1 /* 2 * This file contains the routines for handling the MMU on those 3 * PowerPC implementations where the MMU substantially follows the 4 * architecture specification. This includes the 6xx, 7xx, 7xxx, 5 * and 8260 implementations but excludes the 8xx and 4xx. 6 * -- paulus 7 * 8 * Derived from arch/ppc/mm/init.c: 9 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org) 10 * 11 * Modifications by Paul Mackerras (PowerMac) (paulus@cs.anu.edu.au) 12 * and Cort Dougan (PReP) (cort@cs.nmt.edu) 13 * Copyright (C) 1996 Paul Mackerras 14 * 15 * Derived from "arch/i386/mm/init.c" 16 * Copyright (C) 1991, 1992, 1993, 1994 Linus Torvalds 17 * 18 * This program is free software; you can redistribute it and/or 19 * modify it under the terms of the GNU General Public License 20 * as published by the Free Software Foundation; either version 21 * 2 of the License, or (at your option) any later version. 22 * 23 */ 24 25 #include <linux/kernel.h> 26 #include <linux/mm.h> 27 #include <linux/init.h> 28 #include <linux/highmem.h> 29 #include <linux/memblock.h> 30 31 #include <asm/prom.h> 32 #include <asm/mmu.h> 33 #include <asm/machdep.h> 34 #include <asm/code-patching.h> 35 #include <asm/sections.h> 36 37 #include <mm/mmu_decl.h> 38 39 struct hash_pte *Hash; 40 static unsigned long Hash_size, Hash_mask; 41 unsigned long _SDR1; 42 static unsigned int hash_mb, hash_mb2; 43 44 struct ppc_bat BATS[8][2]; /* 8 pairs of IBAT, DBAT */ 45 46 struct batrange { /* stores address ranges mapped by BATs */ 47 unsigned long start; 48 unsigned long limit; 49 phys_addr_t phys; 50 } bat_addrs[8]; 51 52 /* 53 * Return PA for this VA if it is mapped by a BAT, or 0 54 */ 55 phys_addr_t v_block_mapped(unsigned long va) 56 { 57 int b; 58 for (b = 0; b < ARRAY_SIZE(bat_addrs); ++b) 59 if (va >= bat_addrs[b].start && va < bat_addrs[b].limit) 60 return bat_addrs[b].phys + (va - bat_addrs[b].start); 61 return 0; 62 } 63 64 /* 65 * Return VA for a given PA or 0 if not mapped 66 */ 67 unsigned long p_block_mapped(phys_addr_t pa) 68 { 69 int b; 70 for (b = 0; b < ARRAY_SIZE(bat_addrs); ++b) 71 if (pa >= bat_addrs[b].phys 72 && pa < (bat_addrs[b].limit-bat_addrs[b].start) 73 +bat_addrs[b].phys) 74 return bat_addrs[b].start+(pa-bat_addrs[b].phys); 75 return 0; 76 } 77 78 static int find_free_bat(void) 79 { 80 int b; 81 82 if (cpu_has_feature(CPU_FTR_601)) { 83 for (b = 0; b < 4; b++) { 84 struct ppc_bat *bat = BATS[b]; 85 86 if (!(bat[0].batl & 0x40)) 87 return b; 88 } 89 } else { 90 int n = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4; 91 92 for (b = 0; b < n; b++) { 93 struct ppc_bat *bat = BATS[b]; 94 95 if (!(bat[1].batu & 3)) 96 return b; 97 } 98 } 99 return -1; 100 } 101 102 /* 103 * This function calculates the size of the larger block usable to map the 104 * beginning of an area based on the start address and size of that area: 105 * - max block size is 8M on 601 and 256 on other 6xx. 106 * - base address must be aligned to the block size. So the maximum block size 107 * is identified by the lowest bit set to 1 in the base address (for instance 108 * if base is 0x16000000, max size is 0x02000000). 109 * - block size has to be a power of two. This is calculated by finding the 110 * highest bit set to 1. 