Doug / smarc-fsl-linux-kernel | Embedian Git Server

Commit bc2b0331e077f576369a2b6c75d15ed4de4ef91f

Authored by K. Y. Srinivasan 2013-02-04 09:22:39 +0800

Committed by H. Peter Anvin 2013-02-13 08:27:15 +0800

Exists in smarc-l5.0.0_1.0.0-ga and in 5 other branches

X86: Handle Hyper-V vmbus interrupts as special hypervisor interrupts

Starting with win8, vmbus interrupts can be delivered on any VCPU in the guest
and furthermore can be concurrently active on multiple VCPUs. Support this
interrupt delivery model by setting up a separate IDT entry for Hyper-V vmbus.
interrupts. I would like to thank Jan Beulich <JBeulich@suse.com> and
Thomas Gleixner <tglx@linutronix.de>, for their help.

In this version of the patch, based on the feedback, I have merged the IDT
vector for Xen and Hyper-V and made the necessary adjustments. Furhermore,
based on Jan's feedback I have added the necessary compilation switches.

Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
Link: http://lkml.kernel.org/r/1359940959-32168-3-git-send-email-kys@microsoft.com
Signed-off-by: H. Peter Anvin <hpa@linux.intel.com>

Showing 6 changed files with 68 additions and 7 deletions Inline Diff

arch/x86/include/asm/irq_vectors.h
arch/x86/include/asm/mshyperv.h
arch/x86/kernel/cpu/mshyperv.c
arch/x86/kernel/entry_32.S
arch/x86/kernel/entry_64.S
drivers/xen/events.c

arch/x86/include/asm/irq_vectors.h

Diff comments View file @ bc2b033

arch/x86/include/asm/mshyperv.h

Diff comments View file @ bc2b033

 #ifndef _ASM_X86_MSHYPER_H
 #define _ASM_X86_MSHYPER_H
 #include <linux/types.h>
 #include <asm/hyperv.h>
 struct ms_hyperv_info {
 	u32 features;
 	u32 hints;
 };
 extern struct ms_hyperv_info ms_hyperv;
+void hyperv_callback_vector(void);
+void hyperv_vector_handler(struct pt_regs *regs);
+void hv_register_vmbus_handler(int irq, irq_handler_t handler);
 #endif

arch/x86/kernel/cpu/mshyperv.c

Diff comments View file @ bc2b033

 /*
  * HyperV  Detection code.
  *
  * Copyright (C) 2010, Novell, Inc.
  * Author : K. Y. Srinivasan <ksrinivasan@novell.com>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
  * the Free Software Foundation; version 2 of the License.
  *
  */
 #include <linux/types.h>
 #include <linux/time.h>
 #include <linux/clocksource.h>
 #include <linux/module.h>
+#include <linux/hardirq.h>
+#include <linux/interrupt.h>
 #include <asm/processor.h>
 #include <asm/hypervisor.h>
 #include <asm/hyperv.h>
 #include <asm/mshyperv.h>
+#include <asm/desc.h>
+#include <asm/idle.h>
+#include <asm/irq_regs.h>
 struct ms_hyperv_info ms_hyperv;
 EXPORT_SYMBOL_GPL(ms_hyperv);
 static bool __init ms_hyperv_platform(void)
 {
 	u32 eax;
 	u32 hyp_signature[3];
 	if (!boot_cpu_has(X86_FEATURE_HYPERVISOR))
 		return false;
 	/*
 	 * Xen emulates Hyper-V to support enlightened Windows.
 	 * Check to see first if we are on a Xen Hypervisor.
 	 */
 	if (xen_cpuid_base())
 		return false;
 	cpuid(HYPERV_CPUID_VENDOR_AND_MAX_FUNCTIONS,
 	      &eax, &hyp_signature[0], &hyp_signature[1], &hyp_signature[2]);
 	return eax >= HYPERV_CPUID_MIN &&
 		eax <= HYPERV_CPUID_MAX &&
 		!memcmp("Microsoft Hv", hyp_signature, 12);
 }
 static cycle_t read_hv_clock(struct clocksource *arg)
 {
 	cycle_t current_tick;
 	/*
 	 * Read the partition counter to get the current tick count. This count
 	 * is set to 0 when the partition is created and is incremented in
 	 * 100 nanosecond units.
 	 */
 	rdmsrl(HV_X64_MSR_TIME_REF_COUNT, current_tick);
 	return current_tick;
 }
 static struct clocksource hyperv_cs = {
 	.name		= "hyperv_clocksource",
 	.rating		= 400, /* use this when running on Hyperv*/
 	.read		= read_hv_clock,
 	.mask		= CLOCKSOURCE_MASK(64),
 };
 static void __init ms_hyperv_init_platform(void)
 {
 	/*
 	 * Extract the features and hints
 	 */
 	ms_hyperv.features = cpuid_eax(HYPERV_CPUID_FEATURES);
 	ms_hyperv.hints    = cpuid_eax(HYPERV_CPUID_ENLIGHTMENT_INFO);
 	printk(KERN_INFO "HyperV: features 0x%x, hints 0x%x\n",
 	       ms_hyperv.features, ms_hyperv.hints);
 	if (ms_hyperv.features & HV_X64_MSR_TIME_REF_COUNT_AVAILABLE)
 		clocksource_register_hz(&hyperv_cs, NSEC_PER_SEC/100);
+#if IS_ENABLED(CONFIG_HYPERV)
+	/*
+	 * Setup the IDT for hypervisor callback.
+	 */
+	alloc_intr_gate(HYPERVISOR_CALLBACK_VECTOR, hyperv_callback_vector);
+#endif
 }
 const __refconst struct hypervisor_x86 x86_hyper_ms_hyperv = {
 	.name			= "Microsoft HyperV",
 	.detect			= ms_hyperv_platform,
 	.init_platform		= ms_hyperv_init_platform,
 };
 EXPORT_SYMBOL(x86_hyper_ms_hyperv);
+#if IS_ENABLED(CONFIG_HYPERV)
+static int vmbus_irq = -1;
+static irq_handler_t vmbus_isr;
+void hv_register_vmbus_handler(int irq, irq_handler_t handler)
+{
+	vmbus_irq = irq;
+	vmbus_isr = handler;
+}
+void hyperv_vector_handler(struct pt_regs *regs)
+{
+	struct pt_regs *old_regs = set_irq_regs(regs);
+	struct irq_desc *desc;
+	irq_enter();
+	exit_idle();
+	desc = irq_to_desc(vmbus_irq);
+	if (desc)
+		generic_handle_irq_desc(vmbus_irq, desc);
+	irq_exit();
+	set_irq_regs(old_regs);
+}
+#else
+void hv_register_vmbus_handler(int irq, irq_handler_t handler)
+{
+}
+#endif
+EXPORT_SYMBOL_GPL(hv_register_vmbus_handler);

