3 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
4 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
5 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
6 * Adapted for Power Macintosh by Paul Mackerras.
7 * Low-level exception handlers and MMU support
8 * rewritten by Paul Mackerras.
9 * Copyright (C) 1996 Paul Mackerras.
10 * MPC8xx modifications Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
12 * This file contains the system call entry code, context switch
13 * code, and exception/interrupt return code for PowerPC.
15 * This program is free software; you can redistribute it and/or
16 * modify it under the terms of the GNU General Public License
17 * as published by the Free Software Foundation; either version
18 * 2 of the License, or (at your option) any later version.
21 #include <linux/errno.h>
22 #include <linux/err.h>
23 #include <linux/magic.h>
24 #include <asm/unistd.h>
25 #include <asm/processor.h>
28 #include <asm/thread_info.h>
29 #include <asm/code-patching-asm.h>
30 #include <asm/ppc_asm.h>
31 #include <asm/asm-offsets.h>
32 #include <asm/cputable.h>
33 #include <asm/firmware.h>
35 #include <asm/ptrace.h>
36 #include <asm/irqflags.h>
37 #include <asm/ftrace.h>
38 #include <asm/hw_irq.h>
39 #include <asm/context_tracking.h>
41 #include <asm/ppc-opcode.h>
42 #include <asm/barrier.h>
43 #include <asm/export.h>
44 #ifdef CONFIG_PPC_BOOK3S
45 #include <asm/exception-64s.h>
47 #include <asm/exception-64e.h>
55 .tc sys_call_table[TC],sys_call_table
57 /* This value is used to mark exception frames on the stack. */
59 .tc ID_EXC_MARKER[TC],STACK_FRAME_REGS_MARKER
64 .globl system_call_common
66 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
68 extrdi. r10, r12, 1, (63-MSR_TS_T_LG) /* transaction active? */
70 END_FTR_SECTION_IFSET(CPU_FTR_TM)
74 addi r1,r1,-INT_FRAME_SIZE
82 beq 2f /* if from kernel mode */
83 #ifdef CONFIG_PPC_FSL_BOOK3E
84 START_BTB_FLUSH_SECTION
88 ACCOUNT_CPU_USER_ENTRY(r13, r10, r11)
107 * This clears CR0.SO (bit 28), which is the error indication on
108 * return from this system call.
110 rldimi r2,r11,28,(63-28)
117 addi r9,r1,STACK_FRAME_OVERHEAD
118 ld r11,exception_marker@toc(r2)
119 std r11,-16(r9) /* "regshere" marker */
120 #if defined(CONFIG_VIRT_CPU_ACCOUNTING_NATIVE) && defined(CONFIG_PPC_SPLPAR)
123 /* if from user, see if there are any DTL entries to process */
124 ld r10,PACALPPACAPTR(r13) /* get ptr to VPA */
125 ld r11,PACA_DTL_RIDX(r13) /* get log read index */
126 addi r10,r10,LPPACA_DTLIDX
127 LDX_BE r10,0,r10 /* get log write index */
130 bl accumulate_stolen_time
134 addi r9,r1,STACK_FRAME_OVERHEAD
136 END_FW_FTR_SECTION_IFSET(FW_FEATURE_SPLPAR)
137 #endif /* CONFIG_VIRT_CPU_ACCOUNTING_NATIVE && CONFIG_PPC_SPLPAR */
140 * A syscall should always be called with interrupts enabled
141 * so we just unconditionally hard-enable here. When some kind
142 * of irq tracing is used, we additionally check that condition
145 #if defined(CONFIG_TRACE_IRQFLAGS) && defined(CONFIG_BUG)
146 lbz r10,PACASOFTIRQEN(r13)
149 EMIT_BUG_ENTRY 1b,__FILE__,__LINE__,BUGFLAG_WARNING
152 #ifdef CONFIG_PPC_BOOK3E
158 #endif /* CONFIG_PPC_BOOK3E */
160 /* We do need to set SOFTE in the stack frame or the return
161 * from interrupt will be painful
166 CURRENT_THREAD_INFO(r11, r1)
168 andi. r11,r10,_TIF_SYSCALL_DOTRACE
169 bne syscall_dotrace /* does not return */
170 cmpldi 0,r0,NR_syscalls
173 system_call: /* label this so stack traces look sane */
175 * Need to vector to 32 Bit or default sys_call_table here,
176 * based on caller's run-mode / personality.
