1 /* 2 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org) 3 * 4 * This program is free software; you can redistribute it and/or 5 * modify it under the terms of the GNU General Public License 6 * as published by the Free Software Foundation; either version 7 * 2 of the License, or (at your option) any later version. 8 * 9 * Modified by Cort Dougan (cort@cs.nmt.edu) 10 * and Paul Mackerras (paulus@samba.org) 11 */ 12 13 /* 14 * This file handles the architecture-dependent parts of hardware exceptions 15 */ 16 17 #include <linux/errno.h> 18 #include <linux/sched.h> 19 #include <linux/kernel.h> 20 #include <linux/mm.h> 21 #include <linux/stddef.h> 22 #include <linux/unistd.h> 23 #include <linux/ptrace.h> 24 #include <linux/slab.h> 25 #include <linux/user.h> 26 #include <linux/interrupt.h> 27 #include <linux/init.h> 28 #include <linux/module.h> 29 #include <linux/prctl.h> 30 #include <linux/delay.h> 31 #include <linux/kprobes.h> 32 #include <linux/kexec.h> 33 #include <linux/backlight.h> 34 #include <linux/bug.h> 35 #include <linux/kdebug.h> 36 37 #include <asm/pgtable.h> 38 #include <asm/uaccess.h> 39 #include <asm/system.h> 40 #include <asm/io.h> 41 #include <asm/machdep.h> 42 #include <asm/rtas.h> 43 #include <asm/pmc.h> 44 #ifdef CONFIG_PPC32 45 #include <asm/reg.h> 46 #endif 47 #ifdef CONFIG_PMAC_BACKLIGHT 48 #include <asm/backlight.h> 49 #endif 50 #ifdef CONFIG_PPC64 51 #include <asm/firmware.h> 52 #include <asm/processor.h> 53 #endif 54 #include <asm/kexec.h> 55 56 #if defined(CONFIG_DEBUGGER) || defined(CONFIG_KEXEC) 57 int (*__debugger)(struct pt_regs *regs); 58 int (*__debugger_ipi)(struct pt_regs *regs); 59 int (*__debugger_bpt)(struct pt_regs *regs); 60 int (*__debugger_sstep)(struct pt_regs *regs); 61 int (*__debugger_iabr_match)(struct pt_regs *regs); 62 int (*__debugger_dabr_match)(struct pt_regs *regs); 63 int (*__debugger_fault_handler)(struct pt_regs *regs); 64 65 EXPORT_SYMBOL(__debugger); 66 EXPORT_SYMBOL(__debugger_ipi); 67 EXPORT_SYMBOL(__debugger_bpt); 68 EXPORT_SYMBOL(__debugger_sstep); 69 EXPORT_SYMBOL(__debugger_iabr_match); 70 EXPORT_SYMBOL(__debugger_dabr_match); 71 EXPORT_SYMBOL(__debugger_fault_handler); 72 #endif 73 74 /* 75 * Trap & Exception support 76 */ 77 78 #ifdef CONFIG_PMAC_BACKLIGHT 79 static void pmac_backlight_unblank(void) 80 { 81 mutex_lock(&pmac_backlight_mutex); 82 if (pmac_backlight) { 83 struct backlight_properties *props; 84 85 props = &pmac_backlight->props; 86 props->brightness = props->max_brightness; 87 props->power = FB_BLANK_UNBLANK; 88 backlight_update_status(pmac_backlight); 89 } 90 mutex_unlock(&pmac_backlight_mutex); 91 } 92 #else 93 static inline void pmac_backlight_unblank(void) { } 94 #endif 95 96 int die(const char *str, struct pt_regs *regs, long err) 97 { 98 static struct { 99 spinlock_t lock; 100 u32 lock_owner; 101 int lock_owner_depth; 102 } die = { 103 .lock = __SPIN_LOCK_UNLOCKED(die.lock), 104 .lock_owner = -1, 105 .lock_owner_depth = 0 106 }; 107 static int die_counter; 108 unsigned long flags; 109 110 if (debugger(regs)) 111 return 1; 112 113 oops_enter(); 114 115 if (die.lock_owner != raw_smp_processor_id()) { 116 console_verbose(); 117 spin_lock_irqsave(&die.lock, flags); 118 die.lock_owner = smp_processor_id(); 119 die.lock_owner_depth = 0; 120 bust_spinlocks(1); 121 if (machine_is(powermac)) 122 pmac_backlight_unblank(); 123 } else { 124 local_save_flags(flags); 125 } 126 127 if (++die.lock_owner_depth < 3) { 128 printk("Oops: %s, sig: %ld [#%d]\n", str, err, ++die_counter); 129 #ifdef CONFIG_PREEMPT 130 printk("PREEMPT "); 131 #endif 132 #ifdef CONFIG_SMP 133 printk("SMP NR_CPUS=%d ", NR_CPUS); 134 #endif 135 #ifdef CONFIG_DEBUG_PAGEALLOC 136 printk("DEBUG_PAGEALLOC "); 137 #endif 138 #ifdef CONFIG_NUMA 139 printk("NUMA "); 140 #endif 141 printk("%s\n", ppc_md.name ? ppc_md.name : ""); 142 143 print_modules(); 144 show_regs(regs); 145 } else { 146 printk("Recursive die() failure, output suppressed\n"); 147 } 148 149 bust_spinlocks(0); 150 die.lock_owner = -1; 151 add_taint(TAINT_DIE); 152 spin_unlock_irqrestore(&die.lock, flags); 153 154 if (kexec_should_crash(current) || 155 kexec_sr_activated(smp_processor_id())) 156 crash_kexec(regs); 157 crash_kexec_secondary(regs); 158 159 if (in_interrupt()) 160 panic("Fatal exception in interrupt"); 161 162 if (panic_on_oops) 163 panic("Fatal exception"); 164 165 oops_exit(); 166 do_exit(err); 167 168 return 0; 169 } 170 171 void _exception(int signr, struct