1 /* $OpenBSD: fault.c,v 1.48 2024/04/29 12:33:17 jsg Exp $ */
2 /* $NetBSD: fault.c,v 1.46 2004/01/21 15:39:21 skrll Exp $ */
3
4 /*
5 * Copyright 2003 Wasabi Systems, Inc.
6 * All rights reserved.
7 *
8 * Written by Steve C. Woodford for Wasabi Systems, Inc.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 * 3. All advertising materials mentioning features or use of this software
19 * must display the following acknowledgement:
20 * This product includes software developed for the NetBSD Project by
21 * Wasabi Systems, Inc.
22 * 4. The name of Wasabi Systems, Inc. may not be used to endorse
23 * or promote products derived from this software without specific prior
24 * written permission.
25 *
26 * THIS SOFTWARE IS PROVIDED BY WASABI SYSTEMS, INC. ``AS IS'' AND
27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL WASABI SYSTEMS, INC
30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
36 * POSSIBILITY OF SUCH DAMAGE.
37 */
38 /*
39 * Copyright (c) 1994-1997 Mark Brinicombe.
40 * Copyright (c) 1994 Brini.
41 * All rights reserved.
42 *
43 * This code is derived from software written for Brini by Mark Brinicombe
44 *
45 * Redistribution and use in source and binary forms, with or without
46 * modification, are permitted provided that the following conditions
47 * are met:
48 * 1. Redistributions of source code must retain the above copyright
49 * notice, this list of conditions and the following disclaimer.
50 * 2. Redistributions in binary form must reproduce the above copyright
51 * notice, this list of conditions and the following disclaimer in the
52 * documentation and/or other materials provided with the distribution.
53 * 3. All advertising materials mentioning features or use of this software
54 * must display the following acknowledgement:
55 * This product includes software developed by Brini.
56 * 4. The name of the company nor the name of the author may be used to
57 * endorse or promote products derived from this software without specific
58 * prior written permission.
59 *
60 * THIS SOFTWARE IS PROVIDED BY BRINI ``AS IS'' AND ANY EXPRESS OR IMPLIED
61 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
62 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
63 * IN NO EVENT SHALL BRINI OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
64 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
65 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
66 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
67 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
68 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
69 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
70 * SUCH DAMAGE.
71 *
72 * RiscBSD kernel project
73 *
74 * fault.c
75 *
76 * Fault handlers
77 *
78 * Created : 28/11/94
79 */
80
81 #include <sys/param.h>
82 #include <sys/systm.h>
83 #include <sys/proc.h>
84 #include <sys/user.h>
85 #include <sys/signalvar.h>
86
87 #include <uvm/uvm_extern.h>
88
89 #include <machine/frame.h>
90 #include <machine/cpu.h>
91 #ifdef DDB
92 #include <machine/db_machdep.h>
93 #endif
94
95 #include <arm/db_machdep.h>
96 #include <arm/machdep.h>
97 #include <arm/vfp.h>
98
99 struct sigdata {
100 int signo;
101 int code;
102 vaddr_t addr;
103 int trap;
104 };
105
106 struct data_abort {
107 int (*func)(trapframe_t *, u_int, u_int, struct proc *,
108 struct sigdata *);
109 const char *desc;
110 };
111
112 static int dab_fatal(trapframe_t *, u_int, u_int, struct proc *,
113 struct sigdata *sd);
114 static int dab_align(trapframe_t *, u_int, u_int, struct proc *,
115 struct sigdata *sd);
116 static int dab_buserr(trapframe_t *, u_int, u_int, struct proc *,
117 struct sigdata *sd);
118 extern int dab_access(trapframe_t *, u_int, u_int, struct proc *,
119 struct sigdata *sd);
120
121 static const struct data_abort data_aborts[] = {
