fault.c 17.8 KB
Newer Older
Linus Torvalds's avatar
Linus Torvalds committed
1
2
3
4
5
6
7
8
9
10
11
12
13
/*
 *  linux/arch/arm/mm/fault.c
 *
 *  Copyright (C) 1995  Linus Torvalds
 *  Modifications for ARM processor (c) 1995-2004 Russell King
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 */
#include <linux/module.h>
#include <linux/signal.h>
#include <linux/mm.h>
14
#include <linux/hardirq.h>
Linus Torvalds's avatar
Linus Torvalds committed
15
#include <linux/init.h>
16
#include <linux/kprobes.h>
17
#include <linux/uaccess.h>
18
#include <linux/page-flags.h>
19
#include <linux/sched.h>
Russell King's avatar
Russell King committed
20
#include <linux/highmem.h>
21
#include <linux/perf_event.h>
Linus Torvalds's avatar
Linus Torvalds committed
22

23
#include <asm/exception.h>
Linus Torvalds's avatar
Linus Torvalds committed
24
25
26
27
28
29
#include <asm/system.h>
#include <asm/pgtable.h>
#include <asm/tlbflush.h>

#include "fault.h"

30
/*
31
 * Fault status register encodings.  We steal bit 31 for our own purposes.
32
 */
33
#define FSR_LNX_PF		(1 << 31)
34
35
36
37
38
39
40
41
42
#define FSR_WRITE		(1 << 11)
#define FSR_FS4			(1 << 10)
#define FSR_FS3_0		(15)

static inline int fsr_fs(unsigned int fsr)
{
	return (fsr & FSR_FS3_0) | (fsr & FSR_FS4) >> 6;
}

43
#ifdef CONFIG_MMU
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

#ifdef CONFIG_KPROBES
static inline int notify_page_fault(struct pt_regs *regs, unsigned int fsr)
{
	int ret = 0;

	if (!user_mode(regs)) {
		/* kprobe_running() needs smp_processor_id() */
		preempt_disable();
		if (kprobe_running() && kprobe_fault_handler(regs, fsr))
			ret = 1;
		preempt_enable();
	}

	return ret;
}
#else
static inline int notify_page_fault(struct pt_regs *regs, unsigned int fsr)
{
	return 0;
}
#endif

Linus Torvalds's avatar
Linus Torvalds committed
67
68
69
70
71
72
73
74
75
76
77
78
79
/*
 * This is useful to dump out the page tables associated with
 * 'addr' in mm 'mm'.
 */
void show_pte(struct mm_struct *mm, unsigned long addr)
{
	pgd_t *pgd;

	if (!mm)
		mm = &init_mm;

	printk(KERN_ALERT "pgd = %p\n", mm->pgd);
	pgd = pgd_offset(mm, addr);
80
81
	printk(KERN_ALERT "[%08lx] *pgd=%08llx",
			addr, (long long)pgd_val(*pgd));
Linus Torvalds's avatar
Linus Torvalds committed
82
83

	do {
84
		pud_t *pud;
Linus Torvalds's avatar
Linus Torvalds committed
85
86
87
88
89
90
91
92
93
94
95
		pmd_t *pmd;
		pte_t *pte;

		if (pgd_none(*pgd))
			break;

		if (pgd_bad(*pgd)) {
			printk("(bad)");
			break;
		}

96
97
		pud = pud_offset(pgd, addr);
		if (PTRS_PER_PUD != 1)
98
			printk(", *pud=%08llx", (long long)pud_val(*pud));
99
100
101
102
103
104
105
106
107
108

		if (pud_none(*pud))
			break;

		if (pud_bad(*pud)) {
			printk("(bad)");
			break;
		}

		pmd = pmd_offset(pud, addr);
109
		if (PTRS_PER_PMD != 1)
110
			printk(", *pmd=%08llx", (long long)pmd_val(*pmd));
Linus Torvalds's avatar
Linus Torvalds committed
111
112
113
114
115
116
117
118
119
120

		if (pmd_none(*pmd))
			break;

		if (pmd_bad(*pmd)) {
			printk("(bad)");
			break;
		}

		/* We must not map this if we have highmem enabled */
121
122
123
		if (PageHighMem(pfn_to_page(pmd_val(*pmd) >> PAGE_SHIFT)))
			break;

