1 files changed, 249 insertions, 228 deletions
diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S
index 43ceb3f454bf..d6f0490a7391 100644
--- a/arch/x86/kernel/entry_32.S
+++ b/arch/x86/kernel/entry_32.S
@@ -619,28 +619,37 @@ END(syscall_badsys)
 27:;
 /*
- * Build the entry stubs and pointer table with
+ * Build the entry stubs and pointer table with some assembler magic.
- * some assembler magic.
+ * We pack 7 stubs into a single 32-byte chunk, which will fit in a
+ * single cache line on all modern x86 implementations.
 */
-.section .rodata,"a"
+.section .init.rodata,"a"
 ENTRY(interrupt)
 .text
+        .p2align 5
+        .p2align CONFIG_X86_L1_CACHE_SHIFT
 ENTRY(irq_entries_start)
        RING0_INT_FRAME
-vector=0
+vector=FIRST_EXTERNAL_VECTOR
-.rept NR_VECTORS
+.rept (NR_VECTORS-FIRST_EXTERNAL_VECTOR+6)/7
-        ALIGN
+        .balign 32
- .if vector
+  .rept 7
+    .if vector < NR_VECTORS
+      .if vector <> FIRST_EXTERNAL_VECTOR
        CFI_ADJUST_CFA_OFFSET -4
- .endif
+      .endif
-1:      pushl $~(vector)
+1:      pushl $(~vector+0x80)   /* Note: always in signed byte range */
        CFI_ADJUST_CFA_OFFSET 4
-        jmp common_interrupt
+      .if ((vector-FIRST_EXTERNAL_VECTOR)%7) <> 6
- .previous
+        jmp 2f
+      .endif
+      .previous
        .long 1b
- .text
+      .text
 vector=vector+1
+    .endif
+  .endr
+2:      jmp common_interrupt
 .endr
 END(irq_entries_start)
@@ -652,8 +661,9 @@ END(interrupt)
 * the CPU automatically disables interrupts when executing an IRQ vector,
 * so IRQ-flags tracing has to follow that:
 */
-        ALIGN
+        .p2align CONFIG_X86_L1_CACHE_SHIFT
 common_interrupt:
+        addl $-0x80,(%esp)      /* Adjust vector into the [-256,-1] range */
        SAVE_ALL
        TRACE_IRQS_OFF
        movl %esp,%eax
@@ -678,65 +688,6 @@ ENDPROC(name)
 /* The include is where all of the SMP etc. interrupts come from */
 #include "entry_arch.h"
-KPROBE_ENTRY(page_fault)
-        RING0_EC_FRAME
-        pushl $do_page_fault
-        CFI_ADJUST_CFA_OFFSET 4
-        ALIGN
-error_code:
-        /* the function address is in %fs's slot on the stack */
-        pushl %es
-        CFI_ADJUST_CFA_OFFSET 4
-        /*CFI_REL_OFFSET es, 0*/
-        pushl %ds
-        CFI_ADJUST_CFA_OFFSET 4
-        /*CFI_REL_OFFSET ds, 0*/
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET eax, 0
-        pushl %ebp
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET ebp, 0
-        pushl %edi
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET edi, 0
-        pushl %esi
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET esi, 0
-        pushl %edx
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET edx, 0
-        pushl %ecx
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET ecx, 0
-        pushl %ebx
-        CFI_ADJUST_CFA_OFFSET 4
-        CFI_REL_OFFSET ebx, 0
-        cld
-        pushl %fs
-        CFI_ADJUST_CFA_OFFSET 4
-        /*CFI_REL_OFFSET fs, 0*/
-        movl $(__KERNEL_PERCPU), %ecx
-        movl %ecx, %fs
-        UNWIND_ESPFIX_STACK
-        popl %ecx
-        CFI_ADJUST_CFA_OFFSET -4
-        /*CFI_REGISTER es, ecx*/
-        movl PT_FS(%esp), %edi          # get the function address
-        movl PT_ORIG_EAX(%esp), %edx    # get the error code
-        movl $-1, PT_ORIG_EAX(%esp)     # no syscall to restart
-        mov  %ecx, PT_FS(%esp)
-        /*CFI_REL_OFFSET fs, ES*/
-        movl $(__USER_DS), %ecx
-        movl %ecx, %ds
-        movl %ecx, %es
-        TRACE_IRQS_OFF
-        movl %esp,%eax                  # pt_regs pointer
-        call *%edi
-        jmp ret_from_exception
-        CFI_ENDPROC
-KPROBE_END(page_fault)
 ENTRY(coprocessor_error)
        RING0_INT_FRAME
        pushl $0
@@ -767,140 +718,6 @@ ENTRY(device_not_available)
        CFI_ENDPROC
 END(device_not_available)
-/*
- * Debug traps and NMI can happen at the one SYSENTER instruction
- * that sets up the real kernel stack. Check here, since we can't
- * allow the wrong stack to be used.
- *
- * "TSS_sysenter_sp0+12" is because the NMI/debug handler will have
- * already pushed 3 words if it hits on the sysenter instruction:
- * eflags, cs and eip.
- *
- * We just load the right stack, and push the three (known) values
- * by hand onto the new stack - while updating the return eip past
- * the instruction that would have done it for sysenter.
