1/* 2 * PowerPC version 3 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org) 4 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP 5 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu> 6 * Low-level exception handlers and MMU support 7 * rewritten by Paul Mackerras. 8 * Copyright (C) 1996 Paul Mackerras. 9 * MPC8xx modifications by Dan Malek 10 * Copyright (C) 1997 Dan Malek (dmalek@jlc.net). 11 * 12 * This file contains low-level support and setup for PowerPC 8xx 13 * embedded processors, including trap and interrupt dispatch. 14 * 15 * This program is free software; you can redistribute it and/or 16 * modify it under the terms of the GNU General Public License 17 * as published by the Free Software Foundation; either version 18 * 2 of the License, or (at your option) any later version. 19 * 20 */ 21 22#include <linux/init.h> 23#include <asm/processor.h> 24#include <asm/page.h> 25#include <asm/mmu.h> 26#include <asm/cache.h> 27#include <asm/pgtable.h> 28#include <asm/cputable.h> 29#include <asm/thread_info.h> 30#include <asm/ppc_asm.h> 31#include <asm/asm-offsets.h> 32#include <asm/ptrace.h> 33#include <asm/export.h> 34#include <asm/code-patching-asm.h> 35 36#include "head_32.h" 37 38#if CONFIG_TASK_SIZE <= 0x80000000 && CONFIG_PAGE_OFFSET >= 0x80000000 39/* By simply checking Address >= 0x80000000, we know if its a kernel address */ 40#define SIMPLE_KERNEL_ADDRESS 1 41#endif 42 43/* 44 * We need an ITLB miss handler for kernel addresses if: 45 * - Either we have modules 46 * - Or we have not pinned the first 8M 47 */ 48#if defined(CONFIG_MODULES) || !defined(CONFIG_PIN_TLB_TEXT) || \ 49 defined(CONFIG_DEBUG_PAGEALLOC) 50#define ITLB_MISS_KERNEL 1 51#endif 52 53/* 54 * Value for the bits that have fixed value in RPN entries. 55 * Also used for tagging DAR for DTLBerror. 56 */ 57#define RPN_PATTERN 0x00f0 58 59#define PAGE_SHIFT_512K 19 60#define PAGE_SHIFT_8M 23 61 62 __HEAD 63_ENTRY(_stext); 64_ENTRY(_start); 65 66/* MPC8xx 67 * This port was done on an MBX board with an 860. Right now I only 68 * support an ELF compressed (zImage) boot from EPPC-Bug because the 69 * code there loads up some registers before calling us: 70 * r3: ptr to board info data 71 * r4: initrd_start or if no initrd then 0 72 * r5: initrd_end - unused if r4 is 0 73 * r6: Start of command line string 74 * r7: End of command line string 75 * 76 * I decided to use conditional compilation instead of checking PVR and 77 * adding more processor specific branches around code I don't need. 78 * Since this is an embedded processor, I also appreciate any memory 79 * savings I can get. 80 * 81 * The MPC8xx does not have any BATs, but it supports large page sizes. 82 * We first initialize the MMU to support 8M byte pages, then load one 83 * entry into each of the instruction and data TLBs to map the first 84 * 8M 1:1. I also mapped an additional I/O space 1:1 so we can get to 85 * the "internal" processor registers before MMU_init is called. 86 * 87 * -- Dan 88 */ 89 .globl __start 90__start: 91 mr r31,r3 /* save device tree ptr */ 92 93 /* We have to turn on the MMU right away so we get cache modes 94 * set correctly. 95 */ 96 bl initial_mmu 97 98/* We now have the lower 8 Meg mapped into TLB entries, and the caches 99 * ready to work. 100 */ 101 102turn_on_mmu: 103 mfmsr r0 104 ori r0,r0,MSR_DR|MSR_IR 105 mtspr SPRN_SRR1,r0 106 lis r0,start_here@h 107 ori r0,r0,start_here@l 108 mtspr SPRN_SRR0,r0 109 rfi /* enables MMU */ 110 111 112#ifdef CONFIG_PERF_EVENTS 113 .align 4 114 115 .globl itlb_miss_counter 116itlb_miss_counter: 117 .space 4 118 119 .globl dtlb_miss_counter 120dtlb_miss_counter: 121 .space 4 122 123 .globl instruction_counter 124instruction_counter: 125 .space 4 126#endif 127 128/* System reset */ 129 EXCEPTION(0x100, Reset, system_reset_exception, EXC_XFER_STD) 130 131/* Machine check */ 132 . = 0x200 133MachineCheck: 134 EXCEPTION_PROLOG 135 mfspr r4,SPRN_DAR 136 stw r4,_DAR(r11) 137 li r5,RPN_PATTERN 138 mtspr SPRN_DAR,r5 /* Tag DAR, to be used in DTLB Error */ 139 mfspr r5,SPRN_DSISR 140 stw r5,_DSISR(r11) 141 addi r3,r1,STACK_FRAME_OVERHEAD 142 EXC_XFER_STD(0x200, machine_check_exception) 143 144/* Data access exception. 