arch/x86/kernel/entry_32.S

Diff comments View file @ bc2b033

 /*
  *
  *  Copyright (C) 1991, 1992  Linus Torvalds
  */
 /*
  * entry.S contains the system-call and fault low-level handling routines.
  * This also contains the timer-interrupt handler, as well as all interrupts
  * and faults that can result in a task-switch.
  *
  * NOTE: This code handles signal-recognition, which happens every time
  * after a timer-interrupt and after each system call.
  *
  * I changed all the .align's to 4 (16 byte alignment), as that's faster
  * on a 486.
  *
  * Stack layout in 'syscall_exit':
  * 	ptrace needs to have all regs on the stack.
  *	if the order here is changed, it needs to be
  *	updated in fork.c:copy_process, signal.c:do_signal,
  *	ptrace.c and ptrace.h
  *
  *	 0(%esp) - %ebx
  *	 4(%esp) - %ecx
  *	 8(%esp) - %edx
  *       C(%esp) - %esi
  *	10(%esp) - %edi
  *	14(%esp) - %ebp
  *	18(%esp) - %eax
  *	1C(%esp) - %ds
  *	20(%esp) - %es
  *	24(%esp) - %fs
  *	28(%esp) - %gs		saved iff !CONFIG_X86_32_LAZY_GS
  *	2C(%esp) - orig_eax
  *	30(%esp) - %eip
  *	34(%esp) - %cs
  *	38(%esp) - %eflags
  *	3C(%esp) - %oldesp
  *	40(%esp) - %oldss
  *
  * "current" is in register %ebx during any slow entries.
  */
 #include <linux/linkage.h>
 #include <linux/err.h>
 #include <asm/thread_info.h>
 #include <asm/irqflags.h>
 #include <asm/errno.h>
 #include <asm/segment.h>
 #include <asm/smp.h>
 #include <asm/page_types.h>
 #include <asm/percpu.h>
 #include <asm/dwarf2.h>
 #include <asm/processor-flags.h>
 #include <asm/ftrace.h>
 #include <asm/irq_vectors.h>
 #include <asm/cpufeature.h>
 #include <asm/alternative-asm.h>
 #include <asm/asm.h>
 #include <asm/smap.h>
 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this.  */
 #include <linux/elf-em.h>
 #define AUDIT_ARCH_I386		(EM_386|__AUDIT_ARCH_LE)
 #define __AUDIT_ARCH_LE	   0x40000000
 #ifndef CONFIG_AUDITSYSCALL
 #define sysenter_audit	syscall_trace_entry
 #define sysexit_audit	syscall_exit_work
 #endif
 	.section .entry.text, "ax"
 /*
  * We use macros for low-level operations which need to be overridden
  * for paravirtualization.  The following will never clobber any registers:
  *   INTERRUPT_RETURN (aka. "iret")
  *   GET_CR0_INTO_EAX (aka. "movl %cr0, %eax")
  *   ENABLE_INTERRUPTS_SYSEXIT (aka "sti; sysexit").
  *
  * For DISABLE_INTERRUPTS/ENABLE_INTERRUPTS (aka "cli"/"sti"), you must
  * specify what registers can be overwritten (CLBR_NONE, CLBR_EAX/EDX/ECX/ANY).
  * Allowing a register to be clobbered can shrink the paravirt replacement
  * enough to patch inline, increasing performance.
  */
 #ifdef CONFIG_PREEMPT
 #define preempt_stop(clobbers)	DISABLE_INTERRUPTS(clobbers); TRACE_IRQS_OFF
 #else
 #define preempt_stop(clobbers)
 #define resume_kernel		restore_all
 #endif
 .macro TRACE_IRQS_IRET
 #ifdef CONFIG_TRACE_IRQFLAGS
 	testl $X86_EFLAGS_IF,PT_EFLAGS(%esp)     # interrupts off?
 	jz 1f
 	TRACE_IRQS_ON
 1:
 #endif
 .endm
 /*
  * User gs save/restore
  *
  * %gs is used for userland TLS and kernel only uses it for stack
  * canary which is required to be at %gs:20 by gcc.  Read the comment
  * at the top of stackprotector.h for more info.
  *
  * Local labels 98 and 99 are used.
  */
 #ifdef CONFIG_X86_32_LAZY_GS
  /* unfortunately push/pop can't be no-op */
 .macro PUSH_GS
 	pushl_cfi $0
 .endm
 .macro POP_GS pop=0
 	addl $(4 + \pop), %esp
 	CFI_ADJUST_CFA_OFFSET -(4 + \pop)
 .endm
 .macro POP_GS_EX
 .endm
  /* all the rest are no-op */
 .macro PTGS_TO_GS
 .endm
 .macro PTGS_TO_GS_EX
 .endm
 .macro GS_TO_REG reg
 .endm
 .macro REG_TO_PTGS reg
 .endm
 .macro SET_KERNEL_GS reg
 .endm
 #else	/* CONFIG_X86_32_LAZY_GS */
 .macro PUSH_GS
 	pushl_cfi %gs
 	/*CFI_REL_OFFSET gs, 0*/
 .endm
 .macro POP_GS pop=0
 98:	popl_cfi %gs
 	/*CFI_RESTORE gs*/
   .if \pop <> 0
 	add $\pop, %esp
 	CFI_ADJUST_CFA_OFFSET -\pop
   .endif
 .endm
 .macro POP_GS_EX
 .pushsection .fixup, "ax"
 99:	movl $0, (%esp)
 	jmp 98b
 .popsection
 	_ASM_EXTABLE(98b,99b)
 .endm
 .macro PTGS_TO_GS
 98:	mov PT_GS(%esp), %gs
 .endm
 .macro PTGS_TO_GS_EX
 .pushsection .fixup, "ax"
 99:	movl $0, PT_GS(%esp)
 	jmp 98b
 .popsection
 	_ASM_EXTABLE(98b,99b)
 .endm
 .macro GS_TO_REG reg
 	movl %gs, \reg
 	/*CFI_REGISTER gs, \reg*/
 .endm
 .macro REG_TO_PTGS reg
 	movl \reg, PT_GS(%esp)
 	/*CFI_REL_OFFSET gs, PT_GS*/
 .endm
 .macro SET_KERNEL_GS reg
 	movl $(__KERNEL_STACK_CANARY), \reg
 	movl \reg, %gs
 .endm
 #endif	/* CONFIG_X86_32_LAZY_GS */
 .macro SAVE_ALL
 	cld
 	PUSH_GS
 	pushl_cfi %fs
 	/*CFI_REL_OFFSET fs, 0;*/
 	pushl_cfi %es
 	/*CFI_REL_OFFSET es, 0;*/
 	pushl_cfi %ds
 	/*CFI_REL_OFFSET ds, 0;*/
 	pushl_cfi %eax
 	CFI_REL_OFFSET eax, 0
 	pushl_cfi %ebp
 	CFI_REL_OFFSET ebp, 0
 	pushl_cfi %edi
 	CFI_REL_OFFSET edi, 0
 	pushl_cfi %esi
 	CFI_REL_OFFSET esi, 0
 	pushl_cfi %edx
 	CFI_REL_OFFSET edx, 0
 	pushl_cfi %ecx
 	CFI_REL_OFFSET ecx, 0
 	pushl_cfi %ebx
 	CFI_REL_OFFSET ebx, 0
 	movl $(__USER_DS), %edx
 	movl %edx, %ds
 	movl %edx, %es
 	movl $(__KERNEL_PERCPU), %edx
 	movl %edx, %fs
 	SET_KERNEL_GS %edx
 .endm
 .macro RESTORE_INT_REGS
 	popl_cfi %ebx
 	CFI_RESTORE ebx
 	popl_cfi %ecx
 	CFI_RESTORE ecx
 	popl_cfi %edx
 	CFI_RESTORE edx
 	popl_cfi %esi
 	CFI_RESTORE esi
 	popl_cfi %edi
 	CFI_RESTORE edi
 	popl_cfi %ebp
 	CFI_RESTORE ebp
 	popl_cfi %eax
 	CFI_RESTORE eax
 .endm
 .macro RESTORE_REGS pop=0
 	RESTORE_INT_REGS
 1:	popl_cfi %ds
 	/*CFI_RESTORE ds;*/
 2:	popl_cfi %es
 	/*CFI_RESTORE es;*/
 3:	popl_cfi %fs
 	/*CFI_RESTORE fs;*/
 	POP_GS \pop
 .pushsection .fixup, "ax"
 4:	movl $0, (%esp)
 	jmp 1b
 5:	movl $0, (%esp)
 	jmp 2b
 6:	movl $0, (%esp)
 	jmp 3b
 .popsection
 	_ASM_EXTABLE(1b,4b)
 	_ASM_EXTABLE(2b,5b)
 	_ASM_EXTABLE(3b,6b)
 	POP_GS_EX
 .endm
 .macro RING0_INT_FRAME
 	CFI_STARTPROC simple
 	CFI_SIGNAL_FRAME
 	CFI_DEF_CFA esp, 3*4
 	/*CFI_OFFSET cs, -2*4;*/
 	CFI_OFFSET eip, -3*4
 .endm
 .macro RING0_EC_FRAME
 	CFI_STARTPROC simple
 	CFI_SIGNAL_FRAME
 	CFI_DEF_CFA esp, 4*4
 	/*CFI_OFFSET cs, -2*4;*/
 	CFI_OFFSET eip, -3*4
 .endm
 .macro RING0_PTREGS_FRAME
 	CFI_STARTPROC simple
 	CFI_SIGNAL_FRAME
 	CFI_DEF_CFA esp, PT_OLDESP-PT_EBX
 	/*CFI_OFFSET cs, PT_CS-PT_OLDESP;*/
 	CFI_OFFSET eip, PT_EIP-PT_OLDESP
 	/*CFI_OFFSET es, PT_ES-PT_OLDESP;*/
 	/*CFI_OFFSET ds, PT_DS-PT_OLDESP;*/
 	CFI_OFFSET eax, PT_EAX-PT_OLDESP
 	CFI_OFFSET ebp, PT_EBP-PT_OLDESP
 	CFI_OFFSET edi, PT_EDI-PT_OLDESP
 	CFI_OFFSET esi, PT_ESI-PT_OLDESP
 	CFI_OFFSET edx, PT_EDX-PT_OLDESP
 	CFI_OFFSET ecx, PT_ECX-PT_OLDESP
 	CFI_OFFSET ebx, PT_EBX-PT_OLDESP
 .endm
 ENTRY(ret_from_fork)
 	CFI_STARTPROC
 	pushl_cfi %eax
 	call schedule_tail
 	GET_THREAD_INFO(%ebp)
 	popl_cfi %eax
 	pushl_cfi $0x0202		# Reset kernel eflags
 	popfl_cfi
 	jmp syscall_exit
 	CFI_ENDPROC
 END(ret_from_fork)
 ENTRY(ret_from_kernel_thread)
 	CFI_STARTPROC
 	pushl_cfi %eax
 	call schedule_tail
 	GET_THREAD_INFO(%ebp)
 	popl_cfi %eax
 	pushl_cfi $0x0202		# Reset kernel eflags
 	popfl_cfi
 	movl PT_EBP(%esp),%eax
 	call *PT_EBX(%esp)
 	movl $0,PT_EAX(%esp)
 	jmp syscall_exit
 	CFI_ENDPROC
 ENDPROC(ret_from_kernel_thread)
 /*
  * Interrupt exit functions should be protected against kprobes
  */
 	.pushsection .kprobes.text, "ax"
 /*
  * Return to user mode is not as complex as all this looks,
  * but we want the default path for a system call return to
  * go as quickly as possible which is why some of this is
  * less clear than it otherwise should be.
  */
 	# userspace resumption stub bypassing syscall exit tracing
 	ALIGN
 	RING0_PTREGS_FRAME
 ret_from_exception:
 	preempt_stop(CLBR_ANY)
 ret_from_intr:
 	GET_THREAD_INFO(%ebp)
 #ifdef CONFIG_VM86
 	movl PT_EFLAGS(%esp), %eax	# mix EFLAGS and CS
 	movb PT_CS(%esp), %al
 	andl $(X86_EFLAGS_VM | SEGMENT_RPL_MASK), %eax
 #else
 	/*
 	 * We can be coming here from child spawned by kernel_thread().
 	 */
 	movl PT_CS(%esp), %eax
 	andl $SEGMENT_RPL_MASK, %eax
 #endif
 	cmpl $USER_RPL, %eax
 	jb resume_kernel		# not returning to v8086 or userspace
 ENTRY(resume_userspace)
 	LOCKDEP_SYS_EXIT
  	DISABLE_INTERRUPTS(CLBR_ANY)	# make sure we don't miss an interrupt
 					# setting need_resched or sigpending
 					# between sampling and the iret
 	TRACE_IRQS_OFF
 	movl TI_flags(%ebp), %ecx
 	andl $_TIF_WORK_MASK, %ecx	# is there any work to be done on
 					# int/exception return?
 	jne work_pending
 	jmp restore_all
 END(ret_from_exception)
 #ifdef CONFIG_PREEMPT
 ENTRY(resume_kernel)
 	DISABLE_INTERRUPTS(CLBR_ANY)
 	cmpl $0,TI_preempt_count(%ebp)	# non-zero preempt_count ?
 	jnz restore_all
 need_resched:
 	movl TI_flags(%ebp), %ecx	# need_resched set ?
 	testb $_TIF_NEED_RESCHED, %cl
 	jz restore_all
 	testl $X86_EFLAGS_IF,PT_EFLAGS(%esp)	# interrupts off (exception path) ?
 	jz restore_all
 	call preempt_schedule_irq
 	jmp need_resched
 END(resume_kernel)
 #endif
 	CFI_ENDPROC
 /*
  * End of kprobes section
  */
 	.popsection
 /* SYSENTER_RETURN points to after the "sysenter" instruction in
    the vsyscall page.  See vsyscall-sysentry.S, which defines the symbol.  */
 	# sysenter call handler stub
 ENTRY(ia32_sysenter_target)
 	CFI_STARTPROC simple
 	CFI_SIGNAL_FRAME
 	CFI_DEF_CFA esp, 0
 	CFI_REGISTER esp, ebp
 	movl TSS_sysenter_sp0(%esp),%esp
 sysenter_past_esp:
 	/*
 	 * Interrupts are disabled here, but we can't trace it until
 	 * enough kernel state to call TRACE_IRQS_OFF can be called - but
 	 * we immediately enable interrupts at that point anyway.
 	 */
 	pushl_cfi $__USER_DS
 	/*CFI_REL_OFFSET ss, 0*/
 	pushl_cfi %ebp
 	CFI_REL_OFFSET esp, 0
 	pushfl_cfi
 	orl $X86_EFLAGS_IF, (%esp)
 	pushl_cfi $__USER_CS
 	/*CFI_REL_OFFSET cs, 0*/
 	/*
 	 * Push current_thread_info()->sysenter_return to the stack.
 	 * A tiny bit of offset fixup is necessary - 4*4 means the 4 words
 	 * pushed above; +8 corresponds to copy_thread's esp0 setting.
 	 */
 	pushl_cfi ((TI_sysenter_return)-THREAD_SIZE+8+4*4)(%esp)
 	CFI_REL_OFFSET eip, 0
 	pushl_cfi %eax
 	SAVE_ALL
 	ENABLE_INTERRUPTS(CLBR_NONE)
 /*
  * Load the potential sixth argument from user stack.
  * Careful about security.
  */
 	cmpl $__PAGE_OFFSET-3,%ebp
 	jae syscall_fault
 	ASM_STAC
 1:	movl (%ebp),%ebp
 	ASM_CLAC
 	movl %ebp,PT_EBP(%esp)
 	_ASM_EXTABLE(1b,syscall_fault)
 	GET_THREAD_INFO(%ebp)
 	testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%ebp)
 	jnz sysenter_audit
 sysenter_do_call:
 	cmpl $(NR_syscalls), %eax
 	jae syscall_badsys
 	call *sys_call_table(,%eax,4)
 	movl %eax,PT_EAX(%esp)
 	LOCKDEP_SYS_EXIT
 	DISABLE_INTERRUPTS(CLBR_ANY)
 	TRACE_IRQS_OFF
 	movl TI_flags(%ebp), %ecx
 	testl $_TIF_ALLWORK_MASK, %ecx
 	jne sysexit_audit
 sysenter_exit:
 /* if something modifies registers it must also disable sysexit */
 	movl PT_EIP(%esp), %edx
 	movl PT_OLDESP(%esp), %ecx
 	xorl %ebp,%ebp
 	TRACE_IRQS_ON
 1:	mov  PT_FS(%esp), %fs
 	PTGS_TO_GS
 	ENABLE_INTERRUPTS_SYSEXIT
 #ifdef CONFIG_AUDITSYSCALL
 sysenter_audit:
 	testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT),TI_flags(%ebp)
 	jnz syscall_trace_entry
 	addl $4,%esp
 	CFI_ADJUST_CFA_OFFSET -4
 	/* %esi already in 8(%esp)	   6th arg: 4th syscall arg */
 	/* %edx already in 4(%esp)	   5th arg: 3rd syscall arg */
 	/* %ecx already in 0(%esp)	   4th arg: 2nd syscall arg */
 	movl %ebx,%ecx			/* 3rd arg: 1st syscall arg */
 	movl %eax,%edx			/* 2nd arg: syscall number */
 	movl $AUDIT_ARCH_I386,%eax	/* 1st arg: audit arch */
 	call __audit_syscall_entry
 	pushl_cfi %ebx
 	movl PT_EAX(%esp),%eax		/* reload syscall number */
 	jmp sysenter_do_call
 sysexit_audit:
 	testl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT), %ecx
 	jne syscall_exit_work
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_ANY)
 	movl %eax,%edx		/* second arg, syscall return value */
 	cmpl $-MAX_ERRNO,%eax	/* is it an error ? */
 	setbe %al		/* 1 if so, 0 if not */
 	movzbl %al,%eax		/* zero-extend that */
 	call __audit_syscall_exit
 	DISABLE_INTERRUPTS(CLBR_ANY)
 	TRACE_IRQS_OFF
 	movl TI_flags(%ebp), %ecx
 	testl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT), %ecx
 	jne syscall_exit_work
 	movl PT_EAX(%esp),%eax	/* reload syscall return value */
 	jmp sysenter_exit
 #endif
 	CFI_ENDPROC
 .pushsection .fixup,"ax"
 2:	movl $0,PT_FS(%esp)
 	jmp 1b
 .popsection
 	_ASM_EXTABLE(1b,2b)
 	PTGS_TO_GS_EX
 ENDPROC(ia32_sysenter_target)
 /*
  * syscall stub including irq exit should be protected against kprobes
  */
 	.pushsection .kprobes.text, "ax"
 	# system call handler stub
 ENTRY(system_call)
 	RING0_INT_FRAME			# can't unwind into user space anyway
 	ASM_CLAC
 	pushl_cfi %eax			# save orig_eax
 	SAVE_ALL
 	GET_THREAD_INFO(%ebp)
 					# system call tracing in operation / emulation
 	testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags(%ebp)
 	jnz syscall_trace_entry
 	cmpl $(NR_syscalls), %eax
 	jae syscall_badsys
 syscall_call:
 	call *sys_call_table(,%eax,4)
 	movl %eax,PT_EAX(%esp)		# store the return value
 syscall_exit:
 	LOCKDEP_SYS_EXIT
 	DISABLE_INTERRUPTS(CLBR_ANY)	# make sure we don't miss an interrupt
 					# setting need_resched or sigpending
 					# between sampling and the iret
 	TRACE_IRQS_OFF
 	movl TI_flags(%ebp), %ecx
 	testl $_TIF_ALLWORK_MASK, %ecx	# current->work
 	jne syscall_exit_work
 restore_all:
 	TRACE_IRQS_IRET
 restore_all_notrace:
 	movl PT_EFLAGS(%esp), %eax	# mix EFLAGS, SS and CS
 	# Warning: PT_OLDSS(%esp) contains the wrong/random values if we
 	# are returning to the kernel.
 	# See comments in process.c:copy_thread() for details.
 	movb PT_OLDSS(%esp), %ah
 	movb PT_CS(%esp), %al
 	andl $(X86_EFLAGS_VM | (SEGMENT_TI_MASK << 8) | SEGMENT_RPL_MASK), %eax
 	cmpl $((SEGMENT_LDT << 8) | USER_RPL), %eax
 	CFI_REMEMBER_STATE
 	je ldt_ss			# returning to user-space with LDT SS
 restore_nocheck:
 	RESTORE_REGS 4			# skip orig_eax/error_code
 irq_return:
 	INTERRUPT_RETURN
 .section .fixup,"ax"
 ENTRY(iret_exc)
 	pushl $0			# no error code
 	pushl $do_iret_error
 	jmp error_code
 .previous
 	_ASM_EXTABLE(irq_return,iret_exc)
 	CFI_RESTORE_STATE
 ldt_ss:
 	larl PT_OLDSS(%esp), %eax
 	jnz restore_nocheck
 	testl $0x00400000, %eax		# returning to 32bit stack?
 	jnz restore_nocheck		# allright, normal return
 #ifdef CONFIG_PARAVIRT
 	/*
 	 * The kernel can't run on a non-flat stack if paravirt mode
 	 * is active.  Rather than try to fixup the high bits of
 	 * ESP, bypass this code entirely.  This may break DOSemu
 	 * and/or Wine support in a paravirt VM, although the option
 	 * is still available to implement the setting of the high
 	 * 16-bits in the INTERRUPT_RETURN paravirt-op.
 	 */
 	cmpl $0, pv_info+PARAVIRT_enabled
 	jne restore_nocheck
 #endif
 /*
  * Setup and switch to ESPFIX stack
  *
  * We're returning to userspace with a 16 bit stack. The CPU will not
  * restore the high word of ESP for us on executing iret... This is an
  * "official" bug of all the x86-compatible CPUs, which we can work
  * around to make dosemu and wine happy. We do this by preloading the
  * high word of ESP with the high word of the userspace ESP while
  * compensating for the offset by changing to the ESPFIX segment with
  * a base address that matches for the difference.
  */
 #define GDT_ESPFIX_SS PER_CPU_VAR(gdt_page) + (GDT_ENTRY_ESPFIX_SS * 8)
 	mov %esp, %edx			/* load kernel esp */
 	mov PT_OLDESP(%esp), %eax	/* load userspace esp */
 	mov %dx, %ax			/* eax: new kernel esp */
 	sub %eax, %edx			/* offset (low word is 0) */
 	shr $16, %edx
 	mov %dl, GDT_ESPFIX_SS + 4 /* bits 16..23 */
 	mov %dh, GDT_ESPFIX_SS + 7 /* bits 24..31 */
 	pushl_cfi $__ESPFIX_SS
 	pushl_cfi %eax			/* new kernel esp */
 	/* Disable interrupts, but do not irqtrace this section: we
 	 * will soon execute iret and the tracer was already set to
 	 * the irqstate after the iret */
 	DISABLE_INTERRUPTS(CLBR_EAX)
 	lss (%esp), %esp		/* switch to espfix segment */
 	CFI_ADJUST_CFA_OFFSET -8
 	jmp restore_nocheck
 	CFI_ENDPROC
 ENDPROC(system_call)
 	# perform work that needs to be done immediately before resumption
 	ALIGN
 	RING0_PTREGS_FRAME		# can't unwind into user space anyway
 work_pending:
 	testb $_TIF_NEED_RESCHED, %cl
 	jz work_notifysig
 work_resched:
 	call schedule
 	LOCKDEP_SYS_EXIT
 	DISABLE_INTERRUPTS(CLBR_ANY)	# make sure we don't miss an interrupt
 					# setting need_resched or sigpending
 					# between sampling and the iret
 	TRACE_IRQS_OFF
 	movl TI_flags(%ebp), %ecx
 	andl $_TIF_WORK_MASK, %ecx	# is there any work to be done other
 					# than syscall tracing?
 	jz restore_all
 	testb $_TIF_NEED_RESCHED, %cl
 	jnz work_resched
 work_notifysig:				# deal with pending signals and
 					# notify-resume requests
 #ifdef CONFIG_VM86
 	testl $X86_EFLAGS_VM, PT_EFLAGS(%esp)
 	movl %esp, %eax
 	jne work_notifysig_v86		# returning to kernel-space or
 					# vm86-space
 1:
 #else
 	movl %esp, %eax
 #endif
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_NONE)
 	movb PT_CS(%esp), %bl
 	andb $SEGMENT_RPL_MASK, %bl
 	cmpb $USER_RPL, %bl
 	jb resume_kernel
 	xorl %edx, %edx
 	call do_notify_resume
 	jmp resume_userspace
 #ifdef CONFIG_VM86
 	ALIGN
 work_notifysig_v86:
 	pushl_cfi %ecx			# save ti_flags for do_notify_resume
 	call save_v86_state		# %eax contains pt_regs pointer
 	popl_cfi %ecx
 	movl %eax, %esp
 	jmp 1b
 #endif
 END(work_pending)
 	# perform syscall exit tracing
 	ALIGN
 syscall_trace_entry:
 	movl $-ENOSYS,PT_EAX(%esp)
 	movl %esp, %eax
 	call syscall_trace_enter
 	/* What it returned is what we'll actually use.  */
 	cmpl $(NR_syscalls), %eax
 	jnae syscall_call
 	jmp syscall_exit
 END(syscall_trace_entry)
 	# perform syscall exit tracing
 	ALIGN
 syscall_exit_work:
 	testl $_TIF_WORK_SYSCALL_EXIT, %ecx
 	jz work_pending
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_ANY)	# could let syscall_trace_leave() call
 					# schedule() instead
 	movl %esp, %eax
 	call syscall_trace_leave
 	jmp resume_userspace
 END(syscall_exit_work)
 	CFI_ENDPROC
 	RING0_INT_FRAME			# can't unwind into user space anyway
 syscall_fault:
 	ASM_CLAC
 	GET_THREAD_INFO(%ebp)
 	movl $-EFAULT,PT_EAX(%esp)
 	jmp resume_userspace
