2 * Copyright (c) 1993 The Regents of the University of California.
3 * Copyright (c) 2003 Peter Wemm.
4 * Copyright (c) 2008 The DragonFly Project.
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the University nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
19 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * $FreeBSD: src/sys/amd64/amd64/support.S,v 1.127 2007/05/23 08:33:04 kib Exp $
34 #include <machine/asmacros.h>
35 #include <machine/pmap.h>
44 * bzero(ptr:%rdi, bytes:%rsi)
46 * Using rep stosq is 70% faster than a %rax loop and almost as fast as
47 * a %xmm0 loop on a modern intel cpu.
49 * Do not use non-termportal instructions here as we do not know the caller's
69 * Using rep stosq is nearly as fast as using %xmm0 on a modern intel cpu,
70 * and about 70% faster than a %rax loop.
72 * Do not use non-termportal instructions here as we do not know the caller's
76 movq $PAGE_SIZE>>3,%rcx
85 * bcmp(ptr:%rdi, ptr:%rsi, bytes:%rdx)
90 cld /* compare forwards */
106 * bcopy(src:%rdi, dst:%rsi, cnt:%rdx)
108 * ws@tools.de (Wolfgang Solfrank, TooLs GmbH) +49-228-985800
116 cmpq %rcx,%rax /* overlapping && src < dst? */
119 shrq $3,%rcx /* copy by 64-bit words */
120 cld /* nope, copy forwards */
124 andq $7,%rcx /* any bytes left? */
131 addq %rcx,%rdi /* copy backwards */
135 andq $7,%rcx /* any fractional bytes? */
139 movq %rdx,%rcx /* copy by 32-bit words */
150 movq $0x200,%rax /* the manual says that bit 10 must be set to 1 */
151 movq %rax,%dr7 /* disable all breapoints first */
162 * memcpy(dst:%rdi, src:%rsi, bytes:%rdx)
164 * Note: memcpy does not support overlapping copies
169 shrq $3,%rcx /* copy by 64-bit words */
170 cld /* copy forwards */
174 andq $7,%rcx /* any bytes left? */
181 /* fillw(pat, base, cnt) */
182 /* %rdi,%rsi, %rdx */
193 /*****************************************************************************/
194 /* copyout and fubyte family */
195 /*****************************************************************************/
197 * Access user memory from inside the kernel. These routines should be
198 * the only places that do this.
200 * These routines set curpcb->onfault for the time they execute. When a
201 * protection violation occurs inside the functions, the trap handler
202 * returns to *curpcb->onfault instead of the function.
206 * uint64_t:%rax kreadmem64(addr:%rdi)
208 * Read kernel or user memory with fault protection.
211 movq PCPU(curthread),%rcx
212 movq TD_PCB(%rcx), %rcx
213 movq $kreadmem64fault,PCB_ONFAULT(%rcx)
214 movq %rsp,PCB_ONFAULT_SP(%rcx)
217 movq $0,PCB_ONFAULT(%rcx)
221 movq PCPU(curthread),%rcx
223 movq TD_PCB(%rcx),%rcx
224 movq %rax,PCB_ONFAULT(%rcx)
230 * std_copyout(from_kernel, to_user, len) - MP SAFE
234 movq PCPU(curthread),%rax
235 movq TD_PCB(%rax), %rax
236 movq $copyout_fault,PCB_ONFAULT(%rax)
237 movq %rsp,PCB_ONFAULT_SP(%rax)
238 testq %rdx,%rdx /* anything to do? */
242 * Check explicitly for non-user addresses. If 486 write protection
243 * is being used, this check is essential because we are in kernel
244 * mode so the h/w does not provide any protection against writing
249 * First, prevent address wrapping.
255 * XXX STOP USING VM_MAX_USER_ADDRESS.
256 * It is an end address, not a max, so every time it is used correctly it
257 * looks like there is an off by one error, and of course it caused an off
258 * by one error in several places.
