1 /* SPDX-License-Identifier: GPL-2.0-or-later */
4 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
6 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
7 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
8 * Adapted for Power Macintosh by Paul Mackerras.
9 * Low-level exception handlers and MMU support
10 * rewritten by Paul Mackerras.
11 * Copyright (C) 1996 Paul Mackerras.
12 * MPC8xx modifications Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
14 * This file contains the low-level support and setup for the
15 * PowerPC platform, including trap and interrupt dispatch.
16 * (The PPC 8xx embedded CPUs use head_8xx.S instead.)
19 #include <linux/init.h>
23 #include <asm/pgtable.h>
24 #include <asm/cputable.h>
25 #include <asm/cache.h>
26 #include <asm/thread_info.h>
27 #include <asm/ppc_asm.h>
28 #include <asm/asm-offsets.h>
29 #include <asm/ptrace.h>
31 #include <asm/kvm_book3s_asm.h>
32 #include <asm/export.h>
33 #include <asm/feature-fixups.h>
37 /* 601 only have IBAT */
38 #ifdef CONFIG_PPC_BOOK3S_601
39 #define LOAD_BAT(n, reg, RA, RB) \
41 mtspr SPRN_IBAT##n##U,RA; \
42 lwz RA,(n*16)+0(reg); \
43 lwz RB,(n*16)+4(reg); \
44 mtspr SPRN_IBAT##n##U,RA; \
45 mtspr SPRN_IBAT##n##L,RB
47 #define LOAD_BAT(n, reg, RA, RB) \
48 /* see the comment for clear_bats() -- Cort */ \
50 mtspr SPRN_IBAT##n##U,RA; \
51 mtspr SPRN_DBAT##n##U,RA; \
52 lwz RA,(n*16)+0(reg); \
53 lwz RB,(n*16)+4(reg); \
54 mtspr SPRN_IBAT##n##U,RA; \
55 mtspr SPRN_IBAT##n##L,RB; \
56 lwz RA,(n*16)+8(reg); \
57 lwz RB,(n*16)+12(reg); \
58 mtspr SPRN_DBAT##n##U,RA; \
59 mtspr SPRN_DBAT##n##L,RB
63 .stabs "arch/powerpc/kernel/",N_SO,0,0,0f
64 .stabs "head_32.S",N_SO,0,0,0f
69 * _start is defined this way because the XCOFF loader in the OpenFirmware
70 * on the powermac expects the entry point to be a procedure descriptor.
74 * These are here for legacy reasons, the kernel used to
75 * need to look like a coff function entry for the pmac
76 * but we're always started by some kind of bootloader now.
79 nop /* used by __secondary_hold on prep (mtx) and chrp smp */
80 nop /* used by __secondary_hold on prep (mtx) and chrp smp */
84 * Enter here with the kernel text, data and bss loaded starting at
85 * 0, running with virtual == physical mapping.
86 * r5 points to the prom entry point (the client interface handler
87 * address). Address translation is turned on, with the prom
88 * managing the hash table. Interrupts are disabled. The stack
89 * pointer (r1) points to just below the end of the half-meg region
90 * from 0x380000 - 0x400000, which is mapped in already.
92 * If we are booted from MacOS via BootX, we enter with the kernel
93 * image loaded somewhere, and the following values in registers:
94 * r3: 'BooX' (0x426f6f58)
95 * r4: virtual address of boot_infos_t
99 * This is jumped to on prep systems right after the kernel is relocated
100 * to its proper place in memory by the boot loader. The expected layout
102 * r3: ptr to residual data
103 * r4: initrd_start or if no initrd then 0
104 * r5: initrd_end - unused if r4 is 0
105 * r6: Start of command line string
106 * r7: End of command line string
108 * This just gets a minimal mmu environment setup so we can call
109 * start_here() to do the real work.
116 * We have to do any OF calls before we map ourselves to KERNELBASE,
117 * because OF may have I/O devices mapped into that area
118 * (particularly on CHRP).
123 #ifdef CONFIG_PPC_OF_BOOT_TRAMPOLINE
124 /* find out where we are now */
126 0: mflr r8 /* r8 = runtime addr here */
127 addis r8,r8,(_stext - 0b)@ha
128 addi r8,r8,(_stext - 0b)@l /* current runtime base addr */
130 #endif /* CONFIG_PPC_OF_BOOT_TRAMPOLINE */
132 /* We never return. We also hit that trap if trying to boot
133 * from OF while CONFIG_PPC_OF_BOOT_TRAMPOLINE isn't selected */
137 * Check for BootX signature when supporting PowerMac and branch to
138 * appropriate trampoline if it's present
140 #ifdef CONFIG_PPC_PMAC
147 #endif /* CONFIG_PPC_PMAC */
149 1: mr r31,r3 /* save device tree ptr */
153 * early_init() does the early machine identification and does
154 * the necessary low-level setup and clears the BSS
155 * -- Cort <cort@fsmlabs.com>
159 /* Switch MMU off, clear BATs and flush TLB. At this point, r3 contains
160 * the physical address we are running at, returned by early_init()
168 bl load_segment_registers
172 #if defined(CONFIG_BOOTX_TEXT)
175 #ifdef CONFIG_PPC_EARLY_DEBUG_CPM
178 #ifdef CONFIG_PPC_EARLY_DEBUG_USBGECKO
179 bl setup_usbgecko_bat
183 * Call setup_cpu for CPU 0 and initialize 6xx Idle
187 bl call_setup_cpu /* Call setup_cpu for this CPU */
188 #ifdef CONFIG_PPC_BOOK3S_32
191 #endif /* CONFIG_PPC_BOOK3S_32 */
195 * We need to run with _start at physical address 0.
