1 /* 2 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org) 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Modified by Cort Dougan (cort@cs.nmt.edu) 10 * and Paul Mackerras (paulus@samba.org) 11 */ 12 13 /* 14 * This file handles the architecture-dependent parts of hardware exceptions 15 */ 16 17 #include <linux/errno.h> 18 #include <linux/sched.h> 19 #include <linux/kernel.h> 20 #include <linux/mm.h> 21 #include <linux/stddef.h> 22 #include <linux/unistd.h> 23 #include <linux/ptrace.h> 24 #include <linux/slab.h> 25 #include <linux/user.h> 26 #include <linux/a.out.h> 27 #include <linux/interrupt.h> 28 #include <linux/init.h> 29 #include <linux/module.h> 30 #include <linux/prctl.h> 31 #include <linux/delay.h> 32 #include <linux/kprobes.h> 33 #include <linux/kexec.h> 34 #include <linux/backlight.h> 35 #include <linux/bug.h> 36 #include <linux/kdebug.h> 37 38 #include <asm/pgtable.h> 39 #include <asm/uaccess.h> 40 #include <asm/system.h> 41 #include <asm/io.h> 42 #include <asm/machdep.h> 43 #include <asm/rtas.h> 44 #include <asm/pmc.h> 45 #ifdef CONFIG_PPC32 46 #include <asm/reg.h> 47 #endif 48 #ifdef CONFIG_PMAC_BACKLIGHT 49 #include <asm/backlight.h> 50 #endif 51 #ifdef CONFIG_PPC64 52 #include <asm/firmware.h> 53 #include <asm/processor.h> 54 #endif 55 #include <asm/kexec.h> 56 57 #ifdef CONFIG_DEBUGGER 58 int (*__debugger)(struct pt_regs *regs); 59 int (*__debugger_ipi)(struct pt_regs *regs); 60 int (*__debugger_bpt)(struct pt_regs *regs); 61 int (*__debugger_sstep)(struct pt_regs *regs); 62 int (*__debugger_iabr_match)(struct pt_regs *regs); 63 int (*__debugger_dabr_match)(struct pt_regs *regs); 64 int (*__debugger_fault_handler)(struct pt_regs *regs); 65 66 EXPORT_SYMBOL(__debugger); 67 EXPORT_SYMBOL(__debugger_ipi); 68 EXPORT_SYMBOL(__debugger_bpt); 69 EXPORT_SYMBOL(__debugger_sstep); 70 EXPORT_SYMBOL(__debugger_iabr_match); 71 EXPORT_SYMBOL(__debugger_dabr_match); 72 EXPORT_SYMBOL(__debugger_fault_handler); 73 #endif 74 75 /* 76 * Trap & Exception support 77 */ 78 79 #ifdef CONFIG_PMAC_BACKLIGHT 80 static void pmac_backlight_unblank(void) 81 { 82 mutex_lock(&pmac_backlight_mutex); 83 if (pmac_backlight) { 84 struct backlight_properties *props; 85 86 props = &pmac_backlight->props; 87 props->brightness = props->max_brightness; 88 props->power = FB_BLANK_UNBLANK; 89 backlight_update_status(pmac_backlight); 90 } 91 mutex_unlock(&pmac_backlight_mutex); 92 } 93 #else 94 static inline void pmac_backlight_unblank(void) { } 95 #endif 96 97 int die(const char *str, struct pt_regs *regs, long err) 98 { 99 static struct { 100 spinlock_t lock; 101 u32 lock_owner; 102 int lock_owner_depth; 103 } die = { 104 .lock = __SPIN_LOCK_UNLOCKED(die.lock), 105 .lock_owner = -1, 106 .lock_owner_depth = 0 107 }; 108 static int die_counter; 109 unsigned long flags; 110 111 if (debugger(regs)) 112 return 1; 113 114 oops_enter(); 115 116 if (die.lock_owner != raw_smp_processor_id()) { 117 console_verbose(); 118 spin_lock_irqsave(&die.lock, flags); 119 die.lock_owner = smp_processor_id(); 120 die.lock_owner_depth = 0; 121 bust_spinlocks(1); 122 if (machine_is(powermac)) 123 pmac_backlight_unblank(); 124 } else { 125 local_save_flags(flags); 126 } 127 128 if (++die.lock_owner_depth < 3) { 129 printk("Oops: %s, sig: %ld [#%d]\n", str, err, ++die_counter); 130 #ifdef CONFIG_PREEMPT 131 printk("PREEMPT "); 132 #endif 133 #ifdef CONFIG_SMP 134 printk("SMP NR_CPUS=%d ", NR_CPUS); 135 #endif 136 #ifdef CONFIG_DEBUG_PAGEALLOC 137 printk("DEBUG_PAGEALLOC "); 138 #endif 139 #ifdef CONFIG_NUMA 140 printk("NUMA "); 141 #endif 142 printk("%s\n", ppc_md.name ? ppc_md.name : ""); 143 144 print_modules(); 145 show_regs(regs); 146 } else { 147 printk("Recursive die() failure, output suppressed\n"); 148 } 149 150 bust_spinlocks(0); 151 die.lock_owner = -1; 152 spin_unlock_irqrestore(&die.lock, flags); 153 154 if (kexec_should_crash(current) || 155 kexec_sr_activated(smp_processor_id())) 156 crash_kexec(regs); 157 crash_kexec_secondary(regs); 