 END(syscall_fault)
 syscall_badsys:
 	movl $-ENOSYS,PT_EAX(%esp)
 	jmp resume_userspace
 END(syscall_badsys)
 	CFI_ENDPROC
 /*
  * End of kprobes section
  */
 	.popsection
 /*
  * System calls that need a pt_regs pointer.
  */
 #define PTREGSCALL0(name) \
 ENTRY(ptregs_##name) ;  \
 	leal 4(%esp),%eax; \
 	jmp sys_##name; \
 ENDPROC(ptregs_##name)
 #define PTREGSCALL1(name) \
 ENTRY(ptregs_##name) ; \
 	leal 4(%esp),%edx; \
 	movl (PT_EBX+4)(%esp),%eax; \
 	jmp sys_##name; \
 ENDPROC(ptregs_##name)
 #define PTREGSCALL2(name) \
 ENTRY(ptregs_##name) ; \
 	leal 4(%esp),%ecx; \
 	movl (PT_ECX+4)(%esp),%edx; \
 	movl (PT_EBX+4)(%esp),%eax; \
 	jmp sys_##name; \
 ENDPROC(ptregs_##name)
 #define PTREGSCALL3(name) \
 ENTRY(ptregs_##name) ; \
 	CFI_STARTPROC; \
 	leal 4(%esp),%eax; \
 	pushl_cfi %eax; \
 	movl PT_EDX(%eax),%ecx; \
 	movl PT_ECX(%eax),%edx; \
 	movl PT_EBX(%eax),%eax; \
 	call sys_##name; \
 	addl $4,%esp; \
 	CFI_ADJUST_CFA_OFFSET -4; \
 	ret; \
 	CFI_ENDPROC; \
 ENDPROC(ptregs_##name)
 PTREGSCALL1(iopl)
 PTREGSCALL0(sigreturn)
 PTREGSCALL0(rt_sigreturn)
 PTREGSCALL2(vm86)
 PTREGSCALL1(vm86old)
 .macro FIXUP_ESPFIX_STACK
 /*
  * Switch back for ESPFIX stack to the normal zerobased stack
  *
  * We can't call C functions using the ESPFIX stack. This code reads
  * the high word of the segment base from the GDT and swiches to the
  * normal stack and adjusts ESP with the matching offset.
  */
 	/* fixup the stack */
 	mov GDT_ESPFIX_SS + 4, %al /* bits 16..23 */
 	mov GDT_ESPFIX_SS + 7, %ah /* bits 24..31 */
 	shl $16, %eax
 	addl %esp, %eax			/* the adjusted stack pointer */
 	pushl_cfi $__KERNEL_DS
 	pushl_cfi %eax
 	lss (%esp), %esp		/* switch to the normal stack segment */
 	CFI_ADJUST_CFA_OFFSET -8
 .endm
 .macro UNWIND_ESPFIX_STACK
 	movl %ss, %eax
 	/* see if on espfix stack */
 	cmpw $__ESPFIX_SS, %ax
 	jne 27f
 	movl $__KERNEL_DS, %eax
 	movl %eax, %ds
 	movl %eax, %es
 	/* switch to normal stack */
 	FIXUP_ESPFIX_STACK
 27:
 .endm
 /*
  * Build the entry stubs and pointer table with some assembler magic.
  * We pack 7 stubs into a single 32-byte chunk, which will fit in a
  * single cache line on all modern x86 implementations.
  */
 .section .init.rodata,"a"
 ENTRY(interrupt)
 .section .entry.text, "ax"
 	.p2align 5
 	.p2align CONFIG_X86_L1_CACHE_SHIFT
 ENTRY(irq_entries_start)
 	RING0_INT_FRAME
 vector=FIRST_EXTERNAL_VECTOR
 .rept (NR_VECTORS-FIRST_EXTERNAL_VECTOR+6)/7
 	.balign 32
   .rept	7
     .if vector < NR_VECTORS
       .if vector <> FIRST_EXTERNAL_VECTOR
 	CFI_ADJUST_CFA_OFFSET -4
       .endif
 1:	pushl_cfi $(~vector+0x80)	/* Note: always in signed byte range */
       .if ((vector-FIRST_EXTERNAL_VECTOR)%7) <> 6
 	jmp 2f
       .endif
       .previous
 	.long 1b
       .section .entry.text, "ax"
 vector=vector+1
     .endif
   .endr
 2:	jmp common_interrupt
 .endr
 END(irq_entries_start)
 .previous
 END(interrupt)
 .previous
 /*
  * the CPU automatically disables interrupts when executing an IRQ vector,
  * so IRQ-flags tracing has to follow that:
  */
 	.p2align CONFIG_X86_L1_CACHE_SHIFT
 common_interrupt:
 	ASM_CLAC
 	addl $-0x80,(%esp)	/* Adjust vector into the [-256,-1] range */
 	SAVE_ALL
 	TRACE_IRQS_OFF
 	movl %esp,%eax
 	call do_IRQ
 	jmp ret_from_intr
 ENDPROC(common_interrupt)
 	CFI_ENDPROC
 /*
  *  Irq entries should be protected against kprobes
  */
 	.pushsection .kprobes.text, "ax"
 #define BUILD_INTERRUPT3(name, nr, fn)	\
 ENTRY(name)				\
 	RING0_INT_FRAME;		\
 	ASM_CLAC;			\
 	pushl_cfi $~(nr);		\
 	SAVE_ALL;			\
 	TRACE_IRQS_OFF			\
 	movl %esp,%eax;			\
 	call fn;			\
 	jmp ret_from_intr;		\
 	CFI_ENDPROC;			\
 ENDPROC(name)
 #define BUILD_INTERRUPT(name, nr)	BUILD_INTERRUPT3(name, nr, smp_##name)
 /* The include is where all of the SMP etc. interrupts come from */
 #include <asm/entry_arch.h>
 ENTRY(coprocessor_error)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_coprocessor_error
 	jmp error_code
 	CFI_ENDPROC
 END(coprocessor_error)
 ENTRY(simd_coprocessor_error)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0
 #ifdef CONFIG_X86_INVD_BUG
 	/* AMD 486 bug: invd from userspace calls exception 19 instead of #GP */
 661:	pushl_cfi $do_general_protection
 662:
 .section .altinstructions,"a"
 	altinstruction_entry 661b, 663f, X86_FEATURE_XMM, 662b-661b, 664f-663f
 .previous
 .section .altinstr_replacement,"ax"
 663:	pushl $do_simd_coprocessor_error
 664:
 .previous
 #else
 	pushl_cfi $do_simd_coprocessor_error
 #endif
 	jmp error_code
 	CFI_ENDPROC
 END(simd_coprocessor_error)
 ENTRY(device_not_available)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $-1			# mark this as an int
 	pushl_cfi $do_device_not_available
 	jmp error_code
 	CFI_ENDPROC
 END(device_not_available)
 #ifdef CONFIG_PARAVIRT
 ENTRY(native_iret)
 	iret
 	_ASM_EXTABLE(native_iret, iret_exc)
 END(native_iret)
 ENTRY(native_irq_enable_sysexit)
 	sti
 	sysexit
 END(native_irq_enable_sysexit)
 #endif
 ENTRY(overflow)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_overflow
 	jmp error_code
 	CFI_ENDPROC
 END(overflow)
 ENTRY(bounds)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_bounds
 	jmp error_code
 	CFI_ENDPROC
 END(bounds)
 ENTRY(invalid_op)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_invalid_op
 	jmp error_code
 	CFI_ENDPROC
 END(invalid_op)
 ENTRY(coprocessor_segment_overrun)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_coprocessor_segment_overrun
 	jmp error_code
 	CFI_ENDPROC
 END(coprocessor_segment_overrun)
 ENTRY(invalid_TSS)
 	RING0_EC_FRAME
 	ASM_CLAC
 	pushl_cfi $do_invalid_TSS
 	jmp error_code
 	CFI_ENDPROC
 END(invalid_TSS)
 ENTRY(segment_not_present)
 	RING0_EC_FRAME
 	ASM_CLAC
 	pushl_cfi $do_segment_not_present
 	jmp error_code
 	CFI_ENDPROC
 END(segment_not_present)
 ENTRY(stack_segment)
 	RING0_EC_FRAME
 	ASM_CLAC
 	pushl_cfi $do_stack_segment
 	jmp error_code
 	CFI_ENDPROC
 END(stack_segment)
 ENTRY(alignment_check)
 	RING0_EC_FRAME
 	ASM_CLAC
 	pushl_cfi $do_alignment_check
 	jmp error_code
 	CFI_ENDPROC
 END(alignment_check)
 ENTRY(divide_error)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0			# no error code
 	pushl_cfi $do_divide_error
 	jmp error_code
 	CFI_ENDPROC
 END(divide_error)
 #ifdef CONFIG_X86_MCE
 ENTRY(machine_check)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi machine_check_vector
 	jmp error_code
 	CFI_ENDPROC
 END(machine_check)
 #endif
 ENTRY(spurious_interrupt_bug)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $0
 	pushl_cfi $do_spurious_interrupt_bug
 	jmp error_code
 	CFI_ENDPROC
 END(spurious_interrupt_bug)
 /*
  * End of kprobes section
  */
 	.popsection
 #ifdef CONFIG_XEN
 /* Xen doesn't set %esp to be precisely what the normal sysenter
    entrypoint expects, so fix it up before using the normal path. */
 ENTRY(xen_sysenter_target)
 	RING0_INT_FRAME
 	addl $5*4, %esp		/* remove xen-provided frame */
 	CFI_ADJUST_CFA_OFFSET -5*4
 	jmp sysenter_past_esp
 	CFI_ENDPROC
 ENTRY(xen_hypervisor_callback)
 	CFI_STARTPROC
 	pushl_cfi $-1 /* orig_ax = -1 => not a system call */
 	SAVE_ALL
 	TRACE_IRQS_OFF
 	/* Check to see if we got the event in the critical
 	   region in xen_iret_direct, after we've reenabled
 	   events and checked for pending events.  This simulates
 	   iret instruction's behaviour where it delivers a
 	   pending interrupt when enabling interrupts. */
 	movl PT_EIP(%esp),%eax
 	cmpl $xen_iret_start_crit,%eax
 	jb   1f
 	cmpl $xen_iret_end_crit,%eax
 	jae  1f
 	jmp  xen_iret_crit_fixup
 ENTRY(xen_do_upcall)
 1:	mov %esp, %eax
 	call xen_evtchn_do_upcall
 	jmp  ret_from_intr
 	CFI_ENDPROC
 ENDPROC(xen_hypervisor_callback)
 # Hypervisor uses this for application faults while it executes.
 # We get here for two reasons:
 #  1. Fault while reloading DS, ES, FS or GS
 #  2. Fault while executing IRET
 # Category 1 we fix up by reattempting the load, and zeroing the segment
 # register if the load fails.
 # Category 2 we fix up by jumping to do_iret_error. We cannot use the
 # normal Linux return path in this case because if we use the IRET hypercall
 # to pop the stack frame we end up in an infinite loop of failsafe callbacks.
 # We distinguish between categories by maintaining a status value in EAX.
 ENTRY(xen_failsafe_callback)
 	CFI_STARTPROC
 	pushl_cfi %eax
 	movl $1,%eax
 1:	mov 4(%esp),%ds
 2:	mov 8(%esp),%es
 3:	mov 12(%esp),%fs
 4:	mov 16(%esp),%gs
 	/* EAX == 0 => Category 1 (Bad segment)
 	   EAX != 0 => Category 2 (Bad IRET) */
 	testl %eax,%eax
 	popl_cfi %eax
 	lea 16(%esp),%esp
 	CFI_ADJUST_CFA_OFFSET -16
 	jz 5f
 	jmp iret_exc
 5:	pushl_cfi $-1 /* orig_ax = -1 => not a system call */
 	SAVE_ALL
 	jmp ret_from_exception
 	CFI_ENDPROC
 .section .fixup,"ax"
 6:	xorl %eax,%eax
 	movl %eax,4(%esp)
 	jmp 1b
 7:	xorl %eax,%eax
 	movl %eax,8(%esp)
 	jmp 2b
 8:	xorl %eax,%eax
 	movl %eax,12(%esp)
 	jmp 3b
 9:	xorl %eax,%eax
 	movl %eax,16(%esp)
 	jmp 4b
 .previous
 	_ASM_EXTABLE(1b,6b)
 	_ASM_EXTABLE(2b,7b)
 	_ASM_EXTABLE(3b,8b)
 	_ASM_EXTABLE(4b,9b)
 ENDPROC(xen_failsafe_callback)
-BUILD_INTERRUPT3(xen_hvm_callback_vector, XEN_HVM_EVTCHN_CALLBACK,
+BUILD_INTERRUPT3(xen_hvm_callback_vector, HYPERVISOR_CALLBACK_VECTOR,
 		xen_evtchn_do_upcall)
 #endif	/* CONFIG_XEN */
+#if IS_ENABLED(CONFIG_HYPERV)
+BUILD_INTERRUPT3(hyperv_callback_vector, HYPERVISOR_CALLBACK_VECTOR,
+	hyperv_vector_handler)
+#endif /* CONFIG_HYPERV */
 #ifdef CONFIG_FUNCTION_TRACER
 #ifdef CONFIG_DYNAMIC_FTRACE
 ENTRY(mcount)
 	ret
 END(mcount)
 ENTRY(ftrace_caller)
 	cmpl $0, function_trace_stop
 	jne  ftrace_stub
 	pushl %eax
 	pushl %ecx
 	pushl %edx
 	pushl $0	/* Pass NULL as regs pointer */
 	movl 4*4(%esp), %eax
 	movl 0x4(%ebp), %edx
 	leal function_trace_op, %ecx
 	subl $MCOUNT_INSN_SIZE, %eax
 .globl ftrace_call
 ftrace_call:
 	call ftrace_stub
 	addl $4,%esp	/* skip NULL pointer */
 	popl %edx
 	popl %ecx
 	popl %eax
 ftrace_ret:
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
 .globl ftrace_graph_call
 ftrace_graph_call:
 	jmp ftrace_stub
 #endif
 .globl ftrace_stub
 ftrace_stub:
 	ret
 END(ftrace_caller)
 ENTRY(ftrace_regs_caller)
 	pushf	/* push flags before compare (in cs location) */
 	cmpl $0, function_trace_stop
 	jne ftrace_restore_flags
 	/*
 	 * i386 does not save SS and ESP when coming from kernel.
 	 * Instead, to get sp, &regs->sp is used (see ptrace.h).
 	 * Unfortunately, that means eflags must be at the same location
 	 * as the current return ip is. We move the return ip into the
 	 * ip location, and move flags into the return ip location.
 	 */
 	pushl 4(%esp)	/* save return ip into ip slot */
 	pushl $0	/* Load 0 into orig_ax */
 	pushl %gs
 	pushl %fs
 	pushl %es
 	pushl %ds
 	pushl %eax
 	pushl %ebp
 	pushl %edi
 	pushl %esi
 	pushl %edx
 	pushl %ecx
 	pushl %ebx
 	movl 13*4(%esp), %eax	/* Get the saved flags */
 	movl %eax, 14*4(%esp)	/* Move saved flags into regs->flags location */
 				/* clobbering return ip */
 	movl $__KERNEL_CS,13*4(%esp)
 	movl 12*4(%esp), %eax	/* Load ip (1st parameter) */
 	subl $MCOUNT_INSN_SIZE, %eax	/* Adjust ip */
 	movl 0x4(%ebp), %edx	/* Load parent ip (2nd parameter) */
 	leal function_trace_op, %ecx /* Save ftrace_pos in 3rd parameter */
 	pushl %esp		/* Save pt_regs as 4th parameter */
 GLOBAL(ftrace_regs_call)
 	call ftrace_stub
 	addl $4, %esp		/* Skip pt_regs */
 	movl 14*4(%esp), %eax	/* Move flags back into cs */
 	movl %eax, 13*4(%esp)	/* Needed to keep addl from modifying flags */
 	movl 12*4(%esp), %eax	/* Get return ip from regs->ip */
 	movl %eax, 14*4(%esp)	/* Put return ip back for ret */
 	popl %ebx
 	popl %ecx
 	popl %edx
 	popl %esi
 	popl %edi
 	popl %ebp
 	popl %eax
 	popl %ds
 	popl %es
 	popl %fs
 	popl %gs
 	addl $8, %esp		/* Skip orig_ax and ip */
 	popf			/* Pop flags at end (no addl to corrupt flags) */
 	jmp ftrace_ret
 ftrace_restore_flags:
 	popf
 	jmp  ftrace_stub
 #else /* ! CONFIG_DYNAMIC_FTRACE */
 ENTRY(mcount)
 	cmpl $0, function_trace_stop
 	jne  ftrace_stub
 	cmpl $ftrace_stub, ftrace_trace_function
 	jnz trace
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
 	cmpl $ftrace_stub, ftrace_graph_return
 	jnz ftrace_graph_caller
 	cmpl $ftrace_graph_entry_stub, ftrace_graph_entry
 	jnz ftrace_graph_caller
 #endif
 .globl ftrace_stub
 ftrace_stub:
 	ret
 	/* taken from glibc */
 trace:
 	pushl %eax
 	pushl %ecx
 	pushl %edx
 	movl 0xc(%esp), %eax
 	movl 0x4(%ebp), %edx
 	subl $MCOUNT_INSN_SIZE, %eax
 	call *ftrace_trace_function
 	popl %edx
 	popl %ecx
 	popl %eax
 	jmp ftrace_stub
 END(mcount)
 #endif /* CONFIG_DYNAMIC_FTRACE */
 #endif /* CONFIG_FUNCTION_TRACER */
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
 ENTRY(ftrace_graph_caller)
 	pushl %eax
 	pushl %ecx
 	pushl %edx
 	movl 0xc(%esp), %edx
 	lea 0x4(%ebp), %eax
 	movl (%ebp), %ecx
 	subl $MCOUNT_INSN_SIZE, %edx
 	call prepare_ftrace_return
 	popl %edx
 	popl %ecx
 	popl %eax
 	ret
 END(ftrace_graph_caller)
 .globl return_to_handler
 return_to_handler:
 	pushl %eax
 	pushl %edx
 	movl %ebp, %eax
 	call ftrace_return_to_handler
 	movl %eax, %ecx
 	popl %edx
 	popl %eax
 	jmp *%ecx
 #endif
 /*
  * Some functions should be protected against kprobes
  */
 	.pushsection .kprobes.text, "ax"
 ENTRY(page_fault)
 	RING0_EC_FRAME
 	ASM_CLAC
 	pushl_cfi $do_page_fault
 	ALIGN
 error_code:
 	/* the function address is in %gs's slot on the stack */
 	pushl_cfi %fs
 	/*CFI_REL_OFFSET fs, 0*/
 	pushl_cfi %es
 	/*CFI_REL_OFFSET es, 0*/
 	pushl_cfi %ds
 	/*CFI_REL_OFFSET ds, 0*/
 	pushl_cfi %eax
 	CFI_REL_OFFSET eax, 0
 	pushl_cfi %ebp
 	CFI_REL_OFFSET ebp, 0
 	pushl_cfi %edi
 	CFI_REL_OFFSET edi, 0
 	pushl_cfi %esi
 	CFI_REL_OFFSET esi, 0
 	pushl_cfi %edx
 	CFI_REL_OFFSET edx, 0
 	pushl_cfi %ecx
 	CFI_REL_OFFSET ecx, 0
 	pushl_cfi %ebx
 	CFI_REL_OFFSET ebx, 0
 	cld
 	movl $(__KERNEL_PERCPU), %ecx
 	movl %ecx, %fs
 	UNWIND_ESPFIX_STACK
 	GS_TO_REG %ecx
 	movl PT_GS(%esp), %edi		# get the function address
 	movl PT_ORIG_EAX(%esp), %edx	# get the error code
 	movl $-1, PT_ORIG_EAX(%esp)	# no syscall to restart
 	REG_TO_PTGS %ecx
 	SET_KERNEL_GS %ecx
 	movl $(__USER_DS), %ecx
 	movl %ecx, %ds
 	movl %ecx, %es
 	TRACE_IRQS_OFF
 	movl %esp,%eax			# pt_regs pointer
 	call *%edi
 	jmp ret_from_exception
 	CFI_ENDPROC
 END(page_fault)
 /*
  * Debug traps and NMI can happen at the one SYSENTER instruction
  * that sets up the real kernel stack. Check here, since we can't
  * allow the wrong stack to be used.
  *
  * "TSS_sysenter_sp0+12" is because the NMI/debug handler will have
  * already pushed 3 words if it hits on the sysenter instruction:
  * eflags, cs and eip.
  *
  * We just load the right stack, and push the three (known) values
  * by hand onto the new stack - while updating the return eip past
  * the instruction that would have done it for sysenter.
  */
 .macro FIX_STACK offset ok label
 	cmpw $__KERNEL_CS, 4(%esp)
 	jne \ok
 \label:
 	movl TSS_sysenter_sp0 + \offset(%esp), %esp
 	CFI_DEF_CFA esp, 0
 	CFI_UNDEFINED eip
 	pushfl_cfi
 	pushl_cfi $__KERNEL_CS
 	pushl_cfi $sysenter_past_esp
 	CFI_REL_OFFSET eip, 0
 .endm
 ENTRY(debug)
 	RING0_INT_FRAME
 	ASM_CLAC
 	cmpl $ia32_sysenter_target,(%esp)
 	jne debug_stack_correct
 	FIX_STACK 12, debug_stack_correct, debug_esp_fix_insn
 debug_stack_correct:
 	pushl_cfi $-1			# mark this as an int
 	SAVE_ALL
 	TRACE_IRQS_OFF
 	xorl %edx,%edx			# error code 0
 	movl %esp,%eax			# pt_regs pointer
 	call do_debug
 	jmp ret_from_exception
 	CFI_ENDPROC
 END(debug)
 /*
  * NMI is doubly nasty. It can happen _while_ we're handling
  * a debug fault, and the debug fault hasn't yet been able to
  * clear up the stack. So we first check whether we got  an
  * NMI on the sysenter entry path, but after that we need to
  * check whether we got an NMI on the debug path where the debug
  * fault happened on the sysenter path.
  */
 ENTRY(nmi)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi %eax
 	movl %ss, %eax
 	cmpw $__ESPFIX_SS, %ax
 	popl_cfi %eax
 	je nmi_espfix_stack
 	cmpl $ia32_sysenter_target,(%esp)
 	je nmi_stack_fixup
 	pushl_cfi %eax
 	movl %esp,%eax
 	/* Do not access memory above the end of our stack page,
 	 * it might not exist.
 	 */
 	andl $(THREAD_SIZE-1),%eax
 	cmpl $(THREAD_SIZE-20),%eax
 	popl_cfi %eax
 	jae nmi_stack_correct
 	cmpl $ia32_sysenter_target,12(%esp)
 	je nmi_debug_stack_check
 nmi_stack_correct:
 	/* We have a RING0_INT_FRAME here */
 	pushl_cfi %eax
 	SAVE_ALL
 	xorl %edx,%edx		# zero error code
 	movl %esp,%eax		# pt_regs pointer
 	call do_nmi
 	jmp restore_all_notrace
 	CFI_ENDPROC
 nmi_stack_fixup:
 	RING0_INT_FRAME
 	FIX_STACK 12, nmi_stack_correct, 1
 	jmp nmi_stack_correct
 nmi_debug_stack_check:
 	/* We have a RING0_INT_FRAME here */
 	cmpw $__KERNEL_CS,16(%esp)
 	jne nmi_stack_correct
 	cmpl $debug,(%esp)
 	jb nmi_stack_correct
 	cmpl $debug_esp_fix_insn,(%esp)
 	ja nmi_stack_correct
 	FIX_STACK 24, nmi_stack_correct, 1
 	jmp nmi_stack_correct
 nmi_espfix_stack:
 	/* We have a RING0_INT_FRAME here.
 	 *
 	 * create the pointer to lss back
 	 */
 	pushl_cfi %ss
 	pushl_cfi %esp
 	addl $4, (%esp)
 	/* copy the iret frame of 12 bytes */
 	.rept 3
 	pushl_cfi 16(%esp)
 	.endr
 	pushl_cfi %eax
 	SAVE_ALL
 	FIXUP_ESPFIX_STACK		# %eax == %esp
 	xorl %edx,%edx			# zero error code
 	call do_nmi
 	RESTORE_REGS
 	lss 12+4(%esp), %esp		# back to espfix stack
 	CFI_ADJUST_CFA_OFFSET -24
 	jmp irq_return
 	CFI_ENDPROC
 END(nmi)
 ENTRY(int3)
 	RING0_INT_FRAME
 	ASM_CLAC
 	pushl_cfi $-1			# mark this as an int
 	SAVE_ALL
 	TRACE_IRQS_OFF
 	xorl %edx,%edx		# zero error code
 	movl %esp,%eax		# pt_regs pointer
 	call do_int3
 	jmp ret_from_exception
 	CFI_ENDPROC
 END(int3)
 ENTRY(general_protection)
 	RING0_EC_FRAME
 	pushl_cfi $do_general_protection
 	jmp error_code
 	CFI_ENDPROC
 END(general_protection)
 #ifdef CONFIG_KVM_GUEST
 ENTRY(async_page_fault)
 	RING0_EC_FRAME
 	ASM_CLAC
 	pushl_cfi $do_async_page_fault
 	jmp error_code
 	CFI_ENDPROC
 END(async_page_fault)
 #endif
 /*
  * End of kprobes section
  */
 	.popsection

