xref: /openbmc/linux/arch/powerpc/kernel/head_64.S (revision 9dbbc3b9) 
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 *  PowerPC version
4 *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
5 *
6 *  Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
7 *    Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
8 *  Adapted for Power Macintosh by Paul Mackerras.
9 *  Low-level exception handlers and MMU support
10 *  rewritten by Paul Mackerras.
11 *    Copyright (C) 1996 Paul Mackerras.
12 *
13 *  Adapted for 64bit PowerPC by Dave Engebretsen, Peter Bergner, and
14 *    Mike Corrigan {engebret|bergner|mikejc}@us.ibm.com
15 *
16 *  This file contains the entry point for the 64-bit kernel along
17 *  with some early initialization code common to all 64-bit powerpc
18 *  variants.
19 */
20
21#include <linux/threads.h>
22#include <linux/init.h>
23#include <asm/reg.h>
24#include <asm/page.h>
25#include <asm/mmu.h>
26#include <asm/ppc_asm.h>
27#include <asm/head-64.h>
28#include <asm/asm-offsets.h>
29#include <asm/bug.h>
30#include <asm/cputable.h>
31#include <asm/setup.h>
32#include <asm/hvcall.h>
33#include <asm/thread_info.h>
34#include <asm/firmware.h>
35#include <asm/page_64.h>
36#include <asm/irqflags.h>
37#include <asm/kvm_book3s_asm.h>
38#include <asm/ptrace.h>
39#include <asm/hw_irq.h>
40#include <asm/cputhreads.h>
41#include <asm/ppc-opcode.h>
42#include <asm/export.h>
43#include <asm/feature-fixups.h>
44#ifdef CONFIG_PPC_BOOK3S
45#include <asm/exception-64s.h>
46#else
47#include <asm/exception-64e.h>
48#endif
49
50/* The physical memory is laid out such that the secondary processor
51 * spin code sits at 0x0000...0x00ff. On server, the vectors follow
52 * using the layout described in exceptions-64s.S
53 */
54
55/*
56 * Entering into this code we make the following assumptions:
57 *
58 *  For pSeries or server processors:
59 *   1. The MMU is off & open firmware is running in real mode.
60 *   2. The primary CPU enters at __start.
61 *   3. If the RTAS supports "query-cpu-stopped-state", then secondary
62 *      CPUs will enter as directed by "start-cpu" RTAS call, which is
63 *      generic_secondary_smp_init, with PIR in r3.
64 *   4. Else the secondary CPUs will enter at secondary_hold (0x60) as
65 *      directed by the "start-cpu" RTS call, with PIR in r3.
66 * -or- For OPAL entry:
67 *   1. The MMU is off, processor in HV mode.
68 *   2. The primary CPU enters at 0 with device-tree in r3, OPAL base
69 *      in r8, and entry in r9 for debugging purposes.
70 *   3. Secondary CPUs enter as directed by OPAL_START_CPU call, which
71 *      is at generic_secondary_smp_init, with PIR in r3.
72 *
73 *  For Book3E processors:
74 *   1. The MMU is on running in AS0 in a state defined in ePAPR
75 *   2. The kernel is entered at __start
76 */
77
78OPEN_FIXED_SECTION(first_256B, 0x0, 0x100)
79USE_FIXED_SECTION(first_256B)
80	/*
81	 * Offsets are relative from the start of fixed section, and
82	 * first_256B starts at 0. Offsets are a bit easier to use here
83	 * than the fixed section entry macros.
84	 */
85	. = 0x0
86_GLOBAL(__start)
87	/* NOP this out unconditionally */
88BEGIN_FTR_SECTION
89	FIXUP_ENDIAN
90	b	__start_initialization_multiplatform
91END_FTR_SECTION(0, 1)
92
93	/* Catch branch to 0 in real mode */
94	trap
95
96	/* Secondary processors spin on this value until it becomes non-zero.
97	 * When non-zero, it contains the real address of the function the cpu
98	 * should jump to.
99	 */
100	.balign 8
101	.globl  __secondary_hold_spinloop
102__secondary_hold_spinloop:
103	.8byte	0x0
104
105	/* Secondary processors write this value with their cpu # */
106	/* after they enter the spin loop immediately below.	  */
107	.globl	__secondary_hold_acknowledge
108__secondary_hold_acknowledge:
109	.8byte	0x0
110
111#ifdef CONFIG_RELOCATABLE
112	/* This flag is set to 1 by a loader if the kernel should run
113	 * at the loaded address instead of the linked address.  This
114	 * is used by kexec-tools to keep the the kdump kernel in the
115	 * crash_kernel region.  The loader is responsible for
116	 * observing the alignment requirement.
