projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
powerpc/6xx: Store PGDIR physical address in a SPRG
[linux-block.git] / arch / powerpc / kernel / head_32.S
CommitLineData
14cf11af
PM		 1/*
2 * PowerPC version
3 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
4 *
5 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
6 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
7 * Adapted for Power Macintosh by Paul Mackerras.
8 * Low-level exception handlers and MMU support
9 * rewritten by Paul Mackerras.
10 * Copyright (C) 1996 Paul Mackerras.
11 * MPC8xx modifications Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
14cf11af
PM		 12 *
13 * This file contains the low-level support and setup for the
14 * PowerPC platform, including trap and interrupt dispatch.
15 * (The PPC 8xx embedded CPUs use head_8xx.S instead.)
16 *
17 * This program is free software; you can redistribute it and/or
18 * modify it under the terms of the GNU General Public License
19 * as published by the Free Software Foundation; either version
20 * 2 of the License, or (at your option) any later version.
21 *
22 */
23
e7039845 24#include <linux/init.h>
b3b8dc6c 25#include <asm/reg.h>
14cf11af
PM		 26#include <asm/page.h>
27#include <asm/mmu.h>
28#include <asm/pgtable.h>
29#include <asm/cputable.h>
30#include <asm/cache.h>
31#include <asm/thread_info.h>
32#include <asm/ppc_asm.h>
33#include <asm/asm-offsets.h>
ec2b36b9 34#include <asm/ptrace.h>
5e696617 35#include <asm/bug.h>
dd84c217 36#include <asm/kvm_book3s_asm.h>
9445aa1a 37#include <asm/export.h>
2c86cd18 38#include <asm/feature-fixups.h>
14cf11af 39
14cf11af
PM		 40/* 601 only have IBAT; cr0.eq is set on 601 when using this macro */
41#define LOAD_BAT(n, reg, RA, RB) \
42 /* see the comment for clear_bats() -- Cort */ \
43 li RA,0; \
44 mtspr SPRN_IBAT##n##U,RA; \
45 mtspr SPRN_DBAT##n##U,RA; \
46 lwz RA,(n*16)+0(reg); \
47 lwz RB,(n*16)+4(reg); \
48 mtspr SPRN_IBAT##n##U,RA; \
49 mtspr SPRN_IBAT##n##L,RB; \
50 beq 1f; \
51 lwz RA,(n*16)+8(reg); \
52 lwz RB,(n*16)+12(reg); \
53 mtspr SPRN_DBAT##n##U,RA; \
54 mtspr SPRN_DBAT##n##L,RB; \
551:
14cf11af 56
e7039845 57 __HEAD
b3b8dc6c
PM		 58 .stabs "arch/powerpc/kernel/",N_SO,0,0,0f
59 .stabs "head_32.S",N_SO,0,0,0f
14cf11af 600:
748a7683 61_ENTRY(_stext);
14cf11af
PM		 62
63/*
64 * _start is defined this way because the XCOFF loader in the OpenFirmware
65 * on the powermac expects the entry point to be a procedure descriptor.
66 */
748a7683 67_ENTRY(_start);
14cf11af
PM		 68 /*
69 * These are here for legacy reasons, the kernel used to
70 * need to look like a coff function entry for the pmac
71 * but we're always started by some kind of bootloader now.
72 * -- Cort
73 */
74 nop /* used by __secondary_hold on prep (mtx) and chrp smp */
75 nop /* used by __secondary_hold on prep (mtx) and chrp smp */
76 nop
77
78/* PMAC
79 * Enter here with the kernel text, data and bss loaded starting at
80 * 0, running with virtual == physical mapping.
81 * r5 points to the prom entry point (the client interface handler
82 * address). Address translation is turned on, with the prom
83 * managing the hash table. Interrupts are disabled. The stack
84 * pointer (r1) points to just below the end of the half-meg region
85 * from 0x380000 - 0x400000, which is mapped in already.
86 *
87 * If we are booted from MacOS via BootX, we enter with the kernel
88 * image loaded somewhere, and the following values in registers:
89 * r3: 'BooX' (0x426f6f58)
90 * r4: virtual address of boot_infos_t
91 * r5: 0
92 *
14cf11af
PM		 93 * PREP
94 * This is jumped to on prep systems right after the kernel is relocated
95 * to its proper place in memory by the boot loader. The expected layout
96 * of the regs is:
97 * r3: ptr to residual data
98 * r4: initrd_start or if no initrd then 0
99 * r5: initrd_end - unused if r4 is 0
100 * r6: Start of command line string
101 * r7: End of command line string
102 *
103 * This just gets a minimal mmu environment setup so we can call
104 * start_here() to do the real work.
105 * -- Cort
106 */
107
108 .globl __start
109__start:
110/*
111 * We have to do any OF calls before we map ourselves to KERNELBASE,
112 * because OF may have I/O devices mapped into that area
113 * (particularly on CHRP).
114 */
9b6b563c
PM		 115 cmpwi 0,r5,0
116 beq 1f
2bda347b 117
28794d34 118#ifdef CONFIG_PPC_OF_BOOT_TRAMPOLINE
2bda347b
BH		 119 /* find out where we are now */
120 bcl 20,31,$+4
1210: mflr r8 /* r8 = runtime addr here */
122 addis r8,r8,(_stext - 0b)@ha
123 addi r8,r8,(_stext - 0b)@l /* current runtime base addr */
9b6b563c 124 bl prom_init
28794d34
BH		 125#endif /* CONFIG_PPC_OF_BOOT_TRAMPOLINE */
126
127 /* We never return. We also hit that trap if trying to boot
128 * from OF while CONFIG_PPC_OF_BOOT_TRAMPOLINE isn't selected */
9b6b563c
PM		 129 trap
130
d7f39454
BH		 131/*
132 * Check for BootX signature when supporting PowerMac and branch to
133 * appropriate trampoline if it's present
134 */
135#ifdef CONFIG_PPC_PMAC
1361: lis r31,0x426f
137 ori r31,r31,0x6f58
138 cmpw 0,r3,r31
139 bne 1f
140 bl bootx_init
141 trap
142#endif /* CONFIG_PPC_PMAC */
143
6dece0eb 1441: mr r31,r3 /* save device tree ptr */
14cf11af
PM		 145 li r24,0 /* cpu # */
146
147/*
148 * early_init() does the early machine identification and does
149 * the necessary low-level setup and clears the BSS
150 * -- Cort <cort@fsmlabs.com>
151 */
152 bl early_init
153
14cf11af
PM		 154/* Switch MMU off, clear BATs and flush TLB. At this point, r3 contains
155 * the physical address we are running at, returned by early_init()
156 */
157 bl mmu_off
158__after_mmu_off:
14cf11af
PM		 159 bl clear_bats
160 bl flush_tlbs
161
162 bl initial_bats
f21f49ea 163#if defined(CONFIG_BOOTX_TEXT)
51d3082f
BH		 164 bl setup_disp_bat
165#endif
c374e00e
SW		 166#ifdef CONFIG_PPC_EARLY_DEBUG_CPM
167 bl setup_cpm_bat
168#endif
d1d56f8c
AH		 169#ifdef CONFIG_PPC_EARLY_DEBUG_USBGECKO
170 bl setup_usbgecko_bat
171#endif
14cf11af
PM		 172
173/*
174 * Call setup_cpu for CPU 0 and initialize 6xx Idle
175 */
176 bl reloc_offset
177 li r24,0 /* cpu# */
178 bl call_setup_cpu /* Call setup_cpu for this CPU */
d7cceda9 179#ifdef CONFIG_PPC_BOOK3S_32
14cf11af
PM		 180 bl reloc_offset
181 bl init_idle_6xx
d7cceda9 182#endif /* CONFIG_PPC_BOOK3S_32 */
14cf11af
PM		 183
184
14cf11af
PM		 185/*
186 * We need to run with _start at physical address 0.
