1 /*
2 * This file is subject to the terms and conditions of the GNU General Public
3 * License. See the file "COPYING" in the main directory of this archive
4 * for more details.
5 *
6 * Copyright (C) 1996, 97, 2000, 2001 by Ralf Baechle
7 * Copyright (C) 2001 MIPS Technologies, Inc.
8 */
9 #include <linux/kernel.h>
10 #include <linux/sched.h>
11 #include <linux/signal.h>
12 #include <linux/module.h>
13 #include <asm/branch.h>
14 #include <asm/cpu.h>
15 #include <asm/cpu-features.h>
16 #include <asm/fpu.h>
17 #include <asm/fpu_emulator.h>
18 #include <asm/inst.h>
19 #include <asm/mips-r2-to-r6-emul.h>
20 #include <asm/ptrace.h>
21 #include <asm/uaccess.h>
22
23 /*
24 * Calculate and return exception PC in case of branch delay slot
25 * for microMIPS and MIPS16e. It does not clear the ISA mode bit.
26 */
__isa_exception_epc(struct pt_regs * regs)27 int __isa_exception_epc(struct pt_regs *regs)
28 {
29 unsigned short inst;
30 long epc = regs->cp0_epc;
31
32 /* Calculate exception PC in branch delay slot. */
33 if (__get_user(inst, (u16 __user *) msk_isa16_mode(epc))) {
34 /* This should never happen because delay slot was checked. */
35 force_sig(SIGSEGV, current);
36 return epc;
37 }
38 if (cpu_has_mips16) {
39 union mips16e_instruction inst_mips16e;
40
41 inst_mips16e.full = inst;
42 if (inst_mips16e.ri.opcode == MIPS16e_jal_op)
43 epc += 4;
44 else
45 epc += 2;
46 } else if (mm_insn_16bit(inst))
47 epc += 2;
48 else
49 epc += 4;
50
51 return epc;
52 }
53
54 /* (microMIPS) Convert 16-bit register encoding to 32-bit register encoding. */
55 static const unsigned int reg16to32map[8] = {16, 17, 2, 3, 4, 5, 6, 7};
56
__mm_isBranchInstr(struct pt_regs * regs,struct mm_decoded_insn dec_insn,unsigned long * contpc)57 int __mm_isBranchInstr(struct pt_regs *regs, struct mm_decoded_insn dec_insn,
58 unsigned long *contpc)
59 {
60 union mips_instruction insn = (union mips_instruction)dec_insn.insn;
61 int bc_false = 0;
62 unsigned int fcr31;
63 unsigned int bit;
64
65 if (!cpu_has_mmips)
66 return 0;
67
68 switch (insn.mm_i_format.opcode) {
69 case mm_pool32a_op:
70 if ((insn.mm_i_format.simmediate & MM_POOL32A_MINOR_MASK) ==
71 mm_pool32axf_op) {
72 switch (insn.mm_i_format.simmediate >>
73 MM_POOL32A_MINOR_SHIFT) {
74 case mm_jalr_op:
75 case mm_jalrhb_op:
76 case mm_jalrs_op:
77 case mm_jalrshb_op:
78 if (insn.mm_i_format.rt != 0) /* Not mm_jr */
79 regs->regs[insn.mm_i_format.rt] =
80 regs->cp0_epc +
81 dec_insn.pc_inc +
82 dec_insn.next_pc_inc;
83 *contpc = regs->regs[insn.mm_i_format.rs];
84 return 1;
85 }
86 }
87 break;
88 case mm_pool32i_op:
89 switch (insn.mm_i_format.rt) {
90 case mm_bltzals_op:
91 case mm_bltzal_op:
92 regs->regs[31] = regs->cp0_epc +
93 dec_insn.pc_inc +
94 dec_insn.next_pc_inc;
95 /* Fall through */
96 case mm_bltz_op:
97 if ((long)regs->regs[insn.mm_i_format.rs] < 0)