178 ld r11,SYS_CALL_TABLE@toc(2)
179 andi. r10,r10,_TIF_32BIT
181 addi r11,r11,8 /* use 32-bit syscall entries */
193 * Prevent the load of the handler below (based on the user-passed
194 * system call number) being speculatively executed until the test
195 * against NR_syscalls and branch to .Lsyscall_enosys above has
199 ldx r12,r11,r0 /* Fetch system call handler [ptr] */
201 bctrl /* Call handler */
205 CURRENT_THREAD_INFO(r12, r1)
208 #ifdef CONFIG_PPC_BOOK3S
209 /* No MSR:RI on BookE */
214 * Disable interrupts so current_thread_info()->flags can't change,
215 * and so that we don't get interrupted after loading SRR0/1.
217 #ifdef CONFIG_PPC_BOOK3E
221 * For performance reasons we clear RI the same time that we
222 * clear EE. We only need to clear RI just before we restore r13
223 * below, but batching it with EE saves us one expensive mtmsrd call.
224 * We have to be careful to restore RI if we branch anywhere from
225 * here (eg syscall_exit_work).
229 #endif /* CONFIG_PPC_BOOK3E */
233 andi. r0,r9,(_TIF_SYSCALL_DOTRACE|_TIF_SINGLESTEP|_TIF_USER_WORK_MASK|_TIF_PERSYSCALL_MASK)
234 bne- syscall_exit_work
238 #ifdef CONFIG_ALTIVEC
239 andis. r0,r8,MSR_VEC@h
242 2: addi r3,r1,STACK_FRAME_OVERHEAD
243 #ifdef CONFIG_PPC_BOOK3S
245 mtmsrd r10,1 /* Restore RI */
248 #ifdef CONFIG_PPC_BOOK3S
259 .Lsyscall_error_cont:
262 stdcx. r0,0,r1 /* to clear the reservation */
263 END_FTR_SECTION_IFCLR(CPU_FTR_STCX_CHECKS_ADDRESS)
268 ACCOUNT_CPU_USER_EXIT(r13, r11, r12)
272 END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
274 ld r13,GPR13(r1) /* only restore r13 if returning to usermode */
282 b . /* prevent speculative execution */
292 b . /* prevent speculative execution */
295 oris r5,r5,0x1000 /* Set SO bit in CR */
298 b .Lsyscall_error_cont
300 /* Traced system call support */
303 addi r3,r1,STACK_FRAME_OVERHEAD
304 bl do_syscall_trace_enter
307 * We use the return value of do_syscall_trace_enter() as the syscall
308 * number. If the syscall was rejected for any reason do_syscall_trace_enter()
309 * returns an invalid syscall number and the test below against
310 * NR_syscalls will fail.
314 /* Restore argument registers just clobbered and/or possibly changed. */
322 /* Repopulate r9 and r10 for the system_call path */
323 addi r9,r1,STACK_FRAME_OVERHEAD
324 CURRENT_THREAD_INFO(r10, r1)
327 cmpldi r0,NR_syscalls
330 /* Return code is already in r3 thanks to do_syscall_trace_enter() */
339 #ifdef CONFIG_PPC_BOOK3S
341 mtmsrd r10,1 /* Restore RI */
343 /* If TIF_RESTOREALL is set, don't scribble on either r3 or ccr.
344 If TIF_NOERROR is set, just save r3 as it is. */
346 andi. r0,r9,_TIF_RESTOREALL
350 0: cmpld r3,r11 /* r11 is -MAX_ERRNO */
352 andi. r0,r9,_TIF_NOERROR
356 oris r5,r5,0x1000 /* Set SO bit in CR */
359 2: andi. r0,r9,(_TIF_PERSYSCALL_MASK)
362 /* Clear per-syscall TIF flags if any are set. */
364 li r11,_TIF_PERSYSCALL_MASK
365 addi r12,r12,TI_FLAGS
370 subi r12,r12,TI_FLAGS
372 4: /* Anything else left to do? */
374 lis r3,INIT_PPR@highest /* Set thread.ppr = 3 */
375 ld r10,PACACURRENT(r13)
376 sldi r3,r3,32 /* bits 11-13 are used for ppr */
377 std r3,TASKTHREADPPR(r10)
378 END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
380 andi. r0,r9,(_TIF_SYSCALL_DOTRACE|_TIF_SINGLESTEP)
381 beq ret_from_except_lite
383 /* Re-enable interrupts */
384 #ifdef CONFIG_PPC_BOOK3E
390 #endif /* CONFIG_PPC_BOOK3E */
393 addi r3,r1,STACK_FRAME_OVERHEAD
394 bl do_syscall_trace_leave
397 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
399 /* Firstly we need to enable TM in the kernel */
402 rldimi r10, r9, MSR_TM_LG, 63-MSR_TM_LG
405 /* tabort, this dooms the transaction, nothing else */
406 li r9, (TM_CAUSE_SYSCALL|TM_CAUSE_PERSISTENT)
410 * Return directly to userspace. We have corrupted user register state,
411 * but userspace will never see that register state. Execution will
412 * resume after the tbegin of the aborted transaction with the
413 * checkpointed register state.