196 * On CHRP, we are loaded at 0x10000 since OF on CHRP uses
197 * the exception vectors at 0 (and therefore this copy
198 * overwrites OF's exception vectors with our own).
199 * The MMU is off at this point.
203 addis r4,r3,KERNELBASE@h /* current address of _start */
204 lis r5,PHYSICAL_START@h
205 cmplw 0,r4,r5 /* already running at PHYSICAL_START? */
208 * we now have the 1st 16M of ram mapped with the bats.
209 * prep needs the mmu to be turned on here, but pmac already has it on.
210 * this shouldn't bother the pmac since it just gets turned on again
211 * as we jump to our code at KERNELBASE. -- Cort
212 * Actually no, pmac doesn't have it on any more. BootX enters with MMU
213 * off, and in other cases, we now turn it off before changing BATs above.
217 ori r0,r0,MSR_DR|MSR_IR|MSR_RI
220 ori r0,r0,start_here@l
223 RFI /* enables MMU */
226 * We need __secondary_hold as a place to hold the other cpus on
227 * an SMP machine, even when we are running a UP kernel.
229 . = 0xc0 /* for prep bootloader */
230 li r3,1 /* MTX only has 1 cpu */
231 .globl __secondary_hold
233 /* tell the master we're here */
234 stw r3,__secondary_hold_acknowledge@l(0)
237 /* wait until we're told to start */
240 /* our cpu # was at addr 0 - go */
241 mr r24,r3 /* cpu # */
245 #endif /* CONFIG_SMP */
247 .globl __secondary_hold_spinloop
248 __secondary_hold_spinloop:
250 .globl __secondary_hold_acknowledge
251 __secondary_hold_acknowledge:
255 /* core99 pmac starts the seconary here by changing the vector, and
256 putting it back to what it was (unknown_exception) when done. */
257 EXCEPTION(0x100, Reset, unknown_exception, EXC_XFER_STD)
261 * On CHRP, this is complicated by the fact that we could get a
262 * machine check inside RTAS, and we have no guarantee that certain
263 * critical registers will have the values we expect. The set of
264 * registers that might have bad values includes all the GPRs
265 * and all the BATs. We indicate that we are in RTAS by putting
266 * a non-zero value, the address of the exception frame to use,
267 * in thread.rtas_sp. The machine check handler checks thread.rtas_sp
268 * and uses its value if it is non-zero.
269 * (Other exception handlers assume that r1 is a valid kernel stack
270 * pointer when we take an exception from supervisor mode.)
275 mtspr SPRN_SPRG_SCRATCH0,r10
276 mtspr SPRN_SPRG_SCRATCH1,r11
278 #ifdef CONFIG_PPC_CHRP
279 mfspr r11, SPRN_SPRG_THREAD
280 lwz r11, RTAS_SP(r11)
283 #endif /* CONFIG_PPC_CHRP */
285 7: EXCEPTION_PROLOG_2
286 addi r3,r1,STACK_FRAME_OVERHEAD
287 #ifdef CONFIG_PPC_CHRP
290 EXC_XFER_STD(0x200, machine_check_exception)
291 #ifdef CONFIG_PPC_CHRP
292 1: b machine_check_in_rtas
295 /* Data access exception. */
302 #ifdef CONFIG_PPC_KUAP
303 andis. r0,r10,(DSISR_BAD_FAULT_32S | DSISR_DABRMATCH | DSISR_PROTFAULT)@h
305 andis. r0,r10,(DSISR_BAD_FAULT_32S|DSISR_DABRMATCH)@h
307 bne 1f /* if not, try to put a PTE */
308 mfspr r4,SPRN_DAR /* into the hash table */
309 rlwinm r3,r10,32-15,21,21 /* DSISR_STORE -> _PAGE_RW */
310 BEGIN_MMU_FTR_SECTION
312 END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
313 1: lwz r5,_DSISR(r11) /* get DSISR value */
315 EXC_XFER_LITE(0x300, handle_page_fault)
318 /* Instruction access exception. */
323 andis. r0,r9,SRR1_ISI_NOPT@h /* no pte found? */
324 beq 1f /* if so, try to put a PTE */
325 li r3,0 /* into the hash table */
326 mr r4,r12 /* SRR0 is fault address */
327 BEGIN_MMU_FTR_SECTION
329 END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
331 andis. r5,r9,DSISR_SRR1_MATCH_32S@h /* Filter relevant SRR1 bits */
332 EXC_XFER_LITE(0x400, handle_page_fault)
334 /* External interrupt */
335 EXCEPTION(0x500, HardwareInterrupt, do_IRQ, EXC_XFER_LITE)
337 /* Alignment exception */
346 addi r3,r1,STACK_FRAME_OVERHEAD
347 EXC_XFER_STD(0x600, alignment_exception)
349 /* Program check exception */
350 EXCEPTION(0x700, ProgramCheck, program_check_exception, EXC_XFER_STD)
352 /* Floating-point unavailable */
358 * Certain Freescale cores don't have a FPU and treat fp instructions
359 * as a FP Unavailable exception. Redirect to illegal/emulation handling.
