Loading...
1/*
2 * PowerPC version
3 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
4 *
5 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
6 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
7 * Adapted for Power Macintosh by Paul Mackerras.
8 * Low-level exception handlers and MMU support
9 * rewritten by Paul Mackerras.
10 * Copyright (C) 1996 Paul Mackerras.
11 *
12 * Adapted for 64bit PowerPC by Dave Engebretsen, Peter Bergner, and
13 * Mike Corrigan {engebret|bergner|mikejc}@us.ibm.com
14 *
15 * This file contains the entry point for the 64-bit kernel along
16 * with some early initialization code common to all 64-bit powerpc
17 * variants.
18 *
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version
22 * 2 of the License, or (at your option) any later version.
23 */
24
25#include <linux/threads.h>
26#include <linux/init.h>
27#include <asm/reg.h>
28#include <asm/page.h>
29#include <asm/mmu.h>
30#include <asm/ppc_asm.h>
31#include <asm/head-64.h>
32#include <asm/asm-offsets.h>
33#include <asm/bug.h>
34#include <asm/cputable.h>
35#include <asm/setup.h>
36#include <asm/hvcall.h>
37#include <asm/thread_info.h>
38#include <asm/firmware.h>
39#include <asm/page_64.h>
40#include <asm/irqflags.h>
41#include <asm/kvm_book3s_asm.h>
42#include <asm/ptrace.h>
43#include <asm/hw_irq.h>
44#include <asm/cputhreads.h>
45#include <asm/ppc-opcode.h>
46#include <asm/export.h>
47
48/* The physical memory is laid out such that the secondary processor
49 * spin code sits at 0x0000...0x00ff. On server, the vectors follow
50 * using the layout described in exceptions-64s.S
51 */
52
53/*
54 * Entering into this code we make the following assumptions:
55 *
56 * For pSeries or server processors:
57 * 1. The MMU is off & open firmware is running in real mode.
58 * 2. The primary CPU enters at __start.
59 * 3. If the RTAS supports "query-cpu-stopped-state", then secondary
60 * CPUs will enter as directed by "start-cpu" RTAS call, which is
61 * generic_secondary_smp_init, with PIR in r3.
62 * 4. Else the secondary CPUs will enter at secondary_hold (0x60) as
63 * directed by the "start-cpu" RTS call, with PIR in r3.
64 * -or- For OPAL entry:
65 * 1. The MMU is off, processor in HV mode.
66 * 2. The primary CPU enters at 0 with device-tree in r3, OPAL base
67 * in r8, and entry in r9 for debugging purposes.
68 * 3. Secondary CPUs enter as directed by OPAL_START_CPU call, which
69 * is at generic_secondary_smp_init, with PIR in r3.
70 *
71 * For Book3E processors:
72 * 1. The MMU is on running in AS0 in a state defined in ePAPR
73 * 2. The kernel is entered at __start
74 */
75
76OPEN_FIXED_SECTION(first_256B, 0x0, 0x100)
77USE_FIXED_SECTION(first_256B)
78 /*
79 * Offsets are relative from the start of fixed section, and
80 * first_256B starts at 0. Offsets are a bit easier to use here
81 * than the fixed section entry macros.
82 */
83 . = 0x0
84_GLOBAL(__start)
85 /* NOP this out unconditionally */
86BEGIN_FTR_SECTION
87 FIXUP_ENDIAN
88 b __start_initialization_multiplatform
89END_FTR_SECTION(0, 1)
90
91 /* Catch branch to 0 in real mode */
92 trap
93
94 /* Secondary processors spin on this value until it becomes non-zero.
95 * When non-zero, it contains the real address of the function the cpu
96 * should jump to.
97 */
98 .balign 8
99 .globl __secondary_hold_spinloop
100__secondary_hold_spinloop:
101 .8byte 0x0
102
103 /* Secondary processors write this value with their cpu # */
104 /* after they enter the spin loop immediately below. */
105 .globl __secondary_hold_acknowledge
106__secondary_hold_acknowledge:
107 .8byte 0x0
108
109#ifdef CONFIG_RELOCATABLE
110 /* This flag is set to 1 by a loader if the kernel should run
111 * at the loaded address instead of the linked address. This
112 * is used by kexec-tools to keep the the kdump kernel in the
113 * crash_kernel region. The loader is responsible for
114 * observing the alignment requirement.
115 */
116
117#ifdef CONFIG_RELOCATABLE_TEST
118#define RUN_AT_LOAD_DEFAULT 1 /* Test relocation, do not copy to 0 */
119#else
120#define RUN_AT_LOAD_DEFAULT 0x72756e30 /* "run0" -- relocate to 0 by default */
121#endif
122
123 /* Do not move this variable as kexec-tools knows about it. */
124 . = 0x5c
125 .globl __run_at_load
126__run_at_load:
127DEFINE_FIXED_SYMBOL(__run_at_load)
128 .long RUN_AT_LOAD_DEFAULT
129#endif
130
131 . = 0x60
132/*
133 * The following code is used to hold secondary processors
134 * in a spin loop after they have entered the kernel, but
135 * before the bulk of the kernel has been relocated. This code
136 * is relocated to physical address 0x60 before prom_init is run.
137 * All of it must fit below the first exception vector at 0x100.
138 * Use .globl here not _GLOBAL because we want __secondary_hold
139 * to be the actual text address, not a descriptor.
140 */
141 .globl __secondary_hold
142__secondary_hold:
143 FIXUP_ENDIAN
144#ifndef CONFIG_PPC_BOOK3E
145 mfmsr r24
146 ori r24,r24,MSR_RI
147 mtmsrd r24 /* RI on */
148#endif
149 /* Grab our physical cpu number */
150 mr r24,r3
151 /* stash r4 for book3e */
152 mr r25,r4
153
154 /* Tell the master cpu we're here */
155 /* Relocation is off & we are located at an address less */
156 /* than 0x100, so only need to grab low order offset. */
157 std r24,(ABS_ADDR(__secondary_hold_acknowledge))(0)
158 sync
159
160 li r26,0
161#ifdef CONFIG_PPC_BOOK3E
162 tovirt(r26,r26)
163#endif
164 /* All secondary cpus wait here until told to start. */
165100: ld r12,(ABS_ADDR(__secondary_hold_spinloop))(r26)
166 cmpdi 0,r12,0
167 beq 100b
168
169#if defined(CONFIG_SMP) || defined(CONFIG_KEXEC_CORE)
170#ifdef CONFIG_PPC_BOOK3E
171 tovirt(r12,r12)
172#endif
173 mtctr r12
174 mr r3,r24
175 /*
176 * it may be the case that other platforms have r4 right to
177 * begin with, this gives us some safety in case it is not
178 */
179#ifdef CONFIG_PPC_BOOK3E
180 mr r4,r25
181#else
182 li r4,0
183#endif
184 /* Make sure that patched code is visible */
185 isync
186 bctr
187#else
188 BUG_OPCODE
189#endif
190CLOSE_FIXED_SECTION(first_256B)
191
192/* This value is used to mark exception frames on the stack. */
193 .section ".toc","aw"
194exception_marker:
195 .tc ID_72656773_68657265[TC],0x7265677368657265
196 .previous
197
198/*
199 * On server, we include the exception vectors code here as it
200 * relies on absolute addressing which is only possible within
201 * this compilation unit
202 */
203#ifdef CONFIG_PPC_BOOK3S
204#include "exceptions-64s.S"
205#else
206OPEN_TEXT_SECTION(0x100)
207#endif
208
209USE_TEXT_SECTION()
210
211#ifdef CONFIG_PPC_BOOK3E
212/*
213 * The booting_thread_hwid holds the thread id we want to boot in cpu
214 * hotplug case. It is set by cpu hotplug code, and is invalid by default.
215 * The thread id is the same as the initial value of SPRN_PIR[THREAD_ID]
216 * bit field.
