1 // SPDX-License-Identifier: GPL-2.0 2 /* 3 * linux/arch/parisc/traps.c 4 * 5 * Copyright (C) 1991, 1992 Linus Torvalds 6 * Copyright (C) 1999, 2000 Philipp Rumpf <prumpf@tux.org> 7 */ 8 9 /* 10 * 'Traps.c' handles hardware traps and faults after we have saved some 11 * state in 'asm.s'. 12 */ 13 14 #include <linux/sched.h> 15 #include <linux/sched/debug.h> 16 #include <linux/kernel.h> 17 #include <linux/string.h> 18 #include <linux/errno.h> 19 #include <linux/ptrace.h> 20 #include <linux/timer.h> 21 #include <linux/delay.h> 22 #include <linux/mm.h> 23 #include <linux/module.h> 24 #include <linux/smp.h> 25 #include <linux/spinlock.h> 26 #include <linux/init.h> 27 #include <linux/interrupt.h> 28 #include <linux/console.h> 29 #include <linux/bug.h> 30 #include <linux/ratelimit.h> 31 #include <linux/uaccess.h> 32 33 #include <asm/assembly.h> 34 #include <asm/io.h> 35 #include <asm/irq.h> 36 #include <asm/traps.h> 37 #include <asm/unaligned.h> 38 #include <linux/atomic.h> 39 #include <asm/smp.h> 40 #include <asm/pdc.h> 41 #include <asm/pdc_chassis.h> 42 #include <asm/unwind.h> 43 #include <asm/tlbflush.h> 44 #include <asm/cacheflush.h> 45 #include <linux/kgdb.h> 46 #include <linux/kprobes.h> 47 48 #include "../math-emu/math-emu.h" /* for handle_fpe() */ 49 50 static void parisc_show_stack(struct task_struct *task, 51 struct pt_regs *regs); 52 53 static int printbinary(char *buf, unsigned long x, int nbits) 54 { 55 unsigned long mask = 1UL << (nbits - 1); 56 while (mask != 0) { 57 *buf++ = (mask & x ? '1' : '0'); 58 mask >>= 1; 59 } 60 *buf = '\0'; 61 62 return nbits; 63 } 64 65 #ifdef CONFIG_64BIT 66 #define RFMT "%016lx" 67 #else 68 #define RFMT "%08lx" 69 #endif 70 #define FFMT "%016llx" /* fpregs are 64-bit always */ 71 72 #define PRINTREGS(lvl,r,f,fmt,x) \ 73 printk("%s%s%02d-%02d " fmt " " fmt " " fmt " " fmt "\n", \ 74 lvl, f, (x), (x+3), (r)[(x)+0], (r)[(x)+1], \ 75 (r)[(x)+2], (r)[(x)+3]) 76 77 static void print_gr(char *level, struct pt_regs *regs) 78 { 79 int i; 80 char buf[64]; 81 82 printk("%s\n", level); 83 printk("%s YZrvWESTHLNXBCVMcbcbcbcbOGFRQPDI\n", level); 84 printbinary(buf, regs->gr[0], 32); 85 printk("%sPSW: %s %s\n", level, buf, print_tainted()); 86 87 for (i = 0; i < 32; i += 4) 88 PRINTREGS(level, regs->gr, "r", RFMT, i); 89 } 90 91 static void print_fr(char *level, struct pt_regs *regs) 92 { 93 int i; 94 char buf[64]; 95 struct { u32 sw[2]; } s; 96 97 /* FR are 64bit everywhere. Need to use asm to get the content 98 * of fpsr/fper1, and we assume that we won't have a FP Identify 99 * in our way, otherwise we're screwed. 100 * The fldd is used to restore the T-bit if there was one, as the 101 * store clears it anyway. 102 * PA2.0 book says "thou shall not use fstw on FPSR/FPERs" - T-Bone */ 103 asm volatile ("fstd %%fr0,0(%1) \n\t" 104 "fldd 0(%1),%%fr0 \n\t" 105 : "=m" (s) : "r" (&s) : "r0"); 106 107 printk("%s\n", level); 108 printk("%s VZOUICununcqcqcqcqcqcrmunTDVZOUI\n", level); 109 printbinary(buf, s.sw[0], 32); 110 printk("%sFPSR: %s\n", level, buf); 111 printk("%sFPER1: %08x\n", level, s.sw[1]); 112 113 /* here we'll print fr0 again, tho it'll be meaningless */ 114 for (i = 0; i < 32; i += 4) 115 PRINTREGS(level, regs->fr, "fr", FFMT, i); 116 } 117 118 void show_regs(struct pt_regs *regs) 119 { 120 int i, user; 121 char *level; 122 unsigned long cr30, cr31; 123 124 user = user_mode(regs); 125 level = user ? KERN_DEBUG : KERN_CRIT; 126 127 show_regs_print_info(level); 128 129 print_gr(level, regs); 130 131 for (i = 0; i < 8; i += 4) 132 PRINTREGS(level, regs->sr, "sr", RFMT, i); 133 134 if (user) 135 print_fr(level, regs); 136 137 cr30 = mfctl(30); 138 cr31 = mfctl(31); 139 printk("%s\n", level); 140 printk("%sIASQ: " RFMT " " RFMT " IAOQ: " RFMT " " RFMT "\n", 141 level, regs->iasq[0], regs->iasq[1], regs->iaoq[0], regs->iaoq[1]); 142 printk("%s IIR: %08lx ISR: " RFMT " IOR: " RFMT "\n", 143 level, regs->iir, regs->isr, regs->ior); 144 printk("%s CPU: %8d CR30: " RFMT " CR31: " RFMT "\n", 145 level, current_thread_info()->cpu, cr30, cr31); 146 printk("%s ORIG_R28: " RFMT "\n", level, regs->orig_r28); 147 148 if (user) { 149 printk("%s IAOQ[0]: " RFMT "\n", level, regs->iaoq[0]); 150 printk("%s IAOQ[1]: " RFMT "\n", level, regs->iaoq[1]); 151 printk("%s RP(r2): " RFMT "\n", level, regs->gr[2]); 152 } else { 153 printk("%s IAOQ[0]: %pS\n", level, (void *) regs->iaoq[0]); 154 printk("%s IAOQ[1]: %pS\n", level, (void *) regs->iaoq[1]); 155 printk("%s RP(r2): %pS\n", level, (void *) regs->gr[2]); 156 157 parisc_show_stack(current, regs); 158 } 159 } 160 161 static DEFINE_RATELIMIT_STATE(_hppa_rs, 162 DEFAULT_RATELIMIT_INTERVAL, DEFAULT_RATELIMIT_BURST); 163 164 #define parisc_printk_ratelimited(critical, regs, fmt, ...) { \ 165 if ((critical || show_unhandled_signals) && __ratelimit(&_hppa_rs)) { \ 166 printk(fmt, ##__VA_ARGS__); \ 167 show_regs(regs); \ 168 } \ 169 } 170 171 172 static void do_show_stack(struct unwind_frame_info *info) 173 { 174 int i = 1; 175 176 printk(KERN_CRIT "Backtrace:\n"); 177 while (i <= MAX_UNWIND_ENTRIES) { 178 if (unwind_once(info) < 0 || info->ip == 0) 179 break; 180 181 if (__kernel_text_address(info->ip)) { 182 printk(KERN_CRIT " [<" RFMT ">] %pS\n", 183 info->ip, (void *) info->ip); 184 i++; 185 } 186 } 187 printk(KERN_CRIT "\n"); 188 } 189 190 static void parisc_show_stack(struct task_struct *task, 191 struct pt_regs *regs) 192 { 193 struct unwind_frame_info info; 194 195 unwind_frame_init_task(&info, task, regs); 196 197 do_show_stack(&info); 198 } 199 200 void show_stack(struct task_struct *t, unsigned long *sp) 201 { 202 parisc_show_stack(t, NULL); 203 } 204 205 int is_valid_bugaddr(unsigned long iaoq) 206 { 207 return 1; 208 } 209 210 void die_if_kernel(char *str, struct pt_regs *regs, long err) 211 { 212 if (user_mode(regs)) { 213 if (err == 0) 214 return; /* STFU */ 215 216 parisc_printk_ratelimited(1, regs, 217 KERN_CRIT "%s (pid %d): %s (code %ld) at " RFMT "\n", 218 current->comm, task_pid_nr(current), str, err, regs->iaoq[0]); 219 220 return; 221 } 222 223 bust_spinlocks(1); 224 225 oops_enter(); 226 227 /* Amuse the user in a SPARC fashion */ 228 if (err) printk(KERN_CRIT 229 " _______________________________ \n" 230 " < Your System ate a SPARC! Gah! >\n" 231 " ------------------------------- \n" 232 " \\ ^__^\n" 233 " (__)\\ )\\/\\\n" 234 " U ||----w |\n" 235 " || ||\n"); 236 237 /* unlock the pdc lock if necessary */ 238 pdc_emergency_unlock(); 239 240 /* maybe the kernel hasn't booted very far yet and hasn't been able 241 * to initialize the serial or STI console. In that case we should 242 * re-enable the pdc console, so that the user will be able to 243 * identify the problem. */ 244 if (!console_drivers) 245 pdc_console_restart(); 246 247 if (err) 248 printk(KERN_CRIT "%s (pid %d): %s (code %ld)\n", 249 current->comm, task_pid_nr(current), str, err); 250 251 /* Wot's wrong wif bein' racy? */ 252 if (current->thread.flags & PARISC_KERNEL_DEATH) { 253 printk(KERN_CRIT "%s() recursion detected.