145 * This is "never generated" by the MPC8xx. 146 */ 147 . = 0x300 148DataAccess: 149 150/* Instruction access exception. 151 * This is "never generated" by the MPC8xx. 152 */ 153 . = 0x400 154InstructionAccess: 155 156/* External interrupt */ 157 EXCEPTION(0x500, HardwareInterrupt, do_IRQ, EXC_XFER_LITE) 158 159/* Alignment exception */ 160 . = 0x600 161Alignment: 162 EXCEPTION_PROLOG 163 mfspr r4,SPRN_DAR 164 stw r4,_DAR(r11) 165 li r5,RPN_PATTERN 166 mtspr SPRN_DAR,r5 /* Tag DAR, to be used in DTLB Error */ 167 mfspr r5,SPRN_DSISR 168 stw r5,_DSISR(r11) 169 addi r3,r1,STACK_FRAME_OVERHEAD 170 EXC_XFER_STD(0x600, alignment_exception) 171 172/* Program check exception */ 173 EXCEPTION(0x700, ProgramCheck, program_check_exception, EXC_XFER_STD) 174 175/* No FPU on MPC8xx. This exception is not supposed to happen. 176*/ 177 EXCEPTION(0x800, FPUnavailable, unknown_exception, EXC_XFER_STD) 178 179/* Decrementer */ 180 EXCEPTION(0x900, Decrementer, timer_interrupt, EXC_XFER_LITE) 181 182 EXCEPTION(0xa00, Trap_0a, unknown_exception, EXC_XFER_STD) 183 EXCEPTION(0xb00, Trap_0b, unknown_exception, EXC_XFER_STD) 184 185/* System call */ 186 . = 0xc00 187SystemCall: 188 SYSCALL_ENTRY 0xc00 189 190/* Single step - not used on 601 */ 191 EXCEPTION(0xd00, SingleStep, single_step_exception, EXC_XFER_STD) 192 EXCEPTION(0xe00, Trap_0e, unknown_exception, EXC_XFER_STD) 193 EXCEPTION(0xf00, Trap_0f, unknown_exception, EXC_XFER_STD) 194 195/* On the MPC8xx, this is a software emulation interrupt. It occurs 196 * for all unimplemented and illegal instructions. 197 */ 198 EXCEPTION(0x1000, SoftEmu, program_check_exception, EXC_XFER_STD) 199 200/* Called from DataStoreTLBMiss when perf TLB misses events are activated */ 201#ifdef CONFIG_PERF_EVENTS 202 patch_site 0f, patch__dtlbmiss_perf 2030: lwz r10, (dtlb_miss_counter - PAGE_OFFSET)@l(0) 204 addi r10, r10, 1 205 stw r10, (dtlb_miss_counter - PAGE_OFFSET)@l(0) 206 mfspr r10, SPRN_SPRG_SCRATCH0 207 mfspr r11, SPRN_SPRG_SCRATCH1 208 rfi 209#endif 210 211 . = 0x1100 212/* 213 * For the MPC8xx, this is a software tablewalk to load the instruction 214 * TLB. The task switch loads the M_TWB register with the pointer to the first 215 * level table. 216 * If we discover there is no second level table (value is zero) or if there 217 * is an invalid pte, we load that into the TLB, which causes another fault 218 * into the TLB Error interrupt where we can handle such problems. 219 * We have to use the MD_xxx registers for the tablewalk because the 220 * equivalent MI_xxx registers only perform the attribute functions. 221 */ 222 223#ifdef CONFIG_8xx_CPU15 224#define INVALIDATE_ADJACENT_PAGES_CPU15(addr) \ 225 addi addr, addr, PAGE_SIZE; \ 226 tlbie addr; \ 227 addi addr, addr, -(PAGE_SIZE << 1); \ 228 tlbie addr; \ 229 addi addr, addr, PAGE_SIZE 230#else 231#define INVALIDATE_ADJACENT_PAGES_CPU15(addr) 232#endif 233 234InstructionTLBMiss: 235 mtspr SPRN_SPRG_SCRATCH0, r10 236#if defined(ITLB_MISS_KERNEL) || defined(CONFIG_SWAP) 237 mtspr SPRN_SPRG_SCRATCH1, r11 238#endif 239 240 /* If we are faulting a kernel address, we have to use the 241 * kernel page tables. 