1/* SPDX-License-Identifier: GPL-2.0-or-later */ 2/* 3 * Kernel execution entry point code. 4 * 5 * Copyright (c) 1995-1996 Gary Thomas <gdt@linuxppc.org> 6 * Initial PowerPC version. 7 * Copyright (c) 1996 Cort Dougan <cort@cs.nmt.edu> 8 * Rewritten for PReP 9 * Copyright (c) 1996 Paul Mackerras <paulus@cs.anu.edu.au> 10 * Low-level exception handers, MMU support, and rewrite. 11 * Copyright (c) 1997 Dan Malek <dmalek@jlc.net> 12 * PowerPC 8xx modifications. 13 * Copyright (c) 1998-1999 TiVo, Inc. 14 * PowerPC 403GCX modifications. 15 * Copyright (c) 1999 Grant Erickson <grant@lcse.umn.edu> 16 * PowerPC 403GCX/405GP modifications. 17 * Copyright 2000 MontaVista Software Inc. 18 * PPC405 modifications 19 * PowerPC 403GCX/405GP modifications. 20 * Author: MontaVista Software, Inc. 21 * frank_rowand@mvista.com or source@mvista.com 22 * debbie_chu@mvista.com 23 * Copyright 2002-2004 MontaVista Software, Inc. 24 * PowerPC 44x support, Matt Porter <mporter@kernel.crashing.org> 25 * Copyright 2004 Freescale Semiconductor, Inc 26 * PowerPC e500 modifications, Kumar Gala <galak@kernel.crashing.org> 27 */ 28 29#include <linux/init.h> 30#include <linux/threads.h> 31#include <linux/pgtable.h> 32#include <linux/linkage.h> 33 34#include <asm/processor.h> 35#include <asm/page.h> 36#include <asm/mmu.h> 37#include <asm/cputable.h> 38#include <asm/thread_info.h> 39#include <asm/ppc_asm.h> 40#include <asm/asm-offsets.h> 41#include <asm/cache.h> 42#include <asm/ptrace.h> 43#include <asm/export.h> 44#include <asm/feature-fixups.h> 45#include "head_booke.h" 46 47/* As with the other PowerPC ports, it is expected that when code 48 * execution begins here, the following registers contain valid, yet 49 * optional, information: 50 * 51 * r3 - Board info structure pointer (DRAM, frequency, MAC address, etc.) 52 * r4 - Starting address of the init RAM disk 53 * r5 - Ending address of the init RAM disk 54 * r6 - Start of kernel command line string (e.g. "mem=128") 55 * r7 - End of kernel command line string 56 * 57 */ 58 __HEAD 59_GLOBAL(_stext); 60_GLOBAL(_start); 61 /* 62 * Reserve a word at a fixed location to store the address 63 * of abatron_pteptrs 64 */ 65 nop 66 67 /* Translate device tree address to physical, save in r30/r31 */ 68 bl get_phys_addr 69 mr r30,r3 70 mr r31,r4 71 72 li r25,0 /* phys kernel start (low) */ 73 li r24,0 /* CPU number */ 74 li r23,0 /* phys kernel start (high) */ 75 76#ifdef CONFIG_RELOCATABLE 77 LOAD_REG_ADDR_PIC(r3, _stext) /* Get our current runtime base */ 78 79 /* Translate _stext address to physical, save in r23/r25 */ 80 bl get_phys_addr 81 mr r23,r3 82 mr r25,r4 83 84 bcl 20,31,$+4 850: mflr r8 86 addis r3,r8,(is_second_reloc - 0b)@ha 87 lwz r19,(is_second_reloc - 0b)@l(r3) 88 89 /* Check if this is the second relocation. */ 90 cmpwi r19,1 91 bne 1f 92 93 /* 94 * For the second relocation, we already get the real memstart_addr 95 * from device tree. So we will map PAGE_OFFSET to memstart_addr, 96 * then the virtual address of start kernel should be: 97 * PAGE_OFFSET + (kernstart_addr - memstart_addr) 98 * Since the offset between kernstart_addr and memstart_addr should 99 * never be beyond 1G, so we can just use the lower 32bit of them 100 * for the calculation. 101 */ 102 lis r3,PAGE_OFFSET@h 103 104 addis r4,r8,(kernstart_addr - 0b)@ha 105 addi r4,r4,(kernstart_addr - 0b)@l 106 lwz r5,4(r4) 107 108 addis r6,r8,(memstart_addr - 0b)@ha 109 addi r6,r6,(memstart_addr - 0b)@l 110 lwz r7,4(r6) 111 112 subf r5,r7,r5 113 add r3,r3,r5 114 b 2f 115 1161: 117 /* 118 * We have the runtime (virtual) address of our base. 119 * We calculate our shift of offset from a 64M page. 120 * We could map the 64M page we belong to at PAGE_OFFSET and 121 * get going from there. 