Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Alice Ferrazzi <alicef@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] proj/linux-patches:4.14 commit in: /
Date: Fri, 29 Dec 2017 17:18:49
Message-Id: 1514567504.992b1f11ac9ee508ceb2448f133ed9f256a14ee9.alicef@gentoo
1 commit: 992b1f11ac9ee508ceb2448f133ed9f256a14ee9
2 Author: Alice Ferrazzi <alicef <AT> gentoo <DOT> org>
3 AuthorDate: Fri Dec 29 17:11:44 2017 +0000
4 Commit: Alice Ferrazzi <alicef <AT> gentoo <DOT> org>
5 CommitDate: Fri Dec 29 17:11:44 2017 +0000
6 URL: https://gitweb.gentoo.org/proj/linux-patches.git/commit/?id=992b1f11
7
8 linux kernel 4.14.10
9
10 0000_README | 4 +
11 1009_linux-4.14.10.patch | 9685 ++++++++++++++++++++++++++++++++++++++++++++++
12 2 files changed, 9689 insertions(+)
13
14 diff --git a/0000_README b/0000_README
15 index a19ca77..e43b606 100644
16 --- a/0000_README
17 +++ b/0000_README
18 @@ -79,6 +79,10 @@ Patch: 1008_linux-4.14.9.patch
19 From: http://www.kernel.org
20 Desc: Linux 4.14.9
21
22 +Patch: 1009_linux-4.14.10.patch
23 +From: http://www.kernel.org
24 +Desc: Linux 4.14.10
25 +
26 Patch: 1500_XATTR_USER_PREFIX.patch
27 From: https://bugs.gentoo.org/show_bug.cgi?id=470644
28 Desc: Support for namespace user.pax.* on tmpfs.
29
30 diff --git a/1009_linux-4.14.10.patch b/1009_linux-4.14.10.patch
31 new file mode 100644
32 index 0000000..85a0a1f
33 --- /dev/null
34 +++ b/1009_linux-4.14.10.patch
35 @@ -0,0 +1,9685 @@
36 +diff --git a/Documentation/x86/x86_64/mm.txt b/Documentation/x86/x86_64/mm.txt
37 +index 3448e675b462..51101708a03a 100644
38 +--- a/Documentation/x86/x86_64/mm.txt
39 ++++ b/Documentation/x86/x86_64/mm.txt
40 +@@ -1,6 +1,4 @@
41 +
42 +-<previous description obsolete, deleted>
43 +-
44 + Virtual memory map with 4 level page tables:
45 +
46 + 0000000000000000 - 00007fffffffffff (=47 bits) user space, different per mm
47 +@@ -14,13 +12,15 @@ ffffea0000000000 - ffffeaffffffffff (=40 bits) virtual memory map (1TB)
48 + ... unused hole ...
49 + ffffec0000000000 - fffffbffffffffff (=44 bits) kasan shadow memory (16TB)
50 + ... unused hole ...
51 ++fffffe8000000000 - fffffeffffffffff (=39 bits) cpu_entry_area mapping
52 + ffffff0000000000 - ffffff7fffffffff (=39 bits) %esp fixup stacks
53 + ... unused hole ...
54 + ffffffef00000000 - fffffffeffffffff (=64 GB) EFI region mapping space
55 + ... unused hole ...
56 + ffffffff80000000 - ffffffff9fffffff (=512 MB) kernel text mapping, from phys 0
57 +-ffffffffa0000000 - ffffffffff5fffff (=1526 MB) module mapping space (variable)
58 +-ffffffffff600000 - ffffffffffdfffff (=8 MB) vsyscalls
59 ++ffffffffa0000000 - [fixmap start] (~1526 MB) module mapping space (variable)
60 ++[fixmap start] - ffffffffff5fffff kernel-internal fixmap range
61 ++ffffffffff600000 - ffffffffff600fff (=4 kB) legacy vsyscall ABI
62 + ffffffffffe00000 - ffffffffffffffff (=2 MB) unused hole
63 +
64 + Virtual memory map with 5 level page tables:
65 +@@ -36,19 +36,22 @@ ffd4000000000000 - ffd5ffffffffffff (=49 bits) virtual memory map (512TB)
66 + ... unused hole ...
67 + ffdf000000000000 - fffffc0000000000 (=53 bits) kasan shadow memory (8PB)
68 + ... unused hole ...
69 ++fffffe8000000000 - fffffeffffffffff (=39 bits) cpu_entry_area mapping
70 + ffffff0000000000 - ffffff7fffffffff (=39 bits) %esp fixup stacks
71 + ... unused hole ...
72 + ffffffef00000000 - fffffffeffffffff (=64 GB) EFI region mapping space
73 + ... unused hole ...
74 + ffffffff80000000 - ffffffff9fffffff (=512 MB) kernel text mapping, from phys 0
75 +-ffffffffa0000000 - ffffffffff5fffff (=1526 MB) module mapping space
76 +-ffffffffff600000 - ffffffffffdfffff (=8 MB) vsyscalls
77 ++ffffffffa0000000 - [fixmap start] (~1526 MB) module mapping space
78 ++[fixmap start] - ffffffffff5fffff kernel-internal fixmap range
79 ++ffffffffff600000 - ffffffffff600fff (=4 kB) legacy vsyscall ABI
80 + ffffffffffe00000 - ffffffffffffffff (=2 MB) unused hole
81 +
82 + Architecture defines a 64-bit virtual address. Implementations can support
83 + less. Currently supported are 48- and 57-bit virtual addresses. Bits 63
84 +-through to the most-significant implemented bit are set to either all ones
85 +-or all zero. This causes hole between user space and kernel addresses.
86 ++through to the most-significant implemented bit are sign extended.
87 ++This causes hole between user space and kernel addresses if you interpret them
88 ++as unsigned.
89 +
90 + The direct mapping covers all memory in the system up to the highest
91 + memory address (this means in some cases it can also include PCI memory
92 +@@ -58,9 +61,6 @@ vmalloc space is lazily synchronized into the different PML4/PML5 pages of
93 + the processes using the page fault handler, with init_top_pgt as
94 + reference.
95 +
96 +-Current X86-64 implementations support up to 46 bits of address space (64 TB),
97 +-which is our current limit. This expands into MBZ space in the page tables.
98 +-
99 + We map EFI runtime services in the 'efi_pgd' PGD in a 64Gb large virtual
100 + memory window (this size is arbitrary, it can be raised later if needed).
101 + The mappings are not part of any other kernel PGD and are only available
102 +@@ -72,5 +72,3 @@ following fixmap section.
103 + Note that if CONFIG_RANDOMIZE_MEMORY is enabled, the direct mapping of all
104 + physical memory, vmalloc/ioremap space and virtual memory map are randomized.
105 + Their order is preserved but their base will be offset early at boot time.
106 +-
107 +--Andi Kleen, Jul 2004
108 +diff --git a/Makefile b/Makefile
109 +index ed2132c6d286..9edfb78836a9 100644
110 +--- a/Makefile
111 ++++ b/Makefile
112 +@@ -1,7 +1,7 @@
113 + # SPDX-License-Identifier: GPL-2.0
114 + VERSION = 4
115 + PATCHLEVEL = 14
116 +-SUBLEVEL = 9
117 ++SUBLEVEL = 10
118 + EXTRAVERSION =
119 + NAME = Petit Gorille
120 +
121 +diff --git a/arch/arm64/kvm/hyp/debug-sr.c b/arch/arm64/kvm/hyp/debug-sr.c
122 +index f5154ed3da6c..2add22699764 100644
123 +--- a/arch/arm64/kvm/hyp/debug-sr.c
124 ++++ b/arch/arm64/kvm/hyp/debug-sr.c
125 +@@ -84,6 +84,9 @@ static void __hyp_text __debug_save_spe_nvhe(u64 *pmscr_el1)
126 + {
127 + u64 reg;
128 +
129 ++ /* Clear pmscr in case of early return */
130 ++ *pmscr_el1 = 0;
131 ++
132 + /* SPE present on this CPU? */
133 + if (!cpuid_feature_extract_unsigned_field(read_sysreg(id_aa64dfr0_el1),
134 + ID_AA64DFR0_PMSVER_SHIFT))
135 +diff --git a/arch/parisc/boot/compressed/misc.c b/arch/parisc/boot/compressed/misc.c
136 +index 9345b44b86f0..f57118e1f6b4 100644
137 +--- a/arch/parisc/boot/compressed/misc.c
138 ++++ b/arch/parisc/boot/compressed/misc.c
139 +@@ -123,8 +123,8 @@ int puts(const char *s)
140 + while ((nuline = strchr(s, '\n')) != NULL) {
141 + if (nuline != s)
142 + pdc_iodc_print(s, nuline - s);
143 +- pdc_iodc_print("\r\n", 2);
144 +- s = nuline + 1;
145 ++ pdc_iodc_print("\r\n", 2);
146 ++ s = nuline + 1;
147 + }
148 + if (*s != '\0')
149 + pdc_iodc_print(s, strlen(s));
150 +diff --git a/arch/parisc/kernel/entry.S b/arch/parisc/kernel/entry.S
151 +index a4fd296c958e..f3cecf5117cf 100644
152 +--- a/arch/parisc/kernel/entry.S
153 ++++ b/arch/parisc/kernel/entry.S
154 +@@ -878,9 +878,6 @@ ENTRY_CFI(syscall_exit_rfi)
155 + STREG %r19,PT_SR7(%r16)
156 +
157 + intr_return:
158 +- /* NOTE: Need to enable interrupts incase we schedule. */
159 +- ssm PSW_SM_I, %r0
160 +-
161 + /* check for reschedule */
162 + mfctl %cr30,%r1
163 + LDREG TI_FLAGS(%r1),%r19 /* sched.h: TIF_NEED_RESCHED */
164 +@@ -907,6 +904,11 @@ intr_check_sig:
165 + LDREG PT_IASQ1(%r16), %r20
166 + cmpib,COND(=),n 0,%r20,intr_restore /* backward */
167 +
168 ++ /* NOTE: We need to enable interrupts if we have to deliver
169 ++ * signals. We used to do this earlier but it caused kernel
170 ++ * stack overflows. */
171 ++ ssm PSW_SM_I, %r0
172 ++
173 + copy %r0, %r25 /* long in_syscall = 0 */
174 + #ifdef CONFIG_64BIT
175 + ldo -16(%r30),%r29 /* Reference param save area */
176 +@@ -958,6 +960,10 @@ intr_do_resched:
177 + cmpib,COND(=) 0, %r20, intr_do_preempt
178 + nop
179 +
180 ++ /* NOTE: We need to enable interrupts if we schedule. We used
181 ++ * to do this earlier but it caused kernel stack overflows. */
182 ++ ssm PSW_SM_I, %r0
183 ++
184 + #ifdef CONFIG_64BIT
185 + ldo -16(%r30),%r29 /* Reference param save area */
186 + #endif
187 +diff --git a/arch/parisc/kernel/hpmc.S b/arch/parisc/kernel/hpmc.S
188 +index e3a8e5e4d5de..8d072c44f300 100644
189 +--- a/arch/parisc/kernel/hpmc.S
190 ++++ b/arch/parisc/kernel/hpmc.S
191 +@@ -305,6 +305,7 @@ ENDPROC_CFI(os_hpmc)
192 +
193 +
194 + __INITRODATA
195 ++ .align 4
196 + .export os_hpmc_size
197 + os_hpmc_size:
198 + .word .os_hpmc_end-.os_hpmc
199 +diff --git a/arch/powerpc/include/asm/mmu_context.h b/arch/powerpc/include/asm/mmu_context.h
200 +index 492d8140a395..44fdf4786638 100644
201 +--- a/arch/powerpc/include/asm/mmu_context.h
202 ++++ b/arch/powerpc/include/asm/mmu_context.h
203 +@@ -114,9 +114,10 @@ static inline void enter_lazy_tlb(struct mm_struct *mm,
204 + #endif
205 + }
206 +
207 +-static inline void arch_dup_mmap(struct mm_struct *oldmm,
208 +- struct mm_struct *mm)
209 ++static inline int arch_dup_mmap(struct mm_struct *oldmm,
210 ++ struct mm_struct *mm)
211 + {
212 ++ return 0;
213 + }
214 +
215 + static inline void arch_exit_mmap(struct mm_struct *mm)
216 +diff --git a/arch/powerpc/kvm/book3s_xive.c b/arch/powerpc/kvm/book3s_xive.c
217 +index bf457843e032..0d750d274c4e 100644
218 +--- a/arch/powerpc/kvm/book3s_xive.c
219 ++++ b/arch/powerpc/kvm/book3s_xive.c
220 +@@ -725,7 +725,8 @@ u64 kvmppc_xive_get_icp(struct kvm_vcpu *vcpu)
221 +
222 + /* Return the per-cpu state for state saving/migration */
223 + return (u64)xc->cppr << KVM_REG_PPC_ICP_CPPR_SHIFT |
224 +- (u64)xc->mfrr << KVM_REG_PPC_ICP_MFRR_SHIFT;
225 ++ (u64)xc->mfrr << KVM_REG_PPC_ICP_MFRR_SHIFT |
226 ++ (u64)0xff << KVM_REG_PPC_ICP_PPRI_SHIFT;
227 + }
228 +
229 + int kvmppc_xive_set_icp(struct kvm_vcpu *vcpu, u64 icpval)
230 +@@ -1558,7 +1559,7 @@ static int xive_set_source(struct kvmppc_xive *xive, long irq, u64 addr)
231 +
232 + /*
233 + * Restore P and Q. If the interrupt was pending, we
234 +- * force both P and Q, which will trigger a resend.
235 ++ * force Q and !P, which will trigger a resend.
236 + *
237 + * That means that a guest that had both an interrupt
238 + * pending (queued) and Q set will restore with only
239 +@@ -1566,7 +1567,7 @@ static int xive_set_source(struct kvmppc_xive *xive, long irq, u64 addr)
240 + * is perfectly fine as coalescing interrupts that haven't
241 + * been presented yet is always allowed.
242 + */
243 +- if (val & KVM_XICS_PRESENTED || val & KVM_XICS_PENDING)
244 ++ if (val & KVM_XICS_PRESENTED && !(val & KVM_XICS_PENDING))
245 + state->old_p = true;
246 + if (val & KVM_XICS_QUEUED || val & KVM_XICS_PENDING)
247 + state->old_q = true;
248 +diff --git a/arch/powerpc/perf/core-book3s.c b/arch/powerpc/perf/core-book3s.c
249 +index 9e3da168d54c..b4209a68b85d 100644
250 +--- a/arch/powerpc/perf/core-book3s.c
251 ++++ b/arch/powerpc/perf/core-book3s.c
252 +@@ -410,8 +410,12 @@ static __u64 power_pmu_bhrb_to(u64 addr)
253 + int ret;
254 + __u64 target;
255 +
256 +- if (is_kernel_addr(addr))
257 +- return branch_target((unsigned int *)addr);
258 ++ if (is_kernel_addr(addr)) {
259 ++ if (probe_kernel_read(&instr, (void *)addr, sizeof(instr)))
260 ++ return 0;
261 ++
262 ++ return branch_target(&instr);
263 ++ }
264 +
265 + /* Userspace: need copy instruction here then translate it */
266 + pagefault_disable();
267 +diff --git a/arch/um/include/asm/mmu_context.h b/arch/um/include/asm/mmu_context.h
268 +index b668e351fd6c..fca34b2177e2 100644
269 +--- a/arch/um/include/asm/mmu_context.h
270 ++++ b/arch/um/include/asm/mmu_context.h
271 +@@ -15,9 +15,10 @@ extern void uml_setup_stubs(struct mm_struct *mm);
272 + /*
273 + * Needed since we do not use the asm-generic/mm_hooks.h:
274 + */
275 +-static inline void arch_dup_mmap(struct mm_struct *oldmm, struct mm_struct *mm)
276 ++static inline int arch_dup_mmap(struct mm_struct *oldmm, struct mm_struct *mm)
277 + {
278 + uml_setup_stubs(mm);
279 ++ return 0;
280 + }
281 + extern void arch_exit_mmap(struct mm_struct *mm);
282 + static inline void arch_unmap(struct mm_struct *mm,
283 +diff --git a/arch/unicore32/include/asm/mmu_context.h b/arch/unicore32/include/asm/mmu_context.h
284 +index 59b06b48f27d..5c205a9cb5a6 100644
285 +--- a/arch/unicore32/include/asm/mmu_context.h
286 ++++ b/arch/unicore32/include/asm/mmu_context.h
287 +@@ -81,9 +81,10 @@ do { \
288 + } \
289 + } while (0)
290 +
291 +-static inline void arch_dup_mmap(struct mm_struct *oldmm,
292 +- struct mm_struct *mm)
293 ++static inline int arch_dup_mmap(struct mm_struct *oldmm,
294 ++ struct mm_struct *mm)
295 + {
296 ++ return 0;
297 + }
298 +
299 + static inline void arch_unmap(struct mm_struct *mm,
300 +diff --git a/arch/x86/Kconfig b/arch/x86/Kconfig
301 +index 48646160eb83..592c974d4558 100644
302 +--- a/arch/x86/Kconfig
303 ++++ b/arch/x86/Kconfig
304 +@@ -925,7 +925,8 @@ config MAXSMP
305 + config NR_CPUS
306 + int "Maximum number of CPUs" if SMP && !MAXSMP
307 + range 2 8 if SMP && X86_32 && !X86_BIGSMP
308 +- range 2 512 if SMP && !MAXSMP && !CPUMASK_OFFSTACK
309 ++ range 2 64 if SMP && X86_32 && X86_BIGSMP
310 ++ range 2 512 if SMP && !MAXSMP && !CPUMASK_OFFSTACK && X86_64
311 + range 2 8192 if SMP && !MAXSMP && CPUMASK_OFFSTACK && X86_64
312 + default "1" if !SMP
313 + default "8192" if MAXSMP
314 +diff --git a/arch/x86/entry/entry_32.S b/arch/x86/entry/entry_32.S
315 +index bd8b57a5c874..ace8f321a5a1 100644
316 +--- a/arch/x86/entry/entry_32.S
317 ++++ b/arch/x86/entry/entry_32.S
318 +@@ -942,9 +942,9 @@ ENTRY(debug)
319 +
320 + /* Are we currently on the SYSENTER stack? */
321 + movl PER_CPU_VAR(cpu_entry_area), %ecx
322 +- addl $CPU_ENTRY_AREA_SYSENTER_stack + SIZEOF_SYSENTER_stack, %ecx
323 +- subl %eax, %ecx /* ecx = (end of SYSENTER_stack) - esp */
324 +- cmpl $SIZEOF_SYSENTER_stack, %ecx
325 ++ addl $CPU_ENTRY_AREA_entry_stack + SIZEOF_entry_stack, %ecx
326 ++ subl %eax, %ecx /* ecx = (end of entry_stack) - esp */
327 ++ cmpl $SIZEOF_entry_stack, %ecx
328 + jb .Ldebug_from_sysenter_stack
329 +
330 + TRACE_IRQS_OFF
331 +@@ -986,9 +986,9 @@ ENTRY(nmi)
332 +
333 + /* Are we currently on the SYSENTER stack? */
334 + movl PER_CPU_VAR(cpu_entry_area), %ecx
335 +- addl $CPU_ENTRY_AREA_SYSENTER_stack + SIZEOF_SYSENTER_stack, %ecx
336 +- subl %eax, %ecx /* ecx = (end of SYSENTER_stack) - esp */
337 +- cmpl $SIZEOF_SYSENTER_stack, %ecx
338 ++ addl $CPU_ENTRY_AREA_entry_stack + SIZEOF_entry_stack, %ecx
339 ++ subl %eax, %ecx /* ecx = (end of entry_stack) - esp */
340 ++ cmpl $SIZEOF_entry_stack, %ecx
341 + jb .Lnmi_from_sysenter_stack
342 +
343 + /* Not on SYSENTER stack. */
344 +diff --git a/arch/x86/entry/entry_64.S b/arch/x86/entry/entry_64.S
345 +index 6abe3fcaece9..22c891c3b78d 100644
346 +--- a/arch/x86/entry/entry_64.S
347 ++++ b/arch/x86/entry/entry_64.S
348 +@@ -154,8 +154,8 @@ END(native_usergs_sysret64)
349 + _entry_trampoline - CPU_ENTRY_AREA_entry_trampoline(%rip)
350 +
351 + /* The top word of the SYSENTER stack is hot and is usable as scratch space. */
352 +-#define RSP_SCRATCH CPU_ENTRY_AREA_SYSENTER_stack + \
353 +- SIZEOF_SYSENTER_stack - 8 + CPU_ENTRY_AREA
354 ++#define RSP_SCRATCH CPU_ENTRY_AREA_entry_stack + \
355 ++ SIZEOF_entry_stack - 8 + CPU_ENTRY_AREA
356 +
357 + ENTRY(entry_SYSCALL_64_trampoline)
358 + UNWIND_HINT_EMPTY
359 +diff --git a/arch/x86/entry/vsyscall/vsyscall_64.c b/arch/x86/entry/vsyscall/vsyscall_64.c
360 +index f279ba2643dc..1faf40f2dda9 100644
361 +--- a/arch/x86/entry/vsyscall/vsyscall_64.c
362 ++++ b/arch/x86/entry/vsyscall/vsyscall_64.c
363 +@@ -37,6 +37,7 @@
364 + #include <asm/unistd.h>
365 + #include <asm/fixmap.h>
366 + #include <asm/traps.h>
367 ++#include <asm/paravirt.h>
368 +
369 + #define CREATE_TRACE_POINTS
370 + #include "vsyscall_trace.h"
371 +@@ -138,6 +139,10 @@ bool emulate_vsyscall(struct pt_regs *regs, unsigned long address)
372 +
373 + WARN_ON_ONCE(address != regs->ip);
374 +
375 ++ /* This should be unreachable in NATIVE mode. */
376 ++ if (WARN_ON(vsyscall_mode == NATIVE))
377 ++ return false;
378 ++
379 + if (vsyscall_mode == NONE) {
380 + warn_bad_vsyscall(KERN_INFO, regs,
381 + "vsyscall attempted with vsyscall=none");
382 +@@ -329,16 +334,47 @@ int in_gate_area_no_mm(unsigned long addr)
383 + return vsyscall_mode != NONE && (addr & PAGE_MASK) == VSYSCALL_ADDR;
384 + }
385 +
386 ++/*
387 ++ * The VSYSCALL page is the only user-accessible page in the kernel address
388 ++ * range. Normally, the kernel page tables can have _PAGE_USER clear, but
389 ++ * the tables covering VSYSCALL_ADDR need _PAGE_USER set if vsyscalls
390 ++ * are enabled.
391 ++ *
392 ++ * Some day we may create a "minimal" vsyscall mode in which we emulate
393 ++ * vsyscalls but leave the page not present. If so, we skip calling
394 ++ * this.
395 ++ */
396 ++static void __init set_vsyscall_pgtable_user_bits(void)
397 ++{
398 ++ pgd_t *pgd;
399 ++ p4d_t *p4d;
400 ++ pud_t *pud;
401 ++ pmd_t *pmd;
402 ++
403 ++ pgd = pgd_offset_k(VSYSCALL_ADDR);
404 ++ set_pgd(pgd, __pgd(pgd_val(*pgd) | _PAGE_USER));
405 ++ p4d = p4d_offset(pgd, VSYSCALL_ADDR);
406 ++#if CONFIG_PGTABLE_LEVELS >= 5
407 ++ p4d->p4d |= _PAGE_USER;
408 ++#endif
409 ++ pud = pud_offset(p4d, VSYSCALL_ADDR);
410 ++ set_pud(pud, __pud(pud_val(*pud) | _PAGE_USER));
411 ++ pmd = pmd_offset(pud, VSYSCALL_ADDR);
412 ++ set_pmd(pmd, __pmd(pmd_val(*pmd) | _PAGE_USER));
413 ++}
414 ++
415 + void __init map_vsyscall(void)
416 + {
417 + extern char __vsyscall_page;
418 + unsigned long physaddr_vsyscall = __pa_symbol(&__vsyscall_page);
419 +
420 +- if (vsyscall_mode != NONE)
421 ++ if (vsyscall_mode != NONE) {
422 + __set_fixmap(VSYSCALL_PAGE, physaddr_vsyscall,
423 + vsyscall_mode == NATIVE
424 + ? PAGE_KERNEL_VSYSCALL
425 + : PAGE_KERNEL_VVAR);
426 ++ set_vsyscall_pgtable_user_bits();
427 ++ }
428 +
429 + BUILD_BUG_ON((unsigned long)__fix_to_virt(VSYSCALL_PAGE) !=
430 + (unsigned long)VSYSCALL_ADDR);
431 +diff --git a/arch/x86/include/asm/cpu_entry_area.h b/arch/x86/include/asm/cpu_entry_area.h
432 +new file mode 100644
433 +index 000000000000..2fbc69a0916e
434 +--- /dev/null
435 ++++ b/arch/x86/include/asm/cpu_entry_area.h
436 +@@ -0,0 +1,68 @@
437 ++// SPDX-License-Identifier: GPL-2.0
438 ++
439 ++#ifndef _ASM_X86_CPU_ENTRY_AREA_H
440 ++#define _ASM_X86_CPU_ENTRY_AREA_H
441 ++
442 ++#include <linux/percpu-defs.h>
443 ++#include <asm/processor.h>
444 ++
445 ++/*
446 ++ * cpu_entry_area is a percpu region that contains things needed by the CPU
447 ++ * and early entry/exit code. Real types aren't used for all fields here
448 ++ * to avoid circular header dependencies.
449 ++ *
450 ++ * Every field is a virtual alias of some other allocated backing store.
451 ++ * There is no direct allocation of a struct cpu_entry_area.
452 ++ */
453 ++struct cpu_entry_area {
454 ++ char gdt[PAGE_SIZE];
455 ++
456 ++ /*
457 ++ * The GDT is just below entry_stack and thus serves (on x86_64) as
458 ++ * a a read-only guard page.
459 ++ */
460 ++ struct entry_stack_page entry_stack_page;
461 ++
462 ++ /*
463 ++ * On x86_64, the TSS is mapped RO. On x86_32, it's mapped RW because
464 ++ * we need task switches to work, and task switches write to the TSS.
465 ++ */
466 ++ struct tss_struct tss;
467 ++
468 ++ char entry_trampoline[PAGE_SIZE];
469 ++
470 ++#ifdef CONFIG_X86_64
471 ++ /*
472 ++ * Exception stacks used for IST entries.
473 ++ *
474 ++ * In the future, this should have a separate slot for each stack
475 ++ * with guard pages between them.
476 ++ */
477 ++ char exception_stacks[(N_EXCEPTION_STACKS - 1) * EXCEPTION_STKSZ + DEBUG_STKSZ];
478 ++#endif
479 ++};
480 ++
481 ++#define CPU_ENTRY_AREA_SIZE (sizeof(struct cpu_entry_area))
482 ++#define CPU_ENTRY_AREA_TOT_SIZE (CPU_ENTRY_AREA_SIZE * NR_CPUS)
483 ++
484 ++DECLARE_PER_CPU(struct cpu_entry_area *, cpu_entry_area);
485 ++
486 ++extern void setup_cpu_entry_areas(void);
487 ++extern void cea_set_pte(void *cea_vaddr, phys_addr_t pa, pgprot_t flags);
488 ++
489 ++#define CPU_ENTRY_AREA_RO_IDT CPU_ENTRY_AREA_BASE
490 ++#define CPU_ENTRY_AREA_PER_CPU (CPU_ENTRY_AREA_RO_IDT + PAGE_SIZE)
491 ++
492 ++#define CPU_ENTRY_AREA_RO_IDT_VADDR ((void *)CPU_ENTRY_AREA_RO_IDT)
493 ++
494 ++#define CPU_ENTRY_AREA_MAP_SIZE \
495 ++ (CPU_ENTRY_AREA_PER_CPU + CPU_ENTRY_AREA_TOT_SIZE - CPU_ENTRY_AREA_BASE)
496 ++
497 ++extern struct cpu_entry_area *get_cpu_entry_area(int cpu);
498 ++
499 ++static inline struct entry_stack *cpu_entry_stack(int cpu)
500 ++{
501 ++ return &get_cpu_entry_area(cpu)->entry_stack_page.stack;
502 ++}
503 ++
504 ++#endif
505 +diff --git a/arch/x86/include/asm/desc.h b/arch/x86/include/asm/desc.h
506 +index 2ace1f90d138..bc359dd2f7f6 100644
507 +--- a/arch/x86/include/asm/desc.h
508 ++++ b/arch/x86/include/asm/desc.h
509 +@@ -7,6 +7,7 @@
510 + #include <asm/mmu.h>
511 + #include <asm/fixmap.h>
512 + #include <asm/irq_vectors.h>
513 ++#include <asm/cpu_entry_area.h>
514 +
515 + #include <linux/smp.h>
516 + #include <linux/percpu.h>
517 +diff --git a/arch/x86/include/asm/espfix.h b/arch/x86/include/asm/espfix.h
518 +index 0211029076ea..6777480d8a42 100644
519 +--- a/arch/x86/include/asm/espfix.h
520 ++++ b/arch/x86/include/asm/espfix.h
521 +@@ -2,7 +2,7 @@
522 + #ifndef _ASM_X86_ESPFIX_H
523 + #define _ASM_X86_ESPFIX_H
524 +
525 +-#ifdef CONFIG_X86_64
526 ++#ifdef CONFIG_X86_ESPFIX64
527 +
528 + #include <asm/percpu.h>
529 +
530 +@@ -11,7 +11,8 @@ DECLARE_PER_CPU_READ_MOSTLY(unsigned long, espfix_waddr);
531 +
532 + extern void init_espfix_bsp(void);
533 + extern void init_espfix_ap(int cpu);
534 +-
535 +-#endif /* CONFIG_X86_64 */
536 ++#else
537 ++static inline void init_espfix_ap(int cpu) { }
538 ++#endif
539 +
540 + #endif /* _ASM_X86_ESPFIX_H */
541 +diff --git a/arch/x86/include/asm/fixmap.h b/arch/x86/include/asm/fixmap.h
542 +index 94fc4fa14127..64c4a30e0d39 100644
543 +--- a/arch/x86/include/asm/fixmap.h
544 ++++ b/arch/x86/include/asm/fixmap.h
545 +@@ -44,46 +44,6 @@ extern unsigned long __FIXADDR_TOP;
546 + PAGE_SIZE)
547 + #endif
548 +
549 +-/*
550 +- * cpu_entry_area is a percpu region in the fixmap that contains things
551 +- * needed by the CPU and early entry/exit code. Real types aren't used
552 +- * for all fields here to avoid circular header dependencies.
553 +- *
554 +- * Every field is a virtual alias of some other allocated backing store.
555 +- * There is no direct allocation of a struct cpu_entry_area.
556 +- */
557 +-struct cpu_entry_area {
558 +- char gdt[PAGE_SIZE];
559 +-
560 +- /*
561 +- * The GDT is just below SYSENTER_stack and thus serves (on x86_64) as
562 +- * a a read-only guard page.
563 +- */
564 +- struct SYSENTER_stack_page SYSENTER_stack_page;
565 +-
566 +- /*
567 +- * On x86_64, the TSS is mapped RO. On x86_32, it's mapped RW because
568 +- * we need task switches to work, and task switches write to the TSS.
569 +- */
570 +- struct tss_struct tss;
571 +-
572 +- char entry_trampoline[PAGE_SIZE];
573 +-
574 +-#ifdef CONFIG_X86_64
575 +- /*
576 +- * Exception stacks used for IST entries.
577 +- *
578 +- * In the future, this should have a separate slot for each stack
579 +- * with guard pages between them.
580 +- */
581 +- char exception_stacks[(N_EXCEPTION_STACKS - 1) * EXCEPTION_STKSZ + DEBUG_STKSZ];
582 +-#endif
583 +-};
584 +-
585 +-#define CPU_ENTRY_AREA_PAGES (sizeof(struct cpu_entry_area) / PAGE_SIZE)
586 +-
587 +-extern void setup_cpu_entry_areas(void);
588 +-
589 + /*
590 + * Here we define all the compile-time 'special' virtual
591 + * addresses. The point is to have a constant address at
592 +@@ -123,7 +83,6 @@ enum fixed_addresses {
593 + FIX_IO_APIC_BASE_0,
594 + FIX_IO_APIC_BASE_END = FIX_IO_APIC_BASE_0 + MAX_IO_APICS - 1,
595 + #endif
596 +- FIX_RO_IDT, /* Virtual mapping for read-only IDT */
597 + #ifdef CONFIG_X86_32
598 + FIX_KMAP_BEGIN, /* reserved pte's for temporary kernel mappings */
599 + FIX_KMAP_END = FIX_KMAP_BEGIN+(KM_TYPE_NR*NR_CPUS)-1,
600 +@@ -139,9 +98,6 @@ enum fixed_addresses {
601 + #ifdef CONFIG_X86_INTEL_MID
602 + FIX_LNW_VRTC,
603 + #endif
604 +- /* Fixmap entries to remap the GDTs, one per processor. */
605 +- FIX_CPU_ENTRY_AREA_TOP,
606 +- FIX_CPU_ENTRY_AREA_BOTTOM = FIX_CPU_ENTRY_AREA_TOP + (CPU_ENTRY_AREA_PAGES * NR_CPUS) - 1,
607 +
608 + #ifdef CONFIG_ACPI_APEI_GHES
609 + /* Used for GHES mapping from assorted contexts */
610 +@@ -182,7 +138,7 @@ enum fixed_addresses {
611 + extern void reserve_top_address(unsigned long reserve);
612 +
613 + #define FIXADDR_SIZE (__end_of_permanent_fixed_addresses << PAGE_SHIFT)
614 +-#define FIXADDR_START (FIXADDR_TOP - FIXADDR_SIZE)
615 ++#define FIXADDR_START (FIXADDR_TOP - FIXADDR_SIZE)
616 +
617 + extern int fixmaps_set;
618 +
619 +@@ -230,30 +186,5 @@ void __init *early_memremap_decrypted_wp(resource_size_t phys_addr,
620 + void __early_set_fixmap(enum fixed_addresses idx,
621 + phys_addr_t phys, pgprot_t flags);
622 +
623 +-static inline unsigned int __get_cpu_entry_area_page_index(int cpu, int page)
624 +-{
625 +- BUILD_BUG_ON(sizeof(struct cpu_entry_area) % PAGE_SIZE != 0);
626 +-
627 +- return FIX_CPU_ENTRY_AREA_BOTTOM - cpu*CPU_ENTRY_AREA_PAGES - page;
628 +-}
629 +-
630 +-#define __get_cpu_entry_area_offset_index(cpu, offset) ({ \
631 +- BUILD_BUG_ON(offset % PAGE_SIZE != 0); \
632 +- __get_cpu_entry_area_page_index(cpu, offset / PAGE_SIZE); \
633 +- })
634 +-
635 +-#define get_cpu_entry_area_index(cpu, field) \
636 +- __get_cpu_entry_area_offset_index((cpu), offsetof(struct cpu_entry_area, field))
637 +-
638 +-static inline struct cpu_entry_area *get_cpu_entry_area(int cpu)
639 +-{
640 +- return (struct cpu_entry_area *)__fix_to_virt(__get_cpu_entry_area_page_index(cpu, 0));
641 +-}
642 +-
643 +-static inline struct SYSENTER_stack *cpu_SYSENTER_stack(int cpu)
644 +-{
645 +- return &get_cpu_entry_area(cpu)->SYSENTER_stack_page.stack;
646 +-}
647 +-
648 + #endif /* !__ASSEMBLY__ */
649 + #endif /* _ASM_X86_FIXMAP_H */
650 +diff --git a/arch/x86/include/asm/inat.h b/arch/x86/include/asm/inat.h
651 +index 02aff0867211..1c78580e58be 100644
652 +--- a/arch/x86/include/asm/inat.h
653 ++++ b/arch/x86/include/asm/inat.h
654 +@@ -97,6 +97,16 @@
655 + #define INAT_MAKE_GROUP(grp) ((grp << INAT_GRP_OFFS) | INAT_MODRM)
656 + #define INAT_MAKE_IMM(imm) (imm << INAT_IMM_OFFS)
657 +
658 ++/* Identifiers for segment registers */
659 ++#define INAT_SEG_REG_IGNORE 0
660 ++#define INAT_SEG_REG_DEFAULT 1
661 ++#define INAT_SEG_REG_CS 2
662 ++#define INAT_SEG_REG_SS 3
663 ++#define INAT_SEG_REG_DS 4
664 ++#define INAT_SEG_REG_ES 5
665 ++#define INAT_SEG_REG_FS 6
666 ++#define INAT_SEG_REG_GS 7
667 ++
668 + /* Attribute search APIs */
669 + extern insn_attr_t inat_get_opcode_attribute(insn_byte_t opcode);
670 + extern int inat_get_last_prefix_id(insn_byte_t last_pfx);
671 +diff --git a/arch/x86/include/asm/invpcid.h b/arch/x86/include/asm/invpcid.h
672 +new file mode 100644
673 +index 000000000000..989cfa86de85
674 +--- /dev/null
675 ++++ b/arch/x86/include/asm/invpcid.h
676 +@@ -0,0 +1,53 @@
677 ++/* SPDX-License-Identifier: GPL-2.0 */
678 ++#ifndef _ASM_X86_INVPCID
679 ++#define _ASM_X86_INVPCID
680 ++
681 ++static inline void __invpcid(unsigned long pcid, unsigned long addr,
682 ++ unsigned long type)
683 ++{
684 ++ struct { u64 d[2]; } desc = { { pcid, addr } };
685 ++
686 ++ /*
687 ++ * The memory clobber is because the whole point is to invalidate
688 ++ * stale TLB entries and, especially if we're flushing global
689 ++ * mappings, we don't want the compiler to reorder any subsequent
690 ++ * memory accesses before the TLB flush.
691 ++ *
692 ++ * The hex opcode is invpcid (%ecx), %eax in 32-bit mode and
693 ++ * invpcid (%rcx), %rax in long mode.
694 ++ */
695 ++ asm volatile (".byte 0x66, 0x0f, 0x38, 0x82, 0x01"
696 ++ : : "m" (desc), "a" (type), "c" (&desc) : "memory");
697 ++}
698 ++
699 ++#define INVPCID_TYPE_INDIV_ADDR 0
700 ++#define INVPCID_TYPE_SINGLE_CTXT 1
701 ++#define INVPCID_TYPE_ALL_INCL_GLOBAL 2
702 ++#define INVPCID_TYPE_ALL_NON_GLOBAL 3
703 ++
704 ++/* Flush all mappings for a given pcid and addr, not including globals. */
705 ++static inline void invpcid_flush_one(unsigned long pcid,
706 ++ unsigned long addr)
707 ++{
708 ++ __invpcid(pcid, addr, INVPCID_TYPE_INDIV_ADDR);
709 ++}
710 ++
711 ++/* Flush all mappings for a given PCID, not including globals. */
712 ++static inline void invpcid_flush_single_context(unsigned long pcid)
713 ++{
714 ++ __invpcid(pcid, 0, INVPCID_TYPE_SINGLE_CTXT);
715 ++}
716 ++
717 ++/* Flush all mappings, including globals, for all PCIDs. */
718 ++static inline void invpcid_flush_all(void)
719 ++{
720 ++ __invpcid(0, 0, INVPCID_TYPE_ALL_INCL_GLOBAL);
721 ++}
722 ++
723 ++/* Flush all mappings for all PCIDs except globals. */
724 ++static inline void invpcid_flush_all_nonglobals(void)
725 ++{
726 ++ __invpcid(0, 0, INVPCID_TYPE_ALL_NON_GLOBAL);
727 ++}
728 ++
729 ++#endif /* _ASM_X86_INVPCID */
730 +diff --git a/arch/x86/include/asm/mmu.h b/arch/x86/include/asm/mmu.h
731 +index 9ea26f167497..5ff3e8af2c20 100644
732 +--- a/arch/x86/include/asm/mmu.h
733 ++++ b/arch/x86/include/asm/mmu.h
734 +@@ -3,6 +3,7 @@
735 + #define _ASM_X86_MMU_H
736 +
737 + #include <linux/spinlock.h>
738 ++#include <linux/rwsem.h>
739 + #include <linux/mutex.h>
740 + #include <linux/atomic.h>
741 +
742 +@@ -27,7 +28,8 @@ typedef struct {
743 + atomic64_t tlb_gen;
744 +
745 + #ifdef CONFIG_MODIFY_LDT_SYSCALL
746 +- struct ldt_struct *ldt;
747 ++ struct rw_semaphore ldt_usr_sem;
748 ++ struct ldt_struct *ldt;
749 + #endif
750 +
751 + #ifdef CONFIG_X86_64
752 +diff --git a/arch/x86/include/asm/mmu_context.h b/arch/x86/include/asm/mmu_context.h
753 +index 6d16d15d09a0..5ede7cae1d67 100644
754 +--- a/arch/x86/include/asm/mmu_context.h
755 ++++ b/arch/x86/include/asm/mmu_context.h
756 +@@ -57,11 +57,17 @@ struct ldt_struct {
757 + /*
758 + * Used for LDT copy/destruction.
759 + */
760 +-int init_new_context_ldt(struct task_struct *tsk, struct mm_struct *mm);
761 ++static inline void init_new_context_ldt(struct mm_struct *mm)
762 ++{
763 ++ mm->context.ldt = NULL;
764 ++ init_rwsem(&mm->context.ldt_usr_sem);
765 ++}
766 ++int ldt_dup_context(struct mm_struct *oldmm, struct mm_struct *mm);
767 + void destroy_context_ldt(struct mm_struct *mm);
768 + #else /* CONFIG_MODIFY_LDT_SYSCALL */
769 +-static inline int init_new_context_ldt(struct task_struct *tsk,
770 +- struct mm_struct *mm)
771 ++static inline void init_new_context_ldt(struct mm_struct *mm) { }
772 ++static inline int ldt_dup_context(struct mm_struct *oldmm,
773 ++ struct mm_struct *mm)
774 + {
775 + return 0;
776 + }
777 +@@ -132,18 +138,21 @@ void enter_lazy_tlb(struct mm_struct *mm, struct task_struct *tsk);
778 + static inline int init_new_context(struct task_struct *tsk,
779 + struct mm_struct *mm)
780 + {
781 ++ mutex_init(&mm->context.lock);
782 ++
783 + mm->context.ctx_id = atomic64_inc_return(&last_mm_ctx_id);
784 + atomic64_set(&mm->context.tlb_gen, 0);
785 +
786 +- #ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
787 ++#ifdef CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS
788 + if (cpu_feature_enabled(X86_FEATURE_OSPKE)) {
789 + /* pkey 0 is the default and always allocated */
790 + mm->context.pkey_allocation_map = 0x1;
791 + /* -1 means unallocated or invalid */
792 + mm->context.execute_only_pkey = -1;
793 + }
794 +- #endif
795 +- return init_new_context_ldt(tsk, mm);
796 ++#endif
797 ++ init_new_context_ldt(mm);
798 ++ return 0;
799 + }
800 + static inline void destroy_context(struct mm_struct *mm)
801 + {
802 +@@ -176,10 +185,10 @@ do { \
803 + } while (0)
804 + #endif
805 +
806 +-static inline void arch_dup_mmap(struct mm_struct *oldmm,
807 +- struct mm_struct *mm)
808 ++static inline int arch_dup_mmap(struct mm_struct *oldmm, struct mm_struct *mm)
809 + {
810 + paravirt_arch_dup_mmap(oldmm, mm);
811 ++ return ldt_dup_context(oldmm, mm);
812 + }
813 +
814 + static inline void arch_exit_mmap(struct mm_struct *mm)
815 +@@ -281,33 +290,6 @@ static inline bool arch_vma_access_permitted(struct vm_area_struct *vma,
816 + return __pkru_allows_pkey(vma_pkey(vma), write);
817 + }
818 +
819 +-/*
820 +- * If PCID is on, ASID-aware code paths put the ASID+1 into the PCID
821 +- * bits. This serves two purposes. It prevents a nasty situation in
822 +- * which PCID-unaware code saves CR3, loads some other value (with PCID
823 +- * == 0), and then restores CR3, thus corrupting the TLB for ASID 0 if
824 +- * the saved ASID was nonzero. It also means that any bugs involving
825 +- * loading a PCID-enabled CR3 with CR4.PCIDE off will trigger
826 +- * deterministically.
827 +- */
828 +-
829 +-static inline unsigned long build_cr3(struct mm_struct *mm, u16 asid)
830 +-{
831 +- if (static_cpu_has(X86_FEATURE_PCID)) {
832 +- VM_WARN_ON_ONCE(asid > 4094);
833 +- return __sme_pa(mm->pgd) | (asid + 1);
834 +- } else {
835 +- VM_WARN_ON_ONCE(asid != 0);
836 +- return __sme_pa(mm->pgd);
837 +- }
838 +-}
839 +-
840 +-static inline unsigned long build_cr3_noflush(struct mm_struct *mm, u16 asid)
841 +-{
842 +- VM_WARN_ON_ONCE(asid > 4094);
843 +- return __sme_pa(mm->pgd) | (asid + 1) | CR3_NOFLUSH;
844 +-}
845 +-
846 + /*
847 + * This can be used from process context to figure out what the value of
848 + * CR3 is without needing to do a (slow) __read_cr3().
849 +@@ -317,7 +299,7 @@ static inline unsigned long build_cr3_noflush(struct mm_struct *mm, u16 asid)
850 + */
851 + static inline unsigned long __get_current_cr3_fast(void)
852 + {
853 +- unsigned long cr3 = build_cr3(this_cpu_read(cpu_tlbstate.loaded_mm),
854 ++ unsigned long cr3 = build_cr3(this_cpu_read(cpu_tlbstate.loaded_mm)->pgd,
855 + this_cpu_read(cpu_tlbstate.loaded_mm_asid));
856 +
857 + /* For now, be very restrictive about when this can be called. */
858 +diff --git a/arch/x86/include/asm/pgtable_32_types.h b/arch/x86/include/asm/pgtable_32_types.h
859 +index f2ca9b28fd68..ce245b0cdfca 100644
860 +--- a/arch/x86/include/asm/pgtable_32_types.h
861 ++++ b/arch/x86/include/asm/pgtable_32_types.h
862 +@@ -38,13 +38,22 @@ extern bool __vmalloc_start_set; /* set once high_memory is set */
863 + #define LAST_PKMAP 1024
864 + #endif
865 +
866 +-#define PKMAP_BASE ((FIXADDR_START - PAGE_SIZE * (LAST_PKMAP + 1)) \
867 +- & PMD_MASK)
868 ++/*
869 ++ * Define this here and validate with BUILD_BUG_ON() in pgtable_32.c
870 ++ * to avoid include recursion hell
871 ++ */
872 ++#define CPU_ENTRY_AREA_PAGES (NR_CPUS * 40)
873 ++
874 ++#define CPU_ENTRY_AREA_BASE \
875 ++ ((FIXADDR_START - PAGE_SIZE * (CPU_ENTRY_AREA_PAGES + 1)) & PMD_MASK)
876 ++
877 ++#define PKMAP_BASE \
878 ++ ((CPU_ENTRY_AREA_BASE - PAGE_SIZE) & PMD_MASK)
879 +
880 + #ifdef CONFIG_HIGHMEM
881 + # define VMALLOC_END (PKMAP_BASE - 2 * PAGE_SIZE)
882 + #else
883 +-# define VMALLOC_END (FIXADDR_START - 2 * PAGE_SIZE)
884 ++# define VMALLOC_END (CPU_ENTRY_AREA_BASE - 2 * PAGE_SIZE)
885 + #endif
886 +
887 + #define MODULES_VADDR VMALLOC_START
888 +diff --git a/arch/x86/include/asm/pgtable_64_types.h b/arch/x86/include/asm/pgtable_64_types.h
889 +index 6d5f45dcd4a1..3d27831bc58d 100644
890 +--- a/arch/x86/include/asm/pgtable_64_types.h
891 ++++ b/arch/x86/include/asm/pgtable_64_types.h
892 +@@ -76,32 +76,41 @@ typedef struct { pteval_t pte; } pte_t;
893 + #define PGDIR_MASK (~(PGDIR_SIZE - 1))
894 +
895 + /* See Documentation/x86/x86_64/mm.txt for a description of the memory map. */
896 +-#define MAXMEM _AC(__AC(1, UL) << MAX_PHYSMEM_BITS, UL)
897 ++#define MAXMEM _AC(__AC(1, UL) << MAX_PHYSMEM_BITS, UL)
898 ++
899 + #ifdef CONFIG_X86_5LEVEL
900 +-#define VMALLOC_SIZE_TB _AC(16384, UL)
901 +-#define __VMALLOC_BASE _AC(0xff92000000000000, UL)
902 +-#define __VMEMMAP_BASE _AC(0xffd4000000000000, UL)
903 ++# define VMALLOC_SIZE_TB _AC(16384, UL)
904 ++# define __VMALLOC_BASE _AC(0xff92000000000000, UL)
905 ++# define __VMEMMAP_BASE _AC(0xffd4000000000000, UL)
906 + #else
907 +-#define VMALLOC_SIZE_TB _AC(32, UL)
908 +-#define __VMALLOC_BASE _AC(0xffffc90000000000, UL)
909 +-#define __VMEMMAP_BASE _AC(0xffffea0000000000, UL)
910 ++# define VMALLOC_SIZE_TB _AC(32, UL)
911 ++# define __VMALLOC_BASE _AC(0xffffc90000000000, UL)
912 ++# define __VMEMMAP_BASE _AC(0xffffea0000000000, UL)
913 + #endif
914 ++
915 + #ifdef CONFIG_RANDOMIZE_MEMORY
916 +-#define VMALLOC_START vmalloc_base
917 +-#define VMEMMAP_START vmemmap_base
918 ++# define VMALLOC_START vmalloc_base
919 ++# define VMEMMAP_START vmemmap_base
920 + #else
921 +-#define VMALLOC_START __VMALLOC_BASE
922 +-#define VMEMMAP_START __VMEMMAP_BASE
923 ++# define VMALLOC_START __VMALLOC_BASE
924 ++# define VMEMMAP_START __VMEMMAP_BASE
925 + #endif /* CONFIG_RANDOMIZE_MEMORY */
926 +-#define VMALLOC_END (VMALLOC_START + _AC((VMALLOC_SIZE_TB << 40) - 1, UL))
927 +-#define MODULES_VADDR (__START_KERNEL_map + KERNEL_IMAGE_SIZE)
928 ++
929 ++#define VMALLOC_END (VMALLOC_START + _AC((VMALLOC_SIZE_TB << 40) - 1, UL))
930 ++
931 ++#define MODULES_VADDR (__START_KERNEL_map + KERNEL_IMAGE_SIZE)
932 + /* The module sections ends with the start of the fixmap */
933 +-#define MODULES_END __fix_to_virt(__end_of_fixed_addresses + 1)
934 +-#define MODULES_LEN (MODULES_END - MODULES_VADDR)
935 +-#define ESPFIX_PGD_ENTRY _AC(-2, UL)
936 +-#define ESPFIX_BASE_ADDR (ESPFIX_PGD_ENTRY << P4D_SHIFT)
937 +-#define EFI_VA_START ( -4 * (_AC(1, UL) << 30))
938 +-#define EFI_VA_END (-68 * (_AC(1, UL) << 30))
939 ++#define MODULES_END __fix_to_virt(__end_of_fixed_addresses + 1)
940 ++#define MODULES_LEN (MODULES_END - MODULES_VADDR)
941 ++
942 ++#define ESPFIX_PGD_ENTRY _AC(-2, UL)
943 ++#define ESPFIX_BASE_ADDR (ESPFIX_PGD_ENTRY << P4D_SHIFT)
944 ++
945 ++#define CPU_ENTRY_AREA_PGD _AC(-3, UL)
946 ++#define CPU_ENTRY_AREA_BASE (CPU_ENTRY_AREA_PGD << P4D_SHIFT)
947 ++
948 ++#define EFI_VA_START ( -4 * (_AC(1, UL) << 30))
949 ++#define EFI_VA_END (-68 * (_AC(1, UL) << 30))
950 +
951 + #define EARLY_DYNAMIC_PAGE_TABLES 64
952 +
953 +diff --git a/arch/x86/include/asm/processor.h b/arch/x86/include/asm/processor.h
954 +index da943411d3d8..9e482d8b0b97 100644
955 +--- a/arch/x86/include/asm/processor.h
956 ++++ b/arch/x86/include/asm/processor.h
957 +@@ -336,12 +336,12 @@ struct x86_hw_tss {
958 + #define IO_BITMAP_OFFSET (offsetof(struct tss_struct, io_bitmap) - offsetof(struct tss_struct, x86_tss))
959 + #define INVALID_IO_BITMAP_OFFSET 0x8000
960 +
961 +-struct SYSENTER_stack {
962 ++struct entry_stack {
963 + unsigned long words[64];
964 + };
965 +
966 +-struct SYSENTER_stack_page {
967 +- struct SYSENTER_stack stack;
968 ++struct entry_stack_page {
969 ++ struct entry_stack stack;
970 + } __aligned(PAGE_SIZE);
971 +
972 + struct tss_struct {
973 +diff --git a/arch/x86/include/asm/stacktrace.h b/arch/x86/include/asm/stacktrace.h
974 +index f8062bfd43a0..f73706878772 100644
975 +--- a/arch/x86/include/asm/stacktrace.h
976 ++++ b/arch/x86/include/asm/stacktrace.h
977 +@@ -16,7 +16,7 @@ enum stack_type {
978 + STACK_TYPE_TASK,
979 + STACK_TYPE_IRQ,
980 + STACK_TYPE_SOFTIRQ,
981 +- STACK_TYPE_SYSENTER,
982 ++ STACK_TYPE_ENTRY,
983 + STACK_TYPE_EXCEPTION,
984 + STACK_TYPE_EXCEPTION_LAST = STACK_TYPE_EXCEPTION + N_EXCEPTION_STACKS-1,
985 + };
986 +@@ -29,7 +29,7 @@ struct stack_info {
987 + bool in_task_stack(unsigned long *stack, struct task_struct *task,
988 + struct stack_info *info);
989 +
990 +-bool in_sysenter_stack(unsigned long *stack, struct stack_info *info);
991 ++bool in_entry_stack(unsigned long *stack, struct stack_info *info);
992 +
993 + int get_stack_info(unsigned long *stack, struct task_struct *task,
994 + struct stack_info *info, unsigned long *visit_mask);
995 +diff --git a/arch/x86/include/asm/tlbflush.h b/arch/x86/include/asm/tlbflush.h
996 +index 509046cfa5ce..171b429f43a2 100644
997 +--- a/arch/x86/include/asm/tlbflush.h
998 ++++ b/arch/x86/include/asm/tlbflush.h
999 +@@ -9,70 +9,66 @@
1000 + #include <asm/cpufeature.h>
1001 + #include <asm/special_insns.h>
1002 + #include <asm/smp.h>
1003 ++#include <asm/invpcid.h>
1004 +
1005 +-static inline void __invpcid(unsigned long pcid, unsigned long addr,
1006 +- unsigned long type)
1007 ++static inline u64 inc_mm_tlb_gen(struct mm_struct *mm)
1008 + {
1009 +- struct { u64 d[2]; } desc = { { pcid, addr } };
1010 +-
1011 + /*
1012 +- * The memory clobber is because the whole point is to invalidate
1013 +- * stale TLB entries and, especially if we're flushing global
1014 +- * mappings, we don't want the compiler to reorder any subsequent
1015 +- * memory accesses before the TLB flush.
1016 +- *
1017 +- * The hex opcode is invpcid (%ecx), %eax in 32-bit mode and
1018 +- * invpcid (%rcx), %rax in long mode.
1019 ++ * Bump the generation count. This also serves as a full barrier
1020 ++ * that synchronizes with switch_mm(): callers are required to order
1021 ++ * their read of mm_cpumask after their writes to the paging
1022 ++ * structures.
1023 + */
1024 +- asm volatile (".byte 0x66, 0x0f, 0x38, 0x82, 0x01"
1025 +- : : "m" (desc), "a" (type), "c" (&desc) : "memory");
1026 ++ return atomic64_inc_return(&mm->context.tlb_gen);
1027 + }
1028 +
1029 +-#define INVPCID_TYPE_INDIV_ADDR 0
1030 +-#define INVPCID_TYPE_SINGLE_CTXT 1
1031 +-#define INVPCID_TYPE_ALL_INCL_GLOBAL 2
1032 +-#define INVPCID_TYPE_ALL_NON_GLOBAL 3
1033 +-
1034 +-/* Flush all mappings for a given pcid and addr, not including globals. */
1035 +-static inline void invpcid_flush_one(unsigned long pcid,
1036 +- unsigned long addr)
1037 +-{
1038 +- __invpcid(pcid, addr, INVPCID_TYPE_INDIV_ADDR);
1039 +-}
1040 ++/* There are 12 bits of space for ASIDS in CR3 */
1041 ++#define CR3_HW_ASID_BITS 12
1042 ++/*
1043 ++ * When enabled, PAGE_TABLE_ISOLATION consumes a single bit for
1044 ++ * user/kernel switches
1045 ++ */
1046 ++#define PTI_CONSUMED_ASID_BITS 0
1047 +
1048 +-/* Flush all mappings for a given PCID, not including globals. */
1049 +-static inline void invpcid_flush_single_context(unsigned long pcid)
1050 +-{
1051 +- __invpcid(pcid, 0, INVPCID_TYPE_SINGLE_CTXT);
1052 +-}
1053 ++#define CR3_AVAIL_ASID_BITS (CR3_HW_ASID_BITS - PTI_CONSUMED_ASID_BITS)
1054 ++/*
1055 ++ * ASIDs are zero-based: 0->MAX_AVAIL_ASID are valid. -1 below to account
1056 ++ * for them being zero-based. Another -1 is because ASID 0 is reserved for
1057 ++ * use by non-PCID-aware users.
1058 ++ */
1059 ++#define MAX_ASID_AVAILABLE ((1 << CR3_AVAIL_ASID_BITS) - 2)
1060 +
1061 +-/* Flush all mappings, including globals, for all PCIDs. */
1062 +-static inline void invpcid_flush_all(void)
1063 ++static inline u16 kern_pcid(u16 asid)
1064 + {
1065 +- __invpcid(0, 0, INVPCID_TYPE_ALL_INCL_GLOBAL);
1066 ++ VM_WARN_ON_ONCE(asid > MAX_ASID_AVAILABLE);
1067 ++ /*
1068 ++ * If PCID is on, ASID-aware code paths put the ASID+1 into the
1069 ++ * PCID bits. This serves two purposes. It prevents a nasty
1070 ++ * situation in which PCID-unaware code saves CR3, loads some other
1071 ++ * value (with PCID == 0), and then restores CR3, thus corrupting
1072 ++ * the TLB for ASID 0 if the saved ASID was nonzero. It also means
1073 ++ * that any bugs involving loading a PCID-enabled CR3 with
1074 ++ * CR4.PCIDE off will trigger deterministically.
1075 ++ */
1076 ++ return asid + 1;
1077 + }
1078 +
1079 +-/* Flush all mappings for all PCIDs except globals. */
1080 +-static inline void invpcid_flush_all_nonglobals(void)
1081 ++struct pgd_t;
1082 ++static inline unsigned long build_cr3(pgd_t *pgd, u16 asid)
1083 + {
1084 +- __invpcid(0, 0, INVPCID_TYPE_ALL_NON_GLOBAL);
1085 ++ if (static_cpu_has(X86_FEATURE_PCID)) {
1086 ++ return __sme_pa(pgd) | kern_pcid(asid);
1087 ++ } else {
1088 ++ VM_WARN_ON_ONCE(asid != 0);
1089 ++ return __sme_pa(pgd);
1090 ++ }
1091 + }
1092 +
1093 +-static inline u64 inc_mm_tlb_gen(struct mm_struct *mm)
1094 ++static inline unsigned long build_cr3_noflush(pgd_t *pgd, u16 asid)
1095 + {
1096 +- u64 new_tlb_gen;
1097 +-
1098 +- /*
1099 +- * Bump the generation count. This also serves as a full barrier
1100 +- * that synchronizes with switch_mm(): callers are required to order
1101 +- * their read of mm_cpumask after their writes to the paging
1102 +- * structures.
1103 +- */
1104 +- smp_mb__before_atomic();
1105 +- new_tlb_gen = atomic64_inc_return(&mm->context.tlb_gen);
1106 +- smp_mb__after_atomic();
1107 +-
1108 +- return new_tlb_gen;
1109 ++ VM_WARN_ON_ONCE(asid > MAX_ASID_AVAILABLE);
1110 ++ VM_WARN_ON_ONCE(!this_cpu_has(X86_FEATURE_PCID));
1111 ++ return __sme_pa(pgd) | kern_pcid(asid) | CR3_NOFLUSH;
1112 + }
1113 +
1114 + #ifdef CONFIG_PARAVIRT
1115 +@@ -234,6 +230,9 @@ static inline void cr4_set_bits_and_update_boot(unsigned long mask)
1116 +
1117 + extern void initialize_tlbstate_and_flush(void);
1118 +
1119 ++/*
1120 ++ * flush the entire current user mapping
1121 ++ */
1122 + static inline void __native_flush_tlb(void)
1123 + {
1124 + /*
1125 +@@ -246,20 +245,12 @@ static inline void __native_flush_tlb(void)
1126 + preempt_enable();
1127 + }
1128 +
1129 +-static inline void __native_flush_tlb_global_irq_disabled(void)
1130 +-{
1131 +- unsigned long cr4;
1132 +-
1133 +- cr4 = this_cpu_read(cpu_tlbstate.cr4);
1134 +- /* clear PGE */
1135 +- native_write_cr4(cr4 & ~X86_CR4_PGE);
1136 +- /* write old PGE again and flush TLBs */
1137 +- native_write_cr4(cr4);
1138 +-}
1139 +-
1140 ++/*
1141 ++ * flush everything
1142 ++ */
1143 + static inline void __native_flush_tlb_global(void)
1144 + {
1145 +- unsigned long flags;
1146 ++ unsigned long cr4, flags;
1147 +
1148 + if (static_cpu_has(X86_FEATURE_INVPCID)) {
1149 + /*
1150 +@@ -277,22 +268,36 @@ static inline void __native_flush_tlb_global(void)
1151 + */
1152 + raw_local_irq_save(flags);
1153 +
1154 +- __native_flush_tlb_global_irq_disabled();
1155 ++ cr4 = this_cpu_read(cpu_tlbstate.cr4);
1156 ++ /* toggle PGE */
1157 ++ native_write_cr4(cr4 ^ X86_CR4_PGE);
1158 ++ /* write old PGE again and flush TLBs */
1159 ++ native_write_cr4(cr4);
1160 +
1161 + raw_local_irq_restore(flags);
1162 + }
1163 +
1164 ++/*
1165 ++ * flush one page in the user mapping
1166 ++ */
1167 + static inline void __native_flush_tlb_single(unsigned long addr)
1168 + {
1169 + asm volatile("invlpg (%0)" ::"r" (addr) : "memory");
1170 + }
1171 +
1172 ++/*
1173 ++ * flush everything
1174 ++ */
1175 + static inline void __flush_tlb_all(void)
1176 + {
1177 +- if (boot_cpu_has(X86_FEATURE_PGE))
1178 ++ if (boot_cpu_has(X86_FEATURE_PGE)) {
1179 + __flush_tlb_global();
1180 +- else
1181 ++ } else {
1182 ++ /*
1183 ++ * !PGE -> !PCID (setup_pcid()), thus every flush is total.
1184 ++ */
1185 + __flush_tlb();
1186 ++ }
1187 +
1188 + /*
1189 + * Note: if we somehow had PCID but not PGE, then this wouldn't work --
1190 +@@ -303,6 +308,9 @@ static inline void __flush_tlb_all(void)
1191 + */
1192 + }
1193 +
1194 ++/*
1195 ++ * flush one page in the kernel mapping
1196 ++ */
1197 + static inline void __flush_tlb_one(unsigned long addr)
1198 + {
1199 + count_vm_tlb_event(NR_TLB_LOCAL_FLUSH_ONE);
1200 +diff --git a/arch/x86/kernel/asm-offsets.c b/arch/x86/kernel/asm-offsets.c
1201 +index cd360a5e0dca..676b7cf4b62b 100644
1202 +--- a/arch/x86/kernel/asm-offsets.c
1203 ++++ b/arch/x86/kernel/asm-offsets.c
1204 +@@ -97,6 +97,6 @@ void common(void) {
1205 + /* Layout info for cpu_entry_area */
1206 + OFFSET(CPU_ENTRY_AREA_tss, cpu_entry_area, tss);
1207 + OFFSET(CPU_ENTRY_AREA_entry_trampoline, cpu_entry_area, entry_trampoline);
1208 +- OFFSET(CPU_ENTRY_AREA_SYSENTER_stack, cpu_entry_area, SYSENTER_stack_page);
1209 +- DEFINE(SIZEOF_SYSENTER_stack, sizeof(struct SYSENTER_stack));
1210 ++ OFFSET(CPU_ENTRY_AREA_entry_stack, cpu_entry_area, entry_stack_page);
1211 ++ DEFINE(SIZEOF_entry_stack, sizeof(struct entry_stack));
1212 + }
1213 +diff --git a/arch/x86/kernel/asm-offsets_32.c b/arch/x86/kernel/asm-offsets_32.c
1214 +index 7d20d9c0b3d6..fa1261eefa16 100644
1215 +--- a/arch/x86/kernel/asm-offsets_32.c
1216 ++++ b/arch/x86/kernel/asm-offsets_32.c
1217 +@@ -48,7 +48,7 @@ void foo(void)
1218 +
1219 + /* Offset from the sysenter stack to tss.sp0 */
1220 + DEFINE(TSS_sysenter_sp0, offsetof(struct cpu_entry_area, tss.x86_tss.sp0) -
1221 +- offsetofend(struct cpu_entry_area, SYSENTER_stack_page.stack));
1222 ++ offsetofend(struct cpu_entry_area, entry_stack_page.stack));
1223 +
1224 + #ifdef CONFIG_CC_STACKPROTECTOR
1225 + BLANK();
1226 +diff --git a/arch/x86/kernel/cpu/common.c b/arch/x86/kernel/cpu/common.c
1227 +index 034900623adf..8ddcfa4d4165 100644
1228 +--- a/arch/x86/kernel/cpu/common.c
1229 ++++ b/arch/x86/kernel/cpu/common.c
1230 +@@ -482,102 +482,8 @@ static const unsigned int exception_stack_sizes[N_EXCEPTION_STACKS] = {
1231 + [0 ... N_EXCEPTION_STACKS - 1] = EXCEPTION_STKSZ,
1232 + [DEBUG_STACK - 1] = DEBUG_STKSZ
1233 + };
1234 +-
1235 +-static DEFINE_PER_CPU_PAGE_ALIGNED(char, exception_stacks
1236 +- [(N_EXCEPTION_STACKS - 1) * EXCEPTION_STKSZ + DEBUG_STKSZ]);
1237 +-#endif
1238 +-
1239 +-static DEFINE_PER_CPU_PAGE_ALIGNED(struct SYSENTER_stack_page,
1240 +- SYSENTER_stack_storage);
1241 +-
1242 +-static void __init
1243 +-set_percpu_fixmap_pages(int idx, void *ptr, int pages, pgprot_t prot)
1244 +-{
1245 +- for ( ; pages; pages--, idx--, ptr += PAGE_SIZE)
1246 +- __set_fixmap(idx, per_cpu_ptr_to_phys(ptr), prot);
1247 +-}
1248 +-
1249 +-/* Setup the fixmap mappings only once per-processor */
1250 +-static void __init setup_cpu_entry_area(int cpu)
1251 +-{
1252 +-#ifdef CONFIG_X86_64
1253 +- extern char _entry_trampoline[];
1254 +-
1255 +- /* On 64-bit systems, we use a read-only fixmap GDT and TSS. */
1256 +- pgprot_t gdt_prot = PAGE_KERNEL_RO;
1257 +- pgprot_t tss_prot = PAGE_KERNEL_RO;
1258 +-#else
1259 +- /*
1260 +- * On native 32-bit systems, the GDT cannot be read-only because
1261 +- * our double fault handler uses a task gate, and entering through
1262 +- * a task gate needs to change an available TSS to busy. If the
1263 +- * GDT is read-only, that will triple fault. The TSS cannot be
1264 +- * read-only because the CPU writes to it on task switches.
