mirror of https://github.com/tongzx/nt5src
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
6296 lines
192 KiB
6296 lines
192 KiB
//++
|
|
//
|
|
// Module Name:
|
|
// trap.s
|
|
//
|
|
// Abstract:
|
|
// Low level interruption handlers
|
|
//
|
|
// Author:
|
|
// Bernard Lint 12-Jun-1995
|
|
//
|
|
// Environment:
|
|
// Kernel mode only
|
|
//
|
|
// Revision History:
|
|
//
|
|
//
|
|
// Open Design Issues:
|
|
//
|
|
//--
|
|
|
|
#if 1 // interruption logging is enabled in checked and free builds
|
|
#define INTERRUPTION_LOGGING 1
|
|
#endif // DBG
|
|
|
|
#include "ksia64.h"
|
|
|
|
.file "trap.s"
|
|
.explicit
|
|
|
|
//
|
|
// Globals imported:
|
|
//
|
|
|
|
PublicFunction(KeBugCheckEx)
|
|
PublicFunction(KiApcInterrupt)
|
|
PublicFunction(KiCheckForSoftwareInterrupt)
|
|
PublicFunction(KiDispatchException)
|
|
PublicFunction(KiExternalInterruptHandler)
|
|
PublicFunction(KiFloatTrap)
|
|
PublicFunction(KiFloatFault)
|
|
PublicFunction(KiGeneralExceptions)
|
|
PublicFunction(KiUnimplementedAddressTrap)
|
|
PublicFunction(KiNatExceptions)
|
|
PublicFunction(KiMemoryFault)
|
|
PublicFunction(KiOtherBreakException)
|
|
PublicFunction(KiPanicHandler)
|
|
PublicFunction(KiSingleStep)
|
|
PublicFunction(KiUnalignedFault)
|
|
PublicFunction(PsConvertToGuiThread)
|
|
PublicFunction(ExpInterlockedPopEntrySListFault)
|
|
PublicFunction(KiDebugFault)
|
|
PublicFunction(KeSetLowPsrBit)
|
|
PublicFunction(KiTestGdiBatchCount)
|
|
PublicFunction(KeCopySafe)
|
|
PublicFunction(KiIA32ExceptionVectorHandler)
|
|
PublicFunction(KiIA32InterruptionVectorHandler)
|
|
PublicFunction(KiIA32InterceptionVectorHandler)
|
|
|
|
|
|
.global KiSystemServiceHandler
|
|
.global KeServiceDescriptorTableShadow
|
|
.global KeGdiFlushUserBatch
|
|
.global KdDebuggerEnabled
|
|
.global MiDefaultPpe
|
|
|
|
// For Conditional Interrupt Logging
|
|
#define UserSystemcallBit 61
|
|
#define ExternalInterruptBit 62
|
|
|
|
.global KiVectorLogMask
|
|
|
|
|
|
|
|
//
|
|
// Register aliases used throughout the entire module
|
|
//
|
|
|
|
//
|
|
// Banked general registers
|
|
//
|
|
// h16-h23 can only be used when psr.ic=1.
|
|
//
|
|
// h24-h31 can only be used when psr.ic=0 (these are reserved for tlb
|
|
// and pal/machine check handlers when psr.ic=1).
|
|
//
|
|
|
|
//
|
|
// Shown below are aliases of bank 0 registers used in the low level handlers
|
|
// by macros ALLOCATE_TRAP_FRAME, SAVE_INTERRUPTION_RESOURCES, and
|
|
// RETURN_FROM_INTERRUPTION. When the code in the macros are changes, these
|
|
// register aliases must be reviewed.
|
|
//
|
|
|
|
rHIPSR = h16
|
|
rHpT2 = h16
|
|
|
|
rHIIPA = h17
|
|
rHRSC = h17
|
|
rHDfhPFS = h17 // used to preserve pfs in KiDisabledFpRegisterVector
|
|
|
|
rHIIP = h18
|
|
rHFPSR = h18
|
|
|
|
rHOldPreds = h19
|
|
rHBrp = h19
|
|
rHRNAT = h19
|
|
|
|
rHIFS = h20
|
|
rHPFS = h20
|
|
rHBSP = h20
|
|
|
|
rHISR = h21
|
|
rHUNAT = h21
|
|
rHBSPSTORE = h21
|
|
rHpT3 = h21
|
|
|
|
rHSp = h22
|
|
rHDfhBrp = h22 // used to preserve brp in KiDisabledFpRegisterVector
|
|
rHpT4 = h22
|
|
|
|
rHpT1 = h23
|
|
|
|
rTH3 = h24
|
|
|
|
rHHandler = h25
|
|
rTH1 = h26
|
|
rTH2 = h27
|
|
|
|
rHIIM = h28
|
|
rHIFA = h28
|
|
|
|
rHEPCVa = h29
|
|
rHEPCVa2 = h30
|
|
rPanicCode = h30
|
|
|
|
rTH4 = h31
|
|
|
|
//
|
|
// General registers used through out module
|
|
//
|
|
|
|
pApc = ps0 // User Apc Pending
|
|
pUser = ps1 // mode on entry was user
|
|
pKrnl = ps2 // mode on entry was kernel
|
|
pUstk = ps3
|
|
pKstk = ps4
|
|
pEM = ps5 // EM ISA on kernel entry
|
|
pIA = ps6 // X86 ISA on kernel entry
|
|
pKDbg = ps7 // Kernel debug Active
|
|
pUDbg = ps8 // Kernel debug Active
|
|
|
|
//
|
|
// Kernel registers used through out module
|
|
//
|
|
rkHandler = k6 // specific exception handler
|
|
|
|
|
|
|
|
|
|
//
|
|
// Macro definitions for this module only
|
|
//
|
|
|
|
//
|
|
// Define vector/exception entry/exit macros.
|
|
// N.B. All HANDLER_ENTRY functions go into .nsc section with
|
|
// KiNormalSystemCall being the first.
|
|
//
|
|
|
|
#define HANDLER_ENTRY(Name) \
|
|
.##global Name; \
|
|
.##proc Name; \
|
|
Name::
|
|
|
|
#define HANDLER_ENTRY_EX(Name, Handler) \
|
|
.##global Name; \
|
|
.##proc Name; \
|
|
.##type Handler, @function; \
|
|
.##personality Handler; \
|
|
Name::
|
|
|
|
#define VECTOR_ENTRY(Offset, Name, Extra0) \
|
|
.##org Offset; \
|
|
.##global Name; \
|
|
.##proc Name; \
|
|
Name::
|
|
|
|
|
|
#define VECTOR_EXIT(Name) \
|
|
.##endp Name
|
|
|
|
#define HANDLER_EXIT(Name) \
|
|
.##endp Name
|
|
|
|
|
|
//++
|
|
// Routine:
|
|
//
|
|
// IO_END_OF_INTERRUPT(rVector,rT1,rT2,pEOI)
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// HalEOITable Entry corresponding to the vectorNo is tested.
|
|
// If the entry is nonzero, then vectorNo is stored to the location
|
|
// specified in the entry. If the entry is zero, return.
|
|
//
|
|
// Arguements:
|
|
//
|
|
//
|
|
// Notes:
|
|
//
|
|
// MS preprocessor requires /* */ style comments
|
|
//
|
|
//--
|
|
|
|
#define IO_END_OF_INTERRUPT(rVector,rT1,rT2,pEOI) ;\
|
|
movl rT1 = KiPcr+PcEOITable ;\
|
|
;; ;\
|
|
ld8 rT1 = [rT1] ;\
|
|
;; ;\
|
|
shladd rT2 = rVector,3,rT1 ;\
|
|
;; ;\
|
|
ld8 rT1 = [rT2] ;\
|
|
;; ;\
|
|
cmp.ne pEOI = zero, rT1 ;\
|
|
;; ;\
|
|
(pEOI) st4.rel [rT1] = rVector
|
|
|
|
|
|
//++
|
|
// Routine:
|
|
//
|
|
// VECTOR_CALL_HANDLER(Handler, SpecificHandler)
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// Common code for transfer to heavyweight handlers from
|
|
// interruption vectors. Put RSE in store intensive mode,
|
|
// cover current frame and call handler.
|
|
//
|
|
// Arguments:
|
|
//
|
|
// Handler: First level handler for this vector
|
|
// SpecificHandler: Specific handler to be called by the generic
|
|
// exception handler.
|
|
//
|
|
// Return Value:
|
|
//
|
|
// None
|
|
//
|
|
// Notes:
|
|
// Uses just the kernel banked registers (h16-h31)
|
|
//
|
|
// MS preprocessor requires /* */ style comments
|
|
//--
|
|
|
|
|
|
#define VECTOR_CALL_HANDLER(Handler,SpecificHandler) ;\
|
|
mov rHIFA = cr##.##ifa ;\
|
|
movl rHHandler = SpecificHandler ;\
|
|
br##.##sptk Handler ;\
|
|
;;
|
|
|
|
|
|
//++
|
|
// Routine:
|
|
//
|
|
// ALLOCATE_TRAP_FRAME
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// Common code for allocating trap frame on kernel entry for heavyweight
|
|
// handler.
|
|
//
|
|
// On entry:
|
|
//
|
|
// On exit: sp -> trap frame; any instruction that depends on sp must be
|
|
// placed in the new instruction group. Interruption resources
|
|
// ipsr, iipa, iip, predicates, isr, sp, ifs are captured in
|
|
// seven of the banked registers h16-23. The last one is used
|
|
// by SAVE_INTERRUPTION_STATE as a pointer to save these resources
|
|
// in the trap frame.
|
|
//
|
|
// Return Value:
|
|
//
|
|
// None
|
|
//
|
|
// Notes:
|
|
// Uses just the kernel banked registers (h16-h31)
|
|
//
|
|
// MS preprocessor requires /* */ style comments below
|
|
//--
|
|
|
|
#define ALLOCATE_TRAP_FRAME ;\
|
|
;\
|
|
pOverflow1 = pt2 ;\
|
|
pOverflow2 = pt3 ;\
|
|
pOverflow3 = pt4 ;\
|
|
;\
|
|
mov rHIPSR = cr##.##ipsr ;\
|
|
movl rTH1 = KiPcr+PcInitialStack ;\
|
|
;\
|
|
mov rHIIP = cr##.##iip ;\
|
|
mov rHOldPreds = pr ;\
|
|
cover /* cover and save IFS */;\
|
|
;; ;\
|
|
;\
|
|
ld8 rTH4 = [rTH1], PcBStoreLimit-PcInitialStack ;\
|
|
mov rTH3 = ar##.##bsp ;\
|
|
tbit##.##z pt1, pt0 = sp, 63 ;\
|
|
;; ;\
|
|
;\
|
|
mov rHIIPA = cr##.##iipa ;\
|
|
ld8 rTH2 = [rTH1], PcStackLimit-PcBStoreLimit ;\
|
|
;\
|
|
mov rHIFS = cr##.##ifs ;\
|
|
mov rHSp = sp ;\
|
|
extr##.##u rHpT1 = rHIPSR, PSR_CPL, PSR_CPL_LEN /* get mode */;\
|
|
;; ;\
|
|
;\
|
|
cmp4##.##eq pKrnl, pUser = PL_KERNEL, rHpT1 /* set mode pred */;\
|
|
cmp4##.##eq pKstk, pUstk = PL_KERNEL, rHpT1 /* set stack pred */;\
|
|
add rHpT1 = PcKernelDebugActive-PcStackLimit, rTH1 ;\
|
|
;; ;\
|
|
;\
|
|
(pKstk) ld8 rTH1 = [rTH1] ;\
|
|
(pKstk) cmp##.##geu##.##unc pOverflow2 = rTH3, rTH2 ;\
|
|
(pKstk) add sp = -TrapFrameLength, sp /* allocate TF */;\
|
|
;; ;\
|
|
;\
|
|
ld1 rHpT1 = [rHpT1] /* load kernel db state */;\
|
|
(pKstk) cmp##.##leu##.##unc pOverflow1 = sp, rTH1 ;\
|
|
(pKstk) cmp##.##geu##.##unc pOverflow3 = sp, rTH3 ;\
|
|
;; ;\
|
|
;\
|
|
mov rHISR = cr##.##isr ;\
|
|
cmp##.##ne##.##or pKDbg = r0, rHpT1 /* kernel debug active? */;\
|
|
mov rPanicCode = PANIC_STACK_SWITCH ;\
|
|
;\
|
|
(pUstk) add sp = -ThreadStateSaveAreaLength-TrapFrameLength, rTH4 ;\
|
|
(pOverflow1) br.spnt.few KiPanicHandler ;\
|
|
(pOverflow2) br.spnt.few KiPanicHandler ;\
|
|
(pOverflow3) br.spnt.few KiPanicHandler
|
|
|
|
|
|
|
|
//++
|
|
// Routine:
|
|
//
|
|
// SAVE_INTERRUPTION_STATE(Label)
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// Common code for saving interruption state on entry to a heavyweight
|
|
// handler.
|
|
//
|
|
// Arguments:
|
|
//
|
|
// Label: label for branching around BSP switch
|
|
//
|
|
// On entry:
|
|
//
|
|
// sp -> trap frame
|
|
//
|
|
// On exit:
|
|
//
|
|
// Static registers gp, teb, sp, fpsr spilled into the trap frame.
|
|
// Registers gp, teb, fpsr are set up for kernel mode execution.
|
|
//
|
|
// Return Value:
|
|
//
|
|
// None
|
|
//
|
|
// Notes:
|
|
//
|
|
// Interruption resources already captured in bank 0 registers h16-h23.
|
|
// It's safe to take data TLB fault when saving them into the trap
|
|
// frame because kernel stack is always resident in memory. This macro
|
|
// is carefully constructed to save the bank registers' contents in
|
|
// the trap frame and reuse them to capture other register states as
|
|
// soon as they are available. Until we have a virtual register
|
|
// allocation scheme in place, the bank 0 register aliases defined at
|
|
// the beginning of the file must be updated when this macro is modified.
|
|
//
|
|
// MS preprocessor requires /* */ style comments below
|
|
//--
|
|
|
|
|
|
#define SAVE_INTERRUPTION_STATE(Label) ;\
|
|
;\
|
|
/* Save interruption resources in trap frame */ ;\
|
|
;\
|
|
;\
|
|
ssm (1 << PSR_IC) | (1 << PSR_DFH) | (1 << PSR_AC) ;\
|
|
add rHpT1 = TrStIPSR, sp /* -> IPSR */;\
|
|
;; ;\
|
|
srlz##.##d ;\
|
|
st8 [rHpT1] = rHIPSR, TrStISR-TrStIPSR /* save IPSR */;\
|
|
add rHpT2 = TrPreds, sp /* -> Preds */;\
|
|
;; ;\
|
|
;\
|
|
st8 [rHpT1] = rHISR, TrStIIP-TrStISR /* save ISR */;\
|
|
st8 [rHpT2] = rHOldPreds, TrBrRp-TrPreds ;\
|
|
;; ;\
|
|
;\
|
|
mov rHUNAT = ar##.##unat ;\
|
|
st8 [rHpT1] = rHIIP, TrStIFS-TrStIIP /* save IIP */;\
|
|
mov rHBrp = brp ;\
|
|
;; ;\
|
|
;\
|
|
mov rHFPSR = ar##.##fpsr ;\
|
|
st8 [rHpT1] = rHIFS, TrStIIPA-TrStIFS /* save IFS */;\
|
|
mov rHPFS = ar##.##pfs ;\
|
|
;; ;\
|
|
;\
|
|
st8 [rHpT1] = rHIIPA, TrStFPSR-TrStIIPA /* save IIPA */;\
|
|
st8 [rHpT2] = rHBrp, TrRsPFS-TrBrRp ;\
|
|
;; ;\
|
|
;\
|
|
mov rHRSC = ar##.##rsc ;\
|
|
st8 [rHpT2] = rHPFS /* save PFS */;\
|
|
add rHpT2 = TrApUNAT, sp ;\
|
|
;\
|
|
mov rHBSP = ar##.##bsp ;\
|
|
;; ;\
|
|
;\
|
|
mov ar##.##rsc = r0 /* put RSE in lazy mode */;\
|
|
st8 [rHpT2] = rHUNAT, TrIntGp-TrApUNAT /* save UNAT */;\
|
|
;; ;\
|
|
;\
|
|
mov rHBSPSTORE = ar##.##bspstore /* get user bspstore point */;\
|
|
st8 [rHpT1] = rHFPSR, TrRsBSP-TrStFPSR /* save FPSR */;\
|
|
;; ;\
|
|
;\
|
|
st8##.##spill [rHpT2] = gp, TrIntTeb-TrIntGp /* spill GP */;\
|
|
st8 [rHpT1] = rHBSP /* save BSP */;\
|
|
;; ;\
|
|
;\
|
|
st8##.##spill [rHpT2] = teb, TrIntSp-TrIntTeb /* spill TEB (r13) */;\
|
|
(pUstk) mov teb = kteb /* sanitize teb */;\
|
|
sub rHBSP = rHBSP, rHBSPSTORE /* size of dirty region */;\
|
|
;; ;\
|
|
;\
|
|
st8##.##spill [rHpT2] = rHSp, TrApDCR-TrIntSp /* spill SP */;\
|
|
movl rHpT1 = KiPcr + PcKernelGP ;\
|
|
;; ;\
|
|
;\
|
|
(pUstk) mov rHRNAT = ar##.##rnat /* get RNAT */;\
|
|
movl rHFPSR = FPSR_FOR_KERNEL /* initial fpsr value */;\
|
|
;; ;\
|
|
;\
|
|
mov ar##.##fpsr = rHFPSR /* set fpsr */;\
|
|
add rHpT2 = TrRsRSC, sp ;\
|
|
dep rHRSC = rHBSP, rHRSC, RSC_MBZ1, RSC_LOADRS_LEN ;\
|
|
;; ;\
|
|
;\
|
|
ld8 gp = [rHpT1], PcInitialBStore-PcKernelGP /* load GP */;\
|
|
st8 [rHpT2] = rHRSC, TrRsBSPSTORE-TrRsRSC ;\
|
|
(pKstk) br##.##dpnt Label /* br if on kernel stack */;\
|
|
;; ;\
|
|
;\
|
|
/* */;\
|
|
/* If previous mode is user, switch to kernel backing store */;\
|
|
/* -- uses the "loadrs" approach. Note that we do not save the */;\
|
|
/* BSP/BSPSTORE in the trap frame if prvious mode was kernel */;\
|
|
/* */;\
|
|
;\
|
|
ld8 rHpT4 = [rHpT1] /* load kernel bstore */;\
|
|
st8 [rHpT2] = rHBSPSTORE, TrRsRNAT-TrRsBSPSTORE ;\
|
|
;; ;\
|
|
;\
|
|
st8 [rHpT2] = rHRNAT /* save user RNAT */;\
|
|
dep rHpT4 = rHBSPSTORE, rHpT4, 0, 9 ;\
|
|
/* adjust kernel BSPSTORE */;\
|
|
/* for NAT collection */;\
|
|
;; ;\
|
|
;\
|
|
/* */;\
|
|
/* Now running on kernel backing store */;\
|
|
/* */;\
|
|
;\
|
|
Label: ;\
|
|
(pUstk) mov ar##.##bspstore = rHpT4 /* switch to kernel BSP */;\
|
|
(pUstk) mov ar##.##rsc = RSC_KERNEL /* turn rse on, kernel mode */;\
|
|
bsw##.##1 /* switch back to user bank */;\
|
|
;; /* stop bit required */;\
|
|
|
|
|
|
|
|
//++
|
|
// Routine:
|
|
//
|
|
// RETURN_FROM_INTERRUPTION
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// Common handler code to restore trap frame and resume execution
|
|
// at the interruption address.
|
|
//
|
|
// Arguments:
|
|
//
|
|
// Label
|
|
//
|
|
// Return Value:
|
|
//
|
|
// None
|
|
//
|
|
// Note:
|
|
//
|
|
// On entry: interrrupts disabled, sp -> trap frame
|
|
// On exit:
|
|
// MS preprocessor requires /* */ style comments below
|
|
//--
|
|
|
|
#define RETURN_FROM_INTERRUPTION(Label) ;\
|
|
;\
|
|
.##regstk 0,4,2,0 /* must match the alloc instruction below */ ;\
|
|
;\
|
|
rBSP = loc0 ;\
|
|
rRnat = loc1 ;\
|
|
;\
|
|
rpT1 = t1 ;\
|
|
rpT2 = t2 ;\
|
|
rpT3 = t3 ;\
|
|
rpT4 = t4 ;\
|
|
rThread = t6 ;\
|
|
rApcFlag = t7 ;\
|
|
rT1 = t8 ;\
|
|
rT2 = t9 ;\
|
|
;\
|
|
;\
|
|
alloc rT1 = 0,4,2,0 ;\
|
|
movl rpT1 = KiPcr + PcCurrentThread /* ->PcCurrentThread */;\
|
|
;; ;\
|
|
;\
|
|
invala ;\
|
|
(pUstk) ld8 rThread = [rpT1], PcDebugActive-PcCurrentThread ;\
|
|
(pKstk) br##.##call##.##spnt brp = KiRestoreTrapFrame ;\
|
|
;; ;\
|
|
;\
|
|
(pUstk) ld1 rT1 = [rpT1] /* load user debug active state */;\
|
|
(pUstk) add rpT1 = ThApcState+AsUserApcPending, rThread ;\
|
|
(pKstk) br##.##spnt Label##CriticalExitCode ;\
|
|
;; ;\
|
|
;\
|
|
ld1 rApcFlag = [rpT1], ThAlerted-ThApcState-AsUserApcPending ;\
|
|
add rBSP = TrRsBSP, sp ;\
|
|
add rRnat = TrRsRNAT, sp /* -> user RNAT */;\
|
|
;; ;\
|
|
;\
|
|
st1.nta [rpT1] = zero ;\
|
|
cmp##.##ne pApc = zero, rApcFlag ;\
|
|
cmp##.##ne pUDbg = zero, rT1 /* if ne, user debug active */;\
|
|
;; ;\
|
|
;\
|
|
PSET_IRQL (pApc, APC_LEVEL) ;\
|
|
movl gp = _gp /* restore to kernel gp value */;\
|
|
;\
|
|
(pApc) FAST_ENABLE_INTERRUPTS ;\
|
|
(pApc) mov out1 = sp ;\
|
|
(pApc) br##.##call##.##sptk brp = KiApcInterrupt ;\
|
|
;; ;\
|
|
;\
|
|
ld8 rBSP = [rBSP] /* user BSP */;\
|
|
ld8 rRnat = [rRnat] /* user RNAT */;\
|
|
;\
|
|
(pApc) FAST_DISABLE_INTERRUPTS ;\
|
|
PSET_IRQL (pApc, zero) ;\
|
|
(pUDbg) br##.##call##.##spnt brp = KiLoadUserDebugRegisters ;\
|
|
;; ;\
|
|
;\
|
|
br##.##call##.##sptk brp = KiRestoreTrapFrame ;\
|
|
;; ;\
|
|
;\
|
|
;\
|
|
Label##CriticalExitCode: ;\
|
|
;\
|
|
add loc2 = TrBrRp, sp ;\
|
|
add loc3 = TrRsRSC, sp ;\
|
|
bsw##.##0 ;\
|
|
;; ;\
|
|
;\
|
|
ld8 rHBrp = [loc2], TrStIPSR-TrBrRp ;\
|
|
ld8 rHRSC = [loc3] ;\
|
|
mov loc3 = RSC_KERNEL_DISABLED ;\
|
|
;; ;\
|
|
;\
|
|
ld8 rHIPSR = [loc2], TrRsPFS-TrStIPSR ;\
|
|
movl rHpT1 = KiPcr+PcHighFpOwner ;\
|
|
;; ;\
|
|
;\
|
|
ld8 rHPFS = [loc2] ;\
|
|
ld8 rHpT4 = [rHpT1], PcCurrentThread-PcHighFpOwner ;\
|
|
extr.u loc2 = rHRSC, RSC_MBZ1, RSC_LOADRS_LEN ;\
|
|
;; ;\
|
|
;\
|
|
sub rHBSPSTORE = rBSP, loc2 ;\
|
|
dep loc3 = loc2, loc3, RSC_LOADRS, RSC_LOADRS_LEN ;\
|
|
;; ;\
|
|
;\
|
|
mov ar##.##rsc = loc3 /* RSE off */ ;\
|
|
mov brp = rHBrp ;\
|
|
mov rHRNAT = rRnat ;\
|
|
;; ;\
|
|
;\
|
|
alloc rTH1 = 0,0,0,0 ;\
|
|
;; ;\
|
|
;\
|
|
loadrs /* pull in user regs */;\
|
|
/* up to tear point */ ;\
|
|
dep rHRSC = r0, rHRSC, RSC_MBZ1, RSC_LOADRS_LEN ;\
|
|
;; ;\
|
|
;\
|
|
(pUstk) mov ar##.##bspstore = rHBSPSTORE /* restore user BSP */ ;\
|
|
ld8 rHpT3 = [rHpT1], PcKernelDebugActive-PcCurrentThread ;\
|
|
mov ar##.##pfs = rHPFS /* restore PFS */;\
|
|
;; ;\
|
|
;\
|
|
(pUstk) mov ar##.##rnat = rHRNAT /* restore user RNAT */;\
|
|
ld1 rHpT1 = [rHpT1] ;\
|
|
add rHIFS = TrStIFS, sp ;\
|
|
;; ;\
|
|
;\
|
|
ld8 rHIFS = [rHIFS] /* load IFS */;\
|
|
cmp##.##ne pt0, pt1 = rHpT4, rHpT3 ;\
|
|
dep rHpT4 = 0, rHIPSR, PSR_MFH, 1 ;\
|
|
;; ;\
|
|
;\
|
|
mov ar.rsc = rHRSC /* restore user RSC */;\
|
|
(pKstk) cmp##.##ne##.##unc pKDbg, pt2 = rHpT1, r0 /* hardware debug? */ ;\
|
|
(pUstk) dep rHpT4 = 1, rHpT4, PSR_DFH, 1 ;\
|
|
;; ;\
|
|
;\
|
|
(pt0) mov rHIPSR = rHpT4 ;\
|
|
add rHpT4 = TrApUNAT, sp /* -> previous UNAT */;\
|
|
add rHpT1 = TrStIIPA, sp ;\
|
|
;; ;\
|
|
;\
|
|
ld8 rHUNAT = [rHpT4],TrPreds-TrApUNAT ;\
|
|
ld8 rHIIPA = [rHpT1], TrStIIP-TrStIIPA ;\
|
|
(pKDbg) dep rHIPSR = 1, rHIPSR, PSR_DB, 1 ;\
|
|
;; ;\
|
|
;\
|
|
ld8 rHOldPreds = [rHpT4], TrIntSp-TrPreds ;\
|
|
ld8 rHIIP = [rHpT1], TrStIFS-TrStIIP /* load IIP */;\
|
|
(pt2) dep rHIPSR = 0, rHIPSR, PSR_DB, 1 ;\
|
|
;; ;\
|
|
;\
|
|
ld8##.##fill sp = [rHpT4], TrStIFS-TrIntSp ;\
|
|
rsm 1 << PSR_IC /* reset ic bit */;\
|
|
;; ;\
|
|
;\
|
|
srlz##.##d /* must serialize */;\
|
|
;\
|
|
/* */;\
|
|
/* Restore status registers */;\
|
|
/* */;\
|
|
;\
|
|
mov cr##.##ipsr = rHIPSR /* restore previous IPSR */;\
|
|
mov cr##.##iipa = rHIIPA /* restore previous IIPA */;\
|
|
;\
|
|
mov cr##.##ifs = rHIFS /* restore previous IFS */;\
|
|
mov cr##.##iip = rHIIP /* restore previous IIP */;\
|
|
mov pr = rHOldPreds, -1 /* restore preds */;\
|
|
;; ;\
|
|
;\
|
|
/* */;\
|
|
/* Resume at point of interruption (rfi must be at end of instruction group)*/;\
|
|
/* */;\
|
|
mov ar##.##unat = rHUNAT /* restore UNAT */;\
|
|
mov h17 = r0 /* clear TB loop count */;\
|
|
rfi ;\
|
|
;;
|
|
|
|
|
|
//
|
|
// Interruption Vector Table. First level interruption vectors.
|
|
// This section must be 32K aligned. The special section ".drectve"
|
|
// is used to pass the align command to the linker.
|
|
//
|
|
.section .drectve, "MI", "progbits"
|
|
string "-section:.ivt,,align=0x8000"
|
|
|
|
.section .ivt = "ax", "progbits"
|
|
KiIvtBase:: // symbol for start of IVT
|
|
|
|
//++
|
|
//
|
|
// KiVhptTransVector
|
|
//
|
|
// Cause: The hardware VHPT walker encountered a TLB miss while attempting to
|
|
// reference the virtuall addressed VHPT linear table.
|
|
//
|
|
// Parameters: cr.iip - address of bundle for which the hardware VHPT walker was
|
|
// trying to resolve the TLB miss
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that caused
|
|
// a VHPT translation fault
|
|
//
|
|
// cr.ifa - original faulting address
|
|
//
|
|
// cr.isr - original faulting status information
|
|
//
|
|
// Handle: Extracts the PDE index from cr.iha (PTE address in VHPT) and
|
|
// generates a PDE address by adding to VHPT_DIRBASE. When accesses
|
|
// a page directory entry (PDE), there might be a TLB miss on the
|
|
// page directory table and returns a NaT on ld8.s. If so, branches
|
|
// to KiPageDirectoryTableFault. If the page-not-present bit of the
|
|
// PDE is not set, branches to KiPageNotPresentFault. Otherwise,
|
|
// inserts the PDE entry into the data TC (translation cache).