122 */ 123 lis r4,KERNELBASE@h 124 ori r4,r4,KERNELBASE@l 125 rlwinm r6,r25,0,0x3ffffff /* r6 = PHYS_START % 64M */ 126 rlwinm r5,r4,0,0x3ffffff /* r5 = KERNELBASE % 64M */ 127 subf r3,r5,r6 /* r3 = r6 - r5 */ 128 add r3,r4,r3 /* Required Virtual Address */ 129 1302: bl relocate 131 132 /* 133 * For the second relocation, we already set the right tlb entries 134 * for the kernel space, so skip the code in 85xx_entry_mapping.S 135 */ 136 cmpwi r19,1 137 beq set_ivor 138#endif 139 140/* We try to not make any assumptions about how the boot loader 141 * setup or used the TLBs. We invalidate all mappings from the 142 * boot loader and load a single entry in TLB1[0] to map the 143 * first 64M of kernel memory. Any boot info passed from the 144 * bootloader needs to live in this first 64M. 145 * 146 * Requirement on bootloader: 147 * - The page we're executing in needs to reside in TLB1 and 148 * have IPROT=1. If not an invalidate broadcast could 149 * evict the entry we're currently executing in. 150 * 151 * r3 = Index of TLB1 were executing in 152 * r4 = Current MSR[IS] 153 * r5 = Index of TLB1 temp mapping 154 * 155 * Later in mapin_ram we will correctly map lowmem, and resize TLB1[0] 156 * if needed 157 */ 158 159_GLOBAL(__early_start) 160 LOAD_REG_ADDR_PIC(r20, kernstart_virt_addr) 161 lwz r20,0(r20) 162 163#define ENTRY_MAPPING_BOOT_SETUP 164#include "85xx_entry_mapping.S" 165#undef ENTRY_MAPPING_BOOT_SETUP 166 167set_ivor: 168 /* Establish the interrupt vector offsets */ 169 SET_IVOR(0, CriticalInput); 170 SET_IVOR(1, MachineCheck); 171 SET_IVOR(2, DataStorage); 172 SET_IVOR(3, InstructionStorage); 173 SET_IVOR(4, ExternalInput); 174 SET_IVOR(5, Alignment); 175 SET_IVOR(6, Program); 176 SET_IVOR(7, FloatingPointUnavailable); 177 SET_IVOR(8, SystemCall); 178 SET_IVOR(9, AuxillaryProcessorUnavailable); 179 SET_IVOR(10, Decrementer); 180 SET_IVOR(11, FixedIntervalTimer); 181 SET_IVOR(12, WatchdogTimer); 182 SET_IVOR(13, DataTLBError); 183 SET_IVOR(14, InstructionTLBError); 184 SET_IVOR(15, DebugCrit); 185 186 /* Establish the interrupt vector base */ 187 lis r4,interrupt_base@h /* IVPR only uses the high 16-bits */ 188 mtspr SPRN_IVPR,r4 189 190 /* Setup the defaults for TLB entries */ 191 li r2,(MAS4_TSIZED(BOOK3E_PAGESZ_4K))@l 192 mtspr SPRN_MAS4, r2 193 194#if !defined(CONFIG_BDI_SWITCH) 195 /* 196 * The Abatron BDI JTAG debugger does not tolerate others 197 * mucking with the debug registers. 198 */ 199 lis r2,DBCR0_IDM@h 200 mtspr SPRN_DBCR0,r2 201 isync 202 /* clear any residual debug events */ 203 li r2,-1 204 mtspr SPRN_DBSR,r2 205#endif 206 207#ifdef CONFIG_SMP 208 /* Check to see if we're the second processor, and jump 209 * to the secondary_start code if so 210 */ 211 LOAD_REG_ADDR_PIC(r24, boot_cpuid) 212 lwz r24, 0(r24) 213 cmpwi r24, -1 214 mfspr r24,SPRN_PIR 215 bne __secondary_start 216#endif 217 218 /* 219 * This is where the main kernel code starts. 220 */ 221 222 /* ptr to current */ 223 lis r2,init_task@h 224 ori r2,r2,init_task@l 225 226 /* ptr to current thread */ 227 addi r4,r2,THREAD /* init task's THREAD */ 228 mtspr SPRN_SPRG_THREAD,r4 229 230 /* stack */ 231 lis r1,init_thread_union@h 232 ori r1,r1,init_thread_union@l 233 li r0,0 234 stwu r0,THREAD_SIZE-STACK_FRAME_MIN_SIZE(r1) 235 236#ifdef CONFIG_SMP 237 stw r24, TASK_CPU(r2) 238#endif 239 240 bl early_init 241 242#ifdef CONFIG_KASAN 243 bl kasan_early_init 244#endif 245#ifdef CONFIG_RELOCATABLE 246 mr r3,r30 247 mr r4,r31 248#ifdef CONFIG_PHYS_64BIT 249 mr r5,r23 250 mr r6,r25 251#else 252 mr r5,r25 253#endif 254 bl relocate_init 255#endif 256 257#ifdef CONFIG_DYNAMIC_MEMSTART 258 lis r3,kernstart_addr@ha 259 la r3,kernstart_addr@l(r3) 260#ifdef CONFIG_PHYS_64BIT 261 stw r23,0(r3) 262 stw r25,4(r3) 263#else 264 stw r25,0(r3) 265#endif 266#endif 267 268/* 269 * Decide what sort of machine this is and initialize the MMU. 270 */ 271 mr r3,r30 272 mr r4,r31 273 bl machine_init 274 bl MMU_init 275 276 /* Setup PTE pointers for the Abatron bdiGDB */ 277 lis r6, swapper_pg_dir@h 278 ori r6, r6, swapper_pg_dir@l 279 lis r5, abatron_pteptrs@h 280 ori r5, r5, abatron_pteptrs@l 281 lis r3, kernstart_virt_addr@ha 282 lwz r4, kernstart_virt_addr@l(r3) 283 stw r5, 0(r4) /* Save abatron_pteptrs at a fixed location */ 284 stw r6, 0(r5) 285 286 /* Let's move on */ 287 lis r4,start_kernel@h 288 ori r4,r4,start_kernel@l 289 lis r3,MSR_KERNEL@h 290 ori r3,r3,MSR_KERNEL@l 291 mtspr SPRN_SRR0,r4 292 mtspr SPRN_SRR1,r3 293 rfi /* change context and jump to start_kernel */ 294 295/* Macros to hide the PTE size differences 296 * 297 * FIND_PTE -- walks the page tables given EA & pgdir pointer 298 * r10 -- EA of fault 299 * r11 -- PGDIR pointer 300 * r12 -- free 301 * label 2: is the bailout case 302 * 303 * if we find the pte (fall through): 304 * r11 is low pte word 305 * r12 is pointer to the pte 306 * r10 is the pshift from the PGD, if we're a hugepage 307 */ 308#ifdef CONFIG_PTE_64BIT 309#ifdef CONFIG_HUGETLB_PAGE 310#define FIND_PTE \ 311 rlwinm