1265 +- *
1266 +- * On Xen PV, the GDT must be read-only because the hypervisor
1267 +- * requires it.
1268 +- */
1269 +- pgprot_t gdt_prot = boot_cpu_has(X86_FEATURE_XENPV) ?
1270 +- PAGE_KERNEL_RO : PAGE_KERNEL;
1271 +- pgprot_t tss_prot = PAGE_KERNEL;
1272 +-#endif
1273 +-
1274 +- __set_fixmap(get_cpu_entry_area_index(cpu, gdt), get_cpu_gdt_paddr(cpu), gdt_prot);
1275 +- set_percpu_fixmap_pages(get_cpu_entry_area_index(cpu, SYSENTER_stack_page),
1276 +- per_cpu_ptr(&SYSENTER_stack_storage, cpu), 1,
1277 +- PAGE_KERNEL);
1278 +-
1279 +- /*
1280 +- * The Intel SDM says (Volume 3, 7.2.1):
1281 +- *
1282 +- * Avoid placing a page boundary in the part of the TSS that the
1283 +- * processor reads during a task switch (the first 104 bytes). The
1284 +- * processor may not correctly perform address translations if a
1285 +- * boundary occurs in this area. During a task switch, the processor
1286 +- * reads and writes into the first 104 bytes of each TSS (using
1287 +- * contiguous physical addresses beginning with the physical address
1288 +- * of the first byte of the TSS). So, after TSS access begins, if
1289 +- * part of the 104 bytes is not physically contiguous, the processor
1290 +- * will access incorrect information without generating a page-fault
1291 +- * exception.
1292 +- *
1293 +- * There are also a lot of errata involving the TSS spanning a page
1294 +- * boundary. Assert that we're not doing that.
1295 +- */
1296 +- BUILD_BUG_ON((offsetof(struct tss_struct, x86_tss) ^
1297 +- offsetofend(struct tss_struct, x86_tss)) & PAGE_MASK);
1298 +- BUILD_BUG_ON(sizeof(struct tss_struct) % PAGE_SIZE != 0);
1299 +- set_percpu_fixmap_pages(get_cpu_entry_area_index(cpu, tss),
1300 +- &per_cpu(cpu_tss_rw, cpu),
1301 +- sizeof(struct tss_struct) / PAGE_SIZE,
1302 +- tss_prot);
1303 +-
1304 +-#ifdef CONFIG_X86_32
1305 +- per_cpu(cpu_entry_area, cpu) = get_cpu_entry_area(cpu);
1306 + #endif
1307 +
1308 +-#ifdef CONFIG_X86_64
1309 +- BUILD_BUG_ON(sizeof(exception_stacks) % PAGE_SIZE != 0);
1310 +- BUILD_BUG_ON(sizeof(exception_stacks) !=
1311 +- sizeof(((struct cpu_entry_area *)0)->exception_stacks));
1312 +- set_percpu_fixmap_pages(get_cpu_entry_area_index(cpu, exception_stacks),
1313 +- &per_cpu(exception_stacks, cpu),
1314 +- sizeof(exception_stacks) / PAGE_SIZE,
1315 +- PAGE_KERNEL);
1316 +-
1317 +- __set_fixmap(get_cpu_entry_area_index(cpu, entry_trampoline),
1318 +- __pa_symbol(_entry_trampoline), PAGE_KERNEL_RX);
1319 +-#endif
1320 +-}
1321 +-
1322 +-void __init setup_cpu_entry_areas(void)
1323 +-{
1324 +- unsigned int cpu;
1325 +-
1326 +- for_each_possible_cpu(cpu)
1327 +- setup_cpu_entry_area(cpu);
1328 +-}
1329 +-
1330 + /* Load the original GDT from the per-cpu structure */
1331 + void load_direct_gdt(int cpu)
1332 + {
1333 +@@ -1323,7 +1229,7 @@ void enable_sep_cpu(void)
1334 +
1335 + tss->x86_tss.ss1 = __KERNEL_CS;
1336 + wrmsr(MSR_IA32_SYSENTER_CS, tss->x86_tss.ss1, 0);
1337 +- wrmsr(MSR_IA32_SYSENTER_ESP, (unsigned long)(cpu_SYSENTER_stack(cpu) + 1), 0);
1338 ++ wrmsr(MSR_IA32_SYSENTER_ESP, (unsigned long)(cpu_entry_stack(cpu) + 1), 0);
1339 + wrmsr(MSR_IA32_SYSENTER_EIP, (unsigned long)entry_SYSENTER_32, 0);
1340 +
1341 + put_cpu();
1342 +@@ -1440,7 +1346,7 @@ void syscall_init(void)
1343 + * AMD doesn't allow SYSENTER in long mode (either 32- or 64-bit).
1344 + */
1345 + wrmsrl_safe(MSR_IA32_SYSENTER_CS, (u64)__KERNEL_CS);
1346 +- wrmsrl_safe(MSR_IA32_SYSENTER_ESP, (unsigned long)(cpu_SYSENTER_stack(cpu) + 1));
1347 ++ wrmsrl_safe(MSR_IA32_SYSENTER_ESP, (unsigned long)(cpu_entry_stack(cpu) + 1));
1348 + wrmsrl_safe(MSR_IA32_SYSENTER_EIP, (u64)entry_SYSENTER_compat);
1349 + #else
1350 + wrmsrl(MSR_CSTAR, (unsigned long)ignore_sysret);
1351 +@@ -1655,7 +1561,7 @@ void cpu_init(void)
1352 + */
1353 + set_tss_desc(cpu, &get_cpu_entry_area(cpu)->tss.x86_tss);
1354 + load_TR_desc();
1355 +- load_sp0((unsigned long)(cpu_SYSENTER_stack(cpu) + 1));
1356 ++ load_sp0((unsigned long)(cpu_entry_stack(cpu) + 1));
1357 +
1358 + load_mm_ldt(&init_mm);
1359 +
1360 +diff --git a/arch/x86/kernel/cpu/microcode/intel.c b/arch/x86/kernel/cpu/microcode/intel.c
1361 +index 7dbcb7adf797..8ccdca6d3f9e 100644
1362 +--- a/arch/x86/kernel/cpu/microcode/intel.c
1363 ++++ b/arch/x86/kernel/cpu/microcode/intel.c
1364 +@@ -565,15 +565,6 @@ static void print_ucode(struct ucode_cpu_info *uci)
1365 + }
1366 + #else
1367 +
1368 +-/*
1369 +- * Flush global tlb. We only do this in x86_64 where paging has been enabled
1370 +- * already and PGE should be enabled as well.
1371 +- */
1372 +-static inline void flush_tlb_early(void)
1373 +-{
1374 +- __native_flush_tlb_global_irq_disabled();
1375 +-}
1376 +-
1377 + static inline void print_ucode(struct ucode_cpu_info *uci)
1378 + {
1379 + struct microcode_intel *mc;
1380 +@@ -602,10 +593,6 @@ static int apply_microcode_early(struct ucode_cpu_info *uci, bool early)
1381 + if (rev != mc->hdr.rev)
1382 + return -1;
1383 +
1384 +-#ifdef CONFIG_X86_64
1385 +- /* Flush global tlb. This is precaution. */
1386 +- flush_tlb_early();
1387 +-#endif
1388 + uci->cpu_sig.rev = rev;
1389 +
1390 + if (early)
1391 +diff --git a/arch/x86/kernel/dumpstack.c b/arch/x86/kernel/dumpstack.c
1392 +index bbd6d986e2d0..36b17e0febe8 100644
1393 +--- a/arch/x86/kernel/dumpstack.c
1394 ++++ b/arch/x86/kernel/dumpstack.c
1395 +@@ -18,6 +18,7 @@
1396 + #include <linux/nmi.h>
1397 + #include <linux/sysfs.h>
1398 +
1399 ++#include <asm/cpu_entry_area.h>
1400 + #include <asm/stacktrace.h>
1401 + #include <asm/unwind.h>
1402 +
1403 +@@ -43,9 +44,9 @@ bool in_task_stack(unsigned long *stack, struct task_struct *task,
1404 + return true;
1405 + }
1406 +
1407 +-bool in_sysenter_stack(unsigned long *stack, struct stack_info *info)
1408 ++bool in_entry_stack(unsigned long *stack, struct stack_info *info)
1409 + {
1410 +- struct SYSENTER_stack *ss = cpu_SYSENTER_stack(smp_processor_id());
1411 ++ struct entry_stack *ss = cpu_entry_stack(smp_processor_id());
1412 +
1413 + void *begin = ss;
1414 + void *end = ss + 1;
1415 +@@ -53,7 +54,7 @@ bool in_sysenter_stack(unsigned long *stack, struct stack_info *info)
1416 + if ((void *)stack < begin || (void *)stack >= end)
1417 + return false;
1418 +
1419 +- info->type = STACK_TYPE_SYSENTER;
1420 ++ info->type = STACK_TYPE_ENTRY;
1421 + info->begin = begin;
1422 + info->end = end;
1423 + info->next_sp = NULL;
1424 +@@ -111,13 +112,13 @@ void show_trace_log_lvl(struct task_struct *task, struct pt_regs *regs,
1425 + * - task stack
1426 + * - interrupt stack
1427 + * - HW exception stacks (double fault, nmi, debug, mce)
1428 +- * - SYSENTER stack
1429 ++ * - entry stack
1430 + *
1431 + * x86-32 can have up to four stacks:
1432 + * - task stack
1433 + * - softirq stack
1434 + * - hardirq stack
1435 +- * - SYSENTER stack
1436 ++ * - entry stack
1437 + */
1438 + for (regs = NULL; stack; stack = PTR_ALIGN(stack_info.next_sp, sizeof(long))) {
1439 + const char *stack_name;
1440 +diff --git a/arch/x86/kernel/dumpstack_32.c b/arch/x86/kernel/dumpstack_32.c
1441 +index 5ff13a6b3680..04170f63e3a1 100644
1442 +--- a/arch/x86/kernel/dumpstack_32.c
1443 ++++ b/arch/x86/kernel/dumpstack_32.c
1444 +@@ -26,8 +26,8 @@ const char *stack_type_name(enum stack_type type)
1445 + if (type == STACK_TYPE_SOFTIRQ)
1446 + return "SOFTIRQ";
1447 +
1448 +- if (type == STACK_TYPE_SYSENTER)
1449 +- return "SYSENTER";
1450 ++ if (type == STACK_TYPE_ENTRY)
1451 ++ return "ENTRY_TRAMPOLINE";
1452 +
1453 + return NULL;
1454 + }
1455 +@@ -96,7 +96,7 @@ int get_stack_info(unsigned long *stack, struct task_struct *task,
1456 + if (task != current)
1457 + goto unknown;
1458 +
1459 +- if (in_sysenter_stack(stack, info))
1460 ++ if (in_entry_stack(stack, info))
1461 + goto recursion_check;
1462 +
1463 + if (in_hardirq_stack(stack, info))
1464 +diff --git a/arch/x86/kernel/dumpstack_64.c b/arch/x86/kernel/dumpstack_64.c
1465 +index abc828f8c297..563e28d14f2c 100644
1466 +--- a/arch/x86/kernel/dumpstack_64.c
1467 ++++ b/arch/x86/kernel/dumpstack_64.c
1468 +@@ -37,8 +37,14 @@ const char *stack_type_name(enum stack_type type)
1469 + if (type == STACK_TYPE_IRQ)
1470 + return "IRQ";
1471 +
1472 +- if (type == STACK_TYPE_SYSENTER)
1473 +- return "SYSENTER";
1474 ++ if (type == STACK_TYPE_ENTRY) {
1475 ++ /*
1476 ++ * On 64-bit, we have a generic entry stack that we
1477 ++ * use for all the kernel entry points, including
1478 ++ * SYSENTER.
1479 ++ */
1480 ++ return "ENTRY_TRAMPOLINE";
1481 ++ }
1482 +
1483 + if (type >= STACK_TYPE_EXCEPTION && type <= STACK_TYPE_EXCEPTION_LAST)
1484 + return exception_stack_names[type - STACK_TYPE_EXCEPTION];
1485 +@@ -118,7 +124,7 @@ int get_stack_info(unsigned long *stack, struct task_struct *task,
1486 + if (in_irq_stack(stack, info))
1487 + goto recursion_check;
1488 +
1489 +- if (in_sysenter_stack(stack, info))
1490 ++ if (in_entry_stack(stack, info))
1491 + goto recursion_check;
1492 +
1493 + goto unknown;
1494 +diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c
1495 +index 1c1eae961340..a6b5d62f45a7 100644
1496 +--- a/arch/x86/kernel/ldt.c
1497 ++++ b/arch/x86/kernel/ldt.c
1498 +@@ -5,6 +5,11 @@
1499 + * Copyright (C) 2002 Andi Kleen
1500 + *
1501 + * This handles calls from both 32bit and 64bit mode.
1502 ++ *
1503 ++ * Lock order:
1504 ++ * contex.ldt_usr_sem
1505 ++ * mmap_sem
1506 ++ * context.lock
1507 + */
1508 +
1509 + #include <linux/errno.h>
1510 +@@ -42,7 +47,7 @@ static void refresh_ldt_segments(void)
1511 + #endif
1512 + }
1513 +
1514 +-/* context.lock is held for us, so we don't need any locking. */
1515 ++/* context.lock is held by the task which issued the smp function call */
1516 + static void flush_ldt(void *__mm)
1517 + {
1518 + struct mm_struct *mm = __mm;
1519 +@@ -99,15 +104,17 @@ static void finalize_ldt_struct(struct ldt_struct *ldt)
1520 + paravirt_alloc_ldt(ldt->entries, ldt->nr_entries);
1521 + }
1522 +
1523 +-/* context.lock is held */
1524 +-static void install_ldt(struct mm_struct *current_mm,
1525 +- struct ldt_struct *ldt)
1526 ++static void install_ldt(struct mm_struct *mm, struct ldt_struct *ldt)
1527 + {
1528 ++ mutex_lock(&mm->context.lock);
1529 ++
1530 + /* Synchronizes with READ_ONCE in load_mm_ldt. */
1531 +- smp_store_release(&current_mm->context.ldt, ldt);
1532 ++ smp_store_release(&mm->context.ldt, ldt);
1533 +
1534 +- /* Activate the LDT for all CPUs using current_mm. */
1535 +- on_each_cpu_mask(mm_cpumask(current_mm), flush_ldt, current_mm, true);
1536 ++ /* Activate the LDT for all CPUs using currents mm. */
1537 ++ on_each_cpu_mask(mm_cpumask(mm), flush_ldt, mm, true);
1538 ++
1539 ++ mutex_unlock(&mm->context.lock);
1540 + }
1541 +
1542 + static void free_ldt_struct(struct ldt_struct *ldt)
1543 +@@ -124,27 +131,20 @@ static void free_ldt_struct(struct ldt_struct *ldt)
1544 + }
1545 +
1546 + /*
1547 +- * we do not have to muck with descriptors here, that is
1548 +- * done in switch_mm() as needed.
1549 ++ * Called on fork from arch_dup_mmap(). Just copy the current LDT state,
1550 ++ * the new task is not running, so nothing can be installed.
1551 + */
1552 +-int init_new_context_ldt(struct task_struct *tsk, struct mm_struct *mm)
1553 ++int ldt_dup_context(struct mm_struct *old_mm, struct mm_struct *mm)
1554 + {
1555 + struct ldt_struct *new_ldt;
1556 +- struct mm_struct *old_mm;
1557 + int retval = 0;
1558 +
1559 +- mutex_init(&mm->context.lock);
1560 +- old_mm = current->mm;
1561 +- if (!old_mm) {
1562 +- mm->context.ldt = NULL;
1563 ++ if (!old_mm)
1564 + return 0;
1565 +- }
1566 +
1567 + mutex_lock(&old_mm->context.lock);
1568 +- if (!old_mm->context.ldt) {
1569 +- mm->context.ldt = NULL;
1570 ++ if (!old_mm->context.ldt)
1571 + goto out_unlock;
1572 +- }
1573 +
1574 + new_ldt = alloc_ldt_struct(old_mm->context.ldt->nr_entries);
1575 + if (!new_ldt) {
1576 +@@ -180,7 +180,7 @@ static int read_ldt(void __user *ptr, unsigned long bytecount)
1577 + unsigned long entries_size;
1578 + int retval;
1579 +
1580 +- mutex_lock(&mm->context.lock);
1581 ++ down_read(&mm->context.ldt_usr_sem);
1582 +
1583 + if (!mm->context.ldt) {
1584 + retval = 0;
1585 +@@ -209,7 +209,7 @@ static int read_ldt(void __user *ptr, unsigned long bytecount)
1586 + retval = bytecount;
1587 +
1588 + out_unlock:
1589 +- mutex_unlock(&mm->context.lock);
1590 ++ up_read(&mm->context.ldt_usr_sem);
1591 + return retval;
1592 + }
1593 +
1594 +@@ -269,7 +269,8 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode)
1595 + ldt.avl = 0;
1596 + }
1597 +
1598 +- mutex_lock(&mm->context.lock);
1599 ++ if (down_write_killable(&mm->context.ldt_usr_sem))
1600 ++ return -EINTR;
1601 +
1602 + old_ldt = mm->context.ldt;
1603 + old_nr_entries = old_ldt ? old_ldt->nr_entries : 0;
1604 +@@ -291,7 +292,7 @@ static int write_ldt(void __user *ptr, unsigned long bytecount, int oldmode)
1605 + error = 0;
1606 +
1607 + out_unlock:
1608 +- mutex_unlock(&mm->context.lock);
1609 ++ up_write(&mm->context.ldt_usr_sem);
1610 + out:
1611 + return error;
1612 + }
1613 +diff --git a/arch/x86/kernel/smpboot.c b/arch/x86/kernel/smpboot.c
1614 +index 142126ab5aae..12bf07d44dfe 100644
1615 +--- a/arch/x86/kernel/smpboot.c
1616 ++++ b/arch/x86/kernel/smpboot.c
1617 +@@ -990,12 +990,8 @@ static int do_boot_cpu(int apicid, int cpu, struct task_struct *idle,
1618 + initial_code = (unsigned long)start_secondary;
1619 + initial_stack = idle->thread.sp;
1620 +
1621 +- /*
1622 +- * Enable the espfix hack for this CPU
1623 +- */
1624 +-#ifdef CONFIG_X86_ESPFIX64
1625 ++ /* Enable the espfix hack for this CPU */
1626 + init_espfix_ap(cpu);
1627 +-#endif
1628 +
1629 + /* So we see what's up */
1630 + announce_cpu(cpu, apicid);
1631 +diff --git a/arch/x86/kernel/traps.c b/arch/x86/kernel/traps.c
1632 +index 74136fd16f49..7c16fe0b60c2 100644
1633 +--- a/arch/x86/kernel/traps.c
1634 ++++ b/arch/x86/kernel/traps.c
1635 +@@ -52,6 +52,7 @@
1636 + #include <asm/traps.h>
1637 + #include <asm/desc.h>
1638 + #include <asm/fpu/internal.h>
1639 ++#include <asm/cpu_entry_area.h>
1640 + #include <asm/mce.h>
1641 + #include <asm/fixmap.h>
1642 + #include <asm/mach_traps.h>
1643 +@@ -950,8 +951,9 @@ void __init trap_init(void)
1644 + * "sidt" instruction will not leak the location of the kernel, and
1645 + * to defend the IDT against arbitrary memory write vulnerabilities.
1646 + * It will be reloaded in cpu_init() */
1647 +- __set_fixmap(FIX_RO_IDT, __pa_symbol(idt_table), PAGE_KERNEL_RO);
1648 +- idt_descr.address = fix_to_virt(FIX_RO_IDT);
1649 ++ cea_set_pte(CPU_ENTRY_AREA_RO_IDT_VADDR, __pa_symbol(idt_table),
1650 ++ PAGE_KERNEL_RO);
1651 ++ idt_descr.address = CPU_ENTRY_AREA_RO_IDT;
1652 +
1653 + /*
1654 + * Should be a barrier for any external CPU state:
1655 +diff --git a/arch/x86/kvm/emulate.c b/arch/x86/kvm/emulate.c
1656 +index d90cdc77e077..7bbb5da2b49d 100644
1657 +--- a/arch/x86/kvm/emulate.c
1658 ++++ b/arch/x86/kvm/emulate.c
1659 +@@ -2404,9 +2404,21 @@ static int rsm_load_seg_64(struct x86_emulate_ctxt *ctxt, u64 smbase, int n)
1660 + }
1661 +
1662 + static int rsm_enter_protected_mode(struct x86_emulate_ctxt *ctxt,
1663 +- u64 cr0, u64 cr4)
1664 ++ u64 cr0, u64 cr3, u64 cr4)
1665 + {
1666 + int bad;
1667 ++ u64 pcid;
1668 ++
1669 ++ /* In order to later set CR4.PCIDE, CR3[11:0] must be zero. */
1670 ++ pcid = 0;
1671 ++ if (cr4 & X86_CR4_PCIDE) {
1672 ++ pcid = cr3 & 0xfff;
1673 ++ cr3 &= ~0xfff;
1674 ++ }
1675 ++
1676 ++ bad = ctxt->ops->set_cr(ctxt, 3, cr3);
1677 ++ if (bad)
1678 ++ return X86EMUL_UNHANDLEABLE;
1679 +
1680 + /*
1681 + * First enable PAE, long mode needs it before CR0.PG = 1 is set.
1682 +@@ -2425,6 +2437,12 @@ static int rsm_enter_protected_mode(struct x86_emulate_ctxt *ctxt,
1683 + bad = ctxt->ops->set_cr(ctxt, 4, cr4);
1684 + if (bad)
1685 + return X86EMUL_UNHANDLEABLE;
1686 ++ if (pcid) {
1687 ++ bad = ctxt->ops->set_cr(ctxt, 3, cr3 | pcid);
1688 ++ if (bad)
1689 ++ return X86EMUL_UNHANDLEABLE;
1690 ++ }
1691 ++
1692 + }
1693 +
1694 + return X86EMUL_CONTINUE;
1695 +@@ -2435,11 +2453,11 @@ static int rsm_load_state_32(struct x86_emulate_ctxt *ctxt, u64 smbase)
1696 + struct desc_struct desc;
1697 + struct desc_ptr dt;
1698 + u16 selector;
1699 +- u32 val, cr0, cr4;
1700 ++ u32 val, cr0, cr3, cr4;
1701 + int i;
1702 +
1703 + cr0 = GET_SMSTATE(u32, smbase, 0x7ffc);
1704 +- ctxt->ops->set_cr(ctxt, 3, GET_SMSTATE(u32, smbase, 0x7ff8));
1705 ++ cr3 = GET_SMSTATE(u32, smbase, 0x7ff8);
1706 + ctxt->eflags = GET_SMSTATE(u32, smbase, 0x7ff4) | X86_EFLAGS_FIXED;
1707 + ctxt->_eip = GET_SMSTATE(u32, smbase, 0x7ff0);
1708 +
1709 +@@ -2481,14 +2499,14 @@ static int rsm_load_state_32(struct x86_emulate_ctxt *ctxt, u64 smbase)
1710 +
1711 + ctxt->ops->set_smbase(ctxt, GET_SMSTATE(u32, smbase, 0x7ef8));
1712 +
1713 +- return rsm_enter_protected_mode(ctxt, cr0, cr4);
1714 ++ return rsm_enter_protected_mode(ctxt, cr0, cr3, cr4);
1715 + }
1716 +
1717 + static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt, u64 smbase)
1718 + {
1719 + struct desc_struct desc;
1720 + struct desc_ptr dt;
1721 +- u64 val, cr0, cr4;
1722 ++ u64 val, cr0, cr3, cr4;
1723 + u32 base3;
1724 + u16 selector;
1725 + int i, r;
1726 +@@ -2505,7 +2523,7 @@ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt, u64 smbase)
1727 + ctxt->ops->set_dr(ctxt, 7, (val & DR7_VOLATILE) | DR7_FIXED_1);
1728 +
1729 + cr0 = GET_SMSTATE(u64, smbase, 0x7f58);
1730 +- ctxt->ops->set_cr(ctxt, 3, GET_SMSTATE(u64, smbase, 0x7f50));
1731 ++ cr3 = GET_SMSTATE(u64, smbase, 0x7f50);
1732 + cr4 = GET_SMSTATE(u64, smbase, 0x7f48);
1733 + ctxt->ops->set_smbase(ctxt, GET_SMSTATE(u32, smbase, 0x7f00));
1734 + val = GET_SMSTATE(u64, smbase, 0x7ed0);
1735 +@@ -2533,7 +2551,7 @@ static int rsm_load_state_64(struct x86_emulate_ctxt *ctxt, u64 smbase)
1736 + dt.address = GET_SMSTATE(u64, smbase, 0x7e68);
1737 + ctxt->ops->set_gdt(ctxt, &dt);
1738 +
1739 +- r = rsm_enter_protected_mode(ctxt, cr0, cr4);
1740 ++ r = rsm_enter_protected_mode(ctxt, cr0, cr3, cr4);
1741 + if (r != X86EMUL_CONTINUE)
1742 + return r;
1743 +
1744 +diff --git a/arch/x86/kvm/mmu.c b/arch/x86/kvm/mmu.c
1745 +index 13ebeedcec07..0fce8d73403c 100644
1746 +--- a/arch/x86/kvm/mmu.c
1747 ++++ b/arch/x86/kvm/mmu.c
1748 +@@ -3382,7 +3382,7 @@ static int mmu_alloc_direct_roots(struct kvm_vcpu *vcpu)
1749 + spin_lock(&vcpu->kvm->mmu_lock);
1750 + if(make_mmu_pages_available(vcpu) < 0) {
1751 + spin_unlock(&vcpu->kvm->mmu_lock);
1752 +- return 1;
1753 ++ return -ENOSPC;
1754 + }
1755 + sp = kvm_mmu_get_page(vcpu, 0, 0,
1756 + vcpu->arch.mmu.shadow_root_level, 1, ACC_ALL);
1757 +@@ -3397,7 +3397,7 @@ static int mmu_alloc_direct_roots(struct kvm_vcpu *vcpu)
1758 + spin_lock(&vcpu->kvm->mmu_lock);
1759 + if (make_mmu_pages_available(vcpu) < 0) {
1760 + spin_unlock(&vcpu->kvm->mmu_lock);
1761 +- return 1;
1762 ++ return -ENOSPC;
1763 + }
1764 + sp = kvm_mmu_get_page(vcpu, i << (30 - PAGE_SHIFT),
1765 + i << 30, PT32_ROOT_LEVEL, 1, ACC_ALL);
1766 +@@ -3437,7 +3437,7 @@ static int mmu_alloc_shadow_roots(struct kvm_vcpu *vcpu)
1767 + spin_lock(&vcpu->kvm->mmu_lock);
1768 + if (make_mmu_pages_available(vcpu) < 0) {
1769 + spin_unlock(&vcpu->kvm->mmu_lock);
1770 +- return 1;
1771 ++ return -ENOSPC;
1772 + }
1773 + sp = kvm_mmu_get_page(vcpu, root_gfn, 0,
1774 + vcpu->arch.mmu.shadow_root_level, 0, ACC_ALL);
1775 +@@ -3474,7 +3474,7 @@ static int mmu_alloc_shadow_roots(struct kvm_vcpu *vcpu)
1776 + spin_lock(&vcpu->kvm->mmu_lock);
1777 + if (make_mmu_pages_available(vcpu) < 0) {
1778 + spin_unlock(&vcpu->kvm->mmu_lock);
1779 +- return 1;
1780 ++ return -ENOSPC;
1781 + }
1782 + sp = kvm_mmu_get_page(vcpu, root_gfn, i << 30, PT32_ROOT_LEVEL,
1783 + 0, ACC_ALL);
1784 +diff --git a/arch/x86/kvm/x86.c b/arch/x86/kvm/x86.c
1785 +index df62cdc7a258..075619a92ce7 100644
1786 +--- a/arch/x86/kvm/x86.c
1787 ++++ b/arch/x86/kvm/x86.c
1788 +@@ -7359,7 +7359,7 @@ int kvm_arch_vcpu_ioctl_set_regs(struct kvm_vcpu *vcpu, struct kvm_regs *regs)
1789 + #endif
1790 +
1791 + kvm_rip_write(vcpu, regs->rip);
1792 +- kvm_set_rflags(vcpu, regs->rflags);
1793 ++ kvm_set_rflags(vcpu, regs->rflags | X86_EFLAGS_FIXED);
1794 +
1795 + vcpu->arch.exception.pending = false;
1796 +
1797 +diff --git a/arch/x86/lib/x86-opcode-map.txt b/arch/x86/lib/x86-opcode-map.txt
1798 +index c4d55919fac1..e0b85930dd77 100644
1799 +--- a/arch/x86/lib/x86-opcode-map.txt
1800 ++++ b/arch/x86/lib/x86-opcode-map.txt
1801 +@@ -607,7 +607,7 @@ fb: psubq Pq,Qq | vpsubq Vx,Hx,Wx (66),(v1)
1802 + fc: paddb Pq,Qq | vpaddb Vx,Hx,Wx (66),(v1)
1803 + fd: paddw Pq,Qq | vpaddw Vx,Hx,Wx (66),(v1)
1804 + fe: paddd Pq,Qq | vpaddd Vx,Hx,Wx (66),(v1)
1805 +-ff:
1806 ++ff: UD0
1807 + EndTable
1808 +
1809 + Table: 3-byte opcode 1 (0x0f 0x38)
1810 +@@ -717,7 +717,7 @@ AVXcode: 2
1811 + 7e: vpermt2d/q Vx,Hx,Wx (66),(ev)
1812 + 7f: vpermt2ps/d Vx,Hx,Wx (66),(ev)
1813 + 80: INVEPT Gy,Mdq (66)
1814 +-81: INVPID Gy,Mdq (66)
1815 ++81: INVVPID Gy,Mdq (66)
1816 + 82: INVPCID Gy,Mdq (66)
1817 + 83: vpmultishiftqb Vx,Hx,Wx (66),(ev)
1818 + 88: vexpandps/d Vpd,Wpd (66),(ev)
1819 +@@ -970,6 +970,15 @@ GrpTable: Grp9
1820 + EndTable
1821 +
1822 + GrpTable: Grp10
1823 ++# all are UD1
1824 ++0: UD1
1825 ++1: UD1
1826 ++2: UD1
1827 ++3: UD1
1828 ++4: UD1
1829 ++5: UD1
1830 ++6: UD1
1831 ++7: UD1
1832 + EndTable
1833 +
1834 + # Grp11A and Grp11B are expressed as Grp11 in Intel SDM
1835 +diff --git a/arch/x86/mm/Makefile b/arch/x86/mm/Makefile
1836 +index 7ba7f3d7f477..2e0017af8f9b 100644
1837 +--- a/arch/x86/mm/Makefile
1838 ++++ b/arch/x86/mm/Makefile
1839 +@@ -10,7 +10,7 @@ CFLAGS_REMOVE_mem_encrypt.o = -pg
1840 + endif
1841 +
1842 + obj-y := init.o init_$(BITS).o fault.o ioremap.o extable.o pageattr.o mmap.o \
1843 +- pat.o pgtable.o physaddr.o setup_nx.o tlb.o
1844 ++ pat.o pgtable.o physaddr.o setup_nx.o tlb.o cpu_entry_area.o
1845 +
1846 + # Make sure __phys_addr has no stackprotector
1847 + nostackp := $(call cc-option, -fno-stack-protector)
1848 +diff --git a/arch/x86/mm/cpu_entry_area.c b/arch/x86/mm/cpu_entry_area.c
1849 +new file mode 100644
1850 +index 000000000000..fe814fd5e014
1851 +--- /dev/null
1852 ++++ b/arch/x86/mm/cpu_entry_area.c
1853 +@@ -0,0 +1,139 @@
1854 ++// SPDX-License-Identifier: GPL-2.0
1855 ++
1856 ++#include <linux/spinlock.h>
1857 ++#include <linux/percpu.h>
1858 ++
1859 ++#include <asm/cpu_entry_area.h>
1860 ++#include <asm/pgtable.h>
1861 ++#include <asm/fixmap.h>
1862 ++#include <asm/desc.h>
1863 ++
1864 ++static DEFINE_PER_CPU_PAGE_ALIGNED(struct entry_stack_page, entry_stack_storage);
1865 ++
1866 ++#ifdef CONFIG_X86_64
1867 ++static DEFINE_PER_CPU_PAGE_ALIGNED(char, exception_stacks
1868 ++ [(N_EXCEPTION_STACKS - 1) * EXCEPTION_STKSZ + DEBUG_STKSZ]);
1869 ++#endif
1870 ++
1871 ++struct cpu_entry_area *get_cpu_entry_area(int cpu)
1872 ++{
1873 ++ unsigned long va = CPU_ENTRY_AREA_PER_CPU + cpu * CPU_ENTRY_AREA_SIZE;
1874 ++ BUILD_BUG_ON(sizeof(struct cpu_entry_area) % PAGE_SIZE != 0);
1875 ++
1876 ++ return (struct cpu_entry_area *) va;
1877 ++}
1878 ++EXPORT_SYMBOL(get_cpu_entry_area);
1879 ++
1880 ++void cea_set_pte(void *cea_vaddr, phys_addr_t pa, pgprot_t flags)
1881 ++{
1882 ++ unsigned long va = (unsigned long) cea_vaddr;
1883 ++
1884 ++ set_pte_vaddr(va, pfn_pte(pa >> PAGE_SHIFT, flags));
1885 ++}
1886 ++
1887 ++static void __init
1888 ++cea_map_percpu_pages(void *cea_vaddr, void *ptr, int pages, pgprot_t prot)
1889 ++{
1890 ++ for ( ; pages; pages--, cea_vaddr+= PAGE_SIZE, ptr += PAGE_SIZE)
1891 ++ cea_set_pte(cea_vaddr, per_cpu_ptr_to_phys(ptr), prot);
1892 ++}
1893 ++
1894 ++/* Setup the fixmap mappings only once per-processor */
1895 ++static void __init setup_cpu_entry_area(int cpu)
1896 ++{
1897 ++#ifdef CONFIG_X86_64
1898 ++ extern char _entry_trampoline[];
1899 ++
1900 ++ /* On 64-bit systems, we use a read-only fixmap GDT and TSS. */
1901 ++ pgprot_t gdt_prot = PAGE_KERNEL_RO;
1902 ++ pgprot_t tss_prot = PAGE_KERNEL_RO;
1903 ++#else
1904 ++ /*
1905 ++ * On native 32-bit systems, the GDT cannot be read-only because
1906 ++ * our double fault handler uses a task gate, and entering through
1907 ++ * a task gate needs to change an available TSS to busy. If the
1908 ++ * GDT is read-only, that will triple fault. The TSS cannot be
1909 ++ * read-only because the CPU writes to it on task switches.
1910 ++ *
1911 ++ * On Xen PV, the GDT must be read-only because the hypervisor
1912 ++ * requires it.
1913 ++ */
1914 ++ pgprot_t gdt_prot = boot_cpu_has(X86_FEATURE_XENPV) ?
1915 ++ PAGE_KERNEL_RO : PAGE_KERNEL;
1916 ++ pgprot_t tss_prot = PAGE_KERNEL;
1917 ++#endif
1918 ++
1919 ++ cea_set_pte(&get_cpu_entry_area(cpu)->gdt, get_cpu_gdt_paddr(cpu),
1920 ++ gdt_prot);
1921 ++
1922 ++ cea_map_percpu_pages(&get_cpu_entry_area(cpu)->entry_stack_page,
1923 ++ per_cpu_ptr(&entry_stack_storage, cpu), 1,
1924 ++ PAGE_KERNEL);
1925 ++
1926 ++ /*
1927 ++ * The Intel SDM says (Volume 3, 7.2.1):
1928 ++ *
1929 ++ * Avoid placing a page boundary in the part of the TSS that the
1930 ++ * processor reads during a task switch (the first 104 bytes). The
1931 ++ * processor may not correctly perform address translations if a
1932 ++ * boundary occurs in this area. During a task switch, the processor
1933 ++ * reads and writes into the first 104 bytes of each TSS (using
1934 ++ * contiguous physical addresses beginning with the physical address
1935 ++ * of the first byte of the TSS). So, after TSS access begins, if
1936 ++ * part of the 104 bytes is not physically contiguous, the processor
1937 ++ * will access incorrect information without generating a page-fault
1938 ++ * exception.
1939 ++ *
1940 ++ * There are also a lot of errata involving the TSS spanning a page
1941 ++ * boundary. Assert that we're not doing that.
1942 ++ */
1943 ++ BUILD_BUG_ON((offsetof(struct tss_struct, x86_tss) ^
1944 ++ offsetofend(struct tss_struct, x86_tss)) & PAGE_MASK);
1945 ++ BUILD_BUG_ON(sizeof(struct tss_struct) % PAGE_SIZE != 0);
1946 ++ cea_map_percpu_pages(&get_cpu_entry_area(cpu)->tss,
1947 ++ &per_cpu(cpu_tss_rw, cpu),
1948 ++ sizeof(struct tss_struct) / PAGE_SIZE, tss_prot);
1949 ++
1950 ++#ifdef CONFIG_X86_32
1951 ++ per_cpu(cpu_entry_area, cpu) = get_cpu_entry_area(cpu);
1952 ++#endif
1953 ++
1954 ++#ifdef CONFIG_X86_64
1955 ++ BUILD_BUG_ON(sizeof(exception_stacks) % PAGE_SIZE != 0);
1956 ++ BUILD_BUG_ON(sizeof(exception_stacks) !=
1957 ++ sizeof(((struct cpu_entry_area *)0)->exception_stacks));
1958 ++ cea_map_percpu_pages(&get_cpu_entry_area(cpu)->exception_stacks,
1959 ++ &per_cpu(exception_stacks, cpu),
1960 ++ sizeof(exception_stacks) / PAGE_SIZE, PAGE_KERNEL);
1961 ++
1962 ++ cea_set_pte(&get_cpu_entry_area(cpu)->entry_trampoline,
1963 ++ __pa_symbol(_entry_trampoline), PAGE_KERNEL_RX);
1964 ++#endif
1965 ++}
1966 ++
1967 ++static __init void setup_cpu_entry_area_ptes(void)
1968 ++{
1969 ++#ifdef CONFIG_X86_32
1970 ++ unsigned long start, end;
1971 ++
1972 ++ BUILD_BUG_ON(CPU_ENTRY_AREA_PAGES * PAGE_SIZE < CPU_ENTRY_AREA_MAP_SIZE);
1973 ++ BUG_ON(CPU_ENTRY_AREA_BASE & ~PMD_MASK);
1974 ++
1975 ++ start = CPU_ENTRY_AREA_BASE;
1976 ++ end = start + CPU_ENTRY_AREA_MAP_SIZE;
1977 ++
1978 ++ /* Careful here: start + PMD_SIZE might wrap around */
1979 ++ for (; start < end && start >= CPU_ENTRY_AREA_BASE; start += PMD_SIZE)
1980 ++ populate_extra_pte(start);
1981 ++#endif
1982 ++}
1983 ++
1984 ++void __init setup_cpu_entry_areas(void)
1985 ++{
1986 ++ unsigned int cpu;
1987 ++
1988 ++ setup_cpu_entry_area_ptes();
1989 ++
1990 ++ for_each_possible_cpu(cpu)
1991 ++ setup_cpu_entry_area(cpu);
1992 ++}
1993 +diff --git a/arch/x86/mm/dump_pagetables.c b/arch/x86/mm/dump_pagetables.c
1994 +index 5e3ac6fe6c9e..43dedbfb7257 100644
1995 +--- a/arch/x86/mm/dump_pagetables.c
1996 ++++ b/arch/x86/mm/dump_pagetables.c
1997 +@@ -44,10 +44,12 @@ struct addr_marker {
1998 + unsigned long max_lines;
1999 + };
2000 +
2001 +-/* indices for address_markers; keep sync'd w/ address_markers below */
2002 ++/* Address space markers hints */
2003 ++
2004 ++#ifdef CONFIG_X86_64
2005 ++
2006 + enum address_markers_idx {
2007 + USER_SPACE_NR = 0,
2008 +-#ifdef CONFIG_X86_64
2009 + KERNEL_SPACE_NR,
2010 + LOW_KERNEL_NR,
2011 + VMALLOC_START_NR,
2012 +@@ -56,56 +58,74 @@ enum address_markers_idx {
2013 + KASAN_SHADOW_START_NR,
2014 + KASAN_SHADOW_END_NR,
2015 + #endif
2016 +-# ifdef CONFIG_X86_ESPFIX64
2017 ++ CPU_ENTRY_AREA_NR,
2018 ++#ifdef CONFIG_X86_ESPFIX64
2019 + ESPFIX_START_NR,
2020 +-# endif
2021 ++#endif
2022 ++#ifdef CONFIG_EFI
2023 ++ EFI_END_NR,
2024 ++#endif
2025 + HIGH_KERNEL_NR,
2026 + MODULES_VADDR_NR,
2027 + MODULES_END_NR,
2028 +-#else
2029 ++ FIXADDR_START_NR,
2030 ++ END_OF_SPACE_NR,
2031 ++};
2032 ++
2033 ++static struct addr_marker address_markers[] = {
2034 ++ [USER_SPACE_NR] = { 0, "User Space" },
2035 ++ [KERNEL_SPACE_NR] = { (1UL << 63), "Kernel Space" },
2036 ++ [LOW_KERNEL_NR] = { 0UL, "Low Kernel Mapping" },
2037 ++ [VMALLOC_START_NR] = { 0UL, "vmalloc() Area" },
2038 ++ [VMEMMAP_START_NR] = { 0UL, "Vmemmap" },
2039 ++#ifdef CONFIG_KASAN
2040 ++ [KASAN_SHADOW_START_NR] = { KASAN_SHADOW_START, "KASAN shadow" },
2041 ++ [KASAN_SHADOW_END_NR] = { KASAN_SHADOW_END, "KASAN shadow end" },
2042 ++#endif
2043 ++ [CPU_ENTRY_AREA_NR] = { CPU_ENTRY_AREA_BASE,"CPU entry Area" },
2044 ++#ifdef CONFIG_X86_ESPFIX64
2045 ++ [ESPFIX_START_NR] = { ESPFIX_BASE_ADDR, "ESPfix Area", 16 },
2046 ++#endif
2047 ++#ifdef CONFIG_EFI
2048 ++ [EFI_END_NR] = { EFI_VA_END, "EFI Runtime Services" },
2049 ++#endif
2050 ++ [HIGH_KERNEL_NR] = { __START_KERNEL_map, "High Kernel Mapping" },
2051 ++ [MODULES_VADDR_NR] = { MODULES_VADDR, "Modules" },
2052 ++ [MODULES_END_NR] = { MODULES_END, "End Modules" },
2053 ++ [FIXADDR_START_NR] = { FIXADDR_START, "Fixmap Area" },
2054 ++ [END_OF_SPACE_NR] = { -1, NULL }
2055 ++};
2056 ++
2057 ++#else /* CONFIG_X86_64 */
2058 ++
2059 ++enum address_markers_idx {
2060 ++ USER_SPACE_NR = 0,
2061 + KERNEL_SPACE_NR,
2062 + VMALLOC_START_NR,
2063 + VMALLOC_END_NR,
2064 +-# ifdef CONFIG_HIGHMEM
2065 ++#ifdef CONFIG_HIGHMEM
2066 + PKMAP_BASE_NR,
2067 +-# endif
2068 +- FIXADDR_START_NR,
2069 + #endif
2070 ++ CPU_ENTRY_AREA_NR,
2071 ++ FIXADDR_START_NR,
2072 ++ END_OF_SPACE_NR,
2073 + };
2074 +
2075 +-/* Address space markers hints */
2076 + static struct addr_marker address_markers[] = {
2077 +- { 0, "User Space" },
2078 +-#ifdef CONFIG_X86_64
2079 +- { 0x8000000000000000UL, "Kernel Space" },
2080 +- { 0/* PAGE_OFFSET */, "Low Kernel Mapping" },
2081 +- { 0/* VMALLOC_START */, "vmalloc() Area" },
2082 +- { 0/* VMEMMAP_START */, "Vmemmap" },
2083 +-#ifdef CONFIG_KASAN
2084 +- { KASAN_SHADOW_START, "KASAN shadow" },
2085 +- { KASAN_SHADOW_END, "KASAN shadow end" },
2086 ++ [USER_SPACE_NR] = { 0, "User Space" },
2087 ++ [KERNEL_SPACE_NR] = { PAGE_OFFSET, "Kernel Mapping" },
2088 ++ [VMALLOC_START_NR] = { 0UL, "vmalloc() Area" },
2089 ++ [VMALLOC_END_NR] = { 0UL, "vmalloc() End" },
2090 ++#ifdef CONFIG_HIGHMEM
2091 ++ [PKMAP_BASE_NR] = { 0UL, "Persistent kmap() Area" },
2092 + #endif
2093 +-# ifdef CONFIG_X86_ESPFIX64
2094 +- { ESPFIX_BASE_ADDR, "ESPfix Area", 16 },
2095 +-# endif
2096 +-# ifdef CONFIG_EFI
2097 +- { EFI_VA_END, "EFI Runtime Services" },
2098 +-# endif
2099 +- { __START_KERNEL_map, "High Kernel Mapping" },
2100 +- { MODULES_VADDR, "Modules" },
2101 +- { MODULES_END, "End Modules" },
2102 +-#else
2103 +- { PAGE_OFFSET, "Kernel Mapping" },
2104 +- { 0/* VMALLOC_START */, "vmalloc() Area" },
2105 +- { 0/*VMALLOC_END*/, "vmalloc() End" },
2106 +-# ifdef CONFIG_HIGHMEM
2107 +- { 0/*PKMAP_BASE*/, "Persistent kmap() Area" },
2108 +-# endif
2109 +- { 0/*FIXADDR_START*/, "Fixmap Area" },
2110 +-#endif
2111 +- { -1, NULL } /* End of list */
2112 ++ [CPU_ENTRY_AREA_NR] = { 0UL, "CPU entry area" },
2113 ++ [FIXADDR_START_NR] = { 0UL, "Fixmap area" },
2114 ++ [END_OF_SPACE_NR] = { -1, NULL }
2115 + };
2116 +
2117 ++#endif /* !CONFIG_X86_64 */
2118 ++
2119 + /* Multipliers for offsets within the PTEs */
2120 + #define PTE_LEVEL_MULT (PAGE_SIZE)
2121 + #define PMD_LEVEL_MULT (PTRS_PER_PTE * PTE_LEVEL_MULT)
2122 +@@ -140,7 +160,7 @@ static void printk_prot(struct seq_file *m, pgprot_t prot, int level, bool dmsg)
2123 + static const char * const level_name[] =
2124 + { "cr3", "pgd", "p4d", "pud", "pmd", "pte" };
2125 +
2126 +- if (!pgprot_val(prot)) {
2127 ++ if (!(pr & _PAGE_PRESENT)) {
2128 + /* Not present */
2129 + pt_dump_cont_printf(m, dmsg, " ");
2130 + } else {
2131 +@@ -525,8 +545,8 @@ static int __init pt_dump_init(void)
2132 + address_markers[PKMAP_BASE_NR].start_address = PKMAP_BASE;
2133 + # endif
2134 + address_markers[FIXADDR_START_NR].start_address = FIXADDR_START;
2135 ++ address_markers[CPU_ENTRY_AREA_NR].start_address = CPU_ENTRY_AREA_BASE;
2136 + #endif
2137 +-
2138 + return 0;
2139 + }
2140 + __initcall(pt_dump_init);
2141 +diff --git a/arch/x86/mm/init_32.c b/arch/x86/mm/init_32.c
2142 +index 8a64a6f2848d..135c9a7898c7 100644
2143 +--- a/arch/x86/mm/init_32.c
2144 ++++ b/arch/x86/mm/init_32.c
2145 +@@ -50,6 +50,7 @@
2146 + #include <asm/setup.h>
2147 + #include <asm/set_memory.h>
2148 + #include <asm/page_types.h>
2149 ++#include <asm/cpu_entry_area.h>
2150 + #include <asm/init.h>
2151 +
2152 + #include "mm_internal.h"
2153 +@@ -766,6 +767,7 @@ void __init mem_init(void)
2154 + mem_init_print_info(NULL);
2155 + printk(KERN_INFO "virtual kernel memory layout:\n"
2156 + " fixmap : 0x%08lx - 0x%08lx (%4ld kB)\n"
2157 ++ " cpu_entry : 0x%08lx - 0x%08lx (%4ld kB)\n"
2158 + #ifdef CONFIG_HIGHMEM
2159 + " pkmap : 0x%08lx - 0x%08lx (%4ld kB)\n"
2160 + #endif
2161 +@@ -777,6 +779,10 @@ void __init mem_init(void)
2162 + FIXADDR_START, FIXADDR_TOP,
2163 + (FIXADDR_TOP - FIXADDR_START) >> 10,
2164 +
2165 ++ CPU_ENTRY_AREA_BASE,
2166 ++ CPU_ENTRY_AREA_BASE + CPU_ENTRY_AREA_MAP_SIZE,
2167 ++ CPU_ENTRY_AREA_MAP_SIZE >> 10,
2168 ++
2169 + #ifdef CONFIG_HIGHMEM
2170 + PKMAP_BASE, PKMAP_BASE+LAST_PKMAP*PAGE_SIZE,
2171 + (LAST_PKMAP*PAGE_SIZE) >> 10,
2172 +diff --git a/arch/x86/mm/kasan_init_64.c b/arch/x86/mm/kasan_init_64.c
2173 +index 9ec70d780f1f..47388f0c0e59 100644
2174 +--- a/arch/x86/mm/kasan_init_64.c
2175 ++++ b/arch/x86/mm/kasan_init_64.c
2176 +@@ -15,6 +15,7 @@
2177 + #include <asm/tlbflush.h>
2178 + #include <asm/sections.h>
2179 + #include <asm/pgtable.h>
2180 ++#include <asm/cpu_entry_area.h>
2181 +
2182 + extern struct range pfn_mapped[E820_MAX_ENTRIES];
2183 +
2184 +@@ -322,31 +323,33 @@ void __init kasan_init(void)
2185 + map_range(&pfn_mapped[i]);
2186 + }
2187 +
2188 +- kasan_populate_zero_shadow(
2189 +- kasan_mem_to_shadow((void *)PAGE_OFFSET + MAXMEM),
2190 +- kasan_mem_to_shadow((void *)__START_KERNEL_map));
2191 +-
2192 +- kasan_populate_shadow((unsigned long)kasan_mem_to_shadow(_stext),
2193 +- (unsigned long)kasan_mem_to_shadow(_end),
2194 +- early_pfn_to_nid(__pa(_stext)));
2195 +-
2196 +- shadow_cpu_entry_begin = (void *)__fix_to_virt(FIX_CPU_ENTRY_AREA_BOTTOM);
2197 ++ shadow_cpu_entry_begin = (void *)CPU_ENTRY_AREA_BASE;
2198 + shadow_cpu_entry_begin = kasan_mem_to_shadow(shadow_cpu_entry_begin);
2199 + shadow_cpu_entry_begin = (void *)round_down((unsigned long)shadow_cpu_entry_begin,
2200 + PAGE_SIZE);
2201 +
2202 +- shadow_cpu_entry_end = (void *)(__fix_to_virt(FIX_CPU_ENTRY_AREA_TOP) + PAGE_SIZE);
2203 ++ shadow_cpu_entry_end = (void *)(CPU_ENTRY_AREA_BASE +
2204 ++ CPU_ENTRY_AREA_MAP_SIZE);
2205 + shadow_cpu_entry_end = kasan_mem_to_shadow(shadow_cpu_entry_end);
2206 + shadow_cpu_entry_end = (void *)round_up((unsigned long)shadow_cpu_entry_end,
2207 + PAGE_SIZE);
2208 +
2209 +- kasan_populate_zero_shadow(kasan_mem_to_shadow((void *)MODULES_END),
2210 +- shadow_cpu_entry_begin);
2211 ++ kasan_populate_zero_shadow(
2212 ++ kasan_mem_to_shadow((void *)PAGE_OFFSET + MAXMEM),
2213 ++ shadow_cpu_entry_begin);
2214 +
2215 + kasan_populate_shadow((unsigned long)shadow_cpu_entry_begin,
2216 + (unsigned long)shadow_cpu_entry_end, 0);
2217 +
2218 +- kasan_populate_zero_shadow(shadow_cpu_entry_end, (void *)KASAN_SHADOW_END);
2219 ++ kasan_populate_zero_shadow(shadow_cpu_entry_end,
2220 ++ kasan_mem_to_shadow((void *)__START_KERNEL_map));
2221 ++
2222 ++ kasan_populate_shadow((unsigned long)kasan_mem_to_shadow(_stext),
2223 ++ (unsigned long)kasan_mem_to_shadow(_end),
2224 ++ early_pfn_to_nid(__pa(_stext)));
2225 ++
2226 ++ kasan_populate_zero_shadow(kasan_mem_to_shadow((void *)MODULES_END),
2227 ++ (void *)KASAN_SHADOW_END);
2228 +
2229 + load_cr3(init_top_pgt);
2230 + __flush_tlb_all();
2231 +diff --git a/arch/x86/mm/pgtable_32.c b/arch/x86/mm/pgtable_32.c
2232 +index 6b9bf023a700..c3c5274410a9 100644
2233 +--- a/arch/x86/mm/pgtable_32.c
2234 ++++ b/arch/x86/mm/pgtable_32.c
2235 +@@ -10,6 +10,7 @@
2236 + #include <linux/pagemap.h>
2237 + #include <linux/spinlock.h>
2238 +
2239 ++#include <asm/cpu_entry_area.h>
2240 + #include <asm/pgtable.h>
2241 + #include <asm/pgalloc.h>
2242 + #include <asm/fixmap.h>
2243 +diff --git a/arch/x86/mm/tlb.c b/arch/x86/mm/tlb.c
2244 +index 3118392cdf75..0a1be3adc97e 100644
2245 +--- a/arch/x86/mm/tlb.c
2246 ++++ b/arch/x86/mm/tlb.c
2247 +@@ -128,7 +128,7 @@ void switch_mm_irqs_off(struct mm_struct *prev, struct mm_struct *next,
2248 + * isn't free.
2249 + */
2250 + #ifdef CONFIG_DEBUG_VM
2251 +- if (WARN_ON_ONCE(__read_cr3() != build_cr3(real_prev, prev_asid))) {
2252 ++ if (WARN_ON_ONCE(__read_cr3() != build_cr3(real_prev->pgd, prev_asid))) {
2253 + /*
2254 + * If we were to BUG here, we'd be very likely to kill
2255 + * the system so hard that we don't see the call trace.
2256 +@@ -195,7 +195,7 @@ void switch_mm_irqs_off(struct mm_struct *prev, struct mm_struct *next,
2257 + if (need_flush) {
2258 + this_cpu_write(cpu_tlbstate.ctxs[new_asid].ctx_id, next->context.ctx_id);
2259 + this_cpu_write(cpu_tlbstate.ctxs[new_asid].tlb_gen, next_tlb_gen);
2260 +- write_cr3(build_cr3(next, new_asid));
2261 ++ write_cr3(build_cr3(next->pgd, new_asid));
2262 +
2263 + /*
2264 + * NB: This gets called via leave_mm() in the idle path
2265 +@@ -208,7 +208,7 @@ void switch_mm_irqs_off(struct mm_struct *prev, struct mm_struct *next,
2266 + trace_tlb_flush_rcuidle(TLB_FLUSH_ON_TASK_SWITCH, TLB_FLUSH_ALL);
2267 + } else {
2268 + /* The new ASID is already up to date. */
2269 +- write_cr3(build_cr3_noflush(next, new_asid));
2270 ++ write_cr3(build_cr3_noflush(next->pgd, new_asid));
2271 +
2272 + /* See above wrt _rcuidle. */
2273 + trace_tlb_flush_rcuidle(TLB_FLUSH_ON_TASK_SWITCH, 0);
2274 +@@ -288,7 +288,7 @@ void initialize_tlbstate_and_flush(void)
2275 + !(cr4_read_shadow() & X86_CR4_PCIDE));
2276 +
2277 + /* Force ASID 0 and force a TLB flush. */
2278 +- write_cr3(build_cr3(mm, 0));
2279 ++ write_cr3(build_cr3(mm->pgd, 0));
2280 +
2281 + /* Reinitialize tlbstate. */
2282 + this_cpu_write(cpu_tlbstate.loaded_mm_asid, 0);
2283 +@@ -551,7 +551,7 @@ static void do_kernel_range_flush(void *info)
2284 +
2285 + /* flush range by one by one 'invlpg' */
2286 + for (addr = f->start; addr < f->end; addr += PAGE_SIZE)
2287 +- __flush_tlb_single(addr);
2288 ++ __flush_tlb_one(addr);
2289 + }
2290 +
2291 + void flush_tlb_kernel_range(unsigned long start, unsigned long end)
2292 +diff --git a/arch/x86/platform/uv/tlb_uv.c b/arch/x86/platform/uv/tlb_uv.c
2293 +index f44c0bc95aa2..8538a6723171 100644
2294 +--- a/arch/x86/platform/uv/tlb_uv.c
2295 ++++ b/arch/x86/platform/uv/tlb_uv.c
2296 +@@ -299,7 +299,7 @@ static void bau_process_message(struct msg_desc *mdp, struct bau_control *bcp,
2297 + local_flush_tlb();
2298 + stat->d_alltlb++;
2299 + } else {
2300 +- __flush_tlb_one(msg->address);
2301 ++ __flush_tlb_single(msg->address);
2302 + stat->d_onetlb++;
2303 + }
2304 + stat->d_requestee++;
2305 +diff --git a/arch/x86/xen/mmu_pv.c b/arch/x86/xen/mmu_pv.c
2306 +index c2454237fa67..a0e2b8c6e5c7 100644
2307 +--- a/arch/x86/xen/mmu_pv.c
2308 ++++ b/arch/x86/xen/mmu_pv.c
2309 +@@ -2261,7 +2261,6 @@ static void xen_set_fixmap(unsigned idx, phys_addr_t phys, pgprot_t prot)
2310 +
2311 + switch (idx) {
2312 + case FIX_BTMAP_END ... FIX_BTMAP_BEGIN:
2313 +- case FIX_RO_IDT:
2314 + #ifdef CONFIG_X86_32
2315 + case FIX_WP_TEST:
2316 + # ifdef CONFIG_HIGHMEM
2317 +@@ -2272,7 +2271,6 @@ static void xen_set_fixmap(unsigned idx, phys_addr_t phys, pgprot_t prot)
2318 + #endif
2319 + case FIX_TEXT_POKE0:
2320 + case FIX_TEXT_POKE1:
2321 +- case FIX_CPU_ENTRY_AREA_TOP ... FIX_CPU_ENTRY_AREA_BOTTOM:
2322 + /* All local page mappings */
2323 + pte = pfn_pte(phys, prot);
2324 + break;
2325 +diff --git a/block/bio.c b/block/bio.c
2326 +index 33fa6b4af312..7f978eac9a7a 100644
2327 +--- a/block/bio.c
2328 ++++ b/block/bio.c
2329 +@@ -599,6 +599,8 @@ void __bio_clone_fast(struct bio *bio, struct bio *bio_src)
2330 + bio->bi_disk = bio_src->bi_disk;
2331 + bio->bi_partno = bio_src->bi_partno;
2332 + bio_set_flag(bio, BIO_CLONED);
2333 ++ if (bio_flagged(bio_src, BIO_THROTTLED))
2334 ++ bio_set_flag(bio, BIO_THROTTLED);
2335 + bio->bi_opf = bio_src->bi_opf;
2336 + bio->bi_write_hint = bio_src->bi_write_hint;
2337 + bio->bi_iter = bio_src->bi_iter;
2338 +diff --git a/block/blk-throttle.c b/block/blk-throttle.c
2339 +index 8631763866c6..a8cd7b3d9647 100644
2340 +--- a/block/blk-throttle.c
2341 ++++ b/block/blk-throttle.c
2342 +@@ -2223,13 +2223,7 @@ bool blk_throtl_bio(struct request_queue *q, struct blkcg_gq *blkg,
2343 + out_unlock:
2344 + spin_unlock_irq(q->queue_lock);
2345 + out:
2346 +- /*
2347 +- * As multiple blk-throtls may stack in the same issue path, we
2348 +- * don't want bios to leave with the flag set. Clear the flag if
2349 +- * being issued.
2350 +- */
2351 +- if (!throttled)
2352 +- bio_clear_flag(bio, BIO_THROTTLED);
2353 ++ bio_set_flag(bio, BIO_THROTTLED);
2354 +
2355 + #ifdef CONFIG_BLK_DEV_THROTTLING_LOW
2356 + if (throttled || !td->track_bio_latency)
2357 +diff --git a/crypto/af_alg.c b/crypto/af_alg.c
2358 +index e181073ef64d..6ec360213107 100644
2359 +--- a/crypto/af_alg.c
2360 ++++ b/crypto/af_alg.c
2361 +@@ -1165,12 +1165,6 @@ int af_alg_get_rsgl(struct sock *sk, struct msghdr *msg, int flags,
2362 + if (!af_alg_readable(sk))
2363 + break;
2364 +
2365 +- if (!ctx->used) {
2366 +- err = af_alg_wait_for_data(sk, flags);
2367 +- if (err)
2368 +- return err;
2369 +- }
2370 +-
2371 + seglen = min_t(size_t, (maxsize - len),
2372 + msg_data_left(msg));
2373 +
2374 +diff --git a/crypto/algif_aead.c b/crypto/algif_aead.c
2375 +index 3d793bc2aa82..782cb8fec323 100644
2376 +--- a/crypto/algif_aead.c
2377 ++++ b/crypto/algif_aead.c
2378 +@@ -111,6 +111,12 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,
2379 + size_t usedpages = 0; /* [in] RX bufs to be used from user */
2380 + size_t processed = 0; /* [in] TX bufs to be consumed */
2381 +
2382 ++ if (!ctx->used) {
2383 ++ err = af_alg_wait_for_data(sk, flags);
2384 ++ if (err)
2385 ++ return err;
2386 ++ }
2387 ++
2388 + /*
2389 + * Data length provided by caller via sendmsg/sendpage that has not
2390 + * yet been processed.