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x0000, KiVhptTransVector, cr.ifa)
|
|
|
|
#if 1
|
|
rva = h24
|
|
riha = h25
|
|
rpr = h26
|
|
rPte = h27
|
|
rPte2 = h28
|
|
rps = h29
|
|
risr = h30
|
|
riha2 = h31
|
|
rCache = h28
|
|
|
|
mov rva = cr.ifa // M0
|
|
mov riha = cr.iha // M0
|
|
mov rpr = pr // I
|
|
|
|
mov risr = cr.isr // M0
|
|
;;
|
|
|
|
|
|
#ifndef NO_IHA_CHECK
|
|
thash riha2 = rva // M0, for extra IHA checking
|
|
#endif
|
|
ld8.s rPte = [riha] // M
|
|
tbit.z pt3, pt4 = risr, ISR_X // I
|
|
|
|
;;
|
|
tnat.nz pt0 = rPte // I
|
|
tbit.z pt1 = rPte, PTE_VALID // I
|
|
|
|
(pt0) br.cond.spnt KiPageTableFault // B
|
|
(pt1) br.cond.spnt KiPteNotPresentFault // B
|
|
extr.u rCache = rPte, 2, 3 // I
|
|
;;
|
|
|
|
cmp.eq pt5 = 1, rCache // A
|
|
(pt5) br.cond.spnt KiPageTableFault // B
|
|
;;
|
|
|
|
.pred.rel "mutex",pt3,pt4
|
|
(pt4) itc.i rPte // M
|
|
;;
|
|
(pt3) itc.d rPte // M
|
|
;;
|
|
|
|
#if !defined(NT_UP)
|
|
|
|
ld8.s rPte2 = [riha] // M
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
cmp.ne pt0 = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pt0 = rPte2, rPte // M
|
|
#ifndef NO_IHA_CHECK
|
|
cmp.ne.or pt0 = riha, riha2 // M, check if IHA is correct
|
|
#endif
|
|
tnat.nz.or pt0 = rPte2 // I
|
|
|
|
;;
|
|
(pt0) ptc.l rva, rps // M
|
|
#else
|
|
#ifndef NO_IHA_CHECK
|
|
cmp.ne pt0 = riha, riha2 // M, check if IHA is correct
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
;;
|
|
(pt0) ptc.l rva, rps // M
|
|
#endif
|
|
#endif
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
#else
|
|
rva = h24
|
|
riha = h25
|
|
rpr = h26
|
|
rpPde = h27
|
|
rPde = h28
|
|
rPde2 = h29
|
|
rps = h30
|
|
|
|
mov riha = cr.iha // M
|
|
mov rva = cr.ifa // M
|
|
mov rpr = pr // I
|
|
;;
|
|
|
|
thash rpPde = riha // M
|
|
;;
|
|
|
|
ld8.s rPde = [rpPde] // M, load PDE
|
|
;;
|
|
|
|
tnat.nz pt0, p0 = rPde // I
|
|
tbit.z pt1, p0 = rPde, PTE_VALID // I, if non-present page fault
|
|
|
|
(pt0) br.cond.spnt KiPageDirectoryFault // B
|
|
(pt1) br.cond.spnt KiPdeNotPresentFault // B
|
|
|
|
mov cr.ifa = riha // M
|
|
;;
|
|
itc.d rPde // M
|
|
;;
|
|
|
|
#if !defined(NT_UP)
|
|
ld8.s rPde2 = [rpPde] // M
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
cmp.ne pt0 = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pt0 = rPde2, rPde // M, if PTEs are different
|
|
tnat.nz.or pt0 = rPde2 // I
|
|
|
|
;;
|
|
(pt0) ptc.l riha, rps // M, purge it
|
|
#endif
|
|
mov pr = rpr, -1 // I
|
|
rfi // B
|
|
;;
|
|
#endif
|
|
|
|
VECTOR_EXIT(KiVhptTransVector)
|
|
|
|
|
|
//++
|
|
//
|
|
// KiInstTlbVector
|
|
//
|
|
// Cause: The VHPT walker aborted the search for the instruction translation.
|
|
//
|
|
// Parameters: cr.iip - address of bundle for which the hardware VHPT walker was
|
|
// trying to resolve the TLB miss
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the fault
|
|
//
|
|
// cr.iha - PTE address in the VHPT which the VHPT walker was attempting to
|
|
// reference
|
|
//
|
|
// cr.iitr - default translation inforamtion for the address that caused
|
|
// a instruction TLB miss
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: As the VHPT has aborted the search or the implemenation does not
|
|
// support the h/w page table walk, the handler needs to emulates the
|
|
// function. Since the offending PTE address is already available
|
|
// with cr.iha, the handler can access the PTE without performing THASH.
|
|
// Accessing a PTE with ld8.s may return a NaT. If so, it branches to
|
|
// KiPageTableFault. If the page-not-present bit of the PTE is not set,
|
|
// it branches to KiPageFault.
|
|
//
|
|
// Comments: Merced never casues this fault since it never abort the search on the
|
|
// VHPT.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x0400, KiInstTlbVector, cr.iipa)
|
|
|
|
rva = h24
|
|
riha = h25
|
|
rpr = h26
|
|
rPte = h27
|
|
rPte2 = h28
|
|
rps = h29
|
|
rCache = h28
|
|
|
|
KiInstTlbVector0:
|
|
mov riha = cr.iha // M
|
|
mov rva = cr.ifa // M
|
|
mov rpr = pr // I
|
|
;;
|
|
|
|
ld8.s rPte = [riha] // M
|
|
;;
|
|
|
|
tnat.nz pt0, p0 = rPte // I
|
|
tbit.z pt1, p0 = rPte, PTE_VALID // I
|
|
|
|
(pt0) br.cond.spnt KiPageTableFault // B
|
|
(pt1) br.cond.spnt KiPteNotPresentFault // B
|
|
|
|
extr.u rCache = rPte, 2, 3 // I
|
|
;;
|
|
|
|
cmp.eq pt3 = 1, rCache // A
|
|
(pt3) br.cond.spnt Ki4KInstTlbFault // B
|
|
|
|
itc.i rPte // M
|
|
;;
|
|
|
|
#if !defined(NT_UP)
|
|
|
|
ld8.s rPte2 = [riha] // M
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
cmp.ne pt0 = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pt0 = rPte2, rPte // M
|
|
tnat.nz.or pt0 = rPte2 // I
|
|
|
|
;;
|
|
(pt0) ptc.l rva, rps // M
|
|
#endif
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
VECTOR_EXIT(KiInstTlbVector)
|
|
|
|
|
|
//++
|
|
//
|
|
// KiDataTlbVector
|
|
//
|
|
// Cause: The VHPT walker aborted the search for the data translation.
|
|
//
|
|
// Parameters: cr.iip - address of bundle for which the hardware VHPT walker was
|
|
// trying to resolve the TLB miss
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the fault
|
|
//
|
|
// cr.iha - PTE address in the VHPT which the VHPT walker was attempting to
|
|
// reference
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that caused
|
|
// a data TLB miss
|
|
//
|
|
// cr.ifa - address that caused a data TLB miss
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: As the VHPT has aborted the search or the implemenation does not
|
|
// support the h/w page table walk, the handler needs to emulates the
|
|
// function. Since the offending PTE address is already available
|
|
// with cr.iha, the handler can access the PTE without performing THASH.
|
|
// Accessing a PTE with ld8.s may return a NaT. If so, it branches to
|
|
// KiPageTableFault. If the page-not-present bit of the PTE is not set,
|
|
// it branches to KiPageFault.
|
|
//
|
|
// Comments: Merced never casues instruction TLB faults since the VHPT search always
|
|
// sucesses.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x0800, KiDataTlbVector, cr.ifa)
|
|
|
|
rva = h24
|
|
riha = h25
|
|
rpr = h26
|
|
rPte = h27
|
|
rPte2 = h28
|
|
rps = h29
|
|
rCache = h28
|
|
|
|
KiDataTlbVector0:
|
|
mov riha = cr.iha // M
|
|
mov rva = cr.ifa // M
|
|
mov rpr = pr // I
|
|
;;
|
|
|
|
ld8.s rPte = [riha] // M
|
|
;;
|
|
|
|
extr.u rCache = rPte, 2, 3 // I
|
|
;;
|
|
|
|
cmp.eq pt3 = 1, rCache // A
|
|
(pt3) br.cond.spnt Ki4KDataTlbFault // B
|
|
|
|
tnat.nz pt0, p0 = rPte // I
|
|
tbit.z pt1, p0 = rPte, PTE_VALID // I
|
|
|
|
(pt0) br.cond.spnt KiPageTableFault // B
|
|
(pt1) br.cond.spnt KiPteNotPresentFault // B
|
|
|
|
itc.d rPte // M
|
|
;;
|
|
|
|
#if !defined(NT_UP)
|
|
ld8.s rPte2 = [riha] // M
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
cmp.ne pt0 = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pt0 = rPte2, rPte // M
|
|
tnat.nz.or pt0 = rPte2 // I
|
|
;;
|
|
|
|
(pt0) ptc.l rva, rps // M
|
|
#endif
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
VECTOR_EXIT(KiDataTlbVector)
|
|
|
|
|
|
//++
|
|
//
|
|
// KiAltTlbVector
|
|
//
|
|
// Cause: There was a TLB miss for instruction execution and the VHPT
|
|
// walker was not enabled for the referenced region.
|
|
//
|
|
// Parameters: cr.iip - address of bundle that caused a TLB miss
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that caused
|
|
// the fault.
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: Currently, NT does not have any use of this vector.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x0c00, KiAltInstTlbVector, cr.iipa)
|
|
|
|
rva = h24
|
|
riha = h25
|
|
|
|
mov rva = cr.ifa
|
|
;;
|
|
thash riha = rva
|
|
;;
|
|
mov cr.iha = riha
|
|
;;
|
|
srlz.d
|
|
br.sptk KiInstTlbVector0
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiMemoryFault)
|
|
|
|
VECTOR_EXIT(KiAltInstTlbVector)
|
|
|
|
|
|
|
|
//++
|
|
//
|
|
// KiAltDataTlbVector
|
|
//
|
|
// Cause: There was a data TLB miss and the VHPT walker was not enabled for
|
|
// the referenced region.
|
|
//
|
|
// Parameters: cr.iip - address of bundle that caused a TLB miss
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that caused
|
|
// the fault.
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: Currently, NT does not have any use of this vector.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x1000, KiAltDataTlbVector, cr.ifa)
|
|
|
|
rva = h24
|
|
riha = h25
|
|
rpr = h26
|
|
rPte = h27
|
|
rKseglimit = h28
|
|
rIPSR = h30
|
|
rISR = h29
|
|
rVrn = h31
|
|
|
|
#if NO_VHPT_WALKER
|
|
|
|
rRR = h30
|
|
|
|
mov rva = cr.ifa // M
|
|
mov rpr = pr // I
|
|
;;
|
|
|
|
mov rRR = rr[rva]
|
|
movl rKseglimit = KSEG3_LIMIT
|
|
;;
|
|
|
|
thash riha = rva
|
|
tbit.z pt4 = rRR, 0
|
|
|
|
mov rIPSR = cr.ipsr
|
|
shr.u rVrn = rva, VRN_SHIFT // I, get VPN
|
|
(pt4) br.cond.spnt AltFault
|
|
;;
|
|
|
|
mov cr.iha = riha
|
|
;;
|
|
srlz.d
|
|
mov pr = rpr, -1
|
|
br.sptk KiDataTlbVector0
|
|
;;
|
|
|
|
AltFault:
|
|
|
|
#else
|
|
|
|
mov rva = cr.ifa // M
|
|
movl rKseglimit = KSEG3_LIMIT
|
|
;;
|
|
|
|
|
|
mov rIPSR = cr.ipsr
|
|
mov rpr = pr // I
|
|
shr.u rVrn = rva, VRN_SHIFT // I, get VPN
|
|
;;
|
|
|
|
#endif
|
|
extr.u rIPSR = rIPSR, PSR_CPL, PSR_CPL_LEN
|
|
;;
|
|
|
|
|
|
cmp.ne pt1 = PL_KERNEL, rIPSR
|
|
cmp.ne pt2 = KSEG3_VRN, rVrn // M/I
|
|
cmp.eq pt4 = KSEG4_VRN, rVrn
|
|
|
|
(pt1) br.cond.spnt KiCallMemoryFault // if it was User
|
|
(pt4) br.cond.spnt KiKseg4Fault
|
|
(pt2) br.cond.spnt NoKsegFault // B
|
|
|
|
cmp.leu pt0 = rKseglimit, rva
|
|
(pt0) br.cond.spnt NoKsegFault
|
|
|
|
mov rISR = cr.isr // M
|
|
movl rPte = VALID_KERNEL_PTE // L
|
|
|
|
mov rIPSR = cr.ipsr // M
|
|
shr.u rva = rva, PAGE_SHIFT // I
|
|
;;
|
|
tbit.z pt2, pt3 = rISR, ISR_SP // I
|
|
dep.z rva = rva, PAGE_SHIFT, 32 // I
|
|
;;
|
|
or rPte = rPte, rva // I
|
|
dep rIPSR = 1, rIPSR, PSR_ED, 1 // I
|
|
;;
|
|
|
|
(pt2) itc.d rPte // M
|
|
;;
|
|
(pt3) mov cr.ipsr = rIPSR // M
|
|
;;
|
|
|
|
mov pr = rpr, -1 // I
|
|
rfi // B
|
|
;;
|
|
|
|
NoKsegFault:
|
|
|
|
rPdeUtbase = h27
|
|
rva0 = h29
|
|
rPpe = h30
|
|
oldgp = h31
|
|
|
|
shr.u rva0 = rva, PAGE_SHIFT
|
|
movl rPdeUtbase = KiPcr+PcPdeUtbase
|
|
mov oldgp = gp
|
|
movl gp = _gp
|
|
;;
|
|
|
|
ld8 rPdeUtbase = [rPdeUtbase]
|
|
add rPpe = @gprel(MiDefaultPpe), gp
|
|
dep.z rva0 = rva0, PAGE_SHIFT, VRN_SHIFT-PAGE_SHIFT
|
|
;;
|
|
|
|
ld8 rPpe = [rPpe]
|
|
cmp.ne pt3, p0 = rva0, rPdeUtbase
|
|
mov gp = oldgp
|
|
(pt3) br.cond.spnt KiPageFault
|
|
;;
|
|
|
|
itc.d rPpe
|
|
;;
|
|
mov pr = rpr, -1
|
|
rfi;;
|
|
|
|
VECTOR_EXIT(KiAltDataTlbVector)
|
|
|
|
|
|
|
|
//++
|
|
//
|
|
// KiNestedTlbVector
|
|
//
|
|
// Cause: Instruction/Data TLB miss handler encountered a TLB miss while
|
|
// attempting to reference the PTE in the virtuall addressed
|
|
// VHPT linear table.
|
|
//
|
|
// Parameters: cr.iip - address of bundle for which the hardware VHPT walker was
|
|
// trying to resolve the TLB miss
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of VHPT translation fault
|
|
//
|
|
// cr.iha - address in VHPT which the VHPT walker was attempting to
|
|
// reference
|
|
//
|
|
// cr.idtr - default translation inforamtion for the virtual address
|
|
// contained in cr.iha
|
|
//
|
|
// cr.ifa - original faulting address
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// h16(riha) - PTE address in the VHPT which caused the Nested miss
|
|
//
|
|
// Handle: Currently, there is no use for Nested TLB vector. This should be
|
|
// a bug fault. Call KiPanicHandler.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x1400, KiNestedTlbVector, cr.ifa)
|
|
|
|
ALLOCATE_TRAP_FRAME
|
|
br.sptk KiPanicHandler
|
|
|
|
VECTOR_EXIT(KiNestedTlbVector)
|
|
|
|
//++
|
|
//
|
|
// KiInstKeyMissVector
|
|
//
|
|
// Cause: There was a instruction key miss in the translation. Since the
|
|
// architecture allows an implementation to choose a unified TC
|
|
// structure, the hyper space translation brought by the data
|
|
// access-bit may cause a instruction key miss fault. Only erroneous
|
|
// user code tries to execute the NT page table and hyper space.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a instruction key miss fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the data key miss fault
|
|
//
|
|
// cr.idtr - default translation inforamtion of the address that caused
|
|
// the fault.
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: Save the whole register state and call MmAccessFault().
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x1800, KiInstKeyMissVector, cr.iipa)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiMemoryFault)
|
|
|
|
VECTOR_EXIT(KiInstKeyMissVector)
|
|
|
|
|
|
|
|
//++
|
|
//
|
|
// KiDataKeyMissVector
|
|
//
|
|
// Cause: The referenced translation had the different key ID from the one
|
|
// specified the key permission register. This is an indication of
|
|
// TLB miss on the NT page table and hyperspace.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused the fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the data key miss fault
|
|
//
|
|
// cr.idtr - default translation inforamtion of the address that caused
|
|
// the fault.
|
|
//
|
|
// cr.ifa - address that caused a data key miss
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: The handler needs to purge the faulting translation and install
|
|
// a new PTE by loading it from the VHPT. The key ID of the IDTR
|
|
// for the installing translation should be modified to be the same
|
|
// ID as the local region ID. This effectively creates a local
|
|
// space within the global kernel space.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x1c00, KiDataKeyMissVector, cr.ifa)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiMemoryFault)
|
|
|
|
VECTOR_EXIT(KiDataKeyMissVector)
|
|
|
|
//++
|
|
//
|
|
// KiDirtyBitVector
|
|
//
|
|
// Cause: The refereced data translation did not have the dirty-bit set and
|
|
// a write operation was made to this page.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a dirty bit fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of a data access fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that
|
|
// caused the fault
|
|
//
|
|
// cr.ifa - referenced data address that caused the dirty-bit fault
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: Save the whole register state and call MmAccessFault().
|
|
//
|
|
// Comments: There is always a TLB coherency problem on a multiprocessor
|
|
// system. Rather than implementing an atomic operation of setting
|
|
// dirty-bit within this handler, the handler instead calls the high
|
|
// level C routine, MmAccessFault(), to perform locking the page table
|
|
// and setting the dirty-bit of the PTE.
|
|
//
|
|
// It is too much effort to implement the atomic operation of setting
|
|
// the dirty-bit using cmpxchg; a potential nested TLB miss on load/store
|
|
// and restoring ar.ccv complicate the design of the handler.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x2000, KiDirtyBitVector, cr.ifa)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiMemoryFault)
|
|
|
|
VECTOR_EXIT(KiDirtyBitVector)
|
|
|
|
//++
|
|
//
|
|
// KiInstAccessBitVector
|
|
//
|
|
// Cause: There is a access-bit fault on the instruction translation. This only
|
|
// happens if the erroneous user mistakenly accesses the NT page table and
|
|
// hyper space.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a instruction access bit fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of a data access fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that
|
|
// caused the fault
|
|
//
|
|
// cr.ifa - referenced data address that caused the data access-bit fault
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: Save the whole register state and call MmAccessFault().
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x2400, KiInstAccessBitVector, cr.iipa)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiMemoryFault)
|
|
|
|
VECTOR_EXIT(KiInstAccessBitVector)
|
|
|
|
//++
|
|
//
|
|
// KiDataBitAccessVector
|
|
//
|
|
// Cause: The reference-bit in the the referenced translation was zero,
|
|
// indicating there was a TLB miss on the NT page table or hyperspace.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a data access bit fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of a data access fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that
|
|
// caused the fault
|
|
//
|
|
// cr.ifa - referenced data address that caused the data access-bit fault
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: The reference-bit is used to fault on PTEs for the NT page table and
|
|
// hyperspace. On a data access-bit fault, the handler needs to change the
|
|
// the default key ID of the IDTR to be the local key ID. This effectively
|
|
// creates the local space within the global kernel space.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x2800, KiDataAccessBitVector, cr.ifa)
|
|
|
|
rva = h24
|
|
rpr = h26
|
|
rIPSR = h27
|
|
rISR = h31
|
|
|
|
//
|
|
// check to see if non-present fault occurred on a speculative load.
|
|
// if so, set IPSR.ed bit. This forces to generate a NaT on ld.s after
|
|
// rfi
|
|
//
|
|
|
|
mov rpr = pr
|
|
mov rISR = cr.isr // M
|
|
mov rIPSR = cr.ipsr // M
|
|
;;
|
|
|
|
tbit.z pt0, p0 = rISR, ISR_SP // I
|
|
dep rIPSR = 1, rIPSR, PSR_ED, 1 // I
|
|
|
|
(pt0) br.cond.spnt KiCallMemoryFault // B
|
|
;;
|
|
|
|
mov cr.ipsr = rIPSR // M
|
|
;;
|
|
mov pr = rpr, -1 // I
|
|
rfi // B
|
|
;;
|
|
|
|
VECTOR_EXIT(KiDataBitAccessVector)
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiBreakVector
|
|
//
|
|
// Description:
|
|
//
|
|
// Interruption vector for break instruction.
|
|
//
|
|
// On entry:
|
|
//
|
|
// IIM contains break immediate value:
|
|
// -- BREAK_SYSCALL -> standard system call
|
|
// interrupts disabled
|
|
// r16-r31 switched to kernel bank
|
|
// r16-r31 all available since no TLB faults at this point
|
|
//
|
|
// Return value:
|
|
//
|
|
// if system call, sys call return value in v0.
|
|
//
|
|
// Process:
|
|
//--------------------------------------------------------------------
|
|
|
|
VECTOR_ENTRY(0x2C00, KiBreakVector, cr.iim)
|
|
|
|
mov rHIIM = cr.iim // get break value
|
|
movl rTH1 = KiPcr+PcSavedIIM
|
|
;;
|
|
st8 [rTH1] = rHIIM
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiOtherBreakException)
|
|
|
|
//
|
|
// Do not return from handler
|
|
//
|
|
|
|
VECTOR_EXIT(KiBreakVector)
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiExternalInterruptVector
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// Interruption vector for External Interrrupt
|
|
//
|
|
// On entry:
|
|
//
|
|
// interrupts disabled
|
|
// r16-r31 switched to kernel bank
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
// Process:
|
|
//--------------------------------------------------------------------
|
|
|
|
VECTOR_ENTRY(0x3000, KiExternalInterruptVector, r0)
|
|
|
|
mov h24 = cr.iip
|
|
movl h25 = MM_EPC_VA+0x20
|
|
;;
|
|
mov h26 = pr
|
|
cmp.ne pt0 = h25, h24
|
|
add h25 = 0x10, h25
|
|
;;
|
|
mov h27 = cr.ipsr
|
|
(pt0) cmp.ne pt0 = h25, h24
|
|
;;
|
|
|
|
dep h27 = 0, h27, PSR_I, 1
|
|
(pt0) br.cond.sptk kei_taken
|
|
;;
|
|
mov cr.ipsr = h27
|
|
;;
|
|
mov pr = h26, -1
|
|
rfi
|
|
;;
|
|
|
|
kei_taken:
|
|
mov pr = h26, -1
|
|
;;
|
|
ALLOCATE_TRAP_FRAME
|
|
;;
|
|
SAVE_INTERRUPTION_STATE(Keih_SaveTrapFrame)
|
|
br.many KiExternalInterruptHandler
|
|
;;
|
|
|
|
//
|
|
// Do not return (rfi from handler)
|
|
//
|
|
|
|
VECTOR_EXIT(KiExternalInterruptVector)
|
|
|
|
//++
|
|
//
|
|
// KiPageNotPresentVector
|
|
//
|
|
// Cause: The translation for the referenced page did not have a present-bit
|
|
// set.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a page not present fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of a page not present ault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that
|
|
// caused the fault
|
|
//
|
|
// cr.ifa - referenced data address if the fault occurred on the data
|
|
// reference
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: This is the page fault. The handler saves the register context and
|
|
// calls MmAccessFault().
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5000, KiPageNotPresentVector, cr.ifa)
|
|
|
|
rva = h24
|
|
riha = h25
|
|
rpr = h26
|
|
rPte = h27
|
|
rps = h29
|
|
|
|
mov rva = cr.ifa // M
|
|
mov rpr = pr // I
|
|
;;
|
|
|
|
thash riha = rva // M
|
|
cmp.ne pt1 = r0, r0
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
;;
|
|
|
|
ld8.s rPte = [riha] // M
|
|
;;
|
|
|
|
tnat.nz pt0, p0 = rPte // I
|
|
tbit.z.or pt1, p0 = rPte, PTE_ACCESS
|
|
tbit.z.or pt1, p0 = rPte, PTE_VALID // I, if non-present page fault
|
|
|
|
(pt0) br.cond.spnt KiPageTableFault // B
|
|
(pt1) br.cond.spnt KiPteNotPresentFault // B
|
|
|
|
//
|
|
// if we find a valid PTE that is speculatively fetched into the TLB
|
|
// then, purge it and return.
|
|
//
|
|
|
|
ptc.l rva, rps // M
|
|
;;
|
|
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
VECTOR_EXIT(KiPageNotPresentVector)
|
|
|
|
|
|
|
|
//++
|
|
//
|
|
// KiKeyPermVector
|
|
//
|
|
// Cause: Read, write or execution key permissions were violated.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a key permission fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of a key permission fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that
|
|
// caused the fault
|
|
//
|
|
// cr.ifa - referenced data address if the key permission occurred on
|
|
// the data reference
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: This should not happen. The EM/NT does not utilize the key permissions.
|
|
// The handler saves the register state and calls the bug check.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5100, KiKeyPermVector, cr.ifa)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiMemoryFault)
|
|
|
|
VECTOR_EXIT(KiKeyPermVector)
|
|
|
|
|
|
|
|
//++
|
|
//
|
|
// KiInstAccessRightsVector
|
|
//
|
|
// Cause: The referenced page had a access rights violation.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a data access bit fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of a data access fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that
|
|
// caused the fault
|
|
//
|
|
// cr.ifa - referenced data address that caused the data ccess-bit fault
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: The handler saves the register context and calls MmAccessFault().
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5200, KiInstAccessRightsVector, cr.iipa)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiMemoryFault)
|
|
|
|
VECTOR_EXIT(KiInstAccessRightsVector)
|
|
|
|
|
|
|
|
//++
|
|
//
|
|
// KiDataAccessRightsVector
|
|
//
|
|
// Cause: The referenced page had a data access rights violation.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a data access rights fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of a data access rights fault
|
|
//
|
|
// cr.idtr - default translation inforamtion for the address that
|
|
// caused the fault
|
|
//
|
|
// cr.ifa - referenced data address that caused the data access rights
|
|
// fault
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: The handler saves the register context and calls MmAccessFault().
