2 * arch/arm/kernel/kprobes-decode.c
4 * Copyright (C) 2006, 2007 Motorola Inc.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License version 2 as
8 * published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * General Public License for more details.
17 * We do not have hardware single-stepping on ARM, This
18 * effort is further complicated by the ARM not having a
19 * "next PC" register. Instructions that change the PC
20 * can't be safely single-stepped in a MP environment, so
21 * we have a lot of work to do:
23 * In the prepare phase:
24 * *) If it is an instruction that does anything
25 * with the CPU mode, we reject it for a kprobe.
26 * (This is out of laziness rather than need. The
27 * instructions could be simulated.)
29 * *) Otherwise, decode the instruction rewriting its
30 * registers to take fixed, ordered registers and
31 * setting a handler for it to run the instruction.
33 * In the execution phase by an instruction's handler:
35 * *) If the PC is written to by the instruction, the
36 * instruction must be fully simulated in software.
37 * If it is a conditional instruction, the handler
38 * will use insn[0] to copy its condition code to
39 * set r0 to 1 and insn[1] to "mov pc, lr" to return.
41 * *) Otherwise, a modified form of the instruction is
42 * directly executed. Its handler calls the
43 * instruction in insn[0]. In insn[1] is a
44 * "mov pc, lr" to return.
46 * Before calling, load up the reordered registers
47 * from the original instruction's registers. If one
48 * of the original input registers is the PC, compute
49 * and adjust the appropriate input register.
51 * After call completes, copy the output registers to
52 * the original instruction's original registers.
54 * We don't use a real breakpoint instruction since that
55 * would have us in the kernel go from SVC mode to SVC
56 * mode losing the link register. Instead we use an
57 * undefined instruction. To simplify processing, the
58 * undefined instruction used for kprobes must be reserved
59 * exclusively for kprobes use.
61 * TODO: ifdef out some instruction decoding based on architecture.
64 #include <linux/kernel.h>
65 #include <linux/kprobes.h>
67 #define sign_extend(x, signbit) ((x) | (0 - ((x) & (1 << (signbit)))))
69 #define branch_displacement(insn) sign_extend(((insn) & 0xffffff) << 2, 25)
71 #define is_r15(insn, bitpos) (((insn) & (0xf << bitpos)) == (0xf << bitpos))
74 * Test if load/store instructions writeback the address register.
75 * if P (bit 24) == 0 or W (bit 21) == 1
77 #define is_writeback(insn) ((insn ^ 0x01000000) & 0x01200000)
79 #define PSR_fs (PSR_f|PSR_s)
81 #define KPROBE_RETURN_INSTRUCTION 0xe1a0f00e /* mov pc, lr */
83 typedef long (insn_0arg_fn_t)(void);
84 typedef long (insn_1arg_fn_t)(long);
85 typedef long (insn_2arg_fn_t)(long, long);
86 typedef long (insn_3arg_fn_t)(long, long, long);
87 typedef long (insn_4arg_fn_t)(long, long, long, long);
88 typedef long long (insn_llret_0arg_fn_t)(void);
89 typedef long long (insn_llret_3arg_fn_t)(long, long, long);
90 typedef long long (insn_llret_4arg_fn_t)(long, long, long, long);
94 #ifdef __LITTLE_ENDIAN
95 struct { long r0, r1; };
97 struct { long r1, r0; };
102 * For STR and STM instructions, an ARM core may choose to use either
103 * a +8 or a +12 displacement from the current instruction's address.
104 * Whichever value is chosen for a given core, it must be the same for
105 * both instructions and may not change. This function measures it.
108 static int str_pc_offset;
110 static void __init find_str_pc_offset(void)
112 int addr, scratch, ret;
115 "sub %[ret], pc, #4 \n\t"
116 "str pc, %[addr] \n\t"
117 "ldr %[scr], %[addr] \n\t"
118 "sub %[ret], %[scr], %[ret] \n\t"
119 : [ret] "=r" (ret), [scr] "=r" (scratch), [addr] "+m" (addr));
125 * The insnslot_?arg_r[w]flags() functions below are to keep the
126 * msr -> *fn -> mrs instruction sequences indivisible so that
127 * the state of the CPSR flags aren't inadvertently modified
128 * just before or just after the call.
131 static inline long __kprobes
132 insnslot_0arg_rflags(long cpsr, insn_0arg_fn_t *fn)
134 register long ret asm("r0");
136 __asm__ __volatile__ (
137 "msr cpsr_fs, %[cpsr] \n\t"
141 : [cpsr] "r" (cpsr), [fn] "r" (fn)
147 static inline long long __kprobes
148 insnslot_llret_0arg_rflags(long cpsr, insn_llret_0arg_fn_t *fn)
150 register long ret0 asm("r0");
151 register long ret1 asm("r1");
154 __asm__ __volatile__ (
155 "msr cpsr_fs, %[cpsr] \n\t"
158 : "=r" (ret0), "=r" (ret1)
159 : [cpsr] "r" (cpsr), [fn] "r" (fn)
167 static inline long __kprobes
168 insnslot_1arg_rflags(long r0, long cpsr, insn_1arg_fn_t *fn)
170 register long rr0 asm("r0") = r0;
171 register long ret asm("r0");
173 __asm__ __volatile__ (
174 "msr cpsr_fs, %[cpsr] \n\t"
178 : "0" (rr0), [cpsr] "r" (cpsr), [fn] "r" (fn)
184 static inline long __kprobes
185 insnslot_2arg_rflags(long r0, long r1, long cpsr, insn_2arg_fn_t *fn)
187 register long rr0 asm("r0") = r0;
188 register long rr1 asm("r1") = r1;
189 register long ret asm("r0");
191 __asm__ __volatile__ (
192 "msr cpsr_fs, %[cpsr] \n\t"
196 : "0" (rr0), "r" (rr1),
197 [cpsr] "r" (cpsr), [fn] "r" (fn)
203 static inline long __kprobes
204 insnslot_3arg_rflags(long r0, long r1, long r2, long cpsr, insn_3arg_fn_t *fn)
206 register long rr0 asm("r0") = r0;
207 register long rr1 asm("r1") = r1;
208 register long rr2 asm("r2") = r2;
209 register long ret asm("r0");
211 __asm__ __volatile__ (
212 "msr cpsr_fs, %[cpsr] \n\t"
216 : "0" (rr0), "r" (rr1), "r" (rr2),
217 [cpsr] "r" (cpsr), [fn] "r" (fn)
223 static inline long long __kprobes
224 insnslot_llret_3arg_rflags(long r0, long r1, long r2, long cpsr,
225 insn_llret_3arg_fn_t *fn)
227 register long rr0 asm("r0") = r0;
228 register long rr1 asm("r1") = r1;
229 register long rr2 asm("r2") = r2;
230 register long ret0 asm("r0");
231 register long ret1 asm("r1");
234 __asm__ __volatile__ (
235 "msr cpsr_fs, %[cpsr] \n\t"
238 : "=r" (ret0), "=r" (ret1)
239 : "0" (rr0), "r" (rr1), "r" (rr2),
240 [cpsr] "r" (cpsr), [fn] "r" (fn)
248 static inline long __kprobes
249 insnslot_4arg_rflags(long r0, long r1, long r2, long r3, long cpsr,
252 register long rr0 asm("r0") = r0;
253 register long rr1 asm("r1") = r1;
254 register long rr2 asm("r2") = r2;
255 register long rr3 asm("r3") = r3;
256 register long ret asm("r0");
258 __asm__ __volatile__ (
259 "msr cpsr_fs, %[cpsr] \n\t"
263 : "0" (rr0), "r" (rr1), "r" (rr2), "r" (rr3),
264 [cpsr] "r" (cpsr), [fn] "r" (fn)
270 static inline long __kprobes
271 insnslot_1arg_rwflags(long r0, long *cpsr, insn_1arg_fn_t *fn)
273 register long rr0 asm("r0") = r0;
274 register long ret asm("r0");
275 long oldcpsr = *cpsr;
278 __asm__ __volatile__ (
279 "msr cpsr_fs, %[oldcpsr] \n\t"
282 "mrs %[newcpsr], cpsr \n\t"
283 : "=r" (ret), [newcpsr] "=r" (newcpsr)
284 : "0" (rr0), [oldcpsr] "r" (oldcpsr), [fn] "r" (fn)
287 *cpsr = (oldcpsr & ~PSR_fs) | (newcpsr & PSR_fs);
291 static inline long __kprobes
292 insnslot_2arg_rwflags(long r0, long r1, long *cpsr, insn_2arg_fn_t *fn)
294 register long rr0 asm("r0") = r0;
295 register long rr1 asm("r1") = r1;
296 register long ret asm("r0");
297 long oldcpsr = *cpsr;
300 __asm__ __volatile__ (
301 "msr cpsr_fs, %[oldcpsr] \n\t"
304 "mrs %[newcpsr], cpsr \n\t"
305 : "=r" (ret), [newcpsr] "=r" (newcpsr)
306 : "0" (rr0), "r" (rr1), [oldcpsr] "r" (oldcpsr), [fn] "r" (fn)
309 *cpsr = (oldcpsr & ~PSR_fs) | (newcpsr & PSR_fs);
313 static inline long __kprobes
314 insnslot_3arg_rwflags(long r0, long r1, long r2, long *cpsr,
317 register long rr0 asm("r0") = r0;
318 register long rr1 asm("r1") = r1;
319 register long rr2 asm("r2") = r2;
320 register long ret asm("r0");
321 long oldcpsr = *cpsr;
324 __asm__ __volatile__ (
325 "msr cpsr_fs, %[oldcpsr] \n\t"
328 "mrs %[newcpsr], cpsr \n\t"
329 : "=r" (ret), [newcpsr] "=r" (newcpsr)
330 : "0" (rr0), "r" (rr1), "r" (rr2),
331 [oldcpsr] "r" (oldcpsr), [fn] "r" (fn)
334 *cpsr = (oldcpsr & ~PSR_fs) | (newcpsr & PSR_fs);
338 static inline long __kprobes
339 insnslot_4arg_rwflags(long r0, long r1, long r2, long r3, long *cpsr,
342 register long rr0 asm("r0") = r0;
343 register long rr1 asm("r1") = r1;
344 register long rr2 asm("r2") = r2;
345 register long rr3 asm("r3") = r3;
346 register long ret asm("r0");
347 long oldcpsr = *cpsr;
350 __asm__ __volatile__ (
351 "msr cpsr_fs, %[oldcpsr] \n\t"
354 "mrs %[newcpsr], cpsr \n\t"
355 : "=r" (ret), [newcpsr] "=r" (newcpsr)
356 : "0" (rr0), "r" (rr1), "r" (rr2), "r" (rr3),
357 [oldcpsr] "r" (oldcpsr), [fn] "r" (fn)
360 *cpsr = (oldcpsr & ~PSR_fs) | (newcpsr & PSR_fs);
364 static inline long long __kprobes
365 insnslot_llret_4arg_rwflags(long r0, long r1, long r2, long r3, long *cpsr,
366 insn_llret_4arg_fn_t *fn)
368 register long rr0 asm("r0") = r0;
369 register long rr1 asm("r1") = r1;
370 register long rr2 asm("r2") = r2;
371 register long rr3 asm("r3") = r3;
372 register long ret0 asm("r0");
373 register long ret1 asm("r1");
374 long oldcpsr = *cpsr;
378 __asm__ __volatile__ (
379 "msr cpsr_fs, %[oldcpsr] \n\t"
382 "mrs %[newcpsr], cpsr \n\t"
383 : "=r" (ret0), "=r" (ret1), [newcpsr] "=r" (newcpsr)
384 : "0" (rr0), "r" (rr1), "r" (rr2), "r" (rr3),
385 [oldcpsr] "r" (oldcpsr), [fn] "r" (fn)
388 *cpsr = (oldcpsr & ~PSR_fs) | (newcpsr & PSR_fs);
395 * To avoid the complications of mimicing single-stepping on a
396 * processor without a Next-PC or a single-step mode, and to
397 * avoid having to deal with the side-effects of boosting, we
398 * simulate or emulate (almost) all ARM instructions.