2391 +@@ -285,6 +291,10 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,
2392 + /* AIO operation */
2393 + sock_hold(sk);
2394 + areq->iocb = msg->msg_iocb;
2395 ++
2396 ++ /* Remember output size that will be generated. */
2397 ++ areq->outlen = outlen;
2398 ++
2399 + aead_request_set_callback(&areq->cra_u.aead_req,
2400 + CRYPTO_TFM_REQ_MAY_BACKLOG,
2401 + af_alg_async_cb, areq);
2402 +@@ -292,12 +302,8 @@ static int _aead_recvmsg(struct socket *sock, struct msghdr *msg,
2403 + crypto_aead_decrypt(&areq->cra_u.aead_req);
2404 +
2405 + /* AIO operation in progress */
2406 +- if (err == -EINPROGRESS || err == -EBUSY) {
2407 +- /* Remember output size that will be generated. */
2408 +- areq->outlen = outlen;
2409 +-
2410 ++ if (err == -EINPROGRESS || err == -EBUSY)
2411 + return -EIOCBQUEUED;
2412 +- }
2413 +
2414 + sock_put(sk);
2415 + } else {
2416 +diff --git a/crypto/algif_skcipher.c b/crypto/algif_skcipher.c
2417 +index 30ee2a8e8f42..7a3e663d54d5 100644
2418 +--- a/crypto/algif_skcipher.c
2419 ++++ b/crypto/algif_skcipher.c
2420 +@@ -72,6 +72,12 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg,
2421 + int err = 0;
2422 + size_t len = 0;
2423 +
2424 ++ if (!ctx->used) {
2425 ++ err = af_alg_wait_for_data(sk, flags);
2426 ++ if (err)
2427 ++ return err;
2428 ++ }
2429 ++
2430 + /* Allocate cipher request for current operation. */
2431 + areq = af_alg_alloc_areq(sk, sizeof(struct af_alg_async_req) +
2432 + crypto_skcipher_reqsize(tfm));
2433 +@@ -119,6 +125,10 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg,
2434 + /* AIO operation */
2435 + sock_hold(sk);
2436 + areq->iocb = msg->msg_iocb;
2437 ++
2438 ++ /* Remember output size that will be generated. */
2439 ++ areq->outlen = len;
2440 ++
2441 + skcipher_request_set_callback(&areq->cra_u.skcipher_req,
2442 + CRYPTO_TFM_REQ_MAY_SLEEP,
2443 + af_alg_async_cb, areq);
2444 +@@ -127,12 +137,8 @@ static int _skcipher_recvmsg(struct socket *sock, struct msghdr *msg,
2445 + crypto_skcipher_decrypt(&areq->cra_u.skcipher_req);
2446 +
2447 + /* AIO operation in progress */
2448 +- if (err == -EINPROGRESS || err == -EBUSY) {
2449 +- /* Remember output size that will be generated. */
2450 +- areq->outlen = len;
2451 +-
2452 ++ if (err == -EINPROGRESS || err == -EBUSY)
2453 + return -EIOCBQUEUED;
2454 +- }
2455 +
2456 + sock_put(sk);
2457 + } else {
2458 +diff --git a/crypto/mcryptd.c b/crypto/mcryptd.c
2459 +index 4e6472658852..eca04d3729b3 100644
2460 +--- a/crypto/mcryptd.c
2461 ++++ b/crypto/mcryptd.c
2462 +@@ -81,6 +81,7 @@ static int mcryptd_init_queue(struct mcryptd_queue *queue,
2463 + pr_debug("cpu_queue #%d %p\n", cpu, queue->cpu_queue);
2464 + crypto_init_queue(&cpu_queue->queue, max_cpu_qlen);
2465 + INIT_WORK(&cpu_queue->work, mcryptd_queue_worker);
2466 ++ spin_lock_init(&cpu_queue->q_lock);
2467 + }
2468 + return 0;
2469 + }
2470 +@@ -104,15 +105,16 @@ static int mcryptd_enqueue_request(struct mcryptd_queue *queue,
2471 + int cpu, err;
2472 + struct mcryptd_cpu_queue *cpu_queue;
2473 +
2474 +- cpu = get_cpu();
2475 +- cpu_queue = this_cpu_ptr(queue->cpu_queue);
2476 +- rctx->tag.cpu = cpu;
2477 ++ cpu_queue = raw_cpu_ptr(queue->cpu_queue);
2478 ++ spin_lock(&cpu_queue->q_lock);
2479 ++ cpu = smp_processor_id();
2480 ++ rctx->tag.cpu = smp_processor_id();
2481 +
2482 + err = crypto_enqueue_request(&cpu_queue->queue, request);
2483 + pr_debug("enqueue request: cpu %d cpu_queue %p request %p\n",
2484 + cpu, cpu_queue, request);
2485 ++ spin_unlock(&cpu_queue->q_lock);
2486 + queue_work_on(cpu, kcrypto_wq, &cpu_queue->work);
2487 +- put_cpu();
2488 +
2489 + return err;
2490 + }
2491 +@@ -161,16 +163,11 @@ static void mcryptd_queue_worker(struct work_struct *work)
2492 + cpu_queue = container_of(work, struct mcryptd_cpu_queue, work);
2493 + i = 0;
2494 + while (i < MCRYPTD_BATCH || single_task_running()) {
2495 +- /*
2496 +- * preempt_disable/enable is used to prevent
2497 +- * being preempted by mcryptd_enqueue_request()
2498 +- */
2499 +- local_bh_disable();
2500 +- preempt_disable();
2501 ++
2502 ++ spin_lock_bh(&cpu_queue->q_lock);
2503 + backlog = crypto_get_backlog(&cpu_queue->queue);
2504 + req = crypto_dequeue_request(&cpu_queue->queue);
2505 +- preempt_enable();
2506 +- local_bh_enable();
2507 ++ spin_unlock_bh(&cpu_queue->q_lock);
2508 +
2509 + if (!req) {
2510 + mcryptd_opportunistic_flush();
2511 +@@ -185,7 +182,7 @@ static void mcryptd_queue_worker(struct work_struct *work)
2512 + ++i;
2513 + }
2514 + if (cpu_queue->queue.qlen)
2515 +- queue_work(kcrypto_wq, &cpu_queue->work);
2516 ++ queue_work_on(smp_processor_id(), kcrypto_wq, &cpu_queue->work);
2517 + }
2518 +
2519 + void mcryptd_flusher(struct work_struct *__work)
2520 +diff --git a/crypto/skcipher.c b/crypto/skcipher.c
2521 +index 778e0ff42bfa..11af5fd6a443 100644
2522 +--- a/crypto/skcipher.c
2523 ++++ b/crypto/skcipher.c
2524 +@@ -449,6 +449,8 @@ static int skcipher_walk_skcipher(struct skcipher_walk *walk,
2525 +
2526 + walk->total = req->cryptlen;
2527 + walk->nbytes = 0;
2528 ++ walk->iv = req->iv;
2529 ++ walk->oiv = req->iv;
2530 +
2531 + if (unlikely(!walk->total))
2532 + return 0;
2533 +@@ -456,9 +458,6 @@ static int skcipher_walk_skcipher(struct skcipher_walk *walk,
2534 + scatterwalk_start(&walk->in, req->src);
2535 + scatterwalk_start(&walk->out, req->dst);
2536 +
2537 +- walk->iv = req->iv;
2538 +- walk->oiv = req->iv;
2539 +-
2540 + walk->flags &= ~SKCIPHER_WALK_SLEEP;
2541 + walk->flags |= req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP ?
2542 + SKCIPHER_WALK_SLEEP : 0;
2543 +@@ -510,6 +509,8 @@ static int skcipher_walk_aead_common(struct skcipher_walk *walk,
2544 + int err;
2545 +
2546 + walk->nbytes = 0;
2547 ++ walk->iv = req->iv;
2548 ++ walk->oiv = req->iv;
2549 +
2550 + if (unlikely(!walk->total))
2551 + return 0;
2552 +@@ -525,9 +526,6 @@ static int skcipher_walk_aead_common(struct skcipher_walk *walk,
2553 + scatterwalk_done(&walk->in, 0, walk->total);
2554 + scatterwalk_done(&walk->out, 0, walk->total);
2555 +
2556 +- walk->iv = req->iv;
2557 +- walk->oiv = req->iv;
2558 +-
2559 + if (req->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP)
2560 + walk->flags |= SKCIPHER_WALK_SLEEP;
2561 + else
2562 +diff --git a/drivers/acpi/apei/erst.c b/drivers/acpi/apei/erst.c
2563 +index 2c462beee551..a943cf17faa7 100644
2564 +--- a/drivers/acpi/apei/erst.c
2565 ++++ b/drivers/acpi/apei/erst.c
2566 +@@ -1007,7 +1007,7 @@ static ssize_t erst_reader(struct pstore_record *record)
2567 + /* The record may be cleared by others, try read next record */
2568 + if (len == -ENOENT)
2569 + goto skip;
2570 +- else if (len < sizeof(*rcd)) {
2571 ++ else if (len < 0 || len < sizeof(*rcd)) {
2572 + rc = -EIO;
2573 + goto out;
2574 + }
2575 +diff --git a/drivers/acpi/nfit/core.c b/drivers/acpi/nfit/core.c
2576 +index 9c2c49b6a240..dea0fb3d6f64 100644
2577 +--- a/drivers/acpi/nfit/core.c
2578 ++++ b/drivers/acpi/nfit/core.c
2579 +@@ -1457,6 +1457,11 @@ static int acpi_nfit_add_dimm(struct acpi_nfit_desc *acpi_desc,
2580 + dev_name(&adev_dimm->dev));
2581 + return -ENXIO;
2582 + }
2583 ++ /*
2584 ++ * Record nfit_mem for the notification path to track back to
2585 ++ * the nfit sysfs attributes for this dimm device object.
2586 ++ */
2587 ++ dev_set_drvdata(&adev_dimm->dev, nfit_mem);
2588 +
2589 + /*
2590 + * Until standardization materializes we need to consider 4
2591 +@@ -1516,9 +1521,11 @@ static void shutdown_dimm_notify(void *data)
2592 + sysfs_put(nfit_mem->flags_attr);
2593 + nfit_mem->flags_attr = NULL;
2594 + }
2595 +- if (adev_dimm)
2596 ++ if (adev_dimm) {
2597 + acpi_remove_notify_handler(adev_dimm->handle,
2598 + ACPI_DEVICE_NOTIFY, acpi_nvdimm_notify);
2599 ++ dev_set_drvdata(&adev_dimm->dev, NULL);
2600 ++ }
2601 + }
2602 + mutex_unlock(&acpi_desc->init_mutex);
2603 + }
2604 +diff --git a/drivers/char/ipmi/ipmi_si_intf.c b/drivers/char/ipmi/ipmi_si_intf.c
2605 +index e1cbb78c6806..c04aa11f0e21 100644
2606 +--- a/drivers/char/ipmi/ipmi_si_intf.c
2607 ++++ b/drivers/char/ipmi/ipmi_si_intf.c
2608 +@@ -3469,7 +3469,6 @@ static int add_smi(struct smi_info *new_smi)
2609 + ipmi_addr_src_to_str(new_smi->addr_source),
2610 + si_to_str[new_smi->si_type]);
2611 + rv = -EBUSY;
2612 +- kfree(new_smi);
2613 + goto out_err;
2614 + }
2615 + }
2616 +diff --git a/drivers/clk/sunxi/clk-sun9i-mmc.c b/drivers/clk/sunxi/clk-sun9i-mmc.c
2617 +index 6041bdba2e97..f69f9e8c6f38 100644
2618 +--- a/drivers/clk/sunxi/clk-sun9i-mmc.c
2619 ++++ b/drivers/clk/sunxi/clk-sun9i-mmc.c
2620 +@@ -16,6 +16,7 @@
2621 +
2622 + #include <linux/clk.h>
2623 + #include <linux/clk-provider.h>
2624 ++#include <linux/delay.h>
2625 + #include <linux/init.h>
2626 + #include <linux/of.h>
2627 + #include <linux/of_device.h>
2628 +@@ -83,9 +84,20 @@ static int sun9i_mmc_reset_deassert(struct reset_controller_dev *rcdev,
2629 + return 0;
2630 + }
2631 +
2632 ++static int sun9i_mmc_reset_reset(struct reset_controller_dev *rcdev,
2633 ++ unsigned long id)
2634 ++{
2635 ++ sun9i_mmc_reset_assert(rcdev, id);
2636 ++ udelay(10);
2637 ++ sun9i_mmc_reset_deassert(rcdev, id);
2638 ++
2639 ++ return 0;
2640 ++}
2641 ++
2642 + static const struct reset_control_ops sun9i_mmc_reset_ops = {
2643 + .assert = sun9i_mmc_reset_assert,
2644 + .deassert = sun9i_mmc_reset_deassert,
2645 ++ .reset = sun9i_mmc_reset_reset,
2646 + };
2647 +
2648 + static int sun9i_a80_mmc_config_clk_probe(struct platform_device *pdev)
2649 +diff --git a/drivers/gpu/drm/i915/i915_gem.c b/drivers/gpu/drm/i915/i915_gem.c
2650 +index dc1faa49687d..3b2c0538e48d 100644
2651 +--- a/drivers/gpu/drm/i915/i915_gem.c
2652 ++++ b/drivers/gpu/drm/i915/i915_gem.c
2653 +@@ -325,17 +325,10 @@ int i915_gem_object_unbind(struct drm_i915_gem_object *obj)
2654 + * must wait for all rendering to complete to the object (as unbinding
2655 + * must anyway), and retire the requests.
2656 + */
2657 +- ret = i915_gem_object_wait(obj,
2658 +- I915_WAIT_INTERRUPTIBLE |
2659 +- I915_WAIT_LOCKED |
2660 +- I915_WAIT_ALL,
2661 +- MAX_SCHEDULE_TIMEOUT,
2662 +- NULL);
2663 ++ ret = i915_gem_object_set_to_cpu_domain(obj, false);
2664 + if (ret)
2665 + return ret;
2666 +
2667 +- i915_gem_retire_requests(to_i915(obj->base.dev));
2668 +-
2669 + while ((vma = list_first_entry_or_null(&obj->vma_list,
2670 + struct i915_vma,
2671 + obj_link))) {
2672 +diff --git a/drivers/gpu/drm/sun4i/sun4i_tcon.c b/drivers/gpu/drm/sun4i/sun4i_tcon.c
2673 +index d9791292553e..7b909d814d38 100644
2674 +--- a/drivers/gpu/drm/sun4i/sun4i_tcon.c
2675 ++++ b/drivers/gpu/drm/sun4i/sun4i_tcon.c
2676 +@@ -567,12 +567,12 @@ static int sun4i_tcon_bind(struct device *dev, struct device *master,
2677 + if (IS_ERR(tcon->crtc)) {
2678 + dev_err(dev, "Couldn't create our CRTC\n");
2679 + ret = PTR_ERR(tcon->crtc);
2680 +- goto err_free_clocks;
2681 ++ goto err_free_dotclock;
2682 + }
2683 +
2684 + ret = sun4i_rgb_init(drm, tcon);
2685 + if (ret < 0)
2686 +- goto err_free_clocks;
2687 ++ goto err_free_dotclock;
2688 +
2689 + list_add_tail(&tcon->list, &drv->tcon_list);
2690 +
2691 +diff --git a/drivers/mfd/cros_ec_spi.c b/drivers/mfd/cros_ec_spi.c
2692 +index c9714072e224..a14196e95e9b 100644
2693 +--- a/drivers/mfd/cros_ec_spi.c
2694 ++++ b/drivers/mfd/cros_ec_spi.c
2695 +@@ -667,6 +667,7 @@ static int cros_ec_spi_probe(struct spi_device *spi)
2696 + sizeof(struct ec_response_get_protocol_info);
2697 + ec_dev->dout_size = sizeof(struct ec_host_request);
2698 +
2699 ++ ec_spi->last_transfer_ns = ktime_get_ns();
2700 +
2701 + err = cros_ec_register(ec_dev);
2702 + if (err) {
2703 +diff --git a/drivers/mfd/twl4030-audio.c b/drivers/mfd/twl4030-audio.c
2704 +index da16bf45fab4..dc94ffc6321a 100644
2705 +--- a/drivers/mfd/twl4030-audio.c
2706 ++++ b/drivers/mfd/twl4030-audio.c
2707 +@@ -159,13 +159,18 @@ unsigned int twl4030_audio_get_mclk(void)
2708 + EXPORT_SYMBOL_GPL(twl4030_audio_get_mclk);
2709 +
2710 + static bool twl4030_audio_has_codec(struct twl4030_audio_data *pdata,
2711 +- struct device_node *node)
2712 ++ struct device_node *parent)
2713 + {
2714 ++ struct device_node *node;
2715 ++
2716 + if (pdata && pdata->codec)
2717 + return true;
2718 +
2719 +- if (of_find_node_by_name(node, "codec"))
2720 ++ node = of_get_child_by_name(parent, "codec");
2721 ++ if (node) {
2722 ++ of_node_put(node);
2723 + return true;
2724 ++ }
2725 +
2726 + return false;
2727 + }
2728 +diff --git a/drivers/mfd/twl6040.c b/drivers/mfd/twl6040.c
2729 +index d66502d36ba0..dd19f17a1b63 100644
2730 +--- a/drivers/mfd/twl6040.c
2731 ++++ b/drivers/mfd/twl6040.c
2732 +@@ -97,12 +97,16 @@ static struct reg_sequence twl6040_patch[] = {
2733 + };
2734 +
2735 +
2736 +-static bool twl6040_has_vibra(struct device_node *node)
2737 ++static bool twl6040_has_vibra(struct device_node *parent)
2738 + {
2739 +-#ifdef CONFIG_OF
2740 +- if (of_find_node_by_name(node, "vibra"))
2741 ++ struct device_node *node;
2742 ++
2743 ++ node = of_get_child_by_name(parent, "vibra");
2744 ++ if (node) {
2745 ++ of_node_put(node);
2746 + return true;
2747 +-#endif
2748 ++ }
2749 ++
2750 + return false;
2751 + }
2752 +
2753 +diff --git a/drivers/net/ethernet/marvell/mvneta.c b/drivers/net/ethernet/marvell/mvneta.c
2754 +index bc93b69cfd1e..a539263cd79c 100644
2755 +--- a/drivers/net/ethernet/marvell/mvneta.c
2756 ++++ b/drivers/net/ethernet/marvell/mvneta.c
2757 +@@ -1214,6 +1214,10 @@ static void mvneta_port_disable(struct mvneta_port *pp)
2758 + val &= ~MVNETA_GMAC0_PORT_ENABLE;
2759 + mvreg_write(pp, MVNETA_GMAC_CTRL_0, val);
2760 +
2761 ++ pp->link = 0;
2762 ++ pp->duplex = -1;
2763 ++ pp->speed = 0;
2764 ++
2765 + udelay(200);
2766 + }
2767 +
2768 +@@ -1958,9 +1962,9 @@ static int mvneta_rx_swbm(struct mvneta_port *pp, int rx_todo,
2769 +
2770 + if (!mvneta_rxq_desc_is_first_last(rx_status) ||
2771 + (rx_status & MVNETA_RXD_ERR_SUMMARY)) {
2772 ++ mvneta_rx_error(pp, rx_desc);
2773 + err_drop_frame:
2774 + dev->stats.rx_errors++;
2775 +- mvneta_rx_error(pp, rx_desc);
2776 + /* leave the descriptor untouched */
2777 + continue;
2778 + }
2779 +@@ -3011,7 +3015,7 @@ static void mvneta_cleanup_rxqs(struct mvneta_port *pp)
2780 + {
2781 + int queue;
2782 +
2783 +- for (queue = 0; queue < txq_number; queue++)
2784 ++ for (queue = 0; queue < rxq_number; queue++)
2785 + mvneta_rxq_deinit(pp, &pp->rxqs[queue]);
2786 + }
2787 +
2788 +diff --git a/drivers/nvdimm/btt.c b/drivers/nvdimm/btt.c
2789 +index d5612bd1cc81..09428ebd315b 100644
2790 +--- a/drivers/nvdimm/btt.c
2791 ++++ b/drivers/nvdimm/btt.c
2792 +@@ -210,12 +210,12 @@ static int btt_map_read(struct arena_info *arena, u32 lba, u32 *mapping,
2793 + return ret;
2794 + }
2795 +
2796 +-static int btt_log_read_pair(struct arena_info *arena, u32 lane,
2797 +- struct log_entry *ent)
2798 ++static int btt_log_group_read(struct arena_info *arena, u32 lane,
2799 ++ struct log_group *log)
2800 + {
2801 + return arena_read_bytes(arena,
2802 +- arena->logoff + (2 * lane * LOG_ENT_SIZE), ent,
2803 +- 2 * LOG_ENT_SIZE, 0);
2804 ++ arena->logoff + (lane * LOG_GRP_SIZE), log,
2805 ++ LOG_GRP_SIZE, 0);
2806 + }
2807 +
2808 + static struct dentry *debugfs_root;
2809 +@@ -255,6 +255,8 @@ static void arena_debugfs_init(struct arena_info *a, struct dentry *parent,
2810 + debugfs_create_x64("logoff", S_IRUGO, d, &a->logoff);
2811 + debugfs_create_x64("info2off", S_IRUGO, d, &a->info2off);
2812 + debugfs_create_x32("flags", S_IRUGO, d, &a->flags);
2813 ++ debugfs_create_u32("log_index_0", S_IRUGO, d, &a->log_index[0]);
2814 ++ debugfs_create_u32("log_index_1", S_IRUGO, d, &a->log_index[1]);
2815 + }
2816 +
2817 + static void btt_debugfs_init(struct btt *btt)
2818 +@@ -273,6 +275,11 @@ static void btt_debugfs_init(struct btt *btt)
2819 + }
2820 + }
2821 +
2822 ++static u32 log_seq(struct log_group *log, int log_idx)
2823 ++{
2824 ++ return le32_to_cpu(log->ent[log_idx].seq);
2825 ++}
2826 ++
2827 + /*
2828 + * This function accepts two log entries, and uses the
2829 + * sequence number to find the 'older' entry.
2830 +@@ -282,8 +289,10 @@ static void btt_debugfs_init(struct btt *btt)
2831 + *
2832 + * TODO The logic feels a bit kludge-y. make it better..
2833 + */
2834 +-static int btt_log_get_old(struct log_entry *ent)
2835 ++static int btt_log_get_old(struct arena_info *a, struct log_group *log)
2836 + {
2837 ++ int idx0 = a->log_index[0];
2838 ++ int idx1 = a->log_index[1];
2839 + int old;
2840 +
2841 + /*
2842 +@@ -291,23 +300,23 @@ static int btt_log_get_old(struct log_entry *ent)
2843 + * the next time, the following logic works out to put this
2844 + * (next) entry into [1]
2845 + */
2846 +- if (ent[0].seq == 0) {
2847 +- ent[0].seq = cpu_to_le32(1);
2848 ++ if (log_seq(log, idx0) == 0) {
2849 ++ log->ent[idx0].seq = cpu_to_le32(1);
2850 + return 0;
2851 + }
2852 +
2853 +- if (ent[0].seq == ent[1].seq)
2854 ++ if (log_seq(log, idx0) == log_seq(log, idx1))
2855 + return -EINVAL;
2856 +- if (le32_to_cpu(ent[0].seq) + le32_to_cpu(ent[1].seq) > 5)
2857 ++ if (log_seq(log, idx0) + log_seq(log, idx1) > 5)
2858 + return -EINVAL;
2859 +
2860 +- if (le32_to_cpu(ent[0].seq) < le32_to_cpu(ent[1].seq)) {
2861 +- if (le32_to_cpu(ent[1].seq) - le32_to_cpu(ent[0].seq) == 1)
2862 ++ if (log_seq(log, idx0) < log_seq(log, idx1)) {
2863 ++ if ((log_seq(log, idx1) - log_seq(log, idx0)) == 1)
2864 + old = 0;
2865 + else
2866 + old = 1;
2867 + } else {
2868 +- if (le32_to_cpu(ent[0].seq) - le32_to_cpu(ent[1].seq) == 1)
2869 ++ if ((log_seq(log, idx0) - log_seq(log, idx1)) == 1)
2870 + old = 1;
2871 + else
2872 + old = 0;
2873 +@@ -327,17 +336,18 @@ static int btt_log_read(struct arena_info *arena, u32 lane,
2874 + {
2875 + int ret;
2876 + int old_ent, ret_ent;
2877 +- struct log_entry log[2];
2878 ++ struct log_group log;
2879 +
2880 +- ret = btt_log_read_pair(arena, lane, log);
2881 ++ ret = btt_log_group_read(arena, lane, &log);
2882 + if (ret)
2883 + return -EIO;
2884 +
2885 +- old_ent = btt_log_get_old(log);
2886 ++ old_ent = btt_log_get_old(arena, &log);
2887 + if (old_ent < 0 || old_ent > 1) {
2888 + dev_err(to_dev(arena),
2889 + "log corruption (%d): lane %d seq [%d, %d]\n",
2890 +- old_ent, lane, log[0].seq, log[1].seq);
2891 ++ old_ent, lane, log.ent[arena->log_index[0]].seq,
2892 ++ log.ent[arena->log_index[1]].seq);
2893 + /* TODO set error state? */
2894 + return -EIO;
2895 + }
2896 +@@ -345,7 +355,7 @@ static int btt_log_read(struct arena_info *arena, u32 lane,
2897 + ret_ent = (old_flag ? old_ent : (1 - old_ent));
2898 +
2899 + if (ent != NULL)
2900 +- memcpy(ent, &log[ret_ent], LOG_ENT_SIZE);
2901 ++ memcpy(ent, &log.ent[arena->log_index[ret_ent]], LOG_ENT_SIZE);
2902 +
2903 + return ret_ent;
2904 + }
2905 +@@ -359,17 +369,13 @@ static int __btt_log_write(struct arena_info *arena, u32 lane,
2906 + u32 sub, struct log_entry *ent, unsigned long flags)
2907 + {
2908 + int ret;
2909 +- /*
2910 +- * Ignore the padding in log_entry for calculating log_half.
2911 +- * The entry is 'committed' when we write the sequence number,
2912 +- * and we want to ensure that that is the last thing written.
2913 +- * We don't bother writing the padding as that would be extra
2914 +- * media wear and write amplification
2915 +- */
2916 +- unsigned int log_half = (LOG_ENT_SIZE - 2 * sizeof(u64)) / 2;
2917 +- u64 ns_off = arena->logoff + (((2 * lane) + sub) * LOG_ENT_SIZE);
2918 ++ u32 group_slot = arena->log_index[sub];
2919 ++ unsigned int log_half = LOG_ENT_SIZE / 2;
2920 + void *src = ent;
2921 ++ u64 ns_off;
2922 +
2923 ++ ns_off = arena->logoff + (lane * LOG_GRP_SIZE) +
2924 ++ (group_slot * LOG_ENT_SIZE);
2925 + /* split the 16B write into atomic, durable halves */
2926 + ret = arena_write_bytes(arena, ns_off, src, log_half, flags);
2927 + if (ret)
2928 +@@ -452,7 +458,7 @@ static int btt_log_init(struct arena_info *arena)
2929 + {
2930 + size_t logsize = arena->info2off - arena->logoff;
2931 + size_t chunk_size = SZ_4K, offset = 0;
2932 +- struct log_entry log;
2933 ++ struct log_entry ent;
2934 + void *zerobuf;
2935 + int ret;
2936 + u32 i;
2937 +@@ -484,11 +490,11 @@ static int btt_log_init(struct arena_info *arena)
2938 + }
2939 +
2940 + for (i = 0; i < arena->nfree; i++) {
2941 +- log.lba = cpu_to_le32(i);
2942 +- log.old_map = cpu_to_le32(arena->external_nlba + i);
2943 +- log.new_map = cpu_to_le32(arena->external_nlba + i);
2944 +- log.seq = cpu_to_le32(LOG_SEQ_INIT);
2945 +- ret = __btt_log_write(arena, i, 0, &log, 0);
2946 ++ ent.lba = cpu_to_le32(i);
2947 ++ ent.old_map = cpu_to_le32(arena->external_nlba + i);
2948 ++ ent.new_map = cpu_to_le32(arena->external_nlba + i);
2949 ++ ent.seq = cpu_to_le32(LOG_SEQ_INIT);
2950 ++ ret = __btt_log_write(arena, i, 0, &ent, 0);
2951 + if (ret)
2952 + goto free;
2953 + }
2954 +@@ -593,6 +599,123 @@ static int btt_freelist_init(struct arena_info *arena)
2955 + return 0;
2956 + }
2957 +
2958 ++static bool ent_is_padding(struct log_entry *ent)
2959 ++{
2960 ++ return (ent->lba == 0) && (ent->old_map == 0) && (ent->new_map == 0)
2961 ++ && (ent->seq == 0);
2962 ++}
2963 ++
2964 ++/*
2965 ++ * Detecting valid log indices: We read a log group (see the comments in btt.h
2966 ++ * for a description of a 'log_group' and its 'slots'), and iterate over its
2967 ++ * four slots. We expect that a padding slot will be all-zeroes, and use this
2968 ++ * to detect a padding slot vs. an actual entry.
2969 ++ *
2970 ++ * If a log_group is in the initial state, i.e. hasn't been used since the
2971 ++ * creation of this BTT layout, it will have three of the four slots with
2972 ++ * zeroes. We skip over these log_groups for the detection of log_index. If
2973 ++ * all log_groups are in the initial state (i.e. the BTT has never been
2974 ++ * written to), it is safe to assume the 'new format' of log entries in slots
2975 ++ * (0, 1).
2976 ++ */
2977 ++static int log_set_indices(struct arena_info *arena)
2978 ++{
2979 ++ bool idx_set = false, initial_state = true;
2980 ++ int ret, log_index[2] = {-1, -1};
2981 ++ u32 i, j, next_idx = 0;
2982 ++ struct log_group log;
2983 ++ u32 pad_count = 0;
2984 ++
2985 ++ for (i = 0; i < arena->nfree; i++) {
2986 ++ ret = btt_log_group_read(arena, i, &log);
2987 ++ if (ret < 0)
2988 ++ return ret;
2989 ++
2990 ++ for (j = 0; j < 4; j++) {
2991 ++ if (!idx_set) {
2992 ++ if (ent_is_padding(&log.ent[j])) {
2993 ++ pad_count++;
2994 ++ continue;
2995 ++ } else {
2996 ++ /* Skip if index has been recorded */
2997 ++ if ((next_idx == 1) &&
2998 ++ (j == log_index[0]))
2999 ++ continue;
3000 ++ /* valid entry, record index */
3001 ++ log_index[next_idx] = j;
3002 ++ next_idx++;
3003 ++ }
3004 ++ if (next_idx == 2) {
3005 ++ /* two valid entries found */
3006 ++ idx_set = true;
3007 ++ } else if (next_idx > 2) {
3008 ++ /* too many valid indices */
3009 ++ return -ENXIO;
3010 ++ }
3011 ++ } else {
3012 ++ /*
3013 ++ * once the indices have been set, just verify
3014 ++ * that all subsequent log groups are either in
3015 ++ * their initial state or follow the same
3016 ++ * indices.
3017 ++ */
3018 ++ if (j == log_index[0]) {
3019 ++ /* entry must be 'valid' */
3020 ++ if (ent_is_padding(&log.ent[j]))
3021 ++ return -ENXIO;
3022 ++ } else if (j == log_index[1]) {
3023 ++ ;
3024 ++ /*
3025 ++ * log_index[1] can be padding if the
3026 ++ * lane never got used and it is still
3027 ++ * in the initial state (three 'padding'
3028 ++ * entries)
3029 ++ */
3030 ++ } else {
3031 ++ /* entry must be invalid (padding) */
3032 ++ if (!ent_is_padding(&log.ent[j]))
3033 ++ return -ENXIO;
3034 ++ }
3035 ++ }
3036 ++ }
3037 ++ /*
3038 ++ * If any of the log_groups have more than one valid,
3039 ++ * non-padding entry, then the we are no longer in the
3040 ++ * initial_state
3041 ++ */
3042 ++ if (pad_count < 3)
3043 ++ initial_state = false;
3044 ++ pad_count = 0;
3045 ++ }
3046 ++
3047 ++ if (!initial_state && !idx_set)
3048 ++ return -ENXIO;
3049 ++
3050 ++ /*
3051 ++ * If all the entries in the log were in the initial state,
3052 ++ * assume new padding scheme
3053 ++ */
3054 ++ if (initial_state)
3055 ++ log_index[1] = 1;
3056 ++
3057 ++ /*
3058 ++ * Only allow the known permutations of log/padding indices,
3059 ++ * i.e. (0, 1), and (0, 2)
3060 ++ */
3061 ++ if ((log_index[0] == 0) && ((log_index[1] == 1) || (log_index[1] == 2)))
3062 ++ ; /* known index possibilities */
3063 ++ else {
3064 ++ dev_err(to_dev(arena), "Found an unknown padding scheme\n");
3065 ++ return -ENXIO;
3066 ++ }
3067 ++
3068 ++ arena->log_index[0] = log_index[0];
3069 ++ arena->log_index[1] = log_index[1];
3070 ++ dev_dbg(to_dev(arena), "log_index_0 = %d\n", log_index[0]);
3071 ++ dev_dbg(to_dev(arena), "log_index_1 = %d\n", log_index[1]);
3072 ++ return 0;
3073 ++}
3074 ++
3075 + static int btt_rtt_init(struct arena_info *arena)
3076 + {
3077 + arena->rtt = kcalloc(arena->nfree, sizeof(u32), GFP_KERNEL);
3078 +@@ -649,8 +772,7 @@ static struct arena_info *alloc_arena(struct btt *btt, size_t size,
3079 + available -= 2 * BTT_PG_SIZE;
3080 +
3081 + /* The log takes a fixed amount of space based on nfree */
3082 +- logsize = roundup(2 * arena->nfree * sizeof(struct log_entry),
3083 +- BTT_PG_SIZE);
3084 ++ logsize = roundup(arena->nfree * LOG_GRP_SIZE, BTT_PG_SIZE);
3085 + available -= logsize;
3086 +
3087 + /* Calculate optimal split between map and data area */
3088 +@@ -667,6 +789,10 @@ static struct arena_info *alloc_arena(struct btt *btt, size_t size,
3089 + arena->mapoff = arena->dataoff + datasize;
3090 + arena->logoff = arena->mapoff + mapsize;
3091 + arena->info2off = arena->logoff + logsize;
3092 ++
3093 ++ /* Default log indices are (0,1) */
3094 ++ arena->log_index[0] = 0;
3095 ++ arena->log_index[1] = 1;
3096 + return arena;
3097 + }
3098 +
3099 +@@ -757,6 +883,13 @@ static int discover_arenas(struct btt *btt)
3100 + arena->external_lba_start = cur_nlba;
3101 + parse_arena_meta(arena, super, cur_off);
3102 +
3103 ++ ret = log_set_indices(arena);
3104 ++ if (ret) {
3105 ++ dev_err(to_dev(arena),
3106 ++ "Unable to deduce log/padding indices\n");
3107 ++ goto out;
3108 ++ }
3109 ++
3110 + mutex_init(&arena->err_lock);
3111 + ret = btt_freelist_init(arena);
3112 + if (ret)
3113 +diff --git a/drivers/nvdimm/btt.h b/drivers/nvdimm/btt.h
3114 +index 578c2057524d..2609683c4167 100644
3115 +--- a/drivers/nvdimm/btt.h
3116 ++++ b/drivers/nvdimm/btt.h
3117 +@@ -27,6 +27,7 @@
3118 + #define MAP_ERR_MASK (1 << MAP_ERR_SHIFT)
3119 + #define MAP_LBA_MASK (~((1 << MAP_TRIM_SHIFT) | (1 << MAP_ERR_SHIFT)))
3120 + #define MAP_ENT_NORMAL 0xC0000000
3121 ++#define LOG_GRP_SIZE sizeof(struct log_group)
3122 + #define LOG_ENT_SIZE sizeof(struct log_entry)
3123 + #define ARENA_MIN_SIZE (1UL << 24) /* 16 MB */
3124 + #define ARENA_MAX_SIZE (1ULL << 39) /* 512 GB */
3125 +@@ -50,12 +51,52 @@ enum btt_init_state {
3126 + INIT_READY
3127 + };
3128 +
3129 ++/*
3130 ++ * A log group represents one log 'lane', and consists of four log entries.
3131 ++ * Two of the four entries are valid entries, and the remaining two are
3132 ++ * padding. Due to an old bug in the padding location, we need to perform a
3133 ++ * test to determine the padding scheme being used, and use that scheme
3134 ++ * thereafter.
3135 ++ *
3136 ++ * In kernels prior to 4.15, 'log group' would have actual log entries at
3137 ++ * indices (0, 2) and padding at indices (1, 3), where as the correct/updated
3138 ++ * format has log entries at indices (0, 1) and padding at indices (2, 3).
3139 ++ *
3140 ++ * Old (pre 4.15) format:
3141 ++ * +-----------------+-----------------+
3142 ++ * | ent[0] | ent[1] |
3143 ++ * | 16B | 16B |
3144 ++ * | lba/old/new/seq | pad |
3145 ++ * +-----------------------------------+
3146 ++ * | ent[2] | ent[3] |
3147 ++ * | 16B | 16B |
3148 ++ * | lba/old/new/seq | pad |
3149 ++ * +-----------------+-----------------+
3150 ++ *
3151 ++ * New format:
3152 ++ * +-----------------+-----------------+
3153 ++ * | ent[0] | ent[1] |
3154 ++ * | 16B | 16B |
3155 ++ * | lba/old/new/seq | lba/old/new/seq |
3156 ++ * +-----------------------------------+
3157 ++ * | ent[2] | ent[3] |
3158 ++ * | 16B | 16B |
3159 ++ * | pad | pad |
3160 ++ * +-----------------+-----------------+
3161 ++ *
3162 ++ * We detect during start-up which format is in use, and set
3163 ++ * arena->log_index[(0, 1)] with the detected format.
3164 ++ */
3165 ++
3166 + struct log_entry {
3167 + __le32 lba;
3168 + __le32 old_map;
3169 + __le32 new_map;
3170 + __le32 seq;
3171 +- __le64 padding[2];
3172 ++};
3173 ++
3174 ++struct log_group {
3175 ++ struct log_entry ent[4];
3176 + };
3177 +
3178 + struct btt_sb {
3179 +@@ -125,6 +166,7 @@ struct aligned_lock {
3180 + * @list: List head for list of arenas
3181 + * @debugfs_dir: Debugfs dentry
3182 + * @flags: Arena flags - may signify error states.
3183 ++ * @log_index: Indices of the valid log entries in a log_group
3184 + *
3185 + * arena_info is a per-arena handle. Once an arena is narrowed down for an
3186 + * IO, this struct is passed around for the duration of the IO.
3187 +@@ -157,6 +199,7 @@ struct arena_info {
3188 + /* Arena flags */
3189 + u32 flags;
3190 + struct mutex err_lock;
3191 ++ int log_index[2];
3192 + };
3193 +
3194 + /**
3195 +diff --git a/drivers/nvdimm/pfn_devs.c b/drivers/nvdimm/pfn_devs.c
3196 +index 65cc171c721d..2adada1a5855 100644
3197 +--- a/drivers/nvdimm/pfn_devs.c
3198 ++++ b/drivers/nvdimm/pfn_devs.c
3199 +@@ -364,9 +364,9 @@ struct device *nd_pfn_create(struct nd_region *nd_region)
3200 + int nd_pfn_validate(struct nd_pfn *nd_pfn, const char *sig)
3201 + {
3202 + u64 checksum, offset;
3203 +- unsigned long align;
3204 + enum nd_pfn_mode mode;
3205 + struct nd_namespace_io *nsio;
3206 ++ unsigned long align, start_pad;
3207 + struct nd_pfn_sb *pfn_sb = nd_pfn->pfn_sb;
3208 + struct nd_namespace_common *ndns = nd_pfn->ndns;
3209 + const u8 *parent_uuid = nd_dev_to_uuid(&ndns->dev);
3210 +@@ -410,6 +410,7 @@ int nd_pfn_validate(struct nd_pfn *nd_pfn, const char *sig)
3211 +
3212 + align = le32_to_cpu(pfn_sb->align);
3213 + offset = le64_to_cpu(pfn_sb->dataoff);
3214 ++ start_pad = le32_to_cpu(pfn_sb->start_pad);
3215 + if (align == 0)
3216 + align = 1UL << ilog2(offset);
3217 + mode = le32_to_cpu(pfn_sb->mode);
3218 +@@ -468,7 +469,7 @@ int nd_pfn_validate(struct nd_pfn *nd_pfn, const char *sig)
3219 + return -EBUSY;
3220 + }
3221 +
3222 +- if ((align && !IS_ALIGNED(offset, align))
3223 ++ if ((align && !IS_ALIGNED(nsio->res.start + offset + start_pad, align))
3224 + || !IS_ALIGNED(offset, PAGE_SIZE)) {
3225 + dev_err(&nd_pfn->dev,
3226 + "bad offset: %#llx dax disabled align: %#lx\n",
3227 +@@ -582,6 +583,12 @@ static struct vmem_altmap *__nvdimm_setup_pfn(struct nd_pfn *nd_pfn,
3228 + return altmap;
3229 + }
3230 +
3231 ++static u64 phys_pmem_align_down(struct nd_pfn *nd_pfn, u64 phys)
3232 ++{
3233 ++ return min_t(u64, PHYS_SECTION_ALIGN_DOWN(phys),
3234 ++ ALIGN_DOWN(phys, nd_pfn->align));
3235 ++}
3236 ++
3237 + static int nd_pfn_init(struct nd_pfn *nd_pfn)
3238 + {
3239 + u32 dax_label_reserve = is_nd_dax(&nd_pfn->dev) ? SZ_128K : 0;
3240 +@@ -637,13 +644,16 @@ static int nd_pfn_init(struct nd_pfn *nd_pfn)
3241 + start = nsio->res.start;
3242 + size = PHYS_SECTION_ALIGN_UP(start + size) - start;
3243 + if (region_intersects(start, size, IORESOURCE_SYSTEM_RAM,
3244 +- IORES_DESC_NONE) == REGION_MIXED) {
3245 ++ IORES_DESC_NONE) == REGION_MIXED
3246 ++ || !IS_ALIGNED(start + resource_size(&nsio->res),
3247 ++ nd_pfn->align)) {
3248 + size = resource_size(&nsio->res);
3249 +- end_trunc = start + size - PHYS_SECTION_ALIGN_DOWN(start + size);
3250 ++ end_trunc = start + size - phys_pmem_align_down(nd_pfn,
3251 ++ start + size);
3252 + }
3253 +
3254 + if (start_pad + end_trunc)
3255 +- dev_info(&nd_pfn->dev, "%s section collision, truncate %d bytes\n",
3256 ++ dev_info(&nd_pfn->dev, "%s alignment collision, truncate %d bytes\n",
3257 + dev_name(&ndns->dev), start_pad + end_trunc);
3258 +
3259 + /*
3260 +diff --git a/drivers/parisc/lba_pci.c b/drivers/parisc/lba_pci.c
3261 +index a25fed52f7e9..41b740aed3a3 100644
3262 +--- a/drivers/parisc/lba_pci.c
3263 ++++ b/drivers/parisc/lba_pci.c
3264 +@@ -1692,3 +1692,36 @@ void lba_set_iregs(struct parisc_device *lba, u32 ibase, u32 imask)
3265 + iounmap(base_addr);
3266 + }
3267 +
3268 ++
3269 ++/*
3270 ++ * The design of the Diva management card in rp34x0 machines (rp3410, rp3440)
3271 ++ * seems rushed, so that many built-in components simply don't work.
3272 ++ * The following quirks disable the serial AUX port and the built-in ATI RV100
3273 ++ * Radeon 7000 graphics card which both don't have any external connectors and
3274 ++ * thus are useless, and even worse, e.g. the AUX port occupies ttyS0 and as
3275 ++ * such makes those machines the only PARISC machines on which we can't use
3276 ++ * ttyS0 as boot console.
3277 ++ */
3278 ++static void quirk_diva_ati_card(struct pci_dev *dev)
3279 ++{
3280 ++ if (dev->subsystem_vendor != PCI_VENDOR_ID_HP ||
3281 ++ dev->subsystem_device != 0x1292)
3282 ++ return;
3283 ++
3284 ++ dev_info(&dev->dev, "Hiding Diva built-in ATI card");
3285 ++ dev->device = 0;
3286 ++}
3287 ++DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_ATI, PCI_DEVICE_ID_ATI_RADEON_QY,
3288 ++ quirk_diva_ati_card);
3289 ++
3290 ++static void quirk_diva_aux_disable(struct pci_dev *dev)
3291 ++{
3292 ++ if (dev->subsystem_vendor != PCI_VENDOR_ID_HP ||
3293 ++ dev->subsystem_device != 0x1291)
3294 ++ return;
3295 ++
3296 ++ dev_info(&dev->dev, "Hiding Diva built-in AUX serial device");
3297 ++ dev->device = 0;
3298 ++}
3299 ++DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_HP, PCI_DEVICE_ID_HP_DIVA_AUX,
3300 ++ quirk_diva_aux_disable);
3301 +diff --git a/drivers/pci/pci-driver.c b/drivers/pci/pci-driver.c
3302 +index 11bd267fc137..bb0927de79dd 100644
3303 +--- a/drivers/pci/pci-driver.c
3304 ++++ b/drivers/pci/pci-driver.c
3305 +@@ -968,7 +968,12 @@ static int pci_pm_thaw_noirq(struct device *dev)
3306 + if (pci_has_legacy_pm_support(pci_dev))
3307 + return pci_legacy_resume_early(dev);
3308 +
3309 +- pci_update_current_state(pci_dev, PCI_D0);
3310 ++ /*
3311 ++ * pci_restore_state() requires the device to be in D0 (because of MSI
3312 ++ * restoration among other things), so force it into D0 in case the
3313 ++ * driver's "freeze" callbacks put it into a low-power state directly.
3314 ++ */
3315 ++ pci_set_power_state(pci_dev, PCI_D0);
3316 + pci_restore_state(pci_dev);
3317 +
3318 + if (drv && drv->pm && drv->pm->thaw_noirq)
3319 +diff --git a/drivers/pinctrl/intel/pinctrl-cherryview.c b/drivers/pinctrl/intel/pinctrl-cherryview.c
3320 +index fadbca907c7c..0907531a02ca 100644
3321 +--- a/drivers/pinctrl/intel/pinctrl-cherryview.c
3322 ++++ b/drivers/pinctrl/intel/pinctrl-cherryview.c
3323 +@@ -1620,6 +1620,22 @@ static int chv_gpio_probe(struct chv_pinctrl *pctrl, int irq)
3324 + clear_bit(i, chip->irq_valid_mask);
3325 + }
3326 +
3327 ++ /*
3328 ++ * The same set of machines in chv_no_valid_mask[] have incorrectly
3329 ++ * configured GPIOs that generate spurious interrupts so we use
3330 ++ * this same list to apply another quirk for them.
3331 ++ *
3332 ++ * See also https://bugzilla.kernel.org/show_bug.cgi?id=197953.
3333 ++ */
3334 ++ if (!need_valid_mask) {
3335 ++ /*
3336 ++ * Mask all interrupts the community is able to generate
3337 ++ * but leave the ones that can only generate GPEs unmasked.
3338 ++ */
3339 ++ chv_writel(GENMASK(31, pctrl->community->nirqs),
3340 ++ pctrl->regs + CHV_INTMASK);
3341 ++ }
3342 ++
3343 + /* Clear all interrupts */
3344 + chv_writel(0xffff, pctrl->regs + CHV_INTSTAT);
3345 +
3346 +diff --git a/drivers/spi/spi-armada-3700.c b/drivers/spi/spi-armada-3700.c
3347 +index 568e1c65aa82..fe3fa1e8517a 100644
3348 +--- a/drivers/spi/spi-armada-3700.c
3349 ++++ b/drivers/spi/spi-armada-3700.c
3350 +@@ -79,6 +79,7 @@
3351 + #define A3700_SPI_BYTE_LEN BIT(5)
3352 + #define A3700_SPI_CLK_PRESCALE BIT(0)
3353 + #define A3700_SPI_CLK_PRESCALE_MASK (0x1f)
3354 ++#define A3700_SPI_CLK_EVEN_OFFS (0x10)
3355 +
3356 + #define A3700_SPI_WFIFO_THRS_BIT 28
3357 + #define A3700_SPI_RFIFO_THRS_BIT 24
3358 +@@ -220,6 +221,13 @@ static void a3700_spi_clock_set(struct a3700_spi *a3700_spi,
3359 +
3360 + prescale = DIV_ROUND_UP(clk_get_rate(a3700_spi->clk), speed_hz);
3361 +
3362 ++ /* For prescaler values over 15, we can only set it by steps of 2.
3363 ++ * Starting from A3700_SPI_CLK_EVEN_OFFS, we set values from 0 up to
3364 ++ * 30. We only use this range from 16 to 30.
3365 ++ */
3366 ++ if (prescale > 15)
3367 ++ prescale = A3700_SPI_CLK_EVEN_OFFS + DIV_ROUND_UP(prescale, 2);
3368 ++
3369 + val = spireg_read(a3700_spi, A3700_SPI_IF_CFG_REG);
3370 + val = val & ~A3700_SPI_CLK_PRESCALE_MASK;
3371 +
3372 +diff --git a/drivers/spi/spi-xilinx.c b/drivers/spi/spi-xilinx.c
3373 +index bc7100b93dfc..e0b9fe1d0e37 100644
3374 +--- a/drivers/spi/spi-xilinx.c
3375 ++++ b/drivers/spi/spi-xilinx.c
3376 +@@ -271,6 +271,7 @@ static int xilinx_spi_txrx_bufs(struct spi_device *spi, struct spi_transfer *t)
3377 + while (remaining_words) {
3378 + int n_words, tx_words, rx_words;
3379 + u32 sr;
3380 ++ int stalled;
3381 +
3382 + n_words = min(remaining_words, xspi->buffer_size);
3383 +
3384 +@@ -299,7 +300,17 @@ static int xilinx_spi_txrx_bufs(struct spi_device *spi, struct spi_transfer *t)
3385 +
3386 + /* Read out all the data from the Rx FIFO */
3387 + rx_words = n_words;
3388 ++ stalled = 10;
3389 + while (rx_words) {
3390 ++ if (rx_words == n_words && !(stalled--) &&
3391 ++ !(sr & XSPI_SR_TX_EMPTY_MASK) &&
3392 ++ (sr & XSPI_SR_RX_EMPTY_MASK)) {
3393 ++ dev_err(&spi->dev,
3394 ++ "Detected stall. Check C_SPI_MODE and C_SPI_MEMORY\n");
3395 ++ xspi_init_hw(xspi);
3396 ++ return -EIO;
3397 ++ }
3398 ++
3399 + if ((sr & XSPI_SR_TX_EMPTY_MASK) && (rx_words > 1)) {
3400 + xilinx_spi_rx(xspi);
3401 + rx_words--;
3402 +diff --git a/include/asm-generic/mm_hooks.h b/include/asm-generic/mm_hooks.h
3403 +index ea189d88a3cc..8ac4e68a12f0 100644
3404 +--- a/include/asm-generic/mm_hooks.h
3405 ++++ b/include/asm-generic/mm_hooks.h
3406 +@@ -7,9 +7,10 @@
3407 + #ifndef _ASM_GENERIC_MM_HOOKS_H
3408 + #define _ASM_GENERIC_MM_HOOKS_H
3409 +
3410 +-static inline void arch_dup_mmap(struct mm_struct *oldmm,
3411 +- struct mm_struct *mm)
3412 ++static inline int arch_dup_mmap(struct mm_struct *oldmm,
3413 ++ struct mm_struct *mm)
3414 + {
3415 ++ return 0;
3416 + }
3417 +
3418 + static inline void arch_exit_mmap(struct mm_struct *mm)
3419 +diff --git a/include/asm-generic/pgtable.h b/include/asm-generic/pgtable.h
3420 +index 1ac457511f4e..045a7f52ab3a 100644
3421 +--- a/include/asm-generic/pgtable.h
3422 ++++ b/include/asm-generic/pgtable.h
3423 +@@ -1025,6 +1025,11 @@ static inline int pmd_clear_huge(pmd_t *pmd)
3424 + struct file;
3425 + int phys_mem_access_prot_allowed(struct file *file, unsigned long pfn,
3426 + unsigned long size, pgprot_t *vma_prot);
3427 ++
3428 ++#ifndef CONFIG_X86_ESPFIX64
3429 ++static inline void init_espfix_bsp(void) { }
3430 ++#endif
3431 ++
3432 + #endif /* !__ASSEMBLY__ */
3433 +
3434 + #ifndef io_remap_pfn_range
3435 +diff --git a/include/crypto/mcryptd.h b/include/crypto/mcryptd.h
3436 +index cceafa01f907..b67404fc4b34 100644
3437 +--- a/include/crypto/mcryptd.h
3438 ++++ b/include/crypto/mcryptd.h
3439 +@@ -27,6 +27,7 @@ static inline struct mcryptd_ahash *__mcryptd_ahash_cast(
3440 +
3441 + struct mcryptd_cpu_queue {
3442 + struct crypto_queue queue;
3443 ++ spinlock_t q_lock;
3444 + struct work_struct work;
3445 + };
3446 +
3447 +diff --git a/include/linux/bio.h b/include/linux/bio.h
3448 +index 275c91c99516..45f00dd6323c 100644
3449 +--- a/include/linux/bio.h
3450 ++++ b/include/linux/bio.h
3451 +@@ -504,6 +504,8 @@ extern unsigned int bvec_nr_vecs(unsigned short idx);
3452 +
3453 + #define bio_set_dev(bio, bdev) \
3454 + do { \
3455 ++ if ((bio)->bi_disk != (bdev)->bd_disk) \
3456 ++ bio_clear_flag(bio, BIO_THROTTLED);\
3457 + (bio)->bi_disk = (bdev)->bd_disk; \
3458 + (bio)->bi_partno = (bdev)->bd_partno; \
3459 + } while (0)
3460 +diff --git a/include/linux/blk_types.h b/include/linux/blk_types.h
3461 +index 96ac3815542c..1c8a8a2aedf7 100644
3462 +--- a/include/linux/blk_types.h
3463 ++++ b/include/linux/blk_types.h
3464 +@@ -50,8 +50,6 @@ struct blk_issue_stat {
3465 + struct bio {
3466 + struct bio *bi_next; /* request queue link */
3467 + struct gendisk *bi_disk;
3468 +- u8 bi_partno;
3469 +- blk_status_t bi_status;
3470 + unsigned int bi_opf; /* bottom bits req flags,
3471 + * top bits REQ_OP. Use
3472 + * accessors.
3473 +@@ -59,8 +57,8 @@ struct bio {
3474 + unsigned short bi_flags; /* status, etc and bvec pool number */
3475 + unsigned short bi_ioprio;
3476 + unsigned short bi_write_hint;
3477 +-
3478 +- struct bvec_iter bi_iter;
3479 ++ blk_status_t bi_status;
3480 ++ u8 bi_partno;
3481 +
3482 + /* Number of segments in this BIO after
3483 + * physical address coalescing is performed.
3484 +@@ -74,8 +72,9 @@ struct bio {
3485 + unsigned int bi_seg_front_size;
3486 + unsigned int bi_seg_back_size;
3487 +
3488 +- atomic_t __bi_remaining;
3489 ++ struct bvec_iter bi_iter;
3490 +
3491 ++ atomic_t __bi_remaining;
3492 + bio_end_io_t *bi_end_io;
3493 +
3494 + void *bi_private;
3495 +diff --git a/include/linux/blkdev.h b/include/linux/blkdev.h
3496 +index 8da66379f7ea..fd47bd96b5d3 100644
3497 +--- a/include/linux/blkdev.h
3498 ++++ b/include/linux/blkdev.h
3499 +@@ -135,7 +135,7 @@ typedef __u32 __bitwise req_flags_t;
3500 + struct request {
3501 + struct list_head queuelist;
3502 + union {
3503 +- call_single_data_t csd;
3504 ++ struct __call_single_data csd;
3505 + u64 fifo_time;
3506 + };
3507 +
3508 +diff --git a/init/main.c b/init/main.c
3509 +index 0ee9c6866ada..8a390f60ec81 100644
3510 +--- a/init/main.c
3511 ++++ b/init/main.c
3512 +@@ -504,6 +504,8 @@ static void __init mm_init(void)
3513 + pgtable_init();
3514 + vmalloc_init();
3515 + ioremap_huge_init();
3516 ++ /* Should be run before the first non-init thread is created */
3517 ++ init_espfix_bsp();
3518 + }
3519 +
3520 + asmlinkage __visible void __init start_kernel(void)
3521 +@@ -673,10 +675,6 @@ asmlinkage __visible void __init start_kernel(void)
3522 + #ifdef CONFIG_X86
3523 + if (efi_enabled(EFI_RUNTIME_SERVICES))
3524 + efi_enter_virtual_mode();
3525 +-#endif
3526 +-#ifdef CONFIG_X86_ESPFIX64
3527 +- /* Should be run before the first non-init thread is created */
3528 +- init_espfix_bsp();
3529 + #endif
3530 + thread_stack_cache_init();
3531 + cred_init();
3532 +diff --git a/kernel/fork.c b/kernel/fork.c
3533 +index 07cc743698d3..500ce64517d9 100644
3534 +--- a/kernel/fork.c
3535 ++++ b/kernel/fork.c
3536 +@@ -721,8 +721,7 @@ static __latent_entropy int dup_mmap(struct mm_struct *mm,
3537 + goto out;
3538 + }
3539 + /* a new mm has just been created */
3540 +- arch_dup_mmap(oldmm, mm);
3541 +- retval = 0;
3542 ++ retval = arch_dup_mmap(oldmm, mm);
3543 + out:
3544 + up_write(&mm->mmap_sem);
3545 + flush_tlb_mm(oldmm);
3546 +diff --git a/net/ipv6/route.c b/net/ipv6/route.c
3547 +index 76b47682f77f..598efa8cfe25 100644
3548 +--- a/net/ipv6/route.c
3549 ++++ b/net/ipv6/route.c
3550 +@@ -1055,6 +1055,7 @@ static struct rt6_info *rt6_get_pcpu_route(struct rt6_info *rt)
3551 +
3552 + static struct rt6_info *rt6_make_pcpu_route(struct rt6_info *rt)
3553 + {
3554 ++ struct fib6_table *table = rt->rt6i_table;
3555 + struct rt6_info *pcpu_rt, *prev, **p;
3556 +
3557 + pcpu_rt = ip6_rt_pcpu_alloc(rt);
3558 +@@ -1065,20 +1066,28 @@ static struct rt6_info *rt6_make_pcpu_route(struct rt6_info *rt)
3559 + return net->ipv6.ip6_null_entry;
3560 + }
3561 +
3562 +- dst_hold(&pcpu_rt->dst);
3563 +- p = this_cpu_ptr(rt->rt6i_pcpu);
3564 +- prev = cmpxchg(p, NULL, pcpu_rt);
3565 +- if (prev) {
3566 +- /* If someone did it before us, return prev instead */
3567 +- /* release refcnt taken by ip6_rt_pcpu_alloc() */
3568 +- dst_release_immediate(&pcpu_rt->dst);
3569 +- /* release refcnt taken by above dst_hold() */
3570 ++ read_lock_bh(&table->tb6_lock);
3571 ++ if (rt->rt6i_pcpu) {
3572 ++ p = this_cpu_ptr(rt->rt6i_pcpu);
3573 ++ prev = cmpxchg(p, NULL, pcpu_rt);
3574 ++ if (prev) {
3575 ++ /* If someone did it before us, return prev instead */
3576 ++ dst_release_immediate(&pcpu_rt->dst);
3577 ++ pcpu_rt = prev;
3578 ++ }
3579 ++ } else {
3580 ++ /* rt has been removed from the fib6 tree
3581 ++ * before we have a chance to acquire the read_lock.
3582 ++ * In this case, don't brother to create a pcpu rt
3583 ++ * since rt is going away anyway. The next
3584 ++ * dst_check() will trigger a re-lookup.
3585 ++ */
3586 + dst_release_immediate(&pcpu_rt->dst);
3587 +- dst_hold(&prev->dst);
3588 +- pcpu_rt = prev;
3589 ++ pcpu_rt = rt;
3590 + }
3591 +-
3592 ++ dst_hold(&pcpu_rt->dst);
3593 + rt6_dst_from_metrics_check(pcpu_rt);
3594 ++ read_unlock_bh(&table->tb6_lock);
3595 + return pcpu_rt;
3596 + }
3597 +
3598 +@@ -1168,28 +1177,19 @@ struct rt6_info *ip6_pol_route(struct net *net, struct fib6_table *table,
3599 + if (pcpu_rt) {
3600 + read_unlock_bh(&table->tb6_lock);
3601 + } else {
3602 +- /* atomic_inc_not_zero() is needed when using rcu */
3603 +- if (atomic_inc_not_zero(&rt->rt6i_ref)) {
3604 +- /* We have to do the read_unlock first
3605 +- * because rt6_make_pcpu_route() may trigger
3606 +- * ip6_dst_gc() which will take the write_lock.
3607 +- *
3608 +- * No dst_hold() on rt is needed because grabbing
3609 +- * rt->rt6i_ref makes sure rt can't be released.
3610 +- */
3611 +- read_unlock_bh(&table->tb6_lock);
3612 +- pcpu_rt = rt6_make_pcpu_route(rt);
3613 +- rt6_release(rt);
3614 +- } else {
3615 +- /* rt is already removed from tree */
3616 +- read_unlock_bh(&table->tb6_lock);
3617 +- pcpu_rt = net->ipv6.ip6_null_entry;
3618 +- dst_hold(&pcpu_rt->dst);
3619 +- }
3620 ++ /* We have to do the read_unlock first
3621 ++ * because rt6_make_pcpu_route() may trigger
3622 ++ * ip6_dst_gc() which will take the write_lock.