362 END_FTR_SECTION_IFSET(CPU_FTR_FPU_UNAVAILABLE)
365 bl load_up_fpu /* if from user, just load it up */
366 b fast_exception_return
367 1: addi r3,r1,STACK_FRAME_OVERHEAD
368 EXC_XFER_LITE(0x800, kernel_fp_unavailable_exception)
371 EXCEPTION(0x900, Decrementer, timer_interrupt, EXC_XFER_LITE)
373 EXCEPTION(0xa00, Trap_0a, unknown_exception, EXC_XFER_STD)
374 EXCEPTION(0xb00, Trap_0b, unknown_exception, EXC_XFER_STD)
382 /* Single step - not used on 601 */
383 EXCEPTION(0xd00, SingleStep, single_step_exception, EXC_XFER_STD)
384 EXCEPTION(0xe00, Trap_0e, unknown_exception, EXC_XFER_STD)
387 * The Altivec unavailable trap is at 0x0f20. Foo.
388 * We effectively remap it to 0x3000.
389 * We include an altivec unavailable exception vector even if
390 * not configured for Altivec, so that you can't panic a
391 * non-altivec kernel running on a machine with altivec just
392 * by executing an altivec instruction.
403 * Handle TLB miss for instruction on 603/603e.
404 * Note: we get an alternate set of r0 - r3 to use automatically.
410 * r1: linux style pte ( later becomes ppc hardware pte )
411 * r2: ptr to linux-style pte
414 /* Get PTE (linux-style) and check access */
416 #if defined(CONFIG_MODULES) || defined(CONFIG_DEBUG_PAGEALLOC)
417 lis r1,PAGE_OFFSET@h /* check if kernel address */
420 mfspr r2, SPRN_SPRG_PGDIR
421 li r1,_PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_EXEC | _PAGE_USER
422 #if defined(CONFIG_MODULES) || defined(CONFIG_DEBUG_PAGEALLOC)
424 lis r2, (swapper_pg_dir - PAGE_OFFSET)@ha /* if kernel address, use */
425 li r1,_PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_EXEC
426 addi r2, r2, (swapper_pg_dir - PAGE_OFFSET)@l /* kernel page table */
428 112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
429 lwz r2,0(r2) /* get pmd entry */
430 rlwinm. r2,r2,0,0,19 /* extract address of pte page */
431 beq- InstructionAddressInvalid /* return if no mapping */
432 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
433 lwz r0,0(r2) /* get linux-style pte */
434 andc. r1,r1,r0 /* check access & ~permission */
435 bne- InstructionAddressInvalid /* return if access not permitted */
436 /* Convert linux-style PTE to low word of PPC-style PTE */
437 rlwimi r0,r0,32-2,31,31 /* _PAGE_USER -> PP lsb */
438 ori r1, r1, 0xe06 /* clear out reserved bits */
439 andc r1, r0, r1 /* PP = user? 1 : 0 */
441 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
442 END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
445 mfspr r3,SPRN_SRR1 /* Need to restore CR0 */
448 InstructionAddressInvalid:
450 rlwinm r1,r3,9,6,6 /* Get load/store bit */
453 mtspr SPRN_DSISR,r1 /* (shouldn't be needed) */
454 andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */
457 mfspr r1,SPRN_IMISS /* Get failing address */
458 rlwinm. r2,r2,0,31,31 /* Check for little endian access */
459 rlwimi r2,r2,1,30,30 /* change 1 -> 3 */
461 mtspr SPRN_DAR,r1 /* Set fault address */
462 mfmsr r0 /* Restore "normal" registers */
463 xoris r0,r0,MSR_TGPR>>16
464 mtcrf 0x80,r3 /* Restore CR0 */
469 * Handle TLB miss for DATA Load operation on 603/603e
475 * r1: linux style pte ( later becomes ppc hardware pte )
476 * r2: ptr to linux-style pte
479 /* Get PTE (linux-style) and check access */
481 lis r1,PAGE_OFFSET@h /* check if kernel address */
483 mfspr r2, SPRN_SPRG_PGDIR
484 li r1, _PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_USER
486 lis r2, (swapper_pg_dir - PAGE_OFFSET)@ha /* if kernel address, use */
487 li r1, _PAGE_PRESENT | _PAGE_ACCESSED
488 addi r2, r2, (swapper_pg_dir - PAGE_OFFSET)@l /* kernel page table */
489 112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
490 lwz r2,0(r2) /* get pmd entry */
491 rlwinm. r2,r2,0,0,19 /* extract address of pte page */
492 beq- DataAddressInvalid /* return if no mapping */
493 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
494 lwz r0,0(r2) /* get linux-style pte */
495 andc. r1,r1,r0 /* check access & ~permission */
496 bne- DataAddressInvalid /* return if access not permitted */
498 * NOTE! We are assuming this is not an SMP system, otherwise
499 * we would need to update the pte atomically with lwarx/stwcx.
