i386/i386/copy.S

*d71e829bSmaxv/*	$NetBSD: copy.S,v 1.32 2020/06/30 16:20:01 maxv Exp $	*/
443e88c5Syamt
f42d24b1Smaxv/*
52b171caSad * Copyright (c) 1998, 2000, 2004, 2008 The NetBSD Foundation, Inc.
443e88c5Syamt * All rights reserved.
443e88c5Syamt *
443e88c5Syamt * This code is derived from software contributed to The NetBSD Foundation
443e88c5Syamt * by Charles M. Hannum.
443e88c5Syamt *
443e88c5Syamt * Redistribution and use in source and binary forms, with or without
443e88c5Syamt * modification, are permitted provided that the following conditions
443e88c5Syamt * are met:
443e88c5Syamt * 1. Redistributions of source code must retain the above copyright
443e88c5Syamt *    notice, this list of conditions and the following disclaimer.
443e88c5Syamt * 2. Redistributions in binary form must reproduce the above copyright
443e88c5Syamt *    notice, this list of conditions and the following disclaimer in the
443e88c5Syamt *    documentation and/or other materials provided with the distribution.
443e88c5Syamt *
443e88c5Syamt * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
443e88c5Syamt * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
443e88c5Syamt * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
443e88c5Syamt * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
443e88c5Syamt * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
443e88c5Syamt * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
443e88c5Syamt * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
443e88c5Syamt * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
443e88c5Syamt * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
443e88c5Syamt * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
443e88c5Syamt * POSSIBILITY OF SUCH DAMAGE.
443e88c5Syamt */
443e88c5Syamt
f42d24b1Smaxv/*
443e88c5Syamt * Copyright (c) 1990 The Regents of the University of California.
443e88c5Syamt * All rights reserved.
443e88c5Syamt *
443e88c5Syamt * This code is derived from software contributed to Berkeley by
443e88c5Syamt * William Jolitz.
443e88c5Syamt *
443e88c5Syamt * Redistribution and use in source and binary forms, with or without
443e88c5Syamt * modification, are permitted provided that the following conditions
443e88c5Syamt * are met:
443e88c5Syamt * 1. Redistributions of source code must retain the above copyright
443e88c5Syamt *    notice, this list of conditions and the following disclaimer.
443e88c5Syamt * 2. Redistributions in binary form must reproduce the above copyright
443e88c5Syamt *    notice, this list of conditions and the following disclaimer in the
443e88c5Syamt *    documentation and/or other materials provided with the distribution.
443e88c5Syamt * 3. Neither the name of the University nor the names of its contributors
443e88c5Syamt *    may be used to endorse or promote products derived from this software
443e88c5Syamt *    without specific prior written permission.
443e88c5Syamt *
443e88c5Syamt * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
443e88c5Syamt * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
443e88c5Syamt * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
443e88c5Syamt * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
443e88c5Syamt * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
443e88c5Syamt * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
443e88c5Syamt * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
443e88c5Syamt * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
443e88c5Syamt * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
443e88c5Syamt * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
443e88c5Syamt * SUCH DAMAGE.
443e88c5Syamt *
443e88c5Syamt *	@(#)locore.s	7.3 (Berkeley) 5/13/91
443e88c5Syamt */
443e88c5Syamt
a4914dc7Slukem#include <machine/asm.h>
*d71e829bSmaxv__KERNEL_RCSID(0, "$NetBSD: copy.S,v 1.32 2020/06/30 16:20:01 maxv Exp $");
a4914dc7Slukem
443e88c5Syamt#include "assym.h"
443e88c5Syamt
443e88c5Syamt#include <sys/errno.h>
443e88c5Syamt
443e88c5Syamt#include <machine/frameasm.h>
443e88c5Syamt#include <machine/cputypes.h>
443e88c5Syamt
f0301095Syamt#define GET_CURPCB(reg)	\
f0301095Syamt	movl	CPUVAR(CURLWP),reg; \
3f18fe81Srmind	movl	L_PCB(reg),reg
443e88c5Syamt
443e88c5Syamt/*
64bcc9bdSad * These are arranged so that the abnormal case is a forwards
64bcc9bdSad * conditional branch - which will be predicted not-taken by
64bcc9bdSad * both Intel and AMD processors.
64bcc9bdSad */
64bcc9bdSad#define DEFERRED_SWITCH_CHECK \
64bcc9bdSad	CHECK_DEFERRED_SWITCH			; \
64bcc9bdSad	jnz	99f				; \
64bcc9bdSad98:
64bcc9bdSad
64bcc9bdSad#define DEFERRED_SWITCH_CALL \
64bcc9bdSad99:						; \
64bcc9bdSad	call	_C_LABEL(do_pmap_load)		; \
64bcc9bdSad	jmp	98b
64bcc9bdSad
64bcc9bdSad/*
52b171caSad * The following primitives are to copy regions of memory.
614719fdSrmind * Label must be before all copy functions.
443e88c5Syamt */
64bcc9bdSad	.text
dd80381cSchsLABEL(x86_copyfunc_start)
64bcc9bdSad
64bcc9bdSad/*
64bcc9bdSad * Handle deferred pmap switch.  We must re-enable preemption without
64bcc9bdSad * making a function call, so that the program counter is visible to
64bcc9bdSad * cpu_kpreempt_exit().  It can then know if it needs to restore the
64bcc9bdSad * pmap on returning, because a preemption occurred within one of the
64bcc9bdSad * copy functions.
