1 /* 2 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org) 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Modified by Cort Dougan (cort@cs.nmt.edu) 10 * and Paul Mackerras (paulus@samba.org) 11 */ 12 13 /* 14 * This file handles the architecture-dependent parts of hardware exceptions 15 */ 16 17 #include <linux/errno.h> 18 #include <linux/sched.h> 19 #include <linux/kernel.h> 20 #include <linux/mm.h> 21 #include <linux/stddef.h> 22 #include <linux/unistd.h> 23 #include <linux/ptrace.h> 24 #include <linux/slab.h> 25 #include <linux/user.h> 26 #include <linux/a.out.h> 27 #include <linux/interrupt.h> 28 #include <linux/init.h> 29 #include <linux/module.h> 30 #include <linux/prctl.h> 31 #include <linux/delay.h> 32 #include <linux/kprobes.h> 33 #include <linux/kexec.h> 34 #include <linux/backlight.h> 35 #include <linux/bug.h> 36 #include <linux/kdebug.h> 37 38 #include <asm/pgtable.h> 39 #include <asm/uaccess.h> 40 #include <asm/system.h> 41 #include <asm/io.h> 42 #include <asm/machdep.h> 43 #include <asm/rtas.h> 44 #include <asm/pmc.h> 45 #ifdef CONFIG_PPC32 46 #include <asm/reg.h> 47 #endif 48 #ifdef CONFIG_PMAC_BACKLIGHT 49 #include <asm/backlight.h> 50 #endif 51 #ifdef CONFIG_PPC64 52 #include <asm/firmware.h> 53 #include <asm/processor.h> 54 #endif 55 #include <asm/kexec.h> 56 57 #if defined(CONFIG_DEBUGGER) || defined(CONFIG_KEXEC) 58 int (*__debugger)(struct pt_regs *regs); 59 int (*__debugger_ipi)(struct pt_regs *regs); 60 int (*__debugger_bpt)(struct pt_regs *regs); 61 int (*__debugger_sstep)(struct pt_regs *regs); 62 int (*__debugger_iabr_match)(struct pt_regs *regs); 63 int (*__debugger_dabr_match)(struct pt_regs *regs); 64 int (*__debugger_fault_handler)(struct pt_regs *regs); 65 66 EXPORT_SYMBOL(__debugger); 67 EXPORT_SYMBOL(__debugger_ipi); 68 EXPORT_SYMBOL(__debugger_bpt); 69 EXPORT_SYMBOL(__debugger_sstep); 70 EXPORT_SYMBOL(__debugger_iabr_match); 71 EXPORT_SYMBOL(__debugger_dabr_match); 72 EXPORT_SYMBOL(__debugger_fault_handler); 73 #endif 74 75 /* 76 * Trap & Exception support 77 */ 78 79 #ifdef CONFIG_PMAC_BACKLIGHT 80 static void pmac_backlight_unblank(void) 81 { 82 mutex_lock(&pmac_backlight_mutex); 83 if (pmac_backlight) { 84 struct backlight_properties *props; 85 86 props = &pmac_backlight->props; 87 props->brightness = props->max_brightness; 88 props->power = FB_BLANK_UNBLANK; 89 backlight_update_status(pmac_backlight); 90 } 91 mutex_unlock(&pmac_backlight_mutex); 92 } 93 #else 94 static inline void pmac_backlight_unblank(void) { } 95 #endif 96 97 int die(const char *str, struct pt_regs *regs, long err) 98 { 99 static struct { 100 spinlock_t lock; 101 u32 lock_owner; 102 int lock_owner_depth; 103 } die = { 104 .lock = __SPIN_LOCK_UNLOCKED(die.lock), 105 .lock_owner = -1, 106 .lock_owner_depth = 0 107 }; 108 static int die_counter; 109 unsigned long flags; 110 111 if (debugger(regs)) 112 return 1; 113 114 oops_enter(); 115 116 if (die.lock_owner != raw_smp_processor_id()) { 117 console_verbose(); 118 spin_lock_irqsave(&die.lock, flags); 119 die.lock_owner = smp_processor_id(); 120 die.lock_owner_depth = 0; 121 bust_spinlocks(1); 122 if (machine_is(powermac)) 123 pmac_backlight_unblank(); 124 } else { 125 local_save_flags(flags); 126 } 127 128 if (++die.lock_owner_depth < 3) { 129 printk("Oops: %s, sig: %ld [#%d]\n", str, err, ++die_counter); 130 #ifdef CONFIG_PREEMPT 131 printk("PREEMPT "); 132 #endif 133 #ifdef CONFIG_SMP 134 printk("SMP NR_CPUS=%d ", NR_CPUS); 135 #endif 136 #ifdef CONFIG_DEBUG_PAGEALLOC 137 printk("DEBUG_PAGEALLOC "); 138 #endif 139 #ifdef CONFIG_NUMA 140 printk("NUMA "); 141 #endif 142 printk("%s\n", ppc_md.name ? ppc_md.name : ""); 143 144 print_modules(); 145 show_regs(regs); 146 } else { 147 printk("Recursive die() failure, output suppressed\n"); 148 } 149 150 bust_spinlocks(0); 151 die.lock_owner = -1; 152 add_taint(TAINT_DIE); 153 spin_unlock_irqrestore(&die.lock, flags); 154 155 if (kexec_should_crash(current) || 156 kexec_sr_activated(smp_processor_id())) 157 crash_kexec(regs); 158 crash_kexec_secondary(regs); 159 160 if (in_interrupt()) 161 panic("Fatal exception in interrupt"); 162 163 if (panic_on_oops) 164 panic("Fatal exception"); 165 166 oops_exit(); 167 do_exit(err); 168 169 return 0; 170 } 171 172 void _exception(int signr, struct pt_regs *regs, int code, unsigned long addr) 173 { 174 siginfo_t info; 175 const char