2005-09-26 14:04:21 +08:00
|
|
|
/*
|
|
|
|
* FPU support code, moved here from head.S so that it can be used
|
|
|
|
* by chips which use other head-whatever.S files.
|
|
|
|
*
|
2006-08-30 12:45:35 +08:00
|
|
|
* Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
|
|
|
|
* Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
|
|
|
|
* Copyright (C) 1996 Paul Mackerras.
|
|
|
|
* Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
|
|
|
|
*
|
2005-09-26 14:04:21 +08:00
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version
|
|
|
|
* 2 of the License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
|
2005-10-10 20:20:10 +08:00
|
|
|
#include <asm/reg.h>
|
2005-09-26 14:04:21 +08:00
|
|
|
#include <asm/page.h>
|
|
|
|
#include <asm/mmu.h>
|
|
|
|
#include <asm/pgtable.h>
|
|
|
|
#include <asm/cputable.h>
|
|
|
|
#include <asm/cache.h>
|
|
|
|
#include <asm/thread_info.h>
|
|
|
|
#include <asm/ppc_asm.h>
|
|
|
|
#include <asm/asm-offsets.h>
|
2010-11-18 23:06:17 +08:00
|
|
|
#include <asm/ptrace.h>
|
2005-09-26 14:04:21 +08:00
|
|
|
|
2008-06-25 12:07:18 +08:00
|
|
|
#ifdef CONFIG_VSX
|
2012-06-25 21:33:23 +08:00
|
|
|
#define __REST_32FPVSRS(n,c,base) \
|
2008-06-25 12:07:18 +08:00
|
|
|
BEGIN_FTR_SECTION \
|
|
|
|
b 2f; \
|
|
|
|
END_FTR_SECTION_IFSET(CPU_FTR_VSX); \
|
|
|
|
REST_32FPRS(n,base); \
|
|
|
|
b 3f; \
|
|
|
|
2: REST_32VSRS(n,c,base); \
|
|
|
|
3:
|
|
|
|
|
2012-06-25 21:33:23 +08:00
|
|
|
#define __SAVE_32FPVSRS(n,c,base) \
|
2008-06-25 12:07:18 +08:00
|
|
|
BEGIN_FTR_SECTION \
|
|
|
|
b 2f; \
|
|
|
|
END_FTR_SECTION_IFSET(CPU_FTR_VSX); \
|
|
|
|
SAVE_32FPRS(n,base); \
|
|
|
|
b 3f; \
|
|
|
|
2: SAVE_32VSRS(n,c,base); \
|
|
|
|
3:
|
|
|
|
#else
|
2012-06-25 21:33:23 +08:00
|
|
|
#define __REST_32FPVSRS(n,b,base) REST_32FPRS(n, base)
|
|
|
|
#define __SAVE_32FPVSRS(n,b,base) SAVE_32FPRS(n, base)
|
2008-06-25 12:07:18 +08:00
|
|
|
#endif
|
2012-06-25 21:33:23 +08:00
|
|
|
#define REST_32FPVSRS(n,c,base) __REST_32FPVSRS(n,__REG_##c,__REG_##base)
|
|
|
|
#define SAVE_32FPVSRS(n,c,base) __SAVE_32FPVSRS(n,__REG_##c,__REG_##base)
|
2008-06-25 12:07:18 +08:00
|
|
|
|
2013-02-14 00:21:36 +08:00
|
|
|
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
|
|
|
|
/* void do_load_up_transact_fpu(struct thread_struct *thread)
|
|
|
|
*
|
|
|
|
* This is similar to load_up_fpu but for the transactional version of the FP
|
|
|
|
* register set. It doesn't mess with the task MSR or valid flags.
|
|
|
|
* Furthermore, we don't do lazy FP with TM currently.