260 movq $VM_MAX_USER_ADDRESS,%rcx
265 /* bcopy(%rsi, %rdi, %rdx) */
279 movq PCPU(curthread),%rdx
280 movq TD_PCB(%rdx), %rdx
281 movq %rax,PCB_ONFAULT(%rdx)
286 movq PCPU(curthread),%rdx
287 movq TD_PCB(%rdx), %rdx
288 movq $0,PCB_ONFAULT(%rdx)
294 * std_copyin(from_user, to_kernel, len) - MP SAFE
298 movq PCPU(curthread),%rax
299 movq TD_PCB(%rax), %rax
300 movq $copyin_fault,PCB_ONFAULT(%rax)
301 movq %rsp,PCB_ONFAULT_SP(%rax)
302 testq %rdx,%rdx /* anything to do? */
306 * make sure address is valid
311 movq $VM_MAX_USER_ADDRESS,%rcx
318 shrq $3,%rcx /* copy longword-wise */
323 andb $7,%cl /* copy remaining bytes */
329 movq PCPU(curthread),%rdx
330 movq TD_PCB(%rdx), %rdx
331 movq %rax,PCB_ONFAULT(%rdx)
336 movq PCPU(curthread),%rdx
337 movq TD_PCB(%rdx), %rdx
338 movq $0,PCB_ONFAULT(%rdx)
344 * casu32 - Compare and set user integer. Returns -1 or the current value.
345 * dst = %rdi, old = %rsi, new = %rdx
348 movq PCPU(curthread),%rcx
349 movq TD_PCB(%rcx), %rcx
350 movq $fusufault,PCB_ONFAULT(%rcx)
351 movq %rsp,PCB_ONFAULT_SP(%rcx)
353 movq $VM_MAX_USER_ADDRESS-4,%rax
354 cmpq %rax,%rdi /* verify address is valid */
357 movl %esi,%eax /* old */
359 cmpxchgl %edx,(%rdi) /* new = %edx */
362 * The old value is in %eax. If the store succeeded it will be the
363 * value we expected (old) from before the store, otherwise it will
364 * be the current value.
367 movq PCPU(curthread),%rcx
368 movq TD_PCB(%rcx), %rcx
369 movq $0,PCB_ONFAULT(%rcx)
374 * swapu32 - Swap int in user space. ptr = %rdi, val = %rsi
377 movq PCPU(curthread),%rcx
378 movq TD_PCB(%rcx), %rcx
379 movq $fusufault,PCB_ONFAULT(%rcx)
380 movq %rsp,PCB_ONFAULT_SP(%rcx)
382 movq $VM_MAX_USER_ADDRESS-4,%rax
383 cmpq %rax,%rdi /* verify address is valid */
386 movq %rsi,%rax /* old */
390 * The old value is in %rax. If the store succeeded it will be the
391 * value we expected (old) from before the store, otherwise it will
392 * be the current value.
395 movq PCPU(curthread),%rcx
396 movq TD_PCB(%rcx), %rcx
397 movq $0,PCB_ONFAULT(%rcx)
402 * casu64 - Compare and set user word. Returns -1 or the current value.
403 * dst = %rdi, old = %rsi, new = %rdx
406 movq PCPU(curthread),%rcx
407 movq TD_PCB(%rcx), %rcx
408 movq $fusufault,PCB_ONFAULT(%rcx)
409 movq %rsp,PCB_ONFAULT_SP(%rcx)
411 movq $VM_MAX_USER_ADDRESS-8,%rax
412 cmpq %rax,%rdi /* verify address is valid */
415 movq %rsi,%rax /* old */
417 cmpxchgq %rdx,(%rdi) /* new = %rdx */
420 * The old value is in %rax. If the store succeeded it will be the
421 * value we expected (old) from before the store, otherwise it will
422 * be the current value.
425 movq PCPU(curthread),%rcx
426 movq TD_PCB(%rcx), %rcx
427 movq $0,PCB_ONFAULT(%rcx)
432 * swapu64 - Swap long in user space. ptr = %rdi, val = %rsi
435 movq PCPU(curthread),%rcx
436 movq TD_PCB(%rcx), %rcx
437 movq $fusufault,PCB_ONFAULT(%rcx)
438 movq %rsp,PCB_ONFAULT_SP(%rcx)
440 movq $VM_MAX_USER_ADDRESS-8,%rax
441 cmpq %rax,%rdi /* verify address is valid */
444 movq %rsi,%rax /* old */
448 * The old value is in %rax. If the store succeeded it will be the
449 * value we expected (old) from before the store, otherwise it will
450 * be the current value.