3623 ++ */
3624 ++ dst_hold(&rt->dst);
3625 ++ read_unlock_bh(&table->tb6_lock);
3626 ++ pcpu_rt = rt6_make_pcpu_route(rt);
3627 ++ dst_release(&rt->dst);
3628 + }
3629 +
3630 + trace_fib6_table_lookup(net, pcpu_rt, table->tb6_id, fl6);
3631 + return pcpu_rt;
3632 ++
3633 + }
3634 + }
3635 + EXPORT_SYMBOL_GPL(ip6_pol_route);
3636 +diff --git a/sound/core/rawmidi.c b/sound/core/rawmidi.c
3637 +index b3b353d72527..f055ca10bbc1 100644
3638 +--- a/sound/core/rawmidi.c
3639 ++++ b/sound/core/rawmidi.c
3640 +@@ -579,15 +579,14 @@ static int snd_rawmidi_info_user(struct snd_rawmidi_substream *substream,
3641 + return 0;
3642 + }
3643 +
3644 +-int snd_rawmidi_info_select(struct snd_card *card, struct snd_rawmidi_info *info)
3645 ++static int __snd_rawmidi_info_select(struct snd_card *card,
3646 ++ struct snd_rawmidi_info *info)
3647 + {
3648 + struct snd_rawmidi *rmidi;
3649 + struct snd_rawmidi_str *pstr;
3650 + struct snd_rawmidi_substream *substream;
3651 +
3652 +- mutex_lock(&register_mutex);
3653 + rmidi = snd_rawmidi_search(card, info->device);
3654 +- mutex_unlock(&register_mutex);
3655 + if (!rmidi)
3656 + return -ENXIO;
3657 + if (info->stream < 0 || info->stream > 1)
3658 +@@ -603,6 +602,16 @@ int snd_rawmidi_info_select(struct snd_card *card, struct snd_rawmidi_info *info
3659 + }
3660 + return -ENXIO;
3661 + }
3662 ++
3663 ++int snd_rawmidi_info_select(struct snd_card *card, struct snd_rawmidi_info *info)
3664 ++{
3665 ++ int ret;
3666 ++
3667 ++ mutex_lock(&register_mutex);
3668 ++ ret = __snd_rawmidi_info_select(card, info);
3669 ++ mutex_unlock(&register_mutex);
3670 ++ return ret;
3671 ++}
3672 + EXPORT_SYMBOL(snd_rawmidi_info_select);
3673 +
3674 + static int snd_rawmidi_info_select_user(struct snd_card *card,
3675 +diff --git a/sound/pci/hda/patch_hdmi.c b/sound/pci/hda/patch_hdmi.c
3676 +index c19c81d230bd..b4f1b6e88305 100644
3677 +--- a/sound/pci/hda/patch_hdmi.c
3678 ++++ b/sound/pci/hda/patch_hdmi.c
3679 +@@ -55,10 +55,11 @@ MODULE_PARM_DESC(static_hdmi_pcm, "Don't restrict PCM parameters per ELD info");
3680 + #define is_kabylake(codec) ((codec)->core.vendor_id == 0x8086280b)
3681 + #define is_geminilake(codec) (((codec)->core.vendor_id == 0x8086280d) || \
3682 + ((codec)->core.vendor_id == 0x80862800))
3683 ++#define is_cannonlake(codec) ((codec)->core.vendor_id == 0x8086280c)
3684 + #define is_haswell_plus(codec) (is_haswell(codec) || is_broadwell(codec) \
3685 + || is_skylake(codec) || is_broxton(codec) \
3686 +- || is_kabylake(codec)) || is_geminilake(codec)
3687 +-
3688 ++ || is_kabylake(codec)) || is_geminilake(codec) \
3689 ++ || is_cannonlake(codec)
3690 + #define is_valleyview(codec) ((codec)->core.vendor_id == 0x80862882)
3691 + #define is_cherryview(codec) ((codec)->core.vendor_id == 0x80862883)
3692 + #define is_valleyview_plus(codec) (is_valleyview(codec) || is_cherryview(codec))
3693 +@@ -3841,6 +3842,7 @@ HDA_CODEC_ENTRY(0x80862808, "Broadwell HDMI", patch_i915_hsw_hdmi),
3694 + HDA_CODEC_ENTRY(0x80862809, "Skylake HDMI", patch_i915_hsw_hdmi),
3695 + HDA_CODEC_ENTRY(0x8086280a, "Broxton HDMI", patch_i915_hsw_hdmi),
3696 + HDA_CODEC_ENTRY(0x8086280b, "Kabylake HDMI", patch_i915_hsw_hdmi),
3697 ++HDA_CODEC_ENTRY(0x8086280c, "Cannonlake HDMI", patch_i915_glk_hdmi),
3698 + HDA_CODEC_ENTRY(0x8086280d, "Geminilake HDMI", patch_i915_glk_hdmi),
3699 + HDA_CODEC_ENTRY(0x80862800, "Geminilake HDMI", patch_i915_glk_hdmi),
3700 + HDA_CODEC_ENTRY(0x80862880, "CedarTrail HDMI", patch_generic_hdmi),
3701 +diff --git a/sound/pci/hda/patch_realtek.c b/sound/pci/hda/patch_realtek.c
3702 +index b076386c8952..9ac4b9076ee2 100644
3703 +--- a/sound/pci/hda/patch_realtek.c
3704 ++++ b/sound/pci/hda/patch_realtek.c
3705 +@@ -5162,6 +5162,22 @@ static void alc233_alc662_fixup_lenovo_dual_codecs(struct hda_codec *codec,
3706 + }
3707 + }
3708 +
3709 ++/* Forcibly assign NID 0x03 to HP/LO while NID 0x02 to SPK for EQ */
3710 ++static void alc274_fixup_bind_dacs(struct hda_codec *codec,
3711 ++ const struct hda_fixup *fix, int action)
3712 ++{
3713 ++ struct alc_spec *spec = codec->spec;
3714 ++ static hda_nid_t preferred_pairs[] = {
3715 ++ 0x21, 0x03, 0x1b, 0x03, 0x16, 0x02,
3716 ++ 0
3717 ++ };
3718 ++
3719 ++ if (action != HDA_FIXUP_ACT_PRE_PROBE)
3720 ++ return;
3721 ++
3722 ++ spec->gen.preferred_dacs = preferred_pairs;
3723 ++}
3724 ++
3725 + /* for hda_fixup_thinkpad_acpi() */
3726 + #include "thinkpad_helper.c"
3727 +
3728 +@@ -5279,6 +5295,8 @@ enum {
3729 + ALC233_FIXUP_LENOVO_MULTI_CODECS,
3730 + ALC294_FIXUP_LENOVO_MIC_LOCATION,
3731 + ALC700_FIXUP_INTEL_REFERENCE,
3732 ++ ALC274_FIXUP_DELL_BIND_DACS,
3733 ++ ALC274_FIXUP_DELL_AIO_LINEOUT_VERB,
3734 + };
3735 +
3736 + static const struct hda_fixup alc269_fixups[] = {
3737 +@@ -6089,6 +6107,21 @@ static const struct hda_fixup alc269_fixups[] = {
3738 + {}
3739 + }
3740 + },
3741 ++ [ALC274_FIXUP_DELL_BIND_DACS] = {
3742 ++ .type = HDA_FIXUP_FUNC,
3743 ++ .v.func = alc274_fixup_bind_dacs,
3744 ++ .chained = true,
3745 ++ .chain_id = ALC269_FIXUP_DELL1_MIC_NO_PRESENCE
3746 ++ },
3747 ++ [ALC274_FIXUP_DELL_AIO_LINEOUT_VERB] = {
3748 ++ .type = HDA_FIXUP_PINS,
3749 ++ .v.pins = (const struct hda_pintbl[]) {
3750 ++ { 0x1b, 0x0401102f },
3751 ++ { }
3752 ++ },
3753 ++ .chained = true,
3754 ++ .chain_id = ALC274_FIXUP_DELL_BIND_DACS
3755 ++ },
3756 + };
3757 +
3758 + static const struct snd_pci_quirk alc269_fixup_tbl[] = {
3759 +@@ -6550,7 +6583,7 @@ static const struct snd_hda_pin_quirk alc269_pin_fixup_tbl[] = {
3760 + {0x14, 0x90170110},
3761 + {0x1b, 0x90a70130},
3762 + {0x21, 0x03211020}),
3763 +- SND_HDA_PIN_QUIRK(0x10ec0274, 0x1028, "Dell", ALC269_FIXUP_DELL1_MIC_NO_PRESENCE,
3764 ++ SND_HDA_PIN_QUIRK(0x10ec0274, 0x1028, "Dell", ALC274_FIXUP_DELL_AIO_LINEOUT_VERB,
3765 + {0x12, 0xb7a60130},
3766 + {0x13, 0xb8a61140},
3767 + {0x16, 0x90170110},
3768 +diff --git a/sound/usb/mixer.c b/sound/usb/mixer.c
3769 +index 4fde4f8d4444..75bce127d768 100644
3770 +--- a/sound/usb/mixer.c
3771 ++++ b/sound/usb/mixer.c
3772 +@@ -2173,20 +2173,25 @@ static int parse_audio_selector_unit(struct mixer_build *state, int unitid,
3773 + kctl->private_value = (unsigned long)namelist;
3774 + kctl->private_free = usb_mixer_selector_elem_free;
3775 +
3776 +- nameid = uac_selector_unit_iSelector(desc);
3777 ++ /* check the static mapping table at first */
3778 + len = check_mapped_name(map, kctl->id.name, sizeof(kctl->id.name));
3779 +- if (len)
3780 +- ;
3781 +- else if (nameid)
3782 +- len = snd_usb_copy_string_desc(state, nameid, kctl->id.name,
3783 +- sizeof(kctl->id.name));
3784 +- else
3785 +- len = get_term_name(state, &state->oterm,
3786 +- kctl->id.name, sizeof(kctl->id.name), 0);
3787 +-
3788 + if (!len) {
3789 +- strlcpy(kctl->id.name, "USB", sizeof(kctl->id.name));
3790 ++ /* no mapping ? */
3791 ++ /* if iSelector is given, use it */
3792 ++ nameid = uac_selector_unit_iSelector(desc);
3793 ++ if (nameid)
3794 ++ len = snd_usb_copy_string_desc(state, nameid,
3795 ++ kctl->id.name,
3796 ++ sizeof(kctl->id.name));
3797 ++ /* ... or pick up the terminal name at next */
3798 ++ if (!len)
3799 ++ len = get_term_name(state, &state->oterm,
3800 ++ kctl->id.name, sizeof(kctl->id.name), 0);
3801 ++ /* ... or use the fixed string "USB" as the last resort */
3802 ++ if (!len)
3803 ++ strlcpy(kctl->id.name, "USB", sizeof(kctl->id.name));
3804 +
3805 ++ /* and add the proper suffix */
3806 + if (desc->bDescriptorSubtype == UAC2_CLOCK_SELECTOR)
3807 + append_ctl_name(kctl, " Clock Source");
3808 + else if ((state->oterm.type & 0xff00) == 0x0100)
3809 +diff --git a/sound/usb/quirks.c b/sound/usb/quirks.c
3810 +index 20624320b753..8d7db7cd4f88 100644
3811 +--- a/sound/usb/quirks.c
3812 ++++ b/sound/usb/quirks.c
3813 +@@ -1172,10 +1172,11 @@ static bool is_marantz_denon_dac(unsigned int id)
3814 + /* TEAC UD-501/UD-503/NT-503 USB DACs need a vendor cmd to switch
3815 + * between PCM/DOP and native DSD mode
3816 + */
3817 +-static bool is_teac_50X_dac(unsigned int id)
3818 ++static bool is_teac_dsd_dac(unsigned int id)
3819 + {
3820 + switch (id) {
3821 + case USB_ID(0x0644, 0x8043): /* TEAC UD-501/UD-503/NT-503 */
3822 ++ case USB_ID(0x0644, 0x8044): /* Esoteric D-05X */
3823 + return true;
3824 + }
3825 + return false;
3826 +@@ -1208,7 +1209,7 @@ int snd_usb_select_mode_quirk(struct snd_usb_substream *subs,
3827 + break;
3828 + }
3829 + mdelay(20);
3830 +- } else if (is_teac_50X_dac(subs->stream->chip->usb_id)) {
3831 ++ } else if (is_teac_dsd_dac(subs->stream->chip->usb_id)) {
3832 + /* Vendor mode switch cmd is required. */
3833 + switch (fmt->altsetting) {
3834 + case 3: /* DSD mode (DSD_U32) requested */
3835 +@@ -1398,7 +1399,7 @@ u64 snd_usb_interface_dsd_format_quirks(struct snd_usb_audio *chip,
3836 + }
3837 +
3838 + /* TEAC devices with USB DAC functionality */
3839 +- if (is_teac_50X_dac(chip->usb_id)) {
3840 ++ if (is_teac_dsd_dac(chip->usb_id)) {
3841 + if (fp->altsetting == 3)
3842 + return SNDRV_PCM_FMTBIT_DSD_U32_BE;
3843 + }
3844 +diff --git a/tools/objtool/.gitignore b/tools/objtool/.gitignore
3845 +index d3102c865a95..914cff12899b 100644
3846 +--- a/tools/objtool/.gitignore
3847 ++++ b/tools/objtool/.gitignore
3848 +@@ -1,3 +1,3 @@
3849 +-arch/x86/insn/inat-tables.c
3850 ++arch/x86/lib/inat-tables.c
3851 + objtool
3852 + fixdep
3853 +diff --git a/tools/objtool/Makefile b/tools/objtool/Makefile
3854 +index 424b1965d06f..ae0272f9a091 100644
3855 +--- a/tools/objtool/Makefile
3856 ++++ b/tools/objtool/Makefile
3857 +@@ -7,9 +7,11 @@ ARCH := x86
3858 + endif
3859 +
3860 + # always use the host compiler
3861 +-CC = gcc
3862 +-LD = ld
3863 +-AR = ar
3864 ++HOSTCC ?= gcc
3865 ++HOSTLD ?= ld
3866 ++CC = $(HOSTCC)
3867 ++LD = $(HOSTLD)
3868 ++AR = ar
3869 +
3870 + ifeq ($(srctree),)
3871 + srctree := $(patsubst %/,%,$(dir $(CURDIR)))
3872 +@@ -25,7 +27,9 @@ OBJTOOL_IN := $(OBJTOOL)-in.o
3873 +
3874 + all: $(OBJTOOL)
3875 +
3876 +-INCLUDES := -I$(srctree)/tools/include -I$(srctree)/tools/arch/$(HOSTARCH)/include/uapi
3877 ++INCLUDES := -I$(srctree)/tools/include \
3878 ++ -I$(srctree)/tools/arch/$(HOSTARCH)/include/uapi \
3879 ++ -I$(srctree)/tools/objtool/arch/$(ARCH)/include
3880 + WARNINGS := $(EXTRA_WARNINGS) -Wno-switch-default -Wno-switch-enum -Wno-packed
3881 + CFLAGS += -Wall -Werror $(WARNINGS) -fomit-frame-pointer -O2 -g $(INCLUDES)
3882 + LDFLAGS += -lelf $(LIBSUBCMD)
3883 +@@ -41,22 +45,8 @@ include $(srctree)/tools/build/Makefile.include
3884 + $(OBJTOOL_IN): fixdep FORCE
3885 + @$(MAKE) $(build)=objtool
3886 +
3887 +-# Busybox's diff doesn't have -I, avoid warning in that case
3888 +-#
3889 + $(OBJTOOL): $(LIBSUBCMD) $(OBJTOOL_IN)
3890 +- @(diff -I 2>&1 | grep -q 'option requires an argument' && \
3891 +- test -d ../../kernel -a -d ../../tools -a -d ../objtool && (( \
3892 +- diff -I'^#include' arch/x86/insn/insn.c ../../arch/x86/lib/insn.c >/dev/null && \
3893 +- diff -I'^#include' arch/x86/insn/inat.c ../../arch/x86/lib/inat.c >/dev/null && \
3894 +- diff arch/x86/insn/x86-opcode-map.txt ../../arch/x86/lib/x86-opcode-map.txt >/dev/null && \
3895 +- diff arch/x86/insn/gen-insn-attr-x86.awk ../../arch/x86/tools/gen-insn-attr-x86.awk >/dev/null && \
3896 +- diff -I'^#include' arch/x86/insn/insn.h ../../arch/x86/include/asm/insn.h >/dev/null && \
3897 +- diff -I'^#include' arch/x86/insn/inat.h ../../arch/x86/include/asm/inat.h >/dev/null && \
3898 +- diff -I'^#include' arch/x86/insn/inat_types.h ../../arch/x86/include/asm/inat_types.h >/dev/null) \
3899 +- || echo "warning: objtool: x86 instruction decoder differs from kernel" >&2 )) || true
3900 +- @(test -d ../../kernel -a -d ../../tools -a -d ../objtool && (( \
3901 +- diff ../../arch/x86/include/asm/orc_types.h orc_types.h >/dev/null) \
3902 +- || echo "warning: objtool: orc_types.h differs from kernel" >&2 )) || true
3903 ++ @./sync-check.sh
3904 + $(QUIET_LINK)$(CC) $(OBJTOOL_IN) $(LDFLAGS) -o $@
3905 +
3906 +
3907 +@@ -66,7 +56,7 @@ $(LIBSUBCMD): fixdep FORCE
3908 + clean:
3909 + $(call QUIET_CLEAN, objtool) $(RM) $(OBJTOOL)
3910 + $(Q)find $(OUTPUT) -name '*.o' -delete -o -name '\.*.cmd' -delete -o -name '\.*.d' -delete
3911 +- $(Q)$(RM) $(OUTPUT)arch/x86/insn/inat-tables.c $(OUTPUT)fixdep
3912 ++ $(Q)$(RM) $(OUTPUT)arch/x86/lib/inat-tables.c $(OUTPUT)fixdep
3913 +
3914 + FORCE:
3915 +
3916 +diff --git a/tools/objtool/arch/x86/Build b/tools/objtool/arch/x86/Build
3917 +index debbdb0b5c43..b998412c017d 100644
3918 +--- a/tools/objtool/arch/x86/Build
3919 ++++ b/tools/objtool/arch/x86/Build
3920 +@@ -1,12 +1,12 @@
3921 + objtool-y += decode.o
3922 +
3923 +-inat_tables_script = arch/x86/insn/gen-insn-attr-x86.awk
3924 +-inat_tables_maps = arch/x86/insn/x86-opcode-map.txt
3925 ++inat_tables_script = arch/x86/tools/gen-insn-attr-x86.awk
3926 ++inat_tables_maps = arch/x86/lib/x86-opcode-map.txt
3927 +
3928 +-$(OUTPUT)arch/x86/insn/inat-tables.c: $(inat_tables_script) $(inat_tables_maps)
3929 ++$(OUTPUT)arch/x86/lib/inat-tables.c: $(inat_tables_script) $(inat_tables_maps)
3930 + $(call rule_mkdir)
3931 + $(Q)$(call echo-cmd,gen)$(AWK) -f $(inat_tables_script) $(inat_tables_maps) > $@
3932 +
3933 +-$(OUTPUT)arch/x86/decode.o: $(OUTPUT)arch/x86/insn/inat-tables.c
3934 ++$(OUTPUT)arch/x86/decode.o: $(OUTPUT)arch/x86/lib/inat-tables.c
3935 +
3936 +-CFLAGS_decode.o += -I$(OUTPUT)arch/x86/insn
3937 ++CFLAGS_decode.o += -I$(OUTPUT)arch/x86/lib
3938 +diff --git a/tools/objtool/arch/x86/decode.c b/tools/objtool/arch/x86/decode.c
3939 +index 34a579f806e3..8acfc47af70e 100644
3940 +--- a/tools/objtool/arch/x86/decode.c
3941 ++++ b/tools/objtool/arch/x86/decode.c
3942 +@@ -19,9 +19,9 @@
3943 + #include <stdlib.h>
3944 +
3945 + #define unlikely(cond) (cond)
3946 +-#include "insn/insn.h"
3947 +-#include "insn/inat.c"
3948 +-#include "insn/insn.c"
3949 ++#include <asm/insn.h>
3950 ++#include "lib/inat.c"
3951 ++#include "lib/insn.c"
3952 +
3953 + #include "../../elf.h"
3954 + #include "../../arch.h"
3955 +diff --git a/tools/objtool/arch/x86/include/asm/inat.h b/tools/objtool/arch/x86/include/asm/inat.h
3956 +new file mode 100644
3957 +index 000000000000..1c78580e58be
3958 +--- /dev/null
3959 ++++ b/tools/objtool/arch/x86/include/asm/inat.h
3960 +@@ -0,0 +1,244 @@
3961 ++#ifndef _ASM_X86_INAT_H
3962 ++#define _ASM_X86_INAT_H
3963 ++/*
3964 ++ * x86 instruction attributes
3965 ++ *
3966 ++ * Written by Masami Hiramatsu <mhiramat@××××××.com>
3967 ++ *
3968 ++ * This program is free software; you can redistribute it and/or modify
3969 ++ * it under the terms of the GNU General Public License as published by
3970 ++ * the Free Software Foundation; either version 2 of the License, or
3971 ++ * (at your option) any later version.
3972 ++ *
3973 ++ * This program is distributed in the hope that it will be useful,
3974 ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
3975 ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
3976 ++ * GNU General Public License for more details.
3977 ++ *
3978 ++ * You should have received a copy of the GNU General Public License
3979 ++ * along with this program; if not, write to the Free Software
3980 ++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
3981 ++ *
3982 ++ */
3983 ++#include <asm/inat_types.h>
3984 ++
3985 ++/*
3986 ++ * Internal bits. Don't use bitmasks directly, because these bits are
3987 ++ * unstable. You should use checking functions.
3988 ++ */
3989 ++
3990 ++#define INAT_OPCODE_TABLE_SIZE 256
3991 ++#define INAT_GROUP_TABLE_SIZE 8
3992 ++
3993 ++/* Legacy last prefixes */
3994 ++#define INAT_PFX_OPNDSZ 1 /* 0x66 */ /* LPFX1 */
3995 ++#define INAT_PFX_REPE 2 /* 0xF3 */ /* LPFX2 */
3996 ++#define INAT_PFX_REPNE 3 /* 0xF2 */ /* LPFX3 */
3997 ++/* Other Legacy prefixes */
3998 ++#define INAT_PFX_LOCK 4 /* 0xF0 */
3999 ++#define INAT_PFX_CS 5 /* 0x2E */
4000 ++#define INAT_PFX_DS 6 /* 0x3E */
4001 ++#define INAT_PFX_ES 7 /* 0x26 */
4002 ++#define INAT_PFX_FS 8 /* 0x64 */
4003 ++#define INAT_PFX_GS 9 /* 0x65 */
4004 ++#define INAT_PFX_SS 10 /* 0x36 */
4005 ++#define INAT_PFX_ADDRSZ 11 /* 0x67 */
4006 ++/* x86-64 REX prefix */
4007 ++#define INAT_PFX_REX 12 /* 0x4X */
4008 ++/* AVX VEX prefixes */
4009 ++#define INAT_PFX_VEX2 13 /* 2-bytes VEX prefix */
4010 ++#define INAT_PFX_VEX3 14 /* 3-bytes VEX prefix */
4011 ++#define INAT_PFX_EVEX 15 /* EVEX prefix */
4012 ++
4013 ++#define INAT_LSTPFX_MAX 3
4014 ++#define INAT_LGCPFX_MAX 11
4015 ++
4016 ++/* Immediate size */
4017 ++#define INAT_IMM_BYTE 1
4018 ++#define INAT_IMM_WORD 2
4019 ++#define INAT_IMM_DWORD 3
4020 ++#define INAT_IMM_QWORD 4
4021 ++#define INAT_IMM_PTR 5
4022 ++#define INAT_IMM_VWORD32 6
4023 ++#define INAT_IMM_VWORD 7
4024 ++
4025 ++/* Legacy prefix */
4026 ++#define INAT_PFX_OFFS 0
4027 ++#define INAT_PFX_BITS 4
4028 ++#define INAT_PFX_MAX ((1 << INAT_PFX_BITS) - 1)
4029 ++#define INAT_PFX_MASK (INAT_PFX_MAX << INAT_PFX_OFFS)
4030 ++/* Escape opcodes */
4031 ++#define INAT_ESC_OFFS (INAT_PFX_OFFS + INAT_PFX_BITS)
4032 ++#define INAT_ESC_BITS 2
4033 ++#define INAT_ESC_MAX ((1 << INAT_ESC_BITS) - 1)
4034 ++#define INAT_ESC_MASK (INAT_ESC_MAX << INAT_ESC_OFFS)
4035 ++/* Group opcodes (1-16) */
4036 ++#define INAT_GRP_OFFS (INAT_ESC_OFFS + INAT_ESC_BITS)
4037 ++#define INAT_GRP_BITS 5
4038 ++#define INAT_GRP_MAX ((1 << INAT_GRP_BITS) - 1)
4039 ++#define INAT_GRP_MASK (INAT_GRP_MAX << INAT_GRP_OFFS)
4040 ++/* Immediates */
4041 ++#define INAT_IMM_OFFS (INAT_GRP_OFFS + INAT_GRP_BITS)
4042 ++#define INAT_IMM_BITS 3
4043 ++#define INAT_IMM_MASK (((1 << INAT_IMM_BITS) - 1) << INAT_IMM_OFFS)
4044 ++/* Flags */
4045 ++#define INAT_FLAG_OFFS (INAT_IMM_OFFS + INAT_IMM_BITS)
4046 ++#define INAT_MODRM (1 << (INAT_FLAG_OFFS))
4047 ++#define INAT_FORCE64 (1 << (INAT_FLAG_OFFS + 1))
4048 ++#define INAT_SCNDIMM (1 << (INAT_FLAG_OFFS + 2))
4049 ++#define INAT_MOFFSET (1 << (INAT_FLAG_OFFS + 3))
4050 ++#define INAT_VARIANT (1 << (INAT_FLAG_OFFS + 4))
4051 ++#define INAT_VEXOK (1 << (INAT_FLAG_OFFS + 5))
4052 ++#define INAT_VEXONLY (1 << (INAT_FLAG_OFFS + 6))
4053 ++#define INAT_EVEXONLY (1 << (INAT_FLAG_OFFS + 7))
4054 ++/* Attribute making macros for attribute tables */
4055 ++#define INAT_MAKE_PREFIX(pfx) (pfx << INAT_PFX_OFFS)
4056 ++#define INAT_MAKE_ESCAPE(esc) (esc << INAT_ESC_OFFS)
4057 ++#define INAT_MAKE_GROUP(grp) ((grp << INAT_GRP_OFFS) | INAT_MODRM)
4058 ++#define INAT_MAKE_IMM(imm) (imm << INAT_IMM_OFFS)
4059 ++
4060 ++/* Identifiers for segment registers */
4061 ++#define INAT_SEG_REG_IGNORE 0
4062 ++#define INAT_SEG_REG_DEFAULT 1
4063 ++#define INAT_SEG_REG_CS 2
4064 ++#define INAT_SEG_REG_SS 3
4065 ++#define INAT_SEG_REG_DS 4
4066 ++#define INAT_SEG_REG_ES 5
4067 ++#define INAT_SEG_REG_FS 6
4068 ++#define INAT_SEG_REG_GS 7
4069 ++
4070 ++/* Attribute search APIs */
4071 ++extern insn_attr_t inat_get_opcode_attribute(insn_byte_t opcode);
4072 ++extern int inat_get_last_prefix_id(insn_byte_t last_pfx);
4073 ++extern insn_attr_t inat_get_escape_attribute(insn_byte_t opcode,
4074 ++ int lpfx_id,
4075 ++ insn_attr_t esc_attr);
4076 ++extern insn_attr_t inat_get_group_attribute(insn_byte_t modrm,
4077 ++ int lpfx_id,
4078 ++ insn_attr_t esc_attr);
4079 ++extern insn_attr_t inat_get_avx_attribute(insn_byte_t opcode,
4080 ++ insn_byte_t vex_m,
4081 ++ insn_byte_t vex_pp);
4082 ++
4083 ++/* Attribute checking functions */
4084 ++static inline int inat_is_legacy_prefix(insn_attr_t attr)
4085 ++{
4086 ++ attr &= INAT_PFX_MASK;
4087 ++ return attr && attr <= INAT_LGCPFX_MAX;
4088 ++}
4089 ++
4090 ++static inline int inat_is_address_size_prefix(insn_attr_t attr)
4091 ++{
4092 ++ return (attr & INAT_PFX_MASK) == INAT_PFX_ADDRSZ;
4093 ++}
4094 ++
4095 ++static inline int inat_is_operand_size_prefix(insn_attr_t attr)
4096 ++{
4097 ++ return (attr & INAT_PFX_MASK) == INAT_PFX_OPNDSZ;
4098 ++}
4099 ++
4100 ++static inline int inat_is_rex_prefix(insn_attr_t attr)
4101 ++{
4102 ++ return (attr & INAT_PFX_MASK) == INAT_PFX_REX;
4103 ++}
4104 ++
4105 ++static inline int inat_last_prefix_id(insn_attr_t attr)
4106 ++{
4107 ++ if ((attr & INAT_PFX_MASK) > INAT_LSTPFX_MAX)
4108 ++ return 0;
4109 ++ else
4110 ++ return attr & INAT_PFX_MASK;
4111 ++}
4112 ++
4113 ++static inline int inat_is_vex_prefix(insn_attr_t attr)
4114 ++{
4115 ++ attr &= INAT_PFX_MASK;
4116 ++ return attr == INAT_PFX_VEX2 || attr == INAT_PFX_VEX3 ||
4117 ++ attr == INAT_PFX_EVEX;
4118 ++}
4119 ++
4120 ++static inline int inat_is_evex_prefix(insn_attr_t attr)
4121 ++{
4122 ++ return (attr & INAT_PFX_MASK) == INAT_PFX_EVEX;
4123 ++}
4124 ++
4125 ++static inline int inat_is_vex3_prefix(insn_attr_t attr)
4126 ++{
4127 ++ return (attr & INAT_PFX_MASK) == INAT_PFX_VEX3;
4128 ++}
4129 ++
4130 ++static inline int inat_is_escape(insn_attr_t attr)
4131 ++{
4132 ++ return attr & INAT_ESC_MASK;
4133 ++}
4134 ++
4135 ++static inline int inat_escape_id(insn_attr_t attr)
4136 ++{
4137 ++ return (attr & INAT_ESC_MASK) >> INAT_ESC_OFFS;
4138 ++}
4139 ++
4140 ++static inline int inat_is_group(insn_attr_t attr)
4141 ++{
4142 ++ return attr & INAT_GRP_MASK;
4143 ++}
4144 ++
4145 ++static inline int inat_group_id(insn_attr_t attr)
4146 ++{
4147 ++ return (attr & INAT_GRP_MASK) >> INAT_GRP_OFFS;
4148 ++}
4149 ++
4150 ++static inline int inat_group_common_attribute(insn_attr_t attr)
4151 ++{
4152 ++ return attr & ~INAT_GRP_MASK;
4153 ++}
4154 ++
4155 ++static inline int inat_has_immediate(insn_attr_t attr)
4156 ++{
4157 ++ return attr & INAT_IMM_MASK;
4158 ++}
4159 ++
4160 ++static inline int inat_immediate_size(insn_attr_t attr)
4161 ++{
4162 ++ return (attr & INAT_IMM_MASK) >> INAT_IMM_OFFS;
4163 ++}
4164 ++
4165 ++static inline int inat_has_modrm(insn_attr_t attr)
4166 ++{
4167 ++ return attr & INAT_MODRM;
4168 ++}
4169 ++
4170 ++static inline int inat_is_force64(insn_attr_t attr)
4171 ++{
4172 ++ return attr & INAT_FORCE64;
4173 ++}
4174 ++
4175 ++static inline int inat_has_second_immediate(insn_attr_t attr)
4176 ++{
4177 ++ return attr & INAT_SCNDIMM;
4178 ++}
4179 ++
4180 ++static inline int inat_has_moffset(insn_attr_t attr)
4181 ++{
4182 ++ return attr & INAT_MOFFSET;
4183 ++}
4184 ++
4185 ++static inline int inat_has_variant(insn_attr_t attr)
4186 ++{
4187 ++ return attr & INAT_VARIANT;
4188 ++}
4189 ++
4190 ++static inline int inat_accept_vex(insn_attr_t attr)
4191 ++{
4192 ++ return attr & INAT_VEXOK;
4193 ++}
4194 ++
4195 ++static inline int inat_must_vex(insn_attr_t attr)
4196 ++{
4197 ++ return attr & (INAT_VEXONLY | INAT_EVEXONLY);
4198 ++}
4199 ++
4200 ++static inline int inat_must_evex(insn_attr_t attr)
4201 ++{
4202 ++ return attr & INAT_EVEXONLY;
4203 ++}
4204 ++#endif
4205 +diff --git a/tools/objtool/arch/x86/include/asm/inat_types.h b/tools/objtool/arch/x86/include/asm/inat_types.h
4206 +new file mode 100644
4207 +index 000000000000..cb3c20ce39cf
4208 +--- /dev/null
4209 ++++ b/tools/objtool/arch/x86/include/asm/inat_types.h
4210 +@@ -0,0 +1,29 @@
4211 ++#ifndef _ASM_X86_INAT_TYPES_H
4212 ++#define _ASM_X86_INAT_TYPES_H
4213 ++/*
4214 ++ * x86 instruction attributes
4215 ++ *
4216 ++ * Written by Masami Hiramatsu <mhiramat@××××××.com>
4217 ++ *
4218 ++ * This program is free software; you can redistribute it and/or modify
4219 ++ * it under the terms of the GNU General Public License as published by
4220 ++ * the Free Software Foundation; either version 2 of the License, or
4221 ++ * (at your option) any later version.
4222 ++ *
4223 ++ * This program is distributed in the hope that it will be useful,
4224 ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
4225 ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4226 ++ * GNU General Public License for more details.
4227 ++ *
4228 ++ * You should have received a copy of the GNU General Public License
4229 ++ * along with this program; if not, write to the Free Software
4230 ++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
4231 ++ *
4232 ++ */
4233 ++
4234 ++/* Instruction attributes */
4235 ++typedef unsigned int insn_attr_t;
4236 ++typedef unsigned char insn_byte_t;
4237 ++typedef signed int insn_value_t;
4238 ++
4239 ++#endif
4240 +diff --git a/tools/objtool/arch/x86/include/asm/insn.h b/tools/objtool/arch/x86/include/asm/insn.h
4241 +new file mode 100644
4242 +index 000000000000..b3e32b010ab1
4243 +--- /dev/null
4244 ++++ b/tools/objtool/arch/x86/include/asm/insn.h
4245 +@@ -0,0 +1,211 @@
4246 ++#ifndef _ASM_X86_INSN_H
4247 ++#define _ASM_X86_INSN_H
4248 ++/*
4249 ++ * x86 instruction analysis
4250 ++ *
4251 ++ * This program is free software; you can redistribute it and/or modify
4252 ++ * it under the terms of the GNU General Public License as published by
4253 ++ * the Free Software Foundation; either version 2 of the License, or
4254 ++ * (at your option) any later version.
4255 ++ *
4256 ++ * This program is distributed in the hope that it will be useful,
4257 ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
4258 ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4259 ++ * GNU General Public License for more details.
4260 ++ *
4261 ++ * You should have received a copy of the GNU General Public License
4262 ++ * along with this program; if not, write to the Free Software
4263 ++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
4264 ++ *
4265 ++ * Copyright (C) IBM Corporation, 2009
4266 ++ */
4267 ++
4268 ++/* insn_attr_t is defined in inat.h */
4269 ++#include <asm/inat.h>
4270 ++
4271 ++struct insn_field {
4272 ++ union {
4273 ++ insn_value_t value;
4274 ++ insn_byte_t bytes[4];
4275 ++ };
4276 ++ /* !0 if we've run insn_get_xxx() for this field */
4277 ++ unsigned char got;
4278 ++ unsigned char nbytes;
4279 ++};
4280 ++
4281 ++struct insn {
4282 ++ struct insn_field prefixes; /*
4283 ++ * Prefixes
4284 ++ * prefixes.bytes[3]: last prefix
4285 ++ */
4286 ++ struct insn_field rex_prefix; /* REX prefix */
4287 ++ struct insn_field vex_prefix; /* VEX prefix */
4288 ++ struct insn_field opcode; /*
4289 ++ * opcode.bytes[0]: opcode1
4290 ++ * opcode.bytes[1]: opcode2
4291 ++ * opcode.bytes[2]: opcode3
4292 ++ */
4293 ++ struct insn_field modrm;
4294 ++ struct insn_field sib;
4295 ++ struct insn_field displacement;
4296 ++ union {
4297 ++ struct insn_field immediate;
4298 ++ struct insn_field moffset1; /* for 64bit MOV */
4299 ++ struct insn_field immediate1; /* for 64bit imm or off16/32 */
4300 ++ };
4301 ++ union {
4302 ++ struct insn_field moffset2; /* for 64bit MOV */
4303 ++ struct insn_field immediate2; /* for 64bit imm or seg16 */
4304 ++ };
4305 ++
4306 ++ insn_attr_t attr;
4307 ++ unsigned char opnd_bytes;
4308 ++ unsigned char addr_bytes;
4309 ++ unsigned char length;
4310 ++ unsigned char x86_64;
4311 ++
4312 ++ const insn_byte_t *kaddr; /* kernel address of insn to analyze */
4313 ++ const insn_byte_t *end_kaddr; /* kernel address of last insn in buffer */
4314 ++ const insn_byte_t *next_byte;
4315 ++};
4316 ++
4317 ++#define MAX_INSN_SIZE 15
4318 ++
4319 ++#define X86_MODRM_MOD(modrm) (((modrm) & 0xc0) >> 6)
4320 ++#define X86_MODRM_REG(modrm) (((modrm) & 0x38) >> 3)
4321 ++#define X86_MODRM_RM(modrm) ((modrm) & 0x07)
4322 ++
4323 ++#define X86_SIB_SCALE(sib) (((sib) & 0xc0) >> 6)
4324 ++#define X86_SIB_INDEX(sib) (((sib) & 0x38) >> 3)
4325 ++#define X86_SIB_BASE(sib) ((sib) & 0x07)
4326 ++
4327 ++#define X86_REX_W(rex) ((rex) & 8)
4328 ++#define X86_REX_R(rex) ((rex) & 4)
4329 ++#define X86_REX_X(rex) ((rex) & 2)
4330 ++#define X86_REX_B(rex) ((rex) & 1)
4331 ++
4332 ++/* VEX bit flags */
4333 ++#define X86_VEX_W(vex) ((vex) & 0x80) /* VEX3 Byte2 */
4334 ++#define X86_VEX_R(vex) ((vex) & 0x80) /* VEX2/3 Byte1 */
4335 ++#define X86_VEX_X(vex) ((vex) & 0x40) /* VEX3 Byte1 */
4336 ++#define X86_VEX_B(vex) ((vex) & 0x20) /* VEX3 Byte1 */
4337 ++#define X86_VEX_L(vex) ((vex) & 0x04) /* VEX3 Byte2, VEX2 Byte1 */
4338 ++/* VEX bit fields */
4339 ++#define X86_EVEX_M(vex) ((vex) & 0x03) /* EVEX Byte1 */
4340 ++#define X86_VEX3_M(vex) ((vex) & 0x1f) /* VEX3 Byte1 */
4341 ++#define X86_VEX2_M 1 /* VEX2.M always 1 */
4342 ++#define X86_VEX_V(vex) (((vex) & 0x78) >> 3) /* VEX3 Byte2, VEX2 Byte1 */
4343 ++#define X86_VEX_P(vex) ((vex) & 0x03) /* VEX3 Byte2, VEX2 Byte1 */
4344 ++#define X86_VEX_M_MAX 0x1f /* VEX3.M Maximum value */
4345 ++
4346 ++extern void insn_init(struct insn *insn, const void *kaddr, int buf_len, int x86_64);
4347 ++extern void insn_get_prefixes(struct insn *insn);
4348 ++extern void insn_get_opcode(struct insn *insn);
4349 ++extern void insn_get_modrm(struct insn *insn);
4350 ++extern void insn_get_sib(struct insn *insn);
4351 ++extern void insn_get_displacement(struct insn *insn);
4352 ++extern void insn_get_immediate(struct insn *insn);
4353 ++extern void insn_get_length(struct insn *insn);
4354 ++
4355 ++/* Attribute will be determined after getting ModRM (for opcode groups) */
4356 ++static inline void insn_get_attribute(struct insn *insn)
4357 ++{
4358 ++ insn_get_modrm(insn);
4359 ++}
4360 ++
4361 ++/* Instruction uses RIP-relative addressing */
4362 ++extern int insn_rip_relative(struct insn *insn);
4363 ++
4364 ++/* Init insn for kernel text */
4365 ++static inline void kernel_insn_init(struct insn *insn,
4366 ++ const void *kaddr, int buf_len)
4367 ++{
4368 ++#ifdef CONFIG_X86_64
4369 ++ insn_init(insn, kaddr, buf_len, 1);
4370 ++#else /* CONFIG_X86_32 */
4371 ++ insn_init(insn, kaddr, buf_len, 0);
4372 ++#endif
4373 ++}
4374 ++
4375 ++static inline int insn_is_avx(struct insn *insn)
4376 ++{
4377 ++ if (!insn->prefixes.got)
4378 ++ insn_get_prefixes(insn);
4379 ++ return (insn->vex_prefix.value != 0);
4380 ++}
4381 ++
4382 ++static inline int insn_is_evex(struct insn *insn)
4383 ++{
4384 ++ if (!insn->prefixes.got)
4385 ++ insn_get_prefixes(insn);
4386 ++ return (insn->vex_prefix.nbytes == 4);
4387 ++}
4388 ++
4389 ++/* Ensure this instruction is decoded completely */
4390 ++static inline int insn_complete(struct insn *insn)
4391 ++{
4392 ++ return insn->opcode.got && insn->modrm.got && insn->sib.got &&
4393 ++ insn->displacement.got && insn->immediate.got;
4394 ++}
4395 ++
4396 ++static inline insn_byte_t insn_vex_m_bits(struct insn *insn)
4397 ++{
4398 ++ if (insn->vex_prefix.nbytes == 2) /* 2 bytes VEX */
4399 ++ return X86_VEX2_M;
4400 ++ else if (insn->vex_prefix.nbytes == 3) /* 3 bytes VEX */
4401 ++ return X86_VEX3_M(insn->vex_prefix.bytes[1]);
4402 ++ else /* EVEX */
4403 ++ return X86_EVEX_M(insn->vex_prefix.bytes[1]);
4404 ++}
4405 ++
4406 ++static inline insn_byte_t insn_vex_p_bits(struct insn *insn)
4407 ++{
4408 ++ if (insn->vex_prefix.nbytes == 2) /* 2 bytes VEX */
4409 ++ return X86_VEX_P(insn->vex_prefix.bytes[1]);
4410 ++ else
4411 ++ return X86_VEX_P(insn->vex_prefix.bytes[2]);
4412 ++}
4413 ++
4414 ++/* Get the last prefix id from last prefix or VEX prefix */
4415 ++static inline int insn_last_prefix_id(struct insn *insn)
4416 ++{
4417 ++ if (insn_is_avx(insn))
4418 ++ return insn_vex_p_bits(insn); /* VEX_p is a SIMD prefix id */
4419 ++
4420 ++ if (insn->prefixes.bytes[3])
4421 ++ return inat_get_last_prefix_id(insn->prefixes.bytes[3]);
4422 ++
4423 ++ return 0;
4424 ++}
4425 ++
4426 ++/* Offset of each field from kaddr */
4427 ++static inline int insn_offset_rex_prefix(struct insn *insn)
4428 ++{
4429 ++ return insn->prefixes.nbytes;
4430 ++}
4431 ++static inline int insn_offset_vex_prefix(struct insn *insn)
4432 ++{
4433 ++ return insn_offset_rex_prefix(insn) + insn->rex_prefix.nbytes;
4434 ++}
4435 ++static inline int insn_offset_opcode(struct insn *insn)
4436 ++{
4437 ++ return insn_offset_vex_prefix(insn) + insn->vex_prefix.nbytes;
4438 ++}
4439 ++static inline int insn_offset_modrm(struct insn *insn)
4440 ++{
4441 ++ return insn_offset_opcode(insn) + insn->opcode.nbytes;
4442 ++}
4443 ++static inline int insn_offset_sib(struct insn *insn)
4444 ++{
4445 ++ return insn_offset_modrm(insn) + insn->modrm.nbytes;
4446 ++}
4447 ++static inline int insn_offset_displacement(struct insn *insn)
4448 ++{
4449 ++ return insn_offset_sib(insn) + insn->sib.nbytes;
4450 ++}
4451 ++static inline int insn_offset_immediate(struct insn *insn)
4452 ++{
4453 ++ return insn_offset_displacement(insn) + insn->displacement.nbytes;
4454 ++}
4455 ++
4456 ++#endif /* _ASM_X86_INSN_H */
4457 +diff --git a/tools/objtool/arch/x86/include/asm/orc_types.h b/tools/objtool/arch/x86/include/asm/orc_types.h
4458 +new file mode 100644
4459 +index 000000000000..9c9dc579bd7d
4460 +--- /dev/null
4461 ++++ b/tools/objtool/arch/x86/include/asm/orc_types.h
4462 +@@ -0,0 +1,107 @@
4463 ++/*
4464 ++ * Copyright (C) 2017 Josh Poimboeuf <jpoimboe@××××××.com>
4465 ++ *
4466 ++ * This program is free software; you can redistribute it and/or
4467 ++ * modify it under the terms of the GNU General Public License
4468 ++ * as published by the Free Software Foundation; either version 2
4469 ++ * of the License, or (at your option) any later version.
4470 ++ *
4471 ++ * This program is distributed in the hope that it will be useful,
4472 ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
4473 ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4474 ++ * GNU General Public License for more details.
4475 ++ *
4476 ++ * You should have received a copy of the GNU General Public License
4477 ++ * along with this program; if not, see <http://www.gnu.org/licenses/>.
4478 ++ */
4479 ++
4480 ++#ifndef _ORC_TYPES_H
4481 ++#define _ORC_TYPES_H
4482 ++
4483 ++#include <linux/types.h>
4484 ++#include <linux/compiler.h>
4485 ++
4486 ++/*
4487 ++ * The ORC_REG_* registers are base registers which are used to find other
4488 ++ * registers on the stack.
4489 ++ *
4490 ++ * ORC_REG_PREV_SP, also known as DWARF Call Frame Address (CFA), is the
4491 ++ * address of the previous frame: the caller's SP before it called the current
4492 ++ * function.
4493 ++ *
4494 ++ * ORC_REG_UNDEFINED means the corresponding register's value didn't change in
4495 ++ * the current frame.
4496 ++ *
4497 ++ * The most commonly used base registers are SP and BP -- which the previous SP
4498 ++ * is usually based on -- and PREV_SP and UNDEFINED -- which the previous BP is
4499 ++ * usually based on.
4500 ++ *
4501 ++ * The rest of the base registers are needed for special cases like entry code
4502 ++ * and GCC realigned stacks.
4503 ++ */
4504 ++#define ORC_REG_UNDEFINED 0
4505 ++#define ORC_REG_PREV_SP 1
4506 ++#define ORC_REG_DX 2
4507 ++#define ORC_REG_DI 3
4508 ++#define ORC_REG_BP 4
4509 ++#define ORC_REG_SP 5
4510 ++#define ORC_REG_R10 6
4511 ++#define ORC_REG_R13 7
4512 ++#define ORC_REG_BP_INDIRECT 8
4513 ++#define ORC_REG_SP_INDIRECT 9
4514 ++#define ORC_REG_MAX 15
4515 ++
4516 ++/*
4517 ++ * ORC_TYPE_CALL: Indicates that sp_reg+sp_offset resolves to PREV_SP (the
4518 ++ * caller's SP right before it made the call). Used for all callable
4519 ++ * functions, i.e. all C code and all callable asm functions.
4520 ++ *
4521 ++ * ORC_TYPE_REGS: Used in entry code to indicate that sp_reg+sp_offset points
4522 ++ * to a fully populated pt_regs from a syscall, interrupt, or exception.
4523 ++ *
4524 ++ * ORC_TYPE_REGS_IRET: Used in entry code to indicate that sp_reg+sp_offset
4525 ++ * points to the iret return frame.
4526 ++ *
4527 ++ * The UNWIND_HINT macros are used only for the unwind_hint struct. They
4528 ++ * aren't used in struct orc_entry due to size and complexity constraints.
4529 ++ * Objtool converts them to real types when it converts the hints to orc
4530 ++ * entries.
4531 ++ */
4532 ++#define ORC_TYPE_CALL 0
4533 ++#define ORC_TYPE_REGS 1
4534 ++#define ORC_TYPE_REGS_IRET 2
4535 ++#define UNWIND_HINT_TYPE_SAVE 3
4536 ++#define UNWIND_HINT_TYPE_RESTORE 4
4537 ++
4538 ++#ifndef __ASSEMBLY__
4539 ++/*
4540 ++ * This struct is more or less a vastly simplified version of the DWARF Call
4541 ++ * Frame Information standard. It contains only the necessary parts of DWARF
4542 ++ * CFI, simplified for ease of access by the in-kernel unwinder. It tells the
4543 ++ * unwinder how to find the previous SP and BP (and sometimes entry regs) on
4544 ++ * the stack for a given code address. Each instance of the struct corresponds
4545 ++ * to one or more code locations.
4546 ++ */
4547 ++struct orc_entry {
4548 ++ s16 sp_offset;
4549 ++ s16 bp_offset;
4550 ++ unsigned sp_reg:4;
4551 ++ unsigned bp_reg:4;
4552 ++ unsigned type:2;
4553 ++} __packed;
4554 ++
4555 ++/*
4556 ++ * This struct is used by asm and inline asm code to manually annotate the
4557 ++ * location of registers on the stack for the ORC unwinder.
4558 ++ *
4559 ++ * Type can be either ORC_TYPE_* or UNWIND_HINT_TYPE_*.
4560 ++ */
4561 ++struct unwind_hint {
4562 ++ u32 ip;
4563 ++ s16 sp_offset;
4564 ++ u8 sp_reg;
4565 ++ u8 type;
4566 ++};
4567 ++#endif /* __ASSEMBLY__ */
4568 ++
4569 ++#endif /* _ORC_TYPES_H */
4570 +diff --git a/tools/objtool/arch/x86/insn/gen-insn-attr-x86.awk b/tools/objtool/arch/x86/insn/gen-insn-attr-x86.awk
4571 +deleted file mode 100644
4572 +index b02a36b2c14f..000000000000
4573 +--- a/tools/objtool/arch/x86/insn/gen-insn-attr-x86.awk
4574 ++++ /dev/null
4575 +@@ -1,393 +0,0 @@
4576 +-#!/bin/awk -f
4577 +-# SPDX-License-Identifier: GPL-2.0
4578 +-# gen-insn-attr-x86.awk: Instruction attribute table generator
4579 +-# Written by Masami Hiramatsu <mhiramat@××××××.com>
4580 +-#
4581 +-# Usage: awk -f gen-insn-attr-x86.awk x86-opcode-map.txt > inat-tables.c
4582 +-
4583 +-# Awk implementation sanity check
4584 +-function check_awk_implement() {
4585 +- if (sprintf("%x", 0) != "0")
4586 +- return "Your awk has a printf-format problem."
4587 +- return ""
4588 +-}
4589 +-
4590 +-# Clear working vars
4591 +-function clear_vars() {
4592 +- delete table
4593 +- delete lptable2
4594 +- delete lptable1
4595 +- delete lptable3
4596 +- eid = -1 # escape id
4597 +- gid = -1 # group id
4598 +- aid = -1 # AVX id
4599 +- tname = ""
4600 +-}
4601 +-
4602 +-BEGIN {
4603 +- # Implementation error checking
4604 +- awkchecked = check_awk_implement()
4605 +- if (awkchecked != "") {
4606 +- print "Error: " awkchecked > "/dev/stderr"
4607 +- print "Please try to use gawk." > "/dev/stderr"
4608 +- exit 1
4609 +- }
4610 +-
4611 +- # Setup generating tables
4612 +- print "/* x86 opcode map generated from x86-opcode-map.txt */"
4613 +- print "/* Do not change this code. */\n"
4614 +- ggid = 1
4615 +- geid = 1
4616 +- gaid = 0
4617 +- delete etable
4618 +- delete gtable
4619 +- delete atable
4620 +-
4621 +- opnd_expr = "^[A-Za-z/]"
4622 +- ext_expr = "^\\("
4623 +- sep_expr = "^\\|$"
4624 +- group_expr = "^Grp[0-9A-Za-z]+"
4625 +-
4626 +- imm_expr = "^[IJAOL][a-z]"
4627 +- imm_flag["Ib"] = "INAT_MAKE_IMM(INAT_IMM_BYTE)"
4628 +- imm_flag["Jb"] = "INAT_MAKE_IMM(INAT_IMM_BYTE)"
4629 +- imm_flag["Iw"] = "INAT_MAKE_IMM(INAT_IMM_WORD)"
4630 +- imm_flag["Id"] = "INAT_MAKE_IMM(INAT_IMM_DWORD)"
4631 +- imm_flag["Iq"] = "INAT_MAKE_IMM(INAT_IMM_QWORD)"
4632 +- imm_flag["Ap"] = "INAT_MAKE_IMM(INAT_IMM_PTR)"
4633 +- imm_flag["Iz"] = "INAT_MAKE_IMM(INAT_IMM_VWORD32)"
4634 +- imm_flag["Jz"] = "INAT_MAKE_IMM(INAT_IMM_VWORD32)"
4635 +- imm_flag["Iv"] = "INAT_MAKE_IMM(INAT_IMM_VWORD)"
4636 +- imm_flag["Ob"] = "INAT_MOFFSET"
4637 +- imm_flag["Ov"] = "INAT_MOFFSET"
4638 +- imm_flag["Lx"] = "INAT_MAKE_IMM(INAT_IMM_BYTE)"
4639 +-
4640 +- modrm_expr = "^([CDEGMNPQRSUVW/][a-z]+|NTA|T[012])"
4641 +- force64_expr = "\\([df]64\\)"
4642 +- rex_expr = "^REX(\\.[XRWB]+)*"
4643 +- fpu_expr = "^ESC" # TODO
4644 +-
4645 +- lprefix1_expr = "\\((66|!F3)\\)"
4646 +- lprefix2_expr = "\\(F3\\)"
4647 +- lprefix3_expr = "\\((F2|!F3|66\\&F2)\\)"
4648 +- lprefix_expr = "\\((66|F2|F3)\\)"
4649 +- max_lprefix = 4
4650 +-
4651 +- # All opcodes starting with lower-case 'v', 'k' or with (v1) superscript
4652 +- # accepts VEX prefix
4653 +- vexok_opcode_expr = "^[vk].*"
4654 +- vexok_expr = "\\(v1\\)"
4655 +- # All opcodes with (v) superscript supports *only* VEX prefix
4656 +- vexonly_expr = "\\(v\\)"
4657 +- # All opcodes with (ev) superscript supports *only* EVEX prefix
4658 +- evexonly_expr = "\\(ev\\)"
4659 +-
4660 +- prefix_expr = "\\(Prefix\\)"
4661 +- prefix_num["Operand-Size"] = "INAT_PFX_OPNDSZ"
4662 +- prefix_num["REPNE"] = "INAT_PFX_REPNE"
4663 +- prefix_num["REP/REPE"] = "INAT_PFX_REPE"
4664 +- prefix_num["XACQUIRE"] = "INAT_PFX_REPNE"
4665 +- prefix_num["XRELEASE"] = "INAT_PFX_REPE"
4666 +- prefix_num["LOCK"] = "INAT_PFX_LOCK"
4667 +- prefix_num["SEG=CS"] = "INAT_PFX_CS"
4668 +- prefix_num["SEG=DS"] = "INAT_PFX_DS"
4669 +- prefix_num["SEG=ES"] = "INAT_PFX_ES"
4670 +- prefix_num["SEG=FS"] = "INAT_PFX_FS"
4671 +- prefix_num["SEG=GS"] = "INAT_PFX_GS"
4672 +- prefix_num["SEG=SS"] = "INAT_PFX_SS"
4673 +- prefix_num["Address-Size"] = "INAT_PFX_ADDRSZ"
4674 +- prefix_num["VEX+1byte"] = "INAT_PFX_VEX2"
4675 +- prefix_num["VEX+2byte"] = "INAT_PFX_VEX3"
4676 +- prefix_num["EVEX"] = "INAT_PFX_EVEX"
4677 +-
4678 +- clear_vars()
4679 +-}
4680 +-
4681 +-function semantic_error(msg) {
4682 +- print "Semantic error at " NR ": " msg > "/dev/stderr"
4683 +- exit 1
4684 +-}
4685 +-
4686 +-function debug(msg) {
4687 +- print "DEBUG: " msg
4688 +-}
4689 +-
4690 +-function array_size(arr, i,c) {
4691 +- c = 0
4692 +- for (i in arr)
4693 +- c++
4694 +- return c
4695 +-}
4696 +-
4697 +-/^Table:/ {
4698 +- print "/* " $0 " */"
4699 +- if (tname != "")
4700 +- semantic_error("Hit Table: before EndTable:.");
4701 +-}
4702 +-
4703 +-/^Referrer:/ {
4704 +- if (NF != 1) {
4705 +- # escape opcode table
4706 +- ref = ""
4707 +- for (i = 2; i <= NF; i++)
4708 +- ref = ref $i
4709 +- eid = escape[ref]
4710 +- tname = sprintf("inat_escape_table_%d", eid)
4711 +- }
4712 +-}
4713 +-
4714 +-/^AVXcode:/ {
4715 +- if (NF != 1) {
4716 +- # AVX/escape opcode table
4717 +- aid = $2
4718 +- if (gaid <= aid)
4719 +- gaid = aid + 1
4720 +- if (tname == "") # AVX only opcode table
4721 +- tname = sprintf("inat_avx_table_%d", $2)
4722 +- }
4723 +- if (aid == -1 && eid == -1) # primary opcode table
4724 +- tname = "inat_primary_table"
4725 +-}
4726 +-
4727 +-/^GrpTable:/ {
4728 +- print "/* " $0 " */"
4729 +- if (!($2 in group))
4730 +- semantic_error("No group: " $2 )
4731 +- gid = group[$2]
4732 +- tname = "inat_group_table_" gid
4733 +-}
4734 +-
4735 +-function print_table(tbl,name,fmt,n)
4736 +-{
4737 +- print "const insn_attr_t " name " = {"
4738 +- for (i = 0; i < n; i++) {
4739 +- id = sprintf(fmt, i)
4740 +- if (tbl[id])
4741 +- print " [" id "] = " tbl[id] ","
4742 +- }
4743 +- print "};"
4744 +-}
4745 +-
4746 +-/^EndTable/ {
4747 +- if (gid != -1) {
4748 +- # print group tables
4749 +- if (array_size(table) != 0) {
4750 +- print_table(table, tname "[INAT_GROUP_TABLE_SIZE]",
4751 +- "0x%x", 8)
4752 +- gtable[gid,0] = tname
4753 +- }
4754 +- if (array_size(lptable1) != 0) {
4755 +- print_table(lptable1, tname "_1[INAT_GROUP_TABLE_SIZE]",
4756 +- "0x%x", 8)
4757 +- gtable[gid,1] = tname "_1"
4758 +- }
4759 +- if (array_size(lptable2) != 0) {
4760 +- print_table(lptable2, tname "_2[INAT_GROUP_TABLE_SIZE]",
4761 +- "0x%x", 8)
4762 +- gtable[gid,2] = tname "_2"
4763 +- }
4764 +- if (array_size(lptable3) != 0) {
4765 +- print_table(lptable3, tname "_3[INAT_GROUP_TABLE_SIZE]",
4766 +- "0x%x", 8)
4767 +- gtable[gid,3] = tname "_3"
4768 +- }
4769 +- } else {
4770 +- # print primary/escaped tables
4771 +- if (array_size(table) != 0) {
4772 +- print_table(table, tname "[INAT_OPCODE_TABLE_SIZE]",
4773 +- "0x%02x", 256)
4774 +- etable[eid,0] = tname
4775 +- if (aid >= 0)
4776 +- atable[aid,0] = tname
4777 +- }
4778 +- if (array_size(lptable1) != 0) {
4779 +- print_table(lptable1,tname "_1[INAT_OPCODE_TABLE_SIZE]",
4780 +- "0x%02x", 256)
4781 +- etable[eid,1] = tname "_1"
4782 +- if (aid >= 0)
4783 +- atable[aid,1] = tname "_1"
4784 +- }
4785 +- if (array_size(lptable2) != 0) {
4786 +- print_table(lptable2,tname "_2[INAT_OPCODE_TABLE_SIZE]",
4787 +- "0x%02x", 256)
4788 +- etable[eid,2] = tname "_2"
4789 +- if (aid >= 0)
4790 +- atable[aid,2] = tname "_2"
4791 +- }
4792 +- if (array_size(lptable3) != 0) {
4793 +- print_table(lptable3,tname "_3[INAT_OPCODE_TABLE_SIZE]",
4794 +- "0x%02x", 256)
4795 +- etable[eid,3] = tname "_3"
4796 +- if (aid >= 0)
4797 +- atable[aid,3] = tname "_3"
4798 +- }
4799 +- }
4800 +- print ""
4801 +- clear_vars()
4802 +-}
4803 +-
4804 +-function add_flags(old,new) {
4805 +- if (old && new)
4806 +- return old " | " new
4807 +- else if (old)
4808 +- return old
4809 +- else
4810 +- return new
4811 +-}
4812 +-
4813 +-# convert operands to flags.
4814 +-function convert_operands(count,opnd, i,j,imm,mod)
4815 +-{
4816 +- imm = null
4817 +- mod = null
4818 +- for (j = 1; j <= count; j++) {
4819 +- i = opnd[j]
4820 +- if (match(i, imm_expr) == 1) {
4821 +- if (!imm_flag[i])
4822 +- semantic_error("Unknown imm opnd: " i)
4823 +- if (imm) {
4824 +- if (i != "Ib")
4825 +- semantic_error("Second IMM error")
4826 +- imm = add_flags(imm, "INAT_SCNDIMM")
4827 +- } else
4828 +- imm = imm_flag[i]
4829 +- } else if (match(i, modrm_expr))
4830 +- mod = "INAT_MODRM"
4831 +- }
4832 +- return add_flags(imm, mod)
4833 +-}
4834 +-
4835 +-/^[0-9a-f]+\:/ {
4836 +- if (NR == 1)
4837 +- next
4838 +- # get index
4839 +- idx = "0x" substr($1, 1, index($1,":") - 1)
4840 +- if (idx in table)
4841 +- semantic_error("Redefine " idx " in " tname)
4842 +-
4843 +- # check if escaped opcode
4844 +- if ("escape" == $2) {
4845 +- if ($3 != "#")
4846 +- semantic_error("No escaped name")
4847 +- ref = ""
4848 +- for (i = 4; i <= NF; i++)
4849 +- ref = ref $i
4850 +- if (ref in escape)
4851 +- semantic_error("Redefine escape (" ref ")")
4852 +- escape[ref] = geid
4853 +- geid++
4854 +- table[idx] = "INAT_MAKE_ESCAPE(" escape[ref] ")"
4855 +- next
4856 +- }
4857 +-
4858 +- variant = null
4859 +- # converts
4860 +- i = 2
4861 +- while (i <= NF) {
4862 +- opcode = $(i++)
4863 +- delete opnds
4864 +- ext = null
4865 +- flags = null
4866 +- opnd = null
4867 +- # parse one opcode
4868 +- if (match($i, opnd_expr)) {
4869 +- opnd = $i
4870 +- count = split($(i++), opnds, ",")
4871 +- flags = convert_operands(count, opnds)
4872 +- }
4873 +- if (match($i, ext_expr))
4874 +- ext = $(i++)
4875 +- if (match($i, sep_expr))
4876 +- i++
4877 +- else if (i < NF)
4878 +- semantic_error($i " is not a separator")
4879 +-
4880 +- # check if group opcode
4881 +- if (match(opcode, group_expr)) {
4882 +- if (!(opcode in group)) {
4883 +- group[opcode] = ggid
4884 +- ggid++
4885 +- }
4886 +- flags = add_flags(flags, "INAT_MAKE_GROUP(" group[opcode] ")")
4887 +- }
4888 +- # check force(or default) 64bit
4889 +- if (match(ext, force64_expr))
4890 +- flags = add_flags(flags, "INAT_FORCE64")
4891 +-
4892 +- # check REX prefix
4893 +- if (match(opcode, rex_expr))
4894 +- flags = add_flags(flags, "INAT_MAKE_PREFIX(INAT_PFX_REX)")
4895 +-
4896 +- # check coprocessor escape : TODO
4897 +- if (match(opcode, fpu_expr))
4898 +- flags = add_flags(flags, "INAT_MODRM")
4899 +-
4900 +- # check VEX codes
4901 +- if (match(ext, evexonly_expr))
4902 +- flags = add_flags(flags, "INAT_VEXOK | INAT_EVEXONLY")
4903 +- else if (match(ext, vexonly_expr))
4904 +- flags = add_flags(flags, "INAT_VEXOK | INAT_VEXONLY")
4905 +- else if (match(ext, vexok_expr) || match(opcode, vexok_opcode_expr))
4906 +- flags = add_flags(flags, "INAT_VEXOK")
4907 +-
4908 +- # check prefixes
4909 +- if (match(ext, prefix_expr)) {
4910 +- if (!prefix_num[opcode])
4911 +- semantic_error("Unknown prefix: " opcode)
4912 +- flags = add_flags(flags, "INAT_MAKE_PREFIX(" prefix_num[opcode] ")")
4913 +- }
4914 +- if (length(flags) == 0)
4915 +- continue
4916 +- # check if last prefix
4917 +- if (match(ext, lprefix1_expr)) {
4918 +- lptable1[idx] = add_flags(lptable1[idx],flags)
4919 +- variant = "INAT_VARIANT"
4920 +- }
4921 +- if (match(ext, lprefix2_expr)) {
4922 +- lptable2[idx] = add_flags(lptable2[idx],flags)
4923 +- variant = "INAT_VARIANT"
4924 +- }
4925 +- if (match(ext, lprefix3_expr)) {
4926 +- lptable3[idx] = add_flags(lptable3[idx],flags)
4927 +- variant = "INAT_VARIANT"
4928 +- }
4929 +- if (!match(ext, lprefix_expr)){
4930 +- table[idx] = add_flags(table[idx],flags)
4931 +- }
4932 +- }
4933 +- if (variant)
4934 +- table[idx] = add_flags(table[idx],variant)
4935 +-}
4936 +-
4937 +-END {
4938 +- if (awkchecked != "")
4939 +- exit 1
4940 +- # print escape opcode map's array
4941 +- print "/* Escape opcode map array */"
4942 +- print "const insn_attr_t * const inat_escape_tables[INAT_ESC_MAX + 1]" \
4943 +- "[INAT_LSTPFX_MAX + 1] = {"
4944 +- for (i = 0; i < geid; i++)
4945 +- for (j = 0; j < max_lprefix; j++)
4946 +- if (etable[i,j])
4947 +- print " ["i"]["j"] = "etable[i,j]","
4948 +- print "};\n"
4949 +- # print group opcode map's array
4950 +- print "/* Group opcode map array */"
4951 +- print "const insn_attr_t * const inat_group_tables[INAT_GRP_MAX + 1]"\
4952 +- "[INAT_LSTPFX_MAX + 1] = {"
4953 +- for (i = 0; i < ggid; i++)
4954 +- for (j = 0; j < max_lprefix; j++)
4955 +- if (gtable[i,j])
4956 +- print " ["i"]["j"] = "gtable[i,j]","
4957 +- print "};\n"
4958 +- # print AVX opcode map's array
4959 +- print "/* AVX opcode map array */"
4960 +- print "const insn_attr_t * const inat_avx_tables[X86_VEX_M_MAX + 1]"\
4961 +- "[INAT_LSTPFX_MAX + 1] = {"
4962 +- for (i = 0; i < gaid; i++)
4963 +- for (j = 0; j < max_lprefix; j++)
4964 +- if (atable[i,j])
4965 +- print " ["i"]["j"] = "atable[i,j]","
4966 +- print "};"
4967 +-}
4968 +-
4969 +diff --git a/tools/objtool/arch/x86/insn/inat.c b/tools/objtool/arch/x86/insn/inat.c
4970 +deleted file mode 100644
4971 +index e4bf28e6f4c7..000000000000
4972 +--- a/tools/objtool/arch/x86/insn/inat.c
4973 ++++ /dev/null
4974 +@@ -1,97 +0,0 @@
4975 +-/*
4976 +- * x86 instruction attribute tables
4977 +- *
4978 +- * Written by Masami Hiramatsu <mhiramat@××××××.com>
4979 +- *
4980 +- * This program is free software; you can redistribute it and/or modify
4981 +- * it under the terms of the GNU General Public License as published by
4982 +- * the Free Software Foundation; either version 2 of the License, or
4983 +- * (at your option) any later version.
4984 +- *
4985 +- * This program is distributed in the hope that it will be useful,
4986 +- * but WITHOUT ANY WARRANTY; without even the implied warranty of
4987 +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
4988 +- * GNU General Public License for more details.
4989 +- *
4990 +- * You should have received a copy of the GNU General Public License
4991 +- * along with this program; if not, write to the Free Software
4992 +- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
4993 +- *
4994 +- */
4995 +-#include "insn.h"
4996 +-
4997 +-/* Attribute tables are generated from opcode map */
4998 +-#include "inat-tables.c"
4999 +-
5000 +-/* Attribute search APIs */
5001 +-insn_attr_t inat_get_opcode_attribute(insn_byte_t opcode)
5002 +-{
5003 +- return inat_primary_table[opcode];
5004 +-}
5005 +-
5006 +-int inat_get_last_prefix_id(insn_byte_t last_pfx)
5007 +-{
5008 +- insn_attr_t lpfx_attr;
5009 +-
5010 +- lpfx_attr = inat_get_opcode_attribute(last_pfx);
5011 +- return inat_last_prefix_id(lpfx_attr);
5012 +-}
5013 +-
5014 +-insn_attr_t inat_get_escape_attribute(insn_byte_t opcode, int lpfx_id,
5015 +- insn_attr_t esc_attr)
5016 +-{
5017 +- const insn_attr_t *table;
5018 +- int n;
5019 +-
5020 +- n = inat_escape_id(esc_attr);
5021 +-
5022 +- table = inat_escape_tables[n][0];
5023 +- if (!table)
5024 +- return 0;
5025 +- if (inat_has_variant(table[opcode]) && lpfx_id) {
5026 +- table = inat_escape_tables[n][lpfx_id];
5027 +- if (!table)
5028 +- return 0;
5029 +- }
5030 +- return table[opcode];
5031 +-}
5032 +-
5033 +-insn_attr_t inat_get_group_attribute(insn_byte_t modrm, int lpfx_id,
5034 +- insn_attr_t grp_attr)
5035 +-{
5036 +- const insn_attr_t *table;
5037 +- int n;
5038 +-
5039 +- n = inat_group_id(grp_attr);
5040 +-
5041 +- table = inat_group_tables[n][0];
5042 +- if (!table)
5043 +- return inat_group_common_attribute(grp_attr);
5044 +- if (inat_has_variant(table[X86_MODRM_REG(modrm)]) && lpfx_id) {
5045 +- table = inat_group_tables[n][lpfx_id];
5046 +- if (!table)
5047 +- return inat_group_common_attribute(grp_attr);
5048 +- }
5049 +- return table[X86_MODRM_REG(modrm)] |
5050 +- inat_group_common_attribute(grp_attr);
5051 +-}
5052 +-
5053 +-insn_attr_t inat_get_avx_attribute(insn_byte_t opcode, insn_byte_t vex_m,
5054 +- insn_byte_t vex_p)
5055 +-{
5056 +- const insn_attr_t *table;
5057 +- if (vex_m > X86_VEX_M_MAX || vex_p > INAT_LSTPFX_MAX)
5058 +- return 0;
5059 +- /* At first, this checks the master table */
5060 +- table = inat_avx_tables[vex_m][0];
5061 +- if (!table)
5062 +- return 0;
5063 +- if (!inat_is_group(table[opcode]) && vex_p) {
5064 +- /* If this is not a group, get attribute directly */
5065 +- table = inat_avx_tables[vex_m][vex_p];
5066 +- if (!table)
5067 +- return 0;
5068 +- }
5069 +- return table[opcode];
5070 +-}
5071 +-
5072 +diff --git a/tools/objtool/arch/x86/insn/inat.h b/tools/objtool/arch/x86/insn/inat.h
5073 +deleted file mode 100644
5074 +index 125ecd2a300d..000000000000
5075 +--- a/tools/objtool/arch/x86/insn/inat.h
5076 ++++ /dev/null
5077 +@@ -1,234 +0,0 @@
5078 +-#ifndef _ASM_X86_INAT_H
5079 +-#define _ASM_X86_INAT_H
5080 +-/*
5081 +- * x86 instruction attributes
5082 +- *
5083 +- * Written by Masami Hiramatsu <mhiramat@××××××.com>
5084 +- *
5085 +- * This program is free software; you can redistribute it and/or modify
5086 +- * it under the terms of the GNU General Public License as published by
5087 +- * the Free Software Foundation; either version 2 of the License, or
5088 +- * (at your option) any later version.
