xref: /openbmc/linux/arch/powerpc/kernel/head_64.S (revision de2bdb3d) 
1/*
2 *  PowerPC version
3 *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
4 *
5 *  Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
6 *    Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
7 *  Adapted for Power Macintosh by Paul Mackerras.
8 *  Low-level exception handlers and MMU support
9 *  rewritten by Paul Mackerras.
10 *    Copyright (C) 1996 Paul Mackerras.
11 *
12 *  Adapted for 64bit PowerPC by Dave Engebretsen, Peter Bergner, and
13 *    Mike Corrigan {engebret|bergner|mikejc}@us.ibm.com
14 *
15 *  This file contains the entry point for the 64-bit kernel along
16 *  with some early initialization code common to all 64-bit powerpc
17 *  variants.
18 *
19 *  This program is free software; you can redistribute it and/or
20 *  modify it under the terms of the GNU General Public License
21 *  as published by the Free Software Foundation; either version
22 *  2 of the License, or (at your option) any later version.
23 */
24
25#include <linux/threads.h>
26#include <linux/init.h>
27#include <asm/reg.h>
28#include <asm/page.h>
29#include <asm/mmu.h>
30#include <asm/ppc_asm.h>
31#include <asm/head-64.h>
32#include <asm/asm-offsets.h>
33#include <asm/bug.h>
34#include <asm/cputable.h>
35#include <asm/setup.h>
36#include <asm/hvcall.h>
37#include <asm/thread_info.h>
38#include <asm/firmware.h>
39#include <asm/page_64.h>
40#include <asm/irqflags.h>
41#include <asm/kvm_book3s_asm.h>
42#include <asm/ptrace.h>
43#include <asm/hw_irq.h>
44#include <asm/cputhreads.h>
45#include <asm/ppc-opcode.h>
46#include <asm/export.h>
47
48/* The physical memory is laid out such that the secondary processor
49 * spin code sits at 0x0000...0x00ff. On server, the vectors follow
50 * using the layout described in exceptions-64s.S
51 */
52
53/*
54 * Entering into this code we make the following assumptions:
55 *
56 *  For pSeries or server processors:
57 *   1. The MMU is off & open firmware is running in real mode.
58 *   2. The kernel is entered at __start
59 * -or- For OPAL entry:
60 *   1. The MMU is off, processor in HV mode, primary CPU enters at 0
61 *      with device-tree in gpr3. We also get OPAL base in r8 and
62 *	entry in r9 for debugging purposes
63 *   2. Secondary processors enter at 0x60 with PIR in gpr3
64 *
65 *  For Book3E processors:
66 *   1. The MMU is on running in AS0 in a state defined in ePAPR
67 *   2. The kernel is entered at __start
68 */
69
70OPEN_FIXED_SECTION(first_256B, 0x0, 0x100)
71USE_FIXED_SECTION(first_256B)
72	/*
73	 * Offsets are relative from the start of fixed section, and
74	 * first_256B starts at 0. Offsets are a bit easier to use here
75	 * than the fixed section entry macros.
76	 */
77	. = 0x0
78_GLOBAL(__start)
79	/* NOP this out unconditionally */
80BEGIN_FTR_SECTION
81	FIXUP_ENDIAN
82	b	__start_initialization_multiplatform
83END_FTR_SECTION(0, 1)
84
85	/* Catch branch to 0 in real mode */
86	trap
87
88	/* Secondary processors spin on this value until it becomes non-zero.
89	 * When non-zero, it contains the real address of the function the cpu
90	 * should jump to.
91	 */
92	.balign 8
93	.globl  __secondary_hold_spinloop
94__secondary_hold_spinloop:
95	.llong	0x0
96
97	/* Secondary processors write this value with their cpu # */
98	/* after they enter the spin loop immediately below.	  */
99	.globl	__secondary_hold_acknowledge
100__secondary_hold_acknowledge:
101	.llong	0x0
102
103#ifdef CONFIG_RELOCATABLE
104	/* This flag is set to 1 by a loader if the kernel should run
105	 * at the loaded address instead of the linked address.  This
106	 * is used by kexec-tools to keep the the kdump kernel in the
107	 * crash_kernel region.  The loader is responsible for
108	 * observing the alignment requirement.
109	 */
110	/* Do not move this variable as kexec-tools knows about it. */
111	. = 0x5c
112	.globl	__run_at_load
113__run_at_load:
114DEFINE_FIXED_SYMBOL(__run_at_load)
115	.long	0x72756e30	/* "run0" -- relocate to 0 by default */
116#endif
117
118	. = 0x60
119/*
120 * The following code is used to hold secondary processors
121 * in a spin loop after they have entered the kernel, but
122 * before the bulk of the kernel has been relocated.  This code
123 * is relocated to physical address 0x60 before prom_init is run.