98 *contpc = regs->cp0_epc +
99 dec_insn.pc_inc +
100 (insn.mm_i_format.simmediate << 1);
101 else
102 *contpc = regs->cp0_epc +
103 dec_insn.pc_inc +
104 dec_insn.next_pc_inc;
105 return 1;
106 case mm_bgezals_op:
107 case mm_bgezal_op:
108 regs->regs[31] = regs->cp0_epc +
109 dec_insn.pc_inc +
110 dec_insn.next_pc_inc;
111 /* Fall through */
112 case mm_bgez_op:
113 if ((long)regs->regs[insn.mm_i_format.rs] >= 0)
114 *contpc = regs->cp0_epc +
115 dec_insn.pc_inc +
116 (insn.mm_i_format.simmediate << 1);
117 else
118 *contpc = regs->cp0_epc +
119 dec_insn.pc_inc +
120 dec_insn.next_pc_inc;
121 return 1;
122 case mm_blez_op:
123 if ((long)regs->regs[insn.mm_i_format.rs] <= 0)
124 *contpc = regs->cp0_epc +
125 dec_insn.pc_inc +
126 (insn.mm_i_format.simmediate << 1);
127 else
128 *contpc = regs->cp0_epc +
129 dec_insn.pc_inc +
130 dec_insn.next_pc_inc;
131 return 1;
132 case mm_bgtz_op:
133 if ((long)regs->regs[insn.mm_i_format.rs] <= 0)
134 *contpc = regs->cp0_epc +
135 dec_insn.pc_inc +
136 (insn.mm_i_format.simmediate << 1);
137 else
138 *contpc = regs->cp0_epc +
139 dec_insn.pc_inc +
140 dec_insn.next_pc_inc;
141 return 1;
142 case mm_bc2f_op:
143 case mm_bc1f_op:
144 bc_false = 1;
145 /* Fall through */
146 case mm_bc2t_op:
147 case mm_bc1t_op:
148 preempt_disable();
149 if (is_fpu_owner())
150 fcr31 = read_32bit_cp1_register(CP1_STATUS);
151 else
152 fcr31 = current->thread.fpu.fcr31;
153 preempt_enable();
154
155 if (bc_false)
156 fcr31 = ~fcr31;
157
158 bit = (insn.mm_i_format.rs >> 2);
159 bit += (bit != 0);
160 bit += 23;
161 if (fcr31 & (1 << bit))
162 *contpc = regs->cp0_epc +
163 dec_insn.pc_inc +
164 (insn.mm_i_format.simmediate << 1);
165 else
166 *contpc = regs->cp0_epc +
167 dec_insn.pc_inc + dec_insn.next_pc_inc;
168 return 1;
169 }
170 break;
171 case mm_pool16c_op:
172 switch (insn.mm_i_format.rt) {
173 case mm_jalr16_op:
174 case mm_jalrs16_op:
175 regs->regs[31] = regs->cp0_epc +
176 dec_insn.pc_inc + dec_insn.next_pc_inc;
177 /* Fall through */
178 case mm_jr16_op:
179 *contpc = regs->regs[insn.mm_i_format.rs];
180 return 1;
181 }
182 break;
183 case mm_beqz16_op:
184 if ((long)regs->regs[reg16to32map[insn.mm_b1_format.rs]] == 0)
185 *contpc = regs->cp0_epc +
186 dec_insn.pc_inc +
187 (insn.mm_b1_format.simmediate << 1);
188 else
189 *contpc = regs->cp0_epc +
190 dec_insn.pc_inc + dec_insn.next_pc_inc;
191 return 1;
192 case mm_bnez16_op:
193 if ((long)regs->regs[reg16to32map[insn.mm_b1_format.rs]] != 0)
194 *contpc = regs->cp0_epc +
195 dec_insn.pc_inc +
196 (insn.mm_b1_format.simmediate << 1);
197 else
198 *contpc = regs->cp0_epc +
199 dec_insn.pc_inc + dec_insn.next_pc_inc;
200 return 1;
201 case mm_b16_op:
202 *contpc = regs->cp0_epc + dec_insn.pc_inc +
203 (insn.mm_b0_format.simmediate << 1);
204 return 1;
205 case mm_beq32_op:
206 if (regs->regs[insn.mm_i_format.rs] ==