r12, r10, 13, 19, 29; /* Compute pgdir/pmd offset */ \ 312 lwzx r11, r12, r11; /* Get pgd/pmd entry */ \ 313 rlwinm. r12, r11, 0, 0, 20; /* Extract pt base address */ \ 314 blt 1000f; /* Normal non-huge page */ \ 315 beq 2f; /* Bail if no table */ \ 316 oris r11, r11, PD_HUGE@h; /* Put back address bit */ \ 317 andi. r10, r11, HUGEPD_SHIFT_MASK@l; /* extract size field */ \ 318 xor r12, r10, r11; /* drop size bits from pointer */ \ 319 b 1001f; \ 3201000: rlwimi r12, r10, 23, 20, 28; /* Compute pte address */ \ 321 li r10, 0; /* clear r10 */ \ 3221001: lwz r11, 4(r12); /* Get pte entry */ 323#else 324#define FIND_PTE \ 325 rlwinm r12, r10, 13, 19, 29; /* Compute pgdir/pmd offset */ \ 326 lwzx r11, r12, r11; /* Get pgd/pmd entry */ \ 327 rlwinm. r12, r11, 0, 0, 20; /* Extract pt base address */ \ 328 beq 2f; /* Bail if no table */ \ 329 rlwimi r12, r10, 23, 20, 28; /* Compute pte address */ \ 330 lwz r11, 4(r12); /* Get pte entry */ 331#endif /* HUGEPAGE */ 332#else /* !PTE_64BIT */ 333#define FIND_PTE \ 334 rlwimi r11, r10, 12, 20, 29; /* Create L1 (pgdir/pmd) address */ \ 335 lwz r11, 0(r11); /* Get L1 entry */ \ 336 rlwinm. r12, r11, 0, 0, 19; /* Extract L2 (pte) base address */ \ 337 beq 2f; /* Bail if no table */ \ 338 rlwimi r12, r10, 22, 20, 29; /* Compute PTE address */ \ 339 lwz r11, 0(r12); /* Get Linux PTE */ 340#endif 341 342/* 343 * Interrupt vector entry code 344 * 345 * The Book E MMUs are always on so we don't need to handle 346 * interrupts in real mode as with previous PPC processors. In 347 * this case we handle interrupts in the kernel virtual address 348 * space. 349 * 350 * Interrupt vectors are dynamically placed relative to the 351 * interrupt prefix as determined by the address of interrupt_base. 352 * The interrupt vectors offsets are programmed using the labels 353 * for each interrupt vector entry. 354 * 355 * Interrupt vectors must be aligned on a 16 byte boundary. 356 * We align on a 32 byte cache line boundary for good measure. 357 */ 358 359interrupt_base: 360 /* Critical Input Interrupt */ 361 CRITICAL_EXCEPTION(0x0100, CRITICAL, CriticalInput, unknown_exception) 362 363 /* Machine Check Interrupt */ 364 MCHECK_EXCEPTION(0x0200, MachineCheck, machine_check_exception) 365 366 /* Data Storage Interrupt */ 367 START_EXCEPTION(DataStorage) 368 NORMAL_EXCEPTION_PROLOG(0x300, DATA_STORAGE) 369 mfspr r5,SPRN_ESR /* Grab the ESR, save it */ 370 stw r5,_ESR(r11) 371 mfspr r4,SPRN_DEAR /* Grab the DEAR, save it */ 372 stw r4, _DEAR(r11) 373 andis. r10,r5,(ESR_ILK|ESR_DLK)@h 374 bne 1f 375 prepare_transfer_to_handler 376 bl do_page_fault 377 b interrupt_return 3781: 379 prepare_transfer_to_handler 380 bl CacheLockingException 381 b interrupt_return 382 383 /* Instruction Storage Interrupt */ 384 INSTRUCTION_STORAGE_EXCEPTION 385 386 /* External Input Interrupt */ 387 EXCEPTION(0x0500, EXTERNAL, ExternalInput, do_IRQ) 388 389 /* Alignment Interrupt */ 390 ALIGNMENT_EXCEPTION 391 392 /* Program Interrupt */ 393 PROGRAM_EXCEPTION 394 395 /* Floating Point Unavailable Interrupt */ 396#ifdef CONFIG_PPC_FPU 397 FP_UNAVAILABLE_EXCEPTION 398#else 399 EXCEPTION(0x0800, FP_UNAVAIL, FloatingPointUnavailable, unknown_exception) 400#endif 401 402 /* System Call Interrupt */ 403 START_EXCEPTION(SystemCall) 404 SYSCALL_ENTRY 0xc00 BOOKE_INTERRUPT_SYSCALL SPRN_SRR1 405 406 /* Auxiliary Processor Unavailable Interrupt */ 407 EXCEPTION(0x2900, AP_UNAVAIL, AuxillaryProcessorUnavailable, unknown_exception) 408 409 /* Decrementer Interrupt */ 410 DECREMENTER_EXCEPTION 411 412 /* Fixed Internal Timer Interrupt */ 413 /* TODO: Add FIT support */ 414 EXCEPTION(0x3100, FIT, FixedIntervalTimer, unknown_exception) 415 416 /* Watchdog Timer Interrupt */ 417#ifdef CONFIG_BOOKE_WDT 418 CRITICAL_EXCEPTION(0x3200, WATCHDOG, WatchdogTimer, WatchdogException) 419#else 420 CRITICAL_EXCEPTION(0x3200, WATCHDOG, WatchdogTimer, unknown_exception) 421#endif 422 423 /* Data TLB Error Interrupt */ 424 START_EXCEPTION(DataTLBError) 425 mtspr SPRN_SPRG_WSCRATCH0, r10 /* Save some working registers */ 426 mfspr r10, SPRN_SPRG_THREAD 427 stw r11, THREAD_NORMSAVE(0)(r10) 428#ifdef CONFIG_KVM_BOOKE_HV 429BEGIN_FTR_SECTION 430 mfspr r11, SPRN_SRR1 431END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV) 432#endif 433 stw r12, THREAD_NORMSAVE(1)(r10) 434 stw r13, THREAD_NORMSAVE(2)(r10) 435 mfcr r13 436 stw r13, THREAD_NORMSAVE(3)(r10) 437 DO_KVM BOOKE_INTERRUPT_DTLB_MISS SPRN_SRR1 438START_BTB_FLUSH_SECTION 439 mfspr r11, SPRN_SRR1 440 andi. r10,r11,MSR_PR 441 beq 1f 442 BTB_FLUSH(r10) 4431: 444END_BTB_FLUSH_SECTION 445 mfspr r10, SPRN_DEAR /* Get faulting address */ 446 447 /* If we are faulting a kernel address, we have to use the 448 * kernel page tables. 