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5300, KiDataAccessRightsVector, cr.ifa)
|
|
|
|
rva = h24
|
|
rpr = h26
|
|
rIPSR = h27
|
|
rISR = h31
|
|
|
|
//
|
|
// check to see if non-present fault occurred on a speculative load.
|
|
// if so, set IPSR.ed bit. This forces to generate a NaT on ld.s after
|
|
// rfi
|
|
//
|
|
|
|
mov rpr = pr
|
|
mov rISR = cr.isr // M
|
|
mov rIPSR = cr.ipsr // M
|
|
;;
|
|
|
|
tbit.z pt0, p0 = rISR, ISR_SP // I
|
|
dep rIPSR = 1, rIPSR, PSR_ED, 1 // I
|
|
|
|
(pt0) br.cond.spnt KiCallMemoryFault // B
|
|
;;
|
|
|
|
mov cr.ipsr = rIPSR // M
|
|
;;
|
|
mov pr = rpr, -1 // I
|
|
rfi // B
|
|
;;
|
|
|
|
VECTOR_EXIT(KiDataAccessRightsVector)
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiGeneralExceptionsVector
|
|
//
|
|
// Description:
|
|
//
|
|
// Interruption vector for General Exceptions
|
|
//
|
|
// On entry:
|
|
// interrupts disabled
|
|
// r16-r31 switched to kernel bank
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
// Process:
|
|
//--------------------------------------------------------------------
|
|
|
|
VECTOR_ENTRY(0x5400, KiGeneralExceptionsVector, cr.isr)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiGeneralExceptions)
|
|
|
|
//
|
|
// Do not return (rfi from handler)
|
|
//
|
|
|
|
VECTOR_EXIT(KiGeneralExceptionsVector)
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiDisabledFpRegisterVector
|
|
//
|
|
// Description:
|
|
//
|
|
// Interruption vector for Disabled FP-register vector
|
|
//
|
|
// On entry:
|
|
// interrupts disabled
|
|
// r16-r31 switched to kernel bank
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
// Process:
|
|
//--------------------------------------------------------------------
|
|
|
|
VECTOR_ENTRY(0x5500, KiDisabledFpRegisterVector, cr.isr)
|
|
|
|
mov rHIPSR = cr.ipsr
|
|
mov rHIIP = cr.iip
|
|
cover
|
|
;;
|
|
|
|
mov rHIFS = cr.ifs
|
|
extr.u rTH1 = rHIPSR, PSR_CPL, PSR_CPL_LEN
|
|
mov rHOldPreds = pr
|
|
;;
|
|
|
|
cmp4.eq pKrnl, pUser = PL_KERNEL, rTH1
|
|
;;
|
|
(pUser) tbit.z.unc pt0, pt1 = rHIPSR, PSR_DFH // if dfh not set,
|
|
// dfl must be set
|
|
(pKrnl) br.spnt.few Kdfrv10 // Kernel mode should never get here.
|
|
;;
|
|
|
|
(pt1) ssm 1 << PSR_IC // set ic bit
|
|
(pt1) mov rHDfhPFS = ar.pfs
|
|
(pt1) mov rHDfhBrp = brp
|
|
;;
|
|
|
|
(pt1) srlz.d
|
|
(pt1) br.call.sptk.many brp = KiRestoreHigherFPVolatile
|
|
(pt0) br.spnt.few Kdfrv10
|
|
;;
|
|
|
|
rsm 1 << PSR_IC // reset ic bit
|
|
dep rHIPSR = 0, rHIPSR, PSR_DFH, 1 // reset dfh bit
|
|
mov brp = rHDfhBrp
|
|
;;
|
|
|
|
srlz.d
|
|
mov cr.ifs = rHIFS
|
|
mov ar.pfs = rHDfhPFS
|
|
|
|
mov cr.ipsr = rHIPSR
|
|
mov cr.iip = rHIIP
|
|
mov pr = rHOldPreds, -1
|
|
;;
|
|
|
|
rfi
|
|
;;
|
|
|
|
Kdfrv10:
|
|
mov pr = rHOldPreds, -1
|
|
movl rHHandler = KiGeneralExceptions
|
|
|
|
br.sptk KiGenericExceptionHandler
|
|
;;
|
|
|
|
VECTOR_EXIT(KiDisabledFpRegisterVector)
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiNatConsumptionVector
|
|
//
|
|
// Description:
|
|
//
|
|
// Interruption vector for Nat Consumption Vector
|
|
//
|
|
// On entry:
|
|
// interrupts disabled
|
|
// r16-r31 switched to kernel bank
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
// Process:
|
|
//--------------------------------------------------------------------
|
|
|
|
VECTOR_ENTRY(0x5600, KiNatConsumptionVector, cr.isr)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiNatExceptions)
|
|
|
|
//
|
|
// Do not return (rfi from handler)
|
|
//
|
|
|
|
VECTOR_EXIT(KiNatConsumptionVector)
|
|
|
|
//++
|
|
//
|
|
// KiSpeculationVector
|
|
//
|
|
// Cause: CHK.S, CHK.A, FCHK detected an exception condition.
|
|
//
|
|
// Parameters: cr.iip - address of bundle which caused a speculation fault
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of a speculation fault
|
|
//
|
|
// cr.iipa - address of bundle containing the last
|
|
// successfully executed instruction
|
|
//
|
|
// cr.iim - contains the immediate value in either
|
|
// CHK.S, CHK.A, or FCHK opecode
|
|
//
|
|
// cr.isr - faulting status information
|
|
//
|
|
// Handle: The handler implements a branch operation to the
|
|
// recovery code specified by the IIM IP-offset.
|
|
//
|
|
// Note: This code will not be exercised until the compiler
|
|
// generates the speculation code.
|
|
//
|
|
// TBD: Need to check for taken branch trap.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5700, KiSpeculationVector, cr.iim)
|
|
|
|
mov h16 = cr.iim // get imm offset
|
|
mov h17 = cr.iip // get IIP
|
|
;;
|
|
extr h16 = h16, 0, 21 // get sign-extended
|
|
mov h18 = cr.ipsr
|
|
;;
|
|
shladd h16 = h16, 4, h17 // get addr for recovery handler
|
|
dep h18 = 0, h18, PSR_RI, 2 // zero target slot number
|
|
;;
|
|
mov cr.ipsr = h18
|
|
mov cr.iip = h16
|
|
;;
|
|
rfi
|
|
;;
|
|
|
|
VECTOR_EXIT(KiSpeculationVector)
|
|
|
|
//++
|
|
//
|
|
// KiDebugFaultVector
|
|
//
|
|
// Cause: A unaligned data access fault has occured
|
|
//
|
|
// Parameters: cr.iip - address of bundle causing the fault.
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of interruption.
|
|
//
|
|
// cr.iipa - address of bundle containing the last
|
|
// successfully executed instruction
|
|
//
|
|
// cr.isr - faulting status information. ISR.ei bits are
|
|
// set to indicate which instruction caused the
|
|
// exception.
|
|
// The ISR.code contains information about the
|
|
// FP exception fault. See trapc.c and the EAS
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5900, KiDebugFaultVector, cr.isr)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiDebugFault)
|
|
|
|
//
|
|
// Do not return (rfi from handler)
|
|
//
|
|
|
|
VECTOR_EXIT(KiDebugFaultVector)
|
|
|
|
//++
|
|
//
|
|
// KiUnalignedFaultVector
|
|
//
|
|
// Cause: A unaligned data access fault has occured
|
|
//
|
|
// Parameters: cr.iip - address of bundle causing the fault.
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of interruption.
|
|
//
|
|
// cr.iipa - address of bundle containing the last
|
|
// successfully executed instruction
|
|
//
|
|
// cr.isr - faulting status information. ISR.ei bits are
|
|
// set to indicate which instruction caused the
|
|
// exception.
|
|
// The ISR.code contains information about the
|
|
// FP exception fault. See trapc.c and the EAS
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5a00, KiUnalignedFaultVector, cr.ifa)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiUnalignedFault)
|
|
|
|
//
|
|
// Do not return (rfi from handler)
|
|
//
|
|
|
|
VECTOR_EXIT(KiUnalignedFaultVector)
|
|
|
|
|
|
//++
|
|
//
|
|
// KiFloatFaultVector
|
|
//
|
|
// Cause: A floating point fault has occured
|
|
//
|
|
// Parameters: cr.iip - address of bundle causing the fault.
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of interruption.
|
|
//
|
|
// cr.iipa - address of bundle containing the last
|
|
// successfully executed instruction
|
|
//
|
|
// cr.isr - faulting status information. ISR.ei bits are
|
|
// set to indicate which instruction caused the
|
|
// exception.
|
|
// The ISR.code contains information about the
|
|
// FP exception fault. See trapc.c and the EAS
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5c00, KiFloatFaultVector, cr.isr)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiFloatFault)
|
|
|
|
//
|
|
// Do not return (rfi from handler)
|
|
//
|
|
|
|
VECTOR_EXIT(KiFloatFaultVector)
|
|
|
|
//++
|
|
//
|
|
// KiFloatTrapVector
|
|
//
|
|
// Cause: A floating point trap has occured
|
|
//
|
|
// Parameters: cr.iip - address of bundle with the instruction to be
|
|
// executed next.
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of interruption.
|
|
//
|
|
// cr.iipa - address of bundle containing the last
|
|
// successfully executed instruction
|
|
//
|
|
// cr.isr - faulting status information. ISR.ei bits are
|
|
// set to indicate which instruction caused the
|
|
// exception.
|
|
// The ISR.code contains information about the
|
|
// FP trap. See trapc.c and the EAS
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5d00, KiFloatTrapVector, cr.isr)
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiFloatTrap)
|
|
|
|
//
|
|
// Do not return (rfi from handler)
|
|
//
|
|
|
|
VECTOR_EXIT(KiFloatTrapVector)
|
|
|
|
//++
|
|
//
|
|
// KiLowerPrivilegeVector
|
|
//
|
|
// Cause: A branch lowers the privilege level and PSR.lp is 1.
|
|
// Or an attempt made to execute an instruction
|
|
// in the unimplemented address space.
|
|
// This trap is higher priority than taken branch
|
|
// or single step traps.
|
|
//
|
|
// Parameters: cr.iip - address of bundle containing the instruction to
|
|
// be executed next.
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of interruption.
|
|
//
|
|
// cr.iipa - address of bundle containing the last
|
|
// successfully executed instruction
|
|
//
|
|
// cr.isr - faulting status information. The ISR.code
|
|
// contains a bit vector for all traps which
|
|
// occurred in the trapping bundle.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5e00, KiLowerPrivilegeVector, cr.iipa)
|
|
|
|
mov rHISR = cr.isr
|
|
mov rHOldPreds = pr
|
|
|
|
mov rHIIPA = cr.iipa
|
|
mov rHIPSR = cr.ipsr
|
|
;;
|
|
|
|
|
|
tbit.z pt1, pt0 = rHISR, ISR_UI_TRAP
|
|
(pt1) br.cond.spnt Klpv10
|
|
;;
|
|
|
|
mov rHIFA = cr.iip
|
|
movl rHHandler = KiUnimplementedAddressTrap
|
|
|
|
mov pr = rHOldPreds, -2 // must restore predicates
|
|
br.sptk KiGenericExceptionHandler
|
|
;;
|
|
|
|
Klpv10:
|
|
mov rPanicCode = UNEXPECTED_KERNEL_MODE_TRAP
|
|
br.sptk KiPanicHandler
|
|
|
|
VECTOR_EXIT(KiLowerPrivilegeVector)
|
|
|
|
//++
|
|
//
|
|
// KiTakenBranchVector
|
|
//
|
|
// Cause: A taken branch was successfully execcuted and the PSR.tb
|
|
// bit is 1. This trap is higher priority than single step trap.
|
|
//
|
|
// Parameters: cr.iip - address of bundle containing the instruction to
|
|
// be executed next.
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of interruption.
|
|
//
|
|
// cr.iipa - address of bundle containing the last
|
|
// successfully executed instruction
|
|
//
|
|
// cr.isr - faulting status information. The ISR.code
|
|
// contains a bit vector for all traps which
|
|
// occurred in the trapping bundle.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x5f00, KiTakenBranchVector, cr.iipa)
|
|
|
|
mov rHIPSR = cr.ipsr
|
|
movl rHEPCVa = MM_EPC_VA+0x20 // user system call entry point
|
|
|
|
mov rHIIP = cr.iip
|
|
movl rHpT1 = KiPcr+PcInitialStack
|
|
;;
|
|
|
|
ld8 rHpT1 = [rHpT1]
|
|
extr.u rTH1 = rHIPSR, PSR_CPL, PSR_CPL_LEN
|
|
mov rHOldPreds = pr
|
|
;;
|
|
|
|
cmp.eq pt0 = rHEPCVa, rHIIP
|
|
movl rHHandler = KiSingleStep
|
|
;;
|
|
(pt0) ssm 1 << PSR_IC
|
|
(pt0) movl rHpT3 = 1 << PSR_LP
|
|
;;
|
|
|
|
(pt0) or rHpT3 = rHIPSR, rHpT3
|
|
|
|
(pt0) srlz.d
|
|
add rHpT1=-ThreadStateSaveAreaLength-TrapFrameLength+TrStIPSR,rHpT1
|
|
(pt0) br.spnt.few Ktbv10
|
|
|
|
mov pr = rHOldPreds, -2
|
|
br.sptk KiGenericExceptionHandler
|
|
;;
|
|
|
|
|
|
Ktbv10:
|
|
|
|
st8 [rHpT1] = rHpT3
|
|
movl rHpT3 = 1 << PSR_SS | 1 << PSR_TB | 1 << PSR_DB
|
|
;;
|
|
|
|
rsm 1 << PSR_IC
|
|
mov pr = rHOldPreds, -2
|
|
andcm rHIPSR = rHIPSR, rHpT3 // clear ss, tb, db bits
|
|
;;
|
|
|
|
srlz.d
|
|
mov cr.ipsr = rHIPSR
|
|
;;
|
|
rfi
|
|
;;
|
|
|
|
|
|
VECTOR_EXIT(KiTakenBranchVector)
|
|
|
|
//++
|
|
//
|
|
// KiSingleStepVector
|
|
//
|
|
// Cause: An instruction was successfully execcuted and the PSR.ss
|
|
// bit is 1.
|
|
//
|
|
// Parameters: cr.iip - address of bundle containing the instruction to
|
|
// be executed next.
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of interruption.
|
|
//
|
|
// cr.iipa - address of bundle containing the last
|
|
// successfully executed instruction
|
|
//
|
|
// cr.isr - faulting status information. The ISR.code
|
|
// contains a bit vector for all traps which
|
|
// occurred in the trapping bundle.
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x6000, KiSingleStepVector, cr.iipa)
|
|
|
|
mov rHIPSR = cr.ipsr
|
|
movl rHEPCVa = MM_EPC_VA+0x20 // user system call entry point
|
|
|
|
mov rHIIP = cr.iip
|
|
movl rHpT1 = KiPcr+PcInitialStack
|
|
;;
|
|
|
|
ld8 rHpT1 = [rHpT1]
|
|
extr.u rTH1 = rHIPSR, PSR_CPL, PSR_CPL_LEN
|
|
mov rHOldPreds = pr
|
|
;;
|
|
|
|
cmp.eq pt0 = rHEPCVa, rHIIP
|
|
movl rHHandler = KiSingleStep
|
|
;;
|
|
|
|
(pt0) ssm 1 << PSR_IC
|
|
(pt0) movl rHpT3 = 1 << PSR_LP
|
|
;;
|
|
|
|
(pt0) or rHpT3 = rHIPSR, rHpT3
|
|
|
|
(pt0) srlz.d
|
|
add rHpT1=-ThreadStateSaveAreaLength-TrapFrameLength+TrStIPSR,rHpT1
|
|
(pt0) br.spnt.few Kssv10
|
|
|
|
mov pr = rHOldPreds, -2
|
|
br.sptk KiGenericExceptionHandler
|
|
;;
|
|
|
|
|
|
Kssv10:
|
|
|
|
st8 [rHpT1] = rHpT3
|
|
movl rHpT3 = 1 << PSR_SS | 1 << PSR_DB
|
|
;;
|
|
|
|
rsm 1 << PSR_IC
|
|
mov pr = rHOldPreds, -2
|
|
andcm rHIPSR = rHIPSR, rHpT3 // clear ss, db bits
|
|
;;
|
|
|
|
srlz.d
|
|
mov cr.ipsr = rHIPSR
|
|
;;
|
|
rfi
|
|
;;
|
|
|
|
VECTOR_EXIT(KiSingleStepVector)
|
|
|
|
//++
|
|
//
|
|
// KiIA32ExceptionVector
|
|
//
|
|
// Cause: A fault or trap was generated while executing from the
|
|
// iA-32 instruction set.
|
|
//
|
|
// Parameters: cr.iip - address of the iA-32 instruction causing interruption
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the instruction
|
|
//
|
|
// cr.iipa - Address of the last successfully executed
|
|
// iA-32 or EM instruction
|
|
//
|
|
// cr.isr - The ISR.ei exception indicator is cleared.
|
|
// ISR.iA_vector contains the iA-32 interruption vector
|
|
// number. ISR.code contains the iA-32 16-bit error cod
|
|
//
|
|
// Handle: Save the whole register state and
|
|
// call KiIA32ExceptionVectorHandler()().
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x6900, KiIA32ExceptionVector, r0)
|
|
|
|
mov rHIIM = cr.iim // save info from IIM
|
|
movl rTH1 = KiPcr+PcSavedIIM
|
|
;;
|
|
st8 [rTH1] = rHIIM
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler,
|
|
KiIA32ExceptionVectorHandler)
|
|
|
|
VECTOR_EXIT(KiIA32ExceptionVector)
|
|
|
|
//++
|
|
//
|
|
// KiIA32InterceptionVector
|
|
//
|
|
// Cause: A interception fault or trap was generated while executing
|
|
// from the iA-32 instruction set.
|
|
//
|
|
// Parameters: cr.iip - address of the iA-32 instruction causing interruption
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the instruction
|
|
//
|
|
// cr.iipa - Address of the last successfully executed
|
|
// iA-32 or EM instruction
|
|
//
|
|
// cr.isr - The ISR.ei exception indicator is cleared.
|
|
// ISR.iA_vector contains the iA-32 interruption vector
|
|
// number. ISR.code contains the iA-32specific
|
|
// interception information
|
|
//
|
|
// Handle: Save the whole register state and
|
|
// call KiIA32InterceptionVectorHandler()().
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x6a00, KiIA32InterceptionVector, r0)
|
|
|
|
|
|
mov rHIIM = cr.iim // save info from IIM
|
|
movl rTH1 = KiPcr+PcSavedIIM
|
|
;;
|
|
st8 [rTH1] = rHIIM
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler,
|
|
KiIA32InterceptionVectorHandler)
|
|
|
|
VECTOR_EXIT(KiIA32InterceptionVector)
|
|
|
|
//++
|
|
//
|
|
// KiIA32InterruptionVector
|
|
//
|
|
// Cause: An iA software interrupt was executed
|
|
//
|
|
// Parameters: cr.iip - address of the iA-32 instruction causing interruption
|
|
//
|
|
// cr.ipsr - copy of PSR at the time of the instruction
|
|
//
|
|
// cr.iipa - Address of the last successfully executed
|
|
// iA-32 or EM instruction
|
|
//
|
|
// cr.isr - ISR.iA_vector contains the iA-32 defined vector
|
|
// number. ISR.code contains 0
|
|
// ISR.ei excepting instruction indicator is cleared.
|
|
// ISR.iA_vector contains the iA-32 instruction vector.
|
|
// ISR.code contains iA-32 specific information.
|
|
//
|
|
// Handle: Save the whole register state and
|
|
// call KiIA32InterruptionVectorHandler()().
|
|
//
|
|
//--
|
|
|
|
VECTOR_ENTRY(0x6b00, KiIA32InterruptionVector, r0)
|
|
|
|
// This one doesn't need IIM, so we won't bother to save it
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler,
|
|
KiIA32InterruptionVectorHandler)
|
|
|
|
|
|
VECTOR_EXIT(KiIA32InterruptionVector)
|
|
|
|
//
|
|
// All non-VECTOR_ENTRY functions must follow KiNormalSystemCall.
|
|
//
|
|
// N.B. KiNormalSystemCall must be the first function body in the .nsc
|
|
// section.
|
|
//
|
|
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiNormalSystemCall
|
|
//
|
|
// Description:
|
|
//
|
|
// Handler for normal (not fast) system calls
|
|
//
|
|
// On entry:
|
|
//
|
|
// ic off
|
|
// interrupts disabled
|
|
// v0: contains sys call #
|
|
// cover done by call
|
|
// r32-r39: sys call arguments
|
|
// CFM: sof = # args, ins = 0, outs = # args
|
|
// clear mfh bit (high fp registers are scratch per s/w convention)
|
|
//
|
|
// Return value:
|
|
//
|
|
// v0: system call return value
|
|
//
|
|
// Process:
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
.section .drectve, "MI", "progbits"
|
|
string " -section:.nsc,,align=0x2000"
|
|
|
|
.section .nsc = "ax", "progbits"
|
|
|
|
HANDLER_ENTRY_EX(KiNormalSystemCall, KiSystemServiceHandler)
|
|
|
|
.prologue
|
|
.unwabi @nt, EXCEPTION_FRAME
|
|
|
|
rPFS = t0
|
|
rThread = t1 // current thread
|
|
rIFS = t1
|
|
rIIP = t2
|
|
rPreds = t3
|
|
rIPSR = t4
|
|
rUNAT = t5
|
|
|
|
rSp = t6
|
|
|
|
rpT1 = t7
|
|
rpT2 = t8
|
|
rpT3 = t9
|
|
rpT4 = t10
|
|
rT0 = t11
|
|
rT1 = t12
|
|
rT2 = t13
|
|
rT3 = t14
|
|
rT4 = t15
|
|
|
|
rKDbgActive = t16
|
|
rIntNats = t17
|
|
|
|
rpSd = t16 /* -> service descriptor entry */
|
|
rSdOffset = t17 /* service descriptor offset */
|
|
rArgTable = t18 /* pointer to argument table */
|
|
rArgNum = t20 /* number of arguments */
|
|
|
|
rRscD = t16
|
|
rRNAT = t17
|
|
rRscE = t18
|
|
rKBSPStore = t18
|
|
rBSPStore = t19
|
|
rRscDelta = t20
|
|
|
|
rBSP = t21
|
|
rPreviousMode = t22
|
|
|
|
pInvl = ps9 /* pInvl = not GUI service */
|
|
pVal = pt1
|
|
pGui = pt2 /* true if GUI call */
|
|
pNoGui = pt3 /* true if no GUI call */
|
|
pNatedArg = pt4 /* true if any input argument */
|
|
/* register is Nat'ed */
|
|
pNoCopy = pt5 /* no in-memory arguments to copy */
|
|
pCopy = pt6
|
|
pNatedSp = pt7
|
|
|
|
|
|
mov rUNAT = ar.unat
|
|
tnat.nz pNatedSp = sp
|
|
mov rPreviousMode = KernelMode
|
|
|
|
mov rIPSR = psr
|
|
rsm 1 << PSR_I | 1 << PSR_MFH
|
|
br.sptk Knsc_Allocate
|
|
;;
|
|
|
|
//
|
|
// N.B. KiUserSystemCall is at an offset of 0x20 from KiNormalSystemCall.
|
|
// Whenever this offset is changed, the definition of kernel system call
|
|
// stub in services.stb must be updated to reflect the new value.
|
|
//
|
|
|
|
ALTERNATE_ENTRY(KiUserSystemCall)
|
|
|
|
mov rUNAT = ar.unat
|
|
mov rPreviousMode = UserMode
|
|
epc
|
|
;;
|
|
|
|
mov rIPSR = psr
|
|
rsm (1 << PSR_I) | (1 << PSR_BE)
|
|
tnat.nz pNatedSp = sp
|
|
;; // stop bit needed to ensure interrupt is off
|
|
|
|
Knsc_Allocate::
|
|
|
|
#if defined(INTERRUPTION_LOGGING)
|
|
|
|
// For Conditional Interrupt Logging
|
|
mov rT3 = gp
|
|
movl gp = _gp
|
|
;;
|
|
add rpT1 = @gprel(KiVectorLogMask), gp
|
|
;;
|
|
ld8 rT1 = [rpT1]
|
|
mov gp = rT3
|
|
;;
|
|
tbit.z pt1 = rT1, UserSystemcallBit
|
|
(pt1) br.cond.sptk EndOfLogging1
|
|
|
|
mov rT1 = 0x80 // dummy offset for sys call
|
|
movl rpT1 = KiPcr+PcInterruptionCount
|
|
mov rT2 = b0
|
|
mov rT3 = MAX_NUMBER_OF_IHISTORY_RECORDS - 1
|
|
;;
|
|
|
|
ld4.nt1 rT4 = [rpT1] // get current count
|
|
or rT1 = rT1, rPreviousMode // kernel/user
|
|
;;
|
|
|
|
add rT0 = 1, rT4 // incr count
|
|
and rT4 = rT3, rT4 // index of current entry
|
|
add rpT2 = 0x1000-PcInterruptionCount, rpT1 // base of history
|
|
;;
|
|
|
|
st4.nta [rpT1] = rT0 // save count
|
|
shl rT4 = rT4, 5 // offset of current entry
|
|
;;
|
|
add rpT2 = rpT2, rT4 // address of current entry
|
|
;;
|
|
st8 [rpT2] = rT1, 8 // save sys call offset
|
|
;;
|
|
st8 [rpT2] = rT2, 8 // save return address
|
|
;;
|
|
st8 [rpT2] = rIPSR, 8 // save psr
|
|
;;
|
|
st8 [rpT2] = v0; // save sys call number
|
|
;;
|
|
|
|
|
|
// For Conditional Interrupt Logging
|
|
EndOfLogging1:
|
|
|
|
#endif // INTERRUPTION_LOGGING
|
|
|
|
//
|
|
// if sp is Nat'ed return to caller with an error status
|
|
// N.B. sp is not spilled and a value of zero is saved in the IntNats field
|
|
//
|
|
|
|
mov rT1 = cr.dcr
|
|
movl rpT4 = KiPcr+PcInitialStack
|
|
|
|
mov rSp = sp
|
|
(pNatedSp) movl rT4 = Knsc_ErrorReturn
|
|
;;
|
|
|
|
mov rPreds = pr
|
|
nop.f 0
|
|
cmp.eq pUser, pKrnl = UserMode, rPreviousMode
|
|
|
|
mov rBSP = ar.bsp
|
|
(pNatedSp) movl v0 = STATUS_IA64_INVALID_STACK
|
|
;;
|
|
|
|
(pUser) ld8 sp = [rpT4], PcInitialBStore-PcInitialStack // set new sp
|
|
mov rIIP = brp
|
|
mov rPFS = ar.pfs
|
|
;;
|
|
|
|
mov rT2 = ar.rsc
|
|
(pUser) ld8 rKBSPStore = [rpT4], PcKernelDebugActive-PcInitialBStore
|
|
(pNatedSp) mov bt0 = rT4
|
|
;;
|
|
|
|
(pUser) ld1 rKDbgActive = [rpT4], PcCurrentThread-PcKernelDebugActive
|
|
(pKrnl) add rpT4 = PcCurrentThread-PcInitialStack, rpT4
|
|
extr rIFS = rPFS, 0, 38
|
|
|
|
mov rT0 = ar.fpsr
|
|
(pUser) movl rT3 = 1 << PSR_SS | 1 << PSR_DB | 1 << PSR_TB | 1 << PSR_LP
|
|
|
|
(pUser) mov ar.rsc = r0 // put RSE in lazy mode
|
|
(pUser) add sp = -ThreadStateSaveAreaLength-TrapFrameLength, sp
|
|
(pKrnl) add sp = -TrapFrameLength, sp // allocate TF
|
|
;;
|
|
|
|
(pUser) mov rBSPStore = ar.bspstore // get user bsp store point
|
|
add rpT1 = TrStIPSR, sp // -> IPSR
|
|
add rpT2 = TrIntSp, sp // -> IntSp
|
|
;;
|
|
|
|
(pUser) ld8 rT4 = [rpT1]
|
|
st8 [rpT2] = rSp, TrApUNAT-TrIntSp // sp is not Nat'ed
|
|
|
|
add rpT3 = TrStIFS, sp // -> IFS
|
|
dep rIFS = 1, rIFS, 63, 1 // set IFS.v
|
|
;;
|
|
|
|
st8 [rpT2] = rUNAT, TrApDCR-TrApUNAT
|
|
st8 [rpT3] = rIFS, TrRsPFS-TrStIFS // save IFS
|
|
(pUser) and rT4 = rT3, rT4 // capture psr.db, tb, ss
|
|
;;
|
|
|
|
st8 [rpT2] = rT1, TrPreds-TrApDCR
|
|
st8.nta [rpT3] = rPFS, TrStFPSR-TrRsPFS // save PFS
|
|
(pUser) mov rT3 = rIPSR
|
|
|
|
rBspOff = t5
|
|
|
|
extr.u rBspOff = rBSP, 0, 9
|
|
extr.u t0 = rIFS, 0, 7
|
|
extr.u rIFS = rIFS, 7, 7
|
|
;;
|
|
|
|
(pUser) mov rRNAT = ar.rnat
|
|
movl rT1 = 1 << PSR_I | 1 << PSR_MFH | 1 << PSR_BE
|
|
|
|
sub rIFS = t0, rIFS
|
|
movl t0 = 1 << PSR_I | 1 << PSR_BN
|
|
;;
|
|
|
|
st8 [rpT2] = rPreds, TrIntNats-TrPreds
|
|
(pUser) or rIPSR = rIPSR, rT4
|
|
(pUser) cmp.ne.unc pKDbg, pt2 = zero, rKDbgActive // kernel debug active?
