 * Copyright (C) 1991, 1992, 1993, 1994 Linus Torvalds 9 * 10 * Modified by Cort Dougan and Paul Mackerras. 11 * 12 * Modified for PPC64 by Dave Engebretsen (engebret@ibm.com) 13 * 14 * This program is free software; you can redistribute it and/or 15 * modify it under the terms of the GNU General Public License 16 * as published by the Free Software Foundation; either version 17 * 2 of the License, or (at your option) any later version. 18 */ 19 20#include <linux/config.h> 21#include <linux/signal.h> 22#include <linux/sched.h> 23#include <linux/kernel.h> 24#include <linux/errno.h> 25#include <linux/string.h> 26#include <linux/types.h> 27#include <linux/ptrace.h> 28#include <linux/mman.h> 29#include <linux/mm.h> 30#include <linux/interrupt.h> 31 32#include <asm/page.h> 33#include <asm/pgtable.h> 34#include <asm/mmu.h> 35#include <asm/mmu_context.h> 36#include <asm/system.h> 37#include <asm/uaccess.h> 38 39#include <asm/ppcdebug.h> 40 41#if defined(CONFIG_KDB) 42#include <linux/kdb.h> 43#endif 44 45#if defined(CONFIG_XMON) || defined(CONFIG_KGDB) || defined(CONFIG_KDB) 46extern void (*debugger)(struct pt_regs *); 47extern void (*debugger_fault_handler)(struct pt_regs *); 48extern int (*debugger_dabr_match)(struct pt_regs *); 49int debugger_kernel_faults = 1; 50#endif 51 52extern void die_if_kernel(char *, struct pt_regs *, long); 53void bad_page_fault(struct pt_regs *, unsigned long); 54void do_page_fault(struct pt_regs *, unsigned long, unsigned long); 55 56#ifdef CONFIG_PPCDBG 57extern unsigned long get_srr0(void); 58extern unsigned long get_srr1(void); 59#endif 60 61/* 62 * For 600- and 800-family processors, the error_code parameter is DSISR 63 * for a data fault, SRR1 for an instruction fault. 64 */ 65void do_page_fault(struct pt_regs *regs, unsigned long address, 66 unsigned long error_code) 67{ 68 struct vm_area_struct * vma; 69 struct mm_struct *mm = current->mm; 70 siginfo_t info; 71 unsigned long code = SEGV_MAPERR; 72 unsigned long is_write = error_code & 0x02000000; 73 unsigned long mm_fault_return; 74 75 PPCDBG(PPCDBG_MM, "Entering do_page_fault: addr = 0x%16.16lx, error_code = %lx\n\tregs_trap = %lx, srr0 = %lx, srr1 = %lx\n", address, error_code, regs->trap, get_srr0(), get_srr1()); 76 /* 77 * Fortunately the bit assignments in SRR1 for an instruction 78 * fault and DSISR for a data fault are mostly the same for the 79 * bits we are interested in. But there are some bits which 80 * indicate errors in DSISR but can validly be set in SRR1. 81 */ 82 if (regs->trap == 0x400) 83 error_code &= 0x48200000; 84 85#if defined(CONFIG_XMON) || defined(CONFIG_KGDB) 86 if (debugger_fault_handler && (regs->trap == 0x300 || 87 regs->trap == 0x380)) { 88 debugger_fault_handler(regs); 89 return; 90 } 91 92 if (error_code & 0x00400000) { 93 /* DABR match */ 94 if (debugger_dabr_match(regs)) 95 return; 96 } 97#endif /* CONFIG_XMON || CONFIG_KGDB */ 98 99 if (in_interrupt() || mm == NULL) { 100 bad_page_fault(regs, address); 101 return; 102 } 103 down_read(&mm->mmap_sem); 104 vma = find_vma(mm, address); 105 PPCDBG(PPCDBG_MM, "\tdo_page_fault: vma = 0x%16.16lx\n", vma); 106 if (!vma) { 107 PPCDBG(PPCDBG_MM, "\tdo_page_fault: !vma\n"); 108 goto bad_area; 109 } 110 PPCDBG(PPCDBG_MM, "\tdo_page_fault: vma->vm_start = 0x%16.16lx, vma->vm_flags = 0x%16.16lx\n", vma->vm_start, vma->vm_flags); 111 if (vma->vm_start <= address) { 112 goto good_area; 113 } 114 if (!