forked from Minki/linux
232ca1eeca
hash_page() needs to read page tables from kernel memory. When entire
kernel memory is mapped by BATs, which is normally the case when
CONFIG_STRICT_KERNEL_RWX is not set, it works even if the page hosting
the page table is not referenced in the MMU hash table.
However, if the page where the page table resides is not covered by
a BAT, a DSI fault can be encountered from hash_page(), and it loops
forever. This can happen when CONFIG_STRICT_KERNEL_RWX is selected
and the alignment of the different regions is too small to allow
covering the entire memory with BATs. This also happens when
CONFIG_DEBUG_PAGEALLOC is selected or when booting with 'nobats'
flag.
Also, if the page containing the kernel stack is not present in the
MMU hash table, registers cannot be saved and a recursive DSI fault
is encountered.
To allow hash_page() to properly do its job at all time and load the
MMU hash table whenever needed, it must run with data MMU disabled.
This means it must be called before re-enabling data MMU. To allow
this, registers clobbered by hash_page() and create_hpte() have to
be saved in the thread struct together with SRR0, SSR1, DAR and DSISR.
It is also necessary to ensure that DSI prolog doesn't overwrite
regs saved by prolog of the current running exception. That means:
- DSI can only use SPRN_SPRG_SCRATCH0
- Exceptions must free SPRN_SPRG_SCRATCH0 before writing to the stack.
This also fixes the Oops reported by Erhard when create_hpte() is
called by add_hash_page().
Due to prolog size increase, a few more exceptions had to get split
in two parts.
Fixes: cd08f109e2
("powerpc/32s: Enable CONFIG_VMAP_STACK")
Reported-by: Erhard F. <erhard_f@mailbox.org>
Signed-off-by: Christophe Leroy <christophe.leroy@c-s.fr>
Tested-by: Erhard F. <erhard_f@mailbox.org>
Tested-by: Larry Finger <Larry.Finger@lwfinger.net>
Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
Link: https://bugzilla.kernel.org/show_bug.cgi?id=206501
Link: https://lore.kernel.org/r/64a4aa44686e9fd4b01333401367029771d9b231.1581761633.git.christophe.leroy@c-s.fr
1419 lines
37 KiB
ArmAsm
1419 lines
37 KiB
ArmAsm
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
|
/*
|
|
* PowerPC version
|
|
* Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
|
|
*
|
|
* Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
|
|
* Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
|
|
* Adapted for Power Macintosh by Paul Mackerras.
|
|
* Low-level exception handlers and MMU support
|
|
* rewritten by Paul Mackerras.
|
|
* Copyright (C) 1996 Paul Mackerras.
|
|
* MPC8xx modifications Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
|
|
*
|
|
* This file contains the low-level support and setup for the
|
|
* PowerPC platform, including trap and interrupt dispatch.
|
|
* (The PPC 8xx embedded CPUs use head_8xx.S instead.)
|
|
*/
|
|
|
|
#include <linux/init.h>
|
|
#include <asm/reg.h>
|
|
#include <asm/page.h>
|
|
#include <asm/mmu.h>
|
|
#include <asm/pgtable.h>
|
|
#include <asm/cputable.h>
|
|
#include <asm/cache.h>
|
|
#include <asm/thread_info.h>
|
|
#include <asm/ppc_asm.h>
|
|
#include <asm/asm-offsets.h>
|
|
#include <asm/ptrace.h>
|
|
#include <asm/bug.h>
|
|
#include <asm/kvm_book3s_asm.h>
|
|
#include <asm/export.h>
|
|
#include <asm/feature-fixups.h>
|
|
|
|
#include "head_32.h"
|
|
|
|
/* 601 only have IBAT */
|
|
#ifdef CONFIG_PPC_BOOK3S_601
|
|
#define LOAD_BAT(n, reg, RA, RB) \
|
|
li RA,0; \
|
|
mtspr SPRN_IBAT##n##U,RA; \
|
|
lwz RA,(n*16)+0(reg); \
|
|
lwz RB,(n*16)+4(reg); \
|
|
mtspr SPRN_IBAT##n##U,RA; \
|
|
mtspr SPRN_IBAT##n##L,RB
|
|
#else
|
|
#define LOAD_BAT(n, reg, RA, RB) \
|
|
/* see the comment for clear_bats() -- Cort */ \
|
|
li RA,0; \
|
|
mtspr SPRN_IBAT##n##U,RA; \
|
|
mtspr SPRN_DBAT##n##U,RA; \
|
|
lwz RA,(n*16)+0(reg); \
|
|
lwz RB,(n*16)+4(reg); \
|
|
mtspr SPRN_IBAT##n##U,RA; \
|
|
mtspr SPRN_IBAT##n##L,RB; \
|
|
lwz RA,(n*16)+8(reg); \
|
|
lwz RB,(n*16)+12(reg); \
|
|
mtspr SPRN_DBAT##n##U,RA; \
|
|
mtspr SPRN_DBAT##n##L,RB
|
|
#endif
|
|
|
|
__HEAD
|
|
.stabs "arch/powerpc/kernel/",N_SO,0,0,0f
|
|
.stabs "head_32.S",N_SO,0,0,0f
|
|
0:
|
|
_ENTRY(_stext);
|
|
|
|
/*
|
|
* _start is defined this way because the XCOFF loader in the OpenFirmware
|
|
* on the powermac expects the entry point to be a procedure descriptor.
|
|
*/
|
|
_ENTRY(_start);
|
|
/*
|
|
* These are here for legacy reasons, the kernel used to
|
|
* need to look like a coff function entry for the pmac
|
|
* but we're always started by some kind of bootloader now.
|
|
* -- Cort
|
|
*/
|
|
nop /* used by __secondary_hold on prep (mtx) and chrp smp */
|
|
nop /* used by __secondary_hold on prep (mtx) and chrp smp */
|
|
nop
|
|
|
|
/* PMAC
|
|
* Enter here with the kernel text, data and bss loaded starting at
|
|
* 0, running with virtual == physical mapping.
|
|
* r5 points to the prom entry point (the client interface handler
|
|
* address). Address translation is turned on, with the prom
|
|
* managing the hash table. Interrupts are disabled. The stack
|
|
* pointer (r1) points to just below the end of the half-meg region
|
|
* from 0x380000 - 0x400000, which is mapped in already.
|
|
*
|
|
* If we are booted from MacOS via BootX, we enter with the kernel
|
|
* image loaded somewhere, and the following values in registers:
|
|
* r3: 'BooX' (0x426f6f58)
|
|
* r4: virtual address of boot_infos_t
|
|
* r5: 0
|
|
*
|
|
* PREP
|
|
* This is jumped to on prep systems right after the kernel is relocated
|
|
* to its proper place in memory by the boot loader. The expected layout
|
|
* of the regs is:
|
|
* r3: ptr to residual data
|
|
* r4: initrd_start or if no initrd then 0
|
|
* r5: initrd_end - unused if r4 is 0
|
|
* r6: Start of command line string
|
|
* r7: End of command line string
|
|
*
|
|
* This just gets a minimal mmu environment setup so we can call
|
|
* start_here() to do the real work.
|
|
* -- Cort
|
|
*/
|
|
|
|
.globl __start
|
|
__start:
|
|
/*
|
|
* We have to do any OF calls before we map ourselves to KERNELBASE,
|
|
* because OF may have I/O devices mapped into that area
|
|
* (particularly on CHRP).
