summaryrefslogtreecommitdiff
path: root/arch/mips/math-emu/cp1emu.c
AgeCommit message (Collapse)Author
2017-12-12MIPS: math-emu: Mark fall throughs in switch statements with a commentAleksandar Markovic
Mark intentional fall throughs in switch statements with a consistent comment. In most of the cases, a new comment line containing text "fall through" is inserted. In some of the cases, existing comment contained a variation of the text "fall through" (for example, "FALL THROUGH" or "drop through"). In such cases, the existing comment is modified to contain "fall through". Lastly, in two cases, code segments were described in comments as "fall througs", but were in reality "breaks out" of switch statement. In such cases, existing comments are accordingly modified. Apart from making code easier to follow and debug, this change enables some static code analysers to interpret newly inserted comments as their annotations (and, therefore, not issue warnings of type "fall through in switch statement", which is desireable, since marked fallthroughs are intentional). Signed-off-by: Aleksandar Markovic <aleksandar.markovic@mips.com> Cc: Douglas Leung <douglas.leung@mips.com> Cc: Goran Ferenc <goran.ferenc@mips.com> Cc: James Hogan <james.hogan@mips.com> Cc: Maciej W. Rozycki <macro@mips.com> Cc: Manuel Lauss <manuel.lauss@gmail.com> Cc: Miodrag Dinic <miodrag.dinic@mips.com> Cc: Paul Burton <paul.burton@mips.com> Cc: Petar Jovanovic <petar.jovanovic@mips.com> Cc: Raghu Gandham <raghu.gandham@mips.com> Cc: linux-kernel@vger.kernel.org Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/17588/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-12-12MIPS: math-emu: Avoid multiple assignmentAleksandar Markovic
Replace several instances of multiple assignment with individual assignments. Signed-off-by: Aleksandar Markovic <aleksandar.markovic@mips.com> Cc: Douglas Leung <douglas.leung@mips.com> Cc: Goran Ferenc <goran.ferenc@mips.com> Cc: James Hogan <james.hogan@mips.com> Cc: Maciej W. Rozycki <macro@mips.com> Cc: Manuel Lauss <manuel.lauss@gmail.com> Cc: Miodrag Dinic <miodrag.dinic@mips.com> Cc: Paul Burton <paul.burton@mips.com> Cc: Petar Jovanovic <petar.jovanovic@mips.com> Cc: Raghu Gandham <raghu.gandham@mips.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17587/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-12-12MIPS: math-emu: Avoid an assignment within if statement conditionAleksandar Markovic
Move invocation of fpu_emu() to be out of if statement condition. This makes code easier to follow and debug, and fixes a checkpatch warning. Signed-off-by: Aleksandar Markovic <aleksandar.markovic@mips.com> Cc: Douglas Leung <douglas.leung@mips.com> Cc: Goran Ferenc <goran.ferenc@mips.com> Cc: James Hogan <james.hogan@mips.com> Cc: Maciej W. Rozycki <macro@mips.com> Cc: Miodrag Dinic <miodrag.dinic@mips.com> Cc: Paul Burton <paul.burton@mips.com> Cc: Petar Jovanovic <petar.jovanovic@mips.com> Cc: Raghu Gandham <raghu.gandham@mips.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17586/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-11-15Merge tag 'mips_4.15' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips Pull MIPS updates from James Hogan: "These are the main MIPS changes for 4.15. Fixes: - ralink: Fix MT7620 PCI build issues (4.5) - Disable cmpxchg64() and HAVE_VIRT_CPU_ACCOUNTING_GEN for 32-bit SMP (4.1) - Fix MIPS64 FP save/restore on 32-bit kernels (4.0) - ptrace: Pick up ptrace/seccomp changed syscall numbers (3.19) - ralink: Fix MT7628 pinmux (3.19) - BCM47XX: Fix LED inversion on WRT54GSv1 (3.17) - Fix n32 core dumping as o32 since regset support (3.13) - ralink: Drop obsolete USB_ARCH_HAS_HCD select Build system: - Default to "generic" (multiplatform) system type instead of IP22 - Use generic little endian MIPS32 r2 configuration as default defconfig instead of ip22_defconfig FPU emulation: - Fix exception generation for certain R6 FPU instructions SMP: - Allow __cpu_number_map to be larger than NR_CPUS for sparse CPU id spaces Miscellaneous: - Add iomem resource for kernel bss section for kexec/kdump - Atomics: Nudge writes on bit unlock - DT files: Standardise "ok" -> "okay" Minor cleanups: - Define virt_to_pfn() - Make thread_saved_pc static - Simplify 32-bit sign extension in __read_64bit_c0_split() - DMA: Use vma_pages() helper - FPU emulation: Replace unsigned with unsigned int - MM: Removed unused lastpfn - Alchemy: Make clk_ops const - Lasat: Use setup_timer() helper - ralink: Use BIT() in MT7620 PCI driver Platform support: BMIPS: - Enable HARDIRQS_SW_RESEND Broadcom BCM63XX: - Add clkdev lookup support - Update clk driver, UART driver, DTs to handle named refclk from DTs - Split apart various clocks to more closely match hardware - Add ethernet clocks Cavium Octeon: - Remove usage of cvmx_wait() in favour of __delay() ImgTec Pistachio: - DT: Drop deprecated dwmmc num-slots property Ingenic JZ4780: - Add NFS root to Ci20 defconfig - Add watchdog to Ci20 DT & defconfig, and allow building of watchdog driver with this SoC Generic (multiplatform): - Migrate xilfpga (MIPSfpga) platform to the generic platform Lantiq xway: - Fix ASC0/ASC1 clocks" * tag 'mips_4.15' of git://git.kernel.org/pub/scm/linux/kernel/git/jhogan/mips: (46 commits) MIPS: Add iomem resource for kernel bss section. MIPS: cmpxchg64() and HAVE_VIRT_CPU_ACCOUNTING_GEN don't work for 32-bit SMP MIPS: BMIPS: Enable HARDIRQS_SW_RESEND MIPS: pci: Make use of the BIT() macro inside the mt7620 driver MIPS: pci: Remove KERN_WARN instance inside the mt7620 driver MIPS: pci: Remove duplicate define in mt7620 driver MIPS: ralink: Fix typo in mt7628 pinmux function MIPS: ralink: Fix MT7628 pinmux MIPS: Fix odd fp register warnings with MIPS64r2 watchdog: jz4780: Allow selection of jz4740-wdt driver MIPS/ptrace: Update syscall nr on register changes MIPS/ptrace: Pick up ptrace/seccomp changed syscalls MIPS: Fix an n32 core file generation regset support regression MIPS: Fix MIPS64 FP save/restore on 32-bit kernels MIPS: page.h: Define virt_to_pfn() MIPS: Xilfpga: Switch to using generic defconfigs MIPS: generic: Add support for MIPSfpga MIPS: Set defconfig target to a generic system for 32r2el MIPS: Kconfig: Set default MIPS system type as generic MIPS: DTS: Remove num-slots from Pistachio SoC ...