122 {dab_fatal, "V7 fault 00000"},
123 {dab_align, "Alignment fault"},
124 {dab_fatal, "Debug event"},
125 {dab_fatal, "Access flag fault (L1)"},
126 {dab_buserr, "Fault on instruction cache maintenance"},
127 {NULL, "Translation fault (L1)"},
128 {dab_access, "Access flag fault (L2)"},
129 {NULL, "Translation fault (L2)"},
130 {dab_buserr, "Synchronous external abort"},
131 {NULL, "Domain fault (L1)"},
132 {dab_fatal, "V7 fault 01010"},
133 {NULL, "Domain fault (L2)"},
134 {dab_buserr, "Synchronous external abort on translation table walk (L1)"},
135 {NULL, "Permission fault (L1)"},
136 {dab_buserr, "Synchronous external abort on translation table walk (L2)"},
137 {NULL, "Permission fault (L2)"},
138 {dab_fatal, "TLB conflict abort"},
139 {dab_fatal, "V7 fault 10001"},
140 {dab_fatal, "V7 fault 10010"},
141 {dab_fatal, "V7 fault 10011"},
142 {dab_fatal, "Lockdown"},
143 {dab_fatal, "V7 fault 10101"},
144 {dab_fatal, "Asynchronous external abort"},
145 {dab_fatal, "V7 fault 10111"},
146 {dab_fatal, "Asynchronous parity error on memory access"},
147 {dab_fatal, "Synchronous parity error on memory access"},
148 {dab_fatal, "Coprocessor Abort"},
149 {dab_fatal, "V7 fault 11011"},
150 {dab_buserr, "Synchronous parity error on translation table walk (L1)"},
151 {dab_fatal, "V7 fault 11101"},
152 {dab_buserr, "Synchronous parity error on translation table walk (L2)"},
153 {NULL, "V7 fault 11111"},
154 };
155
156 /* Determine if 'ftyp' is a permission fault */
157 #define IS_PERMISSION_FAULT(ftyp) \
158 (((1 << (ftyp)) & \
159 ((1 << FAULT_PERM_P) | (1 << FAULT_PERM_S))) != 0)
160
161 void
data_abort_handler(trapframe_t * tf)162 data_abort_handler(trapframe_t *tf)
163 {
164 struct vm_map *map;
165 struct pcb *pcb;
166 struct proc *p;
167 u_int user, far, fsr, ftyp;
168 vm_prot_t ftype;
169 void *onfault;
170 vaddr_t va;
171 int error;
172 union sigval sv;
173 struct sigdata sd;
174
175 /* Grab FAR/FSR before enabling interrupts */
176 far = cpu_dfar();
177 fsr = cpu_dfsr();
178 ftyp = FAULT_TYPE_V7(fsr);
179
180 /* Update vmmeter statistics */
181 uvmexp.traps++;
182
183 /* Before enabling interrupts, save FPU state */
184 vfp_save();
185
186 /* Re-enable interrupts if they were enabled previously */
187 if (__predict_true((tf->tf_spsr & PSR_I) == 0))
188 enable_interrupts(PSR_I);
189
190 /* Get the current proc structure or proc0 if there is none */
191 p = (curproc != NULL) ? curproc : &proc0;
192
193 /* Data abort came from user mode? */
194 user = TRAP_USERMODE(tf);
195
196 /* Grab the current pcb */
197 pcb = &p->p_addr->u_pcb;
198
199 if (user) {
200 pcb->pcb_tf = tf;
201 refreshcreds(p);
202 }
203
204 /* Invoke the appropriate handler, if necessary */
205 if (__predict_false(data_aborts[ftyp].func != NULL)) {
206 if ((data_aborts[ftyp].func)(tf, fsr, far, p, &sd)) {
207 goto do_trapsignal;
208 }
209 goto out;
210 }
211
212 va = trunc_page((vaddr_t)far);
213
214 /*
215 * Flush BP cache on processors that are vulnerable to branch
216 * target injection attacks if access is outside user space.
217 */
218 if (va < VM_MIN_ADDRESS || va >= VM_MAX_ADDRESS)
219 curcpu()->ci_flush_bp();
220
221 if (user) {
222 if (!uvm_map_inentry(p, &p->p_spinentry, PROC_STACK(p),
223 "[%s]%d/%d sp=%lx inside %lx-%lx: not MAP_STACK\n",
224 uvm_map_inentry_sp, p->p_vmspace->vm_map.sserial))
225 goto out;
226 }
227
228 /*
229 * At this point, we're dealing with one of the following data aborts:
230 *
231 * FAULT_TRANS_S - Translation -- Section
232 * FAULT_TRANS_P - Translation -- Page
233 * FAULT_DOMAIN_S - Domain -- Section
234 * FAULT_DOMAIN_P - Domain -- Page
235 * FAULT_PERM_S - Permission -- Section
236 * FAULT_PERM_P - Permission -- Page
237 *
238 * These are the main virtual memory-related faults signalled by
239 * the MMU.