400 * "Simulation" is where the instruction's behavior is duplicated in
401 * C code. "Emulation" is where the original instruction is rewritten
402 * and executed, often by altering its registers.
404 * By having all behavior of the kprobe'd instruction completed before
405 * returning from the kprobe_handler(), all locks (scheduler and
406 * interrupt) can safely be released. There is no need for secondary
407 * breakpoints, no race with MP or preemptable kernels, nor having to
408 * clean up resources counts at a later time impacting overall system
409 * performance. By rewriting the instruction, only the minimum registers
410 * need to be loaded and saved back optimizing performance.
412 * Calling the insnslot_*_rwflags version of a function doesn't hurt
413 * anything even when the CPSR flags aren't updated by the
414 * instruction. It's just a little slower in return for saving
415 * a little space by not having a duplicate function that doesn't
416 * update the flags. (The same optimization can be said for
417 * instructions that do or don't perform register writeback)
418 * Also, instructions can either read the flags, only write the
419 * flags, or read and write the flags. To save combinations
420 * rather than for sheer performance, flag functions just assume
421 * read and write of flags.
424 static void __kprobes simulate_bbl(struct kprobe *p, struct pt_regs *regs)
426 kprobe_opcode_t insn = p->opcode;
427 long iaddr = (long)p->addr;
428 int disp = branch_displacement(insn);
430 if (insn & (1 << 24))
431 regs->ARM_lr = iaddr + 4;
433 regs->ARM_pc = iaddr + 8 + disp;
436 static void __kprobes simulate_blx1(struct kprobe *p, struct pt_regs *regs)
438 kprobe_opcode_t insn = p->opcode;
439 long iaddr = (long)p->addr;
440 int disp = branch_displacement(insn);
442 regs->ARM_lr = iaddr + 4;
443 regs->ARM_pc = iaddr + 8 + disp + ((insn >> 23) & 0x2);
444 regs->ARM_cpsr |= PSR_T_BIT;
447 static void __kprobes simulate_blx2bx(struct kprobe *p, struct pt_regs *regs)
449 kprobe_opcode_t insn = p->opcode;
451 long rmv = regs->uregs[rm];
454 regs->ARM_lr = (long)p->addr + 4;
456 regs->ARM_pc = rmv & ~0x1;
457 regs->ARM_cpsr &= ~PSR_T_BIT;
459 regs->ARM_cpsr |= PSR_T_BIT;
462 static void __kprobes simulate_mrs(struct kprobe *p, struct pt_regs *regs)
464 kprobe_opcode_t insn = p->opcode;
465 int rd = (insn >> 12) & 0xf;
466 unsigned long mask = 0xf8ff03df; /* Mask out execution state */
467 regs->uregs[rd] = regs->ARM_cpsr & mask;
470 static void __kprobes simulate_ldm1stm1(struct kprobe *p, struct pt_regs *regs)
472 kprobe_opcode_t insn = p->opcode;
473 int rn = (insn >> 16) & 0xf;
474 int lbit = insn & (1 << 20);
475 int wbit = insn & (1 << 21);
476 int ubit = insn & (1 << 23);
477 int pbit = insn & (1 << 24);
478 long *addr = (long *)regs->uregs[rn];
483 reg_bit_vector = insn & 0xffff;
484 while (reg_bit_vector) {
485 reg_bit_vector &= (reg_bit_vector - 1);
491 addr += (!pbit == !ubit);
493 reg_bit_vector = insn & 0xffff;
494 while (reg_bit_vector) {
495 int reg = __ffs(reg_bit_vector);
496 reg_bit_vector &= (reg_bit_vector - 1);
498 regs->uregs[reg] = *addr++;
500 *addr++ = regs->uregs[reg];
506 addr -= (!pbit == !ubit);
507 regs->uregs[rn] = (long)addr;
511 static void __kprobes simulate_stm1_pc(struct kprobe *p, struct pt_regs *regs)
513 regs->ARM_pc = (long)p->addr + str_pc_offset;
514 simulate_ldm1stm1(p, regs);
515 regs->ARM_pc = (long)p->addr + 4;
518 static void __kprobes simulate_mov_ipsp(struct kprobe *p, struct pt_regs *regs)
520 regs->uregs[12] = regs->uregs[13];
523 static void __kprobes emulate_ldrd(struct kprobe *p, struct pt_regs *regs)
525 insn_2arg_fn_t *i_fn = (insn_2arg_fn_t *)&p->ainsn.insn[0];
526 kprobe_opcode_t insn = p->opcode;
527 long ppc = (long)p->addr + 8;
528 int rd = (insn >> 12) & 0xf;
529 int rn = (insn >> 16) & 0xf;
530 int rm = insn & 0xf; /* rm may be invalid, don't care. */
531 long rmv = (rm == 15) ? ppc : regs->uregs[rm];
532 long rnv = (rn == 15) ? ppc : regs->uregs[rn];
534 /* Not following the C calling convention here, so need asm(). */
535 __asm__ __volatile__ (
538 "msr cpsr_fs, %[cpsr]\n\t"
540 "mov pc, %[i_fn] \n\t"
541 "str r0, %[rn] \n\t" /* in case of writeback */
542 "str r2, %[rd0] \n\t"
543 "str r3, %[rd1] \n\t"
545 [rd0] "=m" (regs->uregs[rd]),
546 [rd1] "=m" (regs->uregs[rd+1])
548 [cpsr] "r" (regs->ARM_cpsr),
550 : "r0", "r1", "r2", "r3", "lr", "cc"
552 if (is_writeback(insn))
553 regs->uregs[rn] = rnv;
556 static void __kprobes emulate_strd(struct kprobe *p, struct pt_regs *regs)
558 insn_4arg_fn_t *i_fn = (insn_4arg_fn_t *)&p->ainsn.insn[0];
559 kprobe_opcode_t insn = p->opcode;
560 long ppc = (long)p->addr + 8;
561 int rd = (insn >> 12) & 0xf;
562 int rn = (insn >> 16) & 0xf;
564 long rnv = (rn == 15) ? ppc : regs->uregs[rn];
565 /* rm/rmv may be invalid, don't care. */
566 long rmv = (rm == 15) ? ppc : regs->uregs[rm];
569 rnv_wb = insnslot_4arg_rflags(rnv, rmv, regs->uregs[rd],
571 regs->ARM_cpsr, i_fn);
572 if (is_writeback(insn))
573 regs->uregs[rn] = rnv_wb;
576 static void __kprobes emulate_ldr(struct kprobe *p, struct pt_regs *regs)
578 insn_llret_3arg_fn_t *i_fn = (insn_llret_3arg_fn_t *)&p->ainsn.insn[0];
579 kprobe_opcode_t insn = p->opcode;
580 long ppc = (long)p->addr + 8;
582 int rd = (insn >> 12) & 0xf;
583 int rn = (insn >> 16) & 0xf;
586 long rnv = (rn == 15) ? ppc : regs->uregs[rn];
587 long rmv = (rm == 15) ? ppc : regs->uregs[rm];
588 long cpsr = regs->ARM_cpsr;
590 fnr.dr = insnslot_llret_3arg_rflags(rnv, 0, rmv, cpsr, i_fn);
592 regs->uregs[rn] = fnr.r0; /* Save Rn in case of writeback. */