64bcc9bdSad */
0c52a5deSmaxvENTRY(do_pmap_load)
64bcc9bdSad	pushl	%ebp
64bcc9bdSad	movl	%esp,%ebp
64bcc9bdSad	pushl	%ebx
64bcc9bdSad	movl	CPUVAR(CURLWP),%ebx
64bcc9bdSad1:
64bcc9bdSad	incl	L_NOPREEMPT(%ebx)
64bcc9bdSad	call	_C_LABEL(pmap_load)
64bcc9bdSad	decl	L_NOPREEMPT(%ebx)
64bcc9bdSad	jnz	2f
64bcc9bdSad	cmpl	$0,L_DOPREEMPT(%ebx)
64bcc9bdSad	jz	2f
64bcc9bdSad	pushl	$0
64bcc9bdSad	call	_C_LABEL(kpreempt)
64bcc9bdSad	addl	$4,%esp
64bcc9bdSad2:
64bcc9bdSad	cmpl	$0,CPUVAR(WANT_PMAPLOAD)
64bcc9bdSad	jnz	1b
64bcc9bdSad	popl	%ebx
64bcc9bdSad	leave
64bcc9bdSad	ret
f42d24b1SmaxvEND(do_pmap_load)
443e88c5Syamt
443e88c5Syamt/*
3d5b001dSdyoung * void *return_address(unsigned int level);
3d5b001dSdyoung *
3d5b001dSdyoung * The return address if level == 0, the return address of the caller
3d5b001dSdyoung * `level' levels down the stack if level > 0.
3d5b001dSdyoung */
3d5b001dSdyoungENTRY(return_address)
3d5b001dSdyoung	movl	%ebp,%eax	/* frame pointer -> %eax */
3d5b001dSdyoung	movl	4(%esp),%ecx	/* level -> %ecx */
5df4a900Sdyoung	movl	CPUVAR(CURLWP),%edx
3f18fe81Srmind	movl	L_PCB(%edx),%edx
5df4a900Sdyoung	movl	$_C_LABEL(return_address_fault),PCB_ONFAULT(%edx)
3d5b001dSdyoung	cmpl	$0,%ecx
3d5b001dSdyoung	je	2f
3d5b001dSdyoung1:
3d5b001dSdyoung	movl	(%eax),%eax	/* next frame pointer */
3d5b001dSdyoung	decl	%ecx
3d5b001dSdyoung	jnz	1b
3d5b001dSdyoung2:
3d5b001dSdyoung	movl	0x4(%eax),%eax
5df4a900Sdyoung	movl	$0,PCB_ONFAULT(%edx)
3d5b001dSdyoung	ret
f42d24b1SmaxvEND(return_address)
3d5b001dSdyoung
3d5b001dSdyoung/*
443e88c5Syamt * int kcopy(const void *from, void *to, size_t len);
f42d24b1Smaxv * Copy len bytes from and to kernel memory, and abort on fault.
443e88c5Syamt */
443e88c5SyamtENTRY(kcopy)
443e88c5Syamt	pushl	%esi
443e88c5Syamt	pushl	%edi
d0f12a6aSyamt	movl	12(%esp),%esi
d0f12a6aSyamt	movl	16(%esp),%edi
d0f12a6aSyamt	movl	20(%esp),%ecx
64bcc9bdSad.Lkcopy_start:
443e88c5Syamt	movl	%edi,%eax
443e88c5Syamt	subl	%esi,%eax
19a4beadSmaxv	cmpl	%ecx,%eax		/* overlapping? */
d0f12a6aSyamt	movl	%ecx,%edx
443e88c5Syamt	jb	1f
19a4beadSmaxv	/* nope, copy forward */
19a4beadSmaxv	shrl	$2,%ecx			/* copy by 32-bit words */
443e88c5Syamt	rep
443e88c5Syamt	movsl
d0f12a6aSyamt	movl	%edx,%ecx
19a4beadSmaxv	andl	$3,%ecx			/* any bytes left? */
33e2fcd0Sad	jz	0f
443e88c5Syamt	rep
443e88c5Syamt	movsb
33e2fcd0Sad0:
443e88c5Syamt	popl	%edi
443e88c5Syamt	popl	%esi
443e88c5Syamt	xorl	%eax,%eax
443e88c5Syamt	ret
443e88c5Syamt
443e88c5Syamt	ALIGN_TEXT
19a4beadSmaxv1:	addl	%ecx,%edi		/* copy backward */
443e88c5Syamt	addl	%ecx,%esi
443e88c5Syamt	std
19a4beadSmaxv	andl	$3,%ecx			/* any fractional bytes? */
443e88c5Syamt	decl	%edi
443e88c5Syamt	decl	%esi
443e88c5Syamt	rep
443e88c5Syamt	movsb
19a4beadSmaxv	movl	%edx,%ecx		/* copy remainder by 32-bit words */
443e88c5Syamt	shrl	$2,%ecx
443e88c5Syamt	subl	$3,%esi
443e88c5Syamt	subl	$3,%edi
443e88c5Syamt	rep
443e88c5Syamt	movsl
443e88c5Syamt	cld
443e88c5Syamt
d0f12a6aSyamt.Lkcopy_end:
443e88c5Syamt	popl	%edi
443e88c5Syamt	popl	%esi
443e88c5Syamt	xorl	%eax,%eax
443e88c5Syamt	ret
f42d24b1SmaxvEND(kcopy)
443e88c5Syamt
443e88c5Syamt/*****************************************************************************/
443e88c5Syamt
443e88c5Syamt/*
443e88c5Syamt * The following primitives are used to copy data in and out of the user's
443e88c5Syamt * address space.