fmt32[] = KERN_INFO "%s[%d]: unhandled signal %d " \ 176 "at %08lx nip %08lx lr %08lx code %x\n"; 177 const char fmt64[] = KERN_INFO "%s[%d]: unhandled signal %d " \ 178 "at %016lx nip %016lx lr %016lx code %x\n"; 179 180 if (!user_mode(regs)) { 181 if (die("Exception in kernel mode", regs, signr)) 182 return; 183 } else if (show_unhandled_signals && 184 unhandled_signal(current, signr) && 185 printk_ratelimit()) { 186 printk(regs->msr & MSR_SF ? fmt64 : fmt32, 187 current->comm, current->pid, signr, 188 addr, regs->nip, regs->link, code); 189 } 190 191 memset(&info, 0, sizeof(info)); 192 info.si_signo = signr; 193 info.si_code = code; 194 info.si_addr = (void __user *) addr; 195 force_sig_info(signr, &info, current); 196 197 /* 198 * Init gets no signals that it doesn't have a handler for. 199 * That's all very well, but if it has caused a synchronous 200 * exception and we ignore the resulting signal, it will just 201 * generate the same exception over and over again and we get 202 * nowhere. Better to kill it and let the kernel panic. 203 */ 204 if (is_global_init(current)) { 205 __sighandler_t handler; 206 207 spin_lock_irq(¤t->sighand->siglock); 208 handler = current->sighand->action[signr-1].sa.sa_handler; 209 spin_unlock_irq(¤t->sighand->siglock); 210 if (handler == SIG_DFL) { 211 /* init has generated a synchronous exception 212 and it doesn't have a handler for the signal */ 213 printk(KERN_CRIT "init has generated signal %d " 214 "but has no handler for it\n", signr); 215 do_exit(signr); 216 } 217 } 218 } 219 220 #ifdef CONFIG_PPC64 221 void system_reset_exception(struct pt_regs *regs) 222 { 223 /* See if any machine dependent calls */ 224 if (ppc_md.system_reset_exception) { 225 if (ppc_md.system_reset_exception(regs)) 226 return; 227 } 228 229 #ifdef CONFIG_KEXEC 230 cpu_set(smp_processor_id(), cpus_in_sr); 231 #endif 232 233 die("System Reset", regs, SIGABRT); 234 235 /* 236 * Some CPUs when released from the debugger will execute this path. 237 * These CPUs entered the debugger via a soft-reset. If the CPU was 238 * hung before entering the debugger it will return to the hung 239 * state when exiting this function. This causes a problem in 240 * kdump since the hung CPU(s) will not respond to the IPI sent 241 * from kdump. To prevent the problem we call crash_kexec_secondary() 242 * here. If a kdump had not been initiated or we exit the debugger 243 * with the "exit and recover" command (x) crash_kexec_secondary() 244 * will return after 5ms and the CPU returns to its previous state. 245 */ 246 crash_kexec_secondary(regs); 247 248 /* Must die if the interrupt is not recoverable */ 249 if (!(regs->msr & MSR_RI)) 250 panic("Unrecoverable System Reset"); 251 252 /* What should we do here? We could issue a shutdown or hard reset. */ 253 } 254 #endif 255 256 /* 257 * I/O accesses can cause machine checks on powermacs. 258 * Check if the NIP corresponds to the address of a sync 259 * instruction for which there is an entry in the exception 260 * table. 261 * Note that the 601 only takes a machine check on TEA 262 * (transfer error ack) signal assertion, and does not 263 * set any of the top 16 bits of SRR1. 264 * -- paulus. 265 */ 266 static inline int check_io_access(struct pt_regs *regs) 267 { 268 #ifdef CONFIG_PPC32 269 unsigned long msr = regs->msr; 270 const struct exception_table_entry *entry; 271 unsigned int *nip = (unsigned int *)regs->nip; 272 273 if (((msr & 0xffff0000) == 0 || (msr & (0x80000 | 0x40000))) 274 && (entry = search_exception_tables(regs->nip)) != NULL) { 275 /* 276 * Check that it's a sync instruction, or somewhere 277 * in the twi; isync; nop sequence that inb/inw/inl uses. 278 * As the address is in the exception table 279 * we should be able to read the instr there. 280 * For the debug message, we look at the preceding 281 * load or store. 