596 #if __LINUX_ARM_ARCH__ >= 5
600 regs->ARM_cpsr = cpsr;
606 regs->uregs[rd] = rdv;
609 static void __kprobes emulate_str(struct kprobe *p, struct pt_regs *regs)
611 insn_3arg_fn_t *i_fn = (insn_3arg_fn_t *)&p->ainsn.insn[0];
612 kprobe_opcode_t insn = p->opcode;
613 long iaddr = (long)p->addr;
614 int rd = (insn >> 12) & 0xf;
615 int rn = (insn >> 16) & 0xf;
617 long rdv = (rd == 15) ? iaddr + str_pc_offset : regs->uregs[rd];
618 long rnv = (rn == 15) ? iaddr + 8 : regs->uregs[rn];
619 long rmv = regs->uregs[rm]; /* rm/rmv may be invalid, don't care. */
622 rnv_wb = insnslot_3arg_rflags(rnv, rdv, rmv, regs->ARM_cpsr, i_fn);
624 regs->uregs[rn] = rnv_wb; /* Save Rn in case of writeback. */
627 static void __kprobes emulate_sat(struct kprobe *p, struct pt_regs *regs)
629 insn_1arg_fn_t *i_fn = (insn_1arg_fn_t *)&p->ainsn.insn[0];
630 kprobe_opcode_t insn = p->opcode;
631 int rd = (insn >> 12) & 0xf;
633 long rmv = regs->uregs[rm];
636 regs->uregs[rd] = insnslot_1arg_rwflags(rmv, ®s->ARM_cpsr, i_fn);
639 static void __kprobes emulate_sel(struct kprobe *p, struct pt_regs *regs)
641 insn_2arg_fn_t *i_fn = (insn_2arg_fn_t *)&p->ainsn.insn[0];
642 kprobe_opcode_t insn = p->opcode;
643 int rd = (insn >> 12) & 0xf;
644 int rn = (insn >> 16) & 0xf;
646 long rnv = regs->uregs[rn];
647 long rmv = regs->uregs[rm];
650 regs->uregs[rd] = insnslot_2arg_rflags(rnv, rmv, regs->ARM_cpsr, i_fn);
653 static void __kprobes emulate_none(struct kprobe *p, struct pt_regs *regs)
655 insn_0arg_fn_t *i_fn = (insn_0arg_fn_t *)&p->ainsn.insn[0];
657 insnslot_0arg_rflags(regs->ARM_cpsr, i_fn);
660 static void __kprobes emulate_nop(struct kprobe *p, struct pt_regs *regs)
664 static void __kprobes emulate_rd12rm0(struct kprobe *p, struct pt_regs *regs)
666 insn_1arg_fn_t *i_fn = (insn_1arg_fn_t *)&p->ainsn.insn[0];
667 kprobe_opcode_t insn = p->opcode;
668 int rd = (insn >> 12) & 0xf;
670 long rmv = regs->uregs[rm];
672 regs->uregs[rd] = insnslot_1arg_rflags(rmv, regs->ARM_cpsr, i_fn);
675 static void __kprobes
676 emulate_rd12rn16rm0_rwflags(struct kprobe *p, struct pt_regs *regs)
678 insn_2arg_fn_t *i_fn = (insn_2arg_fn_t *)&p->ainsn.insn[0];
679 kprobe_opcode_t insn = p->opcode;
680 int rd = (insn >> 12) & 0xf;
681 int rn = (insn >> 16) & 0xf;
683 long rnv = regs->uregs[rn];
684 long rmv = regs->uregs[rm];
687 insnslot_2arg_rwflags(rnv, rmv, ®s->ARM_cpsr, i_fn);
690 static void __kprobes
691 emulate_rd16rn12rs8rm0_rwflags(struct kprobe *p, struct pt_regs *regs)
693 insn_3arg_fn_t *i_fn = (insn_3arg_fn_t *)&p->ainsn.insn[0];
694 kprobe_opcode_t insn = p->opcode;
695 int rd = (insn >> 16) & 0xf;
696 int rn = (insn >> 12) & 0xf;
697 int rs = (insn >> 8) & 0xf;
699 long rnv = regs->uregs[rn];
700 long rsv = regs->uregs[rs];
701 long rmv = regs->uregs[rm];
704 insnslot_3arg_rwflags(rnv, rsv, rmv, ®s->ARM_cpsr, i_fn);
707 static void __kprobes
708 emulate_rd16rs8rm0_rwflags(struct kprobe *p, struct pt_regs *regs)
710 insn_2arg_fn_t *i_fn = (insn_2arg_fn_t *)&p->ainsn.insn[0];
711 kprobe_opcode_t insn = p->opcode;
712 int rd = (insn >> 16) & 0xf;
713 int rs = (insn >> 8) & 0xf;
715 long rsv = regs->uregs[rs];
716 long rmv = regs->uregs[rm];
719 insnslot_2arg_rwflags(rsv, rmv, ®s->ARM_cpsr, i_fn);
722 static void __kprobes
723 emulate_rdhi16rdlo12rs8rm0_rwflags(struct kprobe *p, struct pt_regs *regs)
725 insn_llret_4arg_fn_t *i_fn = (insn_llret_4arg_fn_t *)&p->ainsn.insn[0];
726 kprobe_opcode_t insn = p->opcode;
728 int rdhi = (insn >> 16) & 0xf;
729 int rdlo = (insn >> 12) & 0xf;
730 int rs = (insn >> 8) & 0xf;
732 long rsv = regs->uregs[rs];
733 long rmv = regs->uregs[rm];
735 fnr.dr = insnslot_llret_4arg_rwflags(regs->uregs[rdhi],
736 regs->uregs[rdlo], rsv, rmv,
737 ®s->ARM_cpsr, i_fn);
738 regs->uregs[rdhi] = fnr.r0;
739 regs->uregs[rdlo] = fnr.r1;
742 static void __kprobes
743 emulate_alu_imm_rflags(struct kprobe *p, struct pt_regs *regs)
745 insn_1arg_fn_t *i_fn = (insn_1arg_fn_t *)&p->ainsn.insn[0];
746 kprobe_opcode_t insn = p->opcode;
747 int rd = (insn >> 12) & 0xf;
748 int rn = (insn >> 16) & 0xf;
749 long rnv = (rn == 15) ? (long)p->addr + 8 : regs->uregs[rn];
751 regs->uregs[rd] = insnslot_1arg_rflags(rnv, regs->ARM_cpsr, i_fn);
754 static void __kprobes
755 emulate_alu_imm_rwflags(struct kprobe *p, struct pt_regs *regs)
757 insn_1arg_fn_t *i_fn = (insn_1arg_fn_t *)&p->ainsn.insn[0];
758 kprobe_opcode_t insn = p->opcode;
759 int rd = (insn >> 12) & 0xf;
760 int rn = (insn >> 16) & 0xf;
761 long rnv = (rn == 15) ? (long)p->addr + 8 : regs->uregs[rn];
763 regs->uregs[rd] = insnslot_1arg_rwflags(rnv, ®s->ARM_cpsr, i_fn);
766 static void __kprobes
767 emulate_alu_tests_imm(struct kprobe *p, struct pt_regs *regs)
769 insn_1arg_fn_t *i_fn = (insn_1arg_fn_t *)&p->ainsn.insn[0];
770 kprobe_opcode_t insn = p->opcode;
771 int rn = (insn >> 16) & 0xf;
772 long rnv = (rn == 15) ? (long)p->addr + 8 : regs->uregs[rn];
774 insnslot_1arg_rwflags(rnv, ®s->ARM_cpsr, i_fn);
777 static void __kprobes
778 emulate_alu_rflags(struct kprobe *p, struct pt_regs *regs)
780 insn_3arg_fn_t *i_fn = (insn_3arg_fn_t *)&p->ainsn.insn[0];
781 kprobe_opcode_t insn = p->opcode;
782 long ppc = (long)p->addr + 8;
783 int rd = (insn >> 12) & 0xf;
784 int rn = (insn >> 16) & 0xf; /* rn/rnv/rs/rsv may be */
785 int rs = (insn >> 8) & 0xf; /* invalid, don't care. */
787 long rnv = (rn == 15) ? ppc : regs->uregs[rn];
788 long rmv = (rm == 15) ? ppc : regs->uregs[rm];
789 long rsv = regs->uregs[rs];
792 insnslot_3arg_rflags(rnv, rmv, rsv, regs->ARM_cpsr, i_fn);
795 static void __kprobes
796 emulate_alu_rwflags(struct kprobe *p, struct pt_regs *regs)
