[PATCH 0/9] Instruction emulation fixes

[PATCH 0/9] Instruction emulation fixes

[Maciej W. Rozycki]

Ralf,

 Here is a bunch of instruction emulation fixes and clean-ups, mostly 
though not only affecting branches in the FPU emulator.  The severity of 
failures addressed varies, see the individual patch descriptions for 
details.  These patches have been verified to a varying extent, depending 
on the nature of the individual change, by running the GCC and glibc test 
suites for the MIPS16 o32 little-endian multilib.

 NB I don't know why `checkpatch.pl' complains about the correctly 
line-wrapped commit references with some of these patches.

 Please queue for the next release cycle and backport as noted with each 
of the patches.

 NB there is also an API mismatch between `init_fpu' returning SIGFPE and 
its caller `__compute_return_epc_for_insn', however I can't figure out why 
the incorrect return status is only passed up if NO_R6EMU, so I'm leaving 
it to whoever understands the dependency here to fix up.  Offhand it looks 
to me like the whole containing `!used_math()' conditional is bogus though 
-- we've got an exception in a delay slot of a COP1 branch, so the FPU 
clearly must have been used already or we wouldn't have reached the delay 
slot to trap in in the first place.  For the same reason we do not need to 
check `cpu_has_mips_r6' other than for telling overlapping R6 BC1EQZ and 
MIPS-3D BC1ANY2 minor opcodes apart, which we don't do anyway.

 So more fixes and clean-ups are due around here it would seem.  But this 
is too much for the amount of time I can afford right now, so I'll be 
leaving them for the next opportunity.

  Maciej

[PATCH 0/9] Instruction emulation fixes

[Maciej W. Rozycki]

Ralf,

 Here is a bunch of instruction emulation fixes and clean-ups, mostly 
though not only affecting branches in the FPU emulator.  The severity of 
failures addressed varies, see the individual patch descriptions for 
details.  These patches have been verified to a varying extent, depending 
on the nature of the individual change, by running the GCC and glibc test 
suites for the MIPS16 o32 little-endian multilib.

 NB I don't know why `checkpatch.pl' complains about the correctly 
line-wrapped commit references with some of these patches.

 Please queue for the next release cycle and backport as noted with each 
of the patches.

 NB there is also an API mismatch between `init_fpu' returning SIGFPE and 
its caller `__compute_return_epc_for_insn', however I can't figure out why 
the incorrect return status is only passed up if NO_R6EMU, so I'm leaving 
it to whoever understands the dependency here to fix up.  Offhand it looks 
to me like the whole containing `!used_math()' conditional is bogus though 
-- we've got an exception in a delay slot of a COP1 branch, so the FPU 
clearly must have been used already or we wouldn't have reached the delay 
slot to trap in in the first place.  For the same reason we do not need to 
check `cpu_has_mips_r6' other than for telling overlapping R6 BC1EQZ and 
MIPS-3D BC1ANY2 minor opcodes apart, which we don't do anyway.

 So more fixes and clean-ups are due around here it would seem.  But this 
is too much for the amount of time I can afford right now, so I'll be 
leaving them for the next opportunity.

  Maciej

[PATCH 1/9] MIPS: math-emu: Prevent wrong ISA mode instruction emulation

[Maciej W. Rozycki]

Terminate FPU emulation immediately whenever an ISA mode switch has been 
observed.  This is so that we do not interpret machine code in the wrong
mode, for example when a regular MIPS FPU instruction has been placed in 
a delay slot of a jump that switches into the MIPS16 mode, as with the
following code (taken from a GCC test suite case):

00400650 <set_fast_math>:
  400650:	3c020100 	lui	v0,0x100
  400654:	03e00008 	jr	ra
  400658:	44c2f800 	ctc1	v0,c1_fcsr
  40065c:	00000000 	nop

[...]

004012d0 <__libc_csu_init>:
  4012d0:	f000 6a02 	li	v0,2
  4012d4:	f150 0b1c 	la	v1,3f9430 <_DYNAMIC-0x6df0>
  4012d8:	f400 3240 	sll	v0,16
  4012dc:	e269      	addu	v0,v1
  4012de:	659a      	move	gp,v0
  4012e0:	f00c 64f6 	save	a0-a2,48,ra,s0-s1
  4012e4:	673c      	move	s1,gp
  4012e6:	f010 9978 	lw	v1,-32744(s1)
  4012ea:	d204      	sw	v0,16(sp)
  4012ec:	eb40      	jalr	v1
  4012ee:	653b      	move	t9,v1
  4012f0:	f010 997c 	lw	v1,-32740(s1)
  4012f4:	f030 9920 	lw	s1,-32736(s1)
  4012f8:	e32f      	subu	v1,s1
  4012fa:	326b      	sra	v0,v1,2
  4012fc:	d206      	sw	v0,24(sp)
  4012fe:	220c      	beqz	v0,401318 <__libc_csu_init+0x48>
  401300:	6800      	li	s0,0
  401302:	99e0      	lw	a3,0(s1)
  401304:	4801      	addiu	s0,1
  401306:	960e      	lw	a2,56(sp)
  401308:	4904      	addiu	s1,4
  40130a:	950d      	lw	a1,52(sp)
  40130c:	940c      	lw	a0,48(sp)
  40130e:	ef40      	jalr	a3
  401310:	653f      	move	t9,a3
  401312:	9206      	lw	v0,24(sp)
  401314:	ea0a      	cmp	v0,s0
  401316:	61f5      	btnez	401302 <__libc_csu_init+0x32>
  401318:	6476      	restore	48,ra,s0-s1
  40131a:	e8a0      	jrc	ra

Here `set_fast_math' is called from `40130e' (`40130f' with the ISA bit) 
and emulation triggers for the CTC1 instruction.  As it is in a jump 
delay slot emulation continues from `401312' (`401313' with the ISA 
bit).  However we have no path to handle MIPS16 FPU code emulation, 
because there are no MIPS16 FPU instructions.  So the default emulation 
path is taken, interpreting a 32-bit word fetched by `get_user' from 
`401313' as a regular MIPS instruction, which is:

  401313:	f5ea0a92	sdc1	$f10,2706(t7)

This makes the FPU emulator proceed with the supposed SDC1 instruction 
and consequently makes the program considered here terminate with 
SIGSEGV.

A similar although less severe issue exists with pure-microMIPS 
processors in the case where similarly an FPU instruction is emulated in 
a delay slot of a register jump that (incorrectly) switches into the 
regular MIPS mode.  A subsequent instruction fetch from the jump's 
target is supposed to cause an Address Error exception, however instead 
we proceed with regular MIPS FPU emulation.

For simplicity then, always terminate the emulation loop whenever a mode 
change is detected, denoted by an ISA mode bit flip.  As from commit 
377cb1b6c16a ("MIPS: Disable MIPS16/microMIPS crap for platforms not 
supporting these ASEs.") the result of `get_isa16_mode' can be hardcoded 
to 0, so we need to examine the ISA mode bit by hand.