5089 +- *
5090 +- * This program is distributed in the hope that it will be useful,
5091 +- * but WITHOUT ANY WARRANTY; without even the implied warranty of
5092 +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
5093 +- * GNU General Public License for more details.
5094 +- *
5095 +- * You should have received a copy of the GNU General Public License
5096 +- * along with this program; if not, write to the Free Software
5097 +- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
5098 +- *
5099 +- */
5100 +-#include "inat_types.h"
5101 +-
5102 +-/*
5103 +- * Internal bits. Don't use bitmasks directly, because these bits are
5104 +- * unstable. You should use checking functions.
5105 +- */
5106 +-
5107 +-#define INAT_OPCODE_TABLE_SIZE 256
5108 +-#define INAT_GROUP_TABLE_SIZE 8
5109 +-
5110 +-/* Legacy last prefixes */
5111 +-#define INAT_PFX_OPNDSZ 1 /* 0x66 */ /* LPFX1 */
5112 +-#define INAT_PFX_REPE 2 /* 0xF3 */ /* LPFX2 */
5113 +-#define INAT_PFX_REPNE 3 /* 0xF2 */ /* LPFX3 */
5114 +-/* Other Legacy prefixes */
5115 +-#define INAT_PFX_LOCK 4 /* 0xF0 */
5116 +-#define INAT_PFX_CS 5 /* 0x2E */
5117 +-#define INAT_PFX_DS 6 /* 0x3E */
5118 +-#define INAT_PFX_ES 7 /* 0x26 */
5119 +-#define INAT_PFX_FS 8 /* 0x64 */
5120 +-#define INAT_PFX_GS 9 /* 0x65 */
5121 +-#define INAT_PFX_SS 10 /* 0x36 */
5122 +-#define INAT_PFX_ADDRSZ 11 /* 0x67 */
5123 +-/* x86-64 REX prefix */
5124 +-#define INAT_PFX_REX 12 /* 0x4X */
5125 +-/* AVX VEX prefixes */
5126 +-#define INAT_PFX_VEX2 13 /* 2-bytes VEX prefix */
5127 +-#define INAT_PFX_VEX3 14 /* 3-bytes VEX prefix */
5128 +-#define INAT_PFX_EVEX 15 /* EVEX prefix */
5129 +-
5130 +-#define INAT_LSTPFX_MAX 3
5131 +-#define INAT_LGCPFX_MAX 11
5132 +-
5133 +-/* Immediate size */
5134 +-#define INAT_IMM_BYTE 1
5135 +-#define INAT_IMM_WORD 2
5136 +-#define INAT_IMM_DWORD 3
5137 +-#define INAT_IMM_QWORD 4
5138 +-#define INAT_IMM_PTR 5
5139 +-#define INAT_IMM_VWORD32 6
5140 +-#define INAT_IMM_VWORD 7
5141 +-
5142 +-/* Legacy prefix */
5143 +-#define INAT_PFX_OFFS 0
5144 +-#define INAT_PFX_BITS 4
5145 +-#define INAT_PFX_MAX ((1 << INAT_PFX_BITS) - 1)
5146 +-#define INAT_PFX_MASK (INAT_PFX_MAX << INAT_PFX_OFFS)
5147 +-/* Escape opcodes */
5148 +-#define INAT_ESC_OFFS (INAT_PFX_OFFS + INAT_PFX_BITS)
5149 +-#define INAT_ESC_BITS 2
5150 +-#define INAT_ESC_MAX ((1 << INAT_ESC_BITS) - 1)
5151 +-#define INAT_ESC_MASK (INAT_ESC_MAX << INAT_ESC_OFFS)
5152 +-/* Group opcodes (1-16) */
5153 +-#define INAT_GRP_OFFS (INAT_ESC_OFFS + INAT_ESC_BITS)
5154 +-#define INAT_GRP_BITS 5
5155 +-#define INAT_GRP_MAX ((1 << INAT_GRP_BITS) - 1)
5156 +-#define INAT_GRP_MASK (INAT_GRP_MAX << INAT_GRP_OFFS)
5157 +-/* Immediates */
5158 +-#define INAT_IMM_OFFS (INAT_GRP_OFFS + INAT_GRP_BITS)
5159 +-#define INAT_IMM_BITS 3
5160 +-#define INAT_IMM_MASK (((1 << INAT_IMM_BITS) - 1) << INAT_IMM_OFFS)
5161 +-/* Flags */
5162 +-#define INAT_FLAG_OFFS (INAT_IMM_OFFS + INAT_IMM_BITS)
5163 +-#define INAT_MODRM (1 << (INAT_FLAG_OFFS))
5164 +-#define INAT_FORCE64 (1 << (INAT_FLAG_OFFS + 1))
5165 +-#define INAT_SCNDIMM (1 << (INAT_FLAG_OFFS + 2))
5166 +-#define INAT_MOFFSET (1 << (INAT_FLAG_OFFS + 3))
5167 +-#define INAT_VARIANT (1 << (INAT_FLAG_OFFS + 4))
5168 +-#define INAT_VEXOK (1 << (INAT_FLAG_OFFS + 5))
5169 +-#define INAT_VEXONLY (1 << (INAT_FLAG_OFFS + 6))
5170 +-#define INAT_EVEXONLY (1 << (INAT_FLAG_OFFS + 7))
5171 +-/* Attribute making macros for attribute tables */
5172 +-#define INAT_MAKE_PREFIX(pfx) (pfx << INAT_PFX_OFFS)
5173 +-#define INAT_MAKE_ESCAPE(esc) (esc << INAT_ESC_OFFS)
5174 +-#define INAT_MAKE_GROUP(grp) ((grp << INAT_GRP_OFFS) | INAT_MODRM)
5175 +-#define INAT_MAKE_IMM(imm) (imm << INAT_IMM_OFFS)
5176 +-
5177 +-/* Attribute search APIs */
5178 +-extern insn_attr_t inat_get_opcode_attribute(insn_byte_t opcode);
5179 +-extern int inat_get_last_prefix_id(insn_byte_t last_pfx);
5180 +-extern insn_attr_t inat_get_escape_attribute(insn_byte_t opcode,
5181 +- int lpfx_id,
5182 +- insn_attr_t esc_attr);
5183 +-extern insn_attr_t inat_get_group_attribute(insn_byte_t modrm,
5184 +- int lpfx_id,
5185 +- insn_attr_t esc_attr);
5186 +-extern insn_attr_t inat_get_avx_attribute(insn_byte_t opcode,
5187 +- insn_byte_t vex_m,
5188 +- insn_byte_t vex_pp);
5189 +-
5190 +-/* Attribute checking functions */
5191 +-static inline int inat_is_legacy_prefix(insn_attr_t attr)
5192 +-{
5193 +- attr &= INAT_PFX_MASK;
5194 +- return attr && attr <= INAT_LGCPFX_MAX;
5195 +-}
5196 +-
5197 +-static inline int inat_is_address_size_prefix(insn_attr_t attr)
5198 +-{
5199 +- return (attr & INAT_PFX_MASK) == INAT_PFX_ADDRSZ;
5200 +-}
5201 +-
5202 +-static inline int inat_is_operand_size_prefix(insn_attr_t attr)
5203 +-{
5204 +- return (attr & INAT_PFX_MASK) == INAT_PFX_OPNDSZ;
5205 +-}
5206 +-
5207 +-static inline int inat_is_rex_prefix(insn_attr_t attr)
5208 +-{
5209 +- return (attr & INAT_PFX_MASK) == INAT_PFX_REX;
5210 +-}
5211 +-
5212 +-static inline int inat_last_prefix_id(insn_attr_t attr)
5213 +-{
5214 +- if ((attr & INAT_PFX_MASK) > INAT_LSTPFX_MAX)
5215 +- return 0;
5216 +- else
5217 +- return attr & INAT_PFX_MASK;
5218 +-}
5219 +-
5220 +-static inline int inat_is_vex_prefix(insn_attr_t attr)
5221 +-{
5222 +- attr &= INAT_PFX_MASK;
5223 +- return attr == INAT_PFX_VEX2 || attr == INAT_PFX_VEX3 ||
5224 +- attr == INAT_PFX_EVEX;
5225 +-}
5226 +-
5227 +-static inline int inat_is_evex_prefix(insn_attr_t attr)
5228 +-{
5229 +- return (attr & INAT_PFX_MASK) == INAT_PFX_EVEX;
5230 +-}
5231 +-
5232 +-static inline int inat_is_vex3_prefix(insn_attr_t attr)
5233 +-{
5234 +- return (attr & INAT_PFX_MASK) == INAT_PFX_VEX3;
5235 +-}
5236 +-
5237 +-static inline int inat_is_escape(insn_attr_t attr)
5238 +-{
5239 +- return attr & INAT_ESC_MASK;
5240 +-}
5241 +-
5242 +-static inline int inat_escape_id(insn_attr_t attr)
5243 +-{
5244 +- return (attr & INAT_ESC_MASK) >> INAT_ESC_OFFS;
5245 +-}
5246 +-
5247 +-static inline int inat_is_group(insn_attr_t attr)
5248 +-{
5249 +- return attr & INAT_GRP_MASK;
5250 +-}
5251 +-
5252 +-static inline int inat_group_id(insn_attr_t attr)
5253 +-{
5254 +- return (attr & INAT_GRP_MASK) >> INAT_GRP_OFFS;
5255 +-}
5256 +-
5257 +-static inline int inat_group_common_attribute(insn_attr_t attr)
5258 +-{
5259 +- return attr & ~INAT_GRP_MASK;
5260 +-}
5261 +-
5262 +-static inline int inat_has_immediate(insn_attr_t attr)
5263 +-{
5264 +- return attr & INAT_IMM_MASK;
5265 +-}
5266 +-
5267 +-static inline int inat_immediate_size(insn_attr_t attr)
5268 +-{
5269 +- return (attr & INAT_IMM_MASK) >> INAT_IMM_OFFS;
5270 +-}
5271 +-
5272 +-static inline int inat_has_modrm(insn_attr_t attr)
5273 +-{
5274 +- return attr & INAT_MODRM;
5275 +-}
5276 +-
5277 +-static inline int inat_is_force64(insn_attr_t attr)
5278 +-{
5279 +- return attr & INAT_FORCE64;
5280 +-}
5281 +-
5282 +-static inline int inat_has_second_immediate(insn_attr_t attr)
5283 +-{
5284 +- return attr & INAT_SCNDIMM;
5285 +-}
5286 +-
5287 +-static inline int inat_has_moffset(insn_attr_t attr)
5288 +-{
5289 +- return attr & INAT_MOFFSET;
5290 +-}
5291 +-
5292 +-static inline int inat_has_variant(insn_attr_t attr)
5293 +-{
5294 +- return attr & INAT_VARIANT;
5295 +-}
5296 +-
5297 +-static inline int inat_accept_vex(insn_attr_t attr)
5298 +-{
5299 +- return attr & INAT_VEXOK;
5300 +-}
5301 +-
5302 +-static inline int inat_must_vex(insn_attr_t attr)
5303 +-{
5304 +- return attr & (INAT_VEXONLY | INAT_EVEXONLY);
5305 +-}
5306 +-
5307 +-static inline int inat_must_evex(insn_attr_t attr)
5308 +-{
5309 +- return attr & INAT_EVEXONLY;
5310 +-}
5311 +-#endif
5312 +diff --git a/tools/objtool/arch/x86/insn/inat_types.h b/tools/objtool/arch/x86/insn/inat_types.h
5313 +deleted file mode 100644
5314 +index cb3c20ce39cf..000000000000
5315 +--- a/tools/objtool/arch/x86/insn/inat_types.h
5316 ++++ /dev/null
5317 +@@ -1,29 +0,0 @@
5318 +-#ifndef _ASM_X86_INAT_TYPES_H
5319 +-#define _ASM_X86_INAT_TYPES_H
5320 +-/*
5321 +- * x86 instruction attributes
5322 +- *
5323 +- * Written by Masami Hiramatsu <mhiramat@××××××.com>
5324 +- *
5325 +- * This program is free software; you can redistribute it and/or modify
5326 +- * it under the terms of the GNU General Public License as published by
5327 +- * the Free Software Foundation; either version 2 of the License, or
5328 +- * (at your option) any later version.
5329 +- *
5330 +- * This program is distributed in the hope that it will be useful,
5331 +- * but WITHOUT ANY WARRANTY; without even the implied warranty of
5332 +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
5333 +- * GNU General Public License for more details.
5334 +- *
5335 +- * You should have received a copy of the GNU General Public License
5336 +- * along with this program; if not, write to the Free Software
5337 +- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
5338 +- *
5339 +- */
5340 +-
5341 +-/* Instruction attributes */
5342 +-typedef unsigned int insn_attr_t;
5343 +-typedef unsigned char insn_byte_t;
5344 +-typedef signed int insn_value_t;
5345 +-
5346 +-#endif
5347 +diff --git a/tools/objtool/arch/x86/insn/insn.c b/tools/objtool/arch/x86/insn/insn.c
5348 +deleted file mode 100644
5349 +index ca983e2bea8b..000000000000
5350 +--- a/tools/objtool/arch/x86/insn/insn.c
5351 ++++ /dev/null
5352 +@@ -1,606 +0,0 @@
5353 +-/*
5354 +- * x86 instruction analysis
5355 +- *
5356 +- * This program is free software; you can redistribute it and/or modify
5357 +- * it under the terms of the GNU General Public License as published by
5358 +- * the Free Software Foundation; either version 2 of the License, or
5359 +- * (at your option) any later version.
5360 +- *
5361 +- * This program is distributed in the hope that it will be useful,
5362 +- * but WITHOUT ANY WARRANTY; without even the implied warranty of
5363 +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
5364 +- * GNU General Public License for more details.
5365 +- *
5366 +- * You should have received a copy of the GNU General Public License
5367 +- * along with this program; if not, write to the Free Software
5368 +- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
5369 +- *
5370 +- * Copyright (C) IBM Corporation, 2002, 2004, 2009
5371 +- */
5372 +-
5373 +-#ifdef __KERNEL__
5374 +-#include <linux/string.h>
5375 +-#else
5376 +-#include <string.h>
5377 +-#endif
5378 +-#include "inat.h"
5379 +-#include "insn.h"
5380 +-
5381 +-/* Verify next sizeof(t) bytes can be on the same instruction */
5382 +-#define validate_next(t, insn, n) \
5383 +- ((insn)->next_byte + sizeof(t) + n <= (insn)->end_kaddr)
5384 +-
5385 +-#define __get_next(t, insn) \
5386 +- ({ t r = *(t*)insn->next_byte; insn->next_byte += sizeof(t); r; })
5387 +-
5388 +-#define __peek_nbyte_next(t, insn, n) \
5389 +- ({ t r = *(t*)((insn)->next_byte + n); r; })
5390 +-
5391 +-#define get_next(t, insn) \
5392 +- ({ if (unlikely(!validate_next(t, insn, 0))) goto err_out; __get_next(t, insn); })
5393 +-
5394 +-#define peek_nbyte_next(t, insn, n) \
5395 +- ({ if (unlikely(!validate_next(t, insn, n))) goto err_out; __peek_nbyte_next(t, insn, n); })
5396 +-
5397 +-#define peek_next(t, insn) peek_nbyte_next(t, insn, 0)
5398 +-
5399 +-/**
5400 +- * insn_init() - initialize struct insn
5401 +- * @insn: &struct insn to be initialized
5402 +- * @kaddr: address (in kernel memory) of instruction (or copy thereof)
5403 +- * @x86_64: !0 for 64-bit kernel or 64-bit app
5404 +- */
5405 +-void insn_init(struct insn *insn, const void *kaddr, int buf_len, int x86_64)
5406 +-{
5407 +- /*
5408 +- * Instructions longer than MAX_INSN_SIZE (15 bytes) are invalid
5409 +- * even if the input buffer is long enough to hold them.
5410 +- */
5411 +- if (buf_len > MAX_INSN_SIZE)
5412 +- buf_len = MAX_INSN_SIZE;
5413 +-
5414 +- memset(insn, 0, sizeof(*insn));
5415 +- insn->kaddr = kaddr;
5416 +- insn->end_kaddr = kaddr + buf_len;
5417 +- insn->next_byte = kaddr;
5418 +- insn->x86_64 = x86_64 ? 1 : 0;
5419 +- insn->opnd_bytes = 4;
5420 +- if (x86_64)
5421 +- insn->addr_bytes = 8;
5422 +- else
5423 +- insn->addr_bytes = 4;
5424 +-}
5425 +-
5426 +-/**
5427 +- * insn_get_prefixes - scan x86 instruction prefix bytes
5428 +- * @insn: &struct insn containing instruction
5429 +- *
5430 +- * Populates the @insn->prefixes bitmap, and updates @insn->next_byte
5431 +- * to point to the (first) opcode. No effect if @insn->prefixes.got
5432 +- * is already set.
5433 +- */
5434 +-void insn_get_prefixes(struct insn *insn)
5435 +-{
5436 +- struct insn_field *prefixes = &insn->prefixes;
5437 +- insn_attr_t attr;
5438 +- insn_byte_t b, lb;
5439 +- int i, nb;
5440 +-
5441 +- if (prefixes->got)
5442 +- return;
5443 +-
5444 +- nb = 0;
5445 +- lb = 0;
5446 +- b = peek_next(insn_byte_t, insn);
5447 +- attr = inat_get_opcode_attribute(b);
5448 +- while (inat_is_legacy_prefix(attr)) {
5449 +- /* Skip if same prefix */
5450 +- for (i = 0; i < nb; i++)
5451 +- if (prefixes->bytes[i] == b)
5452 +- goto found;
5453 +- if (nb == 4)
5454 +- /* Invalid instruction */
5455 +- break;
5456 +- prefixes->bytes[nb++] = b;
5457 +- if (inat_is_address_size_prefix(attr)) {
5458 +- /* address size switches 2/4 or 4/8 */
5459 +- if (insn->x86_64)
5460 +- insn->addr_bytes ^= 12;
5461 +- else
5462 +- insn->addr_bytes ^= 6;
5463 +- } else if (inat_is_operand_size_prefix(attr)) {
5464 +- /* oprand size switches 2/4 */
5465 +- insn->opnd_bytes ^= 6;
5466 +- }
5467 +-found:
5468 +- prefixes->nbytes++;
5469 +- insn->next_byte++;
5470 +- lb = b;
5471 +- b = peek_next(insn_byte_t, insn);
5472 +- attr = inat_get_opcode_attribute(b);
5473 +- }
5474 +- /* Set the last prefix */
5475 +- if (lb && lb != insn->prefixes.bytes[3]) {
5476 +- if (unlikely(insn->prefixes.bytes[3])) {
5477 +- /* Swap the last prefix */
5478 +- b = insn->prefixes.bytes[3];
5479 +- for (i = 0; i < nb; i++)
5480 +- if (prefixes->bytes[i] == lb)
5481 +- prefixes->bytes[i] = b;
5482 +- }
5483 +- insn->prefixes.bytes[3] = lb;
5484 +- }
5485 +-
5486 +- /* Decode REX prefix */
5487 +- if (insn->x86_64) {
5488 +- b = peek_next(insn_byte_t, insn);
5489 +- attr = inat_get_opcode_attribute(b);
5490 +- if (inat_is_rex_prefix(attr)) {
5491 +- insn->rex_prefix.value = b;
5492 +- insn->rex_prefix.nbytes = 1;
5493 +- insn->next_byte++;
5494 +- if (X86_REX_W(b))
5495 +- /* REX.W overrides opnd_size */
5496 +- insn->opnd_bytes = 8;
5497 +- }
5498 +- }
5499 +- insn->rex_prefix.got = 1;
5500 +-
5501 +- /* Decode VEX prefix */
5502 +- b = peek_next(insn_byte_t, insn);
5503 +- attr = inat_get_opcode_attribute(b);
5504 +- if (inat_is_vex_prefix(attr)) {
5505 +- insn_byte_t b2 = peek_nbyte_next(insn_byte_t, insn, 1);
5506 +- if (!insn->x86_64) {
5507 +- /*
5508 +- * In 32-bits mode, if the [7:6] bits (mod bits of
5509 +- * ModRM) on the second byte are not 11b, it is
5510 +- * LDS or LES or BOUND.
5511 +- */
5512 +- if (X86_MODRM_MOD(b2) != 3)
5513 +- goto vex_end;
5514 +- }
5515 +- insn->vex_prefix.bytes[0] = b;
5516 +- insn->vex_prefix.bytes[1] = b2;
5517 +- if (inat_is_evex_prefix(attr)) {
5518 +- b2 = peek_nbyte_next(insn_byte_t, insn, 2);
5519 +- insn->vex_prefix.bytes[2] = b2;
5520 +- b2 = peek_nbyte_next(insn_byte_t, insn, 3);
5521 +- insn->vex_prefix.bytes[3] = b2;
5522 +- insn->vex_prefix.nbytes = 4;
5523 +- insn->next_byte += 4;
5524 +- if (insn->x86_64 && X86_VEX_W(b2))
5525 +- /* VEX.W overrides opnd_size */
5526 +- insn->opnd_bytes = 8;
5527 +- } else if (inat_is_vex3_prefix(attr)) {
5528 +- b2 = peek_nbyte_next(insn_byte_t, insn, 2);
5529 +- insn->vex_prefix.bytes[2] = b2;
5530 +- insn->vex_prefix.nbytes = 3;
5531 +- insn->next_byte += 3;
5532 +- if (insn->x86_64 && X86_VEX_W(b2))
5533 +- /* VEX.W overrides opnd_size */
5534 +- insn->opnd_bytes = 8;
5535 +- } else {
5536 +- /*
5537 +- * For VEX2, fake VEX3-like byte#2.
5538 +- * Makes it easier to decode vex.W, vex.vvvv,
5539 +- * vex.L and vex.pp. Masking with 0x7f sets vex.W == 0.
5540 +- */
5541 +- insn->vex_prefix.bytes[2] = b2 & 0x7f;
5542 +- insn->vex_prefix.nbytes = 2;
5543 +- insn->next_byte += 2;
5544 +- }
5545 +- }
5546 +-vex_end:
5547 +- insn->vex_prefix.got = 1;
5548 +-
5549 +- prefixes->got = 1;
5550 +-
5551 +-err_out:
5552 +- return;
5553 +-}
5554 +-
5555 +-/**
5556 +- * insn_get_opcode - collect opcode(s)
5557 +- * @insn: &struct insn containing instruction
5558 +- *
5559 +- * Populates @insn->opcode, updates @insn->next_byte to point past the
5560 +- * opcode byte(s), and set @insn->attr (except for groups).
5561 +- * If necessary, first collects any preceding (prefix) bytes.
5562 +- * Sets @insn->opcode.value = opcode1. No effect if @insn->opcode.got
5563 +- * is already 1.
5564 +- */
5565 +-void insn_get_opcode(struct insn *insn)
5566 +-{
5567 +- struct insn_field *opcode = &insn->opcode;
5568 +- insn_byte_t op;
5569 +- int pfx_id;
5570 +- if (opcode->got)
5571 +- return;
5572 +- if (!insn->prefixes.got)
5573 +- insn_get_prefixes(insn);
5574 +-
5575 +- /* Get first opcode */
5576 +- op = get_next(insn_byte_t, insn);
5577 +- opcode->bytes[0] = op;
5578 +- opcode->nbytes = 1;
5579 +-
5580 +- /* Check if there is VEX prefix or not */
5581 +- if (insn_is_avx(insn)) {
5582 +- insn_byte_t m, p;
5583 +- m = insn_vex_m_bits(insn);
5584 +- p = insn_vex_p_bits(insn);
5585 +- insn->attr = inat_get_avx_attribute(op, m, p);
5586 +- if ((inat_must_evex(insn->attr) && !insn_is_evex(insn)) ||
5587 +- (!inat_accept_vex(insn->attr) &&
5588 +- !inat_is_group(insn->attr)))
5589 +- insn->attr = 0; /* This instruction is bad */
5590 +- goto end; /* VEX has only 1 byte for opcode */
5591 +- }
5592 +-
5593 +- insn->attr = inat_get_opcode_attribute(op);
5594 +- while (inat_is_escape(insn->attr)) {
5595 +- /* Get escaped opcode */
5596 +- op = get_next(insn_byte_t, insn);
5597 +- opcode->bytes[opcode->nbytes++] = op;
5598 +- pfx_id = insn_last_prefix_id(insn);
5599 +- insn->attr = inat_get_escape_attribute(op, pfx_id, insn->attr);
5600 +- }
5601 +- if (inat_must_vex(insn->attr))
5602 +- insn->attr = 0; /* This instruction is bad */
5603 +-end:
5604 +- opcode->got = 1;
5605 +-
5606 +-err_out:
5607 +- return;
5608 +-}
5609 +-
5610 +-/**
5611 +- * insn_get_modrm - collect ModRM byte, if any
5612 +- * @insn: &struct insn containing instruction
5613 +- *
5614 +- * Populates @insn->modrm and updates @insn->next_byte to point past the
5615 +- * ModRM byte, if any. If necessary, first collects the preceding bytes
5616 +- * (prefixes and opcode(s)). No effect if @insn->modrm.got is already 1.
5617 +- */
5618 +-void insn_get_modrm(struct insn *insn)
5619 +-{
5620 +- struct insn_field *modrm = &insn->modrm;
5621 +- insn_byte_t pfx_id, mod;
5622 +- if (modrm->got)
5623 +- return;
5624 +- if (!insn->opcode.got)
5625 +- insn_get_opcode(insn);
5626 +-
5627 +- if (inat_has_modrm(insn->attr)) {
5628 +- mod = get_next(insn_byte_t, insn);
5629 +- modrm->value = mod;
5630 +- modrm->nbytes = 1;
5631 +- if (inat_is_group(insn->attr)) {
5632 +- pfx_id = insn_last_prefix_id(insn);
5633 +- insn->attr = inat_get_group_attribute(mod, pfx_id,
5634 +- insn->attr);
5635 +- if (insn_is_avx(insn) && !inat_accept_vex(insn->attr))
5636 +- insn->attr = 0; /* This is bad */
5637 +- }
5638 +- }
5639 +-
5640 +- if (insn->x86_64 && inat_is_force64(insn->attr))
5641 +- insn->opnd_bytes = 8;
5642 +- modrm->got = 1;
5643 +-
5644 +-err_out:
5645 +- return;
5646 +-}
5647 +-
5648 +-
5649 +-/**
5650 +- * insn_rip_relative() - Does instruction use RIP-relative addressing mode?
5651 +- * @insn: &struct insn containing instruction
5652 +- *
5653 +- * If necessary, first collects the instruction up to and including the
5654 +- * ModRM byte. No effect if @insn->x86_64 is 0.
5655 +- */
5656 +-int insn_rip_relative(struct insn *insn)
5657 +-{
5658 +- struct insn_field *modrm = &insn->modrm;
5659 +-
5660 +- if (!insn->x86_64)
5661 +- return 0;
5662 +- if (!modrm->got)
5663 +- insn_get_modrm(insn);
5664 +- /*
5665 +- * For rip-relative instructions, the mod field (top 2 bits)
5666 +- * is zero and the r/m field (bottom 3 bits) is 0x5.
5667 +- */
5668 +- return (modrm->nbytes && (modrm->value & 0xc7) == 0x5);
5669 +-}
5670 +-
5671 +-/**
5672 +- * insn_get_sib() - Get the SIB byte of instruction
5673 +- * @insn: &struct insn containing instruction
5674 +- *
5675 +- * If necessary, first collects the instruction up to and including the
5676 +- * ModRM byte.
5677 +- */
5678 +-void insn_get_sib(struct insn *insn)
5679 +-{
5680 +- insn_byte_t modrm;
5681 +-
5682 +- if (insn->sib.got)
5683 +- return;
5684 +- if (!insn->modrm.got)
5685 +- insn_get_modrm(insn);
5686 +- if (insn->modrm.nbytes) {
5687 +- modrm = (insn_byte_t)insn->modrm.value;
5688 +- if (insn->addr_bytes != 2 &&
5689 +- X86_MODRM_MOD(modrm) != 3 && X86_MODRM_RM(modrm) == 4) {
5690 +- insn->sib.value = get_next(insn_byte_t, insn);
5691 +- insn->sib.nbytes = 1;
5692 +- }
5693 +- }
5694 +- insn->sib.got = 1;
5695 +-
5696 +-err_out:
5697 +- return;
5698 +-}
5699 +-
5700 +-
5701 +-/**
5702 +- * insn_get_displacement() - Get the displacement of instruction
5703 +- * @insn: &struct insn containing instruction
5704 +- *
5705 +- * If necessary, first collects the instruction up to and including the
5706 +- * SIB byte.
5707 +- * Displacement value is sign-expanded.
5708 +- */
5709 +-void insn_get_displacement(struct insn *insn)
5710 +-{
5711 +- insn_byte_t mod, rm, base;
5712 +-
5713 +- if (insn->displacement.got)
5714 +- return;
5715 +- if (!insn->sib.got)
5716 +- insn_get_sib(insn);
5717 +- if (insn->modrm.nbytes) {
5718 +- /*
5719 +- * Interpreting the modrm byte:
5720 +- * mod = 00 - no displacement fields (exceptions below)
5721 +- * mod = 01 - 1-byte displacement field
5722 +- * mod = 10 - displacement field is 4 bytes, or 2 bytes if
5723 +- * address size = 2 (0x67 prefix in 32-bit mode)
5724 +- * mod = 11 - no memory operand
5725 +- *
5726 +- * If address size = 2...
5727 +- * mod = 00, r/m = 110 - displacement field is 2 bytes
5728 +- *
5729 +- * If address size != 2...
5730 +- * mod != 11, r/m = 100 - SIB byte exists
5731 +- * mod = 00, SIB base = 101 - displacement field is 4 bytes
5732 +- * mod = 00, r/m = 101 - rip-relative addressing, displacement
5733 +- * field is 4 bytes
5734 +- */
5735 +- mod = X86_MODRM_MOD(insn->modrm.value);
5736 +- rm = X86_MODRM_RM(insn->modrm.value);
5737 +- base = X86_SIB_BASE(insn->sib.value);
5738 +- if (mod == 3)
5739 +- goto out;
5740 +- if (mod == 1) {
5741 +- insn->displacement.value = get_next(signed char, insn);
5742 +- insn->displacement.nbytes = 1;
5743 +- } else if (insn->addr_bytes == 2) {
5744 +- if ((mod == 0 && rm == 6) || mod == 2) {
5745 +- insn->displacement.value =
5746 +- get_next(short, insn);
5747 +- insn->displacement.nbytes = 2;
5748 +- }
5749 +- } else {
5750 +- if ((mod == 0 && rm == 5) || mod == 2 ||
5751 +- (mod == 0 && base == 5)) {
5752 +- insn->displacement.value = get_next(int, insn);
5753 +- insn->displacement.nbytes = 4;
5754 +- }
5755 +- }
5756 +- }
5757 +-out:
5758 +- insn->displacement.got = 1;
5759 +-
5760 +-err_out:
5761 +- return;
5762 +-}
5763 +-
5764 +-/* Decode moffset16/32/64. Return 0 if failed */
5765 +-static int __get_moffset(struct insn *insn)
5766 +-{
5767 +- switch (insn->addr_bytes) {
5768 +- case 2:
5769 +- insn->moffset1.value = get_next(short, insn);
5770 +- insn->moffset1.nbytes = 2;
5771 +- break;
5772 +- case 4:
5773 +- insn->moffset1.value = get_next(int, insn);
5774 +- insn->moffset1.nbytes = 4;
5775 +- break;
5776 +- case 8:
5777 +- insn->moffset1.value = get_next(int, insn);
5778 +- insn->moffset1.nbytes = 4;
5779 +- insn->moffset2.value = get_next(int, insn);
5780 +- insn->moffset2.nbytes = 4;
5781 +- break;
5782 +- default: /* opnd_bytes must be modified manually */
5783 +- goto err_out;
5784 +- }
5785 +- insn->moffset1.got = insn->moffset2.got = 1;
5786 +-
5787 +- return 1;
5788 +-
5789 +-err_out:
5790 +- return 0;
5791 +-}
5792 +-
5793 +-/* Decode imm v32(Iz). Return 0 if failed */
5794 +-static int __get_immv32(struct insn *insn)
5795 +-{
5796 +- switch (insn->opnd_bytes) {
5797 +- case 2:
5798 +- insn->immediate.value = get_next(short, insn);
5799 +- insn->immediate.nbytes = 2;
5800 +- break;
5801 +- case 4:
5802 +- case 8:
5803 +- insn->immediate.value = get_next(int, insn);
5804 +- insn->immediate.nbytes = 4;
5805 +- break;
5806 +- default: /* opnd_bytes must be modified manually */
5807 +- goto err_out;
5808 +- }
5809 +-
5810 +- return 1;
5811 +-
5812 +-err_out:
5813 +- return 0;
5814 +-}
5815 +-
5816 +-/* Decode imm v64(Iv/Ov), Return 0 if failed */
5817 +-static int __get_immv(struct insn *insn)
5818 +-{
5819 +- switch (insn->opnd_bytes) {
5820 +- case 2:
5821 +- insn->immediate1.value = get_next(short, insn);
5822 +- insn->immediate1.nbytes = 2;
5823 +- break;
5824 +- case 4:
5825 +- insn->immediate1.value = get_next(int, insn);
5826 +- insn->immediate1.nbytes = 4;
5827 +- break;
5828 +- case 8:
5829 +- insn->immediate1.value = get_next(int, insn);
5830 +- insn->immediate1.nbytes = 4;
5831 +- insn->immediate2.value = get_next(int, insn);
5832 +- insn->immediate2.nbytes = 4;
5833 +- break;
5834 +- default: /* opnd_bytes must be modified manually */
5835 +- goto err_out;
5836 +- }
5837 +- insn->immediate1.got = insn->immediate2.got = 1;
5838 +-
5839 +- return 1;
5840 +-err_out:
5841 +- return 0;
5842 +-}
5843 +-
5844 +-/* Decode ptr16:16/32(Ap) */
5845 +-static int __get_immptr(struct insn *insn)
5846 +-{
5847 +- switch (insn->opnd_bytes) {
5848 +- case 2:
5849 +- insn->immediate1.value = get_next(short, insn);
5850 +- insn->immediate1.nbytes = 2;
5851 +- break;
5852 +- case 4:
5853 +- insn->immediate1.value = get_next(int, insn);
5854 +- insn->immediate1.nbytes = 4;
5855 +- break;
5856 +- case 8:
5857 +- /* ptr16:64 is not exist (no segment) */
5858 +- return 0;
5859 +- default: /* opnd_bytes must be modified manually */
5860 +- goto err_out;
5861 +- }
5862 +- insn->immediate2.value = get_next(unsigned short, insn);
5863 +- insn->immediate2.nbytes = 2;
5864 +- insn->immediate1.got = insn->immediate2.got = 1;
5865 +-
5866 +- return 1;
5867 +-err_out:
5868 +- return 0;
5869 +-}
5870 +-
5871 +-/**
5872 +- * insn_get_immediate() - Get the immediates of instruction
5873 +- * @insn: &struct insn containing instruction
5874 +- *
5875 +- * If necessary, first collects the instruction up to and including the
5876 +- * displacement bytes.
5877 +- * Basically, most of immediates are sign-expanded. Unsigned-value can be
5878 +- * get by bit masking with ((1 << (nbytes * 8)) - 1)
5879 +- */
5880 +-void insn_get_immediate(struct insn *insn)
5881 +-{
5882 +- if (insn->immediate.got)
5883 +- return;
5884 +- if (!insn->displacement.got)
5885 +- insn_get_displacement(insn);
5886 +-
5887 +- if (inat_has_moffset(insn->attr)) {
5888 +- if (!__get_moffset(insn))
5889 +- goto err_out;
5890 +- goto done;
5891 +- }
5892 +-
5893 +- if (!inat_has_immediate(insn->attr))
5894 +- /* no immediates */
5895 +- goto done;
5896 +-
5897 +- switch (inat_immediate_size(insn->attr)) {
5898 +- case INAT_IMM_BYTE:
5899 +- insn->immediate.value = get_next(signed char, insn);
5900 +- insn->immediate.nbytes = 1;
5901 +- break;
5902 +- case INAT_IMM_WORD:
5903 +- insn->immediate.value = get_next(short, insn);
5904 +- insn->immediate.nbytes = 2;
5905 +- break;
5906 +- case INAT_IMM_DWORD:
5907 +- insn->immediate.value = get_next(int, insn);
5908 +- insn->immediate.nbytes = 4;
5909 +- break;
5910 +- case INAT_IMM_QWORD:
5911 +- insn->immediate1.value = get_next(int, insn);
5912 +- insn->immediate1.nbytes = 4;
5913 +- insn->immediate2.value = get_next(int, insn);
5914 +- insn->immediate2.nbytes = 4;
5915 +- break;
5916 +- case INAT_IMM_PTR:
5917 +- if (!__get_immptr(insn))
5918 +- goto err_out;
5919 +- break;
5920 +- case INAT_IMM_VWORD32:
5921 +- if (!__get_immv32(insn))
5922 +- goto err_out;
5923 +- break;
5924 +- case INAT_IMM_VWORD:
5925 +- if (!__get_immv(insn))
5926 +- goto err_out;
5927 +- break;
5928 +- default:
5929 +- /* Here, insn must have an immediate, but failed */
5930 +- goto err_out;
5931 +- }
5932 +- if (inat_has_second_immediate(insn->attr)) {
5933 +- insn->immediate2.value = get_next(signed char, insn);
5934 +- insn->immediate2.nbytes = 1;
5935 +- }
5936 +-done:
5937 +- insn->immediate.got = 1;
5938 +-
5939 +-err_out:
5940 +- return;
5941 +-}
5942 +-
5943 +-/**
5944 +- * insn_get_length() - Get the length of instruction
5945 +- * @insn: &struct insn containing instruction
5946 +- *
5947 +- * If necessary, first collects the instruction up to and including the
5948 +- * immediates bytes.
5949 +- */
5950 +-void insn_get_length(struct insn *insn)
5951 +-{
5952 +- if (insn->length)
5953 +- return;
5954 +- if (!insn->immediate.got)
5955 +- insn_get_immediate(insn);
5956 +- insn->length = (unsigned char)((unsigned long)insn->next_byte
5957 +- - (unsigned long)insn->kaddr);
5958 +-}
5959 +diff --git a/tools/objtool/arch/x86/insn/insn.h b/tools/objtool/arch/x86/insn/insn.h
5960 +deleted file mode 100644
5961 +index e23578c7b1be..000000000000
5962 +--- a/tools/objtool/arch/x86/insn/insn.h
5963 ++++ /dev/null
5964 +@@ -1,211 +0,0 @@
5965 +-#ifndef _ASM_X86_INSN_H
5966 +-#define _ASM_X86_INSN_H
5967 +-/*
5968 +- * x86 instruction analysis
5969 +- *
5970 +- * This program is free software; you can redistribute it and/or modify
5971 +- * it under the terms of the GNU General Public License as published by
5972 +- * the Free Software Foundation; either version 2 of the License, or
5973 +- * (at your option) any later version.
5974 +- *
5975 +- * This program is distributed in the hope that it will be useful,
5976 +- * but WITHOUT ANY WARRANTY; without even the implied warranty of
5977 +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
5978 +- * GNU General Public License for more details.
5979 +- *
5980 +- * You should have received a copy of the GNU General Public License
5981 +- * along with this program; if not, write to the Free Software
5982 +- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
5983 +- *
5984 +- * Copyright (C) IBM Corporation, 2009
5985 +- */
5986 +-
5987 +-/* insn_attr_t is defined in inat.h */
5988 +-#include "inat.h"
5989 +-
5990 +-struct insn_field {
5991 +- union {
5992 +- insn_value_t value;
5993 +- insn_byte_t bytes[4];
5994 +- };
5995 +- /* !0 if we've run insn_get_xxx() for this field */
5996 +- unsigned char got;
5997 +- unsigned char nbytes;
5998 +-};
5999 +-
6000 +-struct insn {
6001 +- struct insn_field prefixes; /*
6002 +- * Prefixes
6003 +- * prefixes.bytes[3]: last prefix
6004 +- */
6005 +- struct insn_field rex_prefix; /* REX prefix */
6006 +- struct insn_field vex_prefix; /* VEX prefix */
6007 +- struct insn_field opcode; /*
6008 +- * opcode.bytes[0]: opcode1
6009 +- * opcode.bytes[1]: opcode2
6010 +- * opcode.bytes[2]: opcode3
6011 +- */
6012 +- struct insn_field modrm;
6013 +- struct insn_field sib;
6014 +- struct insn_field displacement;
6015 +- union {
6016 +- struct insn_field immediate;
6017 +- struct insn_field moffset1; /* for 64bit MOV */
6018 +- struct insn_field immediate1; /* for 64bit imm or off16/32 */
6019 +- };
6020 +- union {
6021 +- struct insn_field moffset2; /* for 64bit MOV */
6022 +- struct insn_field immediate2; /* for 64bit imm or seg16 */
6023 +- };
6024 +-
6025 +- insn_attr_t attr;
6026 +- unsigned char opnd_bytes;
6027 +- unsigned char addr_bytes;
6028 +- unsigned char length;
6029 +- unsigned char x86_64;
6030 +-
6031 +- const insn_byte_t *kaddr; /* kernel address of insn to analyze */
6032 +- const insn_byte_t *end_kaddr; /* kernel address of last insn in buffer */
6033 +- const insn_byte_t *next_byte;
6034 +-};
6035 +-
6036 +-#define MAX_INSN_SIZE 15
6037 +-
6038 +-#define X86_MODRM_MOD(modrm) (((modrm) & 0xc0) >> 6)
6039 +-#define X86_MODRM_REG(modrm) (((modrm) & 0x38) >> 3)
6040 +-#define X86_MODRM_RM(modrm) ((modrm) & 0x07)
6041 +-
6042 +-#define X86_SIB_SCALE(sib) (((sib) & 0xc0) >> 6)
6043 +-#define X86_SIB_INDEX(sib) (((sib) & 0x38) >> 3)
6044 +-#define X86_SIB_BASE(sib) ((sib) & 0x07)
6045 +-
6046 +-#define X86_REX_W(rex) ((rex) & 8)
6047 +-#define X86_REX_R(rex) ((rex) & 4)
6048 +-#define X86_REX_X(rex) ((rex) & 2)
6049 +-#define X86_REX_B(rex) ((rex) & 1)
6050 +-
6051 +-/* VEX bit flags */
6052 +-#define X86_VEX_W(vex) ((vex) & 0x80) /* VEX3 Byte2 */
6053 +-#define X86_VEX_R(vex) ((vex) & 0x80) /* VEX2/3 Byte1 */
6054 +-#define X86_VEX_X(vex) ((vex) & 0x40) /* VEX3 Byte1 */
6055 +-#define X86_VEX_B(vex) ((vex) & 0x20) /* VEX3 Byte1 */
6056 +-#define X86_VEX_L(vex) ((vex) & 0x04) /* VEX3 Byte2, VEX2 Byte1 */
6057 +-/* VEX bit fields */
6058 +-#define X86_EVEX_M(vex) ((vex) & 0x03) /* EVEX Byte1 */
6059 +-#define X86_VEX3_M(vex) ((vex) & 0x1f) /* VEX3 Byte1 */
6060 +-#define X86_VEX2_M 1 /* VEX2.M always 1 */
6061 +-#define X86_VEX_V(vex) (((vex) & 0x78) >> 3) /* VEX3 Byte2, VEX2 Byte1 */
6062 +-#define X86_VEX_P(vex) ((vex) & 0x03) /* VEX3 Byte2, VEX2 Byte1 */
6063 +-#define X86_VEX_M_MAX 0x1f /* VEX3.M Maximum value */
6064 +-
6065 +-extern void insn_init(struct insn *insn, const void *kaddr, int buf_len, int x86_64);
6066 +-extern void insn_get_prefixes(struct insn *insn);
6067 +-extern void insn_get_opcode(struct insn *insn);
6068 +-extern void insn_get_modrm(struct insn *insn);
6069 +-extern void insn_get_sib(struct insn *insn);
6070 +-extern void insn_get_displacement(struct insn *insn);
6071 +-extern void insn_get_immediate(struct insn *insn);
6072 +-extern void insn_get_length(struct insn *insn);
6073 +-
6074 +-/* Attribute will be determined after getting ModRM (for opcode groups) */
6075 +-static inline void insn_get_attribute(struct insn *insn)
6076 +-{
6077 +- insn_get_modrm(insn);
6078 +-}
6079 +-
6080 +-/* Instruction uses RIP-relative addressing */
6081 +-extern int insn_rip_relative(struct insn *insn);
6082 +-
6083 +-/* Init insn for kernel text */
6084 +-static inline void kernel_insn_init(struct insn *insn,
6085 +- const void *kaddr, int buf_len)
6086 +-{
6087 +-#ifdef CONFIG_X86_64
6088 +- insn_init(insn, kaddr, buf_len, 1);
6089 +-#else /* CONFIG_X86_32 */
6090 +- insn_init(insn, kaddr, buf_len, 0);
6091 +-#endif
6092 +-}
6093 +-
6094 +-static inline int insn_is_avx(struct insn *insn)
6095 +-{
6096 +- if (!insn->prefixes.got)
6097 +- insn_get_prefixes(insn);
6098 +- return (insn->vex_prefix.value != 0);
6099 +-}
6100 +-
6101 +-static inline int insn_is_evex(struct insn *insn)
6102 +-{
6103 +- if (!insn->prefixes.got)
6104 +- insn_get_prefixes(insn);
6105 +- return (insn->vex_prefix.nbytes == 4);
6106 +-}
6107 +-
6108 +-/* Ensure this instruction is decoded completely */
6109 +-static inline int insn_complete(struct insn *insn)
6110 +-{
6111 +- return insn->opcode.got && insn->modrm.got && insn->sib.got &&
6112 +- insn->displacement.got && insn->immediate.got;
6113 +-}
6114 +-
6115 +-static inline insn_byte_t insn_vex_m_bits(struct insn *insn)
6116 +-{
6117 +- if (insn->vex_prefix.nbytes == 2) /* 2 bytes VEX */
6118 +- return X86_VEX2_M;
6119 +- else if (insn->vex_prefix.nbytes == 3) /* 3 bytes VEX */
6120 +- return X86_VEX3_M(insn->vex_prefix.bytes[1]);
6121 +- else /* EVEX */
6122 +- return X86_EVEX_M(insn->vex_prefix.bytes[1]);
6123 +-}
6124 +-
6125 +-static inline insn_byte_t insn_vex_p_bits(struct insn *insn)
6126 +-{
6127 +- if (insn->vex_prefix.nbytes == 2) /* 2 bytes VEX */
6128 +- return X86_VEX_P(insn->vex_prefix.bytes[1]);
6129 +- else
6130 +- return X86_VEX_P(insn->vex_prefix.bytes[2]);
6131 +-}
6132 +-
6133 +-/* Get the last prefix id from last prefix or VEX prefix */
6134 +-static inline int insn_last_prefix_id(struct insn *insn)
6135 +-{
6136 +- if (insn_is_avx(insn))
6137 +- return insn_vex_p_bits(insn); /* VEX_p is a SIMD prefix id */
6138 +-
6139 +- if (insn->prefixes.bytes[3])
6140 +- return inat_get_last_prefix_id(insn->prefixes.bytes[3]);
6141 +-
6142 +- return 0;
6143 +-}
6144 +-
6145 +-/* Offset of each field from kaddr */
6146 +-static inline int insn_offset_rex_prefix(struct insn *insn)
6147 +-{
6148 +- return insn->prefixes.nbytes;
6149 +-}
6150 +-static inline int insn_offset_vex_prefix(struct insn *insn)
6151 +-{
6152 +- return insn_offset_rex_prefix(insn) + insn->rex_prefix.nbytes;
6153 +-}
6154 +-static inline int insn_offset_opcode(struct insn *insn)
6155 +-{
6156 +- return insn_offset_vex_prefix(insn) + insn->vex_prefix.nbytes;
6157 +-}
6158 +-static inline int insn_offset_modrm(struct insn *insn)
6159 +-{
6160 +- return insn_offset_opcode(insn) + insn->opcode.nbytes;
6161 +-}
6162 +-static inline int insn_offset_sib(struct insn *insn)
6163 +-{
6164 +- return insn_offset_modrm(insn) + insn->modrm.nbytes;
6165 +-}
6166 +-static inline int insn_offset_displacement(struct insn *insn)
6167 +-{
6168 +- return insn_offset_sib(insn) + insn->sib.nbytes;
6169 +-}
6170 +-static inline int insn_offset_immediate(struct insn *insn)
6171 +-{
6172 +- return insn_offset_displacement(insn) + insn->displacement.nbytes;
6173 +-}
6174 +-
6175 +-#endif /* _ASM_X86_INSN_H */
6176 +diff --git a/tools/objtool/arch/x86/insn/x86-opcode-map.txt b/tools/objtool/arch/x86/insn/x86-opcode-map.txt
6177 +deleted file mode 100644
6178 +index 12e377184ee4..000000000000
6179 +--- a/tools/objtool/arch/x86/insn/x86-opcode-map.txt
6180 ++++ /dev/null
6181 +@@ -1,1063 +0,0 @@
6182 +-# x86 Opcode Maps
6183 +-#
6184 +-# This is (mostly) based on following documentations.
6185 +-# - Intel(R) 64 and IA-32 Architectures Software Developer's Manual Vol.2C
6186 +-# (#326018-047US, June 2013)
6187 +-#
6188 +-#<Opcode maps>
6189 +-# Table: table-name
6190 +-# Referrer: escaped-name
6191 +-# AVXcode: avx-code
6192 +-# opcode: mnemonic|GrpXXX [operand1[,operand2...]] [(extra1)[,(extra2)...] [| 2nd-mnemonic ...]
6193 +-# (or)
6194 +-# opcode: escape # escaped-name
6195 +-# EndTable
6196 +-#
6197 +-# mnemonics that begin with lowercase 'v' accept a VEX or EVEX prefix
6198 +-# mnemonics that begin with lowercase 'k' accept a VEX prefix
6199 +-#
6200 +-#<group maps>
6201 +-# GrpTable: GrpXXX
6202 +-# reg: mnemonic [operand1[,operand2...]] [(extra1)[,(extra2)...] [| 2nd-mnemonic ...]
6203 +-# EndTable
6204 +-#
6205 +-# AVX Superscripts
6206 +-# (ev): this opcode requires EVEX prefix.
6207 +-# (evo): this opcode is changed by EVEX prefix (EVEX opcode)
6208 +-# (v): this opcode requires VEX prefix.
6209 +-# (v1): this opcode only supports 128bit VEX.
6210 +-#
6211 +-# Last Prefix Superscripts
6212 +-# - (66): the last prefix is 0x66
6213 +-# - (F3): the last prefix is 0xF3
6214 +-# - (F2): the last prefix is 0xF2
6215 +-# - (!F3) : the last prefix is not 0xF3 (including non-last prefix case)
6216 +-# - (66&F2): Both 0x66 and 0xF2 prefixes are specified.
6217 +-
6218 +-Table: one byte opcode
6219 +-Referrer:
6220 +-AVXcode:
6221 +-# 0x00 - 0x0f
6222 +-00: ADD Eb,Gb
6223 +-01: ADD Ev,Gv
6224 +-02: ADD Gb,Eb
6225 +-03: ADD Gv,Ev
6226 +-04: ADD AL,Ib
6227 +-05: ADD rAX,Iz
6228 +-06: PUSH ES (i64)
6229 +-07: POP ES (i64)
6230 +-08: OR Eb,Gb
6231 +-09: OR Ev,Gv
6232 +-0a: OR Gb,Eb
6233 +-0b: OR Gv,Ev
6234 +-0c: OR AL,Ib
6235 +-0d: OR rAX,Iz
6236 +-0e: PUSH CS (i64)
6237 +-0f: escape # 2-byte escape
6238 +-# 0x10 - 0x1f
6239 +-10: ADC Eb,Gb
6240 +-11: ADC Ev,Gv
6241 +-12: ADC Gb,Eb
6242 +-13: ADC Gv,Ev
6243 +-14: ADC AL,Ib
6244 +-15: ADC rAX,Iz
6245 +-16: PUSH SS (i64)
6246 +-17: POP SS (i64)
6247 +-18: SBB Eb,Gb
6248 +-19: SBB Ev,Gv
6249 +-1a: SBB Gb,Eb
6250 +-1b: SBB Gv,Ev
6251 +-1c: SBB AL,Ib
6252 +-1d: SBB rAX,Iz
6253 +-1e: PUSH DS (i64)
6254 +-1f: POP DS (i64)
6255 +-# 0x20 - 0x2f
6256 +-20: AND Eb,Gb
6257 +-21: AND Ev,Gv
6258 +-22: AND Gb,Eb
6259 +-23: AND Gv,Ev
6260 +-24: AND AL,Ib
6261 +-25: AND rAx,Iz
6262 +-26: SEG=ES (Prefix)
6263 +-27: DAA (i64)
6264 +-28: SUB Eb,Gb
6265 +-29: SUB Ev,Gv
6266 +-2a: SUB Gb,Eb
6267 +-2b: SUB Gv,Ev
6268 +-2c: SUB AL,Ib
6269 +-2d: SUB rAX,Iz
6270 +-2e: SEG=CS (Prefix)
6271 +-2f: DAS (i64)
6272 +-# 0x30 - 0x3f
6273 +-30: XOR Eb,Gb
6274 +-31: XOR Ev,Gv
6275 +-32: XOR Gb,Eb
6276 +-33: XOR Gv,Ev
6277 +-34: XOR AL,Ib
6278 +-35: XOR rAX,Iz
6279 +-36: SEG=SS (Prefix)
6280 +-37: AAA (i64)
6281 +-38: CMP Eb,Gb
6282 +-39: CMP Ev,Gv
6283 +-3a: CMP Gb,Eb
6284 +-3b: CMP Gv,Ev
6285 +-3c: CMP AL,Ib
6286 +-3d: CMP rAX,Iz
6287 +-3e: SEG=DS (Prefix)
6288 +-3f: AAS (i64)
6289 +-# 0x40 - 0x4f
6290 +-40: INC eAX (i64) | REX (o64)
6291 +-41: INC eCX (i64) | REX.B (o64)
6292 +-42: INC eDX (i64) | REX.X (o64)
6293 +-43: INC eBX (i64) | REX.XB (o64)
6294 +-44: INC eSP (i64) | REX.R (o64)
6295 +-45: INC eBP (i64) | REX.RB (o64)
6296 +-46: INC eSI (i64) | REX.RX (o64)
6297 +-47: INC eDI (i64) | REX.RXB (o64)
6298 +-48: DEC eAX (i64) | REX.W (o64)
6299 +-49: DEC eCX (i64) | REX.WB (o64)
6300 +-4a: DEC eDX (i64) | REX.WX (o64)
6301 +-4b: DEC eBX (i64) | REX.WXB (o64)
6302 +-4c: DEC eSP (i64) | REX.WR (o64)
6303 +-4d: DEC eBP (i64) | REX.WRB (o64)
6304 +-4e: DEC eSI (i64) | REX.WRX (o64)
6305 +-4f: DEC eDI (i64) | REX.WRXB (o64)
6306 +-# 0x50 - 0x5f
6307 +-50: PUSH rAX/r8 (d64)
6308 +-51: PUSH rCX/r9 (d64)
6309 +-52: PUSH rDX/r10 (d64)
6310 +-53: PUSH rBX/r11 (d64)
6311 +-54: PUSH rSP/r12 (d64)
6312 +-55: PUSH rBP/r13 (d64)
6313 +-56: PUSH rSI/r14 (d64)
6314 +-57: PUSH rDI/r15 (d64)
6315 +-58: POP rAX/r8 (d64)
6316 +-59: POP rCX/r9 (d64)
6317 +-5a: POP rDX/r10 (d64)
6318 +-5b: POP rBX/r11 (d64)
6319 +-5c: POP rSP/r12 (d64)
6320 +-5d: POP rBP/r13 (d64)
6321 +-5e: POP rSI/r14 (d64)
6322 +-5f: POP rDI/r15 (d64)
6323 +-# 0x60 - 0x6f
6324 +-60: PUSHA/PUSHAD (i64)
6325 +-61: POPA/POPAD (i64)
6326 +-62: BOUND Gv,Ma (i64) | EVEX (Prefix)
6327 +-63: ARPL Ew,Gw (i64) | MOVSXD Gv,Ev (o64)
6328 +-64: SEG=FS (Prefix)
6329 +-65: SEG=GS (Prefix)
6330 +-66: Operand-Size (Prefix)
6331 +-67: Address-Size (Prefix)
6332 +-68: PUSH Iz (d64)
6333 +-69: IMUL Gv,Ev,Iz
6334 +-6a: PUSH Ib (d64)
6335 +-6b: IMUL Gv,Ev,Ib
6336 +-6c: INS/INSB Yb,DX
6337 +-6d: INS/INSW/INSD Yz,DX
6338 +-6e: OUTS/OUTSB DX,Xb
6339 +-6f: OUTS/OUTSW/OUTSD DX,Xz
6340 +-# 0x70 - 0x7f
6341 +-70: JO Jb
6342 +-71: JNO Jb
6343 +-72: JB/JNAE/JC Jb
6344 +-73: JNB/JAE/JNC Jb
6345 +-74: JZ/JE Jb
6346 +-75: JNZ/JNE Jb
6347 +-76: JBE/JNA Jb
6348 +-77: JNBE/JA Jb
6349 +-78: JS Jb
6350 +-79: JNS Jb
6351 +-7a: JP/JPE Jb
6352 +-7b: JNP/JPO Jb
6353 +-7c: JL/JNGE Jb
6354 +-7d: JNL/JGE Jb
6355 +-7e: JLE/JNG Jb
6356 +-7f: JNLE/JG Jb
6357 +-# 0x80 - 0x8f
6358 +-80: Grp1 Eb,Ib (1A)
6359 +-81: Grp1 Ev,Iz (1A)
6360 +-82: Grp1 Eb,Ib (1A),(i64)
6361 +-83: Grp1 Ev,Ib (1A)
6362 +-84: TEST Eb,Gb
6363 +-85: TEST Ev,Gv
6364 +-86: XCHG Eb,Gb
6365 +-87: XCHG Ev,Gv
6366 +-88: MOV Eb,Gb
6367 +-89: MOV Ev,Gv
6368 +-8a: MOV Gb,Eb
6369 +-8b: MOV Gv,Ev
6370 +-8c: MOV Ev,Sw
6371 +-8d: LEA Gv,M
6372 +-8e: MOV Sw,Ew
6373 +-8f: Grp1A (1A) | POP Ev (d64)
6374 +-# 0x90 - 0x9f
6375 +-90: NOP | PAUSE (F3) | XCHG r8,rAX
6376 +-91: XCHG rCX/r9,rAX
6377 +-92: XCHG rDX/r10,rAX
6378 +-93: XCHG rBX/r11,rAX
6379 +-94: XCHG rSP/r12,rAX
6380 +-95: XCHG rBP/r13,rAX
6381 +-96: XCHG rSI/r14,rAX
6382 +-97: XCHG rDI/r15,rAX
6383 +-98: CBW/CWDE/CDQE
6384 +-99: CWD/CDQ/CQO
6385 +-9a: CALLF Ap (i64)
6386 +-9b: FWAIT/WAIT
6387 +-9c: PUSHF/D/Q Fv (d64)
6388 +-9d: POPF/D/Q Fv (d64)
6389 +-9e: SAHF
6390 +-9f: LAHF
6391 +-# 0xa0 - 0xaf
6392 +-a0: MOV AL,Ob
6393 +-a1: MOV rAX,Ov
6394 +-a2: MOV Ob,AL
6395 +-a3: MOV Ov,rAX
6396 +-a4: MOVS/B Yb,Xb
6397 +-a5: MOVS/W/D/Q Yv,Xv
6398 +-a6: CMPS/B Xb,Yb
6399 +-a7: CMPS/W/D Xv,Yv
6400 +-a8: TEST AL,Ib
6401 +-a9: TEST rAX,Iz
6402 +-aa: STOS/B Yb,AL
6403 +-ab: STOS/W/D/Q Yv,rAX
6404 +-ac: LODS/B AL,Xb
6405 +-ad: LODS/W/D/Q rAX,Xv
6406 +-ae: SCAS/B AL,Yb
6407 +-# Note: The May 2011 Intel manual shows Xv for the second parameter of the
6408 +-# next instruction but Yv is correct
6409 +-af: SCAS/W/D/Q rAX,Yv
6410 +-# 0xb0 - 0xbf
6411 +-b0: MOV AL/R8L,Ib
6412 +-b1: MOV CL/R9L,Ib
6413 +-b2: MOV DL/R10L,Ib
6414 +-b3: MOV BL/R11L,Ib
6415 +-b4: MOV AH/R12L,Ib
6416 +-b5: MOV CH/R13L,Ib
6417 +-b6: MOV DH/R14L,Ib
6418 +-b7: MOV BH/R15L,Ib
6419 +-b8: MOV rAX/r8,Iv
6420 +-b9: MOV rCX/r9,Iv
6421 +-ba: MOV rDX/r10,Iv
6422 +-bb: MOV rBX/r11,Iv
6423 +-bc: MOV rSP/r12,Iv
6424 +-bd: MOV rBP/r13,Iv
6425 +-be: MOV rSI/r14,Iv
6426 +-bf: MOV rDI/r15,Iv
6427 +-# 0xc0 - 0xcf
6428 +-c0: Grp2 Eb,Ib (1A)
6429 +-c1: Grp2 Ev,Ib (1A)
6430 +-c2: RETN Iw (f64)
6431 +-c3: RETN
6432 +-c4: LES Gz,Mp (i64) | VEX+2byte (Prefix)
6433 +-c5: LDS Gz,Mp (i64) | VEX+1byte (Prefix)
6434 +-c6: Grp11A Eb,Ib (1A)
6435 +-c7: Grp11B Ev,Iz (1A)
6436 +-c8: ENTER Iw,Ib
6437 +-c9: LEAVE (d64)
6438 +-ca: RETF Iw
6439 +-cb: RETF
6440 +-cc: INT3
6441 +-cd: INT Ib
6442 +-ce: INTO (i64)
6443 +-cf: IRET/D/Q
6444 +-# 0xd0 - 0xdf
6445 +-d0: Grp2 Eb,1 (1A)
6446 +-d1: Grp2 Ev,1 (1A)
6447 +-d2: Grp2 Eb,CL (1A)
6448 +-d3: Grp2 Ev,CL (1A)
6449 +-d4: AAM Ib (i64)
6450 +-d5: AAD Ib (i64)
6451 +-d6:
6452 +-d7: XLAT/XLATB
6453 +-d8: ESC
6454 +-d9: ESC
6455 +-da: ESC
6456 +-db: ESC
6457 +-dc: ESC
6458 +-dd: ESC
6459 +-de: ESC
6460 +-df: ESC
6461 +-# 0xe0 - 0xef
6462 +-# Note: "forced64" is Intel CPU behavior: they ignore 0x66 prefix
6463 +-# in 64-bit mode. AMD CPUs accept 0x66 prefix, it causes RIP truncation
6464 +-# to 16 bits. In 32-bit mode, 0x66 is accepted by both Intel and AMD.
6465 +-e0: LOOPNE/LOOPNZ Jb (f64)
6466 +-e1: LOOPE/LOOPZ Jb (f64)
6467 +-e2: LOOP Jb (f64)
6468 +-e3: JrCXZ Jb (f64)
6469 +-e4: IN AL,Ib
6470 +-e5: IN eAX,Ib
6471 +-e6: OUT Ib,AL
6472 +-e7: OUT Ib,eAX
6473 +-# With 0x66 prefix in 64-bit mode, for AMD CPUs immediate offset
6474 +-# in "near" jumps and calls is 16-bit. For CALL,
6475 +-# push of return address is 16-bit wide, RSP is decremented by 2
6476 +-# but is not truncated to 16 bits, unlike RIP.
6477 +-e8: CALL Jz (f64)
6478 +-e9: JMP-near Jz (f64)
6479 +-ea: JMP-far Ap (i64)
6480 +-eb: JMP-short Jb (f64)
6481 +-ec: IN AL,DX
6482 +-ed: IN eAX,DX
6483 +-ee: OUT DX,AL
6484 +-ef: OUT DX,eAX
6485 +-# 0xf0 - 0xff
6486 +-f0: LOCK (Prefix)
6487 +-f1:
6488 +-f2: REPNE (Prefix) | XACQUIRE (Prefix)
6489 +-f3: REP/REPE (Prefix) | XRELEASE (Prefix)
6490 +-f4: HLT
6491 +-f5: CMC
6492 +-f6: Grp3_1 Eb (1A)
6493 +-f7: Grp3_2 Ev (1A)
6494 +-f8: CLC
6495 +-f9: STC
6496 +-fa: CLI
6497 +-fb: STI
6498 +-fc: CLD
6499 +-fd: STD
6500 +-fe: Grp4 (1A)
6501 +-ff: Grp5 (1A)
6502 +-EndTable
6503 +-
6504 +-Table: 2-byte opcode (0x0f)
6505 +-Referrer: 2-byte escape
6506 +-AVXcode: 1
6507 +-# 0x0f 0x00-0x0f
6508 +-00: Grp6 (1A)
6509 +-01: Grp7 (1A)
6510 +-02: LAR Gv,Ew
6511 +-03: LSL Gv,Ew
6512 +-04:
6513 +-05: SYSCALL (o64)
6514 +-06: CLTS
6515 +-07: SYSRET (o64)
6516 +-08: INVD
6517 +-09: WBINVD
6518 +-0a:
6519 +-0b: UD2 (1B)
6520 +-0c:
6521 +-# AMD's prefetch group. Intel supports prefetchw(/1) only.