501 /* Convert linux-style PTE to low word of PPC-style PTE */
502 rlwinm r1,r0,32-9,30,30 /* _PAGE_RW -> PP msb */
503 rlwimi r0,r0,32-1,30,30 /* _PAGE_USER -> PP msb */
504 rlwimi r0,r0,32-1,31,31 /* _PAGE_USER -> PP lsb */
505 ori r1,r1,0xe04 /* clear out reserved bits */
506 andc r1,r0,r1 /* PP = user? rw? 1: 3: 0 */
508 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
509 END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
511 mfspr r2,SPRN_SRR1 /* Need to restore CR0 */
513 BEGIN_MMU_FTR_SECTION
515 mfspr r1,SPRN_SPRG_603_LRU
516 rlwinm r2,r3,20,27,31 /* Get Address bits 15:19 */
520 mtspr SPRN_SPRG_603_LRU,r1
522 rlwimi r2,r0,31-14,14,14
524 END_MMU_FTR_SECTION_IFSET(MMU_FTR_NEED_DTLB_SW_LRU)
529 rlwinm r1,r3,9,6,6 /* Get load/store bit */
532 andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */
534 mfspr r1,SPRN_DMISS /* Get failing address */
535 rlwinm. r2,r2,0,31,31 /* Check for little endian access */
536 beq 20f /* Jump if big endian */
538 20: mtspr SPRN_DAR,r1 /* Set fault address */
539 mfmsr r0 /* Restore "normal" registers */
540 xoris r0,r0,MSR_TGPR>>16
541 mtcrf 0x80,r3 /* Restore CR0 */
546 * Handle TLB miss for DATA Store on 603/603e
552 * r1: linux style pte ( later becomes ppc hardware pte )
553 * r2: ptr to linux-style pte
556 /* Get PTE (linux-style) and check access */
558 lis r1,PAGE_OFFSET@h /* check if kernel address */
560 mfspr r2, SPRN_SPRG_PGDIR
561 li r1, _PAGE_RW | _PAGE_DIRTY | _PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_USER
563 lis r2, (swapper_pg_dir - PAGE_OFFSET)@ha /* if kernel address, use */
564 li r1, _PAGE_RW | _PAGE_DIRTY | _PAGE_PRESENT | _PAGE_ACCESSED
565 addi r2, r2, (swapper_pg_dir - PAGE_OFFSET)@l /* kernel page table */
566 112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
567 lwz r2,0(r2) /* get pmd entry */
568 rlwinm. r2,r2,0,0,19 /* extract address of pte page */
569 beq- DataAddressInvalid /* return if no mapping */
570 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
571 lwz r0,0(r2) /* get linux-style pte */
572 andc. r1,r1,r0 /* check access & ~permission */
573 bne- DataAddressInvalid /* return if access not permitted */
575 * NOTE! We are assuming this is not an SMP system, otherwise
576 * we would need to update the pte atomically with lwarx/stwcx.