158 159 if (in_interrupt()) 160 panic("Fatal exception in interrupt"); 161 162 if (panic_on_oops) 163 panic("Fatal exception"); 164 165 oops_exit(); 166 do_exit(err); 167 168 return 0; 169 } 170 171 void _exception(int signr, struct pt_regs *regs, int code, unsigned long addr) 172 { 173 siginfo_t info; 174 175 if (!user_mode(regs)) { 176 if (die("Exception in kernel mode", regs, signr)) 177 return; 178 } 179 180 memset(&info, 0, sizeof(info)); 181 info.si_signo = signr; 182 info.si_code = code; 183 info.si_addr = (void __user *) addr; 184 force_sig_info(signr, &info, current); 185 186 /* 187 * Init gets no signals that it doesn't have a handler for. 188 * That's all very well, but if it has caused a synchronous 189 * exception and we ignore the resulting signal, it will just 190 * generate the same exception over and over again and we get 191 * nowhere. Better to kill it and let the kernel panic. 192 */ 193 if (is_init(current)) { 194 __sighandler_t handler; 195 196 spin_lock_irq(¤t->sighand->siglock); 197 handler = current->sighand->action[signr-1].sa.sa_handler; 198 spin_unlock_irq(¤t->sighand->siglock); 199 if (handler == SIG_DFL) { 200 /* init has generated a synchronous exception 201 and it doesn't have a handler for the signal */ 202 printk(KERN_CRIT "init has generated signal %d " 203 "but has no handler for it\n", signr); 204 do_exit(signr); 205 } 206 } 207 } 208 209 #ifdef CONFIG_PPC64 210 void system_reset_exception(struct pt_regs *regs) 211 { 212 /* See if any machine dependent calls */ 213 if (ppc_md.system_reset_exception) { 214 if (ppc_md.system_reset_exception(regs)) 215 return; 216 } 217 218 #ifdef CONFIG_KEXEC 219 cpu_set(smp_processor_id(), cpus_in_sr); 220 #endif 221 222 die("System Reset", regs, SIGABRT); 223 224 /* 225 * Some CPUs when released from the debugger will execute this path. 226 * These CPUs entered the debugger via a soft-reset. If the CPU was 227 * hung before entering the debugger it will return to the hung 228 * state when exiting this function. This causes a problem in 229 * kdump since the hung CPU(s) will not respond to the IPI sent 230 * from kdump. To prevent the problem we call crash_kexec_secondary() 231 * here. If a kdump had not been initiated or we exit the debugger 232 * with the "exit and recover" command (x) crash_kexec_secondary() 233 * will return after 5ms and the CPU returns to its previous state. 234 */ 235 crash_kexec_secondary(regs); 236 237 /* Must die if the interrupt is not recoverable */ 238 if (!(regs->msr & MSR_RI)) 239 panic("Unrecoverable System Reset"); 240 241 /* What should we do here? We could issue a shutdown or hard reset. */ 242 } 243 #endif 244 245 /* 246 * I/O accesses can cause machine checks on powermacs. 247 * Check if the NIP corresponds to the address of a sync 248 * instruction for which there is an entry in the exception 249 * table. 250 * Note that the 601 only takes a machine check on TEA 251 * (transfer error ack) signal assertion, and does not 252 * set any of the top 16 bits of SRR1. 253 * -- paulus. 254 */ 255 static inline int check_io_access(struct pt_regs *regs) 256 { 257 #ifdef CONFIG_PPC32 258 unsigned long msr = regs->msr; 259 const struct exception_table_entry *entry; 260 unsigned int *nip = (unsigned int *)regs->nip; 261 262 if (((msr & 0xffff0000) == 0 || (msr & (0x80000 | 0x40000))) 263 && (entry = search_exception_tables(regs->nip)) != NULL) { 264 /* 265 * Check that it's a sync instruction, or somewhere 266 * in the twi; isync; nop sequence that inb/inw/inl uses. 267 * As the address is in the exception table 268 * we should be able to read the instr there. 269 * For the debug message, we look at the preceding 270 * load or store. 