242 */ 243 mfspr r10, SPRN_SRR0 /* Get effective address of fault */ 244 INVALIDATE_ADJACENT_PAGES_CPU15(r10) 245 mtspr SPRN_MD_EPN, r10 246 /* Only modules will cause ITLB Misses as we always 247 * pin the first 8MB of kernel memory */ 248#ifdef ITLB_MISS_KERNEL 249 mfcr r11 250#if defined(SIMPLE_KERNEL_ADDRESS) && defined(CONFIG_PIN_TLB_TEXT) 251 cmpi cr0, r10, 0 /* Address >= 0x80000000 */ 252#else 253 rlwinm r10, r10, 16, 0xfff8 254 cmpli cr0, r10, PAGE_OFFSET@h 255#ifndef CONFIG_PIN_TLB_TEXT 256 /* It is assumed that kernel code fits into the first 32M */ 2570: cmpli cr7, r10, (PAGE_OFFSET + 0x2000000)@h 258 patch_site 0b, patch__itlbmiss_linmem_top 259#endif 260#endif 261#endif 262 mfspr r10, SPRN_M_TWB /* Get level 1 table */ 263#ifdef ITLB_MISS_KERNEL 264#if defined(SIMPLE_KERNEL_ADDRESS) && defined(CONFIG_PIN_TLB_TEXT) 265 bge+ 3f 266#else 267 blt+ 3f 268#endif 269#ifndef CONFIG_PIN_TLB_TEXT 270 blt cr7, ITLBMissLinear 271#endif 272 rlwinm r10, r10, 0, 20, 31 273 oris r10, r10, (swapper_pg_dir - PAGE_OFFSET)@ha 2743: 275#endif 276 lwz r10, (swapper_pg_dir-PAGE_OFFSET)@l(r10) /* Get level 1 entry */ 277 mtspr SPRN_MI_TWC, r10 /* Set segment attributes */ 278 279 mtspr SPRN_MD_TWC, r10 280 mfspr r10, SPRN_MD_TWC 281 lwz r10, 0(r10) /* Get the pte */ 282#ifdef ITLB_MISS_KERNEL 283 mtcr r11 284#endif 285#ifdef CONFIG_SWAP 286 rlwinm r11, r10, 32-5, _PAGE_PRESENT 287 and r11, r11, r10 288 rlwimi r10, r11, 0, _PAGE_PRESENT 289#endif 290 /* The Linux PTE won't go exactly into the MMU TLB. 291 * Software indicator bits 20 and 23 must be clear. 292 * Software indicator bits 22, 24, 25, 26, and 27 must be 293 * set. All other Linux PTE bits control the behavior 294 * of the MMU. 295 */ 296 rlwimi r10, r10, 0, 0x0f00 /* Clear bits 20-23 */ 297 rlwimi r10, r10, 4, 0x0400 /* Copy _PAGE_EXEC into bit 21 */ 298 ori r10, r10, RPN_PATTERN | 0x200 /* Set 22 and 24-27 */ 299 mtspr SPRN_MI_RPN, r10 /* Update TLB entry */ 300 301 /* Restore registers */ 3020: mfspr r10, SPRN_SPRG_SCRATCH0 303#if defined(ITLB_MISS_KERNEL) || defined(CONFIG_SWAP) 304 mfspr r11, SPRN_SPRG_SCRATCH1 305#endif 306 rfi 307 patch_site 0b, patch__itlbmiss_exit_1 308 309#ifdef CONFIG_PERF_EVENTS 310 patch_site 0f, patch__itlbmiss_perf 3110: lwz r10, (itlb_miss_counter - PAGE_OFFSET)@l(0) 312 addi r10, r10, 1 313 stw r10, (itlb_miss_counter - PAGE_OFFSET)@l(0) 314 mfspr r10, SPRN_SPRG_SCRATCH0 315#if defined(ITLB_MISS_KERNEL) || defined(CONFIG_SWAP) 316 mfspr r11, SPRN_SPRG_SCRATCH1 317#endif 318 rfi 319#endif 320 321#ifndef CONFIG_PIN_TLB_TEXT 322ITLBMissLinear: 323 mtcr r11 324#if defined(CONFIG_STRICT_KERNEL_RWX) && CONFIG_ETEXT_SHIFT < 23 325 patch_site 0f, patch__itlbmiss_linmem_top8 326 327 mfspr r10, SPRN_SRR0 3280: subis r11, r10, (PAGE_OFFSET - 0x80000000)@ha 329 rlwinm r11, r11, 4, MI_PS8MEG ^ MI_PS512K 330 ori r11, r11, MI_PS512K | MI_SVALID 331 rlwinm r10, r10, 0, 0x0ff80000 /* 8xx supports max 256Mb RAM */ 332#else 333 /* Set 8M byte page and mark it valid */ 334 li r11, MI_PS8MEG | MI_SVALID 335 rlwinm r10, r10, 20, 0x0f800000 /* 8xx supports max 256Mb RAM */ 336#endif 337 mtspr SPRN_MI_TWC, r11 338 ori r10, r10, 0xf0 | MI_SPS16K | _PAGE_SH | _PAGE_DIRTY | \ 339 _PAGE_PRESENT 340 mtspr SPRN_MI_RPN, r10 /* Update TLB entry */ 341 3420: mfspr r10, SPRN_SPRG_SCRATCH0 343 mfspr r11, SPRN_SPRG_SCRATCH1 344 rfi 345 patch_site 0b, patch__itlbmiss_exit_2 346#endif 347 348 . = 0x1200 349DataStoreTLBMiss: 350 mtspr SPRN_SPRG_SCRATCH0, r10 351 mtspr SPRN_SPRG_SCRATCH1, r11 352 mfcr r11 353 354 /* If we are faulting a kernel address, we have to use the 355 * kernel page tables. 