187 * On CHRP, we are loaded at 0x10000 since OF on CHRP uses
188 * the exception vectors at 0 (and therefore this copy
189 * overwrites OF's exception vectors with our own).
9b6b563c 190 * The MMU is off at this point.
14cf11af
PM		 191 */
192 bl reloc_offset
193 mr r26,r3
194 addis r4,r3,KERNELBASE@h /* current address of _start */
ccdcef72
DF		 195 lis r5,PHYSICAL_START@h
196 cmplw 0,r4,r5 /* already running at PHYSICAL_START? */
14cf11af 197 bne relocate_kernel
14cf11af
PM		 198/*
199 * we now have the 1st 16M of ram mapped with the bats.
200 * prep needs the mmu to be turned on here, but pmac already has it on.
201 * this shouldn't bother the pmac since it just gets turned on again
202 * as we jump to our code at KERNELBASE. -- Cort
203 * Actually no, pmac doesn't have it on any more. BootX enters with MMU
204 * off, and in other cases, we now turn it off before changing BATs above.
205 */
206turn_on_mmu:
207 mfmsr r0
208 ori r0,r0,MSR_DR|MSR_IR
209 mtspr SPRN_SRR1,r0
210 lis r0,start_here@h
211 ori r0,r0,start_here@l
212 mtspr SPRN_SRR0,r0
213 SYNC
214 RFI /* enables MMU */
215
216/*
217 * We need __secondary_hold as a place to hold the other cpus on
218 * an SMP machine, even when we are running a UP kernel.
219 */
220 . = 0xc0 /* for prep bootloader */
221 li r3,1 /* MTX only has 1 cpu */
222 .globl __secondary_hold
223__secondary_hold:
224 /* tell the master we're here */
bbd0abda 225 stw r3,__secondary_hold_acknowledge@l(0)
14cf11af
PM		 226#ifdef CONFIG_SMP
227100: lwz r4,0(0)
228 /* wait until we're told to start */
229 cmpw 0,r4,r3
230 bne 100b
231 /* our cpu # was at addr 0 - go */
232 mr r24,r3 /* cpu # */
233 b __secondary_start
234#else
235 b .
236#endif /* CONFIG_SMP */
237
bbd0abda
PM		 238 .globl __secondary_hold_spinloop
239__secondary_hold_spinloop:
240 .long 0
241 .globl __secondary_hold_acknowledge
242__secondary_hold_acknowledge:
243 .long -1
244
14cf11af
PM		 245/*
246 * Exception entry code. This code runs with address translation
247 * turned off, i.e. using physical addresses.
248 * We assume sprg3 has the physical address of the current
249 * task's thread_struct.
250 */
251#define EXCEPTION_PROLOG \
ee43eb78
BH		 252 mtspr SPRN_SPRG_SCRATCH0,r10; \
253 mtspr SPRN_SPRG_SCRATCH1,r11; \
14cf11af
PM		 254 mfcr r10; \
255 EXCEPTION_PROLOG_1; \
256 EXCEPTION_PROLOG_2
257
258#define EXCEPTION_PROLOG_1 \
259 mfspr r11,SPRN_SRR1; /* check whether user or kernel */ \
260 andi. r11,r11,MSR_PR; \
261 tophys(r11,r1); /* use tophys(r1) if kernel */ \
262 beq 1f; \
ee43eb78 263 mfspr r11,SPRN_SPRG_THREAD; \
14cf11af
PM		 264 lwz r11,THREAD_INFO-THREAD(r11); \
265 addi r11,r11,THREAD_SIZE; \
266 tophys(r11,r11); \
2671: subi r11,r11,INT_FRAME_SIZE /* alloc exc. frame */
268
269
270#define EXCEPTION_PROLOG_2 \
14cf11af
PM		 271 stw r10,_CCR(r11); /* save registers */ \
272 stw r12,GPR12(r11); \
273 stw r9,GPR9(r11); \
ee43eb78 274 mfspr r10,SPRN_SPRG_SCRATCH0; \
14cf11af 275 stw r10,GPR10(r11); \
ee43eb78 276 mfspr r12,SPRN_SPRG_SCRATCH1; \
14cf11af
PM		 277 stw r12,GPR11(r11); \
278 mflr r10; \
279 stw r10,_LINK(r11); \
280 mfspr r12,SPRN_SRR0; \
281 mfspr r9,SPRN_SRR1; \
282 stw r1,GPR1(r11); \
283 stw r1,0(r11); \
284 tovirt(r1,r11); /* set new kernel sp */ \
285 li r10,MSR_KERNEL & ~(MSR_IR|MSR_DR); /* can take exceptions */ \
286 MTMSRD(r10); /* (except for mach check in rtas) */ \
287 stw r0,GPR0(r11); \
ec2b36b9
BH		 288 lis r10,STACK_FRAME_REGS_MARKER@ha; /* exception frame marker */ \
289 addi r10,r10,STACK_FRAME_REGS_MARKER@l; \
f78541dc 290 stw r10,8(r11); \
14cf11af
PM		 291 SAVE_4GPRS(3, r11); \
292 SAVE_2GPRS(7, r11)
293
294/*
295 * Note: code which follows this uses cr0.eq (set if from kernel),
296 * r11, r12 (SRR0), and r9 (SRR1).
297 *
298 * Note2: once we have set r1 we are in a position to take exceptions
299 * again, and we could thus set MSR:RI at that point.
300 */
301
302/*
303 * Exception vectors.
304 */
305#define EXCEPTION(n, label, hdlr, xfer) \
306 . = n; \
dd84c217 307 DO_KVM n; \
14cf11af
PM		 308label: \
309 EXCEPTION_PROLOG; \
310 addi r3,r1,STACK_FRAME_OVERHEAD; \
311 xfer(n, hdlr)
312
313#define EXC_XFER_TEMPLATE(n, hdlr, trap, copyee, tfer, ret) \
314 li r10,trap; \
d73e0c99 315 stw r10,_TRAP(r11); \
14cf11af
PM		 316 li r10,MSR_KERNEL; \
317 copyee(r10, r9); \
318 bl tfer; \
319i##n: \
320 .long hdlr; \
321 .long ret
322
323#define COPY_EE(d, s) rlwimi d,s,0,16,16
324#define NOCOPY(d, s)
325
326#define EXC_XFER_STD(n, hdlr) \
327 EXC_XFER_TEMPLATE(n, hdlr, n, NOCOPY, transfer_to_handler_full, \
328 ret_from_except_full)
329
330#define EXC_XFER_LITE(n, hdlr) \
331 EXC_XFER_TEMPLATE(n, hdlr, n+1, NOCOPY, transfer_to_handler, \
332 ret_from_except)
333
334#define EXC_XFER_EE(n, hdlr) \
335 EXC_XFER_TEMPLATE(n, hdlr, n, COPY_EE, transfer_to_handler_full, \
336 ret_from_except_full)
337
338#define EXC_XFER_EE_LITE(n, hdlr) \
339 EXC_XFER_TEMPLATE(n, hdlr, n+1, COPY_EE, transfer_to_handler, \
340 ret_from_except)
341
342/* System reset */
343/* core99 pmac starts the seconary here by changing the vector, and
dc1c1ca3 344 putting it back to what it was (unknown_exception) when done. */
dc1c1ca3 345 EXCEPTION(0x100, Reset, unknown_exception, EXC_XFER_STD)
14cf11af
PM		 346
347/* Machine check */
348/*
349 * On CHRP, this is complicated by the fact that we could get a
350 * machine check inside RTAS, and we have no guarantee that certain
351 * critical registers will have the values we expect. The set of
352 * registers that might have bad values includes all the GPRs
353 * and all the BATs. We indicate that we are in RTAS by putting
354 * a non-zero value, the address of the exception frame to use,
0df977ea
CL		 355 * in thread.rtas_sp. The machine check handler checks thread.rtas_sp
356 * and uses its value if it is non-zero.
