1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * Single-step support. 4 * 5 * Copyright (C) 2004 Paul Mackerras <paulus@au.ibm.com>, IBM 6 */ 7 #include <linux/kernel.h> 8 #include <linux/kprobes.h> 9 #include <linux/ptrace.h> 10 #include <linux/prefetch.h> 11 #include <asm/sstep.h> 12 #include <asm/processor.h> 13 #include <linux/uaccess.h> 14 #include <asm/cpu_has_feature.h> 15 #include <asm/cputable.h> 16 #include <asm/disassemble.h> 17 18 extern char system_call_common[]; 19 20 #ifdef CONFIG_PPC64 21 /* Bits in SRR1 that are copied from MSR */ 22 #define MSR_MASK 0xffffffff87c0ffffUL 23 #else 24 #define MSR_MASK 0x87c0ffff 25 #endif 26 27 /* Bits in XER */ 28 #define XER_SO 0x80000000U 29 #define XER_OV 0x40000000U 30 #define XER_CA 0x20000000U 31 #define XER_OV32 0x00080000U 32 #define XER_CA32 0x00040000U 33 34 #ifdef CONFIG_PPC_FPU 35 /* 36 * Functions in ldstfp.S 37 */ 38 extern void get_fpr(int rn, double *p); 39 extern void put_fpr(int rn, const double *p); 40 extern void get_vr(int rn, __vector128 *p); 41 extern void put_vr(int rn, __vector128 *p); 42 extern void load_vsrn(int vsr, const void *p); 43 extern void store_vsrn(int vsr, void *p); 44 extern void conv_sp_to_dp(const float *sp, double *dp); 45 extern void conv_dp_to_sp(const double *dp, float *sp); 46 #endif 47 48 #ifdef __powerpc64__ 49 /* 50 * Functions in quad.S 51 */ 52 extern int do_lq(unsigned long ea, unsigned long *regs); 53 extern int do_stq(unsigned long ea, unsigned long val0, unsigned long val1); 54 extern int do_lqarx(unsigned long ea, unsigned long *regs); 55 extern int do_stqcx(unsigned long ea, unsigned long val0, unsigned long val1, 56 unsigned int *crp); 57 #endif 58 59 #ifdef __LITTLE_ENDIAN__ 60 #define IS_LE 1 61 #define IS_BE 0 62 #else 63 #define IS_LE 0 64 #define IS_BE 1 65 #endif 66 67 /* 68 * Emulate the truncation of 64 bit values in 32-bit mode. 69 */ 70 static nokprobe_inline unsigned long truncate_if_32bit(unsigned long msr, 71 unsigned long val) 72 { 73 #ifdef __powerpc64__ 74 if ((msr & MSR_64BIT) == 0) 75 val &= 0xffffffffUL; 76 #endif 77 return val; 78 } 79 80 /* 81 * Determine whether a conditional branch instruction would branch. 82 */ 83 static nokprobe_inline int branch_taken(unsigned int instr, 84 const struct pt_regs *regs, 85 struct instruction_op *op) 86 { 87 unsigned int bo = (instr >> 21) & 0x1f; 88 unsigned int bi; 89 90 if ((bo & 4) == 0) { 91 /* decrement counter */ 92 op->type |= DECCTR; 93 if (((bo >> 1) & 1) ^ (regs->ctr == 1)) 94 return 0; 95 } 96 if ((bo & 0x10) == 0) { 97 /* check bit from CR */ 98 bi = (instr >> 16) & 0x1f; 99 if (((regs->ccr >> (31 - bi)) & 1) != ((bo >> 3) & 1)) 100 return 0; 101 } 102 return 1; 103 } 104 105 static nokprobe_inline long address_ok(struct pt_regs *regs, 106 unsigned long ea, int nb) 107 { 108 if (!user_mode(regs)) 109 return 1; 110 if (__access_ok(ea, nb, USER_DS)) 111 return 1; 112 if (__access_ok(ea, 1, USER_DS)) 113 /* Access overlaps the end of the user region */ 114 regs->dar = USER_DS.seg; 115 else 116 regs->dar = ea; 117 return 0; 118 } 119 120 /* 121 * Calculate effective address for a D-form instruction 122 */ 123 static nokprobe_inline unsigned long dform_ea(unsigned int instr, 124 const struct pt_regs *regs) 125 { 126 int ra; 127 unsigned long ea; 128 129 ra = (instr >> 16) & 0x1f; 130 ea = (signed short) instr; /* sign-extend */ 131 if (ra) 132 ea += regs->gpr[ra]; 133 134 return ea; 135 } 136 137 #ifdef __powerpc64__ 138 /* 139 * Calculate effective address for a DS-form instruction 140 */ 141 static nokprobe_inline unsigned long dsform_ea(unsigned int instr, 142 const struct pt_regs *regs) 143 { 144 int ra; 145 unsigned long ea; 146 147 ra = (instr >> 16) & 0x1f; 148 ea = (signed short) (instr & ~3); /* sign-extend */ 149 if (ra) 150 ea += regs->gpr[ra]; 151 152 return ea; 153 } 154 155 /* 156 * Calculate effective address for a DQ-form instruction 157 */ 158 static nokprobe_inline unsigned long dqform_ea(unsigned int instr, 159 const struct pt_regs *regs) 160 { 161 int ra; 162 unsigned long ea; 163 164 ra = (instr >> 16) & 0x1f; 165 ea = (signed short) (instr & ~0xf); /* sign-extend */ 166 if (ra) 167 ea += regs->gpr[ra]; 168 169 return ea; 170 } 171 #endif /* __powerpc64 */ 172 173 /* 174 * Calculate effective address for an X-form instruction 175 */ 176 static nokprobe_inline unsigned long xform_ea(unsigned int instr, 177 const struct pt_regs *regs) 178 { 179 int ra, rb; 180 unsigned long ea; 181 182 ra = (instr >> 16) & 0x1f; 183 rb = (instr >> 11) & 0x1f; 184 ea = regs->gpr[rb]; 185 if (ra) 186 ea += regs->gpr[ra]; 187 188 return ea; 189 } 190 191 /* 192 * Calculate effective address for a MLS:D-form / 8LS:D-form 193 * prefixed instruction 194 */ 195 static nokprobe_inline unsigned long mlsd_8lsd_ea(unsigned int instr, 196 unsigned int suffix, 197 const struct pt_regs *regs) 198 { 199 int ra, prefix_r; 200 unsigned int dd; 201 unsigned long ea, d0, d1, d; 202 203 prefix_r = instr & (1ul << 20); 204 ra = (suffix >> 16) & 0x1f; 205 206 d0 = instr & 0x3ffff; 207 d1 = suffix & 0xffff; 208 d = (d0 << 16) | d1; 209 210 /* 211 * sign extend a 34 bit number 212 */ 213 dd = (unsigned int)(d >> 2); 214 ea = (signed int)dd; 215 ea = (ea << 2) | (d & 0x3); 216 217 if (!prefix_r && ra) 218 ea += regs->gpr[ra]; 219 else if (!prefix_r && !ra) 220 ; /* Leave ea as is */ 221 else if (prefix_r && !ra) 222 ea += regs->nip; 223 else if (prefix_r && ra) 224 ; /* Invalid form. Should already be checked for by caller! */ 225 226 return ea; 227 } 228 229 /* 230 * Return the largest power of 2, not greater than sizeof(unsigned long), 231 * such that x is a multiple of it. 232 */ 233 static nokprobe_inline unsigned long max_align(unsigned long x) 234 { 235 x |= sizeof(unsigned long); 236 return x & -x; /* isolates rightmost bit */ 237 } 238 239 static nokprobe_inline unsigned long byterev_2(unsigned long x) 240 { 241 return ((x >> 8) & 0xff) | ((x & 0xff) << 8); 242 } 243 244 static nokprobe_inline unsigned long byterev_4(unsigned long x) 245 { 246 return ((x >> 24) & 0xff) | ((x >> 8) & 0xff00) | 247 ((x & 0xff00) << 8) | ((x & 0xff) << 24); 248 } 249 250 #ifdef __powerpc64__ 251 static nokprobe_inline unsigned long byterev_8(unsigned long x) 252 { 253 return (byterev_4(x) << 32) | byterev_4(x >> 32); 254 } 255 #endif 256 257 static nokprobe_inline void do_byte_reverse(void *ptr, int nb) 258 { 259 switch (nb) { 260 case 2: 261 *(u16 *)ptr = byterev_2(*(u16 *)ptr); 262 break; 263 case 4: 264 *(u32 *)ptr = byterev_4(*(u32 *)ptr); 265 break; 266 #ifdef __powerpc64__ 267 case 8: 268 *(unsigned long *)ptr = byterev_8(*(unsigned long *)ptr); 269 break; 270 case 16: { 271 unsigned long *up = (unsigned long *)ptr; 272 unsigned long tmp; 273 tmp = byterev_8(up[0]); 274 up[0] = byterev_8(up[1]); 275 up[1] = tmp; 276 break; 277 } 278 #endif 279 default: 280 WARN_ON_ONCE(1); 281 } 282 } 283 284 static nokprobe_inline int read_mem_aligned(unsigned long *dest, 285 unsigned long ea, int nb, 286 struct pt_regs *regs) 287 { 288 int err = 0; 289 unsigned long x = 0; 290 291 switch (nb) { 292 case 1: 293 err = __get_user(x, (unsigned char __user *) ea); 294 break; 295 case 2: 296 err = __get_user(x, (unsigned short __user *) ea); 297 break; 298 case 4: 299 err = __get_user(x, (unsigned int __user *) ea); 300 break; 301 #ifdef __powerpc64__ 302 case 8: 303 err = __get_user(x, (unsigned long __user *) ea); 304 break; 305 #endif 306 } 307 if (!err) 308 *dest = x; 309 else 310 regs->dar = ea; 311 return err; 312 } 313 314 /* 315 * Copy from userspace to a buffer, using the largest possible 316 * aligned accesses, up to sizeof(long). 317 */ 318 static nokprobe_inline int copy_mem_in(u8 *dest, unsigned long ea, int nb, 319 struct pt_regs *regs) 320 { 321 int err = 0; 322 int c; 323 324 for (; nb > 0; nb -= c) { 325 c = max_align(ea); 326 if (c > nb) 327 c = max_align(nb); 328 switch (c) { 329 case 1: 330 err = __get_user(*dest, (unsigned char __user *) ea); 331 break; 332 case 2: 333 err = __get_user(*(u16 *)dest, 334 (unsigned short __user *) ea); 335 break; 336 case 4: 337 err = __get_user(*(u32 *)dest, 338 (unsigned int __user *) ea); 339 break; 340 #ifdef __powerpc64__ 341 case 8: 342 err = __get_user(*(unsigned long *)dest, 343 (unsigned long __user *) ea); 344 break; 345 #endif 346 } 347 if (err) { 348 regs->dar = ea; 349 return err; 350 } 351 dest += c; 352 ea += c; 353 } 354 return 0; 355 } 356 357 static nokprobe_inline int read_mem_unaligned(unsigned long *dest, 358 unsigned long ea, int nb, 359 struct pt_regs *regs) 360 { 361 union { 362 unsigned long ul; 363 u8 b[sizeof(unsigned long)]; 364 } u; 365 int i; 366 int err; 367 368 u.ul = 0; 369 i = IS_BE ? sizeof(unsigned long) - nb : 0; 370 err = copy_mem_in(&u.b[i], ea, nb, regs); 371 if (!err) 372 *dest = u.ul; 373 return err; 374 } 375 376 /* 377 * Read memory at address ea for nb bytes, return 0 for success 378 * or -EFAULT if an error occurred. N.B. nb must be 1, 2, 4 or 8. 379 * If nb < sizeof(long), the result is right-justified on BE systems. 380 */ 381 static int read_mem(unsigned long *dest, unsigned long ea, int nb, 382 struct pt_regs *regs) 383 { 384 if (!address_ok(regs, ea, nb)) 385 return -EFAULT; 386 if ((ea & (nb - 1)) == 0) 387 return read_mem_aligned(dest, ea, nb, regs); 388 return read_mem_unaligned(dest, ea, nb, regs); 389 } 390 NOKPROBE_SYMBOL(read_mem); 391 392 static nokprobe_inline int write_mem_aligned(unsigned long val, 393 unsigned long ea, int nb, 394 struct pt_regs *regs) 395 { 396 int err = 0; 397 398 switch (nb) { 399 case 1: 400 err = __put_user(val, (unsigned char __user *) ea); 401 break; 402 case 2: 403 err = __put_user(val, (unsigned short __user *) ea); 404 break; 405 case 4: 406 err = __put_user(val, (unsigned int __user *) ea); 407 break; 408 #ifdef __powerpc64__ 409 case 8: 410 err = __put_user(val, (unsigned long __user *) ea); 411 break; 412 #endif 413 } 414 if (err) 415 regs->dar = ea; 416 return err; 417 } 418 419 /* 420 * Copy from a buffer to userspace, using the largest possible 421 * aligned accesses, up to sizeof(long). 