1 /*
2 * linux/arch/arm/mm/fault-common.c
3 *
4 * Copyright (C) 1995 Linus Torvalds
5 * Modifications for ARM processor (c) 1995-2001 Russell King
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
10 */
11 #include <linux/config.h>
12 #include <linux/signal.h>
13 #include <linux/sched.h>
14 #include <linux/kernel.h>
15 #include <linux/errno.h>
16 #include <linux/string.h>
17 #include <linux/types.h>
18 #include <linux/ptrace.h>
19 #include <linux/mman.h>
20 #include <linux/mm.h>
21 #include <linux/interrupt.h>
22 #include <linux/proc_fs.h>
23 #include <linux/init.h>
24
25 #include <asm/system.h>
26 #include <asm/uaccess.h>
27 #include <asm/pgtable.h>
28 #include <asm/unaligned.h>
29
30 #ifdef CONFIG_CPU_26
31 #define FAULT_CODE_WRITE 0x02
32 #define FAULT_CODE_FORCECOW 0x01
33 #define DO_COW(m) ((m) & (FAULT_CODE_WRITE|FAULT_CODE_FORCECOW))
34 #define READ_FAULT(m) (!((m) & FAULT_CODE_WRITE))
35 #else
36 /*
37 * On 32-bit processors, we define "mode" to be zero when reading,
38 * non-zero when writing. This now ties up nicely with the polarity
39 * of the 26-bit machines, and also means that we avoid the horrible
40 * gcc code for "int val = !other_val;".
41 */
42 #define DO_COW(m) (m)
43 #define READ_FAULT(m) (!(m))
44 #endif
45
46 /*
47 * This is useful to dump out the page tables associated with
48 * 'addr' in mm 'mm'.
49 */
show_pte(struct mm_struct * mm,unsigned long addr)50 void show_pte(struct mm_struct *mm, unsigned long addr)
51 {
52 mm_segment_t fs;
53
54 if (!mm)
55 mm = &init_mm;
56
57 printk(KERN_ALERT "mm = %p pgd = %p\n", mm, mm->pgd);
58
59 fs = get_fs();
60 set_fs(get_ds());
61 do {
62 pgd_t pg, *pgd = pgd_offset(mm, addr);
63 pmd_t pm, *pmd;
64 pte_t pt, *pte;
65
66 printk(KERN_ALERT "*pgd = ");
67
68 if (__get_user(pgd_val(pg), (unsigned long *)pgd)) {
69 printk("(faulted)");
70 break;
71 }
72
73 printk("%08lx", pgd_val(pg));
74
75 if (pgd_none(pg))
76 break;
77
78 if (pgd_bad(pg)) {
79 printk("(bad)");
80 break;
81 }
82
83 pmd = pmd_offset(pgd, addr);
84
85 printk(", *pmd = ");
86
87 if (__get_user(pmd_val(pm), (unsigned long *)pmd)) {
88 printk("(faulted)");
89 break;
90 }
91
92 printk("%08lx", pmd_val(pm));
93
94 if (pmd_none(pm))
95 break;
96
97 if (pmd_bad(pm)) {
98 printk("(bad)");
99 break;
100 }
101
102 pte = pte_offset(pmd, addr);
103
104 printk(", *pte = ");
105
106 if (__get_user(pte_val(pt), (unsigned long *)pte)) {
107 printk("(faulted)");
108 break;
109 }
110
111 printk("%08lx", pte_val(pt));
112 #ifdef CONFIG_CPU_32
113 printk(", *ppte = %08lx", pte_val(pte[-PTRS_PER_PTE]));
114 #endif
115 } while(0);
116 set_fs(fs);
117
118 printk("\n");
119 }
120
121 /*
122 * Oops. The kernel tried to access some page that wasn't present.
123 */
124 static void
__do_kernel_fault(struct mm_struct * mm,unsigned long addr,int error_code,struct pt_regs * regs)125 __do_kernel_fault(struct mm_struct *mm, unsigned long addr, int error_code,
126 struct pt_regs *regs)
127 {
128 unsigned long fixup;
129
130 /*
131 * Are we prepared to handle this kernel fault?
132 */
133 if ((fixup = search_exception_table(instruction_pointer(regs))) != 0) {
134 #ifdef DEBUG
135 printk(KERN_DEBUG "%s: Exception at [<%lx>] addr=%lx (fixup: %lx)\n",
136 current->comm, regs->ARM_pc, addr, fixup);
137 #endif
138 regs->ARM_pc = fixup;
139 return;
140 }
141
142 /*
143 * No handler, we'll have to terminate things with extreme prejudice.