Linus Torvalds's avatar
Linus Torvalds committed
124
		pte = pte_offset_map(pmd, addr);
125
126
127
		printk(", *pte=%08llx", (long long)pte_val(*pte));
		printk(", *ppte=%08llx",
		       (long long)pte_val(pte[PTE_HWTABLE_PTRS]));
Linus Torvalds's avatar
Linus Torvalds committed
128
129
130
131
132
		pte_unmap(pte);
	} while(0);

	printk("\n");
}
133
134
135
136
#else					/* CONFIG_MMU */
void show_pte(struct mm_struct *mm, unsigned long addr)
{ }
#endif					/* CONFIG_MMU */
Linus Torvalds's avatar
Linus Torvalds committed
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171

/*
 * Oops.  The kernel tried to access some page that wasn't present.
 */
static void
__do_kernel_fault(struct mm_struct *mm, unsigned long addr, unsigned int fsr,
		  struct pt_regs *regs)
{
	/*
	 * Are we prepared to handle this kernel fault?
	 */
	if (fixup_exception(regs))
		return;

	/*
	 * No handler, we'll have to terminate things with extreme prejudice.
	 */
	bust_spinlocks(1);
	printk(KERN_ALERT
		"Unable to handle kernel %s at virtual address %08lx\n",
		(addr < PAGE_SIZE) ? "NULL pointer dereference" :
		"paging request", addr);

	show_pte(mm, addr);
	die("Oops", regs, fsr);
	bust_spinlocks(0);
	do_exit(SIGKILL);
}

/*
 * Something tried to access memory that isn't in our memory map..
 * User mode accesses just cause a SIGSEGV
 */
static void
__do_user_fault(struct task_struct *tsk, unsigned long addr,
172
173
		unsigned int fsr, unsigned int sig, int code,
		struct pt_regs *regs)
Linus Torvalds's avatar
Linus Torvalds committed
174
175
176
177
178
{
	struct siginfo si;

#ifdef CONFIG_DEBUG_USER
	if (user_debug & UDBG_SEGV) {
179
180
		printk(KERN_DEBUG "%s: unhandled page fault (%d) at 0x%08lx, code 0x%03x\n",
		       tsk->comm, sig, addr, fsr);
Linus Torvalds's avatar
Linus Torvalds committed
181
182
183
184
185
186
187
188
		show_pte(tsk->mm, addr);
		show_regs(regs);
	}
#endif

	tsk->thread.address = addr;
	tsk->thread.error_code = fsr;
	tsk->thread.trap_no = 14;
189
	si.si_signo = sig;
Linus Torvalds's avatar
Linus Torvalds committed
190
191
192
	si.si_errno = 0;
	si.si_code = code;
	si.si_addr = (void __user *)addr;
193
	force_sig_info(sig, &si, tsk);
Linus Torvalds's avatar
Linus Torvalds committed
194
195
}

196
void do_bad_area(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
Linus Torvalds's avatar
Linus Torvalds committed
197
{
198
199
200
	struct task_struct *tsk = current;
	struct mm_struct *mm = tsk->active_mm;

Linus Torvalds's avatar
Linus Torvalds committed
201
202
203
204
205
	/*
	 * If we are in kernel mode at this point, we
	 * have no context to handle this fault with.
	 */
	if (user_mode(regs))
206
		__do_user_fault(tsk, addr, fsr, SIGSEGV, SEGV_MAPERR, regs);
Linus Torvalds's avatar
Linus Torvalds committed
207
208
209
210
	else
		__do_kernel_fault(mm, addr, fsr, regs);
}

211
#ifdef CONFIG_MMU
212
213
#define VM_FAULT_BADMAP		0x010000
#define VM_FAULT_BADACCESS	0x020000
Linus Torvalds's avatar
Linus Torvalds committed
214