271 */ 272 if (*nip == 0x60000000) /* nop */ 273 nip -= 2; 274 else if (*nip == 0x4c00012c) /* isync */ 275 --nip; 276 if (*nip == 0x7c0004ac || (*nip >> 26) == 3) { 277 /* sync or twi */ 278 unsigned int rb; 279 280 --nip; 281 rb = (*nip >> 11) & 0x1f; 282 printk(KERN_DEBUG "%s bad port %lx at %p\n", 283 (*nip & 0x100)? "OUT to": "IN from", 284 regs->gpr[rb] - _IO_BASE, nip); 285 regs->msr |= MSR_RI; 286 regs->nip = entry->fixup; 287 return 1; 288 } 289 } 290 #endif /* CONFIG_PPC32 */ 291 return 0; 292 } 293 294 #if defined(CONFIG_4xx) || defined(CONFIG_BOOKE) 295 /* On 4xx, the reason for the machine check or program exception 296 is in the ESR. */ 297 #define get_reason(regs) ((regs)->dsisr) 298 #ifndef CONFIG_FSL_BOOKE 299 #define get_mc_reason(regs) ((regs)->dsisr) 300 #else 301 #define get_mc_reason(regs) (mfspr(SPRN_MCSR)) 302 #endif 303 #define REASON_FP ESR_FP 304 #define REASON_ILLEGAL (ESR_PIL | ESR_PUO) 305 #define REASON_PRIVILEGED ESR_PPR 306 #define REASON_TRAP ESR_PTR 307 308 /* single-step stuff */ 309 #define single_stepping(regs) (current->thread.dbcr0 & DBCR0_IC) 310 #define clear_single_step(regs) (current->thread.dbcr0 &= ~DBCR0_IC) 311 312 #else 313 /* On non-4xx, the reason for the machine check or program 314 exception is in the MSR. */ 315 #define get_reason(regs) ((regs)->msr) 316 #define get_mc_reason(regs) ((regs)->msr) 317 #define REASON_FP 0x100000 318 #define REASON_ILLEGAL 0x80000 319 #define REASON_PRIVILEGED 0x40000 320 #define REASON_TRAP 0x20000 321 322 #define single_stepping(regs) ((regs)->msr & MSR_SE) 323 #define clear_single_step(regs) ((regs)->msr &= ~MSR_SE) 324 #endif 325 326 /* 327 * This is "fall-back" implementation for configurations 328 * which don't provide platform-specific machine check info 329 */ 330 void __attribute__ ((weak)) 331 platform_machine_check(struct pt_regs *regs) 332 { 333 } 334 335 void machine_check_exception(struct pt_regs *regs) 336 { 337 int recover = 0; 338 unsigned long reason = get_mc_reason(regs); 339 340 /* See if any machine dependent calls */ 341 if (ppc_md.machine_check_exception) 342 recover = ppc_md.machine_check_exception(regs); 343 344 if (recover) 345 return; 346 347 if (user_mode(regs)) { 348 regs->msr |= MSR_RI; 349 _exception(SIGBUS, regs, BUS_ADRERR, regs->nip); 350 return; 351 } 352 353 #if defined(CONFIG_8xx) && defined(CONFIG_PCI) 354 /* the qspan pci read routines can cause machine checks -- Cort */ 355 bad_page_fault(regs, regs->dar, SIGBUS); 356 return; 357 #endif 358 359 if (debugger_fault_handler(regs)) { 360 regs->msr |= MSR_RI; 361 return; 362 } 363 364 if (check_io_access(regs)) 365 return; 366 367 #if defined(CONFIG_4xx) && !defined(CONFIG_440A) 368 if (reason & ESR_IMCP) { 369 printk("Instruction"); 370 mtspr(SPRN_ESR, reason & ~ESR_IMCP); 371 } else 372 printk("Data"); 373 printk(" machine check in kernel mode.\n"); 374 #elif defined(CONFIG_440A) 375 printk("Machine check in kernel mode.\n"); 376 if (reason & ESR_IMCP){ 377 printk("Instruction Synchronous Machine Check exception\n"); 378 mtspr(SPRN_ESR, reason & ~ESR_IMCP); 379 } 380 else { 381 u32 mcsr = mfspr(SPRN_MCSR); 382 if (mcsr & MCSR_IB) 383 printk("Instruction Read PLB Error\n"); 384 if (mcsr & MCSR_DRB) 385 printk("Data Read PLB Error\n"); 386 if (mcsr & MCSR_DWB) 387 printk("Data Write PLB Error\n"); 388 if (mcsr & MCSR_TLBP) 389 printk("TLB Parity Error\n"); 390 if (mcsr & MCSR_ICP){ 391 flush_instruction_cache(); 392 printk("I-Cache Parity Error\n"); 393 } 394 if (mcsr & MCSR_DCSP) 395 printk("D-Cache Search Parity Error\n"); 396 if (mcsr & MCSR_DCFP) 397 printk("D-Cache Flush Parity Error\n"); 398 if (mcsr & MCSR_IMPE) 399 printk("Machine Check exception is imprecise\n"); 400 401 /* Clear MCSR */ 402 mtspr(SPRN_MCSR, mcsr); 403 } 404 #elif defined (CONFIG_E500) 405 printk("Machine check in kernel mode.\n"); 406 printk("Caused by (from MCSR=%lx): ", reason); 407 408 if (reason & MCSR_MCP) 409 printk("Machine Check Signal\n"); 410 if (reason & MCSR_ICPERR) 411 printk("Instruction Cache Parity Error\n"); 412 if (reason & MCSR_DCP_PERR) 413 printk("Data Cache Push Parity Error\n"); 414 if (reason & MCSR_DCPERR) 415 printk("Data Cache Parity Error\n"); 416 if (reason & MCSR_GL_CI) 417 printk("Guarded Load or Cache-Inhibited stwcx.