144 */
145 printk(KERN_ALERT
146 "Unable to handle kernel %s at virtual address %08lx\n",
147 (addr < PAGE_SIZE) ? "NULL pointer dereference" :
148 "paging request", addr);
149
150 show_pte(mm, addr);
151 die("Oops", regs, error_code);
152 do_exit(SIGKILL);
153 }
154
155 /*
156 * Something tried to access memory that isn't in our memory map..
157 * User mode accesses just cause a SIGSEGV
158 */
159 static void
__do_user_fault(struct task_struct * tsk,unsigned long addr,int error_code,int code,struct pt_regs * regs)160 __do_user_fault(struct task_struct *tsk, unsigned long addr, int error_code,
161 int code, struct pt_regs *regs)
162 {
163 struct siginfo si;
164
165 #ifdef CONFIG_DEBUG_USER
166 printk(KERN_DEBUG "%s: unhandled page fault at pc=0x%08lx, "
167 "lr=0x%08lx (bad address=0x%08lx, code %d)\n",
168 tsk->comm, regs->ARM_pc, regs->ARM_lr, addr, error_code);
169 show_regs(regs);
170 #endif
171
172 tsk->thread.address = addr;
173 tsk->thread.error_code = error_code;
174 tsk->thread.trap_no = 14;
175 si.si_signo = SIGSEGV;
176 si.si_errno = 0;
177 si.si_code = code;
178 si.si_addr = (void *)addr;
179 force_sig_info(SIGSEGV, &si, tsk);
180 }
181
182 void
do_bad_area(struct task_struct * tsk,struct mm_struct * mm,unsigned long addr,int error_code,struct pt_regs * regs)183 do_bad_area(struct task_struct *tsk, struct mm_struct *mm, unsigned long addr,
184 int error_code, struct pt_regs *regs)
185 {
186 /*
187 * If we are in kernel mode at this point, we
188 * have no context to handle this fault with.
189 */
190 if (user_mode(regs))
191 __do_user_fault(tsk, addr, error_code, SEGV_MAPERR, regs);
192 else
193 __do_kernel_fault(mm, addr, error_code, regs);
194 }
195
196 static int
__do_page_fault(struct mm_struct * mm,unsigned long addr,int error_code,struct task_struct * tsk)197 __do_page_fault(struct mm_struct *mm, unsigned long addr, int error_code,
198 struct task_struct *tsk)
199 {
200 struct vm_area_struct *vma;
201 int fault, mask;
202
203 vma = find_vma(mm, addr);
204 fault = -2; /* bad map area */
205 if (!vma)
206 goto out;
207 if (vma->vm_start > addr)
208 goto check_stack;
209
210 /*
211 * Ok, we have a good vm_area for this
212 * memory access, so we can handle it.
213 */
214 good_area:
215 if (READ_FAULT(error_code)) /* read? */
216 mask = VM_READ|VM_EXEC;
217 else
218 mask = VM_WRITE;
219
220 fault = -1; /* bad access type */
221 if (!(vma->vm_flags & mask))
222 goto out;
223
224 /*
225 * If for any reason at all we couldn't handle
226 * the fault, make sure we exit gracefully rather
227 * than endlessly redo the fault.
228 */
229 survive:
230 fault = handle_mm_fault(mm, vma, addr & PAGE_MASK, DO_COW(error_code));
231
232 /*
233 * Handle the "normal" cases first - successful and sigbus
234 */
235 switch (fault) {
236 case 2:
237 tsk->maj_flt++;
238 return fault;
239 case 1:
240 tsk->min_flt++;
241 case 0:
242 return fault;
243 }
244
245 fault = -3; /* out of memory */
246 if (tsk->pid != 1)
247 goto out;
248
249 /*
250 * If we are out of memory for pid1,
251 * sleep for a while and retry
252 */
253 yield();
254 goto survive;
255
256 check_stack:
257 if (vma->vm_flags & VM_GROWSDOWN && !expand_stack(vma, addr))
258 goto good_area;
259 out:
260 return fault;
261 }
262
do_page_fault(unsigned long addr,int error_code,struct pt_regs * regs)263 int do_page_fault(unsigned long addr, int error_code, struct pt_regs *regs)
264 {
265 struct task_struct *tsk;
266 struct mm_struct *mm;
267 int fault;
268
269 tsk = current;
270 mm = tsk->mm;
271
272 /*
273 * If we're in an interrupt or have no user
274 * context, we must not take the fault..