111 */ 112 static unsigned int block_size(unsigned long base, unsigned long top) 113 { 114 unsigned int max_size = (cpu_has_feature(CPU_FTR_601) ? 8 : 256) << 20; 115 unsigned int base_shift = (ffs(base) - 1) & 31; 116 unsigned int block_shift = (fls(top - base) - 1) & 31; 117 118 return min3(max_size, 1U << base_shift, 1U << block_shift); 119 } 120 121 /* 122 * Set up one of the IBAT (block address translation) register pairs. 123 * The parameters are not checked; in particular size must be a power 124 * of 2 between 128k and 256M. 125 * Only for 603+ ... 126 */ 127 static void setibat(int index, unsigned long virt, phys_addr_t phys, 128 unsigned int size, pgprot_t prot) 129 { 130 unsigned int bl = (size >> 17) - 1; 131 int wimgxpp; 132 struct ppc_bat *bat = BATS[index]; 133 unsigned long flags = pgprot_val(prot); 134 135 if (!cpu_has_feature(CPU_FTR_NEED_COHERENT)) 136 flags &= ~_PAGE_COHERENT; 137 138 wimgxpp = (flags & _PAGE_COHERENT) | (_PAGE_EXEC ? BPP_RX : BPP_XX); 139 bat[0].batu = virt | (bl << 2) | 2; /* Vs=1, Vp=0 */ 140 bat[0].batl = BAT_PHYS_ADDR(phys) | wimgxpp; 141 if (flags & _PAGE_USER) 142 bat[0].batu |= 1; /* Vp = 1 */ 143 } 144 145 static void clearibat(int index) 146 { 147 struct ppc_bat *bat = BATS[index]; 148 149 bat[0].batu = 0; 150 bat[0].batl = 0; 151 } 152 153 static unsigned long __init __mmu_mapin_ram(unsigned long base, unsigned long top) 154 { 155 int idx; 156 157 while ((idx = find_free_bat()) != -1 && base != top) { 158 unsigned int size = block_size(base, top); 159 160 if (size < 128 << 10) 161 break; 162 setbat(idx, PAGE_OFFSET + base, base, size, PAGE_KERNEL_X); 163 base += size; 164 } 165 166 return base; 167 } 168 169 unsigned long __init mmu_mapin_ram(unsigned long base, unsigned long top) 170 { 171 unsigned long done; 172 unsigned long border = (unsigned long)__init_begin - PAGE_OFFSET; 173 174 if (__map_without_bats) { 175 pr_debug("RAM mapped without BATs\n"); 176 return base; 177 } 178 179 if (!strict_kernel_rwx_enabled() || base >= border || top <= border) 180 return __mmu_mapin_ram(base, top); 181 182 done = __mmu_mapin_ram(base, border); 183 if (done != border) 184 return done; 185 186 return __mmu_mapin_ram(border, top); 187 } 188 189 void mmu_mark_initmem_nx(void) 190 { 191 int nb = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4; 192 int i; 193 unsigned long base = (unsigned long)_stext - PAGE_OFFSET; 194 unsigned long top = (unsigned long)_etext - PAGE_OFFSET; 195 unsigned long size; 196 197 if (cpu_has_feature(CPU_FTR_601)) 198 return; 199 200 for (i = 0; i < nb - 1 && base < top && top - base > (128 << 10);) { 201 size = block_size(base, top); 202 setibat(i++, PAGE_OFFSET + base, base, size, PAGE_KERNEL_TEXT); 203 base += size; 204 } 205 if (base < top) { 206 size = block_size(base, top); 207 size = max(size, 128UL << 10); 208 if ((top - base) > size) { 209 if (strict_kernel_rwx_enabled()) 210 pr_warn("Kernel _etext not properly aligned\n"); 211 size <<= 1; 212 } 213 setibat(i++, PAGE_OFFSET + base, base, size, PAGE_KERNEL_TEXT); 214 base += size; 215 } 216 for (; i < nb; i++) 217 clearibat(i); 218 219 update_bats(); 220 221 for (i = TASK_SIZE >> 28; i < 16; i++) { 222 /* Do not set NX on VM space for modules */ 223 if (IS_ENABLED(CONFIG_MODULES) && 224 (VMALLOC_START & 0xf0000000) == i << 28) 225 break; 226 mtsrin(mfsrin(i << 28) | 0x10000000, i << 28); 227 } 228 } 229 230 void mmu_mark_rodata_ro(void) 231 { 232 int nb = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4; 233 int i; 234 235 if (cpu_has_feature(CPU_FTR_601)) 236 return; 237 238 for (i = 0; i < nb; i++) { 239 struct ppc_bat *bat = BATS[i]; 240 241 if (bat_addrs[i].start < (unsigned long)__init_begin) 242 bat[1].batl = (bat[1].batl & ~BPP_RW) | BPP_RX; 243 } 244 245 update_bats(); 246 } 247 248 /* 249 * Set up one of the I/D BAT (block address translation) register pairs. 250 * The parameters are not checked; in particular size must be a power 251 * of 2 between 128k and 256M. 252 * On 603+, only set IBAT when _PAGE_EXEC is set 253 */ 254 void __init setbat(int index, unsigned long virt, phys_addr_t phys, 255 unsigned int size, pgprot_t prot) 256 { 257 unsigned int bl; 258 int wimgxpp; 259 struct ppc_bat *bat = BATS[index]; 260 unsigned long flags = pgprot_val(prot); 261 262 if ((flags & _PAGE_NO_CACHE) || 263 (cpu_has_feature(CPU_FTR_NEED_COHERENT) == 0)) 264 flags &= ~_PAGE_COHERENT; 265 266 bl = (size >> 17) - 1; 267 if (PVR_VER(mfspr(SPRN_PVR)) != 1) { 268 /* 603, 604, etc. */ 269 /* Do DBAT first */ 270 wimgxpp = flags & (_PAGE_WRITETHRU | _PAGE_NO_CACHE 271 | _PAGE_COHERENT | _PAGE_GUARDED); 272 wimgxpp |= (flags & _PAGE_RW)? BPP_RW: BPP_RX; 273 bat[1].batu = virt | (bl << 2) | 2; /* Vs=1, Vp=0 */ 274 bat[1].batl = BAT_PHYS_ADDR(phys) | wimgxpp; 275 if (flags & _PAGE_USER) 276 bat[1].batu |= 1; /* Vp = 1 */ 277 if (flags & _PAGE_GUARDED) { 278 /* G bit must be zero in IBATs */ 279 flags &= ~_PAGE_EXEC; 280 } 281 if (flags & _PAGE_EXEC) 282 bat[0] = bat[1]; 283 else 284 bat[0].batu = bat[0].batl = 0; 285 } else { 286 /* 601 cpu */ 287 if (bl > BL_8M) 288 bl = BL_8M; 289 wimgxpp = flags & (_PAGE_WRITETHRU | _PAGE_NO_CACHE 290 | _PAGE_COHERENT); 291 wimgxpp |= (flags & _PAGE_RW)? 292 ((flags & _PAGE_USER)? PP_RWRW: PP_RWXX): PP_RXRX; 293 bat->batu = virt | wimgxpp | 4; /* Ks=0, Ku=1 */ 294 bat->batl = phys | bl | 0x40; /* V=1 */ 295 } 296 297 bat_addrs[index].start = virt; 298 bat_addrs[index].limit = virt + ((bl + 1) << 17) - 1; 299 bat_addrs[index].phys = phys; 300 } 301 302 /* 303 * Preload a translation in the hash table 304 */ 305 void hash_preload(struct mm_struct *mm, unsigned long ea, 306 bool is_exec, unsigned long trap) 307 { 308 pmd_t *pmd; 309 310 if (!Hash) 311 return; 312 pmd = pmd_offset(pud_offset(pgd_offset(mm, ea), ea), ea); 313 if (!pmd_none(*pmd)) 314 add_hash_page(mm->context.id, ea, pmd_val(*pmd)); 315 } 316 317 /* 318 * Initialize the hash table and patch the instructions in hashtable.S. 319 */ 320 void __init MMU_init_hw(void) 321 { 322 unsigned int n_hpteg, lg_n_hpteg; 323 324 if (!mmu_has_feature(MMU_FTR_HPTE_TABLE)) 325 return; 326 327 if ( ppc_md.progress ) ppc_md.progress("hash:enter", 0x105); 328 329 #define LG_HPTEG_SIZE 6 /* 64 bytes per HPTEG */ 330 #define SDR1_LOW_BITS ((n_hpteg - 1) >> 10) 331 #define MIN_N_HPTEG 1024 /* min 64kB hash table */ 332 333 /* 334 * Allow 1 HPTE (1/8 HPTEG) for each page of memory. 335 * This is less than the recommended amount, but then 336 * Linux ain't AIX. 337 */ 338 n_hpteg = total_memory / (PAGE_SIZE * 8); 339 if (n_hpteg < MIN_N_HPTEG) 340 n_hpteg = MIN_N_HPTEG; 341 lg_n_hpteg = __ilog2(n_hpteg); 342 if (n_hpteg & (n_hpteg - 1)) { 343 ++lg_n_hpteg; /* round up if not power of 2 */ 344 n_hpteg = 1 << lg_n_hpteg; 345 } 346 Hash_size = n_hpteg << LG_HPTEG_SIZE; 347 348 /* 349 * Find some memory for the hash table. 