pt_regs *regs, int code, unsigned long addr) 172 { 173 siginfo_t info; 174 const char fmt32[] = KERN_INFO "%s[%d]: unhandled signal %d " \ 175 "at %08lx nip %08lx lr %08lx code %x\n"; 176 const char fmt64[] = KERN_INFO "%s[%d]: unhandled signal %d " \ 177 "at %016lx nip %016lx lr %016lx code %x\n"; 178 179 if (!user_mode(regs)) { 180 if (die("Exception in kernel mode", regs, signr)) 181 return; 182 } else if (show_unhandled_signals && 183 unhandled_signal(current, signr) && 184 printk_ratelimit()) { 185 printk(regs->msr & MSR_SF ? fmt64 : fmt32, 186 current->comm, current->pid, signr, 187 addr, regs->nip, regs->link, code); 188 } 189 190 memset(&info, 0, sizeof(info)); 191 info.si_signo = signr; 192 info.si_code = code; 193 info.si_addr = (void __user *) addr; 194 force_sig_info(signr, &info, current); 195 196 /* 197 * Init gets no signals that it doesn't have a handler for. 198 * That's all very well, but if it has caused a synchronous 199 * exception and we ignore the resulting signal, it will just 200 * generate the same exception over and over again and we get 201 * nowhere. Better to kill it and let the kernel panic. 202 */ 203 if (is_global_init(current)) { 204 __sighandler_t handler; 205 206 spin_lock_irq(¤t->sighand->siglock); 207 handler = current->sighand->action[signr-1].sa.sa_handler; 208 spin_unlock_irq(¤t->sighand->siglock); 209 if (handler == SIG_DFL) { 210 /* init has generated a synchronous exception 211 and it doesn't have a handler for the signal */ 212 printk(KERN_CRIT "init has generated signal %d " 213 "but has no handler for it\n", signr); 214 do_exit(signr); 215 } 216 } 217 } 218 219 #ifdef CONFIG_PPC64 220 void system_reset_exception(struct pt_regs *regs) 221 { 222 /* See if any machine dependent calls */ 223 if (ppc_md.system_reset_exception) { 224 if (ppc_md.system_reset_exception(regs)) 225 return; 226 } 227 228 #ifdef CONFIG_KEXEC 229 cpu_set(smp_processor_id(), cpus_in_sr); 230 #endif 231 232 die("System Reset", regs, SIGABRT); 233 234 /* 235 * Some CPUs when released from the debugger will execute this path. 236 * These CPUs entered the debugger via a soft-reset. If the CPU was 237 * hung before entering the debugger it will return to the hung 238 * state when exiting this function. This causes a problem in 239 * kdump since the hung CPU(s) will not respond to the IPI sent 240 * from kdump. To prevent the problem we call crash_kexec_secondary() 241 * here. If a kdump had not been initiated or we exit the debugger 242 * with the "exit and recover" command (x) crash_kexec_secondary() 243 * will return after 5ms and the CPU returns to its previous state. 244 */ 245 crash_kexec_secondary(regs); 246 247 /* Must die if the interrupt is not recoverable */ 248 if (!(regs->msr & MSR_RI)) 249 panic("Unrecoverable System Reset"); 250 251 /* What should we do here? We could issue a shutdown or hard reset. */ 252 } 253 #endif 254 255 /* 256 * I/O accesses can cause machine checks on powermacs. 257 * Check if the NIP corresponds to the address of a sync 258 * instruction for which there is an entry in the exception 259 * table. 260 * Note that the 601 only takes a machine check on TEA 261 * (transfer error ack) signal assertion, and does not 262 * set any of the top 16 bits of SRR1. 263 * -- paulus. 264 */ 265 static inline int check_io_access(struct pt_regs *regs) 266 { 267 #ifdef CONFIG_PPC32 268 unsigned long msr = regs->msr; 269 const struct exception_table_entry *entry; 270 unsigned int *nip = (unsigned int *)regs->nip; 271 272 if (((msr & 0xffff0000) == 0 || (msr & (0x80000 | 0x40000))) 273 && (entry = search_exception_tables(regs->nip)) != NULL) { 274 /* 275 * Check that it's a sync instruction, or somewhere 276 * in the twi; isync; nop sequence that inb/inw/inl uses. 277 * As the address is in the exception table 278 * we should be able to read the instr there. 279 * For the debug message, we look at the preceding 280 * load or store. 