421 b . /* prevent speculative execution */
424 /* Save non-volatile GPRs, if not already saved. */
436 * The sigsuspend and rt_sigsuspend system calls can call do_signal
437 * and thus put the process into the stopped state where we might
438 * want to examine its user state with ptrace. Therefore we need
439 * to save all the nonvolatile registers (r14 - r31) before calling
440 * the C code. Similarly, fork, vfork and clone need the full
441 * register state on the stack so that it can be copied to the child.
459 _GLOBAL(ppc32_swapcontext)
461 bl compat_sys_swapcontext
464 _GLOBAL(ppc64_swapcontext)
469 _GLOBAL(ppc_switch_endian)
474 _GLOBAL(ret_from_fork)
480 _GLOBAL(ret_from_kernel_thread)
485 #ifdef PPC64_ELF_ABI_v2
492 #ifdef CONFIG_PPC_BOOK3S_64
494 #define FLUSH_COUNT_CACHE \
496 patch_site 1b, patch__call_flush_count_cache
499 #define BCCTR_FLUSH .long 0x4c400420
508 .global flush_count_cache
510 /* Save LR into r9 */
513 // Flush the link stack
524 // If we're just flushing the link stack, return here
526 patch_site 3b patch__flush_link_stack_return
534 patch_site 2b patch__flush_count_cache_return
546 #define FLUSH_COUNT_CACHE
547 #endif /* CONFIG_PPC_BOOK3S_64 */
550 * This routine switches between two different tasks. The process
551 * state of one is saved on its kernel stack. Then the state
552 * of the other is restored from its kernel stack. The memory
553 * management hardware is updated to the second process's state.
554 * Finally, we can return to the second process, via ret_from_except.
555 * On entry, r3 points to the THREAD for the current task, r4
556 * points to the THREAD for the new task.
558 * Note: there are two ways to get to the "going out" portion
559 * of this code; either by coming in via the entry (_switch)
560 * or via "fork" which must set up an environment equivalent
561 * to the "_switch" path. If you change this you'll have to change
562 * the fork code also.
564 * The code which creates the new task context is in 'copy_thread'
565 * in arch/powerpc/kernel/process.c
571 stdu r1,-SWITCH_FRAME_SIZE(r1)
572 /* r3-r13 are caller saved -- Cort */
575 std r0,_NIP(r1) /* Return to switch caller */
578 std r1,KSP(r3) /* Set old stack pointer */
583 /* We need a sync somewhere here to make sure that if the
584 * previous task gets rescheduled on another CPU, it sees all
585 * stores it has performed on this one.
588 #endif /* CONFIG_SMP */
591 * If we optimise away the clear of the reservation in system
592 * calls because we know the CPU tracks the address of the
593 * reservation, then we need to clear it here to cover the
594 * case that the kernel context switch path has no larx
599 END_FTR_SECTION_IFSET(CPU_FTR_STCX_CHECKS_ADDRESS)
603 * A cp_abort (copy paste abort) here ensures that when context switching, a
604 * copy from one process can't leak into the paste of another.