207 regs->regs[insn.mm_i_format.rt])
208 *contpc = regs->cp0_epc +
209 dec_insn.pc_inc +
210 (insn.mm_i_format.simmediate << 1);
211 else
212 *contpc = regs->cp0_epc +
213 dec_insn.pc_inc +
214 dec_insn.next_pc_inc;
215 return 1;
216 case mm_bne32_op:
217 if (regs->regs[insn.mm_i_format.rs] !=
218 regs->regs[insn.mm_i_format.rt])
219 *contpc = regs->cp0_epc +
220 dec_insn.pc_inc +
221 (insn.mm_i_format.simmediate << 1);
222 else
223 *contpc = regs->cp0_epc +
224 dec_insn.pc_inc + dec_insn.next_pc_inc;
225 return 1;
226 case mm_jalx32_op:
227 regs->regs[31] = regs->cp0_epc +
228 dec_insn.pc_inc + dec_insn.next_pc_inc;
229 *contpc = regs->cp0_epc + dec_insn.pc_inc;
230 *contpc >>= 28;
231 *contpc <<= 28;
232 *contpc |= (insn.j_format.target << 2);
233 return 1;
234 case mm_jals32_op:
235 case mm_jal32_op:
236 regs->regs[31] = regs->cp0_epc +
237 dec_insn.pc_inc + dec_insn.next_pc_inc;
238 /* Fall through */
239 case mm_j32_op:
240 *contpc = regs->cp0_epc + dec_insn.pc_inc;
241 *contpc >>= 27;
242 *contpc <<= 27;
243 *contpc |= (insn.j_format.target << 1);
244 set_isa16_mode(*contpc);
245 return 1;
246 }
247 return 0;
248 }
249
250 /*
251 * Compute return address and emulate branch in microMIPS mode after an
252 * exception only. It does not handle compact branches/jumps and cannot
253 * be used in interrupt context. (Compact branches/jumps do not cause
254 * exceptions.)
255 */
__microMIPS_compute_return_epc(struct pt_regs * regs)256 int __microMIPS_compute_return_epc(struct pt_regs *regs)
257 {
258 u16 __user *pc16;
259 u16 halfword;
260 unsigned int word;
261 unsigned long contpc;
262 struct mm_decoded_insn mminsn = { 0 };
263
264 mminsn.micro_mips_mode = 1;
265
266 /* This load never faults. */
267 pc16 = (unsigned short __user *)msk_isa16_mode(regs->cp0_epc);
268 __get_user(halfword, pc16);
269 pc16++;
270 contpc = regs->cp0_epc + 2;
271 word = ((unsigned int)halfword << 16);
272 mminsn.pc_inc = 2;
273
274 if (!mm_insn_16bit(halfword)) {
275 __get_user(halfword, pc16);
276 pc16++;
277 contpc = regs->cp0_epc + 4;
278 mminsn.pc_inc = 4;
279 word |= halfword;
280 }
281 mminsn.insn = word;
282
283 if (get_user(halfword, pc16))
284 goto sigsegv;
285 mminsn.next_pc_inc = 2;
286 word = ((unsigned int)halfword << 16);
287
288 if (!mm_insn_16bit(halfword)) {
289 pc16++;
290 if (get_user(halfword, pc16))
291 goto sigsegv;
292 mminsn.next_pc_inc = 4;
293 word |= halfword;
294 }
295 mminsn.next_insn = word;
296
297 mm_isBranchInstr(regs, mminsn, &contpc);
298
299 regs->cp0_epc = contpc;
300
301 return 0;
302
303 sigsegv:
304 force_sig(SIGSEGV, current);
305 return -EFAULT;
306 }
307
308 /*
309 * Compute return address and emulate branch in MIPS16e mode after an
310 * exception only. It does not handle compact branches/jumps and cannot
311 * be used in interrupt context. (Compact branches/jumps do not cause
312 * exceptions.)