arch/x86/kernel/entry_64.S

Diff comments View file @ bc2b033

 /*
  *  linux/arch/x86_64/entry.S
  *
  *  Copyright (C) 1991, 1992  Linus Torvalds
  *  Copyright (C) 2000, 2001, 2002  Andi Kleen SuSE Labs
  *  Copyright (C) 2000  Pavel Machek <pavel@suse.cz>
  */
 /*
  * entry.S contains the system-call and fault low-level handling routines.
  *
  * Some of this is documented in Documentation/x86/entry_64.txt
  *
  * NOTE: This code handles signal-recognition, which happens every time
  * after an interrupt and after each system call.
  *
  * Normal syscalls and interrupts don't save a full stack frame, this is
  * only done for syscall tracing, signals or fork/exec et.al.
  *
  * A note on terminology:
  * - top of stack: Architecture defined interrupt frame from SS to RIP
  * at the top of the kernel process stack.
  * - partial stack frame: partially saved registers up to R11.
  * - full stack frame: Like partial stack frame, but all register saved.
  *
  * Some macro usage:
  * - CFI macros are used to generate dwarf2 unwind information for better
  * backtraces. They don't change any code.
  * - SAVE_ALL/RESTORE_ALL - Save/restore all registers
  * - SAVE_ARGS/RESTORE_ARGS - Save/restore registers that C functions modify.
  * There are unfortunately lots of special cases where some registers
  * not touched. The macro is a big mess that should be cleaned up.
  * - SAVE_REST/RESTORE_REST - Handle the registers not saved by SAVE_ARGS.
  * Gives a full stack frame.
  * - ENTRY/END Define functions in the symbol table.
  * - FIXUP_TOP_OF_STACK/RESTORE_TOP_OF_STACK - Fix up the hardware stack
  * frame that is otherwise undefined after a SYSCALL
  * - TRACE_IRQ_* - Trace hard interrupt state for lock debugging.
  * - errorentry/paranoidentry/zeroentry - Define exception entry points.
  */
 #include <linux/linkage.h>
 #include <asm/segment.h>
 #include <asm/cache.h>
 #include <asm/errno.h>
 #include <asm/dwarf2.h>
 #include <asm/calling.h>
 #include <asm/asm-offsets.h>
 #include <asm/msr.h>
 #include <asm/unistd.h>
 #include <asm/thread_info.h>
 #include <asm/hw_irq.h>
 #include <asm/page_types.h>
 #include <asm/irqflags.h>
 #include <asm/paravirt.h>
 #include <asm/ftrace.h>
 #include <asm/percpu.h>
 #include <asm/asm.h>
 #include <asm/context_tracking.h>
 #include <asm/smap.h>
 #include <linux/err.h>
 /* Avoid __ASSEMBLER__'ifying <linux/audit.h> just for this.  */
 #include <linux/elf-em.h>
 #define AUDIT_ARCH_X86_64	(EM_X86_64|__AUDIT_ARCH_64BIT|__AUDIT_ARCH_LE)
 #define __AUDIT_ARCH_64BIT 0x80000000
 #define __AUDIT_ARCH_LE	   0x40000000
 	.code64
 	.section .entry.text, "ax"
 #ifdef CONFIG_FUNCTION_TRACER
 #ifdef CC_USING_FENTRY
 # define function_hook	__fentry__
 #else
 # define function_hook	mcount
 #endif
 #ifdef CONFIG_DYNAMIC_FTRACE
 ENTRY(function_hook)
 	retq
 END(function_hook)
 /* skip is set if stack has been adjusted */
 .macro ftrace_caller_setup skip=0
 	MCOUNT_SAVE_FRAME \skip
 	/* Load the ftrace_ops into the 3rd parameter */
 	leaq function_trace_op, %rdx
 	/* Load ip into the first parameter */
 	movq RIP(%rsp), %rdi
 	subq $MCOUNT_INSN_SIZE, %rdi
 	/* Load the parent_ip into the second parameter */
 #ifdef CC_USING_FENTRY
 	movq SS+16(%rsp), %rsi
 #else
 	movq 8(%rbp), %rsi
 #endif
 .endm
 ENTRY(ftrace_caller)
 	/* Check if tracing was disabled (quick check) */
 	cmpl $0, function_trace_stop
 	jne  ftrace_stub
 	ftrace_caller_setup
 	/* regs go into 4th parameter (but make it NULL) */
 	movq $0, %rcx
 GLOBAL(ftrace_call)
 	call ftrace_stub
 	MCOUNT_RESTORE_FRAME
 ftrace_return:
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
 GLOBAL(ftrace_graph_call)
 	jmp ftrace_stub
 #endif
 GLOBAL(ftrace_stub)
 	retq
 END(ftrace_caller)
 ENTRY(ftrace_regs_caller)
 	/* Save the current flags before compare (in SS location)*/
 	pushfq
 	/* Check if tracing was disabled (quick check) */
 	cmpl $0, function_trace_stop
 	jne  ftrace_restore_flags
 	/* skip=8 to skip flags saved in SS */
 	ftrace_caller_setup 8
 	/* Save the rest of pt_regs */
 	movq %r15, R15(%rsp)
 	movq %r14, R14(%rsp)
 	movq %r13, R13(%rsp)
 	movq %r12, R12(%rsp)
 	movq %r11, R11(%rsp)
 	movq %r10, R10(%rsp)
 	movq %rbp, RBP(%rsp)
 	movq %rbx, RBX(%rsp)
 	/* Copy saved flags */
 	movq SS(%rsp), %rcx
 	movq %rcx, EFLAGS(%rsp)
 	/* Kernel segments */
 	movq $__KERNEL_DS, %rcx
 	movq %rcx, SS(%rsp)
 	movq $__KERNEL_CS, %rcx
 	movq %rcx, CS(%rsp)
 	/* Stack - skipping return address */
 	leaq SS+16(%rsp), %rcx
 	movq %rcx, RSP(%rsp)
 	/* regs go into 4th parameter */
 	leaq (%rsp), %rcx
 GLOBAL(ftrace_regs_call)
 	call ftrace_stub
 	/* Copy flags back to SS, to restore them */
 	movq EFLAGS(%rsp), %rax
 	movq %rax, SS(%rsp)
 	/* Handlers can change the RIP */
 	movq RIP(%rsp), %rax
 	movq %rax, SS+8(%rsp)
 	/* restore the rest of pt_regs */
 	movq R15(%rsp), %r15
 	movq R14(%rsp), %r14
 	movq R13(%rsp), %r13
 	movq R12(%rsp), %r12
 	movq R10(%rsp), %r10
 	movq RBP(%rsp), %rbp
 	movq RBX(%rsp), %rbx
 	/* skip=8 to skip flags saved in SS */
 	MCOUNT_RESTORE_FRAME 8
 	/* Restore flags */
 	popfq
 	jmp ftrace_return
 ftrace_restore_flags:
 	popfq
 	jmp  ftrace_stub
 END(ftrace_regs_caller)
 #else /* ! CONFIG_DYNAMIC_FTRACE */
 ENTRY(function_hook)
 	cmpl $0, function_trace_stop
 	jne  ftrace_stub
 	cmpq $ftrace_stub, ftrace_trace_function
 	jnz trace
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
 	cmpq $ftrace_stub, ftrace_graph_return
 	jnz ftrace_graph_caller
 	cmpq $ftrace_graph_entry_stub, ftrace_graph_entry
 	jnz ftrace_graph_caller
 #endif
 GLOBAL(ftrace_stub)
 	retq
 trace:
 	MCOUNT_SAVE_FRAME
 	movq RIP(%rsp), %rdi
 #ifdef CC_USING_FENTRY
 	movq SS+16(%rsp), %rsi
 #else
 	movq 8(%rbp), %rsi
 #endif
 	subq $MCOUNT_INSN_SIZE, %rdi
 	call   *ftrace_trace_function
 	MCOUNT_RESTORE_FRAME
 	jmp ftrace_stub
 END(function_hook)
 #endif /* CONFIG_DYNAMIC_FTRACE */
 #endif /* CONFIG_FUNCTION_TRACER */
 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
 ENTRY(ftrace_graph_caller)
 	MCOUNT_SAVE_FRAME
 #ifdef CC_USING_FENTRY
 	leaq SS+16(%rsp), %rdi
 	movq $0, %rdx	/* No framepointers needed */
 #else
 	leaq 8(%rbp), %rdi
 	movq (%rbp), %rdx
 #endif
 	movq RIP(%rsp), %rsi
 	subq $MCOUNT_INSN_SIZE, %rsi
 	call	prepare_ftrace_return
 	MCOUNT_RESTORE_FRAME
 	retq
 END(ftrace_graph_caller)
 GLOBAL(return_to_handler)
 	subq  $24, %rsp
 	/* Save the return values */
 	movq %rax, (%rsp)
 	movq %rdx, 8(%rsp)
 	movq %rbp, %rdi
 	call ftrace_return_to_handler
 	movq %rax, %rdi
 	movq 8(%rsp), %rdx
 	movq (%rsp), %rax
 	addq $24, %rsp
 	jmp *%rdi
 #endif
 #ifndef CONFIG_PREEMPT
 #define retint_kernel retint_restore_args
 #endif
 #ifdef CONFIG_PARAVIRT
 ENTRY(native_usergs_sysret64)
 	swapgs
 	sysretq
 ENDPROC(native_usergs_sysret64)
 #endif /* CONFIG_PARAVIRT */
 .macro TRACE_IRQS_IRETQ offset=ARGOFFSET
 #ifdef CONFIG_TRACE_IRQFLAGS
 	bt   $9,EFLAGS-\offset(%rsp)	/* interrupts off? */
 	jnc  1f
 	TRACE_IRQS_ON
 1:
 #endif
 .endm
 /*
  * When dynamic function tracer is enabled it will add a breakpoint
  * to all locations that it is about to modify, sync CPUs, update
  * all the code, sync CPUs, then remove the breakpoints. In this time
  * if lockdep is enabled, it might jump back into the debug handler
  * outside the updating of the IST protection. (TRACE_IRQS_ON/OFF).
  *
  * We need to change the IDT table before calling TRACE_IRQS_ON/OFF to
  * make sure the stack pointer does not get reset back to the top
  * of the debug stack, and instead just reuses the current stack.
  */
 #if defined(CONFIG_DYNAMIC_FTRACE) && defined(CONFIG_TRACE_IRQFLAGS)
 .macro TRACE_IRQS_OFF_DEBUG
 	call debug_stack_set_zero
 	TRACE_IRQS_OFF
 	call debug_stack_reset
 .endm
 .macro TRACE_IRQS_ON_DEBUG
 	call debug_stack_set_zero
 	TRACE_IRQS_ON
 	call debug_stack_reset
 .endm
 .macro TRACE_IRQS_IRETQ_DEBUG offset=ARGOFFSET
 	bt   $9,EFLAGS-\offset(%rsp)	/* interrupts off? */
 	jnc  1f
 	TRACE_IRQS_ON_DEBUG
 1:
 .endm
 #else
 # define TRACE_IRQS_OFF_DEBUG		TRACE_IRQS_OFF
 # define TRACE_IRQS_ON_DEBUG		TRACE_IRQS_ON
 # define TRACE_IRQS_IRETQ_DEBUG		TRACE_IRQS_IRETQ
 #endif
 /*
  * C code is not supposed to know about undefined top of stack. Every time
  * a C function with an pt_regs argument is called from the SYSCALL based
  * fast path FIXUP_TOP_OF_STACK is needed.
  * RESTORE_TOP_OF_STACK syncs the syscall state after any possible ptregs
  * manipulation.
  */
 	/* %rsp:at FRAMEEND */
 	.macro FIXUP_TOP_OF_STACK tmp offset=0
 	movq PER_CPU_VAR(old_rsp),\tmp
 	movq \tmp,RSP+\offset(%rsp)
 	movq $__USER_DS,SS+\offset(%rsp)
 	movq $__USER_CS,CS+\offset(%rsp)
 	movq $-1,RCX+\offset(%rsp)
 	movq R11+\offset(%rsp),\tmp  /* get eflags */
 	movq \tmp,EFLAGS+\offset(%rsp)
 	.endm
 	.macro RESTORE_TOP_OF_STACK tmp offset=0
 	movq RSP+\offset(%rsp),\tmp
 	movq \tmp,PER_CPU_VAR(old_rsp)
 	movq EFLAGS+\offset(%rsp),\tmp
 	movq \tmp,R11+\offset(%rsp)
 	.endm
 	.macro FAKE_STACK_FRAME child_rip
 	/* push in order ss, rsp, eflags, cs, rip */
 	xorl %eax, %eax
 	pushq_cfi $__KERNEL_DS /* ss */
 	/*CFI_REL_OFFSET	ss,0*/
 	pushq_cfi %rax /* rsp */
 	CFI_REL_OFFSET	rsp,0
 	pushq_cfi $(X86_EFLAGS_IF|X86_EFLAGS_BIT1) /* eflags - interrupts on */
 	/*CFI_REL_OFFSET	rflags,0*/
 	pushq_cfi $__KERNEL_CS /* cs */
 	/*CFI_REL_OFFSET	cs,0*/
 	pushq_cfi \child_rip /* rip */
 	CFI_REL_OFFSET	rip,0
 	pushq_cfi %rax /* orig rax */
 	.endm
 	.macro UNFAKE_STACK_FRAME
 	addq $8*6, %rsp
 	CFI_ADJUST_CFA_OFFSET	-(6*8)
 	.endm
 /*
  * initial frame state for interrupts (and exceptions without error code)
  */
 	.macro EMPTY_FRAME start=1 offset=0
 	.if \start
 	CFI_STARTPROC simple
 	CFI_SIGNAL_FRAME
 	CFI_DEF_CFA rsp,8+\offset
 	.else
 	CFI_DEF_CFA_OFFSET 8+\offset
 	.endif
 	.endm
 /*
  * initial frame state for interrupts (and exceptions without error code)
  */
 	.macro INTR_FRAME start=1 offset=0
 	EMPTY_FRAME \start, SS+8+\offset-RIP
 	/*CFI_REL_OFFSET ss, SS+\offset-RIP*/
 	CFI_REL_OFFSET rsp, RSP+\offset-RIP
 	/*CFI_REL_OFFSET rflags, EFLAGS+\offset-RIP*/
 	/*CFI_REL_OFFSET cs, CS+\offset-RIP*/
 	CFI_REL_OFFSET rip, RIP+\offset-RIP
 	.endm
 /*
  * initial frame state for exceptions with error code (and interrupts
  * with vector already pushed)
  */
 	.macro XCPT_FRAME start=1 offset=0
 	INTR_FRAME \start, RIP+\offset-ORIG_RAX
 	/*CFI_REL_OFFSET orig_rax, ORIG_RAX-ORIG_RAX*/
 	.endm
 /*
  * frame that enables calling into C.
  */
 	.macro PARTIAL_FRAME start=1 offset=0
 	XCPT_FRAME \start, ORIG_RAX+\offset-ARGOFFSET
 	CFI_REL_OFFSET rdi, RDI+\offset-ARGOFFSET
 	CFI_REL_OFFSET rsi, RSI+\offset-ARGOFFSET
 	CFI_REL_OFFSET rdx, RDX+\offset-ARGOFFSET
 	CFI_REL_OFFSET rcx, RCX+\offset-ARGOFFSET
 	CFI_REL_OFFSET rax, RAX+\offset-ARGOFFSET
 	CFI_REL_OFFSET r8, R8+\offset-ARGOFFSET
 	CFI_REL_OFFSET r9, R9+\offset-ARGOFFSET
 	CFI_REL_OFFSET r10, R10+\offset-ARGOFFSET
 	CFI_REL_OFFSET r11, R11+\offset-ARGOFFSET
 	.endm
 /*
  * frame that enables passing a complete pt_regs to a C function.
  */
 	.macro DEFAULT_FRAME start=1 offset=0
 	PARTIAL_FRAME \start, R11+\offset-R15
 	CFI_REL_OFFSET rbx, RBX+\offset
 	CFI_REL_OFFSET rbp, RBP+\offset
 	CFI_REL_OFFSET r12, R12+\offset
 	CFI_REL_OFFSET r13, R13+\offset
 	CFI_REL_OFFSET r14, R14+\offset
 	CFI_REL_OFFSET r15, R15+\offset
 	.endm
 /* save partial stack frame */
 	.macro SAVE_ARGS_IRQ
 	cld
 	/* start from rbp in pt_regs and jump over */
 	movq_cfi rdi, (RDI-RBP)
 	movq_cfi rsi, (RSI-RBP)
 	movq_cfi rdx, (RDX-RBP)
 	movq_cfi rcx, (RCX-RBP)
 	movq_cfi rax, (RAX-RBP)
 	movq_cfi  r8,  (R8-RBP)
 	movq_cfi  r9,  (R9-RBP)
 	movq_cfi r10, (R10-RBP)
 	movq_cfi r11, (R11-RBP)
 	/* Save rbp so that we can unwind from get_irq_regs() */
 	movq_cfi rbp, 0
 	/* Save previous stack value */
 	movq %rsp, %rsi
 	leaq -RBP(%rsp),%rdi	/* arg1 for handler */
 	testl $3, CS-RBP(%rsi)
 	je 1f
 	SWAPGS
 	/*
 	 * irq_count is used to check if a CPU is already on an interrupt stack
 	 * or not. While this is essentially redundant with preempt_count it is
 	 * a little cheaper to use a separate counter in the PDA (short of
 	 * moving irq_enter into assembly, which would be too much work)
 	 */
 1:	incl PER_CPU_VAR(irq_count)
 	cmovzq PER_CPU_VAR(irq_stack_ptr),%rsp
 	CFI_DEF_CFA_REGISTER	rsi
 	/* Store previous stack value */
 	pushq %rsi
 	CFI_ESCAPE	0x0f /* DW_CFA_def_cfa_expression */, 6, \
 			0x77 /* DW_OP_breg7 */, 0, \
 			0x06 /* DW_OP_deref */, \
 			0x08 /* DW_OP_const1u */, SS+8-RBP, \
 			0x22 /* DW_OP_plus */
 	/* We entered an interrupt context - irqs are off: */
 	TRACE_IRQS_OFF
 	.endm
 ENTRY(save_rest)
 	PARTIAL_FRAME 1 (REST_SKIP+8)
 	movq 5*8+16(%rsp), %r11	/* save return address */
 	movq_cfi rbx, RBX+16
 	movq_cfi rbp, RBP+16
 	movq_cfi r12, R12+16
 	movq_cfi r13, R13+16
 	movq_cfi r14, R14+16
 	movq_cfi r15, R15+16
 	movq %r11, 8(%rsp)	/* return address */
 	FIXUP_TOP_OF_STACK %r11, 16
 	ret
 	CFI_ENDPROC
 END(save_rest)
 /* save complete stack frame */
 	.pushsection .kprobes.text, "ax"
 ENTRY(save_paranoid)
 	XCPT_FRAME 1 RDI+8
 	cld
 	movq_cfi rdi, RDI+8
 	movq_cfi rsi, RSI+8
 	movq_cfi rdx, RDX+8
 	movq_cfi rcx, RCX+8
 	movq_cfi rax, RAX+8
 	movq_cfi r8, R8+8
 	movq_cfi r9, R9+8
 	movq_cfi r10, R10+8
 	movq_cfi r11, R11+8
 	movq_cfi rbx, RBX+8
 	movq_cfi rbp, RBP+8
 	movq_cfi r12, R12+8
 	movq_cfi r13, R13+8
 	movq_cfi r14, R14+8
 	movq_cfi r15, R15+8
 	movl $1,%ebx
 	movl $MSR_GS_BASE,%ecx
 	rdmsr
 	testl %edx,%edx
 	js 1f	/* negative -> in kernel */
 	SWAPGS
 	xorl %ebx,%ebx
 1:	ret
 	CFI_ENDPROC
 END(save_paranoid)
 	.popsection
 /*
  * A newly forked process directly context switches into this address.
  *
  * rdi: prev task we switched from
  */
 ENTRY(ret_from_fork)
 	DEFAULT_FRAME
 	LOCK ; btr $TIF_FORK,TI_flags(%r8)
 	pushq_cfi $0x0002
 	popfq_cfi				# reset kernel eflags
 	call schedule_tail			# rdi: 'prev' task parameter
 	GET_THREAD_INFO(%rcx)
 	RESTORE_REST
 	testl $3, CS-ARGOFFSET(%rsp)		# from kernel_thread?
 	jz   1f
 	testl $_TIF_IA32, TI_flags(%rcx)	# 32-bit compat task needs IRET
 	jnz  int_ret_from_sys_call
 	RESTORE_TOP_OF_STACK %rdi, -ARGOFFSET
 	jmp ret_from_sys_call			# go to the SYSRET fastpath
 1:
 	subq $REST_SKIP, %rsp	# leave space for volatiles
 	CFI_ADJUST_CFA_OFFSET	REST_SKIP
 	movq %rbp, %rdi
 	call *%rbx
 	movl $0, RAX(%rsp)
 	RESTORE_REST
 	jmp int_ret_from_sys_call
 	CFI_ENDPROC
 END(ret_from_fork)
 /*
  * System call entry. Up to 6 arguments in registers are supported.
  *
  * SYSCALL does not save anything on the stack and does not change the
  * stack pointer.  However, it does mask the flags register for us, so
  * CLD and CLAC are not needed.
  */
 /*
  * Register setup:
  * rax  system call number
  * rdi  arg0
  * rcx  return address for syscall/sysret, C arg3
  * rsi  arg1
  * rdx  arg2
  * r10  arg3 	(--> moved to rcx for C)
  * r8   arg4
  * r9   arg5
  * r11  eflags for syscall/sysret, temporary for C
  * r12-r15,rbp,rbx saved by C code, not touched.
  *
  * Interrupts are off on entry.
  * Only called from user space.
  *
  * XXX	if we had a free scratch register we could save the RSP into the stack frame
  *      and report it properly in ps. Unfortunately we haven't.
  *
  * When user can change the frames always force IRET. That is because
  * it deals with uncanonical addresses better. SYSRET has trouble
  * with them due to bugs in both AMD and Intel CPUs.
  */
 ENTRY(system_call)
 	CFI_STARTPROC	simple
 	CFI_SIGNAL_FRAME
 	CFI_DEF_CFA	rsp,KERNEL_STACK_OFFSET
 	CFI_REGISTER	rip,rcx
 	/*CFI_REGISTER	rflags,r11*/
 	SWAPGS_UNSAFE_STACK
 	/*
 	 * A hypervisor implementation might want to use a label
 	 * after the swapgs, so that it can do the swapgs
 	 * for the guest and jump here on syscall.
 	 */
 GLOBAL(system_call_after_swapgs)
 	movq	%rsp,PER_CPU_VAR(old_rsp)
 	movq	PER_CPU_VAR(kernel_stack),%rsp
 	/*
 	 * No need to follow this irqs off/on section - it's straight
 	 * and short:
 	 */
 	ENABLE_INTERRUPTS(CLBR_NONE)
 	SAVE_ARGS 8,0
 	movq  %rax,ORIG_RAX-ARGOFFSET(%rsp)
 	movq  %rcx,RIP-ARGOFFSET(%rsp)
 	CFI_REL_OFFSET rip,RIP-ARGOFFSET
 	testl $_TIF_WORK_SYSCALL_ENTRY,TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET)
 	jnz tracesys
 system_call_fastpath:
 #if __SYSCALL_MASK == ~0
 	cmpq $__NR_syscall_max,%rax
 #else
 	andl $__SYSCALL_MASK,%eax
 	cmpl $__NR_syscall_max,%eax
 #endif
 	ja badsys
 	movq %r10,%rcx
 	call *sys_call_table(,%rax,8)  # XXX:	 rip relative
 	movq %rax,RAX-ARGOFFSET(%rsp)
 /*
  * Syscall return path ending with SYSRET (fast path)
  * Has incomplete stack frame and undefined top of stack.
  */
 ret_from_sys_call:
 	movl $_TIF_ALLWORK_MASK,%edi
 	/* edi:	flagmask */
 sysret_check:
 	LOCKDEP_SYS_EXIT
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	movl TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET),%edx
 	andl %edi,%edx
 	jnz  sysret_careful
 	CFI_REMEMBER_STATE
 	/*
 	 * sysretq will re-enable interrupts:
 	 */
 	TRACE_IRQS_ON
 	movq RIP-ARGOFFSET(%rsp),%rcx
 	CFI_REGISTER	rip,rcx
 	RESTORE_ARGS 1,-ARG_SKIP,0
 	/*CFI_REGISTER	rflags,r11*/
 	movq	PER_CPU_VAR(old_rsp), %rsp
 	USERGS_SYSRET64
 	CFI_RESTORE_STATE
 	/* Handle reschedules */
 	/* edx:	work, edi: workmask */
 sysret_careful:
 	bt $TIF_NEED_RESCHED,%edx
 	jnc sysret_signal
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_NONE)
 	pushq_cfi %rdi
 	SCHEDULE_USER
 	popq_cfi %rdi
 	jmp sysret_check
 	/* Handle a signal */
 sysret_signal:
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_NONE)
 #ifdef CONFIG_AUDITSYSCALL
 	bt $TIF_SYSCALL_AUDIT,%edx
 	jc sysret_audit
 #endif
 	/*
 	 * We have a signal, or exit tracing or single-step.
 	 * These all wind up with the iret return path anyway,
 	 * so just join that path right now.
 	 */
 	FIXUP_TOP_OF_STACK %r11, -ARGOFFSET
 	jmp int_check_syscall_exit_work
 badsys:
 	movq $-ENOSYS,RAX-ARGOFFSET(%rsp)
 	jmp ret_from_sys_call
 #ifdef CONFIG_AUDITSYSCALL
 	/*
 	 * Fast path for syscall audit without full syscall trace.
 	 * We just call __audit_syscall_entry() directly, and then
 	 * jump back to the normal fast path.
 	 */
 auditsys:
 	movq %r10,%r9			/* 6th arg: 4th syscall arg */
 	movq %rdx,%r8			/* 5th arg: 3rd syscall arg */
 	movq %rsi,%rcx			/* 4th arg: 2nd syscall arg */
 	movq %rdi,%rdx			/* 3rd arg: 1st syscall arg */
 	movq %rax,%rsi			/* 2nd arg: syscall number */
 	movl $AUDIT_ARCH_X86_64,%edi	/* 1st arg: audit arch */
 	call __audit_syscall_entry
 	LOAD_ARGS 0		/* reload call-clobbered registers */
 	jmp system_call_fastpath
 	/*
 	 * Return fast path for syscall audit.  Call __audit_syscall_exit()
 	 * directly and then jump back to the fast path with TIF_SYSCALL_AUDIT
 	 * masked off.
 	 */
 sysret_audit:
 	movq RAX-ARGOFFSET(%rsp),%rsi	/* second arg, syscall return value */
 	cmpq $-MAX_ERRNO,%rsi	/* is it < -MAX_ERRNO? */
 	setbe %al		/* 1 if so, 0 if not */
 	movzbl %al,%edi		/* zero-extend that into %edi */
 	call __audit_syscall_exit
 	movl $(_TIF_ALLWORK_MASK & ~_TIF_SYSCALL_AUDIT),%edi
 	jmp sysret_check
 #endif	/* CONFIG_AUDITSYSCALL */
 	/* Do syscall tracing */
 tracesys:
 #ifdef CONFIG_AUDITSYSCALL
 	testl $(_TIF_WORK_SYSCALL_ENTRY & ~_TIF_SYSCALL_AUDIT),TI_flags+THREAD_INFO(%rsp,RIP-ARGOFFSET)
 	jz auditsys
 #endif
 	SAVE_REST
 	movq $-ENOSYS,RAX(%rsp) /* ptrace can change this for a bad syscall */
 	FIXUP_TOP_OF_STACK %rdi
 	movq %rsp,%rdi
 	call syscall_trace_enter
 	/*
 	 * Reload arg registers from stack in case ptrace changed them.
 	 * We don't reload %rax because syscall_trace_enter() returned
 	 * the value it wants us to use in the table lookup.
 	 */
 	LOAD_ARGS ARGOFFSET, 1
 	RESTORE_REST
 #if __SYSCALL_MASK == ~0
 	cmpq $__NR_syscall_max,%rax
 #else
 	andl $__SYSCALL_MASK,%eax
 	cmpl $__NR_syscall_max,%eax
 #endif
 	ja   int_ret_from_sys_call	/* RAX(%rsp) set to -ENOSYS above */
 	movq %r10,%rcx	/* fixup for C */
 	call *sys_call_table(,%rax,8)
 	movq %rax,RAX-ARGOFFSET(%rsp)
 	/* Use IRET because user could have changed frame */
 /*
  * Syscall return path ending with IRET.
  * Has correct top of stack, but partial stack frame.
  */
 GLOBAL(int_ret_from_sys_call)
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	movl $_TIF_ALLWORK_MASK,%edi
 	/* edi:	mask to check */
 GLOBAL(int_with_check)
 	LOCKDEP_SYS_EXIT_IRQ
 	GET_THREAD_INFO(%rcx)
 	movl TI_flags(%rcx),%edx
 	andl %edi,%edx
 	jnz   int_careful
 	andl    $~TS_COMPAT,TI_status(%rcx)
 	jmp   retint_swapgs
 	/* Either reschedule or signal or syscall exit tracking needed. */
 	/* First do a reschedule test. */
 	/* edx:	work, edi: workmask */
 int_careful:
 	bt $TIF_NEED_RESCHED,%edx
 	jnc  int_very_careful
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_NONE)
 	pushq_cfi %rdi
 	SCHEDULE_USER
 	popq_cfi %rdi
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	jmp int_with_check
 	/* handle signals and tracing -- both require a full stack frame */
 int_very_careful:
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_NONE)
 int_check_syscall_exit_work:
 	SAVE_REST
 	/* Check for syscall exit trace */
 	testl $_TIF_WORK_SYSCALL_EXIT,%edx
 	jz int_signal
 	pushq_cfi %rdi
 	leaq 8(%rsp),%rdi	# &ptregs -> arg1
 	call syscall_trace_leave
 	popq_cfi %rdi
 	andl $~(_TIF_WORK_SYSCALL_EXIT|_TIF_SYSCALL_EMU),%edi
 	jmp int_restore_rest
 int_signal:
 	testl $_TIF_DO_NOTIFY_MASK,%edx
 	jz 1f
 	movq %rsp,%rdi		# &ptregs -> arg1
 	xorl %esi,%esi		# oldset -> arg2
 	call do_notify_resume
 1:	movl $_TIF_WORK_MASK,%edi
 int_restore_rest:
 	RESTORE_REST
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	jmp int_with_check
 	CFI_ENDPROC
 END(system_call)
 /*
  * Certain special system calls that need to save a complete full stack frame.
  */
 	.macro PTREGSCALL label,func,arg
 ENTRY(\label)
 	PARTIAL_FRAME 1 8		/* offset 8: return address */
 	subq $REST_SKIP, %rsp
 	CFI_ADJUST_CFA_OFFSET REST_SKIP
 	call save_rest
 	DEFAULT_FRAME 0 8		/* offset 8: return address */
 	leaq 8(%rsp), \arg	/* pt_regs pointer */
 	call \func
 	jmp ptregscall_common
 	CFI_ENDPROC
 END(\label)
 	.endm
 	.macro FORK_LIKE func
 ENTRY(stub_\func)
 	CFI_STARTPROC
 	popq	%r11			/* save return address */
 	PARTIAL_FRAME 0
 	SAVE_REST
 	pushq	%r11			/* put it back on stack */
 	FIXUP_TOP_OF_STACK %r11, 8
 	DEFAULT_FRAME 0 8		/* offset 8: return address */
 	call sys_\func
 	RESTORE_TOP_OF_STACK %r11, 8
 	ret $REST_SKIP		/* pop extended registers */
 	CFI_ENDPROC
 END(stub_\func)
 	.endm
 	FORK_LIKE  clone
 	FORK_LIKE  fork
 	FORK_LIKE  vfork
 	PTREGSCALL stub_iopl, sys_iopl, %rsi
 ENTRY(ptregscall_common)
 	DEFAULT_FRAME 1 8	/* offset 8: return address */
 	RESTORE_TOP_OF_STACK %r11, 8
 	movq_cfi_restore R15+8, r15
 	movq_cfi_restore R14+8, r14
 	movq_cfi_restore R13+8, r13
 	movq_cfi_restore R12+8, r12
 	movq_cfi_restore RBP+8, rbp
 	movq_cfi_restore RBX+8, rbx
 	ret $REST_SKIP		/* pop extended registers */
 	CFI_ENDPROC
 END(ptregscall_common)
 ENTRY(stub_execve)
 	CFI_STARTPROC
 	addq $8, %rsp
 	PARTIAL_FRAME 0
 	SAVE_REST
 	FIXUP_TOP_OF_STACK %r11
 	call sys_execve
 	RESTORE_TOP_OF_STACK %r11
 	movq %rax,RAX(%rsp)
 	RESTORE_REST
 	jmp int_ret_from_sys_call
 	CFI_ENDPROC
 END(stub_execve)
 /*
  * sigreturn is special because it needs to restore all registers on return.
  * This cannot be done with SYSRET, so use the IRET return path instead.
  */
 ENTRY(stub_rt_sigreturn)
 	CFI_STARTPROC
 	addq $8, %rsp
 	PARTIAL_FRAME 0
 	SAVE_REST
 	movq %rsp,%rdi
 	FIXUP_TOP_OF_STACK %r11
 	call sys_rt_sigreturn
 	movq %rax,RAX(%rsp) # fixme, this could be done at the higher layer
 	RESTORE_REST
 	jmp int_ret_from_sys_call
 	CFI_ENDPROC
 END(stub_rt_sigreturn)
 #ifdef CONFIG_X86_X32_ABI
 ENTRY(stub_x32_rt_sigreturn)
 	CFI_STARTPROC
 	addq $8, %rsp
 	PARTIAL_FRAME 0
 	SAVE_REST
 	movq %rsp,%rdi
 	FIXUP_TOP_OF_STACK %r11
 	call sys32_x32_rt_sigreturn
 	movq %rax,RAX(%rsp) # fixme, this could be done at the higher layer
 	RESTORE_REST
 	jmp int_ret_from_sys_call
 	CFI_ENDPROC
 END(stub_x32_rt_sigreturn)
 ENTRY(stub_x32_execve)
 	CFI_STARTPROC
 	addq $8, %rsp
 	PARTIAL_FRAME 0
 	SAVE_REST
 	FIXUP_TOP_OF_STACK %r11
 	call compat_sys_execve
 	RESTORE_TOP_OF_STACK %r11
 	movq %rax,RAX(%rsp)
 	RESTORE_REST
 	jmp int_ret_from_sys_call
 	CFI_ENDPROC
 END(stub_x32_execve)
 #endif
 /*
  * Build the entry stubs and pointer table with some assembler magic.
  * We pack 7 stubs into a single 32-byte chunk, which will fit in a
  * single cache line on all modern x86 implementations.
  */
 	.section .init.rodata,"a"
 ENTRY(interrupt)
 	.section .entry.text
 	.p2align 5
 	.p2align CONFIG_X86_L1_CACHE_SHIFT
 ENTRY(irq_entries_start)
 	INTR_FRAME
 vector=FIRST_EXTERNAL_VECTOR
 .rept (NR_VECTORS-FIRST_EXTERNAL_VECTOR+6)/7
 	.balign 32
   .rept	7
     .if vector < NR_VECTORS
       .if vector <> FIRST_EXTERNAL_VECTOR
 	CFI_ADJUST_CFA_OFFSET -8
       .endif
 1:	pushq_cfi $(~vector+0x80)	/* Note: always in signed byte range */
       .if ((vector-FIRST_EXTERNAL_VECTOR)%7) <> 6
 	jmp 2f
       .endif
       .previous
 	.quad 1b
       .section .entry.text
 vector=vector+1
     .endif