|
|
*/
|
|
cmpwi 0,r5,0
|
|
beq 1f
|
|
|
|
#ifdef CONFIG_PPC_OF_BOOT_TRAMPOLINE
|
|
/* find out where we are now */
|
|
bcl 20,31,$+4
|
|
0: mflr r8 /* r8 = runtime addr here */
|
|
addis r8,r8,(_stext - 0b)@ha
|
|
addi r8,r8,(_stext - 0b)@l /* current runtime base addr */
|
|
bl prom_init
|
|
#endif /* CONFIG_PPC_OF_BOOT_TRAMPOLINE */
|
|
|
|
/* We never return. We also hit that trap if trying to boot
|
|
* from OF while CONFIG_PPC_OF_BOOT_TRAMPOLINE isn't selected */
|
|
trap
|
|
|
|
/*
|
|
* Check for BootX signature when supporting PowerMac and branch to
|
|
* appropriate trampoline if it's present
|
|
*/
|
|
#ifdef CONFIG_PPC_PMAC
|
|
1: lis r31,0x426f
|
|
ori r31,r31,0x6f58
|
|
cmpw 0,r3,r31
|
|
bne 1f
|
|
bl bootx_init
|
|
trap
|
|
#endif /* CONFIG_PPC_PMAC */
|
|
|
|
1: mr r31,r3 /* save device tree ptr */
|
|
li r24,0 /* cpu # */
|
|
|
|
/*
|
|
* early_init() does the early machine identification and does
|
|
* the necessary low-level setup and clears the BSS
|
|
* -- Cort <cort@fsmlabs.com>
|
|
*/
|
|
bl early_init
|
|
|
|
/* Switch MMU off, clear BATs and flush TLB. At this point, r3 contains
|
|
* the physical address we are running at, returned by early_init()
|
|
*/
|
|
bl mmu_off
|
|
__after_mmu_off:
|
|
bl clear_bats
|
|
bl flush_tlbs
|
|
|
|
bl initial_bats
|
|
bl load_segment_registers
|
|
#ifdef CONFIG_KASAN
|
|
bl early_hash_table
|
|
#endif
|
|
#if defined(CONFIG_BOOTX_TEXT)
|
|
bl setup_disp_bat
|
|
#endif
|
|
#ifdef CONFIG_PPC_EARLY_DEBUG_CPM
|
|
bl setup_cpm_bat
|
|
#endif
|
|
#ifdef CONFIG_PPC_EARLY_DEBUG_USBGECKO
|
|
bl setup_usbgecko_bat
|
|
#endif
|
|
|
|
/*
|
|
* Call setup_cpu for CPU 0 and initialize 6xx Idle
|
|
*/
|
|
bl reloc_offset
|
|
li r24,0 /* cpu# */
|
|
bl call_setup_cpu /* Call setup_cpu for this CPU */
|
|
#ifdef CONFIG_PPC_BOOK3S_32
|
|
bl reloc_offset
|
|
bl init_idle_6xx
|
|
#endif /* CONFIG_PPC_BOOK3S_32 */
|
|
|
|
|
|
/*
|
|
* We need to run with _start at physical address 0.
|
|
* On CHRP, we are loaded at 0x10000 since OF on CHRP uses
|
|
* the exception vectors at 0 (and therefore this copy
|
|
* overwrites OF's exception vectors with our own).
|
|
* The MMU is off at this point.
|
|
*/
|
|
bl reloc_offset
|
|
mr r26,r3
|
|
addis r4,r3,KERNELBASE@h /* current address of _start */
|
|
lis r5,PHYSICAL_START@h
|
|
cmplw 0,r4,r5 /* already running at PHYSICAL_START? */
|
|
bne relocate_kernel
|
|
/*
|
|
* we now have the 1st 16M of ram mapped with the bats.
|
|
* prep needs the mmu to be turned on here, but pmac already has it on.
|
|
* this shouldn't bother the pmac since it just gets turned on again
|
|
* as we jump to our code at KERNELBASE. -- Cort
|
|
* Actually no, pmac doesn't have it on any more. BootX enters with MMU
|
|
* off, and in other cases, we now turn it off before changing BATs above.
|
|
*/
|
|
turn_on_mmu:
|
|
mfmsr r0
|
|
ori r0,r0,MSR_DR|MSR_IR|MSR_RI
|
|
mtspr SPRN_SRR1,r0
|
|
lis r0,start_here@h
|
|
ori r0,r0,start_here@l
|
|
mtspr SPRN_SRR0,r0
|
|
SYNC
|
|
RFI /* enables MMU */
|
|
|
|
/*
|
|
* We need __secondary_hold as a place to hold the other cpus on
|
|
* an SMP machine, even when we are running a UP kernel.
|
|
*/
|
|
. = 0xc0 /* for prep bootloader */
|
|
li r3,1 /* MTX only has 1 cpu */
|
|
.globl __secondary_hold
|
|
__secondary_hold:
|
|
/* tell the master we're here */
|
|
stw r3,__secondary_hold_acknowledge@l(0)
|
|
#ifdef CONFIG_SMP
|
|
100: lwz r4,0(0)
|
|
/* wait until we're told to start */
|
|
cmpw 0,r4,r3
|
|
bne 100b
|
|
/* our cpu # was at addr 0 - go */
|
|
mr r24,r3 /* cpu # */
|
|
b __secondary_start
|
|
#else
|
|
b .
|
|
#endif /* CONFIG_SMP */
|
|
|
|
.globl __secondary_hold_spinloop
|
|
__secondary_hold_spinloop:
|
|
.long 0
|
|
.globl __secondary_hold_acknowledge
|
|
__secondary_hold_acknowledge:
|
|
.long -1
|
|
|
|
/* System reset */
|
|
/* core99 pmac starts the seconary here by changing the vector, and
|
|
putting it back to what it was (unknown_exception) when done. */
|
|
EXCEPTION(0x100, Reset, unknown_exception, EXC_XFER_STD)
|
|
|
|
/* Machine check */
|
|
/*
|
|
* On CHRP, this is complicated by the fact that we could get a
|
|
* machine check inside RTAS, and we have no guarantee that certain
|
|
* critical registers will have the values we expect. The set of
|
|
* registers that might have bad values includes all the GPRs
|
|
* and all the BATs. We indicate that we are in RTAS by putting
|
|
* a non-zero value, the address of the exception frame to use,
|
|
* in thread.rtas_sp. The machine check handler checks thread.rtas_sp
|
|
* and uses its value if it is non-zero.
|
|
* (Other exception handlers assume that r1 is a valid kernel stack
|
|
* pointer when we take an exception from supervisor mode.)
|
|
* -- paulus.
|
|
*/
|
|
. = 0x200
|
|
DO_KVM 0x200
|
|
MachineCheck:
|
|
EXCEPTION_PROLOG_0
|
|
#ifdef CONFIG_VMAP_STACK
|
|
li r11, MSR_KERNEL & ~(MSR_IR | MSR_RI) /* can take DTLB miss */
|
|
mtmsr r11
|
|
isync
|
|
#endif
|
|
#ifdef CONFIG_PPC_CHRP
|
|
mfspr r11, SPRN_SPRG_THREAD
|
|
tovirt_vmstack r11, r11
|
|
lwz r11, RTAS_SP(r11)
|
|
cmpwi cr1, r11, 0
|
|
bne cr1, 7f
|
|
#endif /* CONFIG_PPC_CHRP */
|
|
EXCEPTION_PROLOG_1 for_rtas=1
|
|
7: EXCEPTION_PROLOG_2
|
|
addi r3,r1,STACK_FRAME_OVERHEAD
|