\n", __func__); 254 local_irq_enable(); 255 while (1); 256 } 257 current->thread.flags |= PARISC_KERNEL_DEATH; 258 259 show_regs(regs); 260 dump_stack(); 261 add_taint(TAINT_DIE, LOCKDEP_NOW_UNRELIABLE); 262 263 if (in_interrupt()) 264 panic("Fatal exception in interrupt"); 265 266 if (panic_on_oops) 267 panic("Fatal exception"); 268 269 oops_exit(); 270 do_exit(SIGSEGV); 271 } 272 273 /* gdb uses break 4,8 */ 274 #define GDB_BREAK_INSN 0x10004 275 static void handle_gdb_break(struct pt_regs *regs, int wot) 276 { 277 force_sig_fault(SIGTRAP, wot, 278 (void __user *) (regs->iaoq[0] & ~3), current); 279 } 280 281 static void handle_break(struct pt_regs *regs) 282 { 283 unsigned iir = regs->iir; 284 285 if (unlikely(iir == PARISC_BUG_BREAK_INSN && !user_mode(regs))) { 286 /* check if a BUG() or WARN() trapped here. */ 287 enum bug_trap_type tt; 288 tt = report_bug(regs->iaoq[0] & ~3, regs); 289 if (tt == BUG_TRAP_TYPE_WARN) { 290 regs->iaoq[0] += 4; 291 regs->iaoq[1] += 4; 292 return; /* return to next instruction when WARN_ON(). */ 293 } 294 die_if_kernel("Unknown kernel breakpoint", regs, 295 (tt == BUG_TRAP_TYPE_NONE) ? 9 : 0); 296 } 297 298 #ifdef CONFIG_KPROBES 299 if (unlikely(iir == PARISC_KPROBES_BREAK_INSN)) { 300 parisc_kprobe_break_handler(regs); 301 return; 302 } 303 304 #endif 305 306 #ifdef CONFIG_KGDB 307 if (unlikely(iir == PARISC_KGDB_COMPILED_BREAK_INSN || 308 iir == PARISC_KGDB_BREAK_INSN)) { 309 kgdb_handle_exception(9, SIGTRAP, 0, regs); 310 return; 311 } 312 #endif 313 314 if (unlikely(iir != GDB_BREAK_INSN)) 315 parisc_printk_ratelimited(0, regs, 316 KERN_DEBUG "break %d,%d: pid=%d command='%s'\n", 317 iir & 31, (iir>>13) & ((1<<13)-1), 318 task_pid_nr(current), current->comm); 319 320 /* send standard GDB signal */ 321 handle_gdb_break(regs, TRAP_BRKPT); 322 } 323 324 static void default_trap(int code, struct pt_regs *regs) 325 { 326 printk(KERN_ERR "Trap %d on CPU %d\n", code, smp_processor_id()); 327 show_regs(regs); 328 } 329 330 void (*cpu_lpmc) (int code, struct pt_regs *regs) __read_mostly = default_trap; 331 332 333 void transfer_pim_to_trap_frame(struct pt_regs *regs) 334 { 335 register int i; 336 extern unsigned int hpmc_pim_data[]; 337 struct pdc_hpmc_pim_11 *pim_narrow; 338 struct pdc_hpmc_pim_20 *pim_wide; 339 340 if (boot_cpu_data.cpu_type >= pcxu) { 341 342 pim_wide = (struct pdc_hpmc_pim_20 *)hpmc_pim_data; 343 344 /* 345 * Note: The following code will probably generate a 346 * bunch of truncation error warnings from the compiler. 347 * Could be handled with an ifdef, but perhaps there 348 * is a better way. 349 */ 350 351 regs->gr[0] = pim_wide->cr[22]; 352 353 for (i = 1; i < 32; i++) 354 regs->gr[i] = pim_wide->gr[i]; 355 356 for (i = 0; i < 32; i++) 357 regs->fr[i] = pim_wide->fr[i]; 358 359 for (i = 0; i < 8; i++) 360 regs->sr[i] = pim_wide->sr[i]; 361 362 regs->iasq[0] = pim_wide->cr[17]; 363 regs->iasq[1] = pim_wide->iasq_back; 364 regs->iaoq[0] = pim_wide->cr[18]; 365 regs->iaoq[1] = pim_wide->iaoq_back; 366 367 regs->sar = pim_wide->cr[11]; 368 regs->iir = pim_wide->cr[19]; 369 regs->isr = pim_wide->cr[20]; 370 regs->ior = pim_wide->cr[21]; 371 } 372 else { 373 pim_narrow = (struct