   .endr
 2:	jmp common_interrupt
 .endr
 	CFI_ENDPROC
 END(irq_entries_start)
 .previous
 END(interrupt)
 .previous
 /*
  * Interrupt entry/exit.
  *
  * Interrupt entry points save only callee clobbered registers in fast path.
  *
  * Entry runs with interrupts off.
  */
 /* 0(%rsp): ~(interrupt number) */
 	.macro interrupt func
 	/* reserve pt_regs for scratch regs and rbp */
 	subq $ORIG_RAX-RBP, %rsp
 	CFI_ADJUST_CFA_OFFSET ORIG_RAX-RBP
 	SAVE_ARGS_IRQ
 	call \func
 	.endm
 /*
  * Interrupt entry/exit should be protected against kprobes
  */
 	.pushsection .kprobes.text, "ax"
 	/*
 	 * The interrupt stubs push (~vector+0x80) onto the stack and
 	 * then jump to common_interrupt.
 	 */
 	.p2align CONFIG_X86_L1_CACHE_SHIFT
 common_interrupt:
 	XCPT_FRAME
 	ASM_CLAC
 	addq $-0x80,(%rsp)		/* Adjust vector to [-256,-1] range */
 	interrupt do_IRQ
 	/* 0(%rsp): old_rsp-ARGOFFSET */
 ret_from_intr:
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	decl PER_CPU_VAR(irq_count)
 	/* Restore saved previous stack */
 	popq %rsi
 	CFI_DEF_CFA rsi,SS+8-RBP	/* reg/off reset after def_cfa_expr */
 	leaq ARGOFFSET-RBP(%rsi), %rsp
 	CFI_DEF_CFA_REGISTER	rsp
 	CFI_ADJUST_CFA_OFFSET	RBP-ARGOFFSET
 exit_intr:
 	GET_THREAD_INFO(%rcx)
 	testl $3,CS-ARGOFFSET(%rsp)
 	je retint_kernel
 	/* Interrupt came from user space */
 	/*
 	 * Has a correct top of stack, but a partial stack frame
 	 * %rcx: thread info. Interrupts off.
 	 */
 retint_with_reschedule:
 	movl $_TIF_WORK_MASK,%edi
 retint_check:
 	LOCKDEP_SYS_EXIT_IRQ
 	movl TI_flags(%rcx),%edx
 	andl %edi,%edx
 	CFI_REMEMBER_STATE
 	jnz  retint_careful
 retint_swapgs:		/* return to user-space */
 	/*
 	 * The iretq could re-enable interrupts:
 	 */
 	DISABLE_INTERRUPTS(CLBR_ANY)
 	TRACE_IRQS_IRETQ
 	SWAPGS
 	jmp restore_args
 retint_restore_args:	/* return to kernel space */
 	DISABLE_INTERRUPTS(CLBR_ANY)
 	/*
 	 * The iretq could re-enable interrupts:
 	 */
 	TRACE_IRQS_IRETQ
 restore_args:
 	RESTORE_ARGS 1,8,1
 irq_return:
 	INTERRUPT_RETURN
 	_ASM_EXTABLE(irq_return, bad_iret)
 #ifdef CONFIG_PARAVIRT
 ENTRY(native_iret)
 	iretq
 	_ASM_EXTABLE(native_iret, bad_iret)
 #endif
 	.section .fixup,"ax"
 bad_iret:
 	/*
 	 * The iret traps when the %cs or %ss being restored is bogus.
 	 * We've lost the original trap vector and error code.
 	 * #GPF is the most likely one to get for an invalid selector.
 	 * So pretend we completed the iret and took the #GPF in user mode.
 	 *
 	 * We are now running with the kernel GS after exception recovery.
 	 * But error_entry expects us to have user GS to match the user %cs,
 	 * so swap back.
 	 */
 	pushq $0
 	SWAPGS
 	jmp general_protection
 	.previous
 	/* edi: workmask, edx: work */
 retint_careful:
 	CFI_RESTORE_STATE
 	bt    $TIF_NEED_RESCHED,%edx
 	jnc   retint_signal
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_NONE)
 	pushq_cfi %rdi
 	SCHEDULE_USER
 	popq_cfi %rdi
 	GET_THREAD_INFO(%rcx)
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	jmp retint_check
 retint_signal:
 	testl $_TIF_DO_NOTIFY_MASK,%edx
 	jz    retint_swapgs
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_NONE)
 	SAVE_REST
 	movq $-1,ORIG_RAX(%rsp)
 	xorl %esi,%esi		# oldset
 	movq %rsp,%rdi		# &pt_regs
 	call do_notify_resume
 	RESTORE_REST
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	GET_THREAD_INFO(%rcx)
 	jmp retint_with_reschedule
 #ifdef CONFIG_PREEMPT
 	/* Returning to kernel space. Check if we need preemption */
 	/* rcx:	 threadinfo. interrupts off. */
 ENTRY(retint_kernel)
 	cmpl $0,TI_preempt_count(%rcx)
 	jnz  retint_restore_args
 	bt  $TIF_NEED_RESCHED,TI_flags(%rcx)
 	jnc  retint_restore_args
 	bt   $9,EFLAGS-ARGOFFSET(%rsp)	/* interrupts off? */
 	jnc  retint_restore_args
 	call preempt_schedule_irq
 	jmp exit_intr
 #endif
 	CFI_ENDPROC
 END(common_interrupt)
 /*
  * End of kprobes section
  */
        .popsection
 /*
  * APIC interrupts.
  */
 .macro apicinterrupt num sym do_sym
 ENTRY(\sym)
 	INTR_FRAME
 	ASM_CLAC
 	pushq_cfi $~(\num)
 .Lcommon_\sym:
 	interrupt \do_sym
 	jmp ret_from_intr
 	CFI_ENDPROC
 END(\sym)
 .endm
 #ifdef CONFIG_SMP
 apicinterrupt IRQ_MOVE_CLEANUP_VECTOR \
 	irq_move_cleanup_interrupt smp_irq_move_cleanup_interrupt
 apicinterrupt REBOOT_VECTOR \
 	reboot_interrupt smp_reboot_interrupt
 #endif
 #ifdef CONFIG_X86_UV
 apicinterrupt UV_BAU_MESSAGE \
 	uv_bau_message_intr1 uv_bau_message_interrupt
 #endif
 apicinterrupt LOCAL_TIMER_VECTOR \
 	apic_timer_interrupt smp_apic_timer_interrupt
 apicinterrupt X86_PLATFORM_IPI_VECTOR \
 	x86_platform_ipi smp_x86_platform_ipi
 apicinterrupt THRESHOLD_APIC_VECTOR \
 	threshold_interrupt smp_threshold_interrupt
 apicinterrupt THERMAL_APIC_VECTOR \
 	thermal_interrupt smp_thermal_interrupt
 #ifdef CONFIG_SMP
 apicinterrupt CALL_FUNCTION_SINGLE_VECTOR \
 	call_function_single_interrupt smp_call_function_single_interrupt
 apicinterrupt CALL_FUNCTION_VECTOR \
 	call_function_interrupt smp_call_function_interrupt
 apicinterrupt RESCHEDULE_VECTOR \
 	reschedule_interrupt smp_reschedule_interrupt
 #endif
 apicinterrupt ERROR_APIC_VECTOR \
 	error_interrupt smp_error_interrupt
 apicinterrupt SPURIOUS_APIC_VECTOR \
 	spurious_interrupt smp_spurious_interrupt
 #ifdef CONFIG_IRQ_WORK
 apicinterrupt IRQ_WORK_VECTOR \
 	irq_work_interrupt smp_irq_work_interrupt
 #endif
 /*
  * Exception entry points.
  */
 .macro zeroentry sym do_sym
 ENTRY(\sym)
 	INTR_FRAME
 	ASM_CLAC
 	PARAVIRT_ADJUST_EXCEPTION_FRAME
 	pushq_cfi $-1		/* ORIG_RAX: no syscall to restart */
 	subq $ORIG_RAX-R15, %rsp
 	CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
 	call error_entry
 	DEFAULT_FRAME 0
 	movq %rsp,%rdi		/* pt_regs pointer */
 	xorl %esi,%esi		/* no error code */
 	call \do_sym
 	jmp error_exit		/* %ebx: no swapgs flag */
 	CFI_ENDPROC
 END(\sym)
 .endm
 .macro paranoidzeroentry sym do_sym
 ENTRY(\sym)
 	INTR_FRAME
 	ASM_CLAC
 	PARAVIRT_ADJUST_EXCEPTION_FRAME
 	pushq_cfi $-1		/* ORIG_RAX: no syscall to restart */
 	subq $ORIG_RAX-R15, %rsp
 	CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
 	call save_paranoid
 	TRACE_IRQS_OFF
 	movq %rsp,%rdi		/* pt_regs pointer */
 	xorl %esi,%esi		/* no error code */
 	call \do_sym
 	jmp paranoid_exit	/* %ebx: no swapgs flag */
 	CFI_ENDPROC
 END(\sym)
 .endm
 #define INIT_TSS_IST(x) PER_CPU_VAR(init_tss) + (TSS_ist + ((x) - 1) * 8)
 .macro paranoidzeroentry_ist sym do_sym ist
 ENTRY(\sym)
 	INTR_FRAME
 	ASM_CLAC
 	PARAVIRT_ADJUST_EXCEPTION_FRAME
 	pushq_cfi $-1		/* ORIG_RAX: no syscall to restart */
 	subq $ORIG_RAX-R15, %rsp
 	CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
 	call save_paranoid
 	TRACE_IRQS_OFF_DEBUG
 	movq %rsp,%rdi		/* pt_regs pointer */
 	xorl %esi,%esi		/* no error code */
 	subq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist)
 	call \do_sym
 	addq $EXCEPTION_STKSZ, INIT_TSS_IST(\ist)
 	jmp paranoid_exit	/* %ebx: no swapgs flag */
 	CFI_ENDPROC
 END(\sym)
 .endm
 .macro errorentry sym do_sym
 ENTRY(\sym)
 	XCPT_FRAME
 	ASM_CLAC
 	PARAVIRT_ADJUST_EXCEPTION_FRAME
 	subq $ORIG_RAX-R15, %rsp
 	CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
 	call error_entry
 	DEFAULT_FRAME 0
 	movq %rsp,%rdi			/* pt_regs pointer */
 	movq ORIG_RAX(%rsp),%rsi	/* get error code */
 	movq $-1,ORIG_RAX(%rsp)		/* no syscall to restart */
 	call \do_sym
 	jmp error_exit			/* %ebx: no swapgs flag */
 	CFI_ENDPROC
 END(\sym)
 .endm
 	/* error code is on the stack already */
 .macro paranoiderrorentry sym do_sym
 ENTRY(\sym)
 	XCPT_FRAME
 	ASM_CLAC
 	PARAVIRT_ADJUST_EXCEPTION_FRAME
 	subq $ORIG_RAX-R15, %rsp
 	CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
 	call save_paranoid
 	DEFAULT_FRAME 0
 	TRACE_IRQS_OFF
 	movq %rsp,%rdi			/* pt_regs pointer */
 	movq ORIG_RAX(%rsp),%rsi	/* get error code */
 	movq $-1,ORIG_RAX(%rsp)		/* no syscall to restart */
 	call \do_sym
 	jmp paranoid_exit		/* %ebx: no swapgs flag */
 	CFI_ENDPROC
 END(\sym)
 .endm
 zeroentry divide_error do_divide_error
 zeroentry overflow do_overflow
 zeroentry bounds do_bounds
 zeroentry invalid_op do_invalid_op
 zeroentry device_not_available do_device_not_available
 paranoiderrorentry double_fault do_double_fault
 zeroentry coprocessor_segment_overrun do_coprocessor_segment_overrun
 errorentry invalid_TSS do_invalid_TSS
 errorentry segment_not_present do_segment_not_present
 zeroentry spurious_interrupt_bug do_spurious_interrupt_bug
 zeroentry coprocessor_error do_coprocessor_error
 errorentry alignment_check do_alignment_check
 zeroentry simd_coprocessor_error do_simd_coprocessor_error
 	/* Reload gs selector with exception handling */
 	/* edi:  new selector */
 ENTRY(native_load_gs_index)
 	CFI_STARTPROC
 	pushfq_cfi
 	DISABLE_INTERRUPTS(CLBR_ANY & ~CLBR_RDI)
 	SWAPGS
 gs_change:
 	movl %edi,%gs
 2:	mfence		/* workaround */
 	SWAPGS
 	popfq_cfi
 	ret
 	CFI_ENDPROC
 END(native_load_gs_index)
 	_ASM_EXTABLE(gs_change,bad_gs)
 	.section .fixup,"ax"
 	/* running with kernelgs */
 bad_gs:
 	SWAPGS			/* switch back to user gs */
 	xorl %eax,%eax
 	movl %eax,%gs
 	jmp  2b
 	.previous
 /* Call softirq on interrupt stack. Interrupts are off. */
 ENTRY(call_softirq)
 	CFI_STARTPROC
 	pushq_cfi %rbp
 	CFI_REL_OFFSET rbp,0
 	mov  %rsp,%rbp
 	CFI_DEF_CFA_REGISTER rbp
 	incl PER_CPU_VAR(irq_count)
 	cmove PER_CPU_VAR(irq_stack_ptr),%rsp
 	push  %rbp			# backlink for old unwinder
 	call __do_softirq
 	leaveq
 	CFI_RESTORE		rbp
 	CFI_DEF_CFA_REGISTER	rsp
 	CFI_ADJUST_CFA_OFFSET   -8
 	decl PER_CPU_VAR(irq_count)
 	ret
 	CFI_ENDPROC
 END(call_softirq)
 #ifdef CONFIG_XEN
 zeroentry xen_hypervisor_callback xen_do_hypervisor_callback
 /*
  * A note on the "critical region" in our callback handler.
  * We want to avoid stacking callback handlers due to events occurring
  * during handling of the last event. To do this, we keep events disabled
  * until we've done all processing. HOWEVER, we must enable events before
  * popping the stack frame (can't be done atomically) and so it would still
  * be possible to get enough handler activations to overflow the stack.
  * Although unlikely, bugs of that kind are hard to track down, so we'd
  * like to avoid the possibility.
  * So, on entry to the handler we detect whether we interrupted an
  * existing activation in its critical region -- if so, we pop the current
  * activation and restart the handler using the previous one.
  */
 ENTRY(xen_do_hypervisor_callback)   # do_hypervisor_callback(struct *pt_regs)
 	CFI_STARTPROC
 /*
  * Since we don't modify %rdi, evtchn_do_upall(struct *pt_regs) will
  * see the correct pointer to the pt_regs
  */
 	movq %rdi, %rsp            # we don't return, adjust the stack frame
 	CFI_ENDPROC
 	DEFAULT_FRAME
 11:	incl PER_CPU_VAR(irq_count)
 	movq %rsp,%rbp
 	CFI_DEF_CFA_REGISTER rbp
 	cmovzq PER_CPU_VAR(irq_stack_ptr),%rsp
 	pushq %rbp			# backlink for old unwinder
 	call xen_evtchn_do_upcall
 	popq %rsp
 	CFI_DEF_CFA_REGISTER rsp
 	decl PER_CPU_VAR(irq_count)
 	jmp  error_exit
 	CFI_ENDPROC
 END(xen_do_hypervisor_callback)
 /*
  * Hypervisor uses this for application faults while it executes.
  * We get here for two reasons:
  *  1. Fault while reloading DS, ES, FS or GS
  *  2. Fault while executing IRET
  * Category 1 we do not need to fix up as Xen has already reloaded all segment
  * registers that could be reloaded and zeroed the others.
  * Category 2 we fix up by killing the current process. We cannot use the
  * normal Linux return path in this case because if we use the IRET hypercall
  * to pop the stack frame we end up in an infinite loop of failsafe callbacks.
  * We distinguish between categories by comparing each saved segment register
  * with its current contents: any discrepancy means we in category 1.
  */
 ENTRY(xen_failsafe_callback)
 	INTR_FRAME 1 (6*8)
 	/*CFI_REL_OFFSET gs,GS*/
 	/*CFI_REL_OFFSET fs,FS*/
 	/*CFI_REL_OFFSET es,ES*/
 	/*CFI_REL_OFFSET ds,DS*/
 	CFI_REL_OFFSET r11,8
 	CFI_REL_OFFSET rcx,0
 	movw %ds,%cx
 	cmpw %cx,0x10(%rsp)
 	CFI_REMEMBER_STATE
 	jne 1f
 	movw %es,%cx
 	cmpw %cx,0x18(%rsp)
 	jne 1f
 	movw %fs,%cx
 	cmpw %cx,0x20(%rsp)
 	jne 1f
 	movw %gs,%cx
 	cmpw %cx,0x28(%rsp)
 	jne 1f
 	/* All segments match their saved values => Category 2 (Bad IRET). */
 	movq (%rsp),%rcx
 	CFI_RESTORE rcx
 	movq 8(%rsp),%r11
 	CFI_RESTORE r11
 	addq $0x30,%rsp
 	CFI_ADJUST_CFA_OFFSET -0x30
 	pushq_cfi $0	/* RIP */
 	pushq_cfi %r11
 	pushq_cfi %rcx
 	jmp general_protection
 	CFI_RESTORE_STATE
 1:	/* Segment mismatch => Category 1 (Bad segment). Retry the IRET. */
 	movq (%rsp),%rcx
 	CFI_RESTORE rcx
 	movq 8(%rsp),%r11
 	CFI_RESTORE r11
 	addq $0x30,%rsp
 	CFI_ADJUST_CFA_OFFSET -0x30
 	pushq_cfi $-1 /* orig_ax = -1 => not a system call */
 	SAVE_ALL
 	jmp error_exit
 	CFI_ENDPROC
 END(xen_failsafe_callback)
-apicinterrupt XEN_HVM_EVTCHN_CALLBACK \
+apicinterrupt HYPERVISOR_CALLBACK_VECTOR \
 	xen_hvm_callback_vector xen_evtchn_do_upcall
 #endif /* CONFIG_XEN */
+#if IS_ENABLED(CONFIG_HYPERV)
+apicinterrupt HYPERVISOR_CALLBACK_VECTOR \
+	hyperv_callback_vector hyperv_vector_handler
+#endif /* CONFIG_HYPERV */
 /*
  * Some functions should be protected against kprobes
  */
 	.pushsection .kprobes.text, "ax"
 paranoidzeroentry_ist debug do_debug DEBUG_STACK
 paranoidzeroentry_ist int3 do_int3 DEBUG_STACK
 paranoiderrorentry stack_segment do_stack_segment
 #ifdef CONFIG_XEN
 zeroentry xen_debug do_debug
 zeroentry xen_int3 do_int3
 errorentry xen_stack_segment do_stack_segment
 #endif
 errorentry general_protection do_general_protection
 errorentry page_fault do_page_fault
 #ifdef CONFIG_KVM_GUEST
 errorentry async_page_fault do_async_page_fault
 #endif
 #ifdef CONFIG_X86_MCE
 paranoidzeroentry machine_check *machine_check_vector(%rip)
 #endif
 	/*
 	 * "Paranoid" exit path from exception stack.
 	 * Paranoid because this is used by NMIs and cannot take
 	 * any kernel state for granted.
 	 * We don't do kernel preemption checks here, because only
 	 * NMI should be common and it does not enable IRQs and
 	 * cannot get reschedule ticks.
 	 *
 	 * "trace" is 0 for the NMI handler only, because irq-tracing
 	 * is fundamentally NMI-unsafe. (we cannot change the soft and
 	 * hard flags at once, atomically)
 	 */
 	/* ebx:	no swapgs flag */
 ENTRY(paranoid_exit)
 	DEFAULT_FRAME
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF_DEBUG
 	testl %ebx,%ebx				/* swapgs needed? */
 	jnz paranoid_restore
 	testl $3,CS(%rsp)
 	jnz   paranoid_userspace
 paranoid_swapgs:
 	TRACE_IRQS_IRETQ 0
 	SWAPGS_UNSAFE_STACK
 	RESTORE_ALL 8
 	jmp irq_return
 paranoid_restore:
 	TRACE_IRQS_IRETQ_DEBUG 0
 	RESTORE_ALL 8
 	jmp irq_return
 paranoid_userspace:
 	GET_THREAD_INFO(%rcx)
 	movl TI_flags(%rcx),%ebx
 	andl $_TIF_WORK_MASK,%ebx
 	jz paranoid_swapgs
 	movq %rsp,%rdi			/* &pt_regs */
 	call sync_regs
 	movq %rax,%rsp			/* switch stack for scheduling */
 	testl $_TIF_NEED_RESCHED,%ebx
 	jnz paranoid_schedule
 	movl %ebx,%edx			/* arg3: thread flags */
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_NONE)
 	xorl %esi,%esi 			/* arg2: oldset */
 	movq %rsp,%rdi 			/* arg1: &pt_regs */
 	call do_notify_resume
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	jmp paranoid_userspace
 paranoid_schedule:
 	TRACE_IRQS_ON
 	ENABLE_INTERRUPTS(CLBR_ANY)
 	SCHEDULE_USER
 	DISABLE_INTERRUPTS(CLBR_ANY)
 	TRACE_IRQS_OFF
 	jmp paranoid_userspace
 	CFI_ENDPROC
 END(paranoid_exit)
 /*
  * Exception entry point. This expects an error code/orig_rax on the stack.
  * returns in "no swapgs flag" in %ebx.
  */
 ENTRY(error_entry)
 	XCPT_FRAME
 	CFI_ADJUST_CFA_OFFSET 15*8
 	/* oldrax contains error code */
 	cld
 	movq_cfi rdi, RDI+8
 	movq_cfi rsi, RSI+8
 	movq_cfi rdx, RDX+8
 	movq_cfi rcx, RCX+8
 	movq_cfi rax, RAX+8
 	movq_cfi  r8,  R8+8
 	movq_cfi  r9,  R9+8
 	movq_cfi r10, R10+8
 	movq_cfi r11, R11+8
 	movq_cfi rbx, RBX+8
 	movq_cfi rbp, RBP+8
 	movq_cfi r12, R12+8
 	movq_cfi r13, R13+8
 	movq_cfi r14, R14+8
 	movq_cfi r15, R15+8
 	xorl %ebx,%ebx
 	testl $3,CS+8(%rsp)
 	je error_kernelspace
 error_swapgs:
 	SWAPGS
 error_sti:
 	TRACE_IRQS_OFF
 	ret
 /*
  * There are two places in the kernel that can potentially fault with
  * usergs. Handle them here. The exception handlers after iret run with
  * kernel gs again, so don't set the user space flag. B stepping K8s
  * sometimes report an truncated RIP for IRET exceptions returning to
  * compat mode. Check for these here too.
  */
 error_kernelspace:
 	incl %ebx
 	leaq irq_return(%rip),%rcx
 	cmpq %rcx,RIP+8(%rsp)
 	je error_swapgs
 	movl %ecx,%eax	/* zero extend */
 	cmpq %rax,RIP+8(%rsp)
 	je bstep_iret
 	cmpq $gs_change,RIP+8(%rsp)
 	je error_swapgs
 	jmp error_sti
 bstep_iret:
 	/* Fix truncated RIP */
 	movq %rcx,RIP+8(%rsp)
 	jmp error_swapgs
 	CFI_ENDPROC
 END(error_entry)
 /* ebx:	no swapgs flag (1: don't need swapgs, 0: need it) */
 ENTRY(error_exit)
 	DEFAULT_FRAME
 	movl %ebx,%eax
 	RESTORE_REST
 	DISABLE_INTERRUPTS(CLBR_NONE)
 	TRACE_IRQS_OFF
 	GET_THREAD_INFO(%rcx)
 	testl %eax,%eax
 	jne retint_kernel
 	LOCKDEP_SYS_EXIT_IRQ
 	movl TI_flags(%rcx),%edx
 	movl $_TIF_WORK_MASK,%edi
 	andl %edi,%edx
 	jnz retint_careful
 	jmp retint_swapgs
 	CFI_ENDPROC
 END(error_exit)
 /*
  * Test if a given stack is an NMI stack or not.
  */
 	.macro test_in_nmi reg stack nmi_ret normal_ret
 	cmpq %\reg, \stack
 	ja \normal_ret
 	subq $EXCEPTION_STKSZ, %\reg
 	cmpq %\reg, \stack
 	jb \normal_ret
 	jmp \nmi_ret
 	.endm
 	/* runs on exception stack */
 ENTRY(nmi)
 	INTR_FRAME
 	PARAVIRT_ADJUST_EXCEPTION_FRAME
 	/*
 	 * We allow breakpoints in NMIs. If a breakpoint occurs, then
 	 * the iretq it performs will take us out of NMI context.
 	 * This means that we can have nested NMIs where the next
 	 * NMI is using the top of the stack of the previous NMI. We
 	 * can't let it execute because the nested NMI will corrupt the
 	 * stack of the previous NMI. NMI handlers are not re-entrant
 	 * anyway.
 	 *
 	 * To handle this case we do the following:
 	 *  Check the a special location on the stack that contains
 	 *  a variable that is set when NMIs are executing.
 	 *  The interrupted task's stack is also checked to see if it
 	 *  is an NMI stack.
 	 *  If the variable is not set and the stack is not the NMI
 	 *  stack then:
 	 *    o Set the special variable on the stack
 	 *    o Copy the interrupt frame into a "saved" location on the stack
 	 *    o Copy the interrupt frame into a "copy" location on the stack
 	 *    o Continue processing the NMI
 	 *  If the variable is set or the previous stack is the NMI stack:
 	 *    o Modify the "copy" location to jump to the repeate_nmi
 	 *    o return back to the first NMI
 	 *
 	 * Now on exit of the first NMI, we first clear the stack variable
 	 * The NMI stack will tell any nested NMIs at that point that it is
 	 * nested. Then we pop the stack normally with iret, and if there was
 	 * a nested NMI that updated the copy interrupt stack frame, a
 	 * jump will be made to the repeat_nmi code that will handle the second
 	 * NMI.
 	 */
 	/* Use %rdx as out temp variable throughout */
 	pushq_cfi %rdx
 	CFI_REL_OFFSET rdx, 0
 	/*
 	 * If %cs was not the kernel segment, then the NMI triggered in user
 	 * space, which means it is definitely not nested.
 	 */
 	cmpl $__KERNEL_CS, 16(%rsp)
 	jne first_nmi
 	/*
 	 * Check the special variable on the stack to see if NMIs are
 	 * executing.
 	 */
 	cmpl $1, -8(%rsp)
 	je nested_nmi
 	/*
 	 * Now test if the previous stack was an NMI stack.
 	 * We need the double check. We check the NMI stack to satisfy the
 	 * race when the first NMI clears the variable before returning.
 	 * We check the variable because the first NMI could be in a
 	 * breakpoint routine using a breakpoint stack.
 	 */
 	lea 6*8(%rsp), %rdx
 	test_in_nmi rdx, 4*8(%rsp), nested_nmi, first_nmi
 	CFI_REMEMBER_STATE
 nested_nmi:
 	/*
 	 * Do nothing if we interrupted the fixup in repeat_nmi.
 	 * It's about to repeat the NMI handler, so we are fine
 	 * with ignoring this one.
 	 */
 	movq $repeat_nmi, %rdx
 	cmpq 8(%rsp), %rdx
 	ja 1f
 	movq $end_repeat_nmi, %rdx
 	cmpq 8(%rsp), %rdx
 	ja nested_nmi_out
 1:
 	/* Set up the interrupted NMIs stack to jump to repeat_nmi */
 	leaq -1*8(%rsp), %rdx
 	movq %rdx, %rsp
 	CFI_ADJUST_CFA_OFFSET 1*8
 	leaq -10*8(%rsp), %rdx
 	pushq_cfi $__KERNEL_DS
 	pushq_cfi %rdx
 	pushfq_cfi
 	pushq_cfi $__KERNEL_CS
 	pushq_cfi $repeat_nmi
 	/* Put stack back */
 	addq $(6*8), %rsp
 	CFI_ADJUST_CFA_OFFSET -6*8
 nested_nmi_out:
 	popq_cfi %rdx
 	CFI_RESTORE rdx
 	/* No need to check faults here */
 	INTERRUPT_RETURN
 	CFI_RESTORE_STATE
 first_nmi:
 	/*
 	 * Because nested NMIs will use the pushed location that we
 	 * stored in rdx, we must keep that space available.
 	 * Here's what our stack frame will look like:
 	 * +-------------------------+
 	 * | original SS             |
 	 * | original Return RSP     |
 	 * | original RFLAGS         |
 	 * | original CS             |
 	 * | original RIP            |
 	 * +-------------------------+
 	 * | temp storage for rdx    |
 	 * +-------------------------+
 	 * | NMI executing variable  |
 	 * +-------------------------+
 	 * | copied SS               |
 	 * | copied Return RSP       |
 	 * | copied RFLAGS           |
 	 * | copied CS               |
 	 * | copied RIP              |
 	 * +-------------------------+
 	 * | Saved SS                |
 	 * | Saved Return RSP        |
 	 * | Saved RFLAGS            |
 	 * | Saved CS                |
 	 * | Saved RIP               |
 	 * +-------------------------+
 	 * | pt_regs                 |
 	 * +-------------------------+
 	 *
 	 * The saved stack frame is used to fix up the copied stack frame
 	 * that a nested NMI may change to make the interrupted NMI iret jump
 	 * to the repeat_nmi. The original stack frame and the temp storage
 	 * is also used by nested NMIs and can not be trusted on exit.
 	 */
 	/* Do not pop rdx, nested NMIs will corrupt that part of the stack */
 	movq (%rsp), %rdx
 	CFI_RESTORE rdx
 	/* Set the NMI executing variable on the stack. */
 	pushq_cfi $1
 	/*
 	 * Leave room for the "copied" frame
 	 */
 	subq $(5*8), %rsp
 	CFI_ADJUST_CFA_OFFSET 5*8
 	/* Copy the stack frame to the Saved frame */
 	.rept 5
 	pushq_cfi 11*8(%rsp)
 	.endr
 	CFI_DEF_CFA_OFFSET SS+8-RIP
 	/* Everything up to here is safe from nested NMIs */
 	/*
 	 * If there was a nested NMI, the first NMI's iret will return
 	 * here. But NMIs are still enabled and we can take another
 	 * nested NMI. The nested NMI checks the interrupted RIP to see
 	 * if it is between repeat_nmi and end_repeat_nmi, and if so
 	 * it will just return, as we are about to repeat an NMI anyway.
 	 * This makes it safe to copy to the stack frame that a nested
 	 * NMI will update.
 	 */
 repeat_nmi:
 	/*
 	 * Update the stack variable to say we are still in NMI (the update
 	 * is benign for the non-repeat case, where 1 was pushed just above
 	 * to this very stack slot).
 	 */
 	movq $1, 10*8(%rsp)
 	/* Make another copy, this one may be modified by nested NMIs */
 	addq $(10*8), %rsp
 	CFI_ADJUST_CFA_OFFSET -10*8
 	.rept 5
 	pushq_cfi -6*8(%rsp)
 	.endr
 	subq $(5*8), %rsp
 	CFI_DEF_CFA_OFFSET SS+8-RIP
 end_repeat_nmi:
 	/*
 	 * Everything below this point can be preempted by a nested
 	 * NMI if the first NMI took an exception and reset our iret stack
 	 * so that we repeat another NMI.
 	 */
 	pushq_cfi $-1		/* ORIG_RAX: no syscall to restart */
 	subq $ORIG_RAX-R15, %rsp
 	CFI_ADJUST_CFA_OFFSET ORIG_RAX-R15
 	/*
 	 * Use save_paranoid to handle SWAPGS, but no need to use paranoid_exit
 	 * as we should not be calling schedule in NMI context.
 	 * Even with normal interrupts enabled. An NMI should not be
 	 * setting NEED_RESCHED or anything that normal interrupts and
 	 * exceptions might do.
 	 */
 	call save_paranoid
 	DEFAULT_FRAME 0
 	/*
 	 * Save off the CR2 register. If we take a page fault in the NMI then
 	 * it could corrupt the CR2 value. If the NMI preempts a page fault
 	 * handler before it was able to read the CR2 register, and then the
 	 * NMI itself takes a page fault, the page fault that was preempted
 	 * will read the information from the NMI page fault and not the
 	 * origin fault. Save it off and restore it if it changes.
 	 * Use the r12 callee-saved register.
 	 */
 	movq %cr2, %r12
 	/* paranoidentry do_nmi, 0; without TRACE_IRQS_OFF */
 	movq %rsp,%rdi
 	movq $-1,%rsi
 	call do_nmi
 	/* Did the NMI take a page fault? Restore cr2 if it did */
 	movq %cr2, %rcx
 	cmpq %rcx, %r12
 	je 1f
 	movq %r12, %cr2
 1:
 	testl %ebx,%ebx				/* swapgs needed? */
 	jnz nmi_restore
 nmi_swapgs:
 	SWAPGS_UNSAFE_STACK
 nmi_restore:
 	/* Pop the extra iret frame at once */
 	RESTORE_ALL 6*8
 	/* Clear the NMI executing stack variable */
 	movq $0, 5*8(%rsp)
 	jmp irq_return
 	CFI_ENDPROC
 END(nmi)
 ENTRY(ignore_sysret)
 	CFI_STARTPROC
 	mov $-ENOSYS,%eax
 	sysret
 	CFI_ENDPROC
 END(ignore_sysret)
 /*
  * End of kprobes section
  */
 	.popsection