- */
-#define FIX_STACK(offset, ok, label)            \
-        cmpw $__KERNEL_CS,4(%esp);              \
-        jne ok;                                 \
-label:                                          \
-        movl TSS_sysenter_sp0+offset(%esp),%esp;        \
-        CFI_DEF_CFA esp, 0;                     \
-        CFI_UNDEFINED eip;                      \
-        pushfl;                                 \
-        CFI_ADJUST_CFA_OFFSET 4;                \
-        pushl $__KERNEL_CS;                     \
-        CFI_ADJUST_CFA_OFFSET 4;                \
-        pushl $sysenter_past_esp;               \
-        CFI_ADJUST_CFA_OFFSET 4;                \
-        CFI_REL_OFFSET eip, 0
-KPROBE_ENTRY(debug)
-        RING0_INT_FRAME
-        cmpl $ia32_sysenter_target,(%esp)
-        jne debug_stack_correct
-        FIX_STACK(12, debug_stack_correct, debug_esp_fix_insn)
-debug_stack_correct:
-        pushl $-1                       # mark this as an int
-        CFI_ADJUST_CFA_OFFSET 4
-        SAVE_ALL
-        TRACE_IRQS_OFF
-        xorl %edx,%edx                  # error code 0
-        movl %esp,%eax                  # pt_regs pointer
-        call do_debug
-        jmp ret_from_exception
-        CFI_ENDPROC
-KPROBE_END(debug)
-/*
- * NMI is doubly nasty. It can happen _while_ we're handling
- * a debug fault, and the debug fault hasn't yet been able to
- * clear up the stack. So we first check whether we got  an
- * NMI on the sysenter entry path, but after that we need to
- * check whether we got an NMI on the debug path where the debug
- * fault happened on the sysenter path.
- */
-KPROBE_ENTRY(nmi)
-        RING0_INT_FRAME
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        movl %ss, %eax
-        cmpw $__ESPFIX_SS, %ax
-        popl %eax
-        CFI_ADJUST_CFA_OFFSET -4
-        je nmi_espfix_stack
-        cmpl $ia32_sysenter_target,(%esp)
-        je nmi_stack_fixup
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        movl %esp,%eax
-        /* Do not access memory above the end of our stack page,
-         * it might not exist.
-         */
-        andl $(THREAD_SIZE-1),%eax
-        cmpl $(THREAD_SIZE-20),%eax
-        popl %eax
-        CFI_ADJUST_CFA_OFFSET -4
-        jae nmi_stack_correct
-        cmpl $ia32_sysenter_target,12(%esp)
-        je nmi_debug_stack_check
-nmi_stack_correct:
-        /* We have a RING0_INT_FRAME here */
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        SAVE_ALL
-        TRACE_IRQS_OFF
-        xorl %edx,%edx          # zero error code
-        movl %esp,%eax          # pt_regs pointer
-        call do_nmi
-        jmp restore_nocheck_notrace
-        CFI_ENDPROC
-nmi_stack_fixup:
-        RING0_INT_FRAME
-        FIX_STACK(12,nmi_stack_correct, 1)
-        jmp nmi_stack_correct
-nmi_debug_stack_check:
-        /* We have a RING0_INT_FRAME here */
-        cmpw $__KERNEL_CS,16(%esp)
-        jne nmi_stack_correct
-        cmpl $debug,(%esp)
-        jb nmi_stack_correct
-        cmpl $debug_esp_fix_insn,(%esp)
-        ja nmi_stack_correct
-        FIX_STACK(24,nmi_stack_correct, 1)
-        jmp nmi_stack_correct
-nmi_espfix_stack:
-        /* We have a RING0_INT_FRAME here.
-         *
-         * create the pointer to lss back
-         */
-        pushl %ss
-        CFI_ADJUST_CFA_OFFSET 4
-        pushl %esp
-        CFI_ADJUST_CFA_OFFSET 4
-        addw $4, (%esp)
-        /* copy the iret frame of 12 bytes */
-        .rept 3
-        pushl 16(%esp)
-        CFI_ADJUST_CFA_OFFSET 4
-        .endr
-        pushl %eax
-        CFI_ADJUST_CFA_OFFSET 4
-        SAVE_ALL
-        TRACE_IRQS_OFF
-        FIXUP_ESPFIX_STACK              # %eax == %esp
-        xorl %edx,%edx                  # zero error code
-        call do_nmi
-        RESTORE_REGS
-        lss 12+4(%esp), %esp            # back to espfix stack
-        CFI_ADJUST_CFA_OFFSET -24
-        jmp irq_return
-        CFI_ENDPROC
-KPROBE_END(nmi)
 #ifdef CONFIG_PARAVIRT
 ENTRY(native_iret)
        iret
@@ -916,19 +733,6 @@ ENTRY(native_irq_enable_sysexit)
 END(native_irq_enable_sysexit)
 #endif
-KPROBE_ENTRY(int3)
-        RING0_INT_FRAME
-        pushl $-1                       # mark this as an int
-        CFI_ADJUST_CFA_OFFSET 4
-        SAVE_ALL
-        TRACE_IRQS_OFF
-        xorl %edx,%edx          # zero error code
-        movl %esp,%eax          # pt_regs pointer
-        call do_int3
-        jmp ret_from_exception
-        CFI_ENDPROC
-KPROBE_END(int3)
 ENTRY(overflow)
        RING0_INT_FRAME
        pushl $0
@@ -993,14 +797,6 @@ ENTRY(stack_segment)
        CFI_ENDPROC
 END(stack_segment)
-KPROBE_ENTRY(general_protection)
-        RING0_EC_FRAME
-        pushl $do_general_protection
-        CFI_ADJUST_CFA_OFFSET 4
-        jmp error_code
-        CFI_ENDPROC
-KPROBE_END(general_protection)
 ENTRY(alignment_check)