|
|
|
|
shladd rBspOff = rIFS, 3, rBspOff
|
|
shladd rBSP = rIFS, 3, rBSP
|
|
|
|
mov rIFS = 0x1F8
|
|
(pUser) dep t0 = 1, t0, PSR_CPL, 2
|
|
;;
|
|
|
|
st8 [rpT2] = zero,TrIntGp-TrIntNats // all integer Nats are 0
|
|
st8 [rpT3] = rT0, TrStIIP-TrStFPSR // save FPSR
|
|
(pUser) andcm rT3 = rT3, rT1 // clear i, mfh, be
|
|
|
|
cmp.ge pt0 = rBspOff, rIFS
|
|
or rIPSR = t0, rIPSR // set i, cpl, bn for the saved IPSR
|
|
;;
|
|
|
|
st8 [rpT1] = rIPSR // save IPSR
|
|
st8 [rpT3] = rIIP, TrBrRp-TrStIIP // save IIP
|
|
(pt2) dep rT3 = 0, rT3, PSR_DB, 1 // disable db in kernel
|
|
;;
|
|
|
|
st8.nta [rpT3] = rIIP, TrRsBSP-TrBrRp // save BRP
|
|
st8 [rpT2] = gp // Save GP even though it is a temporary
|
|
// If someone does a get/set context and GP
|
|
// is zero in the trap fram then set context
|
|
// will think IIP is a plabel and dereference
|
|
// it.
|
|
(pUser) dep rT3 = 1, rT3, PSR_AC, 1 // enable alignment check
|
|
;;
|
|
|
|
add rpT2 = TrRsRSC, sp
|
|
(pt0) add rBSP = 8, rBSP
|
|
(pUser) mov psr.l = rT3
|
|
;;
|
|
st8 [rpT3] = rBSP, TrRsBSPSTORE-TrRsBSP
|
|
(pUser) sub rBSP = rBSP, rBSPStore
|
|
;;
|
|
|
|
(pUser) st8 [rpT3] = rBSPStore // save user BSP Store
|
|
(pUser) dep rT2 = rBSP, rT2, RSC_MBZ1, RSC_LOADRS_LEN
|
|
|
|
(pUser) mov teb = kteb // get Teb pointer
|
|
movl rT1 = Knsc10 // Leave the EPC page
|
|
;;
|
|
|
|
st8 [rpT2] = rT2, TrRsRNAT-TrRsRSC // save RSC
|
|
(pUser) dep rKBSPStore = rBSPStore, rKBSPStore, 0, 9
|
|
mov b6 = rT1 // Addres of Knsc10 in KSEG0.
|
|
;;
|
|
|
|
(pUser) mov ar.bspstore = rKBSPStore // switch to kernel BSP
|
|
movl gp = _gp // set up kernel gp
|
|
;;
|
|
|
|
(pUser) mov ar.rsc = RSC_KERNEL // turn rse on, in kernel mode
|
|
(pUser) st8 [rpT2] = rRNAT // save RNAT in trap frame
|
|
// for user backing store
|
|
(pNatedSp) br.spnt bt0
|
|
br.sptk b6
|
|
;;
|
|
|
|
Knsc10:
|
|
|
|
//
|
|
// Now running with user banked registers and on kernel backing store
|
|
//
|
|
// Can now take TLB faults
|
|
//
|
|
// Preserve the output args (as in's) in the local frame until it's ready to
|
|
// call the specified system service because other calls may have to be made
|
|
// before that. Also allocate locals and one out.
|
|
//
|
|
|
|
|
|
//
|
|
// Register aliases for rest of procedure
|
|
//
|
|
|
|
.regstk 8, 9, 3, 0
|
|
|
|
rScallGp = loc0
|
|
rpThObj = loc1 // pointer to thread object
|
|
rSavedV0 = loc2 // saved v0 for GUI thread
|
|
rpEntry = loc3 // syscall routine entry point
|
|
rSnumber = loc4 // service number
|
|
rArgEntry = loc5
|
|
rCount = loc6 /* index of the first Nat'ed input register */
|
|
rUserSp = loc7
|
|
rUserPFS = loc8
|
|
rArgBytes = out2
|
|
|
|
|
|
//
|
|
// the following code uses the predicates to determine the first of
|
|
// the 8 input argument register whose Nat bit is set. The result
|
|
// is saved in register rCount and used to determine whether to fail
|
|
// the system call in Knsc_CheckArguments.
|
|
//
|
|
|
|
alloc rUserPFS = 8, 9, 3, 0
|
|
ld8 rpThObj = [rpT4]
|
|
mov rUserSp = rSp
|
|
|
|
add rpT1 = TrEOFMarker, sp
|
|
movl rT1 = FPSR_FOR_KERNEL // initial fpsr value
|
|
;;
|
|
|
|
mov ar.fpsr = rT1 // set fpsr
|
|
movl rT3 = KTRAP_FRAME_EOF | EXCEPTION_FRAME
|
|
;;
|
|
|
|
st8 [rpT1] = rT3
|
|
mov loc0 = pr // save local predicates
|
|
;;
|
|
|
|
mov pr = zero, -1
|
|
add rpT2 = ThServiceTable, rpThObj
|
|
add rpT3 = ThTrapFrame, rpThObj
|
|
;;
|
|
|
|
lfetch [rpT2]
|
|
ld8 rT4 = [rpT3], ThPreviousMode-ThTrapFrame
|
|
|
|
cmp.eq p1 = r32, r32
|
|
cmp.eq p9 = r33, r33
|
|
cmp.eq p17 = r34, r34
|
|
cmp.eq p25 = r35, r35
|
|
cmp.eq p33 = r36, r36
|
|
cmp.eq p41 = r37, r37
|
|
cmp.eq p49 = r38, r38
|
|
cmp.eq p57 = r39, r39
|
|
mov rSavedV0 = v0 // save syscall # across call
|
|
;;
|
|
|
|
ld1 rT0 = [rpT3] // rT0 = thread's previous mode
|
|
mov rT1 = pr
|
|
add rpT1 = TrTrapFrame, sp // -> TrTrapFrame
|
|
;;
|
|
|
|
st1 [rpT3] = rPreviousMode // set new thread previous mode
|
|
mov pr = loc0, -1 // restore local predicates
|
|
dep rT1 = 0, rT1, 0, 1 // clear bit 0
|
|
;;
|
|
|
|
st8 [rpT1] = rT4, TrPreviousMode-TrTrapFrame
|
|
czx1.r rCount = rT1 // determine which arg is Nat'ed
|
|
;;
|
|
|
|
st4 [rpT1] = rT0
|
|
FAST_ENABLE_INTERRUPTS
|
|
(pKDbg) br.call.spnt brp = KiLoadKernelDebugRegisters
|
|
;;
|
|
|
|
PROLOGUE_END
|
|
|
|
//
|
|
// If the specified system service number is not within range, then
|
|
// attempt to convert the thread to a GUI thread and retry the service
|
|
// dispatch.
|
|
//
|
|
// N.B. The system call arguments, the system service entry point (rpEntry),
|
|
// the service number (Snumber)
|
|
// are implicitly preserved in the register stack while attempting to
|
|
// convert the thread to a GUI thread. v0 and the gp must be preserved
|
|
// explicitly.
|
|
//
|
|
// Validate sys call number
|
|
//
|
|
|
|
ALTERNATE_ENTRY(KiSystemServiceRepeat)
|
|
|
|
add rpT1 = ThTrapFrame, rpThObj // rpT1 -> ThTrapFrame
|
|
add rpT2 = ThServiceTable,rpThObj // rpT2 -> ThServiceTable
|
|
shr.u rT2 = rSavedV0, SERVICE_TABLE_SHIFT // isolate service descriptor offset
|
|
;;
|
|
|
|
st8 [rpT1] = sp // set trap frame address
|
|
ld8 rT3 = [rpT2] // -> service descriptor table
|
|
and rSdOffset = SERVICE_TABLE_MASK, rT2
|
|
;;
|
|
|
|
cmp4.ne pNoGui, pGui = SERVICE_TABLE_TEST, rSdOffset // check if GUI system service
|
|
add rpT1 = TeGdiBatchCount, teb
|
|
mov rSnumber = SERVICE_NUMBER_MASK
|
|
;;
|
|
|
|
(pGui) lfetch [rpT1]
|
|
add rT2 = rSdOffset, rT3 // rT2 -> service descriptor
|
|
;;
|
|
add rpSd = SdLimit, rT2 // rpSd -> table limit
|
|
;;
|
|
|
|
ld4 rT1 = [rpSd], SdTableBaseGpOffset-SdLimit // rT1 = table limit
|
|
;;
|
|
ld4 rScallGp = [rpSd], SdBase-SdTableBaseGpOffset
|
|
and rSnumber = rSnumber, rSavedV0 // rSnumber = service number
|
|
;;
|
|
|
|
ld8 rT4 = [rpSd], SdNumber-SdBase // rT4 = table base
|
|
;;
|
|
ld8 rArgTable = [rpSd] // -> arg table
|
|
sxt4 rScallGp = rScallGp // sign-extend offset
|
|
;;
|
|
|
|
cmp4.ltu pt1, pt0 = rSnumber, rT1 // pt1 = number < limit
|
|
shladd rpT3 = rSnumber, 3, rT4 // -> entry point address
|
|
add rScallGp = rT4, rScallGp // compute syscall gp
|
|
;;
|
|
|
|
(pt1) ld8 rpEntry = [rpT3] // -> sys call routine plabel
|
|
add rArgEntry = rSnumber, rArgTable // -> # arg bytes
|
|
|
|
(pt1) cmp4.ne.unc pNoGui, pGui = SERVICE_TABLE_TEST, rSdOffset
|
|
(pNoGui) br.dptk Knsc_NotGUI // Not a GUI thread
|
|
(pGui) br.dpnt Knsc_GUI // GUI thread
|
|
;;
|
|
|
|
//
|
|
// If rSdOffset == SERVICE_TABLE_TEST then service number is GUI service
|
|
//
|
|
|
|
cmp.ne pInvl, pVal = SERVICE_TABLE_TEST, rSdOffset
|
|
mov v0 = 1
|
|
(pVal) br.call.sptk brp = PsConvertToGuiThread
|
|
;;
|
|
|
|
cmp4.eq pVal, p0 = 0, v0 // pVal = 1, if successful
|
|
movl v0 = STATUS_INVALID_SYSTEM_SERVICE // invalid, if not successful
|
|
;;
|
|
|
|
add rpT1 = @gprel(KeServiceDescriptorTableShadow),gp // Load address of table of shadow table
|
|
(pVal) br.sptk KiSystemServiceRepeat // br if successful
|
|
(pInvl) br.spnt Knsc_ErrorReturn // br to KiSystemServiceExit if
|
|
;; // system call out of range
|
|
|
|
//
|
|
// The conversion to a Gui thread failed. The correct return value is encoded
|
|
// in a byte table indexed by the service number that is at the end of the
|
|
// service address table. The encoding is as follows:
|
|
//
|
|
// 0 - return 0.
|
|
// -1 - return -1.
|
|
// 1 - return status code.
|
|
//
|
|
add rpT1 = SERVICE_TABLE_TEST, rpT1 // Get addr of the GUI table
|
|
;;
|
|
ld8 rpT2 = [rpT1], SdLimit - SdBase // Get the table base.
|
|
;;
|
|
ld4 rT1 = [rpT1] // Get the limit.
|
|
add rpT2 = rpT2, rSnumber // Index by the server number to the correct byte.
|
|
;;
|
|
shladd rpT2 = rT1, 3, rpT2 // Calculate the end of the table.
|
|
cmp4.ltu pt1, pt0 = rSnumber, rT1 // pt1 = number < limit
|
|
;; // pt1 == 0 implies return an ntstatus.
|
|
(pt1) ld1 rT1 = [rpT2] // Load the flag byte if within table
|
|
;;
|
|
sxt1 rT2 = rT1 // Sign extend the result
|
|
(pt1) cmp.eq pt0, pt1 = 1, rT1 // Test for 1 which means return STATUS_INVALID_SYSTEM_SERVICE
|
|
;;
|
|
(pt1) mov v0 = rT2 // Use the flag value if needed.
|
|
br.sptk Knsc_ErrorReturn // br to KiSystemServiceExit
|
|
;;
|
|
|
|
Knsc_GUI:
|
|
|
|
//
|
|
// If the system service is a GUI service and the GDI user batch queue is
|
|
// not empty, then call the appropriate service to flush the user batch.
|
|
//
|
|
|
|
add rpT1 = TeGdiBatchCount, teb // get number of batched calls
|
|
mov rSavedV0 = rpSd // save service descriptor
|
|
;;
|
|
ld4.s rT1 = [rpT1]
|
|
add rpT3 = @gprel(KeGdiFlushUserBatch), gp
|
|
;;
|
|
|
|
cmp4.ne pGui = rT1, zero // skip if no calls
|
|
tnat.nz pNoGui = rT1 // pGui will be zero if rT1 is Nat
|
|
;;
|
|
(pGui) ld8 rpT1 = [rpT3] // get KeGdiFlushUserBatch()
|
|
movl rpT2 = Knsc_GUI_Return
|
|
;;
|
|
|
|
(pGui) ld8 rT1 = [rpT1], PlGlobalPointer-PlEntryPoint // get entry point
|
|
mov brp = rpT2
|
|
(pNoGui)br.call.spnt bt0=KiTestGdiBatchCount // This will return to Knsc_GUI_Return
|
|
;;
|
|
|
|
(pGui) ld8 gp = [rpT1] // set global pointer
|
|
(pGui) mov bt0 = rT1
|
|
(pGui) br.call.sptk brp = bt0 // call to KeGdiFlushUserBatch
|
|
;;
|
|
|
|
Knsc_GUI_Return:
|
|
#if DBG
|
|
mov rpSd = rSavedV0 // restore service descriptor
|
|
;;
|
|
#endif
|
|
|
|
//
|
|
// Check for Nat'ed input argument register and
|
|
// Copy in-memory arguments from caller stack to kernel stack
|
|
//
|
|
|
|
Knsc_NotGUI:
|
|
|
|
#if DBG // checked build code
|
|
|
|
add rpT1 = SdCount-SdNumber, rpSd // rpT1 -> count table address
|
|
;;
|
|
ld8 rpT2 = [rpT1] // service count table address
|
|
;;
|
|
|
|
cmp.ne pt0 = rpT2, zero // if zero, no table defined
|
|
shladd rpT3 = rSnumber, 2, rpT2 // compute service count address
|
|
;;
|
|
|
|
(pt0) ld4 rT1 = [rpT3] // increment count
|
|
;;
|
|
(pt0) add rT1 = 1, rT1
|
|
;;
|
|
(pt0) st4 [rpT3] = rT1 // store result
|
|
|
|
#endif // DBG
|
|
|
|
tbit.z pt0, pt1 = rpEntry, 0
|
|
extr.u rArgNum = rpEntry, 1, 3 // extract # of arguments
|
|
dep rpEntry = 0, rpEntry, 0, 4 // clear least significant 4 bit
|
|
;;
|
|
|
|
(pt1) ld1.nt1 rArgBytes = [rArgEntry] // get # arg bytes
|
|
movl v0 = STATUS_INVALID_PARAMETER_1
|
|
;;
|
|
cmp.ne pNatedArg = zero, zero // assume no Nat'ed argument
|
|
(pt1) shr rArgNum = rArgBytes, 2
|
|
;;
|
|
|
|
|
|
dep rPFS = 0, rUserPFS, 62, 2
|
|
add v0 = rCount, v0 // set return status
|
|
(pt1) add rArgNum = 7, rArgNum // number of in arguments
|
|
;;
|
|
cmp.geu pNoCopy, pCopy = 8, rArgNum // any in-memory arguments ?
|
|
(pt1) shl rArgBytes = rArgNum, 3 // x2 since args are 8 bytes each, not 4
|
|
;;
|
|
|
|
(pNoCopy) cmp.gt pNatedArg = rArgNum, rCount // any Nat'ed argument ?
|
|
(pCopy) cmp.gt pNatedArg = 8, rCount
|
|
(pCopy) add rArgBytes = -64, rArgBytes // size of in-memory arguments
|
|
;;
|
|
|
|
(pNatedArg) br.spnt Knsc_ErrorReturn // exit if Nat'ed arg found
|
|
(pNoCopy) br.sptk KiSystemServiceEndAddress // skip copy if no memory args
|
|
;;
|
|
|
|
//
|
|
// Get the caller's sp. If caller was user mode, validate the stack pointer
|
|
// ar.unat contains Nat for previous sp (in TrIntSp)
|
|
//
|
|
|
|
(pUser) tnat.nz.unc pt1, pt2 = rUserSp // test user sp for Nat
|
|
(pUser) movl rpT2 = MI_USER_PROBE_ADDRESS // User sp limit
|
|
;;
|
|
|
|
(pt2) cmp.geu pt1 = rUserSp, rpT2 // user sp >= PROBE ADDRESS ?
|
|
mov rpT1 = rUserSp // previous sp
|
|
;;
|
|
|
|
(pt1) add rpT1 = -STACK_SCRATCH_AREA,rpT2 // set out of range (includes Nat case)
|
|
;;
|
|
add out1 = STACK_SCRATCH_AREA, rpT1 // adjust for scratch area
|
|
add out0 = STACK_SCRATCH_AREA, sp // adjust for scratch area
|
|
;;
|
|
|
|
ALTERNATE_ENTRY(KiSystemServiceStartAddress)
|
|
|
|
//
|
|
// Call out to C-code so the exception handling works corrrectly.
|
|
// The byte count is in out3 which is rArgBytes.
|
|
//
|
|
br.call.sptk brp=KeCopySafe
|
|
;;
|
|
dep rPFS = 0, rUserPFS, 62, 2 // rPFS is a temp, recalculate it
|
|
cmp4.ne pt2 = STATUS_SUCCESS, r8 // See if the copy worked.
|
|
(pt2) br.spnt Knsc_ErrorReturn
|
|
;;
|
|
|
|
ALTERNATE_ENTRY(KiSystemServiceEndAddress)
|
|
|
|
|
|
mov gp = rScallGp
|
|
mov bt0 = rpEntry
|
|
mov rSp = rUserSp
|
|
;;
|
|
|
|
//
|
|
// N.B. t0 is reserved to pass trap frame address to NtContinue()
|
|
//
|
|
|
|
alloc rT2 = 0,0,8,0 // output regs are ready
|
|
mov ar.pfs = rPFS
|
|
movl rT1 = KiSystemServiceExit
|
|
;;
|
|
|
|
mov t0 = sp // for NtContinue()
|
|
mov brp = rT1
|
|
br.sptk bt0 // call routine(args)
|
|
;;
|
|
|
|
ALTERNATE_ENTRY(KiSystemServiceExit)
|
|
|
|
//
|
|
// make the current bsp the same as the saved BSP in the trap frame
|
|
//
|
|
|
|
cover
|
|
;;
|
|
|
|
//
|
|
// At this point:
|
|
// ar.unat contains Nat for previous sp (ar.unat is preserved register)
|
|
// sp -> trap frame
|
|
//
|
|
// Returning from "call": no need to restore volatile state
|
|
// *** TBD *** : zero volatile state for security? PPC does zero, mips does not.
|
|
//
|
|
//
|
|
// Update PbSystemCalls
|
|
//
|
|
//
|
|
// Restore thread previous mode and trap frame address from the trap frame
|
|
//
|
|
|
|
add rpT2 = TrStIPSR, sp
|
|
movl rpT1 = KiPcr + PcPrcb // rpT1 -> Prcb
|
|
;;
|
|
|
|
ld8 rpT3 = [rpT1], PcCurrentThread-PcPrcb
|
|
lfetch [rpT2], TrTrapFrame-TrStIPSR
|
|
;;
|
|
|
|
ld8 rThread = [rpT1] // rpT1 -> current thread
|
|
ld8 rT2 = [rpT2], TrPreviousMode-TrTrapFrame
|
|
add rpT3 = PbSystemCalls, rpT3 // pointer to sys call counter
|
|
;;
|
|
|
|
FAST_DISABLE_INTERRUPTS
|
|
;;
|
|
ld4 rT1 = [rpT3] // rT1.4 = counter value
|
|
|
|
ld4 rT3 = [rpT2], TrRsRSC-TrPreviousMode
|
|
add rpT4 = ThTrapFrame, rThread // -> thread trap frame
|
|
add rpT1 = ThApcState+AsUserApcPending, rThread
|
|
;;
|
|
|
|
(pKrnl) ld8 rRscE = [rpT2] // load user RSC
|
|
(pUser) ld1 rT4 = [rpT1], ThAlerted-ThApcState-AsUserApcPending
|
|
add rT1 = 1, rT1 // increment
|
|
;;
|
|
|
|
st8 [rpT4] = rT2, ThPreviousMode-ThTrapFrame
|
|
st4 [rpT3] = rT1 // store
|
|
;;
|
|
|
|
st1 [rpT4] = rT3 // restore prevmode in thread
|
|
mov t0 = sp // set t0 to trap frame
|
|
(pKrnl) br.spnt Knsc_CommonExit // br if returning to kernel
|
|
;;
|
|
|
|
st1 [rpT1] = zero
|
|
cmp4.eq pt0 = zero, rT4
|
|
(pt0) br.sptk KiUserServiceExit
|
|
;;
|
|
|
|
alloc rT1 = ar.pfs, 0, 1, 2, 0
|
|
add loc0 = TrIntV0, sp
|
|
add rpT1 = TrIntTeb, sp
|
|
|
|
//
|
|
// v0 is saved in the trap frame so the return status can be restored
|
|
// by NtContinue after the user APC has been dispatched.
|
|
//
|
|
|
|
ssm 1 << PSR_I // enable interrupts
|
|
mov rT3 = APC_LEVEL
|
|
;;
|
|
SET_IRQL (rT3)
|
|
;;
|
|
|
|
st8.nta [loc0] = v0 // save return status in trap frame
|
|
movl gp = _gp // restore to kernel gp value
|
|
|
|
st8.nta [rpT1] = teb
|
|
mov out1 = sp
|
|
br.call.sptk brp = KiApcInterrupt
|
|
;;
|
|
|
|
rsm 1 << PSR_I // disable interrupt
|
|
ld8.nta v0 = [loc0] // restore system call return status
|
|
SET_IRQL (zero)
|
|
|
|
HANDLER_EXIT(KiNormalSystemCall)
|
|
|
|
//
|
|
// KiServiceExit is carefully constructed as a continuation of
|
|
// KiNormalSystemCall. From now on, t0 must be preserved because it is
|
|
// used to hold the trap frame address. v0 must be preserved because it
|
|
// is holding the return status.
|
|
//
|
|
|
|
HANDLER_ENTRY_EX(KiServiceExit, KiSystemServiceHandler)
|
|
|
|
.prologue
|
|
.unwabi @nt, EXCEPTION_FRAME
|
|
|
|
.vframe t0
|
|
mov t0 = sp
|
|
;;
|
|
|
|
ALTERNATE_ENTRY(KiUserServiceExit)
|
|
|
|
(pUser) add rpT3 = TrStIPSR, t0
|
|
;;
|
|
(pUser) ld8 rpT3 = [rpT3]
|
|
invala
|
|
;;
|
|
|
|
(pUser) tbit.nz.unc pUDbg = rpT3, PSR_DB // if user psr.db set, load user DRs
|
|
(pUDbg) br.call.spnt brp = KiLoadUserDebugRegisters
|
|
;;
|
|
|
|
add rpT1 = TrRsRSC, t0 // -> user RSC
|
|
add rpT2 = TrRsBSP, t0 // -> user BSP Store
|
|
;;
|
|
|
|
PROLOGUE_END
|
|
|
|
ld8 rRscE = [rpT1], TrRsRNAT-TrRsRSC // load user RSC
|
|
ld8 rBSP = [rpT2]
|
|
mov rRscD = RSC_KERNEL_DISABLED
|
|
;;
|
|
|
|
//
|
|
// Switch to user BSP -- put in load intensive mode to overlap RS restore
|
|
// with volatile state restore.
|
|
//
|
|
|
|
ld8 rRNAT = [rpT1] // user RNAT
|
|
|
|
extr.u rRscDelta = rRscE, RSC_MBZ1, RSC_LOADRS_LEN
|
|
dep rRscE = r0, rRscE, RSC_MBZ1, RSC_LOADRS_LEN
|
|
;;
|
|
|
|
alloc rT2 = 0,0,0,0
|
|
dep rRscD = rRscDelta, rRscD, RSC_LOADRS, RSC_LOADRS_LEN
|
|
sub rBSPStore = rBSP, rRscDelta
|
|
;;
|
|
|
|
mov ar.rsc = rRscD // turn off RSE
|
|
;;
|
|
loadrs // pull in user regs
|
|
;;
|
|
|
|
mov ar.bspstore = rBSPStore // restore user BSP
|
|
;;
|
|
mov ar.rnat = rRNAT // restore user RNAT
|
|
|
|
Knsc_CommonExit:
|
|
|
|
add rpT1 = TrIntNats, t0
|
|
movl rpT2 = KiPcr+PcCurrentThread
|
|
|
|
add rpT4 = TrStIPSR, t0
|
|
add rpT3 = TrRsPFS, t0
|
|
// mov rT0 = (1 << PSR_I) | (1 << PSR_MFH)
|
|
;;
|
|
|
|
ld8 rIntNats = [rpT1], TrIntSp-TrIntNats
|
|
.pred.rel "mutex",pUser,pKrnl
|
|
(pUser) ld8 rT1 = [rpT2], PcHighFpOwner-PcCurrentThread
|
|
(pKrnl) add rpT2 = PcKernelDebugActive-PcCurrentThread, rpT2
|
|
;;
|
|
|
|
ld8 rIPSR = [rpT4]
|
|
(pUser) ld8 rT2 = [rpT2]
|
|
(pKrnl) mov rPreviousMode = KernelMode
|
|
;;
|
|
|
|
ld8 rPFS = [rpT3], TrStIIP-TrRsPFS // get previous PFS
|
|
(pKrnl) ld1 rT2 = [rpT2]
|
|
(pUser) mov rPreviousMode = UserMode
|
|
;;
|
|
|
|
mov ar.rsc = rRscE // restore RSC
|
|
ld8 rIIP = [rpT3], TrStFPSR-TrStIIP
|
|
(pUser) cmp.ne.unc pt0 = rT1, rT2
|
|
;;
|
|
|
|
mov ar.unat = rIntNats
|
|
ld8 rT3 = [rpT3], TrStIFS-TrStFPSR // load fpsr
|
|
(pt0) dep rIPSR = 1, rIPSR, PSR_DFH, 1
|
|
;;
|
|
|
|
ld8.fill rSp = [rpT1], TrPreds-TrIntSp // fill sp
|
|
ld8 rIFS = [rpT3] // load IFS
|
|
// (pUser) dep rIPSR = 0, rIPSR, PSR_TB, 1 // ensure psr.tb is clear
|
|
;;
|
|
|
|
(pKrnl) cmp.ne.unc pKDbg, pt2 = rT2, r0 // hardware debug active?