|
|
|
|
*/
|
|
|
|
_GLOBAL(do_load_up_transact_fpu)
|
|
|
|
mfmsr r6
|
|
|
|
ori r5,r6,MSR_FP
|
|
|
|
#ifdef CONFIG_VSX
|
|
|
|
BEGIN_FTR_SECTION
|
|
|
|
oris r5,r5,MSR_VSX@h
|
|
|
|
END_FTR_SECTION_IFSET(CPU_FTR_VSX)
|
|
|
|
#endif
|
|
|
|
SYNC
|
|
|
|
MTMSRD(r5)
|
|
|
|
|
2013-09-10 18:20:42 +08:00
|
|
|
addi r7,r3,THREAD_TRANSACT_FPSTATE
|
|
|
|
lfd fr0,FPSTATE_FPSCR(r7)
|
2013-02-14 00:21:36 +08:00
|
|
|
MTFSF_L(fr0)
|
2013-09-10 18:20:42 +08:00
|
|
|
REST_32FPVSRS(0, R4, R7)
|
2013-02-14 00:21:36 +08:00
|
|
|
|
|
|
|
blr
|
|
|
|
#endif /* CONFIG_PPC_TRANSACTIONAL_MEM */
|
|
|
|
|
powerpc: Don't corrupt transactional state when using FP/VMX in kernel
Currently, when we have a process using the transactional memory
facilities on POWER8 (that is, the processor is in transactional
or suspended state), and the process enters the kernel and the
kernel then uses the floating-point or vector (VMX/Altivec) facility,
we end up corrupting the user-visible FP/VMX/VSX state. This
happens, for example, if a page fault causes a copy-on-write
operation, because the copy_page function will use VMX to do the
copy on POWER8. The test program below demonstrates the bug.
The bug happens because when FP/VMX state for a transactional process
is stored in the thread_struct, we store the checkpointed state in
.fp_state/.vr_state and the transactional (current) state in
.transact_fp/.transact_vr. However, when the kernel wants to use
FP/VMX, it calls enable_kernel_fp() or enable_kernel_altivec(),
which saves the current state in .fp_state/.vr_state. Furthermore,
when we return to the user process we return with FP/VMX/VSX
disabled. The next time the process uses FP/VMX/VSX, we don't know
which set of state (the current register values, .fp_state/.vr_state,
or .transact_fp/.transact_vr) we should be using, since we have no
way to tell if we are still in the same transaction, and if not,
whether the previous transaction succeeded or failed.
Thus it is necessary to strictly adhere to the rule that if FP has
been enabled at any point in a transaction, we must keep FP enabled
for the user process with the current transactional state in the
FP registers, until we detect that it is no longer in a transaction.
Similarly for VMX; once enabled it must stay enabled until the
process is no longer transactional.
In order to keep this rule, we add a new thread_info flag which we
test when returning from the kernel to userspace, called TIF_RESTORE_TM.
This flag indicates that there is FP/VMX/VSX state to be restored
before entering userspace, and when it is set the .tm_orig_msr field
in the thread_struct indicates what state needs to be restored.
The restoration is done by restore_tm_state(). The TIF_RESTORE_TM
bit is set by new giveup_fpu/altivec_maybe_transactional helpers,
which are called from enable_kernel_fp/altivec, giveup_vsx, and
flush_fp/altivec_to_thread instead of giveup_fpu/altivec.
The other thing to be done is to get the transactional FP/VMX/VSX
state from .fp_state/.vr_state when doing reclaim, if that state
has been saved there by giveup_fpu/altivec_maybe_transactional.
Having done this, we set the FP/VMX bit in the thread's MSR after
reclaim to indicate that that part of the state is now valid
(having been reclaimed from the processor's checkpointed state).
Finally, in the signal handling code, we move the clearing of the
transactional state bits in the thread's MSR a bit earlier, before
calling flush_fp_to_thread(), so that we don't unnecessarily set
the TIF_RESTORE_TM bit.