124 * All of it must fit below the first exception vector at 0x100.
125 * Use .globl here not _GLOBAL because we want __secondary_hold
126 * to be the actual text address, not a descriptor.
127 */
128	.globl	__secondary_hold
129__secondary_hold:
130	FIXUP_ENDIAN
131#ifndef CONFIG_PPC_BOOK3E
132	mfmsr	r24
133	ori	r24,r24,MSR_RI
134	mtmsrd	r24			/* RI on */
135#endif
136	/* Grab our physical cpu number */
137	mr	r24,r3
138	/* stash r4 for book3e */
139	mr	r25,r4
140
141	/* Tell the master cpu we're here */
142	/* Relocation is off & we are located at an address less */
143	/* than 0x100, so only need to grab low order offset.    */
144	std	r24,(ABS_ADDR(__secondary_hold_acknowledge))(0)
145	sync
146
147	li	r26,0
148#ifdef CONFIG_PPC_BOOK3E
149	tovirt(r26,r26)
150#endif
151	/* All secondary cpus wait here until told to start. */
152100:	ld	r12,(ABS_ADDR(__secondary_hold_spinloop))(r26)
153	cmpdi	0,r12,0
154	beq	100b
155
156#if defined(CONFIG_SMP) || defined(CONFIG_KEXEC)
157#ifdef CONFIG_PPC_BOOK3E
158	tovirt(r12,r12)
159#endif
160	mtctr	r12
161	mr	r3,r24
162	/*
163	 * it may be the case that other platforms have r4 right to
164	 * begin with, this gives us some safety in case it is not
165	 */
166#ifdef CONFIG_PPC_BOOK3E
167	mr	r4,r25
168#else
169	li	r4,0
170#endif
171	/* Make sure that patched code is visible */
172	isync
173	bctr
174#else
175	BUG_OPCODE
176#endif
177CLOSE_FIXED_SECTION(first_256B)
178
179/* This value is used to mark exception frames on the stack. */
180	.section ".toc","aw"
181exception_marker:
182	.tc	ID_72656773_68657265[TC],0x7265677368657265
183	.previous
184
185/*
186 * On server, we include the exception vectors code here as it
187 * relies on absolute addressing which is only possible within
188 * this compilation unit
189 */
190#ifdef CONFIG_PPC_BOOK3S
191#include "exceptions-64s.S"
192#else
193OPEN_TEXT_SECTION(0x100)
194#endif
195
196USE_TEXT_SECTION()
197
198#ifdef CONFIG_PPC_BOOK3E
199/*
200 * The booting_thread_hwid holds the thread id we want to boot in cpu
201 * hotplug case. It is set by cpu hotplug code, and is invalid by default.
202 * The thread id is the same as the initial value of SPRN_PIR[THREAD_ID]
203 * bit field.
204 */
205	.globl	booting_thread_hwid
206booting_thread_hwid:
207	.long  INVALID_THREAD_HWID
208	.align 3
209/*
210 * start a thread in the same core
211 * input parameters:
212 * r3 = the thread physical id
213 * r4 = the entry point where thread starts
214 */
215_GLOBAL(book3e_start_thread)
216	LOAD_REG_IMMEDIATE(r5, MSR_KERNEL)
217	cmpi	0, r3, 0
218	beq	10f
219	cmpi	0, r3, 1
220	beq	11f
221	/* If the thread id is invalid, just exit. */
222	b	13f
22310:
224	MTTMR(TMRN_IMSR0, 5)
225	MTTMR(TMRN_INIA0, 4)
226	b	12f
22711:
228	MTTMR(TMRN_IMSR1, 5)
229	MTTMR(TMRN_INIA1, 4)
23012:
231	isync
232	li	r6, 1
233	sld	r6, r6, r3
234	mtspr	SPRN_TENS, r6
23513:
236	blr
237
238/*
239 * stop a thread in the same core
240 * input parameter:
241 * r3 = the thread physical id
242 */
243_GLOBAL(book3e_stop_thread)
244	cmpi	0, r3, 0
245	beq	10f
246	cmpi	0, r3, 1
247	beq	10f
248	/* If the thread id is invalid, just exit. */
249	b	13f
25010:
251	li	r4, 1
252	sld	r4, r4, r3
253	mtspr	SPRN_TENC, r4
25413:
255	blr
256
257_GLOBAL(fsl_secondary_thread_init)
258	mfspr	r4,SPRN_BUCSR
259
260	/* Enable branch prediction */
261	lis     r3,BUCSR_INIT@h
262	ori     r3,r3,BUCSR_INIT@l
263	mtspr   SPRN_BUCSR,r3
264	isync
265
266	/*
267	 * Fix PIR to match the linear numbering in the device tree.