117	 */
118
119#ifdef CONFIG_RELOCATABLE_TEST
120#define RUN_AT_LOAD_DEFAULT 1		/* Test relocation, do not copy to 0 */
121#else
122#define RUN_AT_LOAD_DEFAULT 0x72756e30  /* "run0" -- relocate to 0 by default */
123#endif
124
125	/* Do not move this variable as kexec-tools knows about it. */
126	. = 0x5c
127	.globl	__run_at_load
128__run_at_load:
129DEFINE_FIXED_SYMBOL(__run_at_load)
130	.long	RUN_AT_LOAD_DEFAULT
131#endif
132
133	. = 0x60
134/*
135 * The following code is used to hold secondary processors
136 * in a spin loop after they have entered the kernel, but
137 * before the bulk of the kernel has been relocated.  This code
138 * is relocated to physical address 0x60 before prom_init is run.
139 * All of it must fit below the first exception vector at 0x100.
140 * Use .globl here not _GLOBAL because we want __secondary_hold
141 * to be the actual text address, not a descriptor.
142 */
143	.globl	__secondary_hold
144__secondary_hold:
145	FIXUP_ENDIAN
146#ifndef CONFIG_PPC_BOOK3E
147	mfmsr	r24
148	ori	r24,r24,MSR_RI
149	mtmsrd	r24			/* RI on */
150#endif
151	/* Grab our physical cpu number */
152	mr	r24,r3
153	/* stash r4 for book3e */
154	mr	r25,r4
155
156	/* Tell the master cpu we're here */
157	/* Relocation is off & we are located at an address less */
158	/* than 0x100, so only need to grab low order offset.    */
159	std	r24,(ABS_ADDR(__secondary_hold_acknowledge))(0)
160	sync
161
162	li	r26,0
163#ifdef CONFIG_PPC_BOOK3E
164	tovirt(r26,r26)
165#endif
166	/* All secondary cpus wait here until told to start. */
167100:	ld	r12,(ABS_ADDR(__secondary_hold_spinloop))(r26)
168	cmpdi	0,r12,0
169	beq	100b
170
171#if defined(CONFIG_SMP) || defined(CONFIG_KEXEC_CORE)
172#ifdef CONFIG_PPC_BOOK3E
173	tovirt(r12,r12)
174#endif
175	mtctr	r12
176	mr	r3,r24
177	/*
178	 * it may be the case that other platforms have r4 right to
179	 * begin with, this gives us some safety in case it is not
180	 */
181#ifdef CONFIG_PPC_BOOK3E
182	mr	r4,r25
183#else
184	li	r4,0
185#endif
186	/* Make sure that patched code is visible */
187	isync
188	bctr
189#else
1900:	trap
191	EMIT_BUG_ENTRY 0b, __FILE__, __LINE__, 0
192#endif
193CLOSE_FIXED_SECTION(first_256B)
194
195/* This value is used to mark exception frames on the stack. */
196	.section ".toc","aw"
197/* This value is used to mark exception frames on the stack. */
198exception_marker:
199	.tc	ID_EXC_MARKER[TC],STACK_FRAME_REGS_MARKER
200	.previous
201
202/*
203 * On server, we include the exception vectors code here as it
204 * relies on absolute addressing which is only possible within
205 * this compilation unit
206 */
207#ifdef CONFIG_PPC_BOOK3S
208#include "exceptions-64s.S"
209#else
210OPEN_TEXT_SECTION(0x100)
211#endif
212
213USE_TEXT_SECTION()
214
215#include "interrupt_64.S"
216
217#ifdef CONFIG_PPC_BOOK3E
218/*
219 * The booting_thread_hwid holds the thread id we want to boot in cpu
220 * hotplug case. It is set by cpu hotplug code, and is invalid by default.
221 * The thread id is the same as the initial value of SPRN_PIR[THREAD_ID]
222 * bit field.