This complements commit 102cedc32a6e ("MIPS: microMIPS: Floating point 
support.") which added JALX decoding to FPU emulation.

Cc: stable@vger.kernel.org # 3.9+
Fixes: 102cedc32a6e ("MIPS: microMIPS: Floating point support.")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
linux-mips-fpemu-xmode.diff
Index: linux-sfr-test/arch/mips/math-emu/cp1emu.c
===================================================================
--- linux-sfr-test.orig/arch/mips/math-emu/cp1emu.c	2017-06-01 06:29:01.919137000 +0100
+++ linux-sfr-test/arch/mips/math-emu/cp1emu.c	2017-06-05 19:01:39.088201000 +0100
@@ -2524,6 +2524,35 @@ static int fpu_emu(struct pt_regs *xcp, 
 	return 0;
 }
 
+/*
+ * Emulate FPU instructions.
+ *
+ * If we use FPU hardware, then we have been typically called to handle
+ * an unimplemented operation, such as where an operand is a NaN or
+ * denormalized.  In that case exit the emulation loop after a single
+ * iteration so as to let hardware execute any subsequent instructions.
+ *
+ * If we have no FPU hardware or it has been disabled, then continue
+ * emulating floating-point instructions until one of these conditions
+ * has occurred:
+ *
+ * - a non-FPU instruction has been encountered,
+ *
+ * - an attempt to emulate has ended with a signal,
+ *
+ * - the ISA mode has been switched.
+ *
+ * We need to terminate the emulation loop if we got switched to the
+ * MIPS16 mode, whether supported or not, so that we do not attempt
+ * to emulate a MIPS16 instruction as a regular MIPS FPU instruction.
+ * Similarly if we got switched to the microMIPS mode and only the
+ * regular MIPS mode is supported, so that we do not attempt to emulate
+ * a microMIPS instruction as a regular MIPS FPU instruction.  Or if
+ * we got switched to the regular MIPS mode and only the microMIPS mode
+ * is supported, so that we do not attempt to emulate a regular MIPS
+ * instruction that should cause an Address Error exception instead.
+ * For simplicity we always terminate upon an ISA mode switch.
+ */
 int fpu_emulator_cop1Handler(struct pt_regs *xcp, struct mips_fpu_struct *ctx,
 	int has_fpu, void *__user *fault_addr)
 {
@@ -2609,6 +2638,15 @@ int fpu_emulator_cop1Handler(struct pt_r
 			break;
 		if (sig)
 			break;
+		/*
+		 * We have to check for the ISA bit explicitly here,
+		 * because `get_isa16_mode' may return 0 if support
+		 * for code compression has been globally disabled,
+		 * or otherwise we may produce the wrong signal or
+		 * even proceed successfully where we must not.
+		 */
+		if ((xcp->cp0_epc ^ prevepc) & 0x1)
+			break;
 
 		cond_resched();
 	} while (xcp->cp0_epc > prevepc);

[PATCH 1/9] MIPS: math-emu: Prevent wrong ISA mode instruction emulation

[Maciej W. Rozycki]

Terminate FPU emulation immediately whenever an ISA mode switch has been 
observed.  This is so that we do not interpret machine code in the wrong
mode, for example when a regular MIPS FPU instruction has been placed in 
a delay slot of a jump that switches into the MIPS16 mode, as with the
following code (taken from a GCC test suite case):

00400650 <set_fast_math>:
  400650:	3c020100 	lui	v0,0x100
  400654:	03e00008 	jr	ra
  400658:	44c2f800 	ctc1	v0,c1_fcsr
  40065c:	00000000 	nop

[...]

004012d0 <__libc_csu_init>:
  4012d0:	f000 6a02 	li	v0,2
  4012d4:	f150 0b1c 	la	v1,3f9430 <_DYNAMIC-0x6df0>
  4012d8:	f400 3240 	sll	v0,16
  4012dc:	e269      	addu	v0,v1
  4012de:	659a      	move	gp,v0
  4012e0:	f00c 64f6 	save	a0-a2,48,ra,s0-s1
  4012e4:	673c      	move	s1,gp
  4012e6:	f010 9978 	lw	v1,-32744(s1)
  4012ea:	d204      	sw	v0,16(sp)
  4012ec:	eb40      	jalr	v1
  4012ee:	653b      	move	t9,v1
  4012f0:	f010 997c 	lw	v1,-32740(s1)
  4012f4:	f030 9920 	lw	s1,-32736(s1)
  4012f8:	e32f      	subu	v1,s1
  4012fa:	326b      	sra	v0,v1,2
  4012fc:	d206      	sw	v0,24(sp)
  4012fe:	220c      	beqz	v0,401318 <__libc_csu_init+0x48>
  401300:	6800      	li	s0,0
  401302:	99e0      	lw	a3,0(s1)
  401304:	4801      	addiu	s0,1
  401306:	960e      	lw	a2,56(sp)
  401308:	4904      	addiu	s1,4
  40130a:	950d      	lw	a1,52(sp)
  40130c:	940c      	lw	a0,48(sp)
  40130e:	ef40      	jalr	a3
  401310:	653f      	move	t9,a3
  401312:	9206      	lw	v0,24(sp)
  401314:	ea0a      	cmp	v0,s0
  401316:	61f5      	btnez	401302 <__libc_csu_init+0x32>
  401318:	6476      	restore	48,ra,s0-s1
  40131a:	e8a0      	jrc	ra

Here `set_fast_math' is called from `40130e' (`40130f' with the ISA bit) 
and emulation triggers for the CTC1 instruction.  As it is in a jump 
delay slot emulation continues from `401312' (`401313' with the ISA 
bit).  However we have no path to handle MIPS16 FPU code emulation, 
because there are no MIPS16 FPU instructions.  So the default emulation 
path is taken, interpreting a 32-bit word fetched by `get_user' from 
`401313' as a regular MIPS instruction, which is:

  401313:	f5ea0a92	sdc1	$f10,2706(t7)

This makes the FPU emulator proceed with the supposed SDC1 instruction 
and consequently makes the program considered here terminate with 
SIGSEGV.

A similar although less severe issue exists with pure-microMIPS 
processors in the case where similarly an FPU instruction is emulated in 
a delay slot of a register jump that (incorrectly) switches into the 
regular MIPS mode.  A subsequent instruction fetch from the jump's 
target is supposed to cause an Address Error exception, however instead 
we proceed with regular MIPS FPU emulation.

For simplicity then, always terminate the emulation loop whenever a mode 
change is detected, denoted by an ISA mode bit flip.  As from commit 
377cb1b6c16a ("MIPS: Disable MIPS16/microMIPS crap for platforms not 
supporting these ASEs.") the result of `get_isa16_mode' can be hardcoded 
to 0, so we need to examine the ISA mode bit by hand.