422 */ 423 static nokprobe_inline int copy_mem_out(u8 *dest, unsigned long ea, int nb, 424 struct pt_regs *regs) 425 { 426 int err = 0; 427 int c; 428 429 for (; nb > 0; nb -= c) { 430 c = max_align(ea); 431 if (c > nb) 432 c = max_align(nb); 433 switch (c) { 434 case 1: 435 err = __put_user(*dest, (unsigned char __user *) ea); 436 break; 437 case 2: 438 err = __put_user(*(u16 *)dest, 439 (unsigned short __user *) ea); 440 break; 441 case 4: 442 err = __put_user(*(u32 *)dest, 443 (unsigned int __user *) ea); 444 break; 445 #ifdef __powerpc64__ 446 case 8: 447 err = __put_user(*(unsigned long *)dest, 448 (unsigned long __user *) ea); 449 break; 450 #endif 451 } 452 if (err) { 453 regs->dar = ea; 454 return err; 455 } 456 dest += c; 457 ea += c; 458 } 459 return 0; 460 } 461 462 static nokprobe_inline int write_mem_unaligned(unsigned long val, 463 unsigned long ea, int nb, 464 struct pt_regs *regs) 465 { 466 union { 467 unsigned long ul; 468 u8 b[sizeof(unsigned long)]; 469 } u; 470 int i; 471 472 u.ul = val; 473 i = IS_BE ? sizeof(unsigned long) - nb : 0; 474 return copy_mem_out(&u.b[i], ea, nb, regs); 475 } 476 477 /* 478 * Write memory at address ea for nb bytes, return 0 for success 479 * or -EFAULT if an error occurred. N.B. nb must be 1, 2, 4 or 8. 480 */ 481 static int write_mem(unsigned long val, unsigned long ea, int nb, 482 struct pt_regs *regs) 483 { 484 if (!address_ok(regs, ea, nb)) 485 return -EFAULT; 486 if ((ea & (nb - 1)) == 0) 487 return write_mem_aligned(val, ea, nb, regs); 488 return write_mem_unaligned(val, ea, nb, regs); 489 } 490 NOKPROBE_SYMBOL(write_mem); 491 492 #ifdef CONFIG_PPC_FPU 493 /* 494 * These access either the real FP register or the image in the 495 * thread_struct, depending on regs->msr & MSR_FP. 496 */ 497 static int do_fp_load(struct instruction_op *op, unsigned long ea, 498 struct pt_regs *regs, bool cross_endian) 499 { 500 int err, rn, nb; 501 union { 502 int i; 503 unsigned int u; 504 float f; 505 double d[2]; 506 unsigned long l[2]; 507 u8 b[2 * sizeof(double)]; 508 } u; 509 510 nb = GETSIZE(op->type); 511 if (!address_ok(regs, ea, nb)) 512 return -EFAULT; 513 rn = op->reg; 514 err = copy_mem_in(u.b, ea, nb, regs); 515 if (err) 516 return err; 517 if (unlikely(cross_endian)) { 518 do_byte_reverse(u.b, min(nb, 8)); 519 if (nb == 16) 520 do_byte_reverse(&u.b[8], 8); 521 } 522 preempt_disable(); 523 if (nb == 4) { 524 if (op->type & FPCONV) 525 conv_sp_to_dp(&u.f, &u.d[0]); 526 else if (op->type & SIGNEXT) 527 u.l[0] = u.i; 528 else 529 u.l[0] = u.u; 530 } 531 if (regs->msr & MSR_FP) 532 put_fpr(rn, &u.d[0]); 533 else 534 current->thread.TS_FPR(rn) = u.l[0]; 535 if (nb == 16) { 536 /* lfdp */ 537 rn |= 1; 538 if (regs->msr & MSR_FP) 539 put_fpr(rn, &u.d[1]); 540 else 541 current->thread.TS_FPR(rn) = u.l[1]; 542 } 543 preempt_enable(); 544 return 0; 545 } 546 NOKPROBE_SYMBOL(do_fp_load); 547 548 static int do_fp_store(struct instruction_op *op, unsigned long ea, 549 struct pt_regs *regs, bool cross_endian) 550 { 551 int rn, nb; 552 union { 553 unsigned int u; 554 float f; 555 double d[2]; 556 unsigned long l[2]; 557 u8 b[2 * sizeof(double)]; 558 } u; 559 560 nb = GETSIZE(op->type); 561 if (!address_ok(regs, ea, nb)) 562 return -EFAULT; 563 rn = op->reg; 564 preempt_disable(); 565 if (regs->msr & MSR_FP) 566 get_fpr(rn, &u.d[0]); 567 else 568 u.l[0] = current->thread.TS_FPR(rn); 569 if (nb == 4) { 570 if (op->type & FPCONV) 571 conv_dp_to_sp(&u.d[0], &u.f); 572 else 573 u.u = u.l[0]; 574 } 575 if (nb == 16) { 576 rn |= 1; 577 if (regs->msr & MSR_FP) 578 get_fpr(rn, &u.d[1]); 579 else 580 u.l[1] = current->thread.TS_FPR(rn); 581 } 582 preempt_enable(); 583 if (unlikely(cross_endian)) { 584 do_byte_reverse(u.b, min(nb, 8)); 585 if (nb == 16) 586 do_byte_reverse(&u.b[8], 8); 587 } 588 return copy_mem_out(u.b, ea, nb, regs); 589 } 590 NOKPROBE_SYMBOL(do_fp_store); 591 #endif 592 593 #ifdef CONFIG_ALTIVEC 594 /* For Altivec/VMX, no need to worry about alignment */ 595 static nokprobe_inline int do_vec_load(int rn, unsigned long ea, 596 int size, struct pt_regs *regs, 597 bool cross_endian) 598 { 599 int err; 600 union { 601 __vector128 v; 602 u8 b[sizeof(__vector128)]; 603 } u = {}; 604 605 if (!address_ok(regs, ea & ~0xfUL, 16)) 606 return -EFAULT; 607 /* align to multiple of size */ 608 ea &= ~(size - 1); 609 err = copy_mem_in(&u.b[ea & 0xf], ea, size, regs); 610 if (err) 611 return err; 612 if (unlikely(cross_endian)) 613 do_byte_reverse(&u.b[ea & 0xf], size); 614 preempt_disable(); 615 if (regs->msr & MSR_VEC) 616 put_vr(rn, &u.v); 617 else 618 current->thread.vr_state.vr[rn] = u.v; 619 preempt_enable(); 620 return 0; 621 } 622 623 static nokprobe_inline int do_vec_store(int rn, unsigned long ea, 624 int size, struct pt_regs *regs, 625 bool cross_endian) 626 { 627 union { 628 __vector128 v; 629 u8 b[sizeof(__vector128)]; 630 } u; 631 632 if (!address_ok(regs, ea & ~0xfUL, 16)) 633 return -EFAULT; 634 /* align to multiple of size */ 635 ea &= ~(size - 1); 636 637 preempt_disable(); 638 if (regs->msr & MSR_VEC) 639 get_vr(rn, &u.v); 640 else 641 u.v = current->thread.vr_state.vr[rn]; 642 preempt_enable(); 643 if (unlikely(cross_endian)) 644 do_byte_reverse(&u.b[ea & 0xf], size); 645 return copy_mem_out(&u.b[ea & 0xf], ea, size, regs); 646 } 647 #endif /* CONFIG_ALTIVEC */ 648 649 #ifdef __powerpc64__ 650 static nokprobe_inline int emulate_lq(struct pt_regs *regs, unsigned long ea, 651 int reg, bool cross_endian) 652 { 653 int err; 654 655 if (!address_ok(regs, ea, 16)) 656 return -EFAULT; 657 /* if aligned, should be atomic */ 658 if ((ea & 0xf) == 0) { 659 err = do_lq(ea, ®s->gpr[reg]); 660 } else { 661 err = read_mem(®s->gpr[reg + IS_LE], ea, 8, regs); 662 if (!err) 663 err = read_mem(®s->gpr[reg + IS_BE], ea + 8, 8, regs); 664 } 665 if (!err && unlikely(cross_endian)) 666 do_byte_reverse(®s->gpr[reg], 16); 667 return err; 668 } 669 670 static nokprobe_inline int emulate_stq(struct pt_regs *regs, unsigned long ea, 671 int reg, bool cross_endian) 672 { 673 int err; 674 unsigned long vals[2]; 675 676 if (!address_ok(regs, ea, 16)) 677 return -EFAULT; 678 vals[0] = regs->gpr[reg]; 679 vals[1] = regs->gpr[reg + 1]; 680 if (unlikely(cross_endian)) 681 do_byte_reverse(vals, 16); 682 683 /* if aligned, should be atomic */ 684 if ((ea & 0xf) == 0) 685 return do_stq(ea, vals[0], vals[1]); 686 687 err = write_mem(vals[IS_LE], ea, 8, regs); 688 if (!err) 689 err = write_mem(vals[IS_BE], ea + 8, 8, regs); 690 return err; 691 } 692 #endif /* __powerpc64 */ 693 694 #ifdef CONFIG_VSX 695 void emulate_vsx_load(struct instruction_op *op, union vsx_reg *reg, 696 const void *mem, bool rev) 697 { 698 int size, read_size; 699 int i, j; 700 const unsigned int *wp; 701 const unsigned short *hp; 702 const unsigned char *bp; 703 704 size = GETSIZE(op->type); 705 reg->d[0] = reg->d[1] = 0; 706 707 switch (op->element_size) { 708 case 16: 709 /* whole vector; lxv[x] or lxvl[l] */ 710 if (size == 0) 711 break; 712 memcpy(reg, mem, size); 713 if (IS_LE && (op->vsx_flags & VSX_LDLEFT)) 714 rev = !rev; 715 if (rev) 716 do_byte_reverse(reg, 16); 717 break; 718 case 8: 719 /* scalar loads, lxvd2x, lxvdsx */ 720 read_size = (size >= 8) ? 8 : size; 721 i = IS_LE ? 8 : 8 - read_size; 722 memcpy(®->b[i], mem, read_size); 723 if (rev) 724 do_byte_reverse(®->b[i], 8); 725 if (size < 8) { 726 if (op->type & SIGNEXT) { 727 /* size == 4 is the only case here */ 728 reg->d[IS_LE] = (signed int) reg->d[IS_LE]; 729 } else if (op->vsx_flags & VSX_FPCONV) { 730 preempt_disable(); 731 conv_sp_to_dp(®->fp[1 + IS_LE], 732 ®->dp[IS_LE]); 733 preempt_enable(); 734 } 735 } else { 736 if (size == 16) { 737 unsigned long v = *(unsigned long *)(mem + 8); 738 reg->d[IS_BE] = !rev ? v : byterev_8(v); 739 } else if (op->vsx_flags & VSX_SPLAT) 740 reg->d[IS_BE] = reg->d[IS_LE]; 741 } 742 break; 743 case 4: 744 /* lxvw4x, lxvwsx */ 745 wp = mem; 746 for (j = 0; j < size / 4; ++j) { 747 i = IS_LE ? 3 - j : j; 748 reg->w[i] = !rev ? *wp++ : byterev_4(*wp++); 749 } 750 if (op->vsx_flags & VSX_SPLAT) { 751 u32 val = reg->w[IS_LE ? 3 : 0]; 752 for (; j < 4; ++j) { 753 i = IS_LE ? 3 - j : j; 754 reg->w[i] = val; 755 } 756 } 757 break; 758 case 2: 759 /* lxvh8x */ 760 hp = mem; 761 for (j = 0; j < size / 2; ++j) { 762 i = IS_LE ? 7 - j : j; 763 reg->h[i] = !rev ? *hp++ : byterev_2(*hp++); 764 } 765 break; 766 case 1: 767 /* lxvb16x */ 768 bp = mem; 769 for (j = 0; j < size; ++j) { 770 i = IS_LE ? 15 - j : j; 771 reg->b[i] = *bp++; 772 } 773 break; 774 } 775 } 776 EXPORT_SYMBOL_GPL(emulate_vsx_load); 777 NOKPROBE_SYMBOL(emulate_vsx_load); 778 779 void emulate_vsx_store(struct instruction_op *op, const union vsx_reg *reg, 780 void *mem, bool rev) 781 { 782 int size, write_size; 783 int i, j; 784 union vsx_reg buf; 785 unsigned int *wp; 786 unsigned short *hp; 787 unsigned char *bp; 788 789 size = GETSIZE(op->type); 790 791 switch (op->element_size) { 792 case 16: 793 /* stxv, stxvx, stxvl, stxvll */ 794 if (size == 0) 795 break; 796 if (IS_LE && (op->vsx_flags & VSX_LDLEFT)) 797 rev = !rev; 798 if (rev) { 799 /* reverse 16 bytes */ 800 buf.d[0] = byterev_8(reg->d[1]); 801 buf.d[1] = byterev_8(reg->d[0]); 802 reg = &buf; 803 } 804 memcpy(mem, reg, size); 805 break; 806 case 8: 807 /* scalar stores, stxvd2x */ 808 write_size = (size >= 8) ? 8 : size; 809 i = IS_LE ? 8 : 8 - write_size; 810 if (size < 8 && op->vsx_flags & VSX_FPCONV) { 811 buf.d[0] = buf.d[1] = 0; 812 preempt_disable(); 813 conv_dp_to_sp(®->dp[IS_LE], &buf.fp[1 + IS_LE]); 814 preempt_enable(); 815 reg = &buf; 816 } 817 memcpy(mem, ®->b[i], write_size); 818 if (size == 16) 819 memcpy(mem + 8, ®->d[IS_BE], 8); 820 if (unlikely(rev)) { 821 do_byte_reverse(mem, write_size); 822 if (size == 16) 823 do_byte_reverse(mem + 8, 8); 824 } 825 break; 826 case 4: 827 /* stxvw4x */ 828 wp = mem; 829 for (j = 0; j < size / 4; ++j) { 830 i = IS_LE ? 3 - j : j; 831 *wp++ = !rev ? reg->w[i] : byterev_4(reg->w[i]); 832 } 833 break; 834 case 2: 835 /* stxvh8x */ 836 hp = mem; 837 for (j = 0; j < size / 2; ++j) { 838 i = IS_LE ? 7 - j : j; 839 *hp++ = !rev ? reg->h[i] : byterev_2(reg->h[i]); 840 } 841 break; 842 case 1: 843 /* stvxb16x */ 844 bp = mem; 845 for (j = 0; j < size; ++j) { 846 i = IS_LE ? 15 - j : j; 847 *bp++ = reg->b[i]; 848 } 849 break; 850 } 851 } 852 EXPORT_SYMBOL_GPL(emulate_vsx_store); 853 NOKPROBE_SYMBOL(emulate_vsx_store); 854 855 static nokprobe_inline int do_vsx_load(struct instruction_op *op, 856 unsigned long ea, struct pt_regs *regs, 857 bool cross_endian) 858 { 859 int reg = op->reg; 860 u8 mem[16]; 861 union vsx_reg buf; 862 int size = GETSIZE(op->type); 863 864 if (!address_ok(regs, ea, size) || copy_mem_in(mem, ea, size, regs)) 865 return -EFAULT; 866 867 emulate_vsx_load(op, &buf, mem, cross_endian); 868 preempt_disable(); 869 if (reg < 32) { 870 /* FP regs + extensions */ 871 if (regs->msr & MSR_FP) { 872 load_vsrn(reg, &buf); 873 } else { 874 current->thread.fp_state.fpr[reg][0] = buf.d[0]; 875 current->thread.fp_state.fpr[reg][1] = buf.d[1]; 876 } 877 } else { 878 if (regs->msr & MSR_VEC) 879 load_vsrn(reg, &buf); 880 else 881 current->thread.vr_state.vr[reg - 32] = buf.v; 882 } 883 preempt_enable(); 884 return 0; 885 } 886 887 static nokprobe_inline int do_vsx_store(struct instruction_op *op, 888 unsigned long ea, struct pt_regs *regs, 889 bool cross_endian) 890 { 891 int reg = op->reg; 892 u8 mem[16]; 893 union vsx_reg buf; 894 int size = GETSIZE(op->type); 895 896 if (!address_ok(regs, ea, size)) 897 return -EFAULT; 898 899 preempt_disable(); 900 if (reg < 32) { 901 /* FP regs + extensions */ 902 if (regs->msr & MSR_FP) { 903 store_vsrn(reg, &buf); 904 } else { 905 buf.d[0] = current->thread.fp_state.fpr[reg][0]; 906 buf.d[1] = current->thread.fp_state.fpr[reg][1]; 907 } 908 } else { 909 if (regs->msr & MSR_VEC) 910 store_vsrn(reg, &buf); 911 else 912 buf.v = current->thread.vr_state.vr[reg - 32]; 913 } 914 preempt_enable(); 915 emulate_vsx_store(op, &buf, mem, cross_endian); 916 return copy_mem_out(mem, ea, size, regs); 917 } 918 #endif /* CONFIG_VSX */ 919 920 int emulate_dcbz(unsigned long ea, struct pt_regs *regs) 921 { 922 int err; 923 unsigned long i, size; 924 925 #ifdef __powerpc64__ 926 size = ppc64_caches.l1d.block_size; 927 if (!