14cf11af
PM		 357 * (Other exception handlers assume that r1 is a valid kernel stack
358 * pointer when we take an exception from supervisor mode.)
359 * -- paulus.
360 */
361 . = 0x200
dd84c217 362 DO_KVM 0x200
ee43eb78
BH		 363 mtspr SPRN_SPRG_SCRATCH0,r10
364 mtspr SPRN_SPRG_SCRATCH1,r11
14cf11af
PM		 365 mfcr r10
366#ifdef CONFIG_PPC_CHRP
0df977ea
CL		 367 mfspr r11, SPRN_SPRG_THREAD
368 lwz r11, RTAS_SP(r11)
369 cmpwi cr1, r11, 0
370 bne cr1, 7f
14cf11af
PM		 371#endif /* CONFIG_PPC_CHRP */
372 EXCEPTION_PROLOG_1
3737: EXCEPTION_PROLOG_2
374 addi r3,r1,STACK_FRAME_OVERHEAD
375#ifdef CONFIG_PPC_CHRP
14cf11af
PM		 376 bne cr1,1f
377#endif
dc1c1ca3 378 EXC_XFER_STD(0x200, machine_check_exception)
14cf11af
PM		 379#ifdef CONFIG_PPC_CHRP
3801: b machine_check_in_rtas
381#endif
382
383/* Data access exception. */
384 . = 0x300
dd84c217 385 DO_KVM 0x300
14cf11af
PM		 386DataAccess:
387 EXCEPTION_PROLOG
14cf11af 388 mfspr r10,SPRN_DSISR
4ee7084e 389 stw r10,_DSISR(r11)
f23ab3ef 390 andis. r0,r10,(DSISR_BAD_FAULT_32S|DSISR_DABRMATCH)@h
14cf11af
PM		 391 bne 1f /* if not, try to put a PTE */
392 mfspr r4,SPRN_DAR /* into the hash table */
393 rlwinm r3,r10,32-15,21,21 /* DSISR_STORE -> _PAGE_RW */
4a3a224c 394BEGIN_MMU_FTR_SECTION
14cf11af 395 bl hash_page
4a3a224c 396END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
4ee7084e 3971: lwz r5,_DSISR(r11) /* get DSISR value */
14cf11af 398 mfspr r4,SPRN_DAR
a546498f 399 EXC_XFER_LITE(0x300, handle_page_fault)
14cf11af 400
14cf11af
PM		 401
402/* Instruction access exception. */
403 . = 0x400
dd84c217 404 DO_KVM 0x400
14cf11af
PM		 405InstructionAccess:
406 EXCEPTION_PROLOG
b4c001dc 407 andis. r0,r9,SRR1_ISI_NOPT@h /* no pte found? */
14cf11af
PM		 408 beq 1f /* if so, try to put a PTE */
409 li r3,0 /* into the hash table */
410 mr r4,r12 /* SRR0 is fault address */
4a3a224c 411BEGIN_MMU_FTR_SECTION
14cf11af 412 bl hash_page
4a3a224c 413END_MMU_FTR_SECTION_IFSET(MMU_FTR_HPTE_TABLE)
14cf11af 4141: mr r4,r12
b4c001dc 415 andis. r5,r9,DSISR_SRR1_MATCH_32S@h /* Filter relevant SRR1 bits */
a546498f 416 EXC_XFER_LITE(0x400, handle_page_fault)
14cf11af 417
14cf11af
PM		 418/* External interrupt */
419 EXCEPTION(0x500, HardwareInterrupt, do_IRQ, EXC_XFER_LITE)
420
421/* Alignment exception */
422 . = 0x600
dd84c217 423 DO_KVM 0x600
14cf11af
PM		 424Alignment:
425 EXCEPTION_PROLOG
426 mfspr r4,SPRN_DAR
427 stw r4,_DAR(r11)
428 mfspr r5,SPRN_DSISR
429 stw r5,_DSISR(r11)
430 addi r3,r1,STACK_FRAME_OVERHEAD
dc1c1ca3 431 EXC_XFER_EE(0x600, alignment_exception)
14cf11af
PM		 432
433/* Program check exception */
dc1c1ca3 434 EXCEPTION(0x700, ProgramCheck, program_check_exception, EXC_XFER_STD)
14cf11af
PM		 435
436/* Floating-point unavailable */
437 . = 0x800
dd84c217 438 DO_KVM 0x800
14cf11af 439FPUnavailable:
aa42c69c
KP		 440BEGIN_FTR_SECTION
441/*
442 * Certain Freescale cores don't have a FPU and treat fp instructions
443 * as a FP Unavailable exception. Redirect to illegal/emulation handling.
444 */
445 b ProgramCheck
446END_FTR_SECTION_IFSET(CPU_FTR_FPU_UNAVAILABLE)
14cf11af 447 EXCEPTION_PROLOG
6f3d8e69
MN		 448 beq 1f
449 bl load_up_fpu /* if from user, just load it up */
450 b fast_exception_return
4511: addi r3,r1,STACK_FRAME_OVERHEAD
8dad3f92 452 EXC_XFER_EE_LITE(0x800, kernel_fp_unavailable_exception)
14cf11af
PM		 453
454/* Decrementer */
455 EXCEPTION(0x900, Decrementer, timer_interrupt, EXC_XFER_LITE)
456
dc1c1ca3
SR		 457 EXCEPTION(0xa00, Trap_0a, unknown_exception, EXC_XFER_EE)
458 EXCEPTION(0xb00, Trap_0b, unknown_exception, EXC_XFER_EE)
14cf11af
PM		 459
460/* System call */
461 . = 0xc00
dd84c217 462 DO_KVM 0xc00
14cf11af
PM		 463SystemCall:
464 EXCEPTION_PROLOG
465 EXC_XFER_EE_LITE(0xc00, DoSyscall)
466
467/* Single step - not used on 601 */
dc1c1ca3
SR		 468 EXCEPTION(0xd00, SingleStep, single_step_exception, EXC_XFER_STD)
469 EXCEPTION(0xe00, Trap_0e, unknown_exception, EXC_XFER_EE)
14cf11af
PM		 470
471/*
472 * The Altivec unavailable trap is at 0x0f20. Foo.
473 * We effectively remap it to 0x3000.
474 * We include an altivec unavailable exception vector even if
475 * not configured for Altivec, so that you can't panic a
476 * non-altivec kernel running on a machine with altivec just
477 * by executing an altivec instruction.
478 */
479 . = 0xf00
dd84c217 480 DO_KVM 0xf00
555d97ac 481 b PerformanceMonitor
14cf11af
PM		 482
483 . = 0xf20
dd84c217 484 DO_KVM 0xf20
14cf11af
PM		 485 b AltiVecUnavailable
486
14cf11af
PM		 487/*
488 * Handle TLB miss for instruction on 603/603e.
489 * Note: we get an alternate set of r0 - r3 to use automatically.
