1 /* 2 * Handle unaligned accesses by emulation. 3 * 4 * This file is subject to the terms and conditions of the GNU General Public 5 * License. See the file "COPYING" in the main directory of this archive 6 * for more details. 7 * 8 * Copyright (C) 1996, 1998, 1999, 2002 by Ralf Baechle 9 * Copyright (C) 1999 Silicon Graphics, Inc. 10 * 11 * This file contains exception handler for address error exception with the 12 * special capability to execute faulting instructions in software. The 13 * handler does not try to handle the case when the program counter points 14 * to an address not aligned to a word boundary. 15 * 16 * Putting data to unaligned addresses is a bad practice even on Intel where 17 * only the performance is affected. Much worse is that such code is non- 18 * portable. Due to several programs that die on MIPS due to alignment 19 * problems I decided to implement this handler anyway though I originally 20 * didn't intend to do this at all for user code. 21 * 22 * For now I enable fixing of address errors by default to make life easier. 23 * I however intend to disable this somewhen in the future when the alignment 24 * problems with user programs have been fixed. For programmers this is the 25 * right way to go. 26 * 27 * Fixing address errors is a per process option. The option is inherited 28 * across fork(2) and execve(2) calls. If you really want to use the 29 * option in your user programs - I discourage the use of the software 30 * emulation strongly - use the following code in your userland stuff: 31 * 32 * #include <sys/sysmips.h> 33 * 34 * ... 35 * sysmips(MIPS_FIXADE, x); 36 * ... 37 * 38 * The argument x is 0 for disabling software emulation, enabled otherwise. 39 * 40 * Below a little program to play around with this feature. 41 * 42 * #include <stdio.h> 43 * #include <sys/sysmips.h> 44 * 45 * struct foo { 46 * unsigned char bar[8]; 47 * }; 48 * 49 * main(int argc, char *argv[]) 50 * { 51 * struct foo x = {0, 1, 2, 3, 4, 5, 6, 7}; 52 * unsigned int *p = (unsigned int *) (x.bar + 3); 53 * int i; 54 * 55 * if (argc > 1) 56 * sysmips(MIPS_FIXADE, atoi(argv[1])); 57 * 58 * printf("*p = %08lx\n", *p); 59 * 60 * *p = 0xdeadface; 61 * 62 * for(i = 0; i <= 7; i++) 63 * printf("%02x ", x.bar[i]); 64 * printf("\n"); 65 * } 66 * 67 * Coprocessor loads are not supported; I think this case is unimportant 68 * in the practice. 69 * 70 * TODO: Handle ndc (attempted store to doubleword in uncached memory) 71 * exception for the R6000. 72 * A store crossing a page boundary might be executed only partially. 