217 */
218 .globl booting_thread_hwid
219booting_thread_hwid:
220 .long INVALID_THREAD_HWID
221 .align 3
222/*
223 * start a thread in the same core
224 * input parameters:
225 * r3 = the thread physical id
226 * r4 = the entry point where thread starts
227 */
228_GLOBAL(book3e_start_thread)
229 LOAD_REG_IMMEDIATE(r5, MSR_KERNEL)
230 cmpwi r3, 0
231 beq 10f
232 cmpwi r3, 1
233 beq 11f
234 /* If the thread id is invalid, just exit. */
235 b 13f
23610:
237 MTTMR(TMRN_IMSR0, 5)
238 MTTMR(TMRN_INIA0, 4)
239 b 12f
24011:
241 MTTMR(TMRN_IMSR1, 5)
242 MTTMR(TMRN_INIA1, 4)
24312:
244 isync
245 li r6, 1
246 sld r6, r6, r3
247 mtspr SPRN_TENS, r6
24813:
249 blr
250
251/*
252 * stop a thread in the same core
253 * input parameter:
254 * r3 = the thread physical id
255 */
256_GLOBAL(book3e_stop_thread)
257 cmpwi r3, 0
258 beq 10f
259 cmpwi r3, 1
260 beq 10f
261 /* If the thread id is invalid, just exit. */
262 b 13f
26310:
264 li r4, 1
265 sld r4, r4, r3
266 mtspr SPRN_TENC, r4
26713:
268 blr
269
270_GLOBAL(fsl_secondary_thread_init)
271 mfspr r4,SPRN_BUCSR
272
273 /* Enable branch prediction */
274 lis r3,BUCSR_INIT@h
275 ori r3,r3,BUCSR_INIT@l
276 mtspr SPRN_BUCSR,r3
277 isync
278
279 /*
280 * Fix PIR to match the linear numbering in the device tree.
281 *
282 * On e6500, the reset value of PIR uses the low three bits for
283 * the thread within a core, and the upper bits for the core
284 * number. There are two threads per core, so shift everything
285 * but the low bit right by two bits so that the cpu numbering is
286 * continuous.
287 *
288 * If the old value of BUCSR is non-zero, this thread has run
289 * before. Thus, we assume we are coming from kexec or a similar
290 * scenario, and PIR is already set to the correct value. This
291 * is a bit of a hack, but there are limited opportunities for
292 * getting information into the thread and the alternatives
293 * seemed like they'd be overkill. We can't tell just by looking
294 * at the old PIR value which state it's in, since the same value
295 * could be valid for one thread out of reset and for a different
296 * thread in Linux.
297 */
298
299 mfspr r3, SPRN_PIR
300 cmpwi r4,0
301 bne 1f
302 rlwimi r3, r3, 30, 2, 30
303 mtspr SPRN_PIR, r3
3041:
305#endif
306
307_GLOBAL(generic_secondary_thread_init)
308 mr r24,r3
309
310 /* turn on 64-bit mode */
311 bl enable_64b_mode
312
313 /* get a valid TOC pointer, wherever we're mapped at */
314 bl relative_toc
315 tovirt(r2,r2)
316
317#ifdef CONFIG_PPC_BOOK3E
318 /* Book3E initialization */
319 mr r3,r24
320 bl book3e_secondary_thread_init
321#endif
322 b generic_secondary_common_init
323
324/*
325 * On pSeries and most other platforms, secondary processors spin
326 * in the following code.
327 * At entry, r3 = this processor's number (physical cpu id)
328 *
329 * On Book3E, r4 = 1 to indicate that the initial TLB entry for
330 * this core already exists (setup via some other mechanism such
331 * as SCOM before entry).
332 */
333_GLOBAL(generic_secondary_smp_init)
334 FIXUP_ENDIAN
335 mr r24,r3
336 mr r25,r4
337
338 /* turn on 64-bit mode */
339 bl enable_64b_mode
340
341 /* get a valid TOC pointer, wherever we're mapped at */
342 bl relative_toc
343 tovirt(r2,r2)
344
345#ifdef CONFIG_PPC_BOOK3E
346 /* Book3E initialization */
347 mr r3,r24
348 mr r4,r25
349 bl book3e_secondary_core_init
350
351/*
352 * After common core init has finished, check if the current thread is the
353 * one we wanted to boot. If not, start the specified thread and stop the
354 * current thread.
355 */
356 LOAD_REG_ADDR(r4, booting_thread_hwid)
357 lwz r3, 0(r4)
358 li r5, INVALID_THREAD_HWID
359 cmpw r3, r5
360 beq 20f
361
362 /*
363 * The value of booting_thread_hwid has been stored in r3,
364 * so make it invalid.
365 */
366 stw r5, 0(r4)
367
368 /*
369 * Get the current thread id and check if it is the one we wanted.
370 * If not, start the one specified in booting_thread_hwid and stop
371 * the current thread.
372 */
373 mfspr r8, SPRN_TIR
374 cmpw r3, r8
375 beq 20f
376
377 /* start the specified thread */
378 LOAD_REG_ADDR(r5, fsl_secondary_thread_init)
379 ld r4, 0(r5)
380 bl book3e_start_thread
381
382 /* stop the current thread */
383 mr r3, r8
384 bl book3e_stop_thread
38510:
386 b 10b
38720:
388#endif
389
390generic_secondary_common_init:
391 /* Set up a paca value for this processor. Since we have the
392 * physical cpu id in r24, we need to search the pacas to find
393 * which logical id maps to our physical one.
394 */
395#ifndef CONFIG_SMP
396 b kexec_wait /* wait for next kernel if !SMP */
397#else
398 LOAD_REG_ADDR(r8, paca_ptrs) /* Load paca_ptrs pointe */
399 ld r8,0(r8) /* Get base vaddr of array */
400 LOAD_REG_ADDR(r7, nr_cpu_ids) /* Load nr_cpu_ids address */
401 lwz r7,0(r7) /* also the max paca allocated */
402 li r5,0 /* logical cpu id */
4031:
404 sldi r9,r5,3 /* get paca_ptrs[] index from cpu id */
405 ldx r13,r9,r8 /* r13 = paca_ptrs[cpu id] */
406 lhz r6,PACAHWCPUID(r13) /* Load HW procid from paca */
407 cmpw r6,r24 /* Compare to our id */
408 beq 2f
409 addi r5,r5,1
410 cmpw r5,r7 /* Check if more pacas exist */
411 blt 1b
412
413 mr r3,r24 /* not found, copy phys to r3 */
414 b kexec_wait /* next kernel might do better */
415
4162: SET_PACA(r13)
417#ifdef CONFIG_PPC_BOOK3E
418 addi r12,r13,PACA_EXTLB /* and TLB exc frame in another */
419 mtspr SPRN_SPRG_TLB_EXFRAME,r12
420#endif
421
422 /* From now on, r24 is expected to be logical cpuid */
423 mr r24,r5
424
425 /* See if we need to call a cpu state restore handler */
426 LOAD_REG_ADDR(r23, cur_cpu_spec)
427 ld r23,0(r23)
428 ld r12,CPU_SPEC_RESTORE(r23)
429 cmpdi 0,r12,0
430 beq 3f
431#ifdef PPC64_ELF_ABI_v1
432 ld r12,0(r12)
433#endif
434 mtctr r12
435 bctrl
436
4373: LOAD_REG_ADDR(r3, spinning_secondaries) /* Decrement spinning_secondaries */
438 lwarx r4,0,r3
439 subi r4,r4,1
440 stwcx. r4,0,r3
441 bne 3b
442 isync
443
4444: HMT_LOW
445 lbz r23,PACAPROCSTART(r13) /* Test if this processor should */
446 /* start. */
447 cmpwi 0,r23,0
448 beq 4b /* Loop until told to go */
449
450 sync /* order paca.run and cur_cpu_spec */
451 isync /* In case code patching happened */
452
453 /* Create a temp kernel stack for use before relocation is on. */
454 ld r1,PACAEMERGSP(r13)
455 subi r1,r1,STACK_FRAME_OVERHEAD
456
457 b __secondary_start
458#endif /* SMP */
459
460/*
461 * Turn the MMU off.