This complements commit 102cedc32a6e ("MIPS: microMIPS: Floating point 
support.") which added JALX decoding to FPU emulation.

Cc: stable@vger.kernel.org # 3.9+
Fixes: 102cedc32a6e ("MIPS: microMIPS: Floating point support.")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
linux-mips-fpemu-xmode.diff
Index: linux-sfr-test/arch/mips/math-emu/cp1emu.c
===================================================================
--- linux-sfr-test.orig/arch/mips/math-emu/cp1emu.c	2017-06-01 06:29:01.919137000 +0100
+++ linux-sfr-test/arch/mips/math-emu/cp1emu.c	2017-06-05 19:01:39.088201000 +0100
@@ -2524,6 +2524,35 @@ static int fpu_emu(struct pt_regs *xcp, 
 	return 0;
 }
 
+/*
+ * Emulate FPU instructions.
+ *
+ * If we use FPU hardware, then we have been typically called to handle
+ * an unimplemented operation, such as where an operand is a NaN or
+ * denormalized.  In that case exit the emulation loop after a single
+ * iteration so as to let hardware execute any subsequent instructions.
+ *
+ * If we have no FPU hardware or it has been disabled, then continue
+ * emulating floating-point instructions until one of these conditions
+ * has occurred:
+ *
+ * - a non-FPU instruction has been encountered,
+ *
+ * - an attempt to emulate has ended with a signal,
+ *
+ * - the ISA mode has been switched.
+ *
+ * We need to terminate the emulation loop if we got switched to the
+ * MIPS16 mode, whether supported or not, so that we do not attempt
+ * to emulate a MIPS16 instruction as a regular MIPS FPU instruction.
+ * Similarly if we got switched to the microMIPS mode and only the
+ * regular MIPS mode is supported, so that we do not attempt to emulate
+ * a microMIPS instruction as a regular MIPS FPU instruction.  Or if
+ * we got switched to the regular MIPS mode and only the microMIPS mode
+ * is supported, so that we do not attempt to emulate a regular MIPS
+ * instruction that should cause an Address Error exception instead.
+ * For simplicity we always terminate upon an ISA mode switch.
+ */
 int fpu_emulator_cop1Handler(struct pt_regs *xcp, struct mips_fpu_struct *ctx,
 	int has_fpu, void *__user *fault_addr)
 {
@@ -2609,6 +2638,15 @@ int fpu_emulator_cop1Handler(struct pt_r
 			break;
 		if (sig)
 			break;
+		/*
+		 * We have to check for the ISA bit explicitly here,
+		 * because `get_isa16_mode' may return 0 if support
+		 * for code compression has been globally disabled,
+		 * or otherwise we may produce the wrong signal or
+		 * even proceed successfully where we must not.
+		 */
+		if ((xcp->cp0_epc ^ prevepc) & 0x1)
+			break;
 
 		cond_resched();
 	} while (xcp->cp0_epc > prevepc);

[PATCH 2/9] MIPS: Actually decode JALX in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Complement commit fb6883e5809c ("MIPS: microMIPS: Support handling of 
delay slots.") and actually decode the regular MIPS JALX major 
instruction opcode, the handling of which has been added with the said 
commit for EPC calculation in `__compute_return_epc_for_insn'.

Cc: stable@vger.kernel.org # 3.9+
Fixes: fb6883e5809c ("MIPS: microMIPS: Support handling of delay slots.")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
linux-mips-epc-jalx.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 03:32:07.000000000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 03:38:34.417710000 +0100
@@ -556,6 +556,7 @@ int __compute_return_epc_for_insn(struct
 	/*
 	 * These are unconditional and in j_format.
 	 */
+	case jalx_op:
 	case jal_op:
 		regs->regs[31] = regs->cp0_epc + 8;
 	case j_op:

[PATCH 2/9] MIPS: Actually decode JALX in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Complement commit fb6883e5809c ("MIPS: microMIPS: Support handling of 
delay slots.") and actually decode the regular MIPS JALX major 
instruction opcode, the handling of which has been added with the said 
commit for EPC calculation in `__compute_return_epc_for_insn'.

Cc: stable@vger.kernel.org # 3.9+
Fixes: fb6883e5809c ("MIPS: microMIPS: Support handling of delay slots.")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
linux-mips-epc-jalx.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 03:32:07.000000000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 03:38:34.417710000 +0100
@@ -556,6 +556,7 @@ int __compute_return_epc_for_insn(struct
 	/*
 	 * These are unconditional and in j_format.
 	 */
+	case jalx_op:
 	case jal_op:
 		regs->regs[31] = regs->cp0_epc + 8;
 	case j_op:

[PATCH 3/9] MIPS: Fix unaligned PC interpretation in `compute_return_epc'

[Maciej W. Rozycki]

Fix a regression introduced with commit fb6883e5809c ("MIPS: microMIPS:
Support handling of delay slots.") and defer to `__compute_return_epc'
if the ISA bit is set in EPC with non-MIPS16, non-microMIPS hardware,
which will then arrange for a SIGBUS due to an unaligned instruction
reference.  Returning EPC here is never correct as the API defines this
function's result to be either a negative error code on failure or one
of 0 and BRANCH_LIKELY_TAKEN on success.

Cc: stable@vger.kernel.org # 3.9+
Fixes: fb6883e5809c ("MIPS: microMIPS: Support handling of delay slots.")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
linux-mips-compute-return-epc-unaligned.diff
Index: linux-sfr-test/arch/mips/include/asm/branch.h
===================================================================
--- linux-sfr-test.orig/arch/mips/include/asm/branch.h	2016-10-22 10:43:21.000000000 +0100
+++ linux-sfr-test/arch/mips/include/asm/branch.h	2016-11-08 04:55:33.724746000 +0000
@@ -74,10 +74,7 @@ static inline int compute_return_epc(str
 			return __microMIPS_compute_return_epc(regs);
 		if (cpu_has_mips16)
 			return __MIPS16e_compute_return_epc(regs);
-		return regs->cp0_epc;
-	}
-
-	if (!delay_slot(regs)) {
+	} else if (!delay_slot(regs)) {
 		regs->cp0_epc += 4;
 		return 0;
 	}

[PATCH 3/9] MIPS: Fix unaligned PC interpretation in `compute_return_epc'

[Maciej W. Rozycki]

Fix a regression introduced with commit fb6883e5809c ("MIPS: microMIPS:
Support handling of delay slots.") and defer to `__compute_return_epc'
if the ISA bit is set in EPC with non-MIPS16, non-microMIPS hardware,
which will then arrange for a SIGBUS due to an unaligned instruction
reference.  Returning EPC here is never correct as the API defines this
function's result to be either a negative error code on failure or one
of 0 and BRANCH_LIKELY_TAKEN on success.