2017-11-07MIPS: math-emu: Use preferred flavor of unsigned integer declarationsAleksandar Markovic
Fix occurences of unsigned integer variable declarations that are not preferred by standards of checkpatch scripts. This removes a significant number of checkpatch warnings for files in math-emu directory (several files become completely warning-free), and thus makes easier to spot (now and in the future) other, perhaps more significant, checkpatch errors and warnings. Signed-off-by: Aleksandar Markovic <aleksandar.markovic@mips.com> Reviewed-by: James Hogan <jhogan@kernel.org> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Douglas Leung <douglas.leung@mips.com> Cc: Goran Ferenc <goran.ferenc@mips.com> Cc: "Maciej W. Rozycki" <macro@imgtec.com> Cc: Manuel Lauss <manuel.lauss@gmail.com> Cc: Miodrag Dinic <miodrag.dinic@mips.com> Cc: Paul Burton <paul.burton@mips.com> Cc: Petar Jovanovic <petar.jovanovic@mips.com> Cc: Raghu Gandham <raghu.gandham@mips.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/17582/ Signed-off-by: James Hogan <jhogan@kernel.org>
2017-11-07MIPS: math-emu: Fix final emulation phase for certain instructionsAleksandar Markovic
Fix final phase of <CLASS|MADDF|MSUBF|MAX|MIN|MAXA|MINA>.<D|S> emulation. Provide proper generation of SIGFPE signal and updating debugfs FP exception stats in cases of any exception flags set in preceding phases of emulation. CLASS.<D|S> instruction may generate "Unimplemented Operation" FP exception. <MADDF|MSUBF>.<D|S> instructions may generate "Inexact", "Unimplemented Operation", "Invalid Operation", "Overflow", and "Underflow" FP exceptions. <MAX|MIN|MAXA|MINA>.<D|S> instructions can generate "Unimplemented Operation" and "Invalid Operation" FP exceptions. The proper final processing of the cases when any FP exception flag is set is achieved by replacing "break" statement with "goto copcsr" statement. With such solution, this patch brings the final phase of emulation of the above instructions consistent with the one corresponding to the previously implemented emulation of other related FPU instructions (ADD, SUB, etc.). Fixes: 38db37ba069f ("MIPS: math-emu: Add support for the MIPS R6 CLASS FPU instruction") Fixes: e24c3bec3e8e ("MIPS: math-emu: Add support for the MIPS R6 MADDF FPU instruction") Fixes: 83d43305a1df ("MIPS: math-emu: Add support for the MIPS R6 MSUBF FPU instruction") Fixes: a79f5f9ba508 ("MIPS: math-emu: Add support for the MIPS R6 MAX{, A} FPU instruction") Fixes: 4e9561b20e2f ("MIPS: math-emu: Add support for the MIPS R6 MIN{, A} FPU instruction") Signed-off-by: Aleksandar Markovic <aleksandar.markovic@mips.com> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Douglas Leung <douglas.leung@mips.com> Cc: Goran Ferenc <goran.ferenc@mips.com> Cc: "Maciej W. Rozycki" <macro@imgtec.com> Cc: Miodrag Dinic <miodrag.dinic@mips.com> Cc: Paul Burton <paul.burton@mips.com> Cc: Petar Jovanovic <petar.jovanovic@mips.com> Cc: Raghu Gandham <raghu.gandham@mips.com> Cc: linux-mips@linux-mips.org Cc: <stable@vger.kernel.org> # 4.3+ Patchwork: https://patchwork.linux-mips.org/patch/17581/ Signed-off-by: James Hogan <jhogan@kernel.org>
2017-10-09MIPS: math-emu: Remove pr_err() calls from fpu_emu()Paul Burton
The FPU emulator includes 2 calls to pr_err() which are triggered by invalid instruction encodings for MIPSr6 cmp.cond.fmt instructions. These cases are not kernel errors, merely invalid instructions which are already handled by delivering a SIGILL which will provide notification that something failed in cases where that makes sense. In cases where that SIGILL is somewhat expected & being handled, for example when crashme happens to generate one of the affected bad encodings, the message is printed with no useful context about what triggered it & spams the kernel log for no good reason. Remove the pr_err() calls to make crashme run silently & treat the bad encodings the same way we do others, with a SIGILL & no further kernel log output. Signed-off-by: Paul Burton <paul.burton@imgtec.com> Fixes: f8c3c6717a71 ("MIPS: math-emu: Add support for the CMP.condn.fmt R6 instruction") Cc: linux-mips@linux-mips.org Cc: stable <stable@vger.kernel.org> # v4.3+ Patchwork: https://patchwork.linux-mips.org/patch/17253/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-08-29MIPS: math-emu: Add FP emu debugfs stats for individual instructionsAleksandar Markovic
Add FP emulation debugfs statistics for individual instructions. The debugfs files that contain counter values are placed in a separate directory called "instructions". This means that the default path for these new stat is "/sys/kernel/debug/mips/fpuemustats/instructions". Each instruction counter is mapped to the debugfs file that has the same name as instruction name. The lowercase is choosen as more commonly used case for instruction names. One example of usage: mips_host::/sys/kernel/debug/mips/fpuemustats/instructions # grep "" * The shortened output of this command is: abs.d:34 abs.s:5711 add.d:10401 add.s:399307 bc1eqz:3199 ... ... ... sub.s:167211 trunc.l.d:375 trunc.l.s:8054 trunc.w.d:421 trunc.w.s:27032 The limitation of this patch is that it handles R6 FP emulation instructions only. There are altogether 114 handled instructions. Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com> Signed-off-by: Goran Ferenc <goran.ferenc@imgtec.com> Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com> Cc: Douglas Leung <douglas.leung@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: Maciej W. Rozycki <macro@imgtec.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Paul Burton <paul.burton@imgtec.com> Cc: Petar Jovanovic <petar.jovanovic@imgtec.com> Cc: Raghu Gandham <raghu.gandham@imgtec.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17145/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-08-29MIPS: math-emu: Add FP emu debugfs statistics for branchesAleksandar Markovic
Add FP emu debugfs counter for branches. The new counter is displayed the same way as existing counter, and its default path is /sys/kernel/debug/mips/fpuemustats/. The limitation of this counter is that it counts only R6 branch instructions BC1NEZ and BC1EQZ. Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com> Signed-off-by: Goran Ferenc <goran.ferenc@imgtec.com> Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com> Cc: Douglas Leung <douglas.leung@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: Maciej W. Rozycki <macro@imgtec.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Paul Burton <paul.burton@imgtec.com> Cc: Petar Jovanovic <petar.jovanovic@imgtec.com> Cc: Raghu Gandham <raghu.gandham@imgtec.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17143/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-08-29MIPS: math-emu: CLASS.D: Zero bits 32-63 of the resultAleksandar Markovic