|
#ifdef CONFIG_PPC_CHRP
|
|
#ifdef CONFIG_VMAP_STACK
|
|
mfspr r4, SPRN_SPRG_THREAD
|
|
tovirt(r4, r4)
|
|
lwz r4, RTAS_SP(r4)
|
|
cmpwi cr1, r4, 0
|
|
#endif
|
|
beq cr1, machine_check_tramp
|
|
b machine_check_in_rtas
|
|
#else
|
|
b machine_check_tramp
|
|
#endif
|
|
|
|
/* Data access exception. */
|
|
. = 0x300
|
|
DO_KVM 0x300
|
|
DataAccess:
|
|
#ifdef CONFIG_VMAP_STACK
|
|
mtspr SPRN_SPRG_SCRATCH0,r10
|
|
mfspr r10, SPRN_SPRG_THREAD
|
|
BEGIN_MMU_FTR_SECTION
|
|
stw r11, THR11(r10)
|
|
mfspr r10, SPRN_DSISR
|
|
mfcr r11
|
|
#ifdef CONFIG_PPC_KUAP
|
|
andis. r10, r10, (DSISR_BAD_FAULT_32S | DSISR_DABRMATCH | DSISR_PROTFAULT)@h
|
|
#else
|
|
andis. r10, r10, (DSISR_BAD_FAULT_32S | DSISR_DABRMATCH)@h
|
|
#endif
|
|
mfspr r10, SPRN_SPRG_THREAD
|
|
beq hash_page_dsi
|
|
.Lhash_page_dsi_cont:
|
|
mtcr r11
|
|
lwz r11, THR11(r10)
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
|
|
mtspr SPRN_SPRG_SCRATCH1,r11
|
|
mfspr r11, SPRN_DAR
|
|
stw r11, DAR(r10)
|
|
mfspr r11, SPRN_DSISR
|
|
stw r11, DSISR(r10)
|
|
mfspr r11, SPRN_SRR0
|
|
stw r11, SRR0(r10)
|
|
mfspr r11, SPRN_SRR1 /* check whether user or kernel */
|
|
stw r11, SRR1(r10)
|
|
mfcr r10
|
|
andi. r11, r11, MSR_PR
|
|
|
|
EXCEPTION_PROLOG_1
|
|
b handle_page_fault_tramp_1
|
|
#else /* CONFIG_VMAP_STACK */
|
|
EXCEPTION_PROLOG handle_dar_dsisr=1
|
|
get_and_save_dar_dsisr_on_stack r4, r5, r11
|
|
BEGIN_MMU_FTR_SECTION
|
|
#ifdef CONFIG_PPC_KUAP
|
|
andis. r0, r5, (DSISR_BAD_FAULT_32S | DSISR_DABRMATCH | DSISR_PROTFAULT)@h
|
|
#else
|
|
andis. r0, r5, (DSISR_BAD_FAULT_32S | DSISR_DABRMATCH)@h
|
|
#endif
|
|
bne handle_page_fault_tramp_2 /* if not, try to put a PTE */
|
|
rlwinm r3, r5, 32 - 15, 21, 21 /* DSISR_STORE -> _PAGE_RW */
|
|
bl hash_page
|
|
b handle_page_fault_tramp_1
|
|
FTR_SECTION_ELSE
|
|
b handle_page_fault_tramp_2
|
|
ALT_MMU_FTR_SECTION_END_IFSET(MMU_FTR_HPTE_TABLE)
|
|
#endif /* CONFIG_VMAP_STACK */
|
|
|
|
/* Instruction access exception. */
|
|
. = 0x400
|
|
DO_KVM 0x400
|
|
InstructionAccess:
|
|
#ifdef CONFIG_VMAP_STACK
|
|
mtspr SPRN_SPRG_SCRATCH0,r10
|
|
mtspr SPRN_SPRG_SCRATCH1,r11
|
|
mfspr r10, SPRN_SPRG_THREAD
|
|
mfspr r11, SPRN_SRR0
|
|
stw r11, SRR0(r10)
|
|
mfspr r11, SPRN_SRR1 /* check whether user or kernel */
|
|
stw r11, SRR1(r10)
|
|
mfcr r10
|
|
BEGIN_MMU_FTR_SECTION
|
|
andis. r11, r11, SRR1_ISI_NOPT@h /* no pte found? */
|
|
bne hash_page_isi
|
|
.Lhash_page_isi_cont:
|
|
mfspr r11, SPRN_SRR1 /* check whether user or kernel */
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
|
|
andi. r11, r11, MSR_PR
|
|
|
|
EXCEPTION_PROLOG_1
|
|
EXCEPTION_PROLOG_2
|
|
#else /* CONFIG_VMAP_STACK */
|
|
EXCEPTION_PROLOG
|
|
andis. r0,r9,SRR1_ISI_NOPT@h /* no pte found? */
|
|
beq 1f /* if so, try to put a PTE */
|
|
li r3,0 /* into the hash table */
|
|
mr r4,r12 /* SRR0 is fault address */
|
|
BEGIN_MMU_FTR_SECTION
|
|
bl hash_page
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
|
|
#endif /* CONFIG_VMAP_STACK */
|
|
1: mr r4,r12
|
|
andis. r5,r9,DSISR_SRR1_MATCH_32S@h /* Filter relevant SRR1 bits */
|
|
stw r4, _DAR(r11)
|
|
EXC_XFER_LITE(0x400, handle_page_fault)
|
|
|
|
/* External interrupt */
|
|
EXCEPTION(0x500, HardwareInterrupt, do_IRQ, EXC_XFER_LITE)
|
|
|
|
/* Alignment exception */
|
|
. = 0x600
|
|
DO_KVM 0x600
|
|
Alignment:
|
|
EXCEPTION_PROLOG handle_dar_dsisr=1
|
|
save_dar_dsisr_on_stack r4, r5, r11
|
|
addi r3,r1,STACK_FRAME_OVERHEAD
|
|
b alignment_exception_tramp
|
|
|
|
/* Program check exception */
|
|
EXCEPTION(0x700, ProgramCheck, program_check_exception, EXC_XFER_STD)
|
|
|
|
/* Floating-point unavailable */
|
|
. = 0x800
|
|
DO_KVM 0x800
|
|
FPUnavailable:
|
|
BEGIN_FTR_SECTION
|
|
/*
|
|
* Certain Freescale cores don't have a FPU and treat fp instructions
|
|
* as a FP Unavailable exception. Redirect to illegal/emulation handling.
|
|
*/
|
|
b ProgramCheck
|
|
END_FTR_SECTION_IFSET(CPU_FTR_FPU_UNAVAILABLE)
|
|
EXCEPTION_PROLOG
|
|
beq 1f
|
|
bl load_up_fpu /* if from user, just load it up */
|
|
b fast_exception_return
|
|
1: addi r3,r1,STACK_FRAME_OVERHEAD
|
|
EXC_XFER_LITE(0x800, kernel_fp_unavailable_exception)
|
|
|
|
/* Decrementer */
|
|
EXCEPTION(0x900, Decrementer, timer_interrupt, EXC_XFER_LITE)
|
|
|
|
EXCEPTION(0xa00, Trap_0a, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0xb00, Trap_0b, unknown_exception, EXC_XFER_STD)
|
|
|
|
/* System call */
|
|
. = 0xc00
|
|
DO_KVM 0xc00
|
|
SystemCall:
|
|
SYSCALL_ENTRY 0xc00
|
|
|
|
/* Single step - not used on 601 */
|
|
EXCEPTION(0xd00, SingleStep, single_step_exception, EXC_XFER_STD)
|
|
EXCEPTION(0xe00, Trap_0e, unknown_exception, EXC_XFER_STD)
|
|
|
|
/*
|
|
* The Altivec unavailable trap is at 0x0f20. Foo.
|
|
* We effectively remap it to 0x3000.
|
|
* We include an altivec unavailable exception vector even if
|
|
* not configured for Altivec, so that you can't panic a
|
|
* non-altivec kernel running on a machine with altivec just
|
|
* by executing an altivec instruction.
|
|
*/
|
|
. = 0xf00
|
|
DO_KVM 0xf00
|
|
b PerformanceMonitor
|
|
|
|
. = 0xf20
|
|
DO_KVM 0xf20
|
|
b AltiVecUnavailable
|
|
|
|
/*
|
|
* Handle TLB miss for instruction on 603/603e.
|
|
* Note: we get an alternate set of r0 - r3 to use automatically.