356 */ 357 mfspr r10, SPRN_MD_EPN 358 rlwinm r10, r10, 16, 0xfff8 359 cmpli cr0, r10, PAGE_OFFSET@h 360#ifndef CONFIG_PIN_TLB_IMMR 361 cmpli cr6, r10, VIRT_IMMR_BASE@h 362#endif 3630: cmpli cr7, r10, (PAGE_OFFSET + 0x2000000)@h 364 patch_site 0b, patch__dtlbmiss_linmem_top 365 366 mfspr r10, SPRN_M_TWB /* Get level 1 table */ 367 blt+ 3f 368#ifndef CONFIG_PIN_TLB_IMMR 3690: beq- cr6, DTLBMissIMMR 370 patch_site 0b, patch__dtlbmiss_immr_jmp 371#endif 372 blt cr7, DTLBMissLinear 373 rlwinm r10, r10, 0, 20, 31 374 oris r10, r10, (swapper_pg_dir - PAGE_OFFSET)@ha 3753: 376 mtcr r11 377 lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r10) /* Get level 1 entry */ 378 379 mtspr SPRN_MD_TWC, r11 380 mfspr r10, SPRN_MD_TWC 381 lwz r10, 0(r10) /* Get the pte */ 382 383 /* Insert the Guarded flag into the TWC from the Linux PTE. 384 * It is bit 27 of both the Linux PTE and the TWC (at least 385 * I got that right :-). It will be better when we can put 386 * this into the Linux pgd/pmd and load it in the operation 387 * above. 388 */ 389 rlwimi r11, r10, 0, _PAGE_GUARDED 390 mtspr SPRN_MD_TWC, r11 391 392 /* Both _PAGE_ACCESSED and _PAGE_PRESENT has to be set. 393 * We also need to know if the insn is a load/store, so: 394 * Clear _PAGE_PRESENT and load that which will 395 * trap into DTLB Error with store bit set accordinly. 396 */ 397 /* PRESENT=0x1, ACCESSED=0x20 398 * r11 = ((r10 & PRESENT) & ((r10 & ACCESSED) >> 5)); 399 * r10 = (r10 & ~PRESENT) | r11; 400 */ 401#ifdef CONFIG_SWAP 402 rlwinm r11, r10, 32-5, _PAGE_PRESENT 403 and r11, r11, r10 404 rlwimi r10, r11, 0, _PAGE_PRESENT 405#endif 406 /* The Linux PTE won't go exactly into the MMU TLB. 407 * Software indicator bits 24, 25, 26, and 27 must be 408 * set. All other Linux PTE bits control the behavior 409 * of the MMU. 410 */ 411 li r11, RPN_PATTERN 412 rlwimi r10, r11, 0, 24, 27 /* Set 24-27 */ 413 mtspr SPRN_MD_RPN, r10 /* Update TLB entry */ 414 415 /* Restore registers */ 416 mtspr SPRN_DAR, r11 /* Tag DAR */ 417 4180: mfspr r10, SPRN_SPRG_SCRATCH0 419 mfspr r11, SPRN_SPRG_SCRATCH1 420 rfi 421 patch_site 0b, patch__dtlbmiss_exit_1 422 423DTLBMissIMMR: 424 mtcr r11 425 /* Set 512k byte guarded page and mark it valid */ 426 li r10, MD_PS512K | MD_GUARDED | MD_SVALID 427 mtspr SPRN_MD_TWC, r10 428 mfspr r10, SPRN_IMMR /* Get current IMMR */ 429 rlwinm r10, r10, 0, 0xfff80000 /* Get 512 kbytes boundary */ 430 ori r10, r10, 0xf0 | MD_SPS16K | _PAGE_SH | _PAGE_DIRTY | \ 431 _PAGE_PRESENT | _PAGE_NO_CACHE 432 mtspr SPRN_MD_RPN, r10 /* Update TLB entry */ 433 434 li r11, RPN_PATTERN 435 mtspr SPRN_DAR, r11 /* Tag DAR */ 436 4370: mfspr r10, SPRN_SPRG_SCRATCH0 438 mfspr r11, SPRN_SPRG_SCRATCH1 439 rfi 440 patch_site 0b, patch__dtlbmiss_exit_2 441 442DTLBMissLinear: 443 mtcr r11 444 rlwinm r10, r10, 20, 0x0f800000 /* 8xx supports max 256Mb RAM */ 445#if defined(CONFIG_STRICT_KERNEL_RWX) && CONFIG_DATA_SHIFT < 23 446 patch_site 0f, patch__dtlbmiss_romem_top8 447 4480: subis r11, r10, (PAGE_OFFSET - 0x80000000)@ha 449 rlwinm r11, r11, 0, 0xff800000 450 neg r10, r11 451 or r11, r11, r10 452 rlwinm r11, r11, 4, MI_PS8MEG ^ MI_PS512K 453 ori r11, r11, MI_PS512K | MI_SVALID 454 mfspr r10, SPRN_MD_EPN 455 rlwinm r10, r10, 0, 0x0ff80000 /* 8xx supports max 256Mb RAM */ 456#else 457 /* Set 8M byte page and mark it valid */ 458 li r11, MD_PS8MEG | MD_SVALID 459#endif 460 mtspr SPRN_MD_TWC, r11 461#ifdef CONFIG_STRICT_KERNEL_RWX 462 patch_site 0f, patch__dtlbmiss_romem_top 463 4640: subis r11, r10, 0 465 rlwimi r10, r11, 11, _PAGE_RO 466#endif 467 ori r10, r10, 0xf0 | MD_SPS16K | _PAGE_SH | _PAGE_DIRTY | \ 468 _PAGE_PRESENT 469 mtspr SPRN_MD_RPN, r10 /* Update TLB entry */ 470 471 li r11, RPN_PATTERN 472 mtspr SPRN_DAR, r11 /* Tag DAR */ 473 4740: mfspr r10, SPRN_SPRG_SCRATCH0 475 mfspr r11, SPRN_SPRG_SCRATCH1 476 rfi 477 patch_site 0b, patch__dtlbmiss_exit_3 478 479/* This is an instruction TLB error on the MPC8xx. This could be due 480 * to many reasons, such as executing guarded memory or illegal instruction 481 * addresses. There is nothing to do but handle a big time error fault. 