578 /* Convert linux-style PTE to low word of PPC-style PTE */
579 rlwimi r0,r0,32-2,31,31 /* _PAGE_USER -> PP lsb */
580 li r1,0xe06 /* clear out reserved bits & PP msb */
581 andc r1,r0,r1 /* PP = user? 1: 0 */
583 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
584 END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
586 mfspr r2,SPRN_SRR1 /* Need to restore CR0 */
588 BEGIN_MMU_FTR_SECTION
590 mfspr r1,SPRN_SPRG_603_LRU
591 rlwinm r2,r3,20,27,31 /* Get Address bits 15:19 */
595 mtspr SPRN_SPRG_603_LRU,r1
597 rlwimi r2,r0,31-14,14,14
599 END_MMU_FTR_SECTION_IFSET(MMU_FTR_NEED_DTLB_SW_LRU)
603 #ifndef CONFIG_ALTIVEC
604 #define altivec_assist_exception unknown_exception
607 EXCEPTION(0x1300, Trap_13, instruction_breakpoint_exception, EXC_XFER_STD)
608 EXCEPTION(0x1400, SMI, SMIException, EXC_XFER_STD)
609 EXCEPTION(0x1500, Trap_15, unknown_exception, EXC_XFER_STD)
610 EXCEPTION(0x1600, Trap_16, altivec_assist_exception, EXC_XFER_STD)
611 EXCEPTION(0x1700, Trap_17, TAUException, EXC_XFER_STD)
612 EXCEPTION(0x1800, Trap_18, unknown_exception, EXC_XFER_STD)
613 EXCEPTION(0x1900, Trap_19, unknown_exception, EXC_XFER_STD)
614 EXCEPTION(0x1a00, Trap_1a, unknown_exception, EXC_XFER_STD)
615 EXCEPTION(0x1b00, Trap_1b, unknown_exception, EXC_XFER_STD)
616 EXCEPTION(0x1c00, Trap_1c, unknown_exception, EXC_XFER_STD)
617 EXCEPTION(0x1d00, Trap_1d, unknown_exception, EXC_XFER_STD)
618 EXCEPTION(0x1e00, Trap_1e, unknown_exception, EXC_XFER_STD)
619 EXCEPTION(0x1f00, Trap_1f, unknown_exception, EXC_XFER_STD)
620 EXCEPTION(0x2000, RunMode, RunModeException, EXC_XFER_STD)
621 EXCEPTION(0x2100, Trap_21, unknown_exception, EXC_XFER_STD)
622 EXCEPTION(0x2200, Trap_22, unknown_exception, EXC_XFER_STD)
623 EXCEPTION(0x2300, Trap_23, unknown_exception, EXC_XFER_STD)
624 EXCEPTION(0x2400, Trap_24, unknown_exception, EXC_XFER_STD)
625 EXCEPTION(0x2500, Trap_25, unknown_exception, EXC_XFER_STD)
626 EXCEPTION(0x2600, Trap_26, unknown_exception, EXC_XFER_STD)
627 EXCEPTION(0x2700, Trap_27, unknown_exception, EXC_XFER_STD)
628 EXCEPTION(0x2800, Trap_28, unknown_exception, EXC_XFER_STD)
629 EXCEPTION(0x2900, Trap_29, unknown_exception, EXC_XFER_STD)
630 EXCEPTION(0x2a00, Trap_2a, unknown_exception, EXC_XFER_STD)
631 EXCEPTION(0x2b00, Trap_2b, unknown_exception, EXC_XFER_STD)
632 EXCEPTION(0x2c00, Trap_2c, unknown_exception, EXC_XFER_STD)
633 EXCEPTION(0x2d00, Trap_2d, unknown_exception, EXC_XFER_STD)
634 EXCEPTION(0x2e00, Trap_2e, unknown_exception, EXC_XFER_STD)
635 EXCEPTION(0x2f00, Trap_2f, unknown_exception, EXC_XFER_STD)
641 #ifdef CONFIG_ALTIVEC
643 bl load_up_altivec /* if from user, just load it up */
644 b fast_exception_return
645 #endif /* CONFIG_ALTIVEC */
646 1: addi r3,r1,STACK_FRAME_OVERHEAD
647 EXC_XFER_LITE(0xf20, altivec_unavailable_exception)
651 addi r3,r1,STACK_FRAME_OVERHEAD
652 EXC_XFER_STD(0xf00, performance_monitor_exception)
656 * This code is jumped to from the startup code to copy
657 * the kernel image to physical address PHYSICAL_START.
660 addis r9,r26,klimit@ha /* fetch klimit */
662 addis r25,r25,-KERNELBASE@h
663 lis r3,PHYSICAL_START@h /* Destination base address */
664 li r6,0 /* Destination offset */
665 li r5,0x4000 /* # bytes of memory to copy */
666 bl copy_and_flush /* copy the first 0x4000 bytes */
667 addi r0,r3,4f@l /* jump to the address of 4f */
668 mtctr r0 /* in copy and do the rest. */
669 bctr /* jump to the copy */
671 bl copy_and_flush /* copy the rest */
675 * Copy routine used to copy the kernel to start at physical address 0
676 * and flush and invalidate the caches as needed.
677 * r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset
678 * on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5.