|
|
*/
|
|
. = 0x1000
|
|
InstructionTLBMiss:
|
|
/*
|
|
* r0: scratch
|
|
* r1: linux style pte ( later becomes ppc hardware pte )
|
|
* r2: ptr to linux-style pte
|
|
* r3: scratch
|
|
*/
|
|
/* Get PTE (linux-style) and check access */
|
|
mfspr r3,SPRN_IMISS
|
|
#if defined(CONFIG_MODULES) || defined(CONFIG_DEBUG_PAGEALLOC)
|
|
lis r1,PAGE_OFFSET@h /* check if kernel address */
|
|
cmplw 0,r1,r3
|
|
#endif
|
|
mfspr r2, SPRN_SPRG_PGDIR
|
|
#ifdef CONFIG_SWAP
|
|
li r1,_PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_EXEC
|
|
#else
|
|
li r1,_PAGE_PRESENT | _PAGE_EXEC
|
|
#endif
|
|
#if defined(CONFIG_MODULES) || defined(CONFIG_DEBUG_PAGEALLOC)
|
|
bge- 112f
|
|
lis r2, (swapper_pg_dir - PAGE_OFFSET)@ha /* if kernel address, use */
|
|
addi r2, r2, (swapper_pg_dir - PAGE_OFFSET)@l /* kernel page table */
|
|
#endif
|
|
112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
|
|
lwz r2,0(r2) /* get pmd entry */
|
|
rlwinm. r2,r2,0,0,19 /* extract address of pte page */
|
|
beq- InstructionAddressInvalid /* return if no mapping */
|
|
rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
|
|
lwz r0,0(r2) /* get linux-style pte */
|
|
andc. r1,r1,r0 /* check access & ~permission */
|
|
bne- InstructionAddressInvalid /* return if access not permitted */
|
|
/* Convert linux-style PTE to low word of PPC-style PTE */
|
|
rlwimi r0,r0,32-2,31,31 /* _PAGE_USER -> PP lsb */
|
|
ori r1, r1, 0xe06 /* clear out reserved bits */
|
|
andc r1, r0, r1 /* PP = user? 1 : 0 */
|
|
BEGIN_FTR_SECTION
|
|
rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
|
|
END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
|
|
mtspr SPRN_RPA,r1
|
|
tlbli r3
|
|
mfspr r3,SPRN_SRR1 /* Need to restore CR0 */
|
|
mtcrf 0x80,r3
|
|
rfi
|
|
InstructionAddressInvalid:
|
|
mfspr r3,SPRN_SRR1
|
|
rlwinm r1,r3,9,6,6 /* Get load/store bit */
|
|
|
|
addis r1,r1,0x2000
|
|
mtspr SPRN_DSISR,r1 /* (shouldn't be needed) */
|
|
andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */
|
|
or r2,r2,r1
|
|
mtspr SPRN_SRR1,r2
|
|
mfspr r1,SPRN_IMISS /* Get failing address */
|
|
rlwinm. r2,r2,0,31,31 /* Check for little endian access */
|
|
rlwimi r2,r2,1,30,30 /* change 1 -> 3 */
|
|
xor r1,r1,r2
|
|
mtspr SPRN_DAR,r1 /* Set fault address */
|
|
mfmsr r0 /* Restore "normal" registers */
|
|
xoris r0,r0,MSR_TGPR>>16
|
|
mtcrf 0x80,r3 /* Restore CR0 */
|
|
mtmsr r0
|
|
b InstructionAccess
|
|
|
|
/*
|
|
* Handle TLB miss for DATA Load operation on 603/603e
|
|
*/
|
|
. = 0x1100
|
|
DataLoadTLBMiss:
|
|
/*
|
|
* r0: scratch
|
|
* r1: linux style pte ( later becomes ppc hardware pte )
|
|
* r2: ptr to linux-style pte
|
|
* r3: scratch
|
|
*/
|
|
/* Get PTE (linux-style) and check access */
|
|
mfspr r3,SPRN_DMISS
|
|
lis r1,PAGE_OFFSET@h /* check if kernel address */
|
|
cmplw 0,r1,r3
|
|
mfspr r2, SPRN_SPRG_PGDIR
|
|
#ifdef CONFIG_SWAP
|
|
li r1, _PAGE_PRESENT | _PAGE_ACCESSED
|
|
#else
|
|
li r1, _PAGE_PRESENT
|
|
#endif
|
|
bge- 112f
|
|
lis r2, (swapper_pg_dir - PAGE_OFFSET)@ha /* if kernel address, use */
|
|
addi r2, r2, (swapper_pg_dir - PAGE_OFFSET)@l /* kernel page table */
|
|
112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
|
|
lwz r2,0(r2) /* get pmd entry */
|
|
rlwinm. r2,r2,0,0,19 /* extract address of pte page */
|
|
beq- DataAddressInvalid /* return if no mapping */
|
|
rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
|
|
lwz r0,0(r2) /* get linux-style pte */
|
|
andc. r1,r1,r0 /* check access & ~permission */
|
|
bne- DataAddressInvalid /* return if access not permitted */
|
|
/*
|
|
* NOTE! We are assuming this is not an SMP system, otherwise
|
|
* we would need to update the pte atomically with lwarx/stwcx.
|
|
*/
|
|
/* Convert linux-style PTE to low word of PPC-style PTE */
|
|
rlwinm r1,r0,32-9,30,30 /* _PAGE_RW -> PP msb */
|
|
rlwimi r0,r0,32-1,30,30 /* _PAGE_USER -> PP msb */
|
|
rlwimi r0,r0,32-1,31,31 /* _PAGE_USER -> PP lsb */
|
|
ori r1,r1,0xe04 /* clear out reserved bits */
|
|
andc r1,r0,r1 /* PP = user? rw? 1: 3: 0 */
|
|
BEGIN_FTR_SECTION
|
|
rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
|
|
END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
|
|
mtspr SPRN_RPA,r1
|
|
mfspr r2,SPRN_SRR1 /* Need to restore CR0 */
|
|
mtcrf 0x80,r2
|
|
BEGIN_MMU_FTR_SECTION
|
|
li r0,1
|
|
mfspr r1,SPRN_SPRG_603_LRU
|
|
rlwinm r2,r3,20,27,31 /* Get Address bits 15:19 */
|
|
slw r0,r0,r2
|
|
xor r1,r0,r1
|
|
srw r0,r1,r2
|
|
mtspr SPRN_SPRG_603_LRU,r1
|
|
mfspr r2,SPRN_SRR1
|
|
rlwimi r2,r0,31-14,14,14
|
|
mtspr SPRN_SRR1,r2
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_NEED_DTLB_SW_LRU)
|
|
tlbld r3
|
|
rfi
|
|
DataAddressInvalid:
|
|
mfspr r3,SPRN_SRR1
|
|
rlwinm r1,r3,9,6,6 /* Get load/store bit */
|
|
addis r1,r1,0x2000
|
|
mtspr SPRN_DSISR,r1
|
|
andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */
|
|
mtspr SPRN_SRR1,r2
|
|
mfspr r1,SPRN_DMISS /* Get failing address */
|
|
rlwinm. r2,r2,0,31,31 /* Check for little endian access */
|
|
beq 20f /* Jump if big endian */
|
|
xori r1,r1,3
|
|
20: mtspr SPRN_DAR,r1 /* Set fault address */
|
|
mfmsr r0 /* Restore "normal" registers */
|
|
xoris r0,r0,MSR_TGPR>>16
|
|
mtcrf 0x80,r3 /* Restore CR0 */
|
|
mtmsr r0
|
|
b DataAccess
|
|
|
|
/*
|
|
* Handle TLB miss for DATA Store on 603/603e
|
|
*/
|
|
. = 0x1200
|
|
DataStoreTLBMiss:
|
|
/*
|
|
* r0: scratch
|
|
* r1: linux style pte ( later becomes ppc hardware pte )
|
|
* r2: ptr to linux-style pte
|
|
* r3: scratch
|
|
*/
|
|
/* Get PTE (linux-style) and check access */
|
|
mfspr r3,SPRN_DMISS
|
|
lis r1,PAGE_OFFSET@h /* check if kernel address */
|
|
cmplw 0,r1,r3
|
|
mfspr r2, SPRN_SPRG_PGDIR
|
|
#ifdef CONFIG_SWAP
|
|
li r1, _PAGE_RW | _PAGE_DIRTY | _PAGE_PRESENT | _PAGE_ACCESSED
|
|
#else
|
|
li r1, _PAGE_RW | _PAGE_DIRTY | _PAGE_PRESENT
|
|
#endif
|
|
bge- 112f
|
|
lis r2, (swapper_pg_dir - PAGE_OFFSET)@ha /* if kernel address, use */
|
|
addi r2, r2, (swapper_pg_dir - PAGE_OFFSET)@l /* kernel page table */
|
|
112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
|
|
lwz r2,0(r2) /* get pmd entry */
|
|
rlwinm. r2,r2,0,0,19 /* extract address of pte page */
|
|
beq- DataAddressInvalid /* return if no mapping */
|
|
rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
|
|
lwz r0,0(r2) /* get linux-style pte */
|
|
andc. r1,r1,r0 /* check access & ~permission */
|
|
bne- DataAddressInvalid /* return if access not permitted */
|
|
/*
|
|
* NOTE! We are assuming this is not an SMP system, otherwise
|
|
* we would need to update the pte atomically with lwarx/stwcx.