223 */
224	.globl	booting_thread_hwid
225booting_thread_hwid:
226	.long  INVALID_THREAD_HWID
227	.align 3
228/*
229 * start a thread in the same core
230 * input parameters:
231 * r3 = the thread physical id
232 * r4 = the entry point where thread starts
233 */
234_GLOBAL(book3e_start_thread)
235	LOAD_REG_IMMEDIATE(r5, MSR_KERNEL)
236	cmpwi	r3, 0
237	beq	10f
238	cmpwi	r3, 1
239	beq	11f
240	/* If the thread id is invalid, just exit. */
241	b	13f
24210:
243	MTTMR(TMRN_IMSR0, 5)
244	MTTMR(TMRN_INIA0, 4)
245	b	12f
24611:
247	MTTMR(TMRN_IMSR1, 5)
248	MTTMR(TMRN_INIA1, 4)
24912:
250	isync
251	li	r6, 1
252	sld	r6, r6, r3
253	mtspr	SPRN_TENS, r6
25413:
255	blr
256
257/*
258 * stop a thread in the same core
259 * input parameter:
260 * r3 = the thread physical id
261 */
262_GLOBAL(book3e_stop_thread)
263	cmpwi	r3, 0
264	beq	10f
265	cmpwi	r3, 1
266	beq	10f
267	/* If the thread id is invalid, just exit. */
268	b	13f
26910:
270	li	r4, 1
271	sld	r4, r4, r3
272	mtspr	SPRN_TENC, r4
27313:
274	blr
275
276_GLOBAL(fsl_secondary_thread_init)
277	mfspr	r4,SPRN_BUCSR
278
279	/* Enable branch prediction */
280	lis     r3,BUCSR_INIT@h
281	ori     r3,r3,BUCSR_INIT@l
282	mtspr   SPRN_BUCSR,r3
283	isync
284
285	/*
286	 * Fix PIR to match the linear numbering in the device tree.
287	 *
288	 * On e6500, the reset value of PIR uses the low three bits for
289	 * the thread within a core, and the upper bits for the core
290	 * number.  There are two threads per core, so shift everything
291	 * but the low bit right by two bits so that the cpu numbering is
292	 * continuous.
293	 *
294	 * If the old value of BUCSR is non-zero, this thread has run
295	 * before.  Thus, we assume we are coming from kexec or a similar
296	 * scenario, and PIR is already set to the correct value.  This
297	 * is a bit of a hack, but there are limited opportunities for
298	 * getting information into the thread and the alternatives
299	 * seemed like they'd be overkill.  We can't tell just by looking
300	 * at the old PIR value which state it's in, since the same value
301	 * could be valid for one thread out of reset and for a different
302	 * thread in Linux.
303	 */
304
305	mfspr	r3, SPRN_PIR
306	cmpwi	r4,0
307	bne	1f
308	rlwimi	r3, r3, 30, 2, 30
309	mtspr	SPRN_PIR, r3
3101:
311	mr	r24,r3
312
313	/* turn on 64-bit mode */
314	bl	enable_64b_mode
315
316	/* get a valid TOC pointer, wherever we're mapped at */
317	bl	relative_toc
318	tovirt(r2,r2)
319
320	/* Book3E initialization */
321	mr	r3,r24
322	bl	book3e_secondary_thread_init
323	b	generic_secondary_common_init
324
325#endif /* CONFIG_PPC_BOOK3E */
326
327/*
328 * On pSeries and most other platforms, secondary processors spin
329 * in the following code.
330 * At entry, r3 = this processor's number (physical cpu id)
331 *
332 * On Book3E, r4 = 1 to indicate that the initial TLB entry for
333 * this core already exists (setup via some other mechanism such
334 * as SCOM before entry).
335 */
336_GLOBAL(generic_secondary_smp_init)
337	FIXUP_ENDIAN
338	mr	r24,r3
339	mr	r25,r4
340
341	/* turn on 64-bit mode */
342	bl	enable_64b_mode
343
344	/* get a valid TOC pointer, wherever we're mapped at */
345	bl	relative_toc
346	tovirt(r2,r2)
347
348#ifdef CONFIG_PPC_BOOK3E
349	/* Book3E initialization */
350	mr	r3,r24
351	mr	r4,r25
352	bl	book3e_secondary_core_init
353
354/*
355 * After common core init has finished, check if the current thread is the
356 * one we wanted to boot. If not, start the specified thread and stop the
357 * current thread.
358 */
359	LOAD_REG_ADDR(r4, booting_thread_hwid)
360	lwz     r3, 0(r4)
361	li	r5, INVALID_THREAD_HWID
362	cmpw	r3, r5
363	beq	20f
364
365	/*
366	 * The value of booting_thread_hwid has been stored in r3,
367	 * so make it invalid.
368	 */
369	stw	r5, 0(r4)
370
371	/*
372	 * Get the current thread id and check if it is the one we wanted.
373	 * If not, start the one specified in booting_thread_hwid and stop
374	 * the current thread.