Fix content of CLASS.D output bits 32-63 to match hardware behavior. Prior to this patch, bits 32-63 of CLASS.D output were not initialized, causing different 32-63 bits content of CLASS.D, based on circumstances. However, the hardware consistently returns all these bits zeroed. The documentation is not clear whether these bits should be zero or unpredictable. Since technically "all zero" case still can be viewed as belonging to "unpredictable" class of results, it is better to zero bits 32-63. Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com> Signed-off-by: Goran Ferenc <goran.ferenc@imgtec.com> Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com> Cc: Douglas Leung <douglas.leung@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: Maciej W. Rozycki <macro@imgtec.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Paul Burton <paul.burton@imgtec.com> Cc: Petar Jovanovic <petar.jovanovic@imgtec.com> Cc: Raghu Gandham <raghu.gandham@imgtec.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17142/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-08-29MIPS: math-emu: RINT.<D|S>: Fix several problems by reimplementationAleksandar Markovic
Reimplement RINT.<D|S> kernel emulation so that all RINT.<D|S> specifications are met. For the sake of simplicity, let's analyze RINT.S only. Prior to this patch, RINT.S emulation was essentially implemented as (in pseudocode) <output> = ieee754sp_flong(ieee754sp_tlong(<input>)), where ieee754sp_tlong() and ieee754sp_flong() are functions providing conversion from double to integer, and from integer to double, respectively. On surface, this implementation looks correct, but actually fails in many cases. Following problems were detected: 1. NaN and infinity cases will not be handled properly. The function ieee754sp_flong() never returns NaN nor infinity. 2. For RINT.S, for all inputs larger than LONG_MAX, and smaller than FLT_MAX, the result will be wrong, and the overflow exception will be erroneously set. A similar problem for negative inputs exists as well. 3. For some rounding modes, for some negative inputs close to zero, the return value will be zero, and should be -zero. This is because ieee754sp_flong() never returns -zero. This patch removes the problems above by implementing dedicated functions for RINT.<D|S> emulation. The core of the new function functionality is adapted version of the core of the function ieee754sp_tlong(). However, there are many details that are implemented to match RINT.<D|S> specification. It should be said that the functionality of ieee754sp_tlong() actually closely corresponds to CVT.L.S instruction, and it is used while emulating CVT.L.S. However, RINT.S and CVT.L.S instructions differ in many aspects. This patch fulfills missing support for RINT.<D|S>. Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com> Signed-off-by: Goran Ferenc <goran.ferenc@imgtec.com> Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com> Cc: David S. Miller <davem@davemloft.net> Cc: Douglas Leung <douglas.leung@imgtec.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Hans Verkuil <hans.verkuil@cisco.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: Maciej W. Rozycki <macro@imgtec.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Mauro Carvalho Chehab <mchehab@kernel.org> Cc: Paul Burton <paul.burton@imgtec.com> Cc: Petar Jovanovic <petar.jovanovic@imgtec.com> Cc: Raghu Gandham <raghu.gandham@imgtec.com> Cc: Randy Dunlap <rdunlap@infradead.org> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17141/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-08-29MIPS: math-emu: CMP.Sxxx.<D|S>: Prevent occurrences of SIGILL crashesAleksandar Markovic
Fix CMP.Sxxx.<D|S> SIGILL crashes by fixing main switch/case statement in fpu_emul() function so that inadvertent fall-troughs are prevented. Consider, let's say, CMP.SAF.S instruction when one of inputs is zero and another input is a signaling NaN. The desired output is zero, and the exception flag "invalid operation" set. For such case, the main portion of the implementation is within "d_fmt" case of the main "switch/case" statement in fpu_emul() function. The execution will follow one of "if-else" branches that doesn't contain "goto cop1scr;" statement, and will therefore reach the end of "d_fmt" case. It will subsequently fall through to the next case, "l_fmt". After following similar pattern, the execution will fall through to the succeeding case, which is "default". The "default" case contains "return SIGILL;" statement only. This means that the caller application will crash with "illegal instruction" message. It is obvious that above described fall-throughs are unnecessary and harmful. This patch rectifies that behavior by providing "break;" statements at the end of cases "d_fmt" and "l_fmt". There are 22 instructions affected by this problem: CMP.<SAF|SEQ|SLE|SLT|SNE|SOR|SUEQ|SULE|SULT|SUN|SUNE>.<D|S>. Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com> Signed-off-by: Goran Ferenc <goran.ferenc@imgtec.com> Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com> Cc: Douglas Leung <douglas.leung@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: Maciej W. Rozycki <macro@imgtec.com> Cc: Masahiro Yamada <yamada.masahiro@socionext.com> Cc: Paul Burton <paul.burton@imgtec.com> Cc: Petar Jovanovic <petar.jovanovic@imgtec.com> Cc: Raghu Gandham <raghu.gandham@imgtec.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17140/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-08-29MIPS: math-emu: Correct user fault_addr typePaul Burton
The fault_addr argument to fpu_emulator_cop1Handler(), fpux_emu() and cop1Emulate() has up until now been declared as: void *__user *fault_addr This is essentially a pointer in user memory which points to a pointer to void. This is not the intent for our code, which is actually operating on a pointer to a pointer to void where the pointer to void is pointing at user memory. ie. the pointer is in kernel memory & points to user memory. This mismatch produces a lot of sparse warnings that look like this: arch/mips/math-emu/cp1emu.c:1485:45: warning: incorrect type in assignment (different address spaces) expected void *[noderef] <asn:1><noident> got unsigned int [noderef] [usertype] <asn:1>*[assigned] va Fix these by modifying the declaration of the fault_addr argument to: void __user **fault_addr Signed-off-by: Paul Burton <paul.burton@imgtec.com> Cc: linux-mips@linux-mips.org Cc: trivial@kernel.org Patchwork: https://patchwork.linux-mips.org/patch/17173/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-08-29MIPS: math-emu: do not use bools for arithmeticManuel Lauss
GCC-7 complains about a boolean value being used with an arithmetic AND: arch/mips/math-emu/cp1emu.c: In function 'cop1Emulate': arch/mips/math-emu/cp1emu.c:838:14: warning: '~' on a boolean expression [-Wbool-operation] fpr = (x) & ~(cop1_64bit(xcp) == 0); \ ^ arch/mips/math-emu/cp1emu.c:1068:3: note: in expansion of macro 'DITOREG' DITOREG(dval, MIPSInst_RT(ir)); ^~~~~~~ arch/mips/math-emu/cp1emu.c:838:14: note: did you mean to use logical not? fpr = (x) & ~(cop1_64bit(xcp) == 0); \ Since cop1_64bit() returns and int, just flip the LSB. Suggested-by: Maciej W. Rozycki <macro@imgtec.com> Signed-off-by: Manuel Lauss <manuel.lauss@gmail.com> Reviewed-by: Maciej W. Rozycki <macro@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/17058/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-06-29MIPS: math-emu: For MFHC1/MTHC1 also return SIGILL right awayMaciej W. Rozycki