490 */
491 . = 0x1000
492InstructionTLBMiss:
493/*
00fcb147 494 * r0: scratch
14cf11af
PM		 495 * r1: linux style pte ( later becomes ppc hardware pte )
496 * r2: ptr to linux-style pte
497 * r3: scratch
498 */
14cf11af
PM		 499 /* Get PTE (linux-style) and check access */
500 mfspr r3,SPRN_IMISS
8a13c4f9
KG		 501 lis r1,PAGE_OFFSET@h /* check if kernel address */
502 cmplw 0,r1,r3
93c4a162 503 mfspr r2, SPRN_SPRG_PGDIR
385e89d5 504 li r1,_PAGE_USER|_PAGE_PRESENT|_PAGE_EXEC /* low addresses tested as user */
8a13c4f9 505 bge- 112f
bde6c6e1
SW		 506 mfspr r2,SPRN_SRR1 /* and MSR_PR bit from SRR1 */
507 rlwimi r1,r2,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */
14cf11af
PM		 508 lis r2,swapper_pg_dir@ha /* if kernel address, use */
509 addi r2,r2,swapper_pg_dir@l /* kernel page table */
93c4a162
CL		 510 tophys(r2,r2)
511112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
14cf11af
PM		 512 lwz r2,0(r2) /* get pmd entry */
513 rlwinm. r2,r2,0,0,19 /* extract address of pte page */
514 beq- InstructionAddressInvalid /* return if no mapping */
515 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
eb3436a0
KG		 516 lwz r0,0(r2) /* get linux-style pte */
517 andc. r1,r1,r0 /* check access & ~permission */
14cf11af 518 bne- InstructionAddressInvalid /* return if access not permitted */
eb3436a0 519 ori r0,r0,_PAGE_ACCESSED /* set _PAGE_ACCESSED in pte */
14cf11af
PM		 520 /*
521 * NOTE! We are assuming this is not an SMP system, otherwise
522 * we would need to update the pte atomically with lwarx/stwcx.
523 */
eb3436a0 524 stw r0,0(r2) /* update PTE (accessed bit) */
14cf11af 525 /* Convert linux-style PTE to low word of PPC-style PTE */
eb3436a0
KG		 526 rlwinm r1,r0,32-10,31,31 /* _PAGE_RW -> PP lsb */
527 rlwinm r2,r0,32-7,31,31 /* _PAGE_DIRTY -> PP lsb */
14cf11af 528 and r1,r1,r2 /* writable if _RW and _DIRTY */
eb3436a0
KG		 529 rlwimi r0,r0,32-1,30,30 /* _PAGE_USER -> PP msb */
530 rlwimi r0,r0,32-1,31,31 /* _PAGE_USER -> PP lsb */
a4bd6a93 531 ori r1,r1,0xe04 /* clear out reserved bits */
eb3436a0 532 andc r1,r0,r1 /* PP = user? (rw&dirty? 2: 3): 0 */
345953cf
KG		 533BEGIN_FTR_SECTION
534 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
535END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
14cf11af 536 mtspr SPRN_RPA,r1
14cf11af
PM		 537 tlbli r3
538 mfspr r3,SPRN_SRR1 /* Need to restore CR0 */
539 mtcrf 0x80,r3
540 rfi
541InstructionAddressInvalid:
542 mfspr r3,SPRN_SRR1
543 rlwinm r1,r3,9,6,6 /* Get load/store bit */
544
545 addis r1,r1,0x2000
546 mtspr SPRN_DSISR,r1 /* (shouldn't be needed) */
14cf11af
PM		 547 andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */
548 or r2,r2,r1
549 mtspr SPRN_SRR1,r2
550 mfspr r1,SPRN_IMISS /* Get failing address */
551 rlwinm. r2,r2,0,31,31 /* Check for little endian access */
552 rlwimi r2,r2,1,30,30 /* change 1 -> 3 */
553 xor r1,r1,r2
554 mtspr SPRN_DAR,r1 /* Set fault address */
555 mfmsr r0 /* Restore "normal" registers */
556 xoris r0,r0,MSR_TGPR>>16
557 mtcrf 0x80,r3 /* Restore CR0 */
558 mtmsr r0
559 b InstructionAccess
560
561/*
562 * Handle TLB miss for DATA Load operation on 603/603e
563 */
564 . = 0x1100
565DataLoadTLBMiss:
566/*
00fcb147 567 * r0: scratch
14cf11af
PM		 568 * r1: linux style pte ( later becomes ppc hardware pte )
569 * r2: ptr to linux-style pte
570 * r3: scratch
571 */
14cf11af
PM		 572 /* Get PTE (linux-style) and check access */
573 mfspr r3,SPRN_DMISS
8a13c4f9
KG		 574 lis r1,PAGE_OFFSET@h /* check if kernel address */
575 cmplw 0,r1,r3
93c4a162 576 mfspr r2, SPRN_SPRG_PGDIR
14cf11af 577 li r1,_PAGE_USER|_PAGE_PRESENT /* low addresses tested as user */
8a13c4f9 578 bge- 112f
bde6c6e1
SW		 579 mfspr r2,SPRN_SRR1 /* and MSR_PR bit from SRR1 */
580 rlwimi r1,r2,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */
14cf11af
PM		 581 lis r2,swapper_pg_dir@ha /* if kernel address, use */
582 addi r2,r2,swapper_pg_dir@l /* kernel page table */
93c4a162
CL		 583 tophys(r2,r2)
584112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
14cf11af
PM		 585 lwz r2,0(r2) /* get pmd entry */
586 rlwinm. r2,r2,0,0,19 /* extract address of pte page */
587 beq- DataAddressInvalid /* return if no mapping */
588 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
eb3436a0
KG		 589 lwz r0,0(r2) /* get linux-style pte */
590 andc. r1,r1,r0 /* check access & ~permission */
14cf11af 591 bne- DataAddressInvalid /* return if access not permitted */
eb3436a0 592 ori r0,r0,_PAGE_ACCESSED /* set _PAGE_ACCESSED in pte */
14cf11af
PM		 593 /*
594 * NOTE! We are assuming this is not an SMP system, otherwise
595 * we would need to update the pte atomically with lwarx/stwcx.