215
216
217
218
219
220
221
222
223
224
225
/*
 * Check that the permissions on the VMA allow for the fault which occurred.
 * If we encountered a write fault, we must have write permission, otherwise
 * we allow any permission.
 */
static inline bool access_error(unsigned int fsr, struct vm_area_struct *vma)
{
	unsigned int mask = VM_READ | VM_WRITE | VM_EXEC;

	if (fsr & FSR_WRITE)
		mask = VM_WRITE;
226
227
	if (fsr & FSR_LNX_PF)
		mask = VM_EXEC;
228
229
230
231
232

	return vma->vm_flags & mask ? false : true;
}

static int __kprobes
Linus Torvalds's avatar
Linus Torvalds committed
233
__do_page_fault(struct mm_struct *mm, unsigned long addr, unsigned int fsr,
234
		unsigned int flags, struct task_struct *tsk)
Linus Torvalds's avatar
Linus Torvalds committed
235
236
{
	struct vm_area_struct *vma;
237
	int fault;
Linus Torvalds's avatar
Linus Torvalds committed
238
239
240

	vma = find_vma(mm, addr);
	fault = VM_FAULT_BADMAP;
241
	if (unlikely(!vma))
Linus Torvalds's avatar
Linus Torvalds committed
242
		goto out;
243
	if (unlikely(vma->vm_start > addr))
Linus Torvalds's avatar
Linus Torvalds committed
244
245
246
247
248
249
250
		goto check_stack;

	/*
	 * Ok, we have a good vm_area for this
	 * memory access, so we can handle it.
	 */
good_area:
251
252
	if (access_error(fsr, vma)) {
		fault = VM_FAULT_BADACCESS;
Linus Torvalds's avatar
Linus Torvalds committed
253
		goto out;
254
	}
Linus Torvalds's avatar
Linus Torvalds committed
255

256
	return handle_mm_fault(mm, vma, addr & PAGE_MASK, flags);
Linus Torvalds's avatar
Linus Torvalds committed
257
258
259
260
261
262
263
264

check_stack:
	if (vma->vm_flags & VM_GROWSDOWN && !expand_stack(vma, addr))
		goto good_area;
out:
	return fault;
}

265
static int __kprobes
Linus Torvalds's avatar
Linus Torvalds committed
266
267
268
269
do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
{
	struct task_struct *tsk;
	struct mm_struct *mm;
270
	int fault, sig, code;
271
272
273
	int write = fsr & FSR_WRITE;
	unsigned int flags = FAULT_FLAG_ALLOW_RETRY | FAULT_FLAG_KILLABLE |
				(write ? FAULT_FLAG_WRITE : 0);
Linus Torvalds's avatar
Linus Torvalds committed
274

275
276
277
	if (notify_page_fault(regs, fsr))
		return 0;

Linus Torvalds's avatar
Linus Torvalds committed
278
279
280
	tsk = current;
	mm  = tsk->mm;

281
282
283
284
	/* Enable interrupts if they were enabled in the parent context. */
	if (interrupts_enabled(regs))
		local_irq_enable();

Linus Torvalds's avatar
Linus Torvalds committed
285
286
287
288
	/*
	 * If we're in an interrupt or have no user
	 * context, we must not take the fault..
	 */
289
	if (in_atomic() || !mm)
Linus Torvalds's avatar
Linus Torvalds committed
290
291
		goto no_context;

292
293
294
295
296
297
298
299
	/*
	 * As per x86, we may deadlock here.  However, since the kernel only
	 * validly references user space from well defined areas of the code,
	 * we can bug out early if this is from code which shouldn't.
	 */
	if (!down_read_trylock(&mm->mmap_sem)) {
		if (!user_mode(regs) && !search_exception_tables(regs->ARM_pc))
			goto no_context;
300
retry:
301
		down_read(&mm->mmap_sem);
302
303
304
305
306
307
308
	} else {
		/*
		 * The above down_read_trylock() might have succeeded in
		 * which case, we'll have missed the might_sleep() from
		 * down_read()
		 */
		might_sleep();
309
310
311
312
313
#ifdef CONFIG_DEBUG_VM
		if (!user_mode(regs) &&
		    !search_exception_tables(regs->ARM_pc))
			goto no_context;
#endif
314
315
	}