449 */ 450 lis r11, PAGE_OFFSET@h 451 cmplw 5, r10, r11 452 blt 5, 3f 453 lis r11, swapper_pg_dir@h 454 ori r11, r11, swapper_pg_dir@l 455 456 mfspr r12,SPRN_MAS1 /* Set TID to 0 */ 457 rlwinm r12,r12,0,16,1 458 mtspr SPRN_MAS1,r12 459 460 b 4f 461 462 /* Get the PGD for the current thread */ 4633: 464 mfspr r11,SPRN_SPRG_THREAD 465 lwz r11,PGDIR(r11) 466 467#ifdef CONFIG_PPC_KUAP 468 mfspr r12, SPRN_MAS1 469 rlwinm. r12,r12,0,0x3fff0000 470 beq 2f /* KUAP fault */ 471#endif 472 4734: 474 /* Mask of required permission bits. Note that while we 475 * do copy ESR:ST to _PAGE_RW position as trying to write 476 * to an RO page is pretty common, we don't do it with 477 * _PAGE_DIRTY. We could do it, but it's a fairly rare 478 * event so I'd rather take the overhead when it happens 479 * rather than adding an instruction here. We should measure 480 * whether the whole thing is worth it in the first place 481 * as we could avoid loading SPRN_ESR completely in the first 482 * place... 483 * 484 * TODO: Is it worth doing that mfspr & rlwimi in the first 485 * place or can we save a couple of instructions here ? 486 */ 487 mfspr r12,SPRN_ESR 488#ifdef CONFIG_PTE_64BIT 489 li r13,_PAGE_PRESENT 490 oris r13,r13,_PAGE_ACCESSED@h 491#else 492 li r13,_PAGE_PRESENT|_PAGE_ACCESSED 493#endif 494 rlwimi r13,r12,11,29,29 495 496 FIND_PTE 497 andc. r13,r13,r11 /* Check permission */ 498 499#ifdef CONFIG_PTE_64BIT 500#ifdef CONFIG_SMP 501 subf r13,r11,r12 /* create false data dep */ 502 lwzx r13,r11,r13 /* Get upper pte bits */ 503#else 504 lwz r13,0(r12) /* Get upper pte bits */ 505#endif 506#endif 507 508 bne 2f /* Bail if permission/valid mismatch */ 509 510 /* Jump to common tlb load */ 511 b finish_tlb_load 5122: 513 /* The bailout. Restore registers to pre-exception conditions 514 * and call the heavyweights to help us out. 515 */ 516 mfspr r10, SPRN_SPRG_THREAD 517 lwz r11, THREAD_NORMSAVE(3)(r10) 518 mtcr r11 519 lwz r13, THREAD_NORMSAVE(2)(r10) 520 lwz r12, THREAD_NORMSAVE(1)(r10) 521 lwz r11, THREAD_NORMSAVE(0)(r10) 522 mfspr r10, SPRN_SPRG_RSCRATCH0 523 b DataStorage 524 525 /* Instruction TLB Error Interrupt */ 526 /* 527 * Nearly the same as above, except we get our 528 * information from different registers and bailout 529 * to a different point. 530 */ 531 START_EXCEPTION(InstructionTLBError) 532 mtspr SPRN_SPRG_WSCRATCH0, r10 /* Save some working registers */ 533 mfspr r10, SPRN_SPRG_THREAD 534 stw r11, THREAD_NORMSAVE(0)(r10) 535#ifdef CONFIG_KVM_BOOKE_HV 536BEGIN_FTR_SECTION 537 mfspr r11, SPRN_SRR1 538END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV) 539#endif 540 stw r12, THREAD_NORMSAVE(1)(r10) 541 stw r13, THREAD_NORMSAVE(2)(r10) 542 mfcr r13 543 stw r13, THREAD_NORMSAVE(3)(r10) 544 DO_KVM BOOKE_INTERRUPT_ITLB_MISS SPRN_SRR1 545START_BTB_FLUSH_SECTION 546 mfspr r11, SPRN_SRR1 547 andi. r10,r11,MSR_PR 548 beq 1f 549 BTB_FLUSH(r10) 5501: 551END_BTB_FLUSH_SECTION 552 553 mfspr r10, SPRN_SRR0 /* Get faulting address */ 554 555 /* If we are faulting a kernel address, we have to use the 556 * kernel page tables. 557 */ 558 lis r11, PAGE_OFFSET@h 559 cmplw 5, r10, r11 560 blt 5, 3f 561 lis r11, swapper_pg_dir@h 562 ori r11, r11, swapper_pg_dir@l 563 564 mfspr r12,SPRN_MAS1 /* Set TID to 0 */ 565 rlwinm r12,r12,0,16,1 566 mtspr SPRN_MAS1,r12 567 568 /* Make up the required permissions for kernel code */ 569#ifdef CONFIG_PTE_64BIT 570 li r13,_PAGE_PRESENT | _PAGE_BAP_SX 571 oris r13,r13,_PAGE_ACCESSED@h 572#else 573 li r13,_PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_EXEC 574#endif 575 b 4f 576 577 /* Get the PGD for the current thread */ 5783: 579 mfspr r11,SPRN_SPRG_THREAD 580 lwz r11,PGDIR(r11) 581 582#ifdef CONFIG_PPC_KUAP 583 mfspr r12, SPRN_MAS1 584 rlwinm. r12,r12,0,0x3fff0000 585 beq 2f /* KUAP fault */ 586#endif 587 588 /* Make up the required permissions for user code */ 589#ifdef CONFIG_PTE_64BIT 590 li r13,_PAGE_PRESENT | _PAGE_BAP_UX 591 oris r13,r13,_PAGE_ACCESSED@h 592#else 593 li r13,_PAGE_PRESENT | _PAGE_ACCESSED | _PAGE_EXEC 594#endif 595 5964: 597 FIND_PTE 598 andc. r13,r13,r11 /* Check permission */ 599 600#ifdef CONFIG_PTE_64BIT 601#ifdef CONFIG_SMP 602 subf r13,r11,r12 /* create false data dep */ 603 lwzx r13,r11,r13 /* Get upper pte bits */ 604#else 605 lwz r13,0(r12) /* Get upper pte bits */ 606#endif 607#endif 608 609 bne 2f /* Bail if permission mismatch */ 610 611 /* Jump to common TLB load point */ 612 b finish_tlb_load 613 6142: 615 /* The bailout. Restore registers to pre-exception conditions 616 * and call the heavyweights to help us out. 617 */ 618 mfspr r10, SPRN_SPRG_THREAD 619 lwz r11, THREAD_NORMSAVE(3)(r10) 620 mtcr r11 621 lwz r13, THREAD_NORMSAVE(2)(r10) 622 lwz r12, THREAD_NORMSAVE(1)(r10) 623 lwz r11, THREAD_NORMSAVE(0)(r10) 624 mfspr r10, SPRN_SPRG_RSCRATCH0 625 b InstructionStorage 626 627/* Define SPE handlers for e500v2 */ 628#ifdef CONFIG_SPE 629 /* SPE Unavailable */ 630 START_EXCEPTION(SPEUnavailable) 631 NORMAL_EXCEPTION_PROLOG(0x2010, SPE_UNAVAIL) 632 beq 1f 633 bl load_up_spe 634 b fast_exception_return 6351: prepare_transfer_to_handler 636 bl KernelSPE 637 b interrupt_return 638#elif defined(CONFIG_SPE_POSSIBLE) 639 EXCEPTION(0x2020, SPE_UNAVAIL, SPEUnavailable, unknown_exception) 640#endif /* CONFIG_SPE_POSSIBLE */ 641 642 /* SPE Floating Point Data */ 643#ifdef CONFIG_SPE 644 START_EXCEPTION(SPEFloatingPointData) 645 NORMAL_EXCEPTION_PROLOG(0x2030, SPE_FP_DATA) 646 prepare_transfer_to_handler 647 bl SPEFloatingPointException 648 REST_NVGPRS(r1) 649 b interrupt_return 650 651 /* SPE Floating Point Round */ 652 START_EXCEPTION(SPEFloatingPointRound) 653 NORMAL_EXCEPTION_PROLOG(0x2050, SPE_FP_ROUND) 654 prepare_transfer_to_handler 655 bl SPEFloatingPointRoundException 656 REST_NVGPRS(r1) 657 b interrupt_return 658#elif defined(CONFIG_SPE_POSSIBLE) 659 EXCEPTION(0x2040, SPE_FP_DATA, SPEFloatingPointData, unknown_exception) 660 EXCEPTION(0x2050, SPE_FP_ROUND, SPEFloatingPointRound, unknown_exception) 661#endif /* CONFIG_SPE_POSSIBLE */ 662 663 664 /* Performance Monitor */ 665 EXCEPTION(0x2060, PERFORMANCE_MONITOR, PerformanceMonitor, \ 666 performance_monitor_exception) 667 668 EXCEPTION(0x2070, DOORBELL, Doorbell, doorbell_exception) 669 670 CRITICAL_EXCEPTION(0x2080, DOORBELL_CRITICAL, \ 671 CriticalDoorbell, unknown_exception) 672 673 /* Debug Interrupt */ 674 DEBUG_DEBUG_EXCEPTION 675 DEBUG_CRIT_EXCEPTION 676 677 GUEST_DOORBELL_EXCEPTION 678 679 CRITICAL_EXCEPTION(0, GUEST_DBELL_CRIT, CriticalGuestDoorbell, \ 680 unknown_exception) 681 682 /* Hypercall */ 683 EXCEPTION(0, HV_SYSCALL, Hypercall, unknown_exception) 684 685 /* Embedded Hypervisor Privilege */ 686 EXCEPTION(0, HV_PRIV, Ehvpriv, unknown_exception) 687 688interrupt_end: 689 690/* 691 * Local functions 692 */ 693 694/* 695 * Both the instruction and data TLB miss get to this 696 * point to load the TLB. 697 * r10 - tsize encoding (if HUGETLB_PAGE) or available to use 698 * r11 - TLB (info from Linux PTE) 699 * r12 - available to use 700 * r13 - upper bits of PTE (if PTE_64BIT) or available to use 701 * CR5 - results of addr >= PAGE_OFFSET 702 * MAS0, MAS1 - loaded with proper value when we get here 703 * MAS2, MAS3 - will need additional info from Linux PTE 704 * Upon exit, we reload everything and RFI. 705 */ 706finish_tlb_load: 707#ifdef CONFIG_HUGETLB_PAGE 708 cmpwi 6, r10, 0 /* check for huge page */ 709 beq 6, finish_tlb_load_cont /* !huge */ 710 711 /* Alas, we need more scratch registers for hugepages */ 712 mfspr r12, SPRN_SPRG_THREAD 713 stw r14, THREAD_NORMSAVE(4)(r12) 714 stw r15, THREAD_NORMSAVE(5)(r12) 715 stw r16, THREAD_NORMSAVE(6)(r12) 716 stw r17, THREAD_NORMSAVE(7)(r12) 717 718 /* Get the next_tlbcam_idx percpu var */ 719#ifdef CONFIG_SMP 720 lwz r15, TASK_CPU-THREAD(r12) 721 lis r14, __per_cpu_offset@h 722 ori r14, r14, __per_cpu_offset@l 723 rlwinm r15, r15, 2, 0, 29 724 lwzx r16, r14, r15 725#else 726 li r16, 0 727#endif 728 lis r17, next_tlbcam_idx@h 729 ori r17, r17, next_tlbcam_idx@l 730 add r17, r17, r16 /* r17 = *next_tlbcam_idx */ 731 lwz r15, 0(r17) /* r15 = next_tlbcam_idx */ 732 733 lis r14, MAS0_TLBSEL(1)@h /* select TLB1 (TLBCAM) */ 734 rlwimi r14, r15, 16, 4, 15 /* next_tlbcam_idx entry */ 735 mtspr SPRN_MAS0, r14 736 737 /* Extract TLB1CFG(NENTRY) */ 738 mfspr r16, SPRN_TLB1CFG 739 andi. r16, r16, 0xfff 740 741 /* Update next_tlbcam_idx, wrapping when necessary */ 742 addi r15, r15, 1 743 cmpw r15, r16 744 blt 100f 745 lis r14, tlbcam_index@h 746 ori r14, r14, tlbcam_index@l 747 lwz r15, 0(r14) 748100: stw r15, 0(r17) 749 750 /* 751 * Calc MAS1_TSIZE from r10 (which has pshift encoded) 752 * tlb_enc = (pshift - 10). 