596 */
eb3436a0 597 stw r0,0(r2) /* update PTE (accessed bit) */
14cf11af 598 /* Convert linux-style PTE to low word of PPC-style PTE */
eb3436a0
KG		 599 rlwinm r1,r0,32-10,31,31 /* _PAGE_RW -> PP lsb */
600 rlwinm r2,r0,32-7,31,31 /* _PAGE_DIRTY -> PP lsb */
14cf11af 601 and r1,r1,r2 /* writable if _RW and _DIRTY */
eb3436a0
KG		 602 rlwimi r0,r0,32-1,30,30 /* _PAGE_USER -> PP msb */
603 rlwimi r0,r0,32-1,31,31 /* _PAGE_USER -> PP lsb */
a4bd6a93 604 ori r1,r1,0xe04 /* clear out reserved bits */
eb3436a0 605 andc r1,r0,r1 /* PP = user? (rw&dirty? 2: 3): 0 */
345953cf
KG		 606BEGIN_FTR_SECTION
607 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
608END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
14cf11af 609 mtspr SPRN_RPA,r1
2319f123
KG		 610 mfspr r2,SPRN_SRR1 /* Need to restore CR0 */
611 mtcrf 0x80,r2
612BEGIN_MMU_FTR_SECTION
613 li r0,1
ee43eb78 614 mfspr r1,SPRN_SPRG_603_LRU
2319f123
KG		 615 rlwinm r2,r3,20,27,31 /* Get Address bits 15:19 */
616 slw r0,r0,r2
617 xor r1,r0,r1
618 srw r0,r1,r2
ee43eb78 619 mtspr SPRN_SPRG_603_LRU,r1
2319f123
KG		 620 mfspr r2,SPRN_SRR1
621 rlwimi r2,r0,31-14,14,14
622 mtspr SPRN_SRR1,r2
623END_MMU_FTR_SECTION_IFSET(MMU_FTR_NEED_DTLB_SW_LRU)
14cf11af 624 tlbld r3
14cf11af
PM		 625 rfi
626DataAddressInvalid:
627 mfspr r3,SPRN_SRR1
628 rlwinm r1,r3,9,6,6 /* Get load/store bit */
629 addis r1,r1,0x2000
630 mtspr SPRN_DSISR,r1
14cf11af
PM		 631 andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */
632 mtspr SPRN_SRR1,r2
633 mfspr r1,SPRN_DMISS /* Get failing address */
634 rlwinm. r2,r2,0,31,31 /* Check for little endian access */
635 beq 20f /* Jump if big endian */
636 xori r1,r1,3
63720: mtspr SPRN_DAR,r1 /* Set fault address */
638 mfmsr r0 /* Restore "normal" registers */
639 xoris r0,r0,MSR_TGPR>>16
640 mtcrf 0x80,r3 /* Restore CR0 */
641 mtmsr r0
642 b DataAccess
643
644/*
645 * Handle TLB miss for DATA Store on 603/603e
646 */
647 . = 0x1200
648DataStoreTLBMiss:
649/*
00fcb147 650 * r0: scratch
14cf11af
PM		 651 * r1: linux style pte ( later becomes ppc hardware pte )
652 * r2: ptr to linux-style pte
653 * r3: scratch
654 */
14cf11af
PM		 655 /* Get PTE (linux-style) and check access */
656 mfspr r3,SPRN_DMISS
8a13c4f9
KG		 657 lis r1,PAGE_OFFSET@h /* check if kernel address */
658 cmplw 0,r1,r3
93c4a162 659 mfspr r2, SPRN_SPRG_PGDIR
14cf11af 660 li r1,_PAGE_RW|_PAGE_USER|_PAGE_PRESENT /* access flags */
8a13c4f9 661 bge- 112f
bde6c6e1
SW		 662 mfspr r2,SPRN_SRR1 /* and MSR_PR bit from SRR1 */
663 rlwimi r1,r2,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */
14cf11af
PM		 664 lis r2,swapper_pg_dir@ha /* if kernel address, use */
665 addi r2,r2,swapper_pg_dir@l /* kernel page table */
93c4a162
CL		 666 tophys(r2,r2)
667112: rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */
14cf11af
PM		 668 lwz r2,0(r2) /* get pmd entry */
669 rlwinm. r2,r2,0,0,19 /* extract address of pte page */
670 beq- DataAddressInvalid /* return if no mapping */
671 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */
eb3436a0
KG		 672 lwz r0,0(r2) /* get linux-style pte */
673 andc. r1,r1,r0 /* check access & ~permission */
14cf11af 674 bne- DataAddressInvalid /* return if access not permitted */
eb3436a0 675 ori r0,r0,_PAGE_ACCESSED|_PAGE_DIRTY
14cf11af
PM		 676 /*
677 * NOTE! We are assuming this is not an SMP system, otherwise
678 * we would need to update the pte atomically with lwarx/stwcx.
679 */
eb3436a0 680 stw r0,0(r2) /* update PTE (accessed/dirty bits) */
14cf11af 681 /* Convert linux-style PTE to low word of PPC-style PTE */
eb3436a0 682 rlwimi r0,r0,32-1,30,30 /* _PAGE_USER -> PP msb */
a4bd6a93 683 li r1,0xe05 /* clear out reserved bits & PP lsb */
eb3436a0 684 andc r1,r0,r1 /* PP = user? 2: 0 */
345953cf
KG		 685BEGIN_FTR_SECTION
686 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */
687END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT)
14cf11af 688 mtspr SPRN_RPA,r1
2319f123
KG		 689 mfspr r2,SPRN_SRR1 /* Need to restore CR0 */
690 mtcrf 0x80,r2
691BEGIN_MMU_FTR_SECTION
692 li r0,1
ee43eb78 693 mfspr r1,SPRN_SPRG_603_LRU
2319f123
KG		 694 rlwinm r2,r3,20,27,31 /* Get Address bits 15:19 */
695 slw r0,r0,r2
696 xor r1,r0,r1
697 srw r0,r1,r2
ee43eb78 698 mtspr SPRN_SPRG_603_LRU,r1
2319f123
KG		 699 mfspr r2,SPRN_SRR1
700 rlwimi r2,r0,31-14,14,14
701 mtspr SPRN_SRR1,r2
702END_MMU_FTR_SECTION_IFSET(MMU_FTR_NEED_DTLB_SW_LRU)
14cf11af 703 tlbld r3
14cf11af
PM		 704 rfi
705
706#ifndef CONFIG_ALTIVEC
dc1c1ca3 707#define altivec_assist_exception unknown_exception
14cf11af
PM		 708#endif
709
dc1c1ca3 710 EXCEPTION(0x1300, Trap_13, instruction_breakpoint_exception, EXC_XFER_EE)
14cf11af 711 EXCEPTION(0x1400, SMI, SMIException, EXC_XFER_EE)
dc1c1ca3 712 EXCEPTION(0x1500, Trap_15, unknown_exception, EXC_XFER_EE)
dc1c1ca3 713 EXCEPTION(0x1600, Trap_16, altivec_assist_exception, EXC_XFER_EE)
14cf11af 714 EXCEPTION(0x1700, Trap_17, TAUException, EXC_XFER_STD)
dc1c1ca3 715 EXCEPTION(0x1800, Trap_18, unknown_exception, EXC_XFER_EE)
dc1c1ca3
SR		 716 EXCEPTION(0x1900, Trap_19, unknown_exception, EXC_XFER_EE)
717 EXCEPTION(0x1a00, Trap_1a, unknown_exception, EXC_XFER_EE)
718 EXCEPTION(0x1b00, Trap_1b, unknown_exception, EXC_XFER_EE)
719 EXCEPTION(0x1c00, Trap_1c, unknown_exception, EXC_XFER_EE)
720 EXCEPTION(0x1d00, Trap_1d, unknown_exception, EXC_XFER_EE)
721 EXCEPTION(0x1e00, Trap_1e, unknown_exception, EXC_XFER_EE)
722 EXCEPTION(0x1f00, Trap_1f, unknown_exception, EXC_XFER_EE)
14cf11af 723 EXCEPTION(0x2000, RunMode, RunModeException, EXC_XFER_EE)
dc1c1ca3
SR		 724 EXCEPTION(0x2100, Trap_21, unknown_exception, EXC_XFER_EE)
725 EXCEPTION(0x2200, Trap_22, unknown_exception, EXC_XFER_EE)
726 EXCEPTION(0x2300, Trap_23, unknown_exception, EXC_XFER_EE)
727 EXCEPTION(0x2400, Trap_24, unknown_exception, EXC_XFER_EE)
728 EXCEPTION(0x2500, Trap_25, unknown_exception, EXC_XFER_EE)
729 EXCEPTION(0x2600, Trap_26, unknown_exception, EXC_XFER_EE)
730 EXCEPTION(0x2700, Trap_27, unknown_exception, EXC_XFER_EE)
731 EXCEPTION(0x2800, Trap_28, unknown_exception, EXC_XFER_EE)
732 EXCEPTION(0x2900, Trap_29, unknown_exception, EXC_XFER_EE)
733 EXCEPTION(0x2a00, Trap_2a, unknown_exception, EXC_XFER_EE)
734 EXCEPTION(0x2b00, Trap_2b, unknown_exception, EXC_XFER_EE)
735 EXCEPTION(0x2c00, Trap_2c, unknown_exception, EXC_XFER_EE)
736 EXCEPTION(0x2d00, Trap_2d, unknown_exception, EXC_XFER_EE)
737 EXCEPTION(0x2e00, Trap_2e, unknown_exception, EXC_XFER_EE)
30726013 738 EXCEPTION(0x2f00, Trap_2f, unknown_exception, EXC_XFER_EE)
14cf11af
PM		 739
740 . = 0x3000
741
742AltiVecUnavailable:
743 EXCEPTION_PROLOG
744#ifdef CONFIG_ALTIVEC
37f9ef55
BH		 745 beq 1f
746 bl load_up_altivec /* if from user, just load it up */
747 b fast_exception_return
14cf11af 748#endif /* CONFIG_ALTIVEC */
37f9ef55 7491: addi r3,r1,STACK_FRAME_OVERHEAD
dc1c1ca3 750 EXC_XFER_EE_LITE(0xf20, altivec_unavailable_exception)
14cf11af 751
555d97ac
AF		 752PerformanceMonitor:
753 EXCEPTION_PROLOG
754 addi r3,r1,STACK_FRAME_OVERHEAD
755 EXC_XFER_STD(0xf00, performance_monitor_exception)
756
14cf11af
PM		 757
758/*
759 * This code is jumped to from the startup code to copy
ccdcef72 760 * the kernel image to physical address PHYSICAL_START.