(regs->msr & MSR_64BIT)) 928 ea &= 0xffffffffUL; 929 #else 930 size = L1_CACHE_BYTES; 931 #endif 932 ea &= ~(size - 1); 933 if (!address_ok(regs, ea, size)) 934 return -EFAULT; 935 for (i = 0; i < size; i += sizeof(long)) { 936 err = __put_user(0, (unsigned long __user *) (ea + i)); 937 if (err) { 938 regs->dar = ea; 939 return err; 940 } 941 } 942 return 0; 943 } 944 NOKPROBE_SYMBOL(emulate_dcbz); 945 946 #define __put_user_asmx(x, addr, err, op, cr) \ 947 __asm__ __volatile__( \ 948 "1: " op " %2,0,%3\n" \ 949 " mfcr %1\n" \ 950 "2:\n" \ 951 ".section .fixup,\"ax\"\n" \ 952 "3: li %0,%4\n" \ 953 " b 2b\n" \ 954 ".previous\n" \ 955 EX_TABLE(1b, 3b) \ 956 : "=r" (err), "=r" (cr) \ 957 : "r" (x), "r" (addr), "i" (-EFAULT), "0" (err)) 958 959 #define __get_user_asmx(x, addr, err, op) \ 960 __asm__ __volatile__( \ 961 "1: "op" %1,0,%2\n" \ 962 "2:\n" \ 963 ".section .fixup,\"ax\"\n" \ 964 "3: li %0,%3\n" \ 965 " b 2b\n" \ 966 ".previous\n" \ 967 EX_TABLE(1b, 3b) \ 968 : "=r" (err), "=r" (x) \ 969 : "r" (addr), "i" (-EFAULT), "0" (err)) 970 971 #define __cacheop_user_asmx(addr, err, op) \ 972 __asm__ __volatile__( \ 973 "1: "op" 0,%1\n" \ 974 "2:\n" \ 975 ".section .fixup,\"ax\"\n" \ 976 "3: li %0,%3\n" \ 977 " b 2b\n" \ 978 ".previous\n" \ 979 EX_TABLE(1b, 3b) \ 980 : "=r" (err) \ 981 : "r" (addr), "i" (-EFAULT), "0" (err)) 982 983 static nokprobe_inline void set_cr0(const struct pt_regs *regs, 984 struct instruction_op *op) 985 { 986 long val = op->val; 987 988 op->type |= SETCC; 989 op->ccval = (regs->ccr & 0x0fffffff) | ((regs->xer >> 3) & 0x10000000); 990 #ifdef __powerpc64__ 991 if (!(regs->msr & MSR_64BIT)) 992 val = (int) val; 993 #endif 994 if (val < 0) 995 op->ccval |= 0x80000000; 996 else if (val > 0) 997 op->ccval |= 0x40000000; 998 else 999 op->ccval |= 0x20000000; 1000 } 1001 1002 static nokprobe_inline void set_ca32(struct instruction_op *op, bool val) 1003 { 1004 if (cpu_has_feature(CPU_FTR_ARCH_300)) { 1005 if (val) 1006 op->xerval |= XER_CA32; 1007 else 1008 op->xerval &= ~XER_CA32; 1009 } 1010 } 1011 1012 static nokprobe_inline void add_with_carry(const struct pt_regs *regs, 1013 struct instruction_op *op, int rd, 1014 unsigned long val1, unsigned long val2, 1015 unsigned long carry_in) 1016 { 1017 unsigned long val = val1 + val2; 1018 1019 if (carry_in) 1020 ++val; 1021 op->type = COMPUTE + SETREG + SETXER; 1022 op->reg = rd; 1023 op->val = val; 1024 #ifdef __powerpc64__ 1025 if (!(regs->msr & MSR_64BIT)) { 1026 val = (unsigned int) val; 1027 val1 = (unsigned int) val1; 1028 } 1029 #endif 1030 op->xerval = regs->xer; 1031 if (val < val1 || (carry_in && val == val1)) 1032 op->xerval |= XER_CA; 1033 else 1034 op->xerval &= ~XER_CA; 1035 1036 set_ca32(op, (unsigned int)val < (unsigned int)val1 || 1037 (carry_in && (unsigned int)val == (unsigned int)val1)); 1038 } 1039 1040 static nokprobe_inline void do_cmp_signed(const struct pt_regs *regs, 1041 struct instruction_op *op, 1042 long v1, long v2, int crfld) 1043 { 1044 unsigned int crval, shift; 1045 1046 op->type = COMPUTE + SETCC; 1047 crval = (regs->xer >> 31) & 1; /* get SO bit */ 1048 if (v1 < v2) 1049 crval |= 8; 1050 else if (v1 > v2) 1051 crval |= 4; 1052 else 1053 crval |= 2; 1054 shift = (7 - crfld) * 4; 1055 op->ccval = (regs->ccr & ~(0xf << shift)) | (crval << shift); 1056 } 1057 1058 static nokprobe_inline void do_cmp_unsigned(const struct pt_regs *regs, 1059 struct instruction_op *op, 1060 unsigned long v1, 1061 unsigned long v2, int crfld) 1062 { 1063 unsigned int crval, shift; 1064 1065 op->type = COMPUTE + SETCC; 1066 crval = (regs->xer >> 31) & 1; /* get SO bit */ 1067 if (v1 < v2) 1068 crval |= 8; 1069 else if (v1 > v2) 1070 crval |= 4; 1071 else 1072 crval |= 2; 1073 shift = (7 - crfld) * 4; 1074 op->ccval = (regs->ccr & ~(0xf << shift)) | (crval << shift); 1075 } 1076 1077 static nokprobe_inline void do_cmpb(const struct pt_regs *regs, 1078 struct instruction_op *op, 1079 unsigned long v1, unsigned long v2) 1080 { 1081 unsigned long long out_val, mask; 1082 int i; 1083 1084 out_val = 0; 1085 for (i = 0; i < 8; i++) { 1086 mask = 0xffUL << (i * 8); 1087 if ((v1 & mask) == (v2 & mask)) 1088 out_val |= mask; 1089 } 1090 op->val = out_val; 1091 } 1092 1093 /* 1094 * The size parameter is used to adjust the equivalent popcnt instruction. 1095 * popcntb = 8, popcntw = 32, popcntd = 64 1096 */ 1097 static nokprobe_inline void do_popcnt(const struct pt_regs *regs, 1098 struct instruction_op *op, 1099 unsigned long v1, int size) 1100 { 1101 unsigned long long out = v1; 1102 1103 out -= (out >> 1) & 0x5555555555555555ULL; 1104 out = (0x3333333333333333ULL & out) + 1105 (0x3333333333333333ULL & (out >> 2)); 1106 out = (out + (out >> 4)) & 0x0f0f0f0f0f0f0f0fULL; 1107 1108 if (size == 8) { /* popcntb */ 1109 op->val = out; 1110 return; 1111 } 1112 out += out >> 8; 1113 out += out >> 16; 1114 if (size == 32) { /* popcntw */ 1115 op->val = out & 0x0000003f0000003fULL; 1116 return; 1117 } 1118 1119 out = (out + (out >> 32)) & 0x7f; 1120 op->val = out; /* popcntd */ 1121 } 1122 1123 #ifdef CONFIG_PPC64 1124 static nokprobe_inline void do_bpermd(const struct pt_regs *regs, 1125 struct instruction_op *op, 1126 unsigned long v1, unsigned long v2) 1127 { 1128 unsigned char perm, idx; 1129 unsigned int i; 1130 1131 perm = 0; 1132 for (i = 0; i < 8; i++) { 1133 idx = (v1 >> (i * 8)) & 0xff; 1134 if (idx < 64) 1135 if (v2 & PPC_BIT(idx)) 1136 perm |= 1 << i; 1137 } 1138 op->val = perm; 1139 } 1140 #endif /* CONFIG_PPC64 */ 1141 /* 1142 * The size parameter adjusts the equivalent prty instruction. 1143 * prtyw = 32, prtyd = 64 1144 */ 1145 static nokprobe_inline void do_prty(const struct pt_regs *regs, 1146 struct instruction_op *op, 1147 unsigned long v, int size) 1148 { 1149 unsigned long long res = v ^ (v >> 8); 1150 1151 res ^= res >> 16; 1152 if (size == 32) { /* prtyw */ 1153 op->val = res & 0x0000000100000001ULL; 1154 return; 1155 } 1156 1157 res ^= res >> 32; 1158 op->val = res & 1; /*prtyd */ 1159 } 1160 1161 static nokprobe_inline int trap_compare(long v1, long v2) 1162 { 1163 int ret = 0; 1164 1165 if (v1 < v2) 1166 ret |= 0x10; 1167 else if (v1 > v2) 1168 ret |= 0x08; 1169 else 1170 ret |= 0x04; 1171 if ((unsigned long)v1 < (unsigned long)v2) 1172 ret |= 0x02; 1173 else if ((unsigned long)v1 > (unsigned long)v2) 1174 ret |= 0x01; 1175 return ret; 1176 } 1177 1178 /* 1179 * Elements of 32-bit rotate and mask instructions. 1180 */ 1181 #define MASK32(mb, me) ((0xffffffffUL >> (mb)) + \ 1182 ((signed long)-0x80000000L >> (me)) + ((me) >= (mb))) 1183 #ifdef __powerpc64__ 1184 #define MASK64_L(mb) (~0UL >> (mb)) 1185 #define MASK64_R(me) ((signed long)-0x8000000000000000L >> (me)) 1186 #define MASK64(mb, me) (MASK64_L(mb) + MASK64_R(me) + ((me) >= (mb))) 1187 #define DATA32(x) (((x) & 0xffffffffUL) | (((x) & 0xffffffffUL) << 32)) 1188 #else 1189 #define DATA32(x) (x) 1190 #endif 1191 #define ROTATE(x, n) ((n) ? (((x) << (n)) | ((x) >> (8 * sizeof(long) - (n)))) : (x)) 1192 1193 /* 1194 * Decode an instruction, and return information about it in *op 1195 * without changing *regs. 1196 * Integer arithmetic and logical instructions, branches, and barrier 1197 * instructions can be emulated just using the information in *op. 1198 * 1199 * Return value is 1 if the instruction can be emulated just by 1200 * updating *regs with the information in *op, -1 if we need the 1201 * GPRs but *regs doesn't contain the full register set, or 0 1202 * otherwise. 1203 */ 1204 int analyse_instr(struct instruction_op *op, const struct pt_regs *regs, 1205 struct ppc_inst instr) 1206 { 1207 #ifdef CONFIG_PPC64 1208 unsigned int suffixopcode, prefixtype, prefix_r; 1209 #endif 1210 unsigned int opcode, ra, rb, rc, rd, spr, u; 1211 unsigned long int imm; 1212 unsigned long int val, val2; 1213 unsigned int mb, me, sh; 1214 unsigned int word, suffix; 1215 long ival; 1216 1217 word = ppc_inst_val(instr); 1218 suffix = ppc_inst_suffix(instr); 1219 1220 op->type = COMPUTE; 1221 1222 opcode = ppc_inst_primary_opcode(instr); 1223 switch (opcode) { 1224 case 16: /* bc */ 1225 op->type = BRANCH; 1226 imm = (signed short)(word & 0xfffc); 1227 if ((word & 2) == 0) 1228 imm += regs->nip; 1229 op->val = truncate_if_32bit(regs->msr, imm); 1230 if (word & 1) 1231 op->type |= SETLK; 1232 if (branch_taken(word, regs, op)) 1233 op->type |= BRTAKEN; 1234 return 1; 1235 #ifdef CONFIG_PPC64 1236 case 17: /* sc */ 1237 if ((word & 0xfe2) == 2) 1238 op->type = SYSCALL; 1239 else 1240 op->type = UNKNOWN; 1241 return 0; 1242 #endif 1243 case 18: /* b */ 1244 op->type = BRANCH | BRTAKEN; 1245 imm = word & 0x03fffffc; 1246 if (imm & 0x02000000) 1247 imm -= 0x04000000; 1248 if ((word & 2) == 0) 1249 imm += regs->nip; 1250 op->val = truncate_if_32bit(regs->msr, imm); 1251 if (word & 1) 1252 op->type |= SETLK; 1253 return 1; 1254 case 19: 1255 switch ((word >> 1) & 0x3ff) { 1256 case 0: /* mcrf */ 1257 op->type = COMPUTE + SETCC; 1258 rd = 7 - ((word >> 23) & 0x7); 1259 ra = 7 - ((word >> 18) & 0x7); 1260 rd *= 4; 1261 ra *= 4; 1262 val = (regs->ccr >> ra) & 0xf; 1263 op->ccval = (regs->ccr & ~(0xfUL << rd)) | (val << rd); 1264 return 1; 1265 1266 case 16: /* bclr */ 1267 case 528: /* bcctr */ 1268 op->type = BRANCH; 1269 imm = (word & 0x400)? regs->ctr: regs->link; 1270 op->val = truncate_if_32bit(regs->msr, imm); 1271 if (word & 1) 1272 op->type |= SETLK; 1273 if (branch_taken(word, regs, op)) 1274 op->type |= BRTAKEN; 1275 return 1; 1276 1277 case 18: /* rfid, scary */ 1278 if (regs->msr & MSR_PR) 1279 goto priv; 1280 op->type = RFI; 1281 return 0; 1282 1283 case 150: /* isync */ 1284 op->type = BARRIER | BARRIER_ISYNC; 1285 return 1; 1286 1287 case 33: /* crnor */ 1288 case 