\n"); 418 if (reason & MCSR_BUS_IAERR) 419 printk("Bus - Instruction Address Error\n"); 420 if (reason & MCSR_BUS_RAERR) 421 printk("Bus - Read Address Error\n"); 422 if (reason & MCSR_BUS_WAERR) 423 printk("Bus - Write Address Error\n"); 424 if (reason & MCSR_BUS_IBERR) 425 printk("Bus - Instruction Data Error\n"); 426 if (reason & MCSR_BUS_RBERR) 427 printk("Bus - Read Data Bus Error\n"); 428 if (reason & MCSR_BUS_WBERR) 429 printk("Bus - Read Data Bus Error\n"); 430 if (reason & MCSR_BUS_IPERR) 431 printk("Bus - Instruction Parity Error\n"); 432 if (reason & MCSR_BUS_RPERR) 433 printk("Bus - Read Parity Error\n"); 434 #elif defined (CONFIG_E200) 435 printk("Machine check in kernel mode.\n"); 436 printk("Caused by (from MCSR=%lx): ", reason); 437 438 if (reason & MCSR_MCP) 439 printk("Machine Check Signal\n"); 440 if (reason & MCSR_CP_PERR) 441 printk("Cache Push Parity Error\n"); 442 if (reason & MCSR_CPERR) 443 printk("Cache Parity Error\n"); 444 if (reason & MCSR_EXCP_ERR) 445 printk("ISI, ITLB, or Bus Error on first instruction fetch for an exception handler\n"); 446 if (reason & MCSR_BUS_IRERR) 447 printk("Bus - Read Bus Error on instruction fetch\n"); 448 if (reason & MCSR_BUS_DRERR) 449 printk("Bus - Read Bus Error on data load\n"); 450 if (reason & MCSR_BUS_WRERR) 451 printk("Bus - Write Bus Error on buffered store or cache line push\n"); 452 #else /* !CONFIG_4xx && !CONFIG_E500 && !CONFIG_E200 */ 453 printk("Machine check in kernel mode.\n"); 454 printk("Caused by (from SRR1=%lx): ", reason); 455 switch (reason & 0x601F0000) { 456 case 0x80000: 457 printk("Machine check signal\n"); 458 break; 459 case 0: /* for 601 */ 460 case 0x40000: 461 case 0x140000: /* 7450 MSS error and TEA */ 462 printk("Transfer error ack signal\n"); 463 break; 464 case 0x20000: 465 printk("Data parity error signal\n"); 466 break; 467 case 0x10000: 468 printk("Address parity error signal\n"); 469 break; 470 case 0x20000000: 471 printk("L1 Data Cache error\n"); 472 break; 473 case 0x40000000: 474 printk("L1 Instruction Cache error\n"); 475 break; 476 case 0x00100000: 477 printk("L2 data cache parity error\n"); 478 break; 479 default: 480 printk("Unknown values in msr\n"); 481 } 482 #endif /* CONFIG_4xx */ 483 484 /* 485 * Optional platform-provided routine to print out 486 * additional info, e.g. bus error registers. 487 */ 488 platform_machine_check(regs); 489 490 if (debugger_fault_handler(regs)) 491 return; 492 die("Machine check", regs, SIGBUS); 493 494 /* Must die if the interrupt is not recoverable */ 495 if (!(regs->msr & MSR_RI)) 496 panic("Unrecoverable Machine check"); 497 } 498 499 void SMIException(struct pt_regs *regs) 500 { 501 die("System Management Interrupt", regs, SIGABRT); 502 } 503 504 void unknown_exception(struct pt_regs *regs) 505 { 506 printk("Bad trap at PC: %lx, SR: %lx, vector=%lx\n", 507 regs->nip, regs->msr, regs->trap); 508 509 _exception(SIGTRAP, regs, 0, 0); 510 } 511 512 void instruction_breakpoint_exception(struct pt_regs *regs) 513 { 514 if (notify_die(DIE_IABR_MATCH, "iabr_match", regs, 5, 515 5, SIGTRAP) == NOTIFY_STOP) 516 return; 517 if (debugger_iabr_match(regs)) 518 return; 519 _exception(SIGTRAP, regs, TRAP_BRKPT, regs->nip); 520 } 521 522 void RunModeException(struct pt_regs *regs) 523 { 524 _exception(SIGTRAP, regs, 0, 0); 525 } 526 527 void __kprobes single_step_exception(struct pt_regs *regs) 528 { 529 regs->msr &= ~(MSR_SE | MSR_BE); /* Turn off 'trace' bits */ 530 531 if (notify_die(DIE_SSTEP, "single_step", regs, 5, 532 5, SIGTRAP) == NOTIFY_STOP) 533 return; 534 if (debugger_sstep(regs)) 535 return; 536 537 _exception(SIGTRAP, regs, TRAP_TRACE, regs->nip); 538 } 539 540 /* 541 * After we have successfully emulated an instruction, we have to 542 * check if the instruction was being single-stepped, and if so, 543 * pretend we got a single-step exception. This was pointed out 544 * by Kumar Gala. -- paulus 545 */ 546 static void emulate_single_step(struct