443e88c5Syamt */
443e88c5Syamt
443e88c5Syamt/*
443e88c5Syamt * int copyout(const void *from, void *to, size_t len);
443e88c5Syamt * Copy len bytes into the user's address space.
443e88c5Syamt * see copyout(9)
443e88c5Syamt */
443e88c5SyamtENTRY(copyout)
64bcc9bdSad	DEFERRED_SWITCH_CHECK
deae4f32Sad	pushl	%esi
deae4f32Sad	pushl	%edi
f42d24b1Smaxv	movl	12(%esp),%esi	/* from */
f42d24b1Smaxv	movl	16(%esp),%edi	/* to */
f42d24b1Smaxv	movl	20(%esp),%eax	/* len */
f42d24b1Smaxv
443e88c5Syamt	movl	%edi,%edx
443e88c5Syamt	addl	%eax,%edx
443e88c5Syamt	jc	_C_LABEL(copy_efault)
443e88c5Syamt	cmpl	$VM_MAXUSER_ADDRESS,%edx
443e88c5Syamt	ja	_C_LABEL(copy_efault)
f42d24b1Smaxv
ce18565bSmaxv	SMAP_DISABLE
f42d24b1Smaxv.Lcopyout_start:
443e88c5Syamt	movl	%eax,%ecx
443e88c5Syamt	shrl	$2,%ecx
443e88c5Syamt	rep
443e88c5Syamt	movsl
33e2fcd0Sad	andl	$3,%eax
f42d24b1Smaxv	jz	.Lcopyout_end
443e88c5Syamt	movl	%eax,%ecx
443e88c5Syamt	rep
443e88c5Syamt	movsb
d0f12a6aSyamt.Lcopyout_end:
ce18565bSmaxv	SMAP_ENABLE
f42d24b1Smaxv
443e88c5Syamt	popl	%edi
443e88c5Syamt	popl	%esi
443e88c5Syamt	xorl	%eax,%eax
443e88c5Syamt	ret
64bcc9bdSad	DEFERRED_SWITCH_CALL
f42d24b1SmaxvEND(copyout)
443e88c5Syamt
443e88c5Syamt/*
443e88c5Syamt * int copyin(const void *from, void *to, size_t len);
443e88c5Syamt * Copy len bytes from the user's address space.
443e88c5Syamt * see copyin(9)
443e88c5Syamt */
443e88c5SyamtENTRY(copyin)
64bcc9bdSad	DEFERRED_SWITCH_CHECK
443e88c5Syamt	pushl	%esi
443e88c5Syamt	pushl	%edi
f42d24b1Smaxv	movl	12(%esp),%esi	/* from */
f42d24b1Smaxv	movl	16(%esp),%edi	/* to */
f42d24b1Smaxv	movl	20(%esp),%eax	/* len */
f42d24b1Smaxv
443e88c5Syamt	movl	%esi,%edx
443e88c5Syamt	addl	%eax,%edx
443e88c5Syamt	jc	_C_LABEL(copy_efault)
443e88c5Syamt	cmpl	$VM_MAXUSER_ADDRESS,%edx
443e88c5Syamt	ja	_C_LABEL(copy_efault)
f42d24b1Smaxv
ce18565bSmaxv	SMAP_DISABLE
f42d24b1Smaxv.Lcopyin_start:
443e88c5Syamt	movl	%eax,%ecx
443e88c5Syamt	shrl	$2,%ecx
443e88c5Syamt	rep
443e88c5Syamt	movsl
33e2fcd0Sad	andl	$3,%eax
f42d24b1Smaxv	jz	.Lcopyin_end
443e88c5Syamt	movl	%eax,%ecx
443e88c5Syamt	rep
443e88c5Syamt	movsb
d0f12a6aSyamt.Lcopyin_end:
ce18565bSmaxv	SMAP_ENABLE
f42d24b1Smaxv
443e88c5Syamt	popl	%edi
443e88c5Syamt	popl	%esi
443e88c5Syamt	xorl	%eax,%eax
443e88c5Syamt	ret
64bcc9bdSad	DEFERRED_SWITCH_CALL
f42d24b1SmaxvEND(copyin)
443e88c5Syamt
0c52a5deSmaxvENTRY(copy_efault)
443e88c5Syamt	movl	$EFAULT,%eax
f42d24b1Smaxv	popl	%edi
f42d24b1Smaxv	popl	%esi
f42d24b1Smaxv	ret
f42d24b1SmaxvEND(copy_efault)
443e88c5Syamt
443e88c5Syamt/*
443e88c5Syamt * kcopy_fault is used by kcopy and copy_fault is used by copyin/out.