282 */ 283 if (*nip == 0x60000000) /* nop */ 284 nip -= 2; 285 else if (*nip == 0x4c00012c) /* isync */ 286 --nip; 287 if (*nip == 0x7c0004ac || (*nip >> 26) == 3) { 288 /* sync or twi */ 289 unsigned int rb; 290 291 --nip; 292 rb = (*nip >> 11) & 0x1f; 293 printk(KERN_DEBUG "%s bad port %lx at %p\n", 294 (*nip & 0x100)? "OUT to": "IN from", 295 regs->gpr[rb] - _IO_BASE, nip); 296 regs->msr |= MSR_RI; 297 regs->nip = entry->fixup; 298 return 1; 299 } 300 } 301 #endif /* CONFIG_PPC32 */ 302 return 0; 303 } 304 305 #if defined(CONFIG_4xx) || defined(CONFIG_BOOKE) 306 /* On 4xx, the reason for the machine check or program exception 307 is in the ESR. */ 308 #define get_reason(regs) ((regs)->dsisr) 309 #ifndef CONFIG_FSL_BOOKE 310 #define get_mc_reason(regs) ((regs)->dsisr) 311 #else 312 #define get_mc_reason(regs) (mfspr(SPRN_MCSR) & MCSR_MASK) 313 #endif 314 #define REASON_FP ESR_FP 315 #define REASON_ILLEGAL (ESR_PIL | ESR_PUO) 316 #define REASON_PRIVILEGED ESR_PPR 317 #define REASON_TRAP ESR_PTR 318 319 /* single-step stuff */ 320 #define single_stepping(regs) (current->thread.dbcr0 & DBCR0_IC) 321 #define clear_single_step(regs) (current->thread.dbcr0 &= ~DBCR0_IC) 322 323 #else 324 /* On non-4xx, the reason for the machine check or program 325 exception is in the MSR. */ 326 #define get_reason(regs) ((regs)->msr) 327 #define get_mc_reason(regs) ((regs)->msr) 328 #define REASON_FP 0x100000 329 #define REASON_ILLEGAL 0x80000 330 #define REASON_PRIVILEGED 0x40000 331 #define REASON_TRAP 0x20000 332 333 #define single_stepping(regs) ((regs)->msr & MSR_SE) 334 #define clear_single_step(regs) ((regs)->msr &= ~MSR_SE) 335 #endif 336 337 #if defined(CONFIG_4xx) 338 int machine_check_4xx(struct pt_regs *regs) 339 { 340 unsigned long reason = get_mc_reason(regs); 341 342 if (reason & ESR_IMCP) { 343 printk("Instruction"); 344 mtspr(SPRN_ESR, reason & ~ESR_IMCP); 345 } else 346 printk("Data"); 347 printk(" machine check in kernel mode.\n"); 348 349 return 0; 350 } 351 352 int machine_check_440A(struct pt_regs *regs) 353 { 354 unsigned long reason = get_mc_reason(regs); 355 356 printk("Machine check in kernel mode.\n"); 357 if (reason & ESR_IMCP){ 358 printk("Instruction Synchronous Machine Check exception\n"); 359 mtspr(SPRN_ESR, reason & ~ESR_IMCP); 360 } 361 else { 362 u32 mcsr = mfspr(SPRN_MCSR); 363 if (mcsr & MCSR_IB) 364 printk("Instruction Read PLB Error\n"); 365 if (mcsr & MCSR_DRB) 366 printk("Data Read PLB Error\n"); 367 if (mcsr & MCSR_DWB) 368 printk("Data Write PLB Error\n"); 369 if (mcsr & MCSR_TLBP) 370 printk("TLB Parity Error\n"); 371 if (mcsr & MCSR_ICP){ 372 flush_instruction_cache(); 373 printk("I-Cache Parity Error\n"); 374 } 375 if (mcsr & MCSR_DCSP) 376 printk("D-Cache Search Parity Error\n"); 377 if (mcsr & MCSR_DCFP) 378 printk("D-Cache Flush Parity Error\n"); 379 if (mcsr & MCSR_IMPE) 380 printk("Machine Check exception is imprecise\n"); 381 382 /* Clear MCSR */ 383 mtspr(SPRN_MCSR, mcsr); 384 } 385 return 0; 386 } 387 #elif defined(CONFIG_E500) 388 int machine_check_e500(struct pt_regs *regs) 389 { 390 unsigned long reason = get_mc_reason(regs); 391 392 printk("Machine check in kernel mode.\n"); 393 printk("Caused by (from MCSR=%lx): ", reason); 394 395 if (reason & MCSR_MCP) 396 printk("Machine Check Signal\n"); 397 if (reason & MCSR_ICPERR) 398 printk("Instruction Cache Parity Error\n"); 399 if (reason & MCSR_DCP_PERR) 400 printk("Data Cache Push Parity Error\n"); 401 if (reason & MCSR_DCPERR) 402 printk("Data Cache Parity Error\n"); 403 if (reason & MCSR_BUS_IAERR) 404 printk("Bus - Instruction Address Error\n"); 405 if (reason & MCSR_BUS_RAERR) 406 printk("Bus - Read Address Error\n"); 407 if (reason & MCSR_BUS_WAERR) 408 printk("Bus - Write Address Error\n"); 409 if (reason & MCSR_BUS_IBERR) 410 printk("Bus - Instruction Data Error\n"); 411 if (reason & MCSR_BUS_RBERR) 412 printk("Bus - Read Data Bus Error\n"); 413 if (reason & MCSR_BUS_WBERR) 414 printk("Bus - Read Data Bus Error\n"); 415 if (reason & MCSR_BUS_IPERR) 416 printk("Bus - Instruction Parity Error\n"); 417 if (reason & MCSR_BUS_RPERR) 418 printk("Bus - Read Parity Error\n"); 419 420 return 0; 421 } 422 #elif defined(CONFIG_E200) 423 int machine_check_e200(struct pt_regs *regs) 424 { 425 unsigned long reason = get_mc_reason(regs); 426 427 printk("Machine check in kernel mode.\n"); 428 printk("Caused by (from MCSR=%lx): ", reason); 429 430 if (reason & MCSR_MCP) 431 printk("Machine Check Signal\n"); 432 if (reason & MCSR_CP_PERR) 433 printk("Cache Push Parity Error\n"); 434 if (reason & MCSR_CPERR) 435 printk("Cache Parity Error\n"); 436 if (reason & MCSR_EXCP_ERR) 437 printk("ISI, ITLB, or Bus Error on first instruction fetch for an exception handler\n"); 438 if (reason & MCSR_BUS_IRERR) 439 printk("Bus - Read Bus Error on instruction fetch\n"); 440 if (reason & MCSR_BUS_DRERR) 441 printk("Bus - Read Bus Error on data load\n"); 442 if (reason & MCSR_BUS_WRERR) 443 printk("Bus - Write Bus Error on buffered store or cache line push\n"); 444 445 return 0; 446 } 447 #else 448 int machine_check_generic(struct pt_regs *regs) 449 { 450 unsigned long reason = get_mc_reason(regs); 451 452 printk("Machine check in kernel mode.