268	 *
269	 * On e6500, the reset value of PIR uses the low three bits for
270	 * the thread within a core, and the upper bits for the core
271	 * number.  There are two threads per core, so shift everything
272	 * but the low bit right by two bits so that the cpu numbering is
273	 * continuous.
274	 *
275	 * If the old value of BUCSR is non-zero, this thread has run
276	 * before.  Thus, we assume we are coming from kexec or a similar
277	 * scenario, and PIR is already set to the correct value.  This
278	 * is a bit of a hack, but there are limited opportunities for
279	 * getting information into the thread and the alternatives
280	 * seemed like they'd be overkill.  We can't tell just by looking
281	 * at the old PIR value which state it's in, since the same value
282	 * could be valid for one thread out of reset and for a different
283	 * thread in Linux.
284	 */
285
286	mfspr	r3, SPRN_PIR
287	cmpwi	r4,0
288	bne	1f
289	rlwimi	r3, r3, 30, 2, 30
290	mtspr	SPRN_PIR, r3
2911:
292#endif
293
294_GLOBAL(generic_secondary_thread_init)
295	mr	r24,r3
296
297	/* turn on 64-bit mode */
298	bl	enable_64b_mode
299
300	/* get a valid TOC pointer, wherever we're mapped at */
301	bl	relative_toc
302	tovirt(r2,r2)
303
304#ifdef CONFIG_PPC_BOOK3E
305	/* Book3E initialization */
306	mr	r3,r24
307	bl	book3e_secondary_thread_init
308#endif
309	b	generic_secondary_common_init
310
311/*
312 * On pSeries and most other platforms, secondary processors spin
313 * in the following code.
314 * At entry, r3 = this processor's number (physical cpu id)
315 *
316 * On Book3E, r4 = 1 to indicate that the initial TLB entry for
317 * this core already exists (setup via some other mechanism such
318 * as SCOM before entry).
319 */
320_GLOBAL(generic_secondary_smp_init)
321	FIXUP_ENDIAN
322	mr	r24,r3
323	mr	r25,r4
324
325	/* turn on 64-bit mode */
326	bl	enable_64b_mode
327
328	/* get a valid TOC pointer, wherever we're mapped at */
329	bl	relative_toc
330	tovirt(r2,r2)
331
332#ifdef CONFIG_PPC_BOOK3E
333	/* Book3E initialization */
334	mr	r3,r24
335	mr	r4,r25
336	bl	book3e_secondary_core_init
337
338/*
339 * After common core init has finished, check if the current thread is the
340 * one we wanted to boot. If not, start the specified thread and stop the
341 * current thread.
342 */
343	LOAD_REG_ADDR(r4, booting_thread_hwid)
344	lwz     r3, 0(r4)
345	li	r5, INVALID_THREAD_HWID
346	cmpw	r3, r5
347	beq	20f
348
349	/*
350	 * The value of booting_thread_hwid has been stored in r3,
351	 * so make it invalid.
352	 */
353	stw	r5, 0(r4)
354
355	/*
356	 * Get the current thread id and check if it is the one we wanted.
357	 * If not, start the one specified in booting_thread_hwid and stop
358	 * the current thread.
359	 */
360	mfspr	r8, SPRN_TIR
361	cmpw	r3, r8
362	beq	20f
363
364	/* start the specified thread */
365	LOAD_REG_ADDR(r5, fsl_secondary_thread_init)
366	ld	r4, 0(r5)
367	bl	book3e_start_thread
368
369	/* stop the current thread */
370	mr	r3, r8
371	bl	book3e_stop_thread
37210:
373	b	10b
37420:
375#endif
376
377generic_secondary_common_init:
378	/* Set up a paca value for this processor. Since we have the
379	 * physical cpu id in r24, we need to search the pacas to find
380	 * which logical id maps to our physical one.