Cc: stable@vger.kernel.org # 3.9+
Fixes: fb6883e5809c ("MIPS: microMIPS: Support handling of delay slots.")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
linux-mips-compute-return-epc-unaligned.diff
Index: linux-sfr-test/arch/mips/include/asm/branch.h
===================================================================
--- linux-sfr-test.orig/arch/mips/include/asm/branch.h	2016-10-22 10:43:21.000000000 +0100
+++ linux-sfr-test/arch/mips/include/asm/branch.h	2016-11-08 04:55:33.724746000 +0000
@@ -74,10 +74,7 @@ static inline int compute_return_epc(str
 			return __microMIPS_compute_return_epc(regs);
 		if (cpu_has_mips16)
 			return __MIPS16e_compute_return_epc(regs);
-		return regs->cp0_epc;
-	}
-
-	if (!delay_slot(regs)) {
+	} else if (!delay_slot(regs)) {
 		regs->cp0_epc += 4;
 		return 0;
 	}

[PATCH 4/9] MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Fix commit e50c0a8fa60d ("Support the MIPS32 / MIPS64 DSP ASE.") and 
send SIGILL rather than SIGBUS whenever an unimplemented BPOSGE32 DSP 
ASE instruction has been encountered in `__compute_return_epc_for_insn' 
as our Reserved Instruction exception handler would in response to an 
attempt to actually execute the instruction.  Sending SIGBUS only makes 
sense for the unaligned PC case, since moved to `__compute_return_epc'.  
Adjust function documentation accordingly, correct formatting and use
`pr_info' rather than `printk' as the other exit path already does.

Cc: stable@vger.kernel.org # 2.6.14+
Fixes: e50c0a8fa60d ("Support the MIPS32 / MIPS64 DSP ASE.")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 I hope folding the formatting fix and `pr_info' update with the base 
change is fine given that they all apply to the same code line.

  Maciej

linux-mips-epc-for-insn-sigill-dsp.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 06:30:07.969735000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 06:33:27.149519000 +0100
@@ -399,7 +399,7 @@ int __MIPS16e_compute_return_epc(struct 
  *
  * @regs:	Pointer to pt_regs
  * @insn:	branch instruction to decode
- * @returns:	-EFAULT on error and forces SIGBUS, and on success
+ * @returns:	-EFAULT on error and forces SIGILL, and on success
  *		returns 0 or BRANCH_LIKELY_TAKEN as appropriate after
  *		evaluating the branch.
  *
@@ -830,8 +830,9 @@ int __compute_return_epc_for_insn(struct
 	return ret;
 
 sigill_dsp:
-	printk("%s: DSP branch but not DSP ASE - sending SIGBUS.\n", current->comm);
-	force_sig(SIGBUS, current);
+	pr_info("%s: DSP branch but not DSP ASE - sending SIGILL.\n",
+		current->comm);
+	force_sig(SIGILL, current);
 	return -EFAULT;
 sigill_r6:
 	pr_info("%s: R2 branch but r2-to-r6 emulator is not preset - sending SIGILL.\n",

[PATCH 4/9] MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Fix commit e50c0a8fa60d ("Support the MIPS32 / MIPS64 DSP ASE.") and 
send SIGILL rather than SIGBUS whenever an unimplemented BPOSGE32 DSP 
ASE instruction has been encountered in `__compute_return_epc_for_insn' 
as our Reserved Instruction exception handler would in response to an 
attempt to actually execute the instruction.  Sending SIGBUS only makes 
sense for the unaligned PC case, since moved to `__compute_return_epc'.  
Adjust function documentation accordingly, correct formatting and use
`pr_info' rather than `printk' as the other exit path already does.

Cc: stable@vger.kernel.org # 2.6.14+
Fixes: e50c0a8fa60d ("Support the MIPS32 / MIPS64 DSP ASE.")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 I hope folding the formatting fix and `pr_info' update with the base 
change is fine given that they all apply to the same code line.

  Maciej

linux-mips-epc-for-insn-sigill-dsp.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 06:30:07.969735000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 06:33:27.149519000 +0100
@@ -399,7 +399,7 @@ int __MIPS16e_compute_return_epc(struct 
  *
  * @regs:	Pointer to pt_regs
  * @insn:	branch instruction to decode
- * @returns:	-EFAULT on error and forces SIGBUS, and on success
+ * @returns:	-EFAULT on error and forces SIGILL, and on success
  *		returns 0 or BRANCH_LIKELY_TAKEN as appropriate after
  *		evaluating the branch.
  *
@@ -830,8 +830,9 @@ int __compute_return_epc_for_insn(struct
 	return ret;
 
 sigill_dsp:
-	printk("%s: DSP branch but not DSP ASE - sending SIGBUS.\n", current->comm);
-	force_sig(SIGBUS, current);
+	pr_info("%s: DSP branch but not DSP ASE - sending SIGILL.\n",
+		current->comm);
+	force_sig(SIGILL, current);
 	return -EFAULT;
 sigill_r6:
 	pr_info("%s: R2 branch but r2-to-r6 emulator is not preset - sending SIGILL.\n",

[PATCH 5/9] MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Cc: stable@vger.kernel.org # 3.19+
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 Not a fix by itself, but needed for the next 2 changes.

  Maciej

linux-mips-epc-for-insn-sigill-r6-to-r2r6.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 06:33:27.149519000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 06:33:32.663567000 +0100
@@ -431,7 +431,7 @@ int __compute_return_epc_for_insn(struct
 			/* Fall through */
 		case jr_op:
 			if (NO_R6EMU && insn.r_format.func == jr_op)
-				goto sigill_r6;
+				goto sigill_r2r6;
 			regs->cp0_epc = regs->regs[insn.r_format.rs];
 			break;
 		}
@@ -446,7 +446,7 @@ int __compute_return_epc_for_insn(struct
 		switch (insn.i_format.rt) {
 		case bltzl_op:
 			if (NO_R6EMU)
-				goto sigill_r6;
+				goto sigill_r2r6;
 		case bltz_op:
 			if ((long)regs->regs[insn.i_format.rs] < 0) {
 				epc = epc + 4 + (insn.i_format.simmediate << 2);
@@ -459,7 +459,7 @@ int __compute_return_epc_for_insn(struct
 
 		case bgezl_op:
 			if (NO_R6EMU)
-				goto sigill_r6;
+				goto sigill_r2r6;
 		case bgez_op:
 			if ((long)regs->regs[insn.i_format.rs] >= 0) {
 				epc = epc + 4 + (insn.i_format.simmediate << 2);
@@ -574,7 +570,7 @@ int __compute_return_epc_for_insn(struct
 	 */
 	case beql_op:
 		if (NO_R6EMU)
-			goto sigill_r6;
+			goto sigill_r2r6;
 	case beq_op:
 		if (regs->regs[insn.i_format.rs] ==
 		    regs->regs[insn.i_format.rt]) {
@@ -588,7 +584,7 @@ int __compute_return_epc_for_insn(struct
 