|
|
*/
|
|
/* Convert linux-style PTE to low word of PPC-style PTE */
|
|
rlwimi r0,r0,32-2,31,31 /* _PAGE_USER -> PP lsb */
|
|
li r1,0xe06 /* clear out reserved bits & PP msb */
|
|
andc r1,r0,r1 /* PP = user? 1: 0 */
|
|
BEGIN_FTR_SECTION
|
|
rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
|
|
END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
|
|
mtspr SPRN_RPA,r1
|
|
mfspr r2,SPRN_SRR1 /* Need to restore CR0 */
|
|
mtcrf 0x80,r2
|
|
BEGIN_MMU_FTR_SECTION
|
|
li r0,1
|
|
mfspr r1,SPRN_SPRG_603_LRU
|
|
rlwinm r2,r3,20,27,31 /* Get Address bits 15:19 */
|
|
slw r0,r0,r2
|
|
xor r1,r0,r1
|
|
srw r0,r1,r2
|
|
mtspr SPRN_SPRG_603_LRU,r1
|
|
mfspr r2,SPRN_SRR1
|
|
rlwimi r2,r0,31-14,14,14
|
|
mtspr SPRN_SRR1,r2
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_NEED_DTLB_SW_LRU)
|
|
tlbld r3
|
|
rfi
|
|
|
|
#ifndef CONFIG_ALTIVEC
|
|
#define altivec_assist_exception unknown_exception
|
|
#endif
|
|
|
|
EXCEPTION(0x1300, Trap_13, instruction_breakpoint_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1400, SMI, SMIException, EXC_XFER_STD)
|
|
EXCEPTION(0x1500, Trap_15, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1600, Trap_16, altivec_assist_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1700, Trap_17, TAUException, EXC_XFER_STD)
|
|
EXCEPTION(0x1800, Trap_18, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1900, Trap_19, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1a00, Trap_1a, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1b00, Trap_1b, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1c00, Trap_1c, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1d00, Trap_1d, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1e00, Trap_1e, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x1f00, Trap_1f, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2000, RunMode, RunModeException, EXC_XFER_STD)
|
|
EXCEPTION(0x2100, Trap_21, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2200, Trap_22, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2300, Trap_23, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2400, Trap_24, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2500, Trap_25, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2600, Trap_26, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2700, Trap_27, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2800, Trap_28, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2900, Trap_29, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2a00, Trap_2a, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2b00, Trap_2b, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2c00, Trap_2c, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2d00, Trap_2d, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2e00, Trap_2e, unknown_exception, EXC_XFER_STD)
|
|
EXCEPTION(0x2f00, Trap_2f, unknown_exception, EXC_XFER_STD)
|
|
|
|
. = 0x3000
|
|
|
|
machine_check_tramp:
|
|
EXC_XFER_STD(0x200, machine_check_exception)
|
|
|
|
alignment_exception_tramp:
|
|
EXC_XFER_STD(0x600, alignment_exception)
|
|
|
|
handle_page_fault_tramp_1:
|
|
#ifdef CONFIG_VMAP_STACK
|
|
EXCEPTION_PROLOG_2 handle_dar_dsisr=1
|
|
#endif
|
|
lwz r4, _DAR(r11)
|
|
lwz r5, _DSISR(r11)
|
|
/* fall through */
|
|
handle_page_fault_tramp_2:
|
|
EXC_XFER_LITE(0x300, handle_page_fault)
|
|
|
|
#ifdef CONFIG_VMAP_STACK
|
|
.macro save_regs_thread thread
|
|
stw r0, THR0(\thread)
|
|
stw r3, THR3(\thread)
|
|
stw r4, THR4(\thread)
|
|
stw r5, THR5(\thread)
|
|
stw r6, THR6(\thread)
|
|
stw r8, THR8(\thread)
|
|
stw r9, THR9(\thread)
|
|
mflr r0
|
|
stw r0, THLR(\thread)
|
|
mfctr r0
|
|
stw r0, THCTR(\thread)
|
|
.endm
|
|
|
|
.macro restore_regs_thread thread
|
|
lwz r0, THLR(\thread)
|
|
mtlr r0
|
|
lwz r0, THCTR(\thread)
|
|
mtctr r0
|
|
lwz r0, THR0(\thread)
|
|
lwz r3, THR3(\thread)
|
|
lwz r4, THR4(\thread)
|
|
lwz r5, THR5(\thread)
|
|
lwz r6, THR6(\thread)
|
|
lwz r8, THR8(\thread)
|
|
lwz r9, THR9(\thread)
|
|
.endm
|
|
|
|
hash_page_dsi:
|
|
save_regs_thread r10
|
|
mfdsisr r3
|
|
mfdar r4
|
|
mfsrr0 r5
|
|
mfsrr1 r9
|
|
rlwinm r3, r3, 32 - 15, _PAGE_RW /* DSISR_STORE -> _PAGE_RW */
|
|
bl hash_page
|
|
mfspr r10, SPRN_SPRG_THREAD
|
|
restore_regs_thread r10
|
|
b .Lhash_page_dsi_cont
|
|
|
|
hash_page_isi:
|
|
mr r11, r10
|
|
mfspr r10, SPRN_SPRG_THREAD
|
|
save_regs_thread r10
|
|
li r3, 0
|
|
lwz r4, SRR0(r10)
|
|
lwz r9, SRR1(r10)
|
|
bl hash_page
|
|
mfspr r10, SPRN_SPRG_THREAD
|
|
restore_regs_thread r10
|
|
mr r10, r11
|
|
b .Lhash_page_isi_cont
|
|
|
|
.globl fast_hash_page_return
|
|
fast_hash_page_return:
|
|
andis. r10, r9, SRR1_ISI_NOPT@h /* Set on ISI, cleared on DSI */
|
|
mfspr r10, SPRN_SPRG_THREAD
|
|
restore_regs_thread r10
|
|
bne 1f
|
|
|
|
/* DSI */
|
|
mtcr r11
|
|
lwz r11, THR11(r10)
|
|
mfspr r10, SPRN_SPRG_SCRATCH0
|
|
SYNC
|
|
RFI
|
|
|
|
1: /* ISI */
|
|
mtcr r11
|
|
mfspr r11, SPRN_SPRG_SCRATCH1
|
|
mfspr r10, SPRN_SPRG_SCRATCH0
|
|
SYNC
|
|
RFI
|
|
|
|
stack_overflow:
|
|
vmap_stack_overflow_exception
|
|
#endif
|
|
|
|
AltiVecUnavailable:
|
|
EXCEPTION_PROLOG
|
|
#ifdef CONFIG_ALTIVEC
|
|
beq 1f
|
|
bl load_up_altivec /* if from user, just load it up */
|
|
b fast_exception_return
|
|
#endif /* CONFIG_ALTIVEC */
|
|
1: addi r3,r1,STACK_FRAME_OVERHEAD
|
|
EXC_XFER_LITE(0xf20, altivec_unavailable_exception)
|
|
|
|
PerformanceMonitor:
|
|
EXCEPTION_PROLOG
|
|
addi r3,r1,STACK_FRAME_OVERHEAD
|
|
EXC_XFER_STD(0xf00, performance_monitor_exception)
|
|
|
|
|
|
/*
|
|
* This code is jumped to from the startup code to copy
|
|
* the kernel image to physical address PHYSICAL_START.
|
|
*/
|
|
relocate_kernel:
|
|
addis r9,r26,klimit@ha /* fetch klimit */
|
|
lwz r25,klimit@l(r9)
|
|
addis r25,r25,-KERNELBASE@h
|
|
lis r3,PHYSICAL_START@h /* Destination base address */
|
|
li r6,0 /* Destination offset */
|
|
li r5,0x4000 /* # bytes of memory to copy */
|
|
bl copy_and_flush /* copy the first 0x4000 bytes */
|
|
addi r0,r3,4f@l /* jump to the address of 4f */
|
|
mtctr r0 /* in copy and do the rest. */
|
|
bctr /* jump to the copy */
|
|
4: mr r5,r25
|
|
bl copy_and_flush /* copy the rest */
|
|
b turn_on_mmu
|
|
|
|
/*
|
|
* Copy routine used to copy the kernel to start at physical address 0
|
|
* and flush and invalidate the caches as needed.
|
|
* r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset
|
|
* on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5.