pdc_hpmc_pim_11 *)hpmc_pim_data; 374 375 regs->gr[0] = pim_narrow->cr[22]; 376 377 for (i = 1; i < 32; i++) 378 regs->gr[i] = pim_narrow->gr[i]; 379 380 for (i = 0; i < 32; i++) 381 regs->fr[i] = pim_narrow->fr[i]; 382 383 for (i = 0; i < 8; i++) 384 regs->sr[i] = pim_narrow->sr[i]; 385 386 regs->iasq[0] = pim_narrow->cr[17]; 387 regs->iasq[1] = pim_narrow->iasq_back; 388 regs->iaoq[0] = pim_narrow->cr[18]; 389 regs->iaoq[1] = pim_narrow->iaoq_back; 390 391 regs->sar = pim_narrow->cr[11]; 392 regs->iir = pim_narrow->cr[19]; 393 regs->isr = pim_narrow->cr[20]; 394 regs->ior = pim_narrow->cr[21]; 395 } 396 397 /* 398 * The following fields only have meaning if we came through 399 * another path. So just zero them here. 400 */ 401 402 regs->ksp = 0; 403 regs->kpc = 0; 404 regs->orig_r28 = 0; 405 } 406 407 408 /* 409 * This routine is called as a last resort when everything else 410 * has gone clearly wrong. We get called for faults in kernel space, 411 * and HPMC's. 412 */ 413 void parisc_terminate(char *msg, struct pt_regs *regs, int code, unsigned long offset) 414 { 415 static DEFINE_SPINLOCK(terminate_lock); 416 417 bust_spinlocks(1); 418 419 set_eiem(0); 420 local_irq_disable(); 421 spin_lock(&terminate_lock); 422 423 /* unlock the pdc lock if necessary */ 424 pdc_emergency_unlock(); 425 426 /* restart pdc console if necessary */ 427 if (!console_drivers) 428 pdc_console_restart(); 429 430 /* Not all paths will gutter the processor... */ 431 switch(code){ 432 433 case 1: 434 transfer_pim_to_trap_frame(regs); 435 break; 436 437 default: 438 /* Fall through */ 439 break; 440 441 } 442 443 { 444 /* show_stack(NULL, (unsigned long *)regs->gr[30]); */ 445 struct unwind_frame_info info; 446 unwind_frame_init(&info, current, regs); 447 do_show_stack(&info); 448 } 449 450 printk("\n"); 451 pr_crit("%s: Code=%d (%s) at addr " RFMT "\n", 452 msg, code, trap_name(code), offset); 453 show_regs(regs); 454 455 spin_unlock(&terminate_lock); 456 457 /* put soft power button back under hardware control; 458 * if the user had pressed it once at any time, the 459 * system will shut down immediately right here. */ 460 pdc_soft_power_button(0); 461 462 /* Call kernel panic() so reboot timeouts work properly 463 * FIXME: This function should be on the list of 464 * panic notifiers, and we should call panic 465 * directly from the location that we wish. 466 * e.g. We should not call panic from 467 * parisc_terminate, but rather the oter way around. 468 * This hack works, prints the panic message twice, 469 * and it enables reboot timers! 470 */ 471 panic(msg); 472 } 473 474 void notrace handle_interruption(int code, struct pt_regs *regs) 475 { 476 unsigned long fault_address = 0; 477 unsigned long fault_space = 0; 478 int si_code; 479 480 if (code == 1) 481 pdc_console_restart(); /* switch back to pdc if HPMC */ 482 else 483 local_irq_enable(); 484 485 /* Security check: 486 * If the priority level is still user, and the 487 * faulting space is not equal to the active space 488 * then the user is attempting something in a space 489 * that does not belong to them. Kill the process. 490 * 491 * This is normally the situation when the user 492 * attempts to jump into the kernel space at the 493 * wrong offset, be it at the gateway page or a 494 * random location. 495 * 496 * We cannot normally signal the process because it 497 * could *be* on the gateway page, and processes 498 * executing on the gateway page can't have signals 499 * delivered. 