313 */
__MIPS16e_compute_return_epc(struct pt_regs * regs)314 int __MIPS16e_compute_return_epc(struct pt_regs *regs)
315 {
316 u16 __user *addr;
317 union mips16e_instruction inst;
318 u16 inst2;
319 u32 fullinst;
320 long epc;
321
322 epc = regs->cp0_epc;
323
324 /* Read the instruction. */
325 addr = (u16 __user *)msk_isa16_mode(epc);
326 if (__get_user(inst.full, addr)) {
327 force_sig(SIGSEGV, current);
328 return -EFAULT;
329 }
330
331 switch (inst.ri.opcode) {
332 case MIPS16e_extend_op:
333 regs->cp0_epc += 4;
334 return 0;
335
336 /*
337 * JAL and JALX in MIPS16e mode
338 */
339 case MIPS16e_jal_op:
340 addr += 1;
341 if (__get_user(inst2, addr)) {
342 force_sig(SIGSEGV, current);
343 return -EFAULT;
344 }
345 fullinst = ((unsigned)inst.full << 16) | inst2;
346 regs->regs[31] = epc + 6;
347 epc += 4;
348 epc >>= 28;
349 epc <<= 28;
350 /*
351 * JAL:5 X:1 TARGET[20-16]:5 TARGET[25:21]:5 TARGET[15:0]:16
352 *
353 * ......TARGET[15:0].................TARGET[20:16]...........
354 * ......TARGET[25:21]
355 */
356 epc |=
357 ((fullinst & 0xffff) << 2) | ((fullinst & 0x3e00000) >> 3) |
358 ((fullinst & 0x1f0000) << 7);
359 if (!inst.jal.x)
360 set_isa16_mode(epc); /* Set ISA mode bit. */
361 regs->cp0_epc = epc;
362 return 0;
363
364 /*
365 * J(AL)R(C)
366 */
367 case MIPS16e_rr_op:
368 if (inst.rr.func == MIPS16e_jr_func) {
369
370 if (inst.rr.ra)
371 regs->cp0_epc = regs->regs[31];
372 else
373 regs->cp0_epc =
374 regs->regs[reg16to32[inst.rr.rx]];
375
376 if (inst.rr.l) {
377 if (inst.rr.nd)
378 regs->regs[31] = epc + 2;
379 else
380 regs->regs[31] = epc + 4;
381 }
382 return 0;
383 }
384 break;
385 }
386
387 /*
388 * All other cases have no branch delay slot and are 16-bits.
389 * Branches do not cause an exception.
390 */
391 regs->cp0_epc += 2;
392
393 return 0;
394 }
395
396 /**
397 * __compute_return_epc_for_insn - Computes the return address and do emulate
398 * branch simulation, if required.
399 *
400 * @regs: Pointer to pt_regs
401 * @insn: branch instruction to decode
402 * @returns: -EFAULT on error and forces SIGILL, and on success
403 * returns 0 or BRANCH_LIKELY_TAKEN as appropriate after
404 * evaluating the branch.
405 *
406 * MIPS R6 Compact branches and forbidden slots:
407 * Compact branches do not throw exceptions because they do
408 * not have delay slots. The forbidden slot instruction ($PC+4)
409 * is only executed if the branch was not taken. Otherwise the
410 * forbidden slot is skipped entirely. This means that the
411 * only possible reason to be here because of a MIPS R6 compact
412 * branch instruction is that the forbidden slot has thrown one.
413 * In that case the branch was not taken, so the EPC can be safely
414 * set to EPC + 8.
415 */
__compute_return_epc_for_insn(struct pt_regs * regs,union mips_instruction insn)416 int __compute_return_epc_for_insn(struct pt_regs *regs,
417 union mips_instruction insn)
418 {
419 unsigned int bit, fcr31, dspcontrol, reg;
420 long epc = regs->cp0_epc;
421 int ret = 0;
422
423 switch (insn.i_format.opcode) {
424 /*
425 * jr and jalr are in r_format format.