375	 */
376	mfspr	r8, SPRN_TIR
377	cmpw	r3, r8
378	beq	20f
379
380	/* start the specified thread */
381	LOAD_REG_ADDR(r5, fsl_secondary_thread_init)
382	ld	r4, 0(r5)
383	bl	book3e_start_thread
384
385	/* stop the current thread */
386	mr	r3, r8
387	bl	book3e_stop_thread
38810:
389	b	10b
39020:
391#endif
392
393generic_secondary_common_init:
394	/* Set up a paca value for this processor. Since we have the
395	 * physical cpu id in r24, we need to search the pacas to find
396	 * which logical id maps to our physical one.
397	 */
398#ifndef CONFIG_SMP
399	b	kexec_wait		/* wait for next kernel if !SMP	 */
400#else
401	LOAD_REG_ADDR(r8, paca_ptrs)	/* Load paca_ptrs pointe	 */
402	ld	r8,0(r8)		/* Get base vaddr of array	 */
403	LOAD_REG_ADDR(r7, nr_cpu_ids)	/* Load nr_cpu_ids address       */
404	lwz	r7,0(r7)		/* also the max paca allocated 	 */
405	li	r5,0			/* logical cpu id                */
4061:
407	sldi	r9,r5,3			/* get paca_ptrs[] index from cpu id */
408	ldx	r13,r9,r8		/* r13 = paca_ptrs[cpu id]       */
409	lhz	r6,PACAHWCPUID(r13)	/* Load HW procid from paca      */
410	cmpw	r6,r24			/* Compare to our id             */
411	beq	2f
412	addi	r5,r5,1
413	cmpw	r5,r7			/* Check if more pacas exist     */
414	blt	1b
415
416	mr	r3,r24			/* not found, copy phys to r3	 */
417	b	kexec_wait		/* next kernel might do better	 */
418
4192:	SET_PACA(r13)
420#ifdef CONFIG_PPC_BOOK3E
421	addi	r12,r13,PACA_EXTLB	/* and TLB exc frame in another  */
422	mtspr	SPRN_SPRG_TLB_EXFRAME,r12
423#endif
424
425	/* From now on, r24 is expected to be logical cpuid */
426	mr	r24,r5
427
428	/* Create a temp kernel stack for use before relocation is on.	*/
429	ld	r1,PACAEMERGSP(r13)
430	subi	r1,r1,STACK_FRAME_OVERHEAD
431
432	/* See if we need to call a cpu state restore handler */
433	LOAD_REG_ADDR(r23, cur_cpu_spec)
434	ld	r23,0(r23)
435	ld	r12,CPU_SPEC_RESTORE(r23)
436	cmpdi	0,r12,0
437	beq	3f
438#ifdef PPC64_ELF_ABI_v1
439	ld	r12,0(r12)
440#endif
441	mtctr	r12
442	bctrl
443
4443:	LOAD_REG_ADDR(r3, spinning_secondaries) /* Decrement spinning_secondaries */
445	lwarx	r4,0,r3
446	subi	r4,r4,1
447	stwcx.	r4,0,r3
448	bne	3b
449	isync
450
4514:	HMT_LOW
452	lbz	r23,PACAPROCSTART(r13)	/* Test if this processor should */
453					/* start.			 */
454	cmpwi	0,r23,0
455	beq	4b			/* Loop until told to go	 */
456
457	sync				/* order paca.run and cur_cpu_spec */
458	isync				/* In case code patching happened */
459
460	b	__secondary_start
461#endif /* SMP */
462
463/*
464 * Turn the MMU off.
465 * Assumes we're mapped EA == RA if the MMU is on.
466 */
467#ifdef CONFIG_PPC_BOOK3S
468__mmu_off:
469	mfmsr	r3
470	andi.	r0,r3,MSR_IR|MSR_DR
471	beqlr
472	mflr	r4
473	andc	r3,r3,r0
474	mtspr	SPRN_SRR0,r4
475	mtspr	SPRN_SRR1,r3
476	sync
477	rfid
478	b	.	/* prevent speculative execution */
479#endif
480
481
482/*
483 * Here is our main kernel entry point. We support currently 2 kind of entries
484 * depending on the value of r5.
485 *
486 *   r5 != NULL -> OF entry, we go to prom_init, "legacy" parameter content
487 *                 in r3...r7
488 *
489 *   r5 == NULL -> kexec style entry. r3 is a physical pointer to the
490 *                 DT block, r4 is a physical pointer to the kernel itself
491 *
492 */
493__start_initialization_multiplatform:
494	/* Make sure we are running in 64 bits mode */
495	bl	enable_64b_mode
496
497	/* Get TOC pointer (current runtime address) */
498	bl	relative_toc
499
500	/* find out where we are now */
501	bcl	20,31,$+4
5020:	mflr	r26			/* r26 = runtime addr here */
503	addis	r26,r26,(_stext - 0b)@ha
504	addi	r26,r26,(_stext - 0b)@l	/* current runtime base addr */
505
506	/*
507	 * Are we booted from a PROM Of-type client-interface ?