443e88c5Syamt *
443e88c5Syamt * they're distinguished for lazy pmap switching.  see trap().
443e88c5Syamt */
f42d24b1Smaxv
0c52a5deSmaxvENTRY(kcopy_fault)
8f3bea6eSmaxv	cld
443e88c5Syamt	popl	%edi
443e88c5Syamt	popl	%esi
443e88c5Syamt	ret
f42d24b1SmaxvEND(kcopy_fault)
443e88c5Syamt
0c52a5deSmaxvENTRY(copy_fault)
ce18565bSmaxv	SMAP_ENABLE
443e88c5Syamt	popl	%edi
443e88c5Syamt	popl	%esi
443e88c5Syamt	ret
f42d24b1SmaxvEND(copy_fault)
443e88c5Syamt
0c52a5deSmaxvENTRY(return_address_fault)
5df4a900Sdyoung	movl	$0,PCB_ONFAULT(%edx)
3d5b001dSdyoung	movl	$0,%eax
3d5b001dSdyoung	ret
f42d24b1SmaxvEND(return_address_fault)
3d5b001dSdyoung
443e88c5Syamt/*
443e88c5Syamt * int copyoutstr(const void *from, void *to, size_t maxlen, size_t *lencopied);
443e88c5Syamt * Copy a NUL-terminated string, at most maxlen characters long, into the
443e88c5Syamt * user's address space.  Return the number of characters copied (including the
443e88c5Syamt * NUL) in *lencopied.  If the string is too long, return ENAMETOOLONG; else
443e88c5Syamt * return 0 or EFAULT.
443e88c5Syamt * see copyoutstr(9)
443e88c5Syamt */
443e88c5SyamtENTRY(copyoutstr)
64bcc9bdSad	DEFERRED_SWITCH_CHECK
443e88c5Syamt	pushl	%esi
443e88c5Syamt	pushl	%edi
19a4beadSmaxv	movl	12(%esp),%esi	/* esi = from */
19a4beadSmaxv	movl	16(%esp),%edi	/* edi = to */
19a4beadSmaxv	movl	20(%esp),%edx	/* edx = maxlen */
f42d24b1Smaxv
443e88c5Syamt	/*
443e88c5Syamt	 * Get min(%edx, VM_MAXUSER_ADDRESS-%edi).
443e88c5Syamt	 */
443e88c5Syamt	movl	$VM_MAXUSER_ADDRESS,%eax
443e88c5Syamt	subl	%edi,%eax
443e88c5Syamt	jc	_C_LABEL(copystr_efault)
443e88c5Syamt	cmpl	%edx,%eax
443e88c5Syamt	jae	1f
443e88c5Syamt	movl	%eax,%edx
443e88c5Syamt	movl	%eax,20(%esp)
443e88c5Syamt1:	incl	%edx
443e88c5Syamt
ce18565bSmaxv	SMAP_DISABLE
f42d24b1Smaxv.Lcopyoutstr_start:
443e88c5Syamt1:	decl	%edx
443e88c5Syamt	jz	2f
443e88c5Syamt	lodsb
443e88c5Syamt	stosb
443e88c5Syamt	testb	%al,%al
443e88c5Syamt	jnz	1b
f42d24b1Smaxv.Lcopyoutstr_end:
ce18565bSmaxv	SMAP_ENABLE
443e88c5Syamt
443e88c5Syamt	/* Success -- 0 byte reached. */
443e88c5Syamt	decl	%edx
443e88c5Syamt	xorl	%eax,%eax
443e88c5Syamt	jmp	copystr_return
443e88c5Syamt
443e88c5Syamt2:	/* edx is zero -- return EFAULT or ENAMETOOLONG. */
ce18565bSmaxv	SMAP_ENABLE
443e88c5Syamt	cmpl	$VM_MAXUSER_ADDRESS,%edi
443e88c5Syamt	jae	_C_LABEL(copystr_efault)
443e88c5Syamt	movl	$ENAMETOOLONG,%eax
443e88c5Syamt	jmp	copystr_return
64bcc9bdSad	DEFERRED_SWITCH_CALL
f42d24b1SmaxvEND(copyoutstr)
443e88c5Syamt
443e88c5Syamt/*
443e88c5Syamt * int copyinstr(const void *from, void *to, size_t maxlen, size_t *lencopied);
443e88c5Syamt * Copy a NUL-terminated string, at most maxlen characters long, from the
443e88c5Syamt * user's address space.  Return the number of characters copied (including the
443e88c5Syamt * NUL) in *lencopied.  If the string is too long, return ENAMETOOLONG; else
443e88c5Syamt * return 0 or EFAULT.
443e88c5Syamt * see copyinstr(9)
443e88c5Syamt */
443e88c5SyamtENTRY(copyinstr)
64bcc9bdSad	DEFERRED_SWITCH_CHECK
443e88c5Syamt	pushl	%esi
443e88c5Syamt	pushl	%edi
19a4beadSmaxv	movl	12(%esp),%esi		/* %esi = from */
19a4beadSmaxv	movl	16(%esp),%edi		/* %edi = to */
19a4beadSmaxv	movl	20(%esp),%edx		/* %edx = maxlen */
443e88c5Syamt
443e88c5Syamt	/*
443e88c5Syamt	 * Get min(%edx, VM_MAXUSER_ADDRESS-%esi).