129: /* crandc */ 1289 case 193: /* crxor */ 1290 case 225: /* crnand */ 1291 case 257: /* crand */ 1292 case 289: /* creqv */ 1293 case 417: /* crorc */ 1294 case 449: /* cror */ 1295 op->type = COMPUTE + SETCC; 1296 ra = (word >> 16) & 0x1f; 1297 rb = (word >> 11) & 0x1f; 1298 rd = (word >> 21) & 0x1f; 1299 ra = (regs->ccr >> (31 - ra)) & 1; 1300 rb = (regs->ccr >> (31 - rb)) & 1; 1301 val = (word >> (6 + ra * 2 + rb)) & 1; 1302 op->ccval = (regs->ccr & ~(1UL << (31 - rd))) | 1303 (val << (31 - rd)); 1304 return 1; 1305 } 1306 break; 1307 case 31: 1308 switch ((word >> 1) & 0x3ff) { 1309 case 598: /* sync */ 1310 op->type = BARRIER + BARRIER_SYNC; 1311 #ifdef __powerpc64__ 1312 switch ((word >> 21) & 3) { 1313 case 1: /* lwsync */ 1314 op->type = BARRIER + BARRIER_LWSYNC; 1315 break; 1316 case 2: /* ptesync */ 1317 op->type = BARRIER + BARRIER_PTESYNC; 1318 break; 1319 } 1320 #endif 1321 return 1; 1322 1323 case 854: /* eieio */ 1324 op->type = BARRIER + BARRIER_EIEIO; 1325 return 1; 1326 } 1327 break; 1328 } 1329 1330 /* Following cases refer to regs->gpr[], so we need all regs */ 1331 if (!FULL_REGS(regs)) 1332 return -1; 1333 1334 rd = (word >> 21) & 0x1f; 1335 ra = (word >> 16) & 0x1f; 1336 rb = (word >> 11) & 0x1f; 1337 rc = (word >> 6) & 0x1f; 1338 1339 switch (opcode) { 1340 #ifdef __powerpc64__ 1341 case 1: 1342 prefix_r = word & (1ul << 20); 1343 ra = (suffix >> 16) & 0x1f; 1344 rd = (suffix >> 21) & 0x1f; 1345 op->reg = rd; 1346 op->val = regs->gpr[rd]; 1347 suffixopcode = get_op(suffix); 1348 prefixtype = (word >> 24) & 0x3; 1349 switch (prefixtype) { 1350 case 2: 1351 if (prefix_r && ra) 1352 return 0; 1353 switch (suffixopcode) { 1354 case 14: /* paddi */ 1355 op->type = COMPUTE | PREFIXED; 1356 op->val = mlsd_8lsd_ea(word, suffix, regs); 1357 goto compute_done; 1358 } 1359 } 1360 break; 1361 case 2: /* tdi */ 1362 if (rd & trap_compare(regs->gpr[ra], (short) word)) 1363 goto trap; 1364 return 1; 1365 #endif 1366 case 3: /* twi */ 1367 if (rd & trap_compare((int)regs->gpr[ra], (short) word)) 1368 goto trap; 1369 return 1; 1370 1371 #ifdef __powerpc64__ 1372 case 4: 1373 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 1374 return -1; 1375 1376 switch (word & 0x3f) { 1377 case 48: /* maddhd */ 1378 asm volatile(PPC_MADDHD(%0, %1, %2, %3) : 1379 "=r" (op->val) : "r" (regs->gpr[ra]), 1380 "r" (regs->gpr[rb]), "r" (regs->gpr[rc])); 1381 goto compute_done; 1382 1383 case 49: /* maddhdu */ 1384 asm volatile(PPC_MADDHDU(%0, %1, %2, %3) : 1385 "=r" (op->val) : "r" (regs->gpr[ra]), 1386 "r" (regs->gpr[rb]), "r" (regs->gpr[rc])); 1387 goto compute_done; 1388 1389 case 51: /* maddld */ 1390 asm volatile(PPC_MADDLD(%0, %1, %2, %3) : 1391 "=r" (op->val) : "r" (regs->gpr[ra]), 1392 "r" (regs->gpr[rb]), "r" (regs->gpr[rc])); 1393 goto compute_done; 1394 } 1395 1396 /* 1397 * There are other instructions from ISA 3.0 with the same 1398 * primary opcode which do not have emulation support yet. 1399 */ 1400 return -1; 1401 #endif 1402 1403 case 7: /* mulli */ 1404 op->val = regs->gpr[ra] * (short) word; 1405 goto compute_done; 1406 1407 case 8: /* subfic */ 1408 imm = (short) word; 1409 add_with_carry(regs, op, rd, ~regs->gpr[ra], imm, 1); 1410 return 1; 1411 1412 case 10: /* cmpli */ 1413 imm = (unsigned short) word; 1414 val = regs->gpr[ra]; 1415 #ifdef __powerpc64__ 1416 if ((rd & 1) == 0) 1417 val = (unsigned int) val; 1418 #endif 1419 do_cmp_unsigned(regs, op, val, imm, rd >> 2); 1420 return 1; 1421 1422 case 11: /* cmpi */ 1423 imm = (short) word; 1424 val = regs->gpr[ra]; 1425 #ifdef __powerpc64__ 1426 if ((rd & 1) == 0) 1427 val = (int) val; 1428 #endif 1429 do_cmp_signed(regs, op, val, imm, rd >> 2); 1430 return 1; 1431 1432 case 12: /* addic */ 1433 imm = (short) word; 1434 add_with_carry(regs, op, rd, regs->gpr[ra], imm, 0); 1435 return 1; 1436 1437 case 13: /* addic. */ 1438 imm = (short) word; 1439 add_with_carry(regs, op, rd, regs->gpr[ra], imm, 0); 1440 set_cr0(regs, op); 1441 return 1; 1442 1443 case 14: /* addi */ 1444 imm = (short) word; 1445 if (ra) 1446 imm += regs->gpr[ra]; 1447 op->val = imm; 1448 goto compute_done; 1449 1450 case 15: /* addis */ 1451 imm = ((short) word) << 16; 1452 if (ra) 1453 imm += regs->gpr[ra]; 1454 op->val = imm; 1455 goto compute_done; 1456 1457 case 19: 1458 if (((word >> 1) & 0x1f) == 2) { 1459 /* addpcis */ 1460 imm = (short) (word & 0xffc1); /* d0 + d2 fields */ 1461 imm |= (word >> 15) & 0x3e; /* d1 field */ 1462 op->val = regs->nip + (imm << 16) + 4; 1463 goto compute_done; 1464 } 1465 op->type = UNKNOWN; 1466 return 0; 1467 1468 case 20: /* rlwimi */ 1469 mb = (word >> 6) & 0x1f; 1470 me = (word >> 1) & 0x1f; 1471 val = DATA32(regs->gpr[rd]); 1472 imm = MASK32(mb, me); 1473 op->val = (regs->gpr[ra] & ~imm) | (ROTATE(val, rb) & imm); 1474 goto logical_done; 1475 1476 case 21: /* rlwinm */ 1477 mb = (word >> 6) & 0x1f; 1478 me = (word >> 1) & 0x1f; 1479 val = DATA32(regs->gpr[rd]); 1480 op->val = ROTATE(val, rb) & MASK32(mb, me); 1481 goto logical_done; 1482 1483 case 23: /* rlwnm */ 1484 mb = (word >> 6) & 0x1f; 1485 me = (word >> 1) & 0x1f; 1486 rb = regs->gpr[rb] & 0x1f; 1487 val = DATA32(regs->gpr[rd]); 1488 op->val = ROTATE(val, rb) & MASK32(mb, me); 1489 goto logical_done; 1490 1491 case 24: /* ori */ 1492 op->val = regs->gpr[rd] | (unsigned short) word; 1493 goto logical_done_nocc; 1494 1495 case 25: /* oris */ 1496 imm = (unsigned short) word; 1497 op->val = regs->gpr[rd] | (imm << 16); 1498 goto logical_done_nocc; 1499 1500 case 26: /* xori */ 1501 op->val = regs->gpr[rd] ^ (unsigned short) word; 1502 goto logical_done_nocc; 1503 1504 case 27: /* xoris */ 1505 imm = (unsigned short) word; 1506 op->val = regs->gpr[rd] ^ (imm << 16); 1507 goto logical_done_nocc; 1508 1509 case 28: /* andi. */ 1510 op->val = regs->gpr[rd] & (unsigned short) word; 1511 set_cr0(regs, op); 1512 goto logical_done_nocc; 1513 1514 case 29: /* andis. */ 1515 imm = (unsigned short) word; 1516 op->val = regs->gpr[rd] & (imm << 16); 1517 set_cr0(regs, op); 1518 goto logical_done_nocc; 1519 1520 #ifdef __powerpc64__ 1521 case 30: /* rld* */ 1522 mb = ((word >> 6) & 0x1f) | (word & 0x20); 1523 val = regs->gpr[rd]; 1524 if ((word & 0x10) == 0) { 1525 sh = rb | ((word & 2) << 4); 1526 val = ROTATE(val, sh); 1527 switch ((word >> 2) & 3) { 1528 case 0: /* rldicl */ 1529 val &= MASK64_L(mb); 1530 break; 1531 case 1: /* rldicr */ 1532 val &= MASK64_R(mb); 1533 break; 1534 case 2: /* rldic */ 1535 val &= MASK64(mb, 63 - sh); 1536 break; 1537 case 3: /* rldimi */ 1538 imm = MASK64(mb, 63 - sh); 1539 val = (regs->gpr[ra] & ~imm) | 1540 (val & imm); 1541 } 1542 op->val = val; 1543 goto logical_done; 1544 } else { 1545 sh = regs->gpr[rb] & 0x3f; 1546 val = ROTATE(val, sh); 1547 switch ((word >> 1) & 7) { 1548 case 0: /* rldcl */ 1549 op->val = val & MASK64_L(mb); 1550 goto logical_done; 1551 case 1: /* rldcr */ 1552 op->val = val & MASK64_R(mb); 1553 goto logical_done; 1554 } 1555 } 1556 #endif 1557 op->type = UNKNOWN; /* illegal instruction */ 1558 return 0; 1559 1560 case 31: 1561 /* isel occupies 32 minor opcodes */ 1562 if (((word >> 1) & 0x1f) == 15) { 1563 mb = (word >> 6) & 0x1f; /* bc field */ 1564 val = (regs->ccr >> (31 - mb)) & 1; 1565 val2 = (ra) ? regs->gpr[ra] : 0; 1566 1567 op->val = (val) ? val2 : regs->gpr[rb]; 1568 goto compute_done; 1569 } 1570 1571 switch ((word >> 1) & 0x3ff) { 1572 case 4: /* tw */ 1573 if (rd == 0x1f || 1574 (rd & trap_compare((int)regs->gpr[ra], 1575 (int)regs->gpr[rb]))) 1576 goto trap; 1577 return 1; 1578 #ifdef __powerpc64__ 1579 case 68: /* td */ 1580 if (rd & trap_compare(regs->gpr[ra], regs->gpr[rb])) 1581 goto trap; 1582 return 1; 1583 #endif 1584 case 83: /* mfmsr */ 1585 if (regs->msr & MSR_PR) 1586 goto priv; 1587 op->type = MFMSR; 1588 op->reg = rd; 1589 return 0; 1590 case 146: /* mtmsr */ 1591 if (regs->msr & MSR_PR) 1592 goto priv; 1593 op->type = MTMSR; 1594 op->reg = rd; 1595 op->val = 0xffffffff & ~(MSR_ME | MSR_LE); 1596 return 0; 1597 #ifdef CONFIG_PPC64 1598 case 178: /* mtmsrd */ 1599 if (regs->msr & MSR_PR) 1600 goto priv; 1601 op->type = MTMSR; 1602 op->reg = rd; 1603 /* only MSR_EE and MSR_RI get changed if bit 15 set */ 1604 /* mtmsrd doesn't change MSR_HV, MSR_ME or MSR_LE */ 1605 imm = (word & 0x10000)? 0x8002: 0xefffffffffffeffeUL; 1606 op->val = imm; 1607 return 0; 1608 #endif 1609 1610 case 19: /* mfcr */ 1611 imm = 0xffffffffUL; 1612 if ((word >> 20) & 1) { 1613 imm = 0xf0000000UL; 1614 for (sh = 0; sh < 8; ++sh) { 1615 if (word & (0x80000 >> sh)) 1616 break; 1617 imm >>= 4; 1618 } 1619 } 1620 op->val = regs->ccr & imm; 1621 goto compute_done; 1622 1623 case 144: /* mtcrf */ 1624 op->type = COMPUTE + SETCC; 1625 imm = 0xf0000000UL; 1626 val = regs->gpr[rd]; 1627 op->ccval = regs->ccr; 1628 for (sh = 0; sh < 8; ++sh) { 1629 if (word & (0x80000 >> sh)) 1630 op->ccval = (op->ccval & ~imm) | 1631 (val & imm); 1632 imm >>= 4; 1633 } 1634 return 1; 1635 1636 case 339: /* mfspr */ 1637 spr = ((word >> 16) & 0x1f) | ((word >> 6) & 0x3e0); 1638 op->type = MFSPR; 1639 op->reg = rd; 1640 op->spr = spr; 1641 if (spr == SPRN_XER || spr == SPRN_LR || 1642 spr == SPRN_CTR) 1643 return 1; 1644 return 0; 1645 1646 case 467: /* mtspr */ 1647 spr = ((word >> 16) & 0x1f) | ((word >> 6) & 0x3e0); 1648 op->type = MTSPR; 1649 op->val = regs->gpr[rd]; 1650 op->spr = spr; 1651 if (spr == SPRN_XER || spr == SPRN_LR || 1652 spr == SPRN_CTR) 1653 return 1; 1654 return 0; 1655 1656 /* 1657 * Compare instructions 1658 */ 1659 case 0: /* cmp */ 1660 val = regs->gpr[ra]; 1661 val2 = regs->gpr[rb]; 1662 #ifdef __powerpc64__ 1663 if ((rd & 1) == 0) { 1664 /* word (32-bit) compare */ 1665 val = (int) val; 1666 val2 = (int) val2; 1667 } 1668 #endif 1669 do_cmp_signed(regs, op, val, val2, rd >> 2); 1670 return 1; 1671 1672 case 32: /* cmpl */ 1673 val = regs->gpr[ra]; 1674 val2 = regs->gpr[rb]; 1675 #ifdef __powerpc64__ 1676 if ((rd & 1) == 0) { 1677 /* word (32-bit) compare */ 1678 val = (unsigned int) val; 1679 val2 = (unsigned int) val2; 1680 } 1681 #endif 1682 do_cmp_unsigned(regs, op, val, val2, rd >> 2); 1683 return 1; 1684 1685 case 508: /* cmpb */ 1686 do_cmpb(regs, op, regs->gpr[rd], regs->gpr[rb]); 1687 goto logical_done_nocc; 1688 1689 /* 1690 * Arithmetic instructions 1691 */ 1692 case 8: /* subfc */ 1693 add_with_carry(regs, op, rd, ~regs->gpr[ra], 1694 regs->gpr[rb], 1); 1695 goto arith_done; 1696 #ifdef __powerpc64__ 1697 case 9: /* mulhdu */ 1698 asm("mulhdu %0,%1,%2" : "=r" (op->val) : 1699 "r" (regs->gpr[ra]), "r" (regs->gpr[rb])); 1700 goto arith_done; 1701 #endif 1702 case 10: /* addc */ 1703 add_with_carry(regs, op, rd, regs->gpr[ra], 1704 regs->gpr[rb], 0); 1705 goto