240 */
241
242 /*
243 * Make sure the Program Counter is sane. We could fall foul of
244 * someone executing Thumb code, in which case the PC might not
245 * be word-aligned. This would cause a kernel alignment fault
246 * further down if we have to decode the current instruction.
247 * XXX: It would be nice to be able to support Thumb at some point.
248 */
249 if (__predict_false((tf->tf_pc & 3) != 0)) {
250 if (user) {
251 /*
252 * Give the user an illegal instruction signal.
253 */
254 /* Deliver a SIGILL to the process */
255 sd.signo = SIGILL;
256 sd.code = ILL_ILLOPC;
257 sd.addr = far;
258 sd.trap = fsr;
259 goto do_trapsignal;
260 }
261
262 /*
263 * The kernel never executes Thumb code.
264 */
265 printf("\ndata_abort_fault: Misaligned Kernel-mode "
266 "Program Counter\n");
267 dab_fatal(tf, fsr, far, p, NULL);
268 }
269
270 /*
271 * It is only a kernel address space fault iff:
272 * 1. user == 0 and
273 * 2. pcb_onfault not set or
274 * 3. pcb_onfault set and not LDRT/LDRBT/STRT/STRBT instruction.
275 */
276 if (user == 0 && (va >= VM_MIN_KERNEL_ADDRESS ||
277 (va < VM_MIN_ADDRESS && vector_page == ARM_VECTORS_LOW)) &&
278 __predict_true((pcb->pcb_onfault == NULL ||
279 ((*(u_int *)tf->tf_pc) & 0x05200000) != 0x04200000))) {
280 map = kernel_map;
281
282 /* Was the fault due to the FPE/IPKDB ? */
283 if (__predict_false((tf->tf_spsr & PSR_MODE)==PSR_UND32_MODE)) {
284 sd.signo = SIGSEGV;
285 sd.code = SEGV_ACCERR;
286 sd.addr = far;
287 sd.trap = fsr;
288
289 /*
290 * Force exit via userret()
291 * This is necessary as the FPE is an extension to
292 * userland that actually runs in a privileged mode
293 * but uses USR mode permissions for its accesses.
294 */
295 user = 1;
296 goto do_trapsignal;
297 }
298 } else {
299 map = &p->p_vmspace->vm_map;
300 #if 0
301 if (l->l_flag & L_SA) {
302 KDASSERT(l->l_proc->p_sa != NULL);
303 l->l_proc->p_sa->sa_vp_faultaddr = (vaddr_t)far;
304 l->l_flag |= L_SA_PAGEFAULT;
305 }
306 #endif
307 }
308
309 ftype = fsr & FAULT_WNR ? PROT_WRITE : PROT_READ;
310
311 if (__predict_false(curcpu()->ci_idepth > 0)) {
312 if (pcb->pcb_onfault) {
313 tf->tf_r0 = EINVAL;
314 tf->tf_pc = (register_t) pcb->pcb_onfault;
315 return;
316 }
317 printf("\nNon-emulated page fault with intr_depth > 0\n");
318 dab_fatal(tf, fsr, far, p, NULL);
319 }
320
321 onfault = pcb->pcb_onfault;
322 pcb->pcb_onfault = NULL;
323 KERNEL_LOCK();
324 error = uvm_fault(map, va, 0, ftype);
325 KERNEL_UNLOCK();
326 pcb->pcb_onfault = onfault;
327
328 #if 0
329 if (map != kernel_map)
330 p->p_flag &= ~L_SA_PAGEFAULT;
331 #endif
332
333 if (error == 0) {
334 if (map != kernel_map)
335 uvm_grow(p, va);
336 goto out;
337 }
338
339 if (user == 0) {
340 if (pcb->pcb_onfault) {
341 tf->tf_r0 = EFAULT;
342 tf->tf_pc = (register_t) pcb->pcb_onfault;
343 return;
344 }
345
346 printf("\nuvm_fault(%p, %lx, %x, 0) -> %x\n", map, va, ftype,