\n"); 453 printk("Caused by (from SRR1=%lx): ", reason); 454 switch (reason & 0x601F0000) { 455 case 0x80000: 456 printk("Machine check signal\n"); 457 break; 458 case 0: /* for 601 */ 459 case 0x40000: 460 case 0x140000: /* 7450 MSS error and TEA */ 461 printk("Transfer error ack signal\n"); 462 break; 463 case 0x20000: 464 printk("Data parity error signal\n"); 465 break; 466 case 0x10000: 467 printk("Address parity error signal\n"); 468 break; 469 case 0x20000000: 470 printk("L1 Data Cache error\n"); 471 break; 472 case 0x40000000: 473 printk("L1 Instruction Cache error\n"); 474 break; 475 case 0x00100000: 476 printk("L2 data cache parity error\n"); 477 break; 478 default: 479 printk("Unknown values in msr\n"); 480 } 481 return 0; 482 } 483 #endif /* everything else */ 484 485 void machine_check_exception(struct pt_regs *regs) 486 { 487 int recover = 0; 488 489 /* See if any machine dependent calls. In theory, we would want 490 * to call the CPU first, and call the ppc_md. one if the CPU 491 * one returns a positive number. However there is existing code 492 * that assumes the board gets a first chance, so let's keep it 493 * that way for now and fix things later. --BenH. 494 */ 495 if (ppc_md.machine_check_exception) 496 recover = ppc_md.machine_check_exception(regs); 497 else if (cur_cpu_spec->machine_check) 498 recover = cur_cpu_spec->machine_check(regs); 499 500 if (recover > 0) 501 return; 502 503 if (user_mode(regs)) { 504 regs->msr |= MSR_RI; 505 _exception(SIGBUS, regs, BUS_ADRERR, regs->nip); 506 return; 507 } 508 509 #if defined(CONFIG_8xx) && defined(CONFIG_PCI) 510 /* the qspan pci read routines can cause machine checks -- Cort 511 * 512 * yuck !!! that totally needs to go away ! There are better ways 513 * to deal with that than having a wart in the mcheck handler. 514 * -- BenH 515 */ 516 bad_page_fault(regs, regs->dar, SIGBUS); 517 return; 518 #endif 519 520 if (debugger_fault_handler(regs)) { 521 regs->msr |= MSR_RI; 522 return; 523 } 524 525 if (check_io_access(regs)) 526 return; 527 528 if (debugger_fault_handler(regs)) 529 return; 530 die("Machine check", regs, SIGBUS); 531 532 /* Must die if the interrupt is not recoverable */ 533 if (!(regs->msr & MSR_RI)) 534 panic("Unrecoverable Machine check"); 535 } 536 537 void SMIException(struct pt_regs *regs) 538 { 539 die("System Management Interrupt", regs, SIGABRT); 540 } 541 542 void unknown_exception(struct pt_regs *regs) 543 { 544 printk("Bad trap at PC: %lx, SR: %lx, vector=%lx\n", 545 regs->nip, regs->msr, regs->trap); 546 547 _exception(SIGTRAP, regs, 0, 0); 548 } 549 550 void instruction_breakpoint_exception(struct pt_regs *regs) 551 { 552 if (notify_die(DIE_IABR_MATCH, "iabr_match", regs, 5, 553 5, SIGTRAP) == NOTIFY_STOP) 554 return; 555 if (debugger_iabr_match(regs)) 556 return; 557 _exception(SIGTRAP, regs, TRAP_BRKPT, regs->nip); 558 } 559 560 void RunModeException(struct pt_regs *regs) 561 { 562 _exception(SIGTRAP, regs, 0, 0); 563 } 564 565 void __kprobes single_step_exception(struct pt_regs *regs) 566 { 567 regs->msr &= ~(MSR_SE | MSR_BE); /* Turn off 'trace' bits */ 568 569 if (notify_die(DIE_SSTEP, "single_step", regs, 5, 570 5, SIGTRAP) == NOTIFY_STOP) 571 return; 572 if (debugger_sstep(regs)) 573 return; 574 575 _exception(SIGTRAP, regs, TRAP_TRACE, regs->nip); 576 } 577 578 /* 579 * After we have successfully emulated an instruction, we have to 580 * check if the instruction was being single-stepped, and if so, 581 * pretend we got a single-step exception. This was pointed out 582 * by Kumar Gala. -- paulus 583 */ 584 static void emulate_single_step(struct pt_regs *regs) 585 { 586 if (single_stepping(regs)) { 587 clear_single_step(regs); 588 _exception(SIGTRAP, regs, TRAP_TRACE, 0); 589 } 590 } 591 592 static inline int __parse_fpscr(unsigned long fpscr) 593 { 594 int ret = 0; 595 596 /* Invalid operation */ 597 if ((fpscr & FPSCR_VE) && (fpscr & FPSCR_VX)) 598 ret = FPE_FLTINV; 599 600 /* Overflow */ 601 else if ((fpscr & FPSCR_OE) && (fpscr & FPSCR_OX)) 602 ret = FPE_FLTOVF; 603 604 /* Underflow */ 605 else if ((fpscr & FPSCR_UE) && (fpscr & FPSCR_UX)) 606 ret = FPE_FLTUND; 607 608 /* Divide by zero */ 609 else if ((fpscr & FPSCR_ZE) && (fpscr & FPSCR_ZX)) 610 ret = FPE_FLTDIV; 611 612 /* Inexact result */ 613 else if ((fpscr & FPSCR_XE) && (fpscr & FPSCR_XX)) 614 ret = FPE_FLTRES; 615 616 return ret; 617 } 618 619 static void parse_fpe(struct pt_regs *regs) 620 { 621 int code = 0; 622 623 flush_fp_to_thread(current); 624 625 code = __parse_fpscr(current->thread.fpscr.val); 626 627 _exception(SIGFPE, regs, code, regs->nip); 628 } 629 630 /* 631 * Illegal instruction emulation support. Originally written to 632 * provide the PVR to user applications using the mfspr rd, PVR. 633 * Return non-zero if we can't emulate, or -EFAULT if the associated 634 * memory access caused an access fault. Return zero on success. 635 * 636 * There are a couple of ways to do this, either "decode" the instruction 637 * or directly match lots of bits. In this case, matching lots of 638 * bits is faster and easier. 639 * 640 */ 641 #define INST_MFSPR_PVR 0x7c1f42a6 642 #define INST_MFSPR_PVR_MASK 0xfc1fffff 643 644 #define INST_DCBA 0x7c0005ec 645 #define INST_DCBA_MASK 0xfc0007fe 646 647 #define INST_MCRXR 0x7c000400 648 #define INST_MCRXR_MASK 0xfc0007fe 649 650 #define INST_STRING 0x7c00042a 651 #define INST_STRING_MASK 0xfc0007fe 652 #define INST_STRING_GEN_MASK 0xfc00067e 653 #define INST_LSWI 0x7c0004aa 654 #define INST_LSWX 0x7c00042a 655 #define INST_STSWI 0x7c0005aa 656 #define INST_STSWX 0x7c00052a 657 658 #define INST_POPCNTB 0x7c0000f4 659 #define INST_POPCNTB_MASK 0xfc0007fe 660 661 #define INST_ISEL 0x7c00001e 662 #define INST_ISEL_MASK 0xfc00003e 663 664 static int emulate_string_inst(struct pt_regs *regs, u32 instword) 665 { 666 u8 rT = (instword >> 21) & 0x1f; 667 u8 rA = (instword >> 16) & 0x1f; 668 u8 NB_RB = (instword >> 11) & 0x1f; 669 u32 num_bytes; 670 unsigned long EA; 671 int pos = 0; 672 673 /* Early out if we are an invalid form of lswx */ 674 if ((instword & INST_STRING_MASK) == INST_LSWX) 675 if ((rT == rA) || (rT == NB_RB)) 676 return -EINVAL; 677 678 EA = (rA == 0) ? 0 : regs->gpr[rA]; 679 680 switch (instword & INST_STRING_MASK) { 681 case INST_LSWX: 682 case INST_STSWX: 683 EA += NB_RB; 684 num_bytes = regs->xer & 0x7f; 685 break; 686 case INST_LSWI: 687 case INST_STSWI: 688 num_bytes = (NB_RB == 0) ? 32 : NB_RB; 689 break; 690 default: 691 return -EINVAL; 692 } 693 694 while (num_bytes != 0) 695 { 696 u8 val; 697 u32 shift = 8 * (3 - (pos & 0x3)); 698 699 switch ((instword & INST_STRING_MASK)) { 700 case INST_LSWX: 701 case INST_LSWI: 702 if (get_user(val, (u8 __user *)EA)) 703 return -EFAULT; 704 /* first time updating this reg, 705 * zero it out */ 706 if (pos == 0) 707 regs->gpr[rT] = 0; 708 regs->gpr[rT] |= val << shift; 709 break; 710 case INST_STSWI: 711 case INST_STSWX: 712 val = regs->gpr[rT] >> shift; 713 if (put_user(val, (u8 __user *)EA)) 714 return -EFAULT; 715 break; 716 } 717 /* move EA to next address */ 718 EA += 1; 719 num_bytes--; 720 721 /* manage our position within the register */ 722 if (++pos == 4) { 723 pos = 0; 724 if (++rT == 32) 725 rT = 0; 726 } 727 } 728 729 return 0; 730 } 731 732 static int emulate_popcntb_inst(struct pt_regs *regs, u32 instword) 733 { 734 u32 ra,rs; 735 unsigned long tmp; 736 737 ra = (instword >> 16) & 0x1f; 738 rs = (instword >> 21) & 0x1f; 739 740 tmp = regs->gpr[rs]; 741 tmp = tmp - ((tmp >> 1) & 0x5555555555555555ULL); 742 tmp = (tmp & 0x3333333333333333ULL) + ((tmp >> 2) & 0x3333333333333333ULL); 743 tmp = (tmp + (tmp >> 4)) & 0x0f0f0f0f0f0f0f0fULL; 744 regs->gpr[ra] = tmp; 745 746 return 0; 747 } 748 749 static int emulate_isel(struct pt_regs *regs, u32 instword) 750 { 751 u8 rT = (instword >> 21) & 0x1f; 752 u8 rA = (instword >> 16) & 0x1f; 753 u8 rB = (instword >> 11) & 0x1f; 754 u8 BC = (instword >> 6) & 0x1f; 755 u8 bit; 756 unsigned long tmp; 757 758 tmp = (rA == 0) ? 