462 * Assumes we're mapped EA == RA if the MMU is on.
463 */
464#ifdef CONFIG_PPC_BOOK3S
465__mmu_off:
466 mfmsr r3
467 andi. r0,r3,MSR_IR|MSR_DR
468 beqlr
469 mflr r4
470 andc r3,r3,r0
471 mtspr SPRN_SRR0,r4
472 mtspr SPRN_SRR1,r3
473 sync
474 rfid
475 b . /* prevent speculative execution */
476#endif
477
478
479/*
480 * Here is our main kernel entry point. We support currently 2 kind of entries
481 * depending on the value of r5.
482 *
483 * r5 != NULL -> OF entry, we go to prom_init, "legacy" parameter content
484 * in r3...r7
485 *
486 * r5 == NULL -> kexec style entry. r3 is a physical pointer to the
487 * DT block, r4 is a physical pointer to the kernel itself
488 *
489 */
490__start_initialization_multiplatform:
491 /* Make sure we are running in 64 bits mode */
492 bl enable_64b_mode
493
494 /* Get TOC pointer (current runtime address) */
495 bl relative_toc
496
497 /* find out where we are now */
498 bcl 20,31,$+4
4990: mflr r26 /* r26 = runtime addr here */
500 addis r26,r26,(_stext - 0b)@ha
501 addi r26,r26,(_stext - 0b)@l /* current runtime base addr */
502
503 /*
504 * Are we booted from a PROM Of-type client-interface ?
505 */
506 cmpldi cr0,r5,0
507 beq 1f
508 b __boot_from_prom /* yes -> prom */
5091:
510 /* Save parameters */
511 mr r31,r3
512 mr r30,r4
513#ifdef CONFIG_PPC_EARLY_DEBUG_OPAL
514 /* Save OPAL entry */
515 mr r28,r8
516 mr r29,r9
517#endif
518
519#ifdef CONFIG_PPC_BOOK3E
520 bl start_initialization_book3e
521 b __after_prom_start
522#else
523 /* Setup some critical 970 SPRs before switching MMU off */
524 mfspr r0,SPRN_PVR
525 srwi r0,r0,16
526 cmpwi r0,0x39 /* 970 */
527 beq 1f
528 cmpwi r0,0x3c /* 970FX */
529 beq 1f
530 cmpwi r0,0x44 /* 970MP */
531 beq 1f
532 cmpwi r0,0x45 /* 970GX */
533 bne 2f
5341: bl __cpu_preinit_ppc970
5352:
536
537 /* Switch off MMU if not already off */
538 bl __mmu_off
539 b __after_prom_start
540#endif /* CONFIG_PPC_BOOK3E */
541
542__boot_from_prom:
543#ifdef CONFIG_PPC_OF_BOOT_TRAMPOLINE
544 /* Save parameters */
545 mr r31,r3
546 mr r30,r4
547 mr r29,r5
548 mr r28,r6
549 mr r27,r7
550
551 /*
552 * Align the stack to 16-byte boundary
553 * Depending on the size and layout of the ELF sections in the initial
554 * boot binary, the stack pointer may be unaligned on PowerMac
555 */
556 rldicr r1,r1,0,59
557
558#ifdef CONFIG_RELOCATABLE
559 /* Relocate code for where we are now */
560 mr r3,r26
561 bl relocate
562#endif
563
564 /* Restore parameters */
565 mr r3,r31
566 mr r4,r30
567 mr r5,r29
568 mr r6,r28
569 mr r7,r27
570
571 /* Do all of the interaction with OF client interface */
572 mr r8,r26
573 bl prom_init
574#endif /* #CONFIG_PPC_OF_BOOT_TRAMPOLINE */
575
576 /* We never return. We also hit that trap if trying to boot
577 * from OF while CONFIG_PPC_OF_BOOT_TRAMPOLINE isn't selected */
578 trap
579
580__after_prom_start:
581#ifdef CONFIG_RELOCATABLE
582 /* process relocations for the final address of the kernel */
583 lis r25,PAGE_OFFSET@highest /* compute virtual base of kernel */
584 sldi r25,r25,32
585#if defined(CONFIG_PPC_BOOK3E)
586 tovirt(r26,r26) /* on booke, we already run at PAGE_OFFSET */
587#endif
588 lwz r7,(FIXED_SYMBOL_ABS_ADDR(__run_at_load))(r26)
589#if defined(CONFIG_PPC_BOOK3E)
590 tophys(r26,r26)
591#endif
592 cmplwi cr0,r7,1 /* flagged to stay where we are ? */
593 bne 1f
594 add r25,r25,r26
5951: mr r3,r25
596 bl relocate
597#if defined(CONFIG_PPC_BOOK3E)
598 /* IVPR needs to be set after relocation. */
599 bl init_core_book3e
600#endif
601#endif
602
603/*
604 * We need to run with _stext at physical address PHYSICAL_START.
605 * This will leave some code in the first 256B of
606 * real memory, which are reserved for software use.
607 *
608 * Note: This process overwrites the OF exception vectors.
609 */
610 li r3,0 /* target addr */
611#ifdef CONFIG_PPC_BOOK3E
612 tovirt(r3,r3) /* on booke, we already run at PAGE_OFFSET */
613#endif
614 mr. r4,r26 /* In some cases the loader may */
615#if defined(CONFIG_PPC_BOOK3E)
616 tovirt(r4,r4)
617#endif
618 beq 9f /* have already put us at zero */
619 li r6,0x100 /* Start offset, the first 0x100 */
620 /* bytes were copied earlier. */
621
622#ifdef CONFIG_RELOCATABLE
623/*
624 * Check if the kernel has to be running as relocatable kernel based on the
625 * variable __run_at_load, if it is set the kernel is treated as relocatable
626 * kernel, otherwise it will be moved to PHYSICAL_START
627 */
628#if defined(CONFIG_PPC_BOOK3E)
629 tovirt(r26,r26) /* on booke, we already run at PAGE_OFFSET */
630#endif
631 lwz r7,(FIXED_SYMBOL_ABS_ADDR(__run_at_load))(r26)
632 cmplwi cr0,r7,1
633 bne 3f
634
635#ifdef CONFIG_PPC_BOOK3E
636 LOAD_REG_ADDR(r5, __end_interrupts)
637 LOAD_REG_ADDR(r11, _stext)
638 sub r5,r5,r11
639#else
640 /* just copy interrupts */
641 LOAD_REG_IMMEDIATE(r5, FIXED_SYMBOL_ABS_ADDR(__end_interrupts))
642#endif
643 b 5f
6443:
645#endif
646 /* # bytes of memory to copy */
647 lis r5,(ABS_ADDR(copy_to_here))@ha
648 addi r5,r5,(ABS_ADDR(copy_to_here))@l
649
650 bl copy_and_flush /* copy the first n bytes */
651 /* this includes the code being */
652 /* executed here. */
653 /* Jump to the copy of this code that we just made */
654 addis r8,r3,(ABS_ADDR(4f))@ha
655 addi r12,r8,(ABS_ADDR(4f))@l
656 mtctr r12
657 bctr
658
659.balign 8
660p_end: .8byte _end - copy_to_here
661
6624:
663 /*
664 * Now copy the rest of the kernel up to _end, add
665 * _end - copy_to_here to the copy limit and run again.