14cf11af
PM		 761 */
762relocate_kernel:
763 addis r9,r26,klimit@ha /* fetch klimit */
764 lwz r25,klimit@l(r9)
765 addis r25,r25,-KERNELBASE@h
ccdcef72 766 lis r3,PHYSICAL_START@h /* Destination base address */
14cf11af
PM		 767 li r6,0 /* Destination offset */
768 li r5,0x4000 /* # bytes of memory to copy */
769 bl copy_and_flush /* copy the first 0x4000 bytes */
770 addi r0,r3,4f@l /* jump to the address of 4f */
771 mtctr r0 /* in copy and do the rest. */
772 bctr /* jump to the copy */
7734: mr r5,r25
774 bl copy_and_flush /* copy the rest */
775 b turn_on_mmu
776
777/*
778 * Copy routine used to copy the kernel to start at physical address 0
779 * and flush and invalidate the caches as needed.
780 * r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset
781 * on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5.
782 */
748a7683 783_ENTRY(copy_and_flush)
14cf11af
PM		 784 addi r5,r5,-4
785 addi r6,r6,-4
7dffb720 7864: li r0,L1_CACHE_BYTES/4
14cf11af
PM		 787 mtctr r0
7883: addi r6,r6,4 /* copy a cache line */
789 lwzx r0,r6,r4
790 stwx r0,r6,r3
791 bdnz 3b
792 dcbst r6,r3 /* write it to memory */
793 sync
794 icbi r6,r3 /* flush the icache line */
795 cmplw 0,r6,r5
796 blt 4b
797 sync /* additional sync needed on g4 */
798 isync
799 addi r5,r5,4
800 addi r6,r6,4
801 blr
802
14cf11af 803#ifdef CONFIG_SMP
ee0339f2
JL		 804 .globl __secondary_start_mpc86xx
805__secondary_start_mpc86xx:
806 mfspr r3, SPRN_PIR
807 stw r3, __secondary_hold_acknowledge@l(0)
808 mr r24, r3 /* cpu # */
809 b __secondary_start
810
14cf11af
PM		 811 .globl __secondary_start_pmac_0
812__secondary_start_pmac_0:
813 /* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */
814 li r24,0
815 b 1f
816 li r24,1
817 b 1f
818 li r24,2
819 b 1f
820 li r24,3
8211:
822 /* on powersurge, we come in here with IR=0 and DR=1, and DBAT 0
823 set to map the 0xf0000000 - 0xffffffff region */
824 mfmsr r0
825 rlwinm r0,r0,0,28,26 /* clear DR (0x10) */
826 SYNC
827 mtmsr r0
828 isync
829
830 .globl __secondary_start
831__secondary_start:
14cf11af
PM		 832 /* Copy some CPU settings from CPU 0 */
833 bl __restore_cpu_setup
834
835 lis r3,-KERNELBASE@h
836 mr r4,r24
14cf11af 837 bl call_setup_cpu /* Call setup_cpu for this CPU */
d7cceda9 838#ifdef CONFIG_PPC_BOOK3S_32
14cf11af
PM		 839 lis r3,-KERNELBASE@h
840 bl init_idle_6xx
d7cceda9 841#endif /* CONFIG_PPC_BOOK3S_32 */
14cf11af
PM		 842
843 /* get current_thread_info and current */
844 lis r1,secondary_ti@ha
845 tophys(r1,r1)
846 lwz r1,secondary_ti@l(r1)
847 tophys(r2,r1)
848 lwz r2,TI_TASK(r2)
849
850 /* stack */
851 addi r1,r1,THREAD_SIZE-STACK_FRAME_OVERHEAD
852 li r0,0
853 tophys(r3,r1)
854 stw r0,0(r3)
855
856 /* load up the MMU */
857 bl load_up_mmu
858
859 /* ptr to phys current thread */
860 tophys(r4,r2)
861 addi r4,r4,THREAD /* phys address of our thread_struct */
ee43eb78 862 mtspr SPRN_SPRG_THREAD,r4
0df977ea 863#ifdef CONFIG_PPC_RTAS
14cf11af 864 li r3,0
0df977ea
CL		 865 stw r3, RTAS_SP(r4) /* 0 => not in RTAS */
866#endif
14cf11af
PM		 867
868 /* enable MMU and jump to start_secondary */
869 li r4,MSR_KERNEL
14cf11af
PM		 870 lis r3,start_secondary@h
871 ori r3,r3,start_secondary@l
872 mtspr SPRN_SRR0,r3
873 mtspr SPRN_SRR1,r4
874 SYNC
875 RFI
876#endif /* CONFIG_SMP */
877
dd84c217
AG		 878#ifdef CONFIG_KVM_BOOK3S_HANDLER
879#include "../kvm/book3s_rmhandlers.S"
880#endif
881
14cf11af
PM		 882/*
883 * Those generic dummy functions are kept for CPUs not
d7cceda9 884 * included in CONFIG_PPC_BOOK3S_32
14cf11af 885 */
d7cceda9 886#if !defined(CONFIG_PPC_BOOK3S_32)
748a7683 887_ENTRY(__save_cpu_setup)
14cf11af 888 blr
748a7683 889_ENTRY(__restore_cpu_setup)
14cf11af 890 blr
d7cceda9 891#endif /* !defined(CONFIG_PPC_BOOK3S_32) */
14cf11af
PM		 892
893
894/*
895 * Load stuff into the MMU. Intended to be called with
896 * IR=0 and DR=0.
897 */
898load_up_mmu:
899 sync /* Force all PTE updates to finish */
900 isync
901 tlbia /* Clear all TLB entries */
902 sync /* wait for tlbia/tlbie to finish */
903 TLBSYNC /* ... on all CPUs */
904 /* Load the SDR1 register (hash table base & size) */
905 lis r6,_SDR1@ha
906 tophys(r6,r6)
907 lwz r6,_SDR1@l(r6)
908 mtspr SPRN_SDR1,r6
14cf11af
PM		 909 li r0,16 /* load up segment register values */
910 mtctr r0 /* for context 0 */
911 lis r3,0x2000 /* Ku = 1, VSID = 0 */
912 li r4,0
9133: mtsrin r3,r4
914 addi r3,r3,0x111 /* increment VSID */
915 addis r4,r4,0x1000 /* address of next segment */
916 bdnz 3b
187a0067 917
14cf11af
PM		 918/* Load the BAT registers with the values set up by MMU_init.