508	 */
509	cmpldi	cr0,r5,0
510	beq	1f
511	b	__boot_from_prom		/* yes -> prom */
5121:
513	/* Save parameters */
514	mr	r31,r3
515	mr	r30,r4
516#ifdef CONFIG_PPC_EARLY_DEBUG_OPAL
517	/* Save OPAL entry */
518	mr	r28,r8
519	mr	r29,r9
520#endif
521
522#ifdef CONFIG_PPC_BOOK3E
523	bl	start_initialization_book3e
524	b	__after_prom_start
525#else
526	/* Setup some critical 970 SPRs before switching MMU off */
527	mfspr	r0,SPRN_PVR
528	srwi	r0,r0,16
529	cmpwi	r0,0x39		/* 970 */
530	beq	1f
531	cmpwi	r0,0x3c		/* 970FX */
532	beq	1f
533	cmpwi	r0,0x44		/* 970MP */
534	beq	1f
535	cmpwi	r0,0x45		/* 970GX */
536	bne	2f
5371:	bl	__cpu_preinit_ppc970
5382:
539
540	/* Switch off MMU if not already off */
541	bl	__mmu_off
542	b	__after_prom_start
543#endif /* CONFIG_PPC_BOOK3E */
544
545__REF
546__boot_from_prom:
547#ifdef CONFIG_PPC_OF_BOOT_TRAMPOLINE
548	/* Save parameters */
549	mr	r31,r3
550	mr	r30,r4
551	mr	r29,r5
552	mr	r28,r6
553	mr	r27,r7
554
555	/*
556	 * Align the stack to 16-byte boundary
557	 * Depending on the size and layout of the ELF sections in the initial
558	 * boot binary, the stack pointer may be unaligned on PowerMac
559	 */
560	rldicr	r1,r1,0,59
561
562#ifdef CONFIG_RELOCATABLE
563	/* Relocate code for where we are now */
564	mr	r3,r26
565	bl	relocate
566#endif
567
568	/* Restore parameters */
569	mr	r3,r31
570	mr	r4,r30
571	mr	r5,r29
572	mr	r6,r28
573	mr	r7,r27
574
575	/* Do all of the interaction with OF client interface */
576	mr	r8,r26
577	bl	prom_init
578#endif /* #CONFIG_PPC_OF_BOOT_TRAMPOLINE */
579
580	/* We never return. We also hit that trap if trying to boot
581	 * from OF while CONFIG_PPC_OF_BOOT_TRAMPOLINE isn't selected */
582	trap
583	.previous
584
585__after_prom_start:
586#ifdef CONFIG_RELOCATABLE
587	/* process relocations for the final address of the kernel */
588	lis	r25,PAGE_OFFSET@highest	/* compute virtual base of kernel */
589	sldi	r25,r25,32
590#if defined(CONFIG_PPC_BOOK3E)
591	tovirt(r26,r26)		/* on booke, we already run at PAGE_OFFSET */
592#endif
593	lwz	r7,(FIXED_SYMBOL_ABS_ADDR(__run_at_load))(r26)
594#if defined(CONFIG_PPC_BOOK3E)
595	tophys(r26,r26)
596#endif
597	cmplwi	cr0,r7,1	/* flagged to stay where we are ? */
598	bne	1f
599	add	r25,r25,r26
6001:	mr	r3,r25
601	bl	relocate
602#if defined(CONFIG_PPC_BOOK3E)
603	/* IVPR needs to be set after relocation. */
604	bl	init_core_book3e
605#endif
606#endif
607
608/*
609 * We need to run with _stext at physical address PHYSICAL_START.
610 * This will leave some code in the first 256B of
611 * real memory, which are reserved for software use.
612 *
613 * Note: This process overwrites the OF exception vectors.