443e88c5Syamt	 */
443e88c5Syamt	movl	$VM_MAXUSER_ADDRESS,%eax
443e88c5Syamt	subl	%esi,%eax
443e88c5Syamt	jc	_C_LABEL(copystr_efault)
443e88c5Syamt	cmpl	%edx,%eax
443e88c5Syamt	jae	1f
443e88c5Syamt	movl	%eax,%edx
443e88c5Syamt	movl	%eax,20(%esp)
443e88c5Syamt1:	incl	%edx
443e88c5Syamt
ce18565bSmaxv	SMAP_DISABLE
f42d24b1Smaxv.Lcopyinstr_start:
443e88c5Syamt1:	decl	%edx
443e88c5Syamt	jz	2f
443e88c5Syamt	lodsb
443e88c5Syamt	stosb
443e88c5Syamt	testb	%al,%al
443e88c5Syamt	jnz	1b
f42d24b1Smaxv.Lcopyinstr_end:
ce18565bSmaxv	SMAP_ENABLE
443e88c5Syamt
443e88c5Syamt	/* Success -- 0 byte reached. */
443e88c5Syamt	decl	%edx
443e88c5Syamt	xorl	%eax,%eax
443e88c5Syamt	jmp	copystr_return
443e88c5Syamt
443e88c5Syamt2:	/* edx is zero -- return EFAULT or ENAMETOOLONG. */
ce18565bSmaxv	SMAP_ENABLE
443e88c5Syamt	cmpl	$VM_MAXUSER_ADDRESS,%esi
443e88c5Syamt	jae	_C_LABEL(copystr_efault)
443e88c5Syamt	movl	$ENAMETOOLONG,%eax
443e88c5Syamt	jmp	copystr_return
64bcc9bdSad	DEFERRED_SWITCH_CALL
f42d24b1SmaxvEND(copyinstr)
443e88c5Syamt
0c52a5deSmaxvENTRY(copystr_efault)
443e88c5Syamt	movl	$EFAULT,%eax
f42d24b1Smaxv	jmp	copystr_return
f42d24b1SmaxvEND(copystr_efault)
443e88c5Syamt
0c52a5deSmaxvENTRY(copystr_fault)
ce18565bSmaxv	SMAP_ENABLE
443e88c5Syamtcopystr_return:
443e88c5Syamt	/* Set *lencopied and return %eax. */
443e88c5Syamt	movl	20(%esp),%ecx
443e88c5Syamt	subl	%edx,%ecx
443e88c5Syamt	movl	24(%esp),%edx
443e88c5Syamt	testl	%edx,%edx
443e88c5Syamt	jz	8f
443e88c5Syamt	movl	%ecx,(%edx)
443e88c5Syamt
443e88c5Syamt8:	popl	%edi
443e88c5Syamt	popl	%esi
443e88c5Syamt	ret
f42d24b1SmaxvEND(copystr_fault)
443e88c5Syamt
e3f92458Sthorpej/**************************************************************************/
e3f92458Sthorpej
15ef08dfSthorpej#define	UFETCHSTORE_PROLOGUE(x)						\
e3f92458Sthorpej	movl	4(%esp),%edx					;	\
15ef08dfSthorpej	cmpl	$VM_MAXUSER_ADDRESS-x,%edx			;	\
e3f92458Sthorpej	ja	_C_LABEL(ufetchstore_efault)
e3f92458Sthorpej
e3f92458Sthorpej/* LINTSTUB: int _ufetch_8(const uint8_t *uaddr, uint8_t *valp); */
e3f92458SthorpejENTRY(_ufetch_8)
64bcc9bdSad	DEFERRED_SWITCH_CHECK
15ef08dfSthorpej	UFETCHSTORE_PROLOGUE(1)
f42d24b1Smaxv
ce18565bSmaxv	SMAP_DISABLE
e3f92458Sthorpej.L_ufetch_8_start:
e3f92458Sthorpej	movb	(%edx),%al
e3f92458Sthorpej.L_ufetch_8_end:
ce18565bSmaxv	SMAP_ENABLE
f42d24b1Smaxv
e3f92458Sthorpej	movl	8(%esp),%edx
e3f92458Sthorpej	movb	%al,(%edx)
443e88c5Syamt	xorl	%eax,%eax
443e88c5Syamt	ret
e3f92458Sthorpej	DEFERRED_SWITCH_CALL
e3f92458SthorpejEND(_ufetch_8)
443e88c5Syamt
e3f92458Sthorpej/* LINTSTUB: int _ufetch_16(const uint16_t *uaddr, uint16_t *valp); */
e3f92458SthorpejENTRY(_ufetch_16)
64bcc9bdSad	DEFERRED_SWITCH_CHECK
15ef08dfSthorpej	UFETCHSTORE_PROLOGUE(2)
e3f92458Sthorpej
e3f92458Sthorpej	SMAP_DISABLE
e3f92458Sthorpej.L_ufetch_16_start:
e3f92458Sthorpej	movw	(%edx),%ax
e3f92458Sthorpej.L_ufetch_16_end:
e3f92458Sthorpej	SMAP_ENABLE
e3f92458Sthorpej
e3f92458Sthorpej	movl	8(%esp),%edx