|
|
dep rIPSR = 0, rIPSR, PSR_MFH, 1 // psr.mfh
|
|
;;
|
|
|
|
ld8 rPreds = [rpT1], TrApUNAT-TrPreds
|
|
(pt2) dep rIPSR = 0, rIPSR, PSR_DB, 1 // disable db in kernel
|
|
(pKDbg) dep rIPSR = 1, rIPSR, PSR_DB, 1 // enable db in kernel
|
|
;;
|
|
|
|
ld8 rUNAT = [rpT1], TrApDCR-TrApUNAT
|
|
mov ar.pfs = rPFS // restore PFS
|
|
;;
|
|
|
|
ld8 rT4 = [rpT1] // load dcr
|
|
// mov psr.l = rIPSR // restore psr settings
|
|
mov pr = rPreds // restore preds
|
|
;;
|
|
|
|
mov cr.dcr = rT4 // restore DCR
|
|
rsm 1 << PSR_IC // disable PSR.ic
|
|
mov ar.unat = rUNAT // restore UNAT
|
|
|
|
// mov brp = rIIP // restore brp
|
|
;;
|
|
|
|
srlz.d // must serialize
|
|
mov ar.fpsr = rT3 // restore FPSR
|
|
;;
|
|
|
|
//
|
|
// The system return case must be handle separately from the user return
|
|
// case, so we can determine which stack we are currently using in case
|
|
// a trap is take before we can return.
|
|
//
|
|
|
|
mov sp = rSp
|
|
|
|
|
|
//
|
|
// Restore status registers
|
|
//
|
|
bsw.0
|
|
;;
|
|
|
|
mov cr.ipsr = rIPSR // restore previous IPSR
|
|
mov cr.ifs = rIFS // restore previous IFS
|
|
mov cr.iip = rIIP // restore previous IIP
|
|
;;
|
|
|
|
//
|
|
// Resume at point of interruption (rfi must be at end of instruction group)
|
|
//
|
|
|
|
rfi
|
|
;;
|
|
|
|
Knsc_ErrorReturn:
|
|
|
|
//
|
|
// N.B. t0 is reserved to pass trap frame address to NtContinue()
|
|
//
|
|
|
|
add rPFS = TrRsPFS, sp
|
|
;;
|
|
ld8 rPFS = [rPFS]
|
|
;;
|
|
dep rPFS = 0, rPFS, 62, 2
|
|
;;
|
|
|
|
mov ar.pfs = rPFS
|
|
movl rT1 = KiSystemServiceExit
|
|
;;
|
|
|
|
mov brp = rT1
|
|
br.ret.sptk brp
|
|
;;
|
|
|
|
HANDLER_EXIT(KiServiceExit)
|
|
|
|
.sdata
|
|
KiSystemServiceExitOffset::
|
|
data4 @secrel(KiSystemServiceExit)
|
|
KiSystemServiceStartOffset::
|
|
data4 @secrel(KiSystemServiceStartAddress)
|
|
KiSystemServiceEndOffset::
|
|
data4 @secrel(KiSystemServiceEndAddress)
|
|
|
|
|
|
.text
|
|
//++
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiGenericExceptionHandler
|
|
//
|
|
// Description:
|
|
//
|
|
// First level handler for heavyweight exceptions.
|
|
//
|
|
// On entry:
|
|
//
|
|
// ic off
|
|
// interrupts disabled
|
|
// current frame covered
|
|
//
|
|
// Process:
|
|
//
|
|
// Notes:
|
|
//
|
|
// PCR page mapped with TR
|
|
//--------------------------------------------------------------------
|
|
|
|
HANDLER_ENTRY(KiGenericExceptionHandler)
|
|
|
|
.prologue
|
|
.unwabi @nt, EXCEPTION_FRAME
|
|
|
|
ALLOCATE_TRAP_FRAME
|
|
|
|
//
|
|
// sp points to trap frame
|
|
//
|
|
// Save exception handler routine in kernel register
|
|
//
|
|
|
|
mov rkHandler = rHHandler
|
|
movl rTH3 = KiPcr+PcSavedIFA
|
|
;;
|
|
|
|
st8 [rTH3] = rHIFA
|
|
|
|
//
|
|
// Save interruption state in trap frame and switch to user bank registers
|
|
// and switch to kernel backing store.
|
|
//
|
|
|
|
SAVE_INTERRUPTION_STATE(Kgeh_SaveTrapFrame)
|
|
|
|
//
|
|
// Now running with user banked registers and on kernel stack.
|
|
//
|
|
// Can now take TLB faults
|
|
//
|
|
// sp -> trap frame
|
|
//
|
|
|
|
br.call.sptk brp = KiSaveTrapFrame
|
|
;;
|
|
|
|
//
|
|
// Register aliases
|
|
//
|
|
|
|
rpT1 = t0
|
|
rpT2 = t1
|
|
rpT3 = t2
|
|
rT1 = t3
|
|
rT2 = t4
|
|
rT3 = t5
|
|
rPreviousMode = t6 // previous mode
|
|
rT4 = t7
|
|
|
|
|
|
mov rT1 = rkHandler // restore address of interruption routine
|
|
movl rpT1 = KiPcr+PcSavedIIM
|
|
;;
|
|
|
|
ld8 rT2 = [rpT1], PcSavedIFA-PcSavedIIM // load saved IIM
|
|
add rpT2 = TrEOFMarker, sp
|
|
add rpT3 = TrStIIM, sp
|
|
;;
|
|
|
|
ld8 rT4 = [rpT1] // load saved IFA
|
|
movl rT3 = KTRAP_FRAME_EOF | EXCEPTION_FRAME
|
|
;;
|
|
|
|
st8 [rpT2] = rT3, TrHandler-TrEOFMarker
|
|
st8 [rpT3] = rT2, TrStIFA-TrStIIM // save IIM in trap frame
|
|
mov bt0 = rT1 // set destination address
|
|
;;
|
|
|
|
.regstk 0, 1, 2, 0 // must match KiExceptionExit
|
|
alloc out1 = 0,1,2,0
|
|
st8 [rpT3] = rT4 // save IFA in trap frame
|
|
|
|
PROLOGUE_END
|
|
|
|
//
|
|
// Dispatch the exception via call to address in rkHandler
|
|
//
|
|
.pred.rel "mutex",pUser,pKrnl
|
|
add rpT1 = TrPreviousMode, sp // -> previous mode
|
|
(pUser) mov rPreviousMode = UserMode // set previous mode
|
|
(pKrnl) mov rPreviousMode = KernelMode
|
|
;;
|
|
|
|
st4 [rpT1] = rPreviousMode // save in trap frame
|
|
(pKDbg) br.call.spnt brp = KiLoadKernelDebugRegisters
|
|
;;
|
|
|
|
FAST_ENABLE_INTERRUPTS // enable interrupt
|
|
mov out0 = sp // trap frame pointer
|
|
br.call.sptk brp = bt0 // call handler(tf) (C code)
|
|
;;
|
|
|
|
.pred.rel "mutex",pUser,pKrnl
|
|
cmp.ne pt0, pt1 = v0, zero
|
|
(pUser) mov out1 = UserMode
|
|
(pKrnl) mov out1 = KernelMode
|
|
|
|
//
|
|
// does not return
|
|
//
|
|
|
|
mov out0 = sp
|
|
(pt1) br.cond.sptk KiAlternateExit
|
|
(pt0) br.call.spnt brp = KiExceptionDispatch
|
|
;;
|
|
|
|
//
|
|
// Interrupts need to be disable be for mess up the stack such that
|
|
// the unwind code does not work.
|
|
//
|
|
|
|
FAST_DISABLE_INTERRUPTS
|
|
;;
|
|
ALTERNATE_ENTRY(KiExceptionExit)
|
|
|
|
//++
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// This routine is called to exit from an exception.
|
|
//
|
|
// N.B. This transfer of control occurs from:
|
|
//
|
|
// 1. fall-through from above
|
|
// 2. exit from continue system service
|
|
// 3. exit from raise exception system service
|
|
// 4. exit into user mode from thread startup
|
|
//
|
|
// Arguments:
|
|
//
|
|
// loc0 - pointer to trap frame
|
|
// sp - pointer to high preserved float save area + STACK_SCRATCH_AREA
|
|
//
|
|
// Return Value:
|
|
//
|
|
// Does not return.
|
|
//
|
|
//--
|
|
|
|
//
|
|
// upon entry of this block, s0 and s1 must be set to the address of
|
|
// the trap and the exception frames respectively.
|
|
//
|
|
// preserved state is restored here because they may have been modified
|
|
// by SetContext
|
|
//
|
|
|
|
|
|
LEAF_SETUP(0, 1, 2, 0) // must be in sync with
|
|
// KiGenericExceptionHandler
|
|
mov loc0 = s0 // -> trap frame
|
|
mov out0 = s1 // -> exception frame
|
|
;;
|
|
|
|
br.call.sptk brp = KiRestoreExceptionFrame
|
|
;;
|
|
|
|
mov sp = loc0 // deallocate exception
|
|
// frame by restoring sp
|
|
|
|
ALTERNATE_ENTRY(KiAlternateExit)
|
|
|
|
//
|
|
// sp -> trap frame addres
|
|
//
|
|
// Interrupts disabled from here to rfi
|
|
//
|
|
|
|
FAST_DISABLE_INTERRUPTS
|
|
;;
|
|
|
|
RETURN_FROM_INTERRUPTION(Ked)
|
|
|
|
HANDLER_EXIT(KiGenericExceptionHandler)
|
|
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiExternalInterruptHandler
|
|
//
|
|
// Description:
|
|
//
|
|
// First level external interrupt handler. Dispatch highest priority
|
|
// pending interrupt.
|
|
//
|
|
// On entry:
|
|
//
|
|
// ic off
|
|
// interrupts disabled
|
|
// current frame covered
|
|
//
|
|
// Process:
|
|
//--------------------------------------------------------------------
|
|
|
|
HANDLER_ENTRY(KiExternalInterruptHandler)
|
|
|
|
//
|
|
// Now running with user banked registers and on kernel backing store.
|
|
// N.B. sp -> trap frame
|
|
//
|
|
// Can now take TLB faults
|
|
//
|
|
|
|
.prologue
|
|
.unwabi @nt, INTERRUPT_FRAME
|
|
.regstk 0, 4, 2, 0
|
|
alloc loc0 = 0, 4, 2, 0
|
|
|
|
//
|
|
// Register aliases
|
|
//
|
|
|
|
rVector = loc0
|
|
rSaveGP = loc1
|
|
rpSaveIrql = loc2 // -> old irql in trap frame
|
|
rOldIrql = loc3
|
|
|
|
rpT1 = t0
|
|
rpT2 = t1
|
|
rpT3 = t2
|
|
rT1 = t3
|
|
rT2 = t4
|
|
rT3 = t5
|
|
rPreviousMode = t6 // previous mode
|
|
rNewIrql = t7
|
|
|
|
pEOI = pt1
|
|
|
|
//
|
|
// Save kernel gp
|
|
//
|
|
|
|
mov rSaveGP = gp
|
|
;;
|
|
|
|
//
|
|
// Get the vector number
|
|
//
|
|
mov rVector = cr.ivr // for A0 2173 workaround
|
|
mov rOldIrql = cr.tpr // get actual tpr value
|
|
br.call.sptk brp = KiSaveTrapFrame
|
|
;;
|
|
|
|
#if defined(INTERRUPTION_LOGGING)
|
|
|
|
// For Conditional Interrupt Logging
|
|
mov t2 = gp
|
|
;;
|
|
movl gp = _gp
|
|
;;
|
|
add t0 = @gprel(KiVectorLogMask), gp
|
|
;;
|
|
ld8 t1 = [t0]
|
|
mov gp = t2
|
|
;;
|
|
tbit.z pt1 = t1, ExternalInterruptBit
|
|
(pt1) br.cond.sptk EndOfLogging2
|
|
|
|
|
|
movl t0 = KiPcr+PcInterruptionCount
|
|
;;
|
|
ld4.nt1 t0 = [t0]
|
|
mov t1 = MAX_NUMBER_OF_IHISTORY_RECORDS - 1
|
|
;;
|
|
add t0 = -1, t0
|
|
movl t2 = KiPcr+0x1000
|
|
;;
|
|
and t1 = t0, t1
|
|
;;
|
|
shl t1 = t1, 5
|
|
;;
|
|
add t0 = t2, t1
|
|
;;
|
|
add t0 = 24, t0
|
|
;;
|
|
st8.nta [t0] = rVector // save ivr in the Extra0 field
|
|
|
|
// For Conditional Interrupt Logging
|
|
EndOfLogging2:
|
|
|
|
#endif // defined(INTERRUPTION_LOGGING)
|
|
|
|
//
|
|
// Exit if spurious interrupt vector
|
|
//
|
|
|
|
cmp.eq pt0, pt1 = 0xF, rVector
|
|
extr.u rOldIrql = rOldIrql, TPR_MIC, TPR_MIC_LEN
|
|
(pt0) br.spnt Keih_Exit
|
|
;;
|
|
|
|
//
|
|
// sp -> trap frame
|
|
//
|
|
|
|
add rpSaveIrql = TrEOFMarker, sp
|
|
movl rT3 = KTRAP_FRAME_EOF | INTERRUPT_FRAME
|
|
;;
|
|
|
|
st8 [rpSaveIrql] = rT3, TrPreviousMode - TrEOFMarker
|
|
.pred.rel "mutex",pUser,pKrnl
|
|
(pUser) mov rPreviousMode = UserMode // set previous mode
|
|
(pKrnl) mov rPreviousMode = KernelMode
|
|
;;
|
|
|
|
st4 [rpSaveIrql] = rPreviousMode, TrOldIrql-TrPreviousMode
|
|
movl rpT3 = KiPcr+PcCurrentIrql
|
|
;;
|
|
|
|
st4 [rpSaveIrql] = rOldIrql // save irql in trap frame
|
|
st1 [rpT3] = rOldIrql // sanitize the shadow copy
|
|
(pKDbg) br.call.spnt brp = KiLoadKernelDebugRegisters
|
|
;;
|
|
|
|
PROLOGUE_END
|
|
|
|
Keih_InterruptLoop:
|
|
//
|
|
// Dispatch the interrupt: first raise the IRQL to the level of the new
|
|
// interrupt and enable interrupts.
|
|
//
|
|
|
|
GET_IRQL_FOR_VECTOR(p0, rNewIrql, rVector)
|
|
movl rpT3 = KiPcr+PcInterruptRoutine // -> interrupt routine table
|
|
;;
|
|
|
|
shladd rpT3 = rVector, INT_ROUTINES_SHIFT, rpT3 // base + offset
|
|
SET_IRQL (rNewIrql) // raise to new level
|
|
movl rpT1 = KiPcr + PcPrcb // pointer to prcb
|
|
;;
|
|
|
|
ld8 out0 = [rpT3] // out0 -> interrupt dispatcher
|
|
ld8 rpT1 = [rpT1]
|
|
mov out1 = sp // out1 -> trap frame
|
|
;;
|
|
|
|
FAST_ENABLE_INTERRUPTS
|
|
add rpT1 = PbInterruptCount, rpT1 // -> interrupt counter
|
|
;;
|
|
|
|
ld4.nta rT1 = [rpT1] // counter value
|
|
ld8.nta rT2 = [out0], PlGlobalPointer-PlEntryPoint // get entry point
|
|
;;
|
|
add rT1 = 1, rT1 // increment
|
|
;;
|
|
|
|
//
|
|
// Call the interrupt dispatch routine via a function pointer
|
|
//
|
|
|
|
st4.nta [rpT1] = rT1 // store, ignore overflow
|
|
;;
|
|
|
|
ld8.nta gp = [out0], PlEntryPoint-PlGlobalPointer
|
|
mov bt0 = rT2
|
|
br.call.sptk brp = bt0 // call ISR
|
|
;;
|
|
|
|
ld4 rOldIrql = [rpSaveIrql]
|
|
mov gp = rSaveGP
|
|
END_OF_INTERRUPT // end of interrupt processing
|
|
IO_END_OF_INTERRUPT(rVector,rT1,rT2,pEOI)
|
|
;;
|
|
srlz.d
|
|
|
|
//
|
|
// Disable interrupts and restore IRQL level
|
|
//
|
|
|
|
FAST_DISABLE_INTERRUPTS
|
|
|
|
cmp.gt pt0 = APC_LEVEL, rOldIrql
|
|
mov t0 = APC_LEVEL
|
|
;;
|
|
(pt0) br.spnt ke_call_apc
|
|
|
|
ke_call_apc_resume:
|
|
|
|
LOWER_IRQL (rOldIrql)
|
|
|
|
//
|
|
// Get the next vector number
|
|
//
|
|
|
|
mov rVector = cr.ivr // for A0 2173 workaround
|
|
;;
|
|
//
|
|
// Loop if more interrupts pending (spurious vector == 0xF)
|
|
//
|
|
|
|
cmp.ne pt0 = 0xF, rVector
|
|
;;
|
|
(pt0) br.spnt Keih_InterruptLoop
|
|
br.sptk Keih_Exit
|
|
;;
|
|
|
|
ke_call_apc:
|
|
LOWER_IRQL (t0)
|
|
|
|
ke_call_apc1:
|
|
movl t0 = KiPcr+PcApcInterrupt
|
|
;;
|
|
ld1 t1 = [t0]
|
|
st1 [t0] = r0
|
|
;;
|
|
cmp.eq pt0 = r0, t1
|
|
;;
|
|
(pt0) br.sptk ke_call_apc_resume
|
|
FAST_ENABLE_INTERRUPTS
|
|
mov out1 = sp
|
|
br.call.sptk brp = KiApcInterrupt
|
|
FAST_DISABLE_INTERRUPTS
|
|
br.sptk ke_call_apc1
|
|
|
|
Keih_Exit:
|
|
|
|
RETURN_FROM_INTERRUPTION(Keih)
|
|
|
|
HANDLER_EXIT(KiExternalInterruptHandler)
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiPanicHandler
|
|
//
|
|
// Description:
|
|
//
|
|
// Handler for panic. Call the bug check routine. A place
|
|
// holder for now.
|
|
//
|
|
// On entry:
|
|
//
|
|
// running on kernel memory stack and kernel backing store
|
|
// sp: top of stack -- points to trap frame
|
|
// interrupts enabled
|
|
//
|
|
// IIP: address of bundle causing fault
|
|
//
|
|
// IPSR: copy of PSR at time of interruption
|
|
//
|
|
// Output:
|
|
//
|
|
// sp: top of stack -- points to trap frame
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
// Notes:
|
|
//
|
|
// If ISR code out of bounds, this code will inovke the panic handler
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
HANDLER_ENTRY(KiPanicHandler)
|
|
|
|
.prologue
|
|
.unwabi @nt, EXCEPTION_FRAME
|
|
|
|
mov rHpT1 = KERNEL_STACK_SIZE
|
|
movl rTH1 = KiPcr+PcPanicStack
|
|
;;
|
|
|
|
ld8 sp = [rTH1], PcInitialStack-PcPanicStack
|
|
movl rTH2 = KiPcr+PcSystemReserved
|
|
;;
|
|
|
|
st4 [rTH2] = rPanicCode
|
|
st8 [rTH1] = sp, PcStackLimit-PcInitialStack
|
|
sub rTH2 = sp, rHpT1
|
|
;;
|
|
|
|
st8 [rTH1] = rTH2, PcInitialBStore-PcStackLimit
|
|
mov rHpT1 = KERNEL_BSTORE_SIZE
|
|
;;
|
|
|
|
st8 [rTH1] = sp, PcBStoreLimit-PcInitialBStore
|
|
add rTH2 = rHpT1, sp
|
|
add sp = -TrapFrameLength, sp
|
|
;;
|
|
|
|
st8 [rTH1] = rTH2
|
|
|
|
SAVE_INTERRUPTION_STATE(Kph_SaveTrapFrame)
|
|
|
|
//
|
|
// switch to kernel back
|
|
//
|
|
bsw.0
|
|
;;
|
|
|
|
rpRNAT = h16
|
|
rpBSPStore= h17
|
|
rBSPStore = h18
|
|
rKBSPStore= h19
|
|
rRNAT = h20
|
|
rKrnlFPSR = h21
|
|
|
|
mov ar.rsc = r0 // put RSE in lazy mode
|
|
movl rKBSPStore = KiPcr+PcInitialBStore
|
|
;;
|
|
|
|
mov rBSPStore = ar.bspstore
|
|
mov rRNAT = ar.rnat
|
|
;;
|
|
|
|
ld8 rKBSPStore = [rKBSPStore]
|
|
add rpRNAT = TrRsRNAT, sp
|
|
add rpBSPStore = TrRsBSPSTORE, sp
|
|
;;
|
|
|
|
st8 [rpRNAT] = rRNAT
|
|
st8 [rpBSPStore] = rBSPStore
|
|
dep rKBSPStore = rBSPStore, rKBSPStore, 0, 9
|
|
;;
|
|
|
|
mov ar.bspstore = rKBSPStore
|
|
mov ar.rsc = RSC_KERNEL
|
|
;;
|
|
|
|
//
|
|
// switch to user bank
|
|
//
|
|
bsw.1
|
|
;;
|
|
alloc out0 = ar.pfs, 0, 0, 5, 0
|
|
;;
|
|
|
|
PROLOGUE_END
|
|
|
|
br.call.sptk brp = KiSaveTrapFrame
|
|
;;
|
|
|
|
movl out0 = KiPcr+PcSystemReserved
|
|
;;
|
|
|
|
ld4 out0 = [out0] // 1st argument: panic code
|
|
mov out1 = sp // 2nd argument: trap frame
|
|
br.call.sptk.many brp = KeBugCheckEx
|
|
;;
|
|
|
|
nop.m 0
|
|
nop.m 0
|
|
nop.i 0
|
|
;;
|
|
|
|
HANDLER_EXIT(KiPanicHandler)
|
|
|
|
//++
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// VOID
|
|
// KiSaveTrapFrame(PKTRAP_FRAME)
|
|
//
|
|
// Description:
|
|
//
|
|
// Save volatile application state in trap frame.
|
|
// Note: sp, brp, UNAT, RSC, predicates, BSP, BSP Store,
|
|
// PFS, DCR, and FPSR saved elsewhere.
|
|
//
|
|
// Input:
|
|
//
|
|
// sp: points to trap frame
|
|
// ar.unat: contains the Nats of sp, gp, teb, which have already
|
|
// been spilled into the trap frame.
|
|
//
|
|
// Output:
|
|
//
|
|
// None
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
LEAF_ENTRY(KiSaveTrapFrame)
|
|
|
|
.regstk 0, 3, 0, 0
|
|
|
|
//
|
|
// Local register aliases
|
|
//
|
|
|
|
rpTF1 = loc0
|
|
rpTF2 = loc1
|
|
rL1 = t0
|
|
rL2 = t1
|
|
rL3 = t2
|
|
rL4 = t3
|
|
rL5 = t4
|
|
|
|
|
|
//
|
|
// (ar.unat unchanged from point of save)
|
|
// Spill temporary (volatile) integer registers
|
|
//
|
|
|
|
alloc loc2 = 0,3,0,0 // don't destroy static register
|
|
add rpTF1 = TrIntT0, sp // -> t0 save area
|
|
add rpTF2 = TrIntT1, sp // -> t1 save area
|
|
;;
|
|
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t0, TrIntT2-TrIntT0 // spill t0 - t22
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t1, TrIntT3-TrIntT1
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t2, TrIntT4-TrIntT2
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t3, TrIntT5-TrIntT3
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t4, TrIntT6-TrIntT4
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t5, TrIntT7-TrIntT5
|
|
mov rL2 = bt0
|
|
;;
|
|
|
|
mov rL1 = cr.dcr
|
|
mov rL4 = ar.ccv
|
|
mov rL3 = bt1
|
|
;;
|
|
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t6, TrIntT8-TrIntT6
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t7, TrIntT9-TrIntT7
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t8, TrIntT10-TrIntT8
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t9, TrIntT11-TrIntT9
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t10, TrIntT12-TrIntT10
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t11, TrIntT13-TrIntT11
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t12, TrIntT14-TrIntT12
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t13, TrIntT15-TrIntT13
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t14, TrIntT16-TrIntT14
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t15, TrIntT17-TrIntT15
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t16, TrIntT18-TrIntT16
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t17, TrIntT19-TrIntT17
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t18, TrIntT20-TrIntT18
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t19, TrIntT21-TrIntT19
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t20, TrIntT22-TrIntT20
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = t21, TrIntV0-TrIntT21
|
|
;;
|
|
.mem.offset 0,0
|
|
st8.spill [rpTF1] = t22, TrBrT0-TrIntT22
|
|
.mem.offset 8,0
|
|
st8.spill [rpTF2] = v0, TrBrT1-TrIntV0 // spill old V0
|
|
;;
|
|
|
|
st8 [rpTF1] = rL2, TrApCCV-TrBrT0 // save old bt0 - bt1
|
|
st8 [rpTF2] = rL3
|
|
;;
|
|
|
|
mov rL5 = ar.unat
|
|
st8 [rpTF1] = rL4, TrApDCR-TrApCCV // save ar.ccv
|
|
;;
|
|
|
|
st8 [rpTF1] = rL1 // save cr.dcr
|
|
add rpTF1 = TrFltT0, sp // point to FltT0
|
|
add rpTF2 = TrFltT1, sp // point to FltT1
|
|
;;
|
|
|
|
//
|
|
// Spill temporary (volatile) floating point registers
|
|
//
|
|
|
|
stf.spill [rpTF1] = ft0, TrFltT2-TrFltT0 // spill float tmp 0 - 9
|
|
stf.spill [rpTF2] = ft1, TrFltT3-TrFltT1
|
|
;;
|
|
stf.spill [rpTF1] = ft2, TrFltT4-TrFltT2
|
|
stf.spill [rpTF2] = ft3, TrFltT5-TrFltT3
|
|
;;
|
|
stf.spill [rpTF1] = ft4, TrFltT6-TrFltT4
|
|
stf.spill [rpTF2] = ft5, TrFltT7-TrFltT5
|
|
;;
|
|
stf.spill [rpTF1] = ft6, TrFltT8-TrFltT6
|
|
stf.spill [rpTF2] = ft7, TrFltT9-TrFltT7
|
|
add t20 = TrIntNats, sp
|
|
;;
|
|
stf.spill [rpTF1] = ft8
|
|
stf.spill [rpTF2] = ft9
|
|
;;
|
|
|
|
st8 [t20] = rL5 // save volatile iNats
|
|
LEAF_RETURN
|
|
;;
|
|
|
|
LEAF_EXIT(KiSaveTrapFrame)
|
|
|
|
//++
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// VOID
|
|
// KiRestoreTrapFrame(PKTRAP_FRAME)
|
|
//
|
|
// Description:
|
|
//
|
|
// Restore volatile application state from trap frame. Restore DCR
|
|
// Note: sp, brp, RSC, UNAT, predicates, BSP, BSP Store, PFS,
|
|
// DCR and FPSR not restored here.