281 */ 282 if (*nip == 0x60000000) /* nop */ 283 nip -= 2; 284 else if (*nip == 0x4c00012c) /* isync */ 285 --nip; 286 if (*nip == 0x7c0004ac || (*nip >> 26) == 3) { 287 /* sync or twi */ 288 unsigned int rb; 289 290 --nip; 291 rb = (*nip >> 11) & 0x1f; 292 printk(KERN_DEBUG "%s bad port %lx at %p\n", 293 (*nip & 0x100)? "OUT to": "IN from", 294 regs->gpr[rb] - _IO_BASE, nip); 295 regs->msr |= MSR_RI; 296 regs->nip = entry->fixup; 297 return 1; 298 } 299 } 300 #endif /* CONFIG_PPC32 */ 301 return 0; 302 } 303 304 #if defined(CONFIG_4xx) || defined(CONFIG_BOOKE) 305 /* On 4xx, the reason for the machine check or program exception 306 is in the ESR. */ 307 #define get_reason(regs) ((regs)->dsisr) 308 #ifndef CONFIG_FSL_BOOKE 309 #define get_mc_reason(regs) ((regs)->dsisr) 310 #else 311 #define get_mc_reason(regs) (mfspr(SPRN_MCSR) & MCSR_MASK) 312 #endif 313 #define REASON_FP ESR_FP 314 #define REASON_ILLEGAL (ESR_PIL | ESR_PUO) 315 #define REASON_PRIVILEGED ESR_PPR 316 #define REASON_TRAP ESR_PTR 317 318 /* single-step stuff */ 319 #define single_stepping(regs) (current->thread.dbcr0 & DBCR0_IC) 320 #define clear_single_step(regs) (current->thread.dbcr0 &= ~DBCR0_IC) 321 322 #else 323 /* On non-4xx, the reason for the machine check or program 324 exception is in the MSR. */ 325 #define get_reason(regs) ((regs)->msr) 326 #define get_mc_reason(regs) ((regs)->msr) 327 #define REASON_FP 0x100000 328 #define REASON_ILLEGAL 0x80000 329 #define REASON_PRIVILEGED 0x40000 330 #define REASON_TRAP 0x20000 331 332 #define single_stepping(regs) ((regs)->msr & MSR_SE) 333 #define clear_single_step(regs) ((regs)->msr &= ~MSR_SE) 334 #endif 335 336 #if defined(CONFIG_4xx) 337 int machine_check_4xx(struct pt_regs *regs) 338 { 339 unsigned long reason = get_mc_reason(regs); 340 341 if (reason & ESR_IMCP) { 342 printk("Instruction"); 343 mtspr(SPRN_ESR, reason & ~ESR_IMCP); 344 } else 345 printk("Data"); 346 printk(" machine check in kernel mode.\n"); 347 348 return 0; 349 } 350 351 int machine_check_440A(struct pt_regs *regs) 352 { 353 unsigned long reason = get_mc_reason(regs); 354 355 printk("Machine check in kernel mode.\n"); 356 if (reason & ESR_IMCP){ 357 printk("Instruction Synchronous Machine Check exception\n"); 358 mtspr(SPRN_ESR, reason & ~ESR_IMCP); 359 } 360 else { 361 u32 mcsr = mfspr(SPRN_MCSR); 362 if (mcsr & MCSR_IB) 363 printk("Instruction Read PLB Error\n"); 364 if (mcsr & MCSR_DRB) 365 printk("Data Read PLB Error\n"); 366 if (mcsr & MCSR_DWB) 367 printk("Data Write PLB Error\n"); 368 if (mcsr & MCSR_TLBP) 369 printk("TLB Parity Error\n"); 370 if (mcsr & MCSR_ICP){ 371 flush_instruction_cache(); 372 printk("I-Cache Parity Error\n"); 373 } 374 if (mcsr & MCSR_DCSP) 375 printk("D-Cache Search Parity Error\n"); 376 if (mcsr & MCSR_DCFP) 377 printk("D-Cache Flush Parity Error\n"); 378 if (mcsr & MCSR_IMPE) 379 printk("Machine Check exception is imprecise\n"); 380 381 /* Clear MCSR */ 382 mtspr(SPRN_MCSR, mcsr); 383 } 384 return 0; 385 } 386 #elif defined(CONFIG_E500) 387 int machine_check_e500(struct pt_regs *regs) 388 { 389 unsigned long reason = get_mc_reason(regs); 390 391 printk("Machine check in kernel mode.\n"); 392 printk("Caused by (from MCSR=%lx): ", reason); 393 394 if (reason & MCSR_MCP) 395 printk("Machine Check Signal\n"); 396 if (reason & MCSR_ICPERR) 397 printk("Instruction Cache Parity Error\n"); 398 if (reason & MCSR_DCP_PERR) 399 printk("Data Cache Push Parity Error\n"); 400 if (reason & MCSR_DCPERR) 401 printk("Data Cache Parity Error\n"); 402 if (reason & MCSR_BUS_IAERR) 403 printk("Bus - Instruction Address Error\n"); 404 if (reason & MCSR_BUS_RAERR) 405 printk("Bus - Read Address Error\n"); 406 if (reason & MCSR_BUS_WAERR) 407 printk("Bus - Write Address Error\n"); 408 if (reason & MCSR_BUS_IBERR) 409 printk("Bus - Instruction Data Error\n"); 410 if (reason & MCSR_BUS_RBERR) 411 printk("Bus - Read Data Bus Error\n"); 412 if (reason & MCSR_BUS_WBERR) 413 printk("Bus - Read Data Bus Error\n"); 414 if (reason & MCSR_BUS_IPERR) 415 printk("Bus - Instruction Parity Error\n"); 416 if (reason & MCSR_BUS_RPERR) 417 printk("Bus - Read Parity Error\n"); 418 419 return 0; 420 } 421 #elif defined(CONFIG_E200) 422 int machine_check_e200(struct pt_regs *regs) 423 { 424 unsigned long reason = get_mc_reason(regs); 425 426 printk("Machine check in kernel mode.\n"); 427 printk("Caused by (from MCSR=%lx): ", reason); 428 429 if (reason & MCSR_MCP) 430 printk("Machine Check Signal\n"); 431 if (reason & MCSR_CP_PERR) 432 printk("Cache Push Parity Error\n"); 433 if (reason & MCSR_CPERR) 434 printk("Cache Parity Error\n"); 435 if (reason & MCSR_EXCP_ERR) 436 printk("ISI, ITLB, or Bus Error on first instruction fetch for an exception handler\n"); 437 if (reason & MCSR_BUS_IRERR) 438 printk("Bus - Read Bus Error on instruction fetch\n"); 439 if (reason & MCSR_BUS_DRERR) 440 printk("Bus - Read Bus Error on data load\n"); 441 if (reason & MCSR_BUS_WRERR) 442 printk("Bus - Write Bus Error on buffered store or cache line push\n"); 443 444 return 0; 445 } 446 #else 447 int machine_check_generic(struct pt_regs *regs) 448 { 449 unsigned long reason = get_mc_reason(regs); 450 451 printk("Machine check in kernel mode.