e3f92458Sthorpej	movw	%ax,(%edx)
e3f92458Sthorpej	xorl	%eax,%eax
e3f92458Sthorpej	ret
e3f92458Sthorpej	DEFERRED_SWITCH_CALL
e3f92458SthorpejEND(_ufetch_16)
e3f92458Sthorpej
e3f92458Sthorpej/* LINTSTUB: int _ufetch_32(const uint32_t *uaddr, uint32_t *valp); */
e3f92458SthorpejENTRY(_ufetch_32)
e3f92458Sthorpej	DEFERRED_SWITCH_CHECK
15ef08dfSthorpej	UFETCHSTORE_PROLOGUE(4)
e3f92458Sthorpej
e3f92458Sthorpej	SMAP_DISABLE
e3f92458Sthorpej.L_ufetch_32_start:
e3f92458Sthorpej	movl	(%edx),%eax
e3f92458Sthorpej.L_ufetch_32_end:
e3f92458Sthorpej	SMAP_ENABLE
e3f92458Sthorpej
e3f92458Sthorpej	movl	8(%esp),%edx
e3f92458Sthorpej	movl	%eax,(%edx)
e3f92458Sthorpej	xorl	%eax,%eax
e3f92458Sthorpej	ret
e3f92458Sthorpej	DEFERRED_SWITCH_CALL
e3f92458SthorpejEND(_ufetch_32)
e3f92458Sthorpej
e3f92458Sthorpej/* LINTSTUB: int _ustore_8(uint8_t *uaddr, uint8_t val); */
e3f92458SthorpejENTRY(_ustore_8)
e3f92458Sthorpej	DEFERRED_SWITCH_CHECK
15ef08dfSthorpej	UFETCHSTORE_PROLOGUE(1)
443e88c5Syamt	movb	8(%esp),%al
f42d24b1Smaxv
ce18565bSmaxv	SMAP_DISABLE
e3f92458Sthorpej.L_ustore_8_start:
443e88c5Syamt	movb	%al,(%edx)
e3f92458Sthorpej.L_ustore_8_end:
ce18565bSmaxv	SMAP_ENABLE
f42d24b1Smaxv
443e88c5Syamt	xorl	%eax,%eax
443e88c5Syamt	ret
64bcc9bdSad	DEFERRED_SWITCH_CALL
e3f92458SthorpejEND(_ustore_8)
e3f92458Sthorpej
e3f92458Sthorpej/* LINTSTUB: int _ustore_16(uint16_t *uaddr, uint16_t val); */
e3f92458SthorpejENTRY(_ustore_16)
e3f92458Sthorpej	DEFERRED_SWITCH_CHECK
15ef08dfSthorpej	UFETCHSTORE_PROLOGUE(2)
e3f92458Sthorpej	movw	8(%esp),%ax
e3f92458Sthorpej
e3f92458Sthorpej	SMAP_DISABLE
e3f92458Sthorpej.L_ustore_16_start:
e3f92458Sthorpej	movw	%ax,(%edx)
e3f92458Sthorpej.L_ustore_16_end:
e3f92458Sthorpej	SMAP_ENABLE
e3f92458Sthorpej
e3f92458Sthorpej	xorl	%eax,%eax
e3f92458Sthorpej	ret
e3f92458Sthorpej	DEFERRED_SWITCH_CALL
e3f92458SthorpejEND(_ustore_16)
e3f92458Sthorpej
e3f92458Sthorpej/* LINTSTUB: int _ustore_32(uint32_t *uaddr, uint32_t val); */
e3f92458SthorpejENTRY(_ustore_32)
e3f92458Sthorpej	DEFERRED_SWITCH_CHECK
15ef08dfSthorpej	UFETCHSTORE_PROLOGUE(4)
e3f92458Sthorpej	movl	8(%esp),%eax
e3f92458Sthorpej
e3f92458Sthorpej	SMAP_DISABLE
e3f92458Sthorpej.L_ustore_32_start:
e3f92458Sthorpej	movl	%eax,(%edx)
e3f92458Sthorpej.L_ustore_32_end:
e3f92458Sthorpej	SMAP_ENABLE
e3f92458Sthorpej
e3f92458Sthorpej	xorl	%eax,%eax
e3f92458Sthorpej	ret
e3f92458Sthorpej	DEFERRED_SWITCH_CALL
e3f92458SthorpejEND(_ustore_32)
e3f92458Sthorpej
e3f92458SthorpejENTRY(ufetchstore_efault)
e3f92458Sthorpej	movl	$EFAULT,%eax
e3f92458Sthorpej	ret
e3f92458SthorpejEND(ufetchstore_efault)
e3f92458Sthorpej
e3f92458SthorpejENTRY(ufetchstore_fault)
e3f92458Sthorpej	SMAP_ENABLE
e3f92458Sthorpej	ret
e3f92458SthorpejEND(ufetchstore_fault)
e3f92458Sthorpej
e3f92458Sthorpej/**************************************************************************/
17be89c2Sad
17be89c2Sad/*
f7d3fa20Srmind * Compare-and-swap the 32-bit integer in the user-space.