381	 */
382	LOAD_REG_ADDR(r13, paca)	/* Load paca pointer		 */
383	ld	r13,0(r13)		/* Get base vaddr of paca array	 */
384#ifndef CONFIG_SMP
385	addi	r13,r13,PACA_SIZE	/* know r13 if used accidentally */
386	b	kexec_wait		/* wait for next kernel if !SMP	 */
387#else
388	LOAD_REG_ADDR(r7, nr_cpu_ids)	/* Load nr_cpu_ids address       */
389	lwz	r7,0(r7)		/* also the max paca allocated 	 */
390	li	r5,0			/* logical cpu id                */
3911:	lhz	r6,PACAHWCPUID(r13)	/* Load HW procid from paca      */
392	cmpw	r6,r24			/* Compare to our id             */
393	beq	2f
394	addi	r13,r13,PACA_SIZE	/* Loop to next PACA on miss     */
395	addi	r5,r5,1
396	cmpw	r5,r7			/* Check if more pacas exist     */
397	blt	1b
398
399	mr	r3,r24			/* not found, copy phys to r3	 */
400	b	kexec_wait		/* next kernel might do better	 */
401
4022:	SET_PACA(r13)
403#ifdef CONFIG_PPC_BOOK3E
404	addi	r12,r13,PACA_EXTLB	/* and TLB exc frame in another  */
405	mtspr	SPRN_SPRG_TLB_EXFRAME,r12
406#endif
407
408	/* From now on, r24 is expected to be logical cpuid */
409	mr	r24,r5
410
411	/* See if we need to call a cpu state restore handler */
412	LOAD_REG_ADDR(r23, cur_cpu_spec)
413	ld	r23,0(r23)
414	ld	r12,CPU_SPEC_RESTORE(r23)
415	cmpdi	0,r12,0
416	beq	3f
417#ifdef PPC64_ELF_ABI_v1
418	ld	r12,0(r12)
419#endif
420	mtctr	r12
421	bctrl
422
4233:	LOAD_REG_ADDR(r3, spinning_secondaries) /* Decrement spinning_secondaries */
424	lwarx	r4,0,r3
425	subi	r4,r4,1
426	stwcx.	r4,0,r3
427	bne	3b
428	isync
429
4304:	HMT_LOW
431	lbz	r23,PACAPROCSTART(r13)	/* Test if this processor should */
432					/* start.			 */
433	cmpwi	0,r23,0
434	beq	4b			/* Loop until told to go	 */
435
436	sync				/* order paca.run and cur_cpu_spec */
437	isync				/* In case code patching happened */
438
439	/* Create a temp kernel stack for use before relocation is on.	*/
440	ld	r1,PACAEMERGSP(r13)
441	subi	r1,r1,STACK_FRAME_OVERHEAD
442
443	b	__secondary_start
444#endif /* SMP */
445
446/*
447 * Turn the MMU off.
448 * Assumes we're mapped EA == RA if the MMU is on.
449 */
450#ifdef CONFIG_PPC_BOOK3S
451__mmu_off:
452	mfmsr	r3
453	andi.	r0,r3,MSR_IR|MSR_DR
454	beqlr
455	mflr	r4
456	andc	r3,r3,r0
457	mtspr	SPRN_SRR0,r4
458	mtspr	SPRN_SRR1,r3
459	sync
460	rfid
461	b	.	/* prevent speculative execution */
462#endif
463
464
465/*
466 * Here is our main kernel entry point. We support currently 2 kind of entries
467 * depending on the value of r5.
468 *
469 *   r5 != NULL -> OF entry, we go to prom_init, "legacy" parameter content
470 *                 in r3...r7
471 *
472 *   r5 == NULL -> kexec style entry. r3 is a physical pointer to the
473 *                 DT block, r4 is a physical pointer to the kernel itself
474 *
475 */
476__start_initialization_multiplatform:
477	/* Make sure we are running in 64 bits mode */
478	bl	enable_64b_mode
479
480	/* Get TOC pointer (current runtime address) */
481	bl	relative_toc
482
483	/* find out where we are now */
484	bcl	20,31,$+4
4850:	mflr	r26			/* r26 = runtime addr here */
486	addis	r26,r26,(_stext - 0b)@ha
487	addi	r26,r26,(_stext - 0b)@l	/* current runtime base addr */
488
489	/*
490	 * Are we booted from a PROM Of-type client-interface ?