753 */ 754 subi r15, r10, 10 755 mfspr r16, SPRN_MAS1 756 rlwimi r16, r15, 7, 20, 24 757 mtspr SPRN_MAS1, r16 758 759 /* copy the pshift for use later */ 760 mr r14, r10 761 762 /* fall through */ 763 764#endif /* CONFIG_HUGETLB_PAGE */ 765 766 /* 767 * We set execute, because we don't have the granularity to 768 * properly set this at the page level (Linux problem). 769 * Many of these bits are software only. Bits we don't set 770 * here we (properly should) assume have the appropriate value. 771 */ 772finish_tlb_load_cont: 773#ifdef CONFIG_PTE_64BIT 774 rlwinm r12, r11, 32-2, 26, 31 /* Move in perm bits */ 775 andi. r10, r11, _PAGE_DIRTY 776 bne 1f 777 li r10, MAS3_SW | MAS3_UW 778 andc r12, r12, r10 7791: rlwimi r12, r13, 20, 0, 11 /* grab RPN[32:43] */ 780 rlwimi r12, r11, 20, 12, 19 /* grab RPN[44:51] */ 7812: mtspr SPRN_MAS3, r12 782BEGIN_MMU_FTR_SECTION 783 srwi r10, r13, 12 /* grab RPN[12:31] */ 784 mtspr SPRN_MAS7, r10 785END_MMU_FTR_SECTION_IFSET(MMU_FTR_BIG_PHYS) 786#else 787 li r10, (_PAGE_EXEC | _PAGE_PRESENT) 788 mr r13, r11 789 rlwimi r10, r11, 31, 29, 29 /* extract _PAGE_DIRTY into SW */ 790 and r12, r11, r10 791 andi. r10, r11, _PAGE_USER /* Test for _PAGE_USER */ 792 slwi r10, r12, 1 793 or r10, r10, r12 794 rlwinm r10, r10, 0, ~_PAGE_EXEC /* Clear SX on user pages */ 795 iseleq r12, r12, r10 796 rlwimi r13, r12, 0, 20, 31 /* Get RPN from PTE, merge w/ perms */ 797 mtspr SPRN_MAS3, r13 798#endif 799 800 mfspr r12, SPRN_MAS2 801#ifdef CONFIG_PTE_64BIT 802 rlwimi r12, r11, 32-19, 27, 31 /* extract WIMGE from pte */ 803#else 804 rlwimi r12, r11, 26, 27, 31 /* extract WIMGE from pte */ 805#endif 806#ifdef CONFIG_HUGETLB_PAGE 807 beq 6, 3f /* don't mask if page isn't huge */ 808 li r13, 1 809 slw r13, r13, r14 810 subi r13, r13, 1 811 rlwinm r13, r13, 0, 0, 19 /* bottom bits used for WIMGE/etc */ 812 andc r12, r12, r13 /* mask off ea bits within the page */ 813#endif 8143: mtspr SPRN_MAS2, r12 815 816tlb_write_entry: 817 tlbwe 818 819 /* Done...restore registers and get out of here. */ 820 mfspr r10, SPRN_SPRG_THREAD 821#ifdef CONFIG_HUGETLB_PAGE 822 beq 6, 8f /* skip restore for 4k page faults */ 823 lwz r14, THREAD_NORMSAVE(4)(r10) 824 lwz r15, THREAD_NORMSAVE(5)(r10) 825 lwz r16, THREAD_NORMSAVE(6)(r10) 826 lwz r17, THREAD_NORMSAVE(7)(r10) 827#endif 8288: lwz r11, THREAD_NORMSAVE(3)(r10) 829 mtcr r11 830 lwz r13, THREAD_NORMSAVE(2)(r10) 831 lwz r12, THREAD_NORMSAVE(1)(r10) 832 lwz r11, THREAD_NORMSAVE(0)(r10) 833 mfspr r10, SPRN_SPRG_RSCRATCH0 834 rfi /* Force context change */ 835 836#ifdef CONFIG_SPE 837/* Note that the SPE support is closely modeled after the AltiVec 838 * support. Changes to one are likely to be applicable to the 839 * other! */ 840_GLOBAL(load_up_spe) 841/* 842 * Disable SPE for the task which had SPE previously, 843 * and save its SPE registers in its thread_struct. 844 * Enables SPE for use in the kernel on return. 845 * On SMP we know the SPE units are free, since we give it up every 846 * switch. -- Kumar 847 */ 848 mfmsr r5 849 oris r5,r5,MSR_SPE@h 850 mtmsr r5 /* enable use of SPE now */ 851 isync 852 /* enable use of SPE after return */ 853 oris r9,r9,MSR_SPE@h 854 mfspr r5,SPRN_SPRG_THREAD /* current task's THREAD (phys) */ 855 li r4,1 856 li r10,THREAD_ACC 857 stw r4,THREAD_USED_SPE(r5) 858 evlddx evr4,r10,r5 859 evmra evr4,evr4 860 REST_32EVRS(0,r10,r5,THREAD_EVR0) 861 blr 862 863/* 864 * SPE unavailable trap from kernel - print a message, but let 865 * the task use SPE in the kernel until it returns to user mode. 866 */ 867KernelSPE: 868 lwz r3,_MSR(r1) 869 oris r3,r3,MSR_SPE@h 870 stw r3,_MSR(r1) /* enable use of SPE after return */ 871#ifdef CONFIG_PRINTK 872 lis r3,87f@h 873 ori r3,r3,87f@l 874 mr r4,r2 /* current */ 875 lwz r5,_NIP(r1) 876 bl _printk 877#endif 878 b interrupt_return 879#ifdef CONFIG_PRINTK 88087: .string "SPE used in kernel (task=%p, pc=%x) \n" 881#endif 882 .align 4,0 883 884#endif /* CONFIG_SPE */ 885 886/* 887 * Translate the effec addr in r3 to phys addr. The phys addr will be put 888 * into r3(higher 32bit) and r4(lower 32bit) 889 */ 890SYM_FUNC_START_LOCAL(get_phys_addr) 