426 */
427 case spec_op:
428 switch (insn.r_format.func) {
429 case jalr_op:
430 regs->regs[insn.r_format.rd] = epc + 8;
431 /* Fall through */
432 case jr_op:
433 if (NO_R6EMU && insn.r_format.func == jr_op)
434 goto sigill_r6;
435 regs->cp0_epc = regs->regs[insn.r_format.rs];
436 break;
437 }
438 break;
439
440 /*
441 * This group contains:
442 * bltz_op, bgez_op, bltzl_op, bgezl_op,
443 * bltzal_op, bgezal_op, bltzall_op, bgezall_op.
444 */
445 case bcond_op:
446 switch (insn.i_format.rt) {
447 case bltzl_op:
448 if (NO_R6EMU)
449 goto sigill_r6;
450 case bltz_op:
451 if ((long)regs->regs[insn.i_format.rs] < 0) {
452 epc = epc + 4 + (insn.i_format.simmediate << 2);
453 if (insn.i_format.rt == bltzl_op)
454 ret = BRANCH_LIKELY_TAKEN;
455 } else
456 epc += 8;
457 regs->cp0_epc = epc;
458 break;
459
460 case bgezl_op:
461 if (NO_R6EMU)
462 goto sigill_r6;
463 case bgez_op:
464 if ((long)regs->regs[insn.i_format.rs] >= 0) {
465 epc = epc + 4 + (insn.i_format.simmediate << 2);
466 if (insn.i_format.rt == bgezl_op)
467 ret = BRANCH_LIKELY_TAKEN;
468 } else
469 epc += 8;
470 regs->cp0_epc = epc;
471 break;
472
473 case bltzal_op:
474 case bltzall_op:
475 if (NO_R6EMU && (insn.i_format.rs ||
476 insn.i_format.rt == bltzall_op)) {
477 ret = -SIGILL;
478 break;
479 }
480 regs->regs[31] = epc + 8;
481 /*
482 * OK we are here either because we hit a NAL
483 * instruction or because we are emulating an
484 * old bltzal{,l} one. Lets figure out what the
485 * case really is.
486 */
487 if (!insn.i_format.rs) {
488 /*
489 * NAL or BLTZAL with rs == 0
490 * Doesn't matter if we are R6 or not. The
491 * result is the same
492 */
493 regs->cp0_epc += 4 +
494 (insn.i_format.simmediate << 2);
495 break;
496 }
497 /* Now do the real thing for non-R6 BLTZAL{,L} */
498 if ((long)regs->regs[insn.i_format.rs] < 0) {
499 epc = epc + 4 + (insn.i_format.simmediate << 2);
500 if (insn.i_format.rt == bltzall_op)
501 ret = BRANCH_LIKELY_TAKEN;
502 } else
503 epc += 8;
504 regs->cp0_epc = epc;
505 break;
506
507 case bgezal_op:
508 case bgezall_op:
509 if (NO_R6EMU && (insn.i_format.rs ||
510 insn.i_format.rt == bgezall_op)) {
511 ret = -SIGILL;
512 break;
513 }
514 regs->regs[31] = epc + 8;
515 /*
516 * OK we are here either because we hit a BAL
517 * instruction or because we are emulating an
518 * old bgezal{,l} one. Lets figure out what the
519 * case really is.