6522 +-0d: GrpP
6523 +-0e: FEMMS
6524 +-# 3DNow! uses the last imm byte as opcode extension.
6525 +-0f: 3DNow! Pq,Qq,Ib
6526 +-# 0x0f 0x10-0x1f
6527 +-# NOTE: According to Intel SDM opcode map, vmovups and vmovupd has no operands
6528 +-# but it actually has operands. And also, vmovss and vmovsd only accept 128bit.
6529 +-# MOVSS/MOVSD has too many forms(3) on SDM. This map just shows a typical form.
6530 +-# Many AVX instructions lack v1 superscript, according to Intel AVX-Prgramming
6531 +-# Reference A.1
6532 +-10: vmovups Vps,Wps | vmovupd Vpd,Wpd (66) | vmovss Vx,Hx,Wss (F3),(v1) | vmovsd Vx,Hx,Wsd (F2),(v1)
6533 +-11: vmovups Wps,Vps | vmovupd Wpd,Vpd (66) | vmovss Wss,Hx,Vss (F3),(v1) | vmovsd Wsd,Hx,Vsd (F2),(v1)
6534 +-12: vmovlps Vq,Hq,Mq (v1) | vmovhlps Vq,Hq,Uq (v1) | vmovlpd Vq,Hq,Mq (66),(v1) | vmovsldup Vx,Wx (F3) | vmovddup Vx,Wx (F2)
6535 +-13: vmovlps Mq,Vq (v1) | vmovlpd Mq,Vq (66),(v1)
6536 +-14: vunpcklps Vx,Hx,Wx | vunpcklpd Vx,Hx,Wx (66)
6537 +-15: vunpckhps Vx,Hx,Wx | vunpckhpd Vx,Hx,Wx (66)
6538 +-16: vmovhps Vdq,Hq,Mq (v1) | vmovlhps Vdq,Hq,Uq (v1) | vmovhpd Vdq,Hq,Mq (66),(v1) | vmovshdup Vx,Wx (F3)
6539 +-17: vmovhps Mq,Vq (v1) | vmovhpd Mq,Vq (66),(v1)
6540 +-18: Grp16 (1A)
6541 +-19:
6542 +-# Intel SDM opcode map does not list MPX instructions. For now using Gv for
6543 +-# bnd registers and Ev for everything else is OK because the instruction
6544 +-# decoder does not use the information except as an indication that there is
6545 +-# a ModR/M byte.
6546 +-1a: BNDCL Gv,Ev (F3) | BNDCU Gv,Ev (F2) | BNDMOV Gv,Ev (66) | BNDLDX Gv,Ev
6547 +-1b: BNDCN Gv,Ev (F2) | BNDMOV Ev,Gv (66) | BNDMK Gv,Ev (F3) | BNDSTX Ev,Gv
6548 +-1c:
6549 +-1d:
6550 +-1e:
6551 +-1f: NOP Ev
6552 +-# 0x0f 0x20-0x2f
6553 +-20: MOV Rd,Cd
6554 +-21: MOV Rd,Dd
6555 +-22: MOV Cd,Rd
6556 +-23: MOV Dd,Rd
6557 +-24:
6558 +-25:
6559 +-26:
6560 +-27:
6561 +-28: vmovaps Vps,Wps | vmovapd Vpd,Wpd (66)
6562 +-29: vmovaps Wps,Vps | vmovapd Wpd,Vpd (66)
6563 +-2a: cvtpi2ps Vps,Qpi | cvtpi2pd Vpd,Qpi (66) | vcvtsi2ss Vss,Hss,Ey (F3),(v1) | vcvtsi2sd Vsd,Hsd,Ey (F2),(v1)
6564 +-2b: vmovntps Mps,Vps | vmovntpd Mpd,Vpd (66)
6565 +-2c: cvttps2pi Ppi,Wps | cvttpd2pi Ppi,Wpd (66) | vcvttss2si Gy,Wss (F3),(v1) | vcvttsd2si Gy,Wsd (F2),(v1)
6566 +-2d: cvtps2pi Ppi,Wps | cvtpd2pi Qpi,Wpd (66) | vcvtss2si Gy,Wss (F3),(v1) | vcvtsd2si Gy,Wsd (F2),(v1)
6567 +-2e: vucomiss Vss,Wss (v1) | vucomisd Vsd,Wsd (66),(v1)
6568 +-2f: vcomiss Vss,Wss (v1) | vcomisd Vsd,Wsd (66),(v1)
6569 +-# 0x0f 0x30-0x3f
6570 +-30: WRMSR
6571 +-31: RDTSC
6572 +-32: RDMSR
6573 +-33: RDPMC
6574 +-34: SYSENTER
6575 +-35: SYSEXIT
6576 +-36:
6577 +-37: GETSEC
6578 +-38: escape # 3-byte escape 1
6579 +-39:
6580 +-3a: escape # 3-byte escape 2
6581 +-3b:
6582 +-3c:
6583 +-3d:
6584 +-3e:
6585 +-3f:
6586 +-# 0x0f 0x40-0x4f
6587 +-40: CMOVO Gv,Ev
6588 +-41: CMOVNO Gv,Ev | kandw/q Vk,Hk,Uk | kandb/d Vk,Hk,Uk (66)
6589 +-42: CMOVB/C/NAE Gv,Ev | kandnw/q Vk,Hk,Uk | kandnb/d Vk,Hk,Uk (66)
6590 +-43: CMOVAE/NB/NC Gv,Ev
6591 +-44: CMOVE/Z Gv,Ev | knotw/q Vk,Uk | knotb/d Vk,Uk (66)
6592 +-45: CMOVNE/NZ Gv,Ev | korw/q Vk,Hk,Uk | korb/d Vk,Hk,Uk (66)
6593 +-46: CMOVBE/NA Gv,Ev | kxnorw/q Vk,Hk,Uk | kxnorb/d Vk,Hk,Uk (66)
6594 +-47: CMOVA/NBE Gv,Ev | kxorw/q Vk,Hk,Uk | kxorb/d Vk,Hk,Uk (66)
6595 +-48: CMOVS Gv,Ev
6596 +-49: CMOVNS Gv,Ev
6597 +-4a: CMOVP/PE Gv,Ev | kaddw/q Vk,Hk,Uk | kaddb/d Vk,Hk,Uk (66)
6598 +-4b: CMOVNP/PO Gv,Ev | kunpckbw Vk,Hk,Uk (66) | kunpckwd/dq Vk,Hk,Uk
6599 +-4c: CMOVL/NGE Gv,Ev
6600 +-4d: CMOVNL/GE Gv,Ev
6601 +-4e: CMOVLE/NG Gv,Ev
6602 +-4f: CMOVNLE/G Gv,Ev
6603 +-# 0x0f 0x50-0x5f
6604 +-50: vmovmskps Gy,Ups | vmovmskpd Gy,Upd (66)
6605 +-51: vsqrtps Vps,Wps | vsqrtpd Vpd,Wpd (66) | vsqrtss Vss,Hss,Wss (F3),(v1) | vsqrtsd Vsd,Hsd,Wsd (F2),(v1)
6606 +-52: vrsqrtps Vps,Wps | vrsqrtss Vss,Hss,Wss (F3),(v1)
6607 +-53: vrcpps Vps,Wps | vrcpss Vss,Hss,Wss (F3),(v1)
6608 +-54: vandps Vps,Hps,Wps | vandpd Vpd,Hpd,Wpd (66)
6609 +-55: vandnps Vps,Hps,Wps | vandnpd Vpd,Hpd,Wpd (66)
6610 +-56: vorps Vps,Hps,Wps | vorpd Vpd,Hpd,Wpd (66)
6611 +-57: vxorps Vps,Hps,Wps | vxorpd Vpd,Hpd,Wpd (66)
6612 +-58: vaddps Vps,Hps,Wps | vaddpd Vpd,Hpd,Wpd (66) | vaddss Vss,Hss,Wss (F3),(v1) | vaddsd Vsd,Hsd,Wsd (F2),(v1)
6613 +-59: vmulps Vps,Hps,Wps | vmulpd Vpd,Hpd,Wpd (66) | vmulss Vss,Hss,Wss (F3),(v1) | vmulsd Vsd,Hsd,Wsd (F2),(v1)
6614 +-5a: vcvtps2pd Vpd,Wps | vcvtpd2ps Vps,Wpd (66) | vcvtss2sd Vsd,Hx,Wss (F3),(v1) | vcvtsd2ss Vss,Hx,Wsd (F2),(v1)
6615 +-5b: vcvtdq2ps Vps,Wdq | vcvtqq2ps Vps,Wqq (evo) | vcvtps2dq Vdq,Wps (66) | vcvttps2dq Vdq,Wps (F3)
6616 +-5c: vsubps Vps,Hps,Wps | vsubpd Vpd,Hpd,Wpd (66) | vsubss Vss,Hss,Wss (F3),(v1) | vsubsd Vsd,Hsd,Wsd (F2),(v1)
6617 +-5d: vminps Vps,Hps,Wps | vminpd Vpd,Hpd,Wpd (66) | vminss Vss,Hss,Wss (F3),(v1) | vminsd Vsd,Hsd,Wsd (F2),(v1)
6618 +-5e: vdivps Vps,Hps,Wps | vdivpd Vpd,Hpd,Wpd (66) | vdivss Vss,Hss,Wss (F3),(v1) | vdivsd Vsd,Hsd,Wsd (F2),(v1)
6619 +-5f: vmaxps Vps,Hps,Wps | vmaxpd Vpd,Hpd,Wpd (66) | vmaxss Vss,Hss,Wss (F3),(v1) | vmaxsd Vsd,Hsd,Wsd (F2),(v1)
6620 +-# 0x0f 0x60-0x6f
6621 +-60: punpcklbw Pq,Qd | vpunpcklbw Vx,Hx,Wx (66),(v1)
6622 +-61: punpcklwd Pq,Qd | vpunpcklwd Vx,Hx,Wx (66),(v1)
6623 +-62: punpckldq Pq,Qd | vpunpckldq Vx,Hx,Wx (66),(v1)
6624 +-63: packsswb Pq,Qq | vpacksswb Vx,Hx,Wx (66),(v1)
6625 +-64: pcmpgtb Pq,Qq | vpcmpgtb Vx,Hx,Wx (66),(v1)
6626 +-65: pcmpgtw Pq,Qq | vpcmpgtw Vx,Hx,Wx (66),(v1)
6627 +-66: pcmpgtd Pq,Qq | vpcmpgtd Vx,Hx,Wx (66),(v1)
6628 +-67: packuswb Pq,Qq | vpackuswb Vx,Hx,Wx (66),(v1)
6629 +-68: punpckhbw Pq,Qd | vpunpckhbw Vx,Hx,Wx (66),(v1)
6630 +-69: punpckhwd Pq,Qd | vpunpckhwd Vx,Hx,Wx (66),(v1)
6631 +-6a: punpckhdq Pq,Qd | vpunpckhdq Vx,Hx,Wx (66),(v1)
6632 +-6b: packssdw Pq,Qd | vpackssdw Vx,Hx,Wx (66),(v1)
6633 +-6c: vpunpcklqdq Vx,Hx,Wx (66),(v1)
6634 +-6d: vpunpckhqdq Vx,Hx,Wx (66),(v1)
6635 +-6e: movd/q Pd,Ey | vmovd/q Vy,Ey (66),(v1)
6636 +-6f: movq Pq,Qq | vmovdqa Vx,Wx (66) | vmovdqa32/64 Vx,Wx (66),(evo) | vmovdqu Vx,Wx (F3) | vmovdqu32/64 Vx,Wx (F3),(evo) | vmovdqu8/16 Vx,Wx (F2),(ev)
6637 +-# 0x0f 0x70-0x7f
6638 +-70: pshufw Pq,Qq,Ib | vpshufd Vx,Wx,Ib (66),(v1) | vpshufhw Vx,Wx,Ib (F3),(v1) | vpshuflw Vx,Wx,Ib (F2),(v1)
6639 +-71: Grp12 (1A)
6640 +-72: Grp13 (1A)
6641 +-73: Grp14 (1A)
6642 +-74: pcmpeqb Pq,Qq | vpcmpeqb Vx,Hx,Wx (66),(v1)
6643 +-75: pcmpeqw Pq,Qq | vpcmpeqw Vx,Hx,Wx (66),(v1)
6644 +-76: pcmpeqd Pq,Qq | vpcmpeqd Vx,Hx,Wx (66),(v1)
6645 +-# Note: Remove (v), because vzeroall and vzeroupper becomes emms without VEX.
6646 +-77: emms | vzeroupper | vzeroall
6647 +-78: VMREAD Ey,Gy | vcvttps2udq/pd2udq Vx,Wpd (evo) | vcvttsd2usi Gv,Wx (F2),(ev) | vcvttss2usi Gv,Wx (F3),(ev) | vcvttps2uqq/pd2uqq Vx,Wx (66),(ev)
6648 +-79: VMWRITE Gy,Ey | vcvtps2udq/pd2udq Vx,Wpd (evo) | vcvtsd2usi Gv,Wx (F2),(ev) | vcvtss2usi Gv,Wx (F3),(ev) | vcvtps2uqq/pd2uqq Vx,Wx (66),(ev)
6649 +-7a: vcvtudq2pd/uqq2pd Vpd,Wx (F3),(ev) | vcvtudq2ps/uqq2ps Vpd,Wx (F2),(ev) | vcvttps2qq/pd2qq Vx,Wx (66),(ev)
6650 +-7b: vcvtusi2sd Vpd,Hpd,Ev (F2),(ev) | vcvtusi2ss Vps,Hps,Ev (F3),(ev) | vcvtps2qq/pd2qq Vx,Wx (66),(ev)
6651 +-7c: vhaddpd Vpd,Hpd,Wpd (66) | vhaddps Vps,Hps,Wps (F2)
6652 +-7d: vhsubpd Vpd,Hpd,Wpd (66) | vhsubps Vps,Hps,Wps (F2)
6653 +-7e: movd/q Ey,Pd | vmovd/q Ey,Vy (66),(v1) | vmovq Vq,Wq (F3),(v1)
6654 +-7f: movq Qq,Pq | vmovdqa Wx,Vx (66) | vmovdqa32/64 Wx,Vx (66),(evo) | vmovdqu Wx,Vx (F3) | vmovdqu32/64 Wx,Vx (F3),(evo) | vmovdqu8/16 Wx,Vx (F2),(ev)
6655 +-# 0x0f 0x80-0x8f
6656 +-# Note: "forced64" is Intel CPU behavior (see comment about CALL insn).
6657 +-80: JO Jz (f64)
6658 +-81: JNO Jz (f64)
6659 +-82: JB/JC/JNAE Jz (f64)
6660 +-83: JAE/JNB/JNC Jz (f64)
6661 +-84: JE/JZ Jz (f64)
6662 +-85: JNE/JNZ Jz (f64)
6663 +-86: JBE/JNA Jz (f64)
6664 +-87: JA/JNBE Jz (f64)
6665 +-88: JS Jz (f64)
6666 +-89: JNS Jz (f64)
6667 +-8a: JP/JPE Jz (f64)
6668 +-8b: JNP/JPO Jz (f64)
6669 +-8c: JL/JNGE Jz (f64)
6670 +-8d: JNL/JGE Jz (f64)
6671 +-8e: JLE/JNG Jz (f64)
6672 +-8f: JNLE/JG Jz (f64)
6673 +-# 0x0f 0x90-0x9f
6674 +-90: SETO Eb | kmovw/q Vk,Wk | kmovb/d Vk,Wk (66)
6675 +-91: SETNO Eb | kmovw/q Mv,Vk | kmovb/d Mv,Vk (66)
6676 +-92: SETB/C/NAE Eb | kmovw Vk,Rv | kmovb Vk,Rv (66) | kmovq/d Vk,Rv (F2)
6677 +-93: SETAE/NB/NC Eb | kmovw Gv,Uk | kmovb Gv,Uk (66) | kmovq/d Gv,Uk (F2)
6678 +-94: SETE/Z Eb
6679 +-95: SETNE/NZ Eb
6680 +-96: SETBE/NA Eb
6681 +-97: SETA/NBE Eb
6682 +-98: SETS Eb | kortestw/q Vk,Uk | kortestb/d Vk,Uk (66)
6683 +-99: SETNS Eb | ktestw/q Vk,Uk | ktestb/d Vk,Uk (66)
6684 +-9a: SETP/PE Eb
6685 +-9b: SETNP/PO Eb
6686 +-9c: SETL/NGE Eb
6687 +-9d: SETNL/GE Eb
6688 +-9e: SETLE/NG Eb
6689 +-9f: SETNLE/G Eb
6690 +-# 0x0f 0xa0-0xaf
6691 +-a0: PUSH FS (d64)
6692 +-a1: POP FS (d64)
6693 +-a2: CPUID
6694 +-a3: BT Ev,Gv
6695 +-a4: SHLD Ev,Gv,Ib
6696 +-a5: SHLD Ev,Gv,CL
6697 +-a6: GrpPDLK
6698 +-a7: GrpRNG
6699 +-a8: PUSH GS (d64)
6700 +-a9: POP GS (d64)
6701 +-aa: RSM
6702 +-ab: BTS Ev,Gv
6703 +-ac: SHRD Ev,Gv,Ib
6704 +-ad: SHRD Ev,Gv,CL
6705 +-ae: Grp15 (1A),(1C)
6706 +-af: IMUL Gv,Ev
6707 +-# 0x0f 0xb0-0xbf
6708 +-b0: CMPXCHG Eb,Gb
6709 +-b1: CMPXCHG Ev,Gv
6710 +-b2: LSS Gv,Mp
6711 +-b3: BTR Ev,Gv
6712 +-b4: LFS Gv,Mp
6713 +-b5: LGS Gv,Mp
6714 +-b6: MOVZX Gv,Eb
6715 +-b7: MOVZX Gv,Ew
6716 +-b8: JMPE (!F3) | POPCNT Gv,Ev (F3)
6717 +-b9: Grp10 (1A)
6718 +-ba: Grp8 Ev,Ib (1A)
6719 +-bb: BTC Ev,Gv
6720 +-bc: BSF Gv,Ev (!F3) | TZCNT Gv,Ev (F3)
6721 +-bd: BSR Gv,Ev (!F3) | LZCNT Gv,Ev (F3)
6722 +-be: MOVSX Gv,Eb
6723 +-bf: MOVSX Gv,Ew
6724 +-# 0x0f 0xc0-0xcf
6725 +-c0: XADD Eb,Gb
6726 +-c1: XADD Ev,Gv
6727 +-c2: vcmpps Vps,Hps,Wps,Ib | vcmppd Vpd,Hpd,Wpd,Ib (66) | vcmpss Vss,Hss,Wss,Ib (F3),(v1) | vcmpsd Vsd,Hsd,Wsd,Ib (F2),(v1)
6728 +-c3: movnti My,Gy
6729 +-c4: pinsrw Pq,Ry/Mw,Ib | vpinsrw Vdq,Hdq,Ry/Mw,Ib (66),(v1)
6730 +-c5: pextrw Gd,Nq,Ib | vpextrw Gd,Udq,Ib (66),(v1)
6731 +-c6: vshufps Vps,Hps,Wps,Ib | vshufpd Vpd,Hpd,Wpd,Ib (66)
6732 +-c7: Grp9 (1A)
6733 +-c8: BSWAP RAX/EAX/R8/R8D
6734 +-c9: BSWAP RCX/ECX/R9/R9D
6735 +-ca: BSWAP RDX/EDX/R10/R10D
6736 +-cb: BSWAP RBX/EBX/R11/R11D
6737 +-cc: BSWAP RSP/ESP/R12/R12D
6738 +-cd: BSWAP RBP/EBP/R13/R13D
6739 +-ce: BSWAP RSI/ESI/R14/R14D
6740 +-cf: BSWAP RDI/EDI/R15/R15D
6741 +-# 0x0f 0xd0-0xdf
6742 +-d0: vaddsubpd Vpd,Hpd,Wpd (66) | vaddsubps Vps,Hps,Wps (F2)
6743 +-d1: psrlw Pq,Qq | vpsrlw Vx,Hx,Wx (66),(v1)
6744 +-d2: psrld Pq,Qq | vpsrld Vx,Hx,Wx (66),(v1)
6745 +-d3: psrlq Pq,Qq | vpsrlq Vx,Hx,Wx (66),(v1)
6746 +-d4: paddq Pq,Qq | vpaddq Vx,Hx,Wx (66),(v1)
6747 +-d5: pmullw Pq,Qq | vpmullw Vx,Hx,Wx (66),(v1)
6748 +-d6: vmovq Wq,Vq (66),(v1) | movq2dq Vdq,Nq (F3) | movdq2q Pq,Uq (F2)
6749 +-d7: pmovmskb Gd,Nq | vpmovmskb Gd,Ux (66),(v1)
6750 +-d8: psubusb Pq,Qq | vpsubusb Vx,Hx,Wx (66),(v1)
6751 +-d9: psubusw Pq,Qq | vpsubusw Vx,Hx,Wx (66),(v1)
6752 +-da: pminub Pq,Qq | vpminub Vx,Hx,Wx (66),(v1)
6753 +-db: pand Pq,Qq | vpand Vx,Hx,Wx (66),(v1) | vpandd/q Vx,Hx,Wx (66),(evo)
6754 +-dc: paddusb Pq,Qq | vpaddusb Vx,Hx,Wx (66),(v1)
6755 +-dd: paddusw Pq,Qq | vpaddusw Vx,Hx,Wx (66),(v1)
6756 +-de: pmaxub Pq,Qq | vpmaxub Vx,Hx,Wx (66),(v1)
6757 +-df: pandn Pq,Qq | vpandn Vx,Hx,Wx (66),(v1) | vpandnd/q Vx,Hx,Wx (66),(evo)
6758 +-# 0x0f 0xe0-0xef
6759 +-e0: pavgb Pq,Qq | vpavgb Vx,Hx,Wx (66),(v1)
6760 +-e1: psraw Pq,Qq | vpsraw Vx,Hx,Wx (66),(v1)
6761 +-e2: psrad Pq,Qq | vpsrad Vx,Hx,Wx (66),(v1)
6762 +-e3: pavgw Pq,Qq | vpavgw Vx,Hx,Wx (66),(v1)
6763 +-e4: pmulhuw Pq,Qq | vpmulhuw Vx,Hx,Wx (66),(v1)
6764 +-e5: pmulhw Pq,Qq | vpmulhw Vx,Hx,Wx (66),(v1)
6765 +-e6: vcvttpd2dq Vx,Wpd (66) | vcvtdq2pd Vx,Wdq (F3) | vcvtdq2pd/qq2pd Vx,Wdq (F3),(evo) | vcvtpd2dq Vx,Wpd (F2)
6766 +-e7: movntq Mq,Pq | vmovntdq Mx,Vx (66)
6767 +-e8: psubsb Pq,Qq | vpsubsb Vx,Hx,Wx (66),(v1)
6768 +-e9: psubsw Pq,Qq | vpsubsw Vx,Hx,Wx (66),(v1)
6769 +-ea: pminsw Pq,Qq | vpminsw Vx,Hx,Wx (66),(v1)
6770 +-eb: por Pq,Qq | vpor Vx,Hx,Wx (66),(v1) | vpord/q Vx,Hx,Wx (66),(evo)
6771 +-ec: paddsb Pq,Qq | vpaddsb Vx,Hx,Wx (66),(v1)
6772 +-ed: paddsw Pq,Qq | vpaddsw Vx,Hx,Wx (66),(v1)
6773 +-ee: pmaxsw Pq,Qq | vpmaxsw Vx,Hx,Wx (66),(v1)
6774 +-ef: pxor Pq,Qq | vpxor Vx,Hx,Wx (66),(v1) | vpxord/q Vx,Hx,Wx (66),(evo)
6775 +-# 0x0f 0xf0-0xff
6776 +-f0: vlddqu Vx,Mx (F2)
6777 +-f1: psllw Pq,Qq | vpsllw Vx,Hx,Wx (66),(v1)
6778 +-f2: pslld Pq,Qq | vpslld Vx,Hx,Wx (66),(v1)
6779 +-f3: psllq Pq,Qq | vpsllq Vx,Hx,Wx (66),(v1)
6780 +-f4: pmuludq Pq,Qq | vpmuludq Vx,Hx,Wx (66),(v1)
6781 +-f5: pmaddwd Pq,Qq | vpmaddwd Vx,Hx,Wx (66),(v1)
6782 +-f6: psadbw Pq,Qq | vpsadbw Vx,Hx,Wx (66),(v1)
6783 +-f7: maskmovq Pq,Nq | vmaskmovdqu Vx,Ux (66),(v1)
6784 +-f8: psubb Pq,Qq | vpsubb Vx,Hx,Wx (66),(v1)
6785 +-f9: psubw Pq,Qq | vpsubw Vx,Hx,Wx (66),(v1)
6786 +-fa: psubd Pq,Qq | vpsubd Vx,Hx,Wx (66),(v1)
6787 +-fb: psubq Pq,Qq | vpsubq Vx,Hx,Wx (66),(v1)
6788 +-fc: paddb Pq,Qq | vpaddb Vx,Hx,Wx (66),(v1)
6789 +-fd: paddw Pq,Qq | vpaddw Vx,Hx,Wx (66),(v1)
6790 +-fe: paddd Pq,Qq | vpaddd Vx,Hx,Wx (66),(v1)
6791 +-ff:
6792 +-EndTable
6793 +-
6794 +-Table: 3-byte opcode 1 (0x0f 0x38)
6795 +-Referrer: 3-byte escape 1
6796 +-AVXcode: 2
6797 +-# 0x0f 0x38 0x00-0x0f
6798 +-00: pshufb Pq,Qq | vpshufb Vx,Hx,Wx (66),(v1)
6799 +-01: phaddw Pq,Qq | vphaddw Vx,Hx,Wx (66),(v1)
6800 +-02: phaddd Pq,Qq | vphaddd Vx,Hx,Wx (66),(v1)
6801 +-03: phaddsw Pq,Qq | vphaddsw Vx,Hx,Wx (66),(v1)
6802 +-04: pmaddubsw Pq,Qq | vpmaddubsw Vx,Hx,Wx (66),(v1)
6803 +-05: phsubw Pq,Qq | vphsubw Vx,Hx,Wx (66),(v1)
6804 +-06: phsubd Pq,Qq | vphsubd Vx,Hx,Wx (66),(v1)
6805 +-07: phsubsw Pq,Qq | vphsubsw Vx,Hx,Wx (66),(v1)
6806 +-08: psignb Pq,Qq | vpsignb Vx,Hx,Wx (66),(v1)
6807 +-09: psignw Pq,Qq | vpsignw Vx,Hx,Wx (66),(v1)
6808 +-0a: psignd Pq,Qq | vpsignd Vx,Hx,Wx (66),(v1)
6809 +-0b: pmulhrsw Pq,Qq | vpmulhrsw Vx,Hx,Wx (66),(v1)
6810 +-0c: vpermilps Vx,Hx,Wx (66),(v)
6811 +-0d: vpermilpd Vx,Hx,Wx (66),(v)
6812 +-0e: vtestps Vx,Wx (66),(v)
6813 +-0f: vtestpd Vx,Wx (66),(v)
6814 +-# 0x0f 0x38 0x10-0x1f
6815 +-10: pblendvb Vdq,Wdq (66) | vpsrlvw Vx,Hx,Wx (66),(evo) | vpmovuswb Wx,Vx (F3),(ev)
6816 +-11: vpmovusdb Wx,Vd (F3),(ev) | vpsravw Vx,Hx,Wx (66),(ev)
6817 +-12: vpmovusqb Wx,Vq (F3),(ev) | vpsllvw Vx,Hx,Wx (66),(ev)
6818 +-13: vcvtph2ps Vx,Wx (66),(v) | vpmovusdw Wx,Vd (F3),(ev)
6819 +-14: blendvps Vdq,Wdq (66) | vpmovusqw Wx,Vq (F3),(ev) | vprorvd/q Vx,Hx,Wx (66),(evo)
6820 +-15: blendvpd Vdq,Wdq (66) | vpmovusqd Wx,Vq (F3),(ev) | vprolvd/q Vx,Hx,Wx (66),(evo)
6821 +-16: vpermps Vqq,Hqq,Wqq (66),(v) | vpermps/d Vqq,Hqq,Wqq (66),(evo)
6822 +-17: vptest Vx,Wx (66)
6823 +-18: vbroadcastss Vx,Wd (66),(v)
6824 +-19: vbroadcastsd Vqq,Wq (66),(v) | vbroadcastf32x2 Vqq,Wq (66),(evo)
6825 +-1a: vbroadcastf128 Vqq,Mdq (66),(v) | vbroadcastf32x4/64x2 Vqq,Wq (66),(evo)
6826 +-1b: vbroadcastf32x8/64x4 Vqq,Mdq (66),(ev)
6827 +-1c: pabsb Pq,Qq | vpabsb Vx,Wx (66),(v1)
6828 +-1d: pabsw Pq,Qq | vpabsw Vx,Wx (66),(v1)
6829 +-1e: pabsd Pq,Qq | vpabsd Vx,Wx (66),(v1)
6830 +-1f: vpabsq Vx,Wx (66),(ev)
6831 +-# 0x0f 0x38 0x20-0x2f
6832 +-20: vpmovsxbw Vx,Ux/Mq (66),(v1) | vpmovswb Wx,Vx (F3),(ev)
6833 +-21: vpmovsxbd Vx,Ux/Md (66),(v1) | vpmovsdb Wx,Vd (F3),(ev)
6834 +-22: vpmovsxbq Vx,Ux/Mw (66),(v1) | vpmovsqb Wx,Vq (F3),(ev)
6835 +-23: vpmovsxwd Vx,Ux/Mq (66),(v1) | vpmovsdw Wx,Vd (F3),(ev)
6836 +-24: vpmovsxwq Vx,Ux/Md (66),(v1) | vpmovsqw Wx,Vq (F3),(ev)
6837 +-25: vpmovsxdq Vx,Ux/Mq (66),(v1) | vpmovsqd Wx,Vq (F3),(ev)
6838 +-26: vptestmb/w Vk,Hx,Wx (66),(ev) | vptestnmb/w Vk,Hx,Wx (F3),(ev)
6839 +-27: vptestmd/q Vk,Hx,Wx (66),(ev) | vptestnmd/q Vk,Hx,Wx (F3),(ev)
6840 +-28: vpmuldq Vx,Hx,Wx (66),(v1) | vpmovm2b/w Vx,Uk (F3),(ev)
6841 +-29: vpcmpeqq Vx,Hx,Wx (66),(v1) | vpmovb2m/w2m Vk,Ux (F3),(ev)
6842 +-2a: vmovntdqa Vx,Mx (66),(v1) | vpbroadcastmb2q Vx,Uk (F3),(ev)
6843 +-2b: vpackusdw Vx,Hx,Wx (66),(v1)
6844 +-2c: vmaskmovps Vx,Hx,Mx (66),(v) | vscalefps/d Vx,Hx,Wx (66),(evo)
6845 +-2d: vmaskmovpd Vx,Hx,Mx (66),(v) | vscalefss/d Vx,Hx,Wx (66),(evo)
6846 +-2e: vmaskmovps Mx,Hx,Vx (66),(v)
6847 +-2f: vmaskmovpd Mx,Hx,Vx (66),(v)
6848 +-# 0x0f 0x38 0x30-0x3f
6849 +-30: vpmovzxbw Vx,Ux/Mq (66),(v1) | vpmovwb Wx,Vx (F3),(ev)
6850 +-31: vpmovzxbd Vx,Ux/Md (66),(v1) | vpmovdb Wx,Vd (F3),(ev)
6851 +-32: vpmovzxbq Vx,Ux/Mw (66),(v1) | vpmovqb Wx,Vq (F3),(ev)
6852 +-33: vpmovzxwd Vx,Ux/Mq (66),(v1) | vpmovdw Wx,Vd (F3),(ev)
6853 +-34: vpmovzxwq Vx,Ux/Md (66),(v1) | vpmovqw Wx,Vq (F3),(ev)
6854 +-35: vpmovzxdq Vx,Ux/Mq (66),(v1) | vpmovqd Wx,Vq (F3),(ev)
6855 +-36: vpermd Vqq,Hqq,Wqq (66),(v) | vpermd/q Vqq,Hqq,Wqq (66),(evo)
6856 +-37: vpcmpgtq Vx,Hx,Wx (66),(v1)
6857 +-38: vpminsb Vx,Hx,Wx (66),(v1) | vpmovm2d/q Vx,Uk (F3),(ev)
6858 +-39: vpminsd Vx,Hx,Wx (66),(v1) | vpminsd/q Vx,Hx,Wx (66),(evo) | vpmovd2m/q2m Vk,Ux (F3),(ev)
6859 +-3a: vpminuw Vx,Hx,Wx (66),(v1) | vpbroadcastmw2d Vx,Uk (F3),(ev)
6860 +-3b: vpminud Vx,Hx,Wx (66),(v1) | vpminud/q Vx,Hx,Wx (66),(evo)
6861 +-3c: vpmaxsb Vx,Hx,Wx (66),(v1)
6862 +-3d: vpmaxsd Vx,Hx,Wx (66),(v1) | vpmaxsd/q Vx,Hx,Wx (66),(evo)
6863 +-3e: vpmaxuw Vx,Hx,Wx (66),(v1)
6864 +-3f: vpmaxud Vx,Hx,Wx (66),(v1) | vpmaxud/q Vx,Hx,Wx (66),(evo)
6865 +-# 0x0f 0x38 0x40-0x8f
6866 +-40: vpmulld Vx,Hx,Wx (66),(v1) | vpmulld/q Vx,Hx,Wx (66),(evo)
6867 +-41: vphminposuw Vdq,Wdq (66),(v1)
6868 +-42: vgetexpps/d Vx,Wx (66),(ev)
6869 +-43: vgetexpss/d Vx,Hx,Wx (66),(ev)
6870 +-44: vplzcntd/q Vx,Wx (66),(ev)
6871 +-45: vpsrlvd/q Vx,Hx,Wx (66),(v)
6872 +-46: vpsravd Vx,Hx,Wx (66),(v) | vpsravd/q Vx,Hx,Wx (66),(evo)
6873 +-47: vpsllvd/q Vx,Hx,Wx (66),(v)
6874 +-# Skip 0x48-0x4b
6875 +-4c: vrcp14ps/d Vpd,Wpd (66),(ev)
6876 +-4d: vrcp14ss/d Vsd,Hpd,Wsd (66),(ev)
6877 +-4e: vrsqrt14ps/d Vpd,Wpd (66),(ev)
6878 +-4f: vrsqrt14ss/d Vsd,Hsd,Wsd (66),(ev)
6879 +-# Skip 0x50-0x57
6880 +-58: vpbroadcastd Vx,Wx (66),(v)
6881 +-59: vpbroadcastq Vx,Wx (66),(v) | vbroadcasti32x2 Vx,Wx (66),(evo)
6882 +-5a: vbroadcasti128 Vqq,Mdq (66),(v) | vbroadcasti32x4/64x2 Vx,Wx (66),(evo)
6883 +-5b: vbroadcasti32x8/64x4 Vqq,Mdq (66),(ev)
6884 +-# Skip 0x5c-0x63
6885 +-64: vpblendmd/q Vx,Hx,Wx (66),(ev)
6886 +-65: vblendmps/d Vx,Hx,Wx (66),(ev)
6887 +-66: vpblendmb/w Vx,Hx,Wx (66),(ev)
6888 +-# Skip 0x67-0x74
6889 +-75: vpermi2b/w Vx,Hx,Wx (66),(ev)
6890 +-76: vpermi2d/q Vx,Hx,Wx (66),(ev)
6891 +-77: vpermi2ps/d Vx,Hx,Wx (66),(ev)
6892 +-78: vpbroadcastb Vx,Wx (66),(v)
6893 +-79: vpbroadcastw Vx,Wx (66),(v)
6894 +-7a: vpbroadcastb Vx,Rv (66),(ev)
6895 +-7b: vpbroadcastw Vx,Rv (66),(ev)
6896 +-7c: vpbroadcastd/q Vx,Rv (66),(ev)
6897 +-7d: vpermt2b/w Vx,Hx,Wx (66),(ev)
6898 +-7e: vpermt2d/q Vx,Hx,Wx (66),(ev)
6899 +-7f: vpermt2ps/d Vx,Hx,Wx (66),(ev)
6900 +-80: INVEPT Gy,Mdq (66)
6901 +-81: INVPID Gy,Mdq (66)
6902 +-82: INVPCID Gy,Mdq (66)
6903 +-83: vpmultishiftqb Vx,Hx,Wx (66),(ev)
6904 +-88: vexpandps/d Vpd,Wpd (66),(ev)
6905 +-89: vpexpandd/q Vx,Wx (66),(ev)
6906 +-8a: vcompressps/d Wx,Vx (66),(ev)
6907 +-8b: vpcompressd/q Wx,Vx (66),(ev)
6908 +-8c: vpmaskmovd/q Vx,Hx,Mx (66),(v)
6909 +-8d: vpermb/w Vx,Hx,Wx (66),(ev)
6910 +-8e: vpmaskmovd/q Mx,Vx,Hx (66),(v)
6911 +-# 0x0f 0x38 0x90-0xbf (FMA)
6912 +-90: vgatherdd/q Vx,Hx,Wx (66),(v) | vpgatherdd/q Vx,Wx (66),(evo)
6913 +-91: vgatherqd/q Vx,Hx,Wx (66),(v) | vpgatherqd/q Vx,Wx (66),(evo)
6914 +-92: vgatherdps/d Vx,Hx,Wx (66),(v)
6915 +-93: vgatherqps/d Vx,Hx,Wx (66),(v)
6916 +-94:
6917 +-95:
6918 +-96: vfmaddsub132ps/d Vx,Hx,Wx (66),(v)
6919 +-97: vfmsubadd132ps/d Vx,Hx,Wx (66),(v)
6920 +-98: vfmadd132ps/d Vx,Hx,Wx (66),(v)
6921 +-99: vfmadd132ss/d Vx,Hx,Wx (66),(v),(v1)
6922 +-9a: vfmsub132ps/d Vx,Hx,Wx (66),(v)
6923 +-9b: vfmsub132ss/d Vx,Hx,Wx (66),(v),(v1)
6924 +-9c: vfnmadd132ps/d Vx,Hx,Wx (66),(v)
6925 +-9d: vfnmadd132ss/d Vx,Hx,Wx (66),(v),(v1)
6926 +-9e: vfnmsub132ps/d Vx,Hx,Wx (66),(v)
6927 +-9f: vfnmsub132ss/d Vx,Hx,Wx (66),(v),(v1)
6928 +-a0: vpscatterdd/q Wx,Vx (66),(ev)
6929 +-a1: vpscatterqd/q Wx,Vx (66),(ev)
6930 +-a2: vscatterdps/d Wx,Vx (66),(ev)
6931 +-a3: vscatterqps/d Wx,Vx (66),(ev)
6932 +-a6: vfmaddsub213ps/d Vx,Hx,Wx (66),(v)
6933 +-a7: vfmsubadd213ps/d Vx,Hx,Wx (66),(v)
6934 +-a8: vfmadd213ps/d Vx,Hx,Wx (66),(v)
6935 +-a9: vfmadd213ss/d Vx,Hx,Wx (66),(v),(v1)
6936 +-aa: vfmsub213ps/d Vx,Hx,Wx (66),(v)
6937 +-ab: vfmsub213ss/d Vx,Hx,Wx (66),(v),(v1)
6938 +-ac: vfnmadd213ps/d Vx,Hx,Wx (66),(v)
6939 +-ad: vfnmadd213ss/d Vx,Hx,Wx (66),(v),(v1)
6940 +-ae: vfnmsub213ps/d Vx,Hx,Wx (66),(v)
6941 +-af: vfnmsub213ss/d Vx,Hx,Wx (66),(v),(v1)
6942 +-b4: vpmadd52luq Vx,Hx,Wx (66),(ev)
6943 +-b5: vpmadd52huq Vx,Hx,Wx (66),(ev)
6944 +-b6: vfmaddsub231ps/d Vx,Hx,Wx (66),(v)
6945 +-b7: vfmsubadd231ps/d Vx,Hx,Wx (66),(v)
6946 +-b8: vfmadd231ps/d Vx,Hx,Wx (66),(v)
6947 +-b9: vfmadd231ss/d Vx,Hx,Wx (66),(v),(v1)
6948 +-ba: vfmsub231ps/d Vx,Hx,Wx (66),(v)
6949 +-bb: vfmsub231ss/d Vx,Hx,Wx (66),(v),(v1)
6950 +-bc: vfnmadd231ps/d Vx,Hx,Wx (66),(v)
6951 +-bd: vfnmadd231ss/d Vx,Hx,Wx (66),(v),(v1)
6952 +-be: vfnmsub231ps/d Vx,Hx,Wx (66),(v)
6953 +-bf: vfnmsub231ss/d Vx,Hx,Wx (66),(v),(v1)
6954 +-# 0x0f 0x38 0xc0-0xff
6955 +-c4: vpconflictd/q Vx,Wx (66),(ev)
6956 +-c6: Grp18 (1A)
6957 +-c7: Grp19 (1A)
6958 +-c8: sha1nexte Vdq,Wdq | vexp2ps/d Vx,Wx (66),(ev)
6959 +-c9: sha1msg1 Vdq,Wdq
6960 +-ca: sha1msg2 Vdq,Wdq | vrcp28ps/d Vx,Wx (66),(ev)
6961 +-cb: sha256rnds2 Vdq,Wdq | vrcp28ss/d Vx,Hx,Wx (66),(ev)
6962 +-cc: sha256msg1 Vdq,Wdq | vrsqrt28ps/d Vx,Wx (66),(ev)
6963 +-cd: sha256msg2 Vdq,Wdq | vrsqrt28ss/d Vx,Hx,Wx (66),(ev)
6964 +-db: VAESIMC Vdq,Wdq (66),(v1)
6965 +-dc: VAESENC Vdq,Hdq,Wdq (66),(v1)
6966 +-dd: VAESENCLAST Vdq,Hdq,Wdq (66),(v1)
6967 +-de: VAESDEC Vdq,Hdq,Wdq (66),(v1)
6968 +-df: VAESDECLAST Vdq,Hdq,Wdq (66),(v1)
6969 +-f0: MOVBE Gy,My | MOVBE Gw,Mw (66) | CRC32 Gd,Eb (F2) | CRC32 Gd,Eb (66&F2)
6970 +-f1: MOVBE My,Gy | MOVBE Mw,Gw (66) | CRC32 Gd,Ey (F2) | CRC32 Gd,Ew (66&F2)
6971 +-f2: ANDN Gy,By,Ey (v)
6972 +-f3: Grp17 (1A)
6973 +-f5: BZHI Gy,Ey,By (v) | PEXT Gy,By,Ey (F3),(v) | PDEP Gy,By,Ey (F2),(v)
6974 +-f6: ADCX Gy,Ey (66) | ADOX Gy,Ey (F3) | MULX By,Gy,rDX,Ey (F2),(v)
6975 +-f7: BEXTR Gy,Ey,By (v) | SHLX Gy,Ey,By (66),(v) | SARX Gy,Ey,By (F3),(v) | SHRX Gy,Ey,By (F2),(v)
6976 +-EndTable
6977 +-
6978 +-Table: 3-byte opcode 2 (0x0f 0x3a)
6979 +-Referrer: 3-byte escape 2
6980 +-AVXcode: 3
6981 +-# 0x0f 0x3a 0x00-0xff
6982 +-00: vpermq Vqq,Wqq,Ib (66),(v)
6983 +-01: vpermpd Vqq,Wqq,Ib (66),(v)
6984 +-02: vpblendd Vx,Hx,Wx,Ib (66),(v)
6985 +-03: valignd/q Vx,Hx,Wx,Ib (66),(ev)
6986 +-04: vpermilps Vx,Wx,Ib (66),(v)
6987 +-05: vpermilpd Vx,Wx,Ib (66),(v)
6988 +-06: vperm2f128 Vqq,Hqq,Wqq,Ib (66),(v)
6989 +-07:
6990 +-08: vroundps Vx,Wx,Ib (66) | vrndscaleps Vx,Wx,Ib (66),(evo)
6991 +-09: vroundpd Vx,Wx,Ib (66) | vrndscalepd Vx,Wx,Ib (66),(evo)
6992 +-0a: vroundss Vss,Wss,Ib (66),(v1) | vrndscaless Vx,Hx,Wx,Ib (66),(evo)
6993 +-0b: vroundsd Vsd,Wsd,Ib (66),(v1) | vrndscalesd Vx,Hx,Wx,Ib (66),(evo)
6994 +-0c: vblendps Vx,Hx,Wx,Ib (66)
6995 +-0d: vblendpd Vx,Hx,Wx,Ib (66)
6996 +-0e: vpblendw Vx,Hx,Wx,Ib (66),(v1)
6997 +-0f: palignr Pq,Qq,Ib | vpalignr Vx,Hx,Wx,Ib (66),(v1)
6998 +-14: vpextrb Rd/Mb,Vdq,Ib (66),(v1)
6999 +-15: vpextrw Rd/Mw,Vdq,Ib (66),(v1)
7000 +-16: vpextrd/q Ey,Vdq,Ib (66),(v1)
7001 +-17: vextractps Ed,Vdq,Ib (66),(v1)
7002 +-18: vinsertf128 Vqq,Hqq,Wqq,Ib (66),(v) | vinsertf32x4/64x2 Vqq,Hqq,Wqq,Ib (66),(evo)
7003 +-19: vextractf128 Wdq,Vqq,Ib (66),(v) | vextractf32x4/64x2 Wdq,Vqq,Ib (66),(evo)
7004 +-1a: vinsertf32x8/64x4 Vqq,Hqq,Wqq,Ib (66),(ev)
7005 +-1b: vextractf32x8/64x4 Wdq,Vqq,Ib (66),(ev)
7006 +-1d: vcvtps2ph Wx,Vx,Ib (66),(v)
7007 +-1e: vpcmpud/q Vk,Hd,Wd,Ib (66),(ev)
7008 +-1f: vpcmpd/q Vk,Hd,Wd,Ib (66),(ev)
7009 +-20: vpinsrb Vdq,Hdq,Ry/Mb,Ib (66),(v1)
7010 +-21: vinsertps Vdq,Hdq,Udq/Md,Ib (66),(v1)
7011 +-22: vpinsrd/q Vdq,Hdq,Ey,Ib (66),(v1)
7012 +-23: vshuff32x4/64x2 Vx,Hx,Wx,Ib (66),(ev)
7013 +-25: vpternlogd/q Vx,Hx,Wx,Ib (66),(ev)
7014 +-26: vgetmantps/d Vx,Wx,Ib (66),(ev)
7015 +-27: vgetmantss/d Vx,Hx,Wx,Ib (66),(ev)
7016 +-30: kshiftrb/w Vk,Uk,Ib (66),(v)
7017 +-31: kshiftrd/q Vk,Uk,Ib (66),(v)
7018 +-32: kshiftlb/w Vk,Uk,Ib (66),(v)
7019 +-33: kshiftld/q Vk,Uk,Ib (66),(v)
7020 +-38: vinserti128 Vqq,Hqq,Wqq,Ib (66),(v) | vinserti32x4/64x2 Vqq,Hqq,Wqq,Ib (66),(evo)
7021 +-39: vextracti128 Wdq,Vqq,Ib (66),(v) | vextracti32x4/64x2 Wdq,Vqq,Ib (66),(evo)
7022 +-3a: vinserti32x8/64x4 Vqq,Hqq,Wqq,Ib (66),(ev)
7023 +-3b: vextracti32x8/64x4 Wdq,Vqq,Ib (66),(ev)
7024 +-3e: vpcmpub/w Vk,Hk,Wx,Ib (66),(ev)
7025 +-3f: vpcmpb/w Vk,Hk,Wx,Ib (66),(ev)
7026 +-40: vdpps Vx,Hx,Wx,Ib (66)
7027 +-41: vdppd Vdq,Hdq,Wdq,Ib (66),(v1)
7028 +-42: vmpsadbw Vx,Hx,Wx,Ib (66),(v1) | vdbpsadbw Vx,Hx,Wx,Ib (66),(evo)
7029 +-43: vshufi32x4/64x2 Vx,Hx,Wx,Ib (66),(ev)
7030 +-44: vpclmulqdq Vdq,Hdq,Wdq,Ib (66),(v1)
7031 +-46: vperm2i128 Vqq,Hqq,Wqq,Ib (66),(v)
7032 +-4a: vblendvps Vx,Hx,Wx,Lx (66),(v)
7033 +-4b: vblendvpd Vx,Hx,Wx,Lx (66),(v)
7034 +-4c: vpblendvb Vx,Hx,Wx,Lx (66),(v1)
7035 +-50: vrangeps/d Vx,Hx,Wx,Ib (66),(ev)
7036 +-51: vrangess/d Vx,Hx,Wx,Ib (66),(ev)
7037 +-54: vfixupimmps/d Vx,Hx,Wx,Ib (66),(ev)
7038 +-55: vfixupimmss/d Vx,Hx,Wx,Ib (66),(ev)
7039 +-56: vreduceps/d Vx,Wx,Ib (66),(ev)
7040 +-57: vreducess/d Vx,Hx,Wx,Ib (66),(ev)
7041 +-60: vpcmpestrm Vdq,Wdq,Ib (66),(v1)
7042 +-61: vpcmpestri Vdq,Wdq,Ib (66),(v1)
7043 +-62: vpcmpistrm Vdq,Wdq,Ib (66),(v1)
7044 +-63: vpcmpistri Vdq,Wdq,Ib (66),(v1)
7045 +-66: vfpclassps/d Vk,Wx,Ib (66),(ev)
7046 +-67: vfpclassss/d Vk,Wx,Ib (66),(ev)
7047 +-cc: sha1rnds4 Vdq,Wdq,Ib
7048 +-df: VAESKEYGEN Vdq,Wdq,Ib (66),(v1)
7049 +-f0: RORX Gy,Ey,Ib (F2),(v)
7050 +-EndTable
7051 +-
7052 +-GrpTable: Grp1
7053 +-0: ADD
7054 +-1: OR
7055 +-2: ADC
7056 +-3: SBB
7057 +-4: AND
7058 +-5: SUB
7059 +-6: XOR
7060 +-7: CMP
7061 +-EndTable
7062 +-
7063 +-GrpTable: Grp1A
7064 +-0: POP
7065 +-EndTable
7066 +-
7067 +-GrpTable: Grp2
7068 +-0: ROL
7069 +-1: ROR
7070 +-2: RCL
7071 +-3: RCR
7072 +-4: SHL/SAL
7073 +-5: SHR
7074 +-6:
7075 +-7: SAR
7076 +-EndTable
7077 +-
7078 +-GrpTable: Grp3_1
7079 +-0: TEST Eb,Ib
7080 +-1:
7081 +-2: NOT Eb
7082 +-3: NEG Eb
7083 +-4: MUL AL,Eb
7084 +-5: IMUL AL,Eb
7085 +-6: DIV AL,Eb
7086 +-7: IDIV AL,Eb
7087 +-EndTable
7088 +-
7089 +-GrpTable: Grp3_2
7090 +-0: TEST Ev,Iz
7091 +-1:
7092 +-2: NOT Ev
7093 +-3: NEG Ev
7094 +-4: MUL rAX,Ev
7095 +-5: IMUL rAX,Ev
7096 +-6: DIV rAX,Ev
7097 +-7: IDIV rAX,Ev
7098 +-EndTable
7099 +-
7100 +-GrpTable: Grp4
7101 +-0: INC Eb
7102 +-1: DEC Eb
7103 +-EndTable
7104 +-
7105 +-GrpTable: Grp5
7106 +-0: INC Ev
7107 +-1: DEC Ev
7108 +-# Note: "forced64" is Intel CPU behavior (see comment about CALL insn).
7109 +-2: CALLN Ev (f64)
7110 +-3: CALLF Ep
7111 +-4: JMPN Ev (f64)
7112 +-5: JMPF Mp
7113 +-6: PUSH Ev (d64)
7114 +-7:
7115 +-EndTable
7116 +-
7117 +-GrpTable: Grp6
7118 +-0: SLDT Rv/Mw
7119 +-1: STR Rv/Mw
7120 +-2: LLDT Ew
7121 +-3: LTR Ew
7122 +-4: VERR Ew
7123 +-5: VERW Ew
7124 +-EndTable
7125 +-
7126 +-GrpTable: Grp7
7127 +-0: SGDT Ms | VMCALL (001),(11B) | VMLAUNCH (010),(11B) | VMRESUME (011),(11B) | VMXOFF (100),(11B)
7128 +-1: SIDT Ms | MONITOR (000),(11B) | MWAIT (001),(11B) | CLAC (010),(11B) | STAC (011),(11B)
7129 +-2: LGDT Ms | XGETBV (000),(11B) | XSETBV (001),(11B) | VMFUNC (100),(11B) | XEND (101)(11B) | XTEST (110)(11B)
7130 +-3: LIDT Ms
7131 +-4: SMSW Mw/Rv
7132 +-5: rdpkru (110),(11B) | wrpkru (111),(11B)
7133 +-6: LMSW Ew
7134 +-7: INVLPG Mb | SWAPGS (o64),(000),(11B) | RDTSCP (001),(11B)
7135 +-EndTable
7136 +-
7137 +-GrpTable: Grp8
7138 +-4: BT
7139 +-5: BTS
7140 +-6: BTR
7141 +-7: BTC
7142 +-EndTable
7143 +-
7144 +-GrpTable: Grp9
7145 +-1: CMPXCHG8B/16B Mq/Mdq
7146 +-3: xrstors
7147 +-4: xsavec
7148 +-5: xsaves
7149 +-6: VMPTRLD Mq | VMCLEAR Mq (66) | VMXON Mq (F3) | RDRAND Rv (11B)
7150 +-7: VMPTRST Mq | VMPTRST Mq (F3) | RDSEED Rv (11B)
7151 +-EndTable
7152 +-
7153 +-GrpTable: Grp10
7154 +-EndTable
7155 +-
7156 +-# Grp11A and Grp11B are expressed as Grp11 in Intel SDM
7157 +-GrpTable: Grp11A
7158 +-0: MOV Eb,Ib
7159 +-7: XABORT Ib (000),(11B)
7160 +-EndTable
7161 +-
7162 +-GrpTable: Grp11B
7163 +-0: MOV Eb,Iz
7164 +-7: XBEGIN Jz (000),(11B)
7165 +-EndTable
7166 +-
7167 +-GrpTable: Grp12
7168 +-2: psrlw Nq,Ib (11B) | vpsrlw Hx,Ux,Ib (66),(11B),(v1)
7169 +-4: psraw Nq,Ib (11B) | vpsraw Hx,Ux,Ib (66),(11B),(v1)
7170 +-6: psllw Nq,Ib (11B) | vpsllw Hx,Ux,Ib (66),(11B),(v1)
7171 +-EndTable
7172 +-
7173 +-GrpTable: Grp13
7174 +-0: vprord/q Hx,Wx,Ib (66),(ev)
7175 +-1: vprold/q Hx,Wx,Ib (66),(ev)
7176 +-2: psrld Nq,Ib (11B) | vpsrld Hx,Ux,Ib (66),(11B),(v1)
7177 +-4: psrad Nq,Ib (11B) | vpsrad Hx,Ux,Ib (66),(11B),(v1) | vpsrad/q Hx,Ux,Ib (66),(evo)
7178 +-6: pslld Nq,Ib (11B) | vpslld Hx,Ux,Ib (66),(11B),(v1)
7179 +-EndTable
7180 +-
7181 +-GrpTable: Grp14
7182 +-2: psrlq Nq,Ib (11B) | vpsrlq Hx,Ux,Ib (66),(11B),(v1)
7183 +-3: vpsrldq Hx,Ux,Ib (66),(11B),(v1)
7184 +-6: psllq Nq,Ib (11B) | vpsllq Hx,Ux,Ib (66),(11B),(v1)
7185 +-7: vpslldq Hx,Ux,Ib (66),(11B),(v1)
7186 +-EndTable
7187 +-
7188 +-GrpTable: Grp15
7189 +-0: fxsave | RDFSBASE Ry (F3),(11B)
7190 +-1: fxstor | RDGSBASE Ry (F3),(11B)
7191 +-2: vldmxcsr Md (v1) | WRFSBASE Ry (F3),(11B)
7192 +-3: vstmxcsr Md (v1) | WRGSBASE Ry (F3),(11B)
7193 +-4: XSAVE | ptwrite Ey (F3),(11B)
7194 +-5: XRSTOR | lfence (11B)
7195 +-6: XSAVEOPT | clwb (66) | mfence (11B)
7196 +-7: clflush | clflushopt (66) | sfence (11B)
7197 +-EndTable
7198 +-
7199 +-GrpTable: Grp16
7200 +-0: prefetch NTA
7201 +-1: prefetch T0
7202 +-2: prefetch T1
7203 +-3: prefetch T2
7204 +-EndTable
7205 +-
7206 +-GrpTable: Grp17
7207 +-1: BLSR By,Ey (v)
7208 +-2: BLSMSK By,Ey (v)
7209 +-3: BLSI By,Ey (v)
7210 +-EndTable
7211 +-
7212 +-GrpTable: Grp18
7213 +-1: vgatherpf0dps/d Wx (66),(ev)
7214 +-2: vgatherpf1dps/d Wx (66),(ev)
7215 +-5: vscatterpf0dps/d Wx (66),(ev)
7216 +-6: vscatterpf1dps/d Wx (66),(ev)
7217 +-EndTable
7218 +-
7219 +-GrpTable: Grp19
7220 +-1: vgatherpf0qps/d Wx (66),(ev)
7221 +-2: vgatherpf1qps/d Wx (66),(ev)
7222 +-5: vscatterpf0qps/d Wx (66),(ev)
7223 +-6: vscatterpf1qps/d Wx (66),(ev)
7224 +-EndTable
7225 +-
7226 +-# AMD's Prefetch Group
7227 +-GrpTable: GrpP
7228 +-0: PREFETCH
7229 +-1: PREFETCHW
7230 +-EndTable
7231 +-
7232 +-GrpTable: GrpPDLK
7233 +-0: MONTMUL
7234 +-1: XSHA1
7235 +-2: XSHA2
7236 +-EndTable
7237 +-
7238 +-GrpTable: GrpRNG
7239 +-0: xstore-rng
7240 +-1: xcrypt-ecb
7241 +-2: xcrypt-cbc
7242 +-4: xcrypt-cfb
7243 +-5: xcrypt-ofb
7244 +-EndTable
7245 +diff --git a/tools/objtool/arch/x86/lib/inat.c b/tools/objtool/arch/x86/lib/inat.c
7246 +new file mode 100644
7247 +index 000000000000..c1f01a8e9f65
7248 +--- /dev/null
7249 ++++ b/tools/objtool/arch/x86/lib/inat.c
7250 +@@ -0,0 +1,97 @@
7251 ++/*
7252 ++ * x86 instruction attribute tables
7253 ++ *
7254 ++ * Written by Masami Hiramatsu <mhiramat@××××××.com>
7255 ++ *
7256 ++ * This program is free software; you can redistribute it and/or modify
7257 ++ * it under the terms of the GNU General Public License as published by
7258 ++ * the Free Software Foundation; either version 2 of the License, or
7259 ++ * (at your option) any later version.
7260 ++ *
7261 ++ * This program is distributed in the hope that it will be useful,
7262 ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
7263 ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
7264 ++ * GNU General Public License for more details.
7265 ++ *
7266 ++ * You should have received a copy of the GNU General Public License
7267 ++ * along with this program; if not, write to the Free Software
7268 ++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
7269 ++ *
7270 ++ */
7271 ++#include <asm/insn.h>
7272 ++
7273 ++/* Attribute tables are generated from opcode map */
7274 ++#include "inat-tables.c"
7275 ++
7276 ++/* Attribute search APIs */
7277 ++insn_attr_t inat_get_opcode_attribute(insn_byte_t opcode)
7278 ++{
7279 ++ return inat_primary_table[opcode];
7280 ++}
7281 ++
7282 ++int inat_get_last_prefix_id(insn_byte_t last_pfx)
7283 ++{
7284 ++ insn_attr_t lpfx_attr;
7285 ++
7286 ++ lpfx_attr = inat_get_opcode_attribute(last_pfx);
7287 ++ return inat_last_prefix_id(lpfx_attr);
7288 ++}
7289 ++
7290 ++insn_attr_t inat_get_escape_attribute(insn_byte_t opcode, int lpfx_id,
7291 ++ insn_attr_t esc_attr)
7292 ++{
7293 ++ const insn_attr_t *table;
7294 ++ int n;
7295 ++
7296 ++ n = inat_escape_id(esc_attr);
7297 ++
7298 ++ table = inat_escape_tables[n][0];
7299 ++ if (!table)
7300 ++ return 0;
7301 ++ if (inat_has_variant(table[opcode]) && lpfx_id) {
7302 ++ table = inat_escape_tables[n][lpfx_id];
7303 ++ if (!table)
7304 ++ return 0;
7305 ++ }
7306 ++ return table[opcode];
7307 ++}
7308 ++
7309 ++insn_attr_t inat_get_group_attribute(insn_byte_t modrm, int lpfx_id,
7310 ++ insn_attr_t grp_attr)
7311 ++{
7312 ++ const insn_attr_t *table;
7313 ++ int n;
7314 ++
7315 ++ n = inat_group_id(grp_attr);
7316 ++
7317 ++ table = inat_group_tables[n][0];
7318 ++ if (!table)
7319 ++ return inat_group_common_attribute(grp_attr);
7320 ++ if (inat_has_variant(table[X86_MODRM_REG(modrm)]) && lpfx_id) {
7321 ++ table = inat_group_tables[n][lpfx_id];
7322 ++ if (!table)
7323 ++ return inat_group_common_attribute(grp_attr);
7324 ++ }
7325 ++ return table[X86_MODRM_REG(modrm)] |
7326 ++ inat_group_common_attribute(grp_attr);
7327 ++}
7328 ++
7329 ++insn_attr_t inat_get_avx_attribute(insn_byte_t opcode, insn_byte_t vex_m,
7330 ++ insn_byte_t vex_p)
7331 ++{
7332 ++ const insn_attr_t *table;
7333 ++ if (vex_m > X86_VEX_M_MAX || vex_p > INAT_LSTPFX_MAX)
7334 ++ return 0;
7335 ++ /* At first, this checks the master table */
7336 ++ table = inat_avx_tables[vex_m][0];
7337 ++ if (!table)
7338 ++ return 0;
7339 ++ if (!inat_is_group(table[opcode]) && vex_p) {
7340 ++ /* If this is not a group, get attribute directly */
7341 ++ table = inat_avx_tables[vex_m][vex_p];
7342 ++ if (!table)
7343 ++ return 0;
7344 ++ }
7345 ++ return table[opcode];
7346 ++}
7347 ++
7348 +diff --git a/tools/objtool/arch/x86/lib/insn.c b/tools/objtool/arch/x86/lib/insn.c
7349 +new file mode 100644
7350 +index 000000000000..1088eb8f3a5f
7351 +--- /dev/null
7352 ++++ b/tools/objtool/arch/x86/lib/insn.c
7353 +@@ -0,0 +1,606 @@
7354 ++/*
7355 ++ * x86 instruction analysis
7356 ++ *
7357 ++ * This program is free software; you can redistribute it and/or modify
7358 ++ * it under the terms of the GNU General Public License as published by
7359 ++ * the Free Software Foundation; either version 2 of the License, or
7360 ++ * (at your option) any later version.
7361 ++ *
7362 ++ * This program is distributed in the hope that it will be useful,
7363 ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
7364 ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
7365 ++ * GNU General Public License for more details.
7366 ++ *
7367 ++ * You should have received a copy of the GNU General Public License
7368 ++ * along with this program; if not, write to the Free Software
7369 ++ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
7370 ++ *
7371 ++ * Copyright (C) IBM Corporation, 2002, 2004, 2009
7372 ++ */
7373 ++
7374 ++#ifdef __KERNEL__
7375 ++#include <linux/string.h>
7376 ++#else
7377 ++#include <string.h>
7378 ++#endif
7379 ++#include <asm/inat.h>
7380 ++#include <asm/insn.h>
7381 ++
7382 ++/* Verify next sizeof(t) bytes can be on the same instruction */
7383 ++#define validate_next(t, insn, n) \
7384 ++ ((insn)->next_byte + sizeof(t) + n <= (insn)->end_kaddr)
7385 ++
7386 ++#define __get_next(t, insn) \
7387 ++ ({ t r = *(t*)insn->next_byte; insn->next_byte += sizeof(t); r; })
7388 ++
7389 ++#define __peek_nbyte_next(t, insn, n) \
7390 ++ ({ t r = *(t*)((insn)->next_byte + n); r; })
7391 ++
7392 ++#define get_next(t, insn) \
7393 ++ ({ if (unlikely(!validate_next(t, insn, 0))) goto err_out; __get_next(t, insn); })
7394 ++
7395 ++#define peek_nbyte_next(t, insn, n) \
7396 ++ ({ if (unlikely(!validate_next(t, insn, n))) goto err_out; __peek_nbyte_next(t, insn, n); })
7397 ++
7398 ++#define peek_next(t, insn) peek_nbyte_next(t, insn, 0)
7399 ++
7400 ++/**
7401 ++ * insn_init() - initialize struct insn
7402 ++ * @insn: &struct insn to be initialized
7403 ++ * @kaddr: address (in kernel memory) of instruction (or copy thereof)
7404 ++ * @x86_64: !0 for 64-bit kernel or 64-bit app
7405 ++ */
7406 ++void insn_init(struct insn *insn, const void *kaddr, int buf_len, int x86_64)
7407 ++{
7408 ++ /*
7409 ++ * Instructions longer than MAX_INSN_SIZE (15 bytes) are invalid
7410 ++ * even if the input buffer is long enough to hold them.