 	case bnel_op:
 		if (NO_R6EMU)
-			goto sigill_r6;
+			goto sigill_r2r6;
 	case bne_op:
 		if (regs->regs[insn.i_format.rs] !=
 		    regs->regs[insn.i_format.rt]) {
@@ -602,7 +598,7 @@ int __compute_return_epc_for_insn(struct
 
 	case blezl_op: /* not really i_format */
 		if (!insn.i_format.rt && NO_R6EMU)
-			goto sigill_r6;
+			goto sigill_r2r6;
 	case blez_op:
 		/*
 		 * Compact branches for R6 for the
@@ -637,7 +633,7 @@ int __compute_return_epc_for_insn(struct
 
 	case bgtzl_op:
 		if (!insn.i_format.rt && NO_R6EMU)
-			goto sigill_r6;
+			goto sigill_r2r6;
 	case bgtz_op:
 		/*
 		 * Compact branches for R6 for the
@@ -834,7 +830,7 @@ int __compute_return_epc_for_insn(struct
 		current->comm);
 	force_sig(SIGILL, current);
 	return -EFAULT;
-sigill_r6:
+sigill_r2r6:
 	pr_info("%s: R2 branch but r2-to-r6 emulator is not preset - sending SIGILL.\n",
 		current->comm);
 	force_sig(SIGILL, current);

[PATCH 5/9] MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Cc: stable@vger.kernel.org # 3.19+
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 Not a fix by itself, but needed for the next 2 changes.

  Maciej

linux-mips-epc-for-insn-sigill-r6-to-r2r6.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 06:33:27.149519000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 06:33:32.663567000 +0100
@@ -431,7 +431,7 @@ int __compute_return_epc_for_insn(struct
 			/* Fall through */
 		case jr_op:
 			if (NO_R6EMU && insn.r_format.func == jr_op)
-				goto sigill_r6;
+				goto sigill_r2r6;
 			regs->cp0_epc = regs->regs[insn.r_format.rs];
 			break;
 		}
@@ -446,7 +446,7 @@ int __compute_return_epc_for_insn(struct
 		switch (insn.i_format.rt) {
 		case bltzl_op:
 			if (NO_R6EMU)
-				goto sigill_r6;
+				goto sigill_r2r6;
 		case bltz_op:
 			if ((long)regs->regs[insn.i_format.rs] < 0) {
 				epc = epc + 4 + (insn.i_format.simmediate << 2);
@@ -459,7 +459,7 @@ int __compute_return_epc_for_insn(struct
 
 		case bgezl_op:
 			if (NO_R6EMU)
-				goto sigill_r6;
+				goto sigill_r2r6;
 		case bgez_op:
 			if ((long)regs->regs[insn.i_format.rs] >= 0) {
 				epc = epc + 4 + (insn.i_format.simmediate << 2);
@@ -574,7 +570,7 @@ int __compute_return_epc_for_insn(struct
 	 */
 	case beql_op:
 		if (NO_R6EMU)
-			goto sigill_r6;
+			goto sigill_r2r6;
 	case beq_op:
 		if (regs->regs[insn.i_format.rs] ==
 		    regs->regs[insn.i_format.rt]) {
@@ -588,7 +584,7 @@ int __compute_return_epc_for_insn(struct
 
 	case bnel_op:
 		if (NO_R6EMU)
-			goto sigill_r6;
+			goto sigill_r2r6;
 	case bne_op:
 		if (regs->regs[insn.i_format.rs] !=
 		    regs->regs[insn.i_format.rt]) {
@@ -602,7 +598,7 @@ int __compute_return_epc_for_insn(struct
 
 	case blezl_op: /* not really i_format */
 		if (!insn.i_format.rt && NO_R6EMU)
-			goto sigill_r6;
+			goto sigill_r2r6;
 	case blez_op:
 		/*
 		 * Compact branches for R6 for the
@@ -637,7 +633,7 @@ int __compute_return_epc_for_insn(struct
 
 	case bgtzl_op:
 		if (!insn.i_format.rt && NO_R6EMU)
-			goto sigill_r6;
+			goto sigill_r2r6;
 	case bgtz_op:
 		/*
 		 * Compact branches for R6 for the
@@ -834,7 +830,7 @@ int __compute_return_epc_for_insn(struct
 		current->comm);
 	force_sig(SIGILL, current);
 	return -EFAULT;
-sigill_r6:
+sigill_r2r6:
 	pr_info("%s: R2 branch but r2-to-r6 emulator is not preset - sending SIGILL.\n",
 		current->comm);
 	force_sig(SIGILL, current);

[PATCH 6/9] MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Fix commit 319824eabc3f ("MIPS: kernel: branch: Do not emulate the 
branch likelies on MIPS R6") and also send SIGILL rather than returning 
-SIGILL for BLTZAL, BLTZALL, BGEZAL and BGEZALL instruction encodings no 
longer supported in R6, except where emulated.  Returning -SIGILL is 
never correct as the API defines this function's result upon error to be 
-EFAULT and a signal actually issued.

Cc: stable@vger.kernel.org # 3.19+
Fixes: 319824eabc3f ("MIPS: kernel: branch: Do not emulate the branch likelies on MIPS R6")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
linux-mips-epc-for-insn-sigill-r2r6.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 06:33:27.149519000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 06:33:32.663567000 +0100
@@ -473,10 +473,8 @@ int __compute_return_epc_for_insn(struct
 		case bltzal_op:
 		case bltzall_op:
 			if (NO_R6EMU && (insn.i_format.rs ||
-			    insn.i_format.rt == bltzall_op)) {
-				ret = -SIGILL;
-				break;
-			}
+			    insn.i_format.rt == bltzall_op))
+				goto sigill_r2r6;
 			regs->regs[31] = epc + 8;
 			/*
 			 * OK we are here either because we hit a NAL
@@ -507,10 +505,8 @@ int __compute_return_epc_for_insn(struct
 		case bgezal_op:
 		case bgezall_op:
 			if (NO_R6EMU && (insn.i_format.rs ||
-			    insn.i_format.rt == bgezall_op)) {
-				ret = -SIGILL;
-				break;
-			}
+			    insn.i_format.rt == bgezall_op))
+				goto sigill_r2r6;
 			regs->regs[31] = epc + 8;
 			/*
 			 * OK we are here either because we hit a BAL

[PATCH 6/9] MIPS: Send SIGILL for linked branches in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Fix commit 319824eabc3f ("MIPS: kernel: branch: Do not emulate the 
branch likelies on MIPS R6") and also send SIGILL rather than returning 
-SIGILL for BLTZAL, BLTZALL, BGEZAL and BGEZALL instruction encodings no 
longer supported in R6, except where emulated.  Returning -SIGILL is 
never correct as the API defines this function's result upon error to be 
-EFAULT and a signal actually issued.