491	 */
492	cmpldi	cr0,r5,0
493	beq	1f
494	b	__boot_from_prom		/* yes -> prom */
4951:
496	/* Save parameters */
497	mr	r31,r3
498	mr	r30,r4
499#ifdef CONFIG_PPC_EARLY_DEBUG_OPAL
500	/* Save OPAL entry */
501	mr	r28,r8
502	mr	r29,r9
503#endif
504
505#ifdef CONFIG_PPC_BOOK3E
506	bl	start_initialization_book3e
507	b	__after_prom_start
508#else
509	/* Setup some critical 970 SPRs before switching MMU off */
510	mfspr	r0,SPRN_PVR
511	srwi	r0,r0,16
512	cmpwi	r0,0x39		/* 970 */
513	beq	1f
514	cmpwi	r0,0x3c		/* 970FX */
515	beq	1f
516	cmpwi	r0,0x44		/* 970MP */
517	beq	1f
518	cmpwi	r0,0x45		/* 970GX */
519	bne	2f
5201:	bl	__cpu_preinit_ppc970
5212:
522
523	/* Switch off MMU if not already off */
524	bl	__mmu_off
525	b	__after_prom_start
526#endif /* CONFIG_PPC_BOOK3E */
527
528__boot_from_prom:
529#ifdef CONFIG_PPC_OF_BOOT_TRAMPOLINE
530	/* Save parameters */
531	mr	r31,r3
532	mr	r30,r4
533	mr	r29,r5
534	mr	r28,r6
535	mr	r27,r7
536
537	/*
538	 * Align the stack to 16-byte boundary
539	 * Depending on the size and layout of the ELF sections in the initial
540	 * boot binary, the stack pointer may be unaligned on PowerMac
541	 */
542	rldicr	r1,r1,0,59
543
544#ifdef CONFIG_RELOCATABLE
545	/* Relocate code for where we are now */
546	mr	r3,r26
547	bl	relocate
548#endif
549
550	/* Restore parameters */
551	mr	r3,r31
552	mr	r4,r30
553	mr	r5,r29
554	mr	r6,r28
555	mr	r7,r27
556
557	/* Do all of the interaction with OF client interface */
558	mr	r8,r26
559	bl	prom_init
560#endif /* #CONFIG_PPC_OF_BOOT_TRAMPOLINE */
561
562	/* We never return. We also hit that trap if trying to boot
563	 * from OF while CONFIG_PPC_OF_BOOT_TRAMPOLINE isn't selected */
564	trap
565
566__after_prom_start:
567#ifdef CONFIG_RELOCATABLE
568	/* process relocations for the final address of the kernel */
569	lis	r25,PAGE_OFFSET@highest	/* compute virtual base of kernel */
570	sldi	r25,r25,32
571#if defined(CONFIG_PPC_BOOK3E)
572	tovirt(r26,r26)		/* on booke, we already run at PAGE_OFFSET */
573#endif
574	lwz	r7,(FIXED_SYMBOL_ABS_ADDR(__run_at_load))(r26)
575#if defined(CONFIG_PPC_BOOK3E)
576	tophys(r26,r26)
577#endif
578	cmplwi	cr0,r7,1	/* flagged to stay where we are ? */
579	bne	1f
580	add	r25,r25,r26
5811:	mr	r3,r25
582	bl	relocate
583#if defined(CONFIG_PPC_BOOK3E)
584	/* IVPR needs to be set after relocation. */
585	bl	init_core_book3e
586#endif
587#endif
588
589/*
590 * We need to run with _stext at physical address PHYSICAL_START.
591 * This will leave some code in the first 256B of
592 * real memory, which are reserved for software use.
593 *
594 * Note: This process overwrites the OF exception vectors.
595 */
596	li	r3,0			/* target addr */
597#ifdef CONFIG_PPC_BOOK3E
598	tovirt(r3,r3)		/* on booke, we already run at PAGE_OFFSET */
599#endif
600	mr.	r4,r26			/* In some cases the loader may  */
601#if defined(CONFIG_PPC_BOOK3E)
602	tovirt(r4,r4)
603#endif
604	beq	9f			/* have already put us at zero */
605	li	r6,0x100		/* Start offset, the first 0x100 */
606					/* bytes were copied earlier.	 */
607
608#ifdef CONFIG_RELOCATABLE
609/*
610 * Check if the kernel has to be running as relocatable kernel based on the
611 * variable __run_at_load, if it is set the kernel is treated as relocatable
612 * kernel, otherwise it will be moved to PHYSICAL_START
613 */
614#if defined(CONFIG_PPC_BOOK3E)
615	tovirt(r26,r26)		/* on booke, we already run at PAGE_OFFSET */
616#endif
617	lwz	r7,(FIXED_SYMBOL_ABS_ADDR(__run_at_load))(r26)
618	cmplwi	cr0,r7,1
619	bne	3f
620
621#ifdef CONFIG_PPC_BOOK3E
622	LOAD_REG_ADDR(r5, __end_interrupts)
623	LOAD_REG_ADDR(r11, _stext)
624	sub	r5,r5,r11
625#else
626	/* just copy interrupts */
627	LOAD_REG_IMMEDIATE(r5, FIXED_SYMBOL_ABS_ADDR(__end_interrupts))
628#endif
629	b	5f
6303:
631#endif
632	/* # bytes of memory to copy */
633	lis	r5,(ABS_ADDR(copy_to_here))@ha
634	addi	r5,r5,(ABS_ADDR(copy_to_here))@l
635
636	bl	copy_and_flush		/* copy the first n bytes	 */
637					/* this includes the code being	 */
638					/* executed here.		 */
639	/* Jump to the copy of this code that we just made */
640	addis	r8,r3,(ABS_ADDR(4f))@ha
641	addi	r12,r8,(ABS_ADDR(4f))@l
642	mtctr	r12
643	bctr
644
645.balign 8
646p_end: .llong _end - copy_to_here
647
6484:
649	/*
650	 * Now copy the rest of the kernel up to _end, add
651	 * _end - copy_to_here to the copy limit and run again.