|
|
//
|
|
// Input:
|
|
//
|
|
// sp: points to trap frame
|
|
// RSE frame size is zero
|
|
//
|
|
// Output:
|
|
//
|
|
// None
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
LEAF_ENTRY(KiRestoreTrapFrame)
|
|
|
|
LEAF_SETUP(0,2,0,0)
|
|
|
|
rpTF1 = loc0
|
|
rpTF2 = loc1
|
|
|
|
mov t21 = psr
|
|
add t12 = TrIntNats, sp
|
|
add rpTF2 = TrApCCV, sp
|
|
;;
|
|
|
|
ld8 t0 = [t12], TrBrT0-TrIntNats
|
|
ld8 t1 = [rpTF2], TrBrT1-TrApCCV
|
|
add rpTF1 = TrFltT0, sp
|
|
;;
|
|
|
|
ld8 t2 = [t12], TrStFPSR-TrBrT0
|
|
ld8 t3 = [rpTF2], TrApDCR-TrBrT1
|
|
;;
|
|
|
|
ld8 t10 = [t12]
|
|
ld8 t11 = [rpTF2], TrFltT1-TrApDCR
|
|
;;
|
|
|
|
ldf.fill ft0 = [rpTF1], TrFltT2-TrFltT0
|
|
ldf.fill ft1 = [rpTF2], TrFltT3-TrFltT1
|
|
;;
|
|
|
|
mov ar.unat = t0
|
|
|
|
ldf.fill ft2 = [rpTF1], TrFltT4-TrFltT2
|
|
ldf.fill ft3 = [rpTF2], TrFltT5-TrFltT3
|
|
;;
|
|
|
|
ldf.fill ft4 = [rpTF1], TrFltT6-TrFltT4
|
|
ldf.fill ft5 = [rpTF2], TrFltT7-TrFltT5
|
|
;;
|
|
|
|
ldf.fill ft6 = [rpTF1], TrFltT8-TrFltT6
|
|
ldf.fill ft7 = [rpTF2], TrFltT9-TrFltT7
|
|
;;
|
|
|
|
ldf.fill ft8 = [rpTF1], TrIntGp-TrFltT8
|
|
ldf.fill ft9 = [rpTF2], TrIntT0-TrFltT9
|
|
;;
|
|
|
|
mov ar.ccv = t1
|
|
ld8.fill gp = [rpTF1], TrIntT1-TrIntGp
|
|
;;
|
|
|
|
ld8.fill t0 = [rpTF2], TrIntT2-TrIntT0
|
|
ld8.fill t1 = [rpTF1], TrIntT3-TrIntT1
|
|
mov bt0 = t2
|
|
;;
|
|
|
|
mov cr.dcr = t11
|
|
ld8.fill t2 = [rpTF2], TrIntT4-TrIntT2
|
|
mov bt1 = t3
|
|
;;
|
|
|
|
ld8.fill t3 = [rpTF1], TrIntT5-TrIntT3
|
|
tbit.z pt1 = t21, PSR_MFL
|
|
|
|
mov ar.fpsr = t10
|
|
ld8.fill t4 = [rpTF2], TrIntT6-TrIntT4
|
|
;;
|
|
|
|
ld8.fill t5 = [rpTF1], TrIntT7-TrIntT5
|
|
ld8.fill t6 = [rpTF2], TrIntT8-TrIntT6
|
|
;;
|
|
|
|
ld8.fill t7 = [rpTF1], TrIntT9-TrIntT7
|
|
ld8.fill t8 = [rpTF2], TrIntT10-TrIntT8
|
|
;;
|
|
|
|
ld8.fill t9 = [rpTF1], TrIntT11-TrIntT9
|
|
ld8.fill t10 = [rpTF2], TrIntT12-TrIntT10
|
|
;;
|
|
|
|
ld8.fill t11 = [rpTF1], TrIntT13-TrIntT11
|
|
ld8.fill t12 = [rpTF2], TrIntT14-TrIntT12
|
|
;;
|
|
|
|
ld8.fill t13 = [rpTF1], TrIntT15-TrIntT13
|
|
ld8.fill t14 = [rpTF2], TrIntT16-TrIntT14
|
|
;;
|
|
|
|
ld8.fill t15 = [rpTF1], TrIntT17-TrIntT15
|
|
ld8.fill t16 = [rpTF2], TrIntT18-TrIntT16
|
|
;;
|
|
|
|
ld8.fill t17 = [rpTF1], TrIntT19-TrIntT17
|
|
ld8.fill t18 = [rpTF2], TrIntT20-TrIntT18
|
|
;;
|
|
|
|
ld8.fill t19 = [rpTF1], TrIntT21-TrIntT19
|
|
ld8.fill t20 = [rpTF2], TrIntT22-TrIntT20
|
|
;;
|
|
|
|
ld8.fill t21 = [rpTF1], TrIntTeb-TrIntT21
|
|
ld8.fill t22 = [rpTF2], TrIntV0-TrIntT22
|
|
;;
|
|
|
|
ld8.fill teb = [rpTF1]
|
|
ld8.fill v0 = [rpTF2]
|
|
br.ret.sptk.many brp
|
|
;;
|
|
|
|
LEAF_EXIT(KiRestoreTrapFrame)
|
|
|
|
//++
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// VOID
|
|
// KiLoadKernelDebugRegisters
|
|
//
|
|
// Description:
|
|
//
|
|
// We maintain two debug register flags:
|
|
// 1. Thread DebugActive: Debug registers active for current thread
|
|
// 2. PCR KernelDebugActive: Debug registers active in kernel mode
|
|
// (setup by kernel debugger)
|
|
//
|
|
// On user -> kernel transitions there are four possibilities:
|
|
//
|
|
// Thread Kernel
|
|
// DebugActive DebugActive Action
|
|
//
|
|
// 1. 0 0 None
|
|
//
|
|
// 2. 1 0 None (kernel PSR.db = 0 by default)
|
|
//
|
|
// 3. 0 1 Set PSR.db = 1 for kernel
|
|
//
|
|
// 4. 1 1 Set PSR.db = 1 for kernel and
|
|
// load kernel debug registers
|
|
//
|
|
// Note we never save the user debug registers:
|
|
// the user cannot change the DRs so the values in the DR save area are
|
|
// always up-to-date (set by SetContext).
|
|
//
|
|
// Input:
|
|
//
|
|
// None (Previous mode is USER)
|
|
//
|
|
// Output:
|
|
//
|
|
// None
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
NESTED_ENTRY(KiLoadKernelDebugRegisters)
|
|
PROLOGUE_BEGIN
|
|
|
|
movl t10 = KiPcr+PcPrcb
|
|
;;
|
|
|
|
ld8 t10 = [t10] // load prcb address
|
|
cmp.eq pt3, pt2 = r0, r0
|
|
;;
|
|
|
|
add t11 = PbProcessorState+KpsSpecialRegisters+KsKernelDbI0,t10
|
|
add t12 = PbProcessorState+KpsSpecialRegisters+KsKernelDbI1,t10
|
|
add t13 = PbProcessorState+KpsSpecialRegisters+KsKernelDbD0,t10
|
|
add t14 = PbProcessorState+KpsSpecialRegisters+KsKernelDbD1,t10
|
|
br Krdr_Common
|
|
;;
|
|
|
|
ALTERNATE_ENTRY(KiLoadUserDebugRegisters)
|
|
|
|
//
|
|
// Restore debug registers, if debug active
|
|
//
|
|
|
|
cmp.ne pt3, pt2 = r0, r0
|
|
movl t10 = KiPcr+PcCurrentThread
|
|
;;
|
|
|
|
ld8 t10 = [t10] // get current thread pointer
|
|
;;
|
|
add t10 = ThStackBase, t10
|
|
;;
|
|
|
|
ld8.nta t10 = [t10] // get stack base
|
|
;;
|
|
add t11 = -ThreadStateSaveAreaLength+TsDebugRegisters+DrDbI0,t10
|
|
add t12 = -ThreadStateSaveAreaLength+TsDebugRegisters+DrDbI1,t10
|
|
|
|
add t13 = -ThreadStateSaveAreaLength+TsDebugRegisters+DrDbD0,t10
|
|
add t14 = -ThreadStateSaveAreaLength+TsDebugRegisters+DrDbD1,t10
|
|
;;
|
|
|
|
|
|
Krdr_Common:
|
|
|
|
.regstk 0, 2, 2, 0
|
|
.save ar.pfs, savedpfs
|
|
alloc savedpfs = ar.pfs, 0, 2, 2, 0
|
|
.save b0, savedbrp
|
|
mov savedbrp = brp
|
|
|
|
.save ar.lc, t22
|
|
mov t22 = ar.lc // save ar.lc
|
|
mov t7 = 0
|
|
mov t8 = 1
|
|
|
|
PROLOGUE_END
|
|
|
|
mov ar.lc = 1 // 2 pairs of debug registers
|
|
;;
|
|
|
|
Krdr_Loop:
|
|
|
|
ld8 t1 = [t11], 16 // get dbr pair
|
|
ld8 t2 = [t12], 16 // step by 16 = 1 pair of DRs
|
|
|
|
ld8 t3 = [t13], 16 // get dbr pair
|
|
ld8 t4 = [t14], 16 // step by 16 = 1 pair of DRs
|
|
;;
|
|
|
|
.auto
|
|
mov ibr[t7] = t1 // restore ibr pair
|
|
mov ibr[t8] = t2
|
|
|
|
.auto
|
|
mov dbr[t7] = t3 // restore dbr pair
|
|
mov dbr[t8] = t4
|
|
;;
|
|
|
|
#ifndef NO_12241
|
|
srlz.d
|
|
#endif
|
|
|
|
.default
|
|
add t7 = 2, t7 // next pair
|
|
add t8 = 2, t8
|
|
br.cloop.sptk Krdr_Loop
|
|
;;
|
|
|
|
mov ar.lc = t22 // restore ar.lc
|
|
(pt2) br.ret.sptk brp // return if loading user
|
|
|
|
mov out0 = PSR_DB
|
|
mov out1 = 1
|
|
(pt3) br.call.spnt brp = KeSetLowPsrBit // set psr.db if loading kernel
|
|
;;
|
|
|
|
NESTED_RETURN
|
|
;;
|
|
|
|
NESTED_EXIT(KiLoadKernelDebugRegisters)
|
|
|
|
//++
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// VOID
|
|
// KiSaveExceptionFrame(PKEXCEPTION_FRAME)
|
|
//
|
|
// Description:
|
|
//
|
|
// Save preserved context in exception frame.
|
|
//
|
|
// Input:
|
|
//
|
|
// a0: points to exception frame
|
|
//
|
|
// Output:
|
|
//
|
|
// None
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
// Note: t0 may contain the trap frame address; don't touch it.
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
LEAF_ENTRY(KiSaveExceptionFrame)
|
|
|
|
//
|
|
// Local register aliases
|
|
//
|
|
|
|
rpEF1 = t10
|
|
rpEF2 = t11
|
|
|
|
add rpEF1 = ExIntS0, a0 // -> ExIntS0
|
|
movl t12 = PFS_EC_MASK << PFS_EC_SHIFT
|
|
;;
|
|
|
|
add rpEF2 = ExIntS1, a0 // -> ExIntS1
|
|
mov t3 = ar.pfs
|
|
;;
|
|
and t3 = t3, t12
|
|
|
|
.mem.offset 0,0
|
|
st8.spill [rpEF1] = s0, ExIntS2-ExIntS0
|
|
.mem.offset 8,0
|
|
st8.spill [rpEF2] = s1, ExIntS3-ExIntS1
|
|
mov t4 = ar.lc
|
|
;;
|
|
|
|
.mem.offset 0,0
|
|
st8.spill [rpEF1] = s2, ExApEC-ExIntS2
|
|
.mem.offset 8,0
|
|
st8.spill [rpEF2] = s3, ExApLC-ExIntS3
|
|
mov t5 = bs0
|
|
;;
|
|
|
|
st8 [rpEF1] = t3, ExBrS0-ExApEC
|
|
st8 [rpEF2] = t4, ExBrS1-ExApLC
|
|
mov t6 = bs1
|
|
;;
|
|
|
|
mov t2 = ar.unat // save user nat register for
|
|
mov t7 = bs2
|
|
mov t8 = bs3
|
|
|
|
st8 [rpEF1] = t5, ExBrS2-ExBrS0
|
|
st8 [rpEF2] = t6, ExBrS3-ExBrS1
|
|
mov t9 = bs4
|
|
;;
|
|
|
|
st8 [rpEF1] = t7, ExBrS4-ExBrS2
|
|
st8 [rpEF2] = t8, ExIntNats-ExBrS3
|
|
;;
|
|
|
|
st8 [rpEF1] = t9, ExFltS0-ExBrS4
|
|
st8 [rpEF2] = t2, ExFltS1-ExIntNats
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs0, ExFltS2-ExFltS0
|
|
stf.spill [rpEF2] = fs1, ExFltS3-ExFltS1
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs2, ExFltS4-ExFltS2
|
|
stf.spill [rpEF2] = fs3, ExFltS5-ExFltS3
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs4, ExFltS6-ExFltS4
|
|
stf.spill [rpEF2] = fs5, ExFltS7-ExFltS5
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs6, ExFltS8-ExFltS6
|
|
stf.spill [rpEF2] = fs7, ExFltS9-ExFltS7
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs8, ExFltS10-ExFltS8
|
|
stf.spill [rpEF2] = fs9, ExFltS11-ExFltS9
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs10, ExFltS12-ExFltS10
|
|
stf.spill [rpEF2] = fs11, ExFltS13-ExFltS11
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs12, ExFltS14-ExFltS12
|
|
stf.spill [rpEF2] = fs13, ExFltS15-ExFltS13
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs14, ExFltS16-ExFltS14
|
|
stf.spill [rpEF2] = fs15, ExFltS17-ExFltS15
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs16, ExFltS18-ExFltS16
|
|
stf.spill [rpEF2] = fs17, ExFltS19-ExFltS17
|
|
;;
|
|
|
|
stf.spill [rpEF1] = fs18
|
|
stf.spill [rpEF2] = fs19
|
|
LEAF_RETURN
|
|
;;
|
|
|
|
LEAF_EXIT(KiSaveExceptionFrame)
|
|
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// VOID
|
|
// KiRestoreExceptionFrame(PKEXCEPTION_FRAME)
|
|
//
|
|
// Description:
|
|
//
|
|
// Restores preserved context from the exception frame. Also
|
|
// restore volatile part of floating point context not restored with
|
|
// rest of volatile context.
|
|
//
|
|
// Note: This routine does not use v0, t21 or t22. This routine's
|
|
// caller may be dependent on these registers (for performance
|
|
// in the context switch path).
|
|
//
|
|
// Input:
|
|
//
|
|
// a0: points to exception frame
|
|
//
|
|
// Output:
|
|
//
|
|
// None
|
|
//
|
|
// Return value:
|
|
//
|
|
// none
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
LEAF_ENTRY(KiRestoreExceptionFrame)
|
|
|
|
|
|
add t16 = ExIntNats, a0
|
|
movl t12 = PFS_EC_MASK << PFS_EC_SHIFT
|
|
|
|
add t17 = ExApEC, a0
|
|
nop.f 0
|
|
mov t13 = ar.pfs
|
|
;;
|
|
|
|
ld8.nta t2 = [t16], ExBrS0-ExIntNats
|
|
ld8.nta t3 = [t17], ExApLC-ExApEC
|
|
;;
|
|
|
|
ld8.nta t5 = [t16], ExBrS1-ExBrS0
|
|
ld8.nta t4 = [t17], ExBrS2-ExApLC
|
|
;;
|
|
|
|
ld8.nta t6 = [t16], ExBrS3-ExBrS1
|
|
ld8.nta t7 = [t17], ExBrS4-ExBrS2
|
|
;;
|
|
|
|
ld8.nta t8 = [t16], ExFltS0-ExBrS3
|
|
ld8.nta t9 = [t17], ExFltS1-ExBrS4
|
|
;;
|
|
|
|
ldf.fill.nta fs0 = [t16], ExFltS2-ExFltS0
|
|
ldf.fill.nta fs1 = [t17], ExFltS3-ExFltS1
|
|
add t18 = ExIntS0, a0
|
|
;;
|
|
|
|
ldf.fill.nta fs2 = [t16], ExFltS4-ExFltS2
|
|
ldf.fill.nta fs3 = [t17], ExFltS5-ExFltS3
|
|
add t19 = ExIntS1, a0
|
|
;;
|
|
|
|
ldf.fill.nta fs4 = [t16], ExFltS6-ExFltS4
|
|
ldf.fill.nta fs5 = [t17], ExFltS7-ExFltS5
|
|
andcm t13 = t13, t12 // zero out EC field
|
|
;;
|
|
|
|
ldf.fill.nta fs6 = [t16], ExFltS8-ExFltS6
|
|
ldf.fill.nta fs7 = [t17], ExFltS9-ExFltS7
|
|
and t3 = t3, t12 // capture EC value
|
|
;;
|
|
|
|
mov ar.unat = t2
|
|
or t13 = t3, t13 // deposit into PFS.EC field
|
|
;;
|
|
|
|
ldf.fill.nta fs8 = [t16], ExFltS10-ExFltS8
|
|
ldf.fill.nta fs9 = [t17], ExFltS11-ExFltS9
|
|
mov ar.pfs = t13
|
|
;;
|
|
|
|
ldf.fill.nta fs10 = [t16], ExFltS12-ExFltS10
|
|
ldf.fill.nta fs11 = [t17], ExFltS13-ExFltS11
|
|
mov ar.lc = t4
|
|
;;
|
|
|
|
ldf.fill.nta fs12 = [t16], ExFltS14-ExFltS12
|
|
ldf.fill.nta fs13 = [t17], ExFltS15-ExFltS13
|
|
mov bs0 = t5
|
|
;;
|
|
|
|
ldf.fill.nta fs14 = [t16], ExFltS16-ExFltS14
|
|
ldf.fill.nta fs15 = [t17], ExFltS17-ExFltS15
|
|
mov bs1 = t6
|
|
;;
|
|
|
|
ldf.fill.nta fs16 = [t16], ExFltS18-ExFltS16
|
|
ldf.fill.nta fs17 = [t17], ExFltS19-ExFltS17
|
|
mov bs2 = t7
|
|
;;
|
|
|
|
ldf.fill.nta fs18 = [t16]
|
|
ldf.fill.nta fs19 = [t17]
|
|
mov bs3 = t8
|
|
|
|
ld8.fill.nta s0 = [t18], ExIntS2-ExIntS0
|
|
ld8.fill.nta s1 = [t19], ExIntS3-ExIntS1
|
|
mov bs4 = t9
|
|
;;
|
|
|
|
ld8.fill.nta s2 = [t18]
|
|
ld8.fill.nta s3 = [t19]
|
|
LEAF_RETURN
|
|
;;
|
|
LEAF_EXIT(KiRestoreExceptionFrame)
|
|
|
|
//++
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiSaveHigherFPVolatile(PKHIGHER_FP_SAVEAREA)
|
|
//
|
|
// Description:
|
|
//
|
|
// Save higher FP volatile context in higher FP save area
|
|
//
|
|
// Input:
|
|
//
|
|
// a0: pointer to higher FP save area
|
|
// brp: return address
|
|
//
|
|
// Output:
|
|
//
|
|
// None
|
|
//
|
|
// Return value:
|
|
//
|
|
// None
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
NESTED_ENTRY(KiSaveHigherFPVolatile)
|
|
NESTED_SETUP(1, 3, 1, 0)
|
|
PROLOGUE_END
|
|
|
|
//
|
|
// Local register aliases
|
|
//
|
|
|
|
rpSA1 = t0
|
|
rpSA2 = t1
|
|
|
|
//
|
|
// Clear DFH bit so the high floating point set may be saved by the kernel
|
|
// Disable interrupts so that save is atomic
|
|
//
|
|
|
|
GET_IRQL (loc2)
|
|
mov t2 = psr.um
|
|
movl t3 = KiPcr+PcCurrentThread
|
|
;;
|
|
|
|
cmp.ge pt2, pt3 = APC_LEVEL, loc2
|
|
;;
|
|
PSET_IRQL (pt2, DISPATCH_LEVEL)
|
|
|
|
ld8 t4 = [t3], PcHighFpOwner-PcCurrentThread
|
|
;;
|
|
ld8 t5 = [t3]
|
|
;;
|
|
|
|
cmp.ne pt1 = t4, t5
|
|
(pt1) br.cond.spnt Kshfpv20
|
|
;;
|
|
|
|
tbit.z pt0 = t2, PSR_MFH
|
|
(pt0) br.cond.spnt Kshfpv20
|
|
br Kshfpv10
|
|
;;
|
|
|
|
ALTERNATE_ENTRY(KiSaveHigherFPVolatileAtDispatchLevel)
|
|
|
|
NESTED_SETUP(1, 3, 1, 0)
|
|
cmp.ne pt2, pt3 = r0, r0 // set pt2 to FALSE, pt3 to TRUE
|
|
|
|
PROLOGUE_END
|
|
|
|
movl t3 = KiPcr+PcCurrentThread
|
|
;;
|
|
ld8 t4 = [t3], PcHighFpOwner-PcCurrentThread
|
|
;;
|
|
ld8 t5 = [t3]
|
|
;;
|
|
cmp.ne pt1 = t4, t5
|
|
;;
|
|
(pt1) break.i BREAKPOINT_STOP
|
|
|
|
Kshfpv10:
|
|
|
|
rsm (1 << PSR_DFH)
|
|
add rpSA1 = HiFltF32, a0 // -> HiFltF32
|
|
add rpSA2 = HiFltF33, a0 // -> HiFltF33
|
|
;;
|
|
srlz.d
|
|
|
|
stf.spill.nta [rpSA1] = f32, HiFltF34-HiFltF32
|
|
stf.spill.nta [rpSA2] = f33, HiFltF35-HiFltF33
|
|
;;
|
|
stf.spill.nta [rpSA1] = f34, HiFltF36-HiFltF34
|
|
stf.spill.nta [rpSA2] = f35, HiFltF37-HiFltF35
|
|
;;
|
|
stf.spill.nta [rpSA1] = f36, HiFltF38-HiFltF36
|
|
stf.spill.nta [rpSA2] = f37, HiFltF39-HiFltF37
|
|
;;
|
|
stf.spill.nta [rpSA1] = f38, HiFltF40-HiFltF38
|
|
stf.spill.nta [rpSA2] = f39, HiFltF41-HiFltF39
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f40, HiFltF42-HiFltF40
|
|
stf.spill.nta [rpSA2] = f41, HiFltF43-HiFltF41
|
|
;;
|
|
stf.spill.nta [rpSA1] = f42, HiFltF44-HiFltF42
|
|
stf.spill.nta [rpSA2] = f43, HiFltF45-HiFltF43
|
|
;;
|
|
stf.spill.nta [rpSA1] = f44, HiFltF46-HiFltF44
|
|
stf.spill.nta [rpSA2] = f45, HiFltF47-HiFltF45
|
|
;;
|
|
stf.spill.nta [rpSA1] = f46, HiFltF48-HiFltF46
|
|
stf.spill.nta [rpSA2] = f47, HiFltF49-HiFltF47
|
|
;;
|
|
stf.spill.nta [rpSA1] = f48, HiFltF50-HiFltF48
|
|
stf.spill.nta [rpSA2] = f49, HiFltF51-HiFltF49
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f50, HiFltF52-HiFltF50
|
|
stf.spill.nta [rpSA2] = f51, HiFltF53-HiFltF51
|
|
;;
|
|
stf.spill.nta [rpSA1] = f52, HiFltF54-HiFltF52
|
|
stf.spill.nta [rpSA2] = f53, HiFltF55-HiFltF53
|
|
;;
|
|
stf.spill.nta [rpSA1] = f54, HiFltF56-HiFltF54
|
|
stf.spill.nta [rpSA2] = f55, HiFltF57-HiFltF55
|
|
;;
|
|
stf.spill.nta [rpSA1] = f56, HiFltF58-HiFltF56
|
|
stf.spill.nta [rpSA2] = f57, HiFltF59-HiFltF57
|
|
;;
|
|
stf.spill.nta [rpSA1] = f58, HiFltF60-HiFltF58
|
|
stf.spill.nta [rpSA2] = f59, HiFltF61-HiFltF59
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f60, HiFltF62-HiFltF60
|
|
stf.spill.nta [rpSA2] = f61, HiFltF63-HiFltF61
|
|
;;
|
|
stf.spill.nta [rpSA1] = f62, HiFltF64-HiFltF62
|
|
stf.spill.nta [rpSA2] = f63, HiFltF65-HiFltF63
|
|
;;
|
|
stf.spill.nta [rpSA1] = f64, HiFltF66-HiFltF64
|
|
stf.spill.nta [rpSA2] = f65, HiFltF67-HiFltF65
|
|
;;
|
|
stf.spill.nta [rpSA1] = f66, HiFltF68-HiFltF66
|
|
stf.spill.nta [rpSA2] = f67, HiFltF69-HiFltF67
|
|
;;
|
|
stf.spill.nta [rpSA1] = f68, HiFltF70-HiFltF68
|
|
stf.spill.nta [rpSA2] = f69, HiFltF71-HiFltF69
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f70, HiFltF72-HiFltF70
|
|
stf.spill.nta [rpSA2] = f71, HiFltF73-HiFltF71
|
|
;;
|
|
stf.spill.nta [rpSA1] = f72, HiFltF74-HiFltF72
|
|
stf.spill.nta [rpSA2] = f73, HiFltF75-HiFltF73
|
|
;;
|
|
stf.spill.nta [rpSA1] = f74, HiFltF76-HiFltF74
|
|
stf.spill.nta [rpSA2] = f75, HiFltF77-HiFltF75
|
|
;;
|
|
stf.spill.nta [rpSA1] = f76, HiFltF78-HiFltF76
|
|
stf.spill.nta [rpSA2] = f77, HiFltF79-HiFltF77
|
|
;;
|
|
stf.spill.nta [rpSA1] = f78, HiFltF80-HiFltF78
|
|
stf.spill.nta [rpSA2] = f79, HiFltF81-HiFltF79
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f80, HiFltF82-HiFltF80
|
|
stf.spill.nta [rpSA2] = f81, HiFltF83-HiFltF81
|
|
;;
|
|
stf.spill.nta [rpSA1] = f82, HiFltF84-HiFltF82
|
|
stf.spill.nta [rpSA2] = f83, HiFltF85-HiFltF83
|
|
;;
|
|
stf.spill.nta [rpSA1] = f84, HiFltF86-HiFltF84
|
|
stf.spill.nta [rpSA2] = f85, HiFltF87-HiFltF85
|
|
;;
|
|
stf.spill.nta [rpSA1] = f86, HiFltF88-HiFltF86
|
|
stf.spill.nta [rpSA2] = f87, HiFltF89-HiFltF87
|
|
;;
|
|
stf.spill.nta [rpSA1] = f88, HiFltF90-HiFltF88
|
|
stf.spill.nta [rpSA2] = f89, HiFltF91-HiFltF89
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f90, HiFltF92-HiFltF90
|
|
stf.spill.nta [rpSA2] = f91, HiFltF93-HiFltF91
|
|
;;
|
|
stf.spill.nta [rpSA1] = f92, HiFltF94-HiFltF92
|
|
stf.spill.nta [rpSA2] = f93, HiFltF95-HiFltF93
|
|
;;
|
|
stf.spill.nta [rpSA1] = f94, HiFltF96-HiFltF94
|
|
stf.spill.nta [rpSA2] = f95, HiFltF97-HiFltF95
|
|
;;
|
|
stf.spill.nta [rpSA1] = f96, HiFltF98-HiFltF96
|
|
stf.spill.nta [rpSA2] = f97, HiFltF99-HiFltF97
|
|
;;
|
|
stf.spill.nta [rpSA1] = f98, HiFltF100-HiFltF98
|
|
stf.spill.nta [rpSA2] = f99, HiFltF101-HiFltF99
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f100, HiFltF102-HiFltF100
|
|
stf.spill.nta [rpSA2] = f101, HiFltF103-HiFltF101
|
|
;;
|
|
stf.spill.nta [rpSA1] = f102, HiFltF104-HiFltF102
|
|
stf.spill.nta [rpSA2] = f103, HiFltF105-HiFltF103
|
|
;;
|
|
stf.spill.nta [rpSA1] = f104, HiFltF106-HiFltF104
|
|
stf.spill.nta [rpSA2] = f105, HiFltF107-HiFltF105
|
|
;;
|
|
stf.spill.nta [rpSA1] = f106, HiFltF108-HiFltF106
|
|
stf.spill.nta [rpSA2] = f107, HiFltF109-HiFltF107
|
|
;;
|
|
stf.spill.nta [rpSA1] = f108, HiFltF110-HiFltF108
|
|
stf.spill.nta [rpSA2] = f109, HiFltF111-HiFltF109
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f110, HiFltF112-HiFltF110
|
|
stf.spill.nta [rpSA2] = f111, HiFltF113-HiFltF111
|
|
;;
|
|
stf.spill.nta [rpSA1] = f112, HiFltF114-HiFltF112
|
|
stf.spill.nta [rpSA2] = f113, HiFltF115-HiFltF113
|
|
;;
|
|
stf.spill.nta [rpSA1] = f114, HiFltF116-HiFltF114
|
|
stf.spill.nta [rpSA2] = f115, HiFltF117-HiFltF115
|
|
;;
|
|
stf.spill.nta [rpSA1] = f116, HiFltF118-HiFltF116
|
|
stf.spill.nta [rpSA2] = f117, HiFltF119-HiFltF117
|
|
;;
|
|
stf.spill.nta [rpSA1] = f118, HiFltF120-HiFltF118
|
|
stf.spill.nta [rpSA2] = f119, HiFltF121-HiFltF119
|
|
;;
|
|
|
|
stf.spill.nta [rpSA1] = f120, HiFltF122-HiFltF120
|
|
stf.spill.nta [rpSA2] = f121, HiFltF123-HiFltF121
|
|
;;
|
|
stf.spill.nta [rpSA1] = f122, HiFltF124-HiFltF122
|
|
stf.spill.nta [rpSA2] = f123, HiFltF125-HiFltF123
|
|
;;
|
|
stf.spill.nta [rpSA1] = f124, HiFltF126-HiFltF124
|
|
stf.spill.nta [rpSA2] = f125, HiFltF127-HiFltF125
|
|
;;
|
|
stf.spill.nta [rpSA1] = f126
|
|
stf.spill.nta [rpSA2] = f127
|
|
|
|
//
|
|
// Set DFH bit so the high floating point set may not be used by the kernel
|
|
// Must clear mfh after fp registers saved
|
|
//
|
|
|
|
Kshfpv20:
|
|
ssm 1 << PSR_DFH
|
|
;;
|
|
rum 1 << PSR_MFH
|
|
(pt3) br.ret.sptk brp
|
|
|
|
LOWER_IRQL(loc2)
|
|
|
|
NESTED_RETURN
|
|
;;
|
|
|
|
LEAF_EXIT(KiSaveHigherFPVolatile)
|
|
|
|
//++
|
|
//--------------------------------------------------------------------
|
|
// Routine:
|
|
//
|
|
// KiRestoreHigherFPVolatile()
|
|
//
|
|
// Description:
|
|
//
|
|
// Restore higher FP volatile context from higher FP save area
|
|
//
|
|
// N.B. This function is carefully constructed to use only scratch
|
|
// registers rHpT1, rHpT3, and rTH2. This function may be
|
|
// called by C code and the disabled fp vector when user
|
|
// and kernel bank is used respectively.