316
317
318
319
320
321
322
323
324
325
326
327
328
329
	fault = __do_page_fault(mm, addr, fsr, flags, tsk);

	/* If we need to retry but a fatal signal is pending, handle the
	 * signal first. We do not need to release the mmap_sem because
	 * it would already be released in __lock_page_or_retry in
	 * mm/filemap.c. */
	if ((fault & VM_FAULT_RETRY) && fatal_signal_pending(current))
		return 0;

	/*
	 * Major/minor page fault accounting is only done on the
	 * initial attempt. If we go through a retry, it is extremely
	 * likely that the page will be found in page cache at that point.
	 */
Linus Torvalds's avatar
Linus Torvalds committed
330

331
	perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS, 1, regs, addr);
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
	if (flags & FAULT_FLAG_ALLOW_RETRY) {
		if (fault & VM_FAULT_MAJOR) {
			tsk->maj_flt++;
			perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS_MAJ, 1,
					regs, addr);
		} else {
			tsk->min_flt++;
			perf_sw_event(PERF_COUNT_SW_PAGE_FAULTS_MIN, 1,
					regs, addr);
		}
		if (fault & VM_FAULT_RETRY) {
			/* Clear FAULT_FLAG_ALLOW_RETRY to avoid any risk
			* of starvation. */
			flags &= ~FAULT_FLAG_ALLOW_RETRY;
			goto retry;
		}
	}

	up_read(&mm->mmap_sem);
351

Linus Torvalds's avatar
Linus Torvalds committed
352
	/*
353
	 * Handle the "normal" case first - VM_FAULT_MAJOR / VM_FAULT_MINOR
Linus Torvalds's avatar
Linus Torvalds committed
354
	 */
355
	if (likely(!(fault & (VM_FAULT_ERROR | VM_FAULT_BADMAP | VM_FAULT_BADACCESS))))
Linus Torvalds's avatar
Linus Torvalds committed
356
357
		return 0;

358
359
360
361
362
363
364
365
366
367
	if (fault & VM_FAULT_OOM) {
		/*
		 * We ran out of memory, call the OOM killer, and return to
		 * userspace (which will retry the fault, or kill us if we
		 * got oom-killed)
		 */
		pagefault_out_of_memory();
		return 0;
	}

Linus Torvalds's avatar
Linus Torvalds committed
368
369
370
371
372
373
374
	/*
	 * If we are in kernel mode at this point, we
	 * have no context to handle this fault with.
	 */
	if (!user_mode(regs))
		goto no_context;

Nick Piggin's avatar
Nick Piggin committed
375
	if (fault & VM_FAULT_SIGBUS) {
376
377
378
379
380
381
		/*
		 * We had some memory, but were unable to
		 * successfully fix up this page fault.
		 */
		sig = SIGBUS;
		code = BUS_ADRERR;
Nick Piggin's avatar
Nick Piggin committed
382
	} else {
383
384
385
386
387
388
389
		/*
		 * Something tried to access memory that
		 * isn't in our memory map..
		 */
		sig = SIGSEGV;
		code = fault == VM_FAULT_BADACCESS ?
			SEGV_ACCERR : SEGV_MAPERR;
Linus Torvalds's avatar
Linus Torvalds committed
390
391
	}

392
393
	__do_user_fault(tsk, addr, fsr, sig, code, regs);
	return 0;
Linus Torvalds's avatar
Linus Torvalds committed
394
395
396
397
398

no_context:
	__do_kernel_fault(mm, addr, fsr, regs);
	return 0;
}
399
400
401
402
403
404
405
#else					/* CONFIG_MMU */
static int
do_page_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
{
	return 0;
}
#endif					/* CONFIG_MMU */
Linus Torvalds's avatar
Linus Torvalds committed
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423