680 _ENTRY(copy_and_flush)
683 4: li r0,L1_CACHE_BYTES/4
685 3: addi r6,r6,4 /* copy a cache line */
689 dcbst r6,r3 /* write it to memory */
691 icbi r6,r3 /* flush the icache line */
694 sync /* additional sync needed on g4 */
701 .globl __secondary_start_mpc86xx
702 __secondary_start_mpc86xx:
704 stw r3, __secondary_hold_acknowledge@l(0)
705 mr r24, r3 /* cpu # */
708 .globl __secondary_start_pmac_0
709 __secondary_start_pmac_0:
710 /* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */
719 /* on powersurge, we come in here with IR=0 and DR=1, and DBAT 0
720 set to map the 0xf0000000 - 0xffffffff region */
722 rlwinm r0,r0,0,28,26 /* clear DR (0x10) */
727 .globl __secondary_start
729 /* Copy some CPU settings from CPU 0 */
730 bl __restore_cpu_setup
734 bl call_setup_cpu /* Call setup_cpu for this CPU */
735 #ifdef CONFIG_PPC_BOOK3S_32
738 #endif /* CONFIG_PPC_BOOK3S_32 */
740 /* get current's stack and current */
741 lis r2,secondary_current@ha
743 lwz r2,secondary_current@l(r2)
745 lwz r1,TASK_STACK(r1)
748 addi r1,r1,THREAD_SIZE-STACK_FRAME_OVERHEAD
753 /* load up the MMU */
754 bl load_segment_registers
757 /* ptr to phys current thread */
759 addi r4,r4,THREAD /* phys address of our thread_struct */
760 mtspr SPRN_SPRG_THREAD,r4
761 lis r4, (swapper_pg_dir - PAGE_OFFSET)@h
762 ori r4, r4, (swapper_pg_dir - PAGE_OFFSET)@l
763 mtspr SPRN_SPRG_PGDIR, r4
765 /* enable MMU and jump to start_secondary */
767 lis r3,start_secondary@h
768 ori r3,r3,start_secondary@l
773 #endif /* CONFIG_SMP */
775 #ifdef CONFIG_KVM_BOOK3S_HANDLER
776 #include "../kvm/book3s_rmhandlers.S"
780 * Those generic dummy functions are kept for CPUs not
781 * included in CONFIG_PPC_BOOK3S_32
783 #if !defined(CONFIG_PPC_BOOK3S_32)
784 _ENTRY(__save_cpu_setup)
786 _ENTRY(__restore_cpu_setup)
788 #endif /* !defined(CONFIG_PPC_BOOK3S_32) */
791 * Load stuff into the MMU. Intended to be called with
796 sync /* Force all PTE updates to finish */
798 tlbia /* Clear all TLB entries */
799 sync /* wait for tlbia/tlbie to finish */
800 TLBSYNC /* ... on all CPUs */
801 /* Load the SDR1 register (hash table base & size) */
802 lis r6, early_hash - PAGE_OFFSET@h
803 ori r6, r6, 3 /* 256kB table */
809 sync /* Force all PTE updates to finish */
811 tlbia /* Clear all TLB entries */
812 sync /* wait for tlbia/tlbie to finish */
813 TLBSYNC /* ... on all CPUs */
814 /* Load the SDR1 register (hash table base & size) */
820 /* Load the BAT registers with the values set up by MMU_init.
821 MMU_init takes care of whether we're on a 601 or not. */
829 BEGIN_MMU_FTR_SECTION
834 END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
837 _GLOBAL(load_segment_registers)
838 li r0, NUM_USER_SEGMENTS /* load up user segment register values */
839 mtctr r0 /* for context 0 */
840 li r3, 0 /* Kp = 0, Ks = 0, VSID = 0 */
841 #ifdef CONFIG_PPC_KUEP
842 oris r3, r3, SR_NX@h /* Set Nx */
844 #ifdef CONFIG_PPC_KUAP
845 oris r3, r3, SR_KS@h /* Set Ks */
849 addi r3, r3, 0x111 /* increment VSID */
850 addis r4, r4, 0x1000 /* address of next segment */
852 li r0, 16 - NUM_USER_SEGMENTS /* load up kernel segment registers */
853 mtctr r0 /* for context 0 */
854 rlwinm r3, r3, 0, ~SR_NX /* Nx = 0 */
855 rlwinm r3, r3, 0, ~SR_KS /* Ks = 0 */
856 oris r3, r3, SR_KP@h /* Kp = 1 */
858 addi r3, r3, 0x111 /* increment VSID */
859 addis r4, r4, 0x1000 /* address of next segment */
864 * This is where the main kernel code starts.
869 ori r2,r2,init_task@l
870 /* Set up for using our exception vectors */
871 /* ptr to phys current thread */
873 addi r4,r4,THREAD /* init task's THREAD */
874 mtspr SPRN_SPRG_THREAD,r4
875 lis r4, (swapper_pg_dir - PAGE_OFFSET)@h
876 ori r4, r4, (swapper_pg_dir - PAGE_OFFSET)@l
877 mtspr SPRN_SPRG_PGDIR, r4
880 lis r1,init_thread_union@ha
881 addi r1,r1,init_thread_union@l
883 stwu r0,THREAD_SIZE-STACK_FRAME_OVERHEAD(r1)
885 * Do early platform-specific initialization,
886 * and set up the MMU.
897 BEGIN_MMU_FTR_SECTION
899 END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
903 * Go back to running unmapped so we can load up new values
904 * for SDR1 (hash table pointer) and the segment registers
905 * and change to using our exception vectors.