0 : regs->gpr[rA]; 759 bit = (regs->ccr >> (31 - BC)) & 0x1; 760 761 regs->gpr[rT] = bit ? tmp : regs->gpr[rB]; 762 763 return 0; 764 } 765 766 static int emulate_instruction(struct pt_regs *regs) 767 { 768 u32 instword; 769 u32 rd; 770 771 if (!user_mode(regs) || (regs->msr & MSR_LE)) 772 return -EINVAL; 773 CHECK_FULL_REGS(regs); 774 775 if (get_user(instword, (u32 __user *)(regs->nip))) 776 return -EFAULT; 777 778 /* Emulate the mfspr rD, PVR. */ 779 if ((instword & INST_MFSPR_PVR_MASK) == INST_MFSPR_PVR) { 780 rd = (instword >> 21) & 0x1f; 781 regs->gpr[rd] = mfspr(SPRN_PVR); 782 return 0; 783 } 784 785 /* Emulating the dcba insn is just a no-op. */ 786 if ((instword & INST_DCBA_MASK) == INST_DCBA) 787 return 0; 788 789 /* Emulate the mcrxr insn. */ 790 if ((instword & INST_MCRXR_MASK) == INST_MCRXR) { 791 int shift = (instword >> 21) & 0x1c; 792 unsigned long msk = 0xf0000000UL >> shift; 793 794 regs->ccr = (regs->ccr & ~msk) | ((regs->xer >> shift) & msk); 795 regs->xer &= ~0xf0000000UL; 796 return 0; 797 } 798 799 /* Emulate load/store string insn. */ 800 if ((instword & INST_STRING_GEN_MASK) == INST_STRING) 801 return emulate_string_inst(regs, instword); 802 803 /* Emulate the popcntb (Population Count Bytes) instruction. */ 804 if ((instword & INST_POPCNTB_MASK) == INST_POPCNTB) { 805 return emulate_popcntb_inst(regs, instword); 806 } 807 808 /* Emulate isel (Integer Select) instruction */ 809 if ((instword & INST_ISEL_MASK) == INST_ISEL) { 810 return emulate_isel(regs, instword); 811 } 812 813 return -EINVAL; 814 } 815 816 int is_valid_bugaddr(unsigned long addr) 817 { 818 return is_kernel_addr(addr); 819 } 820 821 void __kprobes program_check_exception(struct pt_regs *regs) 822 { 823 unsigned int reason = get_reason(regs); 824 extern int do_mathemu(struct pt_regs *regs); 825 826 /* We can now get here via a FP Unavailable exception if the core 827 * has no FPU, in that case the reason flags will be 0 */ 828 829 if (reason & REASON_FP) { 830 /* IEEE FP exception */ 831 parse_fpe(regs); 832 return; 833 } 834 if (reason & REASON_TRAP) { 835 /* trap exception */ 836 if (notify_die(DIE_BPT, "breakpoint", regs, 5, 5, SIGTRAP) 837 == NOTIFY_STOP) 838 return; 839 if (debugger_bpt(regs)) 840 return; 841 842 if (!(regs->msr & MSR_PR) && /* not user-mode */ 843 report_bug(regs->nip, regs) == BUG_TRAP_TYPE_WARN) { 844 regs->nip += 4; 845 return; 846 } 847 _exception(SIGTRAP, regs, TRAP_BRKPT, regs->nip); 848 return; 849 } 850 851 local_irq_enable(); 852 853 #ifdef CONFIG_MATH_EMULATION 854 /* (reason & REASON_ILLEGAL) would be the obvious thing here, 855 * but there seems to be a hardware bug on the 405GP (RevD) 856 * that means ESR is sometimes set incorrectly - either to 857 * ESR_DST (!?) or 0. In the process of chasing this with the 858 * hardware people - not sure if it can happen on any illegal 859 * instruction or only on FP instructions, whether there is a 860 * pattern to occurences etc. -dgibson 31/Mar/2003 */ 861 switch (do_mathemu(regs)) { 862 case 0: 863 emulate_single_step(regs); 864 return; 865 case 1: { 866 int code = 0; 867 code = __parse_fpscr(current->thread.fpscr.val); 868 _exception(SIGFPE, regs, code, regs->nip); 869 return; 870 } 871 case -EFAULT: 872 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 873 return; 874 } 875 /* fall through on any other errors */ 876 #endif /* CONFIG_MATH_EMULATION */ 877 878 /* Try to emulate it if we should. */ 879 if (reason & (REASON_ILLEGAL | REASON_PRIVILEGED)) { 880 switch (emulate_instruction(regs)) { 881 case 0: 882 regs->nip += 4; 883 emulate_single_step(regs); 884 return; 885 case -EFAULT: 886 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 887 return; 888 } 889 } 890 891 if (reason & REASON_PRIVILEGED) 892 _exception(SIGILL, regs, ILL_PRVOPC, regs->nip); 893 else 894 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 895 } 896 897 void alignment_exception(struct pt_regs *regs) 898 { 899 int sig, code, fixed = 0; 900 901 /* we don't implement logging of alignment exceptions */ 902 if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS)) 903 fixed = fix_alignment(regs); 904 905 if (fixed == 1) { 906 regs->nip += 4; /* skip over emulated instruction */ 907 emulate_single_step(regs); 908 return; 909 } 910 911 /* Operand address was bad */ 912 if (fixed == -EFAULT) { 913 sig = SIGSEGV; 914 code = SEGV_ACCERR; 915 } else { 916 sig = SIGBUS; 917 code = BUS_ADRALN; 918 } 919 if (user_mode(regs)) 920 _exception(sig, regs, code, regs->dar); 921 else 922 bad_page_fault(regs, regs->dar, sig); 923 } 924 925 void StackOverflow(struct pt_regs *regs) 926 { 927 printk(KERN_CRIT "Kernel stack overflow in process %p, r1=%lx\n", 928 current, regs->gpr[1]); 929 debugger(regs); 930 show_regs(regs); 931 panic("kernel stack overflow"); 932 } 933 934 void