arith_done; 1706 1707 case 11: /* mulhwu */ 1708 asm("mulhwu %0,%1,%2" : "=r" (op->val) : 1709 "r" (regs->gpr[ra]), "r" (regs->gpr[rb])); 1710 goto arith_done; 1711 1712 case 40: /* subf */ 1713 op->val = regs->gpr[rb] - regs->gpr[ra]; 1714 goto arith_done; 1715 #ifdef __powerpc64__ 1716 case 73: /* mulhd */ 1717 asm("mulhd %0,%1,%2" : "=r" (op->val) : 1718 "r" (regs->gpr[ra]), "r" (regs->gpr[rb])); 1719 goto arith_done; 1720 #endif 1721 case 75: /* mulhw */ 1722 asm("mulhw %0,%1,%2" : "=r" (op->val) : 1723 "r" (regs->gpr[ra]), "r" (regs->gpr[rb])); 1724 goto arith_done; 1725 1726 case 104: /* neg */ 1727 op->val = -regs->gpr[ra]; 1728 goto arith_done; 1729 1730 case 136: /* subfe */ 1731 add_with_carry(regs, op, rd, ~regs->gpr[ra], 1732 regs->gpr[rb], regs->xer & XER_CA); 1733 goto arith_done; 1734 1735 case 138: /* adde */ 1736 add_with_carry(regs, op, rd, regs->gpr[ra], 1737 regs->gpr[rb], regs->xer & XER_CA); 1738 goto arith_done; 1739 1740 case 200: /* subfze */ 1741 add_with_carry(regs, op, rd, ~regs->gpr[ra], 0L, 1742 regs->xer & XER_CA); 1743 goto arith_done; 1744 1745 case 202: /* addze */ 1746 add_with_carry(regs, op, rd, regs->gpr[ra], 0L, 1747 regs->xer & XER_CA); 1748 goto arith_done; 1749 1750 case 232: /* subfme */ 1751 add_with_carry(regs, op, rd, ~regs->gpr[ra], -1L, 1752 regs->xer & XER_CA); 1753 goto arith_done; 1754 #ifdef __powerpc64__ 1755 case 233: /* mulld */ 1756 op->val = regs->gpr[ra] * regs->gpr[rb]; 1757 goto arith_done; 1758 #endif 1759 case 234: /* addme */ 1760 add_with_carry(regs, op, rd, regs->gpr[ra], -1L, 1761 regs->xer & XER_CA); 1762 goto arith_done; 1763 1764 case 235: /* mullw */ 1765 op->val = (long)(int) regs->gpr[ra] * 1766 (int) regs->gpr[rb]; 1767 1768 goto arith_done; 1769 #ifdef __powerpc64__ 1770 case 265: /* modud */ 1771 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 1772 return -1; 1773 op->val = regs->gpr[ra] % regs->gpr[rb]; 1774 goto compute_done; 1775 #endif 1776 case 266: /* add */ 1777 op->val = regs->gpr[ra] + regs->gpr[rb]; 1778 goto arith_done; 1779 1780 case 267: /* moduw */ 1781 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 1782 return -1; 1783 op->val = (unsigned int) regs->gpr[ra] % 1784 (unsigned int) regs->gpr[rb]; 1785 goto compute_done; 1786 #ifdef __powerpc64__ 1787 case 457: /* divdu */ 1788 op->val = regs->gpr[ra] / regs->gpr[rb]; 1789 goto arith_done; 1790 #endif 1791 case 459: /* divwu */ 1792 op->val = (unsigned int) regs->gpr[ra] / 1793 (unsigned int) regs->gpr[rb]; 1794 goto arith_done; 1795 #ifdef __powerpc64__ 1796 case 489: /* divd */ 1797 op->val = (long int) regs->gpr[ra] / 1798 (long int) regs->gpr[rb]; 1799 goto arith_done; 1800 #endif 1801 case 491: /* divw */ 1802 op->val = (int) regs->gpr[ra] / 1803 (int) regs->gpr[rb]; 1804 goto arith_done; 1805 1806 case 755: /* darn */ 1807 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 1808 return -1; 1809 switch (ra & 0x3) { 1810 case 0: 1811 /* 32-bit conditioned */ 1812 asm volatile(PPC_DARN(%0, 0) : "=r" (op->val)); 1813 goto compute_done; 1814 1815 case 1: 1816 /* 64-bit conditioned */ 1817 asm volatile(PPC_DARN(%0, 1) : "=r" (op->val)); 1818 goto compute_done; 1819 1820 case 2: 1821 /* 64-bit raw */ 1822 asm volatile(PPC_DARN(%0, 2) : "=r" (op->val)); 1823 goto compute_done; 1824 } 1825 1826 return -1; 1827 #ifdef __powerpc64__ 1828 case 777: /* modsd */ 1829 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 1830 return -1; 1831 op->val = (long int) regs->gpr[ra] % 1832 (long int) regs->gpr[rb]; 1833 goto compute_done; 1834 #endif 1835 case 779: /* modsw */ 1836 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 1837 return -1; 1838 op->val = (int) regs->gpr[ra] % 1839 (int) regs->gpr[rb]; 1840 goto compute_done; 1841 1842 1843 /* 1844 * Logical instructions 1845 */ 1846 case 26: /* cntlzw */ 1847 val = (unsigned int) regs->gpr[rd]; 1848 op->val = ( val ? __builtin_clz(val) : 32 ); 1849 goto logical_done; 1850 #ifdef __powerpc64__ 1851 case 58: /* cntlzd */ 1852 val = regs->gpr[rd]; 1853 op->val = ( val ? __builtin_clzl(val) : 64 ); 1854 goto logical_done; 1855 #endif 1856 case 28: /* and */ 1857 op->val = regs->gpr[rd] & regs->gpr[rb]; 1858 goto logical_done; 1859 1860 case 60: /* andc */ 1861 op->val = regs->gpr[rd] & ~regs->gpr[rb]; 1862 goto logical_done; 1863 1864 case 122: /* popcntb */ 1865 do_popcnt(regs, op, regs->gpr[rd], 8); 1866 goto logical_done_nocc; 1867 1868 case 124: /* nor */ 1869 op->val = ~(regs->gpr[rd] | regs->gpr[rb]); 1870 goto logical_done; 1871 1872 case 154: /* prtyw */ 1873 do_prty(regs, op, regs->gpr[rd], 32); 1874 goto logical_done_nocc; 1875 1876 case 186: /* prtyd */ 1877 do_prty(regs, op, regs->gpr[rd], 64); 1878 goto logical_done_nocc; 1879 #ifdef CONFIG_PPC64 1880 case 252: /* bpermd */ 1881 do_bpermd(regs, op, regs->gpr[rd], regs->gpr[rb]); 1882 goto logical_done_nocc; 1883 #endif 1884 case 284: /* xor */ 1885 op->val = ~(regs->gpr[rd] ^ regs->gpr[rb]); 1886 goto logical_done; 1887 1888 case 316: /* xor */ 1889 op->val = regs->gpr[rd] ^ regs->gpr[rb]; 1890 goto logical_done; 1891 1892 case 378: /* popcntw */ 1893 do_popcnt(regs, op, regs->gpr[rd], 32); 1894 goto logical_done_nocc; 1895 1896 case 412: /* orc */ 1897 op->val = regs->gpr[rd] | ~regs->gpr[rb]; 1898 goto logical_done; 1899 1900 case 444: /* or */ 1901 op->val = regs->gpr[rd] | regs->gpr[rb]; 1902 goto logical_done; 1903 1904 case 476: /* nand */ 1905 op->val = ~(regs->gpr[rd] & regs->gpr[rb]); 1906 goto logical_done; 1907 #ifdef CONFIG_PPC64 1908 case 506: /* popcntd */ 1909 do_popcnt(regs, op, regs->gpr[rd], 64); 1910 goto logical_done_nocc; 1911 #endif 1912 case 538: /* cnttzw */ 1913 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 1914 return -1; 1915 val = (unsigned int) regs->gpr[rd]; 1916 op->val = (val ? __builtin_ctz(val) : 32); 1917 goto logical_done; 1918 #ifdef __powerpc64__ 1919 case 570: /* cnttzd */ 1920 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 1921 return -1; 1922 val = regs->gpr[rd]; 1923 op->val = (val ? __builtin_ctzl(val) : 64); 1924 goto logical_done; 1925 #endif 1926 case 922: /* extsh */ 1927 op->val = (signed short) regs->gpr[rd]; 1928 goto logical_done; 1929 1930 case 954: /* extsb */ 1931 op->val = (signed char) regs->gpr[rd]; 1932 goto logical_done; 1933 #ifdef __powerpc64__ 1934 case 986: /* extsw */ 1935 op->val = (signed int) regs->gpr[rd]; 1936 goto logical_done; 1937 #endif 1938 1939 /* 1940 * Shift instructions 1941 */ 1942 case 24: /* slw */ 1943 sh = regs->gpr[rb] & 0x3f; 1944 if (sh < 32) 1945 op->val = (regs->gpr[rd] << sh) & 0xffffffffUL; 1946 else 1947 op->val = 0; 1948 goto logical_done; 1949 1950 case 536: /* srw */ 1951 sh = regs->gpr[rb] & 0x3f; 1952 if (sh < 32) 1953 op->val = (regs->gpr[rd] & 0xffffffffUL) >> sh; 1954 else 1955 op->val = 0; 1956 goto logical_done; 1957 1958 case 792: /* sraw */ 1959 op->type = COMPUTE + SETREG + SETXER; 1960 sh = regs->gpr[rb] & 0x3f; 1961 ival = (signed int) regs->gpr[rd]; 1962 op->val = ival >> (sh < 32 ? sh : 31); 1963 op->xerval = regs->xer; 1964 if (ival < 0 && (sh >= 32 || (ival & ((1ul << sh) - 1)) != 0)) 1965 op->xerval |= XER_CA; 1966 else 1967 op->xerval &= ~XER_CA; 1968 set_ca32(op, op->xerval & XER_CA); 1969 goto logical_done; 1970 1971 case 824: /* srawi */ 1972 op->type = COMPUTE + SETREG + SETXER; 1973 sh = rb; 1974 ival = (signed int) regs->gpr[rd]; 1975 op->val = ival >> sh; 1976 op->xerval = regs->xer; 1977 if (ival < 0 && (ival & ((1ul << sh) - 1)) != 0) 1978 op->xerval |= XER_CA; 1979 else 1980 op->xerval &= ~XER_CA; 1981 set_ca32(op, op->xerval & XER_CA); 1982 goto logical_done; 1983 1984 #ifdef __powerpc64__ 1985 case 27: /* sld */ 1986 sh = regs->gpr[rb] & 0x7f; 1987 if (sh < 64) 1988 op->val = regs->gpr[rd] << sh; 1989 else 1990 op->val = 0; 1991 goto logical_done; 1992 1993 case 539: /* srd */ 1994 sh = regs->gpr[rb] & 0x7f; 1995 if (sh < 64) 1996 op->val = regs->gpr[rd] >> sh; 1997 else 1998 op->val = 0; 1999 goto logical_done; 2000 2001 case 794: /* srad */ 2002 op->type = COMPUTE + SETREG + SETXER; 2003 sh = regs->gpr[rb] & 0x7f; 2004 ival = (signed long int) regs->gpr[rd]; 2005 op->val = ival >> (sh < 64 ? sh : 63); 2006 op->xerval = regs->xer; 2007 if (ival < 0 && (sh >= 64 || (ival & ((1ul << sh) - 1)) != 0)) 2008 op->xerval |= XER_CA; 2009 else 2010 op->xerval &= ~XER_CA; 2011 set_ca32(op, op->xerval & XER_CA); 2012 goto logical_done; 2013 2014 case 826: /* sradi with sh_5 = 0 */ 2015 case 827: /* sradi with sh_5 = 1 */ 2016 op->type = COMPUTE + SETREG + SETXER; 2017 sh = rb | ((word & 2) << 4); 2018 ival = (signed long int) regs->gpr[rd]; 2019 op->val = ival >> sh; 2020 op->xerval = regs->xer; 2021 if (ival < 0 && (ival & ((1ul << sh) - 1)) != 0) 2022 op->xerval |= XER_CA; 2023 else 2024 op->xerval &= ~XER_CA; 2025 set_ca32(op, op->xerval & XER_CA); 2026 goto logical_done; 2027 2028 case 890: /* extswsli with sh_5 = 0 */ 2029 case 891: /* extswsli with sh_5 = 1 */ 2030 if (!cpu_has_feature(CPU_FTR_ARCH_300)) 2031 return -1; 2032 op->type = COMPUTE + SETREG; 2033 sh = rb | ((word & 2) << 4); 2034 val = (signed int) regs->gpr[rd]; 2035 if (sh) 2036 op->val = ROTATE(val, sh) & MASK64(0, 63 - sh); 2037 else 2038 op->val = val; 2039 goto logical_done; 2040 2041 #endif /* __powerpc64__ */ 2042 2043 /* 2044 * Cache instructions 2045 */ 2046 case 54: /* dcbst */ 2047 op->type = MKOP(CACHEOP, DCBST, 0); 2048 op->ea = xform_ea(word, regs); 2049 return 0; 2050 2051 case 86: /* dcbf */ 2052 op->type = MKOP(CACHEOP, DCBF, 0); 2053 op->ea = xform_ea(word, regs); 2054 return 0; 2055 2056 case 246: /* dcbtst */ 2057 op->type = MKOP(CACHEOP, DCBTST, 0); 2058 op->ea = xform_ea(word, regs); 2059 op->reg = rd; 2060 return 0; 2061 2062 case 278: /* dcbt */ 2063 op->type = MKOP(CACHEOP, DCBTST, 0); 2064 op->ea = xform_ea(word, regs); 2065 op->reg = rd; 2066 return 0; 2067 2068 case 982: /* icbi */ 2069 op->type = MKOP(CACHEOP, ICBI, 0); 2070 op->ea = xform_ea(word, regs); 2071 return 0; 2072 2073 case 1014: /* dcbz */ 2074 op->type = MKOP(CACHEOP, DCBZ, 0); 2075 op->ea = xform_ea(word, regs); 2076 return 0; 2077 } 2078 break; 2079 } 2080 2081 /* 2082 * Loads and stores. 2083 */ 2084 op->type = UNKNOWN; 2085 op->update_reg = ra; 2086 op->reg = rd; 2087 op->val = regs->gpr[rd]; 2088 u = (word >> 20) & UPDATE; 2089 op->vsx_flags = 0; 2090 2091 switch (opcode) { 2092 case 31: 2093 u = word & UPDATE; 2094 op->ea = xform_ea(word, regs); 2095 switch ((word >> 1) & 0x3ff) { 2096 case 20: /* lwarx */ 2097 op->type = MKOP(LARX, 0, 4); 2098 break; 2099 2100 case 150: /* stwcx. */ 2101 op->type = MKOP(STCX, 0, 4); 2102 break; 2103 2104 #ifdef __powerpc64__ 2105 case 84: /* ldarx */ 2106 op->type = MKOP(LARX, 0, 8); 2107 break; 2108 2109 case 214: /* stdcx. */ 2110 op->type = MKOP(STCX, 0, 8); 2111 break; 2112 2113 case 52: /* lbarx */ 2114 op->type = MKOP(LARX, 0, 1); 2115 break; 2116 2117 case 694: /* stbcx. */ 2118 op->type = MKOP(STCX, 0, 1); 2119 break; 2120 2121 case 116: /* lharx */ 2122 op->type = MKOP(LARX, 0, 2); 2123 break; 2124 2125 case 726: /* sthcx. */ 2126 op->type = MKOP(STCX, 0, 2); 2127 break; 2128 2129 case 276: /* lqarx */ 2130 if (!