666 */
667 addis r8,r26,(ABS_ADDR(p_end))@ha
668 ld r8,(ABS_ADDR(p_end))@l(r8)
669 add r5,r5,r8
6705: bl copy_and_flush /* copy the rest */
671
6729: b start_here_multiplatform
673
674/*
675 * Copy routine used to copy the kernel to start at physical address 0
676 * and flush and invalidate the caches as needed.
677 * r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset
678 * on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5.
679 *
680 * Note: this routine *only* clobbers r0, r6 and lr
681 */
682_GLOBAL(copy_and_flush)
683 addi r5,r5,-8
684 addi r6,r6,-8
6854: li r0,8 /* Use the smallest common */
686 /* denominator cache line */
687 /* size. This results in */
688 /* extra cache line flushes */
689 /* but operation is correct. */
690 /* Can't get cache line size */
691 /* from NACA as it is being */
692 /* moved too. */
693
694 mtctr r0 /* put # words/line in ctr */
6953: addi r6,r6,8 /* copy a cache line */
696 ldx r0,r6,r4
697 stdx r0,r6,r3
698 bdnz 3b
699 dcbst r6,r3 /* write it to memory */
700 sync
701 icbi r6,r3 /* flush the icache line */
702 cmpld 0,r6,r5
703 blt 4b
704 sync
705 addi r5,r5,8
706 addi r6,r6,8
707 isync
708 blr
709
710.align 8
711copy_to_here:
712
713#ifdef CONFIG_SMP
714#ifdef CONFIG_PPC_PMAC
715/*
716 * On PowerMac, secondary processors starts from the reset vector, which
717 * is temporarily turned into a call to one of the functions below.
718 */
719 .section ".text";
720 .align 2 ;
721
722 .globl __secondary_start_pmac_0
723__secondary_start_pmac_0:
724 /* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */
725 li r24,0
726 b 1f
727 li r24,1
728 b 1f
729 li r24,2
730 b 1f
731 li r24,3
7321:
733
734_GLOBAL(pmac_secondary_start)
735 /* turn on 64-bit mode */
736 bl enable_64b_mode
737
738 li r0,0
739 mfspr r3,SPRN_HID4
740 rldimi r3,r0,40,23 /* clear bit 23 (rm_ci) */
741 sync
742 mtspr SPRN_HID4,r3
743 isync
744 sync
745 slbia
746
747 /* get TOC pointer (real address) */
748 bl relative_toc
749 tovirt(r2,r2)
750
751 /* Copy some CPU settings from CPU 0 */
752 bl __restore_cpu_ppc970
753
754 /* pSeries do that early though I don't think we really need it */
755 mfmsr r3
756 ori r3,r3,MSR_RI
757 mtmsrd r3 /* RI on */
758
759 /* Set up a paca value for this processor. */
760 LOAD_REG_ADDR(r4,paca_ptrs) /* Load paca pointer */
761 ld r4,0(r4) /* Get base vaddr of paca_ptrs array */
762 sldi r5,r24,3 /* get paca_ptrs[] index from cpu id */
763 ldx r13,r5,r4 /* r13 = paca_ptrs[cpu id] */
764 SET_PACA(r13) /* Save vaddr of paca in an SPRG*/
765
766 /* Mark interrupts soft and hard disabled (they might be enabled
767 * in the PACA when doing hotplug)
768 */
769 li r0,IRQS_DISABLED
770 stb r0,PACAIRQSOFTMASK(r13)
771 li r0,PACA_IRQ_HARD_DIS
772 stb r0,PACAIRQHAPPENED(r13)
773
774 /* Create a temp kernel stack for use before relocation is on. */
775 ld r1,PACAEMERGSP(r13)
776 subi r1,r1,STACK_FRAME_OVERHEAD
777
778 b __secondary_start
779
780#endif /* CONFIG_PPC_PMAC */
781
782/*
783 * This function is called after the master CPU has released the
784 * secondary processors. The execution environment is relocation off.
785 * The paca for this processor has the following fields initialized at
786 * this point:
787 * 1. Processor number
788 * 2. Segment table pointer (virtual address)
789 * On entry the following are set:
790 * r1 = stack pointer (real addr of temp stack)
791 * r24 = cpu# (in Linux terms)
792 * r13 = paca virtual address
793 * SPRG_PACA = paca virtual address
794 */
795 .section ".text";
796 .align 2 ;
797
798 .globl __secondary_start
799__secondary_start:
800 /* Set thread priority to MEDIUM */
801 HMT_MEDIUM
802
803 /* Initialize the kernel stack */
804 LOAD_REG_ADDR(r3, current_set)
805 sldi r28,r24,3 /* get current_set[cpu#] */
806 ldx r14,r3,r28
807 addi r14,r14,THREAD_SIZE-STACK_FRAME_OVERHEAD
808 std r14,PACAKSAVE(r13)
809
810 /* Do early setup for that CPU (SLB and hash table pointer) */
811 bl early_setup_secondary
812
813 /*
814 * setup the new stack pointer, but *don't* use this until
815 * translation is on.
816 */
817 mr r1, r14
818
819 /* Clear backchain so we get nice backtraces */
820 li r7,0
821 mtlr r7
822
823 /* Mark interrupts soft and hard disabled (they might be enabled
824 * in the PACA when doing hotplug)
825 */
826 li r7,IRQS_DISABLED
827 stb r7,PACAIRQSOFTMASK(r13)
828 li r0,PACA_IRQ_HARD_DIS
829 stb r0,PACAIRQHAPPENED(r13)
830
831 /* enable MMU and jump to start_secondary */
832 LOAD_REG_ADDR(r3, start_secondary_prolog)
833 LOAD_REG_IMMEDIATE(r4, MSR_KERNEL)
834
835 mtspr SPRN_SRR0,r3
836 mtspr SPRN_SRR1,r4
837 RFI
838 b . /* prevent speculative execution */
839
840/*
841 * Running with relocation on at this point. All we want to do is
842 * zero the stack back-chain pointer and get the TOC virtual address
843 * before going into C code.
844 */
845start_secondary_prolog:
846 ld r2,PACATOC(r13)
847 li r3,0
848 std r3,0(r1) /* Zero the stack frame pointer */
849 bl start_secondary
850 b .
851/*
852 * Reset stack pointer and call start_secondary
853 * to continue with online operation when woken up
854 * from cede in cpu offline.
855 */
856_GLOBAL(start_secondary_resume)
857 ld r1,PACAKSAVE(r13) /* Reload kernel stack pointer */
858 li r3,0
859 std r3,0(r1) /* Zero the stack frame pointer */
860 bl start_secondary
861 b .
862#endif
863
864/*
865 * This subroutine clobbers r11 and r12
866 */
867enable_64b_mode:
868 mfmsr r11 /* grab the current MSR */
869#ifdef CONFIG_PPC_BOOK3E
870 oris r11,r11,0x8000 /* CM bit set, we'll set ICM later */
871 mtmsr r11
872#else /* CONFIG_PPC_BOOK3E */
873 li r12,(MSR_64BIT | MSR_ISF)@highest
874 sldi r12,r12,48
875 or r11,r11,r12
876 mtmsrd r11
877 isync
878#endif
879 blr
880
881/*
882 * This puts the TOC pointer into r2, offset by 0x8000 (as expected
883 * by the toolchain). It computes the correct value for wherever we
884 * are running at the moment, using position-independent code.
885 *
886 * Note: The compiler constructs pointers using offsets from the
887 * TOC in -mcmodel=medium mode. After we relocate to 0 but before
888 * the MMU is on we need our TOC to be a virtual address otherwise
889 * these pointers will be real addresses which may get stored and
890 * accessed later with the MMU on. We use tovirt() at the call
891 * sites to handle this.
892 */
893_GLOBAL(relative_toc)
894 mflr r0
895 bcl 20,31,$+4
8960: mflr r11
897 ld r2,(p_toc - 0b)(r11)
898 add r2,r2,r11
899 mtlr r0
900 blr
901
902.balign 8
903p_toc: .8byte __toc_start + 0x8000 - 0b
904
905/*
906 * This is where the main kernel code starts.