\n"); 452 printk("Caused by (from SRR1=%lx): ", reason); 453 switch (reason & 0x601F0000) { 454 case 0x80000: 455 printk("Machine check signal\n"); 456 break; 457 case 0: /* for 601 */ 458 case 0x40000: 459 case 0x140000: /* 7450 MSS error and TEA */ 460 printk("Transfer error ack signal\n"); 461 break; 462 case 0x20000: 463 printk("Data parity error signal\n"); 464 break; 465 case 0x10000: 466 printk("Address parity error signal\n"); 467 break; 468 case 0x20000000: 469 printk("L1 Data Cache error\n"); 470 break; 471 case 0x40000000: 472 printk("L1 Instruction Cache error\n"); 473 break; 474 case 0x00100000: 475 printk("L2 data cache parity error\n"); 476 break; 477 default: 478 printk("Unknown values in msr\n"); 479 } 480 return 0; 481 } 482 #endif /* everything else */ 483 484 void machine_check_exception(struct pt_regs *regs) 485 { 486 int recover = 0; 487 488 /* See if any machine dependent calls. In theory, we would want 489 * to call the CPU first, and call the ppc_md. one if the CPU 490 * one returns a positive number. However there is existing code 491 * that assumes the board gets a first chance, so let's keep it 492 * that way for now and fix things later. --BenH. 493 */ 494 if (ppc_md.machine_check_exception) 495 recover = ppc_md.machine_check_exception(regs); 496 else if (cur_cpu_spec->machine_check) 497 recover = cur_cpu_spec->machine_check(regs); 498 499 if (recover > 0) 500 return; 501 502 if (user_mode(regs)) { 503 regs->msr |= MSR_RI; 504 _exception(SIGBUS, regs, BUS_ADRERR, regs->nip); 505 return; 506 } 507 508 #if defined(CONFIG_8xx) && defined(CONFIG_PCI) 509 /* the qspan pci read routines can cause machine checks -- Cort 510 * 511 * yuck !!! that totally needs to go away ! There are better ways 512 * to deal with that than having a wart in the mcheck handler. 513 * -- BenH 514 */ 515 bad_page_fault(regs, regs->dar, SIGBUS); 516 return; 517 #endif 518 519 if (debugger_fault_handler(regs)) { 520 regs->msr |= MSR_RI; 521 return; 522 } 523 524 if (check_io_access(regs)) 525 return; 526 527 if (debugger_fault_handler(regs)) 528 return; 529 die("Machine check", regs, SIGBUS); 530 531 /* Must die if the interrupt is not recoverable */ 532 if (!(regs->msr & MSR_RI)) 533 panic("Unrecoverable Machine check"); 534 } 535 536 void SMIException(struct pt_regs *regs) 537 { 538 die("System Management Interrupt", regs, SIGABRT); 539 } 540 541 void unknown_exception(struct pt_regs *regs) 542 { 543 printk("Bad trap at PC: %lx, SR: %lx, vector=%lx\n", 544 regs->nip, regs->msr, regs->trap); 545 546 _exception(SIGTRAP, regs, 0, 0); 547 } 548 549 void instruction_breakpoint_exception(struct pt_regs *regs) 550 { 551 if (notify_die(DIE_IABR_MATCH, "iabr_match", regs, 5, 552 5, SIGTRAP) == NOTIFY_STOP) 553 return; 554 if (debugger_iabr_match(regs)) 555 return; 556 _exception(SIGTRAP, regs, TRAP_BRKPT, regs->nip); 557 } 558 559 void RunModeException(struct pt_regs *regs) 560 { 561 _exception(SIGTRAP, regs, 0, 0); 562 } 563 564 void __kprobes single_step_exception(struct pt_regs *regs) 565 { 566 regs->msr &= ~(MSR_SE | MSR_BE); /* Turn off 'trace' bits */ 567 568 if (notify_die(DIE_SSTEP, "single_step", regs, 5, 569 5, SIGTRAP) == NOTIFY_STOP) 570 return; 571 if (debugger_sstep(regs)) 572 return; 573 574 _exception(SIGTRAP, regs, TRAP_TRACE, regs->nip); 575 } 576 577 /* 578 * After we have successfully emulated an instruction, we have to 579 * check if the instruction was being single-stepped, and if so, 580 * pretend we got a single-step exception. This was pointed out 581 * by Kumar Gala. -- paulus 582 */ 583 static void emulate_single_step(struct pt_regs *regs) 584 { 585 if (single_stepping(regs)) { 586 clear_single_step(regs); 587 _exception(SIGTRAP, regs, TRAP_TRACE, 0); 588 } 589 } 590 591 static inline int __parse_fpscr(unsigned long fpscr) 592 { 593 int ret = 0; 594 595 /* Invalid operation */ 596 if ((fpscr & FPSCR_VE) && (fpscr & FPSCR_VX)) 597 ret = FPE_FLTINV; 598 599 /* Overflow */ 600 else if ((fpscr & FPSCR_OE) && (fpscr & FPSCR_OX)) 601 ret = FPE_FLTOVF; 602 603 /* Underflow */ 604 else if ((fpscr & FPSCR_UE) && (fpscr & FPSCR_UX)) 605 ret = FPE_FLTUND; 606 607 /* Divide by zero */ 608 else if ((fpscr & FPSCR_ZE) && (fpscr & FPSCR_ZX)) 609 ret = FPE_FLTDIV; 610 611 /* Inexact result */ 612 else if ((fpscr & FPSCR_XE) && (fpscr & FPSCR_XX)) 613 ret = FPE_FLTRES; 614 615 return ret; 616 } 617 618 static void parse_fpe(struct pt_regs *regs) 619 { 620 int code = 0; 621 622 flush_fp_to_thread(current); 623 624 code = __parse_fpscr(current->thread.fpscr.val); 625 626 _exception(SIGFPE, regs, code, regs->nip); 627 } 628 629 /* 630 * Illegal instruction emulation support. Originally written to 631 * provide the PVR to user applications using the mfspr rd, PVR. 632 * Return non-zero if we can't emulate, or -EFAULT if the associated 633 * memory access caused an access fault. Return zero on success. 