652	 */
653	addis   r8,r26,(ABS_ADDR(p_end))@ha
654	ld      r8,(ABS_ADDR(p_end))@l(r8)
655	add	r5,r5,r8
6565:	bl	copy_and_flush		/* copy the rest */
657
6589:	b	start_here_multiplatform
659
660/*
661 * Copy routine used to copy the kernel to start at physical address 0
662 * and flush and invalidate the caches as needed.
663 * r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset
664 * on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5.
665 *
666 * Note: this routine *only* clobbers r0, r6 and lr
667 */
668_GLOBAL(copy_and_flush)
669	addi	r5,r5,-8
670	addi	r6,r6,-8
6714:	li	r0,8			/* Use the smallest common	*/
672					/* denominator cache line	*/
673					/* size.  This results in	*/
674					/* extra cache line flushes	*/
675					/* but operation is correct.	*/
676					/* Can't get cache line size	*/
677					/* from NACA as it is being	*/
678					/* moved too.			*/
679
680	mtctr	r0			/* put # words/line in ctr	*/
6813:	addi	r6,r6,8			/* copy a cache line		*/
682	ldx	r0,r6,r4
683	stdx	r0,r6,r3
684	bdnz	3b
685	dcbst	r6,r3			/* write it to memory		*/
686	sync
687	icbi	r6,r3			/* flush the icache line	*/
688	cmpld	0,r6,r5
689	blt	4b
690	sync
691	addi	r5,r5,8
692	addi	r6,r6,8
693	isync
694	blr
695
696.align 8
697copy_to_here:
698
699#ifdef CONFIG_SMP
700#ifdef CONFIG_PPC_PMAC
701/*
702 * On PowerMac, secondary processors starts from the reset vector, which
703 * is temporarily turned into a call to one of the functions below.
704 */
705	.section ".text";
706	.align 2 ;
707
708	.globl	__secondary_start_pmac_0
709__secondary_start_pmac_0:
710	/* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */
711	li	r24,0
712	b	1f
713	li	r24,1
714	b	1f
715	li	r24,2
716	b	1f
717	li	r24,3
7181:
719
720_GLOBAL(pmac_secondary_start)
721	/* turn on 64-bit mode */
722	bl	enable_64b_mode
723
724	li	r0,0
725	mfspr	r3,SPRN_HID4
726	rldimi	r3,r0,40,23	/* clear bit 23 (rm_ci) */
727	sync
728	mtspr	SPRN_HID4,r3
729	isync
730	sync
731	slbia
732
733	/* get TOC pointer (real address) */
734	bl	relative_toc
735	tovirt(r2,r2)
736
737	/* Copy some CPU settings from CPU 0 */
738	bl	__restore_cpu_ppc970
739
740	/* pSeries do that early though I don't think we really need it */
741	mfmsr	r3
742	ori	r3,r3,MSR_RI
743	mtmsrd	r3			/* RI on */
744
745	/* Set up a paca value for this processor. */
746	LOAD_REG_ADDR(r4,paca)		/* Load paca pointer		*/
747	ld	r4,0(r4)		/* Get base vaddr of paca array	*/
748	mulli	r13,r24,PACA_SIZE	/* Calculate vaddr of right paca */
749	add	r13,r13,r4		/* for this processor.		*/
750	SET_PACA(r13)			/* Save vaddr of paca in an SPRG*/
751
752	/* Mark interrupts soft and hard disabled (they might be enabled
753	 * in the PACA when doing hotplug)
754	 */
755	li	r0,0
756	stb	r0,PACASOFTIRQEN(r13)
757	li	r0,PACA_IRQ_HARD_DIS
758	stb	r0,PACAIRQHAPPENED(r13)
759
760	/* Create a temp kernel stack for use before relocation is on.	*/
761	ld	r1,PACAEMERGSP(r13)
762	subi	r1,r1,STACK_FRAME_OVERHEAD
763
764	b	__secondary_start
765
766#endif /* CONFIG_PPC_PMAC */
767
768/*
769 * This function is called after the master CPU has released the
770 * secondary processors.  The execution environment is relocation off.