7411 ++ */
7412 ++ if (buf_len > MAX_INSN_SIZE)
7413 ++ buf_len = MAX_INSN_SIZE;
7414 ++
7415 ++ memset(insn, 0, sizeof(*insn));
7416 ++ insn->kaddr = kaddr;
7417 ++ insn->end_kaddr = kaddr + buf_len;
7418 ++ insn->next_byte = kaddr;
7419 ++ insn->x86_64 = x86_64 ? 1 : 0;
7420 ++ insn->opnd_bytes = 4;
7421 ++ if (x86_64)
7422 ++ insn->addr_bytes = 8;
7423 ++ else
7424 ++ insn->addr_bytes = 4;
7425 ++}
7426 ++
7427 ++/**
7428 ++ * insn_get_prefixes - scan x86 instruction prefix bytes
7429 ++ * @insn: &struct insn containing instruction
7430 ++ *
7431 ++ * Populates the @insn->prefixes bitmap, and updates @insn->next_byte
7432 ++ * to point to the (first) opcode. No effect if @insn->prefixes.got
7433 ++ * is already set.
7434 ++ */
7435 ++void insn_get_prefixes(struct insn *insn)
7436 ++{
7437 ++ struct insn_field *prefixes = &insn->prefixes;
7438 ++ insn_attr_t attr;
7439 ++ insn_byte_t b, lb;
7440 ++ int i, nb;
7441 ++
7442 ++ if (prefixes->got)
7443 ++ return;
7444 ++
7445 ++ nb = 0;
7446 ++ lb = 0;
7447 ++ b = peek_next(insn_byte_t, insn);
7448 ++ attr = inat_get_opcode_attribute(b);
7449 ++ while (inat_is_legacy_prefix(attr)) {
7450 ++ /* Skip if same prefix */
7451 ++ for (i = 0; i < nb; i++)
7452 ++ if (prefixes->bytes[i] == b)
7453 ++ goto found;
7454 ++ if (nb == 4)
7455 ++ /* Invalid instruction */
7456 ++ break;
7457 ++ prefixes->bytes[nb++] = b;
7458 ++ if (inat_is_address_size_prefix(attr)) {
7459 ++ /* address size switches 2/4 or 4/8 */
7460 ++ if (insn->x86_64)
7461 ++ insn->addr_bytes ^= 12;
7462 ++ else
7463 ++ insn->addr_bytes ^= 6;
7464 ++ } else if (inat_is_operand_size_prefix(attr)) {
7465 ++ /* oprand size switches 2/4 */
7466 ++ insn->opnd_bytes ^= 6;
7467 ++ }
7468 ++found:
7469 ++ prefixes->nbytes++;
7470 ++ insn->next_byte++;
7471 ++ lb = b;
7472 ++ b = peek_next(insn_byte_t, insn);
7473 ++ attr = inat_get_opcode_attribute(b);
7474 ++ }
7475 ++ /* Set the last prefix */
7476 ++ if (lb && lb != insn->prefixes.bytes[3]) {
7477 ++ if (unlikely(insn->prefixes.bytes[3])) {
7478 ++ /* Swap the last prefix */
7479 ++ b = insn->prefixes.bytes[3];
7480 ++ for (i = 0; i < nb; i++)
7481 ++ if (prefixes->bytes[i] == lb)
7482 ++ prefixes->bytes[i] = b;
7483 ++ }
7484 ++ insn->prefixes.bytes[3] = lb;
7485 ++ }
7486 ++
7487 ++ /* Decode REX prefix */
7488 ++ if (insn->x86_64) {
7489 ++ b = peek_next(insn_byte_t, insn);
7490 ++ attr = inat_get_opcode_attribute(b);
7491 ++ if (inat_is_rex_prefix(attr)) {
7492 ++ insn->rex_prefix.value = b;
7493 ++ insn->rex_prefix.nbytes = 1;
7494 ++ insn->next_byte++;
7495 ++ if (X86_REX_W(b))
7496 ++ /* REX.W overrides opnd_size */
7497 ++ insn->opnd_bytes = 8;
7498 ++ }
7499 ++ }
7500 ++ insn->rex_prefix.got = 1;
7501 ++
7502 ++ /* Decode VEX prefix */
7503 ++ b = peek_next(insn_byte_t, insn);
7504 ++ attr = inat_get_opcode_attribute(b);
7505 ++ if (inat_is_vex_prefix(attr)) {
7506 ++ insn_byte_t b2 = peek_nbyte_next(insn_byte_t, insn, 1);
7507 ++ if (!insn->x86_64) {
7508 ++ /*
7509 ++ * In 32-bits mode, if the [7:6] bits (mod bits of
7510 ++ * ModRM) on the second byte are not 11b, it is
7511 ++ * LDS or LES or BOUND.
7512 ++ */
7513 ++ if (X86_MODRM_MOD(b2) != 3)
7514 ++ goto vex_end;
7515 ++ }
7516 ++ insn->vex_prefix.bytes[0] = b;
7517 ++ insn->vex_prefix.bytes[1] = b2;
7518 ++ if (inat_is_evex_prefix(attr)) {
7519 ++ b2 = peek_nbyte_next(insn_byte_t, insn, 2);
7520 ++ insn->vex_prefix.bytes[2] = b2;
7521 ++ b2 = peek_nbyte_next(insn_byte_t, insn, 3);
7522 ++ insn->vex_prefix.bytes[3] = b2;
7523 ++ insn->vex_prefix.nbytes = 4;
7524 ++ insn->next_byte += 4;
7525 ++ if (insn->x86_64 && X86_VEX_W(b2))
7526 ++ /* VEX.W overrides opnd_size */
7527 ++ insn->opnd_bytes = 8;
7528 ++ } else if (inat_is_vex3_prefix(attr)) {
7529 ++ b2 = peek_nbyte_next(insn_byte_t, insn, 2);
7530 ++ insn->vex_prefix.bytes[2] = b2;
7531 ++ insn->vex_prefix.nbytes = 3;
7532 ++ insn->next_byte += 3;
7533 ++ if (insn->x86_64 && X86_VEX_W(b2))
7534 ++ /* VEX.W overrides opnd_size */
7535 ++ insn->opnd_bytes = 8;
7536 ++ } else {
7537 ++ /*
7538 ++ * For VEX2, fake VEX3-like byte#2.
7539 ++ * Makes it easier to decode vex.W, vex.vvvv,
7540 ++ * vex.L and vex.pp. Masking with 0x7f sets vex.W == 0.
7541 ++ */
7542 ++ insn->vex_prefix.bytes[2] = b2 & 0x7f;
7543 ++ insn->vex_prefix.nbytes = 2;
7544 ++ insn->next_byte += 2;
7545 ++ }
7546 ++ }
7547 ++vex_end:
7548 ++ insn->vex_prefix.got = 1;
7549 ++
7550 ++ prefixes->got = 1;
7551 ++
7552 ++err_out:
7553 ++ return;
7554 ++}
7555 ++
7556 ++/**
7557 ++ * insn_get_opcode - collect opcode(s)
7558 ++ * @insn: &struct insn containing instruction
7559 ++ *
7560 ++ * Populates @insn->opcode, updates @insn->next_byte to point past the
7561 ++ * opcode byte(s), and set @insn->attr (except for groups).
7562 ++ * If necessary, first collects any preceding (prefix) bytes.
7563 ++ * Sets @insn->opcode.value = opcode1. No effect if @insn->opcode.got
7564 ++ * is already 1.
7565 ++ */
7566 ++void insn_get_opcode(struct insn *insn)
7567 ++{
7568 ++ struct insn_field *opcode = &insn->opcode;
7569 ++ insn_byte_t op;
7570 ++ int pfx_id;
7571 ++ if (opcode->got)
7572 ++ return;
7573 ++ if (!insn->prefixes.got)
7574 ++ insn_get_prefixes(insn);
7575 ++
7576 ++ /* Get first opcode */
7577 ++ op = get_next(insn_byte_t, insn);
7578 ++ opcode->bytes[0] = op;
7579 ++ opcode->nbytes = 1;
7580 ++
7581 ++ /* Check if there is VEX prefix or not */
7582 ++ if (insn_is_avx(insn)) {
7583 ++ insn_byte_t m, p;
7584 ++ m = insn_vex_m_bits(insn);
7585 ++ p = insn_vex_p_bits(insn);
7586 ++ insn->attr = inat_get_avx_attribute(op, m, p);
7587 ++ if ((inat_must_evex(insn->attr) && !insn_is_evex(insn)) ||
7588 ++ (!inat_accept_vex(insn->attr) &&
7589 ++ !inat_is_group(insn->attr)))
7590 ++ insn->attr = 0; /* This instruction is bad */
7591 ++ goto end; /* VEX has only 1 byte for opcode */
7592 ++ }
7593 ++
7594 ++ insn->attr = inat_get_opcode_attribute(op);
7595 ++ while (inat_is_escape(insn->attr)) {
7596 ++ /* Get escaped opcode */
7597 ++ op = get_next(insn_byte_t, insn);
7598 ++ opcode->bytes[opcode->nbytes++] = op;
7599 ++ pfx_id = insn_last_prefix_id(insn);
7600 ++ insn->attr = inat_get_escape_attribute(op, pfx_id, insn->attr);
7601 ++ }
7602 ++ if (inat_must_vex(insn->attr))
7603 ++ insn->attr = 0; /* This instruction is bad */
7604 ++end:
7605 ++ opcode->got = 1;
7606 ++
7607 ++err_out:
7608 ++ return;
7609 ++}
7610 ++
7611 ++/**
7612 ++ * insn_get_modrm - collect ModRM byte, if any
7613 ++ * @insn: &struct insn containing instruction
7614 ++ *
7615 ++ * Populates @insn->modrm and updates @insn->next_byte to point past the
7616 ++ * ModRM byte, if any. If necessary, first collects the preceding bytes
7617 ++ * (prefixes and opcode(s)). No effect if @insn->modrm.got is already 1.
7618 ++ */
7619 ++void insn_get_modrm(struct insn *insn)
7620 ++{
7621 ++ struct insn_field *modrm = &insn->modrm;
7622 ++ insn_byte_t pfx_id, mod;
7623 ++ if (modrm->got)
7624 ++ return;
7625 ++ if (!insn->opcode.got)
7626 ++ insn_get_opcode(insn);
7627 ++
7628 ++ if (inat_has_modrm(insn->attr)) {
7629 ++ mod = get_next(insn_byte_t, insn);
7630 ++ modrm->value = mod;
7631 ++ modrm->nbytes = 1;
7632 ++ if (inat_is_group(insn->attr)) {
7633 ++ pfx_id = insn_last_prefix_id(insn);
7634 ++ insn->attr = inat_get_group_attribute(mod, pfx_id,
7635 ++ insn->attr);
7636 ++ if (insn_is_avx(insn) && !inat_accept_vex(insn->attr))
7637 ++ insn->attr = 0; /* This is bad */
7638 ++ }
7639 ++ }
7640 ++
7641 ++ if (insn->x86_64 && inat_is_force64(insn->attr))
7642 ++ insn->opnd_bytes = 8;
7643 ++ modrm->got = 1;
7644 ++
7645 ++err_out:
7646 ++ return;
7647 ++}
7648 ++
7649 ++
7650 ++/**
7651 ++ * insn_rip_relative() - Does instruction use RIP-relative addressing mode?
7652 ++ * @insn: &struct insn containing instruction
7653 ++ *
7654 ++ * If necessary, first collects the instruction up to and including the
7655 ++ * ModRM byte. No effect if @insn->x86_64 is 0.
7656 ++ */
7657 ++int insn_rip_relative(struct insn *insn)
7658 ++{
7659 ++ struct insn_field *modrm = &insn->modrm;
7660 ++
7661 ++ if (!insn->x86_64)
7662 ++ return 0;
7663 ++ if (!modrm->got)
7664 ++ insn_get_modrm(insn);
7665 ++ /*
7666 ++ * For rip-relative instructions, the mod field (top 2 bits)
7667 ++ * is zero and the r/m field (bottom 3 bits) is 0x5.
7668 ++ */
7669 ++ return (modrm->nbytes && (modrm->value & 0xc7) == 0x5);
7670 ++}
7671 ++
7672 ++/**
7673 ++ * insn_get_sib() - Get the SIB byte of instruction
7674 ++ * @insn: &struct insn containing instruction
7675 ++ *
7676 ++ * If necessary, first collects the instruction up to and including the
7677 ++ * ModRM byte.
7678 ++ */
7679 ++void insn_get_sib(struct insn *insn)
7680 ++{
7681 ++ insn_byte_t modrm;
7682 ++
7683 ++ if (insn->sib.got)
7684 ++ return;
7685 ++ if (!insn->modrm.got)
7686 ++ insn_get_modrm(insn);
7687 ++ if (insn->modrm.nbytes) {
7688 ++ modrm = (insn_byte_t)insn->modrm.value;
7689 ++ if (insn->addr_bytes != 2 &&
7690 ++ X86_MODRM_MOD(modrm) != 3 && X86_MODRM_RM(modrm) == 4) {
7691 ++ insn->sib.value = get_next(insn_byte_t, insn);
7692 ++ insn->sib.nbytes = 1;
7693 ++ }
7694 ++ }
7695 ++ insn->sib.got = 1;
7696 ++
7697 ++err_out:
7698 ++ return;
7699 ++}
7700 ++
7701 ++
7702 ++/**
7703 ++ * insn_get_displacement() - Get the displacement of instruction
7704 ++ * @insn: &struct insn containing instruction
7705 ++ *
7706 ++ * If necessary, first collects the instruction up to and including the
7707 ++ * SIB byte.
7708 ++ * Displacement value is sign-expanded.
7709 ++ */
7710 ++void insn_get_displacement(struct insn *insn)
7711 ++{
7712 ++ insn_byte_t mod, rm, base;
7713 ++
7714 ++ if (insn->displacement.got)
7715 ++ return;
7716 ++ if (!insn->sib.got)
7717 ++ insn_get_sib(insn);
7718 ++ if (insn->modrm.nbytes) {
7719 ++ /*
7720 ++ * Interpreting the modrm byte:
7721 ++ * mod = 00 - no displacement fields (exceptions below)
7722 ++ * mod = 01 - 1-byte displacement field
7723 ++ * mod = 10 - displacement field is 4 bytes, or 2 bytes if
7724 ++ * address size = 2 (0x67 prefix in 32-bit mode)
7725 ++ * mod = 11 - no memory operand
7726 ++ *
7727 ++ * If address size = 2...
7728 ++ * mod = 00, r/m = 110 - displacement field is 2 bytes
7729 ++ *
7730 ++ * If address size != 2...
7731 ++ * mod != 11, r/m = 100 - SIB byte exists
7732 ++ * mod = 00, SIB base = 101 - displacement field is 4 bytes
7733 ++ * mod = 00, r/m = 101 - rip-relative addressing, displacement
7734 ++ * field is 4 bytes
7735 ++ */
7736 ++ mod = X86_MODRM_MOD(insn->modrm.value);
7737 ++ rm = X86_MODRM_RM(insn->modrm.value);
7738 ++ base = X86_SIB_BASE(insn->sib.value);
7739 ++ if (mod == 3)
7740 ++ goto out;
7741 ++ if (mod == 1) {
7742 ++ insn->displacement.value = get_next(signed char, insn);
7743 ++ insn->displacement.nbytes = 1;
7744 ++ } else if (insn->addr_bytes == 2) {
7745 ++ if ((mod == 0 && rm == 6) || mod == 2) {
7746 ++ insn->displacement.value =
7747 ++ get_next(short, insn);
7748 ++ insn->displacement.nbytes = 2;
7749 ++ }
7750 ++ } else {
7751 ++ if ((mod == 0 && rm == 5) || mod == 2 ||
7752 ++ (mod == 0 && base == 5)) {
7753 ++ insn->displacement.value = get_next(int, insn);
7754 ++ insn->displacement.nbytes = 4;
7755 ++ }
7756 ++ }
7757 ++ }
7758 ++out:
7759 ++ insn->displacement.got = 1;
7760 ++
7761 ++err_out:
7762 ++ return;
7763 ++}
7764 ++
7765 ++/* Decode moffset16/32/64. Return 0 if failed */
7766 ++static int __get_moffset(struct insn *insn)
7767 ++{
7768 ++ switch (insn->addr_bytes) {
7769 ++ case 2:
7770 ++ insn->moffset1.value = get_next(short, insn);
7771 ++ insn->moffset1.nbytes = 2;
7772 ++ break;
7773 ++ case 4:
7774 ++ insn->moffset1.value = get_next(int, insn);
7775 ++ insn->moffset1.nbytes = 4;
7776 ++ break;
7777 ++ case 8:
7778 ++ insn->moffset1.value = get_next(int, insn);
7779 ++ insn->moffset1.nbytes = 4;
7780 ++ insn->moffset2.value = get_next(int, insn);
7781 ++ insn->moffset2.nbytes = 4;
7782 ++ break;
7783 ++ default: /* opnd_bytes must be modified manually */
7784 ++ goto err_out;
7785 ++ }
7786 ++ insn->moffset1.got = insn->moffset2.got = 1;
7787 ++
7788 ++ return 1;
7789 ++
7790 ++err_out:
7791 ++ return 0;
7792 ++}
7793 ++
7794 ++/* Decode imm v32(Iz). Return 0 if failed */
7795 ++static int __get_immv32(struct insn *insn)
7796 ++{
7797 ++ switch (insn->opnd_bytes) {
7798 ++ case 2:
7799 ++ insn->immediate.value = get_next(short, insn);
7800 ++ insn->immediate.nbytes = 2;
7801 ++ break;
7802 ++ case 4:
7803 ++ case 8:
7804 ++ insn->immediate.value = get_next(int, insn);
7805 ++ insn->immediate.nbytes = 4;
7806 ++ break;
7807 ++ default: /* opnd_bytes must be modified manually */
7808 ++ goto err_out;
7809 ++ }
7810 ++
7811 ++ return 1;
7812 ++
7813 ++err_out:
7814 ++ return 0;
7815 ++}
7816 ++
7817 ++/* Decode imm v64(Iv/Ov), Return 0 if failed */
7818 ++static int __get_immv(struct insn *insn)
7819 ++{
7820 ++ switch (insn->opnd_bytes) {
7821 ++ case 2:
7822 ++ insn->immediate1.value = get_next(short, insn);
7823 ++ insn->immediate1.nbytes = 2;
7824 ++ break;
7825 ++ case 4:
7826 ++ insn->immediate1.value = get_next(int, insn);
7827 ++ insn->immediate1.nbytes = 4;
7828 ++ break;
7829 ++ case 8:
7830 ++ insn->immediate1.value = get_next(int, insn);
7831 ++ insn->immediate1.nbytes = 4;
7832 ++ insn->immediate2.value = get_next(int, insn);
7833 ++ insn->immediate2.nbytes = 4;
7834 ++ break;
7835 ++ default: /* opnd_bytes must be modified manually */
7836 ++ goto err_out;
7837 ++ }
7838 ++ insn->immediate1.got = insn->immediate2.got = 1;
7839 ++
7840 ++ return 1;
7841 ++err_out:
7842 ++ return 0;
7843 ++}
7844 ++
7845 ++/* Decode ptr16:16/32(Ap) */
7846 ++static int __get_immptr(struct insn *insn)
7847 ++{
7848 ++ switch (insn->opnd_bytes) {
7849 ++ case 2:
7850 ++ insn->immediate1.value = get_next(short, insn);
7851 ++ insn->immediate1.nbytes = 2;
7852 ++ break;
7853 ++ case 4:
7854 ++ insn->immediate1.value = get_next(int, insn);
7855 ++ insn->immediate1.nbytes = 4;
7856 ++ break;
7857 ++ case 8:
7858 ++ /* ptr16:64 is not exist (no segment) */
7859 ++ return 0;
7860 ++ default: /* opnd_bytes must be modified manually */
7861 ++ goto err_out;
7862 ++ }
7863 ++ insn->immediate2.value = get_next(unsigned short, insn);
7864 ++ insn->immediate2.nbytes = 2;
7865 ++ insn->immediate1.got = insn->immediate2.got = 1;
7866 ++
7867 ++ return 1;
7868 ++err_out:
7869 ++ return 0;
7870 ++}
7871 ++
7872 ++/**
7873 ++ * insn_get_immediate() - Get the immediates of instruction
7874 ++ * @insn: &struct insn containing instruction
7875 ++ *
7876 ++ * If necessary, first collects the instruction up to and including the
7877 ++ * displacement bytes.
7878 ++ * Basically, most of immediates are sign-expanded. Unsigned-value can be
7879 ++ * get by bit masking with ((1 << (nbytes * 8)) - 1)
7880 ++ */
7881 ++void insn_get_immediate(struct insn *insn)
7882 ++{
7883 ++ if (insn->immediate.got)
7884 ++ return;
7885 ++ if (!insn->displacement.got)
7886 ++ insn_get_displacement(insn);
7887 ++
7888 ++ if (inat_has_moffset(insn->attr)) {
7889 ++ if (!__get_moffset(insn))
7890 ++ goto err_out;
7891 ++ goto done;
7892 ++ }
7893 ++
7894 ++ if (!inat_has_immediate(insn->attr))
7895 ++ /* no immediates */
7896 ++ goto done;
7897 ++
7898 ++ switch (inat_immediate_size(insn->attr)) {
7899 ++ case INAT_IMM_BYTE:
7900 ++ insn->immediate.value = get_next(signed char, insn);
7901 ++ insn->immediate.nbytes = 1;
7902 ++ break;
7903 ++ case INAT_IMM_WORD:
7904 ++ insn->immediate.value = get_next(short, insn);
7905 ++ insn->immediate.nbytes = 2;
7906 ++ break;
7907 ++ case INAT_IMM_DWORD:
7908 ++ insn->immediate.value = get_next(int, insn);
7909 ++ insn->immediate.nbytes = 4;
7910 ++ break;
7911 ++ case INAT_IMM_QWORD:
7912 ++ insn->immediate1.value = get_next(int, insn);
7913 ++ insn->immediate1.nbytes = 4;
7914 ++ insn->immediate2.value = get_next(int, insn);
7915 ++ insn->immediate2.nbytes = 4;
7916 ++ break;
7917 ++ case INAT_IMM_PTR:
7918 ++ if (!__get_immptr(insn))
7919 ++ goto err_out;
7920 ++ break;
7921 ++ case INAT_IMM_VWORD32:
7922 ++ if (!__get_immv32(insn))
7923 ++ goto err_out;
7924 ++ break;
7925 ++ case INAT_IMM_VWORD:
7926 ++ if (!__get_immv(insn))
7927 ++ goto err_out;
7928 ++ break;
7929 ++ default:
7930 ++ /* Here, insn must have an immediate, but failed */
7931 ++ goto err_out;
7932 ++ }
7933 ++ if (inat_has_second_immediate(insn->attr)) {
7934 ++ insn->immediate2.value = get_next(signed char, insn);
7935 ++ insn->immediate2.nbytes = 1;
7936 ++ }
7937 ++done:
7938 ++ insn->immediate.got = 1;
7939 ++
7940 ++err_out:
7941 ++ return;
7942 ++}
7943 ++
7944 ++/**
7945 ++ * insn_get_length() - Get the length of instruction
7946 ++ * @insn: &struct insn containing instruction
7947 ++ *
7948 ++ * If necessary, first collects the instruction up to and including the
7949 ++ * immediates bytes.
7950 ++ */
7951 ++void insn_get_length(struct insn *insn)
7952 ++{
7953 ++ if (insn->length)
7954 ++ return;
7955 ++ if (!insn->immediate.got)
7956 ++ insn_get_immediate(insn);
7957 ++ insn->length = (unsigned char)((unsigned long)insn->next_byte
7958 ++ - (unsigned long)insn->kaddr);
7959 ++}
7960 +diff --git a/tools/objtool/arch/x86/lib/x86-opcode-map.txt b/tools/objtool/arch/x86/lib/x86-opcode-map.txt
7961 +new file mode 100644
7962 +index 000000000000..e0b85930dd77
7963 +--- /dev/null
7964 ++++ b/tools/objtool/arch/x86/lib/x86-opcode-map.txt
7965 +@@ -0,0 +1,1072 @@
7966 ++# x86 Opcode Maps
7967 ++#
7968 ++# This is (mostly) based on following documentations.
7969 ++# - Intel(R) 64 and IA-32 Architectures Software Developer's Manual Vol.2C
7970 ++# (#326018-047US, June 2013)
7971 ++#
7972 ++#<Opcode maps>
7973 ++# Table: table-name
7974 ++# Referrer: escaped-name
7975 ++# AVXcode: avx-code
7976 ++# opcode: mnemonic|GrpXXX [operand1[,operand2...]] [(extra1)[,(extra2)...] [| 2nd-mnemonic ...]
7977 ++# (or)
7978 ++# opcode: escape # escaped-name
7979 ++# EndTable
7980 ++#
7981 ++# mnemonics that begin with lowercase 'v' accept a VEX or EVEX prefix
7982 ++# mnemonics that begin with lowercase 'k' accept a VEX prefix
7983 ++#
7984 ++#<group maps>
7985 ++# GrpTable: GrpXXX
7986 ++# reg: mnemonic [operand1[,operand2...]] [(extra1)[,(extra2)...] [| 2nd-mnemonic ...]
7987 ++# EndTable
7988 ++#
7989 ++# AVX Superscripts
7990 ++# (ev): this opcode requires EVEX prefix.
7991 ++# (evo): this opcode is changed by EVEX prefix (EVEX opcode)
7992 ++# (v): this opcode requires VEX prefix.
7993 ++# (v1): this opcode only supports 128bit VEX.
7994 ++#
7995 ++# Last Prefix Superscripts
7996 ++# - (66): the last prefix is 0x66
7997 ++# - (F3): the last prefix is 0xF3
7998 ++# - (F2): the last prefix is 0xF2
7999 ++# - (!F3) : the last prefix is not 0xF3 (including non-last prefix case)
8000 ++# - (66&F2): Both 0x66 and 0xF2 prefixes are specified.
8001 ++
8002 ++Table: one byte opcode
8003 ++Referrer:
8004 ++AVXcode:
8005 ++# 0x00 - 0x0f
8006 ++00: ADD Eb,Gb
8007 ++01: ADD Ev,Gv
8008 ++02: ADD Gb,Eb
8009 ++03: ADD Gv,Ev
8010 ++04: ADD AL,Ib
8011 ++05: ADD rAX,Iz
8012 ++06: PUSH ES (i64)
8013 ++07: POP ES (i64)
8014 ++08: OR Eb,Gb
8015 ++09: OR Ev,Gv
8016 ++0a: OR Gb,Eb
8017 ++0b: OR Gv,Ev
8018 ++0c: OR AL,Ib
8019 ++0d: OR rAX,Iz
8020 ++0e: PUSH CS (i64)
8021 ++0f: escape # 2-byte escape
8022 ++# 0x10 - 0x1f
8023 ++10: ADC Eb,Gb
8024 ++11: ADC Ev,Gv
8025 ++12: ADC Gb,Eb
8026 ++13: ADC Gv,Ev
8027 ++14: ADC AL,Ib
8028 ++15: ADC rAX,Iz
8029 ++16: PUSH SS (i64)
8030 ++17: POP SS (i64)
8031 ++18: SBB Eb,Gb
8032 ++19: SBB Ev,Gv
8033 ++1a: SBB Gb,Eb
8034 ++1b: SBB Gv,Ev
8035 ++1c: SBB AL,Ib
8036 ++1d: SBB rAX,Iz
8037 ++1e: PUSH DS (i64)
8038 ++1f: POP DS (i64)
8039 ++# 0x20 - 0x2f
8040 ++20: AND Eb,Gb
8041 ++21: AND Ev,Gv
8042 ++22: AND Gb,Eb
8043 ++23: AND Gv,Ev
8044 ++24: AND AL,Ib
8045 ++25: AND rAx,Iz
8046 ++26: SEG=ES (Prefix)
8047 ++27: DAA (i64)
8048 ++28: SUB Eb,Gb
8049 ++29: SUB Ev,Gv
8050 ++2a: SUB Gb,Eb
8051 ++2b: SUB Gv,Ev
8052 ++2c: SUB AL,Ib
8053 ++2d: SUB rAX,Iz
8054 ++2e: SEG=CS (Prefix)
8055 ++2f: DAS (i64)
8056 ++# 0x30 - 0x3f
8057 ++30: XOR Eb,Gb
8058 ++31: XOR Ev,Gv
8059 ++32: XOR Gb,Eb
8060 ++33: XOR Gv,Ev
8061 ++34: XOR AL,Ib
8062 ++35: XOR rAX,Iz
8063 ++36: SEG=SS (Prefix)
8064 ++37: AAA (i64)
8065 ++38: CMP Eb,Gb
8066 ++39: CMP Ev,Gv
8067 ++3a: CMP Gb,Eb
8068 ++3b: CMP Gv,Ev
8069 ++3c: CMP AL,Ib
8070 ++3d: CMP rAX,Iz
8071 ++3e: SEG=DS (Prefix)
8072 ++3f: AAS (i64)
8073 ++# 0x40 - 0x4f
8074 ++40: INC eAX (i64) | REX (o64)
8075 ++41: INC eCX (i64) | REX.B (o64)
8076 ++42: INC eDX (i64) | REX.X (o64)
8077 ++43: INC eBX (i64) | REX.XB (o64)
8078 ++44: INC eSP (i64) | REX.R (o64)
8079 ++45: INC eBP (i64) | REX.RB (o64)
8080 ++46: INC eSI (i64) | REX.RX (o64)
8081 ++47: INC eDI (i64) | REX.RXB (o64)
8082 ++48: DEC eAX (i64) | REX.W (o64)
8083 ++49: DEC eCX (i64) | REX.WB (o64)
8084 ++4a: DEC eDX (i64) | REX.WX (o64)
8085 ++4b: DEC eBX (i64) | REX.WXB (o64)
8086 ++4c: DEC eSP (i64) | REX.WR (o64)
8087 ++4d: DEC eBP (i64) | REX.WRB (o64)
8088 ++4e: DEC eSI (i64) | REX.WRX (o64)
8089 ++4f: DEC eDI (i64) | REX.WRXB (o64)
8090 ++# 0x50 - 0x5f
8091 ++50: PUSH rAX/r8 (d64)
8092 ++51: PUSH rCX/r9 (d64)
8093 ++52: PUSH rDX/r10 (d64)
8094 ++53: PUSH rBX/r11 (d64)
8095 ++54: PUSH rSP/r12 (d64)
8096 ++55: PUSH rBP/r13 (d64)
8097 ++56: PUSH rSI/r14 (d64)
8098 ++57: PUSH rDI/r15 (d64)
8099 ++58: POP rAX/r8 (d64)
8100 ++59: POP rCX/r9 (d64)
8101 ++5a: POP rDX/r10 (d64)
8102 ++5b: POP rBX/r11 (d64)
8103 ++5c: POP rSP/r12 (d64)
8104 ++5d: POP rBP/r13 (d64)
8105 ++5e: POP rSI/r14 (d64)
8106 ++5f: POP rDI/r15 (d64)
8107 ++# 0x60 - 0x6f
8108 ++60: PUSHA/PUSHAD (i64)
8109 ++61: POPA/POPAD (i64)
8110 ++62: BOUND Gv,Ma (i64) | EVEX (Prefix)
8111 ++63: ARPL Ew,Gw (i64) | MOVSXD Gv,Ev (o64)
8112 ++64: SEG=FS (Prefix)
8113 ++65: SEG=GS (Prefix)
8114 ++66: Operand-Size (Prefix)
8115 ++67: Address-Size (Prefix)
8116 ++68: PUSH Iz (d64)
8117 ++69: IMUL Gv,Ev,Iz
8118 ++6a: PUSH Ib (d64)
8119 ++6b: IMUL Gv,Ev,Ib
8120 ++6c: INS/INSB Yb,DX
8121 ++6d: INS/INSW/INSD Yz,DX
8122 ++6e: OUTS/OUTSB DX,Xb
8123 ++6f: OUTS/OUTSW/OUTSD DX,Xz
8124 ++# 0x70 - 0x7f
8125 ++70: JO Jb
8126 ++71: JNO Jb
8127 ++72: JB/JNAE/JC Jb
8128 ++73: JNB/JAE/JNC Jb
8129 ++74: JZ/JE Jb
8130 ++75: JNZ/JNE Jb
8131 ++76: JBE/JNA Jb
8132 ++77: JNBE/JA Jb
8133 ++78: JS Jb
8134 ++79: JNS Jb
8135 ++7a: JP/JPE Jb
8136 ++7b: JNP/JPO Jb
8137 ++7c: JL/JNGE Jb
8138 ++7d: JNL/JGE Jb
8139 ++7e: JLE/JNG Jb
8140 ++7f: JNLE/JG Jb
8141 ++# 0x80 - 0x8f
8142 ++80: Grp1 Eb,Ib (1A)
8143 ++81: Grp1 Ev,Iz (1A)
8144 ++82: Grp1 Eb,Ib (1A),(i64)
8145 ++83: Grp1 Ev,Ib (1A)
8146 ++84: TEST Eb,Gb
8147 ++85: TEST Ev,Gv
8148 ++86: XCHG Eb,Gb
8149 ++87: XCHG Ev,Gv
8150 ++88: MOV Eb,Gb
8151 ++89: MOV Ev,Gv
8152 ++8a: MOV Gb,Eb
8153 ++8b: MOV Gv,Ev
8154 ++8c: MOV Ev,Sw
8155 ++8d: LEA Gv,M
8156 ++8e: MOV Sw,Ew
8157 ++8f: Grp1A (1A) | POP Ev (d64)
8158 ++# 0x90 - 0x9f
8159 ++90: NOP | PAUSE (F3) | XCHG r8,rAX
8160 ++91: XCHG rCX/r9,rAX
8161 ++92: XCHG rDX/r10,rAX
8162 ++93: XCHG rBX/r11,rAX
8163 ++94: XCHG rSP/r12,rAX
8164 ++95: XCHG rBP/r13,rAX
8165 ++96: XCHG rSI/r14,rAX
8166 ++97: XCHG rDI/r15,rAX
8167 ++98: CBW/CWDE/CDQE
8168 ++99: CWD/CDQ/CQO
8169 ++9a: CALLF Ap (i64)
8170 ++9b: FWAIT/WAIT
8171 ++9c: PUSHF/D/Q Fv (d64)
8172 ++9d: POPF/D/Q Fv (d64)
8173 ++9e: SAHF
8174 ++9f: LAHF
8175 ++# 0xa0 - 0xaf
8176 ++a0: MOV AL,Ob
8177 ++a1: MOV rAX,Ov
8178 ++a2: MOV Ob,AL
8179 ++a3: MOV Ov,rAX
8180 ++a4: MOVS/B Yb,Xb
8181 ++a5: MOVS/W/D/Q Yv,Xv
8182 ++a6: CMPS/B Xb,Yb
8183 ++a7: CMPS/W/D Xv,Yv
8184 ++a8: TEST AL,Ib
8185 ++a9: TEST rAX,Iz
8186 ++aa: STOS/B Yb,AL
8187 ++ab: STOS/W/D/Q Yv,rAX
8188 ++ac: LODS/B AL,Xb
8189 ++ad: LODS/W/D/Q rAX,Xv
8190 ++ae: SCAS/B AL,Yb
8191 ++# Note: The May 2011 Intel manual shows Xv for the second parameter of the
8192 ++# next instruction but Yv is correct
8193 ++af: SCAS/W/D/Q rAX,Yv
8194 ++# 0xb0 - 0xbf
8195 ++b0: MOV AL/R8L,Ib
8196 ++b1: MOV CL/R9L,Ib
8197 ++b2: MOV DL/R10L,Ib
8198 ++b3: MOV BL/R11L,Ib
8199 ++b4: MOV AH/R12L,Ib
8200 ++b5: MOV CH/R13L,Ib
8201 ++b6: MOV DH/R14L,Ib
8202 ++b7: MOV BH/R15L,Ib
8203 ++b8: MOV rAX/r8,Iv
8204 ++b9: MOV rCX/r9,Iv
8205 ++ba: MOV rDX/r10,Iv
8206 ++bb: MOV rBX/r11,Iv
8207 ++bc: MOV rSP/r12,Iv
8208 ++bd: MOV rBP/r13,Iv
8209 ++be: MOV rSI/r14,Iv
8210 ++bf: MOV rDI/r15,Iv
8211 ++# 0xc0 - 0xcf
8212 ++c0: Grp2 Eb,Ib (1A)
8213 ++c1: Grp2 Ev,Ib (1A)
8214 ++c2: RETN Iw (f64)
8215 ++c3: RETN
8216 ++c4: LES Gz,Mp (i64) | VEX+2byte (Prefix)
8217 ++c5: LDS Gz,Mp (i64) | VEX+1byte (Prefix)
8218 ++c6: Grp11A Eb,Ib (1A)
8219 ++c7: Grp11B Ev,Iz (1A)
8220 ++c8: ENTER Iw,Ib
8221 ++c9: LEAVE (d64)
8222 ++ca: RETF Iw
8223 ++cb: RETF
8224 ++cc: INT3
8225 ++cd: INT Ib
8226 ++ce: INTO (i64)
8227 ++cf: IRET/D/Q
8228 ++# 0xd0 - 0xdf
8229 ++d0: Grp2 Eb,1 (1A)
8230 ++d1: Grp2 Ev,1 (1A)
8231 ++d2: Grp2 Eb,CL (1A)
8232 ++d3: Grp2 Ev,CL (1A)
8233 ++d4: AAM Ib (i64)
8234 ++d5: AAD Ib (i64)
8235 ++d6:
8236 ++d7: XLAT/XLATB
8237 ++d8: ESC
8238 ++d9: ESC
8239 ++da: ESC
8240 ++db: ESC
8241 ++dc: ESC
8242 ++dd: ESC
8243 ++de: ESC
8244 ++df: ESC
8245 ++# 0xe0 - 0xef
8246 ++# Note: "forced64" is Intel CPU behavior: they ignore 0x66 prefix
8247 ++# in 64-bit mode. AMD CPUs accept 0x66 prefix, it causes RIP truncation
8248 ++# to 16 bits. In 32-bit mode, 0x66 is accepted by both Intel and AMD.
8249 ++e0: LOOPNE/LOOPNZ Jb (f64)
8250 ++e1: LOOPE/LOOPZ Jb (f64)
8251 ++e2: LOOP Jb (f64)
8252 ++e3: JrCXZ Jb (f64)
8253 ++e4: IN AL,Ib
8254 ++e5: IN eAX,Ib
8255 ++e6: OUT Ib,AL
8256 ++e7: OUT Ib,eAX
8257 ++# With 0x66 prefix in 64-bit mode, for AMD CPUs immediate offset
8258 ++# in "near" jumps and calls is 16-bit. For CALL,
8259 ++# push of return address is 16-bit wide, RSP is decremented by 2
8260 ++# but is not truncated to 16 bits, unlike RIP.
8261 ++e8: CALL Jz (f64)
8262 ++e9: JMP-near Jz (f64)
8263 ++ea: JMP-far Ap (i64)
8264 ++eb: JMP-short Jb (f64)
8265 ++ec: IN AL,DX
8266 ++ed: IN eAX,DX
8267 ++ee: OUT DX,AL
8268 ++ef: OUT DX,eAX
8269 ++# 0xf0 - 0xff
8270 ++f0: LOCK (Prefix)
8271 ++f1:
8272 ++f2: REPNE (Prefix) | XACQUIRE (Prefix)
8273 ++f3: REP/REPE (Prefix) | XRELEASE (Prefix)
8274 ++f4: HLT
8275 ++f5: CMC
8276 ++f6: Grp3_1 Eb (1A)
8277 ++f7: Grp3_2 Ev (1A)
8278 ++f8: CLC
8279 ++f9: STC
8280 ++fa: CLI
8281 ++fb: STI
8282 ++fc: CLD
8283 ++fd: STD
8284 ++fe: Grp4 (1A)
8285 ++ff: Grp5 (1A)
8286 ++EndTable
8287 ++
8288 ++Table: 2-byte opcode (0x0f)
8289 ++Referrer: 2-byte escape
8290 ++AVXcode: 1
8291 ++# 0x0f 0x00-0x0f
8292 ++00: Grp6 (1A)
8293 ++01: Grp7 (1A)
8294 ++02: LAR Gv,Ew
8295 ++03: LSL Gv,Ew
8296 ++04:
8297 ++05: SYSCALL (o64)
8298 ++06: CLTS
8299 ++07: SYSRET (o64)
8300 ++08: INVD
8301 ++09: WBINVD
8302 ++0a:
8303 ++0b: UD2 (1B)
8304 ++0c:
8305 ++# AMD's prefetch group. Intel supports prefetchw(/1) only.
8306 ++0d: GrpP
8307 ++0e: FEMMS
8308 ++# 3DNow! uses the last imm byte as opcode extension.
8309 ++0f: 3DNow! Pq,Qq,Ib
8310 ++# 0x0f 0x10-0x1f
8311 ++# NOTE: According to Intel SDM opcode map, vmovups and vmovupd has no operands
8312 ++# but it actually has operands. And also, vmovss and vmovsd only accept 128bit.
8313 ++# MOVSS/MOVSD has too many forms(3) on SDM. This map just shows a typical form.
8314 ++# Many AVX instructions lack v1 superscript, according to Intel AVX-Prgramming
8315 ++# Reference A.1
8316 ++10: vmovups Vps,Wps | vmovupd Vpd,Wpd (66) | vmovss Vx,Hx,Wss (F3),(v1) | vmovsd Vx,Hx,Wsd (F2),(v1)
8317 ++11: vmovups Wps,Vps | vmovupd Wpd,Vpd (66) | vmovss Wss,Hx,Vss (F3),(v1) | vmovsd Wsd,Hx,Vsd (F2),(v1)
8318 ++12: vmovlps Vq,Hq,Mq (v1) | vmovhlps Vq,Hq,Uq (v1) | vmovlpd Vq,Hq,Mq (66),(v1) | vmovsldup Vx,Wx (F3) | vmovddup Vx,Wx (F2)
8319 ++13: vmovlps Mq,Vq (v1) | vmovlpd Mq,Vq (66),(v1)
8320 ++14: vunpcklps Vx,Hx,Wx | vunpcklpd Vx,Hx,Wx (66)
8321 ++15: vunpckhps Vx,Hx,Wx | vunpckhpd Vx,Hx,Wx (66)
8322 ++16: vmovhps Vdq,Hq,Mq (v1) | vmovlhps Vdq,Hq,Uq (v1) | vmovhpd Vdq,Hq,Mq (66),(v1) | vmovshdup Vx,Wx (F3)
8323 ++17: vmovhps Mq,Vq (v1) | vmovhpd Mq,Vq (66),(v1)
8324 ++18: Grp16 (1A)
8325 ++19:
8326 ++# Intel SDM opcode map does not list MPX instructions. For now using Gv for
8327 ++# bnd registers and Ev for everything else is OK because the instruction
8328 ++# decoder does not use the information except as an indication that there is
8329 ++# a ModR/M byte.
8330 ++1a: BNDCL Gv,Ev (F3) | BNDCU Gv,Ev (F2) | BNDMOV Gv,Ev (66) | BNDLDX Gv,Ev
8331 ++1b: BNDCN Gv,Ev (F2) | BNDMOV Ev,Gv (66) | BNDMK Gv,Ev (F3) | BNDSTX Ev,Gv
8332 ++1c:
8333 ++1d:
8334 ++1e:
8335 ++1f: NOP Ev
8336 ++# 0x0f 0x20-0x2f
8337 ++20: MOV Rd,Cd
8338 ++21: MOV Rd,Dd
8339 ++22: MOV Cd,Rd
8340 ++23: MOV Dd,Rd
8341 ++24:
8342 ++25:
8343 ++26:
8344 ++27:
8345 ++28: vmovaps Vps,Wps | vmovapd Vpd,Wpd (66)
8346 ++29: vmovaps Wps,Vps | vmovapd Wpd,Vpd (66)
8347 ++2a: cvtpi2ps Vps,Qpi | cvtpi2pd Vpd,Qpi (66) | vcvtsi2ss Vss,Hss,Ey (F3),(v1) | vcvtsi2sd Vsd,Hsd,Ey (F2),(v1)
8348 ++2b: vmovntps Mps,Vps | vmovntpd Mpd,Vpd (66)
8349 ++2c: cvttps2pi Ppi,Wps | cvttpd2pi Ppi,Wpd (66) | vcvttss2si Gy,Wss (F3),(v1) | vcvttsd2si Gy,Wsd (F2),(v1)
8350 ++2d: cvtps2pi Ppi,Wps | cvtpd2pi Qpi,Wpd (66) | vcvtss2si Gy,Wss (F3),(v1) | vcvtsd2si Gy,Wsd (F2),(v1)
8351 ++2e: vucomiss Vss,Wss (v1) | vucomisd Vsd,Wsd (66),(v1)
8352 ++2f: vcomiss Vss,Wss (v1) | vcomisd Vsd,Wsd (66),(v1)
8353 ++# 0x0f 0x30-0x3f
8354 ++30: WRMSR
8355 ++31: RDTSC
8356 ++32: RDMSR
8357 ++33: RDPMC
8358 ++34: SYSENTER
8359 ++35: SYSEXIT
8360 ++36:
8361 ++37: GETSEC
8362 ++38: escape # 3-byte escape 1
8363 ++39:
8364 ++3a: escape # 3-byte escape 2
8365 ++3b:
8366 ++3c:
8367 ++3d:
8368 ++3e:
8369 ++3f:
8370 ++# 0x0f 0x40-0x4f
8371 ++40: CMOVO Gv,Ev
8372 ++41: CMOVNO Gv,Ev | kandw/q Vk,Hk,Uk | kandb/d Vk,Hk,Uk (66)
8373 ++42: CMOVB/C/NAE Gv,Ev | kandnw/q Vk,Hk,Uk | kandnb/d Vk,Hk,Uk (66)
8374 ++43: CMOVAE/NB/NC Gv,Ev
8375 ++44: CMOVE/Z Gv,Ev | knotw/q Vk,Uk | knotb/d Vk,Uk (66)
8376 ++45: CMOVNE/NZ Gv,Ev | korw/q Vk,Hk,Uk | korb/d Vk,Hk,Uk (66)
8377 ++46: CMOVBE/NA Gv,Ev | kxnorw/q Vk,Hk,Uk | kxnorb/d Vk,Hk,Uk (66)
8378 ++47: CMOVA/NBE Gv,Ev | kxorw/q Vk,Hk,Uk | kxorb/d Vk,Hk,Uk (66)
8379 ++48: CMOVS Gv,Ev
8380 ++49: CMOVNS Gv,Ev
8381 ++4a: CMOVP/PE Gv,Ev | kaddw/q Vk,Hk,Uk | kaddb/d Vk,Hk,Uk (66)
8382 ++4b: CMOVNP/PO Gv,Ev | kunpckbw Vk,Hk,Uk (66) | kunpckwd/dq Vk,Hk,Uk
8383 ++4c: CMOVL/NGE Gv,Ev
8384 ++4d: CMOVNL/GE Gv,Ev
8385 ++4e: CMOVLE/NG Gv,Ev
8386 ++4f: CMOVNLE/G Gv,Ev
8387 ++# 0x0f 0x50-0x5f
8388 ++50: vmovmskps Gy,Ups | vmovmskpd Gy,Upd (66)
8389 ++51: vsqrtps Vps,Wps | vsqrtpd Vpd,Wpd (66) | vsqrtss Vss,Hss,Wss (F3),(v1) | vsqrtsd Vsd,Hsd,Wsd (F2),(v1)
8390 ++52: vrsqrtps Vps,Wps | vrsqrtss Vss,Hss,Wss (F3),(v1)
8391 ++53: vrcpps Vps,Wps | vrcpss Vss,Hss,Wss (F3),(v1)
8392 ++54: vandps Vps,Hps,Wps | vandpd Vpd,Hpd,Wpd (66)
8393 ++55: vandnps Vps,Hps,Wps | vandnpd Vpd,Hpd,Wpd (66)
8394 ++56: vorps Vps,Hps,Wps | vorpd Vpd,Hpd,Wpd (66)
8395 ++57: vxorps Vps,Hps,Wps | vxorpd Vpd,Hpd,Wpd (66)
8396 ++58: vaddps Vps,Hps,Wps | vaddpd Vpd,Hpd,Wpd (66) | vaddss Vss,Hss,Wss (F3),(v1) | vaddsd Vsd,Hsd,Wsd (F2),(v1)
8397 ++59: vmulps Vps,Hps,Wps | vmulpd Vpd,Hpd,Wpd (66) | vmulss Vss,Hss,Wss (F3),(v1) | vmulsd Vsd,Hsd,Wsd (F2),(v1)
8398 ++5a: vcvtps2pd Vpd,Wps | vcvtpd2ps Vps,Wpd (66) | vcvtss2sd Vsd,Hx,Wss (F3),(v1) | vcvtsd2ss Vss,Hx,Wsd (F2),(v1)
8399 ++5b: vcvtdq2ps Vps,Wdq | vcvtqq2ps Vps,Wqq (evo) | vcvtps2dq Vdq,Wps (66) | vcvttps2dq Vdq,Wps (F3)
8400 ++5c: vsubps Vps,Hps,Wps | vsubpd Vpd,Hpd,Wpd (66) | vsubss Vss,Hss,Wss (F3),(v1) | vsubsd Vsd,Hsd,Wsd (F2),(v1)
8401 ++5d: vminps Vps,Hps,Wps | vminpd Vpd,Hpd,Wpd (66) | vminss Vss,Hss,Wss (F3),(v1) | vminsd Vsd,Hsd,Wsd (F2),(v1)
8402 ++5e: vdivps Vps,Hps,Wps | vdivpd Vpd,Hpd,Wpd (66) | vdivss Vss,Hss,Wss (F3),(v1) | vdivsd Vsd,Hsd,Wsd (F2),(v1)
8403 ++5f: vmaxps Vps,Hps,Wps | vmaxpd Vpd,Hpd,Wpd (66) | vmaxss Vss,Hss,Wss (F3),(v1) | vmaxsd Vsd,Hsd,Wsd (F2),(v1)
8404 ++# 0x0f 0x60-0x6f
8405 ++60: punpcklbw Pq,Qd | vpunpcklbw Vx,Hx,Wx (66),(v1)
8406 ++61: punpcklwd Pq,Qd | vpunpcklwd Vx,Hx,Wx (66),(v1)
8407 ++62: punpckldq Pq,Qd | vpunpckldq Vx,Hx,Wx (66),(v1)
8408 ++63: packsswb Pq,Qq | vpacksswb Vx,Hx,Wx (66),(v1)
8409 ++64: pcmpgtb Pq,Qq | vpcmpgtb Vx,Hx,Wx (66),(v1)
8410 ++65: pcmpgtw Pq,Qq | vpcmpgtw Vx,Hx,Wx (66),(v1)
8411 ++66: pcmpgtd Pq,Qq | vpcmpgtd Vx,Hx,Wx (66),(v1)
8412 ++67: packuswb Pq,Qq | vpackuswb Vx,Hx,Wx (66),(v1)
8413 ++68: punpckhbw Pq,Qd | vpunpckhbw Vx,Hx,Wx (66),(v1)
8414 ++69: punpckhwd Pq,Qd | vpunpckhwd Vx,Hx,Wx (66),(v1)
8415 ++6a: punpckhdq Pq,Qd | vpunpckhdq Vx,Hx,Wx (66),(v1)
8416 ++6b: packssdw Pq,Qd | vpackssdw Vx,Hx,Wx (66),(v1)
8417 ++6c: vpunpcklqdq Vx,Hx,Wx (66),(v1)
8418 ++6d: vpunpckhqdq Vx,Hx,Wx (66),(v1)
8419 ++6e: movd/q Pd,Ey | vmovd/q Vy,Ey (66),(v1)
8420 ++6f: movq Pq,Qq | vmovdqa Vx,Wx (66) | vmovdqa32/64 Vx,Wx (66),(evo) | vmovdqu Vx,Wx (F3) | vmovdqu32/64 Vx,Wx (F3),(evo) | vmovdqu8/16 Vx,Wx (F2),(ev)
8421 ++# 0x0f 0x70-0x7f
8422 ++70: pshufw Pq,Qq,Ib | vpshufd Vx,Wx,Ib (66),(v1) | vpshufhw Vx,Wx,Ib (F3),(v1) | vpshuflw Vx,Wx,Ib (F2),(v1)
8423 ++71: Grp12 (1A)
8424 ++72: Grp13 (1A)
8425 ++73: Grp14 (1A)
8426 ++74: pcmpeqb Pq,Qq | vpcmpeqb Vx,Hx,Wx (66),(v1)
8427 ++75: pcmpeqw Pq,Qq | vpcmpeqw Vx,Hx,Wx (66),(v1)
8428 ++76: pcmpeqd Pq,Qq | vpcmpeqd Vx,Hx,Wx (66),(v1)
8429 ++# Note: Remove (v), because vzeroall and vzeroupper becomes emms without VEX.
8430 ++77: emms | vzeroupper | vzeroall
8431 ++78: VMREAD Ey,Gy | vcvttps2udq/pd2udq Vx,Wpd (evo) | vcvttsd2usi Gv,Wx (F2),(ev) | vcvttss2usi Gv,Wx (F3),(ev) | vcvttps2uqq/pd2uqq Vx,Wx (66),(ev)
8432 ++79: VMWRITE Gy,Ey | vcvtps2udq/pd2udq Vx,Wpd (evo) | vcvtsd2usi Gv,Wx (F2),(ev) | vcvtss2usi Gv,Wx (F3),(ev) | vcvtps2uqq/pd2uqq Vx,Wx (66),(ev)
8433 ++7a: vcvtudq2pd/uqq2pd Vpd,Wx (F3),(ev) | vcvtudq2ps/uqq2ps Vpd,Wx (F2),(ev) | vcvttps2qq/pd2qq Vx,Wx (66),(ev)
8434 ++7b: vcvtusi2sd Vpd,Hpd,Ev (F2),(ev) | vcvtusi2ss Vps,Hps,Ev (F3),(ev) | vcvtps2qq/pd2qq Vx,Wx (66),(ev)
8435 ++7c: vhaddpd Vpd,Hpd,Wpd (66) | vhaddps Vps,Hps,Wps (F2)
8436 ++7d: vhsubpd Vpd,Hpd,Wpd (66) | vhsubps Vps,Hps,Wps (F2)
8437 ++7e: movd/q Ey,Pd | vmovd/q Ey,Vy (66),(v1) | vmovq Vq,Wq (F3),(v1)
8438 ++7f: movq Qq,Pq | vmovdqa Wx,Vx (66) | vmovdqa32/64 Wx,Vx (66),(evo) | vmovdqu Wx,Vx (F3) | vmovdqu32/64 Wx,Vx (F3),(evo) | vmovdqu8/16 Wx,Vx (F2),(ev)
8439 ++# 0x0f 0x80-0x8f
8440 ++# Note: "forced64" is Intel CPU behavior (see comment about CALL insn).