891 mfmsr r8 892 mfspr r9,SPRN_PID 893 rlwinm r9,r9,16,0x3fff0000 /* turn PID into MAS6[SPID] */ 894 rlwimi r9,r8,28,0x00000001 /* turn MSR[DS] into MAS6[SAS] */ 895 mtspr SPRN_MAS6,r9 896 897 tlbsx 0,r3 /* must succeed */ 898 899 mfspr r8,SPRN_MAS1 900 mfspr r12,SPRN_MAS3 901 rlwinm r9,r8,25,0x1f /* r9 = log2(page size) */ 902 li r10,1024 903 slw r10,r10,r9 /* r10 = page size */ 904 addi r10,r10,-1 905 and r11,r3,r10 /* r11 = page offset */ 906 andc r4,r12,r10 /* r4 = page base */ 907 or r4,r4,r11 /* r4 = devtree phys addr */ 908#ifdef CONFIG_PHYS_64BIT 909 mfspr r3,SPRN_MAS7 910#endif 911 blr 912SYM_FUNC_END(get_phys_addr) 913 914/* 915 * Global functions 916 */ 917 918#ifdef CONFIG_PPC_E500 919#ifndef CONFIG_PPC_E500MC 920/* Adjust or setup IVORs for e500v1/v2 */ 921_GLOBAL(__setup_e500_ivors) 922 li r3,DebugCrit@l 923 mtspr SPRN_IVOR15,r3 924 li r3,SPEUnavailable@l 925 mtspr SPRN_IVOR32,r3 926 li r3,SPEFloatingPointData@l 927 mtspr SPRN_IVOR33,r3 928 li r3,SPEFloatingPointRound@l 929 mtspr SPRN_IVOR34,r3 930 li r3,PerformanceMonitor@l 931 mtspr SPRN_IVOR35,r3 932 sync 933 blr 934#else 935/* Adjust or setup IVORs for e500mc */ 936_GLOBAL(__setup_e500mc_ivors) 937 li r3,DebugDebug@l 938 mtspr SPRN_IVOR15,r3 939 li r3,PerformanceMonitor@l 940 mtspr SPRN_IVOR35,r3 941 li r3,Doorbell@l 942 mtspr SPRN_IVOR36,r3 943 li r3,CriticalDoorbell@l 944 mtspr SPRN_IVOR37,r3 945 sync 946 blr 947 948/* setup ehv ivors for */ 949_GLOBAL(__setup_ehv_ivors) 950 li r3,GuestDoorbell@l 951 mtspr SPRN_IVOR38,r3 952 li r3,CriticalGuestDoorbell@l 953 mtspr SPRN_IVOR39,r3 954 li r3,Hypercall@l 955 mtspr SPRN_IVOR40,r3 956 li r3,Ehvpriv@l 957 mtspr SPRN_IVOR41,r3 958 sync 959 blr 960#endif /* CONFIG_PPC_E500MC */ 961#endif /* CONFIG_PPC_E500 */ 962 963#ifdef CONFIG_SPE 964/* 965 * extern void __giveup_spe(struct task_struct *prev) 966 * 967 */ 968_GLOBAL(__giveup_spe) 969 addi r3,r3,THREAD /* want THREAD of task */ 970 lwz r5,PT_REGS(r3) 971 cmpi 0,r5,0 972 SAVE_32EVRS(0, r4, r3, THREAD_EVR0) 973 evxor evr6, evr6, evr6 /* clear out evr6 */ 974 evmwumiaa evr6, evr6, evr6 /* evr6 <- ACC = 0 * 0 + ACC */ 975 li r4,THREAD_ACC 976 evstddx evr6, r4, r3 /* save off accumulator */ 977 beq 1f 978 lwz r4,_MSR-STACK_INT_FRAME_REGS(r5) 979 lis r3,MSR_SPE@h 980 andc r4,r4,r3 /* disable SPE for previous task */ 981 stw r4,_MSR-STACK_INT_FRAME_REGS(r5) 9821: 983 blr 984#endif /* CONFIG_SPE */ 985 986/* 987 * extern void abort(void) 988 * 989 * At present, this routine just applies a system reset. 990 */ 991_GLOBAL(abort) 992 li r13,0 993 mtspr SPRN_DBCR0,r13 /* disable all debug events */ 994 isync 995 mfmsr r13 996 ori r13,r13,MSR_DE@l /* Enable Debug Events */ 997 mtmsr r13 998 isync 999 mfspr r13,SPRN_DBCR0 1000 lis r13,(DBCR0_IDM|DBCR0_RST_CHIP)@h 1001 mtspr SPRN_DBCR0,r13 1002 isync 1003 1004#ifdef CONFIG_SMP 1005/* When we get here, r24 needs to hold the CPU # */ 1006 .globl __secondary_start 1007__secondary_start: 1008 LOAD_REG_ADDR_PIC(r3, tlbcam_index) 1009 lwz r3,0(r3) 1010 mtctr r3 1011 li r26,0 /* r26 safe? */ 1012 1013 bl switch_to_as1 1014 mr r27,r3 /* tlb entry */ 1015 /* Load each CAM entry */ 10161: mr r3,r26 1017 bl loadcam_entry 1018 addi r26,r26,1 1019 bdnz 1b 1020 mr r3,r27 /* tlb entry */ 1021 LOAD_REG_ADDR_PIC(r4, memstart_addr) 1022 lwz r4,0(r4) 1023 mr r5,r25 /* phys kernel start */ 1024 rlwinm r5,r5,0,~0x3ffffff /* aligned 64M */ 1025 subf r4,r5,r4 /* memstart_addr - phys kernel start */ 1026 lis r7,KERNELBASE@h 1027 ori r7,r7,KERNELBASE@l 1028 cmpw r20,r7 /* if kernstart_virt_addr != KERNELBASE, randomized */ 1029 beq 2f 1030 li r4,0 10312: li r5,0 /* no device tree */ 1032 li r6,0 /* not boot cpu */ 1033 bl restore_to_as0 1034 1035 1036 lis r3,__secondary_hold_acknowledge@h 1037 ori r3,r3,__secondary_hold_acknowledge@l 1038 stw r24,0(r3) 1039 1040 li r3,0 1041 mr r4,r24 /* Why? */ 1042 bl call_setup_cpu 1043 1044 /* get current's stack and current */ 1045 lis r2,secondary_current@ha 1046 lwz r2,secondary_current@l(r2) 1047 lwz r1,TASK_STACK(r2) 1048 1049 /* stack */ 1050 addi r1,r1,THREAD_SIZE-STACK_FRAME_MIN_SIZE 1051 li r0,0 1052 stw r0,0(r1) 1053 1054 /* ptr to current thread */ 1055 addi r4,r2,THREAD /* address of our thread_struct */ 1056 mtspr SPRN_SPRG_THREAD,r4 1057 1058 /* Setup the defaults for TLB entries */ 1059 li r4,(MAS4_TSIZED(BOOK3E_PAGESZ_4K))@l 1060 mtspr SPRN_MAS4,r4 