        RING0_EC_FRAME
        pushl $do_alignment_check
@@ -1051,6 +847,7 @@ ENTRY(kernel_thread_helper)
        push %eax
        CFI_ADJUST_CFA_OFFSET 4
        call do_exit
+        ud2                     # padding for call trace
        CFI_ENDPROC
 ENDPROC(kernel_thread_helper)
@@ -1259,3 +1056,227 @@ return_to_handler:
 #include "syscall_table_32.S"
 syscall_table_size=(.-sys_call_table)
+/*
+ * Some functions should be protected against kprobes
+ */
+        .pushsection .kprobes.text, "ax"
+ENTRY(page_fault)
+        RING0_EC_FRAME
+        pushl $do_page_fault
+        CFI_ADJUST_CFA_OFFSET 4
+        ALIGN
+error_code:
+        /* the function address is in %fs's slot on the stack */
+        pushl %es
+        CFI_ADJUST_CFA_OFFSET 4
+        /*CFI_REL_OFFSET es, 0*/
+        pushl %ds
+        CFI_ADJUST_CFA_OFFSET 4
+        /*CFI_REL_OFFSET ds, 0*/
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET eax, 0
+        pushl %ebp
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET ebp, 0
+        pushl %edi
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET edi, 0
+        pushl %esi
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET esi, 0
+        pushl %edx
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET edx, 0
+        pushl %ecx
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET ecx, 0
+        pushl %ebx
+        CFI_ADJUST_CFA_OFFSET 4
+        CFI_REL_OFFSET ebx, 0
+        cld
+        pushl %fs
+        CFI_ADJUST_CFA_OFFSET 4
+        /*CFI_REL_OFFSET fs, 0*/
+        movl $(__KERNEL_PERCPU), %ecx
+        movl %ecx, %fs
+        UNWIND_ESPFIX_STACK
+        popl %ecx
+        CFI_ADJUST_CFA_OFFSET -4
+        /*CFI_REGISTER es, ecx*/
+        movl PT_FS(%esp), %edi          # get the function address
+        movl PT_ORIG_EAX(%esp), %edx    # get the error code
+        movl $-1, PT_ORIG_EAX(%esp)     # no syscall to restart
+        mov  %ecx, PT_FS(%esp)
+        /*CFI_REL_OFFSET fs, ES*/
+        movl $(__USER_DS), %ecx
+        movl %ecx, %ds
+        movl %ecx, %es
+        TRACE_IRQS_OFF
+        movl %esp,%eax                  # pt_regs pointer
+        call *%edi
+        jmp ret_from_exception
+        CFI_ENDPROC
+END(page_fault)
+/*
+ * Debug traps and NMI can happen at the one SYSENTER instruction
+ * that sets up the real kernel stack. Check here, since we can't
+ * allow the wrong stack to be used.
+ *
+ * "TSS_sysenter_sp0+12" is because the NMI/debug handler will have
+ * already pushed 3 words if it hits on the sysenter instruction:
+ * eflags, cs and eip.
+ *
+ * We just load the right stack, and push the three (known) values
+ * by hand onto the new stack - while updating the return eip past
+ * the instruction that would have done it for sysenter.
+ */
+#define FIX_STACK(offset, ok, label)            \
+        cmpw $__KERNEL_CS,4(%esp);              \
+        jne ok;                                 \
+label:                                          \
+        movl TSS_sysenter_sp0+offset(%esp),%esp;        \
+        CFI_DEF_CFA esp, 0;                     \
+        CFI_UNDEFINED eip;                      \
+        pushfl;                                 \
+        CFI_ADJUST_CFA_OFFSET 4;                \
+        pushl $__KERNEL_CS;                     \
+        CFI_ADJUST_CFA_OFFSET 4;                \
+        pushl $sysenter_past_esp;               \
+        CFI_ADJUST_CFA_OFFSET 4;                \
+        CFI_REL_OFFSET eip, 0
+ENTRY(debug)
+        RING0_INT_FRAME
+        cmpl $ia32_sysenter_target,(%esp)
+        jne debug_stack_correct
+        FIX_STACK(12, debug_stack_correct, debug_esp_fix_insn)
+debug_stack_correct:
+        pushl $-1                       # mark this as an int
+        CFI_ADJUST_CFA_OFFSET 4
+        SAVE_ALL
+        TRACE_IRQS_OFF
+        xorl %edx,%edx                  # error code 0
+        movl %esp,%eax                  # pt_regs pointer
+        call do_debug
+        jmp ret_from_exception
+        CFI_ENDPROC
+END(debug)
+/*
+ * NMI is doubly nasty. It can happen _while_ we're handling
+ * a debug fault, and the debug fault hasn't yet been able to
+ * clear up the stack. So we first check whether we got  an
+ * NMI on the sysenter entry path, but after that we need to
+ * check whether we got an NMI on the debug path where the debug
+ * fault happened on the sysenter path.
+ */
+ENTRY(nmi)
+        RING0_INT_FRAME
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        movl %ss, %eax
+        cmpw $__ESPFIX_SS, %ax
+        popl %eax
+        CFI_ADJUST_CFA_OFFSET -4
+        je nmi_espfix_stack
+        cmpl $ia32_sysenter_target,(%esp)
+        je nmi_stack_fixup
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        movl %esp,%eax
+        /* Do not access memory above the end of our stack page,
+         * it might not exist.