|
|
*/
|
|
_ENTRY(copy_and_flush)
|
|
addi r5,r5,-4
|
|
addi r6,r6,-4
|
|
4: li r0,L1_CACHE_BYTES/4
|
|
mtctr r0
|
|
3: addi r6,r6,4 /* copy a cache line */
|
|
lwzx r0,r6,r4
|
|
stwx r0,r6,r3
|
|
bdnz 3b
|
|
dcbst r6,r3 /* write it to memory */
|
|
sync
|
|
icbi r6,r3 /* flush the icache line */
|
|
cmplw 0,r6,r5
|
|
blt 4b
|
|
sync /* additional sync needed on g4 */
|
|
isync
|
|
addi r5,r5,4
|
|
addi r6,r6,4
|
|
blr
|
|
|
|
#ifdef CONFIG_SMP
|
|
.globl __secondary_start_mpc86xx
|
|
__secondary_start_mpc86xx:
|
|
mfspr r3, SPRN_PIR
|
|
stw r3, __secondary_hold_acknowledge@l(0)
|
|
mr r24, r3 /* cpu # */
|
|
b __secondary_start
|
|
|
|
.globl __secondary_start_pmac_0
|
|
__secondary_start_pmac_0:
|
|
/* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */
|
|
li r24,0
|
|
b 1f
|
|
li r24,1
|
|
b 1f
|
|
li r24,2
|
|
b 1f
|
|
li r24,3
|
|
1:
|
|
/* on powersurge, we come in here with IR=0 and DR=1, and DBAT 0
|
|
set to map the 0xf0000000 - 0xffffffff region */
|
|
mfmsr r0
|
|
rlwinm r0,r0,0,28,26 /* clear DR (0x10) */
|
|
SYNC
|
|
mtmsr r0
|
|
isync
|
|
|
|
.globl __secondary_start
|
|
__secondary_start:
|
|
/* Copy some CPU settings from CPU 0 */
|
|
bl __restore_cpu_setup
|
|
|
|
lis r3,-KERNELBASE@h
|
|
mr r4,r24
|
|
bl call_setup_cpu /* Call setup_cpu for this CPU */
|
|
#ifdef CONFIG_PPC_BOOK3S_32
|
|
lis r3,-KERNELBASE@h
|
|
bl init_idle_6xx
|
|
#endif /* CONFIG_PPC_BOOK3S_32 */
|
|
|
|
/* get current's stack and current */
|
|
lis r2,secondary_current@ha
|
|
tophys(r2,r2)
|
|
lwz r2,secondary_current@l(r2)
|
|
tophys(r1,r2)
|
|
lwz r1,TASK_STACK(r1)
|
|
|
|
/* stack */
|
|
addi r1,r1,THREAD_SIZE-STACK_FRAME_OVERHEAD
|
|
li r0,0
|
|
tophys(r3,r1)
|
|
stw r0,0(r3)
|
|
|
|
/* load up the MMU */
|
|
bl load_segment_registers
|
|
bl load_up_mmu
|
|
|
|
/* ptr to phys current thread */
|
|
tophys(r4,r2)
|
|
addi r4,r4,THREAD /* phys address of our thread_struct */
|
|
mtspr SPRN_SPRG_THREAD,r4
|
|
lis r4, (swapper_pg_dir - PAGE_OFFSET)@h
|
|
ori r4, r4, (swapper_pg_dir - PAGE_OFFSET)@l
|
|
mtspr SPRN_SPRG_PGDIR, r4
|
|
|
|
/* enable MMU and jump to start_secondary */
|
|
li r4,MSR_KERNEL
|
|
lis r3,start_secondary@h
|
|
ori r3,r3,start_secondary@l
|
|
mtspr SPRN_SRR0,r3
|
|
mtspr SPRN_SRR1,r4
|
|
SYNC
|
|
RFI
|
|
#endif /* CONFIG_SMP */
|
|
|
|
#ifdef CONFIG_KVM_BOOK3S_HANDLER
|
|
#include "../kvm/book3s_rmhandlers.S"
|
|
#endif
|
|
|
|
/*
|
|
* Those generic dummy functions are kept for CPUs not
|
|
* included in CONFIG_PPC_BOOK3S_32
|
|
*/
|
|
#if !defined(CONFIG_PPC_BOOK3S_32)
|
|
_ENTRY(__save_cpu_setup)
|
|
blr
|
|
_ENTRY(__restore_cpu_setup)
|
|
blr
|
|
#endif /* !defined(CONFIG_PPC_BOOK3S_32) */
|
|
|
|
/*
|
|
* Load stuff into the MMU. Intended to be called with
|
|
* IR=0 and DR=0.
|
|
*/
|
|
#ifdef CONFIG_KASAN
|
|
early_hash_table:
|
|
sync /* Force all PTE updates to finish */
|
|
isync
|
|
tlbia /* Clear all TLB entries */
|
|
sync /* wait for tlbia/tlbie to finish */
|
|
TLBSYNC /* ... on all CPUs */
|
|
/* Load the SDR1 register (hash table base & size) */
|
|
lis r6, early_hash - PAGE_OFFSET@h
|
|
ori r6, r6, 3 /* 256kB table */
|
|
mtspr SPRN_SDR1, r6
|
|
blr
|
|
#endif
|
|
|
|
load_up_mmu:
|
|
sync /* Force all PTE updates to finish */
|
|
isync
|
|
tlbia /* Clear all TLB entries */
|
|
sync /* wait for tlbia/tlbie to finish */
|
|
TLBSYNC /* ... on all CPUs */
|
|
/* Load the SDR1 register (hash table base & size) */
|
|
lis r6,_SDR1@ha
|
|
tophys(r6,r6)
|
|
lwz r6,_SDR1@l(r6)
|
|
mtspr SPRN_SDR1,r6
|
|
|
|
/* Load the BAT registers with the values set up by MMU_init.
|
|
MMU_init takes care of whether we're on a 601 or not. */
|
|
lis r3,BATS@ha
|
|
addi r3,r3,BATS@l
|
|
tophys(r3,r3)
|
|
LOAD_BAT(0,r3,r4,r5)
|
|
LOAD_BAT(1,r3,r4,r5)
|
|
LOAD_BAT(2,r3,r4,r5)
|
|
LOAD_BAT(3,r3,r4,r5)
|
|
BEGIN_MMU_FTR_SECTION
|
|
LOAD_BAT(4,r3,r4,r5)
|
|
LOAD_BAT(5,r3,r4,r5)
|
|
LOAD_BAT(6,r3,r4,r5)
|
|
LOAD_BAT(7,r3,r4,r5)
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
|
|
blr
|
|
|
|
load_segment_registers:
|
|
li r0, NUM_USER_SEGMENTS /* load up user segment register values */
|
|
mtctr r0 /* for context 0 */
|
|
li r3, 0 /* Kp = 0, Ks = 0, VSID = 0 */
|
|
#ifdef CONFIG_PPC_KUEP
|
|
oris r3, r3, SR_NX@h /* Set Nx */
|
|
#endif
|
|
#ifdef CONFIG_PPC_KUAP
|
|
oris r3, r3, SR_KS@h /* Set Ks */
|
|
#endif
|
|
li r4, 0
|
|
3: mtsrin r3, r4
|
|
addi r3, r3, 0x111 /* increment VSID */
|
|
addis r4, r4, 0x1000 /* address of next segment */
|
|
bdnz 3b
|
|
li r0, 16 - NUM_USER_SEGMENTS /* load up kernel segment registers */
|
|
mtctr r0 /* for context 0 */
|
|
rlwinm r3, r3, 0, ~SR_NX /* Nx = 0 */
|
|
rlwinm r3, r3, 0, ~SR_KS /* Ks = 0 */
|
|
oris r3, r3, SR_KP@h /* Kp = 1 */
|
|
3: mtsrin r3, r4
|
|
addi r3, r3, 0x111 /* increment VSID */
|
|
addis r4, r4, 0x1000 /* address of next segment */
|
|
bdnz 3b
|
|
blr
|
|
|
|
/*
|
|
* This is where the main kernel code starts.