907 */
908start_here_multiplatform:
909 /* set up the TOC */
910 bl relative_toc
911 tovirt(r2,r2)
912
913 /* Clear out the BSS. It may have been done in prom_init,
914 * already but that's irrelevant since prom_init will soon
915 * be detached from the kernel completely. Besides, we need
916 * to clear it now for kexec-style entry.
917 */
918 LOAD_REG_ADDR(r11,__bss_stop)
919 LOAD_REG_ADDR(r8,__bss_start)
920 sub r11,r11,r8 /* bss size */
921 addi r11,r11,7 /* round up to an even double word */
922 srdi. r11,r11,3 /* shift right by 3 */
923 beq 4f
924 addi r8,r8,-8
925 li r0,0
926 mtctr r11 /* zero this many doublewords */
9273: stdu r0,8(r8)
928 bdnz 3b
9294:
930
931#ifdef CONFIG_PPC_EARLY_DEBUG_OPAL
932 /* Setup OPAL entry */
933 LOAD_REG_ADDR(r11, opal)
934 std r28,0(r11);
935 std r29,8(r11);
936#endif
937
938#ifndef CONFIG_PPC_BOOK3E
939 mfmsr r6
940 ori r6,r6,MSR_RI
941 mtmsrd r6 /* RI on */
942#endif
943
944#ifdef CONFIG_RELOCATABLE
945 /* Save the physical address we're running at in kernstart_addr */
946 LOAD_REG_ADDR(r4, kernstart_addr)
947 clrldi r0,r25,2
948 std r0,0(r4)
949#endif
950
951 /* The following gets the stack set up with the regs */
952 /* pointing to the real addr of the kernel stack. This is */
953 /* all done to support the C function call below which sets */
954 /* up the htab. This is done because we have relocated the */
955 /* kernel but are still running in real mode. */
956
957 LOAD_REG_ADDR(r3,init_thread_union)
958
959 /* set up a stack pointer */
960 LOAD_REG_IMMEDIATE(r1,THREAD_SIZE)
961 add r1,r3,r1
962 li r0,0
963 stdu r0,-STACK_FRAME_OVERHEAD(r1)
964
965 /*
966 * Do very early kernel initializations, including initial hash table
967 * and SLB setup before we turn on relocation.
968 */
969
970 /* Restore parameters passed from prom_init/kexec */
971 mr r3,r31
972 bl early_setup /* also sets r13 and SPRG_PACA */
973
974 LOAD_REG_ADDR(r3, start_here_common)
975 ld r4,PACAKMSR(r13)
976 mtspr SPRN_SRR0,r3
977 mtspr SPRN_SRR1,r4
978 RFI
979 b . /* prevent speculative execution */
980
981 /* This is where all platforms converge execution */
982
983start_here_common:
984 /* relocation is on at this point */
985 std r1,PACAKSAVE(r13)
986
987 /* Load the TOC (virtual address) */
988 ld r2,PACATOC(r13)
989
990 /* Mark interrupts soft and hard disabled (they might be enabled
991 * in the PACA when doing hotplug)
992 */
993 li r0,IRQS_DISABLED
994 stb r0,PACAIRQSOFTMASK(r13)
995 li r0,PACA_IRQ_HARD_DIS
996 stb r0,PACAIRQHAPPENED(r13)
997
998 /* Generic kernel entry */
999 bl start_kernel
1000
1001 /* Not reached */
1002 BUG_OPCODE
1003
1004/*
1005 * We put a few things here that have to be page-aligned.
1006 * This stuff goes at the beginning of the bss, which is page-aligned.
1007 */
1008 .section ".bss"
1009/*
1010 * pgd dir should be aligned to PGD_TABLE_SIZE which is 64K.
1011 * We will need to find a better way to fix this
1012 */
1013 .align 16
1014
1015 .globl swapper_pg_dir
1016swapper_pg_dir:
1017 .space PGD_TABLE_SIZE
1018
1019 .globl empty_zero_page
1020empty_zero_page:
1021 .space PAGE_SIZE
1022EXPORT_SYMBOL(empty_zero_page)
1/*
2 * PowerPC version
3 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
4 *
5 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
6 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
7 * Adapted for Power Macintosh by Paul Mackerras.
8 * Low-level exception handlers and MMU support
9 * rewritten by Paul Mackerras.
10 * Copyright (C) 1996 Paul Mackerras.
11 *
12 * Adapted for 64bit PowerPC by Dave Engebretsen, Peter Bergner, and
13 * Mike Corrigan {engebret|bergner|mikejc}@us.ibm.com
14 *
15 * This file contains the entry point for the 64-bit kernel along
16 * with some early initialization code common to all 64-bit powerpc
17 * variants.
18 *
19 * This program is free software; you can redistribute it and/or
20 * modify it under the terms of the GNU General Public License
21 * as published by the Free Software Foundation; either version
22 * 2 of the License, or (at your option) any later version.
23 */
24
25#include <linux/threads.h>
26#include <linux/init.h>
27#include <asm/reg.h>
28#include <asm/page.h>
29#include <asm/mmu.h>
30#include <asm/ppc_asm.h>
31#include <asm/head-64.h>
32#include <asm/asm-offsets.h>
33#include <asm/bug.h>
34#include <asm/cputable.h>
35#include <asm/setup.h>
36#include <asm/hvcall.h>
37#include <asm/thread_info.h>
38#include <asm/firmware.h>
39#include <asm/page_64.h>
40#include <asm/irqflags.h>
41#include <asm/kvm_book3s_asm.h>
42#include <asm/ptrace.h>
43#include <asm/hw_irq.h>
44#include <asm/cputhreads.h>
45#include <asm/ppc-opcode.h>
46#include <asm/export.h>
47
48/* The physical memory is laid out such that the secondary processor
49 * spin code sits at 0x0000...0x00ff. On server, the vectors follow
50 * using the layout described in exceptions-64s.S
51 */
52
53/*
54 * Entering into this code we make the following assumptions:
55 *
56 * For pSeries or server processors:
57 * 1. The MMU is off & open firmware is running in real mode.
58 * 2. The kernel is entered at __start
59 * -or- For OPAL entry:
60 * 1. The MMU is off, processor in HV mode, primary CPU enters at 0
61 * with device-tree in gpr3. We also get OPAL base in r8 and
62 * entry in r9 for debugging purposes
63 * 2. Secondary processors enter at 0x60 with PIR in gpr3
64 *
65 * For Book3E processors:
66 * 1. The MMU is on running in AS0 in a state defined in ePAPR
67 * 2. The kernel is entered at __start
68 */
69
70OPEN_FIXED_SECTION(first_256B, 0x0, 0x100)
71USE_FIXED_SECTION(first_256B)
72 /*
73 * Offsets are relative from the start of fixed section, and
74 * first_256B starts at 0. Offsets are a bit easier to use here
75 * than the fixed section entry macros.
76 */
77 . = 0x0
78_GLOBAL(__start)
79 /* NOP this out unconditionally */
80BEGIN_FTR_SECTION
81 FIXUP_ENDIAN
82 b __start_initialization_multiplatform
83END_FTR_SECTION(0, 1)
84
85 /* Catch branch to 0 in real mode */
86 trap
87
88 /* Secondary processors spin on this value until it becomes non-zero.
89 * When non-zero, it contains the real address of the function the cpu
90 * should jump to.
91 */
92 .balign 8
93 .globl __secondary_hold_spinloop
94__secondary_hold_spinloop:
95 .llong 0x0
96
97 /* Secondary processors write this value with their cpu # */
98 /* after they enter the spin loop immediately below. */
99 .globl __secondary_hold_acknowledge
100__secondary_hold_acknowledge:
101 .llong 0x0
102
103#ifdef CONFIG_RELOCATABLE
104 /* This flag is set to 1 by a loader if the kernel should run
105 * at the loaded address instead of the linked address. This
106 * is used by kexec-tools to keep the the kdump kernel in the
107 * crash_kernel region. The loader is responsible for
108 * observing the alignment requirement.