nonrecoverable_exception(struct pt_regs *regs) 935 { 936 printk(KERN_ERR "Non-recoverable exception at PC=%lx MSR=%lx\n", 937 regs->nip, regs->msr); 938 debugger(regs); 939 die("nonrecoverable exception", regs, SIGKILL); 940 } 941 942 void trace_syscall(struct pt_regs *regs) 943 { 944 printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n", 945 current, task_pid_nr(current), regs->nip, regs->link, regs->gpr[0], 946 regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted()); 947 } 948 949 void kernel_fp_unavailable_exception(struct pt_regs *regs) 950 { 951 printk(KERN_EMERG "Unrecoverable FP Unavailable Exception " 952 "%lx at %lx\n", regs->trap, regs->nip); 953 die("Unrecoverable FP Unavailable Exception", regs, SIGABRT); 954 } 955 956 void altivec_unavailable_exception(struct pt_regs *regs) 957 { 958 if (user_mode(regs)) { 959 /* A user program has executed an altivec instruction, 960 but this kernel doesn't support altivec. */ 961 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 962 return; 963 } 964 965 printk(KERN_EMERG "Unrecoverable VMX/Altivec Unavailable Exception " 966 "%lx at %lx\n", regs->trap, regs->nip); 967 die("Unrecoverable VMX/Altivec Unavailable Exception", regs, SIGABRT); 968 } 969 970 void vsx_unavailable_exception(struct pt_regs *regs) 971 { 972 if (user_mode(regs)) { 973 /* A user program has executed an vsx instruction, 974 but this kernel doesn't support vsx. */ 975 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 976 return; 977 } 978 979 printk(KERN_EMERG "Unrecoverable VSX Unavailable Exception " 980 "%lx at %lx\n", regs->trap, regs->nip); 981 die("Unrecoverable VSX Unavailable Exception", regs, SIGABRT); 982 } 983 984 void performance_monitor_exception(struct pt_regs *regs) 985 { 986 perf_irq(regs); 987 } 988 989 #ifdef CONFIG_8xx 990 void SoftwareEmulation(struct pt_regs *regs) 991 { 992 extern int do_mathemu(struct pt_regs *); 993 extern int Soft_emulate_8xx(struct pt_regs *); 994 #if defined(CONFIG_MATH_EMULATION) || defined(CONFIG_8XX_MINIMAL_FPEMU) 995 int errcode; 996 #endif 997 998 CHECK_FULL_REGS(regs); 999 1000 if (!user_mode(regs)) { 1001 debugger(regs); 1002 die("Kernel Mode Software FPU Emulation", regs, SIGFPE); 1003 } 1004 1005 #ifdef CONFIG_MATH_EMULATION 1006 errcode = do_mathemu(regs); 1007 1008 switch (errcode) { 1009 case 0: 1010 emulate_single_step(regs); 1011 return; 1012 case 1: { 1013 int code = 0; 1014 code = __parse_fpscr(current->thread.fpscr.val); 1015 _exception(SIGFPE, regs, code, regs->nip); 1016 return; 1017 } 1018 case -EFAULT: 1019 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 1020 return; 1021 default: 1022 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 1023 return; 1024 } 1025 1026 #elif defined(CONFIG_8XX_MINIMAL_FPEMU) 1027 errcode = Soft_emulate_8xx(regs); 1028 switch (errcode) { 1029 case 0: 1030 emulate_single_step(regs); 1031 return; 1032 case 1: 1033 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 1034 return; 1035 case -EFAULT: 1036 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 1037 return; 1038 } 1039 #else 1040 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 1041 #endif 1042 } 1043 #endif /* CONFIG_8xx */ 1044 1045 #if defined(CONFIG_40x) || defined(CONFIG_BOOKE) 1046 1047 void __kprobes DebugException(struct pt_regs *regs, unsigned long debug_status) 1048 { 1049 if (debug_status & DBSR_IC) { /* instruction completion */ 1050 regs->msr &= ~MSR_DE; 1051 1052 /* Disable instruction completion */ 1053 mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) & ~DBCR0_IC); 1054 /* Clear the instruction completion event */ 1055 mtspr(SPRN_DBSR, DBSR_IC); 1056 1057 if (notify_die(DIE_SSTEP, "single_step", regs, 5, 1058 5, SIGTRAP) == NOTIFY_STOP) { 1059 return; 1060 } 1061 1062 if (debugger_sstep(regs)) 1063 return; 1064 1065 if (user_mode(regs)) { 1066 current->thread.dbcr0 &= ~DBCR0_IC; 1067 } 1068 1069 _exception(SIGTRAP, regs, TRAP_TRACE, regs->nip); 1070 } 1071 } 1072 #endif /* CONFIG_4xx || CONFIG_BOOKE */ 1073 1074 #if !defined(CONFIG_TAU_INT) 1075 void TAUException(struct pt_regs *regs) 1076 { 1077 printk("TAU trap at PC: %lx, MSR: %lx, vector=%lx %s\n", 1078 regs->nip, regs->msr, regs->trap, print_tainted()); 1079 } 1080 #endif /* CONFIG_INT_TAU */ 1081 1082 #ifdef CONFIG_ALTIVEC 1083 void altivec_assist_exception(struct pt_regs *regs) 1084 { 1085 int err; 