607 END_FTR_SECTION_IFSET(CPU_FTR_ARCH_300)
609 #ifdef CONFIG_PPC_BOOK3S
610 /* Cancel all explict user streams as they will have no use after context
611 * switch and will stop the HW from creating streams itself
613 DCBT_STOP_ALL_STREAM_IDS(r6)
616 addi r6,r4,-THREAD /* Convert THREAD to 'current' */
617 std r6,PACACURRENT(r13) /* Set new 'current' */
619 ld r8,KSP(r4) /* new stack pointer */
620 #ifdef CONFIG_PPC_STD_MMU_64
621 BEGIN_MMU_FTR_SECTION
623 END_MMU_FTR_SECTION_IFSET(MMU_FTR_TYPE_RADIX)
625 clrrdi r6,r8,28 /* get its ESID */
626 clrrdi r9,r1,28 /* get current sp ESID */
628 clrrdi r6,r8,40 /* get its 1T ESID */
629 clrrdi r9,r1,40 /* get current sp 1T ESID */
630 ALT_MMU_FTR_SECTION_END_IFCLR(MMU_FTR_1T_SEGMENT)
631 clrldi. r0,r6,2 /* is new ESID c00000000? */
632 cmpd cr1,r6,r9 /* or is new ESID the same as current ESID? */
634 beq 2f /* if yes, don't slbie it */
636 /* Bolt in the new stack SLB entry */
637 ld r7,KSP_VSID(r4) /* Get new stack's VSID */
638 oris r0,r6,(SLB_ESID_V)@h
639 ori r0,r0,(SLB_NUM_BOLTED-1)@l
641 li r9,MMU_SEGSIZE_1T /* insert B field */
642 oris r6,r6,(MMU_SEGSIZE_1T << SLBIE_SSIZE_SHIFT)@h
643 rldimi r7,r9,SLB_VSID_SSIZE_SHIFT,0
644 END_MMU_FTR_SECTION_IFSET(MMU_FTR_1T_SEGMENT)
646 /* Update the last bolted SLB. No write barriers are needed
647 * here, provided we only update the current CPU's SLB shadow
650 ld r9,PACA_SLBSHADOWPTR(r13)
652 std r12,SLBSHADOW_STACKESID(r9) /* Clear ESID */
653 li r12,SLBSHADOW_STACKVSID
654 STDX_BE r7,r12,r9 /* Save VSID */
655 li r12,SLBSHADOW_STACKESID
656 STDX_BE r0,r12,r9 /* Save ESID */
658 /* No need to check for MMU_FTR_NO_SLBIE_B here, since when
659 * we have 1TB segments, the only CPUs known to have the errata
660 * only support less than 1TB of system memory and we'll never
661 * actually hit this code path.
666 slbie r6 /* Workaround POWER5 < DD2.1 issue */
670 #endif /* CONFIG_PPC_STD_MMU_64 */
672 CURRENT_THREAD_INFO(r7, r8) /* base of new stack */
673 /* Note: this uses SWITCH_FRAME_SIZE rather than INT_FRAME_SIZE
674 because we don't need to leave the 288-byte ABI gap at the
675 top of the kernel stack. */
676 addi r7,r7,THREAD_SIZE-SWITCH_FRAME_SIZE
678 mr r1,r8 /* start using new stack pointer */
679 std r7,PACAKSAVE(r13)
684 /* r3-r13 are destroyed -- Cort */
688 /* convert old thread to its task_struct for return value */
690 ld r7,_NIP(r1) /* Return to _switch caller in new task */
692 addi r1,r1,SWITCH_FRAME_SIZE
696 _GLOBAL(ret_from_except)
699 bne ret_from_except_lite
702 _GLOBAL(ret_from_except_lite)
704 * Disable interrupts so that current_thread_info()->flags
705 * can't change between when we test it and when we return
706 * from the interrupt.
708 #ifdef CONFIG_PPC_BOOK3E
712 mtmsrd r10,1 /* Update machine state */
713 #endif /* CONFIG_PPC_BOOK3E */
715 CURRENT_THREAD_INFO(r9, r1)
717 #ifdef CONFIG_PPC_BOOK3E
718 ld r10,PACACURRENT(r13)
719 #endif /* CONFIG_PPC_BOOK3E */
723 #ifdef CONFIG_PPC_BOOK3E
724 lwz r3,(THREAD+THREAD_DBCR0)(r10)
725 #endif /* CONFIG_PPC_BOOK3E */
727 /* Check current_thread_info()->flags */
728 andi. r0,r4,_TIF_USER_WORK_MASK
730 #ifdef CONFIG_PPC_BOOK3E
732 * Check to see if the dbcr0 register is set up to debug.
733 * Use the internal debug mode bit to do this.
735 andis. r0,r3,DBCR0_IDM@h
738 rlwinm r0,r0,0,~MSR_DE /* Clear MSR.DE */
745 addi r3,r1,STACK_FRAME_OVERHEAD
749 1: andi. r0,r4,_TIF_NEED_RESCHED
751 bl restore_interrupts
753 b ret_from_except_lite
755 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
756 andi. r0,r4,_TIF_USER_WORK_MASK & ~_TIF_RESTORE_TM
757 bne 3f /* only restore TM if nothing else to do */
758 addi r3,r1,STACK_FRAME_OVERHEAD
765 * Use a non volatile GPR to save and restore our thread_info flags
766 * across the call to restore_interrupts.