771 * The paca for this processor has the following fields initialized at
772 * this point:
773 *   1. Processor number
774 *   2. Segment table pointer (virtual address)
775 * On entry the following are set:
776 *   r1	       = stack pointer (real addr of temp stack)
777 *   r24       = cpu# (in Linux terms)
778 *   r13       = paca virtual address
779 *   SPRG_PACA = paca virtual address
780 */
781	.section ".text";
782	.align 2 ;
783
784	.globl	__secondary_start
785__secondary_start:
786	/* Set thread priority to MEDIUM */
787	HMT_MEDIUM
788
789	/* Initialize the kernel stack */
790	LOAD_REG_ADDR(r3, current_set)
791	sldi	r28,r24,3		/* get current_set[cpu#]	 */
792	ldx	r14,r3,r28
793	addi	r14,r14,THREAD_SIZE-STACK_FRAME_OVERHEAD
794	std	r14,PACAKSAVE(r13)
795
796	/* Do early setup for that CPU (SLB and hash table pointer) */
797	bl	early_setup_secondary
798
799	/*
800	 * setup the new stack pointer, but *don't* use this until
801	 * translation is on.
802	 */
803	mr	r1, r14
804
805	/* Clear backchain so we get nice backtraces */
806	li	r7,0
807	mtlr	r7
808
809	/* Mark interrupts soft and hard disabled (they might be enabled
810	 * in the PACA when doing hotplug)
811	 */
812	stb	r7,PACASOFTIRQEN(r13)
813	li	r0,PACA_IRQ_HARD_DIS
814	stb	r0,PACAIRQHAPPENED(r13)
815
816	/* enable MMU and jump to start_secondary */
817	LOAD_REG_ADDR(r3, start_secondary_prolog)
818	LOAD_REG_IMMEDIATE(r4, MSR_KERNEL)
819
820	mtspr	SPRN_SRR0,r3
821	mtspr	SPRN_SRR1,r4
822	RFI
823	b	.	/* prevent speculative execution */
824
825/*
826 * Running with relocation on at this point.  All we want to do is
827 * zero the stack back-chain pointer and get the TOC virtual address
828 * before going into C code.
829 */
830start_secondary_prolog:
831	ld	r2,PACATOC(r13)
832	li	r3,0
833	std	r3,0(r1)		/* Zero the stack frame pointer	*/
834	bl	start_secondary
835	b	.
836/*
837 * Reset stack pointer and call start_secondary
838 * to continue with online operation when woken up
839 * from cede in cpu offline.
840 */
841_GLOBAL(start_secondary_resume)
842	ld	r1,PACAKSAVE(r13)	/* Reload kernel stack pointer */
843	li	r3,0
844	std	r3,0(r1)		/* Zero the stack frame pointer	*/
845	bl	start_secondary
846	b	.
847#endif
848
849/*
850 * This subroutine clobbers r11 and r12
851 */
852enable_64b_mode:
853	mfmsr	r11			/* grab the current MSR */
854#ifdef CONFIG_PPC_BOOK3E
855	oris	r11,r11,0x8000		/* CM bit set, we'll set ICM later */
856	mtmsr	r11
857#else /* CONFIG_PPC_BOOK3E */
858	li	r12,(MSR_64BIT | MSR_ISF)@highest
859	sldi	r12,r12,48
860	or	r11,r11,r12
861	mtmsrd	r11
862	isync
863#endif
864	blr
865
866/*
867 * This puts the TOC pointer into r2, offset by 0x8000 (as expected
868 * by the toolchain).  It computes the correct value for wherever we
869 * are running at the moment, using position-independent code.
870 *
871 * Note: The compiler constructs pointers using offsets from the
872 * TOC in -mcmodel=medium mode. After we relocate to 0 but before
873 * the MMU is on we need our TOC to be a virtual address otherwise
874 * these pointers will be real addresses which may get stored and
875 * accessed later with the MMU on. We use tovirt() at the call
876 * sites to handle this.