350 */ 351 if ( ppc_md.progress ) ppc_md.progress("hash:find piece", 0x322); 352 Hash = memblock_alloc(Hash_size, Hash_size); 353 if (!Hash) 354 panic("%s: Failed to allocate %lu bytes align=0x%lx\n", 355 __func__, Hash_size, Hash_size); 356 _SDR1 = __pa(Hash) | SDR1_LOW_BITS; 357 358 pr_info("Total memory = %lldMB; using %ldkB for hash table\n", 359 (unsigned long long)(total_memory >> 20), Hash_size >> 10); 360 361 362 Hash_mask = n_hpteg - 1; 363 hash_mb2 = hash_mb = 32 - LG_HPTEG_SIZE - lg_n_hpteg; 364 if (lg_n_hpteg > 16) 365 hash_mb2 = 16 - LG_HPTEG_SIZE; 366 } 367 368 void __init MMU_init_hw_patch(void) 369 { 370 unsigned int hmask = Hash_mask >> (16 - LG_HPTEG_SIZE); 371 372 if (ppc_md.progress) 373 ppc_md.progress("hash:patch", 0x345); 374 if (ppc_md.progress) 375 ppc_md.progress("hash:done", 0x205); 376 377 /* WARNING: Make sure nothing can trigger a KASAN check past this point */ 378 379 /* 380 * Patch up the instructions in hashtable.S:create_hpte 381 */ 382 modify_instruction_site(&patch__hash_page_A0, 0xffff, 383 ((unsigned int)Hash - PAGE_OFFSET) >> 16); 384 modify_instruction_site(&patch__hash_page_A1, 0x7c0, hash_mb << 6); 385 modify_instruction_site(&patch__hash_page_A2, 0x7c0, hash_mb2 << 6); 386 modify_instruction_site(&patch__hash_page_B, 0xffff, hmask); 387 modify_instruction_site(&patch__hash_page_C, 0xffff, hmask); 388 389 /* 390 * Patch up the instructions in hashtable.S:flush_hash_page 391 */ 392 modify_instruction_site(&patch__flush_hash_A0, 0xffff, 393 ((unsigned int)Hash - PAGE_OFFSET) >> 16); 394 modify_instruction_site(&patch__flush_hash_A1, 0x7c0, hash_mb << 6); 395 modify_instruction_site(&patch__flush_hash_A2, 0x7c0, hash_mb2 << 6); 396 modify_instruction_site(&patch__flush_hash_B, 0xffff, hmask); 397 } 398 399 void setup_initial_memory_limit(phys_addr_t first_memblock_base, 400 phys_addr_t first_memblock_size) 401 { 402 /* We don't currently support the first MEMBLOCK not mapping 0 403 * physical on those processors 404 */ 405 BUG_ON(first_memblock_base != 0); 406 407 /* 601 can only access 16MB at the moment */ 408 if (PVR_VER(mfspr(SPRN_PVR)) == 1) 409 memblock_set_current_limit(min_t(u64, first_memblock_size, 0x01000000)); 410 else /* Anything else has 256M mapped */ 411 memblock_set_current_limit(min_t(u64, first_memblock_size, 0x10000000)); 412 } 413 414 void __init print_system_hash_info(void) 415 { 416 pr_info("Hash_size = 0x%lx\n", Hash_size); 417 if (Hash_mask) 418 pr_info("Hash_mask = 0x%lx\n", Hash_mask); 419 } 420 421 #ifdef CONFIG_PPC_KUEP 422 void __init setup_kuep(bool disabled) 423 { 424 pr_info("Activating Kernel Userspace Execution Prevention\n"); 425 426 if (cpu_has_feature(CPU_FTR_601)) 427 pr_warn("KUEP is not working on powerpc 601 (No NX bit in Seg Regs)\n"); 428 429 if (disabled) 430 pr_warn("KUEP cannot be disabled yet on 6xx when compiled in\n"); 431 } 432 #endif 433 434 #ifdef CONFIG_PPC_KUAP 435 void __init setup_kuap(bool disabled) 436 { 437 pr_info("Activating Kernel Userspace Access Protection\n"); 438 439 if (disabled) 440 pr_warn("KUAP cannot be disabled yet on 6xx when compiled in\n"); 441 } 442 #endif 443