634 * 635 * There are a couple of ways to do this, either "decode" the instruction 636 * or directly match lots of bits. In this case, matching lots of 637 * bits is faster and easier. 638 * 639 */ 640 #define INST_MFSPR_PVR 0x7c1f42a6 641 #define INST_MFSPR_PVR_MASK 0xfc1fffff 642 643 #define INST_DCBA 0x7c0005ec 644 #define INST_DCBA_MASK 0xfc0007fe 645 646 #define INST_MCRXR 0x7c000400 647 #define INST_MCRXR_MASK 0xfc0007fe 648 649 #define INST_STRING 0x7c00042a 650 #define INST_STRING_MASK 0xfc0007fe 651 #define INST_STRING_GEN_MASK 0xfc00067e 652 #define INST_LSWI 0x7c0004aa 653 #define INST_LSWX 0x7c00042a 654 #define INST_STSWI 0x7c0005aa 655 #define INST_STSWX 0x7c00052a 656 657 #define INST_POPCNTB 0x7c0000f4 658 #define INST_POPCNTB_MASK 0xfc0007fe 659 660 #define INST_ISEL 0x7c00001e 661 #define INST_ISEL_MASK 0xfc00003e 662 663 static int emulate_string_inst(struct pt_regs *regs, u32 instword) 664 { 665 u8 rT = (instword >> 21) & 0x1f; 666 u8 rA = (instword >> 16) & 0x1f; 667 u8 NB_RB = (instword >> 11) & 0x1f; 668 u32 num_bytes; 669 unsigned long EA; 670 int pos = 0; 671 672 /* Early out if we are an invalid form of lswx */ 673 if ((instword & INST_STRING_MASK) == INST_LSWX) 674 if ((rT == rA) || (rT == NB_RB)) 675 return -EINVAL; 676 677 EA = (rA == 0) ? 0 : regs->gpr[rA]; 678 679 switch (instword & INST_STRING_MASK) { 680 case INST_LSWX: 681 case INST_STSWX: 682 EA += NB_RB; 683 num_bytes = regs->xer & 0x7f; 684 break; 685 case INST_LSWI: 686 case INST_STSWI: 687 num_bytes = (NB_RB == 0) ? 32 : NB_RB; 688 break; 689 default: 690 return -EINVAL; 691 } 692 693 while (num_bytes != 0) 694 { 695 u8 val; 696 u32 shift = 8 * (3 - (pos & 0x3)); 697 698 switch ((instword & INST_STRING_MASK)) { 699 case INST_LSWX: 700 case INST_LSWI: 701 if (get_user(val, (u8 __user *)EA)) 702 return -EFAULT; 703 /* first time updating this reg, 704 * zero it out */ 705 if (pos == 0) 706 regs->gpr[rT] = 0; 707 regs->gpr[rT] |= val << shift; 708 break; 709 case INST_STSWI: 710 case INST_STSWX: 711 val = regs->gpr[rT] >> shift; 712 if (put_user(val, (u8 __user *)EA)) 713 return -EFAULT; 714 break; 715 } 716 /* move EA to next address */ 717 EA += 1; 718 num_bytes--; 719 720 /* manage our position within the register */ 721 if (++pos == 4) { 722 pos = 0; 723 if (++rT == 32) 724 rT = 0; 725 } 726 } 727 728 return 0; 729 } 730 731 static int emulate_popcntb_inst(struct pt_regs *regs, u32 instword) 732 { 733 u32 ra,rs; 734 unsigned long tmp; 735 736 ra = (instword >> 16) & 0x1f; 737 rs = (instword >> 21) & 0x1f; 738 739 tmp = regs->gpr[rs]; 740 tmp = tmp - ((tmp >> 1) & 0x5555555555555555ULL); 741 tmp = (tmp & 0x3333333333333333ULL) + ((tmp >> 2) & 0x3333333333333333ULL); 742 tmp = (tmp + (tmp >> 4)) & 0x0f0f0f0f0f0f0f0fULL; 743 regs->gpr[ra] = tmp; 744 745 return 0; 746 } 747 748 static int emulate_isel(struct pt_regs *regs, u32 instword) 749 { 750 u8 rT = (instword >> 21) & 0x1f; 751 u8 rA = (instword >> 16) & 0x1f; 752 u8 rB = (instword >> 11) & 0x1f; 753 u8 BC = (instword >> 6) & 0x1f; 754 u8 bit; 755 unsigned long tmp; 756 757 tmp = (rA == 0) ? 0 : regs->gpr[rA]; 758 bit = (regs->ccr >> (31 - BC)) & 0x1; 759 760 regs->gpr[rT] = bit ? tmp : regs->gpr[rB]; 761 762 return 0; 763 } 764 765 static int emulate_instruction(struct pt_regs *regs) 766 { 767 u32 instword; 768 u32 rd; 769 770 if (!user_mode(regs) || (regs->msr & MSR_LE)) 771 return -EINVAL; 772 CHECK_FULL_REGS(regs); 773 774 if (get_user(instword, (u32 __user *)(regs->nip))) 775 return -EFAULT; 776 777 /* Emulate the mfspr rD, PVR. */ 778 if ((instword & INST_MFSPR_PVR_MASK) == INST_MFSPR_PVR) { 779 rd = (instword >> 21) & 0x1f; 780 regs->gpr[rd] = mfspr(SPRN_PVR); 781 return 0; 782 } 783 784 /* Emulating the dcba insn is just a no-op. */ 785 if ((instword & INST_DCBA_MASK) == INST_DCBA) 