482 */ 483 . = 0x1300 484InstructionTLBError: 485 EXCEPTION_PROLOG 486 mr r4,r12 487 andis. r5,r9,DSISR_SRR1_MATCH_32S@h /* Filter relevant SRR1 bits */ 488 andis. r10,r9,SRR1_ISI_NOPT@h 489 beq+ .Litlbie 490 tlbie r4 491 /* 0x400 is InstructionAccess exception, needed by bad_page_fault() */ 492.Litlbie: 493 EXC_XFER_LITE(0x400, handle_page_fault) 494 495/* This is the data TLB error on the MPC8xx. This could be due to 496 * many reasons, including a dirty update to a pte. We bail out to 497 * a higher level function that can handle it. 498 */ 499 . = 0x1400 500DataTLBError: 501 mtspr SPRN_SPRG_SCRATCH0, r10 502 mtspr SPRN_SPRG_SCRATCH1, r11 503 mfcr r10 504 505 mfspr r11, SPRN_DAR 506 cmpwi cr0, r11, RPN_PATTERN 507 beq- FixupDAR /* must be a buggy dcbX, icbi insn. */ 508DARFixed:/* Return from dcbx instruction bug workaround */ 509 EXCEPTION_PROLOG_1 510 EXCEPTION_PROLOG_2 511 mfspr r5,SPRN_DSISR 512 stw r5,_DSISR(r11) 513 mfspr r4,SPRN_DAR 514 andis. r10,r5,DSISR_NOHPTE@h 515 beq+ .Ldtlbie 516 tlbie r4 517.Ldtlbie: 518 li r10,RPN_PATTERN 519 mtspr SPRN_DAR,r10 /* Tag DAR, to be used in DTLB Error */ 520 /* 0x300 is DataAccess exception, needed by bad_page_fault() */ 521 EXC_XFER_LITE(0x300, handle_page_fault) 522 523 EXCEPTION(0x1500, Trap_15, unknown_exception, EXC_XFER_STD) 524 EXCEPTION(0x1600, Trap_16, unknown_exception, EXC_XFER_STD) 525 EXCEPTION(0x1700, Trap_17, unknown_exception, EXC_XFER_STD) 526 EXCEPTION(0x1800, Trap_18, unknown_exception, EXC_XFER_STD) 527 EXCEPTION(0x1900, Trap_19, unknown_exception, EXC_XFER_STD) 528 EXCEPTION(0x1a00, Trap_1a, unknown_exception, EXC_XFER_STD) 529 EXCEPTION(0x1b00, Trap_1b, unknown_exception, EXC_XFER_STD) 530 531/* On the MPC8xx, these next four traps are used for development 532 * support of breakpoints and such. Someday I will get around to 533 * using them. 534 */ 535 . = 0x1c00 536DataBreakpoint: 537 mtspr SPRN_SPRG_SCRATCH0, r10 538 mtspr SPRN_SPRG_SCRATCH1, r11 539 mfcr r10 540 mfspr r11, SPRN_SRR0 541 cmplwi cr0, r11, (.Ldtlbie - PAGE_OFFSET)@l 542 cmplwi cr7, r11, (.Litlbie - PAGE_OFFSET)@l 543 beq- cr0, 11f 544 beq- cr7, 11f 545 EXCEPTION_PROLOG_1 546 EXCEPTION_PROLOG_2 547 addi r3,r1,STACK_FRAME_OVERHEAD 548 mfspr r4,SPRN_BAR 549 stw r4,_DAR(r11) 550 mfspr r5,SPRN_DSISR 551 EXC_XFER_STD(0x1c00, do_break) 55211: 553 mtcr r10 554 mfspr r10, SPRN_SPRG_SCRATCH0 555 mfspr r11, SPRN_SPRG_SCRATCH1 556 rfi 557 558#ifdef CONFIG_PERF_EVENTS 559 . = 0x1d00 560InstructionBreakpoint: 561 mtspr SPRN_SPRG_SCRATCH0, r10 562 lwz r10, (instruction_counter - PAGE_OFFSET)@l(0) 563 addi r10, r10, -1 564 stw r10, (instruction_counter - PAGE_OFFSET)@l(0) 565 lis r10, 0xffff 566 ori r10, r10, 0x01 567 mtspr SPRN_COUNTA, r10 568 mfspr r10, SPRN_SPRG_SCRATCH0 569 rfi 570#else 571 EXCEPTION(0x1d00, Trap_1d, unknown_exception, EXC_XFER_STD) 572#endif 573 EXCEPTION(0x1e00, Trap_1e, unknown_exception, EXC_XFER_STD) 574 EXCEPTION(0x1f00, Trap_1f, unknown_exception, EXC_XFER_STD) 575 576 . = 0x2000 577 578/* This is the procedure to calculate the data EA for buggy dcbx,dcbi instructions 579 * by decoding the registers used by the dcbx instruction and adding them. 580 * DAR is set to the calculated address. 