769 bl restore_interrupts
771 addi r3,r1,STACK_FRAME_OVERHEAD
776 /* check current_thread_info, _TIF_EMULATE_STACK_STORE */
777 andis. r8,r4,_TIF_EMULATE_STACK_STORE@h
780 addi r8,r1,INT_FRAME_SIZE /* Get the kprobed function entry */
783 subi r3,r3,INT_FRAME_SIZE /* dst: Allocate a trampoline exception frame */
784 mr r4,r1 /* src: current exception frame */
785 mr r1,r3 /* Reroute the trampoline frame to r1 */
787 /* Copy from the original to the trampoline. */
788 li r5,INT_FRAME_SIZE/8 /* size: INT_FRAME_SIZE */
789 li r6,0 /* start offset: 0 */
796 /* Do real store operation to complete stdu */
800 /* Clear _TIF_EMULATE_STACK_STORE flag */
801 lis r11,_TIF_EMULATE_STACK_STORE@h
809 #ifdef CONFIG_PREEMPT
810 /* Check if we need to preempt */
811 andi. r0,r4,_TIF_NEED_RESCHED
813 /* Check that preempt_count() == 0 and interrupts are enabled */
814 lwz r8,TI_PREEMPT(r9)
818 crandc eq,cr1*4+eq,eq
822 * Here we are preempting the current task. We want to make
823 * sure we are soft-disabled first and reconcile irq state.
825 RECONCILE_IRQ_STATE(r3,r4)
826 1: bl preempt_schedule_irq
828 /* Re-test flags and eventually loop */
829 CURRENT_THREAD_INFO(r9, r1)
831 andi. r0,r4,_TIF_NEED_RESCHED
835 * arch_local_irq_restore() from preempt_schedule_irq above may
836 * enable hard interrupt but we really should disable interrupts
837 * when we return from the interrupt, and so that we don't get
838 * interrupted after loading SRR0/1.
840 #ifdef CONFIG_PPC_BOOK3E
844 mtmsrd r10,1 /* Update machine state */
845 #endif /* CONFIG_PPC_BOOK3E */
846 #endif /* CONFIG_PREEMPT */
848 .globl fast_exc_return_irq
852 * This is the main kernel exit path. First we check if we
853 * are about to re-enable interrupts
856 lbz r6,PACASOFTIRQEN(r13)
860 /* We are enabling, were we already enabled ? Yes, just return */
865 * We are about to soft-enable interrupts (we are hard disabled
866 * at this point). We check if there's anything that needs to
869 lbz r0,PACAIRQHAPPENED(r13)
871 bne- restore_check_irq_replay
874 * Get here when nothing happened while soft-disabled, just
875 * soft-enable and move-on. We will hard-enable as a side
881 stb r0,PACASOFTIRQEN(r13);
884 * Final return path. BookE is handled in a different file
887 #ifdef CONFIG_PPC_BOOK3E
888 b exception_return_book3e
891 * Clear the reservation. If we know the CPU tracks the address of
892 * the reservation then we can potentially save some cycles and use
893 * a larx. On POWER6 and POWER7 this is significantly faster.
896 stdcx. r0,0,r1 /* to clear the reservation */
899 ALT_FTR_SECTION_END_IFCLR(CPU_FTR_STCX_CHECKS_ADDRESS)
902 * Some code path such as load_up_fpu or altivec return directly
903 * here. They run entirely hard disabled and do not alter the
904 * interrupt state. They also don't use lwarx/stwcx. and thus
905 * are known not to leave dangling reservations.
907 .globl fast_exception_return
908 fast_exception_return:
922 /* Load PPR from thread struct before we clear MSR:RI */
924 ld r2,PACACURRENT(r13)
925 ld r2,TASKTHREADPPR(r2)
926 END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
929 * Clear RI before restoring r13. If we are returning to
930 * userspace and we take an exception after restoring r13,
931 * we end up corrupting the userspace r13 value.
936 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
938 std r3, PACATMSCRATCH(r13) /* Stash returned-to MSR */
941 * r13 is our per cpu area, only restore it if we are returning to
942 * userspace the value stored in the stack frame may belong to
948 mtspr SPRN_PPR,r2 /* Restore PPR */
949 END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
950 ACCOUNT_CPU_USER_EXIT(r13, r2, r4)
966 b . /* prevent speculative execution */
968 1: mtspr SPRN_SRR1,r3
981 b . /* prevent speculative execution */
983 #endif /* CONFIG_PPC_BOOK3E */
986 * We are returning to a context with interrupts soft disabled.
988 * However, we may also about to hard enable, so we need to
989 * make sure that in this case, we also clear PACA_IRQ_HARD_DIS
990 * or that bit can get out of sync and bad things will happen
994 lbz r7,PACAIRQHAPPENED(r13)
997 rlwinm r7,r7,0,~PACA_IRQ_HARD_DIS
998 stb r7,PACAIRQHAPPENED(r13)
1000 stb r0,PACASOFTIRQEN(r13);
1005 * Something did happen, check if a re-emit is needed
1006 * (this also clears paca->irq_happened)
1008 restore_check_irq_replay:
1009 /* XXX: We could implement a fast path here where we check
1010 * for irq_happened being just 0x01, in which case we can
1011 * clear it and return. That means that we would potentially
1012 * miss a decrementer having wrapped all the way around.