Update commit 1ac944007bed ("MIPS: math-emu: Add mfhc1 & mthc1 support.") and like done throughout `cop1Emulate' for other cases also for the MFHC1 and MTHC1 instructions return SIGILL right away rather than jumping to a single `return' statement. Signed-off-by: Maciej W. Rozycki <macro@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/16401/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-06-29MIPS: math-emu: Prevent wrong ISA mode instruction emulationMaciej W. Rozycki
Terminate FPU emulation immediately whenever an ISA mode switch has been observed. This is so that we do not interpret machine code in the wrong mode, for example when a regular MIPS FPU instruction has been placed in a delay slot of a jump that switches into the MIPS16 mode, as with the following code (taken from a GCC test suite case): 00400650 <set_fast_math>: 400650: 3c020100 lui v0,0x100 400654: 03e00008 jr ra 400658: 44c2f800 ctc1 v0,c1_fcsr 40065c: 00000000 nop [...] 004012d0 <__libc_csu_init>: 4012d0: f000 6a02 li v0,2 4012d4: f150 0b1c la v1,3f9430 <_DYNAMIC-0x6df0> 4012d8: f400 3240 sll v0,16 4012dc: e269 addu v0,v1 4012de: 659a move gp,v0 4012e0: f00c 64f6 save a0-a2,48,ra,s0-s1 4012e4: 673c move s1,gp 4012e6: f010 9978 lw v1,-32744(s1) 4012ea: d204 sw v0,16(sp) 4012ec: eb40 jalr v1 4012ee: 653b move t9,v1 4012f0: f010 997c lw v1,-32740(s1) 4012f4: f030 9920 lw s1,-32736(s1) 4012f8: e32f subu v1,s1 4012fa: 326b sra v0,v1,2 4012fc: d206 sw v0,24(sp) 4012fe: 220c beqz v0,401318 <__libc_csu_init+0x48> 401300: 6800 li s0,0 401302: 99e0 lw a3,0(s1) 401304: 4801 addiu s0,1 401306: 960e lw a2,56(sp) 401308: 4904 addiu s1,4 40130a: 950d lw a1,52(sp) 40130c: 940c lw a0,48(sp) 40130e: ef40 jalr a3 401310: 653f move t9,a3 401312: 9206 lw v0,24(sp) 401314: ea0a cmp v0,s0 401316: 61f5 btnez 401302 <__libc_csu_init+0x32> 401318: 6476 restore 48,ra,s0-s1 40131a: e8a0 jrc ra Here `set_fast_math' is called from `40130e' (`40130f' with the ISA bit) and emulation triggers for the CTC1 instruction. As it is in a jump delay slot emulation continues from `401312' (`401313' with the ISA bit). However we have no path to handle MIPS16 FPU code emulation, because there are no MIPS16 FPU instructions. So the default emulation path is taken, interpreting a 32-bit word fetched by `get_user' from `401313' as a regular MIPS instruction, which is: 401313: f5ea0a92 sdc1 $f10,2706(t7) This makes the FPU emulator proceed with the supposed SDC1 instruction and consequently makes the program considered here terminate with SIGSEGV. A similar although less severe issue exists with pure-microMIPS processors in the case where similarly an FPU instruction is emulated in a delay slot of a register jump that (incorrectly) switches into the regular MIPS mode. A subsequent instruction fetch from the jump's target is supposed to cause an Address Error exception, however instead we proceed with regular MIPS FPU emulation. For simplicity then, always terminate the emulation loop whenever a mode change is detected, denoted by an ISA mode bit flip. As from commit 377cb1b6c16a ("MIPS: Disable MIPS16/microMIPS crap for platforms not supporting these ASEs.") the result of `get_isa16_mode' can be hardcoded to 0, so we need to examine the ISA mode bit by hand. This complements commit 102cedc32a6e ("MIPS: microMIPS: Floating point support.") which added JALX decoding to FPU emulation. Fixes: 102cedc32a6e ("MIPS: microMIPS: Floating point support.") Signed-off-by: Maciej W. Rozycki <macro@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: linux-mips@linux-mips.org Cc: stable@vger.kernel.org # 3.9+ Patchwork: https://patchwork.linux-mips.org/patch/16393/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2017-04-10MIPS: math-emu: Fix BC1EQZ and BC1NEZ condition handlingDouglas Leung
Correct the treatment of branching conditions for BC1EQZ and BC1NEZ instructions in function isBranchInstr(). Previously, corresponding conditions were swapped, which in turn meant that, for these two instructions, function isBranchInstr() returned wrong value in its output parameter contpc. This change is actually an extension of the fix done by the commit 93583e178ebf ("MIPS: math-emu: Fix BC1{EQ,NE}Z emulation"). That commit dealt with a similar problem in function cop1Emulate(), while this commit deals with condition handling in function isBranchInstr(). The code styles of changes in these two commits are kept as consistent as possible. Signed-off-by: Douglas Leung <douglas.leung@imgtec.com> Signed-off-by: Miodrag Dinic <miodrag.dinic@imgtec.com> Signed-off-by: Aleksandar Markovic <aleksandar.markovic@imgtec.com> Reviewed-by: Paul Burton <paul.burton@imgtec.com> Cc: james.hogan@imgtec.com Cc: leonid.yegoshin@imgtec.com Cc: petar.jovanovic@imgtec.com Cc: goran.ferenc@imgtec.com Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/15489/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2016-12-24Replace <asm/uaccess.h> with <linux/uaccess.h> globallyLinus Torvalds
This was entirely automated, using the script by Al: PATT='^[[:blank:]]*#[[:blank:]]*include[[:blank:]]*<asm/uaccess.h>' sed -i -e "s!$PATT!#include <linux/uaccess.h>!" \ $(git grep -l "$PATT"|grep -v ^include/linux/uaccess.h) to do the replacement at the end of the merge window. Requested-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-10-11treewide: remove redundant #include <linux/kconfig.h>Masahiro Yamada
Kernel source files need not include <linux/kconfig.h> explicitly because the top Makefile forces to include it with: -include $(srctree)/include/linux/kconfig.h This commit removes explicit includes except the following: * arch/s390/include/asm/facilities_src.h * tools/testing/radix-tree/linux/kernel.h These two are used for host programs. Link: http://lkml.kernel.org/r/1473656164-11929-1-git-send-email-yamada.masahiro@socionext.com Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-08-06Merge branch 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linusLinus Torvalds
Pull MIPS updates from Ralf Baechle: "This is the main pull request for MIPS for 4.8. Also includes is a minor SSB cleanup as SSB code traditionally is merged through the MIPS tree: ATH25: - MIPS: Add default configuration for ath25 Boot: - For zboot, copy appended dtb to the end of the kernel - store the appended dtb address in a variable BPF: - Fix off by one error in offset allocation Cobalt code: - Fix typos Core code: - debugfs_create_file returns NULL on error, so don't use IS_ERR for testing for errors. - Fix double locking issue in RM7000 S-cache code. This would only affect RM7000 ARC systems on reboot. - Fix page table corruption on THP permission changes. - Use compat_sys_keyctl for 32 bit userspace on 64 bit kernels. David says, there are no compatibility issues raised by this fix. - Move some signal code around. - Rewrite r4k count/compare clockevent device registration such that min_delta_ticks/max_delta_ticks files are guaranteed to be initialized. - Only register r4k count/compare as clockevent device if we can assume the clock to be constant. - Fix MSA asm warnings in control reg accessors - uasm and tlbex fixes and tweaking. - Print segment physical address when EU=1. - Define AT_VECTOR_SIZE_ARCH for ARCH_DLINFO. - CP: Allow booting by VP other than VP 0 - Cache handling