786 return 0; 787 788 /* Emulate the mcrxr insn. */ 789 if ((instword & INST_MCRXR_MASK) == INST_MCRXR) { 790 int shift = (instword >> 21) & 0x1c; 791 unsigned long msk = 0xf0000000UL >> shift; 792 793 regs->ccr = (regs->ccr & ~msk) | ((regs->xer >> shift) & msk); 794 regs->xer &= ~0xf0000000UL; 795 return 0; 796 } 797 798 /* Emulate load/store string insn. */ 799 if ((instword & INST_STRING_GEN_MASK) == INST_STRING) 800 return emulate_string_inst(regs, instword); 801 802 /* Emulate the popcntb (Population Count Bytes) instruction. */ 803 if ((instword & INST_POPCNTB_MASK) == INST_POPCNTB) { 804 return emulate_popcntb_inst(regs, instword); 805 } 806 807 /* Emulate isel (Integer Select) instruction */ 808 if ((instword & INST_ISEL_MASK) == INST_ISEL) { 809 return emulate_isel(regs, instword); 810 } 811 812 return -EINVAL; 813 } 814 815 int is_valid_bugaddr(unsigned long addr) 816 { 817 return is_kernel_addr(addr); 818 } 819 820 void __kprobes program_check_exception(struct pt_regs *regs) 821 { 822 unsigned int reason = get_reason(regs); 823 extern int do_mathemu(struct pt_regs *regs); 824 825 /* We can now get here via a FP Unavailable exception if the core 826 * has no FPU, in that case the reason flags will be 0 */ 827 828 if (reason & REASON_FP) { 829 /* IEEE FP exception */ 830 parse_fpe(regs); 831 return; 832 } 833 if (reason & REASON_TRAP) { 834 /* trap exception */ 835 if (notify_die(DIE_BPT, "breakpoint", regs, 5, 5, SIGTRAP) 836 == NOTIFY_STOP) 837 return; 838 if (debugger_bpt(regs)) 839 return; 840 841 if (!(regs->msr & MSR_PR) && /* not user-mode */ 842 report_bug(regs->nip, regs) == BUG_TRAP_TYPE_WARN) { 843 regs->nip += 4; 844 return; 845 } 846 _exception(SIGTRAP, regs, TRAP_BRKPT, regs->nip); 847 return; 848 } 849 850 local_irq_enable(); 851 852 #ifdef CONFIG_MATH_EMULATION 853 /* (reason & REASON_ILLEGAL) would be the obvious thing here, 854 * but there seems to be a hardware bug on the 405GP (RevD) 855 * that means ESR is sometimes set incorrectly - either to 856 * ESR_DST (!?) or 0. In the process of chasing this with the 857 * hardware people - not sure if it can happen on any illegal 858 * instruction or only on FP instructions, whether there is a 859 * pattern to occurences etc. -dgibson 31/Mar/2003 */ 860 switch (do_mathemu(regs)) { 861 case 0: 862 emulate_single_step(regs); 863 return; 864 case 1: { 865 int code = 0; 866 code = __parse_fpscr(current->thread.fpscr.val); 867 _exception(SIGFPE, regs, code, regs->nip); 868 return; 869 } 870 case -EFAULT: 871 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 872 return; 873 } 874 /* fall through on any other errors */ 875 #endif /* CONFIG_MATH_EMULATION */ 876 877 /* Try to emulate it if we should. */ 878 if (reason & (REASON_ILLEGAL | REASON_PRIVILEGED)) { 879 switch (emulate_instruction(regs)) { 880 case 0: 881 regs->nip += 4; 882 emulate_single_step(regs); 883 return; 884 case -EFAULT: 885 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 886 return; 887 } 888 } 889 890 if (reason & REASON_PRIVILEGED) 891 _exception(SIGILL, regs, ILL_PRVOPC, regs->nip); 892 else 893 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 894 } 895 896 void alignment_exception(struct pt_regs *regs) 897 { 898 int sig, code, fixed = 0; 899 900 /* we don't implement logging of alignment exceptions */ 901 if (!(current->thread.align_ctl & PR_UNALIGN_SIGBUS)) 902 fixed = fix_alignment(regs); 903 904 if (fixed == 1) { 905 regs->nip += 4; /* skip over emulated instruction */ 906 emulate_single_step(regs); 907 return; 908 } 909 910 /* Operand address was bad */ 911 if (fixed == -EFAULT) { 912 sig = SIGSEGV; 913 code = SEGV_ACCERR; 914 } else { 915 sig = SIGBUS; 916 code = BUS_ADRALN; 917 } 918 if (user_mode(regs)) 919 _exception(sig, regs, code, regs->dar); 920 else 921 bad_page_fault(regs, regs->dar, sig); 922 } 923 924 void StackOverflow(struct pt_regs *regs) 925 { 926 printk(KERN_CRIT "Kernel stack overflow in process %p, r1=%lx\n", 927 current, regs->gpr[1]); 928 debugger(regs); 929 show_regs(regs); 930 panic("kernel stack overflow"); 931 } 932 933 void nonrecoverable_exception(struct pt_regs *regs) 934 { 935 printk(KERN_ERR "Non-recoverable exception at PC=%lx MSR=%lx\n", 936 regs->nip, regs->msr); 937 debugger(regs); 938 die("nonrecoverable exception", regs, SIGKILL); 939 } 940 941 void trace_syscall(struct pt_regs *regs) 942 { 943 printk("Task: %p(%d), PC: %08lX/%08lX, Syscall: %3ld, Result: %s%ld %s\n", 944 