73 * Undo the partial store in this case. 74 */ 75 #include <linux/mm.h> 76 #include <linux/module.h> 77 #include <linux/signal.h> 78 #include <linux/smp.h> 79 #include <linux/sched.h> 80 #include <linux/debugfs.h> 81 #include <linux/perf_event.h> 82 83 #include <asm/asm.h> 84 #include <asm/branch.h> 85 #include <asm/byteorder.h> 86 #include <asm/cop2.h> 87 #include <asm/inst.h> 88 #include <asm/uaccess.h> 89 #include <asm/system.h> 90 91 #define STR(x) __STR(x) 92 #define __STR(x) #x 93 94 enum { 95 UNALIGNED_ACTION_QUIET, 96 UNALIGNED_ACTION_SIGNAL, 97 UNALIGNED_ACTION_SHOW, 98 }; 99 #ifdef CONFIG_DEBUG_FS 100 static u32 unaligned_instructions; 101 static u32 unaligned_action; 102 #else 103 #define unaligned_action UNALIGNED_ACTION_QUIET 104 #endif 105 extern void show_registers(struct pt_regs *regs); 106 107 static void emulate_load_store_insn(struct pt_regs *regs, 108 void __user *addr, unsigned int __user *pc) 109 { 110 union mips_instruction insn; 111 unsigned long value; 112 unsigned int res; 113 114 perf_sw_event(PERF_COUNT_SW_EMULATION_FAULTS, 1, regs, 0); 115 116 /* 117 * This load never faults. 118 */ 119 __get_user(insn.word, pc); 120 121 switch (insn.i_format.opcode) { 122 /* 123 * These are instructions that a compiler doesn't generate. We 124 * can assume therefore that the code is MIPS-aware and 125 * really buggy. Emulating these instructions would break the 126 * semantics anyway. 127 */ 128 case ll_op: 129 case lld_op: 130 case sc_op: 131 case scd_op: 132 133 /* 134 * For these instructions the only way to create an address 135 * error is an attempted access to kernel/supervisor address 136 * space. 137 */ 138 case ldl_op: 139 case ldr_op: 140 case lwl_op: 141 case lwr_op: 142 case sdl_op: 143 case sdr_op: 144 case swl_op: 145 case swr_op: 146 case lb_op: 147 case lbu_op: 148 case sb_op: 149 goto sigbus; 150 151 /* 152 * The remaining opcodes are the ones that are really of interest. 153 */ 154 case lh_op: 155 if (!access_ok(VERIFY_READ, addr, 2)) 156 goto sigbus; 157 158 __asm__ __volatile__ (".set\tnoat\n" 159 #ifdef __BIG_ENDIAN 160 "1:\tlb\t%0, 0(%2)\n" 161 "2:\tlbu\t$1, 1(%2)\n\t" 162 #endif 163 #ifdef __LITTLE_ENDIAN 164 "1:\tlb\t%0, 1(%2)\n" 165 "2:\tlbu\t$1, 0(%2)\n\t" 166 #endif 167 "sll\t%0, 0x8\n\t" 168 "or\t%0, $1\n\t" 169 "li\t%1, 0\n" 170 "3:\t.set\tat\n\t" 171 ".section\t.fixup,\"ax\"\n\t" 172 "4:\tli\t%1, %3\n\t" 173 "j\t3b\n\t" 174 ".previous\n\t" 175 ".section\t__ex_table,\"a\"\n\t" 176 STR(PTR)"\t1b, 4b\n\t" 177 STR(PTR)"\t2b, 4b\n\t" 178 ".previous" 179 : "=&r" (value), "=r" (res) 180 : "r" (addr), "i" (-EFAULT)); 181 if (res) 182 goto fault; 183 compute_return_epc(regs); 184 regs->regs[insn.i_format.rt] = value; 185 break; 186 187 case lw_op: 188 if (!access_ok(VERIFY_READ, addr, 4)) 189 goto sigbus; 190 191 __asm__ __volatile__ ( 192 #ifdef __BIG_ENDIAN 193 "1:\tlwl\t%0, (%2)\n" 194 "2:\tlwr\t%0, 3(%2)\n\t" 195 #endif 196 #ifdef __LITTLE_ENDIAN 197 "1:\tlwl\t%0, 3(%2)\n" 198 "2:\tlwr\t%0, (%2)\n\t" 199 #endif 200 "li\t%1, 0\n" 201 "3:\t.section\t.fixup,\"ax\"\n\t" 202 "4:\tli\t%1, %3\n\t" 203 "j\t3b\n\t" 204 ".previous\n\t" 205 ".section\t__ex_table,\"a\"\n\t" 206 STR(PTR)"\t1b, 4b\n\t" 207 STR(PTR)"\t2b, 4b\n\t" 208 ".previous" 209 : "=&r" (value), "=r" (res) 210 : "r" (addr), "i" (-EFAULT)); 211 if (res) 212 goto fault; 213 compute_return_epc(regs); 214 regs->regs[insn.i_format.rt] = value; 215 break; 216 217 case lhu_op: 