109 */
110
111#ifdef CONFIG_RELOCATABLE_TEST
112#define RUN_AT_LOAD_DEFAULT 1 /* Test relocation, do not copy to 0 */
113#else
114#define RUN_AT_LOAD_DEFAULT 0x72756e30 /* "run0" -- relocate to 0 by default */
115#endif
116
117 /* Do not move this variable as kexec-tools knows about it. */
118 . = 0x5c
119 .globl __run_at_load
120__run_at_load:
121DEFINE_FIXED_SYMBOL(__run_at_load)
122 .long RUN_AT_LOAD_DEFAULT
123#endif
124
125 . = 0x60
126/*
127 * The following code is used to hold secondary processors
128 * in a spin loop after they have entered the kernel, but
129 * before the bulk of the kernel has been relocated. This code
130 * is relocated to physical address 0x60 before prom_init is run.
131 * All of it must fit below the first exception vector at 0x100.
132 * Use .globl here not _GLOBAL because we want __secondary_hold
133 * to be the actual text address, not a descriptor.
134 */
135 .globl __secondary_hold
136__secondary_hold:
137 FIXUP_ENDIAN
138#ifndef CONFIG_PPC_BOOK3E
139 mfmsr r24
140 ori r24,r24,MSR_RI
141 mtmsrd r24 /* RI on */
142#endif
143 /* Grab our physical cpu number */
144 mr r24,r3
145 /* stash r4 for book3e */
146 mr r25,r4
147
148 /* Tell the master cpu we're here */
149 /* Relocation is off & we are located at an address less */
150 /* than 0x100, so only need to grab low order offset. */
151 std r24,(ABS_ADDR(__secondary_hold_acknowledge))(0)
152 sync
153
154 li r26,0
155#ifdef CONFIG_PPC_BOOK3E
156 tovirt(r26,r26)
157#endif
158 /* All secondary cpus wait here until told to start. */
159100: ld r12,(ABS_ADDR(__secondary_hold_spinloop))(r26)
160 cmpdi 0,r12,0
161 beq 100b
162
163#if defined(CONFIG_SMP) || defined(CONFIG_KEXEC_CORE)
164#ifdef CONFIG_PPC_BOOK3E
165 tovirt(r12,r12)
166#endif
167 mtctr r12
168 mr r3,r24
169 /*
170 * it may be the case that other platforms have r4 right to
171 * begin with, this gives us some safety in case it is not
172 */
173#ifdef CONFIG_PPC_BOOK3E
174 mr r4,r25
175#else
176 li r4,0
177#endif
178 /* Make sure that patched code is visible */
179 isync
180 bctr
181#else
182 BUG_OPCODE
183#endif
184CLOSE_FIXED_SECTION(first_256B)
185
186/* This value is used to mark exception frames on the stack. */
187 .section ".toc","aw"
188exception_marker:
189 .tc ID_72656773_68657265[TC],0x7265677368657265
190 .previous
191
192/*
193 * On server, we include the exception vectors code here as it
194 * relies on absolute addressing which is only possible within
195 * this compilation unit
196 */
197#ifdef CONFIG_PPC_BOOK3S
198#include "exceptions-64s.S"
199#else
200OPEN_TEXT_SECTION(0x100)
201#endif
202
203USE_TEXT_SECTION()
204
205#ifdef CONFIG_PPC_BOOK3E
206/*
207 * The booting_thread_hwid holds the thread id we want to boot in cpu
208 * hotplug case. It is set by cpu hotplug code, and is invalid by default.
209 * The thread id is the same as the initial value of SPRN_PIR[THREAD_ID]
210 * bit field.
211 */
212 .globl booting_thread_hwid
213booting_thread_hwid:
214 .long INVALID_THREAD_HWID
215 .align 3
216/*
217 * start a thread in the same core
218 * input parameters:
219 * r3 = the thread physical id
220 * r4 = the entry point where thread starts
221 */
222_GLOBAL(book3e_start_thread)
223 LOAD_REG_IMMEDIATE(r5, MSR_KERNEL)
224 cmpwi r3, 0
225 beq 10f
226 cmpwi r3, 1
227 beq 11f
228 /* If the thread id is invalid, just exit. */
229 b 13f
23010:
231 MTTMR(TMRN_IMSR0, 5)
232 MTTMR(TMRN_INIA0, 4)
233 b 12f
23411:
235 MTTMR(TMRN_IMSR1, 5)
236 MTTMR(TMRN_INIA1, 4)
23712:
238 isync
239 li r6, 1
240 sld r6, r6, r3
241 mtspr SPRN_TENS, r6
24213:
243 blr
244
245/*
246 * stop a thread in the same core
247 * input parameter:
248 * r3 = the thread physical id
249 */
250_GLOBAL(book3e_stop_thread)
251 cmpwi r3, 0
252 beq 10f
253 cmpwi r3, 1
254 beq 10f
255 /* If the thread id is invalid, just exit. */
256 b 13f
25710:
258 li r4, 1
259 sld r4, r4, r3
260 mtspr SPRN_TENC, r4
26113:
262 blr
263
264_GLOBAL(fsl_secondary_thread_init)
265 mfspr r4,SPRN_BUCSR
266
267 /* Enable branch prediction */
268 lis r3,BUCSR_INIT@h
269 ori r3,r3,BUCSR_INIT@l
270 mtspr SPRN_BUCSR,r3
271 isync
272
273 /*
274 * Fix PIR to match the linear numbering in the device tree.
275 *
276 * On e6500, the reset value of PIR uses the low three bits for
277 * the thread within a core, and the upper bits for the core
278 * number. There are two threads per core, so shift everything
279 * but the low bit right by two bits so that the cpu numbering is
280 * continuous.
281 *
282 * If the old value of BUCSR is non-zero, this thread has run
283 * before. Thus, we assume we are coming from kexec or a similar
284 * scenario, and PIR is already set to the correct value. This
285 * is a bit of a hack, but there are limited opportunities for
286 * getting information into the thread and the alternatives
287 * seemed like they'd be overkill. We can't tell just by looking
288 * at the old PIR value which state it's in, since the same value
289 * could be valid for one thread out of reset and for a different
290 * thread in Linux.
291 */
292
293 mfspr r3, SPRN_PIR
294 cmpwi r4,0
295 bne 1f
296 rlwimi r3, r3, 30, 2, 30
297 mtspr SPRN_PIR, r3
2981:
299#endif
300
301_GLOBAL(generic_secondary_thread_init)
302 mr r24,r3
303
304 /* turn on 64-bit mode */
305 bl enable_64b_mode
306
307 /* get a valid TOC pointer, wherever we're mapped at */
308 bl relative_toc
309 tovirt(r2,r2)
310
311#ifdef CONFIG_PPC_BOOK3E
312 /* Book3E initialization */
313 mr r3,r24
314 bl book3e_secondary_thread_init
315#endif
316 b generic_secondary_common_init
317
318/*
319 * On pSeries and most other platforms, secondary processors spin
320 * in the following code.
321 * At entry, r3 = this processor's number (physical cpu id)
322 *
323 * On Book3E, r4 = 1 to indicate that the initial TLB entry for
324 * this core already exists (setup via some other mechanism such
325 * as SCOM before entry).
326 */
327_GLOBAL(generic_secondary_smp_init)
328 FIXUP_ENDIAN
329 mr r24,r3
330 mr r25,r4
331
332 /* turn on 64-bit mode */
333 bl enable_64b_mode
334
335 /* get a valid TOC pointer, wherever we're mapped at */
336 bl relative_toc
337 tovirt(r2,r2)
338
339#ifdef CONFIG_PPC_BOOK3E
340 /* Book3E initialization */
341 mr r3,r24
342 mr r4,r25
343 bl book3e_secondary_core_init
344
345/*
346 * After common core init has finished, check if the current thread is the
347 * one we wanted to boot. If not, start the specified thread and stop the
348 * current thread.