877 */
878_GLOBAL(relative_toc)
879	mflr	r0
880	bcl	20,31,$+4
8810:	mflr	r11
882	ld	r2,(p_toc - 0b)(r11)
883	add	r2,r2,r11
884	mtlr	r0
885	blr
886
887.balign 8
888p_toc:	.llong	__toc_start + 0x8000 - 0b
889
890/*
891 * This is where the main kernel code starts.
892 */
893start_here_multiplatform:
894	/* set up the TOC */
895	bl      relative_toc
896	tovirt(r2,r2)
897
898	/* Clear out the BSS. It may have been done in prom_init,
899	 * already but that's irrelevant since prom_init will soon
900	 * be detached from the kernel completely. Besides, we need
901	 * to clear it now for kexec-style entry.
902	 */
903	LOAD_REG_ADDR(r11,__bss_stop)
904	LOAD_REG_ADDR(r8,__bss_start)
905	sub	r11,r11,r8		/* bss size			*/
906	addi	r11,r11,7		/* round up to an even double word */
907	srdi.	r11,r11,3		/* shift right by 3		*/
908	beq	4f
909	addi	r8,r8,-8
910	li	r0,0
911	mtctr	r11			/* zero this many doublewords	*/
9123:	stdu	r0,8(r8)
913	bdnz	3b
9144:
915
916#ifdef CONFIG_PPC_EARLY_DEBUG_OPAL
917	/* Setup OPAL entry */
918	LOAD_REG_ADDR(r11, opal)
919	std	r28,0(r11);
920	std	r29,8(r11);
921#endif
922
923#ifndef CONFIG_PPC_BOOK3E
924	mfmsr	r6
925	ori	r6,r6,MSR_RI
926	mtmsrd	r6			/* RI on */
927#endif
928
929#ifdef CONFIG_RELOCATABLE
930	/* Save the physical address we're running at in kernstart_addr */
931	LOAD_REG_ADDR(r4, kernstart_addr)
932	clrldi	r0,r25,2
933	std	r0,0(r4)
934#endif
935
936	/* The following gets the stack set up with the regs */
937	/* pointing to the real addr of the kernel stack.  This is   */
938	/* all done to support the C function call below which sets  */
939	/* up the htab.  This is done because we have relocated the  */
940	/* kernel but are still running in real mode. */
941
942	LOAD_REG_ADDR(r3,init_thread_union)
943
944	/* set up a stack pointer */
945	addi	r1,r3,THREAD_SIZE
946	li	r0,0
947	stdu	r0,-STACK_FRAME_OVERHEAD(r1)
948
949	/*
950	 * Do very early kernel initializations, including initial hash table
951	 * and SLB setup before we turn on relocation.
952	 */
953
954	/* Restore parameters passed from prom_init/kexec */
955	mr	r3,r31
956	bl	early_setup		/* also sets r13 and SPRG_PACA */
957
958	LOAD_REG_ADDR(r3, start_here_common)
959	ld	r4,PACAKMSR(r13)
960	mtspr	SPRN_SRR0,r3
961	mtspr	SPRN_SRR1,r4
962	RFI
963	b	.	/* prevent speculative execution */
964
965	/* This is where all platforms converge execution */
966
967start_here_common:
968	/* relocation is on at this point */
969	std	r1,PACAKSAVE(r13)
970
971	/* Load the TOC (virtual address) */
972	ld	r2,PACATOC(r13)
973
974	/* Mark interrupts soft and hard disabled (they might be enabled
975	 * in the PACA when doing hotplug)
976	 */
977	li	r0,0
978	stb	r0,PACASOFTIRQEN(r13)
979	li	r0,PACA_IRQ_HARD_DIS
980	stb	r0,PACAIRQHAPPENED(r13)
981
982	/* Generic kernel entry */
983	bl	start_kernel
984
985	/* Not reached */
986	BUG_OPCODE
987
988/*
989 * We put a few things here that have to be page-aligned.
990 * This stuff goes at the beginning of the bss, which is page-aligned.
991 */
992	.section ".bss"
993/*
994 * pgd dir should be aligned to PGD_TABLE_SIZE which is 64K.
995 * We will need to find a better way to fix this
996 */
997	.align	16
998
999	.globl	swapper_pg_dir
1000swapper_pg_dir:
1001	.space	PGD_TABLE_SIZE
1002
1003	.globl	empty_zero_page
1004empty_zero_page:
1005	.space	PAGE_SIZE
1006EXPORT_SYMBOL(empty_zero_page)
1007