|
|
// N.B. Caller must ensure higher fp enabled (psr.dfh=0)
|
|
// N.B. Caller must ensure no interrupt during restore
|
|
//
|
|
// Input:
|
|
//
|
|
// None.
|
|
//
|
|
// Output:
|
|
//
|
|
// None
|
|
//
|
|
// Return value:
|
|
//
|
|
// None
|
|
//
|
|
//--------------------------------------------------------------------
|
|
|
|
LEAF_ENTRY(KiRestoreHigherFPVolatile)
|
|
|
|
movl rHpT1 = KiPcr+PcCurrentThread
|
|
;;
|
|
|
|
ld8 rHpT3 = [rHpT1], PcHighFpOwner-PcCurrentThread
|
|
;;
|
|
st8 [rHpT1] = rHpT3, PcNumber-PcHighFpOwner
|
|
add rHpT3 = ThNumber, rHpT3
|
|
;;
|
|
|
|
ld1 rHpT1 = [rHpT1] // load processor #
|
|
;;
|
|
st1 [rHpT3] = rHpT1 // save it in Thread->Number
|
|
add rHpT3 = ThStackBase-ThNumber, rHpT3
|
|
;;
|
|
|
|
ld8 rHpT3 = [rHpT3] // load kernel stack base
|
|
;;
|
|
|
|
add rHpT1 = -ThreadStateSaveAreaLength+TsHigherFPVolatile+HiFltF32, rHpT3
|
|
add rHpT3 = -ThreadStateSaveAreaLength+TsHigherFPVolatile+HiFltF33, rHpT3
|
|
;;
|
|
|
|
ldf.fill.nta f32 = [rHpT1], HiFltF34-HiFltF32
|
|
ldf.fill.nta f33 = [rHpT3], HiFltF35-HiFltF33
|
|
;;
|
|
|
|
ldf.fill.nta f34 = [rHpT1], HiFltF36-HiFltF34
|
|
ldf.fill.nta f35 = [rHpT3], HiFltF37-HiFltF35
|
|
;;
|
|
ldf.fill.nta f36 = [rHpT1], HiFltF38-HiFltF36
|
|
ldf.fill.nta f37 = [rHpT3], HiFltF39-HiFltF37
|
|
;;
|
|
ldf.fill.nta f38 = [rHpT1], HiFltF40-HiFltF38
|
|
ldf.fill.nta f39 = [rHpT3], HiFltF41-HiFltF39
|
|
;;
|
|
|
|
ldf.fill.nta f40 = [rHpT1], HiFltF42-HiFltF40
|
|
ldf.fill.nta f41 = [rHpT3], HiFltF43-HiFltF41
|
|
;;
|
|
ldf.fill.nta f42 = [rHpT1], HiFltF44-HiFltF42
|
|
ldf.fill.nta f43 = [rHpT3], HiFltF45-HiFltF43
|
|
;;
|
|
ldf.fill.nta f44 = [rHpT1], HiFltF46-HiFltF44
|
|
ldf.fill.nta f45 = [rHpT3], HiFltF47-HiFltF45
|
|
;;
|
|
ldf.fill.nta f46 = [rHpT1], HiFltF48-HiFltF46
|
|
ldf.fill.nta f47 = [rHpT3], HiFltF49-HiFltF47
|
|
;;
|
|
ldf.fill.nta f48 = [rHpT1], HiFltF50-HiFltF48
|
|
ldf.fill.nta f49 = [rHpT3], HiFltF51-HiFltF49
|
|
;;
|
|
|
|
ldf.fill.nta f50 = [rHpT1], HiFltF52-HiFltF50
|
|
ldf.fill.nta f51 = [rHpT3], HiFltF53-HiFltF51
|
|
;;
|
|
ldf.fill.nta f52 = [rHpT1], HiFltF54-HiFltF52
|
|
ldf.fill.nta f53 = [rHpT3], HiFltF55-HiFltF53
|
|
;;
|
|
ldf.fill.nta f54 = [rHpT1], HiFltF56-HiFltF54
|
|
ldf.fill.nta f55 = [rHpT3], HiFltF57-HiFltF55
|
|
;;
|
|
ldf.fill.nta f56 = [rHpT1], HiFltF58-HiFltF56
|
|
ldf.fill.nta f57 = [rHpT3], HiFltF59-HiFltF57
|
|
;;
|
|
ldf.fill.nta f58 = [rHpT1], HiFltF60-HiFltF58
|
|
ldf.fill.nta f59 = [rHpT3], HiFltF61-HiFltF59
|
|
;;
|
|
|
|
ldf.fill.nta f60 = [rHpT1], HiFltF62-HiFltF60
|
|
ldf.fill.nta f61 = [rHpT3], HiFltF63-HiFltF61
|
|
;;
|
|
ldf.fill.nta f62 = [rHpT1], HiFltF64-HiFltF62
|
|
ldf.fill.nta f63 = [rHpT3], HiFltF65-HiFltF63
|
|
;;
|
|
ldf.fill.nta f64 = [rHpT1], HiFltF66-HiFltF64
|
|
ldf.fill.nta f65 = [rHpT3], HiFltF67-HiFltF65
|
|
;;
|
|
ldf.fill.nta f66 = [rHpT1], HiFltF68-HiFltF66
|
|
ldf.fill.nta f67 = [rHpT3], HiFltF69-HiFltF67
|
|
;;
|
|
ldf.fill.nta f68 = [rHpT1], HiFltF70-HiFltF68
|
|
ldf.fill.nta f69 = [rHpT3], HiFltF71-HiFltF69
|
|
;;
|
|
|
|
ldf.fill.nta f70 = [rHpT1], HiFltF72-HiFltF70
|
|
ldf.fill.nta f71 = [rHpT3], HiFltF73-HiFltF71
|
|
;;
|
|
ldf.fill.nta f72 = [rHpT1], HiFltF74-HiFltF72
|
|
ldf.fill.nta f73 = [rHpT3], HiFltF75-HiFltF73
|
|
;;
|
|
ldf.fill.nta f74 = [rHpT1], HiFltF76-HiFltF74
|
|
ldf.fill.nta f75 = [rHpT3], HiFltF77-HiFltF75
|
|
;;
|
|
ldf.fill.nta f76 = [rHpT1], HiFltF78-HiFltF76
|
|
ldf.fill.nta f77 = [rHpT3], HiFltF79-HiFltF77
|
|
;;
|
|
ldf.fill.nta f78 = [rHpT1], HiFltF80-HiFltF78
|
|
ldf.fill.nta f79 = [rHpT3], HiFltF81-HiFltF79
|
|
;;
|
|
|
|
ldf.fill.nta f80 = [rHpT1], HiFltF82-HiFltF80
|
|
ldf.fill.nta f81 = [rHpT3], HiFltF83-HiFltF81
|
|
;;
|
|
ldf.fill.nta f82 = [rHpT1], HiFltF84-HiFltF82
|
|
ldf.fill.nta f83 = [rHpT3], HiFltF85-HiFltF83
|
|
;;
|
|
ldf.fill.nta f84 = [rHpT1], HiFltF86-HiFltF84
|
|
ldf.fill.nta f85 = [rHpT3], HiFltF87-HiFltF85
|
|
;;
|
|
ldf.fill.nta f86 = [rHpT1], HiFltF88-HiFltF86
|
|
ldf.fill.nta f87 = [rHpT3], HiFltF89-HiFltF87
|
|
;;
|
|
ldf.fill.nta f88 = [rHpT1], HiFltF90-HiFltF88
|
|
ldf.fill.nta f89 = [rHpT3], HiFltF91-HiFltF89
|
|
;;
|
|
|
|
ldf.fill.nta f90 = [rHpT1], HiFltF92-HiFltF90
|
|
ldf.fill.nta f91 = [rHpT3], HiFltF93-HiFltF91
|
|
;;
|
|
ldf.fill.nta f92 = [rHpT1], HiFltF94-HiFltF92
|
|
ldf.fill.nta f93 = [rHpT3], HiFltF95-HiFltF93
|
|
;;
|
|
ldf.fill.nta f94 = [rHpT1], HiFltF96-HiFltF94
|
|
ldf.fill.nta f95 = [rHpT3], HiFltF97-HiFltF95
|
|
;;
|
|
ldf.fill.nta f96 = [rHpT1], HiFltF98-HiFltF96
|
|
ldf.fill.nta f97 = [rHpT3], HiFltF99-HiFltF97
|
|
;;
|
|
ldf.fill.nta f98 = [rHpT1], HiFltF100-HiFltF98
|
|
ldf.fill.nta f99 = [rHpT3], HiFltF101-HiFltF99
|
|
;;
|
|
|
|
ldf.fill.nta f100 = [rHpT1], HiFltF102-HiFltF100
|
|
ldf.fill.nta f101 = [rHpT3], HiFltF103-HiFltF101
|
|
;;
|
|
ldf.fill.nta f102 = [rHpT1], HiFltF104-HiFltF102
|
|
ldf.fill.nta f103 = [rHpT3], HiFltF105-HiFltF103
|
|
;;
|
|
ldf.fill.nta f104 = [rHpT1], HiFltF106-HiFltF104
|
|
ldf.fill.nta f105 = [rHpT3], HiFltF107-HiFltF105
|
|
;;
|
|
ldf.fill.nta f106 = [rHpT1], HiFltF108-HiFltF106
|
|
ldf.fill.nta f107 = [rHpT3], HiFltF109-HiFltF107
|
|
;;
|
|
ldf.fill.nta f108 = [rHpT1], HiFltF110-HiFltF108
|
|
ldf.fill.nta f109 = [rHpT3], HiFltF111-HiFltF109
|
|
;;
|
|
|
|
ldf.fill.nta f110 = [rHpT1], HiFltF112-HiFltF110
|
|
ldf.fill.nta f111 = [rHpT3], HiFltF113-HiFltF111
|
|
;;
|
|
ldf.fill.nta f112 = [rHpT1], HiFltF114-HiFltF112
|
|
ldf.fill.nta f113 = [rHpT3], HiFltF115-HiFltF113
|
|
;;
|
|
ldf.fill.nta f114 = [rHpT1], HiFltF116-HiFltF114
|
|
ldf.fill.nta f115 = [rHpT3], HiFltF117-HiFltF115
|
|
;;
|
|
ldf.fill.nta f116 = [rHpT1], HiFltF118-HiFltF116
|
|
ldf.fill.nta f117 = [rHpT3], HiFltF119-HiFltF117
|
|
;;
|
|
ldf.fill.nta f118 = [rHpT1], HiFltF120-HiFltF118
|
|
ldf.fill.nta f119 = [rHpT3], HiFltF121-HiFltF119
|
|
;;
|
|
|
|
ldf.fill.nta f120 = [rHpT1], HiFltF122-HiFltF120
|
|
ldf.fill.nta f121 = [rHpT3], HiFltF123-HiFltF121
|
|
;;
|
|
ldf.fill.nta f122 = [rHpT1], HiFltF124-HiFltF122
|
|
ldf.fill.nta f123 = [rHpT3], HiFltF125-HiFltF123
|
|
;;
|
|
ldf.fill.nta f124 = [rHpT1], HiFltF126-HiFltF124
|
|
ldf.fill.nta f125 = [rHpT3], HiFltF127-HiFltF125
|
|
;;
|
|
ldf.fill.nta f126 = [rHpT1]
|
|
ldf.fill.nta f127 = [rHpT3]
|
|
;;
|
|
|
|
rsm 1 << PSR_MFH // clear psr.mfh bit
|
|
br.ret.sptk brp
|
|
;;
|
|
|
|
LEAF_EXIT(KiRestoreHigherFPVolatile)
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiPageTableFault
|
|
//
|
|
// Description:
|
|
//
|
|
// Branched from Inst/DataTlbVector
|
|
// Inserts a missing PDE translation for VHPT mapping
|
|
// If PageNotPresent-bit of PDE is not set,
|
|
// branchs out to KiPdeNotPresentFault
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : offending virtual address
|
|
// riha (h25) : a offending PTE address
|
|
// rpr: (h26) : saved predicate
|
|
//
|
|
// Handle:
|
|
//
|
|
// Extracts the PDE index from riha (PTE address in VHPT) and
|
|
// generates a PDE address by adding to VHPT_DIRBASE. When accesses
|
|
// a page directory entry (PDE), there might be a TLB miss on the
|
|
// page directory table and returns a NaT on ld8.s. If so, branches
|
|
// to KiPageDirectoryTableFault. If the page-not-present bit of the
|
|
// PDE is not set, branches to KiPageNotPresentFault. Otherwise,
|
|
// inserts the PDE entry into the data TC (translation cache).
|
|
//
|
|
// Notes:
|
|
//
|
|
//
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiPageTableFault)
|
|
|
|
rva = h24
|
|
riha = h25
|
|
rpr = h26
|
|
rpPde = h27
|
|
rPde = h28
|
|
rPde2 = h29
|
|
rps = h30
|
|
|
|
thash rpPde = riha // M
|
|
cmp.ne pt1 = r0, r0
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
;;
|
|
|
|
mov cr.itir = rps // M
|
|
ld8.s rPde = [rpPde] // M, load PDE
|
|
;;
|
|
|
|
tnat.nz pt0, p0 = rPde // I
|
|
tbit.z.or pt1, p0 = rPde, PTE_ACCESS
|
|
tbit.z.or pt1, p0 = rPde, PTE_VALID // I, if non-present page fault
|
|
|
|
(pt0) br.cond.spnt KiPageDirectoryFault // B, tb miss on PDE access
|
|
(pt1) br.cond.spnt KiPdeNotPresentFault // B, page fault
|
|
;;
|
|
|
|
mov cr.ifa = riha // M
|
|
;;
|
|
itc.d rPde // M
|
|
;;
|
|
|
|
#if !defined(NT_UP)
|
|
ld8.s rPde2 = [rpPde] // M
|
|
cmp.ne pt0 = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pt0, p0 = rPde2, rPde // I, if PTEs are different
|
|
tnat.nz.or pt0, p0 = rPde2 // I
|
|
|
|
;;
|
|
(pt0) ptc.l riha, rps // M, purge it
|
|
|
|
#endif
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
HANDLER_EXIT(KiPageTableFault)
|
|
|
|
|
|
|
|
//++
|
|
//
|
|
// KiPageDirectoryFault
|
|
//
|
|
// Cause:
|
|
//
|
|
// Parameters:
|
|
// rpPde (h28) : pointer to PDE entry
|
|
// rpr (h26) : saved predicate
|
|
//
|
|
//
|
|
// Handle:
|
|
//
|
|
//--
|
|
HANDLER_ENTRY(KiPageDirectoryFault)
|
|
|
|
rva = h24
|
|
rpPpe = h25
|
|
rpr = h26
|
|
rpPde = h27
|
|
rPpe = h28
|
|
rPpe2 = h29
|
|
rps = h30
|
|
|
|
thash rpPpe = rpPde // M
|
|
cmp.ne pt1 = r0, r0
|
|
;;
|
|
|
|
ld8.s rPpe = [rpPpe] // M
|
|
;;
|
|
|
|
tnat.nz pt0, p0 = rPpe // I
|
|
tbit.z.or pt1, p0 = rPpe, PTE_ACCESS
|
|
tbit.z.or pt1, p0 = rPpe, PTE_VALID // I, if non-present page fault
|
|
|
|
(pt0) br.cond.spnt KiPageFault // B
|
|
(pt1) br.cond.spnt KiPdeNotPresentFault // B
|
|
;;
|
|
|
|
mov cr.ifa = rpPde // M, set tva for vhpt translation
|
|
;;
|
|
itc.d rPpe // M
|
|
;;
|
|
|
|
#if !defined(NT_UP)
|
|
ld8.s rPpe2 = [rpPpe] // M
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
cmp.ne pt0 = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pt0, p0 = rPpe2, rPpe // I, if PTEs are different
|
|
tnat.nz.or pt0, p0 = rPpe2 // I
|
|
|
|
;;
|
|
(pt0) ptc.l rpPde, rps // M, purge it
|
|
|
|
#endif
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
|
|
HANDLER_EXIT(KiPageDirectoryFault)
|
|
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiPteNotPresentFault
|
|
//
|
|
// Description:
|
|
//
|
|
// Branched from KiVhptTransVector and KiPageTableFault.
|
|
// Inserts a missing PDE translation for VHPT mapping
|
|
// If no PDE for it, branchs out to KiPageFault
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : offending virtual address
|
|
// rpr (h26) : saved predicate
|
|
// rPde (h28) : PDE entry
|
|
//
|
|
// Handle:
|
|
//
|
|
// Check to see if PDE is marked as LARGE_PAGE. If so,
|
|
// make it valid and install the large page size PTE.
|
|
// If not, branch to KiPageFault.
|
|
//
|
|
//
|
|
// Notes:
|
|
//
|
|
// PCR page mapped with TR
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiPteNotPresentFault)
|
|
|
|
rva = h24 // passed
|
|
riha = h25 // passed
|
|
rpr = h26 // passed
|
|
rps = h27
|
|
|
|
rPfn = h28
|
|
rpAte = h28
|
|
rAte = h29
|
|
rAteEnd = h30
|
|
rAteBase = h31
|
|
rAteMask = h22
|
|
|
|
rK0Base = h31
|
|
rK2Base = h30
|
|
|
|
pIndr = pt1
|
|
|
|
mov rps = PS_4K << PS_SHIFT // M
|
|
movl rK0Base = KSEG0_BASE // L
|
|
;;
|
|
|
|
cmp.geu pt3, p0 = rva, rK0Base // M
|
|
movl rK2Base = KSEG2_BASE // L
|
|
;;
|
|
|
|
(pt3) cmp.ltu pt3, p0 = rva, rK2Base // M
|
|
movl rAteBase = ALT4KB_BASE // L
|
|
;;
|
|
|
|
shr.u rPfn = rva, PAGE4K_SHIFT // I
|
|
(pt3) br.cond.spnt KiKseg0Fault // B
|
|
;;
|
|
|
|
mov rAteMask = ATE_MASK0 // I
|
|
|
|
shladd rpAte = rPfn, PTE_SHIFT, rAteBase // M
|
|
movl rAteEnd = ALT4KB_END // L
|
|
;;
|
|
|
|
ld8.s rAte = [rpAte] // M
|
|
andcm rAteMask = -1, rAteMask // I
|
|
cmp.ltu pIndr = rpAte, rAteEnd // I
|
|
;;
|
|
tnat.z.and pIndr = rAte // I
|
|
tbit.nz.and pIndr = rAte, PTE_VALID // I
|
|
|
|
or rAteMask = rAte, rAteMask // M
|
|
tbit.nz.and pIndr = rAte, PTE_ACCESS // I
|
|
tbit.nz.and pIndr = rAte, ATE_INDIRECT // I
|
|
|
|
|
|
(pIndr) br.cond.spnt KiPteIndirectFault
|
|
;;
|
|
ptc.l rva, rps // M
|
|
|
|
br.sptk KiPageFault // B
|
|
|
|
HANDLER_EXIT(KiPteNotPresentFault)
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiPdeNotPresentFault
|
|
//
|
|
// Description:
|
|
//
|
|
// Branched from KiVhptTransVector and KiPageTableFault.
|
|
// Inserts a missing PDE translation for VHPT mapping
|
|
// If no PDE for it, branchs out to KiPageFault
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : offending virtual address
|
|
// rpr (h26) : saved predicate
|
|
// rPde (h28) : PDE entry
|
|
//
|
|
// Handle:
|
|
//
|
|
// Check to see if PDE is marked as LARGE_PAGE. If so,
|
|
// make it valid and install the large page size PTE.
|
|
// If not, branch to KiPageFault.
|
|
//
|
|
//
|
|
// Notes:
|
|
//
|
|
// PCR page mapped with TR
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiPdeNotPresentFault)
|
|
|
|
br.sptk KiPageFault
|
|
|
|
#if 0
|
|
rva = h24
|
|
rK0Base = h25
|
|
rpr = h26
|
|
rK2Base = h27
|
|
rPde = h28
|
|
ridtr = h29
|
|
rps = h30
|
|
rPte = h25
|
|
|
|
movl rK0Base = KSEG0_BASE
|
|
;;
|
|
|
|
cmp.ltu pt3, pt4 = rva, rK0Base
|
|
movl rK2Base = KSEG2_BASE
|
|
;;
|
|
|
|
(pt4) cmp.geu pt3, p0 = rva, rK2Base
|
|
(pt3) br.cond.spnt KiPageFault
|
|
|
|
mov ridtr = cr.itir
|
|
shr.u rPde = rva, PAGE_SHIFT
|
|
mov rps = 24
|
|
;;
|
|
|
|
movl rPte = VALID_KERNEL_PTE
|
|
dep.z rPde = rPde, PAGE_SHIFT, 28 - PAGE_SHIFT
|
|
dep ridtr = rps, ridtr, PS_SHIFT, PS_LEN
|
|
;;
|
|
|
|
mov cr.itir = ridtr
|
|
or rPde = rPte, rPde
|
|
;;
|
|
|
|
itc.d rPde
|
|
;;
|
|
mov pr = rpr, -1
|
|
rfi;;
|
|
#endif
|
|
|
|
HANDLER_EXIT(KiPdeNotPresentFault)
|
|
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiKseg0Fault
|
|
//
|
|
// Description:
|
|
//
|
|
// TLB miss on KSEG0 space
|
|
//
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : faulting virtual address
|
|
// riha (h25) : IHA address
|
|
// rpr (h26) : saved predicate
|
|
//
|
|
// Process:
|
|
//
|
|
//
|
|
// Notes:
|
|
//
|
|
// PCR page mapped with TR
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiKseg0Fault)
|
|
|
|
rISR = h30
|
|
rva = h24 // passed
|
|
riha = h25 // passed
|
|
rpr = h26 // passed
|
|
rps = h27
|
|
rPte = h29
|
|
rITIR = h28
|
|
rPs = h30
|
|
rPte0 = h31
|
|
|
|
mov rISR = cr.isr // M
|
|
ld8.s rPte = [riha] // M
|
|
cmp.ne pt1 = r0, r0 // I, pt1 = 0
|
|
;;
|
|
|
|
or rPte0 = PTE_VALID_MASK, rPte // M
|
|
tbit.z pt2, pt3 = rISR, ISR_SP // I
|
|
tbit.z.or pt1 = rPte, PTE_LARGE_PAGE // I
|
|
tbit.nz.or pt1 = rPte, PTE_VALID // I
|
|
|
|
tnat.nz pt4 = rPte // I
|
|
(pt4) br.cond.spnt KiPageTableFault // B, tb miss on PTE access
|
|
;;
|
|
|
|
rIPSR = h25
|
|
|
|
mov rIPSR = cr.ipsr // M
|
|
extr rPs = rPte, PTE_PS, PS_LEN // I
|
|
(pt1) br.cond.spnt KiPageFault // B, invalid access
|
|
;;
|
|
dep.z rITIR = rPs, PS_SHIFT, PS_LEN // I
|
|
;;
|
|
(pt2) mov cr.itir = rITIR // M
|
|
dep rIPSR = 1, rIPSR, PSR_ED, 1 // I
|
|
;;
|
|
(pt2) itc.d rPte0 // M
|
|
;;
|
|
(pt3) mov cr.ipsr = rIPSR // M
|
|
;;
|
|
mov pr = rpr, -1 // I
|
|
rfi // B
|
|
;;
|
|
|
|
HANDLER_EXIT(KiKseg0Fault)
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiKseg4Fault
|
|
//
|
|
// Description:
|
|
//
|
|
// TLB miss on KSEG4 space
|
|
//
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : faulting virtual address
|
|
// riha (h25) : IHA address
|
|
// rpr (h26) : saved predicate
|
|
//
|
|
// Process:
|
|
//
|
|
//
|
|
// Notes:
|
|
//
|
|
// PCR page mapped with TR
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiKseg4Fault)
|
|
|
|
rIPSR = h22
|
|
rISR = h23
|
|
rva = h24 // passed
|
|
riha = h25
|
|
rpr = h26 // passed
|
|
rPte = h27
|
|
|
|
mov rISR = cr.isr // M
|
|
movl rPte = VALID_KERNEL_PTE | PTE_NOCACHE // L
|
|
|
|
mov rIPSR = cr.ipsr // M
|
|
shr.u rva = rva, PAGE_SHIFT // I
|
|
;;
|
|
tbit.z pt2, pt3 = rISR, ISR_SP // I
|
|
dep.z rva = rva, PAGE_SHIFT, 32 // I
|
|
;;
|
|
or rPte = rPte, rva // I
|
|
dep rIPSR = 1, rIPSR, PSR_ED, 1 // I
|
|
;;
|
|
|
|
(pt2) itc.d rPte // M
|
|
;;
|
|
(pt3) mov cr.ipsr = rIPSR // M
|
|
;;
|
|
|
|
mov pr = rpr, -1 // I
|
|
rfi // B
|
|
;;
|
|
|
|
HANDLER_EXIT(KiKseg4Fault)
|
|
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiPageFault
|
|
//
|
|
// Description:
|
|
//
|
|
// This must be a genuine page fault. Call KiMemoryFault().
|
|
//
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : offending virtual address
|
|
// rpr (h26) : PDE contents
|
|
//
|
|
// Process:
|
|
//
|
|
// Restores the save predicate (pr), and branches to
|
|
// KiGenericExceptionHandler with the argument KiMemoryFault with
|
|
// macro VECTOR_CALL_HANDLER().
|
|
//
|
|
// Notes:
|
|
//
|
|
// PCR page mapped with TR
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiPageFault)
|
|
|
|
rva = h24
|
|
rpr = h26
|
|
rIPSR = h27
|
|
rISR = h31
|
|
|
|
//
|
|
// check to see if non-present fault occurred on a speculative load.
|
|
// if so, set IPSR.ed bit. This forces to generate a NaT on ld.s after
|
|
// rfi
|
|
//
|
|
|
|
mov rISR = cr.isr // M
|
|
mov rIPSR = cr.ipsr // M
|
|
;;
|
|
|
|
tbit.z pt0, p0 = rISR, ISR_SP // I
|
|
dep rIPSR = 1, rIPSR, PSR_ED, 1 // I
|
|
|
|
(pt0) br.cond.spnt KiCallMemoryFault // B
|
|
;;
|
|
|
|
mov cr.ipsr = rIPSR // M
|
|
;;
|
|
mov pr = rpr, -1 // I
|
|
rfi // B
|
|
;;
|
|
|
|
KiCallMemoryFault:
|
|
|
|
mov pr = rpr, -1 // I
|
|
|
|
VECTOR_CALL_HANDLER(KiGenericExceptionHandler, KiMemoryFault)
|
|
|
|
HANDLER_EXIT(KiPageFault)
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiPteIndirectFault
|
|
//
|
|
// Description:
|
|
//
|
|
// The PTE itself indicates a PteIndirect fault. The target PTE address
|
|
// should be generated by extracting PteOffset from PTE and adding it to
|
|
// PTE_UBASE. The owner field of the target PTE must be 1. Otherwise,
|
|
// Call MmX86Fault().