/*
 * First Level Translation Fault Handler
 *
 * We enter here because the first level page table doesn't contain
 * a valid entry for the address.
 *
 * If the address is in kernel space (>= TASK_SIZE), then we are
 * probably faulting in the vmalloc() area.
 *
 * If the init_task's first level page tables contains the relevant
 * entry, we copy the it to this task.  If not, we send the process
 * a signal, fixup the exception, or oops the kernel.
 *
 * NOTE! We MUST NOT take any locks for this case. We may be in an
 * interrupt or a critical region, and should only copy the information
 * from the master page table, nothing more.
 */
424
#ifdef CONFIG_MMU
425
static int __kprobes
Linus Torvalds's avatar
Linus Torvalds committed
426
427
428
429
430
do_translation_fault(unsigned long addr, unsigned int fsr,
		     struct pt_regs *regs)
{
	unsigned int index;
	pgd_t *pgd, *pgd_k;
431
	pud_t *pud, *pud_k;
Linus Torvalds's avatar
Linus Torvalds committed
432
433
434
435
436
	pmd_t *pmd, *pmd_k;

	if (addr < TASK_SIZE)
		return do_page_fault(addr, fsr, regs);

437
438
439
	if (user_mode(regs))
		goto bad_area;

Linus Torvalds's avatar
Linus Torvalds committed
440
441
442
443
444
445
446
447
448
449
450
451
452
	index = pgd_index(addr);

	/*
	 * FIXME: CP15 C1 is write only on ARMv3 architectures.
	 */
	pgd = cpu_get_pgd() + index;
	pgd_k = init_mm.pgd + index;

	if (pgd_none(*pgd_k))
		goto bad_area;
	if (!pgd_present(*pgd))
		set_pgd(pgd, *pgd_k);

453
454
455
456
457
458
459
460
461
462
	pud = pud_offset(pgd, addr);
	pud_k = pud_offset(pgd_k, addr);

	if (pud_none(*pud_k))
		goto bad_area;
	if (!pud_present(*pud))
		set_pud(pud, *pud_k);

	pmd = pmd_offset(pud, addr);
	pmd_k = pmd_offset(pud_k, addr);
Linus Torvalds's avatar
Linus Torvalds committed
463

464
465
466
467
468
469
470
471
472
473
	/*
	 * On ARM one Linux PGD entry contains two hardware entries (see page
	 * tables layout in pgtable.h). We normally guarantee that we always
	 * fill both L1 entries. But create_mapping() doesn't follow the rule.
	 * It can create inidividual L1 entries, so here we have to call
	 * pmd_none() check for the entry really corresponded to address, not
	 * for the first of pair.
	 */
	index = (addr >> SECTION_SHIFT) & 1;
	if (pmd_none(pmd_k[index]))
Linus Torvalds's avatar
Linus Torvalds committed
474
475
476
477
478
479
		goto bad_area;

	copy_pmd(pmd, pmd_k);
	return 0;

bad_area:
480
	do_bad_area(addr, fsr, regs);
Linus Torvalds's avatar
Linus Torvalds committed
481
482
	return 0;
}
483
484
485
486
487
488
489
490
#else					/* CONFIG_MMU */
static int
do_translation_fault(unsigned long addr, unsigned int fsr,
		     struct pt_regs *regs)
{
	return 0;
}
#endif					/* CONFIG_MMU */
Linus Torvalds's avatar
Linus Torvalds committed
491
492
493
494
495
496
497
498

/*
 * Some section permission faults need to be handled gracefully.
 * They can happen due to a __{get,put}_user during an oops.
 */
static int
do_sect_fault(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
{
499
	do_bad_area(addr, fsr, regs);
Linus Torvalds's avatar
Linus Torvalds committed
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
	return 0;
}

/*
 * This abort handler always returns "fault".
 */
static int
do_bad(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
{
	return 1;
}