Cc: stable@vger.kernel.org # 3.19+
Fixes: 319824eabc3f ("MIPS: kernel: branch: Do not emulate the branch likelies on MIPS R6")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
linux-mips-epc-for-insn-sigill-r2r6.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 06:33:27.149519000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 06:33:32.663567000 +0100
@@ -473,10 +473,8 @@ int __compute_return_epc_for_insn(struct
 		case bltzal_op:
 		case bltzall_op:
 			if (NO_R6EMU && (insn.i_format.rs ||
-			    insn.i_format.rt == bltzall_op)) {
-				ret = -SIGILL;
-				break;
-			}
+			    insn.i_format.rt == bltzall_op))
+				goto sigill_r2r6;
 			regs->regs[31] = epc + 8;
 			/*
 			 * OK we are here either because we hit a NAL
@@ -507,10 +505,8 @@ int __compute_return_epc_for_insn(struct
 		case bgezal_op:
 		case bgezall_op:
 			if (NO_R6EMU && (insn.i_format.rs ||
-			    insn.i_format.rt == bgezall_op)) {
-				ret = -SIGILL;
-				break;
-			}
+			    insn.i_format.rt == bgezall_op))
+				goto sigill_r2r6;
 			regs->regs[31] = epc + 8;
 			/*
 			 * OK we are here either because we hit a BAL

[PATCH 7/9] MIPS: Send SIGILL for R6 branches in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Fix:

* commit 8467ca0122e2 ("MIPS: Emulate the new MIPS R6 branch compact 
(BC) instruction"),

* commit 84fef630127a ("MIPS: Emulate the new MIPS R6 BALC 
instruction"),

* commit 69b9a2fd05a3 ("MIPS: Emulate the new MIPS R6 BEQZC and JIC 
instructions"),

* commit 28d6f93d201d ("MIPS: Emulate the new MIPS R6 BNEZC and JIALC 
instructions"),

* commit c893ce38b265 ("MIPS: Emulate the new MIPS R6 BOVC, BEQC and 
BEQZALC instructions")

and send SIGILL rather than returning -SIGILL for R6 branch and jump 
instructions.  Returning -SIGILL is never correct as the API defines 
this function's result upon error to be -EFAULT and a signal actually 
issued.

Cc: stable@vger.kernel.org # 3.19+
Fixes: 8467ca0122e2 ("MIPS: Emulate the new MIPS R6 branch compact (BC) instruction")
Fixes: 84fef630127a ("MIPS: Emulate the new MIPS R6 BALC instruction")
Fixes: 69b9a2fd05a3 ("MIPS: Emulate the new MIPS R6 BEQZC and JIC instructions")
Fixes: 28d6f93d201d ("MIPS: Emulate the new MIPS R6 BNEZC and JIALC instructions")
Fixes: c893ce38b265 ("MIPS: Emulate the new MIPS R6 BOVC, BEQC and BEQZALC instructions")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 I have no idea why support for the original instructions has been added 
piecemeal, but I'm not going to split this change, that would be nonsense.

  Maciej

linux-mips-epc-for-insn-sigill-r6.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 06:33:32.663567000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 06:35:33.359652000 +0100
@@ -771,35 +771,27 @@ int __compute_return_epc_for_insn(struct
 #else
 	case bc6_op:
 		/* Only valid for MIPS R6 */
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		regs->cp0_epc += 8;
 		break;
 	case balc6_op:
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		/* Compact branch: BALC */
 		regs->regs[31] = epc + 4;
 		epc += 4 + (insn.i_format.simmediate << 2);
 		regs->cp0_epc = epc;
 		break;
 	case pop66_op:
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		/* Compact branch: BEQZC || JIC */
 		regs->cp0_epc += 8;
 		break;
 	case pop76_op:
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		/* Compact branch: BNEZC || JIALC */
 		if (insn.i_format.rs)
 			regs->regs[31] = epc + 4;
@@ -809,10 +801,8 @@ int __compute_return_epc_for_insn(struct
 	case pop10_op:
 	case pop30_op:
 		/* Only valid for MIPS R6 */
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		/*
 		 * Compact branches:
 		 * bovc, beqc, beqzalc, bnvc, bnec, bnezlac
@@ -835,6 +825,11 @@ int __compute_return_epc_for_insn(struct
 		current->comm);
 	force_sig(SIGILL, current);
 	return -EFAULT;
+sigill_r6:
+	pr_info("%s: R6 branch but no MIPSr6 ISA support - sending SIGILL.\n",
+		current->comm);
+	force_sig(SIGILL, current);
+	return -EFAULT;
 }
 EXPORT_SYMBOL_GPL(__compute_return_epc_for_insn);
 

[PATCH 7/9] MIPS: Send SIGILL for R6 branches in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Fix:

* commit 8467ca0122e2 ("MIPS: Emulate the new MIPS R6 branch compact 
(BC) instruction"),

* commit 84fef630127a ("MIPS: Emulate the new MIPS R6 BALC 
instruction"),

* commit 69b9a2fd05a3 ("MIPS: Emulate the new MIPS R6 BEQZC and JIC 
instructions"),

* commit 28d6f93d201d ("MIPS: Emulate the new MIPS R6 BNEZC and JIALC 
instructions"),

* commit c893ce38b265 ("MIPS: Emulate the new MIPS R6 BOVC, BEQC and 
BEQZALC instructions")

and send SIGILL rather than returning -SIGILL for R6 branch and jump 
instructions.  Returning -SIGILL is never correct as the API defines 
this function's result upon error to be -EFAULT and a signal actually 
issued.

Cc: stable@vger.kernel.org # 3.19+
Fixes: 8467ca0122e2 ("MIPS: Emulate the new MIPS R6 branch compact (BC) instruction")
Fixes: 84fef630127a ("MIPS: Emulate the new MIPS R6 BALC instruction")
Fixes: 69b9a2fd05a3 ("MIPS: Emulate the new MIPS R6 BEQZC and JIC instructions")
Fixes: 28d6f93d201d ("MIPS: Emulate the new MIPS R6 BNEZC and JIALC instructions")
Fixes: c893ce38b265 ("MIPS: Emulate the new MIPS R6 BOVC, BEQC and BEQZALC instructions")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 I have no idea why support for the original instructions has been added 
piecemeal, but I'm not going to split this change, that would be nonsense.