275 */
276 if (in_interrupt() || !mm)
277 goto no_context;
278
279 down_read(&mm->mmap_sem);
280 fault = __do_page_fault(mm, addr, error_code, tsk);
281 up_read(&mm->mmap_sem);
282
283 /*
284 * Handle the "normal" case first
285 */
286 if (fault > 0)
287 return 0;
288
289 /*
290 * We had some memory, but were unable to
291 * successfully fix up this page fault.
292 */
293 if (fault == 0)
294 goto do_sigbus;
295
296 /*
297 * If we are in kernel mode at this point, we
298 * have no context to handle this fault with.
299 */
300 if (!user_mode(regs))
301 goto no_context;
302
303 if (fault == -3) {
304 /*
305 * We ran out of memory, or some other thing happened to
306 * us that made us unable to handle the page fault gracefully.
307 */
308 printk("VM: killing process %s\n", tsk->comm);
309 do_exit(SIGKILL);
310 } else
311 __do_user_fault(tsk, addr, error_code, fault == -1 ?
312 SEGV_ACCERR : SEGV_MAPERR, regs);
313 return 0;
314
315
316 /*
317 * We ran out of memory, or some other thing happened to us that made
318 * us unable to handle the page fault gracefully.
319 */
320 do_sigbus:
321 /*
322 * Send a sigbus, regardless of whether we were in kernel
323 * or user mode.
324 */
325 tsk->thread.address = addr;
326 tsk->thread.error_code = error_code;
327 tsk->thread.trap_no = 14;
328 force_sig(SIGBUS, tsk);
329 #ifdef CONFIG_DEBUG_USER
330 printk(KERN_DEBUG "%s: sigbus at 0x%08lx, pc=0x%08lx\n",
331 current->comm, addr, instruction_pointer(regs));
332 #endif
333
334 /* Kernel mode? Handle exceptions or die */
335 if (user_mode(regs))
336 return 0;
337
338 no_context:
339 __do_kernel_fault(mm, addr, error_code, regs);
340 return 0;
341 }
342
343 /*
344 * First Level Translation Fault Handler
345 *
346 * We enter here because the first level page table doesn't contain
347 * a valid entry for the address.
348 *
349 * If the address is in kernel space (>= TASK_SIZE), then we are
350 * probably faulting in the vmalloc() area.
351 *
352 * If the init_task's first level page tables contains the relevant
353 * entry, we copy the it to this task. If not, we send the process
354 * a signal, fixup the exception, or oops the kernel.
355 *
356 * NOTE! We MUST NOT take any locks for this case. We may be in an
357 * interrupt or a critical region, and should only copy the information
358 * from the master page table, nothing more.
359 */
do_translation_fault(unsigned long addr,int error_code,struct pt_regs * regs)360 int do_translation_fault(unsigned long addr, int error_code, struct pt_regs *regs)
361 {
362 struct task_struct *tsk;
363 struct mm_struct *mm;
364 int offset;
365 pgd_t *pgd, *pgd_k;
366 pmd_t *pmd, *pmd_k;
367
368 if (addr < TASK_SIZE)
369 return do_page_fault(addr, error_code, regs);
370
371 offset = __pgd_offset(addr);
372
373 /*
374 * FIXME: CP15 C1 is write only on ARMv3 architectures.
375 */
376 pgd = cpu_get_pgd() + offset;
377 pgd_k = init_mm.pgd + offset;
378
379 if (pgd_none(*pgd_k))
380 goto bad_area;
381
382 #if 0 /* note that we are two-level */
383 if (!pgd_present(*pgd))
384 set_pgd(pgd, *pgd_k);
385 #endif
386
387 pmd_k = pmd_offset(pgd_k, addr);
388 pmd = pmd_offset(pgd, addr);
389
390 if (pmd_none(*pmd_k))
391 goto bad_area;
392
393 set_pmd(pmd, *pmd_k);
394 return 0;
395
396 bad_area:
397 tsk = current;
398 mm = tsk->active_mm;
399
400 do_bad_area(tsk, mm, addr, error_code, regs);
401 return 0;
402 }
403