798 insn_3arg_fn_t *i_fn = (insn_3arg_fn_t *)&p->ainsn.insn[0];
799 kprobe_opcode_t insn = p->opcode;
800 long ppc = (long)p->addr + 8;
801 int rd = (insn >> 12) & 0xf;
802 int rn = (insn >> 16) & 0xf; /* rn/rnv/rs/rsv may be */
803 int rs = (insn >> 8) & 0xf; /* invalid, don't care. */
805 long rnv = (rn == 15) ? ppc : regs->uregs[rn];
806 long rmv = (rm == 15) ? ppc : regs->uregs[rm];
807 long rsv = regs->uregs[rs];
810 insnslot_3arg_rwflags(rnv, rmv, rsv, ®s->ARM_cpsr, i_fn);
813 static void __kprobes
814 emulate_alu_tests(struct kprobe *p, struct pt_regs *regs)
816 insn_3arg_fn_t *i_fn = (insn_3arg_fn_t *)&p->ainsn.insn[0];
817 kprobe_opcode_t insn = p->opcode;
818 long ppc = (long)p->addr + 8;
819 int rn = (insn >> 16) & 0xf;
820 int rs = (insn >> 8) & 0xf; /* rs/rsv may be invalid, don't care. */
822 long rnv = (rn == 15) ? ppc : regs->uregs[rn];
823 long rmv = (rm == 15) ? ppc : regs->uregs[rm];
824 long rsv = regs->uregs[rs];
826 insnslot_3arg_rwflags(rnv, rmv, rsv, ®s->ARM_cpsr, i_fn);
829 static enum kprobe_insn __kprobes
830 prep_emulate_ldr_str(kprobe_opcode_t insn, struct arch_specific_insn *asi)
832 int not_imm = (insn & (1 << 26)) ? (insn & (1 << 25))
833 : (~insn & (1 << 22));
835 if (is_writeback(insn) && is_r15(insn, 16))
836 return INSN_REJECTED; /* Writeback to PC */
839 insn |= 0x00001000; /* Rn = r0, Rd = r1 */
842 insn |= 2; /* Rm = r2 */
845 asi->insn_handler = (insn & (1 << 20)) ? emulate_ldr : emulate_str;
849 static enum kprobe_insn __kprobes
850 prep_emulate_rd12rm0(kprobe_opcode_t insn, struct arch_specific_insn *asi)
852 if (is_r15(insn, 12))
853 return INSN_REJECTED; /* Rd is PC */
855 insn &= 0xffff0ff0; /* Rd = r0, Rm = r0 */
857 asi->insn_handler = emulate_rd12rm0;
861 static enum kprobe_insn __kprobes
862 prep_emulate_rd12rn16rm0_wflags(kprobe_opcode_t insn,
863 struct arch_specific_insn *asi)
865 if (is_r15(insn, 12))
866 return INSN_REJECTED; /* Rd is PC */
868 insn &= 0xfff00ff0; /* Rd = r0, Rn = r0 */
869 insn |= 0x00000001; /* Rm = r1 */
871 asi->insn_handler = emulate_rd12rn16rm0_rwflags;
875 static enum kprobe_insn __kprobes
876 prep_emulate_rd16rs8rm0_wflags(kprobe_opcode_t insn,
877 struct arch_specific_insn *asi)
879 if (is_r15(insn, 16))
880 return INSN_REJECTED; /* Rd is PC */
882 insn &= 0xfff0f0f0; /* Rd = r0, Rs = r0 */
883 insn |= 0x00000001; /* Rm = r1 */
885 asi->insn_handler = emulate_rd16rs8rm0_rwflags;
889 static enum kprobe_insn __kprobes
890 prep_emulate_rd16rn12rs8rm0_wflags(kprobe_opcode_t insn,
891 struct arch_specific_insn *asi)
893 if (is_r15(insn, 16))
894 return INSN_REJECTED; /* Rd is PC */
896 insn &= 0xfff000f0; /* Rd = r0, Rn = r0 */
897 insn |= 0x00000102; /* Rs = r1, Rm = r2 */
899 asi->insn_handler = emulate_rd16rn12rs8rm0_rwflags;
903 static enum kprobe_insn __kprobes
904 prep_emulate_rdhi16rdlo12rs8rm0_wflags(kprobe_opcode_t insn,
905 struct arch_specific_insn *asi)
907 if (is_r15(insn, 16) || is_r15(insn, 12))
908 return INSN_REJECTED; /* RdHi or RdLo is PC */
910 insn &= 0xfff000f0; /* RdHi = r0, RdLo = r1 */
911 insn |= 0x00001203; /* Rs = r2, Rm = r3 */
913 asi->insn_handler = emulate_rdhi16rdlo12rs8rm0_rwflags;
918 * For the instruction masking and comparisons in all the "space_*"
919 * functions below, Do _not_ rearrange the order of tests unless
920 * you're very, very sure of what you are doing. For the sake of
921 * efficiency, the masks for some tests sometimes assume other test
922 * have been done prior to them so the number of patterns to test
923 * for an instruction set can be as broad as possible to reduce the
924 * number of tests needed.
927 static enum kprobe_insn __kprobes
928 space_1111(kprobe_opcode_t insn, struct arch_specific_insn *asi)
930 /* memory hint : 1111 0100 x001 xxxx xxxx xxxx xxxx xxxx : */
931 /* PLDI : 1111 0100 x101 xxxx xxxx xxxx xxxx xxxx : */
932 /* PLDW : 1111 0101 x001 xxxx xxxx xxxx xxxx xxxx : */
933 /* PLD : 1111 0101 x101 xxxx xxxx xxxx xxxx xxxx : */
934 if ((insn & 0xfe300000) == 0xf4100000) {
935 asi->insn_handler = emulate_nop;
936 return INSN_GOOD_NO_SLOT;
939 /* BLX(1) : 1111 101x xxxx xxxx xxxx xxxx xxxx xxxx : */
940 if ((insn & 0xfe000000) == 0xfa000000) {
941 asi->insn_handler = simulate_blx1;
942 return INSN_GOOD_NO_SLOT;
945 /* CPS : 1111 0001 0000 xxx0 xxxx xxxx xx0x xxxx */
946 /* SETEND: 1111 0001 0000 0001 xxxx xxxx 0000 xxxx */
948 /* SRS : 1111 100x x1x0 xxxx xxxx xxxx xxxx xxxx */
949 /* RFE : 1111 100x x0x1 xxxx xxxx xxxx xxxx xxxx */
951 /* Coprocessor instructions... */
952 /* MCRR2 : 1111 1100 0100 xxxx xxxx xxxx xxxx xxxx : (Rd != Rn) */
953 /* MRRC2 : 1111 1100 0101 xxxx xxxx xxxx xxxx xxxx : (Rd != Rn) */
954 /* LDC2 : 1111 110x xxx1 xxxx xxxx xxxx xxxx xxxx */
955 /* STC2 : 1111 110x xxx0 xxxx xxxx xxxx xxxx xxxx */
956 /* CDP2 : 1111 1110 xxxx xxxx xxxx xxxx xxx0 xxxx */
957 /* MCR2 : 1111 1110 xxx0 xxxx xxxx xxxx xxx1 xxxx */
958 /* MRC2 : 1111 1110 xxx1 xxxx xxxx xxxx xxx1 xxxx */
960 return INSN_REJECTED;
963 static enum kprobe_insn __kprobes
964 space_cccc_000x(kprobe_opcode_t insn, struct arch_specific_insn *asi)
966 /* cccc 0001 0xx0 xxxx xxxx xxxx xxxx xxx0 xxxx */
967 if ((insn & 0x0f900010) == 0x01000000) {
969 /* BXJ : cccc 0001 0010 xxxx xxxx xxxx 0010 xxxx */
970 /* MSR : cccc 0001 0x10 xxxx xxxx xxxx 0000 xxxx */
971 /* MRS spsr : cccc 0001 0100 xxxx xxxx xxxx 0000 xxxx */
972 if ((insn & 0x0ff000f0) == 0x01200020 ||
973 (insn & 0x0fb000f0) == 0x01200000 ||
974 (insn & 0x0ff000f0) == 0x01400000)
975 return INSN_REJECTED;
977 /* MRS cpsr : cccc 0001 0000 xxxx xxxx xxxx 0000 xxxx */
978 if ((insn & 0x0ff000f0) == 0x01000000) {