1014 * Still, this might be useful for things like hash_page
1016 bl __check_irq_replay
1018 beq restore_no_replay
1021 * We need to re-emit an interrupt. We do so by re-using our
1022 * existing exception frame. We first change the trap value,
1023 * but we need to ensure we preserve the low nibble of it
1031 * Then find the right handler and call it. Interrupts are
1032 * still soft-disabled and we keep them that way.
1036 addi r3,r1,STACK_FRAME_OVERHEAD;
1039 1: cmpwi cr0,r3,0xe60
1041 addi r3,r1,STACK_FRAME_OVERHEAD;
1042 bl handle_hmi_exception
1044 1: cmpwi cr0,r3,0x900
1046 addi r3,r1,STACK_FRAME_OVERHEAD;
1049 #ifdef CONFIG_PPC_DOORBELL
1051 #ifdef CONFIG_PPC_BOOK3E
1058 ALT_FTR_SECTION_END_IFSET(CPU_FTR_HVMODE)
1059 #endif /* CONFIG_PPC_BOOK3E */
1061 addi r3,r1,STACK_FRAME_OVERHEAD;
1062 bl doorbell_exception
1064 #endif /* CONFIG_PPC_DOORBELL */
1065 1: b ret_from_except /* What else to do here ? */
1068 addi r3,r1,STACK_FRAME_OVERHEAD
1069 bl unrecoverable_exception
1072 #ifdef CONFIG_PPC_RTAS
1074 * On CHRP, the Run-Time Abstraction Services (RTAS) have to be
1075 * called with the MMU off.
1077 * In addition, we need to be in 32b mode, at least for now.
1079 * Note: r3 is an input parameter to rtas, so don't trash it...
1084 stdu r1,-RTAS_FRAME_SIZE(r1) /* Save SP and create stack space. */
1086 /* Because RTAS is running in 32b mode, it clobbers the high order half
1087 * of all registers that it saves. We therefore save those registers
1088 * RTAS might touch to the stack. (r0, r3-r13 are caller saved)
1090 SAVE_GPR(2, r1) /* Save the TOC */
1091 SAVE_GPR(13, r1) /* Save paca */
1092 SAVE_8GPRS(14, r1) /* Save the non-volatiles */
1093 SAVE_10GPRS(22, r1) /* ditto */
1106 /* Temporary workaround to clear CR until RTAS can be modified to
1113 /* There is no way it is acceptable to get here with interrupts enabled,
1114 * check it with the asm equivalent of WARN_ON
1116 lbz r0,PACASOFTIRQEN(r13)
1118 EMIT_BUG_ENTRY 1b,__FILE__,__LINE__,BUGFLAG_WARNING
1121 /* Hard-disable interrupts */
1127 /* Unfortunately, the stack pointer and the MSR are also clobbered,
1128 * so they are saved in the PACA which allows us to restore
1129 * our original state after RTAS returns.
1132 std r6,PACASAVEDMSR(r13)
1134 /* Setup our real return addr */
1135 LOAD_REG_ADDR(r4,rtas_return_loc)
1136 clrldi r4,r4,2 /* convert to realmode address */
1140 ori r0,r0,MSR_EE|MSR_SE|MSR_BE|MSR_RI
1144 rldicr r9,r9,MSR_SF_LG,(63-MSR_SF_LG)
1145 ori r9,r9,MSR_IR|MSR_DR|MSR_FE0|MSR_FE1|MSR_FP|MSR_RI|MSR_LE
1147 sync /* disable interrupts so SRR0/1 */
1148 mtmsrd r0 /* don't get trashed */
1150 LOAD_REG_ADDR(r4, rtas)
1151 ld r5,RTASENTRY(r4) /* get the rtas->entry value */
1152 ld r4,RTASBASE(r4) /* get the rtas->base value */
1157 b . /* prevent speculative execution */
1162 /* relocation is off at this point */
1164 clrldi r4,r4,2 /* convert to realmode address */
1168 ld r3,(1f-0b)(r3) /* get &rtas_restore_regs */
1176 ld r1,PACAR1(r4) /* Restore our SP */
1177 ld r4,PACASAVEDMSR(r4) /* Restore our MSR */
1182 b . /* prevent speculative execution */
1185 1: .llong rtas_restore_regs
1188 /* relocation is on at this point */
1189 REST_GPR(2, r1) /* Restore the TOC */
1190 REST_GPR(13, r1) /* Restore paca */
1191 REST_8GPRS(14, r1) /* Restore the non-volatiles */
1192 REST_10GPRS(22, r1) /* ditto */
1207 addi r1,r1,RTAS_FRAME_SIZE /* Unstack our frame */
1208 ld r0,16(r1) /* get return address */
1211 blr /* return to caller */
1213 #endif /* CONFIG_PPC_RTAS */
1218 stdu r1,-PROM_FRAME_SIZE(r1) /* Save SP and create stack space */
1220 /* Because PROM is running in 32b mode, it clobbers the high order half
1221 * of all registers that it saves. We therefore save those registers