static struct fsr_info {
	int	(*fn)(unsigned long addr, unsigned int fsr, struct pt_regs *regs);
	int	sig;
515
	int	code;
Linus Torvalds's avatar
Linus Torvalds committed
516
517
518
519
520
521
	const char *name;
} fsr_info[] = {
	/*
	 * The following are the standard ARMv3 and ARMv4 aborts.  ARMv5
	 * defines these to be "precise" aborts.
	 */
522
	{ do_bad,		SIGSEGV, 0,		"vector exception"		   },
523
	{ do_bad,		SIGBUS,	 BUS_ADRALN,	"alignment exception"		   },
524
	{ do_bad,		SIGKILL, 0,		"terminal exception"		   },
525
	{ do_bad,		SIGBUS,	 BUS_ADRALN,	"alignment exception"		   },
526
527
528
529
530
531
532
533
534
535
536
537
	{ do_bad,		SIGBUS,	 0,		"external abort on linefetch"	   },
	{ do_translation_fault,	SIGSEGV, SEGV_MAPERR,	"section translation fault"	   },
	{ do_bad,		SIGBUS,	 0,		"external abort on linefetch"	   },
	{ do_page_fault,	SIGSEGV, SEGV_MAPERR,	"page translation fault"	   },
	{ do_bad,		SIGBUS,	 0,		"external abort on non-linefetch"  },
	{ do_bad,		SIGSEGV, SEGV_ACCERR,	"section domain fault"		   },
	{ do_bad,		SIGBUS,	 0,		"external abort on non-linefetch"  },
	{ do_bad,		SIGSEGV, SEGV_ACCERR,	"page domain fault"		   },
	{ do_bad,		SIGBUS,	 0,		"external abort on translation"	   },
	{ do_sect_fault,	SIGSEGV, SEGV_ACCERR,	"section permission fault"	   },
	{ do_bad,		SIGBUS,	 0,		"external abort on translation"	   },
	{ do_page_fault,	SIGSEGV, SEGV_ACCERR,	"page permission fault"		   },
Linus Torvalds's avatar
Linus Torvalds committed
538
539
540
541
542
	/*
	 * The following are "imprecise" aborts, which are signalled by bit
	 * 10 of the FSR, and may not be recoverable.  These are only
	 * supported if the CPU abort handler supports bit 10.
	 */
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
	{ do_bad,		SIGBUS,  0,		"unknown 16"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 17"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 18"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 19"			   },
	{ do_bad,		SIGBUS,  0,		"lock abort"			   }, /* xscale */
	{ do_bad,		SIGBUS,  0,		"unknown 21"			   },
	{ do_bad,		SIGBUS,  BUS_OBJERR,	"imprecise external abort"	   }, /* xscale */
	{ do_bad,		SIGBUS,  0,		"unknown 23"			   },
	{ do_bad,		SIGBUS,  0,		"dcache parity error"		   }, /* xscale */
	{ do_bad,		SIGBUS,  0,		"unknown 25"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 26"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 27"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 28"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 29"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 30"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 31"			   }
Linus Torvalds's avatar
Linus Torvalds committed
559
560
561
562
};

void __init
hook_fault_code(int nr, int (*fn)(unsigned long, unsigned int, struct pt_regs *),
563
		int sig, int code, const char *name)
Linus Torvalds's avatar
Linus Torvalds committed
564
{
565
566
567
568
569
570
571
	if (nr < 0 || nr >= ARRAY_SIZE(fsr_info))
		BUG();

	fsr_info[nr].fn   = fn;
	fsr_info[nr].sig  = sig;
	fsr_info[nr].code = code;
	fsr_info[nr].name = name;
Linus Torvalds's avatar
Linus Torvalds committed
572
573
574
575
576
}

/*
 * Dispatch a data abort to the relevant handler.
 */
577
asmlinkage void __exception
Linus Torvalds's avatar
Linus Torvalds committed
578
579
do_DataAbort(unsigned long addr, unsigned int fsr, struct pt_regs *regs)
{
580
	const struct fsr_info *inf = fsr_info + fsr_fs(fsr);
581
	struct siginfo info;
Linus Torvalds's avatar
Linus Torvalds committed
582

583
	if (!inf->fn(addr, fsr & ~FSR_LNX_PF, regs))
Linus Torvalds's avatar
Linus Torvalds committed
584
585
586
587
		return;

	printk(KERN_ALERT "Unhandled fault: %s (0x%03x) at 0x%08lx\n",
		inf->name, fsr, addr);
588
589
590
591
592

	info.si_signo = inf->sig;
	info.si_errno = 0;
	info.si_code  = inf->code;
	info.si_addr  = (void __user *)addr;
593
	arm_notify_die("", regs, &info, fsr, 0);
Linus Torvalds's avatar
Linus Torvalds committed
594
595
}