f7d3fa20Srmind *
e3f92458Sthorpej * int	_ucas_32(volatile uint32_t *uptr, uint32_t old, uint32_t new,
e3f92458Sthorpej *		 uint32_t *ret);
f7d3fa20Srmind */
e3f92458SthorpejENTRY(_ucas_32)
f7d3fa20Srmind	DEFERRED_SWITCH_CHECK
f7d3fa20Srmind	movl	4(%esp),%edx
f7d3fa20Srmind	movl	8(%esp),%eax
f7d3fa20Srmind	movl	12(%esp),%ecx
f7d3fa20Srmind	/* Fail if kernel-space */
f7d3fa20Srmind	cmpl	$VM_MAXUSER_ADDRESS-4,%edx
dd80381cSchs	ja	_C_LABEL(ucas_efault)
f42d24b1Smaxv
ce18565bSmaxv	SMAP_DISABLE
f7d3fa20Srmind.Lucas32_start:
f7d3fa20Srmind	/* Perform the CAS */
f7d3fa20Srmind	lock
f7d3fa20Srmind	cmpxchgl %ecx,(%edx)
f7d3fa20Srmind.Lucas32_end:
ce18565bSmaxv	SMAP_ENABLE
f42d24b1Smaxv
f7d3fa20Srmind	/*
f7d3fa20Srmind	 * Note: %eax is "old" value.
f7d3fa20Srmind	 * Set the return values.
f7d3fa20Srmind	 */
f7d3fa20Srmind	movl	16(%esp),%edx
f7d3fa20Srmind	movl	%eax,(%edx)
f7d3fa20Srmind	xorl	%eax,%eax
f7d3fa20Srmind	ret
f7d3fa20Srmind	DEFERRED_SWITCH_CALL
e3f92458SthorpejEND(_ucas_32)
f7d3fa20Srmind
0c52a5deSmaxvENTRY(ucas_efault)
f42d24b1Smaxv	movl	$EFAULT,%eax
f42d24b1Smaxv	ret
f42d24b1SmaxvEND(ucas_efault)
f42d24b1Smaxv
0c52a5deSmaxvENTRY(ucas_fault)
ce18565bSmaxv	SMAP_ENABLE
f7d3fa20Srmind	ret
f42d24b1SmaxvEND(ucas_fault)
f7d3fa20Srmind
f7d3fa20Srmind/*
17be89c2Sad * copyin() optimised for bringing in syscall arguments.
17be89c2Sad */
17be89c2SadENTRY(x86_copyargs)
64bcc9bdSad	DEFERRED_SWITCH_CHECK
17be89c2Sad	pushl	%esi
d0f12a6aSyamt	movl	8(%esp),%esi
d0f12a6aSyamt	movl	12(%esp),%edx
d0f12a6aSyamt	movl	16(%esp),%ecx
17be89c2Sad
17be89c2Sad	/*
548506e1Smaxv	 * In this function, we may copy more than the size given in the third
548506e1Smaxv	 * argument. In order to make sure the real end of the destination
548506e1Smaxv	 * buffer is not past the end of the user's address space, we don't
548506e1Smaxv	 * check the third argument but rather the largest possible size, which
548506e1Smaxv	 * is:
548506e1Smaxv	 * 	(2 + SYS_MAXSYSARGS) * 4 = 10 * 4
17be89c2Sad	 */
17be89c2Sad	movl	%esi,%eax
548506e1Smaxv	addl	$(10 * 4),%eax
17be89c2Sad	jc	_C_LABEL(x86_copyargs_efault)
17be89c2Sad	cmpl	$VM_MAXUSER_ADDRESS,%eax
17be89c2Sad	ja	_C_LABEL(x86_copyargs_efault)
f42d24b1Smaxv
ce18565bSmaxv	SMAP_DISABLE
f42d24b1Smaxv.Lx86_copyargs_start:
aa21c280Sdsl	/* There are a maximum of 8 args + 2 for syscall indirect */
aa21c280Sdsl	cmp	$16,%ecx
17be89c2Sad	movl	(%esi),%eax
aa21c280Sdsl	movl	4(%esi),%ecx
17be89c2Sad	movl	%eax,(%edx)
aa21c280Sdsl	movl	%ecx,4(%edx)
17be89c2Sad	movl	8(%esi),%eax
aa21c280Sdsl	movl	12(%esi),%ecx
17be89c2Sad	movl	%eax,8(%edx)
aa21c280Sdsl	movl	%ecx,12(%edx)
f42d24b1Smaxv
aa21c280Sdsl	ja	2f		/* Optimise since most sycalls have <= 4 args */
f42d24b1Smaxv	jmp	.Lx86_copyargs_end
aa21c280Sdsl2:
f42d24b1Smaxv
aa21c280Sdsl	movl	16(%esi),%eax
aa21c280Sdsl	movl	20(%esi),%ecx
aa21c280Sdsl	movl	%eax,16(%edx)
aa21c280Sdsl	movl	%ecx,20(%edx)
aa21c280Sdsl	movl	24(%esi),%eax
aa21c280Sdsl	movl	28(%esi),%ecx
aa21c280Sdsl	movl	%eax,24(%edx)
aa21c280Sdsl	movl	%ecx,28(%edx)
aa21c280Sdsl	movl	32(%esi),%eax
aa21c280Sdsl	movl	36(%esi),%ecx
aa21c280Sdsl	movl	%eax,32(%edx)
aa21c280Sdsl	movl	%ecx,36(%edx)
d0f12a6aSyamt.Lx86_copyargs_end:
ce18565bSmaxv	SMAP_ENABLE
17be89c2Sad
f42d24b1Smaxv	popl	%esi
f42d24b1Smaxv	xorl	%eax,%eax
f42d24b1Smaxv	ret
f42d24b1Smaxv	DEFERRED_SWITCH_CALL
f42d24b1SmaxvEND(x86_copyargs)
f42d24b1Smaxv
0c52a5deSmaxvENTRY(x86_copyargs_efault)
17be89c2Sad	movl	$EFAULT,%eax
f42d24b1Smaxv	popl	%esi
f42d24b1Smaxv	ret
f42d24b1SmaxvEND(x86_copyargs_efault)
17be89c2Sad
0c52a5deSmaxvENTRY(x86_copyargs_fault)
ce18565bSmaxv	SMAP_ENABLE
17be89c2Sad	popl	%esi
17be89c2Sad	ret
f42d24b1SmaxvEND(x86_copyargs_fault)
64bcc9bdSad
614719fdSrmind/*
614719fdSrmind * Label must be after all copy functions.