  Maciej

linux-mips-epc-for-insn-sigill-r6.diff
Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-01 06:33:32.663567000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-01 06:35:33.359652000 +0100
@@ -771,35 +771,27 @@ int __compute_return_epc_for_insn(struct
 #else
 	case bc6_op:
 		/* Only valid for MIPS R6 */
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		regs->cp0_epc += 8;
 		break;
 	case balc6_op:
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		/* Compact branch: BALC */
 		regs->regs[31] = epc + 4;
 		epc += 4 + (insn.i_format.simmediate << 2);
 		regs->cp0_epc = epc;
 		break;
 	case pop66_op:
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		/* Compact branch: BEQZC || JIC */
 		regs->cp0_epc += 8;
 		break;
 	case pop76_op:
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		/* Compact branch: BNEZC || JIALC */
 		if (insn.i_format.rs)
 			regs->regs[31] = epc + 4;
@@ -809,10 +801,8 @@ int __compute_return_epc_for_insn(struct
 	case pop10_op:
 	case pop30_op:
 		/* Only valid for MIPS R6 */
-		if (!cpu_has_mips_r6) {
-			ret = -SIGILL;
-			break;
-		}
+		if (!cpu_has_mips_r6)
+			goto sigill_r6;
 		/*
 		 * Compact branches:
 		 * bovc, beqc, beqzalc, bnvc, bnec, bnezlac
@@ -835,6 +825,11 @@ int __compute_return_epc_for_insn(struct
 		current->comm);
 	force_sig(SIGILL, current);
 	return -EFAULT;
+sigill_r6:
+	pr_info("%s: R6 branch but no MIPSr6 ISA support - sending SIGILL.\n",
+		current->comm);
+	force_sig(SIGILL, current);
+	return -EFAULT;
 }
 EXPORT_SYMBOL_GPL(__compute_return_epc_for_insn);
 

[PATCH 8/9] MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message

[Maciej W. Rozycki]

Cc: stable@vger.kernel.org # 3.19+
Fixes: 5f9f41c474be ("MIPS: kernel: Prepare the JR instruction for emulation on MIPS R6")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 This is a user-visible message, so please backport.

  Maciej

Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-05 05:11:05.340498000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-05 05:30:41.432034000 +0100
@@ -821,7 +821,7 @@ int __compute_return_epc_for_insn(struct
 	force_sig(SIGILL, current);
 	return -EFAULT;
 sigill_r2r6:
-	pr_info("%s: R2 branch but r2-to-r6 emulator is not preset - sending SIGILL.\n",
+	pr_info("%s: R2 branch but r2-to-r6 emulator is not present - sending SIGILL.\n",
 		current->comm);
 	force_sig(SIGILL, current);
 	return -EFAULT;

[PATCH 8/9] MIPS: Fix a typo: s/preset/present/ in r2-to-r6 emulation error message

[Maciej W. Rozycki]

Cc: stable@vger.kernel.org # 3.19+
Fixes: 5f9f41c474be ("MIPS: kernel: Prepare the JR instruction for emulation on MIPS R6")
Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 This is a user-visible message, so please backport.

  Maciej

Index: linux-sfr-test/arch/mips/kernel/branch.c
===================================================================
--- linux-sfr-test.orig/arch/mips/kernel/branch.c	2017-06-05 05:11:05.340498000 +0100
+++ linux-sfr-test/arch/mips/kernel/branch.c	2017-06-05 05:30:41.432034000 +0100
@@ -821,7 +821,7 @@ int __compute_return_epc_for_insn(struct
 	force_sig(SIGILL, current);
 	return -EFAULT;
 sigill_r2r6:
-	pr_info("%s: R2 branch but r2-to-r6 emulator is not preset - sending SIGILL.\n",
+	pr_info("%s: R2 branch but r2-to-r6 emulator is not present - sending SIGILL.\n",
 		current->comm);
 	force_sig(SIGILL, current);
 	return -EFAULT;

[PATCH 9/9] MIPS: math-emu: For MFHC1/MTHC1 also return SIGILL right away

[Maciej W. Rozycki]

Update commit 1ac944007bed ("MIPS: math-emu: Add mfhc1 & mthc1 
support.") and like done throughout `cop1Emulate' for other cases also 
for the MFHC1 and MTHC1 instructions return SIGILL right away rather 
than jumping to a single `return' statement.

Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 No functional change, just a coding consistency fix, so no need to 
backport.

  Maciej

linux-mips-cp1emu-sigill.diff
Index: linux-sfr-test/arch/mips/math-emu/cp1emu.c
===================================================================
--- linux-sfr-test.orig/arch/mips/math-emu/cp1emu.c	2017-06-05 05:11:05.344496000 +0100
+++ linux-sfr-test/arch/mips/math-emu/cp1emu.c	2017-06-05 05:22:21.552958000 +0100
@@ -1142,7 +1142,7 @@ static int cop1Emulate(struct pt_regs *x
 
 		case mfhc_op:
 			if (!cpu_has_mips_r2_r6)
-				goto sigill;
+				return SIGILL;
 
 			/* copregister rd -> gpr[rt] */
 			if (MIPSInst_RT(ir) != 0) {
@@ -1153,7 +1153,7 @@ static int cop1Emulate(struct pt_regs *x
 
 		case mthc_op:
 			if (!cpu_has_mips_r2_r6)
-				goto sigill;
+				return SIGILL;
 
 			/* copregister rd <- gpr[rt] */
 			SITOHREG(xcp->regs[MIPSInst_RT(ir)], MIPSInst_RD(ir));
@@ -1376,7 +1376,6 @@ static int cop1Emulate(struct pt_regs *x
 				xcp->regs[MIPSInst_RS(ir)];
 		break;
 	default:
-sigill:
 		return SIGILL;
 	}
 

[PATCH 9/9] MIPS: math-emu: For MFHC1/MTHC1 also return SIGILL right away

[Maciej W. Rozycki]

Update commit 1ac944007bed ("MIPS: math-emu: Add mfhc1 & mthc1 
support.") and like done throughout `cop1Emulate' for other cases also 
for the MFHC1 and MTHC1 instructions return SIGILL right away rather 
than jumping to a single `return' statement.

Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
---
 No functional change, just a coding consistency fix, so no need to 
backport.

  Maciej

linux-mips-cp1emu-sigill.diff
Index: linux-sfr-test/arch/mips/math-emu/cp1emu.c
===================================================================
--- linux-sfr-test.orig/arch/mips/math-emu/cp1emu.c	2017-06-05 05:11:05.344496000 +0100
+++ linux-sfr-test/arch/mips/math-emu/cp1emu.c	2017-06-05 05:22:21.552958000 +0100
@@ -1142,7 +1142,7 @@ static int cop1Emulate(struct pt_regs *x
 
 		case mfhc_op:
 			if (!cpu_has_mips_r2_r6)
-				goto sigill;
+				return SIGILL;
 
 			/* copregister rd -> gpr[rt] */
 			if (MIPSInst_RT(ir) != 0) {
@@ -1153,7 +1153,7 @@ static int cop1Emulate(struct pt_regs *x
 
 		case mthc_op:
 			if (!cpu_has_mips_r2_r6)
-				goto sigill;
+				return SIGILL;
 
 			/* copregister rd <- gpr[rt] */
 			SITOHREG(xcp->regs[MIPSInst_RT(ir)], MIPSInst_RD(ir));
@@ -1376,7 +1376,6 @@ static int cop1Emulate(struct pt_regs *x
 				xcp->regs[MIPSInst_RS(ir)];
 		break;
 	default:
-sigill:
 		return SIGILL;
 	}
 

Re: [PATCH 5/9] MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'

[Greg KH]

On Tue, Jun 06, 2017 at 12:17:53AM +0100, Maciej W. Rozycki wrote:
> Cc: stable@vger.kernel.org # 3.19+
> Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
> ---
>  Not a fix by itself, but needed for the next 2 changes.