919 MMU_init takes care of whether we're on a 601 or not. */
920 mfpvr r3
921 srwi r3,r3,16
922 cmpwi r3,1
923 lis r3,BATS@ha
924 addi r3,r3,BATS@l
925 tophys(r3,r3)
926 LOAD_BAT(0,r3,r4,r5)
927 LOAD_BAT(1,r3,r4,r5)
928 LOAD_BAT(2,r3,r4,r5)
929 LOAD_BAT(3,r3,r4,r5)
7c03d653 930BEGIN_MMU_FTR_SECTION
ee0339f2
JL		 931 LOAD_BAT(4,r3,r4,r5)
932 LOAD_BAT(5,r3,r4,r5)
933 LOAD_BAT(6,r3,r4,r5)
934 LOAD_BAT(7,r3,r4,r5)
7c03d653 935END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
14cf11af
PM		 936 blr
937
938/*
939 * This is where the main kernel code starts.
940 */
941start_here:
942 /* ptr to current */
943 lis r2,init_task@h
944 ori r2,r2,init_task@l
945 /* Set up for using our exception vectors */
946 /* ptr to phys current thread */
947 tophys(r4,r2)
948 addi r4,r4,THREAD /* init task's THREAD */
ee43eb78 949 mtspr SPRN_SPRG_THREAD,r4
0df977ea 950#ifdef CONFIG_PPC_RTAS
14cf11af 951 li r3,0
0df977ea
CL		 952 stw r3, RTAS_SP(r4) /* 0 => not in RTAS */
953#endif
14cf11af
PM		 954
955 /* stack */
956 lis r1,init_thread_union@ha
957 addi r1,r1,init_thread_union@l
958 li r0,0
959 stwu r0,THREAD_SIZE-STACK_FRAME_OVERHEAD(r1)
960/*
187a0067 961 * Do early platform-specific initialization,
14cf11af
PM		 962 * and set up the MMU.
963 */
6dece0eb
SW		 964 li r3,0
965 mr r4,r31
14cf11af 966 bl machine_init
22c841c9 967 bl __save_cpu_setup
14cf11af
PM		 968 bl MMU_init
969
14cf11af
PM		 970/*
971 * Go back to running unmapped so we can load up new values
972 * for SDR1 (hash table pointer) and the segment registers
973 * and change to using our exception vectors.
974 */
975 lis r4,2f@h
976 ori r4,r4,2f@l
977 tophys(r4,r4)
978 li r3,MSR_KERNEL & ~(MSR_IR|MSR_DR)
14cf11af
PM		 979 mtspr SPRN_SRR0,r4
980 mtspr SPRN_SRR1,r3
981 SYNC
982 RFI
983/* Load up the kernel context */
9842: bl load_up_mmu
985
986#ifdef CONFIG_BDI_SWITCH
987 /* Add helper information for the Abatron bdiGDB debugger.
988 * We do this here because we know the mmu is disabled, and
989 * will be enabled for real in just a few instructions.
990 */
991 lis r5, abatron_pteptrs@h
992 ori r5, r5, abatron_pteptrs@l
993 stw r5, 0xf0(r0) /* This much match your Abatron config */
994 lis r6, swapper_pg_dir@h
995 ori r6, r6, swapper_pg_dir@l
996 tophys(r5, r5)
997 stw r6, 0(r5)
998#endif /* CONFIG_BDI_SWITCH */
999
1000/* Now turn on the MMU for real! */
1001 li r4,MSR_KERNEL
14cf11af
PM		 1002 lis r3,start_kernel@h
1003 ori r3,r3,start_kernel@l
1004 mtspr SPRN_SRR0,r3
1005 mtspr SPRN_SRR1,r4
1006 SYNC
1007 RFI
1008
1009/*
5e696617
BH		 1010 * void switch_mmu_context(struct mm_struct *prev, struct mm_struct *next);
1011 *
14cf11af
PM		 1012 * Set up the segment registers for a new context.
1013 */
5e696617
BH		 1014_ENTRY(switch_mmu_context)
1015 lwz r3,MMCONTEXTID(r4)
1016 cmpwi cr0,r3,0
1017 blt- 4f
14cf11af
PM		 1018 mulli r3,r3,897 /* multiply context by skew factor */
1019 rlwinm r3,r3,4,8,27 /* VSID = (context & 0xfffff) << 4 */
1020 addis r3,r3,0x6000 /* Set Ks, Ku bits */
1021 li r0,NUM_USER_SEGMENTS
1022 mtctr r0
1023
93c4a162 1024 lwz r4, MM_PGD(r4)
14cf11af
PM		 1025#ifdef CONFIG_BDI_SWITCH
1026 /* Context switch the PTE pointer for the Abatron BDI2000.
1027 * The PGDIR is passed as second argument.
1028 */
40058337
CL		 1029 lis r5, abatron_pteptrs@ha
1030 stw r4, abatron_pteptrs@l + 0x4(r5)
14cf11af 1031#endif
93c4a162
CL		 1032 tophys(r4, r4)
1033 mtspr SPRN_SPRG_PGDIR, r4
14cf11af
PM		 1034 li r4,0
1035 isync
10363:
14cf11af
PM		 1037 mtsrin r3,r4
1038 addi r3,r3,0x111 /* next VSID */
1039 rlwinm r3,r3,0,8,3 /* clear out any overflow from VSID field */
1040 addis r4,r4,0x1000 /* address of next segment */
1041 bdnz 3b
1042 sync
1043 isync
1044 blr
5e696617
BH		 10454: trap
1046 EMIT_BUG_ENTRY 4b,__FILE__,__LINE__,0
1047 blr
9445aa1a 1048EXPORT_SYMBOL(switch_mmu_context)
14cf11af
PM		 1049
1050/*
1051 * An undocumented "feature" of 604e requires that the v bit
1052 * be cleared before changing BAT values.
1053 *
1054 * Also, newer IBM firmware does not clear bat3 and 4 so
1055 * this makes sure it's done.
1056 * -- Cort
1057 */
1058clear_bats:
1059 li r10,0
1060 mfspr r9,SPRN_PVR
1061 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */
1062 cmpwi r9, 1
1063 beq 1f
1064
1065 mtspr SPRN_DBAT0U,r10
1066 mtspr SPRN_DBAT0L,r10
1067 mtspr SPRN_DBAT1U,r10
1068 mtspr SPRN_DBAT1L,r10
1069 mtspr SPRN_DBAT2U,r10
1070 mtspr SPRN_DBAT2L,r10
1071 mtspr SPRN_DBAT3U,r10
1072 mtspr SPRN_DBAT3L,r10
10731:
1074 mtspr SPRN_IBAT0U,r10
1075 mtspr SPRN_IBAT0L,r10
1076 mtspr SPRN_IBAT1U,r10
1077 mtspr SPRN_IBAT1L,r10
1078 mtspr SPRN_IBAT2U,r10
1079 mtspr SPRN_IBAT2L,r10
1080 mtspr SPRN_IBAT3U,r10
1081 mtspr SPRN_IBAT3L,r10
7c03d653 1082BEGIN_MMU_FTR_SECTION
14cf11af
PM		 1083 /* Here's a tweak: at this point, CPU setup have
1084 * not been called yet, so HIGH_BAT_EN may not be
1085 * set in HID0 for the 745x processors. However, it
1086 * seems that doesn't affect our ability to actually
1087 * write to these SPRs.