current, task_pid_nr(current), regs->nip, regs->link, regs->gpr[0], 945 regs->ccr&0x10000000?"Error=":"", regs->gpr[3], print_tainted()); 946 } 947 948 void kernel_fp_unavailable_exception(struct pt_regs *regs) 949 { 950 printk(KERN_EMERG "Unrecoverable FP Unavailable Exception " 951 "%lx at %lx\n", regs->trap, regs->nip); 952 die("Unrecoverable FP Unavailable Exception", regs, SIGABRT); 953 } 954 955 void altivec_unavailable_exception(struct pt_regs *regs) 956 { 957 if (user_mode(regs)) { 958 /* A user program has executed an altivec instruction, 959 but this kernel doesn't support altivec. */ 960 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 961 return; 962 } 963 964 printk(KERN_EMERG "Unrecoverable VMX/Altivec Unavailable Exception " 965 "%lx at %lx\n", regs->trap, regs->nip); 966 die("Unrecoverable VMX/Altivec Unavailable Exception", regs, SIGABRT); 967 } 968 969 void vsx_unavailable_exception(struct pt_regs *regs) 970 { 971 if (user_mode(regs)) { 972 /* A user program has executed an vsx instruction, 973 but this kernel doesn't support vsx. */ 974 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 975 return; 976 } 977 978 printk(KERN_EMERG "Unrecoverable VSX Unavailable Exception " 979 "%lx at %lx\n", regs->trap, regs->nip); 980 die("Unrecoverable VSX Unavailable Exception", regs, SIGABRT); 981 } 982 983 void performance_monitor_exception(struct pt_regs *regs) 984 { 985 perf_irq(regs); 986 } 987 988 #ifdef CONFIG_8xx 989 void SoftwareEmulation(struct pt_regs *regs) 990 { 991 extern int do_mathemu(struct pt_regs *); 992 extern int Soft_emulate_8xx(struct pt_regs *); 993 #if defined(CONFIG_MATH_EMULATION) || defined(CONFIG_8XX_MINIMAL_FPEMU) 994 int errcode; 995 #endif 996 997 CHECK_FULL_REGS(regs); 998 999 if (!user_mode(regs)) { 1000 debugger(regs); 1001 die("Kernel Mode Software FPU Emulation", regs, SIGFPE); 1002 } 1003 1004 #ifdef CONFIG_MATH_EMULATION 1005 errcode = do_mathemu(regs); 1006 1007 switch (errcode) { 1008 case 0: 1009 emulate_single_step(regs); 1010 return; 1011 case 1: { 1012 int code = 0; 1013 code = __parse_fpscr(current->thread.fpscr.val); 1014 _exception(SIGFPE, regs, code, regs->nip); 1015 return; 1016 } 1017 case -EFAULT: 1018 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 1019 return; 1020 default: 1021 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 1022 return; 1023 } 1024 1025 #elif defined(CONFIG_8XX_MINIMAL_FPEMU) 1026 errcode = Soft_emulate_8xx(regs); 1027 switch (errcode) { 1028 case 0: 1029 emulate_single_step(regs); 1030 return; 1031 case 1: 1032 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 1033 return; 1034 case -EFAULT: 1035 _exception(SIGSEGV, regs, SEGV_MAPERR, regs->nip); 1036 return; 1037 } 1038 #else 1039 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 1040 #endif 1041 } 1042 #endif /* CONFIG_8xx */ 1043 1044 #if defined(CONFIG_40x) || defined(CONFIG_BOOKE) 1045 1046 void __kprobes DebugException(struct pt_regs *regs, unsigned long debug_status) 1047 { 1048 if (debug_status & DBSR_IC) { /* instruction completion */ 1049 regs->msr &= ~MSR_DE; 1050 1051 /* Disable instruction completion */ 1052 mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) & ~DBCR0_IC); 1053 /* Clear the instruction completion event */ 1054 mtspr(SPRN_DBSR, DBSR_IC); 1055 1056 if (notify_die(DIE_SSTEP, "single_step", regs, 5, 1057 5, SIGTRAP) == NOTIFY_STOP) { 1058 return; 1059 } 1060 1061 if (debugger_sstep(regs)) 1062 return; 1063 1064 if (user_mode(regs)) { 1065 current->thread.dbcr0 &= ~DBCR0_IC; 1066 } 1067 1068 _exception(SIGTRAP, regs, TRAP_TRACE, regs->nip); 1069 } else if (debug_status & (DBSR_DAC1R | DBSR_DAC1W)) { 1070 regs->msr &= ~MSR_DE; 1071 1072 if (user_mode(regs)) { 1073 current->thread.dbcr0 &= ~(DBSR_DAC1R | DBSR_DAC1W | 1074 DBCR0_IDM); 1075 } else { 1076 /* Disable DAC interupts */ 1077 mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) & ~(DBSR_DAC1R | 1078 DBSR_DAC1W | DBCR0_IDM)); 1079 1080 /* Clear the DAC event */ 1081 mtspr(SPRN_DBSR, (DBSR_DAC1R | DBSR_DAC1W)); 1082 } 1083 /* Setup and send the trap to the handler */ 1084 do_dabr(regs, mfspr(SPRN_DAC1), debug_status); 1085 } 1086 } 1087 #endif /* CONFIG_4xx || CONFIG_BOOKE */ 1088 1089 #if !defined(CONFIG_TAU_INT) 1090 void TAUException(struct pt_regs *regs) 1091 { 1092 printk("TAU trap at PC: %lx, MSR: %lx, vector=%lx %s\n", 1093 regs->nip, regs->msr, regs->trap, print_tainted()); 1094 } 1095 #endif /* CONFIG_INT_TAU */ 1096 1097 #ifdef CONFIG_ALTIVEC 1098 void altivec_assist_exception(struct pt_regs *regs) 1099 { 1100 int err; 1101 1102 if (!user_mode(regs)) { 1103 printk(KERN_EMERG "VMX/Altivec assist exception in kernel mode" 1104 " at %lx\n", regs->nip); 1105 die("Kernel VMX/Altivec assist exception", regs, SIGILL); 1106 } 1107 1108 flush_altivec_to_thread(current); 1109 1110 err = emulate_altivec(regs); 1111 if (err == 0) { 1112 regs->nip += 4; /* skip emulated instruction */ 1113 emulate_single_step(regs); 1114 return; 1115 } 1116 1117 if (err == -EFAULT) { 1118 /* got an error reading the instruction */ 1119 _exception(SIGSEGV, regs, SEGV_ACCERR, regs->nip); 1120 } else { 1121 /* didn't recognize the instruction */ 1122 /* XXX quick hack for now: set the non-Java bit in the VSCR */ 1123 if (printk_ratelimit()) 1124 printk(KERN_ERR "Unrecognized altivec instruction " 1125 "in %s at %lx\n", current->comm, regs->nip); 1126 current->thread.vscr.u[3] |= 0x10000; 1127 } 1128 } 1129 #endif /* CONFIG_ALTIVEC */ 1130 1131 #ifdef CONFIG_VSX 1132 void vsx_assist_exception(struct pt_regs *regs) 1133 { 1134 if (!user_mode(regs)) { 1135 printk(KERN_EMERG "VSX assist exception in kernel mode" 1136 " at %lx\n", regs->nip); 1137 die("Kernel VSX assist exception", regs, SIGILL); 1138 } 1139 1140 flush_vsx_to_thread(current); 1141 printk(KERN_INFO "VSX assist not supported at %lx\n", regs->nip); 1142 _exception(SIGILL, regs, ILL_ILLOPC, regs->nip); 1143 } 1144 #endif /* CONFIG_VSX */ 1145 1146 #ifdef CONFIG_FSL_BOOKE 1147 void CacheLockingException(struct pt_regs *regs, unsigned long address, 1148 unsigned long error_code) 1149 { 1150 /* We treat cache locking instructions from the user 1151 * as priv ops, in the future we could try to do 1152 * something smarter 1153 */ 1154 if (error_code & (ESR_DLK|ESR_ILK)) 1155 _exception(SIGILL, regs, ILL_PRVOPC, regs->nip); 1156 return; 1157 } 1158 #endif /* CONFIG_FSL_BOOKE */ 1159 1160 #ifdef CONFIG_SPE 1161 void SPEFloatingPointException(struct pt_regs *regs) 1162 { 1163 unsigned long spefscr; 1164 int fpexc_mode; 1165 int code = 0; 1166 1167 spefscr = current->thread.spefscr; 1168 fpexc_mode = current->thread.fpexc_mode; 1169 1170 /* Hardware does not neccessarily set sticky 1171 * underflow/overflow/invalid flags */ 1172 if ((spefscr & SPEFSCR_FOVF) && (fpexc_mode & PR_FP_EXC_OVF)) { 1173 code = FPE_FLTOVF; 1174 spefscr |= SPEFSCR_FOVFS; 1175 } 1176 else if ((spefscr & SPEFSCR_FUNF) && (fpexc_mode & PR_FP_EXC_UND)) { 1177 code = FPE_FLTUND; 1178 spefscr |= SPEFSCR_FUNFS; 1179 } 1180 else if ((spefscr & SPEFSCR_FDBZ) && (fpexc_mode & PR_FP_EXC_DIV)) 1181 code = FPE_FLTDIV; 1182 else if ((spefscr & SPEFSCR_FINV) && (fpexc_mode & PR_FP_EXC_INV)) { 1183 code = FPE_FLTINV; 1184 spefscr |= SPEFSCR_FINVS; 1185 } 1186 else if ((spefscr & (SPEFSCR_FG | SPEFSCR_FX)) && (fpexc_mode & PR_FP_EXC_RES)) 1187 code = FPE_FLTRES; 1188 1189 current->thread.spefscr = spefscr; 1190 1191 _exception(SIGFPE, regs, code, regs->nip); 1192 return; 1193 } 1194 #endif 1195 1196 /* 1197 * We enter here if we get an unrecoverable exception, that is, one 1198 * that happened at a point where the RI (recoverable interrupt) bit 1199 * in the MSR is 0. This indicates that SRR0/1 are live, and that 1200 * we therefore lost state by taking this exception. 1201 */ 1202 void unrecoverable_exception(struct pt_regs *regs) 1203 { 1204 printk(KERN_EMERG "Unrecoverable exception %lx at %lx\n", 1205 regs->trap, regs->nip); 1206 die("Unrecoverable exception", regs, SIGABRT); 1207 } 1208 1209 #ifdef CONFIG_BOOKE_WDT 1210 /* 1211 * Default handler for a Watchdog exception, 1212 * spins until a reboot occurs 1213 */ 1214 void __attribute__ ((weak)) WatchdogHandler(struct pt_regs *regs) 1215 { 1216 /* Generic WatchdogHandler, implement your own */ 1217 mtspr(SPRN_TCR, mfspr(SPRN_TCR)&(~TCR_WIE)); 1218 return; 1219 } 1220 1221 void WatchdogException(struct pt_regs *regs) 1222 { 1223 printk (KERN_EMERG "PowerPC Book-E Watchdog Exception\n"); 1224 WatchdogHandler(regs); 1225 } 1226 #endif 1227 1228 /* 1229 * We enter here if we discover during exception entry that we are 1230 * running in supervisor mode with a userspace value in the stack pointer. 1231 */ 1232 void kernel_bad_stack(struct pt_regs *regs) 1233 { 1234 printk(KERN_EMERG "Bad kernel stack pointer %lx at %lx\n", 1235 regs->gpr[1], regs->nip); 1236 die("Bad kernel stack pointer", regs, SIGABRT); 1237 } 1238 1239 void __init trap_init(void) 1240 { 1241 } 1242