+         */
+        andl $(THREAD_SIZE-1),%eax
+        cmpl $(THREAD_SIZE-20),%eax
+        popl %eax
+        CFI_ADJUST_CFA_OFFSET -4
+        jae nmi_stack_correct
+        cmpl $ia32_sysenter_target,12(%esp)
+        je nmi_debug_stack_check
+nmi_stack_correct:
+        /* We have a RING0_INT_FRAME here */
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        SAVE_ALL
+        TRACE_IRQS_OFF
+        xorl %edx,%edx          # zero error code
+        movl %esp,%eax          # pt_regs pointer
+        call do_nmi
+        jmp restore_nocheck_notrace
+        CFI_ENDPROC
+nmi_stack_fixup:
+        RING0_INT_FRAME
+        FIX_STACK(12,nmi_stack_correct, 1)
+        jmp nmi_stack_correct
+nmi_debug_stack_check:
+        /* We have a RING0_INT_FRAME here */
+        cmpw $__KERNEL_CS,16(%esp)
+        jne nmi_stack_correct
+        cmpl $debug,(%esp)
+        jb nmi_stack_correct
+        cmpl $debug_esp_fix_insn,(%esp)
+        ja nmi_stack_correct
+        FIX_STACK(24,nmi_stack_correct, 1)
+        jmp nmi_stack_correct
+nmi_espfix_stack:
+        /* We have a RING0_INT_FRAME here.
+         *
+         * create the pointer to lss back
+         */
+        pushl %ss
+        CFI_ADJUST_CFA_OFFSET 4
+        pushl %esp
+        CFI_ADJUST_CFA_OFFSET 4
+        addw $4, (%esp)
+        /* copy the iret frame of 12 bytes */
+        .rept 3
+        pushl 16(%esp)
+        CFI_ADJUST_CFA_OFFSET 4
+        .endr
+        pushl %eax
+        CFI_ADJUST_CFA_OFFSET 4
+        SAVE_ALL
+        TRACE_IRQS_OFF
+        FIXUP_ESPFIX_STACK              # %eax == %esp
+        xorl %edx,%edx                  # zero error code
+        call do_nmi
+        RESTORE_REGS
+        lss 12+4(%esp), %esp            # back to espfix stack
+        CFI_ADJUST_CFA_OFFSET -24
+        jmp irq_return
+        CFI_ENDPROC
+END(nmi)
+ENTRY(int3)
+        RING0_INT_FRAME
+        pushl $-1                       # mark this as an int
+        CFI_ADJUST_CFA_OFFSET 4
+        SAVE_ALL
+        TRACE_IRQS_OFF
+        xorl %edx,%edx          # zero error code
+        movl %esp,%eax          # pt_regs pointer
+        call do_int3
+        jmp ret_from_exception
+        CFI_ENDPROC
+END(int3)
+ENTRY(general_protection)
+        RING0_EC_FRAME
+        pushl $do_general_protection
+        CFI_ADJUST_CFA_OFFSET 4
+        jmp error_code
+        CFI_ENDPROC
+END(general_protection)
+/*
+ * End of kprobes section
+ */
+        .popsection

diff --git a/arch/x86/kernel/entry_32.S b/arch/x86/kernel/entry_32.S index 43ceb3f454bf..d6f0490a7391 100644 --- a/arch/x86/kernel/entry_32.S +++ b/arch/x86/kernel/entry_32.S
@@ -619,28 +619,37 @@ END(syscall_badsys)
619	27:;	619	27:;
620		620
621	/*	621	/*
622	* Build the entry stubs and pointer table with	622	* Build the entry stubs and pointer table with some assembler magic.
623	* some assembler magic.	623	* We pack 7 stubs into a single 32-byte chunk, which will fit in a
		624	* single cache line on all modern x86 implementations.
624	*/	625	*/
625	.section .rodata,"a"	626	.section .init.rodata,"a"
626	ENTRY(interrupt)	627	ENTRY(interrupt)
627	.text	628	.text
628		629	.p2align 5
		630	.p2align CONFIG_X86_L1_CACHE_SHIFT
629	ENTRY(irq_entries_start)	631	ENTRY(irq_entries_start)
630	RING0_INT_FRAME	632	RING0_INT_FRAME
631	vector=0	633	vector=FIRST_EXTERNAL_VECTOR
632	.rept NR_VECTORS	634	.rept (NR_VECTORS-FIRST_EXTERNAL_VECTOR+6)/7
633	ALIGN	635	.balign 32
634	.if vector	636	.rept 7
		637	.if vector < NR_VECTORS
		638	.if vector <> FIRST_EXTERNAL_VECTOR
635	CFI_ADJUST_CFA_OFFSET -4	639	CFI_ADJUST_CFA_OFFSET -4
636	.endif	640	.endif
637	1: pushl $~(vector)	641	1: pushl $(~vector+0x80) /* Note: always in signed byte range */
638	CFI_ADJUST_CFA_OFFSET 4	642	CFI_ADJUST_CFA_OFFSET 4
639	jmp common_interrupt	643	.if ((vector-FIRST_EXTERNAL_VECTOR)%7) <> 6
640	.previous	644	jmp 2f
		645	.endif
		646	.previous
641	.long 1b	647	.long 1b
642	.text	648	.text
643	vector=vector+1	649	vector=vector+1
		650	.endif
		651	.endr
		652	2: jmp common_interrupt
644	.endr	653	.endr
645	END(irq_entries_start)	654	END(irq_entries_start)
646		655
@@ -652,8 +661,9 @@ END(interrupt)