((rd & 1) || rd == ra || rd == rb)) 2131 op->type = MKOP(LARX, 0, 16); 2132 break; 2133 2134 case 182: /* stqcx. */ 2135 if (!(rd & 1)) 2136 op->type = MKOP(STCX, 0, 16); 2137 break; 2138 #endif 2139 2140 case 23: /* lwzx */ 2141 case 55: /* lwzux */ 2142 op->type = MKOP(LOAD, u, 4); 2143 break; 2144 2145 case 87: /* lbzx */ 2146 case 119: /* lbzux */ 2147 op->type = MKOP(LOAD, u, 1); 2148 break; 2149 2150 #ifdef CONFIG_ALTIVEC 2151 /* 2152 * Note: for the load/store vector element instructions, 2153 * bits of the EA say which field of the VMX register to use. 2154 */ 2155 case 7: /* lvebx */ 2156 op->type = MKOP(LOAD_VMX, 0, 1); 2157 op->element_size = 1; 2158 break; 2159 2160 case 39: /* lvehx */ 2161 op->type = MKOP(LOAD_VMX, 0, 2); 2162 op->element_size = 2; 2163 break; 2164 2165 case 71: /* lvewx */ 2166 op->type = MKOP(LOAD_VMX, 0, 4); 2167 op->element_size = 4; 2168 break; 2169 2170 case 103: /* lvx */ 2171 case 359: /* lvxl */ 2172 op->type = MKOP(LOAD_VMX, 0, 16); 2173 op->element_size = 16; 2174 break; 2175 2176 case 135: /* stvebx */ 2177 op->type = MKOP(STORE_VMX, 0, 1); 2178 op->element_size = 1; 2179 break; 2180 2181 case 167: /* stvehx */ 2182 op->type = MKOP(STORE_VMX, 0, 2); 2183 op->element_size = 2; 2184 break; 2185 2186 case 199: /* stvewx */ 2187 op->type = MKOP(STORE_VMX, 0, 4); 2188 op->element_size = 4; 2189 break; 2190 2191 case 231: /* stvx */ 2192 case 487: /* stvxl */ 2193 op->type = MKOP(STORE_VMX, 0, 16); 2194 break; 2195 #endif /* CONFIG_ALTIVEC */ 2196 2197 #ifdef __powerpc64__ 2198 case 21: /* ldx */ 2199 case 53: /* ldux */ 2200 op->type = MKOP(LOAD, u, 8); 2201 break; 2202 2203 case 149: /* stdx */ 2204 case 181: /* stdux */ 2205 op->type = MKOP(STORE, u, 8); 2206 break; 2207 #endif 2208 2209 case 151: /* stwx */ 2210 case 183: /* stwux */ 2211 op->type = MKOP(STORE, u, 4); 2212 break; 2213 2214 case 215: /* stbx */ 2215 case 247: /* stbux */ 2216 op->type = MKOP(STORE, u, 1); 2217 break; 2218 2219 case 279: /* lhzx */ 2220 case 311: /* lhzux */ 2221 op->type = MKOP(LOAD, u, 2); 2222 break; 2223 2224 #ifdef __powerpc64__ 2225 case 341: /* lwax */ 2226 case 373: /* lwaux */ 2227 op->type = MKOP(LOAD, SIGNEXT | u, 4); 2228 break; 2229 #endif 2230 2231 case 343: /* lhax */ 2232 case 375: /* lhaux */ 2233 op->type = MKOP(LOAD, SIGNEXT | u, 2); 2234 break; 2235 2236 case 407: /* sthx */ 2237 case 439: /* sthux */ 2238 op->type = MKOP(STORE, u, 2); 2239 break; 2240 2241 #ifdef __powerpc64__ 2242 case 532: /* ldbrx */ 2243 op->type = MKOP(LOAD, BYTEREV, 8); 2244 break; 2245 2246 #endif 2247 case 533: /* lswx */ 2248 op->type = MKOP(LOAD_MULTI, 0, regs->xer & 0x7f); 2249 break; 2250 2251 case 534: /* lwbrx */ 2252 op->type = MKOP(LOAD, BYTEREV, 4); 2253 break; 2254 2255 case 597: /* lswi */ 2256 if (rb == 0) 2257 rb = 32; /* # bytes to load */ 2258 op->type = MKOP(LOAD_MULTI, 0, rb); 2259 op->ea = ra ? regs->gpr[ra] : 0; 2260 break; 2261 2262 #ifdef CONFIG_PPC_FPU 2263 case 535: /* lfsx */ 2264 case 567: /* lfsux */ 2265 op->type = MKOP(LOAD_FP, u | FPCONV, 4); 2266 break; 2267 2268 case 599: /* lfdx */ 2269 case 631: /* lfdux */ 2270 op->type = MKOP(LOAD_FP, u, 8); 2271 break; 2272 2273 case 663: /* stfsx */ 2274 case 695: /* stfsux */ 2275 op->type = MKOP(STORE_FP, u | FPCONV, 4); 2276 break; 2277 2278 case 727: /* stfdx */ 2279 case 759: /* stfdux */ 2280 op->type = MKOP(STORE_FP, u, 8); 2281 break; 2282 2283 #ifdef __powerpc64__ 2284 case 791: /* lfdpx */ 2285 op->type = MKOP(LOAD_FP, 0, 16); 2286 break; 2287 2288 case 855: /* lfiwax */ 2289 op->type = MKOP(LOAD_FP, SIGNEXT, 4); 2290 break; 2291 2292 case 887: /* lfiwzx */ 2293 op->type = MKOP(LOAD_FP, 0, 4); 2294 break; 2295 2296 case 919: /* stfdpx */ 2297 op->type = MKOP(STORE_FP, 0, 16); 2298 break; 2299 2300 case 983: /* stfiwx */ 2301 op->type = MKOP(STORE_FP, 0, 4); 2302 break; 2303 #endif /* __powerpc64 */ 2304 #endif /* CONFIG_PPC_FPU */ 2305 2306 #ifdef __powerpc64__ 2307 case 660: /* stdbrx */ 2308 op->type = MKOP(STORE, BYTEREV, 8); 2309 op->val = byterev_8(regs->gpr[rd]); 2310 break; 2311 2312 #endif 2313 case 661: /* stswx */ 2314 op->type = MKOP(STORE_MULTI, 0, regs->xer & 0x7f); 2315 break; 2316 2317 case 662: /* stwbrx */ 2318 op->type = MKOP(STORE, BYTEREV, 4); 2319 op->val = byterev_4(regs->gpr[rd]); 2320 break; 2321 2322 case 725: /* stswi */ 2323 if (rb == 0) 2324 rb = 32; /* # bytes to store */ 2325 op->type = MKOP(STORE_MULTI, 0, rb); 2326 op->ea = ra ? regs->gpr[ra] : 0; 2327 break; 2328 2329 case 790: /* lhbrx */ 2330 op->type = MKOP(LOAD, BYTEREV, 2); 2331 break; 2332 2333 case 918: /* sthbrx */ 2334 op->type = MKOP(STORE, BYTEREV, 2); 2335 op->val = byterev_2(regs->gpr[rd]); 2336 break; 2337 2338 #ifdef CONFIG_VSX 2339 case 12: /* lxsiwzx */ 2340 op->reg = rd | ((word & 1) << 5); 2341 op->type = MKOP(LOAD_VSX, 0, 4); 2342 op->element_size = 8; 2343 break; 2344 2345 case 76: /* lxsiwax */ 2346 op->reg = rd | ((word & 1) << 5); 2347 op->type = MKOP(LOAD_VSX, SIGNEXT, 4); 2348 op->element_size = 8; 2349 break; 2350 2351 case 140: /* stxsiwx */ 2352 op->reg = rd | ((word & 1) << 5); 2353 op->type = MKOP(STORE_VSX, 0, 4); 2354 op->element_size = 8; 2355 break; 2356 2357 case 268: /* lxvx */ 2358 op->reg = rd | ((word & 1) << 5); 2359 op->type = MKOP(LOAD_VSX, 0, 16); 2360 op->element_size = 16; 2361 op->vsx_flags = VSX_CHECK_VEC; 2362 break; 2363 2364 case 269: /* lxvl */ 2365 case 301: { /* lxvll */ 2366 int nb; 2367 op->reg = rd | ((word & 1) << 5); 2368 op->ea = ra ? regs->gpr[ra] : 0; 2369 nb = regs->gpr[rb] & 0xff; 2370 if (nb > 16) 2371 nb = 16; 2372 op->type = MKOP(LOAD_VSX, 0, nb); 2373 op->element_size = 16; 2374 op->vsx_flags = ((word & 0x20) ? VSX_LDLEFT : 0) | 2375 VSX_CHECK_VEC; 2376 break; 2377 } 2378 case 332: /* lxvdsx */ 2379 op->reg = rd | ((word & 1) << 5); 2380 op->type = MKOP(LOAD_VSX, 0, 8); 2381 op->element_size = 8; 2382 op->vsx_flags = VSX_SPLAT; 2383 break; 2384 2385 case 364: /* lxvwsx */ 2386 op->reg = rd | ((word & 1) << 5); 2387 op->type = MKOP(LOAD_VSX, 0, 4); 2388 op->element_size = 4; 2389 op->vsx_flags = VSX_SPLAT | VSX_CHECK_VEC; 2390 break; 2391 2392 case 396: /* stxvx */ 2393 op->reg = rd | ((word & 1) << 5); 2394 op->type = MKOP(STORE_VSX, 0, 16); 2395 op->element_size = 16; 2396 op->vsx_flags = VSX_CHECK_VEC; 2397 break; 2398 2399 case 397: /* stxvl */ 2400 case 429: { /* stxvll */ 2401 int nb; 2402 op->reg = rd | ((word & 1) << 5); 2403 op->ea = ra ? regs->gpr[ra] : 0; 2404 nb = regs->gpr[rb] & 0xff; 2405 if (nb > 16) 2406 nb = 16; 2407 op->type = MKOP(STORE_VSX, 0, nb); 2408 op->element_size = 16; 2409 op->vsx_flags = ((word & 0x20) ? VSX_LDLEFT : 0) | 2410 VSX_CHECK_VEC; 2411 break; 2412 } 2413 case 524: /* lxsspx */ 2414 op->reg = rd | ((word & 1) << 5); 2415 op->type = MKOP(LOAD_VSX, 0, 4); 2416 op->element_size = 8; 2417 op->vsx_flags = VSX_FPCONV; 2418 break; 2419 2420 case 588: /* lxsdx */ 2421 op->reg = rd | ((word & 1) << 5); 2422 op->type = MKOP(LOAD_VSX, 0, 8); 2423 op->element_size = 8; 2424 break; 2425 2426 case 652: /* stxsspx */ 2427 op->reg = rd | ((word & 1) << 5); 2428 op->type = MKOP(STORE_VSX, 0, 4); 2429 op->element_size = 8; 2430 op->vsx_flags = VSX_FPCONV; 2431 break; 2432 2433 case 716: /* stxsdx */ 2434 op->reg = rd | ((word & 1) << 5); 2435 op->type = MKOP(STORE_VSX, 0, 8); 2436 op->element_size = 8; 2437 break; 2438 2439 case 780: /* lxvw4x */ 2440 op->reg = rd | ((word & 1) << 5); 2441 op->type = MKOP(LOAD_VSX, 0, 16); 2442 op->element_size = 4; 2443 break; 2444 2445 case 781: /* lxsibzx */ 2446 op->reg = rd | ((word & 1) << 5); 2447 op->type = MKOP(LOAD_VSX, 0, 1); 2448 op->element_size = 8; 2449 op->vsx_flags = VSX_CHECK_VEC; 2450 break; 2451 2452 case 812: /* lxvh8x */ 2453 op->reg = rd | ((word & 1) << 5); 2454 op->type = MKOP(LOAD_VSX, 0, 16); 2455 op->element_size = 2; 2456 op->vsx_flags = VSX_CHECK_VEC; 2457 break; 2458 2459 case 813: /* lxsihzx */ 2460 op->reg = rd | ((word & 1) << 5); 2461 op->type = MKOP(LOAD_VSX, 0, 2); 2462 op->element_size = 8; 2463 op->vsx_flags = VSX_CHECK_VEC; 2464 break; 2465 2466 case 844: /* lxvd2x */ 2467 op->reg = rd | ((word & 1) << 5); 2468 op->type = MKOP(LOAD_VSX, 0, 16); 2469 op->element_size = 8; 2470 break; 2471 2472 case 876: /* lxvb16x */ 2473 op->reg = rd | ((word & 1) << 5); 2474 op->type = MKOP(LOAD_VSX, 0, 16); 2475 op->element_size = 1; 2476 op->vsx_flags = VSX_CHECK_VEC; 2477 break; 2478 2479 case 908: /* stxvw4x */ 2480 op->reg = rd | ((word & 1) << 5); 2481 op->type = MKOP(STORE_VSX, 0, 16); 2482 op->element_size = 4; 2483 break; 2484 2485 case 909: /* stxsibx */ 2486 op->reg = rd | ((word & 1) << 5); 2487 op->type = MKOP(STORE_VSX, 0, 1); 2488 op->element_size = 8; 2489 op->vsx_flags = VSX_CHECK_VEC; 2490 break; 2491 2492 case 940: /* stxvh8x */ 2493 op->reg = rd | ((word & 1) << 5); 2494 op->type = MKOP(STORE_VSX, 0, 16); 2495 op->element_size = 2; 2496 op->vsx_flags = VSX_CHECK_VEC; 2497 break; 2498 2499 case 941: /* stxsihx */ 2500 op->reg = rd | ((word & 1) << 5); 2501 op->type = MKOP(STORE_VSX, 0, 2); 2502 op->element_size = 8; 2503 op->vsx_flags = VSX_CHECK_VEC; 2504 break; 2505 2506 case 972: /* stxvd2x */ 2507 op->reg = rd | ((word & 1) << 5); 2508 op->type = MKOP(STORE_VSX, 0, 16); 2509 op->element_size = 8; 2510 break; 2511 2512 case 1004: /* stxvb16x */ 2513 op->reg = rd | ((word & 1) << 5); 2514 op->type = MKOP(STORE_VSX, 0, 16); 2515 op->element_size = 1; 2516 op->vsx_flags = VSX_CHECK_VEC; 2517 break; 2518 2519 #endif /* CONFIG_VSX */ 2520 } 2521 break; 2522 2523 case 32: /* lwz */ 2524 case 33: /* lwzu */ 2525 op->type = MKOP(LOAD, u, 4); 2526 op->ea = dform_ea(word, regs); 2527 break; 2528 2529 case 34: /* lbz */ 2530 case 35: /* lbzu */ 2531 op->type = MKOP(LOAD, u, 1); 2532 op->ea = dform_ea(word, regs); 2533 break; 2534 2535 case 36: /* stw */ 2536 case 37: /* stwu */ 2537 op->type = MKOP(STORE, u, 4); 2538 op->ea = dform_ea(word, regs); 2539 break; 2540 2541 case 38: /* stb */ 2542 case 39: /* stbu */ 2543 op->type = MKOP(STORE, u, 1); 2544 op->ea = dform_ea(word, regs); 2545 break; 2546 2547 case 40: /* lhz */ 2548 case 41: /* lhzu */ 2549 op->type = MKOP(LOAD, u, 2); 2550 op->ea = dform_ea(word, regs); 2551 break; 2552 2553 case 42: /* lha */ 2554 case 43: /* lhau */ 2555 op->type = MKOP(LOAD, SIGNEXT | u, 2); 2556 op->ea = dform_ea(word, regs); 2557 break; 2558 2559 case 44: /* sth */ 2560 case 45: /* sthu */ 2561 op->type = MKOP(STORE, u, 2); 2562 op->ea = dform_ea(word, regs); 2563 break; 2564 2565 case 46: /* lmw */ 2566 if (ra >= rd) 2567 break; /* invalid form, ra in range to load */ 2568 op->type = MKOP(LOAD_MULTI, 0, 4 * (32 - rd)); 2569 op->ea = dform_ea(word, regs); 2570 break; 2571 2572 case 47: /* stmw */ 2573 op->type = MKOP(STORE_MULTI, 0, 4 * (32 - rd)); 2574 op->ea = dform_ea(word, regs); 2575 break; 2576 2577 #ifdef CONFIG_PPC_FPU 2578 case 48: /* lfs */ 2579 case 49: /* lfsu */ 2580 op->type = MKOP(LOAD_FP, u | FPCONV, 4); 2581 op->ea = dform_ea(word, regs); 2582 break; 2583 2584 case 50: /* lfd */ 2585 case 51: /* lfdu */ 2586 op->type = MKOP(LOAD_FP, u, 8); 2587 op->ea = dform_ea(word, regs); 2588 break; 2589 2590 case 52: /* stfs */ 2591 case 53: /* stfsu */ 2592 op->type = MKOP(STORE_FP, u | FPCONV, 4); 2593 op->ea = dform_ea(word, regs); 2594 break; 2595 2596 case 54: /* stfd */ 2597 case 55: /* stfdu */ 2598 op->type = MKOP(STORE_FP, u, 8); 2599 op->ea = dform_ea(word, regs); 2600 break; 2601 #endif 2602 2603 #ifdef __powerpc64__ 2604 case 56: /* lq */ 2605 if (!