347 error);
348 dab_fatal(tf, fsr, far, p, NULL);
349 }
350
351 sd.signo = SIGSEGV;
352 sd.code = SEGV_MAPERR;
353 if (error == ENOMEM) {
354 printf("UVM: pid %d (%s), uid %d killed: "
355 "out of swap\n", p->p_p->ps_pid, p->p_p->ps_comm,
356 p->p_ucred ? (int)p->p_ucred->cr_uid : -1);
357 sd.signo = SIGKILL;
358 sd.code = 0;
359 } else if (error == EACCES)
360 sd.code = SEGV_ACCERR;
361 else if (error == EIO) {
362 sd.signo = SIGBUS;
363 sd.code = BUS_OBJERR;
364 }
365 sd.addr = far;
366 sd.trap = fsr;
367 do_trapsignal:
368 sv.sival_int = sd.addr;
369 trapsignal(p, sd.signo, sd.trap, sd.code, sv);
370 out:
371 /* If returning to user mode, make sure to invoke userret() */
372 if (user)
373 userret(p);
374 }
375
376 /*
377 * dab_fatal() handles the following data aborts:
378 *
379 * FAULT_WRTBUF_0 - Vector Exception
380 * FAULT_WRTBUF_1 - Terminal Exception
381 *
382 * We should never see these on a properly functioning system.
383 *
384 * This function is also called by the other handlers if they
385 * detect a fatal problem.
386 *
387 * Note: If 'p' is NULL, we assume we're dealing with a prefetch abort.
388 */
389 static int
dab_fatal(trapframe_t * tf,u_int fsr,u_int far,struct proc * p,struct sigdata * sd)390 dab_fatal(trapframe_t *tf, u_int fsr, u_int far, struct proc *p,
391 struct sigdata *sd)
392 {
393 const char *mode;
394 uint ftyp;
395
396 mode = TRAP_USERMODE(tf) ? "user" : "kernel";
397
398 if (p != NULL) {
399 ftyp = FAULT_TYPE_V7(fsr);
400 printf("Fatal %s mode data abort: '%s'\n", mode,
401 data_aborts[ftyp].desc);
402 printf("trapframe: %p\nDFSR=%08x, DFAR=%08x", tf, fsr, far);
403 printf(", spsr=%08lx\n", tf->tf_spsr);
404 } else {
405 printf("Fatal %s mode prefetch abort at 0x%08lx\n",
406 mode, tf->tf_pc);
407 printf("trapframe: %p\nIFSR=%08x, IFAR=%08x, spsr=%08lx\n",
408 tf, fsr, far, tf->tf_spsr);
409 }
410
411 printf("r0 =%08lx, r1 =%08lx, r2 =%08lx, r3 =%08lx\n",
412 tf->tf_r0, tf->tf_r1, tf->tf_r2, tf->tf_r3);
413 printf("r4 =%08lx, r5 =%08lx, r6 =%08lx, r7 =%08lx\n",
414 tf->tf_r4, tf->tf_r5, tf->tf_r6, tf->tf_r7);
415 printf("r8 =%08lx, r9 =%08lx, r10=%08lx, r11=%08lx\n",
416 tf->tf_r8, tf->tf_r9, tf->tf_r10, tf->tf_r11);
417 printf("r12=%08lx, ", tf->tf_r12);
418
419 if (TRAP_USERMODE(tf))
420 printf("usp=%08lx, ulr=%08lx",
421 tf->tf_usr_sp, tf->tf_usr_lr);
422 else
423 printf("ssp=%08lx, slr=%08lx",
424 tf->tf_svc_sp, tf->tf_svc_lr);
425 printf(", pc =%08lx\n\n", tf->tf_pc);
426
427 #ifdef DDB
428 db_ktrap(T_FAULT, tf);
429 #endif
430 panic("Fatal abort");
431 /*NOTREACHED*/
432 }
433
434 /*
435 * dab_align() handles the following data aborts:
436 *
437 * FAULT_ALIGN_0 - Alignment fault
438 * FAULT_ALIGN_0 - Alignment fault
439 *
440 * These faults are fatal if they happen in kernel mode. Otherwise, we
441 * deliver a bus error to the process.