614 */
615	li	r3,0			/* target addr */
616#ifdef CONFIG_PPC_BOOK3E
617	tovirt(r3,r3)		/* on booke, we already run at PAGE_OFFSET */
618#endif
619	mr.	r4,r26			/* In some cases the loader may  */
620#if defined(CONFIG_PPC_BOOK3E)
621	tovirt(r4,r4)
622#endif
623	beq	9f			/* have already put us at zero */
624	li	r6,0x100		/* Start offset, the first 0x100 */
625					/* bytes were copied earlier.	 */
626
627#ifdef CONFIG_RELOCATABLE
628/*
629 * Check if the kernel has to be running as relocatable kernel based on the
630 * variable __run_at_load, if it is set the kernel is treated as relocatable
631 * kernel, otherwise it will be moved to PHYSICAL_START
632 */
633#if defined(CONFIG_PPC_BOOK3E)
634	tovirt(r26,r26)		/* on booke, we already run at PAGE_OFFSET */
635#endif
636	lwz	r7,(FIXED_SYMBOL_ABS_ADDR(__run_at_load))(r26)
637	cmplwi	cr0,r7,1
638	bne	3f
639
640#ifdef CONFIG_PPC_BOOK3E
641	LOAD_REG_ADDR(r5, __end_interrupts)
642	LOAD_REG_ADDR(r11, _stext)
643	sub	r5,r5,r11
644#else
645	/* just copy interrupts */
646	LOAD_REG_IMMEDIATE_SYM(r5, r11, FIXED_SYMBOL_ABS_ADDR(__end_interrupts))
647#endif
648	b	5f
6493:
650#endif
651	/* # bytes of memory to copy */
652	lis	r5,(ABS_ADDR(copy_to_here))@ha
653	addi	r5,r5,(ABS_ADDR(copy_to_here))@l
654
655	bl	copy_and_flush		/* copy the first n bytes	 */
656					/* this includes the code being	 */
657					/* executed here.		 */
658	/* Jump to the copy of this code that we just made */
659	addis	r8,r3,(ABS_ADDR(4f))@ha
660	addi	r12,r8,(ABS_ADDR(4f))@l
661	mtctr	r12
662	bctr
663
664.balign 8
665p_end: .8byte _end - copy_to_here
666
6674:
668	/*
669	 * Now copy the rest of the kernel up to _end, add
670	 * _end - copy_to_here to the copy limit and run again.
671	 */
672	addis   r8,r26,(ABS_ADDR(p_end))@ha
673	ld      r8,(ABS_ADDR(p_end))@l(r8)
674	add	r5,r5,r8
6755:	bl	copy_and_flush		/* copy the rest */
676
6779:	b	start_here_multiplatform
678
679/*
680 * Copy routine used to copy the kernel to start at physical address 0
681 * and flush and invalidate the caches as needed.
682 * r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset
683 * on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5.
684 *
685 * Note: this routine *only* clobbers r0, r6 and lr
686 */
687_GLOBAL(copy_and_flush)
688	addi	r5,r5,-8
689	addi	r6,r6,-8
6904:	li	r0,8			/* Use the smallest common	*/
691					/* denominator cache line	*/
692					/* size.  This results in	*/
693					/* extra cache line flushes	*/
694					/* but operation is correct.	*/
695					/* Can't get cache line size	*/
696					/* from NACA as it is being	*/
697					/* moved too.			*/
698
699	mtctr	r0			/* put # words/line in ctr	*/
7003:	addi	r6,r6,8			/* copy a cache line		*/
701	ldx	r0,r6,r4
702	stdx	r0,r6,r3
703	bdnz	3b
704	dcbst	r6,r3			/* write it to memory		*/
705	sync
706	icbi	r6,r3			/* flush the icache line	*/
707	cmpld	0,r6,r5
708	blt	4b
709	sync
710	addi	r5,r5,8
711	addi	r6,r6,8
712	isync
713	blr
714
715.align 8
716copy_to_here:
717
718#ifdef CONFIG_SMP
719#ifdef CONFIG_PPC_PMAC
720/*
721 * On PowerMac, secondary processors starts from the reset vector, which
722 * is temporarily turned into a call to one of the functions below.