drivers/xen/events.c

Diff comments View file @ bc2b033

 /*
  * Xen event channels
  *
  * Xen models interrupts with abstract event channels.  Because each
  * domain gets 1024 event channels, but NR_IRQ is not that large, we
  * must dynamically map irqs<->event channels.  The event channels
  * interface with the rest of the kernel by defining a xen interrupt
  * chip.  When an event is received, it is mapped to an irq and sent
  * through the normal interrupt processing path.
  *
  * There are four kinds of events which can be mapped to an event
  * channel:
  *
  * 1. Inter-domain notifications.  This includes all the virtual
  *    device events, since they're driven by front-ends in another domain
  *    (typically dom0).
  * 2. VIRQs, typically used for timers.  These are per-cpu events.
  * 3. IPIs.
  * 4. PIRQs - Hardware interrupts.
  *
  * Jeremy Fitzhardinge <jeremy@xensource.com>, XenSource Inc, 2007
  */
 #include <linux/linkage.h>
 #include <linux/interrupt.h>
 #include <linux/irq.h>
 #include <linux/module.h>
 #include <linux/string.h>
 #include <linux/bootmem.h>
 #include <linux/slab.h>
 #include <linux/irqnr.h>
 #include <linux/pci.h>
 #ifdef CONFIG_X86
 #include <asm/desc.h>
 #include <asm/ptrace.h>
 #include <asm/irq.h>
 #include <asm/idle.h>
 #include <asm/io_apic.h>
 #include <asm/xen/page.h>
 #include <asm/xen/pci.h>
 #endif
 #include <asm/sync_bitops.h>
 #include <asm/xen/hypercall.h>
 #include <asm/xen/hypervisor.h>
 #include <xen/xen.h>
 #include <xen/hvm.h>
 #include <xen/xen-ops.h>
 #include <xen/events.h>
 #include <xen/interface/xen.h>
 #include <xen/interface/event_channel.h>
 #include <xen/interface/hvm/hvm_op.h>
 #include <xen/interface/hvm/params.h>
 #include <xen/interface/physdev.h>
 #include <xen/interface/sched.h>
 #include <asm/hw_irq.h>
 /*
  * This lock protects updates to the following mapping and reference-count
  * arrays. The lock does not need to be acquired to read the mapping tables.
  */
 static DEFINE_MUTEX(irq_mapping_update_lock);
 static LIST_HEAD(xen_irq_list_head);
 /* IRQ <-> VIRQ mapping. */
 static DEFINE_PER_CPU(int [NR_VIRQS], virq_to_irq) = {[0 ... NR_VIRQS-1] = -1};
 /* IRQ <-> IPI mapping */
 static DEFINE_PER_CPU(int [XEN_NR_IPIS], ipi_to_irq) = {[0 ... XEN_NR_IPIS-1] = -1};
 /* Interrupt types. */
 enum xen_irq_type {
 	IRQT_UNBOUND = 0,
 	IRQT_PIRQ,
 	IRQT_VIRQ,
 	IRQT_IPI,
 	IRQT_EVTCHN
 };
 /*
  * Packed IRQ information:
  * type - enum xen_irq_type
  * event channel - irq->event channel mapping
  * cpu - cpu this event channel is bound to
  * index - type-specific information:
  *    PIRQ - vector, with MSB being "needs EIO", or physical IRQ of the HVM
  *           guest, or GSI (real passthrough IRQ) of the device.
  *    VIRQ - virq number
  *    IPI - IPI vector
  *    EVTCHN -
  */
 struct irq_info {
 	struct list_head list;
 	int refcnt;
 	enum xen_irq_type type;	/* type */
 	unsigned irq;
 	unsigned short evtchn;	/* event channel */
 	unsigned short cpu;	/* cpu bound */
 	union {
 		unsigned short virq;
 		enum ipi_vector ipi;
 		struct {
 			unsigned short pirq;
 			unsigned short gsi;
 			unsigned char vector;
 			unsigned char flags;
 			uint16_t domid;
 		} pirq;
 	} u;
 };
 #define PIRQ_NEEDS_EOI	(1 << 0)
 #define PIRQ_SHAREABLE	(1 << 1)
 static int *evtchn_to_irq;
 #ifdef CONFIG_X86
 static unsigned long *pirq_eoi_map;
 #endif
 static bool (*pirq_needs_eoi)(unsigned irq);
 static DEFINE_PER_CPU(unsigned long [NR_EVENT_CHANNELS/BITS_PER_LONG],
 		      cpu_evtchn_mask);
 /* Xen will never allocate port zero for any purpose. */
 #define VALID_EVTCHN(chn)	((chn) != 0)
 static struct irq_chip xen_dynamic_chip;
 static struct irq_chip xen_percpu_chip;
 static struct irq_chip xen_pirq_chip;
 static void enable_dynirq(struct irq_data *data);
 static void disable_dynirq(struct irq_data *data);
 /* Get info for IRQ */
 static struct irq_info *info_for_irq(unsigned irq)
 {
 	return irq_get_handler_data(irq);
 }
 /* Constructors for packed IRQ information. */
 static void xen_irq_info_common_init(struct irq_info *info,
 				     unsigned irq,
 				     enum xen_irq_type type,
 				     unsigned short evtchn,
 				     unsigned short cpu)
 {
 	BUG_ON(info->type != IRQT_UNBOUND && info->type != type);
 	info->type = type;
 	info->irq = irq;
 	info->evtchn = evtchn;
 	info->cpu = cpu;
 	evtchn_to_irq[evtchn] = irq;
 }
 static void xen_irq_info_evtchn_init(unsigned irq,
 				     unsigned short evtchn)
 {
 	struct irq_info *info = info_for_irq(irq);
 	xen_irq_info_common_init(info, irq, IRQT_EVTCHN, evtchn, 0);
 }
 static void xen_irq_info_ipi_init(unsigned cpu,
 				  unsigned irq,
 				  unsigned short evtchn,
 				  enum ipi_vector ipi)
 {
 	struct irq_info *info = info_for_irq(irq);
 	xen_irq_info_common_init(info, irq, IRQT_IPI, evtchn, 0);
 	info->u.ipi = ipi;
 	per_cpu(ipi_to_irq, cpu)[ipi] = irq;
 }
 static void xen_irq_info_virq_init(unsigned cpu,
 				   unsigned irq,
 				   unsigned short evtchn,
 				   unsigned short virq)
 {
 	struct irq_info *info = info_for_irq(irq);
 	xen_irq_info_common_init(info, irq, IRQT_VIRQ, evtchn, 0);
 	info->u.virq = virq;
 	per_cpu(virq_to_irq, cpu)[virq] = irq;
 }
 static void xen_irq_info_pirq_init(unsigned irq,
 				   unsigned short evtchn,
 				   unsigned short pirq,
 				   unsigned short gsi,
 				   unsigned short vector,
 				   uint16_t domid,
 				   unsigned char flags)
 {
 	struct irq_info *info = info_for_irq(irq);
 	xen_irq_info_common_init(info, irq, IRQT_PIRQ, evtchn, 0);
 	info->u.pirq.pirq = pirq;
 	info->u.pirq.gsi = gsi;
 	info->u.pirq.vector = vector;
 	info->u.pirq.domid = domid;
 	info->u.pirq.flags = flags;
 }
 /*
  * Accessors for packed IRQ information.
  */
 static unsigned int evtchn_from_irq(unsigned irq)
 {
 	if (unlikely(WARN(irq < 0 || irq >= nr_irqs, "Invalid irq %d!\n", irq)))
 		return 0;
 	return info_for_irq(irq)->evtchn;
 }
 unsigned irq_from_evtchn(unsigned int evtchn)
 {
 	return evtchn_to_irq[evtchn];
 }
 EXPORT_SYMBOL_GPL(irq_from_evtchn);
 static enum ipi_vector ipi_from_irq(unsigned irq)
 {
 	struct irq_info *info = info_for_irq(irq);
 	BUG_ON(info == NULL);
 	BUG_ON(info->type != IRQT_IPI);
 	return info->u.ipi;
 }
 static unsigned virq_from_irq(unsigned irq)
 {
 	struct irq_info *info = info_for_irq(irq);
 	BUG_ON(info == NULL);
 	BUG_ON(info->type != IRQT_VIRQ);
 	return info->u.virq;
 }
 static unsigned pirq_from_irq(unsigned irq)
 {
 	struct irq_info *info = info_for_irq(irq);
 	BUG_ON(info == NULL);
 	BUG_ON(info->type != IRQT_PIRQ);
 	return info->u.pirq.pirq;
 }
 static enum xen_irq_type type_from_irq(unsigned irq)
 {
 	return info_for_irq(irq)->type;
 }
 static unsigned cpu_from_irq(unsigned irq)
 {
 	return info_for_irq(irq)->cpu;
 }
 static unsigned int cpu_from_evtchn(unsigned int evtchn)
 {
 	int irq = evtchn_to_irq[evtchn];
 	unsigned ret = 0;
 	if (irq != -1)
 		ret = cpu_from_irq(irq);
 	return ret;
 }
 #ifdef CONFIG_X86
 static bool pirq_check_eoi_map(unsigned irq)
 {
 	return test_bit(pirq_from_irq(irq), pirq_eoi_map);
 }
 #endif
 static bool pirq_needs_eoi_flag(unsigned irq)
 {
 	struct irq_info *info = info_for_irq(irq);
 	BUG_ON(info->type != IRQT_PIRQ);
 	return info->u.pirq.flags & PIRQ_NEEDS_EOI;
 }
 static inline unsigned long active_evtchns(unsigned int cpu,
 					   struct shared_info *sh,
 					   unsigned int idx)
 {
 	return sh->evtchn_pending[idx] &
 		per_cpu(cpu_evtchn_mask, cpu)[idx] &
 		~sh->evtchn_mask[idx];
 }
 static void bind_evtchn_to_cpu(unsigned int chn, unsigned int cpu)
 {
 	int irq = evtchn_to_irq[chn];
 	BUG_ON(irq == -1);
 #ifdef CONFIG_SMP
 	cpumask_copy(irq_to_desc(irq)->irq_data.affinity, cpumask_of(cpu));
 #endif
 	clear_bit(chn, per_cpu(cpu_evtchn_mask, cpu_from_irq(irq)));
 	set_bit(chn, per_cpu(cpu_evtchn_mask, cpu));
 	info_for_irq(irq)->cpu = cpu;
 }
 static void init_evtchn_cpu_bindings(void)
 {
 	int i;
 #ifdef CONFIG_SMP
 	struct irq_info *info;
 	/* By default all event channels notify CPU#0. */
 	list_for_each_entry(info, &xen_irq_list_head, list) {
 		struct irq_desc *desc = irq_to_desc(info->irq);
 		cpumask_copy(desc->irq_data.affinity, cpumask_of(0));
 	}
 #endif
 	for_each_possible_cpu(i)
 		memset(per_cpu(cpu_evtchn_mask, i),
 		       (i == 0) ? ~0 : 0, sizeof(*per_cpu(cpu_evtchn_mask, i)));
 }
 static inline void clear_evtchn(int port)
 {
 	struct shared_info *s = HYPERVISOR_shared_info;
 	sync_clear_bit(port, &s->evtchn_pending[0]);
 }
 static inline void set_evtchn(int port)
 {
 	struct shared_info *s = HYPERVISOR_shared_info;
 	sync_set_bit(port, &s->evtchn_pending[0]);
 }
 static inline int test_evtchn(int port)
 {
 	struct shared_info *s = HYPERVISOR_shared_info;
 	return sync_test_bit(port, &s->evtchn_pending[0]);
 }
 /**
  * notify_remote_via_irq - send event to remote end of event channel via irq
  * @irq: irq of event channel to send event to
  *
  * Unlike notify_remote_via_evtchn(), this is safe to use across
  * save/restore. Notifications on a broken connection are silently
  * dropped.
  */
 void notify_remote_via_irq(int irq)
 {
 	int evtchn = evtchn_from_irq(irq);
 	if (VALID_EVTCHN(evtchn))
 		notify_remote_via_evtchn(evtchn);
 }
 EXPORT_SYMBOL_GPL(notify_remote_via_irq);
 static void mask_evtchn(int port)
 {
 	struct shared_info *s = HYPERVISOR_shared_info;
 	sync_set_bit(port, &s->evtchn_mask[0]);
 }
 static void unmask_evtchn(int port)
 {
 	struct shared_info *s = HYPERVISOR_shared_info;
 	unsigned int cpu = get_cpu();
 	int do_hypercall = 0, evtchn_pending = 0;
 	BUG_ON(!irqs_disabled());
 	if (unlikely((cpu != cpu_from_evtchn(port))))
 		do_hypercall = 1;
 	else
 		evtchn_pending = sync_test_bit(port, &s->evtchn_pending[0]);
 	if (unlikely(evtchn_pending && xen_hvm_domain()))
 		do_hypercall = 1;
 	/* Slow path (hypercall) if this is a non-local port or if this is
 	 * an hvm domain and an event is pending (hvm domains don't have
 	 * their own implementation of irq_enable). */
 	if (do_hypercall) {
 		struct evtchn_unmask unmask = { .port = port };
 		(void)HYPERVISOR_event_channel_op(EVTCHNOP_unmask, &unmask);
 	} else {
 		struct vcpu_info *vcpu_info = __this_cpu_read(xen_vcpu);
 		sync_clear_bit(port, &s->evtchn_mask[0]);
 		/*
 		 * The following is basically the equivalent of
 		 * 'hw_resend_irq'. Just like a real IO-APIC we 'lose
 		 * the interrupt edge' if the channel is masked.
 		 */
 		if (evtchn_pending &&
 		    !sync_test_and_set_bit(port / BITS_PER_LONG,
 					   &vcpu_info->evtchn_pending_sel))
 			vcpu_info->evtchn_upcall_pending = 1;
 	}
 	put_cpu();
 }
 static void xen_irq_init(unsigned irq)
 {
 	struct irq_info *info;
 #ifdef CONFIG_SMP
 	struct irq_desc *desc = irq_to_desc(irq);
 	/* By default all event channels notify CPU#0. */
 	cpumask_copy(desc->irq_data.affinity, cpumask_of(0));
 #endif
 	info = kzalloc(sizeof(*info), GFP_KERNEL);
 	if (info == NULL)
 		panic("Unable to allocate metadata for IRQ%d\n", irq);
 	info->type = IRQT_UNBOUND;
 	info->refcnt = -1;
 	irq_set_handler_data(irq, info);
 	list_add_tail(&info->list, &xen_irq_list_head);
 }
 static int __must_check xen_allocate_irq_dynamic(void)
 {
 	int first = 0;
 	int irq;
 #ifdef CONFIG_X86_IO_APIC
 	/*
 	 * For an HVM guest or domain 0 which see "real" (emulated or
 	 * actual respectively) GSIs we allocate dynamic IRQs
 	 * e.g. those corresponding to event channels or MSIs
 	 * etc. from the range above those "real" GSIs to avoid
 	 * collisions.
 	 */
 	if (xen_initial_domain() || xen_hvm_domain())
 		first = get_nr_irqs_gsi();
 #endif
 	irq = irq_alloc_desc_from(first, -1);
 	if (irq >= 0)
 		xen_irq_init(irq);
 	return irq;
 }
 static int __must_check xen_allocate_irq_gsi(unsigned gsi)
 {
 	int irq;
 	/*
 	 * A PV guest has no concept of a GSI (since it has no ACPI
 	 * nor access to/knowledge of the physical APICs). Therefore
 	 * all IRQs are dynamically allocated from the entire IRQ
 	 * space.
 	 */
 	if (xen_pv_domain() && !xen_initial_domain())
 		return xen_allocate_irq_dynamic();
 	/* Legacy IRQ descriptors are already allocated by the arch. */
 	if (gsi < NR_IRQS_LEGACY)
 		irq = gsi;
 	else
 		irq = irq_alloc_desc_at(gsi, -1);
 	xen_irq_init(irq);
 	return irq;
 }
 static void xen_free_irq(unsigned irq)
 {
 	struct irq_info *info = irq_get_handler_data(irq);
 	list_del(&info->list);
 	irq_set_handler_data(irq, NULL);
 	WARN_ON(info->refcnt > 0);
 	kfree(info);
 	/* Legacy IRQ descriptors are managed by the arch. */
 	if (irq < NR_IRQS_LEGACY)
 		return;
 	irq_free_desc(irq);
 }
 static void pirq_query_unmask(int irq)
 {
 	struct physdev_irq_status_query irq_status;
 	struct irq_info *info = info_for_irq(irq);
 	BUG_ON(info->type != IRQT_PIRQ);
 	irq_status.irq = pirq_from_irq(irq);
 	if (HYPERVISOR_physdev_op(PHYSDEVOP_irq_status_query, &irq_status))
 		irq_status.flags = 0;
 	info->u.pirq.flags &= ~PIRQ_NEEDS_EOI;
 	if (irq_status.flags & XENIRQSTAT_needs_eoi)
 		info->u.pirq.flags |= PIRQ_NEEDS_EOI;
 }
 static bool probing_irq(int irq)
 {
 	struct irq_desc *desc = irq_to_desc(irq);
 	return desc && desc->action == NULL;
 }
 static void eoi_pirq(struct irq_data *data)
 {
 	int evtchn = evtchn_from_irq(data->irq);
 	struct physdev_eoi eoi = { .irq = pirq_from_irq(data->irq) };
 	int rc = 0;
 	irq_move_irq(data);
 	if (VALID_EVTCHN(evtchn))
 		clear_evtchn(evtchn);
 	if (pirq_needs_eoi(data->irq)) {
 		rc = HYPERVISOR_physdev_op(PHYSDEVOP_eoi, &eoi);
 		WARN_ON(rc);
 	}
 }
 static void mask_ack_pirq(struct irq_data *data)
 {
 	disable_dynirq(data);
 	eoi_pirq(data);
 }
 static unsigned int __startup_pirq(unsigned int irq)
 {
 	struct evtchn_bind_pirq bind_pirq;
 	struct irq_info *info = info_for_irq(irq);
 	int evtchn = evtchn_from_irq(irq);
 	int rc;
 	BUG_ON(info->type != IRQT_PIRQ);
 	if (VALID_EVTCHN(evtchn))
 		goto out;
 	bind_pirq.pirq = pirq_from_irq(irq);
 	/* NB. We are happy to share unless we are probing. */
 	bind_pirq.flags = info->u.pirq.flags & PIRQ_SHAREABLE ?
 					BIND_PIRQ__WILL_SHARE : 0;
 	rc = HYPERVISOR_event_channel_op(EVTCHNOP_bind_pirq, &bind_pirq);
 	if (rc != 0) {
 		if (!probing_irq(irq))
 			printk(KERN_INFO "Failed to obtain physical IRQ %d\n",
 			       irq);
 		return 0;
 	}
 	evtchn = bind_pirq.port;
 	pirq_query_unmask(irq);
 	evtchn_to_irq[evtchn] = irq;
 	bind_evtchn_to_cpu(evtchn, 0);
 	info->evtchn = evtchn;
 out:
 	unmask_evtchn(evtchn);
 	eoi_pirq(irq_get_irq_data(irq));
 	return 0;
 }
 static unsigned int startup_pirq(struct irq_data *data)
 {
 	return __startup_pirq(data->irq);
 }
 static void shutdown_pirq(struct irq_data *data)
 {
 	struct evtchn_close close;
 	unsigned int irq = data->irq;
 	struct irq_info *info = info_for_irq(irq);
 	int evtchn = evtchn_from_irq(irq);
 	BUG_ON(info->type != IRQT_PIRQ);
 	if (!VALID_EVTCHN(evtchn))
 		return;
 	mask_evtchn(evtchn);
 	close.port = evtchn;
 	if (HYPERVISOR_event_channel_op(EVTCHNOP_close, &close) != 0)
 		BUG();
 	bind_evtchn_to_cpu(evtchn, 0);
 	evtchn_to_irq[evtchn] = -1;
 	info->evtchn = 0;
 }
 static void enable_pirq(struct irq_data *data)
 {
 	startup_pirq(data);
 }
 static void disable_pirq(struct irq_data *data)
 {
 	disable_dynirq(data);
 }
 int xen_irq_from_gsi(unsigned gsi)
 {
 	struct irq_info *info;
 	list_for_each_entry(info, &xen_irq_list_head, list) {
 		if (info->type != IRQT_PIRQ)
 			continue;
 		if (info->u.pirq.gsi == gsi)
 			return info->irq;
 	}
 	return -1;
 }
 EXPORT_SYMBOL_GPL(xen_irq_from_gsi);
 /*
  * Do not make any assumptions regarding the relationship between the
  * IRQ number returned here and the Xen pirq argument.
  *
  * Note: We don't assign an event channel until the irq actually started
  * up.  Return an existing irq if we've already got one for the gsi.
  *
  * Shareable implies level triggered, not shareable implies edge
  * triggered here.
  */
 int xen_bind_pirq_gsi_to_irq(unsigned gsi,
 			     unsigned pirq, int shareable, char *name)
 {
 	int irq = -1;
 	struct physdev_irq irq_op;
 	mutex_lock(&irq_mapping_update_lock);
 	irq = xen_irq_from_gsi(gsi);
 	if (irq != -1) {
 		printk(KERN_INFO "xen_map_pirq_gsi: returning irq %d for gsi %u\n",
 		       irq, gsi);
 		goto out;
 	}
 	irq = xen_allocate_irq_gsi(gsi);
 	if (irq < 0)
 		goto out;
 	irq_op.irq = irq;
 	irq_op.vector = 0;
 	/* Only the privileged domain can do this. For non-priv, the pcifront
 	 * driver provides a PCI bus that does the call to do exactly
 	 * this in the priv domain. */
 	if (xen_initial_domain() &&
 	    HYPERVISOR_physdev_op(PHYSDEVOP_alloc_irq_vector, &irq_op)) {
 		xen_free_irq(irq);
 		irq = -ENOSPC;
 		goto out;
 	}
 	xen_irq_info_pirq_init(irq, 0, pirq, gsi, irq_op.vector, DOMID_SELF,
 			       shareable ? PIRQ_SHAREABLE : 0);
 	pirq_query_unmask(irq);
 	/* We try to use the handler with the appropriate semantic for the
 	 * type of interrupt: if the interrupt is an edge triggered
 	 * interrupt we use handle_edge_irq.
 	 *
 	 * On the other hand if the interrupt is level triggered we use
 	 * handle_fasteoi_irq like the native code does for this kind of
 	 * interrupts.
 	 *
 	 * Depending on the Xen version, pirq_needs_eoi might return true
 	 * not only for level triggered interrupts but for edge triggered
 	 * interrupts too. In any case Xen always honors the eoi mechanism,
 	 * not injecting any more pirqs of the same kind if the first one
 	 * hasn't received an eoi yet. Therefore using the fasteoi handler
 	 * is the right choice either way.
 	 */
 	if (shareable)
 		irq_set_chip_and_handler_name(irq, &xen_pirq_chip,
 				handle_fasteoi_irq, name);
 	else
 		irq_set_chip_and_handler_name(irq, &xen_pirq_chip,
 				handle_edge_irq, name);
 out:
 	mutex_unlock(&irq_mapping_update_lock);
 	return irq;
 }
 #ifdef CONFIG_PCI_MSI
 int xen_allocate_pirq_msi(struct pci_dev *dev, struct msi_desc *msidesc)
 {
 	int rc;
 	struct physdev_get_free_pirq op_get_free_pirq;
 	op_get_free_pirq.type = MAP_PIRQ_TYPE_MSI;
 	rc = HYPERVISOR_physdev_op(PHYSDEVOP_get_free_pirq, &op_get_free_pirq);
 	WARN_ONCE(rc == -ENOSYS,
 		  "hypervisor does not support the PHYSDEVOP_get_free_pirq interface\n");
 	return rc ? -1 : op_get_free_pirq.pirq;
 }
 int xen_bind_pirq_msi_to_irq(struct pci_dev *dev, struct msi_desc *msidesc,
 			     int pirq, int vector, const char *name,
 			     domid_t domid)
 {
 	int irq, ret;
 	mutex_lock(&irq_mapping_update_lock);
 	irq = xen_allocate_irq_dynamic();
 	if (irq < 0)
 		goto out;
 	irq_set_chip_and_handler_name(irq, &xen_pirq_chip, handle_edge_irq,
 			name);
 	xen_irq_info_pirq_init(irq, 0, pirq, 0, vector, domid, 0);
 	ret = irq_set_msi_desc(irq, msidesc);
 	if (ret < 0)
 		goto error_irq;
 out:
 	mutex_unlock(&irq_mapping_update_lock);
 	return irq;
 error_irq:
 	mutex_unlock(&irq_mapping_update_lock);
 	xen_free_irq(irq);
 	return ret;
 }
 #endif
 int xen_destroy_irq(int irq)
 {
 	struct irq_desc *desc;
 	struct physdev_unmap_pirq unmap_irq;
 	struct irq_info *info = info_for_irq(irq);
 	int rc = -ENOENT;
 	mutex_lock(&irq_mapping_update_lock);
 	desc = irq_to_desc(irq);
 	if (!desc)
 		goto out;
 	if (xen_initial_domain()) {
 		unmap_irq.pirq = info->u.pirq.pirq;
 		unmap_irq.domid = info->u.pirq.domid;
 		rc = HYPERVISOR_physdev_op(PHYSDEVOP_unmap_pirq, &unmap_irq);
 		/* If another domain quits without making the pci_disable_msix
 		 * call, the Xen hypervisor takes care of freeing the PIRQs
 		 * (free_domain_pirqs).
 		 */
 		if ((rc == -ESRCH && info->u.pirq.domid != DOMID_SELF))
 			printk(KERN_INFO "domain %d does not have %d anymore\n",
 				info->u.pirq.domid, info->u.pirq.pirq);
 		else if (rc) {
 			printk(KERN_WARNING "unmap irq failed %d\n", rc);
 			goto out;
 		}
 	}
 	xen_free_irq(irq);
 out:
 	mutex_unlock(&irq_mapping_update_lock);
 	return rc;
 }
 int xen_irq_from_pirq(unsigned pirq)
 {
 	int irq;
 	struct irq_info *info;
 	mutex_lock(&irq_mapping_update_lock);
 	list_for_each_entry(info, &xen_irq_list_head, list) {
 		if (info->type != IRQT_PIRQ)
 			continue;
 		irq = info->irq;
 		if (info->u.pirq.pirq == pirq)
 			goto out;
 	}
 	irq = -1;
 out:
 	mutex_unlock(&irq_mapping_update_lock);
 	return irq;
 }
 int xen_pirq_from_irq(unsigned irq)
 {
 	return pirq_from_irq(irq);
 }
 EXPORT_SYMBOL_GPL(xen_pirq_from_irq);
 int bind_evtchn_to_irq(unsigned int evtchn)
 {
 	int irq;
 	mutex_lock(&irq_mapping_update_lock);
 	irq = evtchn_to_irq[evtchn];
 	if (irq == -1) {
 		irq = xen_allocate_irq_dynamic();
 		if (irq < 0)
 			goto out;
 		irq_set_chip_and_handler_name(irq, &xen_dynamic_chip,
 					      handle_edge_irq, "event");
 		xen_irq_info_evtchn_init(irq, evtchn);
 	} else {
 		struct irq_info *info = info_for_irq(irq);
 		WARN_ON(info == NULL || info->type != IRQT_EVTCHN);
 	}
 	irq_clear_status_flags(irq, IRQ_NOREQUEST|IRQ_NOAUTOEN);
 out:
 	mutex_unlock(&irq_mapping_update_lock);
 	return irq;
 }
 EXPORT_SYMBOL_GPL(bind_evtchn_to_irq);
 static int bind_ipi_to_irq(unsigned int ipi, unsigned int cpu)
 {
 	struct evtchn_bind_ipi bind_ipi;
 	int evtchn, irq;
 	mutex_lock(&irq_mapping_update_lock);
 	irq = per_cpu(ipi_to_irq, cpu)[ipi];
 	if (irq == -1) {
 		irq = xen_allocate_irq_dynamic();
 		if (irq < 0)
 			goto out;
 		irq_set_chip_and_handler_name(irq, &xen_percpu_chip,
 					      handle_percpu_irq, "ipi");
 		bind_ipi.vcpu = cpu;
 		if (HYPERVISOR_event_channel_op(EVTCHNOP_bind_ipi,
 						&bind_ipi) != 0)
 			BUG();
 		evtchn = bind_ipi.port;
 		xen_irq_info_ipi_init(cpu, irq, evtchn, ipi);
 		bind_evtchn_to_cpu(evtchn, cpu);
 	} else {
 		struct irq_info *info = info_for_irq(irq);
 		WARN_ON(info == NULL || info->type != IRQT_IPI);
 	}
  out:
 	mutex_unlock(&irq_mapping_update_lock);
 	return irq;
 }
 static int bind_interdomain_evtchn_to_irq(unsigned int remote_domain,
 					  unsigned int remote_port)
 {
 	struct evtchn_bind_interdomain bind_interdomain;
 	int err;
 	bind_interdomain.remote_dom  = remote_domain;
 	bind_interdomain.remote_port = remote_port;
 	err = HYPERVISOR_event_channel_op(EVTCHNOP_bind_interdomain,
 					  &bind_interdomain);
 	return err ? : bind_evtchn_to_irq(bind_interdomain.local_port);
 }
 static int find_virq(unsigned int virq, unsigned int cpu)
 {
 	struct evtchn_status status;
 	int port, rc = -ENOENT;
 	memset(&status, 0, sizeof(status));
 	for (port = 0; port <= NR_EVENT_CHANNELS; port++) {
 		status.dom = DOMID_SELF;
 		status.port = port;
 		rc = HYPERVISOR_event_channel_op(EVTCHNOP_status, &status);
 		if (rc < 0)
 			continue;
 		if (status.status != EVTCHNSTAT_virq)
 			continue;