500 * 501 * We merely readjust the address into the users 502 * space, at a destination address of zero, and 503 * allow processing to continue. 504 */ 505 if (((unsigned long)regs->iaoq[0] & 3) && 506 ((unsigned long)regs->iasq[0] != (unsigned long)regs->sr[7])) { 507 /* Kill the user process later */ 508 regs->iaoq[0] = 0 | 3; 509 regs->iaoq[1] = regs->iaoq[0] + 4; 510 regs->iasq[0] = regs->iasq[1] = regs->sr[7]; 511 regs->gr[0] &= ~PSW_B; 512 return; 513 } 514 515 #if 0 516 printk(KERN_CRIT "Interruption # %d\n", code); 517 #endif 518 519 switch(code) { 520 521 case 1: 522 /* High-priority machine check (HPMC) */ 523 524 /* set up a new led state on systems shipped with a LED State panel */ 525 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_HPMC); 526 527 parisc_terminate("High Priority Machine Check (HPMC)", 528 regs, code, 0); 529 /* NOT REACHED */ 530 531 case 2: 532 /* Power failure interrupt */ 533 printk(KERN_CRIT "Power failure interrupt !\n"); 534 return; 535 536 case 3: 537 /* Recovery counter trap */ 538 regs->gr[0] &= ~PSW_R; 539 540 #ifdef CONFIG_KPROBES 541 if (parisc_kprobe_ss_handler(regs)) 542 return; 543 #endif 544 545 #ifdef CONFIG_KGDB 546 if (kgdb_single_step) { 547 kgdb_handle_exception(0, SIGTRAP, 0, regs); 548 return; 549 } 550 #endif 551 552 if (user_space(regs)) 553 handle_gdb_break(regs, TRAP_TRACE); 554 /* else this must be the start of a syscall - just let it run */ 555 return; 556 557 case 5: 558 /* Low-priority machine check */ 559 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_LPMC); 560 561 flush_cache_all(); 562 flush_tlb_all(); 563 cpu_lpmc(5, regs); 564 return; 565 566 case PARISC_ITLB_TRAP: 567 /* Instruction TLB miss fault/Instruction page fault */ 568 fault_address = regs->iaoq[0]; 569 fault_space = regs->iasq[0]; 570 break; 571 572 case 8: 573 /* Illegal instruction trap */ 574 die_if_kernel("Illegal instruction", regs, code); 575 si_code = ILL_ILLOPC; 576 goto give_sigill; 577 578 case 9: 579 /* Break instruction trap */ 580 handle_break(regs); 581 return; 582 583 case 10: 584 /* Privileged operation trap */ 585 die_if_kernel("Privileged operation", regs, code); 586 si_code = ILL_PRVOPC; 587 goto give_sigill; 588 589 case 11: 590 /* Privileged register trap */ 591 if ((regs->iir & 0xffdfffe0) == 0x034008a0) { 592 593 /* This is a MFCTL cr26/cr27 to gr instruction. 594 * PCXS traps on this, so we need to emulate it. 595 */ 596 597 if (regs->iir & 0x00200000) 598 regs->gr[regs->iir & 0x1f] = mfctl(27); 599 else 600 regs->gr[regs->iir & 0x1f] = mfctl(26); 601 602 regs->iaoq[0] = regs->iaoq[1]; 603 regs->iaoq[1] += 4; 604 regs->iasq[0] = regs->iasq[1]; 605 return; 606 } 607 608 die_if_kernel("Privileged register usage", regs, code); 609 si_code = ILL_PRVREG; 610 give_sigill: 611 force_sig_fault(SIGILL, si_code, 612 (void __user *) regs->iaoq[0], current); 613 return; 614 615 case 12: 616 /* Overflow Trap, let the userland signal handler do the cleanup */ 617 force_sig_fault(SIGFPE, FPE_INTOVF, 618 (void __user *) regs->iaoq[0], current); 619 return; 620 621 case 13: 622 /* Conditional Trap 623 The condition succeeds in an instruction which traps 624 on condition */ 625 if(user_mode(regs)){ 626 /* Let userspace app figure it out from the insn pointed 627 * to by si_addr. 628 */ 629 