((rd & 1) || (rd == ra))) 2606 op->type = MKOP(LOAD, 0, 16); 2607 op->ea = dqform_ea(word, regs); 2608 break; 2609 #endif 2610 2611 #ifdef CONFIG_VSX 2612 case 57: /* lfdp, lxsd, lxssp */ 2613 op->ea = dsform_ea(word, regs); 2614 switch (word & 3) { 2615 case 0: /* lfdp */ 2616 if (rd & 1) 2617 break; /* reg must be even */ 2618 op->type = MKOP(LOAD_FP, 0, 16); 2619 break; 2620 case 2: /* lxsd */ 2621 op->reg = rd + 32; 2622 op->type = MKOP(LOAD_VSX, 0, 8); 2623 op->element_size = 8; 2624 op->vsx_flags = VSX_CHECK_VEC; 2625 break; 2626 case 3: /* lxssp */ 2627 op->reg = rd + 32; 2628 op->type = MKOP(LOAD_VSX, 0, 4); 2629 op->element_size = 8; 2630 op->vsx_flags = VSX_FPCONV | VSX_CHECK_VEC; 2631 break; 2632 } 2633 break; 2634 #endif /* CONFIG_VSX */ 2635 2636 #ifdef __powerpc64__ 2637 case 58: /* ld[u], lwa */ 2638 op->ea = dsform_ea(word, regs); 2639 switch (word & 3) { 2640 case 0: /* ld */ 2641 op->type = MKOP(LOAD, 0, 8); 2642 break; 2643 case 1: /* ldu */ 2644 op->type = MKOP(LOAD, UPDATE, 8); 2645 break; 2646 case 2: /* lwa */ 2647 op->type = MKOP(LOAD, SIGNEXT, 4); 2648 break; 2649 } 2650 break; 2651 #endif 2652 2653 #ifdef CONFIG_VSX 2654 case 61: /* stfdp, lxv, stxsd, stxssp, stxv */ 2655 switch (word & 7) { 2656 case 0: /* stfdp with LSB of DS field = 0 */ 2657 case 4: /* stfdp with LSB of DS field = 1 */ 2658 op->ea = dsform_ea(word, regs); 2659 op->type = MKOP(STORE_FP, 0, 16); 2660 break; 2661 2662 case 1: /* lxv */ 2663 op->ea = dqform_ea(word, regs); 2664 if (word & 8) 2665 op->reg = rd + 32; 2666 op->type = MKOP(LOAD_VSX, 0, 16); 2667 op->element_size = 16; 2668 op->vsx_flags = VSX_CHECK_VEC; 2669 break; 2670 2671 case 2: /* stxsd with LSB of DS field = 0 */ 2672 case 6: /* stxsd with LSB of DS field = 1 */ 2673 op->ea = dsform_ea(word, regs); 2674 op->reg = rd + 32; 2675 op->type = MKOP(STORE_VSX, 0, 8); 2676 op->element_size = 8; 2677 op->vsx_flags = VSX_CHECK_VEC; 2678 break; 2679 2680 case 3: /* stxssp with LSB of DS field = 0 */ 2681 case 7: /* stxssp with LSB of DS field = 1 */ 2682 op->ea = dsform_ea(word, regs); 2683 op->reg = rd + 32; 2684 op->type = MKOP(STORE_VSX, 0, 4); 2685 op->element_size = 8; 2686 op->vsx_flags = VSX_FPCONV | VSX_CHECK_VEC; 2687 break; 2688 2689 case 5: /* stxv */ 2690 op->ea = dqform_ea(word, regs); 2691 if (word & 8) 2692 op->reg = rd + 32; 2693 op->type = MKOP(STORE_VSX, 0, 16); 2694 op->element_size = 16; 2695 op->vsx_flags = VSX_CHECK_VEC; 2696 break; 2697 } 2698 break; 2699 #endif /* CONFIG_VSX */ 2700 2701 #ifdef __powerpc64__ 2702 case 62: /* std[u] */ 2703 op->ea = dsform_ea(word, regs); 2704 switch (word & 3) { 2705 case 0: /* std */ 2706 op->type = MKOP(STORE, 0, 8); 2707 break; 2708 case 1: /* stdu */ 2709 op->type = MKOP(STORE, UPDATE, 8); 2710 break; 2711 case 2: /* stq */ 2712 if (!(rd & 1)) 2713 op->type = MKOP(STORE, 0, 16); 2714 break; 2715 } 2716 break; 2717 case 1: /* Prefixed instructions */ 2718 prefix_r = word & (1ul << 20); 2719 ra = (suffix >> 16) & 0x1f; 2720 op->update_reg = ra; 2721 rd = (suffix >> 21) & 0x1f; 2722 op->reg = rd; 2723 op->val = regs->gpr[rd]; 2724 2725 suffixopcode = get_op(suffix); 2726 prefixtype = (word >> 24) & 0x3; 2727 switch (prefixtype) { 2728 case 0: /* Type 00 Eight-Byte Load/Store */ 2729 if (prefix_r && ra) 2730 break; 2731 op->ea = mlsd_8lsd_ea(word, suffix, regs); 2732 switch (suffixopcode) { 2733 case 41: /* plwa */ 2734 op->type = MKOP(LOAD, PREFIXED | SIGNEXT, 4); 2735 break; 2736 case 42: /* plxsd */ 2737 op->reg = rd + 32; 2738 op->type = MKOP(LOAD_VSX, PREFIXED, 8); 2739 op->element_size = 8; 2740 op->vsx_flags = VSX_CHECK_VEC; 2741 break; 2742 case 43: /* plxssp */ 2743 op->reg = rd + 32; 2744 op->type = MKOP(LOAD_VSX, PREFIXED, 4); 2745 op->element_size = 8; 2746 op->vsx_flags = VSX_FPCONV | VSX_CHECK_VEC; 2747 break; 2748 case 46: /* pstxsd */ 2749 op->reg = rd + 32; 2750 op->type = MKOP(STORE_VSX, PREFIXED, 8); 2751 op->element_size = 8; 2752 op->vsx_flags = VSX_CHECK_VEC; 2753 break; 2754 case 47: /* pstxssp */ 2755 op->reg = rd + 32; 2756 op->type = MKOP(STORE_VSX, PREFIXED, 4); 2757 op->element_size = 8; 2758 op->vsx_flags = VSX_FPCONV | VSX_CHECK_VEC; 2759 break; 2760 case 51: /* plxv1 */ 2761 op->reg += 32; 2762 fallthrough; 2763 case 50: /* plxv0 */ 2764 op->type = MKOP(LOAD_VSX, PREFIXED, 16); 2765 op->element_size = 16; 2766 op->vsx_flags = VSX_CHECK_VEC; 2767 break; 2768 case 55: /* pstxv1 */ 2769 op->reg = rd + 32; 2770 fallthrough; 2771 case 54: /* pstxv0 */ 2772 op->type = MKOP(STORE_VSX, PREFIXED, 16); 2773 op->element_size = 16; 2774 op->vsx_flags = VSX_CHECK_VEC; 2775 break; 2776 case 56: /* plq */ 2777 op->type = MKOP(LOAD, PREFIXED, 16); 2778 break; 2779 case 57: /* pld */ 2780 op->type = MKOP(LOAD, PREFIXED, 8); 2781 break; 2782 case 60: /* stq */ 2783 op->type = MKOP(STORE, PREFIXED, 16); 2784 break; 2785 case 61: /* pstd */ 2786 op->type = MKOP(STORE, PREFIXED, 8); 2787 break; 2788 } 2789 break; 2790 case 1: /* Type 01 Eight-Byte Register-to-Register */ 2791 break; 2792 case 2: /* Type 10 Modified Load/Store */ 2793 if (prefix_r && ra) 2794 break; 2795 op->ea = mlsd_8lsd_ea(word, suffix, regs); 2796 switch (suffixopcode) { 2797 case 32: /* plwz */ 2798 op->type = MKOP(LOAD, PREFIXED, 4); 2799 break; 2800 case 34: /* plbz */ 2801 op->type = MKOP(LOAD, PREFIXED, 1); 2802 break; 2803 case 36: /* pstw */ 2804 op->type = MKOP(STORE, PREFIXED, 4); 2805 break; 2806 case 38: /* pstb */ 2807 op->type = MKOP(STORE, PREFIXED, 1); 2808 break; 2809 case 40: /* plhz */ 2810 op->type = MKOP(LOAD, PREFIXED, 2); 2811 break; 2812 case 42: /* plha */ 2813 op->type = MKOP(LOAD, PREFIXED | SIGNEXT, 2); 2814 break; 2815 case 44: /* psth */ 2816 op->type = MKOP(STORE, PREFIXED, 2); 2817 break; 2818 case 48: /* plfs */ 2819 op->type = MKOP(LOAD_FP, PREFIXED | FPCONV, 4); 2820 break; 2821 case 50: /* plfd */ 2822 op->type = MKOP(LOAD_FP, PREFIXED, 8); 2823 break; 2824 case 52: /* pstfs */ 2825 op->type = MKOP(STORE_FP, PREFIXED | FPCONV, 4); 2826 break; 2827 case 54: /* pstfd */ 2828 op->type = MKOP(STORE_FP, PREFIXED, 8); 2829 break; 2830 } 2831 break; 2832 case 3: /* Type 11 Modified Register-to-Register */ 2833 break; 2834 } 2835 #endif /* __powerpc64__ */ 2836 2837 } 2838 2839 #ifdef CONFIG_VSX 2840 if ((GETTYPE(op->type) == LOAD_VSX || 2841 GETTYPE(op->type) == STORE_VSX) && 2842 !cpu_has_feature(CPU_FTR_VSX)) { 2843 return -1; 2844 } 2845 #endif /* CONFIG_VSX */ 2846 2847 return 0; 2848 2849 logical_done: 2850 if (word & 1) 2851 set_cr0(regs, op); 2852 logical_done_nocc: 2853 op->reg = ra; 2854 op->type |= SETREG; 2855 return 1; 2856 2857 arith_done: 2858 if (word & 1) 2859 set_cr0(regs, op); 2860 compute_done: 2861 op->reg = rd; 2862 op->type |= SETREG; 2863 return 1; 2864 2865 priv: 2866 op->type = INTERRUPT | 0x700; 2867 op->val = SRR1_PROGPRIV; 2868 return 0; 2869 2870 trap: 2871 op->type = INTERRUPT | 0x700; 2872 op->val = SRR1_PROGTRAP; 2873 return 0; 2874 } 2875 EXPORT_SYMBOL_GPL(analyse_instr); 2876 NOKPROBE_SYMBOL(analyse_instr); 2877 2878 /* 2879 * For PPC32 we always use stwu with r1 to change the stack pointer. 2880 * So this emulated store may corrupt the exception frame, now we 2881 * have to provide the exception frame trampoline, which is pushed 2882 * below the kprobed function stack. So we only update gpr[1] but 2883 * don't emulate the real store operation. We will do real store 2884 * operation safely in exception return code by checking this flag. 2885 */ 2886 static nokprobe_inline int handle_stack_update(unsigned long ea, struct pt_regs *regs) 2887 { 2888 #ifdef CONFIG_PPC32 2889 /* 2890 * Check if we will touch kernel stack overflow 2891 */ 2892 if (ea - STACK_INT_FRAME_SIZE <= current->thread.ksp_limit) { 2893 printk(KERN_CRIT "Can't kprobe this since kernel stack would overflow.\n"); 2894 return -EINVAL; 2895 } 2896 #endif /* CONFIG_PPC32 */ 2897 /* 2898 * Check if we already set since that means we'll 2899 * lose the previous value. 2900 */ 2901 WARN_ON(test_thread_flag(TIF_EMULATE_STACK_STORE)); 2902 set_thread_flag(TIF_EMULATE_STACK_STORE); 2903 return 0; 2904 } 2905 2906 static nokprobe_inline void do_signext(unsigned long *valp, int size) 2907 { 2908 switch (size) { 2909 case 2: 2910 *valp = (signed short) *valp; 2911 break; 2912 case 4: 2913 *valp = (signed int) *valp; 2914 break; 2915 } 2916 } 2917 2918 static nokprobe_inline void do_byterev(unsigned long *valp, int size) 2919 { 2920 switch (size) { 2921 case 2: 2922 *valp = byterev_2(*valp); 2923 break; 2924 case 4: 2925 *valp = byterev_4(*valp); 2926 break; 2927 #ifdef __powerpc64__ 2928 case 8: 2929 *valp = byterev_8(*valp); 2930 break; 2931 #endif 2932 } 2933 } 2934 2935 /* 2936 * Emulate an instruction that can be executed just by updating 2937 * fields in *regs. 2938 */ 2939 void emulate_update_regs(struct pt_regs *regs, struct instruction_op *op) 2940 { 2941 unsigned long next_pc; 2942 2943 next_pc = truncate_if_32bit(regs->msr, regs->nip + GETLENGTH(op->type)); 2944 switch (GETTYPE(op->type)) { 2945 case COMPUTE: 2946 if (op->type & SETREG) 2947 regs->gpr[op->reg] = op->val; 2948 if (op->type & SETCC) 2949 regs->ccr = op->ccval; 2950 if (op->type & SETXER) 2951 regs->xer = op->xerval; 2952 break; 2953 2954 case BRANCH: 2955 if (op->type & SETLK) 2956 regs->link = next_pc; 2957 if (op->type & BRTAKEN) 2958 next_pc = op->val; 2959 if (op->type & DECCTR) 2960 --regs->ctr; 2961 break; 2962 2963 case BARRIER: 2964 switch (op->type & BARRIER_MASK) { 2965 case BARRIER_SYNC: 2966 mb(); 2967 break; 2968 case BARRIER_ISYNC: 2969 isync(); 2970 break; 2971 case BARRIER_EIEIO: 2972 eieio(); 2973 break; 2974 case BARRIER_LWSYNC: 2975 asm volatile("lwsync" : : : "memory"); 2976 break; 2977 case BARRIER_PTESYNC: 2978 asm volatile("ptesync" : : : "memory"); 2979 break; 2980 } 2981 break; 2982 2983 case MFSPR: 2984 switch (op->spr) { 2985 case SPRN_XER: 2986 regs->gpr[op->reg] = regs->xer & 0xffffffffUL; 2987 break; 2988 case SPRN_LR: 2989 regs->gpr[op->reg] = regs->link; 2990 break; 2991 case SPRN_CTR: 2992 regs->gpr[op->reg] = regs->ctr; 2993 break; 2994 default: 2995 WARN_ON_ONCE(1); 2996 } 2997 break; 2998 2999 case MTSPR: 3000 switch (op->spr) { 3001 case SPRN_XER: 3002 regs->xer = op->val & 0xffffffffUL; 3003 break; 3004 case SPRN_LR: 3005 regs->link = op->val; 3006 break; 3007 case SPRN_CTR: 3008 regs->ctr = op->val; 3009 break; 3010 default: 3011 WARN_ON_ONCE(1); 3012 } 3013 break; 3014 3015 default: 3016 WARN_ON_ONCE(1); 3017 } 3018 regs->nip = next_pc; 3019 } 3020 NOKPROBE_SYMBOL(emulate_update_regs); 3021 3022 /* 3023 * Emulate a previously-analysed load or store instruction. 