 		if (status.u.virq == virq && status.vcpu == cpu) {
 			rc = port;
 			break;
 		}
 	}
 	return rc;
 }
 int bind_virq_to_irq(unsigned int virq, unsigned int cpu)
 {
 	struct evtchn_bind_virq bind_virq;
 	int evtchn, irq, ret;
 	mutex_lock(&irq_mapping_update_lock);
 	irq = per_cpu(virq_to_irq, cpu)[virq];
 	if (irq == -1) {
 		irq = xen_allocate_irq_dynamic();
 		if (irq < 0)
 			goto out;
 		irq_set_chip_and_handler_name(irq, &xen_percpu_chip,
 					      handle_percpu_irq, "virq");
 		bind_virq.virq = virq;
 		bind_virq.vcpu = cpu;
 		ret = HYPERVISOR_event_channel_op(EVTCHNOP_bind_virq,
 						&bind_virq);
 		if (ret == 0)
 			evtchn = bind_virq.port;
 		else {
 			if (ret == -EEXIST)
 				ret = find_virq(virq, cpu);
 			BUG_ON(ret < 0);
 			evtchn = ret;
 		}
 		xen_irq_info_virq_init(cpu, irq, evtchn, virq);
 		bind_evtchn_to_cpu(evtchn, cpu);
 	} else {
 		struct irq_info *info = info_for_irq(irq);
 		WARN_ON(info == NULL || info->type != IRQT_VIRQ);
 	}
 out:
 	mutex_unlock(&irq_mapping_update_lock);
 	return irq;
 }
 static void unbind_from_irq(unsigned int irq)
 {
 	struct evtchn_close close;
 	int evtchn = evtchn_from_irq(irq);
 	struct irq_info *info = irq_get_handler_data(irq);
 	mutex_lock(&irq_mapping_update_lock);
 	if (info->refcnt > 0) {
 		info->refcnt--;
 		if (info->refcnt != 0)
 			goto done;
 	}
 	if (VALID_EVTCHN(evtchn)) {
 		close.port = evtchn;
 		if (HYPERVISOR_event_channel_op(EVTCHNOP_close, &close) != 0)
 			BUG();
 		switch (type_from_irq(irq)) {
 		case IRQT_VIRQ:
 			per_cpu(virq_to_irq, cpu_from_evtchn(evtchn))
 				[virq_from_irq(irq)] = -1;
 			break;
 		case IRQT_IPI:
 			per_cpu(ipi_to_irq, cpu_from_evtchn(evtchn))
 				[ipi_from_irq(irq)] = -1;
 			break;
 		default:
 			break;
 		}
 		/* Closed ports are implicitly re-bound to VCPU0. */
 		bind_evtchn_to_cpu(evtchn, 0);
 		evtchn_to_irq[evtchn] = -1;
 	}
 	BUG_ON(info_for_irq(irq)->type == IRQT_UNBOUND);
 	xen_free_irq(irq);
  done:
 	mutex_unlock(&irq_mapping_update_lock);
 }
 int bind_evtchn_to_irqhandler(unsigned int evtchn,
 			      irq_handler_t handler,
 			      unsigned long irqflags,
 			      const char *devname, void *dev_id)
 {
 	int irq, retval;
 	irq = bind_evtchn_to_irq(evtchn);
 	if (irq < 0)
 		return irq;
 	retval = request_irq(irq, handler, irqflags, devname, dev_id);
 	if (retval != 0) {
 		unbind_from_irq(irq);
 		return retval;
 	}
 	return irq;
 }
 EXPORT_SYMBOL_GPL(bind_evtchn_to_irqhandler);
 int bind_interdomain_evtchn_to_irqhandler(unsigned int remote_domain,
 					  unsigned int remote_port,
 					  irq_handler_t handler,
 					  unsigned long irqflags,
 					  const char *devname,
 					  void *dev_id)
 {
 	int irq, retval;
 	irq = bind_interdomain_evtchn_to_irq(remote_domain, remote_port);
 	if (irq < 0)
 		return irq;
 	retval = request_irq(irq, handler, irqflags, devname, dev_id);
 	if (retval != 0) {
 		unbind_from_irq(irq);
 		return retval;
 	}
 	return irq;
 }
 EXPORT_SYMBOL_GPL(bind_interdomain_evtchn_to_irqhandler);
 int bind_virq_to_irqhandler(unsigned int virq, unsigned int cpu,
 			    irq_handler_t handler,
 			    unsigned long irqflags, const char *devname, void *dev_id)
 {
 	int irq, retval;
 	irq = bind_virq_to_irq(virq, cpu);
 	if (irq < 0)
 		return irq;
 	retval = request_irq(irq, handler, irqflags, devname, dev_id);
 	if (retval != 0) {
 		unbind_from_irq(irq);
 		return retval;
 	}
 	return irq;
 }
 EXPORT_SYMBOL_GPL(bind_virq_to_irqhandler);
 int bind_ipi_to_irqhandler(enum ipi_vector ipi,
 			   unsigned int cpu,
 			   irq_handler_t handler,
 			   unsigned long irqflags,
 			   const char *devname,
 			   void *dev_id)
 {
 	int irq, retval;
 	irq = bind_ipi_to_irq(ipi, cpu);
 	if (irq < 0)
 		return irq;
 	irqflags |= IRQF_NO_SUSPEND | IRQF_FORCE_RESUME | IRQF_EARLY_RESUME;
 	retval = request_irq(irq, handler, irqflags, devname, dev_id);
 	if (retval != 0) {
 		unbind_from_irq(irq);
 		return retval;
 	}
 	return irq;
 }
 void unbind_from_irqhandler(unsigned int irq, void *dev_id)
 {
 	free_irq(irq, dev_id);
 	unbind_from_irq(irq);
 }
 EXPORT_SYMBOL_GPL(unbind_from_irqhandler);
 int evtchn_make_refcounted(unsigned int evtchn)
 {
 	int irq = evtchn_to_irq[evtchn];
 	struct irq_info *info;
 	if (irq == -1)
 		return -ENOENT;
 	info = irq_get_handler_data(irq);
 	if (!info)
 		return -ENOENT;
 	WARN_ON(info->refcnt != -1);
 	info->refcnt = 1;
 	return 0;
 }
 EXPORT_SYMBOL_GPL(evtchn_make_refcounted);
 int evtchn_get(unsigned int evtchn)
 {
 	int irq;
 	struct irq_info *info;
 	int err = -ENOENT;
 	if (evtchn >= NR_EVENT_CHANNELS)
 		return -EINVAL;
 	mutex_lock(&irq_mapping_update_lock);
 	irq = evtchn_to_irq[evtchn];
 	if (irq == -1)
 		goto done;
 	info = irq_get_handler_data(irq);
 	if (!info)
 		goto done;
 	err = -EINVAL;
 	if (info->refcnt <= 0)
 		goto done;
 	info->refcnt++;
 	err = 0;
  done:
 	mutex_unlock(&irq_mapping_update_lock);
 	return err;
 }
 EXPORT_SYMBOL_GPL(evtchn_get);
 void evtchn_put(unsigned int evtchn)
 {
 	int irq = evtchn_to_irq[evtchn];
 	if (WARN_ON(irq == -1))
 		return;
 	unbind_from_irq(irq);
 }
 EXPORT_SYMBOL_GPL(evtchn_put);
 void xen_send_IPI_one(unsigned int cpu, enum ipi_vector vector)
 {
 	int irq = per_cpu(ipi_to_irq, cpu)[vector];
 	BUG_ON(irq < 0);
 	notify_remote_via_irq(irq);
 }
 irqreturn_t xen_debug_interrupt(int irq, void *dev_id)
 {
 	struct shared_info *sh = HYPERVISOR_shared_info;
 	int cpu = smp_processor_id();
 	unsigned long *cpu_evtchn = per_cpu(cpu_evtchn_mask, cpu);
 	int i;
 	unsigned long flags;
 	static DEFINE_SPINLOCK(debug_lock);
 	struct vcpu_info *v;
 	spin_lock_irqsave(&debug_lock, flags);
 	printk("\nvcpu %d\n  ", cpu);
 	for_each_online_cpu(i) {
 		int pending;
 		v = per_cpu(xen_vcpu, i);
 		pending = (get_irq_regs() && i == cpu)
 			? xen_irqs_disabled(get_irq_regs())
 			: v->evtchn_upcall_mask;
 		printk("%d: masked=%d pending=%d event_sel %0*lx\n  ", i,
 		       pending, v->evtchn_upcall_pending,
 		       (int)(sizeof(v->evtchn_pending_sel)*2),
 		       v->evtchn_pending_sel);
 	}
 	v = per_cpu(xen_vcpu, cpu);
 	printk("\npending:\n   ");
 	for (i = ARRAY_SIZE(sh->evtchn_pending)-1; i >= 0; i--)
 		printk("%0*lx%s", (int)sizeof(sh->evtchn_pending[0])*2,
 		       sh->evtchn_pending[i],
 		       i % 8 == 0 ? "\n   " : " ");
 	printk("\nglobal mask:\n   ");
 	for (i = ARRAY_SIZE(sh->evtchn_mask)-1; i >= 0; i--)
 		printk("%0*lx%s",
 		       (int)(sizeof(sh->evtchn_mask[0])*2),
 		       sh->evtchn_mask[i],
 		       i % 8 == 0 ? "\n   " : " ");
 	printk("\nglobally unmasked:\n   ");
 	for (i = ARRAY_SIZE(sh->evtchn_mask)-1; i >= 0; i--)
 		printk("%0*lx%s", (int)(sizeof(sh->evtchn_mask[0])*2),
 		       sh->evtchn_pending[i] & ~sh->evtchn_mask[i],
 		       i % 8 == 0 ? "\n   " : " ");
 	printk("\nlocal cpu%d mask:\n   ", cpu);
 	for (i = (NR_EVENT_CHANNELS/BITS_PER_LONG)-1; i >= 0; i--)
 		printk("%0*lx%s", (int)(sizeof(cpu_evtchn[0])*2),
 		       cpu_evtchn[i],
 		       i % 8 == 0 ? "\n   " : " ");
 	printk("\nlocally unmasked:\n   ");
 	for (i = ARRAY_SIZE(sh->evtchn_mask)-1; i >= 0; i--) {
 		unsigned long pending = sh->evtchn_pending[i]
 			& ~sh->evtchn_mask[i]
 			& cpu_evtchn[i];
 		printk("%0*lx%s", (int)(sizeof(sh->evtchn_mask[0])*2),
 		       pending, i % 8 == 0 ? "\n   " : " ");
 	}
 	printk("\npending list:\n");
 	for (i = 0; i < NR_EVENT_CHANNELS; i++) {
 		if (sync_test_bit(i, sh->evtchn_pending)) {
 			int word_idx = i / BITS_PER_LONG;
 			printk("  %d: event %d -> irq %d%s%s%s\n",
 			       cpu_from_evtchn(i), i,
 			       evtchn_to_irq[i],
 			       sync_test_bit(word_idx, &v->evtchn_pending_sel)
 					     ? "" : " l2-clear",
 			       !sync_test_bit(i, sh->evtchn_mask)
 					     ? "" : " globally-masked",
 			       sync_test_bit(i, cpu_evtchn)
 					     ? "" : " locally-masked");
 		}
 	}
 	spin_unlock_irqrestore(&debug_lock, flags);
 	return IRQ_HANDLED;
 }
 static DEFINE_PER_CPU(unsigned, xed_nesting_count);
 static DEFINE_PER_CPU(unsigned int, current_word_idx);
 static DEFINE_PER_CPU(unsigned int, current_bit_idx);
 /*
  * Mask out the i least significant bits of w
  */
 #define MASK_LSBS(w, i) (w & ((~0UL) << i))
 /*
  * Search the CPUs pending events bitmasks.  For each one found, map
  * the event number to an irq, and feed it into do_IRQ() for
  * handling.
  *
  * Xen uses a two-level bitmap to speed searching.  The first level is
  * a bitset of words which contain pending event bits.  The second
  * level is a bitset of pending events themselves.
  */
 static void __xen_evtchn_do_upcall(void)
 {
 	int start_word_idx, start_bit_idx;
 	int word_idx, bit_idx;
 	int i;
 	int cpu = get_cpu();
 	struct shared_info *s = HYPERVISOR_shared_info;
 	struct vcpu_info *vcpu_info = __this_cpu_read(xen_vcpu);
 	unsigned count;
 	do {
 		unsigned long pending_words;
 		vcpu_info->evtchn_upcall_pending = 0;
 		if (__this_cpu_inc_return(xed_nesting_count) - 1)
 			goto out;
 #ifndef CONFIG_X86 /* No need for a barrier -- XCHG is a barrier on x86. */
 		/* Clear master flag /before/ clearing selector flag. */
 		wmb();
 #endif
 		pending_words = xchg(&vcpu_info->evtchn_pending_sel, 0);
 		start_word_idx = __this_cpu_read(current_word_idx);
 		start_bit_idx = __this_cpu_read(current_bit_idx);
 		word_idx = start_word_idx;
 		for (i = 0; pending_words != 0; i++) {
 			unsigned long pending_bits;
 			unsigned long words;
 			words = MASK_LSBS(pending_words, word_idx);
 			/*
 			 * If we masked out all events, wrap to beginning.
 			 */
 			if (words == 0) {
 				word_idx = 0;
 				bit_idx = 0;
 				continue;
 			}
 			word_idx = __ffs(words);
 			pending_bits = active_evtchns(cpu, s, word_idx);
 			bit_idx = 0; /* usually scan entire word from start */
 			if (word_idx == start_word_idx) {
 				/* We scan the starting word in two parts */
 				if (i == 0)
 					/* 1st time: start in the middle */
 					bit_idx = start_bit_idx;
 				else
 					/* 2nd time: mask bits done already */
 					bit_idx &= (1UL << start_bit_idx) - 1;
 			}
 			do {
 				unsigned long bits;
 				int port, irq;
 				struct irq_desc *desc;
 				bits = MASK_LSBS(pending_bits, bit_idx);
 				/* If we masked out all events, move on. */
 				if (bits == 0)
 					break;
 				bit_idx = __ffs(bits);
 				/* Process port. */
 				port = (word_idx * BITS_PER_LONG) + bit_idx;
 				irq = evtchn_to_irq[port];
 				if (irq != -1) {
 					desc = irq_to_desc(irq);
 					if (desc)
 						generic_handle_irq_desc(irq, desc);
 				}
 				bit_idx = (bit_idx + 1) % BITS_PER_LONG;
 				/* Next caller starts at last processed + 1 */
 				__this_cpu_write(current_word_idx,
 						 bit_idx ? word_idx :
 						 (word_idx+1) % BITS_PER_LONG);
 				__this_cpu_write(current_bit_idx, bit_idx);
 			} while (bit_idx != 0);
 			/* Scan start_l1i twice; all others once. */
 			if ((word_idx != start_word_idx) || (i != 0))
 				pending_words &= ~(1UL << word_idx);
 			word_idx = (word_idx + 1) % BITS_PER_LONG;
 		}
 		BUG_ON(!irqs_disabled());
 		count = __this_cpu_read(xed_nesting_count);
 		__this_cpu_write(xed_nesting_count, 0);
 	} while (count != 1 || vcpu_info->evtchn_upcall_pending);
 out:
 	put_cpu();
 }
 void xen_evtchn_do_upcall(struct pt_regs *regs)
 {
 	struct pt_regs *old_regs = set_irq_regs(regs);
 	irq_enter();
 #ifdef CONFIG_X86
 	exit_idle();
 #endif
 	__xen_evtchn_do_upcall();
 	irq_exit();
 	set_irq_regs(old_regs);
 }
 void xen_hvm_evtchn_do_upcall(void)
 {
 	__xen_evtchn_do_upcall();
 }
 EXPORT_SYMBOL_GPL(xen_hvm_evtchn_do_upcall);
 /* Rebind a new event channel to an existing irq. */
 void rebind_evtchn_irq(int evtchn, int irq)
 {
 	struct irq_info *info = info_for_irq(irq);
 	/* Make sure the irq is masked, since the new event channel
 	   will also be masked. */
 	disable_irq(irq);
 	mutex_lock(&irq_mapping_update_lock);
 	/* After resume the irq<->evtchn mappings are all cleared out */
 	BUG_ON(evtchn_to_irq[evtchn] != -1);
 	/* Expect irq to have been bound before,
 	   so there should be a proper type */
 	BUG_ON(info->type == IRQT_UNBOUND);
 	xen_irq_info_evtchn_init(irq, evtchn);
 	mutex_unlock(&irq_mapping_update_lock);
 	/* new event channels are always bound to cpu 0 */
 	irq_set_affinity(irq, cpumask_of(0));
 	/* Unmask the event channel. */
 	enable_irq(irq);
 }
 /* Rebind an evtchn so that it gets delivered to a specific cpu */
 static int rebind_irq_to_cpu(unsigned irq, unsigned tcpu)
 {
 	struct evtchn_bind_vcpu bind_vcpu;
 	int evtchn = evtchn_from_irq(irq);
 	if (!VALID_EVTCHN(evtchn))
 		return -1;
 	/*
 	 * Events delivered via platform PCI interrupts are always
 	 * routed to vcpu 0 and hence cannot be rebound.
 	 */
 	if (xen_hvm_domain() && !xen_have_vector_callback)
 		return -1;
 	/* Send future instances of this interrupt to other vcpu. */
 	bind_vcpu.port = evtchn;
 	bind_vcpu.vcpu = tcpu;
 	/*
 	 * If this fails, it usually just indicates that we're dealing with a
 	 * virq or IPI channel, which don't actually need to be rebound. Ignore
 	 * it, but don't do the xenlinux-level rebind in that case.
 	 */
 	if (HYPERVISOR_event_channel_op(EVTCHNOP_bind_vcpu, &bind_vcpu) >= 0)
 		bind_evtchn_to_cpu(evtchn, tcpu);
 	return 0;
 }
 static int set_affinity_irq(struct irq_data *data, const struct cpumask *dest,
 			    bool force)
 {
 	unsigned tcpu = cpumask_first(dest);
 	return rebind_irq_to_cpu(data->irq, tcpu);
 }
 int resend_irq_on_evtchn(unsigned int irq)
 {
 	int masked, evtchn = evtchn_from_irq(irq);
 	struct shared_info *s = HYPERVISOR_shared_info;
 	if (!VALID_EVTCHN(evtchn))
 		return 1;
 	masked = sync_test_and_set_bit(evtchn, s->evtchn_mask);
 	sync_set_bit(evtchn, s->evtchn_pending);
 	if (!masked)
 		unmask_evtchn(evtchn);
 	return 1;
 }
 static void enable_dynirq(struct irq_data *data)
 {
 	int evtchn = evtchn_from_irq(data->irq);
 	if (VALID_EVTCHN(evtchn))
 		unmask_evtchn(evtchn);
 }
 static void disable_dynirq(struct irq_data *data)
 {
 	int evtchn = evtchn_from_irq(data->irq);
 	if (VALID_EVTCHN(evtchn))
 		mask_evtchn(evtchn);
 }
 static void ack_dynirq(struct irq_data *data)
 {
 	int evtchn = evtchn_from_irq(data->irq);
 	irq_move_irq(data);
 	if (VALID_EVTCHN(evtchn))
 		clear_evtchn(evtchn);
 }
 static void mask_ack_dynirq(struct irq_data *data)
 {
 	disable_dynirq(data);
 	ack_dynirq(data);
 }
 static int retrigger_dynirq(struct irq_data *data)
 {
 	int evtchn = evtchn_from_irq(data->irq);
 	struct shared_info *sh = HYPERVISOR_shared_info;
 	int ret = 0;
 	if (VALID_EVTCHN(evtchn)) {
 		int masked;
 		masked = sync_test_and_set_bit(evtchn, sh->evtchn_mask);
 		sync_set_bit(evtchn, sh->evtchn_pending);
 		if (!masked)
 			unmask_evtchn(evtchn);
 		ret = 1;
 	}
 	return ret;
 }
 static void restore_pirqs(void)
 {
 	int pirq, rc, irq, gsi;
 	struct physdev_map_pirq map_irq;
 	struct irq_info *info;
 	list_for_each_entry(info, &xen_irq_list_head, list) {
 		if (info->type != IRQT_PIRQ)
 			continue;
 		pirq = info->u.pirq.pirq;
 		gsi = info->u.pirq.gsi;
 		irq = info->irq;
 		/* save/restore of PT devices doesn't work, so at this point the
 		 * only devices present are GSI based emulated devices */
 		if (!gsi)
 			continue;
 		map_irq.domid = DOMID_SELF;
 		map_irq.type = MAP_PIRQ_TYPE_GSI;
 		map_irq.index = gsi;
 		map_irq.pirq = pirq;
 		rc = HYPERVISOR_physdev_op(PHYSDEVOP_map_pirq, &map_irq);
 		if (rc) {
 			printk(KERN_WARNING "xen map irq failed gsi=%d irq=%d pirq=%d rc=%d\n",
 					gsi, irq, pirq, rc);
 			xen_free_irq(irq);
 			continue;
 		}
 		printk(KERN_DEBUG "xen: --> irq=%d, pirq=%d\n", irq, map_irq.pirq);
 		__startup_pirq(irq);
 	}
 }
 static void restore_cpu_virqs(unsigned int cpu)
 {
 	struct evtchn_bind_virq bind_virq;
 	int virq, irq, evtchn;
 	for (virq = 0; virq < NR_VIRQS; virq++) {
 		if ((irq = per_cpu(virq_to_irq, cpu)[virq]) == -1)
 			continue;
 		BUG_ON(virq_from_irq(irq) != virq);
 		/* Get a new binding from Xen. */
 		bind_virq.virq = virq;
 		bind_virq.vcpu = cpu;
 		if (HYPERVISOR_event_channel_op(EVTCHNOP_bind_virq,
 						&bind_virq) != 0)
 			BUG();
 		evtchn = bind_virq.port;
 		/* Record the new mapping. */
 		xen_irq_info_virq_init(cpu, irq, evtchn, virq);
 		bind_evtchn_to_cpu(evtchn, cpu);
 	}
 }
 static void restore_cpu_ipis(unsigned int cpu)
 {
 	struct evtchn_bind_ipi bind_ipi;
 	int ipi, irq, evtchn;
 	for (ipi = 0; ipi < XEN_NR_IPIS; ipi++) {
 		if ((irq = per_cpu(ipi_to_irq, cpu)[ipi]) == -1)
 			continue;
 		BUG_ON(ipi_from_irq(irq) != ipi);
 		/* Get a new binding from Xen. */
 		bind_ipi.vcpu = cpu;
 		if (HYPERVISOR_event_channel_op(EVTCHNOP_bind_ipi,
 						&bind_ipi) != 0)
 			BUG();
 		evtchn = bind_ipi.port;
 		/* Record the new mapping. */
 		xen_irq_info_ipi_init(cpu, irq, evtchn, ipi);
 		bind_evtchn_to_cpu(evtchn, cpu);
 	}
 }
 /* Clear an irq's pending state, in preparation for polling on it */
 void xen_clear_irq_pending(int irq)
 {
 	int evtchn = evtchn_from_irq(irq);
 	if (VALID_EVTCHN(evtchn))
 		clear_evtchn(evtchn);
 }
 EXPORT_SYMBOL(xen_clear_irq_pending);
 void xen_set_irq_pending(int irq)
 {
 	int evtchn = evtchn_from_irq(irq);
 	if (VALID_EVTCHN(evtchn))
 		set_evtchn(evtchn);
 }
 bool xen_test_irq_pending(int irq)
 {
 	int evtchn = evtchn_from_irq(irq);
 	bool ret = false;
 	if (VALID_EVTCHN(evtchn))
 		ret = test_evtchn(evtchn);
 	return ret;
 }
 /* Poll waiting for an irq to become pending with timeout.  In the usual case,
  * the irq will be disabled so it won't deliver an interrupt. */
 void xen_poll_irq_timeout(int irq, u64 timeout)
 {
 	evtchn_port_t evtchn = evtchn_from_irq(irq);
 	if (VALID_EVTCHN(evtchn)) {
 		struct sched_poll poll;
 		poll.nr_ports = 1;
 		poll.timeout = timeout;
 		set_xen_guest_handle(poll.ports, &evtchn);
 		if (HYPERVISOR_sched_op(SCHEDOP_poll, &poll) != 0)
 			BUG();
 	}
 }
 EXPORT_SYMBOL(xen_poll_irq_timeout);
 /* Poll waiting for an irq to become pending.  In the usual case, the
  * irq will be disabled so it won't deliver an interrupt. */
 void xen_poll_irq(int irq)
 {
 	xen_poll_irq_timeout(irq, 0 /* no timeout */);
 }
 /* Check whether the IRQ line is shared with other guests. */
 int xen_test_irq_shared(int irq)
 {
 	struct irq_info *info = info_for_irq(irq);
 	struct physdev_irq_status_query irq_status = { .irq = info->u.pirq.pirq };
 	if (HYPERVISOR_physdev_op(PHYSDEVOP_irq_status_query, &irq_status))
 		return 0;
 	return !(irq_status.flags & XENIRQSTAT_shared);
 }
 EXPORT_SYMBOL_GPL(xen_test_irq_shared);
 void xen_irq_resume(void)
 {
 	unsigned int cpu, evtchn;
 	struct irq_info *info;
 	init_evtchn_cpu_bindings();
 	/* New event-channel space is not 'live' yet. */
 	for (evtchn = 0; evtchn < NR_EVENT_CHANNELS; evtchn++)
 		mask_evtchn(evtchn);
 	/* No IRQ <-> event-channel mappings. */
 	list_for_each_entry(info, &xen_irq_list_head, list)
 		info->evtchn = 0; /* zap event-channel binding */
 	for (evtchn = 0; evtchn < NR_EVENT_CHANNELS; evtchn++)
 		evtchn_to_irq[evtchn] = -1;
 	for_each_possible_cpu(cpu) {
 		restore_cpu_virqs(cpu);
 		restore_cpu_ipis(cpu);
 	}
 	restore_pirqs();
 }
 static struct irq_chip xen_dynamic_chip __read_mostly = {
 	.name			= "xen-dyn",
 	.irq_disable		= disable_dynirq,
 	.irq_mask		= disable_dynirq,
 	.irq_unmask		= enable_dynirq,
 	.irq_ack		= ack_dynirq,
 	.irq_mask_ack		= mask_ack_dynirq,
 	.irq_set_affinity	= set_affinity_irq,
 	.irq_retrigger		= retrigger_dynirq,
 };
 static struct irq_chip xen_pirq_chip __read_mostly = {
 	.name			= "xen-pirq",
 	.irq_startup		= startup_pirq,
 	.irq_shutdown		= shutdown_pirq,
 	.irq_enable		= enable_pirq,
 	.irq_disable		= disable_pirq,
 	.irq_mask		= disable_dynirq,
 	.irq_unmask		= enable_dynirq,
 	.irq_ack		= eoi_pirq,
 	.irq_eoi		= eoi_pirq,
 	.irq_mask_ack		= mask_ack_pirq,
 	.irq_set_affinity	= set_affinity_irq,
 	.irq_retrigger		= retrigger_dynirq,
 };
 static struct irq_chip xen_percpu_chip __read_mostly = {
 	.name			= "xen-percpu",
 	.irq_disable		= disable_dynirq,
 	.irq_mask		= disable_dynirq,
 	.irq_unmask		= enable_dynirq,
 	.irq_ack		= ack_dynirq,
 };
 int xen_set_callback_via(uint64_t via)
 {
 	struct xen_hvm_param a;
 	a.domid = DOMID_SELF;
 	a.index = HVM_PARAM_CALLBACK_IRQ;
 	a.value = via;
 	return HYPERVISOR_hvm_op(HVMOP_set_param, &a);
 }
 EXPORT_SYMBOL_GPL(xen_set_callback_via);
 #ifdef CONFIG_XEN_PVHVM
 /* Vector callbacks are better than PCI interrupts to receive event
  * channel notifications because we can receive vector callbacks on any
  * vcpu and we don't need PCI support or APIC interactions. */
 void xen_callback_vector(void)
 {
 	int rc;
 	uint64_t callback_via;
 	if (xen_have_vector_callback) {
-		callback_via = HVM_CALLBACK_VECTOR(XEN_HVM_EVTCHN_CALLBACK);
+		callback_via = HVM_CALLBACK_VECTOR(HYPERVISOR_CALLBACK_VECTOR);
 		rc = xen_set_callback_via(callback_via);
 		if (rc) {
 			printk(KERN_ERR "Request for Xen HVM callback vector"
 					" failed.\n");
 			xen_have_vector_callback = 0;
 			return;
 		}
 		printk(KERN_INFO "Xen HVM callback vector for event delivery is "
 				"enabled\n");
 		/* in the restore case the vector has already been allocated */
-		if (!test_bit(XEN_HVM_EVTCHN_CALLBACK, used_vectors))
+		if (!test_bit(HYPERVISOR_CALLBACK_VECTOR, used_vectors))
-			alloc_intr_gate(XEN_HVM_EVTCHN_CALLBACK, xen_hvm_callback_vector);
+			alloc_intr_gate(HYPERVISOR_CALLBACK_VECTOR,
+					xen_hvm_callback_vector);
 	}
 }
 #else
 void xen_callback_vector(void) {}
 #endif
 void __init xen_init_IRQ(void)
 {
 	int i;
 	evtchn_to_irq = kcalloc(NR_EVENT_CHANNELS, sizeof(*evtchn_to_irq),
 				    GFP_KERNEL);
 	BUG_ON(!evtchn_to_irq);
 	for (i = 0; i < NR_EVENT_CHANNELS; i++)
 		evtchn_to_irq[i] = -1;
 	init_evtchn_cpu_bindings();
 	/* No event channels are 'live' right now. */
 	for (i = 0; i < NR_EVENT_CHANNELS; i++)
 		mask_evtchn(i);
 	pirq_needs_eoi = pirq_needs_eoi_flag;
 #ifdef CONFIG_X86
 	if (xen_hvm_domain()) {
 		xen_callback_vector();
 		native_init_IRQ();
 		/* pci_xen_hvm_init must be called after native_init_IRQ so that
 		 * __acpi_register_gsi can point at the right function */
 		pci_xen_hvm_init();
 	} else {
 		int rc;
 		struct physdev_pirq_eoi_gmfn eoi_gmfn;
 		irq_ctx_init(smp_processor_id());
 		if (xen_initial_domain())
 			pci_xen_initial_domain();
 		pirq_eoi_map = (void *)__get_free_page(GFP_KERNEL|__GFP_ZERO);
 		eoi_gmfn.gmfn = virt_to_mfn(pirq_eoi_map);
 		rc = HYPERVISOR_physdev_op(PHYSDEVOP_pirq_eoi_gmfn_v2, &eoi_gmfn);
 		if (rc != 0) {
 			free_page((unsigned long) pirq_eoi_map);
 			pirq_eoi_map = NULL;
 		} else
 			pirq_needs_eoi = pirq_check_eoi_map;
 	}
 #endif
 }