520 */
521 if (!insn.i_format.rs) {
522 /*
523 * BAL or BGEZAL with rs == 0
524 * Doesn't matter if we are R6 or not. The
525 * result is the same
526 */
527 regs->cp0_epc += 4 +
528 (insn.i_format.simmediate << 2);
529 break;
530 }
531 /* Now do the real thing for non-R6 BGEZAL{,L} */
532 if ((long)regs->regs[insn.i_format.rs] >= 0) {
533 epc = epc + 4 + (insn.i_format.simmediate << 2);
534 if (insn.i_format.rt == bgezall_op)
535 ret = BRANCH_LIKELY_TAKEN;
536 } else
537 epc += 8;
538 regs->cp0_epc = epc;
539 break;
540
541 case bposge32_op:
542 if (!cpu_has_dsp)
543 goto sigill_dsp;
544
545 dspcontrol = rddsp(0x01);
546
547 if (dspcontrol >= 32) {
548 epc = epc + 4 + (insn.i_format.simmediate << 2);
549 } else
550 epc += 8;
551 regs->cp0_epc = epc;
552 break;
553 }
554 break;
555
556 /*
557 * These are unconditional and in j_format.
558 */
559 case jalx_op:
560 case jal_op:
561 regs->regs[31] = regs->cp0_epc + 8;
562 case j_op:
563 epc += 4;
564 epc >>= 28;
565 epc <<= 28;
566 epc |= (insn.j_format.target << 2);
567 regs->cp0_epc = epc;
568 if (insn.i_format.opcode == jalx_op)
569 set_isa16_mode(regs->cp0_epc);
570 break;
571
572 /*
573 * These are conditional and in i_format.
574 */
575 case beql_op:
576 if (NO_R6EMU)
577 goto sigill_r6;
578 case beq_op:
579 if (regs->regs[insn.i_format.rs] ==
580 regs->regs[insn.i_format.rt]) {
581 epc = epc + 4 + (insn.i_format.simmediate << 2);
582 if (insn.i_format.opcode == beql_op)
583 ret = BRANCH_LIKELY_TAKEN;
584 } else
585 epc += 8;
586 regs->cp0_epc = epc;
587 break;
588
589 case bnel_op:
590 if (NO_R6EMU)
591 goto sigill_r6;
592 case bne_op:
593 if (regs->regs[insn.i_format.rs] !=
594 regs->regs[insn.i_format.rt]) {
595 epc = epc + 4 + (insn.i_format.simmediate << 2);
596 if (insn.i_format.opcode == bnel_op)
597 ret = BRANCH_LIKELY_TAKEN;
598 } else
599 epc += 8;
600 regs->cp0_epc = epc;
601 break;
602
603 case blezl_op: /* not really i_format */
604 if (!insn.i_format.rt && NO_R6EMU)
605 goto sigill_r6;
606 case blez_op:
607 /*
608 * Compact branches for R6 for the
609 * blez and blezl opcodes.
610 * BLEZ | rs = 0 | rt != 0 == BLEZALC
611 * BLEZ | rs = rt != 0 == BGEZALC
612 * BLEZ | rs != 0 | rt != 0 == BGEUC
613 * BLEZL | rs = 0 | rt != 0 == BLEZC
614 * BLEZL | rs = rt != 0 == BGEZC
615 * BLEZL | rs != 0 | rt != 0 == BGEC
616 *
617 * For real BLEZ{,L}, rt is always 0.
618 */
619
620 if (cpu_has_mips_r6 && insn.i_format.rt) {
621 if ((insn.i_format.opcode == blez_op) &&
622 ((!insn.i_format.rs && insn.i_format.rt) ||
623 (insn.i_format.rs == insn.i_format.rt)))
624 regs->regs[31] = epc + 4;
625 regs->cp0_epc += 8;
626 break;
627 }
628 /* rt field assumed to be zero */
629 if ((long)regs->regs[insn.i_format.rs] <= 0) {
630 epc = epc + 4 + (insn.i_format.simmediate << 2);
631 if (insn.i_format.opcode == blezl_op)
632 ret = BRANCH_LIKELY_TAKEN;
633 } else
634 epc += 8;
635 regs->cp0_epc = epc;
636 break;
637
638 case bgtzl_op:
639 if (!insn.i_format.rt && NO_R6EMU)
640 goto sigill_r6;
641 case bgtz_op:
642 /*
643 * Compact branches for R6 for the
644 * bgtz and bgtzl opcodes.