652	* the CPU automatically disables interrupts when executing an IRQ vector,	661	* the CPU automatically disables interrupts when executing an IRQ vector,
653	* so IRQ-flags tracing has to follow that:	662	* so IRQ-flags tracing has to follow that:
654	*/	663	*/
655	ALIGN	664	.p2align CONFIG_X86_L1_CACHE_SHIFT
656	common_interrupt:	665	common_interrupt:
		666	addl $-0x80,(%esp) /* Adjust vector into the [-256,-1] range */
657	SAVE_ALL	667	SAVE_ALL
658	TRACE_IRQS_OFF	668	TRACE_IRQS_OFF
659	movl %esp,%eax	669	movl %esp,%eax
@@ -678,65 +688,6 @@ ENDPROC(name)
678	/* The include is where all of the SMP etc. interrupts come from */	688	/* The include is where all of the SMP etc. interrupts come from */
679	#include "entry_arch.h"	689	#include "entry_arch.h"
680		690
681	KPROBE_ENTRY(page_fault)
682	RING0_EC_FRAME
683	pushl $do_page_fault
684	CFI_ADJUST_CFA_OFFSET 4
685	ALIGN
686	error_code:
687	/* the function address is in %fs's slot on the stack */
688	pushl %es
689	CFI_ADJUST_CFA_OFFSET 4
690	/CFI_REL_OFFSET es, 0/
691	pushl %ds
692	CFI_ADJUST_CFA_OFFSET 4
693	/CFI_REL_OFFSET ds, 0/
694	pushl %eax
695	CFI_ADJUST_CFA_OFFSET 4
696	CFI_REL_OFFSET eax, 0
697	pushl %ebp
698	CFI_ADJUST_CFA_OFFSET 4
699	CFI_REL_OFFSET ebp, 0
700	pushl %edi
701	CFI_ADJUST_CFA_OFFSET 4
702	CFI_REL_OFFSET edi, 0
703	pushl %esi
704	CFI_ADJUST_CFA_OFFSET 4
705	CFI_REL_OFFSET esi, 0
706	pushl %edx
707	CFI_ADJUST_CFA_OFFSET 4
708	CFI_REL_OFFSET edx, 0
709	pushl %ecx
710	CFI_ADJUST_CFA_OFFSET 4
711	CFI_REL_OFFSET ecx, 0
712	pushl %ebx
713	CFI_ADJUST_CFA_OFFSET 4
714	CFI_REL_OFFSET ebx, 0
715	cld
716	pushl %fs
717	CFI_ADJUST_CFA_OFFSET 4
718	/CFI_REL_OFFSET fs, 0/
719	movl $(__KERNEL_PERCPU), %ecx
720	movl %ecx, %fs
721	UNWIND_ESPFIX_STACK
722	popl %ecx
723	CFI_ADJUST_CFA_OFFSET -4
724	/CFI_REGISTER es, ecx/
725	movl PT_FS(%esp), %edi # get the function address
726	movl PT_ORIG_EAX(%esp), %edx # get the error code
727	movl $-1, PT_ORIG_EAX(%esp) # no syscall to restart
728	mov %ecx, PT_FS(%esp)
729	/CFI_REL_OFFSET fs, ES/
730	movl $(__USER_DS), %ecx
731	movl %ecx, %ds
732	movl %ecx, %es
733	TRACE_IRQS_OFF
734	movl %esp,%eax # pt_regs pointer
735	call *%edi
736	jmp ret_from_exception
737	CFI_ENDPROC
738	KPROBE_END(page_fault)
739
740	ENTRY(coprocessor_error)	691	ENTRY(coprocessor_error)
741	RING0_INT_FRAME	692	RING0_INT_FRAME
742	pushl $0	693	pushl $0
@@ -767,140 +718,6 @@ ENTRY(device_not_available)
767	CFI_ENDPROC	718	CFI_ENDPROC
768	END(device_not_available)	719	END(device_not_available)
769		720
770	/*
771	* Debug traps and NMI can happen at the one SYSENTER instruction
772	* that sets up the real kernel stack. Check here, since we can't
773	* allow the wrong stack to be used.
774	*
775	* "TSS_sysenter_sp0+12" is because the NMI/debug handler will have
776	* already pushed 3 words if it hits on the sysenter instruction:
777	* eflags, cs and eip.
778	*
779	* We just load the right stack, and push the three (known) values
780	* by hand onto the new stack - while updating the return eip past
781	* the instruction that would have done it for sysenter.
782	*/
783	#define FIX_STACK(offset, ok, label) \
784	cmpw $__KERNEL_CS,4(%esp); \
785	jne ok; \
786	label: \
787	movl TSS_sysenter_sp0+offset(%esp),%esp; \
788	CFI_DEF_CFA esp, 0; \
789	CFI_UNDEFINED eip; \
790	pushfl; \
791	CFI_ADJUST_CFA_OFFSET 4; \
792	pushl $__KERNEL_CS; \
793	CFI_ADJUST_CFA_OFFSET 4; \
794	pushl $sysenter_past_esp; \
795	CFI_ADJUST_CFA_OFFSET 4; \
796	CFI_REL_OFFSET eip, 0
797
798	KPROBE_ENTRY(debug)
799	RING0_INT_FRAME
800	cmpl $ia32_sysenter_target,(%esp)
801	jne debug_stack_correct
802	FIX_STACK(12, debug_stack_correct, debug_esp_fix_insn)
803	debug_stack_correct:
804	pushl $-1 # mark this as an int
805	CFI_ADJUST_CFA_OFFSET 4
806	SAVE_ALL
807	TRACE_IRQS_OFF
808	xorl %edx,%edx # error code 0
809	movl %esp,%eax # pt_regs pointer
810	call do_debug
811	jmp ret_from_exception
812	CFI_ENDPROC
813	KPROBE_END(debug)
814
815	/*
816	* NMI is doubly nasty. It can happen _while_ we're handling
817	* a debug fault, and the debug fault hasn't yet been able to
818	* clear up the stack. So we first check whether we got an
819	* NMI on the sysenter entry path, but after that we need to
820	* check whether we got an NMI on the debug path where the debug
821	* fault happened on the sysenter path.