1061 1062 /* Jump to start_secondary */ 1063 lis r4,MSR_KERNEL@h 1064 ori r4,r4,MSR_KERNEL@l 1065 lis r3,start_secondary@h 1066 ori r3,r3,start_secondary@l 1067 mtspr SPRN_SRR0,r3 1068 mtspr SPRN_SRR1,r4 1069 sync 1070 rfi 1071 sync 1072 1073 .globl __secondary_hold_acknowledge 1074__secondary_hold_acknowledge: 1075 .long -1 1076#endif 1077 1078/* 1079 * Create a 64M tlb by address and entry 1080 * r3 - entry 1081 * r4 - virtual address 1082 * r5/r6 - physical address 1083 */ 1084_GLOBAL(create_kaslr_tlb_entry) 1085 lis r7,0x1000 /* Set MAS0(TLBSEL) = 1 */ 1086 rlwimi r7,r3,16,4,15 /* Setup MAS0 = TLBSEL | ESEL(r6) */ 1087 mtspr SPRN_MAS0,r7 /* Write MAS0 */ 1088 1089 lis r3,(MAS1_VALID|MAS1_IPROT)@h 1090 ori r3,r3,(MAS1_TSIZE(BOOK3E_PAGESZ_64M))@l 1091 mtspr SPRN_MAS1,r3 /* Write MAS1 */ 1092 1093 lis r3,MAS2_EPN_MASK(BOOK3E_PAGESZ_64M)@h 1094 ori r3,r3,MAS2_EPN_MASK(BOOK3E_PAGESZ_64M)@l 1095 and r3,r3,r4 1096 ori r3,r3,MAS2_M_IF_NEEDED@l 1097 mtspr SPRN_MAS2,r3 /* Write MAS2(EPN) */ 1098 1099#ifdef CONFIG_PHYS_64BIT 1100 ori r8,r6,(MAS3_SW|MAS3_SR|MAS3_SX) 1101 mtspr SPRN_MAS3,r8 /* Write MAS3(RPN) */ 1102 mtspr SPRN_MAS7,r5 1103#else 1104 ori r8,r5,(MAS3_SW|MAS3_SR|MAS3_SX) 1105 mtspr SPRN_MAS3,r8 /* Write MAS3(RPN) */ 1106#endif 1107 1108 tlbwe /* Write TLB */ 1109 isync 1110 sync 1111 blr 1112 1113/* 1114 * Return to the start of the relocated kernel and run again 1115 * r3 - virtual address of fdt 1116 * r4 - entry of the kernel 1117 */ 1118_GLOBAL(reloc_kernel_entry) 1119 mfmsr r7 1120 rlwinm r7, r7, 0, ~(MSR_IS | MSR_DS) 1121 1122 mtspr SPRN_SRR0,r4 1123 mtspr SPRN_SRR1,r7 1124 rfi 1125 1126/* 1127 * Create a tlb entry with the same effective and physical address as 1128 * the tlb entry used by the current running code. But set the TS to 1. 1129 * Then switch to the address space 1. It will return with the r3 set to 1130 * the ESEL of the new created tlb. 1131 */ 1132_GLOBAL(switch_to_as1) 1133 mflr r5 1134 1135 /* Find a entry not used */ 1136 mfspr r3,SPRN_TLB1CFG 1137 andi. r3,r3,0xfff 1138 mfspr r4,SPRN_PID 1139 rlwinm r4,r4,16,0x3fff0000 /* turn PID into MAS6[SPID] */ 1140 mtspr SPRN_MAS6,r4 11411: lis r4,0x1000 /* Set MAS0(TLBSEL) = 1 */ 1142 addi r3,r3,-1 1143 rlwimi r4,r3,16,4,15 /* Setup MAS0 = TLBSEL | ESEL(r3) */ 1144 mtspr SPRN_MAS0,r4 1145 tlbre 1146 mfspr r4,SPRN_MAS1 1147 andis. r4,r4,MAS1_VALID@h 1148 bne 1b 1149 1150 /* Get the tlb entry used by the current running code */ 1151 bcl 20,31,$+4 11520: mflr r4 1153 tlbsx 0,r4 1154 1155 mfspr r4,SPRN_MAS1 1156 ori r4,r4,MAS1_TS /* Set the TS = 1 */ 1157 mtspr SPRN_MAS1,r4 1158 1159 mfspr r4,SPRN_MAS0 1160 rlwinm r4,r4,0,~MAS0_ESEL_MASK 1161 rlwimi r4,r3,16,4,15 /* Setup MAS0 = TLBSEL | ESEL(r3) */ 1162 mtspr SPRN_MAS0,r4 1163 tlbwe 1164 isync 1165 sync 1166 1167 mfmsr r4 1168 ori r4,r4,MSR_IS | MSR_DS 1169 mtspr SPRN_SRR0,r5 1170 mtspr SPRN_SRR1,r4 1171 sync 1172 rfi 1173 1174/* 1175 * Restore to the address space 0 and also invalidate the tlb entry created 1176 * by switch_to_as1. 1177 * r3 - the tlb entry which should be invalidated 1178 * r4 - __pa(PAGE_OFFSET in AS1) - __pa(PAGE_OFFSET in AS0) 1179 * r5 - device tree virtual address. If r4 is 0, r5 is ignored. 1180 * r6 - boot cpu 1181*/ 1182_GLOBAL(restore_to_as0) 1183 mflr r0 1184 1185 bcl 20,31,$+4 11860: mflr r9 1187 addi r9,r9,1f - 0b 1188 1189 /* 1190 * We may map the PAGE_OFFSET in AS0 to a different physical address, 1191 * so we need calculate the right jump and device tree address based 1192 * on the offset passed by r4. 1193 */ 1194 add r9,r9,r4 1195 add r5,r5,r4 1196 add r0,r0,r4 1197 11982: mfmsr r7 1199 li r8,(MSR_IS | MSR_DS) 1200 andc r7,r7,r8 1201 1202 mtspr SPRN_SRR0,r9 1203 mtspr SPRN_SRR1,r7 1204 sync 1205 rfi 1206 1207 /* Invalidate the temporary tlb entry for AS1 */ 12081: lis r9,0x1000 /* Set MAS0(TLBSEL) = 1 */ 1209 rlwimi r9,r3,16,4,15 /* Setup MAS0 = TLBSEL | ESEL(r3) */ 1210 mtspr SPRN_MAS0,r9 1211 tlbre 1212 mfspr r9,SPRN_MAS1 1213 rlwinm r9,r9,0,2,31 /* Clear MAS1 Valid and IPPROT */ 1214 mtspr SPRN_MAS1,r9 1215 tlbwe 1216 isync 1217 1218 cmpwi r4,0 1219 cmpwi cr1,r6,0 1220 cror eq,4*cr1+eq,eq 1221 bne 3f /* offset != 0 && is_boot_cpu */ 1222 mtlr r0 1223 blr 1224 1225 /* 1226 * The PAGE_OFFSET will map to a different physical address, 1227 * jump to _start to do another relocation again. 1228 */ 12293: mr r3,r5 1230 bl _start 1231