8441 ++80: JO Jz (f64)
8442 ++81: JNO Jz (f64)
8443 ++82: JB/JC/JNAE Jz (f64)
8444 ++83: JAE/JNB/JNC Jz (f64)
8445 ++84: JE/JZ Jz (f64)
8446 ++85: JNE/JNZ Jz (f64)
8447 ++86: JBE/JNA Jz (f64)
8448 ++87: JA/JNBE Jz (f64)
8449 ++88: JS Jz (f64)
8450 ++89: JNS Jz (f64)
8451 ++8a: JP/JPE Jz (f64)
8452 ++8b: JNP/JPO Jz (f64)
8453 ++8c: JL/JNGE Jz (f64)
8454 ++8d: JNL/JGE Jz (f64)
8455 ++8e: JLE/JNG Jz (f64)
8456 ++8f: JNLE/JG Jz (f64)
8457 ++# 0x0f 0x90-0x9f
8458 ++90: SETO Eb | kmovw/q Vk,Wk | kmovb/d Vk,Wk (66)
8459 ++91: SETNO Eb | kmovw/q Mv,Vk | kmovb/d Mv,Vk (66)
8460 ++92: SETB/C/NAE Eb | kmovw Vk,Rv | kmovb Vk,Rv (66) | kmovq/d Vk,Rv (F2)
8461 ++93: SETAE/NB/NC Eb | kmovw Gv,Uk | kmovb Gv,Uk (66) | kmovq/d Gv,Uk (F2)
8462 ++94: SETE/Z Eb
8463 ++95: SETNE/NZ Eb
8464 ++96: SETBE/NA Eb
8465 ++97: SETA/NBE Eb
8466 ++98: SETS Eb | kortestw/q Vk,Uk | kortestb/d Vk,Uk (66)
8467 ++99: SETNS Eb | ktestw/q Vk,Uk | ktestb/d Vk,Uk (66)
8468 ++9a: SETP/PE Eb
8469 ++9b: SETNP/PO Eb
8470 ++9c: SETL/NGE Eb
8471 ++9d: SETNL/GE Eb
8472 ++9e: SETLE/NG Eb
8473 ++9f: SETNLE/G Eb
8474 ++# 0x0f 0xa0-0xaf
8475 ++a0: PUSH FS (d64)
8476 ++a1: POP FS (d64)
8477 ++a2: CPUID
8478 ++a3: BT Ev,Gv
8479 ++a4: SHLD Ev,Gv,Ib
8480 ++a5: SHLD Ev,Gv,CL
8481 ++a6: GrpPDLK
8482 ++a7: GrpRNG
8483 ++a8: PUSH GS (d64)
8484 ++a9: POP GS (d64)
8485 ++aa: RSM
8486 ++ab: BTS Ev,Gv
8487 ++ac: SHRD Ev,Gv,Ib
8488 ++ad: SHRD Ev,Gv,CL
8489 ++ae: Grp15 (1A),(1C)
8490 ++af: IMUL Gv,Ev
8491 ++# 0x0f 0xb0-0xbf
8492 ++b0: CMPXCHG Eb,Gb
8493 ++b1: CMPXCHG Ev,Gv
8494 ++b2: LSS Gv,Mp
8495 ++b3: BTR Ev,Gv
8496 ++b4: LFS Gv,Mp
8497 ++b5: LGS Gv,Mp
8498 ++b6: MOVZX Gv,Eb
8499 ++b7: MOVZX Gv,Ew
8500 ++b8: JMPE (!F3) | POPCNT Gv,Ev (F3)
8501 ++b9: Grp10 (1A)
8502 ++ba: Grp8 Ev,Ib (1A)
8503 ++bb: BTC Ev,Gv
8504 ++bc: BSF Gv,Ev (!F3) | TZCNT Gv,Ev (F3)
8505 ++bd: BSR Gv,Ev (!F3) | LZCNT Gv,Ev (F3)
8506 ++be: MOVSX Gv,Eb
8507 ++bf: MOVSX Gv,Ew
8508 ++# 0x0f 0xc0-0xcf
8509 ++c0: XADD Eb,Gb
8510 ++c1: XADD Ev,Gv
8511 ++c2: vcmpps Vps,Hps,Wps,Ib | vcmppd Vpd,Hpd,Wpd,Ib (66) | vcmpss Vss,Hss,Wss,Ib (F3),(v1) | vcmpsd Vsd,Hsd,Wsd,Ib (F2),(v1)
8512 ++c3: movnti My,Gy
8513 ++c4: pinsrw Pq,Ry/Mw,Ib | vpinsrw Vdq,Hdq,Ry/Mw,Ib (66),(v1)
8514 ++c5: pextrw Gd,Nq,Ib | vpextrw Gd,Udq,Ib (66),(v1)
8515 ++c6: vshufps Vps,Hps,Wps,Ib | vshufpd Vpd,Hpd,Wpd,Ib (66)
8516 ++c7: Grp9 (1A)
8517 ++c8: BSWAP RAX/EAX/R8/R8D
8518 ++c9: BSWAP RCX/ECX/R9/R9D
8519 ++ca: BSWAP RDX/EDX/R10/R10D
8520 ++cb: BSWAP RBX/EBX/R11/R11D
8521 ++cc: BSWAP RSP/ESP/R12/R12D
8522 ++cd: BSWAP RBP/EBP/R13/R13D
8523 ++ce: BSWAP RSI/ESI/R14/R14D
8524 ++cf: BSWAP RDI/EDI/R15/R15D
8525 ++# 0x0f 0xd0-0xdf
8526 ++d0: vaddsubpd Vpd,Hpd,Wpd (66) | vaddsubps Vps,Hps,Wps (F2)
8527 ++d1: psrlw Pq,Qq | vpsrlw Vx,Hx,Wx (66),(v1)
8528 ++d2: psrld Pq,Qq | vpsrld Vx,Hx,Wx (66),(v1)
8529 ++d3: psrlq Pq,Qq | vpsrlq Vx,Hx,Wx (66),(v1)
8530 ++d4: paddq Pq,Qq | vpaddq Vx,Hx,Wx (66),(v1)
8531 ++d5: pmullw Pq,Qq | vpmullw Vx,Hx,Wx (66),(v1)
8532 ++d6: vmovq Wq,Vq (66),(v1) | movq2dq Vdq,Nq (F3) | movdq2q Pq,Uq (F2)
8533 ++d7: pmovmskb Gd,Nq | vpmovmskb Gd,Ux (66),(v1)
8534 ++d8: psubusb Pq,Qq | vpsubusb Vx,Hx,Wx (66),(v1)
8535 ++d9: psubusw Pq,Qq | vpsubusw Vx,Hx,Wx (66),(v1)
8536 ++da: pminub Pq,Qq | vpminub Vx,Hx,Wx (66),(v1)
8537 ++db: pand Pq,Qq | vpand Vx,Hx,Wx (66),(v1) | vpandd/q Vx,Hx,Wx (66),(evo)
8538 ++dc: paddusb Pq,Qq | vpaddusb Vx,Hx,Wx (66),(v1)
8539 ++dd: paddusw Pq,Qq | vpaddusw Vx,Hx,Wx (66),(v1)
8540 ++de: pmaxub Pq,Qq | vpmaxub Vx,Hx,Wx (66),(v1)
8541 ++df: pandn Pq,Qq | vpandn Vx,Hx,Wx (66),(v1) | vpandnd/q Vx,Hx,Wx (66),(evo)
8542 ++# 0x0f 0xe0-0xef
8543 ++e0: pavgb Pq,Qq | vpavgb Vx,Hx,Wx (66),(v1)
8544 ++e1: psraw Pq,Qq | vpsraw Vx,Hx,Wx (66),(v1)
8545 ++e2: psrad Pq,Qq | vpsrad Vx,Hx,Wx (66),(v1)
8546 ++e3: pavgw Pq,Qq | vpavgw Vx,Hx,Wx (66),(v1)
8547 ++e4: pmulhuw Pq,Qq | vpmulhuw Vx,Hx,Wx (66),(v1)
8548 ++e5: pmulhw Pq,Qq | vpmulhw Vx,Hx,Wx (66),(v1)
8549 ++e6: vcvttpd2dq Vx,Wpd (66) | vcvtdq2pd Vx,Wdq (F3) | vcvtdq2pd/qq2pd Vx,Wdq (F3),(evo) | vcvtpd2dq Vx,Wpd (F2)
8550 ++e7: movntq Mq,Pq | vmovntdq Mx,Vx (66)
8551 ++e8: psubsb Pq,Qq | vpsubsb Vx,Hx,Wx (66),(v1)
8552 ++e9: psubsw Pq,Qq | vpsubsw Vx,Hx,Wx (66),(v1)
8553 ++ea: pminsw Pq,Qq | vpminsw Vx,Hx,Wx (66),(v1)
8554 ++eb: por Pq,Qq | vpor Vx,Hx,Wx (66),(v1) | vpord/q Vx,Hx,Wx (66),(evo)
8555 ++ec: paddsb Pq,Qq | vpaddsb Vx,Hx,Wx (66),(v1)
8556 ++ed: paddsw Pq,Qq | vpaddsw Vx,Hx,Wx (66),(v1)
8557 ++ee: pmaxsw Pq,Qq | vpmaxsw Vx,Hx,Wx (66),(v1)
8558 ++ef: pxor Pq,Qq | vpxor Vx,Hx,Wx (66),(v1) | vpxord/q Vx,Hx,Wx (66),(evo)
8559 ++# 0x0f 0xf0-0xff
8560 ++f0: vlddqu Vx,Mx (F2)
8561 ++f1: psllw Pq,Qq | vpsllw Vx,Hx,Wx (66),(v1)
8562 ++f2: pslld Pq,Qq | vpslld Vx,Hx,Wx (66),(v1)
8563 ++f3: psllq Pq,Qq | vpsllq Vx,Hx,Wx (66),(v1)
8564 ++f4: pmuludq Pq,Qq | vpmuludq Vx,Hx,Wx (66),(v1)
8565 ++f5: pmaddwd Pq,Qq | vpmaddwd Vx,Hx,Wx (66),(v1)
8566 ++f6: psadbw Pq,Qq | vpsadbw Vx,Hx,Wx (66),(v1)
8567 ++f7: maskmovq Pq,Nq | vmaskmovdqu Vx,Ux (66),(v1)
8568 ++f8: psubb Pq,Qq | vpsubb Vx,Hx,Wx (66),(v1)
8569 ++f9: psubw Pq,Qq | vpsubw Vx,Hx,Wx (66),(v1)
8570 ++fa: psubd Pq,Qq | vpsubd Vx,Hx,Wx (66),(v1)
8571 ++fb: psubq Pq,Qq | vpsubq Vx,Hx,Wx (66),(v1)
8572 ++fc: paddb Pq,Qq | vpaddb Vx,Hx,Wx (66),(v1)
8573 ++fd: paddw Pq,Qq | vpaddw Vx,Hx,Wx (66),(v1)
8574 ++fe: paddd Pq,Qq | vpaddd Vx,Hx,Wx (66),(v1)
8575 ++ff: UD0
8576 ++EndTable
8577 ++
8578 ++Table: 3-byte opcode 1 (0x0f 0x38)
8579 ++Referrer: 3-byte escape 1
8580 ++AVXcode: 2
8581 ++# 0x0f 0x38 0x00-0x0f
8582 ++00: pshufb Pq,Qq | vpshufb Vx,Hx,Wx (66),(v1)
8583 ++01: phaddw Pq,Qq | vphaddw Vx,Hx,Wx (66),(v1)
8584 ++02: phaddd Pq,Qq | vphaddd Vx,Hx,Wx (66),(v1)
8585 ++03: phaddsw Pq,Qq | vphaddsw Vx,Hx,Wx (66),(v1)
8586 ++04: pmaddubsw Pq,Qq | vpmaddubsw Vx,Hx,Wx (66),(v1)
8587 ++05: phsubw Pq,Qq | vphsubw Vx,Hx,Wx (66),(v1)
8588 ++06: phsubd Pq,Qq | vphsubd Vx,Hx,Wx (66),(v1)
8589 ++07: phsubsw Pq,Qq | vphsubsw Vx,Hx,Wx (66),(v1)
8590 ++08: psignb Pq,Qq | vpsignb Vx,Hx,Wx (66),(v1)
8591 ++09: psignw Pq,Qq | vpsignw Vx,Hx,Wx (66),(v1)
8592 ++0a: psignd Pq,Qq | vpsignd Vx,Hx,Wx (66),(v1)
8593 ++0b: pmulhrsw Pq,Qq | vpmulhrsw Vx,Hx,Wx (66),(v1)
8594 ++0c: vpermilps Vx,Hx,Wx (66),(v)
8595 ++0d: vpermilpd Vx,Hx,Wx (66),(v)
8596 ++0e: vtestps Vx,Wx (66),(v)
8597 ++0f: vtestpd Vx,Wx (66),(v)
8598 ++# 0x0f 0x38 0x10-0x1f
8599 ++10: pblendvb Vdq,Wdq (66) | vpsrlvw Vx,Hx,Wx (66),(evo) | vpmovuswb Wx,Vx (F3),(ev)
8600 ++11: vpmovusdb Wx,Vd (F3),(ev) | vpsravw Vx,Hx,Wx (66),(ev)
8601 ++12: vpmovusqb Wx,Vq (F3),(ev) | vpsllvw Vx,Hx,Wx (66),(ev)
8602 ++13: vcvtph2ps Vx,Wx (66),(v) | vpmovusdw Wx,Vd (F3),(ev)
8603 ++14: blendvps Vdq,Wdq (66) | vpmovusqw Wx,Vq (F3),(ev) | vprorvd/q Vx,Hx,Wx (66),(evo)
8604 ++15: blendvpd Vdq,Wdq (66) | vpmovusqd Wx,Vq (F3),(ev) | vprolvd/q Vx,Hx,Wx (66),(evo)
8605 ++16: vpermps Vqq,Hqq,Wqq (66),(v) | vpermps/d Vqq,Hqq,Wqq (66),(evo)
8606 ++17: vptest Vx,Wx (66)
8607 ++18: vbroadcastss Vx,Wd (66),(v)
8608 ++19: vbroadcastsd Vqq,Wq (66),(v) | vbroadcastf32x2 Vqq,Wq (66),(evo)
8609 ++1a: vbroadcastf128 Vqq,Mdq (66),(v) | vbroadcastf32x4/64x2 Vqq,Wq (66),(evo)
8610 ++1b: vbroadcastf32x8/64x4 Vqq,Mdq (66),(ev)
8611 ++1c: pabsb Pq,Qq | vpabsb Vx,Wx (66),(v1)
8612 ++1d: pabsw Pq,Qq | vpabsw Vx,Wx (66),(v1)
8613 ++1e: pabsd Pq,Qq | vpabsd Vx,Wx (66),(v1)
8614 ++1f: vpabsq Vx,Wx (66),(ev)
8615 ++# 0x0f 0x38 0x20-0x2f
8616 ++20: vpmovsxbw Vx,Ux/Mq (66),(v1) | vpmovswb Wx,Vx (F3),(ev)
8617 ++21: vpmovsxbd Vx,Ux/Md (66),(v1) | vpmovsdb Wx,Vd (F3),(ev)
8618 ++22: vpmovsxbq Vx,Ux/Mw (66),(v1) | vpmovsqb Wx,Vq (F3),(ev)
8619 ++23: vpmovsxwd Vx,Ux/Mq (66),(v1) | vpmovsdw Wx,Vd (F3),(ev)
8620 ++24: vpmovsxwq Vx,Ux/Md (66),(v1) | vpmovsqw Wx,Vq (F3),(ev)
8621 ++25: vpmovsxdq Vx,Ux/Mq (66),(v1) | vpmovsqd Wx,Vq (F3),(ev)
8622 ++26: vptestmb/w Vk,Hx,Wx (66),(ev) | vptestnmb/w Vk,Hx,Wx (F3),(ev)
8623 ++27: vptestmd/q Vk,Hx,Wx (66),(ev) | vptestnmd/q Vk,Hx,Wx (F3),(ev)
8624 ++28: vpmuldq Vx,Hx,Wx (66),(v1) | vpmovm2b/w Vx,Uk (F3),(ev)
8625 ++29: vpcmpeqq Vx,Hx,Wx (66),(v1) | vpmovb2m/w2m Vk,Ux (F3),(ev)
8626 ++2a: vmovntdqa Vx,Mx (66),(v1) | vpbroadcastmb2q Vx,Uk (F3),(ev)
8627 ++2b: vpackusdw Vx,Hx,Wx (66),(v1)
8628 ++2c: vmaskmovps Vx,Hx,Mx (66),(v) | vscalefps/d Vx,Hx,Wx (66),(evo)
8629 ++2d: vmaskmovpd Vx,Hx,Mx (66),(v) | vscalefss/d Vx,Hx,Wx (66),(evo)
8630 ++2e: vmaskmovps Mx,Hx,Vx (66),(v)
8631 ++2f: vmaskmovpd Mx,Hx,Vx (66),(v)
8632 ++# 0x0f 0x38 0x30-0x3f
8633 ++30: vpmovzxbw Vx,Ux/Mq (66),(v1) | vpmovwb Wx,Vx (F3),(ev)
8634 ++31: vpmovzxbd Vx,Ux/Md (66),(v1) | vpmovdb Wx,Vd (F3),(ev)
8635 ++32: vpmovzxbq Vx,Ux/Mw (66),(v1) | vpmovqb Wx,Vq (F3),(ev)
8636 ++33: vpmovzxwd Vx,Ux/Mq (66),(v1) | vpmovdw Wx,Vd (F3),(ev)
8637 ++34: vpmovzxwq Vx,Ux/Md (66),(v1) | vpmovqw Wx,Vq (F3),(ev)
8638 ++35: vpmovzxdq Vx,Ux/Mq (66),(v1) | vpmovqd Wx,Vq (F3),(ev)
8639 ++36: vpermd Vqq,Hqq,Wqq (66),(v) | vpermd/q Vqq,Hqq,Wqq (66),(evo)
8640 ++37: vpcmpgtq Vx,Hx,Wx (66),(v1)
8641 ++38: vpminsb Vx,Hx,Wx (66),(v1) | vpmovm2d/q Vx,Uk (F3),(ev)
8642 ++39: vpminsd Vx,Hx,Wx (66),(v1) | vpminsd/q Vx,Hx,Wx (66),(evo) | vpmovd2m/q2m Vk,Ux (F3),(ev)
8643 ++3a: vpminuw Vx,Hx,Wx (66),(v1) | vpbroadcastmw2d Vx,Uk (F3),(ev)
8644 ++3b: vpminud Vx,Hx,Wx (66),(v1) | vpminud/q Vx,Hx,Wx (66),(evo)
8645 ++3c: vpmaxsb Vx,Hx,Wx (66),(v1)
8646 ++3d: vpmaxsd Vx,Hx,Wx (66),(v1) | vpmaxsd/q Vx,Hx,Wx (66),(evo)
8647 ++3e: vpmaxuw Vx,Hx,Wx (66),(v1)
8648 ++3f: vpmaxud Vx,Hx,Wx (66),(v1) | vpmaxud/q Vx,Hx,Wx (66),(evo)
8649 ++# 0x0f 0x38 0x40-0x8f
8650 ++40: vpmulld Vx,Hx,Wx (66),(v1) | vpmulld/q Vx,Hx,Wx (66),(evo)
8651 ++41: vphminposuw Vdq,Wdq (66),(v1)
8652 ++42: vgetexpps/d Vx,Wx (66),(ev)
8653 ++43: vgetexpss/d Vx,Hx,Wx (66),(ev)
8654 ++44: vplzcntd/q Vx,Wx (66),(ev)
8655 ++45: vpsrlvd/q Vx,Hx,Wx (66),(v)
8656 ++46: vpsravd Vx,Hx,Wx (66),(v) | vpsravd/q Vx,Hx,Wx (66),(evo)
8657 ++47: vpsllvd/q Vx,Hx,Wx (66),(v)
8658 ++# Skip 0x48-0x4b
8659 ++4c: vrcp14ps/d Vpd,Wpd (66),(ev)
8660 ++4d: vrcp14ss/d Vsd,Hpd,Wsd (66),(ev)
8661 ++4e: vrsqrt14ps/d Vpd,Wpd (66),(ev)
8662 ++4f: vrsqrt14ss/d Vsd,Hsd,Wsd (66),(ev)
8663 ++# Skip 0x50-0x57
8664 ++58: vpbroadcastd Vx,Wx (66),(v)
8665 ++59: vpbroadcastq Vx,Wx (66),(v) | vbroadcasti32x2 Vx,Wx (66),(evo)
8666 ++5a: vbroadcasti128 Vqq,Mdq (66),(v) | vbroadcasti32x4/64x2 Vx,Wx (66),(evo)
8667 ++5b: vbroadcasti32x8/64x4 Vqq,Mdq (66),(ev)
8668 ++# Skip 0x5c-0x63
8669 ++64: vpblendmd/q Vx,Hx,Wx (66),(ev)
8670 ++65: vblendmps/d Vx,Hx,Wx (66),(ev)
8671 ++66: vpblendmb/w Vx,Hx,Wx (66),(ev)
8672 ++# Skip 0x67-0x74
8673 ++75: vpermi2b/w Vx,Hx,Wx (66),(ev)
8674 ++76: vpermi2d/q Vx,Hx,Wx (66),(ev)
8675 ++77: vpermi2ps/d Vx,Hx,Wx (66),(ev)
8676 ++78: vpbroadcastb Vx,Wx (66),(v)
8677 ++79: vpbroadcastw Vx,Wx (66),(v)
8678 ++7a: vpbroadcastb Vx,Rv (66),(ev)
8679 ++7b: vpbroadcastw Vx,Rv (66),(ev)
8680 ++7c: vpbroadcastd/q Vx,Rv (66),(ev)
8681 ++7d: vpermt2b/w Vx,Hx,Wx (66),(ev)
8682 ++7e: vpermt2d/q Vx,Hx,Wx (66),(ev)
8683 ++7f: vpermt2ps/d Vx,Hx,Wx (66),(ev)
8684 ++80: INVEPT Gy,Mdq (66)
8685 ++81: INVVPID Gy,Mdq (66)
8686 ++82: INVPCID Gy,Mdq (66)
8687 ++83: vpmultishiftqb Vx,Hx,Wx (66),(ev)
8688 ++88: vexpandps/d Vpd,Wpd (66),(ev)
8689 ++89: vpexpandd/q Vx,Wx (66),(ev)
8690 ++8a: vcompressps/d Wx,Vx (66),(ev)
8691 ++8b: vpcompressd/q Wx,Vx (66),(ev)
8692 ++8c: vpmaskmovd/q Vx,Hx,Mx (66),(v)
8693 ++8d: vpermb/w Vx,Hx,Wx (66),(ev)
8694 ++8e: vpmaskmovd/q Mx,Vx,Hx (66),(v)
8695 ++# 0x0f 0x38 0x90-0xbf (FMA)
8696 ++90: vgatherdd/q Vx,Hx,Wx (66),(v) | vpgatherdd/q Vx,Wx (66),(evo)
8697 ++91: vgatherqd/q Vx,Hx,Wx (66),(v) | vpgatherqd/q Vx,Wx (66),(evo)
8698 ++92: vgatherdps/d Vx,Hx,Wx (66),(v)
8699 ++93: vgatherqps/d Vx,Hx,Wx (66),(v)
8700 ++94:
8701 ++95:
8702 ++96: vfmaddsub132ps/d Vx,Hx,Wx (66),(v)
8703 ++97: vfmsubadd132ps/d Vx,Hx,Wx (66),(v)
8704 ++98: vfmadd132ps/d Vx,Hx,Wx (66),(v)
8705 ++99: vfmadd132ss/d Vx,Hx,Wx (66),(v),(v1)
8706 ++9a: vfmsub132ps/d Vx,Hx,Wx (66),(v)
8707 ++9b: vfmsub132ss/d Vx,Hx,Wx (66),(v),(v1)
8708 ++9c: vfnmadd132ps/d Vx,Hx,Wx (66),(v)
8709 ++9d: vfnmadd132ss/d Vx,Hx,Wx (66),(v),(v1)
8710 ++9e: vfnmsub132ps/d Vx,Hx,Wx (66),(v)
8711 ++9f: vfnmsub132ss/d Vx,Hx,Wx (66),(v),(v1)
8712 ++a0: vpscatterdd/q Wx,Vx (66),(ev)
8713 ++a1: vpscatterqd/q Wx,Vx (66),(ev)
8714 ++a2: vscatterdps/d Wx,Vx (66),(ev)
8715 ++a3: vscatterqps/d Wx,Vx (66),(ev)
8716 ++a6: vfmaddsub213ps/d Vx,Hx,Wx (66),(v)
8717 ++a7: vfmsubadd213ps/d Vx,Hx,Wx (66),(v)
8718 ++a8: vfmadd213ps/d Vx,Hx,Wx (66),(v)
8719 ++a9: vfmadd213ss/d Vx,Hx,Wx (66),(v),(v1)
8720 ++aa: vfmsub213ps/d Vx,Hx,Wx (66),(v)
8721 ++ab: vfmsub213ss/d Vx,Hx,Wx (66),(v),(v1)
8722 ++ac: vfnmadd213ps/d Vx,Hx,Wx (66),(v)
8723 ++ad: vfnmadd213ss/d Vx,Hx,Wx (66),(v),(v1)
8724 ++ae: vfnmsub213ps/d Vx,Hx,Wx (66),(v)
8725 ++af: vfnmsub213ss/d Vx,Hx,Wx (66),(v),(v1)
8726 ++b4: vpmadd52luq Vx,Hx,Wx (66),(ev)
8727 ++b5: vpmadd52huq Vx,Hx,Wx (66),(ev)
8728 ++b6: vfmaddsub231ps/d Vx,Hx,Wx (66),(v)
8729 ++b7: vfmsubadd231ps/d Vx,Hx,Wx (66),(v)
8730 ++b8: vfmadd231ps/d Vx,Hx,Wx (66),(v)
8731 ++b9: vfmadd231ss/d Vx,Hx,Wx (66),(v),(v1)
8732 ++ba: vfmsub231ps/d Vx,Hx,Wx (66),(v)
8733 ++bb: vfmsub231ss/d Vx,Hx,Wx (66),(v),(v1)
8734 ++bc: vfnmadd231ps/d Vx,Hx,Wx (66),(v)
8735 ++bd: vfnmadd231ss/d Vx,Hx,Wx (66),(v),(v1)
8736 ++be: vfnmsub231ps/d Vx,Hx,Wx (66),(v)
8737 ++bf: vfnmsub231ss/d Vx,Hx,Wx (66),(v),(v1)
8738 ++# 0x0f 0x38 0xc0-0xff
8739 ++c4: vpconflictd/q Vx,Wx (66),(ev)
8740 ++c6: Grp18 (1A)
8741 ++c7: Grp19 (1A)
8742 ++c8: sha1nexte Vdq,Wdq | vexp2ps/d Vx,Wx (66),(ev)
8743 ++c9: sha1msg1 Vdq,Wdq
8744 ++ca: sha1msg2 Vdq,Wdq | vrcp28ps/d Vx,Wx (66),(ev)
8745 ++cb: sha256rnds2 Vdq,Wdq | vrcp28ss/d Vx,Hx,Wx (66),(ev)
8746 ++cc: sha256msg1 Vdq,Wdq | vrsqrt28ps/d Vx,Wx (66),(ev)
8747 ++cd: sha256msg2 Vdq,Wdq | vrsqrt28ss/d Vx,Hx,Wx (66),(ev)
8748 ++db: VAESIMC Vdq,Wdq (66),(v1)
8749 ++dc: VAESENC Vdq,Hdq,Wdq (66),(v1)
8750 ++dd: VAESENCLAST Vdq,Hdq,Wdq (66),(v1)
8751 ++de: VAESDEC Vdq,Hdq,Wdq (66),(v1)
8752 ++df: VAESDECLAST Vdq,Hdq,Wdq (66),(v1)
8753 ++f0: MOVBE Gy,My | MOVBE Gw,Mw (66) | CRC32 Gd,Eb (F2) | CRC32 Gd,Eb (66&F2)
8754 ++f1: MOVBE My,Gy | MOVBE Mw,Gw (66) | CRC32 Gd,Ey (F2) | CRC32 Gd,Ew (66&F2)
8755 ++f2: ANDN Gy,By,Ey (v)
8756 ++f3: Grp17 (1A)
8757 ++f5: BZHI Gy,Ey,By (v) | PEXT Gy,By,Ey (F3),(v) | PDEP Gy,By,Ey (F2),(v)
8758 ++f6: ADCX Gy,Ey (66) | ADOX Gy,Ey (F3) | MULX By,Gy,rDX,Ey (F2),(v)
8759 ++f7: BEXTR Gy,Ey,By (v) | SHLX Gy,Ey,By (66),(v) | SARX Gy,Ey,By (F3),(v) | SHRX Gy,Ey,By (F2),(v)
8760 ++EndTable
8761 ++
8762 ++Table: 3-byte opcode 2 (0x0f 0x3a)
8763 ++Referrer: 3-byte escape 2
8764 ++AVXcode: 3
8765 ++# 0x0f 0x3a 0x00-0xff
8766 ++00: vpermq Vqq,Wqq,Ib (66),(v)
8767 ++01: vpermpd Vqq,Wqq,Ib (66),(v)
8768 ++02: vpblendd Vx,Hx,Wx,Ib (66),(v)
8769 ++03: valignd/q Vx,Hx,Wx,Ib (66),(ev)
8770 ++04: vpermilps Vx,Wx,Ib (66),(v)
8771 ++05: vpermilpd Vx,Wx,Ib (66),(v)
8772 ++06: vperm2f128 Vqq,Hqq,Wqq,Ib (66),(v)
8773 ++07:
8774 ++08: vroundps Vx,Wx,Ib (66) | vrndscaleps Vx,Wx,Ib (66),(evo)
8775 ++09: vroundpd Vx,Wx,Ib (66) | vrndscalepd Vx,Wx,Ib (66),(evo)
8776 ++0a: vroundss Vss,Wss,Ib (66),(v1) | vrndscaless Vx,Hx,Wx,Ib (66),(evo)
8777 ++0b: vroundsd Vsd,Wsd,Ib (66),(v1) | vrndscalesd Vx,Hx,Wx,Ib (66),(evo)
8778 ++0c: vblendps Vx,Hx,Wx,Ib (66)
8779 ++0d: vblendpd Vx,Hx,Wx,Ib (66)
8780 ++0e: vpblendw Vx,Hx,Wx,Ib (66),(v1)
8781 ++0f: palignr Pq,Qq,Ib | vpalignr Vx,Hx,Wx,Ib (66),(v1)
8782 ++14: vpextrb Rd/Mb,Vdq,Ib (66),(v1)
8783 ++15: vpextrw Rd/Mw,Vdq,Ib (66),(v1)
8784 ++16: vpextrd/q Ey,Vdq,Ib (66),(v1)
8785 ++17: vextractps Ed,Vdq,Ib (66),(v1)
8786 ++18: vinsertf128 Vqq,Hqq,Wqq,Ib (66),(v) | vinsertf32x4/64x2 Vqq,Hqq,Wqq,Ib (66),(evo)
8787 ++19: vextractf128 Wdq,Vqq,Ib (66),(v) | vextractf32x4/64x2 Wdq,Vqq,Ib (66),(evo)
8788 ++1a: vinsertf32x8/64x4 Vqq,Hqq,Wqq,Ib (66),(ev)
8789 ++1b: vextractf32x8/64x4 Wdq,Vqq,Ib (66),(ev)
8790 ++1d: vcvtps2ph Wx,Vx,Ib (66),(v)
8791 ++1e: vpcmpud/q Vk,Hd,Wd,Ib (66),(ev)
8792 ++1f: vpcmpd/q Vk,Hd,Wd,Ib (66),(ev)
8793 ++20: vpinsrb Vdq,Hdq,Ry/Mb,Ib (66),(v1)
8794 ++21: vinsertps Vdq,Hdq,Udq/Md,Ib (66),(v1)
8795 ++22: vpinsrd/q Vdq,Hdq,Ey,Ib (66),(v1)
8796 ++23: vshuff32x4/64x2 Vx,Hx,Wx,Ib (66),(ev)
8797 ++25: vpternlogd/q Vx,Hx,Wx,Ib (66),(ev)
8798 ++26: vgetmantps/d Vx,Wx,Ib (66),(ev)
8799 ++27: vgetmantss/d Vx,Hx,Wx,Ib (66),(ev)
8800 ++30: kshiftrb/w Vk,Uk,Ib (66),(v)
8801 ++31: kshiftrd/q Vk,Uk,Ib (66),(v)
8802 ++32: kshiftlb/w Vk,Uk,Ib (66),(v)
8803 ++33: kshiftld/q Vk,Uk,Ib (66),(v)
8804 ++38: vinserti128 Vqq,Hqq,Wqq,Ib (66),(v) | vinserti32x4/64x2 Vqq,Hqq,Wqq,Ib (66),(evo)
8805 ++39: vextracti128 Wdq,Vqq,Ib (66),(v) | vextracti32x4/64x2 Wdq,Vqq,Ib (66),(evo)
8806 ++3a: vinserti32x8/64x4 Vqq,Hqq,Wqq,Ib (66),(ev)
8807 ++3b: vextracti32x8/64x4 Wdq,Vqq,Ib (66),(ev)
8808 ++3e: vpcmpub/w Vk,Hk,Wx,Ib (66),(ev)
8809 ++3f: vpcmpb/w Vk,Hk,Wx,Ib (66),(ev)
8810 ++40: vdpps Vx,Hx,Wx,Ib (66)
8811 ++41: vdppd Vdq,Hdq,Wdq,Ib (66),(v1)
8812 ++42: vmpsadbw Vx,Hx,Wx,Ib (66),(v1) | vdbpsadbw Vx,Hx,Wx,Ib (66),(evo)
8813 ++43: vshufi32x4/64x2 Vx,Hx,Wx,Ib (66),(ev)
8814 ++44: vpclmulqdq Vdq,Hdq,Wdq,Ib (66),(v1)
8815 ++46: vperm2i128 Vqq,Hqq,Wqq,Ib (66),(v)
8816 ++4a: vblendvps Vx,Hx,Wx,Lx (66),(v)
8817 ++4b: vblendvpd Vx,Hx,Wx,Lx (66),(v)
8818 ++4c: vpblendvb Vx,Hx,Wx,Lx (66),(v1)
8819 ++50: vrangeps/d Vx,Hx,Wx,Ib (66),(ev)
8820 ++51: vrangess/d Vx,Hx,Wx,Ib (66),(ev)
8821 ++54: vfixupimmps/d Vx,Hx,Wx,Ib (66),(ev)
8822 ++55: vfixupimmss/d Vx,Hx,Wx,Ib (66),(ev)
8823 ++56: vreduceps/d Vx,Wx,Ib (66),(ev)
8824 ++57: vreducess/d Vx,Hx,Wx,Ib (66),(ev)
8825 ++60: vpcmpestrm Vdq,Wdq,Ib (66),(v1)
8826 ++61: vpcmpestri Vdq,Wdq,Ib (66),(v1)
8827 ++62: vpcmpistrm Vdq,Wdq,Ib (66),(v1)
8828 ++63: vpcmpistri Vdq,Wdq,Ib (66),(v1)
8829 ++66: vfpclassps/d Vk,Wx,Ib (66),(ev)
8830 ++67: vfpclassss/d Vk,Wx,Ib (66),(ev)
8831 ++cc: sha1rnds4 Vdq,Wdq,Ib
8832 ++df: VAESKEYGEN Vdq,Wdq,Ib (66),(v1)
8833 ++f0: RORX Gy,Ey,Ib (F2),(v)
8834 ++EndTable
8835 ++
8836 ++GrpTable: Grp1
8837 ++0: ADD
8838 ++1: OR
8839 ++2: ADC
8840 ++3: SBB
8841 ++4: AND
8842 ++5: SUB
8843 ++6: XOR
8844 ++7: CMP
8845 ++EndTable
8846 ++
8847 ++GrpTable: Grp1A
8848 ++0: POP
8849 ++EndTable
8850 ++
8851 ++GrpTable: Grp2
8852 ++0: ROL
8853 ++1: ROR
8854 ++2: RCL
8855 ++3: RCR
8856 ++4: SHL/SAL
8857 ++5: SHR
8858 ++6:
8859 ++7: SAR
8860 ++EndTable
8861 ++
8862 ++GrpTable: Grp3_1
8863 ++0: TEST Eb,Ib
8864 ++1: TEST Eb,Ib
8865 ++2: NOT Eb
8866 ++3: NEG Eb
8867 ++4: MUL AL,Eb
8868 ++5: IMUL AL,Eb
8869 ++6: DIV AL,Eb
8870 ++7: IDIV AL,Eb
8871 ++EndTable
8872 ++
8873 ++GrpTable: Grp3_2
8874 ++0: TEST Ev,Iz
8875 ++1:
8876 ++2: NOT Ev
8877 ++3: NEG Ev
8878 ++4: MUL rAX,Ev
8879 ++5: IMUL rAX,Ev
8880 ++6: DIV rAX,Ev
8881 ++7: IDIV rAX,Ev
8882 ++EndTable
8883 ++
8884 ++GrpTable: Grp4
8885 ++0: INC Eb
8886 ++1: DEC Eb
8887 ++EndTable
8888 ++
8889 ++GrpTable: Grp5
8890 ++0: INC Ev
8891 ++1: DEC Ev
8892 ++# Note: "forced64" is Intel CPU behavior (see comment about CALL insn).
8893 ++2: CALLN Ev (f64)
8894 ++3: CALLF Ep
8895 ++4: JMPN Ev (f64)
8896 ++5: JMPF Mp
8897 ++6: PUSH Ev (d64)
8898 ++7:
8899 ++EndTable
8900 ++
8901 ++GrpTable: Grp6
8902 ++0: SLDT Rv/Mw
8903 ++1: STR Rv/Mw
8904 ++2: LLDT Ew
8905 ++3: LTR Ew
8906 ++4: VERR Ew
8907 ++5: VERW Ew
8908 ++EndTable
8909 ++
8910 ++GrpTable: Grp7
8911 ++0: SGDT Ms | VMCALL (001),(11B) | VMLAUNCH (010),(11B) | VMRESUME (011),(11B) | VMXOFF (100),(11B)
8912 ++1: SIDT Ms | MONITOR (000),(11B) | MWAIT (001),(11B) | CLAC (010),(11B) | STAC (011),(11B)
8913 ++2: LGDT Ms | XGETBV (000),(11B) | XSETBV (001),(11B) | VMFUNC (100),(11B) | XEND (101)(11B) | XTEST (110)(11B)
8914 ++3: LIDT Ms
8915 ++4: SMSW Mw/Rv
8916 ++5: rdpkru (110),(11B) | wrpkru (111),(11B)
8917 ++6: LMSW Ew
8918 ++7: INVLPG Mb | SWAPGS (o64),(000),(11B) | RDTSCP (001),(11B)
8919 ++EndTable
8920 ++
8921 ++GrpTable: Grp8
8922 ++4: BT
8923 ++5: BTS
8924 ++6: BTR
8925 ++7: BTC
8926 ++EndTable
8927 ++
8928 ++GrpTable: Grp9
8929 ++1: CMPXCHG8B/16B Mq/Mdq
8930 ++3: xrstors
8931 ++4: xsavec
8932 ++5: xsaves
8933 ++6: VMPTRLD Mq | VMCLEAR Mq (66) | VMXON Mq (F3) | RDRAND Rv (11B)
8934 ++7: VMPTRST Mq | VMPTRST Mq (F3) | RDSEED Rv (11B)
8935 ++EndTable
8936 ++
8937 ++GrpTable: Grp10
8938 ++# all are UD1
8939 ++0: UD1
8940 ++1: UD1
8941 ++2: UD1
8942 ++3: UD1
8943 ++4: UD1
8944 ++5: UD1
8945 ++6: UD1
8946 ++7: UD1
8947 ++EndTable
8948 ++
8949 ++# Grp11A and Grp11B are expressed as Grp11 in Intel SDM
8950 ++GrpTable: Grp11A
8951 ++0: MOV Eb,Ib
8952 ++7: XABORT Ib (000),(11B)
8953 ++EndTable
8954 ++
8955 ++GrpTable: Grp11B
8956 ++0: MOV Eb,Iz
8957 ++7: XBEGIN Jz (000),(11B)
8958 ++EndTable
8959 ++
8960 ++GrpTable: Grp12
8961 ++2: psrlw Nq,Ib (11B) | vpsrlw Hx,Ux,Ib (66),(11B),(v1)
8962 ++4: psraw Nq,Ib (11B) | vpsraw Hx,Ux,Ib (66),(11B),(v1)
8963 ++6: psllw Nq,Ib (11B) | vpsllw Hx,Ux,Ib (66),(11B),(v1)
8964 ++EndTable
8965 ++
8966 ++GrpTable: Grp13
8967 ++0: vprord/q Hx,Wx,Ib (66),(ev)
8968 ++1: vprold/q Hx,Wx,Ib (66),(ev)
8969 ++2: psrld Nq,Ib (11B) | vpsrld Hx,Ux,Ib (66),(11B),(v1)
8970 ++4: psrad Nq,Ib (11B) | vpsrad Hx,Ux,Ib (66),(11B),(v1) | vpsrad/q Hx,Ux,Ib (66),(evo)
8971 ++6: pslld Nq,Ib (11B) | vpslld Hx,Ux,Ib (66),(11B),(v1)
8972 ++EndTable
8973 ++
8974 ++GrpTable: Grp14
8975 ++2: psrlq Nq,Ib (11B) | vpsrlq Hx,Ux,Ib (66),(11B),(v1)
8976 ++3: vpsrldq Hx,Ux,Ib (66),(11B),(v1)
8977 ++6: psllq Nq,Ib (11B) | vpsllq Hx,Ux,Ib (66),(11B),(v1)
8978 ++7: vpslldq Hx,Ux,Ib (66),(11B),(v1)
8979 ++EndTable
8980 ++
8981 ++GrpTable: Grp15
8982 ++0: fxsave | RDFSBASE Ry (F3),(11B)
8983 ++1: fxstor | RDGSBASE Ry (F3),(11B)
8984 ++2: vldmxcsr Md (v1) | WRFSBASE Ry (F3),(11B)
8985 ++3: vstmxcsr Md (v1) | WRGSBASE Ry (F3),(11B)
8986 ++4: XSAVE | ptwrite Ey (F3),(11B)
8987 ++5: XRSTOR | lfence (11B)
8988 ++6: XSAVEOPT | clwb (66) | mfence (11B)
8989 ++7: clflush | clflushopt (66) | sfence (11B)
8990 ++EndTable
8991 ++
8992 ++GrpTable: Grp16
8993 ++0: prefetch NTA
8994 ++1: prefetch T0
8995 ++2: prefetch T1
8996 ++3: prefetch T2
8997 ++EndTable
8998 ++
8999 ++GrpTable: Grp17
9000 ++1: BLSR By,Ey (v)
9001 ++2: BLSMSK By,Ey (v)
9002 ++3: BLSI By,Ey (v)
9003 ++EndTable
9004 ++
9005 ++GrpTable: Grp18
9006 ++1: vgatherpf0dps/d Wx (66),(ev)
9007 ++2: vgatherpf1dps/d Wx (66),(ev)
9008 ++5: vscatterpf0dps/d Wx (66),(ev)
9009 ++6: vscatterpf1dps/d Wx (66),(ev)
9010 ++EndTable
9011 ++
9012 ++GrpTable: Grp19
9013 ++1: vgatherpf0qps/d Wx (66),(ev)
9014 ++2: vgatherpf1qps/d Wx (66),(ev)
9015 ++5: vscatterpf0qps/d Wx (66),(ev)
9016 ++6: vscatterpf1qps/d Wx (66),(ev)
9017 ++EndTable
9018 ++
9019 ++# AMD's Prefetch Group
9020 ++GrpTable: GrpP
9021 ++0: PREFETCH
9022 ++1: PREFETCHW
9023 ++EndTable
9024 ++
9025 ++GrpTable: GrpPDLK
9026 ++0: MONTMUL
9027 ++1: XSHA1
9028 ++2: XSHA2
9029 ++EndTable
9030 ++
9031 ++GrpTable: GrpRNG
9032 ++0: xstore-rng
9033 ++1: xcrypt-ecb
9034 ++2: xcrypt-cbc
9035 ++4: xcrypt-cfb
9036 ++5: xcrypt-ofb
9037 ++EndTable
9038 +diff --git a/tools/objtool/arch/x86/tools/gen-insn-attr-x86.awk b/tools/objtool/arch/x86/tools/gen-insn-attr-x86.awk
9039 +new file mode 100644
9040 +index 000000000000..b02a36b2c14f
9041 +--- /dev/null
9042 ++++ b/tools/objtool/arch/x86/tools/gen-insn-attr-x86.awk
9043 +@@ -0,0 +1,393 @@
9044 ++#!/bin/awk -f
9045 ++# SPDX-License-Identifier: GPL-2.0
9046 ++# gen-insn-attr-x86.awk: Instruction attribute table generator
9047 ++# Written by Masami Hiramatsu <mhiramat@××××××.com>
9048 ++#
9049 ++# Usage: awk -f gen-insn-attr-x86.awk x86-opcode-map.txt > inat-tables.c
9050 ++
9051 ++# Awk implementation sanity check
9052 ++function check_awk_implement() {
9053 ++ if (sprintf("%x", 0) != "0")
9054 ++ return "Your awk has a printf-format problem."
9055 ++ return ""
9056 ++}
9057 ++
9058 ++# Clear working vars
9059 ++function clear_vars() {
9060 ++ delete table
9061 ++ delete lptable2
9062 ++ delete lptable1
9063 ++ delete lptable3
9064 ++ eid = -1 # escape id
9065 ++ gid = -1 # group id
9066 ++ aid = -1 # AVX id
9067 ++ tname = ""
9068 ++}
9069 ++
9070 ++BEGIN {
9071 ++ # Implementation error checking
9072 ++ awkchecked = check_awk_implement()
9073 ++ if (awkchecked != "") {
9074 ++ print "Error: " awkchecked > "/dev/stderr"
9075 ++ print "Please try to use gawk." > "/dev/stderr"
9076 ++ exit 1
9077 ++ }
9078 ++
9079 ++ # Setup generating tables
9080 ++ print "/* x86 opcode map generated from x86-opcode-map.txt */"
9081 ++ print "/* Do not change this code. */\n"
9082 ++ ggid = 1
9083 ++ geid = 1
9084 ++ gaid = 0
9085 ++ delete etable
9086 ++ delete gtable
9087 ++ delete atable
9088 ++
9089 ++ opnd_expr = "^[A-Za-z/]"
9090 ++ ext_expr = "^\\("
9091 ++ sep_expr = "^\\|$"
9092 ++ group_expr = "^Grp[0-9A-Za-z]+"
9093 ++
9094 ++ imm_expr = "^[IJAOL][a-z]"
9095 ++ imm_flag["Ib"] = "INAT_MAKE_IMM(INAT_IMM_BYTE)"
9096 ++ imm_flag["Jb"] = "INAT_MAKE_IMM(INAT_IMM_BYTE)"
9097 ++ imm_flag["Iw"] = "INAT_MAKE_IMM(INAT_IMM_WORD)"
9098 ++ imm_flag["Id"] = "INAT_MAKE_IMM(INAT_IMM_DWORD)"
9099 ++ imm_flag["Iq"] = "INAT_MAKE_IMM(INAT_IMM_QWORD)"
9100 ++ imm_flag["Ap"] = "INAT_MAKE_IMM(INAT_IMM_PTR)"
9101 ++ imm_flag["Iz"] = "INAT_MAKE_IMM(INAT_IMM_VWORD32)"
9102 ++ imm_flag["Jz"] = "INAT_MAKE_IMM(INAT_IMM_VWORD32)"
9103 ++ imm_flag["Iv"] = "INAT_MAKE_IMM(INAT_IMM_VWORD)"
9104 ++ imm_flag["Ob"] = "INAT_MOFFSET"
9105 ++ imm_flag["Ov"] = "INAT_MOFFSET"
9106 ++ imm_flag["Lx"] = "INAT_MAKE_IMM(INAT_IMM_BYTE)"
9107 ++
9108 ++ modrm_expr = "^([CDEGMNPQRSUVW/][a-z]+|NTA|T[012])"
9109 ++ force64_expr = "\\([df]64\\)"
9110 ++ rex_expr = "^REX(\\.[XRWB]+)*"
9111 ++ fpu_expr = "^ESC" # TODO
9112 ++
9113 ++ lprefix1_expr = "\\((66|!F3)\\)"
9114 ++ lprefix2_expr = "\\(F3\\)"
9115 ++ lprefix3_expr = "\\((F2|!F3|66\\&F2)\\)"
9116 ++ lprefix_expr = "\\((66|F2|F3)\\)"
9117 ++ max_lprefix = 4
9118 ++
9119 ++ # All opcodes starting with lower-case 'v', 'k' or with (v1) superscript
9120 ++ # accepts VEX prefix
9121 ++ vexok_opcode_expr = "^[vk].*"
9122 ++ vexok_expr = "\\(v1\\)"
9123 ++ # All opcodes with (v) superscript supports *only* VEX prefix
9124 ++ vexonly_expr = "\\(v\\)"
9125 ++ # All opcodes with (ev) superscript supports *only* EVEX prefix
9126 ++ evexonly_expr = "\\(ev\\)"
9127 ++
9128 ++ prefix_expr = "\\(Prefix\\)"
9129 ++ prefix_num["Operand-Size"] = "INAT_PFX_OPNDSZ"
9130 ++ prefix_num["REPNE"] = "INAT_PFX_REPNE"
9131 ++ prefix_num["REP/REPE"] = "INAT_PFX_REPE"
9132 ++ prefix_num["XACQUIRE"] = "INAT_PFX_REPNE"
9133 ++ prefix_num["XRELEASE"] = "INAT_PFX_REPE"
9134 ++ prefix_num["LOCK"] = "INAT_PFX_LOCK"
9135 ++ prefix_num["SEG=CS"] = "INAT_PFX_CS"
9136 ++ prefix_num["SEG=DS"] = "INAT_PFX_DS"
9137 ++ prefix_num["SEG=ES"] = "INAT_PFX_ES"
9138 ++ prefix_num["SEG=FS"] = "INAT_PFX_FS"
9139 ++ prefix_num["SEG=GS"] = "INAT_PFX_GS"
9140 ++ prefix_num["SEG=SS"] = "INAT_PFX_SS"
9141 ++ prefix_num["Address-Size"] = "INAT_PFX_ADDRSZ"
9142 ++ prefix_num["VEX+1byte"] = "INAT_PFX_VEX2"
9143 ++ prefix_num["VEX+2byte"] = "INAT_PFX_VEX3"
9144 ++ prefix_num["EVEX"] = "INAT_PFX_EVEX"
9145 ++
9146 ++ clear_vars()
9147 ++}
9148 ++
9149 ++function semantic_error(msg) {
9150 ++ print "Semantic error at " NR ": " msg > "/dev/stderr"
9151 ++ exit 1
9152 ++}
9153 ++
9154 ++function debug(msg) {
9155 ++ print "DEBUG: " msg
9156 ++}
9157 ++
9158 ++function array_size(arr, i,c) {
9159 ++ c = 0
9160 ++ for (i in arr)
9161 ++ c++
9162 ++ return c
9163 ++}
9164 ++
9165 ++/^Table:/ {
9166 ++ print "/* " $0 " */"
9167 ++ if (tname != "")
9168 ++ semantic_error("Hit Table: before EndTable:.");
9169 ++}
9170 ++
9171 ++/^Referrer:/ {
9172 ++ if (NF != 1) {
9173 ++ # escape opcode table
9174 ++ ref = ""
9175 ++ for (i = 2; i <= NF; i++)
9176 ++ ref = ref $i
9177 ++ eid = escape[ref]
9178 ++ tname = sprintf("inat_escape_table_%d", eid)
9179 ++ }
9180 ++}
9181 ++
9182 ++/^AVXcode:/ {
9183 ++ if (NF != 1) {
9184 ++ # AVX/escape opcode table
9185 ++ aid = $2
9186 ++ if (gaid <= aid)
9187 ++ gaid = aid + 1
9188 ++ if (tname == "") # AVX only opcode table
9189 ++ tname = sprintf("inat_avx_table_%d", $2)
9190 ++ }
9191 ++ if (aid == -1 && eid == -1) # primary opcode table
9192 ++ tname = "inat_primary_table"
9193 ++}
9194 ++
9195 ++/^GrpTable:/ {
9196 ++ print "/* " $0 " */"
9197 ++ if (!($2 in group))
9198 ++ semantic_error("No group: " $2 )
9199 ++ gid = group[$2]
9200 ++ tname = "inat_group_table_" gid
9201 ++}
9202 ++
9203 ++function print_table(tbl,name,fmt,n)
9204 ++{
9205 ++ print "const insn_attr_t " name " = {"
9206 ++ for (i = 0; i < n; i++) {
9207 ++ id = sprintf(fmt, i)
9208 ++ if (tbl[id])
9209 ++ print " [" id "] = " tbl[id] ","
9210 ++ }
9211 ++ print "};"
9212 ++}
9213 ++
9214 ++/^EndTable/ {
9215 ++ if (gid != -1) {
9216 ++ # print group tables
9217 ++ if (array_size(table) != 0) {
9218 ++ print_table(table, tname "[INAT_GROUP_TABLE_SIZE]",
9219 ++ "0x%x", 8)
9220 ++ gtable[gid,0] = tname
9221 ++ }
9222 ++ if (array_size(lptable1) != 0) {
9223 ++ print_table(lptable1, tname "_1[INAT_GROUP_TABLE_SIZE]",
9224 ++ "0x%x", 8)
9225 ++ gtable[gid,1] = tname "_1"
9226 ++ }
9227 ++ if (array_size(lptable2) != 0) {
9228 ++ print_table(lptable2, tname "_2[INAT_GROUP_TABLE_SIZE]",
9229 ++ "0x%x", 8)
9230 ++ gtable[gid,2] = tname "_2"
9231 ++ }
9232 ++ if (array_size(lptable3) != 0) {
9233 ++ print_table(lptable3, tname "_3[INAT_GROUP_TABLE_SIZE]",
9234 ++ "0x%x", 8)
9235 ++ gtable[gid,3] = tname "_3"
9236 ++ }
9237 ++ } else {
9238 ++ # print primary/escaped tables
9239 ++ if (array_size(table) != 0) {
9240 ++ print_table(table, tname "[INAT_OPCODE_TABLE_SIZE]",
9241 ++ "0x%02x", 256)
9242 ++ etable[eid,0] = tname
9243 ++ if (aid >= 0)
9244 ++ atable[aid,0] = tname
9245 ++ }
9246 ++ if (array_size(lptable1) != 0) {
9247 ++ print_table(lptable1,tname "_1[INAT_OPCODE_TABLE_SIZE]",
9248 ++ "0x%02x", 256)
9249 ++ etable[eid,1] = tname "_1"
9250 ++ if (aid >= 0)
9251 ++ atable[aid,1] = tname "_1"
9252 ++ }
9253 ++ if (array_size(lptable2) != 0) {
9254 ++ print_table(lptable2,tname "_2[INAT_OPCODE_TABLE_SIZE]",
9255 ++ "0x%02x", 256)
9256 ++ etable[eid,2] = tname "_2"
9257 ++ if (aid >= 0)
9258 ++ atable[aid,2] = tname "_2"
9259 ++ }
9260 ++ if (array_size(lptable3) != 0) {
9261 ++ print_table(lptable3,tname "_3[INAT_OPCODE_TABLE_SIZE]",
9262 ++ "0x%02x", 256)
9263 ++ etable[eid,3] = tname "_3"
9264 ++ if (aid >= 0)
9265 ++ atable[aid,3] = tname "_3"
9266 ++ }
9267 ++ }
9268 ++ print ""
9269 ++ clear_vars()
9270 ++}
9271 ++
9272 ++function add_flags(old,new) {
9273 ++ if (old && new)
9274 ++ return old " | " new
9275 ++ else if (old)
9276 ++ return old
9277 ++ else
9278 ++ return new
9279 ++}
9280 ++
9281 ++# convert operands to flags.
9282 ++function convert_operands(count,opnd, i,j,imm,mod)
9283 ++{
9284 ++ imm = null
9285 ++ mod = null
9286 ++ for (j = 1; j <= count; j++) {
9287 ++ i = opnd[j]
9288 ++ if (match(i, imm_expr) == 1) {
9289 ++ if (!imm_flag[i])
9290 ++ semantic_error("Unknown imm opnd: " i)
9291 ++ if (imm) {
9292 ++ if (i != "Ib")
9293 ++ semantic_error("Second IMM error")
9294 ++ imm = add_flags(imm, "INAT_SCNDIMM")
9295 ++ } else
9296 ++ imm = imm_flag[i]
9297 ++ } else if (match(i, modrm_expr))
9298 ++ mod = "INAT_MODRM"
9299 ++ }
9300 ++ return add_flags(imm, mod)
9301 ++}
9302 ++
9303 ++/^[0-9a-f]+\:/ {
9304 ++ if (NR == 1)
9305 ++ next
9306 ++ # get index
9307 ++ idx = "0x" substr($1, 1, index($1,":") - 1)
9308 ++ if (idx in table)
9309 ++ semantic_error("Redefine " idx " in " tname)
9310 ++
9311 ++ # check if escaped opcode
9312 ++ if ("escape" == $2) {
9313 ++ if ($3 != "#")
9314 ++ semantic_error("No escaped name")
9315 ++ ref = ""
9316 ++ for (i = 4; i <= NF; i++)
9317 ++ ref = ref $i
9318 ++ if (ref in escape)
9319 ++ semantic_error("Redefine escape (" ref ")")
9320 ++ escape[ref] = geid
9321 ++ geid++
9322 ++ table[idx] = "INAT_MAKE_ESCAPE(" escape[ref] ")"
9323 ++ next
9324 ++ }
9325 ++
9326 ++ variant = null
9327 ++ # converts
9328 ++ i = 2
9329 ++ while (i <= NF) {
9330 ++ opcode = $(i++)
9331 ++ delete opnds
9332 ++ ext = null
9333 ++ flags = null
9334 ++ opnd = null
9335 ++ # parse one opcode
9336 ++ if (match($i, opnd_expr)) {
9337 ++ opnd = $i
9338 ++ count = split($(i++), opnds, ",")
9339 ++ flags = convert_operands(count, opnds)
9340 ++ }
9341 ++ if (match($i, ext_expr))
9342 ++ ext = $(i++)
9343 ++ if (match($i, sep_expr))
9344 ++ i++
9345 ++ else if (i < NF)
9346 ++ semantic_error($i " is not a separator")
9347 ++
9348 ++ # check if group opcode
9349 ++ if (match(opcode, group_expr)) {
9350 ++ if (!(opcode in group)) {
9351 ++ group[opcode] = ggid
9352 ++ ggid++
9353 ++ }
9354 ++ flags = add_flags(flags, "INAT_MAKE_GROUP(" group[opcode] ")")
9355 ++ }
9356 ++ # check force(or default) 64bit
9357 ++ if (match(ext, force64_expr))
9358 ++ flags = add_flags(flags, "INAT_FORCE64")
9359 ++
9360 ++ # check REX prefix
9361 ++ if (match(opcode, rex_expr))
9362 ++ flags = add_flags(flags, "INAT_MAKE_PREFIX(INAT_PFX_REX)")
9363 ++
9364 ++ # check coprocessor escape : TODO
9365 ++ if (match(opcode, fpu_expr))
9366 ++ flags = add_flags(flags, "INAT_MODRM")
9367 ++
9368 ++ # check VEX codes
9369 ++ if (match(ext, evexonly_expr))
9370 ++ flags = add_flags(flags, "INAT_VEXOK | INAT_EVEXONLY")
9371 ++ else if (match(ext, vexonly_expr))
9372 ++ flags = add_flags(flags, "INAT_VEXOK | INAT_VEXONLY")
9373 ++ else if (match(ext, vexok_expr) || match(opcode, vexok_opcode_expr))
9374 ++ flags = add_flags(flags, "INAT_VEXOK")
9375 ++
9376 ++ # check prefixes
9377 ++ if (match(ext, prefix_expr)) {
9378 ++ if (!prefix_num[opcode])
9379 ++ semantic_error("Unknown prefix: " opcode)
9380 ++ flags = add_flags(flags, "INAT_MAKE_PREFIX(" prefix_num[opcode] ")")
9381 ++ }
9382 ++ if (length(flags) == 0)
9383 ++ continue
9384 ++ # check if last prefix
9385 ++ if (match(ext, lprefix1_expr)) {
9386 ++ lptable1[idx] = add_flags(lptable1[idx],flags)
9387 ++ variant = "INAT_VARIANT"
9388 ++ }
9389 ++ if (match(ext, lprefix2_expr)) {
9390 ++ lptable2[idx] = add_flags(lptable2[idx],flags)
9391 ++ variant = "INAT_VARIANT"
9392 ++ }
9393 ++ if (match(ext, lprefix3_expr)) {
9394 ++ lptable3[idx] = add_flags(lptable3[idx],flags)
9395 ++ variant = "INAT_VARIANT"
9396 ++ }
9397 ++ if (!match(ext, lprefix_expr)){
9398 ++ table[idx] = add_flags(table[idx],flags)
9399 ++ }
9400 ++ }
9401 ++ if (variant)
9402 ++ table[idx] = add_flags(table[idx],variant)
9403 ++}
9404 ++
9405 ++END {
9406 ++ if (awkchecked != "")
9407 ++ exit 1
9408 ++ # print escape opcode map's array
9409 ++ print "/* Escape opcode map array */"
9410 ++ print "const insn_attr_t * const inat_escape_tables[INAT_ESC_MAX + 1]" \
9411 ++ "[INAT_LSTPFX_MAX + 1] = {"
9412 ++ for (i = 0; i < geid; i++)
9413 ++ for (j = 0; j < max_lprefix; j++)
9414 ++ if (etable[i,j])
9415 ++ print " ["i"]["j"] = "etable[i,j]","
9416 ++ print "};\n"
9417 ++ # print group opcode map's array
9418 ++ print "/* Group opcode map array */"
9419 ++ print "const insn_attr_t * const inat_group_tables[INAT_GRP_MAX + 1]"\
9420 ++ "[INAT_LSTPFX_MAX + 1] = {"
9421 ++ for (i = 0; i < ggid; i++)
9422 ++ for (j = 0; j < max_lprefix; j++)
9423 ++ if (gtable[i,j])
9424 ++ print " ["i"]["j"] = "gtable[i,j]","
9425 ++ print "};\n"
9426 ++ # print AVX opcode map's array
9427 ++ print "/* AVX opcode map array */"
9428 ++ print "const insn_attr_t * const inat_avx_tables[X86_VEX_M_MAX + 1]"\
9429 ++ "[INAT_LSTPFX_MAX + 1] = {"
9430 ++ for (i = 0; i < gaid; i++)
9431 ++ for (j = 0; j < max_lprefix; j++)
9432 ++ if (atable[i,j])
9433 ++ print " ["i"]["j"] = "atable[i,j]","
9434 ++ print "};"
9435 ++}
9436 ++
9437 +diff --git a/tools/objtool/orc.h b/tools/objtool/orc.h
9438 +index a4139e386ef3..b0e92a6d0903 100644
9439 +--- a/tools/objtool/orc.h
9440 ++++ b/tools/objtool/orc.h
9441 +@@ -18,7 +18,7 @@
9442 + #ifndef _ORC_H
9443 + #define _ORC_H
9444 +
9445 +-#include "orc_types.h"
9446 ++#include <asm/orc_types.h>
9447 +
9448 + struct objtool_file;
9449 +
9450 +diff --git a/tools/objtool/orc_dump.c b/tools/objtool/orc_dump.c
9451 +index 36c5bf6a2675..c3343820916a 100644
9452 +--- a/tools/objtool/orc_dump.c
9453 ++++ b/tools/objtool/orc_dump.c
9454 +@@ -76,7 +76,8 @@ int orc_dump(const char *_objname)
9455 + int fd, nr_entries, i, *orc_ip = NULL, orc_size = 0;
9456 + struct orc_entry *orc = NULL;
9457 + char *name;
9458 +- unsigned long nr_sections, orc_ip_addr = 0;
9459 ++ size_t nr_sections;
9460 ++ Elf64_Addr orc_ip_addr = 0;
9461 + size_t shstrtab_idx;
9462 + Elf *elf;
9463 + Elf_Scn *scn;
9464 +@@ -187,10 +188,10 @@ int orc_dump(const char *_objname)
9465 + return -1;
9466 + }
9467 +
9468 +- printf("%s+%lx:", name, rela.r_addend);
9469 ++ printf("%s+%llx:", name, (unsigned long long)rela.r_addend);
9470 +
9471 + } else {
9472 +- printf("%lx:", orc_ip_addr + (i * sizeof(int)) + orc_ip[i]);
9473 ++ printf("%llx:", (unsigned long long)(orc_ip_addr + (i * sizeof(int)) + orc_ip[i]));
9474 + }
9475 +
9476 +
9477 +diff --git a/tools/objtool/orc_types.h b/tools/objtool/orc_types.h
9478 +deleted file mode 100644
9479 +index 9c9dc579bd7d..000000000000
9480 +--- a/tools/objtool/orc_types.h
9481 ++++ /dev/null
9482 +@@ -1,107 +0,0 @@
9483 +-/*
9484 +- * Copyright (C) 2017 Josh Poimboeuf <jpoimboe@××××××.com>
9485 +- *
9486 +- * This program is free software; you can redistribute it and/or
9487 +- * modify it under the terms of the GNU General Public License
9488 +- * as published by the Free Software Foundation; either version 2
9489 +- * of the License, or (at your option) any later version.
9490 +- *
9491 +- * This program is distributed in the hope that it will be useful,
9492 +- * but WITHOUT ANY WARRANTY; without even the implied warranty of
9493 +- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9494 +- * GNU General Public License for more details.
9495 +- *
9496 +- * You should have received a copy of the GNU General Public License
9497 +- * along with this program; if not, see <http://www.gnu.org/licenses/>.
9498 +- */
9499 +-
9500 +-#ifndef _ORC_TYPES_H
9501 +-#define _ORC_TYPES_H
9502 +-
9503 +-#include <linux/types.h>
9504 +-#include <linux/compiler.h>
9505 +-
9506 +-/*
9507 +- * The ORC_REG_* registers are base registers which are used to find other
9508 +- * registers on the stack.
9509 +- *
9510 +- * ORC_REG_PREV_SP, also known as DWARF Call Frame Address (CFA), is the
9511 +- * address of the previous frame: the caller's SP before it called the current
9512 +- * function.
9513 +- *
9514 +- * ORC_REG_UNDEFINED means the corresponding register's value didn't change in
9515 +- * the current frame.
9516 +- *
9517 +- * The most commonly used base registers are SP and BP -- which the previous SP
9518 +- * is usually based on -- and PREV_SP and UNDEFINED -- which the previous BP is
9519 +- * usually based on.
9520 +- *
9521 +- * The rest of the base registers are needed for special cases like entry code
9522 +- * and GCC realigned stacks.
9523 +- */
9524 +-#define ORC_REG_UNDEFINED 0
9525 +-#define ORC_REG_PREV_SP 1
9526 +-#define ORC_REG_DX 2
9527 +-#define ORC_REG_DI 3
9528 +-#define ORC_REG_BP 4
9529 +-#define ORC_REG_SP 5
9530 +-#define ORC_REG_R10 6
9531 +-#define ORC_REG_R13 7
9532 +-#define ORC_REG_BP_INDIRECT 8
9533 +-#define ORC_REG_SP_INDIRECT 9
9534 +-#define ORC_REG_MAX 15
9535 +-
9536 +-/*
9537 +- * ORC_TYPE_CALL: Indicates that sp_reg+sp_offset resolves to PREV_SP (the
9538 +- * caller's SP right before it made the call). Used for all callable
9539 +- * functions, i.e. all C code and all callable asm functions.
9540 +- *
9541 +- * ORC_TYPE_REGS: Used in entry code to indicate that sp_reg+sp_offset points
9542 +- * to a fully populated pt_regs from a syscall, interrupt, or exception.
9543 +- *
9544 +- * ORC_TYPE_REGS_IRET: Used in entry code to indicate that sp_reg+sp_offset
9545 +- * points to the iret return frame.
9546 +- *
9547 +- * The UNWIND_HINT macros are used only for the unwind_hint struct. They
9548 +- * aren't used in struct orc_entry due to size and complexity constraints.
9549 +- * Objtool converts them to real types when it converts the hints to orc
9550 +- * entries.
9551 +- */
9552 +-#define ORC_TYPE_CALL 0
9553 +-#define ORC_TYPE_REGS 1
9554 +-#define ORC_TYPE_REGS_IRET 2
9555 +-#define UNWIND_HINT_TYPE_SAVE 3
9556 +-#define UNWIND_HINT_TYPE_RESTORE 4
9557 +-
9558 +-#ifndef __ASSEMBLY__
9559 +-/*
9560 +- * This struct is more or less a vastly simplified version of the DWARF Call
9561 +- * Frame Information standard. It contains only the necessary parts of DWARF
9562 +- * CFI, simplified for ease of access by the in-kernel unwinder. It tells the
9563 +- * unwinder how to find the previous SP and BP (and sometimes entry regs) on
9564 +- * the stack for a given code address. Each instance of the struct corresponds
9565 +- * to one or more code locations.
9566 +- */
9567 +-struct orc_entry {
9568 +- s16 sp_offset;
9569 +- s16 bp_offset;
9570 +- unsigned sp_reg:4;
9571 +- unsigned bp_reg:4;
9572 +- unsigned type:2;
9573 +-} __packed;
9574 +-
9575 +-/*
9576 +- * This struct is used by asm and inline asm code to manually annotate the
9577 +- * location of registers on the stack for the ORC unwinder.
9578 +- *
9579 +- * Type can be either ORC_TYPE_* or UNWIND_HINT_TYPE_*.
9580 +- */
9581 +-struct unwind_hint {
9582 +- u32 ip;
9583 +- s16 sp_offset;
9584 +- u8 sp_reg;
9585 +- u8 type;
9586 +-};
9587 +-#endif /* __ASSEMBLY__ */
9588 +-
9589 +-#endif /* _ORC_TYPES_H */
9590 +diff --git a/tools/objtool/sync-check.sh b/tools/objtool/sync-check.sh
9591 +new file mode 100755
9592 +index 000000000000..1470e74e9d66
9593 +--- /dev/null
9594 ++++ b/tools/objtool/sync-check.sh
9595 +@@ -0,0 +1,29 @@
9596 ++#!/bin/sh
9597 ++# SPDX-License-Identifier: GPL-2.0
9598 ++
9599 ++FILES='
9600 ++arch/x86/lib/insn.c
9601 ++arch/x86/lib/inat.c
9602 ++arch/x86/lib/x86-opcode-map.txt
9603 ++arch/x86/tools/gen-insn-attr-x86.awk
9604 ++arch/x86/include/asm/insn.h
9605 ++arch/x86/include/asm/inat.h
9606 ++arch/x86/include/asm/inat_types.h
9607 ++arch/x86/include/asm/orc_types.h
9608 ++'
9609 ++
9610 ++check()
9611 ++{
9612 ++ local file=$1
9613 ++
9614 ++ diff $file ../../$file > /dev/null ||
9615 ++ echo "Warning: synced file at 'tools/objtool/$file' differs from latest kernel version at '$file'"
9616 ++}
9617 ++
9618 ++if [ ! -d ../../kernel ] || [ ! -d ../../tools ] || [ ! -d ../objtool ]; then
9619 ++ exit 0
9620 ++fi
9621 ++
9622 ++for i in $FILES; do
9623 ++ check $i
9624 ++done
9625 +diff --git a/tools/perf/util/intel-pt-decoder/x86-opcode-map.txt b/tools/perf/util/intel-pt-decoder/x86-opcode-map.txt
9626 +index 12e377184ee4..e0b85930dd77 100644
9627 +--- a/tools/perf/util/intel-pt-decoder/x86-opcode-map.txt
9628 ++++ b/tools/perf/util/intel-pt-decoder/x86-opcode-map.txt
9629 +@@ -607,7 +607,7 @@ fb: psubq Pq,Qq | vpsubq Vx,Hx,Wx (66),(v1)
9630 + fc: paddb Pq,Qq | vpaddb Vx,Hx,Wx (66),(v1)
9631 + fd: paddw Pq,Qq | vpaddw Vx,Hx,Wx (66),(v1)
9632 + fe: paddd Pq,Qq | vpaddd Vx,Hx,Wx (66),(v1)
9633 +-ff:
9634 ++ff: UD0
9635 + EndTable
9636 +
9637 + Table: 3-byte opcode 1 (0x0f 0x38)
9638 +@@ -717,7 +717,7 @@ AVXcode: 2
9639 + 7e: vpermt2d/q Vx,Hx,Wx (66),(ev)
9640 + 7f: vpermt2ps/d Vx,Hx,Wx (66),(ev)
9641 + 80: INVEPT Gy,Mdq (66)
9642 +-81: INVPID Gy,Mdq (66)
9643 ++81: INVVPID Gy,Mdq (66)
9644 + 82: INVPCID Gy,Mdq (66)
9645 + 83: vpmultishiftqb Vx,Hx,Wx (66),(ev)
9646 + 88: vexpandps/d Vpd,Wpd (66),(ev)
9647 +@@ -896,7 +896,7 @@ EndTable
9648 +
9649 + GrpTable: Grp3_1
9650 + 0: TEST Eb,Ib
9651 +-1:
9652 ++1: TEST Eb,Ib
9653 + 2: NOT Eb
9654 + 3: NEG Eb
9655 + 4: MUL AL,Eb
9656 +@@ -970,6 +970,15 @@ GrpTable: Grp9
9657 + EndTable
9658 +
9659 + GrpTable: Grp10
9660 ++# all are UD1
9661 ++0: UD1
9662 ++1: UD1
9663 ++2: UD1
9664 ++3: UD1
9665 ++4: UD1
9666 ++5: UD1
9667 ++6: UD1
9668 ++7: UD1
9669 + EndTable
9670 +
9671 + # Grp11A and Grp11B are expressed as Grp11 in Intel SDM
9672 +diff --git a/tools/testing/selftests/x86/ldt_gdt.c b/tools/testing/selftests/x86/ldt_gdt.c
9673 +index 66e5ce5b91f0..0304ffb714f2 100644
9674 +--- a/tools/testing/selftests/x86/ldt_gdt.c
9675 ++++ b/tools/testing/selftests/x86/ldt_gdt.c
9676 +@@ -627,13 +627,10 @@ static void do_multicpu_tests(void)
9677 + static int finish_exec_test(void)
9678 + {
9679 + /*
9680 +- * In a sensible world, this would be check_invalid_segment(0, 1);
9681 +- * For better or for worse, though, the LDT is inherited across exec.
9682 +- * We can probably change this safely, but for now we test it.
9683 ++ * Older kernel versions did inherit the LDT on exec() which is
9684 ++ * wrong because exec() starts from a clean state.
9685 + */
9686 +- check_valid_segment(0, 1,
9687 +- AR_DPL3 | AR_TYPE_XRCODE | AR_S | AR_P | AR_DB,
9688 +- 42, true);
9689 ++ check_invalid_segment(0, 1);
9690 +
9691 + return nerrs ? 1 : 0;
9692 + }
9693 +diff --git a/virt/kvm/arm/mmu.c b/virt/kvm/arm/mmu.c
9694 +index b36945d49986..b4b69c2d1012 100644
9695 +--- a/virt/kvm/arm/mmu.c
9696 ++++ b/virt/kvm/arm/mmu.c
9697 +@@ -509,8 +509,6 @@ static void unmap_hyp_range(pgd_t *pgdp, phys_addr_t start, u64 size)
9698 + */
9699 + void free_hyp_pgds(void)
9700 + {
9701 +- unsigned long addr;
9702 +-
9703 + mutex_lock(&kvm_hyp_pgd_mutex);
9704 +
9705 + if (boot_hyp_pgd) {
9706 +@@ -521,10 +519,10 @@ void free_hyp_pgds(void)
9707 +
9708 + if (hyp_pgd) {
9709 + unmap_hyp_range(hyp_pgd, hyp_idmap_start, PAGE_SIZE);
9710 +- for (addr = PAGE_OFFSET; virt_addr_valid(addr); addr += PGDIR_SIZE)
9711 +- unmap_hyp_range(hyp_pgd, kern_hyp_va(addr), PGDIR_SIZE);
9712 +- for (addr = VMALLOC_START; is_vmalloc_addr((void*)addr); addr += PGDIR_SIZE)
9713 +- unmap_hyp_range(hyp_pgd, kern_hyp_va(addr), PGDIR_SIZE);
9714 ++ unmap_hyp_range(hyp_pgd, kern_hyp_va(PAGE_OFFSET),
9715 ++ (uintptr_t)high_memory - PAGE_OFFSET);
9716 ++ unmap_hyp_range(hyp_pgd, kern_hyp_va(VMALLOC_START),
9717 ++ VMALLOC_END - VMALLOC_START);
9718 +
9719 + free_pages((unsigned long)hyp_pgd, hyp_pgd_order);
9720 + hyp_pgd = NULL;
Report Message
Find on MARC Find on Google Groups