822	*/
823	KPROBE_ENTRY(nmi)
824	RING0_INT_FRAME
825	pushl %eax
826	CFI_ADJUST_CFA_OFFSET 4
827	movl %ss, %eax
828	cmpw $__ESPFIX_SS, %ax
829	popl %eax
830	CFI_ADJUST_CFA_OFFSET -4
831	je nmi_espfix_stack
832	cmpl $ia32_sysenter_target,(%esp)
833	je nmi_stack_fixup
834	pushl %eax
835	CFI_ADJUST_CFA_OFFSET 4
836	movl %esp,%eax
837	/* Do not access memory above the end of our stack page,
838	* it might not exist.
839	*/
840	andl $(THREAD_SIZE-1),%eax
841	cmpl $(THREAD_SIZE-20),%eax
842	popl %eax
843	CFI_ADJUST_CFA_OFFSET -4
844	jae nmi_stack_correct
845	cmpl $ia32_sysenter_target,12(%esp)
846	je nmi_debug_stack_check
847	nmi_stack_correct:
848	/* We have a RING0_INT_FRAME here */
849	pushl %eax
850	CFI_ADJUST_CFA_OFFSET 4
851	SAVE_ALL
852	TRACE_IRQS_OFF
853	xorl %edx,%edx # zero error code
854	movl %esp,%eax # pt_regs pointer
855	call do_nmi
856	jmp restore_nocheck_notrace
857	CFI_ENDPROC
858
859	nmi_stack_fixup:
860	RING0_INT_FRAME
861	FIX_STACK(12,nmi_stack_correct, 1)
862	jmp nmi_stack_correct
863
864	nmi_debug_stack_check:
865	/* We have a RING0_INT_FRAME here */
866	cmpw $__KERNEL_CS,16(%esp)
867	jne nmi_stack_correct
868	cmpl $debug,(%esp)
869	jb nmi_stack_correct
870	cmpl $debug_esp_fix_insn,(%esp)
871	ja nmi_stack_correct
872	FIX_STACK(24,nmi_stack_correct, 1)
873	jmp nmi_stack_correct
874
875	nmi_espfix_stack:
876	/* We have a RING0_INT_FRAME here.
877	*
878	* create the pointer to lss back
879	*/
880	pushl %ss
881	CFI_ADJUST_CFA_OFFSET 4
882	pushl %esp
883	CFI_ADJUST_CFA_OFFSET 4
884	addw $4, (%esp)
885	/* copy the iret frame of 12 bytes */
886	.rept 3
887	pushl 16(%esp)
888	CFI_ADJUST_CFA_OFFSET 4
889	.endr
890	pushl %eax
891	CFI_ADJUST_CFA_OFFSET 4
892	SAVE_ALL
893	TRACE_IRQS_OFF
894	FIXUP_ESPFIX_STACK # %eax == %esp
895	xorl %edx,%edx # zero error code
896	call do_nmi
897	RESTORE_REGS
898	lss 12+4(%esp), %esp # back to espfix stack
899	CFI_ADJUST_CFA_OFFSET -24
900	jmp irq_return
901	CFI_ENDPROC
902	KPROBE_END(nmi)
903
904	#ifdef CONFIG_PARAVIRT	721	#ifdef CONFIG_PARAVIRT
905	ENTRY(native_iret)	722	ENTRY(native_iret)
906	iret	723	iret
@@ -916,19 +733,6 @@ ENTRY(native_irq_enable_sysexit)
916	END(native_irq_enable_sysexit)	733	END(native_irq_enable_sysexit)
917	#endif	734	#endif
918		735
919	KPROBE_ENTRY(int3)
920	RING0_INT_FRAME
921	pushl $-1 # mark this as an int
922	CFI_ADJUST_CFA_OFFSET 4
923	SAVE_ALL
924	TRACE_IRQS_OFF
925	xorl %edx,%edx # zero error code
926	movl %esp,%eax # pt_regs pointer
927	call do_int3
928	jmp ret_from_exception
929	CFI_ENDPROC
930	KPROBE_END(int3)
931
932	ENTRY(overflow)	736	ENTRY(overflow)
933	RING0_INT_FRAME	737	RING0_INT_FRAME
934	pushl $0	738	pushl $0
@@ -993,14 +797,6 @@ ENTRY(stack_segment)
993	CFI_ENDPROC	797	CFI_ENDPROC
994	END(stack_segment)	798	END(stack_segment)
995		799
996	KPROBE_ENTRY(general_protection)
997	RING0_EC_FRAME
998	pushl $do_general_protection
999	CFI_ADJUST_CFA_OFFSET 4
1000	jmp error_code
1001	CFI_ENDPROC
1002	KPROBE_END(general_protection)
1003
1004	ENTRY(alignment_check)	800	ENTRY(alignment_check)