910 li r3,MSR_KERNEL & ~(MSR_IR|MSR_DR)
915 /* Load up the kernel context */
918 #ifdef CONFIG_BDI_SWITCH
919 /* Add helper information for the Abatron bdiGDB debugger.
920 * We do this here because we know the mmu is disabled, and
921 * will be enabled for real in just a few instructions.
923 lis r5, abatron_pteptrs@h
924 ori r5, r5, abatron_pteptrs@l
925 stw r5, 0xf0(0) /* This much match your Abatron config */
926 lis r6, swapper_pg_dir@h
927 ori r6, r6, swapper_pg_dir@l
930 #endif /* CONFIG_BDI_SWITCH */
932 /* Now turn on the MMU for real! */
934 lis r3,start_kernel@h
935 ori r3,r3,start_kernel@l
942 * void switch_mmu_context(struct mm_struct *prev, struct mm_struct *next);
944 * Set up the segment registers for a new context.
946 _ENTRY(switch_mmu_context)
947 lwz r3,MMCONTEXTID(r4)
950 mulli r3,r3,897 /* multiply context by skew factor */
951 rlwinm r3,r3,4,8,27 /* VSID = (context & 0xfffff) << 4 */
952 #ifdef CONFIG_PPC_KUEP
953 oris r3, r3, SR_NX@h /* Set Nx */
955 #ifdef CONFIG_PPC_KUAP
956 oris r3, r3, SR_KS@h /* Set Ks */
958 li r0,NUM_USER_SEGMENTS
962 #ifdef CONFIG_BDI_SWITCH
963 /* Context switch the PTE pointer for the Abatron BDI2000.
964 * The PGDIR is passed as second argument.
966 lis r5, abatron_pteptrs@ha
967 stw r4, abatron_pteptrs@l + 0x4(r5)
970 mtspr SPRN_SPRG_PGDIR, r4
975 addi r3,r3,0x111 /* next VSID */
976 rlwinm r3,r3,0,8,3 /* clear out any overflow from VSID field */
977 addis r4,r4,0x1000 /* address of next segment */
983 EMIT_BUG_ENTRY 4b,__FILE__,__LINE__,0
985 EXPORT_SYMBOL(switch_mmu_context)
988 * An undocumented "feature" of 604e requires that the v bit
989 * be cleared before changing BAT values.
991 * Also, newer IBM firmware does not clear bat3 and 4 so
992 * this makes sure it's done.
998 #ifndef CONFIG_PPC_BOOK3S_601
999 mtspr SPRN_DBAT0U,r10
1000 mtspr SPRN_DBAT0L,r10
1001 mtspr SPRN_DBAT1U,r10
1002 mtspr SPRN_DBAT1L,r10
1003 mtspr SPRN_DBAT2U,r10
1004 mtspr SPRN_DBAT2L,r10
1005 mtspr SPRN_DBAT3U,r10
1006 mtspr SPRN_DBAT3L,r10
1008 mtspr SPRN_IBAT0U,r10
1009 mtspr SPRN_IBAT0L,r10
1010 mtspr SPRN_IBAT1U,r10
1011 mtspr SPRN_IBAT1L,r10
1012 mtspr SPRN_IBAT2U,r10
1013 mtspr SPRN_IBAT2L,r10
1014 mtspr SPRN_IBAT3U,r10
1015 mtspr SPRN_IBAT3L,r10
1016 BEGIN_MMU_FTR_SECTION
1017 /* Here's a tweak: at this point, CPU setup have
1018 * not been called yet, so HIGH_BAT_EN may not be
1019 * set in HID0 for the 745x processors. However, it
1020 * seems that doesn't affect our ability to actually
1021 * write to these SPRs.
1023 mtspr SPRN_DBAT4U,r10
1024 mtspr SPRN_DBAT4L,r10
1025 mtspr SPRN_DBAT5U,r10
1026 mtspr SPRN_DBAT5L,r10
1027 mtspr SPRN_DBAT6U,r10
1028 mtspr SPRN_DBAT6L,r10
1029 mtspr SPRN_DBAT7U,r10
1030 mtspr SPRN_DBAT7L,r10
1031 mtspr SPRN_IBAT4U,r10
1032 mtspr SPRN_IBAT4L,r10
1033 mtspr SPRN_IBAT5U,r10
1034 mtspr SPRN_IBAT5L,r10
1035 mtspr SPRN_IBAT6U,r10
1036 mtspr SPRN_IBAT6L,r10
1037 mtspr SPRN_IBAT7U,r10
1038 mtspr SPRN_IBAT7L,r10
1039 END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
1048 li r3, MSR_KERNEL & ~(MSR_IR | MSR_DR)
1049 rlwinm r0, r6, 0, ~MSR_RI
1050 rlwinm r0, r0, 0, ~MSR_EE
1060 LOAD_BAT(0, r3, r4, r5)
1061 LOAD_BAT(1, r3, r4, r5)
1062 LOAD_BAT(2, r3, r4, r5)
1063 LOAD_BAT(3, r3, r4, r5)
1064 BEGIN_MMU_FTR_SECTION
1065 LOAD_BAT(4, r3, r4, r5)
1066 LOAD_BAT(5, r3, r4, r5)
1067 LOAD_BAT(6, r3, r4, r5)
1068 LOAD_BAT(7, r3, r4, r5)
1069 END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
1070 li r3, MSR_KERNEL & ~(MSR_IR | MSR_DR | MSR_RI)
1079 1: addic. r10, r10, -0x1000
1086 addi r4, r3, __after_mmu_off - _start
1088 andi. r0,r3,MSR_DR|MSR_IR /* MMU enabled? */
1097 * On 601, we use 3 BATs to map up to 24M of RAM at _PAGE_OFFSET
1098 * (we keep one for debugging) and on others, we use one 256M BAT.