442 */
443 static int
dab_align(trapframe_t * tf,u_int fsr,u_int far,struct proc * p,struct sigdata * sd)444 dab_align(trapframe_t *tf, u_int fsr, u_int far, struct proc *p,
445 struct sigdata *sd)
446 {
447 /* Alignment faults are always fatal if they occur in kernel mode */
448 if (!TRAP_USERMODE(tf))
449 dab_fatal(tf, fsr, far, p, NULL);
450
451 /* pcb_onfault *must* be NULL at this point */
452 KDASSERT(p->p_addr->u_pcb.pcb_onfault == NULL);
453
454 /* Deliver a bus error signal to the process */
455 sd->signo = SIGBUS;
456 sd->code = BUS_ADRALN;
457 sd->addr = far;
458 sd->trap = fsr;
459
460 return (1);
461 }
462
463 /*
464 * dab_buserr() handles the following data aborts:
465 *
466 * FAULT_BUSERR_0 - External Abort on Linefetch -- Section
467 * FAULT_BUSERR_1 - External Abort on Linefetch -- Page
468 * FAULT_BUSERR_2 - External Abort on Non-linefetch -- Section
469 * FAULT_BUSERR_3 - External Abort on Non-linefetch -- Page
470 * FAULT_BUSTRNL1 - External abort on Translation -- Level 1
471 * FAULT_BUSTRNL2 - External abort on Translation -- Level 2
472 *
473 * If pcb_onfault is set, flag the fault and return to the handler.
474 * If the fault occurred in user mode, give the process a SIGBUS.
475 *
476 * Note: On XScale, FAULT_BUSERR_0, FAULT_BUSERR_1, and FAULT_BUSERR_2
477 * can be flagged as imprecise in the FSR. This causes a real headache
478 * since some of the machine state is lost. In this case, tf->tf_pc
479 * may not actually point to the offending instruction. In fact, if
480 * we've taken a double abort fault, it generally points somewhere near
481 * the top of "data_abort_entry" in exception.S.
482 *
483 * In all other cases, these data aborts are considered fatal.
484 */
485 static int
dab_buserr(trapframe_t * tf,u_int fsr,u_int far,struct proc * p,struct sigdata * sd)486 dab_buserr(trapframe_t *tf, u_int fsr, u_int far, struct proc *p,
487 struct sigdata *sd)
488 {
489 struct pcb *pcb = &p->p_addr->u_pcb;
490
491 if (pcb->pcb_onfault) {
492 KDASSERT(TRAP_USERMODE(tf) == 0);
493 tf->tf_r0 = EFAULT;
494 tf->tf_pc = (register_t) pcb->pcb_onfault;
495 return (0);
496 }
497
498 /*
499 * At this point, if the fault happened in kernel mode or user mode,
500 * we're toast
501 */
502 dab_fatal(tf, fsr, far, p, NULL);
503
504 return (1);
505 }
506
507 /*
508 * void prefetch_abort_handler(trapframe_t *tf)
509 *
510 * Abort handler called when instruction execution occurs at
511 * a non existent or restricted (access permissions) memory page.
512 * If the address is invalid and we were in SVC mode then panic as
513 * the kernel should never prefetch abort.
514 * If the address is invalid and the page is mapped then the user process
515 * does no have read or execute permission so send it a signal.
516 * Otherwise fault the page in and try again.
517 */
518 void
prefetch_abort_handler(trapframe_t * tf)519 prefetch_abort_handler(trapframe_t *tf)
520 {
521 struct proc *p = curproc;
522 struct vm_map *map;
523 vaddr_t va;
524 int error;
525 union sigval sv;
526 uint fsr, far;
527
528 /* Update vmmeter statistics */
529 uvmexp.traps++;
530
531 /* Grab FAR/FSR before enabling interrupts */
532 far = cpu_ifar();
533 fsr = cpu_ifsr();
534
535 /* Prefetch aborts cannot happen in kernel mode */
536 if (__predict_false(!TRAP_USERMODE(tf)))
537 dab_fatal(tf, fsr, far, NULL, NULL);
538
539 /* Before enabling interrupts, save FPU state */
540 vfp_save();
541
542 /*
543 * Enable IRQ's (disabled by the abort) This always comes
544 * from user mode so we know interrupts were not disabled.