1005	RING0_EC_FRAME	801	RING0_EC_FRAME
1006	pushl $do_alignment_check	802	pushl $do_alignment_check
@@ -1051,6 +847,7 @@ ENTRY(kernel_thread_helper)
1051	push %eax	847	push %eax
1052	CFI_ADJUST_CFA_OFFSET 4	848	CFI_ADJUST_CFA_OFFSET 4
1053	call do_exit	849	call do_exit
		850	ud2 # padding for call trace
1054	CFI_ENDPROC	851	CFI_ENDPROC
1055	ENDPROC(kernel_thread_helper)	852	ENDPROC(kernel_thread_helper)
1056		853
@@ -1259,3 +1056,227 @@ return_to_handler:
1259	#include "syscall_table_32.S"	1056	#include "syscall_table_32.S"
1260		1057
1261	syscall_table_size=(.-sys_call_table)	1058	syscall_table_size=(.-sys_call_table)
		1059
		1060	/*
		1061	* Some functions should be protected against kprobes
		1062	*/
		1063	.pushsection .kprobes.text, "ax"
		1064
		1065	ENTRY(page_fault)
		1066	RING0_EC_FRAME
		1067	pushl $do_page_fault
		1068	CFI_ADJUST_CFA_OFFSET 4
		1069	ALIGN
		1070	error_code:
		1071	/* the function address is in %fs's slot on the stack */
		1072	pushl %es
		1073	CFI_ADJUST_CFA_OFFSET 4
		1074	/CFI_REL_OFFSET es, 0/
		1075	pushl %ds
		1076	CFI_ADJUST_CFA_OFFSET 4
		1077	/CFI_REL_OFFSET ds, 0/
		1078	pushl %eax
		1079	CFI_ADJUST_CFA_OFFSET 4
		1080	CFI_REL_OFFSET eax, 0
		1081	pushl %ebp
		1082	CFI_ADJUST_CFA_OFFSET 4
		1083	CFI_REL_OFFSET ebp, 0
		1084	pushl %edi
		1085	CFI_ADJUST_CFA_OFFSET 4
		1086	CFI_REL_OFFSET edi, 0
		1087	pushl %esi
		1088	CFI_ADJUST_CFA_OFFSET 4
		1089	CFI_REL_OFFSET esi, 0
		1090	pushl %edx
		1091	CFI_ADJUST_CFA_OFFSET 4
		1092	CFI_REL_OFFSET edx, 0
		1093	pushl %ecx
		1094	CFI_ADJUST_CFA_OFFSET 4
		1095	CFI_REL_OFFSET ecx, 0
		1096	pushl %ebx
		1097	CFI_ADJUST_CFA_OFFSET 4
		1098	CFI_REL_OFFSET ebx, 0
		1099	cld
		1100	pushl %fs
		1101	CFI_ADJUST_CFA_OFFSET 4
		1102	/CFI_REL_OFFSET fs, 0/
		1103	movl $(__KERNEL_PERCPU), %ecx
		1104	movl %ecx, %fs
		1105	UNWIND_ESPFIX_STACK
		1106	popl %ecx
		1107	CFI_ADJUST_CFA_OFFSET -4
		1108	/CFI_REGISTER es, ecx/
		1109	movl PT_FS(%esp), %edi # get the function address
		1110	movl PT_ORIG_EAX(%esp), %edx # get the error code
		1111	movl $-1, PT_ORIG_EAX(%esp) # no syscall to restart
		1112	mov %ecx, PT_FS(%esp)
		1113	/CFI_REL_OFFSET fs, ES/
		1114	movl $(__USER_DS), %ecx
		1115	movl %ecx, %ds
		1116	movl %ecx, %es
		1117	TRACE_IRQS_OFF
		1118	movl %esp,%eax # pt_regs pointer
		1119	call *%edi
		1120	jmp ret_from_exception
		1121	CFI_ENDPROC
		1122	END(page_fault)
		1123
		1124	/*
		1125	* Debug traps and NMI can happen at the one SYSENTER instruction
		1126	* that sets up the real kernel stack. Check here, since we can't
		1127	* allow the wrong stack to be used.
		1128	*
		1129	* "TSS_sysenter_sp0+12" is because the NMI/debug handler will have
		1130	* already pushed 3 words if it hits on the sysenter instruction:
		1131	* eflags, cs and eip.
		1132	*
		1133	* We just load the right stack, and push the three (known) values
		1134	* by hand onto the new stack - while updating the return eip past
		1135	* the instruction that would have done it for sysenter.