|
|
*/
|
|
start_here:
|
|
/* ptr to current */
|
|
lis r2,init_task@h
|
|
ori r2,r2,init_task@l
|
|
/* Set up for using our exception vectors */
|
|
/* ptr to phys current thread */
|
|
tophys(r4,r2)
|
|
addi r4,r4,THREAD /* init task's THREAD */
|
|
mtspr SPRN_SPRG_THREAD,r4
|
|
lis r4, (swapper_pg_dir - PAGE_OFFSET)@h
|
|
ori r4, r4, (swapper_pg_dir - PAGE_OFFSET)@l
|
|
mtspr SPRN_SPRG_PGDIR, r4
|
|
|
|
/* stack */
|
|
lis r1,init_thread_union@ha
|
|
addi r1,r1,init_thread_union@l
|
|
li r0,0
|
|
stwu r0,THREAD_SIZE-STACK_FRAME_OVERHEAD(r1)
|
|
/*
|
|
* Do early platform-specific initialization,
|
|
* and set up the MMU.
|
|
*/
|
|
#ifdef CONFIG_KASAN
|
|
bl kasan_early_init
|
|
#endif
|
|
li r3,0
|
|
mr r4,r31
|
|
bl machine_init
|
|
bl __save_cpu_setup
|
|
bl MMU_init
|
|
#ifdef CONFIG_KASAN
|
|
BEGIN_MMU_FTR_SECTION
|
|
bl MMU_init_hw_patch
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
|
|
#endif
|
|
|
|
/*
|
|
* Go back to running unmapped so we can load up new values
|
|
* for SDR1 (hash table pointer) and the segment registers
|
|
* and change to using our exception vectors.
|
|
*/
|
|
lis r4,2f@h
|
|
ori r4,r4,2f@l
|
|
tophys(r4,r4)
|
|
li r3,MSR_KERNEL & ~(MSR_IR|MSR_DR)
|
|
|
|
.align 4
|
|
mtspr SPRN_SRR0,r4
|
|
mtspr SPRN_SRR1,r3
|
|
SYNC
|
|
RFI
|
|
/* Load up the kernel context */
|
|
2: bl load_up_mmu
|
|
|
|
#ifdef CONFIG_BDI_SWITCH
|
|
/* Add helper information for the Abatron bdiGDB debugger.
|
|
* We do this here because we know the mmu is disabled, and
|
|
* will be enabled for real in just a few instructions.
|
|
*/
|
|
lis r5, abatron_pteptrs@h
|
|
ori r5, r5, abatron_pteptrs@l
|
|
stw r5, 0xf0(r0) /* This much match your Abatron config */
|
|
lis r6, swapper_pg_dir@h
|
|
ori r6, r6, swapper_pg_dir@l
|
|
tophys(r5, r5)
|
|
stw r6, 0(r5)
|
|
#endif /* CONFIG_BDI_SWITCH */
|
|
|
|
/* Now turn on the MMU for real! */
|
|
li r4,MSR_KERNEL
|
|
lis r3,start_kernel@h
|
|
ori r3,r3,start_kernel@l
|
|
mtspr SPRN_SRR0,r3
|
|
mtspr SPRN_SRR1,r4
|
|
SYNC
|
|
RFI
|
|
|
|
/*
|
|
* void switch_mmu_context(struct mm_struct *prev, struct mm_struct *next);
|
|
*
|
|
* Set up the segment registers for a new context.
|
|
*/
|
|
_ENTRY(switch_mmu_context)
|
|
lwz r3,MMCONTEXTID(r4)
|
|
cmpwi cr0,r3,0
|
|
blt- 4f
|
|
mulli r3,r3,897 /* multiply context by skew factor */
|
|
rlwinm r3,r3,4,8,27 /* VSID = (context & 0xfffff) << 4 */
|
|
#ifdef CONFIG_PPC_KUEP
|
|
oris r3, r3, SR_NX@h /* Set Nx */
|
|
#endif
|
|
#ifdef CONFIG_PPC_KUAP
|
|
oris r3, r3, SR_KS@h /* Set Ks */
|
|
#endif
|
|
li r0,NUM_USER_SEGMENTS
|
|
mtctr r0
|
|
|
|
lwz r4, MM_PGD(r4)
|
|
#ifdef CONFIG_BDI_SWITCH
|
|
/* Context switch the PTE pointer for the Abatron BDI2000.
|
|
* The PGDIR is passed as second argument.
|
|
*/
|
|
lis r5, abatron_pteptrs@ha
|
|
stw r4, abatron_pteptrs@l + 0x4(r5)
|
|
#endif
|
|
tophys(r4, r4)
|
|
mtspr SPRN_SPRG_PGDIR, r4
|
|
li r4,0
|
|
isync
|
|
3:
|
|
mtsrin r3,r4
|
|
addi r3,r3,0x111 /* next VSID */
|
|
rlwinm r3,r3,0,8,3 /* clear out any overflow from VSID field */
|
|
addis r4,r4,0x1000 /* address of next segment */
|
|
bdnz 3b
|
|
sync
|
|
isync
|
|
blr
|
|
4: trap
|
|
EMIT_BUG_ENTRY 4b,__FILE__,__LINE__,0
|
|
blr
|
|
EXPORT_SYMBOL(switch_mmu_context)
|
|
|
|
/*
|
|
* An undocumented "feature" of 604e requires that the v bit
|
|
* be cleared before changing BAT values.
|
|
*
|
|
* Also, newer IBM firmware does not clear bat3 and 4 so
|
|
* this makes sure it's done.
|
|
* -- Cort
|
|
*/
|
|
clear_bats:
|
|
li r10,0
|
|
|
|
#ifndef CONFIG_PPC_BOOK3S_601
|
|
mtspr SPRN_DBAT0U,r10
|
|
mtspr SPRN_DBAT0L,r10
|
|
mtspr SPRN_DBAT1U,r10
|
|
mtspr SPRN_DBAT1L,r10
|
|
mtspr SPRN_DBAT2U,r10
|
|
mtspr SPRN_DBAT2L,r10
|
|
mtspr SPRN_DBAT3U,r10
|
|
mtspr SPRN_DBAT3L,r10
|
|
#endif
|
|
mtspr SPRN_IBAT0U,r10
|
|
mtspr SPRN_IBAT0L,r10
|
|
mtspr SPRN_IBAT1U,r10
|
|
mtspr SPRN_IBAT1L,r10
|
|
mtspr SPRN_IBAT2U,r10
|
|
mtspr SPRN_IBAT2L,r10
|
|
mtspr SPRN_IBAT3U,r10
|
|
mtspr SPRN_IBAT3L,r10
|
|
BEGIN_MMU_FTR_SECTION
|
|
/* Here's a tweak: at this point, CPU setup have
|
|
* not been called yet, so HIGH_BAT_EN may not be
|
|
* set in HID0 for the 745x processors. However, it
|
|
* seems that doesn't affect our ability to actually
|
|
* write to these SPRs.