This is the test program:
/* Michael Neuling 4/12/2013
*
* See if the altivec state is leaked out of an aborted transaction due to
* kernel vmx copy loops.
*
* gcc -m64 htm_vmxcopy.c -o htm_vmxcopy
*
*/
/* We don't use all of these, but for reference: */
int main(int argc, char *argv[])
{
long double vecin = 1.3;
long double vecout;
unsigned long pgsize = getpagesize();
int i;
int fd;
int size = pgsize*16;
char tmpfile[] = "/tmp/page_faultXXXXXX";
char buf[pgsize];
char *a;
uint64_t aborted = 0;
fd = mkstemp(tmpfile);
assert(fd >= 0);
memset(buf, 0, pgsize);
for (i = 0; i < size; i += pgsize)
assert(write(fd, buf, pgsize) == pgsize);
unlink(tmpfile);
a = mmap(NULL, size, PROT_READ|PROT_WRITE, MAP_PRIVATE, fd, 0);
assert(a != MAP_FAILED);
asm __volatile__(
"lxvd2x 40,0,%[vecinptr] ; " // set 40 to initial value
TBEGIN
"beq 3f ;"
TSUSPEND
"xxlxor 40,40,40 ; " // set 40 to 0
"std 5, 0(%[map]) ;" // cause kernel vmx copy page
TABORT
TRESUME
TEND
"li %[res], 0 ;"
"b 5f ;"
"3: ;" // Abort handler
"li %[res], 1 ;"
"5: ;"
"stxvd2x 40,0,%[vecoutptr] ; "
: [res]"=r"(aborted)
: [vecinptr]"r"(&vecin),
[vecoutptr]"r"(&vecout),
[map]"r"(a)
: "memory", "r0", "r3", "r4", "r5", "r6", "r7");
if (aborted && (vecin != vecout)){
printf("FAILED: vector state leaked on abort %f != %f\n",
(double)vecin, (double)vecout);
exit(1);
}
munmap(a, size);
close(fd);
printf("PASSED!\n");
return 0;
}
Signed-off-by: Paul Mackerras <paulus@samba.org>
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2014-01-13 12:56:29 +08:00
|
|
|
/*
|
|
|
|
* Enable use of the FPU, and VSX if possible, for the caller.
|
|
|
|
*/
|
|
|
|
_GLOBAL(fp_enable)
|
|
|
|
mfmsr r3
|
|
|
|
ori r3,r3,MSR_FP
|
|
|
|
#ifdef CONFIG_VSX
|
|
|
|
BEGIN_FTR_SECTION
|
|
|
|
oris r3,r3,MSR_VSX@h
|
|
|
|
END_FTR_SECTION_IFSET(CPU_FTR_VSX)
|
|
|
|
#endif
|
|
|
|
SYNC
|
|
|
|
MTMSRD(r3)
|
|
|
|
isync /* (not necessary for arch 2.02 and later) */
|
|
|
|
blr
|
|
|
|
|
2013-09-10 18:21:10 +08:00
|
|
|
/*
|
|
|
|
* Load state from memory into FP registers including FPSCR.
|
|
|
|
* Assumes the caller has enabled FP in the MSR.
|
|
|
|
*/
|
|
|
|
_GLOBAL(load_fp_state)
|
|
|
|
lfd fr0,FPSTATE_FPSCR(r3)
|
|
|
|
MTFSF_L(fr0)
|
|
|
|
REST_32FPVSRS(0, R4, R3)
|
|
|
|
blr
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Store FP state into memory, including FPSCR
|
|
|
|
* Assumes the caller has enabled FP in the MSR.
|
|
|
|
*/
|
|
|
|
_GLOBAL(store_fp_state)
|
|
|
|
SAVE_32FPVSRS(0, R4, R3)
|
|
|
|
mffs fr0
|
|
|
|
stfd fr0,FPSTATE_FPSCR(r3)
|
|
|
|
blr
|
|
|
|
|
2005-09-26 14:04:21 +08:00
|
|
|
/*
|
|
|
|
* This task wants to use the FPU now.