1088 */
1089 mtspr SPRN_DBAT4U,r10
1090 mtspr SPRN_DBAT4L,r10
1091 mtspr SPRN_DBAT5U,r10
1092 mtspr SPRN_DBAT5L,r10
1093 mtspr SPRN_DBAT6U,r10
1094 mtspr SPRN_DBAT6L,r10
1095 mtspr SPRN_DBAT7U,r10
1096 mtspr SPRN_DBAT7L,r10
1097 mtspr SPRN_IBAT4U,r10
1098 mtspr SPRN_IBAT4L,r10
1099 mtspr SPRN_IBAT5U,r10
1100 mtspr SPRN_IBAT5L,r10
1101 mtspr SPRN_IBAT6U,r10
1102 mtspr SPRN_IBAT6L,r10
1103 mtspr SPRN_IBAT7U,r10
1104 mtspr SPRN_IBAT7L,r10
7c03d653 1105END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS)
14cf11af
PM		 1106 blr
1107
1108flush_tlbs:
1109 lis r10, 0x40
11101: addic. r10, r10, -0x1000
1111 tlbie r10
9acd57ca 1112 bgt 1b
14cf11af
PM		 1113 sync
1114 blr
1115
1116mmu_off:
1117 addi r4, r3, __after_mmu_off - _start
1118 mfmsr r3
1119 andi. r0,r3,MSR_DR|MSR_IR /* MMU enabled? */
1120 beqlr
1121 andc r3,r3,r0
1122 mtspr SPRN_SRR0,r4
1123 mtspr SPRN_SRR1,r3
1124 sync
1125 RFI
1126
14cf11af 1127/*
4a5cbf17
BH		 1128 * On 601, we use 3 BATs to map up to 24M of RAM at _PAGE_OFFSET
1129 * (we keep one for debugging) and on others, we use one 256M BAT.
14cf11af
PM		 1130 */
1131initial_bats:
ccdcef72 1132 lis r11,PAGE_OFFSET@h
14cf11af
PM		 1133 mfspr r9,SPRN_PVR
1134 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */
1135 cmpwi 0,r9,1
1136 bne 4f
1137 ori r11,r11,4 /* set up BAT registers for 601 */
1138 li r8,0x7f /* valid, block length = 8MB */
14cf11af
PM		 1139 mtspr SPRN_IBAT0U,r11 /* N.B. 601 has valid bit in */
1140 mtspr SPRN_IBAT0L,r8 /* lower BAT register */
4a5cbf17
BH		 1141 addis r11,r11,0x800000@h
1142 addis r8,r8,0x800000@h
1143 mtspr SPRN_IBAT1U,r11
1144 mtspr SPRN_IBAT1L,r8
1145 addis r11,r11,0x800000@h
1146 addis r8,r8,0x800000@h
1147 mtspr SPRN_IBAT2U,r11
1148 mtspr SPRN_IBAT2L,r8
14cf11af
PM		 1149 isync
1150 blr
14cf11af
PM		 1151
11524: tophys(r8,r11)
1153#ifdef CONFIG_SMP
1154 ori r8,r8,0x12 /* R/W access, M=1 */
1155#else
1156 ori r8,r8,2 /* R/W access */
1157#endif /* CONFIG_SMP */
14cf11af 1158 ori r11,r11,BL_256M<<2|0x2 /* set up BAT registers for 604 */
14cf11af 1159
14cf11af
PM		 1160 mtspr SPRN_DBAT0L,r8 /* N.B. 6xx (not 601) have valid */
1161 mtspr SPRN_DBAT0U,r11 /* bit in upper BAT register */
1162 mtspr SPRN_IBAT0L,r8
1163 mtspr SPRN_IBAT0U,r11
1164 isync
1165 blr
1166
14cf11af 1167
f21f49ea 1168#ifdef CONFIG_BOOTX_TEXT
51d3082f
BH		 1169setup_disp_bat:
1170 /*
1171 * setup the display bat prepared for us in prom.c
1172 */
1173 mflr r8
1174 bl reloc_offset
1175 mtlr r8
1176 addis r8,r3,disp_BAT@ha
1177 addi r8,r8,disp_BAT@l
1178 cmpwi cr0,r8,0
1179 beqlr
1180 lwz r11,0(r8)
1181 lwz r8,4(r8)
1182 mfspr r9,SPRN_PVR
1183 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */
1184 cmpwi 0,r9,1
1185 beq 1f
1186 mtspr SPRN_DBAT3L,r8
1187 mtspr SPRN_DBAT3U,r11
1188 blr
11891: mtspr SPRN_IBAT3L,r8
1190 mtspr SPRN_IBAT3U,r11
1191 blr
f21f49ea 1192#endif /* CONFIG_BOOTX_TEXT */
51d3082f 1193
c374e00e
SW		 1194#ifdef CONFIG_PPC_EARLY_DEBUG_CPM
1195setup_cpm_bat:
1196 lis r8, 0xf000
1197 ori r8, r8, 0x002a
1198 mtspr SPRN_DBAT1L, r8
1199
1200 lis r11, 0xf000
1201 ori r11, r11, (BL_1M << 2) | 2
1202 mtspr SPRN_DBAT1U, r11
1203
1204 blr
1205#endif
1206
d1d56f8c
AH		 1207#ifdef CONFIG_PPC_EARLY_DEBUG_USBGECKO
1208setup_usbgecko_bat:
1209 /* prepare a BAT for early io */
1210#if defined(CONFIG_GAMECUBE)
1211 lis r8, 0x0c00
1212#elif defined(CONFIG_WII)
1213 lis r8, 0x0d00
1214#else
1215#error Invalid platform for USB Gecko based early debugging.
1216#endif
1217 /*
1218 * The virtual address used must match the virtual address
1219 * associated to the fixmap entry FIX_EARLY_DEBUG_BASE.
1220 */
1221 lis r11, 0xfffe /* top 128K */
1222 ori r8, r8, 0x002a /* uncached, guarded ,rw */
1223 ori r11, r11, 0x2 /* 128K, Vs=1, Vp=0 */
1224 mtspr SPRN_DBAT1L, r8
1225 mtspr SPRN_DBAT1U, r11
1226 blr
1227#endif
1228
14cf11af
PM		 1229#ifdef CONFIG_8260
1230/* Jump into the system reset for the rom.
1231 * We first disable the MMU, and then jump to the ROM reset address.
1232 *
1233 * r3 is the board info structure, r4 is the location for starting.
1234 * I use this for building a small kernel that can load other kernels,
1235 * rather than trying to write or rely on a rom monitor that can tftp load.
1236 */
1237 .globl m8260_gorom
1238m8260_gorom:
1239 mfmsr r0
1240 rlwinm r0,r0,0,17,15 /* clear MSR_EE in r0 */
1241 sync
1242 mtmsr r0
1243 sync
1244 mfspr r11, SPRN_HID0
1245 lis r10, 0
1246 ori r10,r10,HID0_ICE|HID0_DCE
1247 andc r11, r11, r10
1248 mtspr SPRN_HID0, r11
1249 isync
1250 li r5, MSR_ME|MSR_RI
1251 lis r6,2f@h
1252 addis r6,r6,-KERNELBASE@h
1253 ori r6,r6,2f@l
1254 mtspr SPRN_SRR0,r6
1255 mtspr SPRN_SRR1,r5
1256 isync
1257 sync
1258 rfi
12592:
1260 mtlr r4
1261 blr
1262#endif
1263
1264
1265/*
1266 * We put a few things here that have to be page-aligned.
1267 * This stuff goes at the beginning of the data segment,
1268 * which is page-aligned.
1269 */
1270 .data
1271 .globl sdata
1272sdata:
1273 .globl empty_zero_page
1274empty_zero_page:
1275 .space 4096
9445aa1a 1276EXPORT_SYMBOL(empty_zero_page)
14cf11af
PM		 1277
1278 .globl swapper_pg_dir
1279swapper_pg_dir:
bee86f14 1280 .space PGD_TABLE_SIZE
14cf11af 1281
14cf11af
PM		 1282/* Room for two PTE pointers, usually the kernel and current user pointers
1283 * to their respective root page table.
1284 */
1285abatron_pteptrs:
1286 .space 8
Linux 6.x block layer and io_uring tree(s)