1222 * PROM might touch to the stack. (r0, r3-r13 are caller saved)
1233 /* Put PROM address in SRR0 */
1236 /* Setup our trampoline return addr in LR */
1239 addi r4,r4,(1f - 0b)
1242 /* Prepare a 32-bit mode big endian MSR
1244 #ifdef CONFIG_PPC_BOOK3E
1245 rlwinm r11,r11,0,1,31
1248 #else /* CONFIG_PPC_BOOK3E */
1249 LOAD_REG_IMMEDIATE(r12, MSR_SF | MSR_ISF | MSR_LE)
1253 #endif /* CONFIG_PPC_BOOK3E */
1255 1: /* Return from OF */
1258 /* Just make sure that r1 top 32 bits didn't get
1263 /* Restore the MSR (back to 64 bits) */
1268 /* Restore other registers */
1276 addi r1,r1,PROM_FRAME_SIZE
1281 #ifdef CONFIG_FUNCTION_TRACER
1282 #ifdef CONFIG_DYNAMIC_FTRACE
1285 EXPORT_SYMBOL(_mcount)
1291 #ifndef CC_USING_MPROFILE_KERNEL
1292 _GLOBAL_TOC(ftrace_caller)
1293 /* Taken from output of objdump from lib64/glibc */
1299 subi r3, r3, MCOUNT_INSN_SIZE
1304 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
1305 .globl ftrace_graph_call
1308 _GLOBAL(ftrace_graph_stub)
1314 #else /* CC_USING_MPROFILE_KERNEL */
1317 * ftrace_caller() is the function that replaces _mcount() when ftrace is
1320 * We arrive here after a function A calls function B, and we are the trace
1321 * function for B. When we enter r1 points to A's stack frame, B has not yet
1322 * had a chance to allocate one yet.
1324 * Additionally r2 may point either to the TOC for A, or B, depending on
1325 * whether B did a TOC setup sequence before calling us.
1327 * On entry the LR points back to the _mcount() call site, and r0 holds the
1328 * saved LR as it was on entry to B, ie. the original return address at the
1331 * Our job is to save the register state into a struct pt_regs (on the stack)
1332 * and then arrange for the ftrace function to be called.
1334 _GLOBAL(ftrace_caller)
1335 /* Save the original return address in A's stack frame */
1338 /* Create our stack frame + pt_regs */
1339 stdu r1,-SWITCH_FRAME_SIZE(r1)
1341 /* Save all gprs to pt_regs */
1347 /* Save previous stack pointer (r1) */
1348 addi r8, r1, SWITCH_FRAME_SIZE
1351 /* Load special regs for save below */
1357 /* Get the _mcount() call site out of LR */
1359 /* Save it as pt_regs->nip & pt_regs->link */
1363 /* Save callee's TOC in the ABI compliant location */
1365 ld r2,PACATOC(r13) /* get kernel TOC in r2 */
1367 addis r3,r2,function_trace_op@toc@ha
1368 addi r3,r3,function_trace_op@toc@l
1371 #ifdef CONFIG_LIVEPATCH
1372 mr r14,r7 /* remember old NIP */
1374 /* Calculate ip from nip-4 into r3 for call below */
1375 subi r3, r7, MCOUNT_INSN_SIZE
1377 /* Put the original return address in r4 as parent_ip */
1380 /* Save special regs */
1386 /* Load &pt_regs in r6 for call below */
1387 addi r6, r1 ,STACK_FRAME_OVERHEAD
1389 /* ftrace_call(r3, r4, r5, r6) */
1395 /* Load ctr with the possibly modified NIP */
1398 #ifdef CONFIG_LIVEPATCH
1399 cmpd r14,r3 /* has NIP been altered? */
1408 /* Restore callee's TOC */
1411 /* Pop our stack frame */
1412 addi r1, r1, SWITCH_FRAME_SIZE
1414 /* Restore original LR for return to B */
1418 #ifdef CONFIG_LIVEPATCH
1419 /* Based on the cmpd above, if the NIP was altered handle livepatch */
1420 bne- livepatch_handler
1423 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
1425 .globl ftrace_graph_call
1428 _GLOBAL(ftrace_graph_stub)
1432 ld r0,LRSAVE(r1) /* restore callee's lr at _mcount site */
1434 bctr /* jump after _mcount site */
1435 #endif /* CC_USING_MPROFILE_KERNEL */
1437 _GLOBAL(ftrace_stub)
1440 #ifdef CONFIG_LIVEPATCH
1442 * This function runs in the mcount context, between two functions. As
1443 * such it can only clobber registers which are volatile and used in
1446 * We get here when a function A, calls another function B, but B has
1447 * been live patched with a new function C.