979 if (is_r15(insn, 12))
980 return INSN_REJECTED; /* Rd is PC */
981 asi->insn_handler = simulate_mrs;
982 return INSN_GOOD_NO_SLOT;
985 /* SMLALxy : cccc 0001 0100 xxxx xxxx xxxx 1xx0 xxxx */
986 if ((insn & 0x0ff00090) == 0x01400080)
987 return prep_emulate_rdhi16rdlo12rs8rm0_wflags(insn, asi);
989 /* SMULWy : cccc 0001 0010 xxxx xxxx xxxx 1x10 xxxx */
990 /* SMULxy : cccc 0001 0110 xxxx xxxx xxxx 1xx0 xxxx */
991 if ((insn & 0x0ff000b0) == 0x012000a0 ||
992 (insn & 0x0ff00090) == 0x01600080)
993 return prep_emulate_rd16rs8rm0_wflags(insn, asi);
995 /* SMLAxy : cccc 0001 0000 xxxx xxxx xxxx 1xx0 xxxx : Q */
996 /* SMLAWy : cccc 0001 0010 xxxx xxxx xxxx 1x00 xxxx : Q */
997 return prep_emulate_rd16rn12rs8rm0_wflags(insn, asi);
1001 /* cccc 0001 0xx0 xxxx xxxx xxxx xxxx 0xx1 xxxx */
1002 else if ((insn & 0x0f900090) == 0x01000010) {
1004 /* BKPT : 1110 0001 0010 xxxx xxxx xxxx 0111 xxxx */
1005 if ((insn & 0xfff000f0) == 0xe1200070)
1006 return INSN_REJECTED;
1008 /* BLX(2) : cccc 0001 0010 xxxx xxxx xxxx 0011 xxxx */
1009 /* BX : cccc 0001 0010 xxxx xxxx xxxx 0001 xxxx */
1010 if ((insn & 0x0ff000d0) == 0x01200010) {
1011 if ((insn & 0x0ff000ff) == 0x0120003f)
1012 return INSN_REJECTED; /* BLX pc */
1013 asi->insn_handler = simulate_blx2bx;
1014 return INSN_GOOD_NO_SLOT;
1017 /* CLZ : cccc 0001 0110 xxxx xxxx xxxx 0001 xxxx */
1018 if ((insn & 0x0ff000f0) == 0x01600010)
1019 return prep_emulate_rd12rm0(insn, asi);
1021 /* QADD : cccc 0001 0000 xxxx xxxx xxxx 0101 xxxx :Q */
1022 /* QSUB : cccc 0001 0010 xxxx xxxx xxxx 0101 xxxx :Q */
1023 /* QDADD : cccc 0001 0100 xxxx xxxx xxxx 0101 xxxx :Q */
1024 /* QDSUB : cccc 0001 0110 xxxx xxxx xxxx 0101 xxxx :Q */
1025 return prep_emulate_rd12rn16rm0_wflags(insn, asi);
1028 /* cccc 0000 xxxx xxxx xxxx xxxx xxxx 1001 xxxx */
1029 else if ((insn & 0x0f0000f0) == 0x00000090) {
1031 /* MUL : cccc 0000 0000 xxxx xxxx xxxx 1001 xxxx : */
1032 /* MULS : cccc 0000 0001 xxxx xxxx xxxx 1001 xxxx :cc */
1033 /* MLA : cccc 0000 0010 xxxx xxxx xxxx 1001 xxxx : */
1034 /* MLAS : cccc 0000 0011 xxxx xxxx xxxx 1001 xxxx :cc */
1035 /* UMAAL : cccc 0000 0100 xxxx xxxx xxxx 1001 xxxx : */
1036 /* undef : cccc 0000 0101 xxxx xxxx xxxx 1001 xxxx : */
1037 /* MLS : cccc 0000 0110 xxxx xxxx xxxx 1001 xxxx : */
1038 /* undef : cccc 0000 0111 xxxx xxxx xxxx 1001 xxxx : */
1039 /* UMULL : cccc 0000 1000 xxxx xxxx xxxx 1001 xxxx : */
1040 /* UMULLS : cccc 0000 1001 xxxx xxxx xxxx 1001 xxxx :cc */
1041 /* UMLAL : cccc 0000 1010 xxxx xxxx xxxx 1001 xxxx : */
1042 /* UMLALS : cccc 0000 1011 xxxx xxxx xxxx 1001 xxxx :cc */
1043 /* SMULL : cccc 0000 1100 xxxx xxxx xxxx 1001 xxxx : */
1044 /* SMULLS : cccc 0000 1101 xxxx xxxx xxxx 1001 xxxx :cc */
1045 /* SMLAL : cccc 0000 1110 xxxx xxxx xxxx 1001 xxxx : */
1046 /* SMLALS : cccc 0000 1111 xxxx xxxx xxxx 1001 xxxx :cc */
1047 if ((insn & 0x00d00000) == 0x00500000) {
1048 return INSN_REJECTED;
1049 } else if ((insn & 0x00e00000) == 0x00000000) {
1050 return prep_emulate_rd16rs8rm0_wflags(insn, asi);
1051 } else if ((insn & 0x00a00000) == 0x00200000) {
1052 return prep_emulate_rd16rn12rs8rm0_wflags(insn, asi);
1054 return prep_emulate_rdhi16rdlo12rs8rm0_wflags(insn, asi);
1058 /* cccc 000x xxxx xxxx xxxx xxxx xxxx 1xx1 xxxx */
1059 else if ((insn & 0x0e000090) == 0x00000090) {
1061 /* SWP : cccc 0001 0000 xxxx xxxx xxxx 1001 xxxx */
1062 /* SWPB : cccc 0001 0100 xxxx xxxx xxxx 1001 xxxx */
1063 /* ??? : cccc 0001 0x01 xxxx xxxx xxxx 1001 xxxx */
1064 /* ??? : cccc 0001 0x10 xxxx xxxx xxxx 1001 xxxx */
1065 /* ??? : cccc 0001 0x11 xxxx xxxx xxxx 1001 xxxx */
1066 /* STREX : cccc 0001 1000 xxxx xxxx xxxx 1001 xxxx */
1067 /* LDREX : cccc 0001 1001 xxxx xxxx xxxx 1001 xxxx */
1068 /* STREXD: cccc 0001 1010 xxxx xxxx xxxx 1001 xxxx */
1069 /* LDREXD: cccc 0001 1011 xxxx xxxx xxxx 1001 xxxx */
1070 /* STREXB: cccc 0001 1100 xxxx xxxx xxxx 1001 xxxx */
1071 /* LDREXB: cccc 0001 1101 xxxx xxxx xxxx 1001 xxxx */
1072 /* STREXH: cccc 0001 1110 xxxx xxxx xxxx 1001 xxxx */
1073 /* LDREXH: cccc 0001 1111 xxxx xxxx xxxx 1001 xxxx */
1075 /* LDRD : cccc 000x xxx0 xxxx xxxx xxxx 1101 xxxx */
1076 /* STRD : cccc 000x xxx0 xxxx xxxx xxxx 1111 xxxx */
1077 /* LDRH : cccc 000x xxx1 xxxx xxxx xxxx 1011 xxxx */
1078 /* STRH : cccc 000x xxx0 xxxx xxxx xxxx 1011 xxxx */
1079 /* LDRSB : cccc 000x xxx1 xxxx xxxx xxxx 1101 xxxx */
1080 /* LDRSH : cccc 000x xxx1 xxxx xxxx xxxx 1111 xxxx */
1081 if ((insn & 0x0f0000f0) == 0x01000090) {
1082 if ((insn & 0x0fb000f0) == 0x01000090) {
1084 return prep_emulate_rd12rn16rm0_wflags(insn,
1087 /* STREX/LDREX variants and unallocaed space */
1088 return INSN_REJECTED;
1091 } else if ((insn & 0x0e1000d0) == 0x00000d0) {
1093 if ((insn & 0x0000e000) == 0x0000e000)
1094 return INSN_REJECTED; /* Rd is LR or PC */
1095 if (is_writeback(insn) && is_r15(insn, 16))
1096 return INSN_REJECTED; /* Writeback to PC */
1099 insn |= 0x00002000; /* Rn = r0, Rd = r2 */
1100 if (!(insn & (1 << 22))) {
1101 /* Register index */
1103 insn |= 1; /* Rm = r1 */
1105 asi->insn[0] = insn;
1107 (insn & (1 << 5)) ? emulate_strd : emulate_ldrd;
1111 /* LDRH/STRH/LDRSB/LDRSH */
1112 if (is_r15(insn, 12))
1113 return INSN_REJECTED; /* Rd is PC */
1114 return prep_emulate_ldr_str(insn, asi);
1117 /* cccc 000x xxxx xxxx xxxx xxxx xxxx xxxx xxxx */
1120 * ALU op with S bit and Rd == 15 :
1121 * cccc 000x xxx1 xxxx 1111 xxxx xxxx xxxx
1123 if ((insn & 0x0e10f000) == 0x0010f000)
1124 return INSN_REJECTED;
1127 * "mov ip, sp" is the most common kprobe'd instruction by far.
1128 * Check and optimize for it explicitly.