645 * BGTZ | rs = 0 | rt != 0 == BGTZALC
646 * BGTZ | rs = rt != 0 == BLTZALC
647 * BGTZ | rs != 0 | rt != 0 == BLTUC
648 * BGTZL | rs = 0 | rt != 0 == BGTZC
649 * BGTZL | rs = rt != 0 == BLTZC
650 * BGTZL | rs != 0 | rt != 0 == BLTC
651 *
652 * *ZALC varint for BGTZ &&& rt != 0
653 * For real GTZ{,L}, rt is always 0.
654 */
655 if (cpu_has_mips_r6 && insn.i_format.rt) {
656 if ((insn.i_format.opcode == blez_op) &&
657 ((!insn.i_format.rs && insn.i_format.rt) ||
658 (insn.i_format.rs == insn.i_format.rt)))
659 regs->regs[31] = epc + 4;
660 regs->cp0_epc += 8;
661 break;
662 }
663
664 /* rt field assumed to be zero */
665 if ((long)regs->regs[insn.i_format.rs] > 0) {
666 epc = epc + 4 + (insn.i_format.simmediate << 2);
667 if (insn.i_format.opcode == bgtzl_op)
668 ret = BRANCH_LIKELY_TAKEN;
669 } else
670 epc += 8;
671 regs->cp0_epc = epc;
672 break;
673
674 /*
675 * And now the FPA/cp1 branch instructions.
676 */
677 case cop1_op:
678 if (cpu_has_mips_r6 &&
679 ((insn.i_format.rs == bc1eqz_op) ||
680 (insn.i_format.rs == bc1nez_op))) {
681 if (!used_math()) { /* First time FPU user */
682 ret = init_fpu();
683 if (ret && NO_R6EMU) {
684 ret = -ret;
685 break;
686 }
687 ret = 0;
688 set_used_math();
689 }
690 lose_fpu(1); /* Save FPU state for the emulator. */
691 reg = insn.i_format.rt;
692 bit = get_fpr32(¤t->thread.fpu.fpr[reg], 0) & 0x1;
693 if (insn.i_format.rs == bc1eqz_op)
694 bit = !bit;
695 own_fpu(1);
696 if (bit)
697 epc = epc + 4 +
698 (insn.i_format.simmediate << 2);
699 else
700 epc += 8;
701 regs->cp0_epc = epc;
702
703 break;
704 } else {
705
706 preempt_disable();
707 if (is_fpu_owner())
708 fcr31 = read_32bit_cp1_register(CP1_STATUS);
709 else
710 fcr31 = current->thread.fpu.fcr31;
711 preempt_enable();
712
713 bit = (insn.i_format.rt >> 2);
714 bit += (bit != 0);
715 bit += 23;
716 switch (insn.i_format.rt & 3) {
717 case 0: /* bc1f */
718 case 2: /* bc1fl */
719 if (~fcr31 & (1 << bit)) {
720 epc = epc + 4 +
721 (insn.i_format.simmediate << 2);
722 if (insn.i_format.rt == 2)
723 ret = BRANCH_LIKELY_TAKEN;
724 } else
725 epc += 8;
726 regs->cp0_epc = epc;
727 break;
728
729 case 1: /* bc1t */
730 case 3: /* bc1tl */
731 if (fcr31 & (1 << bit)) {
732 epc = epc + 4 +
733 (insn.i_format.simmediate << 2);
734 if (insn.i_format.rt == 3)
735 ret = BRANCH_LIKELY_TAKEN;
736 } else
737 epc += 8;
738 regs->cp0_epc = epc;
739 break;
740 }
741 break;
742 }
743 #ifdef CONFIG_CPU_CAVIUM_OCTEON
744 case lwc2_op: /* This is bbit0 on Octeon */
745 if ((regs->regs[insn.i_format.rs] & (1ull<<insn.i_format.rt))
746 == 0)
747 epc = epc + 4 + (insn.i_format.simmediate << 2);
748 else
749 epc += 8;
750 regs->cp0_epc = epc;
751 break;
752 case ldc2_op: /* This is bbit032 on Octeon */
753 if ((regs->regs[insn.i_format.rs] &