pt_regs *regs) 547 { 548 if (single_stepping(regs)) { 549 clear_single_step(regs); 550 _exception(SIGTRAP, regs, TRAP_TRACE, 0); 551 } 552 } 553 554 static inline int __parse_fpscr(unsigned long fpscr) 555 { 556 int ret = 0; 557 558 /* Invalid operation */ 559 if ((fpscr & FPSCR_VE) && (fpscr & FPSCR_VX)) 560 ret = FPE_FLTINV; 561 562 /* Overflow */ 563 else if ((fpscr & FPSCR_OE) && (fpscr & FPSCR_OX)) 564 ret = FPE_FLTOVF; 565 566 /* Underflow */ 567 else if ((fpscr & FPSCR_UE) && (fpscr & FPSCR_UX)) 568 ret = FPE_FLTUND; 569 570 /* Divide by zero */ 571 else if ((fpscr & FPSCR_ZE) && (fpscr & FPSCR_ZX)) 572 ret = FPE_FLTDIV; 573 574 /* Inexact result */ 575 else if ((fpscr & FPSCR_XE) && (fpscr & FPSCR_XX)) 576 ret = FPE_FLTRES; 577 578 return ret; 579 } 580 581 static void parse_fpe(struct pt_regs *regs) 582 { 583 int code = 0; 584 585 flush_fp_to_thread(current); 586 587 code = __parse_fpscr(current->thread.fpscr.val); 588 589 _exception(SIGFPE, regs, code, regs->nip); 590 } 591 592 /* 593 * Illegal instruction emulation support. Originally written to 594 * provide the PVR to user applications using the mfspr rd, PVR. 595 * Return non-zero if we can't emulate, or -EFAULT if the associated 596 * memory access caused an access fault. Return zero on success. 597 * 598 * There are a couple of ways to do this, either "decode" the instruction 599 * or directly match lots of bits. In this case, matching lots of 600 * bits is faster and easier. 601 * 602 */ 603 #define INST_MFSPR_PVR 0x7c1f42a6 604 #define INST_MFSPR_PVR_MASK 0xfc1fffff 605 606 #define INST_DCBA 0x7c0005ec 607 #define INST_DCBA_MASK 0xfc0007fe 608 609 #define INST_MCRXR 0x7c000400 610 #define INST_MCRXR_MASK 0xfc0007fe 611 612 #define INST_STRING 0x7c00042a 613 #define INST_STRING_MASK 0xfc0007fe 614 #define INST_STRING_GEN_MASK 0xfc00067e 615 #define INST_LSWI 0x7c0004aa 616 #define INST_LSWX 0x7c00042a 617 #define INST_STSWI 0x7c0005aa 618 #define INST_STSWX 0x7c00052a 619 620 #define INST_POPCNTB 0x7c0000f4 621 #define INST_POPCNTB_MASK 0xfc0007fe 622 623 static int emulate_string_inst(struct pt_regs *regs, u32 instword) 624 { 625 u8 rT = (instword >> 21) & 0x1f; 626 u8 rA = (instword >> 16) & 0x1f; 627 u8 NB_RB = (instword >> 11) & 0x1f; 628 u32 num_bytes; 629 unsigned long EA; 630 int pos = 0; 631 632 /* Early out if we are an invalid form of lswx */ 633 if ((instword & INST_STRING_MASK) == INST_LSWX) 634 if ((rT == rA) || (rT == NB_RB)) 635 return -EINVAL; 636 637 EA = (rA == 0) ? 0 : regs->gpr[rA]; 638 639 switch (instword & INST_STRING_MASK) { 640 case INST_LSWX: 641 case INST_STSWX: 642 EA += NB_RB; 643 num_bytes = regs->xer & 0x7f; 644 break; 645 case INST_LSWI: 646 case INST_STSWI: 647 num_bytes = (NB_RB == 0) ? 32 : NB_RB; 648 break; 649 default: 650 return -EINVAL; 651 } 652 653 while (num_bytes != 0) 654 { 655 u8 val; 656 u32 shift = 8 * (3 - (pos & 0x3)); 657 658 switch ((instword & INST_STRING_MASK)) { 659 case INST_LSWX: 660 case INST_LSWI: 661 if (get_user(val, (u8 __user *)EA)) 662 return -EFAULT; 663 /* first time updating this reg, 664 * zero it out */ 665 if (pos == 0) 666 regs->gpr[rT] = 0; 667 regs->gpr[rT] |= val << shift; 668 break; 669 case INST_STSWI: 670 case INST_STSWX: 671 val = regs->gpr[rT] >> shift; 672 if (put_user(val, (u8 __user *)EA)) 673 return -EFAULT; 674 break; 675 } 676 /* move EA to next address */ 677 EA += 1; 678 num_bytes--; 679 680 /* manage our position within the register */ 681 if (++pos == 4) { 682 pos = 0; 683 if (++rT == 32) 684 rT = 0; 685 } 686 } 687 688 return 0; 689 } 690 691 static int emulate_popcntb_inst(struct pt_regs *regs, u32 instword) 692 { 693 u32 ra,rs; 694 unsigned long tmp; 695 696 ra = (instword >> 16) & 0x1f; 697 rs = (instword >> 21) & 0x1f; 698 699 tmp = regs->gpr[rs]; 700 tmp = tmp - ((tmp >> 1) & 0x5555555555555555ULL); 701 tmp = (tmp & 0x3333333333333333ULL) + ((tmp >> 2) & 0x3333333333333333ULL); 702 tmp = (tmp + (tmp >> 4)) & 0x0f0f0f0f0f0f0f0fULL; 703 