581 */ 582 /* define if you don't want to use self modifying code */ 583#define NO_SELF_MODIFYING_CODE 584FixupDAR:/* Entry point for dcbx workaround. */ 585 mtspr SPRN_M_TW, r10 586 /* fetch instruction from memory. */ 587 mfspr r10, SPRN_SRR0 588 mtspr SPRN_MD_EPN, r10 589 rlwinm r11, r10, 16, 0xfff8 590 cmpli cr0, r11, PAGE_OFFSET@h 591 mfspr r11, SPRN_M_TWB /* Get level 1 table */ 592 blt+ 3f 593 rlwinm r11, r10, 16, 0xfff8 594 5950: cmpli cr7, r11, (PAGE_OFFSET + 0x1800000)@h 596 patch_site 0b, patch__fixupdar_linmem_top 597 598 /* create physical page address from effective address */ 599 tophys(r11, r10) 600 blt- cr7, 201f 601 mfspr r11, SPRN_M_TWB /* Get level 1 table */ 602 rlwinm r11, r11, 0, 20, 31 603 oris r11, r11, (swapper_pg_dir - PAGE_OFFSET)@ha 6043: 605 lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r11) /* Get the level 1 entry */ 606 mtspr SPRN_MD_TWC, r11 607 mtcr r11 608 mfspr r11, SPRN_MD_TWC 609 lwz r11, 0(r11) /* Get the pte */ 610 bt 28,200f /* bit 28 = Large page (8M) */ 611 bt 29,202f /* bit 29 = Large page (8M or 512K) */ 612 /* concat physical page address(r11) and page offset(r10) */ 613 rlwimi r11, r10, 0, 32 - PAGE_SHIFT, 31 614201: lwz r11,0(r11) 615/* Check if it really is a dcbx instruction. */ 616/* dcbt and dcbtst does not generate DTLB Misses/Errors, 617 * no need to include them here */ 618 xoris r10, r11, 0x7c00 /* check if major OP code is 31 */ 619 rlwinm r10, r10, 0, 21, 5 620 cmpwi cr0, r10, 2028 /* Is dcbz? */ 621 beq+ 142f 622 cmpwi cr0, r10, 940 /* Is dcbi? */ 623 beq+ 142f 624 cmpwi cr0, r10, 108 /* Is dcbst? */ 625 beq+ 144f /* Fix up store bit! */ 626 cmpwi cr0, r10, 172 /* Is dcbf? */ 627 beq+ 142f 628 cmpwi cr0, r10, 1964 /* Is icbi? */ 629 beq+ 142f 630141: mfspr r10,SPRN_M_TW 631 b DARFixed /* Nope, go back to normal TLB processing */ 632 633200: 634 /* concat physical page address(r11) and page offset(r10) */ 635 rlwimi r11, r10, 0, 32 - PAGE_SHIFT_8M, 31 636 b 201b 637 638202: 639 /* concat physical page address(r11) and page offset(r10) */ 640 rlwimi r11, r10, 0, 32 - PAGE_SHIFT_512K, 31 641 b 201b 642 643144: mfspr r10, SPRN_DSISR 644 rlwinm r10, r10,0,7,5 /* Clear store bit for buggy dcbst insn */ 645 mtspr SPRN_DSISR, r10 646142: /* continue, it was a dcbx, dcbi instruction. */ 647#ifndef NO_SELF_MODIFYING_CODE 648 andis. r10,r11,0x1f /* test if reg RA is r0 */ 649 li r10,modified_instr@l 650 dcbtst r0,r10 /* touch for store */ 651 rlwinm r11,r11,0,0,20 /* Zero lower 10 bits */ 652 oris r11,r11,640 /* Transform instr. to a "add r10,RA,RB" */ 653 ori r11,r11,532 654 stw r11,0(r10) /* store add/and instruction */ 655 dcbf 0,r10 /* flush new instr. to memory. */ 656 icbi 0,r10 /* invalidate instr. cache line */ 657 mfspr r11, SPRN_SPRG_SCRATCH1 /* restore r11 */ 658 mfspr r10, SPRN_SPRG_SCRATCH0 /* restore r10 */ 659 isync /* Wait until new instr is loaded from memory */ 660modified_instr: 661 .space 4 /* this is where the add instr. is stored */ 662 bne+ 143f 663 subf r10,r0,r10 /* r10=r10-r0, only if reg RA is r0 */ 664143: mtdar r10 /* store faulting EA in DAR */ 665 mfspr r10,SPRN_M_TW 666 b DARFixed /* Go back to normal TLB handling */ 667#else 668 mfctr r10 669 mtdar r10 /* save ctr reg in DAR */ 670 rlwinm r10, r11, 24, 24, 28 /* offset into jump table for reg RB */ 671 addi r10, r10, 150f@l /* add start of table */ 672 mtctr r10 /* load ctr with jump address */ 673 xor r10, r10, r10 /* sum starts at zero */ 674 bctr /* jump into table */ 675150: 676 add r10, r10, r0 ;b 151f 677 add r10, r10, r1 ;b 151f 678 add r10, r10, r2 ;b 151f 679 add r10, r10, r3 ;b 151f 680 add r10, r10, r4 ;b 151f 681 add r10, r10, r5 ;b 151f 682 add r10, r10, r6 ;b 151f 683 add r10, r10, r7 ;b 151f 684 add r10, r10, r8 ;b 151f 685 add r10, r10, r9 ;b 151f 686 mtctr r11 ;b 154f /* r10 needs special handling */ 687 mtctr r11 ;b 153f /* r11 needs special handling */ 688 add r10, r10, r12 ;b 151f 689 add r10, r10, r13 ;b 151f 690 add r10, r10, r14 ;b 151f 691 add r10, r10, r15 ;b 151f 692 add r10, r10, r16 ;b 151f 693 add r10, r10, r17 ;b 