723 */
724	.section ".text";
725	.align 2 ;
726
727	.globl	__secondary_start_pmac_0
728__secondary_start_pmac_0:
729	/* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */
730	li	r24,0
731	b	1f
732	li	r24,1
733	b	1f
734	li	r24,2
735	b	1f
736	li	r24,3
7371:
738
739_GLOBAL(pmac_secondary_start)
740	/* turn on 64-bit mode */
741	bl	enable_64b_mode
742
743	li	r0,0
744	mfspr	r3,SPRN_HID4
745	rldimi	r3,r0,40,23	/* clear bit 23 (rm_ci) */
746	sync
747	mtspr	SPRN_HID4,r3
748	isync
749	sync
750	slbia
751
752	/* get TOC pointer (real address) */
753	bl	relative_toc
754	tovirt(r2,r2)
755
756	/* Copy some CPU settings from CPU 0 */
757	bl	__restore_cpu_ppc970
758
759	/* pSeries do that early though I don't think we really need it */
760	mfmsr	r3
761	ori	r3,r3,MSR_RI
762	mtmsrd	r3			/* RI on */
763
764	/* Set up a paca value for this processor. */
765	LOAD_REG_ADDR(r4,paca_ptrs)	/* Load paca pointer		*/
766	ld	r4,0(r4)		/* Get base vaddr of paca_ptrs array */
767	sldi	r5,r24,3		/* get paca_ptrs[] index from cpu id */
768	ldx	r13,r5,r4		/* r13 = paca_ptrs[cpu id]       */
769	SET_PACA(r13)			/* Save vaddr of paca in an SPRG*/
770
771	/* Mark interrupts soft and hard disabled (they might be enabled
772	 * in the PACA when doing hotplug)
773	 */
774	li	r0,IRQS_DISABLED
775	stb	r0,PACAIRQSOFTMASK(r13)
776	li	r0,PACA_IRQ_HARD_DIS
777	stb	r0,PACAIRQHAPPENED(r13)
778
779	/* Create a temp kernel stack for use before relocation is on.	*/
780	ld	r1,PACAEMERGSP(r13)
781	subi	r1,r1,STACK_FRAME_OVERHEAD
782
783	b	__secondary_start
784
785#endif /* CONFIG_PPC_PMAC */
786
787/*
788 * This function is called after the master CPU has released the
789 * secondary processors.  The execution environment is relocation off.
790 * The paca for this processor has the following fields initialized at
791 * this point:
792 *   1. Processor number
793 *   2. Segment table pointer (virtual address)
794 * On entry the following are set:
795 *   r1	       = stack pointer (real addr of temp stack)
796 *   r24       = cpu# (in Linux terms)
797 *   r13       = paca virtual address
798 *   SPRG_PACA = paca virtual address
799 */
800	.section ".text";
801	.align 2 ;
802
803	.globl	__secondary_start
804__secondary_start:
805	/* Set thread priority to MEDIUM */
806	HMT_MEDIUM
807
808	/*
809	 * Do early setup for this CPU, in particular initialising the MMU so we
810	 * can turn it on below. This is a call to C, which is OK, we're still
811	 * running on the emergency stack.
812	 */
813	bl	early_setup_secondary
814
815	/*
816	 * The primary has initialized our kernel stack for us in the paca, grab
817	 * it and put it in r1. We must *not* use it until we turn on the MMU
818	 * below, because it may not be inside the RMO.
819	 */
820	ld	r1, PACAKSAVE(r13)
821
822	/* Clear backchain so we get nice backtraces */
823	li	r7,0
824	mtlr	r7
825
826	/* Mark interrupts soft and hard disabled (they might be enabled
827	 * in the PACA when doing hotplug)
828	 */
829	li	r7,IRQS_DISABLED
830	stb	r7,PACAIRQSOFTMASK(r13)
831	li	r0,PACA_IRQ_HARD_DIS
832	stb	r0,PACAIRQHAPPENED(r13)
833
834	/* enable MMU and jump to start_secondary */
835	LOAD_REG_ADDR(r3, start_secondary_prolog)
836	LOAD_REG_IMMEDIATE(r4, MSR_KERNEL)
837
838	mtspr	SPRN_SRR0,r3
839	mtspr	SPRN_SRR1,r4
840	RFI_TO_KERNEL
841	b	.	/* prevent speculative execution */
842
843/*
844 * Running with relocation on at this point.  All we want to do is
845 * zero the stack back-chain pointer and get the TOC virtual address
846 * before going into C code.
847 */
848start_secondary_prolog:
849	ld	r2,PACATOC(r13)
850	li	r3,0
851	std	r3,0(r1)		/* Zero the stack frame pointer	*/
852	bl	start_secondary
853	b	.
854/*
855 * Reset stack pointer and call start_secondary
856 * to continue with online operation when woken up
857 * from cede in cpu offline.
858 */
859_GLOBAL(start_secondary_resume)
860	ld	r1,PACAKSAVE(r13)	/* Reload kernel stack pointer */
861	li	r3,0
862	std	r3,0(r1)		/* Zero the stack frame pointer	*/
863	bl	start_secondary
864	b	.
865#endif
866
867/*
868 * This subroutine clobbers r11 and r12
869 */
870enable_64b_mode:
871	mfmsr	r11			/* grab the current MSR */
872#ifdef CONFIG_PPC_BOOK3E
873	oris	r11,r11,0x8000		/* CM bit set, we'll set ICM later */
874	mtmsr	r11
875#else /* CONFIG_PPC_BOOK3E */
876	LOAD_REG_IMMEDIATE(r12, MSR_64BIT)
877	or	r11,r11,r12
878	mtmsrd	r11
879	isync
880#endif
881	blr
882
883/*
884 * This puts the TOC pointer into r2, offset by 0x8000 (as expected
885 * by the toolchain).  It computes the correct value for wherever we
886 * are running at the moment, using position-independent code.