1101 lis r11,PAGE_OFFSET@h
1102 #ifdef CONFIG_PPC_BOOK3S_601
1103 ori r11,r11,4 /* set up BAT registers for 601 */
1104 li r8,0x7f /* valid, block length = 8MB */
1105 mtspr SPRN_IBAT0U,r11 /* N.B. 601 has valid bit in */
1106 mtspr SPRN_IBAT0L,r8 /* lower BAT register */
1107 addis r11,r11,0x800000@h
1108 addis r8,r8,0x800000@h
1109 mtspr SPRN_IBAT1U,r11
1110 mtspr SPRN_IBAT1L,r8
1111 addis r11,r11,0x800000@h
1112 addis r8,r8,0x800000@h
1113 mtspr SPRN_IBAT2U,r11
1114 mtspr SPRN_IBAT2L,r8
1118 ori r8,r8,0x12 /* R/W access, M=1 */
1120 ori r8,r8,2 /* R/W access */
1121 #endif /* CONFIG_SMP */
1122 ori r11,r11,BL_256M<<2|0x2 /* set up BAT registers for 604 */
1124 mtspr SPRN_DBAT0L,r8 /* N.B. 6xx (not 601) have valid */
1125 mtspr SPRN_DBAT0U,r11 /* bit in upper BAT register */
1126 mtspr SPRN_IBAT0L,r8
1127 mtspr SPRN_IBAT0U,r11
1132 #ifdef CONFIG_BOOTX_TEXT
1135 * setup the display bat prepared for us in prom.c
1140 addis r8,r3,disp_BAT@ha
1141 addi r8,r8,disp_BAT@l
1146 #ifndef CONFIG_PPC_BOOK3S_601
1147 mtspr SPRN_DBAT3L,r8
1148 mtspr SPRN_DBAT3U,r11
1150 mtspr SPRN_IBAT3L,r8
1151 mtspr SPRN_IBAT3U,r11
1154 #endif /* CONFIG_BOOTX_TEXT */
1156 #ifdef CONFIG_PPC_EARLY_DEBUG_CPM
1160 mtspr SPRN_DBAT1L, r8
1163 ori r11, r11, (BL_1M << 2) | 2
1164 mtspr SPRN_DBAT1U, r11
1169 #ifdef CONFIG_PPC_EARLY_DEBUG_USBGECKO
1171 /* prepare a BAT for early io */
1172 #if defined(CONFIG_GAMECUBE)
1174 #elif defined(CONFIG_WII)
1177 #error Invalid platform for USB Gecko based early debugging.
1180 * The virtual address used must match the virtual address
1181 * associated to the fixmap entry FIX_EARLY_DEBUG_BASE.
1183 lis r11, 0xfffe /* top 128K */
1184 ori r8, r8, 0x002a /* uncached, guarded ,rw */
1185 ori r11, r11, 0x2 /* 128K, Vs=1, Vp=0 */
1186 mtspr SPRN_DBAT1L, r8
1187 mtspr SPRN_DBAT1U, r11
1192 /* Jump into the system reset for the rom.
1193 * We first disable the MMU, and then jump to the ROM reset address.
1195 * r3 is the board info structure, r4 is the location for starting.
1196 * I use this for building a small kernel that can load other kernels,
1197 * rather than trying to write or rely on a rom monitor that can tftp load.
1202 rlwinm r0,r0,0,17,15 /* clear MSR_EE in r0 */
1206 mfspr r11, SPRN_HID0
1208 ori r10,r10,HID0_ICE|HID0_DCE
1210 mtspr SPRN_HID0, r11
1212 li r5, MSR_ME|MSR_RI
1214 addis r6,r6,-KERNELBASE@h
1228 * We put a few things here that have to be page-aligned.
1229 * This stuff goes at the beginning of the data segment,
1230 * which is page-aligned.
1235 .globl empty_zero_page
1238 EXPORT_SYMBOL(empty_zero_page)
1240 .globl swapper_pg_dir
1242 .space PGD_TABLE_SIZE
1244 /* Room for two PTE pointers, usually the kernel and current user pointers
1245 * to their respective root page table.