1130 if (insn == 0xe1a0c00d) {
1131 asi->insn_handler = simulate_mov_ipsp;
1132 return INSN_GOOD_NO_SLOT;
1136 * Data processing: Immediate-shift / Register-shift
1137 * ALU op : cccc 000x xxxx xxxx xxxx xxxx xxxx xxxx
1138 * CPY : cccc 0001 1010 xxxx xxxx 0000 0000 xxxx
1139 * MOV : cccc 0001 101x xxxx xxxx xxxx xxxx xxxx
1140 * *S (bit 20) updates condition codes
1141 * ADC/SBC/RSC reads the C flag
1143 insn &= 0xfff00ff0; /* Rn = r0, Rd = r0 */
1144 insn |= 0x00000001; /* Rm = r1 */
1146 insn &= 0xfffff0ff; /* register shift */
1147 insn |= 0x00000200; /* Rs = r2 */
1149 asi->insn[0] = insn;
1151 if ((insn & 0x0f900000) == 0x01100000) {
1153 * TST : cccc 0001 0001 xxxx xxxx xxxx xxxx xxxx
1154 * TEQ : cccc 0001 0011 xxxx xxxx xxxx xxxx xxxx
1155 * CMP : cccc 0001 0101 xxxx xxxx xxxx xxxx xxxx
1156 * CMN : cccc 0001 0111 xxxx xxxx xxxx xxxx xxxx
1158 asi->insn_handler = emulate_alu_tests;
1160 /* ALU ops which write to Rd */
1161 asi->insn_handler = (insn & (1 << 20)) ? /* S-bit */
1162 emulate_alu_rwflags : emulate_alu_rflags;
1167 static enum kprobe_insn __kprobes
1168 space_cccc_001x(kprobe_opcode_t insn, struct arch_specific_insn *asi)
1171 * MSR : cccc 0011 0x10 xxxx xxxx xxxx xxxx xxxx
1172 * Undef : cccc 0011 0100 xxxx xxxx xxxx xxxx xxxx
1173 * ALU op with S bit and Rd == 15 :
1174 * cccc 001x xxx1 xxxx 1111 xxxx xxxx xxxx
1176 if ((insn & 0x0fb00000) == 0x03200000 || /* MSR */
1177 (insn & 0x0ff00000) == 0x03400000 || /* Undef */
1178 (insn & 0x0e10f000) == 0x0210f000) /* ALU s-bit, R15 */
1179 return INSN_REJECTED;
1182 * Data processing: 32-bit Immediate
1183 * ALU op : cccc 001x xxxx xxxx xxxx xxxx xxxx xxxx
1184 * MOV : cccc 0011 101x xxxx xxxx xxxx xxxx xxxx
1185 * *S (bit 20) updates condition codes
1186 * ADC/SBC/RSC reads the C flag
1188 insn &= 0xfff00fff; /* Rn = r0 and Rd = r0 */
1189 asi->insn[0] = insn;
1191 if ((insn & 0x0f900000) == 0x03100000) {
1193 * TST : cccc 0011 0001 xxxx xxxx xxxx xxxx xxxx
1194 * TEQ : cccc 0011 0011 xxxx xxxx xxxx xxxx xxxx
1195 * CMP : cccc 0011 0101 xxxx xxxx xxxx xxxx xxxx
1196 * CMN : cccc 0011 0111 xxxx xxxx xxxx xxxx xxxx
1198 asi->insn_handler = emulate_alu_tests_imm;
1200 /* ALU ops which write to Rd */
1201 asi->insn_handler = (insn & (1 << 20)) ? /* S-bit */
1202 emulate_alu_imm_rwflags : emulate_alu_imm_rflags;
1207 static enum kprobe_insn __kprobes
1208 space_cccc_0110__1(kprobe_opcode_t insn, struct arch_specific_insn *asi)
1210 /* SEL : cccc 0110 1000 xxxx xxxx xxxx 1011 xxxx GE: !!! */
1211 if ((insn & 0x0ff000f0) == 0x068000b0) {
1212 if (is_r15(insn, 12))
1213 return INSN_REJECTED; /* Rd is PC */
1214 insn &= 0xfff00ff0; /* Rd = r0, Rn = r0 */
1215 insn |= 0x00000001; /* Rm = r1 */
1216 asi->insn[0] = insn;
1217 asi->insn_handler = emulate_sel;
1221 /* SSAT : cccc 0110 101x xxxx xxxx xxxx xx01 xxxx :Q */
1222 /* USAT : cccc 0110 111x xxxx xxxx xxxx xx01 xxxx :Q */
1223 /* SSAT16 : cccc 0110 1010 xxxx xxxx xxxx 0011 xxxx :Q */
1224 /* USAT16 : cccc 0110 1110 xxxx xxxx xxxx 0011 xxxx :Q */
1225 if ((insn & 0x0fa00030) == 0x06a00010 ||
1226 (insn & 0x0fb000f0) == 0x06a00030) {
1227 if (is_r15(insn, 12))
1228 return INSN_REJECTED; /* Rd is PC */
1229 insn &= 0xffff0ff0; /* Rd = r0, Rm = r0 */
1230 asi->insn[0] = insn;
1231 asi->insn_handler = emulate_sat;
1235 /* REV : cccc 0110 1011 xxxx xxxx xxxx 0011 xxxx */
1236 /* REV16 : cccc 0110 1011 xxxx xxxx xxxx 1011 xxxx */
1237 /* RBIT : cccc 0110 1111 xxxx xxxx xxxx 0011 xxxx */
1238 /* REVSH : cccc 0110 1111 xxxx xxxx xxxx 1011 xxxx */
1239 if ((insn & 0x0ff00070) == 0x06b00030 ||
1240 (insn & 0x0ff00070) == 0x06f00030)
1241 return prep_emulate_rd12rm0(insn, asi);
1243 /* ??? : cccc 0110 0000 xxxx xxxx xxxx xxx1 xxxx : */
1244 /* SADD16 : cccc 0110 0001 xxxx xxxx xxxx 0001 xxxx :GE */
1245 /* SADDSUBX : cccc 0110 0001 xxxx xxxx xxxx 0011 xxxx :GE */
1246 /* SSUBADDX : cccc 0110 0001 xxxx xxxx xxxx 0101 xxxx :GE */
1247 /* SSUB16 : cccc 0110 0001 xxxx xxxx xxxx 0111 xxxx :GE */
1248 /* SADD8 : cccc 0110 0001 xxxx xxxx xxxx 1001 xxxx :GE */
1249 /* ??? : cccc 0110 0001 xxxx xxxx xxxx 1011 xxxx : */
1250 /* ??? : cccc 0110 0001 xxxx xxxx xxxx 1101 xxxx : */
1251 /* SSUB8 : cccc 0110 0001 xxxx xxxx xxxx 1111 xxxx :GE */
1252 /* QADD16 : cccc 0110 0010 xxxx xxxx xxxx 0001 xxxx : */
1253 /* QADDSUBX : cccc 0110 0010 xxxx xxxx xxxx 0011 xxxx : */
1254 /* QSUBADDX : cccc 0110 0010 xxxx xxxx xxxx 0101 xxxx : */
1255 /* QSUB16 : cccc 0110 0010 xxxx xxxx xxxx 0111 xxxx : */
1256 /* QADD8 : cccc 0110 0010 xxxx xxxx xxxx 1001 xxxx : */
1257 /* ??? : cccc 0110 0010 xxxx xxxx xxxx 1011 xxxx : */
1258 /* ??? : cccc 0110 0010 xxxx xxxx xxxx 1101 xxxx : */
1259 /* QSUB8 : cccc 0110 0010 xxxx xxxx xxxx 1111 xxxx : */
1260 /* SHADD16 : cccc 0110 0011 xxxx xxxx xxxx 0001 xxxx : */
1261 /* SHADDSUBX : cccc 0110 0011 xxxx xxxx xxxx 0011 xxxx : */
1262 /* SHSUBADDX : cccc 0110 0011 xxxx xxxx xxxx 0101 xxxx : */
1263 /* SHSUB16 : cccc 0110 0011 xxxx xxxx xxxx 0111 xxxx : */
1264 /* SHADD8 : cccc 0110 0011 xxxx xxxx xxxx 1001 xxxx : */
1265 /* ??? : cccc 0110 0011 xxxx xxxx xxxx 1011 xxxx : */
1266 /* ??? : cccc 0110 0011 xxxx xxxx xxxx 1101 xxxx : */
1267 /* SHSUB8 : cccc 0110 0011 xxxx xxxx xxxx 1111 xxxx : */
1268 /* ??? : cccc 0110 0100 xxxx xxxx xxxx xxx1 xxxx : */
1269 /* UADD16 : cccc 0110 0101 xxxx xxxx xxxx 0001 xxxx :GE */
1270 /* UADDSUBX : cccc 0110 0101 xxxx xxxx xxxx 0011 xxxx :GE */
1271 /* USUBADDX : cccc 0110 0101 xxxx xxxx xxxx 0101 xxxx :GE */
1272 /* USUB16 : cccc 0110 0101 xxxx xxxx xxxx 0111 xxxx :GE */
1273 /* UADD8 : cccc 0110 0101 xxxx xxxx xxxx 1001 xxxx :GE */
1274 /* ??? : cccc 0110 0101 xxxx xxxx xxxx 1011 xxxx : */
1275 /* ??? : cccc 0110 0101 xxxx xxxx xxxx 1101 xxxx : */
1276 /* USUB8 : cccc 0110 0101 xxxx xxxx xxxx 1111 xxxx :GE */
1277 /* UQADD16 : cccc 0110 0110 xxxx xxxx xxxx 0001 xxxx : */
1278 /* UQADDSUBX : cccc 0110 0110 xxxx xxxx xxxx 0011 xxxx : */
1279 /* UQSUBADDX : cccc 0110 0110 xxxx xxxx xxxx 0101 xxxx : */
1280 /* UQSUB16 : cccc 0110 0110 xxxx xxxx xxxx 0111 xxxx : */
1281 /* UQADD8 : cccc 0110 0110 xxxx xxxx xxxx 1001 xxxx : */
1282 /* ??? : cccc 0110 0110 xxxx xxxx xxxx 1011 xxxx : */
1283 /* ??? : cccc 0110 0110 xxxx xxxx xxxx 1101 xxxx : */
1284 /* UQSUB8 : cccc 0110 0110 xxxx xxxx xxxx 1111 xxxx : */
1285 /* UHADD16 : cccc 0110 0111 xxxx xxxx xxxx 0001 xxxx : */
1286 /* UHADDSUBX : cccc 0110 0111 xxxx xxxx xxxx 0011 xxxx : */
1287 /* UHSUBADDX : cccc 0110 0111 xxxx xxxx xxxx 0101 xxxx : */
1288 /* UHSUB16 : cccc 0110 0111 xxxx xxxx xxxx 0111 xxxx : */
1289 /* UHADD8 : cccc 0110 0111 xxxx xxxx xxxx 1001 xxxx : */
1290 /* ??? : cccc 0110 0111 xxxx xxxx xxxx 1011 xxxx : */
1291 /* ??? : cccc 0110 0111 xxxx xxxx xxxx 1101 xxxx : */
1292 /* UHSUB8 : cccc 0110 0111 xxxx xxxx xxxx 1111 xxxx : */
1293 if ((insn & 0x0f800010) == 0x06000010) {
1294 if ((insn & 0x00300000) == 0x00000000 ||
1295 (insn & 0x000000e0) == 0x000000a0 ||
1296 (insn & 0x000000e0) == 0x000000c0)
1297 return INSN_REJECTED; /* Unallocated space */
1298 return prep_emulate_rd12rn16rm0_wflags(insn, asi);
1301 /* PKHBT : cccc 0110 1000 xxxx xxxx xxxx x001 xxxx : */
1302 /* PKHTB : cccc 0110 1000 xxxx xxxx xxxx x101 xxxx : */
1303 if ((insn & 0x0ff00030) == 0x06800010)
1304 return prep_emulate_rd12rn16rm0_wflags(insn, asi);
1306 /* SXTAB16 : cccc 0110 1000 xxxx xxxx xxxx 0111 xxxx : */