218 if (!access_ok(VERIFY_READ, addr, 2)) 219 goto sigbus; 220 221 __asm__ __volatile__ ( 222 ".set\tnoat\n" 223 #ifdef __BIG_ENDIAN 224 "1:\tlbu\t%0, 0(%2)\n" 225 "2:\tlbu\t$1, 1(%2)\n\t" 226 #endif 227 #ifdef __LITTLE_ENDIAN 228 "1:\tlbu\t%0, 1(%2)\n" 229 "2:\tlbu\t$1, 0(%2)\n\t" 230 #endif 231 "sll\t%0, 0x8\n\t" 232 "or\t%0, $1\n\t" 233 "li\t%1, 0\n" 234 "3:\t.set\tat\n\t" 235 ".section\t.fixup,\"ax\"\n\t" 236 "4:\tli\t%1, %3\n\t" 237 "j\t3b\n\t" 238 ".previous\n\t" 239 ".section\t__ex_table,\"a\"\n\t" 240 STR(PTR)"\t1b, 4b\n\t" 241 STR(PTR)"\t2b, 4b\n\t" 242 ".previous" 243 : "=&r" (value), "=r" (res) 244 : "r" (addr), "i" (-EFAULT)); 245 if (res) 246 goto fault; 247 compute_return_epc(regs); 248 regs->regs[insn.i_format.rt] = value; 249 break; 250 251 case lwu_op: 252 #ifdef CONFIG_64BIT 253 /* 254 * A 32-bit kernel might be running on a 64-bit processor. But 255 * if we're on a 32-bit processor and an i-cache incoherency 256 * or race makes us see a 64-bit instruction here the sdl/sdr 257 * would blow up, so for now we don't handle unaligned 64-bit 258 * instructions on 32-bit kernels. 259 */ 260 if (!access_ok(VERIFY_READ, addr, 4)) 261 goto sigbus; 262 263 __asm__ __volatile__ ( 264 #ifdef __BIG_ENDIAN 265 "1:\tlwl\t%0, (%2)\n" 266 "2:\tlwr\t%0, 3(%2)\n\t" 267 #endif 268 #ifdef __LITTLE_ENDIAN 269 "1:\tlwl\t%0, 3(%2)\n" 270 "2:\tlwr\t%0, (%2)\n\t" 271 #endif 272 "dsll\t%0, %0, 32\n\t" 273 "dsrl\t%0, %0, 32\n\t" 274 "li\t%1, 0\n" 275 "3:\t.section\t.fixup,\"ax\"\n\t" 276 "4:\tli\t%1, %3\n\t" 277 "j\t3b\n\t" 278 ".previous\n\t" 279 ".section\t__ex_table,\"a\"\n\t" 280 STR(PTR)"\t1b, 4b\n\t" 281 STR(PTR)"\t2b, 4b\n\t" 282 ".previous" 283 : "=&r" (value), "=r" (res) 284 : "r" (addr), "i" (-EFAULT)); 285 if (res) 286 goto fault; 287 compute_return_epc(regs); 288 regs->regs[insn.i_format.rt] = value; 289 break; 290 #endif /* CONFIG_64BIT */ 291 292 /* Cannot handle 64-bit instructions in 32-bit kernel */ 293 goto sigill; 294 295 case ld_op: 296 #ifdef CONFIG_64BIT 297 /* 298 * A 32-bit kernel might be running on a 64-bit processor. But 299 * if we're on a 32-bit processor and an i-cache incoherency 300 * or race makes us see a 64-bit instruction here the sdl/sdr 301 * would blow up, so for now we don't handle unaligned 64-bit 302 * instructions on 32-bit kernels. 303 */ 304 if (!access_ok(VERIFY_READ, addr, 8)) 305 goto sigbus; 306 307 __asm__ __volatile__ ( 308 #ifdef __BIG_ENDIAN 309 "1:\tldl\t%0, (%2)\n" 310 "2:\tldr\t%0, 7(%2)\n\t" 311 #endif 312 #ifdef __LITTLE_ENDIAN 313 "1:\tldl\t%0, 7(%2)\n" 314 "2:\tldr\t%0, (%2)\n\t" 315 #endif 316 "li\t%1, 0\n" 317 "3:\t.section\t.fixup,\"ax\"\n\t" 318 "4:\tli\t%1, %3\n\t" 319 "j\t3b\n\t" 320 ".previous\n\t" 321 ".section\t__ex_table,\"a\"\n\t" 322 STR(PTR)"\t1b, 4b\n\t" 323 STR(PTR)"\t2b, 4b\n\t" 324 ".previous" 325 : "=&r" (value), "=r" (res) 326 : "r" (addr), "i" (-EFAULT)); 327 if (res) 328 goto fault; 329 compute_return_epc(regs); 330 regs->regs[insn.i_format.rt] = value; 331 break; 332 #endif /* CONFIG_64BIT */ 333 334 /* Cannot handle 64-bit instructions in 32-bit kernel */ 335 goto sigill; 336 337 case sh_op: 338 if (!access_ok(VERIFY_WRITE, addr, 2)) 339 goto sigbus; 340 341 value = regs->regs[insn.i_format.rt]; 342 __asm__ __volatile__ ( 343 #ifdef __BIG_ENDIAN 344 ".set\tnoat\n" 345 "1:\tsb\t%1, 1(%2)\n\t" 346 "srl\t$1, %1, 0x8\n" 347 "2:\tsb\t$1, 0(%2)\n\t" 348 ".set\tat\n\t" 349 #endif 350 #ifdef __LITTLE_ENDIAN 351 ".set\tnoat\n" 352 "1:\tsb\t%1, 0(%2)\n\t" 353 "srl\t$1,%1, 0x8\n" 354 "2:\tsb\t$1, 1(%2)\n\t" 355 ".set\tat\n\t" 356 #endif 357 "li\t%0, 0\n" 358 "3:\n\t" 359 ".section\t.fixup,\"ax\"\n\t" 360 "4:\tli\t%0, %3\n\t" 361 "j\t3b\n\t" 362 ".previous\n\t" 363 ".section\t__ex_table,\"a\"\n\t" 364 STR(PTR)"\t1b, 4b\n\t" 365 STR(PTR)"\t2b, 4b\n\t" 366 ".previous" 367 : "=r" (res) 368 : "r" (value), "r" (addr), "i" (-EFAULT)); 369 if (res) 370 goto fault; 371 compute_return_epc(regs); 372 break; 373 374 case sw_op: 375 if (!access_ok(VERIFY_WRITE, addr, 4)) 376 goto sigbus; 377 378 value = regs->regs[insn.i_format.rt]; 379 __asm__ __volatile__ ( 380 #ifdef __BIG_ENDIAN 381 "1:\tswl\t%1,(%2)\n" 382 "2:\tswr\t%1, 3(%2)\n\t" 383 #endif 384 #ifdef __LITTLE_ENDIAN 385 "1:\tswl\t%1, 3(%2)\n" 386 "2:\tswr\t%1, (%2)\n\t" 387 #endif 388 "li\t%0, 0\n" 389 "3:\n\t" 390 ".section\t.fixup,\"ax\"\n\t" 391 "4:\tli\t%0, %3\n\t" 392 "j\t3b\n\t" 393 ".previous\n\t" 394 ".section\t__ex_table,\"a\"\n\t" 395 STR(PTR)"\t1b, 4b\n\t" 396 STR(PTR)"\t2b, 4b\n\t" 397 ".previous" 398 : "=r" (res) 399 : "r" (value), "r" (addr), "i" (-EFAULT)); 400 if (res) 401 goto fault; 402 compute_return_epc(regs); 403 break; 404 405 case sd_op: 406 #ifdef CONFIG_64BIT 407 /* 408 * A 32-bit kernel might be running on a 64-bit processor. But 409 * if we're on a 32-bit processor and an i-cache incoherency 410 * or race makes us see a 64-bit instruction here the sdl/sdr 411 * would blow up, so for now we don't handle unaligned 64-bit 412 * instructions on 32-bit kernels. 413 */ 414 if (!access_ok(VERIFY_WRITE, addr, 8)) 415 goto sigbus; 416 417 value = regs->regs[insn.i_format.rt]; 418 __asm__ __volatile__ ( 419 #ifdef __BIG_ENDIAN 420 "1:\tsdl\t%1,(%2)\n" 421 "2:\tsdr\t%1, 7(%2)\n\t" 422 #endif 423 #ifdef __LITTLE_ENDIAN 424 "1:\tsdl\t%1, 7(%2)\n" 425 "2:\tsdr\t%1, (%2)\n\t" 426 #endif 427 "li\t%0, 0\n" 428 "3:\n\t" 429 ".section\t.fixup,\"ax\"\n\t" 430 "4:\tli\t%0, %3\n\t" 431 "j\t3b\n\t" 432 ".previous\n\t" 433 ".section\t__ex_table,\"a\"\n\t" 434 STR(PTR)"\t1b, 4b\n\t" 435 STR(PTR)"\t2b, 4b\n\t" 436 ".previous" 437 : "=r" (res) 438 : "r" (value), "r" (addr), "i" (-EFAULT)); 439 if (res) 440 goto fault; 441 compute_return_epc(regs); 442 break; 443 #endif /* CONFIG_64BIT */ 444 445 /* Cannot handle 64-bit instructions in 32-bit kernel */ 446 goto sigill; 447 448 case lwc1_op: 449 case ldc1_op: 450 case swc1_op: 451 case sdc1_op: 452 /* 453 * I herewith declare: this does not happen. So send SIGBUS. 