453 movq PCPU(curthread),%rcx
454 movq TD_PCB(%rcx), %rcx
455 movq $0,PCB_ONFAULT(%rcx)
460 * Fetch (load) a 64-bit word, a 32-bit word, a 16-bit word, or an 8-bit
461 * byte from user memory. All these functions are MPSAFE.
466 movq PCPU(curthread),%rcx
467 movq TD_PCB(%rcx), %rcx
468 movq $fusufault,PCB_ONFAULT(%rcx)
469 movq %rsp,PCB_ONFAULT_SP(%rcx)
471 movq $VM_MAX_USER_ADDRESS-8,%rax
472 cmpq %rax,%rdi /* verify address is valid */
476 movq $0,PCB_ONFAULT(%rcx)
481 movq PCPU(curthread),%rcx
482 movq TD_PCB(%rcx), %rcx
483 movq $fusufault,PCB_ONFAULT(%rcx)
484 movq %rsp,PCB_ONFAULT_SP(%rcx)
486 movq $VM_MAX_USER_ADDRESS-4,%rax
487 cmpq %rax,%rdi /* verify address is valid */
491 movq $0,PCB_ONFAULT(%rcx)
496 movq PCPU(curthread),%rcx
497 movq TD_PCB(%rcx), %rcx
498 movq $fusufault,PCB_ONFAULT(%rcx)
499 movq %rsp,PCB_ONFAULT_SP(%rcx)
501 movq $VM_MAX_USER_ADDRESS-1,%rax
506 movq $0,PCB_ONFAULT(%rcx)
511 movq PCPU(curthread),%rcx
513 movq TD_PCB(%rcx), %rcx
514 movq %rax,PCB_ONFAULT(%rcx)
520 * Store a 64-bit word, a 32-bit word, a 16-bit word, or an 8-bit byte to
521 * user memory. All these functions are MPSAFE.
523 * addr = %rdi, value = %rsi
528 movq PCPU(curthread),%rcx
529 movq TD_PCB(%rcx), %rcx
530 movq $fusufault,PCB_ONFAULT(%rcx)
531 movq %rsp,PCB_ONFAULT_SP(%rcx)
533 movq $VM_MAX_USER_ADDRESS-8,%rax
534 cmpq %rax,%rdi /* verify address validity */
539 movq PCPU(curthread),%rcx
540 movq TD_PCB(%rcx), %rcx
541 movq %rax,PCB_ONFAULT(%rcx)
549 movq PCPU(curthread),%rcx
550 movq TD_PCB(%rcx), %rcx
551 movq $fusufault,PCB_ONFAULT(%rcx)
552 movq %rsp,PCB_ONFAULT_SP(%rcx)
554 movq $VM_MAX_USER_ADDRESS-4,%rax
555 cmpq %rax,%rdi /* verify address validity */
560 movq PCPU(curthread),%rcx
561 movq TD_PCB(%rcx), %rcx
562 movq %rax,PCB_ONFAULT(%rcx)
567 movq PCPU(curthread),%rcx
568 movq TD_PCB(%rcx), %rcx
569 movq $fusufault,PCB_ONFAULT(%rcx)
570 movq %rsp,PCB_ONFAULT_SP(%rcx)
572 movq $VM_MAX_USER_ADDRESS-1,%rax
573 cmpq %rax,%rdi /* verify address validity */
579 movq PCPU(curthread),%rcx /* restore trashed register */
580 movq TD_PCB(%rcx), %rcx
581 movq %rax,PCB_ONFAULT(%rcx)
586 * std_copyinstr(from, to, maxlen, int *lencopied) - MP SAFE
587 * %rdi, %rsi, %rdx, %rcx
589 * copy a string from from to to, stop when a 0 character is reached.
590 * return ENAMETOOLONG if string is longer than maxlen, and
591 * EFAULT on protection violations. If lencopied is non-zero,
592 * return the actual length in *lencopied.