349 */
350 LOAD_REG_ADDR(r4, booting_thread_hwid)
351 lwz r3, 0(r4)
352 li r5, INVALID_THREAD_HWID
353 cmpw r3, r5
354 beq 20f
355
356 /*
357 * The value of booting_thread_hwid has been stored in r3,
358 * so make it invalid.
359 */
360 stw r5, 0(r4)
361
362 /*
363 * Get the current thread id and check if it is the one we wanted.
364 * If not, start the one specified in booting_thread_hwid and stop
365 * the current thread.
366 */
367 mfspr r8, SPRN_TIR
368 cmpw r3, r8
369 beq 20f
370
371 /* start the specified thread */
372 LOAD_REG_ADDR(r5, fsl_secondary_thread_init)
373 ld r4, 0(r5)
374 bl book3e_start_thread
375
376 /* stop the current thread */
377 mr r3, r8
378 bl book3e_stop_thread
37910:
380 b 10b
38120:
382#endif
383
384generic_secondary_common_init:
385 /* Set up a paca value for this processor. Since we have the
386 * physical cpu id in r24, we need to search the pacas to find
387 * which logical id maps to our physical one.
388 */
389 LOAD_REG_ADDR(r13, paca) /* Load paca pointer */
390 ld r13,0(r13) /* Get base vaddr of paca array */
391#ifndef CONFIG_SMP
392 addi r13,r13,PACA_SIZE /* know r13 if used accidentally */
393 b kexec_wait /* wait for next kernel if !SMP */
394#else
395 LOAD_REG_ADDR(r7, nr_cpu_ids) /* Load nr_cpu_ids address */
396 lwz r7,0(r7) /* also the max paca allocated */
397 li r5,0 /* logical cpu id */
3981: lhz r6,PACAHWCPUID(r13) /* Load HW procid from paca */
399 cmpw r6,r24 /* Compare to our id */
400 beq 2f
401 addi r13,r13,PACA_SIZE /* Loop to next PACA on miss */
402 addi r5,r5,1
403 cmpw r5,r7 /* Check if more pacas exist */
404 blt 1b
405
406 mr r3,r24 /* not found, copy phys to r3 */
407 b kexec_wait /* next kernel might do better */
408
4092: SET_PACA(r13)
410#ifdef CONFIG_PPC_BOOK3E
411 addi r12,r13,PACA_EXTLB /* and TLB exc frame in another */
412 mtspr SPRN_SPRG_TLB_EXFRAME,r12
413#endif
414
415 /* From now on, r24 is expected to be logical cpuid */
416 mr r24,r5
417
418 /* See if we need to call a cpu state restore handler */
419 LOAD_REG_ADDR(r23, cur_cpu_spec)
420 ld r23,0(r23)
421 ld r12,CPU_SPEC_RESTORE(r23)
422 cmpdi 0,r12,0
423 beq 3f
424#ifdef PPC64_ELF_ABI_v1
425 ld r12,0(r12)
426#endif
427 mtctr r12
428 bctrl
429
4303: LOAD_REG_ADDR(r3, spinning_secondaries) /* Decrement spinning_secondaries */
431 lwarx r4,0,r3
432 subi r4,r4,1
433 stwcx. r4,0,r3
434 bne 3b
435 isync
436
4374: HMT_LOW
438 lbz r23,PACAPROCSTART(r13) /* Test if this processor should */
439 /* start. */
440 cmpwi 0,r23,0
441 beq 4b /* Loop until told to go */
442
443 sync /* order paca.run and cur_cpu_spec */
444 isync /* In case code patching happened */
445
446 /* Create a temp kernel stack for use before relocation is on. */
447 ld r1,PACAEMERGSP(r13)
448 subi r1,r1,STACK_FRAME_OVERHEAD
449
450 b __secondary_start
451#endif /* SMP */
452
453/*
454 * Turn the MMU off.
455 * Assumes we're mapped EA == RA if the MMU is on.
456 */
457#ifdef CONFIG_PPC_BOOK3S
458__mmu_off:
459 mfmsr r3
460 andi. r0,r3,MSR_IR|MSR_DR
461 beqlr
462 mflr r4
463 andc r3,r3,r0
464 mtspr SPRN_SRR0,r4
465 mtspr SPRN_SRR1,r3
466 sync
467 rfid
468 b . /* prevent speculative execution */
469#endif
470
471
472/*
473 * Here is our main kernel entry point. We support currently 2 kind of entries
474 * depending on the value of r5.
475 *
476 * r5 != NULL -> OF entry, we go to prom_init, "legacy" parameter content
477 * in r3...r7
478 *
479 * r5 == NULL -> kexec style entry. r3 is a physical pointer to the
480 * DT block, r4 is a physical pointer to the kernel itself
481 *
482 */
483__start_initialization_multiplatform:
484 /* Make sure we are running in 64 bits mode */
485 bl enable_64b_mode
486
487 /* Get TOC pointer (current runtime address) */
488 bl relative_toc
489
490 /* find out where we are now */
491 bcl 20,31,$+4
4920: mflr r26 /* r26 = runtime addr here */
493 addis r26,r26,(_stext - 0b)@ha
494 addi r26,r26,(_stext - 0b)@l /* current runtime base addr */
495
496 /*
497 * Are we booted from a PROM Of-type client-interface ?
498 */
499 cmpldi cr0,r5,0
500 beq 1f
501 b __boot_from_prom /* yes -> prom */
5021:
503 /* Save parameters */
504 mr r31,r3
505 mr r30,r4
506#ifdef CONFIG_PPC_EARLY_DEBUG_OPAL
507 /* Save OPAL entry */
508 mr r28,r8
509 mr r29,r9
510#endif
511
512#ifdef CONFIG_PPC_BOOK3E
513 bl start_initialization_book3e
514 b __after_prom_start
515#else
516 /* Setup some critical 970 SPRs before switching MMU off */
517 mfspr r0,SPRN_PVR
518 srwi r0,r0,16
519 cmpwi r0,0x39 /* 970 */
520 beq 1f
521 cmpwi r0,0x3c /* 970FX */
522 beq 1f
523 cmpwi r0,0x44 /* 970MP */
524 beq 1f
525 cmpwi r0,0x45 /* 970GX */
526 bne 2f
5271: bl __cpu_preinit_ppc970
5282:
529
530 /* Switch off MMU if not already off */
531 bl __mmu_off
532 b __after_prom_start
533#endif /* CONFIG_PPC_BOOK3E */
534
535__boot_from_prom:
536#ifdef CONFIG_PPC_OF_BOOT_TRAMPOLINE
537 /* Save parameters */
538 mr r31,r3
539 mr r30,r4
540 mr r29,r5
541 mr r28,r6
542 mr r27,r7
543
544 /*
545 * Align the stack to 16-byte boundary
546 * Depending on the size and layout of the ELF sections in the initial
547 * boot binary, the stack pointer may be unaligned on PowerMac
548 */
549 rldicr r1,r1,0,59
550
551#ifdef CONFIG_RELOCATABLE
552 /* Relocate code for where we are now */
553 mr r3,r26
554 bl relocate
555#endif
556
557 /* Restore parameters */
558 mr r3,r31
559 mr r4,r30
560 mr r5,r29
561 mr r6,r28
562 mr r7,r27
563
564 /* Do all of the interaction with OF client interface */
565 mr r8,r26
566 bl prom_init
567#endif /* #CONFIG_PPC_OF_BOOT_TRAMPOLINE */
568
569 /* We never return. We also hit that trap if trying to boot
570 * from OF while CONFIG_PPC_OF_BOOT_TRAMPOLINE isn't selected */
571 trap
572
573__after_prom_start:
574#ifdef CONFIG_RELOCATABLE
575 /* process relocations for the final address of the kernel */
576 lis r25,PAGE_OFFSET@highest /* compute virtual base of kernel */
577 sldi r25,r25,32
578#if defined(CONFIG_PPC_BOOK3E)
579 tovirt(r26,r26) /* on booke, we already run at PAGE_OFFSET */
580#endif
581 lwz r7,(FIXED_SYMBOL_ABS_ADDR(__run_at_load))(r26)
582#if defined(CONFIG_PPC_BOOK3E)
583 tophys(r26,r26)
584#endif
585 cmplwi cr0,r7,1 /* flagged to stay where we are ? */
586 bne 1f
587 add r25,r25,r26
5881: mr r3,r25
589 bl relocate
590#if defined(CONFIG_PPC_BOOK3E)
591 /* IVPR needs to be set after relocation. */
592 bl init_core_book3e
593#endif
594#endif
595
596/*
597 * We need to run with _stext at physical address PHYSICAL_START.