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : offending virtual address
|
|
// rpr (h26) : PDE contents
|
|
//
|
|
// Process:
|
|
//
|
|
// Restores the save predicate (pr), and branches to
|
|
// KiGenericExceptionHandler with the argument KiMemoryFault with
|
|
// macro VECTOR_CALL_HANDLER().
|
|
//
|
|
// Notes:
|
|
//
|
|
// PCR page mapped with TR
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiPteIndirectFault)
|
|
|
|
rpr = h26 // passed
|
|
rps = h27 // passed
|
|
rpAte = h28 // passed
|
|
rAte = h29 // passed
|
|
rPte = h30
|
|
rPte0 = h31
|
|
rAteMask = h22 // passed
|
|
rVa12 = h23
|
|
|
|
rPteOffset = h23
|
|
rpNewPte = h21
|
|
|
|
rOldIIP = h17 // preserved
|
|
rIA32IIP = h18
|
|
rpVa = h19 // preserved
|
|
rIndex = h20 // preserved
|
|
rpBuffer= h16
|
|
rpPte = h22
|
|
|
|
pBr = pt0
|
|
pPrg = pt3
|
|
pLoop = pt4
|
|
pClear = pt5
|
|
|
|
mov cr.itir = rps // M
|
|
thash rpNewPte = r0 // M
|
|
|
|
mov rIA32IIP = cr.iip // M
|
|
extr.u rPteOffset = rAte, PAGE4K_SHIFT, 32 // I
|
|
|
|
;;
|
|
add rpNewPte = rPteOffset, rpNewPte // M/I
|
|
cmp.eq pLoop, pClear = rIA32IIP, rOldIIP // I
|
|
|
|
;;
|
|
ld8.s rPte = [rpNewPte] // M
|
|
shr rVa12 = rpAte, PTE_SHIFT // I
|
|
;;
|
|
tnat.nz.or pBr = rPte // I
|
|
tbit.z.or pBr = rPte, PTE_VALID // I
|
|
tbit.z.or pBr = rPte, PTE_ACCESS // I
|
|
(pBr) br.cond.spnt KiPageFault
|
|
|
|
;;
|
|
(pClear)mov rIndex = 0 // M
|
|
and rPte0 = rPte, rAteMask // I
|
|
;;
|
|
|
|
//
|
|
// deposit extra PFN bits for 4k page
|
|
//
|
|
dep rPte0 = rVa12, rPte0, PAGE4K_SHIFT, PAGE_SHIFT-PAGE4K_SHIFT // I
|
|
;;
|
|
(pClear)itc.d rPte0 // M
|
|
;;
|
|
|
|
and rIndex = 7, rIndex // A
|
|
movl rpBuffer = KiPcr + PcForwardProgressBuffer // L
|
|
;;
|
|
|
|
shladd rpVa = rIndex, 4, rpBuffer // M
|
|
add rIndex = 1, rIndex // I
|
|
;;
|
|
|
|
st8 [rpVa] = rva // M
|
|
add rpPte = 8, rpVa // I
|
|
;;
|
|
|
|
st8 [rpPte] = rPte0 // M
|
|
mf // M
|
|
|
|
mov rOldIIP = rIA32IIP // I
|
|
|
|
|
|
#if !defined(NT_UP)
|
|
rAte2 = h28
|
|
rPte2 = h31
|
|
|
|
ld8.s rPte2 = [rpNewPte] // M
|
|
ld8.s rAte2 = [rpAte] // M
|
|
cmp.ne pPrg = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pPrg = rPte, rPte2 // I
|
|
tnat.nz.or pPrg = rPte2 // I
|
|
|
|
cmp.ne.or pPrg = rAte, rAte2 // I
|
|
tnat.nz.or pPrg = rAte2 // I
|
|
;;
|
|
|
|
(pPrg) ptc.l rva, rps // M
|
|
(pPrg) st8 [rpPte] = r0 // M
|
|
|
|
#endif
|
|
(pLoop) br.cond.spnt KiFillForwardProgressTb // B
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
HANDLER_EXIT(KiPteIndirectFault)
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// Ki4KDataTlbFault
|
|
//
|
|
// Description:
|
|
//
|
|
// Branched from KiDataTlbVector if PTE.Cache indicates the reserved
|
|
// encoding. Reads the corresponding ATE and creates a 4kb TB on the
|
|
// fly inserts it to the TLB. If a looping condition at IIP is
|
|
// detected, it branches to KiFillForwardProgressTb and insert the TBs
|
|
// from the forward progress TB queue.
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : offending virtual address
|
|
// riha(h25) : IHA address
|
|
// rpr (h26) : PDE contents
|
|
//
|
|
// Notes:
|
|
//
|
|
// --
|
|
|
|
HANDLER_ENTRY(Ki4KDataTlbFault)
|
|
|
|
rva = h24 // passed
|
|
riha = h25 // passed
|
|
rpr = h26 // passed
|
|
rps = h27
|
|
rPfn = h28
|
|
rpAte = h28
|
|
rAte = h29
|
|
rPte = h30
|
|
rAltBase = h31
|
|
rPte0 = h31
|
|
rAteMask = h22
|
|
rVa12 = h23
|
|
|
|
rOldIIP = h17 // preserved
|
|
rIA32IIP = h18
|
|
rpVa = h19
|
|
rIndex = h20 // preserved
|
|
|
|
rpBuffer= h16
|
|
rpPte = h21
|
|
|
|
pBr = pt0
|
|
pIndr = pt1
|
|
pMiss = pt2
|
|
pPrg = pt3
|
|
pLoop = pt4
|
|
pClear = pt5
|
|
pMiss2 = pt6
|
|
|
|
mov rIA32IIP = cr.iip // M
|
|
mov rps = PS_4K << PS_SHIFT // I
|
|
shr.u rPfn = rva, PAGE4K_SHIFT // I
|
|
|
|
cmp.ne pBr = zero, zero // M/I, initialize to 0
|
|
movl rAltBase = ALT4KB_BASE // L
|
|
;;
|
|
|
|
ld8.s rPte = [riha] // M
|
|
shladd rpAte = rPfn, PTE_SHIFT, rAltBase // I
|
|
;;
|
|
|
|
ld8.s rAte = [rpAte] // M
|
|
movl rAteMask = ATE_MASK // L
|
|
;;
|
|
|
|
cmp.eq pLoop, pClear = rIA32IIP, rOldIIP// M
|
|
tnat.nz pMiss = rPte // I
|
|
(pMiss) br.cond.spnt KiPageTableFault // B
|
|
|
|
tnat.nz pMiss2 = rAte // I
|
|
(pMiss2)br.cond.spnt KiAltTableFault // B
|
|
|
|
tbit.z.or pBr = rPte, PTE_VALID // I
|
|
tbit.z.or pBr = rAte, PTE_VALID // I
|
|
tbit.z.or pBr = rAte, PTE_ACCESS // I
|
|
|
|
or rAteMask = rAte, rAteMask // M
|
|
tbit.nz pIndr, p0 = rAte, ATE_INDIRECT // I
|
|
(pBr) br.cond.spnt KiPageFault // B
|
|
|
|
dep rPte0 = 0, rPte, 2, 3 // I, make it WB
|
|
shr rVa12 = rpAte, PTE_SHIFT // I
|
|
(pIndr) br.cond.spnt KiPteIndirectFault // B
|
|
;;
|
|
(pClear)mov rIndex = 0 // M
|
|
mov cr.itir = rps // M
|
|
and rPte0 = rPte0, rAteMask // I
|
|
;;
|
|
//
|
|
// deposit extra PFN bits for 4k page
|
|
//
|
|
|
|
dep rPte0 = rVa12, rPte0, PAGE4K_SHIFT, PAGE_SHIFT-PAGE4K_SHIFT // I
|
|
;;
|
|
|
|
(pClear)itc.d rPte0 // M, install PTE
|
|
;;
|
|
|
|
and rIndex = 7, rIndex // A
|
|
movl rpBuffer = KiPcr + PcForwardProgressBuffer // L
|
|
|
|
;;
|
|
|
|
shladd rpVa = rIndex, 4, rpBuffer // M
|
|
add rIndex = 1, rIndex // I
|
|
;;
|
|
|
|
st8 [rpVa] = rva // M
|
|
add rpPte = 8, rpVa // I
|
|
;;
|
|
|
|
st8 [rpPte] = rPte0 // M
|
|
mf // M
|
|
|
|
mov rOldIIP = rIA32IIP // I
|
|
|
|
#if !defined(NT_UP)
|
|
rps = h27
|
|
rAte2 = h28
|
|
rPte2 = h31
|
|
|
|
ld8.s rPte2 = [riha] // M
|
|
ld8.s rAte2 = [rpAte] // M
|
|
cmp.ne pPrg = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pPrg = rPte, rPte2 // M
|
|
tnat.nz.or pPrg = rPte2 // I
|
|
|
|
cmp.ne.or pPrg = rAte, rAte2 // M
|
|
tnat.nz.or pPrg = rAte2 // I
|
|
;;
|
|
|
|
(pPrg) ptc.l rva, rps // M
|
|
(pPrg) st8 [rpPte] = r0 // M
|
|
#endif
|
|
(pLoop) br.cond.spnt KiFillForwardProgressTb // B
|
|
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
HANDLER_EXIT(Ki4KDataTlbFault)
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// Ki4KInstTlbFault
|
|
//
|
|
// Description:
|
|
//
|
|
// Branched from KiInstTlbVector if PTE.Cache indicates the reserved
|
|
// encoding. Reads the corresponding ATE and creates a 4kb TB on the
|
|
// fly inserts it to the TLB.
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : offending virtual address
|
|
// riha(h25) : IHA address
|
|
// rpr (h26) : PDE contents
|
|
//
|
|
// Notes:
|
|
//
|
|
// --
|
|
|
|
HANDLER_ENTRY(Ki4KInstTlbFault)
|
|
|
|
rva = h24 // passed
|
|
riha = h25 // passed
|
|
rpr = h26 // passed
|
|
rps = h27
|
|
rPfn = h28
|
|
rpAte = h28
|
|
rAte = h29
|
|
rPte = h30
|
|
rAltBase = h31
|
|
rPte0 = h31
|
|
rAteMask = h22
|
|
rVa12 = h23
|
|
|
|
pBr = pt0
|
|
pIndr = pt1
|
|
pMiss = pt2
|
|
pPrg = pt3
|
|
pMiss2 = pt6
|
|
|
|
|
|
mov rps = PS_4K << PS_SHIFT // M
|
|
movl rAltBase = ALT4KB_BASE // L
|
|
shr.u rPfn = rva, PAGE4K_SHIFT // I
|
|
;;
|
|
|
|
ld8.s rPte = [riha] // M
|
|
cmp.ne pBr = zero, zero // M/I, initialize to 0
|
|
shladd rpAte = rPfn, PTE_SHIFT, rAltBase // I
|
|
;;
|
|
|
|
ld8.s rAte = [rpAte] // M
|
|
movl rAteMask = ATE_MASK // L
|
|
;;
|
|
|
|
tnat.nz pMiss = rPte // I
|
|
(pMiss) br.cond.spnt KiPageTableFault // B
|
|
|
|
tnat.nz pMiss2 = rAte // I
|
|
(pMiss2)br.cond.spnt KiAltTableFault // B
|
|
|
|
tbit.z.or pBr = rPte, PTE_VALID // I
|
|
tbit.z.or pBr = rAte, PTE_VALID // I
|
|
tbit.z.or pBr = rAte, PTE_ACCESS // I
|
|
|
|
or rAteMask = rAte, rAteMask // M
|
|
tbit.nz pIndr, p0 = rAte, ATE_INDIRECT // I
|
|
(pBr) br.cond.spnt KiPageFault // B
|
|
|
|
dep rPte0 = 0, rPte, 2, 3 // I, make it WB
|
|
shr rVa12 = rpAte, PTE_SHIFT // I
|
|
(pIndr) br.cond.spnt KiPteIndirectFault // B
|
|
;;
|
|
mov cr.itir = rps // M
|
|
and rPte0 = rPte0, rAteMask // I
|
|
;;
|
|
//
|
|
// deposit extra PFN bits for 4k page
|
|
//
|
|
|
|
dep rPte0 = rVa12, rPte0, PAGE4K_SHIFT, PAGE_SHIFT-PAGE4K_SHIFT // I
|
|
;;
|
|
|
|
itc.i rPte0 // M, install PTE
|
|
;;
|
|
|
|
#if !defined(NT_UP)
|
|
rps = h27
|
|
rAte2 = h28
|
|
rPte2 = h31
|
|
|
|
ld8.s rPte2 = [riha] // M
|
|
ld8.s rAte2 = [rpAte] // M
|
|
cmp.ne pPrg = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pPrg = rPte, rPte2 // M
|
|
tnat.nz.or pPrg = rPte2 // I
|
|
|
|
cmp.ne.or pPrg = rAte, rAte2 // M
|
|
tnat.nz.or pPrg = rAte2 // I
|
|
;;
|
|
|
|
(pPrg) ptc.l rva, rps // M
|
|
|
|
#endif
|
|
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
HANDLER_EXIT(Ki4KInstTlbFault)
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiAltTableFault
|
|
//
|
|
// Description:
|
|
//
|
|
// Branched from Inst/DataAccessBitVector
|
|
// Inserts a missing PTE translation for the alt table.
|
|
//
|
|
// On entry:
|
|
//
|
|
// rva (h24) : offending virtual address
|
|
// riha (h25) : a offending PTE address
|
|
// rpr: (h26) : saved predicate
|
|
//
|
|
// Handle:
|
|
//
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiAltTableFault)
|
|
|
|
rpAte = h28 // passed
|
|
|
|
rva = h24
|
|
riha = h25
|
|
rpr = h26 // passed
|
|
rPte = h27
|
|
rPte2 = h28
|
|
rps = h29
|
|
|
|
thash riha = rpAte // M
|
|
cmp.ne pt1 = r0, r0
|
|
mov rva = rpAte // I
|
|
;;
|
|
|
|
ld8.s rPte = [riha] // M
|
|
;;
|
|
|
|
tnat.nz pt0, p0 = rPte // I
|
|
tbit.z.or pt1, p0 = rPte, PTE_ACCESS
|
|
tbit.z.or pt1, p0 = rPte, PTE_VALID // I, if non-present page fault
|
|
|
|
(pt0) br.cond.spnt KiPageTableFault // B
|
|
(pt1) br.cond.spnt KiPteNotPresentFault // B
|
|
;;
|
|
|
|
mov cr.ifa = rva
|
|
;;
|
|
itc.d rPte // M
|
|
;;
|
|
|
|
#if !defined(NT_UP)
|
|
ld8.s rPte2 = [riha] // M
|
|
mov rps = PAGE_SHIFT << PS_SHIFT // I
|
|
cmp.ne pt0 = zero, zero // I
|
|
;;
|
|
|
|
cmp.ne.or pt0 = rPte2, rPte // M
|
|
tnat.nz.or pt0 = rPte2 // I
|
|
;;
|
|
|
|
(pt0) ptc.l rva, rps // M
|
|
#endif
|
|
mov pr = rpr, -1 // I
|
|
rfi;; // B
|
|
|
|
HANDLER_EXIT(KiAltTableFault)
|
|
|
|
|
|
//
|
|
// ++
|
|
//
|
|
// Routine:
|
|
//
|
|
// KiFillForwardProgressTb
|
|
//
|
|
// Description:
|
|
//
|
|
// Fill TB from TLB forward progress buffer.
|
|
//
|
|
// On entry:
|
|
//
|
|
// rpBuffer (h16) : forward progress buffer address
|
|
// rpr: (h26) : saved predicate
|
|
//
|
|
// Handle:
|
|
//
|
|
// --
|
|
|
|
HANDLER_ENTRY(KiFillForwardProgressTb)
|
|
|
|
rLc = h29
|
|
rT0 = h28
|
|
rps = h27
|
|
rpr = h26
|
|
rVa = h22
|
|
rPte = h21
|
|
rpVa = h19
|
|
rpPte = h17
|
|
rpBuffer= h16
|
|
|
|
mov rpVa = rpBuffer // A
|
|
mov.i rLc = ar.lc // I
|
|
mov rT0 = NUMBER_OF_FWP_ENTRIES - 1 //
|
|
;;
|
|
add rpPte = 8, rpBuffer // A
|
|
mov.i ar.lc = rT0 // I
|
|
;;
|
|
|
|
fpb_loop:
|
|
|
|
//
|
|
// use ALAT to see if somebody modify the PTE entry
|
|
//
|
|
|
|
ld8 rVa = [rpVa], 16 // M
|
|
ld8.a rPte = [rpPte] // M
|
|
;;
|
|
|
|
mov cr.ifa = rVa // M
|
|
cmp.ne pt0, pt1 = rPte, r0 // I
|
|
;;
|
|
|
|
(pt0) itc.d rPte // M
|
|
;;
|
|
(pt0) ld8.c.clr rPte = [rpPte] // M
|
|
add rpPte = 16, rpPte // I
|
|
;;
|
|
(pt1) invala.e rPte // M, invalidate ALAT entry
|
|
(pt0) cmp.eq.and pt0 = rPte, r0 // I
|
|
;;
|
|
(pt0) ptc.l rVa, rps // M
|
|
br.cloop.dptk.many fpb_loop;; // B
|
|
|
|
mov.i ar.lc = rLc
|
|
|
|
mov pr = rpr, -1 // I
|
|
rfi // B
|
|
;;
|
|
|
|
HANDLER_EXIT(KiFillForwardProgressTb)
|
|
|
|
|
|
//++
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// This routine begins the common code for raising an exception.
|
|
// The routine saves the non-volatile state and dispatches to the
|
|
// next level exception dispatcher.
|
|
//
|
|
// Arguments:
|
|
//
|
|
// a0 - pointer to trap frame
|
|
// a1 - previous mode
|
|
//
|
|
// Return Value:
|
|
//
|
|
// None.
|
|
//
|
|
//--
|
|
|
|
NESTED_ENTRY(KiExceptionDispatch)
|
|
|
|
//
|
|
// Build exception frame
|
|
//
|
|
|
|
.regstk 2, 3, 5, 0
|
|
.prologue 0xA, loc0
|
|
alloc t16 = ar.pfs, 2, 3, 5, 0
|
|
mov loc0 = sp
|
|
cmp4.eq pt0 = UserMode, a1 // previous mode is user?
|
|
|
|
mov loc1 = brp
|
|
.fframe ExceptionFrameLength
|
|
add sp = -ExceptionFrameLength, sp
|
|
;;
|
|
|
|
.save ar.unat, loc2
|
|
mov loc2 = ar.unat
|
|
add t0 = ExFltS19+STACK_SCRATCH_AREA, sp
|
|
add t1 = ExFltS18+STACK_SCRATCH_AREA, sp
|
|
;;
|
|
|
|
.save.gf 0x0, 0xC0000
|
|
stf.spill [t0] = fs19, ExFltS17-ExFltS19
|
|
stf.spill [t1] = fs18, ExFltS16-ExFltS18
|
|
;;
|
|
|
|
.save.gf 0x0, 0x30000
|
|
stf.spill [t0] = fs17, ExFltS15-ExFltS17
|
|
stf.spill [t1] = fs16, ExFltS14-ExFltS16
|
|
mov t10 = bs4
|
|
;;
|
|
|
|
.save.gf 0x0, 0xC000
|
|
stf.spill [t0] = fs15, ExFltS13-ExFltS15
|
|
stf.spill [t1] = fs14, ExFltS12-ExFltS14
|
|
mov t11 = bs3
|
|
;;
|
|
|
|
.save.gf 0x0, 0x3000
|
|
stf.spill [t0] = fs13, ExFltS11-ExFltS13
|
|
stf.spill [t1] = fs12, ExFltS10-ExFltS12
|
|
mov t12 = bs2
|
|
;;
|
|
|
|
.save.gf 0x0, 0xC00
|
|
stf.spill [t0] = fs11, ExFltS9-ExFltS11
|
|
stf.spill [t1] = fs10, ExFltS8-ExFltS10
|
|
mov t13 = bs1
|
|
;;
|
|
|
|
.save.gf 0x0, 0x300
|
|
stf.spill [t0] = fs9, ExFltS7-ExFltS9
|
|
stf.spill [t1] = fs8, ExFltS6-ExFltS8
|
|
mov t14 = bs0
|
|
;;
|
|
|
|
.save.gf 0x0, 0xC0
|
|
stf.spill [t0] = fs7, ExFltS5-ExFltS7
|
|
stf.spill [t1] = fs6, ExFltS4-ExFltS6
|
|
mov t15 = ar.lc
|
|
;;
|
|
|
|
.save.gf 0x0, 0x30
|
|
stf.spill [t0] = fs5, ExFltS3-ExFltS5
|
|
stf.spill [t1] = fs4, ExFltS2-ExFltS4
|
|
;;
|
|
|
|
.save.f 0xC
|
|
stf.spill [t0] = fs3, ExFltS1-ExFltS3 // save fs3
|
|
stf.spill [t1] = fs2, ExFltS0-ExFltS2 // save fs2
|
|
;;
|
|
|
|
.save.f 0x3
|
|
stf.spill [t0] = fs1, ExBrS4-ExFltS1 // save fs1
|
|
stf.spill [t1] = fs0, ExBrS3-ExFltS0 // save fs0
|
|
;;
|
|
|
|
.save.b 0x18
|
|
st8 [t0] = t10, ExBrS2-ExBrS4 // save bs4
|
|
st8 [t1] = t11, ExBrS1-ExBrS3 // save bs3
|
|
;;
|
|
|
|
.save.b 0x6
|
|
st8 [t0] = t12, ExBrS0-ExBrS2 // save bs2
|
|
st8 [t1] = t13, ExIntS2-ExBrS1 // save bs1
|
|
;;
|
|
|
|
.save.b 0x1
|
|
st8 [t0] = t14, ExIntS3-ExBrS0 // save bs0
|
|
movl out0 = KiPcr+PcCurrentThread
|
|
;;
|
|
|
|
.save.gf 0xC, 0x0
|
|
.mem.offset 0,0
|
|
st8.spill [t0] = s3, ExIntS1-ExIntS3 // save s3
|
|
.mem.offset 8,0
|
|
st8.spill [t1] = s2, ExIntS0-ExIntS2 // save s2
|
|
;;
|
|
|
|
.save.gf 0x3, 0x0
|
|
.mem.offset 0,0
|
|
st8.spill [t0] = s1, ExApLC-ExIntS1 // save s1
|
|
.mem.offset 8,0
|
|
st8.spill [t1] = s0, ExApEC-ExIntS0 // save s0
|
|
;;
|
|
|
|
.savepsp ar.pfs, ExceptionFrameLength-ExApEC-STACK_SCRATCH_AREA
|
|
st8 [t1] = t16, ExIntNats-ExApEC
|
|
mov t4 = ar.unat // captured Nats of s0-s3
|
|
;;
|
|
|
|
(pt0) ld8 out0 = [out0]
|
|
;;
|
|
(pt0) add out0 = ThStackBase, out0
|
|
|
|
.savepsp ar.lc, ExceptionFrameLength-ExApLC-STACK_SCRATCH_AREA
|
|
st8 [t0] = t15
|
|
.savepsp @priunat, ExceptionFrameLength-ExIntNats-STACK_SCRATCH_AREA
|
|
st8 [t1] = t4 // save Nats of s0-s3
|
|
;;
|
|
|
|
|
|
PROLOGUE_END
|
|
|
|
(pt0) ld8 out0 = [out0]
|
|
;;
|
|
(pt0) add out0 = -ThreadStateSaveAreaLength+TsHigherFPVolatile, out0
|
|
(pt0) br.call.sptk brp = KiSaveHigherFPVolatile
|
|
;;
|
|
|
|
add out0 = TrExceptionRecord, a0 // -> exception record
|
|
add out1 = STACK_SCRATCH_AREA, sp // -> exception frame
|
|
mov out2 = a0 // -> trap frame
|
|
|
|
mov out3 = a1 // previous mode
|
|
mov out4 = 1 // first chance
|
|
br.call.sptk.many brp = KiDispatchException
|
|
;;
|
|
|
|
add t1 = ExApEC+STACK_SCRATCH_AREA, sp
|
|
movl t0 = KiExceptionExit
|
|
;;
|
|
|
|
//
|
|
// Interrupts must be disabled before calling KiExceptionExit
|
|
// because the unwind code cannot unwind from that point.
|
|
//
|
|
|
|
FAST_DISABLE_INTERRUPTS
|
|
ld8 t1 = [t1]
|
|
mov brp = t0
|
|
;;
|
|
|
|
mov ar.unat = loc2
|
|
mov ar.pfs = t1
|
|
|
|
add s1 = STACK_SCRATCH_AREA, sp // s1 -> exception frame
|
|
mov s0 = a0 // s0 -> trap frame
|
|
br.ret.sptk brp
|
|
;;
|
|
|
|
NESTED_EXIT(KiExceptionDispatch)
|
|
|
|
|
|
//++
|
|
//
|
|
// BOOLEAN
|
|
// KeInvalidAccessAllowed (
|
|
// IN PVOID TrapInformation
|
|
// )
|
|
//
|
|
// Routine Description:
|
|
//
|
|
// Mm will pass a pointer to a trap frame prior to issuing a bug check on
|
|
// a pagefault. This routine lets Mm know if it is ok to bugcheck. The
|
|
// specific case we must protect are the interlocked pop sequences which can
|
|
// blindly access memory that may have been freed and/or reused prior to the
|
|
// access. We don't want to bugcheck the system in these cases, so we check
|
|
// the instruction pointer here.
|
|
//
|
|
// Arguments:
|
|
//
|
|
// TrapFrame (a0) - Supplies a trap frame pointer. NULL means return False.
|
|
//
|
|
// Return Value:
|
|
//
|
|
// True if the invalid access should be ignored.
|
|
// False which will usually trigger a bugcheck.
|
|
//
|
|
//--
|
|
|
|
LEAF_ENTRY(KeInvalidAccessAllowed)
|
|
|
|
.regstk 1, 0, 0, 0
|
|
|
|
cmp.eq pt0 = 0, a0
|
|
movl t1 = ExpInterlockedPopEntrySListFault
|
|
|
|
add t0 = TrStIIP, a0
|
|
mov v0 = zero // assume access not allowed
|
|
(pt0) br.ret.spnt brp
|
|
;;
|
|
|
|
ld8 t0 = [t0]
|
|
;;
|
|
cmp.eq pt2 = t0, t1
|
|
;;
|
|
|
|
nop.m 0
|
|
(pt2) mov v0 = 1
|
|
br.ret.sptk brp
|
|
|
|
LEAF_EXIT(KeInvalidAccessAllowed)
|