1	#ifndef _ASM_X86_IRQ_VECTORS_H	1	#ifndef _ASM_X86_IRQ_VECTORS_H
2	#define _ASM_X86_IRQ_VECTORS_H	2	#define _ASM_X86_IRQ_VECTORS_H
3		3
4	#include <linux/threads.h>	4	#include <linux/threads.h>
5	/*	5	/*
6	* Linux IRQ vector layout.	6	* Linux IRQ vector layout.
7	*	7	*
8	* There are 256 IDT entries (per CPU - each entry is 8 bytes) which can	8	* There are 256 IDT entries (per CPU - each entry is 8 bytes) which can
9	* be defined by Linux. They are used as a jump table by the CPU when a	9	* be defined by Linux. They are used as a jump table by the CPU when a
10	* given vector is triggered - by a CPU-external, CPU-internal or	10	* given vector is triggered - by a CPU-external, CPU-internal or
11	* software-triggered event.	11	* software-triggered event.
12	*	12	*
13	* Linux sets the kernel code address each entry jumps to early during	13	* Linux sets the kernel code address each entry jumps to early during
14	* bootup, and never changes them. This is the general layout of the	14	* bootup, and never changes them. This is the general layout of the
15	* IDT entries:	15	* IDT entries:
16	*	16	*
17	* Vectors 0 ... 31 : system traps and exceptions - hardcoded events	17	* Vectors 0 ... 31 : system traps and exceptions - hardcoded events
18	* Vectors 32 ... 127 : device interrupts	18	* Vectors 32 ... 127 : device interrupts
19	* Vector 128 : legacy int80 syscall interface	19	* Vector 128 : legacy int80 syscall interface
20	* Vectors 129 ... INVALIDATE_TLB_VECTOR_START-1 except 204 : device interrupts	20	* Vectors 129 ... INVALIDATE_TLB_VECTOR_START-1 except 204 : device interrupts
21	* Vectors INVALIDATE_TLB_VECTOR_START ... 255 : special interrupts	21	* Vectors INVALIDATE_TLB_VECTOR_START ... 255 : special interrupts
22	*	22	*
23	* 64-bit x86 has per CPU IDT tables, 32-bit has one shared IDT table.	23	* 64-bit x86 has per CPU IDT tables, 32-bit has one shared IDT table.
24	*	24	*
25	* This file enumerates the exact layout of them:	25	* This file enumerates the exact layout of them:
26	*/	26	*/
27		27
28	#define NMI_VECTOR 0x02	28	#define NMI_VECTOR 0x02
29	#define MCE_VECTOR 0x12	29	#define MCE_VECTOR 0x12
30		30
31	/*	31	/*
32	* IDT vectors usable for external interrupt sources start at 0x20.	32	* IDT vectors usable for external interrupt sources start at 0x20.
33	* (0x80 is the syscall vector, 0x30-0x3f are for ISA)	33	* (0x80 is the syscall vector, 0x30-0x3f are for ISA)
34	*/	34	*/
35	#define FIRST_EXTERNAL_VECTOR 0x20	35	#define FIRST_EXTERNAL_VECTOR 0x20
36	/*	36	/*
37	* We start allocating at 0x21 to spread out vectors evenly between	37	* We start allocating at 0x21 to spread out vectors evenly between
38	* priority levels. (0x80 is the syscall vector)	38	* priority levels. (0x80 is the syscall vector)
39	*/	39	*/
40	#define VECTOR_OFFSET_START 1	40	#define VECTOR_OFFSET_START 1
41		41
42	/*	42	/*
43	* Reserve the lowest usable vector (and hence lowest priority) 0x20 for	43	* Reserve the lowest usable vector (and hence lowest priority) 0x20 for
44	* triggering cleanup after irq migration. 0x21-0x2f will still be used	44	* triggering cleanup after irq migration. 0x21-0x2f will still be used
45	* for device interrupts.	45	* for device interrupts.
46	*/	46	*/
47	#define IRQ_MOVE_CLEANUP_VECTOR FIRST_EXTERNAL_VECTOR	47	#define IRQ_MOVE_CLEANUP_VECTOR FIRST_EXTERNAL_VECTOR
48		48
49	#define IA32_SYSCALL_VECTOR 0x80	49	#define IA32_SYSCALL_VECTOR 0x80
50	#ifdef CONFIG_X86_32	50	#ifdef CONFIG_X86_32
51	# define SYSCALL_VECTOR 0x80	51	# define SYSCALL_VECTOR 0x80
52	#endif	52	#endif
53		53
54	/*	54	/*
55	* Vectors 0x30-0x3f are used for ISA interrupts.	55	* Vectors 0x30-0x3f are used for ISA interrupts.
56	* round up to the next 16-vector boundary	56	* round up to the next 16-vector boundary
57	*/	57	*/
58	#define IRQ0_VECTOR ((FIRST_EXTERNAL_VECTOR + 16) & ~15)	58	#define IRQ0_VECTOR ((FIRST_EXTERNAL_VECTOR + 16) & ~15)
59		59
60	#define IRQ1_VECTOR (IRQ0_VECTOR + 1)	60	#define IRQ1_VECTOR (IRQ0_VECTOR + 1)
61	#define IRQ2_VECTOR (IRQ0_VECTOR + 2)	61	#define IRQ2_VECTOR (IRQ0_VECTOR + 2)
62	#define IRQ3_VECTOR (IRQ0_VECTOR + 3)	62	#define IRQ3_VECTOR (IRQ0_VECTOR + 3)
63	#define IRQ4_VECTOR (IRQ0_VECTOR + 4)	63	#define IRQ4_VECTOR (IRQ0_VECTOR + 4)
64	#define IRQ5_VECTOR (IRQ0_VECTOR + 5)	64	#define IRQ5_VECTOR (IRQ0_VECTOR + 5)
65	#define IRQ6_VECTOR (IRQ0_VECTOR + 6)	65	#define IRQ6_VECTOR (IRQ0_VECTOR + 6)
66	#define IRQ7_VECTOR (IRQ0_VECTOR + 7)	66	#define IRQ7_VECTOR (IRQ0_VECTOR + 7)
67	#define IRQ8_VECTOR (IRQ0_VECTOR + 8)	67	#define IRQ8_VECTOR (IRQ0_VECTOR + 8)
68	#define IRQ9_VECTOR (IRQ0_VECTOR + 9)	68	#define IRQ9_VECTOR (IRQ0_VECTOR + 9)
69	#define IRQ10_VECTOR (IRQ0_VECTOR + 10)	69	#define IRQ10_VECTOR (IRQ0_VECTOR + 10)
70	#define IRQ11_VECTOR (IRQ0_VECTOR + 11)	70	#define IRQ11_VECTOR (IRQ0_VECTOR + 11)
71	#define IRQ12_VECTOR (IRQ0_VECTOR + 12)	71	#define IRQ12_VECTOR (IRQ0_VECTOR + 12)
72	#define IRQ13_VECTOR (IRQ0_VECTOR + 13)	72	#define IRQ13_VECTOR (IRQ0_VECTOR + 13)
73	#define IRQ14_VECTOR (IRQ0_VECTOR + 14)	73	#define IRQ14_VECTOR (IRQ0_VECTOR + 14)
74	#define IRQ15_VECTOR (IRQ0_VECTOR + 15)	74	#define IRQ15_VECTOR (IRQ0_VECTOR + 15)
75		75
76	/*	76	/*
77	* Special IRQ vectors used by the SMP architecture, 0xf0-0xff	77	* Special IRQ vectors used by the SMP architecture, 0xf0-0xff
78	*	78	*
79	* some of the following vectors are 'rare', they are merged	79	* some of the following vectors are 'rare', they are merged
80	* into a single vector (CALL_FUNCTION_VECTOR) to save vector space.	80	* into a single vector (CALL_FUNCTION_VECTOR) to save vector space.
81	* TLB, reschedule and local APIC vectors are performance-critical.	81	* TLB, reschedule and local APIC vectors are performance-critical.
82	*/	82	*/
83		83
84	#define SPURIOUS_APIC_VECTOR 0xff	84	#define SPURIOUS_APIC_VECTOR 0xff
85	/*	85	/*
86	* Sanity check	86	* Sanity check
87	*/	87	*/
88	#if ((SPURIOUS_APIC_VECTOR & 0x0F) != 0x0F)	88	#if ((SPURIOUS_APIC_VECTOR & 0x0F) != 0x0F)
89	# error SPURIOUS_APIC_VECTOR definition error	89	# error SPURIOUS_APIC_VECTOR definition error
90	#endif	90	#endif
91		91
92	#define ERROR_APIC_VECTOR 0xfe	92	#define ERROR_APIC_VECTOR 0xfe
93	#define RESCHEDULE_VECTOR 0xfd	93	#define RESCHEDULE_VECTOR 0xfd
94	#define CALL_FUNCTION_VECTOR 0xfc	94	#define CALL_FUNCTION_VECTOR 0xfc
95	#define CALL_FUNCTION_SINGLE_VECTOR 0xfb	95	#define CALL_FUNCTION_SINGLE_VECTOR 0xfb
96	#define THERMAL_APIC_VECTOR 0xfa	96	#define THERMAL_APIC_VECTOR 0xfa
97	#define THRESHOLD_APIC_VECTOR 0xf9	97	#define THRESHOLD_APIC_VECTOR 0xf9
98	#define REBOOT_VECTOR 0xf8	98	#define REBOOT_VECTOR 0xf8
99		99
100	/*	100	/*
101	* Generic system vector for platform specific use	101	* Generic system vector for platform specific use
102	*/	102	*/
103	#define X86_PLATFORM_IPI_VECTOR 0xf7	103	#define X86_PLATFORM_IPI_VECTOR 0xf7
104		104
105	/*	105	/*
106	* IRQ work vector:	106	* IRQ work vector:
107	*/	107	*/
108	#define IRQ_WORK_VECTOR 0xf6	108	#define IRQ_WORK_VECTOR 0xf6
109		109
110	#define UV_BAU_MESSAGE 0xf5	110	#define UV_BAU_MESSAGE 0xf5
111		111
112	/* Xen vector callback to receive events in a HVM domain */	112	/* Vector on which hypervisor callbacks will be delivered */
113	#define XEN_HVM_EVTCHN_CALLBACK 0xf3	113	#define HYPERVISOR_CALLBACK_VECTOR 0xf3
114		114
115	/*	115	/*
116	* Local APIC timer IRQ vector is on a different priority level,	116	* Local APIC timer IRQ vector is on a different priority level,
117	* to work around the 'lost local interrupt if more than 2 IRQ	117	* to work around the 'lost local interrupt if more than 2 IRQ
118	* sources per level' errata.	118	* sources per level' errata.
119	*/	119	*/
120	#define LOCAL_TIMER_VECTOR 0xef	120	#define LOCAL_TIMER_VECTOR 0xef
121		121
122	#define NR_VECTORS 256	122	#define NR_VECTORS 256
123		123
124	#define FPU_IRQ 13	124	#define FPU_IRQ 13
125		125
126	#define FIRST_VM86_IRQ 3	126	#define FIRST_VM86_IRQ 3
127	#define LAST_VM86_IRQ 15	127	#define LAST_VM86_IRQ 15
128		128
129	#ifndef __ASSEMBLY__	129	#ifndef __ASSEMBLY__
130	static inline int invalid_vm86_irq(int irq)	130	static inline int invalid_vm86_irq(int irq)
131	{	131	{
132	return irq < FIRST_VM86_IRQ \|\| irq > LAST_VM86_IRQ;	132	return irq < FIRST_VM86_IRQ \|\| irq > LAST_VM86_IRQ;
133	}	133	}
134	#endif	134	#endif
135		135
136	/*	136	/*
137	* Size the maximum number of interrupts.	137	* Size the maximum number of interrupts.
138	*	138	*
139	* If the irq_desc[] array has a sparse layout, we can size things	139	* If the irq_desc[] array has a sparse layout, we can size things
140	* generously - it scales up linearly with the maximum number of CPUs,	140	* generously - it scales up linearly with the maximum number of CPUs,
141	* and the maximum number of IO-APICs, whichever is higher.	141	* and the maximum number of IO-APICs, whichever is higher.
142	*	142	*
143	* In other cases we size more conservatively, to not create too large	143	* In other cases we size more conservatively, to not create too large
144	* static arrays.	144	* static arrays.
145	*/	145	*/
146		146
147	#define NR_IRQS_LEGACY 16	147	#define NR_IRQS_LEGACY 16
148		148
149	#define IO_APIC_VECTOR_LIMIT ( 32 * MAX_IO_APICS )	149	#define IO_APIC_VECTOR_LIMIT ( 32 * MAX_IO_APICS )
150		150
151	#ifdef CONFIG_X86_IO_APIC	151	#ifdef CONFIG_X86_IO_APIC
152	# define CPU_VECTOR_LIMIT (64 * NR_CPUS)	152	# define CPU_VECTOR_LIMIT (64 * NR_CPUS)
153	# define NR_IRQS \	153	# define NR_IRQS \
154	(CPU_VECTOR_LIMIT > IO_APIC_VECTOR_LIMIT ? \	154	(CPU_VECTOR_LIMIT > IO_APIC_VECTOR_LIMIT ? \
155	(NR_VECTORS + CPU_VECTOR_LIMIT) : \	155	(NR_VECTORS + CPU_VECTOR_LIMIT) : \
156	(NR_VECTORS + IO_APIC_VECTOR_LIMIT))	156	(NR_VECTORS + IO_APIC_VECTOR_LIMIT))
157	#else /* !CONFIG_X86_IO_APIC: */	157	#else /* !CONFIG_X86_IO_APIC: */
158	# define NR_IRQS NR_IRQS_LEGACY	158	# define NR_IRQS NR_IRQS_LEGACY
159	#endif	159	#endif
160		160
161	#endif /* _ASM_X86_IRQ_VECTORS_H */	161	#endif /* _ASM_X86_IRQ_VECTORS_H */
162		162