|
|
|
|
* On UP, disable FP for the task which had the FPU previously,
|
|
|
|
* and save its floating-point registers in its thread_struct.
|
|
|
|
* Load up this task's FP registers from its thread_struct,
|
|
|
|
* enable the FPU for the current task and return to the task.
|
2013-10-23 16:40:02 +08:00
|
|
|
* Note that on 32-bit this can only use registers that will be
|
|
|
|
* restored by fast_exception_return, i.e. r3 - r6, r10 and r11.
|
2005-09-26 14:04:21 +08:00
|
|
|
*/
|
2005-10-06 08:59:19 +08:00
|
|
|
_GLOBAL(load_up_fpu)
|
2005-09-26 14:04:21 +08:00
|
|
|
mfmsr r5
|
|
|
|
ori r5,r5,MSR_FP
|
2008-06-25 12:07:18 +08:00
|
|
|
#ifdef CONFIG_VSX
|
|
|
|
BEGIN_FTR_SECTION
|
|
|
|
oris r5,r5,MSR_VSX@h
|
|
|
|
END_FTR_SECTION_IFSET(CPU_FTR_VSX)
|
|
|
|
#endif
|
2005-09-26 14:04:21 +08:00
|
|
|
SYNC
|
|
|
|
MTMSRD(r5) /* enable use of fpu now */
|
|
|
|
isync
|
|
|
|
/* enable use of FP after return */
|
2005-10-06 08:59:19 +08:00
|
|
|
#ifdef CONFIG_PPC32
|
2013-09-10 18:20:42 +08:00
|
|
|
mfspr r5,SPRN_SPRG_THREAD /* current task's THREAD (phys) */
|
2005-09-26 14:04:21 +08:00
|
|
|
lwz r4,THREAD_FPEXC_MODE(r5)
|
|
|
|
ori r9,r9,MSR_FP /* enable FP for current */
|
|
|
|
or r9,r9,r4
|
2005-10-06 08:59:19 +08:00
|
|
|
#else
|
|
|
|
ld r4,PACACURRENT(r13)
|
|
|
|
addi r5,r4,THREAD /* Get THREAD */
|
2006-02-07 10:55:30 +08:00
|
|
|
lwz r4,THREAD_FPEXC_MODE(r5)
|
2005-10-06 08:59:19 +08:00
|
|
|
ori r12,r12,MSR_FP
|
|
|
|
or r12,r12,r4
|
|
|
|
std r12,_MSR(r1)
|
|
|
|
#endif
|
2013-10-23 16:40:02 +08:00
|
|
|
addi r10,r5,THREAD_FPSTATE
|
|
|
|
lfd fr0,FPSTATE_FPSCR(r10)
|
2006-06-10 18:18:39 +08:00
|
|
|
MTFSF_L(fr0)
|
2013-10-23 16:40:02 +08:00
|
|
|
REST_32FPVSRS(0, R4, R10)
|
2005-09-26 14:04:21 +08:00
|
|
|
/* restore registers and return */
|
|
|
|
/* we haven't used ctr or xer or lr */
|
2008-06-25 12:07:18 +08:00
|
|
|
blr
|
2005-09-26 14:04:21 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* giveup_fpu(tsk)
|
|
|
|
* Disable FP for the task given as the argument,
|
|
|
|
* and save the floating-point registers in its thread_struct.
|
|
|
|
* Enables the FPU for use in the kernel on return.