1307 /* SXTB16 : cccc 0110 1000 1111 xxxx xxxx 0111 xxxx : */
1308 /* ??? : cccc 0110 1001 xxxx xxxx xxxx 0111 xxxx : */
1309 /* SXTAB : cccc 0110 1010 xxxx xxxx xxxx 0111 xxxx : */
1310 /* SXTB : cccc 0110 1010 1111 xxxx xxxx 0111 xxxx : */
1311 /* SXTAH : cccc 0110 1011 xxxx xxxx xxxx 0111 xxxx : */
1312 /* SXTH : cccc 0110 1011 1111 xxxx xxxx 0111 xxxx : */
1313 /* UXTAB16 : cccc 0110 1100 xxxx xxxx xxxx 0111 xxxx : */
1314 /* UXTB16 : cccc 0110 1100 1111 xxxx xxxx 0111 xxxx : */
1315 /* ??? : cccc 0110 1101 xxxx xxxx xxxx 0111 xxxx : */
1316 /* UXTAB : cccc 0110 1110 xxxx xxxx xxxx 0111 xxxx : */
1317 /* UXTB : cccc 0110 1110 1111 xxxx xxxx 0111 xxxx : */
1318 /* UXTAH : cccc 0110 1111 xxxx xxxx xxxx 0111 xxxx : */
1319 /* UXTH : cccc 0110 1111 1111 xxxx xxxx 0111 xxxx : */
1320 if ((insn & 0x0f8000f0) == 0x06800070) {
1321 if ((insn & 0x00300000) == 0x00100000)
1322 return INSN_REJECTED; /* Unallocated space */
1324 if ((insn & 0x000f0000) == 0x000f0000) {
1325 return prep_emulate_rd12rm0(insn, asi);
1327 return prep_emulate_rd12rn16rm0_wflags(insn, asi);
1331 /* Other instruction encodings aren't yet defined */
1332 return INSN_REJECTED;
1335 static enum kprobe_insn __kprobes
1336 space_cccc_0111__1(kprobe_opcode_t insn, struct arch_specific_insn *asi)
1338 /* Undef : cccc 0111 1111 xxxx xxxx xxxx 1111 xxxx */
1339 if ((insn & 0x0ff000f0) == 0x03f000f0)
1340 return INSN_REJECTED;
1342 /* SMLALD : cccc 0111 0100 xxxx xxxx xxxx 00x1 xxxx */
1343 /* SMLSLD : cccc 0111 0100 xxxx xxxx xxxx 01x1 xxxx */
1344 if ((insn & 0x0ff00090) == 0x07400010)
1345 return prep_emulate_rdhi16rdlo12rs8rm0_wflags(insn, asi);
1347 /* SMLAD : cccc 0111 0000 xxxx xxxx xxxx 00x1 xxxx :Q */
1348 /* SMUAD : cccc 0111 0000 xxxx 1111 xxxx 00x1 xxxx :Q */
1349 /* SMLSD : cccc 0111 0000 xxxx xxxx xxxx 01x1 xxxx :Q */
1350 /* SMUSD : cccc 0111 0000 xxxx 1111 xxxx 01x1 xxxx : */
1351 /* SMMLA : cccc 0111 0101 xxxx xxxx xxxx 00x1 xxxx : */
1352 /* SMMUL : cccc 0111 0101 xxxx 1111 xxxx 00x1 xxxx : */
1353 /* USADA8 : cccc 0111 1000 xxxx xxxx xxxx 0001 xxxx : */
1354 /* USAD8 : cccc 0111 1000 xxxx 1111 xxxx 0001 xxxx : */
1355 if ((insn & 0x0ff00090) == 0x07000010 ||
1356 (insn & 0x0ff000d0) == 0x07500010 ||
1357 (insn & 0x0ff000f0) == 0x07800010) {
1359 if ((insn & 0x0000f000) == 0x0000f000) {
1360 return prep_emulate_rd16rs8rm0_wflags(insn, asi);
1362 return prep_emulate_rd16rn12rs8rm0_wflags(insn, asi);
1366 /* SMMLS : cccc 0111 0101 xxxx xxxx xxxx 11x1 xxxx : */
1367 if ((insn & 0x0ff000d0) == 0x075000d0)
1368 return prep_emulate_rd16rn12rs8rm0_wflags(insn, asi);
1370 return INSN_REJECTED;
1373 static enum kprobe_insn __kprobes
1374 space_cccc_01xx(kprobe_opcode_t insn, struct arch_specific_insn *asi)
1376 /* LDR : cccc 01xx x0x1 xxxx xxxx xxxx xxxx xxxx */
1377 /* LDRB : cccc 01xx x1x1 xxxx xxxx xxxx xxxx xxxx */
1378 /* LDRBT : cccc 01x0 x111 xxxx xxxx xxxx xxxx xxxx */
1379 /* LDRT : cccc 01x0 x011 xxxx xxxx xxxx xxxx xxxx */
1380 /* STR : cccc 01xx x0x0 xxxx xxxx xxxx xxxx xxxx */
1381 /* STRB : cccc 01xx x1x0 xxxx xxxx xxxx xxxx xxxx */
1382 /* STRBT : cccc 01x0 x110 xxxx xxxx xxxx xxxx xxxx */
1383 /* STRT : cccc 01x0 x010 xxxx xxxx xxxx xxxx xxxx */
1385 if ((insn & 0x00500000) == 0x00500000 && is_r15(insn, 12))
1386 return INSN_REJECTED; /* LDRB into PC */
1388 return prep_emulate_ldr_str(insn, asi);
1391 static enum kprobe_insn __kprobes
1392 space_cccc_100x(kprobe_opcode_t insn, struct arch_specific_insn *asi)
1394 /* LDM(2) : cccc 100x x101 xxxx 0xxx xxxx xxxx xxxx */
1395 /* LDM(3) : cccc 100x x1x1 xxxx 1xxx xxxx xxxx xxxx */
1396 if ((insn & 0x0e708000) == 0x85000000 ||
1397 (insn & 0x0e508000) == 0x85010000)
1398 return INSN_REJECTED;
1400 /* LDM(1) : cccc 100x x0x1 xxxx xxxx xxxx xxxx xxxx */
1401 /* STM(1) : cccc 100x x0x0 xxxx xxxx xxxx xxxx xxxx */
1402 asi->insn_handler = ((insn & 0x108000) == 0x008000) ? /* STM & R15 */
1403 simulate_stm1_pc : simulate_ldm1stm1;
1404 return INSN_GOOD_NO_SLOT;
1407 static enum kprobe_insn __kprobes
1408 space_cccc_101x(kprobe_opcode_t insn, struct arch_specific_insn *asi)
1410 /* B : cccc 1010 xxxx xxxx xxxx xxxx xxxx xxxx */
1411 /* BL : cccc 1011 xxxx xxxx xxxx xxxx xxxx xxxx */
1412 asi->insn_handler = simulate_bbl;
1413 return INSN_GOOD_NO_SLOT;
1416 static enum kprobe_insn __kprobes
1417 space_cccc_11xx(kprobe_opcode_t insn, struct arch_specific_insn *asi)
1419 /* Coprocessor instructions... */
1420 /* MCRR : cccc 1100 0100 xxxx xxxx xxxx xxxx xxxx : (Rd!=Rn) */
1421 /* MRRC : cccc 1100 0101 xxxx xxxx xxxx xxxx xxxx : (Rd!=Rn) */
1422 /* LDC : cccc 110x xxx1 xxxx xxxx xxxx xxxx xxxx */
1423 /* STC : cccc 110x xxx0 xxxx xxxx xxxx xxxx xxxx */
1424 /* CDP : cccc 1110 xxxx xxxx xxxx xxxx xxx0 xxxx */
1425 /* MCR : cccc 1110 xxx0 xxxx xxxx xxxx xxx1 xxxx */
1426 /* MRC : cccc 1110 xxx1 xxxx xxxx xxxx xxx1 xxxx */
1428 /* SVC : cccc 1111 xxxx xxxx xxxx xxxx xxxx xxxx */
1430 return INSN_REJECTED;
1433 static unsigned long __kprobes __check_eq(unsigned long cpsr)
1435 return cpsr & PSR_Z_BIT;
1438 static unsigned long __kprobes __check_ne(unsigned long cpsr)
1440 return (~cpsr) & PSR_Z_BIT;
1443 static unsigned long __kprobes __check_cs(unsigned long cpsr)
1445 return cpsr & PSR_C_BIT;
1448 static unsigned long __kprobes __check_cc(unsigned long cpsr)
1450 return (~cpsr) & PSR_C_BIT;
1453 static unsigned long __kprobes __check_mi(unsigned long cpsr)
1455 return cpsr & PSR_N_BIT;
1458 static unsigned long __kprobes __check_pl(unsigned long cpsr)
1460 return (~cpsr) & PSR_N_BIT;
1463 static unsigned long __kprobes __check_vs(unsigned long cpsr)
1465 return cpsr & PSR_V_BIT;
1468 static unsigned long __kprobes __check_vc(unsigned long cpsr)
1470 return (~cpsr) & PSR_V_BIT;
1473 static unsigned long __kprobes __check_hi(unsigned long cpsr)
1475 cpsr &= ~(cpsr >> 1); /* PSR_C_BIT &= ~PSR_Z_BIT */
1476 return cpsr & PSR_C_BIT;
1479 static unsigned long __kprobes __check_ls(unsigned long cpsr)
1481 cpsr &= ~(cpsr >> 1); /* PSR_C_BIT &= ~PSR_Z_BIT */
1482 return (~cpsr) & PSR_C_BIT;
1485 static unsigned long __kprobes __check_ge(unsigned long cpsr)
1487 cpsr ^= (cpsr << 3); /* PSR_N_BIT ^= PSR_V_BIT */
1488 return (~cpsr) & PSR_N_BIT;
1491 static unsigned long __kprobes __check_lt(unsigned long cpsr)
1493 cpsr ^= (cpsr << 3); /* PSR_N_BIT ^= PSR_V_BIT */
1494 return cpsr & PSR_N_BIT;
1497 static unsigned long __kprobes __check_gt(unsigned long cpsr)
1499 unsigned long temp = cpsr ^ (cpsr << 3); /* PSR_N_BIT ^= PSR_V_BIT */
1500 temp |= (cpsr << 1); /* PSR_N_BIT |= PSR_Z_BIT */
1501 return (~temp) & PSR_N_BIT;
1504 static unsigned long __kprobes __check_le(unsigned long cpsr)
1506 unsigned long temp = cpsr ^ (cpsr << 3); /* PSR_N_BIT ^= PSR_V_BIT */
1507 temp |= (cpsr << 1); /* PSR_N_BIT |= PSR_Z_BIT */
1508 return temp & PSR_N_BIT;
1511 static unsigned long __kprobes __check_al(unsigned long cpsr)
1516 static kprobe_check_cc * const condition_checks[16] = {
1517 &__check_eq, &__check_ne, &__check_cs, &__check_cc,
1518 &__check_mi, &__check_pl, &__check_vs, &__check_vc,
1519 &__check_hi, &__check_ls, &__check_ge, &__check_lt,
1520 &__check_gt, &__check_le, &__check_al, &__check_al
1524 * INSN_REJECTED If instruction is one not allowed to kprobe,
1525 * INSN_GOOD If instruction is supported and uses instruction slot,
1526 * INSN_GOOD_NO_SLOT If instruction is supported but doesn't use its slot.