fixes and optimizations for r4k class caches - Add hotplug support for R6 processors - Cleanup hotplug bits in kconfig - traps: return correct si code for accessing nonmapped addresses - Remove cpu_has_safe_index_cacheops Lantiq: - Register IRQ handler for virtual IRQ number - Fix EIU interrupt loading code - Use the real EXIN count - Fix build error. Loongson 3: - Increase HPET_MIN_PROG_DELTA and decrease HPET_MIN_CYCLES Octeon: - Delete built-in DTB pruning code for D-Link DSR-1000N. - Clean up GPIO definitions in dlink_dsr-1000n.dts. - Add more LEDs to the DSR-100n DTS - Fix off by one in octeon_irq_gpio_map() - Typo fixes - Enable SATA by default in cavium_octeon_defconfig - Support readq/writeq() - Remove forced mappings of USB interrupts. - Ensure DMA descriptors are always in the low 4GB - Improve USB reset code for OCTEON II. Pistachio: - Add maintainers entry for pistachio SoC Support - Remove plat_setup_iocoherency Ralink: - Fix pwm UART in spis group pinmux. SSB: - Change bare unsigned to unsigned int to suit coding style Tools: - Fix reloc tool compiler warnings. Other: - Delete use of ARCH_WANT_OPTIONAL_GPIOLIB" * 'upstream' of git://git.linux-mips.org/pub/scm/ralf/upstream-linus: (61 commits) MIPS: mm: Fix definition of R6 cache instruction MIPS: tools: Fix relocs tool compiler warnings MIPS: Cobalt: Fix typo MIPS: Octeon: Fix typo MIPS: Lantiq: Fix build failure MIPS: Use CPHYSADDR to implement mips32 __pa MIPS: Octeon: Dlink_dsr-1000n.dts: add more leds. MIPS: Octeon: Clean up GPIO definitions in dlink_dsr-1000n.dts. MIPS: Octeon: Delete built-in DTB pruning code for D-Link DSR-1000N. MIPS: store the appended dtb address in a variable MIPS: ZBOOT: copy appended dtb to the end of the kernel MIPS: ralink: fix spis group pinmux MIPS: Factor o32 specific code into signal_o32.c MIPS: non-exec stack & heap when non-exec PT_GNU_STACK is present MIPS: Use per-mm page to execute branch delay slot instructions MIPS: Modify error handling MIPS: c-r4k: Use SMP calls for CM indexed cache ops MIPS: c-r4k: Avoid small flush_icache_range SMP calls MIPS: c-r4k: Local flush_icache_range cache op override MIPS: c-r4k: Split r4k_flush_kernel_vmap_range() ...
2016-08-04tree-wide: replace config_enabled() with IS_ENABLED()Masahiro Yamada
The use of config_enabled() against config options is ambiguous. In practical terms, config_enabled() is equivalent to IS_BUILTIN(), but the author might have used it for the meaning of IS_ENABLED(). Using IS_ENABLED(), IS_BUILTIN(), IS_MODULE() etc. makes the intention clearer. This commit replaces config_enabled() with IS_ENABLED() where possible. This commit is only touching bool config options. I noticed two cases where config_enabled() is used against a tristate option: - config_enabled(CONFIG_HWMON) [ drivers/net/wireless/ath/ath10k/thermal.c ] - config_enabled(CONFIG_BACKLIGHT_CLASS_DEVICE) [ drivers/gpu/drm/gma500/opregion.c ] I did not touch them because they should be converted to IS_BUILTIN() in order to keep the logic, but I was not sure it was the authors' intention. Link: http://lkml.kernel.org/r/1465215656-20569-1-git-send-email-yamada.masahiro@socionext.com Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> Acked-by: Kees Cook <keescook@chromium.org> Cc: Stas Sergeev <stsp@list.ru> Cc: Matt Redfearn <matt.redfearn@imgtec.com> Cc: Joshua Kinard <kumba@gentoo.org> Cc: Jiri Slaby <jslaby@suse.com> Cc: Bjorn Helgaas <bhelgaas@google.com> Cc: Borislav Petkov <bp@suse.de> Cc: Markos Chandras <markos.chandras@imgtec.com> Cc: "Dmitry V. Levin" <ldv@altlinux.org> Cc: yu-cheng yu <yu-cheng.yu@intel.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: Brian Gerst <brgerst@gmail.com> Cc: Johannes Berg <johannes@sipsolutions.net> Cc: Peter Zijlstra <peterz@infradead.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: Will Drewry <wad@chromium.org> Cc: Nikolay Martynov <mar.kolya@gmail.com> Cc: Huacai Chen <chenhc@lemote.com> Cc: "H. Peter Anvin" <hpa@zytor.com> Cc: Thomas Gleixner <tglx@linutronix.de> Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Leonid Yegoshin <Leonid.Yegoshin@imgtec.com> Cc: Rafal Milecki <zajec5@gmail.com> Cc: James Cowgill <James.Cowgill@imgtec.com> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org> Cc: Ralf Baechle <ralf@linux-mips.org> Cc: Alex Smith <alex.smith@imgtec.com> Cc: Adam Buchbinder <adam.buchbinder@gmail.com> Cc: Qais Yousef <qais.yousef@imgtec.com> Cc: Jiang Liu <jiang.liu@linux.intel.com> Cc: Mikko Rapeli <mikko.rapeli@iki.fi> Cc: Paul Gortmaker <paul.gortmaker@windriver.com> Cc: Denys Vlasenko <dvlasenk@redhat.com> Cc: Brian Norris <computersforpeace@gmail.com> Cc: Hidehiro Kawai <hidehiro.kawai.ez@hitachi.com> Cc: "Luis R. Rodriguez" <mcgrof@do-not-panic.com> Cc: Andy Lutomirski <luto@amacapital.net> Cc: Ingo Molnar <mingo@redhat.com> Cc: Dave Hansen <dave.hansen@linux.intel.com> Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com> Cc: Roland McGrath <roland@hack.frob.com> Cc: Paul Burton <paul.burton@imgtec.com> Cc: Kalle Valo <kvalo@qca.qualcomm.com> Cc: Viresh Kumar <viresh.kumar@linaro.org> Cc: Tony Wu <tung7970@gmail.com> Cc: Huaitong Han <huaitong.han@intel.com> Cc: Sumit Semwal <sumit.semwal@linaro.org> Cc: Alexei Starovoitov <ast@kernel.org> Cc: Juergen Gross <jgross@suse.com> Cc: Jason Cooper <jason@lakedaemon.net> Cc: "David S. Miller" <davem@davemloft.net> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Andrea Gelmini <andrea.gelmini@gelma.net> Cc: David Woodhouse <dwmw2@infradead.org> Cc: Marc Zyngier <marc.zyngier@arm.com> Cc: Rabin Vincent <rabin@rab.in> Cc: "Maciej W. Rozycki" <macro@imgtec.com> Cc: David Daney <david.daney@cavium.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2016-08-02MIPS: Use per-mm page to execute branch delay slot instructionsPaul Burton
In some cases the kernel needs to execute an instruction from the delay slot of an emulated branch instruction. These cases include: - Emulated floating point branch instructions (bc1[ft]l?) for systems which don't include an FPU, or upon which the kernel is run with the "nofpu" parameter. - MIPSr6 systems running binaries targeting older revisions of the architecture, which may include branch instructions whose encodings are no longer valid in MIPSr6. Executing instructions from such delay slots is done by writing the instruction to memory followed by a trap, as part of an "emuframe", and executing it. This avoids the requirement of an emulator for the entire MIPS instruction set. Prior to this patch such emuframes are written to the user stack and executed from there. This patch moves FP branch delay emuframes off of the user stack and into a per-mm page. Allocating a page per-mm leaves userland with access to only what it had access to previously, and compared to other solutions is relatively simple. When a thread requires a delay slot emulation, it is allocated a frame. A thread may only have one frame allocated at any one time, since it may only ever be executing one instruction at any one time. In order to ensure that we can free up allocated frame later, its index is recorded in struct thread_struct. In the typical case, after executing the delay slot instruction we'll execute a break instruction