887 *
888 * Note: The compiler constructs pointers using offsets from the
889 * TOC in -mcmodel=medium mode. After we relocate to 0 but before
890 * the MMU is on we need our TOC to be a virtual address otherwise
891 * these pointers will be real addresses which may get stored and
892 * accessed later with the MMU on. We use tovirt() at the call
893 * sites to handle this.
894 */
895_GLOBAL(relative_toc)
896	mflr	r0
897	bcl	20,31,$+4
8980:	mflr	r11
899	ld	r2,(p_toc - 0b)(r11)
900	add	r2,r2,r11
901	mtlr	r0
902	blr
903
904.balign 8
905p_toc:	.8byte	__toc_start + 0x8000 - 0b
906
907/*
908 * This is where the main kernel code starts.
909 */
910__REF
911start_here_multiplatform:
912	/* set up the TOC */
913	bl      relative_toc
914	tovirt(r2,r2)
915
916	/* Clear out the BSS. It may have been done in prom_init,
917	 * already but that's irrelevant since prom_init will soon
918	 * be detached from the kernel completely. Besides, we need
919	 * to clear it now for kexec-style entry.
920	 */
921	LOAD_REG_ADDR(r11,__bss_stop)
922	LOAD_REG_ADDR(r8,__bss_start)
923	sub	r11,r11,r8		/* bss size			*/
924	addi	r11,r11,7		/* round up to an even double word */
925	srdi.	r11,r11,3		/* shift right by 3		*/
926	beq	4f
927	addi	r8,r8,-8
928	li	r0,0
929	mtctr	r11			/* zero this many doublewords	*/
9303:	stdu	r0,8(r8)
931	bdnz	3b
9324:
933
934#ifdef CONFIG_PPC_EARLY_DEBUG_OPAL
935	/* Setup OPAL entry */
936	LOAD_REG_ADDR(r11, opal)
937	std	r28,0(r11);
938	std	r29,8(r11);
939#endif
940
941#ifndef CONFIG_PPC_BOOK3E
942	mfmsr	r6
943	ori	r6,r6,MSR_RI
944	mtmsrd	r6			/* RI on */
945#endif
946
947#ifdef CONFIG_RELOCATABLE
948	/* Save the physical address we're running at in kernstart_addr */
949	LOAD_REG_ADDR(r4, kernstart_addr)
950	clrldi	r0,r25,2
951	std	r0,0(r4)
952#endif
953
954	/* set up a stack pointer */
955	LOAD_REG_ADDR(r3,init_thread_union)
956	LOAD_REG_IMMEDIATE(r1,THREAD_SIZE)
957	add	r1,r3,r1
958	li	r0,0
959	stdu	r0,-STACK_FRAME_OVERHEAD(r1)
960
961	/*
962	 * Do very early kernel initializations, including initial hash table
963	 * and SLB setup before we turn on relocation.
964	 */
965
966	/* Restore parameters passed from prom_init/kexec */
967	mr	r3,r31
968	LOAD_REG_ADDR(r12, DOTSYM(early_setup))
969	mtctr	r12
970	bctrl		/* also sets r13 and SPRG_PACA */
971
972	LOAD_REG_ADDR(r3, start_here_common)
973	ld	r4,PACAKMSR(r13)
974	mtspr	SPRN_SRR0,r3
975	mtspr	SPRN_SRR1,r4
976	RFI_TO_KERNEL
977	b	.	/* prevent speculative execution */
978
979	/* This is where all platforms converge execution */
980
981start_here_common:
982	/* relocation is on at this point */
983	std	r1,PACAKSAVE(r13)
984
985	/* Load the TOC (virtual address) */
986	ld	r2,PACATOC(r13)
987
988	/* Mark interrupts soft and hard disabled (they might be enabled
989	 * in the PACA when doing hotplug)
990	 */
991	li	r0,IRQS_DISABLED
992	stb	r0,PACAIRQSOFTMASK(r13)
993	li	r0,PACA_IRQ_HARD_DIS
994	stb	r0,PACAIRQHAPPENED(r13)
995
996	/* Generic kernel entry */
997	bl	start_kernel
998
999	/* Not reached */
10000:	trap
1001	EMIT_BUG_ENTRY 0b, __FILE__, __LINE__, 0
1002	.previous
1003