151f 694 add r10, r10, r18 ;b 151f 695 add r10, r10, r19 ;b 151f 696 add r10, r10, r20 ;b 151f 697 add r10, r10, r21 ;b 151f 698 add r10, r10, r22 ;b 151f 699 add r10, r10, r23 ;b 151f 700 add r10, r10, r24 ;b 151f 701 add r10, r10, r25 ;b 151f 702 add r10, r10, r26 ;b 151f 703 add r10, r10, r27 ;b 151f 704 add r10, r10, r28 ;b 151f 705 add r10, r10, r29 ;b 151f 706 add r10, r10, r30 ;b 151f 707 add r10, r10, r31 708151: 709 rlwinm. r11,r11,19,24,28 /* offset into jump table for reg RA */ 710 beq 152f /* if reg RA is zero, don't add it */ 711 addi r11, r11, 150b@l /* add start of table */ 712 mtctr r11 /* load ctr with jump address */ 713 rlwinm r11,r11,0,16,10 /* make sure we don't execute this more than once */ 714 bctr /* jump into table */ 715152: 716 mfdar r11 717 mtctr r11 /* restore ctr reg from DAR */ 718 mtdar r10 /* save fault EA to DAR */ 719 mfspr r10,SPRN_M_TW 720 b DARFixed /* Go back to normal TLB handling */ 721 722 /* special handling for r10,r11 since these are modified already */ 723153: mfspr r11, SPRN_SPRG_SCRATCH1 /* load r11 from SPRN_SPRG_SCRATCH1 */ 724 add r10, r10, r11 /* add it */ 725 mfctr r11 /* restore r11 */ 726 b 151b 727154: mfspr r11, SPRN_SPRG_SCRATCH0 /* load r10 from SPRN_SPRG_SCRATCH0 */ 728 add r10, r10, r11 /* add it */ 729 mfctr r11 /* restore r11 */ 730 b 151b 731#endif 732 733/* 734 * This is where the main kernel code starts. 735 */ 736start_here: 737 /* ptr to current */ 738 lis r2,init_task@h 739 ori r2,r2,init_task@l 740 741 /* ptr to phys current thread */ 742 tophys(r4,r2) 743 addi r4,r4,THREAD /* init task's THREAD */ 744 mtspr SPRN_SPRG_THREAD,r4 745 746 /* stack */ 747 lis r1,init_thread_union@ha 748 addi r1,r1,init_thread_union@l 749 li r0,0 750 stwu r0,THREAD_SIZE-STACK_FRAME_OVERHEAD(r1) 751 752 lis r6, swapper_pg_dir@ha 753 tophys(r6,r6) 754 mtspr SPRN_M_TWB, r6 755 756 bl early_init /* We have to do this with MMU on */ 757 758/* 759 * Decide what sort of machine this is and initialize the MMU. 760 */ 761#ifdef CONFIG_KASAN 762 bl kasan_early_init 763#endif 764 li r3,0 765 mr r4,r31 766 bl machine_init 767 bl MMU_init 768 769/* 770 * Go back to running unmapped so we can load up new values 771 * and change to using our exception vectors. 772 * On the 8xx, all we have to do is invalidate the TLB to clear 773 * the old 8M byte TLB mappings and load the page table base register. 774 */ 775 /* The right way to do this would be to track it down through 776 * init's THREAD like the context switch code does, but this is 777 * easier......until someone changes init's static structures. 778 */ 779 lis r4,2f@h 780 ori r4,r4,2f@l 781 tophys(r4,r4) 782 li r3,MSR_KERNEL & ~(MSR_IR|MSR_DR) 783 mtspr SPRN_SRR0,r4 784 mtspr SPRN_SRR1,r3 785 rfi 786/* Load up the kernel context */ 7872: 788 tlbia /* Clear all TLB entries */ 789 sync /* wait for tlbia/tlbie to finish */ 790 791 /* set up the PTE pointers for the Abatron bdiGDB. 792 */ 793 lis r5, abatron_pteptrs@h 794 ori r5, r5, abatron_pteptrs@l 795 stw r5, 0xf0(0) /* Must match your Abatron config file */ 796 tophys(r5,r5) 797 lis r6, swapper_pg_dir@h 798 ori r6, r6, swapper_pg_dir@l 799 stw r6, 0(r5) 800 801/* Now turn on the MMU for real! */ 802 li r4,MSR_KERNEL 803 lis r3,start_kernel@h 804 ori r3,r3,start_kernel@l 805 mtspr SPRN_SRR0,r3 806 mtspr SPRN_SRR1,r4 807 rfi /* enable MMU and jump to start_kernel */ 808 809/* Set up the initial MMU state so we can do the first level of 810 * kernel initialization. This maps the first 8 MBytes of memory 1:1 811 * virtual to physical. Also, set the cache mode since that is defined 812 * by TLB entries and perform any additional mapping (like of the IMMR). 