with the BRK_MEMU code. This traps back to the kernel & leads to a call to do_dsemulret which frees the allocated frame & moves the user PC back to the instruction that would have executed following the emulated branch. In some cases the delay slot instruction may be invalid, such as a branch, or may trigger an exception. In these cases the BRK_MEMU break instruction will not be hit. In order to ensure that frames are freed this patch introduces dsemul_thread_cleanup() and calls it to free any allocated frame upon thread exit. If the instruction generated an exception & leads to a signal being delivered to the thread, or indeed if a signal simply happens to be delivered to the thread whilst it is executing from the struct emuframe, then we need to take care to exit the frame appropriately. This is done by either rolling back the user PC to the branch or advancing it to the continuation PC prior to signal delivery, using dsemul_thread_rollback(). If this were not done then a sigreturn would return to the struct emuframe, and if that frame had meanwhile been used in response to an emulated branch instruction within the signal handler then we would execute the wrong user code. Whilst a user could theoretically place something like a compact branch to self in a delay slot and cause their thread to become stuck in an infinite loop with the frame never being deallocated, this would: - Only affect the users single process. - Be architecturally invalid since there would be a branch in the delay slot, which is forbidden. - Be extremely unlikely to happen by mistake, and provide a program with no more ability to harm the system than a simple infinite loop would. If a thread requires a delay slot emulation & no frame is available to it (ie. the process has enough other threads that all frames are currently in use) then the thread joins a waitqueue. It will sleep until a frame is freed by another thread in the process. Since we now know whether a thread has an allocated frame due to our tracking of its index, the cookie field of struct emuframe is removed as we can be more certain whether we have a valid frame. Since a thread may only ever have a single frame at any given time, the epc field of struct emuframe is also removed & the PC to continue from is instead stored in struct thread_struct. Together these changes simplify & shrink struct emuframe somewhat, allowing twice as many frames to fit into the page allocated for them. The primary benefit of this patch is that we are now free to mark the user stack non-executable where that is possible. Signed-off-by: Paul Burton <paul.burton@imgtec.com> Cc: Leonid Yegoshin <leonid.yegoshin@imgtec.com> Cc: Maciej Rozycki <maciej.rozycki@imgtec.com> Cc: Faraz Shahbazker <faraz.shahbazker@imgtec.com> Cc: Raghu Gandham <raghu.gandham@imgtec.com> Cc: Matthew Fortune <matthew.fortune@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/13764/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2016-07-05MIPS: inst.h: Rename cbcond{0,1}_op to pop{1,3}0_opPaul Burton
The opcodes currently defined in inst.h as cbcond0_op & cbcond1_op are actually defined in the MIPS base instruction set manuals as pop10 & pop30 respectively. Rename them as such, for consistency with the documentation. Signed-off-by: Paul Burton <paul.burton@imgtec.com> Signed-off-by: James Hogan <james.hogan@imgtec.com> Acked-by: Ralf Baechle <ralf@linux-mips.org> Cc: linux-mips@linux-mips.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-07-05MIPS: inst.h: Rename b{eq,ne}zcji[al]c_op to pop{6,7}6_opPaul Burton
The opcodes currently defined in inst.h as beqzcjic_op & bnezcjialc_op are actually defined in the MIPS base instruction set manuals as pop66 & pop76 respectively. Rename them as such, for consistency with the documentation. Signed-off-by: Paul Burton <paul.burton@imgtec.com> Signed-off-by: James Hogan <james.hogan@imgtec.com> Acked-by: Ralf Baechle <ralf@linux-mips.org> Cc: linux-mips@linux-mips.org Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-13MIPS: math-emu: Fix jalr emulation when rd == $0Paul Burton
When emulating a jalr instruction with rd == $0, the code in isBranchInstr was incorrectly writing to GPR $0 which should actually always remain zeroed. This would lead to any further instructions emulated which use $0 operating on a bogus value until the task is next context switched, at which point the value of $0 in the task context would be restored to the correct zero by a store in SAVE_SOME. Fix this by not writing to rd if it is $0. Fixes: 102cedc32a6e ("MIPS: microMIPS: Floating point support.") Signed-off-by: Paul Burton <paul.burton@imgtec.com> Cc: Maciej W. Rozycki <macro@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Cc: stable <stable@vger.kernel.org> # v3.10 Patchwork: https://patchwork.linux-mips.org/patch/13160/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2016-05-13MIPS: math-emu: Emulate MIPSr6 sel.fmt instructionPaul Burton
Add support for emulating the MIPSr6 sel.fmt instruction, which was previously missing from the FPU emulation code. This instruction selects its result from 2 possible source registers, based upon bit 0 of the destination register, and is valid only for S (single) & D (double) data types. Signed-off-by: Paul Burton <paul.burton@imgtec.com> Cc: Maciej W. Rozycki <macro@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/13153/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2016-05-13MIPS: math-emu: Fix BC1{EQ,NE}Z emulationPaul Burton
The conditions for branching when emulating the BC1EQZ & BC1NEZ instructions were backwards, leading to each of those instructions being treated as the other. Fix this by reversing the conditions, and clear up the code a little for readability & checkpatch. Fixes: c909ca718e8f ("MIPS: math-emu: Emulate missing BC1{EQ,NE}Z instructions") Signed-off-by: Paul Burton <paul.burton@imgtec.com> Reviewed-by: James Hogan <james.hogan@imgtec.com> Cc: Maciej W. Rozycki <macro@imgtec.com> Cc: linux-mips@linux-mips.org Cc: linux-kernel@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/13150/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2016-01-24MIPS: math-emu: Correctly handle NOP emulationMaciej W. Rozycki