1528 * For instructions we don't want to kprobe (INSN_REJECTED return result):
1529 * These are generally ones that modify the processor state making
1530 * them "hard" to simulate such as switches processor modes or
1531 * make accesses in alternate modes. Any of these could be simulated
1532 * if the work was put into it, but low return considering they
1533 * should also be very rare.
1535 enum kprobe_insn __kprobes
1536 arm_kprobe_decode_insn(kprobe_opcode_t insn, struct arch_specific_insn *asi)
1538 asi->insn_check_cc = condition_checks[insn>>28];
1539 asi->insn[1] = KPROBE_RETURN_INSTRUCTION;
1541 if ((insn & 0xf0000000) == 0xf0000000) {
1543 return space_1111(insn, asi);
1545 } else if ((insn & 0x0e000000) == 0x00000000) {
1547 return space_cccc_000x(insn, asi);
1549 } else if ((insn & 0x0e000000) == 0x02000000) {
1551 return space_cccc_001x(insn, asi);
1553 } else if ((insn & 0x0f000010) == 0x06000010) {
1555 return space_cccc_0110__1(insn, asi);
1557 } else if ((insn & 0x0f000010) == 0x07000010) {
1559 return space_cccc_0111__1(insn, asi);
1561 } else if ((insn & 0x0c000000) == 0x04000000) {
1563 return space_cccc_01xx(insn, asi);
1565 } else if ((insn & 0x0e000000) == 0x08000000) {
1567 return space_cccc_100x(insn, asi);
1569 } else if ((insn & 0x0e000000) == 0x0a000000) {
1571 return space_cccc_101x(insn, asi);
1575 return space_cccc_11xx(insn, asi);
1578 void __init arm_kprobe_decode_init(void)
1580 find_str_pc_offset();
1585 * All ARM instructions listed below.
1587 * Instructions and their general purpose registers are given.
1588 * If a particular register may not use R15, it is prefixed with a "!".
1589 * If marked with a "*" means the value returned by reading R15
1590 * is implementation defined.
1592 * ADC/ADD/AND/BIC/CMN/CMP/EOR/MOV/MVN/ORR/RSB/RSC/SBC/SUB/TEQ
1593 * TST: Rd, Rn, Rm, !Rs
1596 * BX: Rm (R15 legal, but discouraged)
1600 * LDC/2,STC/2 immediate offset & unindex: Rn
1601 * LDC/2,STC/2 immediate pre/post-indexed: !Rn
1602 * LDM(1/3): !Rn, register_list
1603 * LDM(2): !Rn, !register_list
1604 * LDR,STR,PLD immediate offset: Rd, Rn
1605 * LDR,STR,PLD register offset: Rd, Rn, !Rm
1606 * LDR,STR,PLD scaled register offset: Rd, !Rn, !Rm
1607 * LDR,STR immediate pre/post-indexed: Rd, !Rn
1608 * LDR,STR register pre/post-indexed: Rd, !Rn, !Rm
1609 * LDR,STR scaled register pre/post-indexed: Rd, !Rn, !Rm
1610 * LDRB,STRB immediate offset: !Rd, Rn
1611 * LDRB,STRB register offset: !Rd, Rn, !Rm
1612 * LDRB,STRB scaled register offset: !Rd, !Rn, !Rm
1613 * LDRB,STRB immediate pre/post-indexed: !Rd, !Rn
1614 * LDRB,STRB register pre/post-indexed: !Rd, !Rn, !Rm
1615 * LDRB,STRB scaled register pre/post-indexed: !Rd, !Rn, !Rm
1616 * LDRT,LDRBT,STRBT immediate pre/post-indexed: !Rd, !Rn
1617 * LDRT,LDRBT,STRBT register pre/post-indexed: !Rd, !Rn, !Rm
1618 * LDRT,LDRBT,STRBT scaled register pre/post-indexed: !Rd, !Rn, !Rm
1619 * LDRH/SH/SB/D,STRH/SH/SB/D immediate offset: !Rd, Rn
1620 * LDRH/SH/SB/D,STRH/SH/SB/D register offset: !Rd, Rn, !Rm
1621 * LDRH/SH/SB/D,STRH/SH/SB/D immediate pre/post-indexed: !Rd, !Rn
1622 * LDRH/SH/SB/D,STRH/SH/SB/D register pre/post-indexed: !Rd, !Rn, !Rm
1625 * MCRR/2,MRRC/2: !Rd, !Rn
1626 * MLA: !Rd, !Rn, !Rm, !Rs
1628 * MRC/2: !Rd (if Rd==15, only changes cond codes, not the register)
1630 * MUL: !Rd, !Rm, !Rs
1631 * PKH{BT,TB}: !Rd, !Rn, !Rm
1632 * QDADD,[U]QADD/16/8/SUBX: !Rd, !Rm, !Rn
1633 * QDSUB,[U]QSUB/16/8/ADDX: !Rd, !Rm, !Rn
1634 * REV/16/SH: !Rd, !Rm
1636 * {S,U}[H]ADD{16,8,SUBX},{S,U}[H]SUB{16,8,ADDX}: !Rd, !Rn, !Rm
1637 * SEL: !Rd, !Rn, !Rm
1638 * SMLA<x><y>,SMLA{D,W<y>},SMLSD,SMML{A,S}: !Rd, !Rn, !Rm, !Rs
1639 * SMLAL<x><y>,SMLA{D,LD},SMLSLD,SMMULL,SMULW<y>: !RdHi, !RdLo, !Rm, !Rs
1640 * SMMUL,SMUAD,SMUL<x><y>,SMUSD: !Rd, !Rm, !Rs
1642 * STM(1/2): !Rn, register_list* (R15 in reg list not recommended)
1643 * STRT immediate pre/post-indexed: Rd*, !Rn
1644 * STRT register pre/post-indexed: Rd*, !Rn, !Rm
1645 * STRT scaled register pre/post-indexed: Rd*, !Rn, !Rm
1646 * STREX: !Rd, !Rn, !Rm
1647 * SWP/B: !Rd, !Rn, !Rm
1648 * {S,U}XTA{B,B16,H}: !Rd, !Rn, !Rm
1649 * {S,U}XT{B,B16,H}: !Rd, !Rm
1650 * UM{AA,LA,UL}L: !RdHi, !RdLo, !Rm, !Rs
1651 * USA{D8,A8,T,T16}: !Rd, !Rm, !Rs
1653 * May transfer control by writing R15 (possible mode changes or alternate
1654 * mode accesses marked by "*"):
1655 * ALU op (* with s-bit), B, BL, BKPT, BLX(1/2), BX, BXJ, CPS*, CPY,
1656 * LDM(1), LDM(2/3)*, LDR, MOV, RFE*, SWI*
1658 * Instructions that do not take general registers, nor transfer control:
1659 * CDP/2, SETEND, SRS*
git.openpandora.org / pandora-kernel.git / blob