813 * If configured to pin some TLBs, we pin the first 8 Mbytes of kernel, 814 * 24 Mbytes of data, and the 512k IMMR space. Anything not covered by 815 * these mappings is mapped by page tables. 816 */ 817initial_mmu: 818 li r8, 0 819 mtspr SPRN_MI_CTR, r8 /* remove PINNED ITLB entries */ 820 lis r10, MD_RESETVAL@h 821#ifndef CONFIG_8xx_COPYBACK 822 oris r10, r10, MD_WTDEF@h 823#endif 824 mtspr SPRN_MD_CTR, r10 /* remove PINNED DTLB entries */ 825 826 tlbia /* Invalidate all TLB entries */ 827#ifdef CONFIG_PIN_TLB_DATA 828 oris r10, r10, MD_RSV4I@h 829 mtspr SPRN_MD_CTR, r10 /* Set data TLB control */ 830#endif 831 832 lis r8, MI_APG_INIT@h /* Set protection modes */ 833 ori r8, r8, MI_APG_INIT@l 834 mtspr SPRN_MI_AP, r8 835 lis r8, MD_APG_INIT@h 836 ori r8, r8, MD_APG_INIT@l 837 mtspr SPRN_MD_AP, r8 838 839 /* Map a 512k page for the IMMR to get the processor 840 * internal registers (among other things). 841 */ 842#ifdef CONFIG_PIN_TLB_IMMR 843 oris r10, r10, MD_RSV4I@h 844 ori r10, r10, 0x1c00 845 mtspr SPRN_MD_CTR, r10 846 847 mfspr r9, 638 /* Get current IMMR */ 848 andis. r9, r9, 0xfff8 /* Get 512 kbytes boundary */ 849 850 lis r8, VIRT_IMMR_BASE@h /* Create vaddr for TLB */ 851 ori r8, r8, MD_EVALID /* Mark it valid */ 852 mtspr SPRN_MD_EPN, r8 853 li r8, MD_PS512K | MD_GUARDED /* Set 512k byte page */ 854 ori r8, r8, MD_SVALID /* Make it valid */ 855 mtspr SPRN_MD_TWC, r8 856 mr r8, r9 /* Create paddr for TLB */ 857 ori r8, r8, MI_BOOTINIT|0x2 /* Inhibit cache -- Cort */ 858 mtspr SPRN_MD_RPN, r8 859#endif 860 861 /* Now map the lower RAM (up to 32 Mbytes) into the ITLB. */ 862#ifdef CONFIG_PIN_TLB_TEXT 863 lis r8, MI_RSV4I@h 864 ori r8, r8, 0x1c00 865#endif 866 li r9, 4 /* up to 4 pages of 8M */ 867 mtctr r9 868 lis r9, KERNELBASE@h /* Create vaddr for TLB */ 869 li r10, MI_PS8MEG | MI_SVALID /* Set 8M byte page */ 870 li r11, MI_BOOTINIT /* Create RPN for address 0 */ 871 lis r12, _einittext@h 872 ori r12, r12, _einittext@l 8731: 874#ifdef CONFIG_PIN_TLB_TEXT 875 mtspr SPRN_MI_CTR, r8 /* Set instruction MMU control */ 876 addi r8, r8, 0x100 877#endif 878 879 ori r0, r9, MI_EVALID /* Mark it valid */ 880 mtspr SPRN_MI_EPN, r0 881 mtspr SPRN_MI_TWC, r10 882 mtspr SPRN_MI_RPN, r11 /* Store TLB entry */ 883 addis r9, r9, 0x80 884 addis r11, r11, 0x80 885 886 cmpl cr0, r9, r12 887 bdnzf gt, 1b 888 889 /* Since the cache is enabled according to the information we 890 * just loaded into the TLB, invalidate and enable the caches here. 891 * We should probably check/set other modes....later. 892 */ 893 lis r8, IDC_INVALL@h 894 mtspr SPRN_IC_CST, r8 895 mtspr SPRN_DC_CST, r8 896 lis r8, IDC_ENABLE@h 897 mtspr SPRN_IC_CST, r8 898#ifdef CONFIG_8xx_COPYBACK 899 mtspr SPRN_DC_CST, r8 900#else 901 /* For a debug option, I left this here to easily enable 902 * the write through cache mode 903 */ 904 lis r8, DC_SFWT@h 905 mtspr SPRN_DC_CST, r8 906 lis r8, IDC_ENABLE@h 907 mtspr SPRN_DC_CST, r8 908#endif 909 /* Disable debug mode entry on breakpoints */ 910 mfspr r8, SPRN_DER 911#ifdef CONFIG_PERF_EVENTS 912 rlwinm r8, r8, 0, ~0xc 913#else 914 rlwinm r8, r8, 0, ~0x8 915#endif 916 mtspr SPRN_DER, r8 917 blr 918 919 920/* 921 * We put a few things here that have to be page-aligned. 922 * This stuff goes at the beginning of the data segment, 923 * which is page-aligned. 924 */ 925 .data 926 .globl sdata 927sdata: 928 .globl empty_zero_page 929 .align PAGE_SHIFT 930empty_zero_page: 931 .space PAGE_SIZE 932EXPORT_SYMBOL(empty_zero_page) 933 934 .globl swapper_pg_dir 935swapper_pg_dir: 936 .space PGD_TABLE_SIZE 937 938/* Room for two PTE table poiners, usually the kernel and current user 939 * pointer to their respective root page table (pgdir). 940 */ 941 .globl abatron_pteptrs 942abatron_pteptrs: 943 .space 8 944