(vma->vm_flags & VM_GROWSDOWN)) { 115 PPCDBG(PPCDBG_MM, "\tdo_page_fault: vma->vm_flags = %lx, %lx\n", vma->vm_flags, VM_GROWSDOWN); 116 goto bad_area; 117 } 118 if (expand_stack(vma, address)) { 119 PPCDBG(PPCDBG_MM, "\tdo_page_fault: expand_stack\n"); 120 goto bad_area; 121 } 122 123good_area: 124 code = SEGV_ACCERR; 125 126 /* a write */ 127 if (is_write) { 128 if (!(vma->vm_flags & VM_WRITE)) 129 goto bad_area; 130 /* a read */ 131 } else { 132 /* protection fault */ 133 if (error_code & 0x08000000) 134 goto bad_area; 135 if (!(vma->vm_flags & (VM_READ | VM_EXEC))) 136 goto bad_area; 137 } 138 139 /* 140 * If for any reason at all we couldn't handle the fault, 141 * make sure we exit gracefully rather than endlessly redo 142 * the fault. 143 */ 144 PPCDBG(PPCDBG_MM, "\tdo_page_fault: calling handle_mm_fault\n"); 145 mm_fault_return = handle_mm_fault(mm, vma, address, is_write); 146 PPCDBG(PPCDBG_MM, "\tdo_page_fault: handle_mm_fault = 0x%lx\n", 147 mm_fault_return); 148 switch(mm_fault_return) { 149 case 1: 150 current->min_flt++; 151 break; 152 case 2: 153 current->maj_flt++; 154 break; 155 case 0: 156 goto do_sigbus; 157 default: 158 goto out_of_memory; 159 } 160 161 up_read(&mm->mmap_sem); 162 return; 163 164bad_area: 165 up_read(&mm->mmap_sem); 166 167 /* User mode accesses cause a SIGSEGV */ 168 if (user_mode(regs)) { 169 info.si_signo = SIGSEGV; 170 info.si_errno = 0; 171 info.si_code = code; 172 info.si_addr = (void *) address; 173 PPCDBG(PPCDBG_SIGNAL, "Bad addr in user: 0x%lx\n", address); 174#ifdef CONFIG_XMON 175 ifppcdebug(PPCDBG_SIGNALXMON) 176 PPCDBG_ENTER_DEBUGGER_REGS(regs); 177#endif 178 179 force_sig_info(SIGSEGV, &info, current); 180 return; 181 } 182 183 bad_page_fault(regs, address); 184 return; 185 186/* 187 * We ran out of memory, or some other thing happened to us that made 188 * us unable to handle the page fault gracefully. 189 */ 190out_of_memory: 191 up_read(&mm->mmap_sem); 192 printk("VM: killing process %s\n", current->comm); 193 if (user_mode(regs)) 194 do_exit(SIGKILL); 195 bad_page_fault(regs, address); 196 return; 197 198do_sigbus: 199 up_read(&mm->mmap_sem); 200 info.si_signo = SIGBUS; 201 info.si_errno = 0; 202 info.si_code = BUS_ADRERR; 203 info.si_addr = (void *)address; 204 force_sig_info (SIGBUS, &info, current); 205 if (!user_mode(regs)) 206 bad_page_fault(regs, address); 207} 208 209/* 210 * bad_page_fault is called when we have a bad access from the kernel. 211 * It is called from do_page_fault above and from some of the procedures 212 * in traps.c. 213 */ 214void 215bad_page_fault(struct pt_regs *regs, unsigned long address) 216{ 217 unsigned long fixup; 218 219 /* Are we prepared to handle this fault? */ 220 if ((fixup = search_exception_table(regs->nip)) != 0) { 221 regs->nip = fixup; 222 return; 223 } 224 225 /* kernel has accessed a bad area */ 226 show_regs(regs); 227#if defined(CONFIG_XMON) || defined(CONFIG_KGDB) 228 if (debugger_kernel_faults) 229 debugger(regs); 230#endif 231#if defined(CONFIG_KDB) 232 kdb(KDB_REASON_FAULT, regs->trap, regs); 233#endif 234 print_backtrace( (unsigned long *)regs->gpr[1] ); 235 panic("kernel access of bad area pc %lx lr %lx address %lX tsk %s/%d", 236 regs->nip,regs->link,address,current->comm,current->pid); 237} 238