1086 1087 if (!user_mode(regs)) { 1088 printk(KERN_EMERG "VMX/Altivec assist exception in kernel mode" 1089 " at %lx\n", regs->nip); 1090 die("Kernel VMX/Altivec assist exception", regs, SIGILL); 1091 } 1092 1093 flush_altivec_to_thread(current); 1094 1095 err = emulate_altivec(regs); 1096 if (err == 0) { 1097 regs->nip += 4; /* skip emulated instruction */ 1098 emulate_single_step(regs); 1099 return; 1100 } 1101 1102 if (err == -EFAULT) { 1103 /* got an error reading the instruction */ 1104 _exception(SIGSEGV, regs, SEGV_ACCERR, regs->nip); 1105 } else { 1106 /* didn't recognize the instruction */ 1107 /* XXX quick hack for now: set the non-Java bit in the VSCR */ 1108 if (printk_ratelimit()) 1109 printk(KERN_ERR "Unrecognized altivec instruction " 1110 "in %s at %lx\n", current->comm, regs->nip); 1111 current->thread.vscr.u[3] |= 0x10000; 1112 } 1113 } 1114 #endif /* CONFIG_ALTIVEC */ 1115 1116 #ifdef CONFIG_VSX 1117 void vsx_assist_exception(struct pt_regs *regs) 1118 { 1119 if (!user_mode(regs)) { 1120 printk(KERN_EMERG "VSX assist exception in kernel mode" 1121 " at %lx\n", regs->nip); 1122 die("Kernel VSX assist exception", regs, SIGILL); 1123 } 1124 1125 flush_vsx_to_thread(current); 1126 printk(KERN_INFO "VSX assist not supported at %lx\n", regs->nip); 1127 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 1128 } 1129 #endif /* CONFIG_VSX */ 1130 1131 #ifdef CONFIG_FSL_BOOKE 1132 void CacheLockingException(struct pt_regs *regs, unsigned long address, 1133 unsigned long error_code) 1134 { 1135 /* We treat cache locking instructions from the user 1136 * as priv ops, in the future we could try to do 1137 * something smarter 1138 */ 1139 if (error_code & (ESR_DLK|ESR_ILK)) 1140 _exception(SIGILL, regs, ILL_PRVOPC, regs->nip); 1141 return; 1142 } 1143 #endif /* CONFIG_FSL_BOOKE */ 1144 1145 #ifdef CONFIG_SPE 1146 void SPEFloatingPointException(struct pt_regs *regs) 1147 { 1148 unsigned long spefscr; 1149 int fpexc_mode; 1150 int code = 0; 1151 1152 spefscr = current->thread.spefscr; 1153 fpexc_mode = current->thread.fpexc_mode; 1154 1155 /* Hardware does not neccessarily set sticky 1156 * underflow/overflow/invalid flags */ 1157 if ((spefscr & SPEFSCR_FOVF) && (fpexc_mode & PR_FP_EXC_OVF)) { 1158 code = FPE_FLTOVF; 1159 spefscr |= SPEFSCR_FOVFS; 1160 } 1161 else if ((spefscr & SPEFSCR_FUNF) && (fpexc_mode & PR_FP_EXC_UND)) { 1162 code = FPE_FLTUND; 1163 spefscr |= SPEFSCR_FUNFS; 1164 } 1165 else if ((spefscr & SPEFSCR_FDBZ) && (fpexc_mode & PR_FP_EXC_DIV)) 1166 code = FPE_FLTDIV; 1167 else if ((spefscr & SPEFSCR_FINV) && (fpexc_mode & PR_FP_EXC_INV)) { 1168 code = FPE_FLTINV; 1169 spefscr |= SPEFSCR_FINVS; 1170 } 1171 else if ((spefscr & (SPEFSCR_FG | SPEFSCR_FX)) && (fpexc_mode & PR_FP_EXC_RES)) 1172 code = FPE_FLTRES; 1173 1174 current->thread.spefscr = spefscr; 1175 1176 _exception(SIGFPE, regs, code, regs->nip); 1177 return; 1178 } 1179 #endif 1180 1181 /* 1182 * We enter here if we get an unrecoverable exception, that is, one 1183 * that happened at a point where the RI (recoverable interrupt) bit 1184 * in the MSR is 0. This indicates that SRR0/1 are live, and that 1185 * we therefore lost state by taking this exception. 1186 */ 1187 void unrecoverable_exception(struct pt_regs *regs) 1188 { 1189 printk(KERN_EMERG "Unrecoverable exception %lx at %lx\n", 1190 regs->trap, regs->nip); 1191 die("Unrecoverable exception", regs, SIGABRT); 1192 } 1193 1194 #ifdef CONFIG_BOOKE_WDT 1195 /* 1196 * Default handler for a Watchdog exception, 1197 * spins until a reboot occurs 1198 */ 1199 void __attribute__ ((weak)) WatchdogHandler(struct pt_regs *regs) 1200 { 1201 /* Generic WatchdogHandler, implement your own */ 1202 mtspr(SPRN_TCR, mfspr(SPRN_TCR)&(~TCR_WIE)); 1203 return; 1204 } 1205 1206 void WatchdogException(struct pt_regs *regs) 1207 { 1208 printk (KERN_EMERG "PowerPC Book-E Watchdog Exception\n"); 1209 WatchdogHandler(regs); 1210 } 1211 #endif 1212 1213 /* 1214 * We enter here if we discover during exception entry that we are 1215 * running in supervisor mode with a userspace value in the stack pointer. 1216 */ 1217 void kernel_bad_stack(struct pt_regs *regs) 1218 { 1219 printk(KERN_EMERG "Bad kernel stack pointer %lx at %lx\n", 1220 regs->gpr[1], regs->nip); 1221 die("Bad kernel stack pointer", regs, SIGABRT); 1222 } 1223 1224 void __init trap_init(void) 1225 { 1226 } 1227