545 * But we check anyway.
546 */
547 if (__predict_true((tf->tf_spsr & PSR_I) == 0))
548 enable_interrupts(PSR_I);
549
550 p->p_addr->u_pcb.pcb_tf = tf;
551
552 /* Invoke access fault handler if appropriate */
553 if (FAULT_TYPE_V7(fsr) == FAULT_ACCESS_2) {
554 dab_access(tf, fsr, far, p, NULL);
555 goto out;
556 }
557
558 /* Ok validate the address, can only execute in USER space */
559 if (__predict_false(far >= VM_MAXUSER_ADDRESS ||
560 (far < VM_MIN_ADDRESS && vector_page == ARM_VECTORS_LOW))) {
561 sv.sival_ptr = (u_int32_t *)far;
562 trapsignal(p, SIGSEGV, 0, SEGV_ACCERR, sv);
563 goto out;
564 }
565
566 map = &p->p_vmspace->vm_map;
567 va = trunc_page(far);
568
569 #ifdef DIAGNOSTIC
570 if (__predict_false(curcpu()->ci_idepth > 0)) {
571 printf("\nNon-emulated prefetch abort with intr_depth > 0\n");
572 dab_fatal(tf, fsr, far, NULL, NULL);
573 }
574 #endif
575
576 KERNEL_LOCK();
577 error = uvm_fault(map, va, 0, PROT_EXEC);
578 KERNEL_UNLOCK();
579
580 if (error == 0) {
581 uvm_grow(p, va);
582 goto out;
583 }
584
585 sv.sival_ptr = (u_int32_t *)far;
586 if (error == ENOMEM) {
587 printf("UVM: pid %d (%s), uid %d killed: "
588 "out of swap\n", p->p_p->ps_pid, p->p_p->ps_comm,
589 p->p_ucred ? (int)p->p_ucred->cr_uid : -1);
590 trapsignal(p, SIGKILL, 0, SEGV_MAPERR, sv);
591 } else {
592 trapsignal(p, SIGSEGV, 0, SEGV_MAPERR, sv);
593 }
594
595 out:
596 userret(p);
597 }
598
599 /*
600 * Tentatively read an 8, 16, or 32-bit value from 'addr'.
601 * If the read succeeds, the value is written to 'rptr' and zero is returned.
602 * Else, return EFAULT.
603 */
604 int
badaddr_read(void * addr,size_t size,void * rptr)605 badaddr_read(void *addr, size_t size, void *rptr)
606 {
607 extern int badaddr_read_1(const uint8_t *, uint8_t *);
608 extern int badaddr_read_2(const uint16_t *, uint16_t *);
609 extern int badaddr_read_4(const uint32_t *, uint32_t *);
610 union {
611 uint8_t v1;
612 uint16_t v2;
613 uint32_t v4;
614 } u;
615 int rv;
616
617 cpu_drain_writebuf();
618
619 /* Read from the test address. */
620 switch (size) {
621 case sizeof(uint8_t):
622 rv = badaddr_read_1(addr, &u.v1);
623 if (rv == 0 && rptr)
624 *(uint8_t *) rptr = u.v1;
625 break;
626
627 case sizeof(uint16_t):
628 rv = badaddr_read_2(addr, &u.v2);
629 if (rv == 0 && rptr)
630 *(uint16_t *) rptr = u.v2;
631 break;
632
633 case sizeof(uint32_t):
634 rv = badaddr_read_4(addr, &u.v4);
635 if (rv == 0 && rptr)
636 *(uint32_t *) rptr = u.v4;
637 break;
638
639 default:
640 panic("badaddr: invalid size (%lu)", (u_long) size);
641 }
642
643 /* Return EFAULT if the address was invalid, else zero */
644 return (rv);
645 }
646