454 */ 455 goto sigbus; 456 457 /* 458 * COP2 is available to implementor for application specific use. 459 * It's up to applications to register a notifier chain and do 460 * whatever they have to do, including possible sending of signals. 461 */ 462 case lwc2_op: 463 cu2_notifier_call_chain(CU2_LWC2_OP, regs); 464 break; 465 466 case ldc2_op: 467 cu2_notifier_call_chain(CU2_LDC2_OP, regs); 468 break; 469 470 case swc2_op: 471 cu2_notifier_call_chain(CU2_SWC2_OP, regs); 472 break; 473 474 case sdc2_op: 475 cu2_notifier_call_chain(CU2_SDC2_OP, regs); 476 break; 477 478 default: 479 /* 480 * Pheeee... We encountered an yet unknown instruction or 481 * cache coherence problem. Die sucker, die ... 482 */ 483 goto sigill; 484 } 485 486 #ifdef CONFIG_DEBUG_FS 487 unaligned_instructions++; 488 #endif 489 490 return; 491 492 fault: 493 /* Did we have an exception handler installed? */ 494 if (fixup_exception(regs)) 495 return; 496 497 die_if_kernel("Unhandled kernel unaligned access", regs); 498 force_sig(SIGSEGV, current); 499 500 return; 501 502 sigbus: 503 die_if_kernel("Unhandled kernel unaligned access", regs); 504 force_sig(SIGBUS, current); 505 506 return; 507 508 sigill: 509 die_if_kernel("Unhandled kernel unaligned access or invalid instruction", regs); 510 force_sig(SIGILL, current); 511 } 512 513 asmlinkage void do_ade(struct pt_regs *regs) 514 { 515 unsigned int __user *pc; 516 mm_segment_t seg; 517 518 perf_sw_event(PERF_COUNT_SW_ALIGNMENT_FAULTS, 519 1, regs, regs->cp0_badvaddr); 520 /* 521 * Did we catch a fault trying to load an instruction? 522 * Or are we running in MIPS16 mode? 523 */ 524 if ((regs->cp0_badvaddr == regs->cp0_epc) || (regs->cp0_epc & 0x1)) 525 goto sigbus; 526 527 pc = (unsigned int __user *) exception_epc(regs); 528 if (user_mode(regs) && !test_thread_flag(TIF_FIXADE)) 529 goto sigbus; 530 if (unaligned_action == UNALIGNED_ACTION_SIGNAL) 531 goto sigbus; 532 else if (unaligned_action == UNALIGNED_ACTION_SHOW) 533 show_registers(regs); 534 535 /* 536 * Do branch emulation only if we didn't forward the exception. 537 * This is all so but ugly ... 538 */ 539 seg = get_fs(); 540 if (!user_mode(regs)) 541 set_fs(KERNEL_DS); 542 emulate_load_store_insn(regs, (void __user *)regs->cp0_badvaddr, pc); 543 set_fs(seg); 544 545 return; 546 547 sigbus: 548 die_if_kernel("Kernel unaligned instruction access", regs); 549 force_sig(SIGBUS, current); 550 551 /* 552 * XXX On return from the signal handler we should advance the epc 553 */ 554 } 555 556 #ifdef CONFIG_DEBUG_FS 557 extern struct dentry *mips_debugfs_dir; 558 static int __init debugfs_unaligned(void) 559 { 560 struct dentry *d; 561 562 if (!mips_debugfs_dir) 563 return -ENODEV; 564 d = debugfs_create_u32("unaligned_instructions", S_IRUGO, 565 mips_debugfs_dir, &unaligned_instructions); 566 if (!d) 567 return -ENOMEM; 568 d = debugfs_create_u32("unaligned_action", S_IRUGO | S_IWUSR, 569 mips_debugfs_dir, &unaligned_action); 570 if (!d) 571 return -ENOMEM; 572 return 0; 573 } 574 __initcall(debugfs_unaligned); 575 #endif 576