3024 * Return values are: 3025 * 0 = instruction emulated successfully 3026 * -EFAULT = address out of range or access faulted (regs->dar 3027 * contains the faulting address) 3028 * -EACCES = misaligned access, instruction requires alignment 3029 * -EINVAL = unknown operation in *op 3030 */ 3031 int emulate_loadstore(struct pt_regs *regs, struct instruction_op *op) 3032 { 3033 int err, size, type; 3034 int i, rd, nb; 3035 unsigned int cr; 3036 unsigned long val; 3037 unsigned long ea; 3038 bool cross_endian; 3039 3040 err = 0; 3041 size = GETSIZE(op->type); 3042 type = GETTYPE(op->type); 3043 cross_endian = (regs->msr & MSR_LE) != (MSR_KERNEL & MSR_LE); 3044 ea = truncate_if_32bit(regs->msr, op->ea); 3045 3046 switch (type) { 3047 case LARX: 3048 if (ea & (size - 1)) 3049 return -EACCES; /* can't handle misaligned */ 3050 if (!address_ok(regs, ea, size)) 3051 return -EFAULT; 3052 err = 0; 3053 val = 0; 3054 switch (size) { 3055 #ifdef __powerpc64__ 3056 case 1: 3057 __get_user_asmx(val, ea, err, "lbarx"); 3058 break; 3059 case 2: 3060 __get_user_asmx(val, ea, err, "lharx"); 3061 break; 3062 #endif 3063 case 4: 3064 __get_user_asmx(val, ea, err, "lwarx"); 3065 break; 3066 #ifdef __powerpc64__ 3067 case 8: 3068 __get_user_asmx(val, ea, err, "ldarx"); 3069 break; 3070 case 16: 3071 err = do_lqarx(ea, ®s->gpr[op->reg]); 3072 break; 3073 #endif 3074 default: 3075 return -EINVAL; 3076 } 3077 if (err) { 3078 regs->dar = ea; 3079 break; 3080 } 3081 if (size < 16) 3082 regs->gpr[op->reg] = val; 3083 break; 3084 3085 case STCX: 3086 if (ea & (size - 1)) 3087 return -EACCES; /* can't handle misaligned */ 3088 if (!address_ok(regs, ea, size)) 3089 return -EFAULT; 3090 err = 0; 3091 switch (size) { 3092 #ifdef __powerpc64__ 3093 case 1: 3094 __put_user_asmx(op->val, ea, err, "stbcx.", cr); 3095 break; 3096 case 2: 3097 __put_user_asmx(op->val, ea, err, "stbcx.", cr); 3098 break; 3099 #endif 3100 case 4: 3101 __put_user_asmx(op->val, ea, err, "stwcx.", cr); 3102 break; 3103 #ifdef __powerpc64__ 3104 case 8: 3105 __put_user_asmx(op->val, ea, err, "stdcx.", cr); 3106 break; 3107 case 16: 3108 err = do_stqcx(ea, regs->gpr[op->reg], 3109 regs->gpr[op->reg + 1], &cr); 3110 break; 3111 #endif 3112 default: 3113 return -EINVAL; 3114 } 3115 if (!err) 3116 regs->ccr = (regs->ccr & 0x0fffffff) | 3117 (cr & 0xe0000000) | 3118 ((regs->xer >> 3) & 0x10000000); 3119 else 3120 regs->dar = ea; 3121 break; 3122 3123 case LOAD: 3124 #ifdef __powerpc64__ 3125 if (size == 16) { 3126 err = emulate_lq(regs, ea, op->reg, cross_endian); 3127 break; 3128 } 3129 #endif 3130 err = read_mem(®s->gpr[op->reg], ea, size, regs); 3131 if (!err) { 3132 if (op->type & SIGNEXT) 3133 do_signext(®s->gpr[op->reg], size); 3134 if ((op->type & BYTEREV) == (cross_endian ? 0 : BYTEREV)) 3135 do_byterev(®s->gpr[op->reg], size); 3136 } 3137 break; 3138 3139 #ifdef CONFIG_PPC_FPU 3140 case LOAD_FP: 3141 /* 3142 * If the instruction is in userspace, we can emulate it even 3143 * if the VMX state is not live, because we have the state 3144 * stored in the thread_struct. If the instruction is in 3145 * the kernel, we must not touch the state in the thread_struct. 3146 */ 3147 if (!(regs->msr & MSR_PR) && !(regs->msr & MSR_FP)) 3148 return 0; 3149 err = do_fp_load(op, ea, regs, cross_endian); 3150 break; 3151 #endif 3152 #ifdef CONFIG_ALTIVEC 3153 case LOAD_VMX: 3154 if (!(regs->msr & MSR_PR) && !(regs->msr & MSR_VEC)) 3155 return 0; 3156 err = do_vec_load(op->reg, ea, size, regs, cross_endian); 3157 break; 3158 #endif 3159 #ifdef CONFIG_VSX 3160 case LOAD_VSX: { 3161 unsigned long msrbit = MSR_VSX; 3162 3163 /* 3164 * Some VSX instructions check the MSR_VEC bit rather than MSR_VSX 3165 * when the target of the instruction is a vector register. 3166 */ 3167 if (op->reg >= 32 && (op->vsx_flags & VSX_CHECK_VEC)) 3168 msrbit = MSR_VEC; 3169 if (!(regs->msr & MSR_PR) && !(regs->msr & msrbit)) 3170 return 0; 3171 err = do_vsx_load(op, ea, regs, cross_endian); 3172 break; 3173 } 3174 #endif 3175 case LOAD_MULTI: 3176 if (!address_ok(regs, ea, size)) 3177 return -EFAULT; 3178 rd = op->reg; 3179 for (i = 0; i < size; i += 4) { 3180 unsigned int v32 = 0; 3181 3182 nb = size - i; 3183 if (nb > 4) 3184 nb = 4; 3185 err = copy_mem_in((u8 *) &v32, ea, nb, regs); 3186 if (err) 3187 break; 3188 if (unlikely(cross_endian)) 3189 v32 = byterev_4(v32); 3190 regs->gpr[rd] = v32; 3191 ea += 4; 3192 /* reg number wraps from 31 to 0 for lsw[ix] */ 3193 rd = (rd + 1) & 0x1f; 3194 } 3195 break; 3196 3197 case STORE: 3198 #ifdef __powerpc64__ 3199 if (size == 16) { 3200 err = emulate_stq(regs, ea, op->reg, cross_endian); 3201 break; 3202 } 3203 #endif 3204 if ((op->type & UPDATE) && size == sizeof(long) && 3205 op->reg == 1 && op->update_reg == 1 && 3206 !(regs->msr & MSR_PR) && 3207 ea >= regs->gpr[1] - STACK_INT_FRAME_SIZE) { 3208 err = handle_stack_update(ea, regs); 3209 break; 3210 } 3211 if (unlikely(cross_endian)) 3212 do_byterev(&op->val, size); 3213 err = write_mem(op->val, ea, size, regs); 3214 break; 3215 3216 #ifdef CONFIG_PPC_FPU 3217 case STORE_FP: 3218 if (!(regs->msr & MSR_PR) && !(regs->msr & MSR_FP)) 3219 return 0; 3220 err = do_fp_store(op, ea, regs, cross_endian); 3221 break; 3222 #endif 3223 #ifdef CONFIG_ALTIVEC 3224 case STORE_VMX: 3225 if (!(regs->msr & MSR_PR) && !(regs->msr & MSR_VEC)) 3226 return 0; 3227 err = do_vec_store(op->reg, ea, size, regs, cross_endian); 3228 break; 3229 #endif 3230 #ifdef CONFIG_VSX 3231 case STORE_VSX: { 3232 unsigned long msrbit = MSR_VSX; 3233 3234 /* 3235 * Some VSX instructions check the MSR_VEC bit rather than MSR_VSX 3236 * when the target of the instruction is a vector register. 3237 */ 3238 if (op->reg >= 32 && (op->vsx_flags & VSX_CHECK_VEC)) 3239 msrbit = MSR_VEC; 3240 if (!(regs->msr & MSR_PR) && !(regs->msr & msrbit)) 3241 return 0; 3242 err = do_vsx_store(op, ea, regs, cross_endian); 3243 break; 3244 } 3245 #endif 3246 case STORE_MULTI: 3247 if (!address_ok(regs, ea, size)) 3248 return -EFAULT; 3249 rd = op->reg; 3250 for (i = 0; i < size; i += 4) { 3251 unsigned int v32 = regs->gpr[rd]; 3252 3253 nb = size - i; 3254 if (nb > 4) 3255 nb = 4; 3256 if (unlikely(cross_endian)) 3257 v32 = byterev_4(v32); 3258 err = copy_mem_out((u8 *) &v32, ea, nb, regs); 3259 if (err) 3260 break; 3261 ea += 4; 3262 /* reg number wraps from 31 to 0 for stsw[ix] */ 3263 rd = (rd + 1) & 0x1f; 3264 } 3265 break; 3266 3267 default: 3268 return -EINVAL; 3269 } 3270 3271 if (err) 3272 return err; 3273 3274 if (op->type & UPDATE) 3275 regs->gpr[op->update_reg] = op->ea; 3276 3277 return 0; 3278 } 3279 NOKPROBE_SYMBOL(emulate_loadstore); 3280 3281 /* 3282 * Emulate instructions that cause a transfer of control, 3283 * loads and stores, and a few other instructions. 3284 * Returns 1 if the step was emulated, 0 if not, 3285 * or -1 if the instruction is one that should not be stepped, 3286 * such as an rfid, or a mtmsrd that would clear MSR_RI. 3287 */ 3288 int emulate_step(struct pt_regs *regs, struct ppc_inst instr) 3289 { 3290 struct instruction_op op; 3291 int r, err, type; 3292 unsigned long val; 3293 unsigned long ea; 3294 3295 r = analyse_instr(&op, regs, instr); 3296 if (r < 0) 3297 return r; 3298 if (r > 0) { 3299 emulate_update_regs(regs, &op); 3300 return 1; 3301 } 3302 3303 err = 0; 3304 type = GETTYPE(op.type); 3305 3306 if (OP_IS_LOAD_STORE(type)) { 3307 err = emulate_loadstore(regs, &op); 3308 if (err) 3309 return 0; 3310 goto instr_done; 3311 } 3312 3313 switch (type) { 3314 case CACHEOP: 3315 ea = truncate_if_32bit(regs->msr, op.ea); 3316 if (!address_ok(regs, ea, 8)) 3317 return 0; 3318 switch (op.type & CACHEOP_MASK) { 3319 case DCBST: 3320 __cacheop_user_asmx(ea, err, "dcbst"); 3321 break; 3322 case DCBF: 3323 __cacheop_user_asmx(ea, err, "dcbf"); 3324 break; 3325 case DCBTST: 3326 if (op.reg == 0) 3327 prefetchw((void *) ea); 3328 break; 3329 case DCBT: 3330 if (op.reg == 0) 3331 prefetch((void *) ea); 3332 break; 3333 case ICBI: 3334 __cacheop_user_asmx(ea, err, "icbi"); 3335 break; 3336 case DCBZ: 3337 err = emulate_dcbz(ea, regs); 3338 break; 3339 } 3340 if (err) { 3341 regs->dar = ea; 3342 return 0; 3343 } 3344 goto instr_done; 3345 3346 case MFMSR: 3347 regs->gpr[op.reg] = regs->msr & MSR_MASK; 3348 goto instr_done; 3349 3350 case MTMSR: 3351 val = regs->gpr[op.reg]; 3352 if ((val & MSR_RI) == 0) 3353 /* can't step mtmsr[d] that would clear MSR_RI */ 3354 return -1; 3355 /* here op.val is the mask of bits to change */ 3356 regs->msr = (regs->msr & ~op.val) | (val & op.val); 3357 goto instr_done; 3358 3359 #ifdef CONFIG_PPC64 3360 case SYSCALL: /* sc */ 3361 /* 3362 * N.B. this uses knowledge about how the syscall 3363 * entry code works. If that is changed, this will 3364 * need to be changed also. 3365 */ 3366 if (IS_ENABLED(CONFIG_PPC_FAST_ENDIAN_SWITCH) && 3367 cpu_has_feature(CPU_FTR_REAL_LE) && 3368 regs->gpr[0] == 0x1ebe) { 3369 regs->msr ^= MSR_LE; 3370 goto instr_done; 3371 } 3372 regs->gpr[9] = regs->gpr[13]; 3373 regs->gpr[10] = MSR_KERNEL; 3374 regs->gpr[11] = regs->nip + 4; 3375 regs->gpr[12] = regs->msr & MSR_MASK; 3376 regs->gpr[13] = (unsigned long) get_paca(); 3377 regs->nip = (unsigned long) &system_call_common; 3378 regs->msr = MSR_KERNEL; 3379 return 1; 3380 3381 case RFI: 3382 return -1; 3383 #endif 3384 } 3385 return 0; 3386 3387 instr_done: 3388 regs->nip = truncate_if_32bit(regs->msr, regs->nip + GETLENGTH(op.type)); 3389 return 1; 3390 } 3391 NOKPROBE_SYMBOL(emulate_step); 3392