		1136	*/
		1137	#define FIX_STACK(offset, ok, label) \
		1138	cmpw $__KERNEL_CS,4(%esp); \
		1139	jne ok; \
		1140	label: \
		1141	movl TSS_sysenter_sp0+offset(%esp),%esp; \
		1142	CFI_DEF_CFA esp, 0; \
		1143	CFI_UNDEFINED eip; \
		1144	pushfl; \
		1145	CFI_ADJUST_CFA_OFFSET 4; \
		1146	pushl $__KERNEL_CS; \
		1147	CFI_ADJUST_CFA_OFFSET 4; \
		1148	pushl $sysenter_past_esp; \
		1149	CFI_ADJUST_CFA_OFFSET 4; \
		1150	CFI_REL_OFFSET eip, 0
		1151
		1152	ENTRY(debug)
		1153	RING0_INT_FRAME
		1154	cmpl $ia32_sysenter_target,(%esp)
		1155	jne debug_stack_correct
		1156	FIX_STACK(12, debug_stack_correct, debug_esp_fix_insn)
		1157	debug_stack_correct:
		1158	pushl $-1 # mark this as an int
		1159	CFI_ADJUST_CFA_OFFSET 4
		1160	SAVE_ALL
		1161	TRACE_IRQS_OFF
		1162	xorl %edx,%edx # error code 0
		1163	movl %esp,%eax # pt_regs pointer
		1164	call do_debug
		1165	jmp ret_from_exception
		1166	CFI_ENDPROC
		1167	END(debug)
		1168
		1169	/*
		1170	* NMI is doubly nasty. It can happen _while_ we're handling
		1171	* a debug fault, and the debug fault hasn't yet been able to
		1172	* clear up the stack. So we first check whether we got an
		1173	* NMI on the sysenter entry path, but after that we need to
		1174	* check whether we got an NMI on the debug path where the debug
		1175	* fault happened on the sysenter path.
		1176	*/
		1177	ENTRY(nmi)
		1178	RING0_INT_FRAME
		1179	pushl %eax
		1180	CFI_ADJUST_CFA_OFFSET 4
		1181	movl %ss, %eax
		1182	cmpw $__ESPFIX_SS, %ax
		1183	popl %eax
		1184	CFI_ADJUST_CFA_OFFSET -4
		1185	je nmi_espfix_stack
		1186	cmpl $ia32_sysenter_target,(%esp)
		1187	je nmi_stack_fixup
		1188	pushl %eax
		1189	CFI_ADJUST_CFA_OFFSET 4
		1190	movl %esp,%eax
		1191	/* Do not access memory above the end of our stack page,
		1192	* it might not exist.
		1193	*/
		1194	andl $(THREAD_SIZE-1),%eax
		1195	cmpl $(THREAD_SIZE-20),%eax
		1196	popl %eax
		1197	CFI_ADJUST_CFA_OFFSET -4
		1198	jae nmi_stack_correct
		1199	cmpl $ia32_sysenter_target,12(%esp)
		1200	je nmi_debug_stack_check
		1201	nmi_stack_correct:
		1202	/* We have a RING0_INT_FRAME here */
		1203	pushl %eax
		1204	CFI_ADJUST_CFA_OFFSET 4
		1205	SAVE_ALL
		1206	TRACE_IRQS_OFF
		1207	xorl %edx,%edx # zero error code
		1208	movl %esp,%eax # pt_regs pointer
		1209	call do_nmi
		1210	jmp restore_nocheck_notrace
		1211	CFI_ENDPROC
		1212
		1213	nmi_stack_fixup:
		1214	RING0_INT_FRAME
		1215	FIX_STACK(12,nmi_stack_correct, 1)
		1216	jmp nmi_stack_correct
		1217
		1218	nmi_debug_stack_check:
		1219	/* We have a RING0_INT_FRAME here */
		1220	cmpw $__KERNEL_CS,16(%esp)
		1221	jne nmi_stack_correct
		1222	cmpl $debug,(%esp)
		1223	jb nmi_stack_correct
		1224	cmpl $debug_esp_fix_insn,(%esp)
		1225	ja nmi_stack_correct
		1226	FIX_STACK(24,nmi_stack_correct, 1)
		1227	jmp nmi_stack_correct
		1228
		1229	nmi_espfix_stack:
		1230	/* We have a RING0_INT_FRAME here.
		1231	*
		1232	* create the pointer to lss back
		1233	*/
		1234	pushl %ss
		1235	CFI_ADJUST_CFA_OFFSET 4
		1236	pushl %esp
		1237	CFI_ADJUST_CFA_OFFSET 4
		1238	addw $4, (%esp)
		1239	/* copy the iret frame of 12 bytes */
		1240	.rept 3
		1241	pushl 16(%esp)
		1242	CFI_ADJUST_CFA_OFFSET 4
		1243	.endr
		1244	pushl %eax
		1245	CFI_ADJUST_CFA_OFFSET 4
		1246	SAVE_ALL
		1247	TRACE_IRQS_OFF
		1248	FIXUP_ESPFIX_STACK # %eax == %esp
		1249	xorl %edx,%edx # zero error code
		1250	call do_nmi
		1251	RESTORE_REGS
		1252	lss 12+4(%esp), %esp # back to espfix stack
		1253	CFI_ADJUST_CFA_OFFSET -24
		1254	jmp irq_return
		1255	CFI_ENDPROC
		1256	END(nmi)
		1257
		1258	ENTRY(int3)
		1259	RING0_INT_FRAME
		1260	pushl $-1 # mark this as an int
		1261	CFI_ADJUST_CFA_OFFSET 4
		1262	SAVE_ALL
		1263	TRACE_IRQS_OFF
		1264	xorl %edx,%edx # zero error code
		1265	movl %esp,%eax # pt_regs pointer
		1266	call do_int3
		1267	jmp ret_from_exception
		1268	CFI_ENDPROC
		1269	END(int3)
		1270
		1271	ENTRY(general_protection)
		1272	RING0_EC_FRAME
		1273	pushl $do_general_protection
		1274	CFI_ADJUST_CFA_OFFSET 4
		1275	jmp error_code
		1276	CFI_ENDPROC
		1277	END(general_protection)
		1278
		1279	/*
		1280	* End of kprobes section
		1281	*/
		1282	.popsection