And why isn't that info in the changelog text?  I know I will not take
patches without any changelog text, I don't know of other maintainers
are more "lax" about that :)

thanks,

greg k-h

Re: [PATCH 5/9] MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Hi Greg,

> > Cc: stable@vger.kernel.org # 3.19+
> > Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
> > ---
> >  Not a fix by itself, but needed for the next 2 changes.
> 
> And why isn't that info in the changelog text?  I know I will not take
> patches without any changelog text, I don't know of other maintainers
> are more "lax" about that :)

 Umm, I didn't know about your rule and thought the change along with its 
heading speaks for itself.  Sorry about that.  On second thoughts I agree 
a proper justification is due even for such a mechanical change.

 Obviously the quoted explanatory sentence as it stands would qualify as 
clutter if recorded in GIT for posterity, i.e. what would be its value for 
someone examining past changes say 10 years from now?  I'll think of 
something more suitable then and repost the series in a few days' time in 
case someone has further comments I'll take into account about any of 
these changes, so as to minimise noise (which has become hard to deal with 
already).  Ralf seems to have vanished recently, so I guess it'll take a 
bit for these changes to move forward anyway.

 Thanks for your feedback, always appreciated.

  Maciej

Re: [PATCH 5/9] MIPS: Rename `sigill_r6' to `sigill_r2r6' in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

Hi Greg,

> > Cc: stable@vger.kernel.org # 3.19+
> > Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
> > ---
> >  Not a fix by itself, but needed for the next 2 changes.
> 
> And why isn't that info in the changelog text?  I know I will not take
> patches without any changelog text, I don't know of other maintainers
> are more "lax" about that :)

 Umm, I didn't know about your rule and thought the change along with its 
heading speaks for itself.  Sorry about that.  On second thoughts I agree 
a proper justification is due even for such a mechanical change.

 Obviously the quoted explanatory sentence as it stands would qualify as 
clutter if recorded in GIT for posterity, i.e. what would be its value for 
someone examining past changes say 10 years from now?  I'll think of 
something more suitable then and repost the series in a few days' time in 
case someone has further comments I'll take into account about any of 
these changes, so as to minimise noise (which has become hard to deal with 
already).  Ralf seems to have vanished recently, so I guess it'll take a 
bit for these changes to move forward anyway.

 Thanks for your feedback, always appreciated.

  Maciej

Re: [PATCH 4/9] MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'

[Ralf Baechle]

On Tue, Jun 06, 2017 at 12:17:05AM +0100, Maciej W. Rozycki wrote:

> Fix commit e50c0a8fa60d ("Support the MIPS32 / MIPS64 DSP ASE.") and 
> send SIGILL rather than SIGBUS whenever an unimplemented BPOSGE32 DSP 
> ASE instruction has been encountered in `__compute_return_epc_for_insn' 
> as our Reserved Instruction exception handler would in response to an 
> attempt to actually execute the instruction.  Sending SIGBUS only makes 
> sense for the unaligned PC case, since moved to `__compute_return_epc'.  
> Adjust function documentation accordingly, correct formatting and use
> `pr_info' rather than `printk' as the other exit path already does.
> 
> Cc: stable@vger.kernel.org # 2.6.14+
> Fixes: e50c0a8fa60d ("Support the MIPS32 / MIPS64 DSP ASE.")
> Signed-off-by: Maciej W. Rozycki <macro@imgtec.com>
> ---
>  I hope folding the formatting fix and `pr_info' update with the base 
> change is fine given that they all apply to the same code line.

Ok, but ...

>  sigill_dsp:
> -	printk("%s: DSP branch but not DSP ASE - sending SIGBUS.\n", current->comm);
> -	force_sig(SIGBUS, current);
> +	pr_info("%s: DSP branch but not DSP ASE - sending SIGILL.\n",
> +		current->comm);

Shouldn't this then maybe be a pr_debug then?  With pr_info the right
kind of program can produce lots of useless clutter.

  Ralf

Re: [PATCH 4/9] MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

On Thu, 8 Jun 2017, Ralf Baechle wrote:

> >  sigill_dsp:
> > -	printk("%s: DSP branch but not DSP ASE - sending SIGBUS.\n", current->comm);
> > -	force_sig(SIGBUS, current);
> > +	pr_info("%s: DSP branch but not DSP ASE - sending SIGILL.\n",
> > +		current->comm);
> 
> Shouldn't this then maybe be a pr_debug then?  With pr_info the right
> kind of program can produce lots of useless clutter.

 Sure.  Since I'm going to repost anyway to address Greg's concern, I'll 
append an extra patch to the series, to change these all en masse, for 
consistency.

 Eventually I think they will all go as I suspect they cover an impossible 
condition (so BUG_ON will be more appropriate), i.e. you can't get a 
delay-slot exception for a branch that has not been implemented -- you'll 
get a Reserved Instruction exception for the branch itself instead, and 
then there's nothing to emulate.  But I'll have to investigate execution 
paths carefully first, verify that `delay_slot' is called consistently and 
surely split off R2-on-R6 emulation code, before we can consider such a 
change a safe operation.

 Glad to see you back.

  Maciej

Re: [PATCH 4/9] MIPS: Send SIGILL for BPOSGE32 in `__compute_return_epc_for_insn'

[Maciej W. Rozycki]

On Thu, 8 Jun 2017, Ralf Baechle wrote:

> >  sigill_dsp:
> > -	printk("%s: DSP branch but not DSP ASE - sending SIGBUS.\n", current->comm);
> > -	force_sig(SIGBUS, current);
> > +	pr_info("%s: DSP branch but not DSP ASE - sending SIGILL.\n",
> > +		current->comm);
> 
> Shouldn't this then maybe be a pr_debug then?  With pr_info the right
> kind of program can produce lots of useless clutter.

 Sure.  Since I'm going to repost anyway to address Greg's concern, I'll 
append an extra patch to the series, to change these all en masse, for 
consistency.

 Eventually I think they will all go as I suspect they cover an impossible 
condition (so BUG_ON will be more appropriate), i.e. you can't get a 
delay-slot exception for a branch that has not been implemented -- you'll 
get a Reserved Instruction exception for the branch itself instead, and 
then there's nothing to emulate.  But I'll have to investigate execution 
paths carefully first, verify that `delay_slot' is called consistently and 
surely split off R2-on-R6 emulation code, before we can consider such a 
change a safe operation.

 Glad to see you back.

  Maciej