614719fdSrmind */
dd80381cSchsLABEL(x86_copyfunc_end)
d0f12a6aSyamt
614719fdSrmind/*
614719fdSrmind * Fault table of copy functions for trap().
614719fdSrmind */
d0f12a6aSyamt	.section ".rodata"
d0f12a6aSyamt	.globl _C_LABEL(onfault_table)
f42d24b1Smaxv
d0f12a6aSyamt_C_LABEL(onfault_table):
d0f12a6aSyamt	.long .Lcopyin_start
d0f12a6aSyamt	.long .Lcopyin_end
d0f12a6aSyamt	.long _C_LABEL(copy_fault)
d0f12a6aSyamt
d0f12a6aSyamt	.long .Lcopyout_start
d0f12a6aSyamt	.long .Lcopyout_end
d0f12a6aSyamt	.long _C_LABEL(copy_fault)
d0f12a6aSyamt
d0f12a6aSyamt	.long .Lkcopy_start
d0f12a6aSyamt	.long .Lkcopy_end
d0f12a6aSyamt	.long _C_LABEL(kcopy_fault)
d0f12a6aSyamt
d0f12a6aSyamt	.long .Lcopyoutstr_start
d0f12a6aSyamt	.long .Lcopyoutstr_end
d0f12a6aSyamt	.long _C_LABEL(copystr_fault)
d0f12a6aSyamt
d0f12a6aSyamt	.long .Lcopyinstr_start
d0f12a6aSyamt	.long .Lcopyinstr_end
d0f12a6aSyamt	.long _C_LABEL(copystr_fault)
d0f12a6aSyamt
f7d3fa20Srmind	.long .Lucas32_start
f7d3fa20Srmind	.long .Lucas32_end
f7d3fa20Srmind	.long _C_LABEL(ucas_fault)
f7d3fa20Srmind
e3f92458Sthorpej	.long .L_ufetch_8_start
e3f92458Sthorpej	.long .L_ufetch_8_end
e3f92458Sthorpej	.long _C_LABEL(ufetchstore_fault)
e3f92458Sthorpej
e3f92458Sthorpej	.long .L_ufetch_16_start
e3f92458Sthorpej	.long .L_ufetch_16_end
e3f92458Sthorpej	.long _C_LABEL(ufetchstore_fault)
e3f92458Sthorpej
e3f92458Sthorpej	.long .L_ufetch_32_start
e3f92458Sthorpej	.long .L_ufetch_32_end
e3f92458Sthorpej	.long _C_LABEL(ufetchstore_fault)
e3f92458Sthorpej
e3f92458Sthorpej	.long .L_ustore_8_start
e3f92458Sthorpej	.long .L_ustore_8_end
e3f92458Sthorpej	.long _C_LABEL(ufetchstore_fault)
e3f92458Sthorpej
e3f92458Sthorpej	.long .L_ustore_16_start
e3f92458Sthorpej	.long .L_ustore_16_end
e3f92458Sthorpej	.long _C_LABEL(ufetchstore_fault)
e3f92458Sthorpej
e3f92458Sthorpej	.long .L_ustore_32_start
e3f92458Sthorpej	.long .L_ustore_32_end
e3f92458Sthorpej	.long _C_LABEL(ufetchstore_fault)
e3f92458Sthorpej
d0f12a6aSyamt	.long .Lx86_copyargs_start
d0f12a6aSyamt	.long .Lx86_copyargs_end
d0f12a6aSyamt	.long _C_LABEL(x86_copyargs_fault)
d0f12a6aSyamt
d0f12a6aSyamt	.long 0	/* terminate */
d0f12a6aSyamt
d0f12a6aSyamt	.text