|
|
|
|
*/
|
2005-10-06 08:59:19 +08:00
|
|
|
_GLOBAL(giveup_fpu)
|
2005-09-26 14:04:21 +08:00
|
|
|
mfmsr r5
|
|
|
|
ori r5,r5,MSR_FP
|
2008-06-25 12:07:18 +08:00
|
|
|
#ifdef CONFIG_VSX
|
|
|
|
BEGIN_FTR_SECTION
|
|
|
|
oris r5,r5,MSR_VSX@h
|
|
|
|
END_FTR_SECTION_IFSET(CPU_FTR_VSX)
|
|
|
|
#endif
|
2005-09-26 14:04:21 +08:00
|
|
|
SYNC_601
|
|
|
|
ISYNC_601
|
|
|
|
MTMSRD(r5) /* enable use of fpu now */
|
|
|
|
SYNC_601
|
|
|
|
isync
|
|
|
|
addi r3,r3,THREAD /* want THREAD of task */
|
2013-09-10 18:21:10 +08:00
|
|
|
PPC_LL r6,THREAD_FPSAVEAREA(r3)
|
[PATCH] powerpc: Consolidate asm compatibility macros
This patch consolidates macros used to generate assembly for
compatibility across different CPUs or configs. A new header,
asm-powerpc/asm-compat.h contains the main compatibility macros. It
uses some preprocessor magic to make the macros suitable both for use
in .S files, and in inline asm in .c files. Headers (bitops.h,
uaccess.h, atomic.h, bug.h) which had their own such compatibility
macros are changed to use asm-compat.h.
ppc_asm.h is now for use in .S files *only*, and a #error enforces
that. As such, we're a lot more careless about namespace pollution
here than in asm-compat.h.
While we're at it, this patch adds a call to the PPC405_ERR77 macro in
futex.h which should have had it already, but didn't.
Built and booted on pSeries, Maple and iSeries (ARCH=powerpc). Built
for 32-bit powermac (ARCH=powerpc) and Walnut (ARCH=ppc).
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
2005-11-10 09:56:55 +08:00
|
|
|
PPC_LL r5,PT_REGS(r3)
|
2013-09-10 18:21:10 +08:00
|
|
|
PPC_LCMPI 0,r6,0
|
|
|
|
bne 2f
|
2013-09-10 18:20:42 +08:00
|
|
|
addi r6,r3,THREAD_FPSTATE
|
2013-09-10 18:21:10 +08:00
|
|
|
2: PPC_LCMPI 0,r5,0
|
2013-09-10 18:20:42 +08:00
|
|
|
SAVE_32FPVSRS(0, R4, R6)
|
2005-09-26 14:04:21 +08:00
|
|
|
mffs fr0
|
2013-09-10 18:20:42 +08:00
|
|
|
stfd fr0,FPSTATE_FPSCR(r6)
|
2005-09-26 14:04:21 +08:00
|
|
|
beq 1f
|
[PATCH] powerpc: Consolidate asm compatibility macros
This patch consolidates macros used to generate assembly for
compatibility across different CPUs or configs. A new header,
asm-powerpc/asm-compat.h contains the main compatibility macros. It
uses some preprocessor magic to make the macros suitable both for use
in .S files, and in inline asm in .c files. Headers (bitops.h,
uaccess.h, atomic.h, bug.h) which had their own such compatibility
macros are changed to use asm-compat.h.
ppc_asm.h is now for use in .S files *only*, and a #error enforces
that. As such, we're a lot more careless about namespace pollution
here than in asm-compat.h.
While we're at it, this patch adds a call to the PPC405_ERR77 macro in
futex.h which should have had it already, but didn't.
Built and booted on pSeries, Maple and iSeries (ARCH=powerpc). Built
for 32-bit powermac (ARCH=powerpc) and Walnut (ARCH=ppc).