|
|
*/
|
|
mtspr SPRN_DBAT4U,r10
|
|
mtspr SPRN_DBAT4L,r10
|
|
mtspr SPRN_DBAT5U,r10
|
|
mtspr SPRN_DBAT5L,r10
|
|
mtspr SPRN_DBAT6U,r10
|
|
mtspr SPRN_DBAT6L,r10
|
|
mtspr SPRN_DBAT7U,r10
|
|
mtspr SPRN_DBAT7L,r10
|
|
mtspr SPRN_IBAT4U,r10
|
|
mtspr SPRN_IBAT4L,r10
|
|
mtspr SPRN_IBAT5U,r10
|
|
mtspr SPRN_IBAT5L,r10
|
|
mtspr SPRN_IBAT6U,r10
|
|
mtspr SPRN_IBAT6L,r10
|
|
mtspr SPRN_IBAT7U,r10
|
|
mtspr SPRN_IBAT7L,r10
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
|
|
blr
|
|
|
|
_ENTRY(update_bats)
|
|
lis r4, 1f@h
|
|
ori r4, r4, 1f@l
|
|
tophys(r4, r4)
|
|
mfmsr r6
|
|
mflr r7
|
|
li r3, MSR_KERNEL & ~(MSR_IR | MSR_DR)
|
|
rlwinm r0, r6, 0, ~MSR_RI
|
|
rlwinm r0, r0, 0, ~MSR_EE
|
|
mtmsr r0
|
|
|
|
.align 4
|
|
mtspr SPRN_SRR0, r4
|
|
mtspr SPRN_SRR1, r3
|
|
SYNC
|
|
RFI
|
|
1: bl clear_bats
|
|
lis r3, BATS@ha
|
|
addi r3, r3, BATS@l
|
|
tophys(r3, r3)
|
|
LOAD_BAT(0, r3, r4, r5)
|
|
LOAD_BAT(1, r3, r4, r5)
|
|
LOAD_BAT(2, r3, r4, r5)
|
|
LOAD_BAT(3, r3, r4, r5)
|
|
BEGIN_MMU_FTR_SECTION
|
|
LOAD_BAT(4, r3, r4, r5)
|
|
LOAD_BAT(5, r3, r4, r5)
|
|
LOAD_BAT(6, r3, r4, r5)
|
|
LOAD_BAT(7, r3, r4, r5)
|
|
END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
|
|
li r3, MSR_KERNEL & ~(MSR_IR | MSR_DR | MSR_RI)
|
|
mtmsr r3
|
|
mtspr SPRN_SRR0, r7
|
|
mtspr SPRN_SRR1, r6
|
|
SYNC
|
|
RFI
|
|
|
|
flush_tlbs:
|
|
lis r10, 0x40
|
|
1: addic. r10, r10, -0x1000
|
|
tlbie r10
|
|
bgt 1b
|
|
sync
|
|
blr
|
|
|
|
mmu_off:
|
|
addi r4, r3, __after_mmu_off - _start
|
|
mfmsr r3
|
|
andi. r0,r3,MSR_DR|MSR_IR /* MMU enabled? */
|
|
beqlr
|
|
andc r3,r3,r0
|
|
|
|
.align 4
|
|
mtspr SPRN_SRR0,r4
|
|
mtspr SPRN_SRR1,r3
|
|
sync
|
|
RFI
|
|
|
|
/*
|
|
* On 601, we use 3 BATs to map up to 24M of RAM at _PAGE_OFFSET
|
|
* (we keep one for debugging) and on others, we use one 256M BAT.
|
|
*/
|
|
initial_bats:
|
|
lis r11,PAGE_OFFSET@h
|
|
#ifdef CONFIG_PPC_BOOK3S_601
|
|
ori r11,r11,4 /* set up BAT registers for 601 */
|
|
li r8,0x7f /* valid, block length = 8MB */
|
|
mtspr SPRN_IBAT0U,r11 /* N.B. 601 has valid bit in */
|
|
mtspr SPRN_IBAT0L,r8 /* lower BAT register */
|
|
addis r11,r11,0x800000@h
|
|
addis r8,r8,0x800000@h
|
|
mtspr SPRN_IBAT1U,r11
|
|
mtspr SPRN_IBAT1L,r8
|
|
addis r11,r11,0x800000@h
|
|
addis r8,r8,0x800000@h
|
|
mtspr SPRN_IBAT2U,r11
|
|
mtspr SPRN_IBAT2L,r8
|
|
#else
|
|
tophys(r8,r11)
|
|
#ifdef CONFIG_SMP
|
|
ori r8,r8,0x12 /* R/W access, M=1 */
|
|
#else
|
|
ori r8,r8,2 /* R/W access */
|
|
#endif /* CONFIG_SMP */
|
|
ori r11,r11,BL_256M<<2|0x2 /* set up BAT registers for 604 */
|
|
|
|
mtspr SPRN_DBAT0L,r8 /* N.B. 6xx (not 601) have valid */
|
|
mtspr SPRN_DBAT0U,r11 /* bit in upper BAT register */
|
|
mtspr SPRN_IBAT0L,r8
|
|
mtspr SPRN_IBAT0U,r11
|
|
#endif
|
|
isync
|
|
blr
|
|
|
|
#ifdef CONFIG_BOOTX_TEXT
|
|
setup_disp_bat:
|
|
/*
|
|
* setup the display bat prepared for us in prom.c
|
|
*/
|
|
mflr r8
|
|
bl reloc_offset
|
|
mtlr r8
|
|
addis r8,r3,disp_BAT@ha
|
|
addi r8,r8,disp_BAT@l
|
|
cmpwi cr0,r8,0
|
|
beqlr
|
|
lwz r11,0(r8)
|
|
lwz r8,4(r8)
|
|
#ifndef CONFIG_PPC_BOOK3S_601
|
|
mtspr SPRN_DBAT3L,r8
|
|
mtspr SPRN_DBAT3U,r11
|
|
#else
|
|
mtspr SPRN_IBAT3L,r8
|
|
mtspr SPRN_IBAT3U,r11
|
|
#endif
|
|
blr
|
|
#endif /* CONFIG_BOOTX_TEXT */
|
|
|
|
#ifdef CONFIG_PPC_EARLY_DEBUG_CPM
|
|
setup_cpm_bat:
|
|
lis r8, 0xf000
|
|
ori r8, r8, 0x002a
|
|
mtspr SPRN_DBAT1L, r8
|
|
|
|
lis r11, 0xf000
|
|
ori r11, r11, (BL_1M << 2) | 2
|
|
mtspr SPRN_DBAT1U, r11
|
|
|
|
blr
|
|
#endif
|
|
|
|
#ifdef CONFIG_PPC_EARLY_DEBUG_USBGECKO
|
|
setup_usbgecko_bat:
|
|
/* prepare a BAT for early io */
|
|
#if defined(CONFIG_GAMECUBE)
|
|
lis r8, 0x0c00
|
|
#elif defined(CONFIG_WII)
|
|
lis r8, 0x0d00
|
|
#else
|
|
#error Invalid platform for USB Gecko based early debugging.
|
|
#endif
|
|
/*
|
|
* The virtual address used must match the virtual address
|
|
* associated to the fixmap entry FIX_EARLY_DEBUG_BASE.
|
|
*/
|
|
lis r11, 0xfffe /* top 128K */
|
|
ori r8, r8, 0x002a /* uncached, guarded ,rw */
|
|
ori r11, r11, 0x2 /* 128K, Vs=1, Vp=0 */
|
|
mtspr SPRN_DBAT1L, r8
|
|
mtspr SPRN_DBAT1U, r11
|
|
blr
|
|
#endif
|
|
|
|
#ifdef CONFIG_8260
|
|
/* Jump into the system reset for the rom.
|
|
* We first disable the MMU, and then jump to the ROM reset address.
|
|
*
|
|
* r3 is the board info structure, r4 is the location for starting.
|
|
* I use this for building a small kernel that can load other kernels,
|
|
* rather than trying to write or rely on a rom monitor that can tftp load.
|
|
*/
|
|
.globl m8260_gorom
|
|
m8260_gorom:
|
|
mfmsr r0
|
|
rlwinm r0,r0,0,17,15 /* clear MSR_EE in r0 */
|
|
sync
|
|
mtmsr r0
|
|
sync
|
|
mfspr r11, SPRN_HID0
|
|
lis r10, 0
|
|
ori r10,r10,HID0_ICE|HID0_DCE
|
|
andc r11, r11, r10
|
|
mtspr SPRN_HID0, r11
|
|
isync
|
|
li r5, MSR_ME|MSR_RI
|
|
lis r6,2f@h
|
|
addis r6,r6,-KERNELBASE@h
|
|
ori r6,r6,2f@l
|
|
mtspr SPRN_SRR0,r6
|
|
mtspr SPRN_SRR1,r5
|
|
isync
|
|
sync
|
|
rfi
|
|
2:
|
|
mtlr r4
|
|
blr
|
|
#endif
|
|
|
|
|
|
/*
|
|
* We put a few things here that have to be page-aligned.
|
|
* This stuff goes at the beginning of the data segment,
|
|
* which is page-aligned.
|
|
*/
|
|
.data
|
|
.globl sdata
|
|
sdata:
|
|
.globl empty_zero_page
|
|
empty_zero_page:
|
|
.space 4096
|
|
EXPORT_SYMBOL(empty_zero_page)
|
|
|
|
.globl swapper_pg_dir
|
|
swapper_pg_dir:
|
|
.space PGD_TABLE_SIZE
|
|
|
|
/* Room for two PTE pointers, usually the kernel and current user pointers
|
|
* to their respective root page table.
|
|
*/
|
|
abatron_pteptrs:
|
|
.space 8
|