Fix an issue introduced with commit 9ab4471c9f1b ("MIPS: math-emu: Correct delay-slot exception propagation") where the emulation of a NOP instruction signals the need to terminate the emulation loop. This in turn, if the PC has not changed from the entry to the loop, will cause the kernel to terminate the program with SIGILL. Consider this program: static double div(double d) { do d /= 2.0; while (d > .5); return d; } int main(int argc, char **argv) { return div(argc); } which gets compiled to the following binary code: 00400490 <main>: 400490: 44840000 mtc1 a0,$f0 400494: 3c020040 lui v0,0x40 400498: d44207f8 ldc1 $f2,2040(v0) 40049c: 46800021 cvt.d.w $f0,$f0 4004a0: 46220002 mul.d $f0,$f0,$f2 4004a4: 4620103c c.lt.d $f2,$f0 4004a8: 4501fffd bc1t 4004a0 <main+0x10> 4004ac: 00000000 nop 4004b0: 4620000d trunc.w.d $f0,$f0 4004b4: 03e00008 jr ra 4004b8: 44020000 mfc1 v0,$f0 4004bc: 00000000 nop Where the FPU emulator is used, depending on the number of command-line arguments this code will either run to completion or terminate with SIGILL. If no arguments are specified, then BC1T will not be taken, NOP will not be emulated and code will complete successfully. If one argument is specified, then BC1T will be taken once and NOP will be emulated. At this point the entry PC value will be 0x400498 and the new PC value, set by `mips_dsemul' will be 0x4004a0, the target of BC1T. The emulation loop will terminate, but SIGILL will not be issued, because the PC has changed. The FPU emulator will be entered again and on the second execution BC1T will not be taken, NOP will not be emulated and code will complete successfully. If two or more arguments are specified, then the first execution of BC1T will proceed as above. Upon reentering the FPU emulator the emulation loop will continue to BC1T, at which point the branch will be taken and NOP emulated again. At this point however the entry PC value will be 0x4004a0, the same as the target of BC1T. This will make the emulator conclude that execution has not advanced and therefore an unsupported FPU instruction has been encountered, and SIGILL will be sent to the process. Fix the problem by extending the internal API of `mips_dsemul', making it return -1 if no delay slot emulation frame has been made, the instruction has been handled and execution of the emulation loop needs to continue as if nothing happened. Remove code from `mips_dsemul' to reproduce steps made by the emulation loop at the conclusion of each iteration, as those will be reached normally now. Adjust call sites accordingly. Document the API. Signed-off-by: Maciej W. Rozycki <macro@imgtec.com> Cc: Aurelien Jarno <aurelien@aurel32.net> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/12172/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the MIPS R6 MAX{, A} FPU instructionMarkos Chandras
MIPS R6 introduced the following instruction: Scalar Floating-Point Maximum and Scalar Floating-Point argument with Maximum Absolute Value MAX.fmt writes the maximum value of the inputs fs and ft to the destination fd. MAXA.fmt takes input arguments fs and ft and writes the argument with the maximum absolute value to the destination fd. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10961/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the MIPS R6 MIN{, A} FPU instructionMarkos Chandras
MIPS R6 introduced the following instruction: Scalar Floating-Point Minimum and Scalar Floating-Point argument with Minimum Absolute Value MIN.fmt writes the minimum value of the inputs fs and ft to the destination fd. MINA.fmt takes input arguments fs and ft and writes the argument with the minimum absolute value to the destination fd. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10960/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the MIPS R6 CLASS FPU instructionMarkos Chandras
MIPS R6 introduced the following instruction: Stores in fd a bit mask reflecting the floating-point class of the floating point scalar value fs. CLASS.fmt: FPR[fd] = class(FPR[fs]) Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10959/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the MIPS R6 RINT FPU instructionMarkos Chandras
MIPS R6 introduced the following instruction: Floating-Point Round to Integral Scalar floating-point round to integral floating point value. RINT.fmt: FPR[fd] = round_int(FPR[fs]) Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10958/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the MIPS R6 MSUBF FPU instructionMarkos Chandras
MIPS R6 introduced the following instruction: Floating Point Fused Multiply Subtract: MSUBF.fmt To perform a fused multiply-subtract of FP values. MSUBF.fmt: FPR[fd] = FPR[fd] - (FPR[fs] x FPR[ft]) Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10957/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the MIPS R6 MADDF FPU instructionMarkos Chandras
MIPS R6 introduced the following instruction: Floating Point Fused Multiply Add: MADDF.fmt To perform a fused multiply-add of FP values. MADDF.fmt: FPR[fd] = FPR[fd] + (FPR[fs] x FPR[ft]) Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10956/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the MIPS R6 SELNEZ FPU instructionMarkos Chandras
MIPS R6 introduced the following instruction: SELNEZ.fmt: FPR[fd]  FPR[ft].bit0 ? FPR[fs] : 0 Add support for emulating the single and double precision formats of the said instruction. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10955/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the MIPS R6 SELEQZ FPU instructionMarkos Chandras
MIPS R6 introduced the following instruction: SELEQZ.fmt: FPR[fd]  FPR[ft].bit0 ? 0 : FPR[fs] Add support for emulating the single and double precision formats of the said instruction. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10954/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Add support for the CMP.condn.fmt R6 instructionMarkos Chandras
Add support for emulating the new CMP.condn.fmt R6 instructions and return SIGILL for the old C.cond.fmt if R2 emulation is not enabled since it's not supported by R6. The functionality of the new CMP.condn.fmt is the following one: If the comparison specified by the condn field of the instruction is true for the operand values, the result is true; otherwise, the result is false. If no exception is taken, the result is written into FPR fd; true is all 1s and false is all 0s repeated the operand width of fmt. All other bits beyond the operand width fmt are UNPREDICTABLE. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10953/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Emulate missing BC1{EQ,NE}Z instructionsMarkos Chandras
Commit c8a34581ec09 ("MIPS: Emulate the BC1{EQ,NE}Z FPU instructions") added support for emulating the new R6 BC1{EQ,NE}Z branches but it missed the case where the instruction that caused the exception was not on a DS. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Fixes: c8a34581ec09 ("MIPS: Emulate the BC1{EQ,NE}Z FPU instructions") Cc: <stable@vger.kernel.org> # 4.0+ Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10738/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: math-emu: Allow m{f,t}hc emulation on MIPS R6Markos Chandras
The mfhc/mthc instructions are supported on MIPS R6 so emulate them if needed. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: <stable@vger.kernel.org> # 4.0+ Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10737/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-09-03MIPS: cp1emu: Fix closing bracket for the d_fmt caseMarkos Chandras
The double format (d_fmt) case uses an opening bracket which then closes at the end of the word format (w_fmt). This can be rather confusing so add the closing bracket at the end of the d_fmt case and use another one for the w_fmt one. Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10733/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-07-09MIPS: Fix erroneous JR emulation for MIPS R6Markos Chandras