force_sig_fault(SIGFPE, FPE_CONDTRAP, 630 (void __user *) regs->iaoq[0], current); 631 return; 632 } 633 /* The kernel doesn't want to handle condition codes */ 634 break; 635 636 case 14: 637 /* Assist Exception Trap, i.e. floating point exception. */ 638 die_if_kernel("Floating point exception", regs, 0); /* quiet */ 639 __inc_irq_stat(irq_fpassist_count); 640 handle_fpe(regs); 641 return; 642 643 case 15: 644 /* Data TLB miss fault/Data page fault */ 645 /* Fall through */ 646 case 16: 647 /* Non-access instruction TLB miss fault */ 648 /* The instruction TLB entry needed for the target address of the FIC 649 is absent, and hardware can't find it, so we get to cleanup */ 650 /* Fall through */ 651 case 17: 652 /* Non-access data TLB miss fault/Non-access data page fault */ 653 /* FIXME: 654 Still need to add slow path emulation code here! 655 If the insn used a non-shadow register, then the tlb 656 handlers could not have their side-effect (e.g. probe 657 writing to a target register) emulated since rfir would 658 erase the changes to said register. Instead we have to 659 setup everything, call this function we are in, and emulate 660 by hand. Technically we need to emulate: 661 fdc,fdce,pdc,"fic,4f",prober,probeir,probew, probeiw 662 */ 663 fault_address = regs->ior; 664 fault_space = regs->isr; 665 break; 666 667 case 18: 668 /* PCXS only -- later cpu's split this into types 26,27 & 28 */ 669 /* Check for unaligned access */ 670 if (check_unaligned(regs)) { 671 handle_unaligned(regs); 672 return; 673 } 674 /* Fall Through */ 675 case 26: 676 /* PCXL: Data memory access rights trap */ 677 fault_address = regs->ior; 678 fault_space = regs->isr; 679 break; 680 681 case 19: 682 /* Data memory break trap */ 683 regs->gr[0] |= PSW_X; /* So we can single-step over the trap */ 684 /* fall thru */ 685 case 21: 686 /* Page reference trap */ 687 handle_gdb_break(regs, TRAP_HWBKPT); 688 return; 689 690 case 25: 691 /* Taken branch trap */ 692 regs->gr[0] &= ~PSW_T; 693 if (user_space(regs)) 694 handle_gdb_break(regs, TRAP_BRANCH); 695 /* else this must be the start of a syscall - just let it 696 * run. 697 */ 698 return; 699 700 case 7: 701 /* Instruction access rights */ 702 /* PCXL: Instruction memory protection trap */ 703 704 /* 705 * This could be caused by either: 1) a process attempting 706 * to execute within a vma that does not have execute 707 * permission, or 2) an access rights violation caused by a 708 * flush only translation set up by ptep_get_and_clear(). 709 * So we check the vma permissions to differentiate the two. 710 * If the vma indicates we have execute permission, then 711 * the cause is the latter one. In this case, we need to 712 * call do_page_fault() to fix the problem. 713 */ 714 715 if (user_mode(regs)) { 716 struct vm_area_struct *vma; 717 718 down_read(¤t->mm->mmap_sem); 719 vma = find_vma(current->mm,regs->iaoq[0]); 720 if (vma && (regs->iaoq[0] >= vma->vm_start) 721 && (vma->vm_flags & VM_EXEC)) { 722 723 fault_address = regs->iaoq[0]; 724 fault_space = regs->iasq[0]; 725 726 up_read(¤t->mm->mmap_sem); 727 break; /* call do_page_fault() */ 728 } 729 up_read(¤t->mm->mmap_sem); 730 } 731 /* Fall Through */ 732 case 27: 733 /* Data memory protection ID trap */ 734 if (code == 27 && !user_mode(regs) && 735 fixup_exception(regs)) 736 return; 737 738 die_if_kernel("Protection id trap", regs, code); 739 force_sig_fault(SIGSEGV, SEGV_MAPERR, 740 (code == 7)? 