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
2005-11-10 09:56:55 +08:00
|
|
|
PPC_LL r4,_MSR-STACK_FRAME_OVERHEAD(r5)
|
2005-09-26 14:04:21 +08:00
|
|
|
li r3,MSR_FP|MSR_FE0|MSR_FE1
|
2009-04-02 02:02:42 +08:00
|
|
|
#ifdef CONFIG_VSX
|
|
|
|
BEGIN_FTR_SECTION
|
|
|
|
oris r3,r3,MSR_VSX@h
|
|
|
|
END_FTR_SECTION_IFSET(CPU_FTR_VSX)
|
|
|
|
#endif
|
2005-09-26 14:04:21 +08:00
|
|
|
andc r4,r4,r3 /* disable FP for previous task */
|
[PATCH] powerpc: Consolidate asm compatibility macros
This patch consolidates macros used to generate assembly for
compatibility across different CPUs or configs. A new header,
asm-powerpc/asm-compat.h contains the main compatibility macros. It
uses some preprocessor magic to make the macros suitable both for use
in .S files, and in inline asm in .c files. Headers (bitops.h,
uaccess.h, atomic.h, bug.h) which had their own such compatibility
macros are changed to use asm-compat.h.
ppc_asm.h is now for use in .S files *only*, and a #error enforces
that. As such, we're a lot more careless about namespace pollution
here than in asm-compat.h.
While we're at it, this patch adds a call to the PPC405_ERR77 macro in
futex.h which should have had it already, but didn't.
Built and booted on pSeries, Maple and iSeries (ARCH=powerpc). Built
for 32-bit powermac (ARCH=powerpc) and Walnut (ARCH=ppc).
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
2005-11-10 09:56:55 +08:00
|
|
|
PPC_STL r4,_MSR-STACK_FRAME_OVERHEAD(r5)
|
2005-09-26 14:04:21 +08:00
|
|
|
1:
|
|
|
|
blr
|
[PATCH] powerpc: Fix handling of fpscr on 64-bit
The recent merge of fpu.S broken the handling of fpscr for
ARCH=powerpc and CONFIG_PPC64=y. FP registers could be corrupted,
leading to strange random application crashes.
The confusion arises, because the thread_struct has (and requires) a
64-bit area to save the fpscr, because we use load/store double
instructions to get it in to/out of the FPU. However, only the low
32-bits are actually used, so we want to treat it as a 32-bit quantity
when manipulating its bits to avoid extra load/stores on 32-bit. This
patch replaces the current definition with a structure of two 32-bit
quantities (pad and val), to clarify things as much as is possible.
The 'val' field is used when manipulating bits, the structure itself
is used when obtaining the address for loading/unloading the value
from the FPU.
While we're at it, consolidate the 4 (!) almost identical versions of
cvt_fd() and cvt_df() (arch/ppc/kernel/misc.S,
arch/ppc64/kernel/misc.S, arch/powerpc/kernel/misc_32.S,
arch/powerpc/kernel/misc_64.S) into a single version in fpu.S. The
new version takes a pointer to thread_struct and applies the correct
offset itself, rather than a pointer to the fpscr field itself, again
to avoid confusion as to which is the correct field to use.
Finally, this patch makes ARCH=ppc64 also use the consolidated fpu.S
code, which it previously did not.
Built for G5 (ARCH=ppc64 and ARCH=powerpc), 32-bit powermac (ARCH=ppc
and ARCH=powerpc) and Walnut (ARCH=ppc, CONFIG_MATH_EMULATION=y).
Booted on G5 (ARCH=powerpc) and things which previously fell over no
longer do.
Signed-off-by: David Gibson <dwg@au1.ibm.com>
Signed-off-by: Paul Mackerras <paulus@samba.org>
2005-10-27 14:27:25 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* These are used in the alignment trap handler when emulating
|
|
|
|
* single-precision loads and stores.
|
|
|
|
*/
|
|
|
|
|
|
|
|
_GLOBAL(cvt_fd)
|
|
|
|
lfs 0,0(r3)
|
|
|
|
stfd 0,0(r4)
|
|
|
|
blr
|
|
|
|
|
|
|
|
_GLOBAL(cvt_df)
|
|
|
|
lfd 0,0(r3)
|
|
|
|
stfs 0,0(r4)
|
|
|
|
blr
|