Commit 5f9f41c474befb4ebbc40b27f65bb7d649241581 ("MIPS: kernel: Prepare the JR instruction for emulation on MIPS R6") added support for emulating the JR instruction on MIPS R6 cores but that introduced a bug which could be triggered when hitting a JALR opcode because the code used the wrong field in the 'r_format' struct to determine the instruction opcode. This lead to crashes because an emulated JALR instruction was treated as a JR one when the R6 emulator was turned off. Fixes: 5f9f41c474be ("MIPS: kernel: Prepare the JR instruction for emulation on MIPS R6") Cc: <stable@vger.kernel.org> # 4.0+ Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Cc: stable@vger.kernel.org Patchwork: https://patchwork.linux-mips.org/patch/10583/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-07-09MIPS: Fix branch emulation for BLTC and BGEC instructionsMarkos Chandras
Commits f1b44067c19258b7614e3cd09dfe8d8e12ff5895 ("MIPS: Emulate the new MIPS R6 B{L,G}T{Z,}{AL,}C instructions") and commit a8ff66f52d3f17b5ae793955270675c197f73d6c ("MIPS: Emulate the new MIPS R6 B{L,G}E{Z,}{AL,}C instructions") added support for emulating various branch compact instructions. However, it missed the case for those which use the old BLEZL and BGTZL opcodes leading to random crashes when the R6 emulator is disabled. We fix this by ensuring that the 'rt' field is not zero which is always true for these branch compact instructions. Fixes: f1b44067c192 ("MIPS: Emulate the new MIPS R6 B{L,G}T{Z,}{AL,}C instructions") Fixes: a8ff66f52d3f ("MIPS: Emulate the new MIPS R6 B{L,G}E{Z,}{AL,}C instructions") Cc: <stable@vger.kernel.org> # 4.0+ Signed-off-by: Markos Chandras <markos.chandras@imgtec.com> Cc: linux-mips@linux-mips.org Cc: Markos Chandras <markos.chandras@imgtec.com> Patchwork: https://patchwork.linux-mips.org/patch/10582/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-05-12MIPS: Fix a preemption issue with thread's FPU defaultsMaciej W. Rozycki
Fix "BUG: using smp_processor_id() in preemptible" reported in accesses to thread's FPU defaults: the value to initialise FSCR to at program startup, the FCSR r/w mask and the contents of FIR in full FPU emulation, removing a regression introduced with 9b26616c [MIPS: Respect the ISA level in FCSR handling] and f6843626 [MIPS: math-emu: Set FIR feature flags for full emulation]. Use `boot_cpu_data' to obtain the data from, following the approach that `cpu_has_*' macros take and avoiding the call to `smp_processor_id' made in the reference to `current_cpu_data'. The contents of FSCR have to be consistent across processors in an SMP system, the settings there must not change as a thread is migrated across processors. And the contents of FIR are guaranteed to be consistent in FPU emulation, by definition. Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Tested-by: Ezequiel Garcia <ezequiel.garcia@imgtec.com> Tested-by: Paul Martin <paul.martin@codethink.co.uk> Cc: Markos Chandras <Markos.Chandras@imgtec.com> Cc: James Hogan <james.hogan@imgtec.com> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/10030/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-04-08MIPS: Respect the ISA level in FCSR handlingMaciej W. Rozycki
Define the central place the default FCSR value is set from, initialised in `cpu_probe'. Determine the FCSR mask applied to values written to the register with CTC1 in the full emulation mode and via ptrace(2), according to the ISA level of processor hardware or the writability of bits 31:18 if actual FPU hardware is used. Software may rely on FCSR bits whose functions our emulator does not implement, so it should not allow them to be set or software may get confused. For ptrace(2) it's just sanity. [ralf@linux-mips.org: Fixed double inclusion of <asm/current.h>.] Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9711/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-04-08MIPS: math-emu: Define IEEE 754-2008 feature control bitsMaciej W. Rozycki
Define IEEE 754-2008 feature control bits: FIR.HAS2008, FCSR.ABS2008 and FCSR.NAN2008, and update the `_ieee754_csr' structure accordingly. For completeness define FIR.UFRP too. Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9709/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-04-08MIPS: math-emu: Implement the FCCR, FEXR and FENR registersMaciej W. Rozycki
Implement the FCCR, FEXR and FENR "shadow" FPU registers for the architecture levels that include them, for the CFC1 and CTC1 instructions in the full emulation mode. For completeness add macros for the CP1 UFR and UNFR registers too, no actual implementation though. Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9708/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-04-08MIPS: math-emu: Set FIR feature flags for full emulationMaciej W. Rozycki
Implement FIR feature flags in the FPU emulator according to features supported and architecture level requirements. The W, L and F64 bits have only been added at level #2 even though the features they refer to were also included with the MIPS64r1 ISA and the W fixed-point format also with the MIPS32r1 ISA. This is only relevant for the full emulation mode and the emulated CFC1 instruction as well as ptrace(2) accesses. Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9707/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-04-08MIPS: math-emu: Correct delay-slot exception propagationMaciej W. Rozycki
Restore EPC at the branch whose delay slot is emulated if the delay-slot instruction signals. This is so that code in `fpu_emulator_cop1Handler' does not see EPC having advanced and mistakenly successfully resume userland execution from the location at the branch target in that case. Restoring EPC guarantees an immediate exit from the emulation loop and if EPC hasn't advanced at all since entering the loop, also issuing the signal reported by the delay-slot instruction. Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9701/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-04-08MIPS: Correct FP ISA requirementsMaciej W. Rozycki
Correct ISA requirements for floating-point instructions: * the CU3 exception signifies a real COP3 instruction in MIPS I & II, * the BC1FL and BC1TL instructions are not supported in MIPS I, * the SQRT.fmt instructions are indeed supported in MIPS II, * the LDC1 and SDC1 instructions are indeed supported in MIPS32r1, * the CEIL.W.fmt, FLOOR.W.fmt, ROUND.W.fmt and TRUNC.W.fmt instructions are indeed supported in MIPS32, * the CVT.L.fmt and CVT.fmt.L instructions are indeed supported in MIPS32r2 and MIPS32r6, * the CEIL.L.fmt, FLOOR.L.fmt, ROUND.L.fmt and TRUNC.L.fmt instructions are indeed supported in MIPS32r2 and MIPS32r6, * the RSQRT.fmt and RECIP.fmt instructions are indeed supported in MIPS64r1, Also simplify conditionals for MIPS III and MIPS IV FPU instructions and the handling of the MOVCI minor opcode. Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9700/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>
2015-04-08MIPS: math-emu: Factor out CFC1/CTC1 emulationMaciej W. Rozycki
Move CFC1/CTC1 emulation code to separate functions to avoid excessive indentation in forthcoming changes. Adjust formatting in a minor way and remove extraneous round brackets. Signed-off-by: Maciej W. Rozycki <macro@linux-mips.org> Cc: linux-mips@linux-mips.org Patchwork: https://patchwork.linux-mips.org/patch/9682/ Signed-off-by: Ralf Baechle <ralf@linux-mips.org>