regs->gpr[ra] = tmp; 704 705 return 0; 706 } 707 708 static int emulate_instruction(struct pt_regs *regs) 709 { 710 u32 instword; 711 u32 rd; 712 713 if (!user_mode(regs) || (regs->msr & MSR_LE)) 714 return -EINVAL; 715 CHECK_FULL_REGS(regs); 716 717 if (get_user(instword, (u32 __user *)(regs->nip))) 718 return -EFAULT; 719 720 /* Emulate the mfspr rD, PVR. */ 721 if ((instword & INST_MFSPR_PVR_MASK) == INST_MFSPR_PVR) { 722 rd = (instword >> 21) & 0x1f; 723 regs->gpr[rd] = mfspr(SPRN_PVR); 724 return 0; 725 } 726 727 /* Emulating the dcba insn is just a no-op. */ 728 if ((instword & INST_DCBA_MASK) == INST_DCBA) 729 return 0; 730 731 /* Emulate the mcrxr insn. */ 732 if ((instword & INST_MCRXR_MASK) == INST_MCRXR) { 733 int shift = (instword >> 21) & 0x1c; 734 unsigned long msk = 0xf0000000UL >> shift; 735 736 regs->ccr = (regs->ccr & ~msk) | ((regs->xer >> shift) & msk); 737 regs->xer &= ~0xf0000000UL; 738 return 0; 739 } 740 741 /* Emulate load/store string insn. */ 742 if ((instword & INST_STRING_GEN_MASK) == INST_STRING) 743 return emulate_string_inst(regs, instword); 744 745 /* Emulate the popcntb (Population Count Bytes) instruction. */ 746 if ((instword & INST_POPCNTB_MASK) == INST_POPCNTB) { 747 return emulate_popcntb_inst(regs, instword); 748 } 749 750 return -EINVAL; 751 } 752 753 int is_valid_bugaddr(unsigned long addr) 754 { 755 return is_kernel_addr(addr); 756 } 757 758 void __kprobes program_check_exception(struct pt_regs *regs) 759 { 760 unsigned int reason = get_reason(regs); 761 extern int do_mathemu(struct pt_regs *regs); 762 763 /* We can now get here via a FP Unavailable exception if the core 764 * has no FPU, in that case the reason flags will be 0 */ 765 766 if (reason & REASON_FP) { 767 /* IEEE FP exception */ 768 parse_fpe(regs); 769 return; 770 } 771 if (reason & REASON_TRAP) { 772 /* trap exception */ 773 if (notify_die(DIE_BPT, "breakpoint", regs, 5, 5, SIGTRAP) 774 == NOTIFY_STOP) 775 return; 776 if (debugger_bpt(regs)) 777 return; 778 779 if (!(regs->msr & MSR_PR) && /* not user-mode */ 780 report_bug(regs->nip) == BUG_TRAP_TYPE_WARN) { 781 regs->nip += 4; 782 return; 783 } 784 _exception(SIGTRAP, regs, TRAP_BRKPT, regs->nip); 785 return; 786 } 787 788 local_irq_enable(); 789 790 #ifdef CONFIG_MATH_EMULATION 791 /* (reason & REASON_ILLEGAL) would be the obvious thing here, 792 * but there seems to be a hardware bug on the 405GP (RevD) 793 * that means ESR is sometimes set incorrectly - either to 794 * ESR_DST (!?) or 0. In the process of chasing this with the 795 * hardware people - not sure if it can happen on any illegal 796 * instruction or only on FP instructions, whether there is a 797 * pattern to occurences etc. -dgibson 31/Mar/2003 */ 798 switch (do_mathemu(regs)) { 799 case 0: 800 emulate_single_step(regs); 801 return; 802 case 1: { 803 int code = 0; 804 code = __parse_fpscr(current->thread.fpscr.val); 805 _exception(SIGFPE, regs, code, regs->nip); 806 return; 807 } 808 case -EFAULT: 809 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 810 return; 811 } 812 /* fall through on any other errors */ 813 #endif /* CONFIG_MATH_EMULATION */ 814 815 /* Try to emulate it if we should. */ 816 if (reason & (REASON_ILLEGAL | REASON_PRIVILEGED)) { 817 switch (emulate_instruction(regs)) { 818 case 0: 819 regs->nip += 4; 820 emulate_single_step(regs); 821 return; 822 case -EFAULT: 823 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 824 return; 825 } 826 } 827 828 if (reason & REASON_PRIVILEGED) 829 _exception(SIGILL, regs, ILL_PRVOPC, regs->nip); 830 else 831 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 832 } 833 834 void alignment_exception(struct pt_regs *regs) 835 { 836 int sig, code, fixed = 0; 837 838 /* we don't implement logging of alignment exceptions */ 839 if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS)) 840 fixed = fix_alignment(regs); 841 842 if (fixed == 1) { 843 regs->nip += 4; /* skip over emulated instruction */ 844 emulate_single_step(regs); 