595 movq %rdx,%r8 /* %r8 = maxlen */
596 movq %rcx,%r9 /* %r9 = *len */
597 xchgq %rdi,%rsi /* %rdi = from, %rsi = to */
598 movq PCPU(curthread),%rcx
599 movq TD_PCB(%rcx), %rcx
600 movq $cpystrflt,PCB_ONFAULT(%rcx)
601 movq %rsp,PCB_ONFAULT_SP(%rcx)
603 movq $VM_MAX_USER_ADDRESS,%rax
605 /* make sure 'from' is within bounds */
609 /* restrict maxlen to <= VM_MAX_USER_ADDRESS-from */
627 /* Success -- 0 byte reached */
632 /* rdx is zero - return ENAMETOOLONG or EFAULT */
633 movq $VM_MAX_USER_ADDRESS,%rax
637 movq $ENAMETOOLONG,%rax
644 /* set *lencopied and return %eax */
645 movq PCPU(curthread),%rcx
646 movq TD_PCB(%rcx), %rcx
647 movq $0,PCB_ONFAULT(%rcx)
658 * copystr(from, to, maxlen, int *lencopied) - MP SAFE
659 * %rdi, %rsi, %rdx, %rcx
662 movq %rdx,%r8 /* %r8 = maxlen */
675 /* Success -- 0 byte reached */
680 /* rdx is zero -- return ENAMETOOLONG */
681 movq $ENAMETOOLONG,%rax
687 /* set *lencopied and return %rax */
695 * Handling of special x86_64 registers and descriptor tables etc
698 /* void lgdt(struct region_descriptor *rdp); */
700 /* reload the descriptor table */
703 /* flush the prefetch q */
710 movl %eax,%fs /* Beware, use wrmsr to set 64 bit base */
711 movl %eax,%gs /* Beware, use wrmsr to set 64 bit base */
714 /* reload code selector by turning return into intersegmental return */
722 /*****************************************************************************/
723 /* setjmp, longjmp */
724 /*****************************************************************************/
727 movq %rbx,0(%rdi) /* save rbx */
728 movq %rsp,8(%rdi) /* save rsp */
729 movq %rbp,16(%rdi) /* save rbp */
730 movq %r12,24(%rdi) /* save r12 */
731 movq %r13,32(%rdi) /* save r13 */
732 movq %r14,40(%rdi) /* save r14 */
733 movq %r15,48(%rdi) /* save r15 */
734 movq 0(%rsp),%rdx /* get rta */
735 movq %rdx,56(%rdi) /* save rip */
736 xorl %eax,%eax /* return(0); */
741 movq 0(%rdi),%rbx /* restore rbx */
742 movq 8(%rdi),%rsp /* restore rsp */
743 movq 16(%rdi),%rbp /* restore rbp */
744 movq 24(%rdi),%r12 /* restore r12 */
745 movq 32(%rdi),%r13 /* restore r13 */
746 movq 40(%rdi),%r14 /* restore r14 */
747 movq 48(%rdi),%r15 /* restore r15 */
748 movq 56(%rdi),%rdx /* get rta */
749 movq %rdx,0(%rsp) /* put in return frame */
750 xorl %eax,%eax /* return(1); */
756 * Support for reading MSRs in the safe manner.
759 /* int rdmsr_safe(u_int msr, uint64_t *data) */
760 movq PCPU(curthread),%r8
761 movq TD_PCB(%r8), %r8
762 movq $msr_onfault,PCB_ONFAULT(%r8)
763 movq %rsp,PCB_ONFAULT_SP(%r8)
765 rdmsr /* Read MSR pointed by %ecx. Returns
766 hi byte in edx, lo in %eax */
767 salq $32,%rdx /* sign-shift %rdx left */
768 movl %eax,%eax /* zero-extend %eax -> %rax */
772 movq %rax,PCB_ONFAULT(%r8)
777 * Support for writing MSRs in the safe manner.
780 /* int wrmsr_safe(u_int msr, uint64_t data) */
781 movq PCPU(curthread),%r8
782 movq TD_PCB(%r8), %r8
783 movq $msr_onfault,PCB_ONFAULT(%r8)
784 movq %rsp,PCB_ONFAULT_SP(%r8)
789 wrmsr /* Write MSR pointed by %ecx. Accepts
790 hi byte in edx, lo in %eax. */
792 movq %rax,PCB_ONFAULT(%r8)
797 * MSR operations fault handler
801 movq PCPU(curthread),%r8
802 movq TD_PCB(%r8), %r8
803 movq $0,PCB_ONFAULT(%r8)