1450 * - we have no stack frame and can not allocate one
1451 * - LR points back to the original caller (in A)
1452 * - CTR holds the new NIP in C
1453 * - r0 & r12 are free
1455 * r0 can't be used as the base register for a DS-form load or store, so
1456 * we temporarily shuffle r1 (stack pointer) into r0 and then put it back.
1459 CURRENT_THREAD_INFO(r12, r1)
1461 /* Save stack pointer into r0 */
1464 /* Allocate 3 x 8 bytes */
1465 ld r1, TI_livepatch_sp(r12)
1467 std r1, TI_livepatch_sp(r12)
1469 /* Save toc & real LR on livepatch stack */
1474 /* Store stack end marker */
1475 lis r12, STACK_END_MAGIC@h
1476 ori r12, r12, STACK_END_MAGIC@l
1479 /* Restore real stack pointer */
1482 /* Put ctr in r12 for global entry and branch there */
1487 * Now we are returning from the patched function to the original
1488 * caller A. We are free to use r0 and r12, and we can use r2 until we
1492 CURRENT_THREAD_INFO(r12, r1)
1494 /* Save stack pointer into r0 */
1497 ld r1, TI_livepatch_sp(r12)
1499 /* Check stack marker hasn't been trashed */
1500 lis r2, STACK_END_MAGIC@h
1501 ori r2, r2, STACK_END_MAGIC@l
1504 EMIT_BUG_ENTRY 1b, __FILE__, __LINE__ - 1, 0
1506 /* Restore LR & toc from livepatch stack */
1511 /* Pop livepatch stack frame */
1512 CURRENT_THREAD_INFO(r12, r0)
1514 std r1, TI_livepatch_sp(r12)
1516 /* Restore real stack pointer */
1519 /* Return to original caller of live patched function */
1525 _GLOBAL_TOC(_mcount)
1526 EXPORT_SYMBOL(_mcount)
1527 /* Taken from output of objdump from lib64/glibc */
1534 subi r3, r3, MCOUNT_INSN_SIZE
1535 LOAD_REG_ADDR(r5,ftrace_trace_function)
1543 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
1544 b ftrace_graph_caller
1549 _GLOBAL(ftrace_stub)
1552 #endif /* CONFIG_DYNAMIC_FTRACE */
1554 #ifdef CONFIG_FUNCTION_GRAPH_TRACER
1555 #ifndef CC_USING_MPROFILE_KERNEL
1556 _GLOBAL(ftrace_graph_caller)
1557 /* load r4 with local address */
1559 subi r4, r4, MCOUNT_INSN_SIZE
1561 /* Grab the LR out of the caller stack frame */
1565 bl prepare_ftrace_return
1569 * prepare_ftrace_return gives us the address we divert to.
1570 * Change the LR in the callers stack frame to this.
1580 #else /* CC_USING_MPROFILE_KERNEL */
1581 _GLOBAL(ftrace_graph_caller)
1582 /* with -mprofile-kernel, parameter regs are still alive at _mcount */
1592 /* Save callee's TOC in the ABI compliant location */
1594 ld r2, PACATOC(r13) /* get kernel TOC in r2 */
1596 mfctr r4 /* ftrace_caller has moved local addr here */
1598 mflr r3 /* ftrace_caller has restored LR from stack */
1599 subi r4, r4, MCOUNT_INSN_SIZE
1601 bl prepare_ftrace_return
1605 * prepare_ftrace_return gives us the address we divert to.
1606 * Change the LR to this.
1621 /* Restore callee's TOC */
1628 #endif /* CC_USING_MPROFILE_KERNEL */
1630 _GLOBAL(return_to_handler)
1631 /* need to save return values */
1641 * We might be called from a module.
1642 * Switch to our TOC to run inside the core kernel.
1646 bl ftrace_return_to_handler
1649 /* return value has real return address */
1658 /* Jump back to real return address */
1660 #endif /* CONFIG_FUNCTION_GRAPH_TRACER */
1661 #endif /* CONFIG_FUNCTION_TRACER */
projects / releases.git / blob