596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631

static struct fsr_info ifsr_info[] = {
	{ do_bad,		SIGBUS,  0,		"unknown 0"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 1"			   },
	{ do_bad,		SIGBUS,  0,		"debug event"			   },
	{ do_bad,		SIGSEGV, SEGV_ACCERR,	"section access flag fault"	   },
	{ do_bad,		SIGBUS,  0,		"unknown 4"			   },
	{ do_translation_fault,	SIGSEGV, SEGV_MAPERR,	"section translation fault"	   },
	{ do_bad,		SIGSEGV, SEGV_ACCERR,	"page access flag fault"	   },
	{ do_page_fault,	SIGSEGV, SEGV_MAPERR,	"page translation fault"	   },
	{ do_bad,		SIGBUS,	 0,		"external abort on non-linefetch"  },
	{ do_bad,		SIGSEGV, SEGV_ACCERR,	"section domain fault"		   },
	{ do_bad,		SIGBUS,  0,		"unknown 10"			   },
	{ do_bad,		SIGSEGV, SEGV_ACCERR,	"page domain fault"		   },
	{ do_bad,		SIGBUS,	 0,		"external abort on translation"	   },
	{ do_sect_fault,	SIGSEGV, SEGV_ACCERR,	"section permission fault"	   },
	{ do_bad,		SIGBUS,	 0,		"external abort on translation"	   },
	{ do_page_fault,	SIGSEGV, SEGV_ACCERR,	"page permission fault"		   },
	{ do_bad,		SIGBUS,  0,		"unknown 16"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 17"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 18"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 19"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 20"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 21"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 22"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 23"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 24"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 25"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 26"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 27"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 28"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 29"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 30"			   },
	{ do_bad,		SIGBUS,  0,		"unknown 31"			   },
};

632
633
634
635
636
637
638
639
640
641
642
643
644
void __init
hook_ifault_code(int nr, int (*fn)(unsigned long, unsigned int, struct pt_regs *),
		 int sig, int code, const char *name)
{
	if (nr < 0 || nr >= ARRAY_SIZE(ifsr_info))
		BUG();

	ifsr_info[nr].fn   = fn;
	ifsr_info[nr].sig  = sig;
	ifsr_info[nr].code = code;
	ifsr_info[nr].name = name;
}

645
asmlinkage void __exception
646
do_PrefetchAbort(unsigned long addr, unsigned int ifsr, struct pt_regs *regs)
Linus Torvalds's avatar
Linus Torvalds committed
647
{
648
649
650
651
652
653
654
655
656
657
658
659
660
661
	const struct fsr_info *inf = ifsr_info + fsr_fs(ifsr);
	struct siginfo info;

	if (!inf->fn(addr, ifsr | FSR_LNX_PF, regs))
		return;

	printk(KERN_ALERT "Unhandled prefetch abort: %s (0x%03x) at 0x%08lx\n",
		inf->name, ifsr, addr);

	info.si_signo = inf->sig;
	info.si_errno = 0;
	info.si_code  = inf->code;
	info.si_addr  = (void __user *)addr;
	arm_notify_die("", regs, &info, ifsr, 0);
Linus Torvalds's avatar
Linus Torvalds committed
662
663
}

664
665
666
667
668
669
670
static int __init exceptions_init(void)
{
	if (cpu_architecture() >= CPU_ARCH_ARMv6) {
		hook_fault_code(4, do_translation_fault, SIGSEGV, SEGV_MAPERR,
				"I-cache maintenance fault");
	}

671
672
673
674
675
676
677
678
679
680
681
	if (cpu_architecture() >= CPU_ARCH_ARMv7) {
		/*
		 * TODO: Access flag faults introduced in ARMv6K.
		 * Runtime check for 'K' extension is needed
		 */
		hook_fault_code(3, do_bad, SIGSEGV, SEGV_MAPERR,
				"section access flag fault");
		hook_fault_code(6, do_bad, SIGSEGV, SEGV_MAPERR,
				"section access flag fault");
	}

682
683
684
685
	return 0;
}

arch_initcall(exceptions_init);