845 return; 846 } 847 848 /* Operand address was bad */ 849 if (fixed == -EFAULT) { 850 sig = SIGSEGV; 851 code = SEGV_ACCERR; 852 } else { 853 sig = SIGBUS; 854 code = BUS_ADRALN; 855 } 856 if (user_mode(regs)) 857 _exception(sig, regs, code, regs->dar); 858 else 859 bad_page_fault(regs, regs->dar, sig); 860 } 861 862 void StackOverflow(struct pt_regs *regs) 863 { 864 printk(KERN_CRIT "Kernel stack overflow in process %p, r1=%lx\n", 865 current, regs->gpr[1]); 866 debugger(regs); 867 show_regs(regs); 868 panic("kernel stack overflow"); 869 } 870 871 void nonrecoverable_exception(struct pt_regs *regs) 872 { 873 printk(KERN_ERR "Non-recoverable exception at PC=%lx MSR=%lx\n", 874 regs->nip, regs->msr); 875 debugger(regs); 876 die("nonrecoverable exception", regs, SIGKILL); 877 } 878 879 void trace_syscall(struct pt_regs *regs) 880 { 881 printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n", 882 current, current->pid, regs->nip, regs->link, regs->gpr[0], 883 regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted()); 884 } 885 886 void kernel_fp_unavailable_exception(struct pt_regs *regs) 887 { 888 printk(KERN_EMERG "Unrecoverable FP Unavailable Exception " 889 "%lx at %lx\n", regs->trap, regs->nip); 890 die("Unrecoverable FP Unavailable Exception", regs, SIGABRT); 891 } 892 893 void altivec_unavailable_exception(struct pt_regs *regs) 894 { 895 if (user_mode(regs)) { 896 /* A user program has executed an altivec instruction, 897 but this kernel doesn't support altivec. */ 898 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 899 return; 900 } 901 902 printk(KERN_EMERG "Unrecoverable VMX/Altivec Unavailable Exception " 903 "%lx at %lx\n", regs->trap, regs->nip); 904 die("Unrecoverable VMX/Altivec Unavailable Exception", regs, SIGABRT); 905 } 906 907 void performance_monitor_exception(struct pt_regs *regs) 908 { 909 perf_irq(regs); 910 } 911 912 #ifdef CONFIG_8xx 913 void SoftwareEmulation(struct pt_regs *regs) 914 { 915 extern int do_mathemu(struct pt_regs *); 916 extern int Soft_emulate_8xx(struct pt_regs *); 917 int errcode; 918 919 CHECK_FULL_REGS(regs); 920 921 if (!user_mode(regs)) { 922 debugger(regs); 923 die("Kernel Mode Software FPU Emulation", regs, SIGFPE); 924 } 925 926 #ifdef CONFIG_MATH_EMULATION 927 errcode = do_mathemu(regs); 928 929 switch (errcode) { 930 case 0: 931 emulate_single_step(regs); 932 return; 933 case 1: { 934 int code = 0; 935 code = __parse_fpscr(current->thread.fpscr.val); 936 _exception(SIGFPE, regs, code, regs->nip); 937 return; 938 } 939 case -EFAULT: 940 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 941 return; 942 default: 943 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 944 return; 945 } 946 947 #else 948 errcode = Soft_emulate_8xx(regs); 949 switch (errcode) { 950 case 0: 951 emulate_single_step(regs); 952 return; 953 case 1: 954 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 955 return; 956 case -EFAULT: 957 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 958 return; 959 } 960 #endif 961 } 962 #endif /* CONFIG_8xx */ 963 964 #if defined(CONFIG_40x) || defined(CONFIG_BOOKE) 965 966 void DebugException(struct pt_regs *regs, unsigned long debug_status) 967 { 968 if (debug_status & DBSR_IC) { /* instruction completion */ 969 regs->msr &= ~MSR_DE; 970 if (user_mode(regs)) { 971 current->thread.dbcr0 &= ~DBCR0_IC; 972 } else { 973 /* Disable instruction completion */ 974 mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) & ~DBCR0_IC); 975 /* Clear the instruction completion event */ 976 mtspr(SPRN_DBSR, DBSR_IC); 977 if (debugger_sstep(regs)) 978 return; 979 } 980 _exception(SIGTRAP, regs, TRAP_TRACE, 0); 981 } 982 } 983 #endif /* CONFIG_4xx || CONFIG_BOOKE */ 984 985 #if !defined(CONFIG_TAU_INT) 986 void TAUException(struct pt_regs *regs) 987 { 988 printk("TAU trap at PC: %lx, MSR: %lx, vector=%lx %s\n", 989 regs->nip, regs->msr, regs->trap, print_tainted()); 990 } 991 #endif /* CONFIG_INT_TAU */ 992 993 #ifdef