741 ((void __user *) regs->iaoq[0]) : 742 ((void __user *) regs->ior), current); 743 return; 744 745 case 28: 746 /* Unaligned data reference trap */ 747 handle_unaligned(regs); 748 return; 749 750 default: 751 if (user_mode(regs)) { 752 parisc_printk_ratelimited(0, regs, KERN_DEBUG 753 "handle_interruption() pid=%d command='%s'\n", 754 task_pid_nr(current), current->comm); 755 /* SIGBUS, for lack of a better one. */ 756 force_sig_fault(SIGBUS, BUS_OBJERR, 757 (void __user *)regs->ior, current); 758 return; 759 } 760 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC); 761 762 parisc_terminate("Unexpected interruption", regs, code, 0); 763 /* NOT REACHED */ 764 } 765 766 if (user_mode(regs)) { 767 if ((fault_space >> SPACEID_SHIFT) != (regs->sr[7] >> SPACEID_SHIFT)) { 768 parisc_printk_ratelimited(0, regs, KERN_DEBUG 769 "User fault %d on space 0x%08lx, pid=%d command='%s'\n", 770 code, fault_space, 771 task_pid_nr(current), current->comm); 772 force_sig_fault(SIGSEGV, SEGV_MAPERR, 773 (void __user *)regs->ior, current); 774 return; 775 } 776 } 777 else { 778 779 /* 780 * The kernel should never fault on its own address space, 781 * unless pagefault_disable() was called before. 782 */ 783 784 if (fault_space == 0 && !faulthandler_disabled()) 785 { 786 /* Clean up and return if in exception table. */ 787 if (fixup_exception(regs)) 788 return; 789 pdc_chassis_send_status(PDC_CHASSIS_DIRECT_PANIC); 790 parisc_terminate("Kernel Fault", regs, code, fault_address); 791 } 792 } 793 794 do_page_fault(regs, code, fault_address); 795 } 796 797 798 void __init initialize_ivt(const void *iva) 799 { 800 extern u32 os_hpmc_size; 801 extern const u32 os_hpmc[]; 802 803 int i; 804 u32 check = 0; 805 u32 *ivap; 806 u32 *hpmcp; 807 u32 length, instr; 808 809 if (strcmp((const char *)iva, "cows can fly")) 810 panic("IVT invalid"); 811 812 ivap = (u32 *)iva; 813 814 for (i = 0; i < 8; i++) 815 *ivap++ = 0; 816 817 /* 818 * Use PDC_INSTR firmware function to get instruction that invokes 819 * PDCE_CHECK in HPMC handler. See programming note at page 1-31 of 820 * the PA 1.1 Firmware Architecture document. 821 */ 822 if (pdc_instr(&instr) == PDC_OK) 823 ivap[0] = instr; 824 825 /* 826 * Rules for the checksum of the HPMC handler: 827 * 1. The IVA does not point to PDC/PDH space (ie: the OS has installed 828 * its own IVA). 829 * 2. The word at IVA + 32 is nonzero. 830 * 3. If Length (IVA + 60) is not zero, then Length (IVA + 60) and 831 * Address (IVA + 56) are word-aligned. 832 * 4. The checksum of the 8 words starting at IVA + 32 plus the sum of 833 * the Length/4 words starting at Address is zero. 834 */ 835 836 /* Setup IVA and compute checksum for HPMC handler */ 837 ivap[6] = (u32)__pa(os_hpmc); 838 length = os_hpmc_size; 839 ivap[7] = length; 840 841 hpmcp = (u32 *)os_hpmc; 842 843 for (i=0; i<length/4; i++) 844 check += *hpmcp++; 845 846 for (i=0; i<8; i++) 847 check += ivap[i]; 848 849 ivap[5] = -check; 850 } 851 852 853 /* early_trap_init() is called before we set up kernel mappings and 854 * write-protect the kernel */ 855 void __init early_trap_init(void) 856 { 857 extern const void fault_vector_20; 858 859 #ifndef CONFIG_64BIT 860 extern const void fault_vector_11; 861 initialize_ivt(&fault_vector_11); 862 #endif 863 864 initialize_ivt(&fault_vector_20); 865 } 866 867 void __init trap_init(void) 868 { 869 } 870