754 (1ull<<(insn.i_format.rt+32))) == 0)
755 epc = epc + 4 + (insn.i_format.simmediate << 2);
756 else
757 epc += 8;
758 regs->cp0_epc = epc;
759 break;
760 case swc2_op: /* This is bbit1 on Octeon */
761 if (regs->regs[insn.i_format.rs] & (1ull<<insn.i_format.rt))
762 epc = epc + 4 + (insn.i_format.simmediate << 2);
763 else
764 epc += 8;
765 regs->cp0_epc = epc;
766 break;
767 case sdc2_op: /* This is bbit132 on Octeon */
768 if (regs->regs[insn.i_format.rs] &
769 (1ull<<(insn.i_format.rt+32)))
770 epc = epc + 4 + (insn.i_format.simmediate << 2);
771 else
772 epc += 8;
773 regs->cp0_epc = epc;
774 break;
775 #else
776 case bc6_op:
777 /* Only valid for MIPS R6 */
778 if (!cpu_has_mips_r6) {
779 ret = -SIGILL;
780 break;
781 }
782 regs->cp0_epc += 8;
783 break;
784 case balc6_op:
785 if (!cpu_has_mips_r6) {
786 ret = -SIGILL;
787 break;
788 }
789 /* Compact branch: BALC */
790 regs->regs[31] = epc + 4;
791 epc += 4 + (insn.i_format.simmediate << 2);
792 regs->cp0_epc = epc;
793 break;
794 case pop66_op:
795 if (!cpu_has_mips_r6) {
796 ret = -SIGILL;
797 break;
798 }
799 /* Compact branch: BEQZC || JIC */
800 regs->cp0_epc += 8;
801 break;
802 case pop76_op:
803 if (!cpu_has_mips_r6) {
804 ret = -SIGILL;
805 break;
806 }
807 /* Compact branch: BNEZC || JIALC */
808 if (insn.i_format.rs)
809 regs->regs[31] = epc + 4;
810 regs->cp0_epc += 8;
811 break;
812 #endif
813 case pop10_op:
814 case pop30_op:
815 /* Only valid for MIPS R6 */
816 if (!cpu_has_mips_r6) {
817 ret = -SIGILL;
818 break;
819 }
820 /*
821 * Compact branches:
822 * bovc, beqc, beqzalc, bnvc, bnec, bnezlac
823 */
824 if (insn.i_format.rt && !insn.i_format.rs)
825 regs->regs[31] = epc + 4;
826 regs->cp0_epc += 8;
827 break;
828 }
829
830 return ret;
831
832 sigill_dsp:
833 pr_info("%s: DSP branch but not DSP ASE - sending SIGILL.\n",
834 current->comm);
835 force_sig(SIGILL, current);
836 return -EFAULT;
837 sigill_r6:
838 pr_info("%s: R2 branch but r2-to-r6 emulator is not preset - sending SIGILL.\n",
839 current->comm);
840 force_sig(SIGILL, current);
841 return -EFAULT;
842 }
843 EXPORT_SYMBOL_GPL(__compute_return_epc_for_insn);
844
__compute_return_epc(struct pt_regs * regs)845 int __compute_return_epc(struct pt_regs *regs)
846 {
847 unsigned int __user *addr;
848 long epc;
849 union mips_instruction insn;
850
851 epc = regs->cp0_epc;
852 if (epc & 3)
853 goto unaligned;
854
855 /*
856 * Read the instruction
857 */
858 addr = (unsigned int __user *) epc;
859 if (__get_user(insn.word, addr)) {
860 force_sig(SIGSEGV, current);
861 return -EFAULT;
862 }
863
864 return __compute_return_epc_for_insn(regs, insn);
865
866 unaligned:
867 printk("%s: unaligned epc - sending SIGBUS.\n", current->comm);
868 force_sig(SIGBUS, current);
869 return -EFAULT;
870 }
871