CONFIG_ALTIVEC 994 void altivec_assist_exception(struct pt_regs *regs) 995 { 996 int err; 997 998 if (!user_mode(regs)) { 999 printk(KERN_EMERG "VMX/Altivec assist exception in kernel mode" 1000 " at %lx\n", regs->nip); 1001 die("Kernel VMX/Altivec assist exception", regs, SIGILL); 1002 } 1003 1004 flush_altivec_to_thread(current); 1005 1006 err = emulate_altivec(regs); 1007 if (err == 0) { 1008 regs->nip += 4; /* skip emulated instruction */ 1009 emulate_single_step(regs); 1010 return; 1011 } 1012 1013 if (err == -EFAULT) { 1014 /* got an error reading the instruction */ 1015 _exception(SIGSEGV, regs, SEGV_ACCERR, regs->nip); 1016 } else { 1017 /* didn't recognize the instruction */ 1018 /* XXX quick hack for now: set the non-Java bit in the VSCR */ 1019 if (printk_ratelimit()) 1020 printk(KERN_ERR "Unrecognized altivec instruction " 1021 "in %s at %lx\n", current->comm, regs->nip); 1022 current->thread.vscr.u[3] |= 0x10000; 1023 } 1024 } 1025 #endif /* CONFIG_ALTIVEC */ 1026 1027 #ifdef CONFIG_FSL_BOOKE 1028 void CacheLockingException(struct pt_regs *regs, unsigned long address, 1029 unsigned long error_code) 1030 { 1031 /* We treat cache locking instructions from the user 1032 * as priv ops, in the future we could try to do 1033 * something smarter 1034 */ 1035 if (error_code & (ESR_DLK|ESR_ILK)) 1036 _exception(SIGILL, regs, ILL_PRVOPC, regs->nip); 1037 return; 1038 } 1039 #endif /* CONFIG_FSL_BOOKE */ 1040 1041 #ifdef CONFIG_SPE 1042 void SPEFloatingPointException(struct pt_regs *regs) 1043 { 1044 unsigned long spefscr; 1045 int fpexc_mode; 1046 int code = 0; 1047 1048 spefscr = current->thread.spefscr; 1049 fpexc_mode = current->thread.fpexc_mode; 1050 1051 /* Hardware does not neccessarily set sticky 1052 * underflow/overflow/invalid flags */ 1053 if ((spefscr & SPEFSCR_FOVF) && (fpexc_mode & PR_FP_EXC_OVF)) { 1054 code = FPE_FLTOVF; 1055 spefscr |= SPEFSCR_FOVFS; 1056 } 1057 else if ((spefscr & SPEFSCR_FUNF) && (fpexc_mode & PR_FP_EXC_UND)) { 1058 code = FPE_FLTUND; 1059 spefscr |= SPEFSCR_FUNFS; 1060 } 1061 else if ((spefscr & SPEFSCR_FDBZ) && (fpexc_mode & PR_FP_EXC_DIV)) 1062 code = FPE_FLTDIV; 1063 else if ((spefscr & SPEFSCR_FINV) && (fpexc_mode & PR_FP_EXC_INV)) { 1064 code = FPE_FLTINV; 1065 spefscr |= SPEFSCR_FINVS; 1066 } 1067 else if ((spefscr & (SPEFSCR_FG | SPEFSCR_FX)) && (fpexc_mode & PR_FP_EXC_RES)) 1068 code = FPE_FLTRES; 1069 1070 current->thread.spefscr = spefscr; 1071 1072 _exception(SIGFPE, regs, code, regs->nip); 1073 return; 1074 } 1075 #endif 1076 1077 /* 1078 * We enter here if we get an unrecoverable exception, that is, one 1079 * that happened at a point where the RI (recoverable interrupt) bit 1080 * in the MSR is 0. This indicates that SRR0/1 are live, and that 1081 * we therefore lost state by taking this exception. 1082 */ 1083 void unrecoverable_exception(struct pt_regs *regs) 1084 { 1085 printk(KERN_EMERG "Unrecoverable exception %lx at %lx\n", 1086 regs->trap, regs->nip); 1087 die("Unrecoverable exception", regs, SIGABRT); 1088 } 1089 1090 #ifdef CONFIG_BOOKE_WDT 1091 /* 1092 * Default handler for a Watchdog exception, 1093 * spins until a reboot occurs 1094 */ 1095 void __attribute__ ((weak)) WatchdogHandler(struct pt_regs *regs) 1096 { 1097 /* Generic WatchdogHandler, implement your own */ 1098 mtspr(SPRN_TCR, mfspr(SPRN_TCR)&(~TCR_WIE)); 1099 return; 1100 } 1101 1102 void WatchdogException(struct pt_regs *regs) 1103 { 1104 printk (KERN_EMERG "PowerPC Book-E Watchdog Exception\n"); 1105 WatchdogHandler(regs); 1106 } 1107 #endif 1108 1109 /* 1110 * We enter here if we discover during exception entry that we are 1111 * running in supervisor mode with a userspace value in the stack pointer. 1112 */ 1113 void kernel_bad_stack(struct pt_regs *regs) 1114 { 1115 printk(KERN_EMERG "Bad kernel stack pointer %lx at %lx\n", 1116 regs->gpr[1], regs->nip); 1117 die("Bad kernel stack pointer", regs, SIGABRT); 1118 } 1119 1120 void __init trap_init(void) 1121 { 1122 } 1123