598 * This will leave some code in the first 256B of
599 * real memory, which are reserved for software use.
600 *
601 * Note: This process overwrites the OF exception vectors.
602 */
603 li r3,0 /* target addr */
604#ifdef CONFIG_PPC_BOOK3E
605 tovirt(r3,r3) /* on booke, we already run at PAGE_OFFSET */
606#endif
607 mr. r4,r26 /* In some cases the loader may */
608#if defined(CONFIG_PPC_BOOK3E)
609 tovirt(r4,r4)
610#endif
611 beq 9f /* have already put us at zero */
612 li r6,0x100 /* Start offset, the first 0x100 */
613 /* bytes were copied earlier. */
614
615#ifdef CONFIG_RELOCATABLE
616/*
617 * Check if the kernel has to be running as relocatable kernel based on the
618 * variable __run_at_load, if it is set the kernel is treated as relocatable
619 * kernel, otherwise it will be moved to PHYSICAL_START
620 */
621#if defined(CONFIG_PPC_BOOK3E)
622 tovirt(r26,r26) /* on booke, we already run at PAGE_OFFSET */
623#endif
624 lwz r7,(FIXED_SYMBOL_ABS_ADDR(__run_at_load))(r26)
625 cmplwi cr0,r7,1
626 bne 3f
627
628#ifdef CONFIG_PPC_BOOK3E
629 LOAD_REG_ADDR(r5, __end_interrupts)
630 LOAD_REG_ADDR(r11, _stext)
631 sub r5,r5,r11
632#else
633 /* just copy interrupts */
634 LOAD_REG_IMMEDIATE(r5, FIXED_SYMBOL_ABS_ADDR(__end_interrupts))
635#endif
636 b 5f
6373:
638#endif
639 /* # bytes of memory to copy */
640 lis r5,(ABS_ADDR(copy_to_here))@ha
641 addi r5,r5,(ABS_ADDR(copy_to_here))@l
642
643 bl copy_and_flush /* copy the first n bytes */
644 /* this includes the code being */
645 /* executed here. */
646 /* Jump to the copy of this code that we just made */
647 addis r8,r3,(ABS_ADDR(4f))@ha
648 addi r12,r8,(ABS_ADDR(4f))@l
649 mtctr r12
650 bctr
651
652.balign 8
653p_end: .llong _end - copy_to_here
654
6554:
656 /*
657 * Now copy the rest of the kernel up to _end, add
658 * _end - copy_to_here to the copy limit and run again.
659 */
660 addis r8,r26,(ABS_ADDR(p_end))@ha
661 ld r8,(ABS_ADDR(p_end))@l(r8)
662 add r5,r5,r8
6635: bl copy_and_flush /* copy the rest */
664
6659: b start_here_multiplatform
666
667/*
668 * Copy routine used to copy the kernel to start at physical address 0
669 * and flush and invalidate the caches as needed.
670 * r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset
671 * on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5.
672 *
673 * Note: this routine *only* clobbers r0, r6 and lr
674 */
675_GLOBAL(copy_and_flush)
676 addi r5,r5,-8
677 addi r6,r6,-8
6784: li r0,8 /* Use the smallest common */
679 /* denominator cache line */
680 /* size. This results in */
681 /* extra cache line flushes */
682 /* but operation is correct. */
683 /* Can't get cache line size */
684 /* from NACA as it is being */
685 /* moved too. */
686
687 mtctr r0 /* put # words/line in ctr */
6883: addi r6,r6,8 /* copy a cache line */
689 ldx r0,r6,r4
690 stdx r0,r6,r3
691 bdnz 3b
692 dcbst r6,r3 /* write it to memory */
693 sync
694 icbi r6,r3 /* flush the icache line */
695 cmpld 0,r6,r5
696 blt 4b
697 sync
698 addi r5,r5,8
699 addi r6,r6,8
700 isync
701 blr
702
703.align 8
704copy_to_here:
705
706#ifdef CONFIG_SMP
707#ifdef CONFIG_PPC_PMAC
708/*
709 * On PowerMac, secondary processors starts from the reset vector, which
710 * is temporarily turned into a call to one of the functions below.
711 */
712 .section ".text";
713 .align 2 ;
714
715 .globl __secondary_start_pmac_0
716__secondary_start_pmac_0:
717 /* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */
718 li r24,0
719 b 1f
720 li r24,1
721 b 1f
722 li r24,2
723 b 1f
724 li r24,3
7251:
726
727_GLOBAL(pmac_secondary_start)
728 /* turn on 64-bit mode */
729 bl enable_64b_mode
730
731 li r0,0
732 mfspr r3,SPRN_HID4
733 rldimi r3,r0,40,23 /* clear bit 23 (rm_ci) */
734 sync
735 mtspr SPRN_HID4,r3
736 isync
737 sync
738 slbia
739
740 /* get TOC pointer (real address) */
741 bl relative_toc
742 tovirt(r2,r2)
743
744 /* Copy some CPU settings from CPU 0 */
745 bl __restore_cpu_ppc970
746
747 /* pSeries do that early though I don't think we really need it */
748 mfmsr r3
749 ori r3,r3,MSR_RI
750 mtmsrd r3 /* RI on */
751
752 /* Set up a paca value for this processor. */
753 LOAD_REG_ADDR(r4,paca) /* Load paca pointer */
754 ld r4,0(r4) /* Get base vaddr of paca array */
755 mulli r13,r24,PACA_SIZE /* Calculate vaddr of right paca */
756 add r13,r13,r4 /* for this processor. */
757 SET_PACA(r13) /* Save vaddr of paca in an SPRG*/
758
759 /* Mark interrupts soft and hard disabled (they might be enabled
760 * in the PACA when doing hotplug)
761 */
762 li r0,0
763 stb r0,PACASOFTIRQEN(r13)
764 li r0,PACA_IRQ_HARD_DIS
765 stb r0,PACAIRQHAPPENED(r13)
766
767 /* Create a temp kernel stack for use before relocation is on. */
768 ld r1,PACAEMERGSP(r13)
769 subi r1,r1,STACK_FRAME_OVERHEAD
770
771 b __secondary_start
772
773#endif /* CONFIG_PPC_PMAC */
774
775/*
776 * This function is called after the master CPU has released the
777 * secondary processors. The execution environment is relocation off.
778 * The paca for this processor has the following fields initialized at
779 * this point:
780 * 1. Processor number
781 * 2. Segment table pointer (virtual address)
782 * On entry the following are set:
783 * r1 = stack pointer (real addr of temp stack)
784 * r24 = cpu# (in Linux terms)
785 * r13 = paca virtual address
786 * SPRG_PACA = paca virtual address
787 */
788 .section ".text";
789 .align 2 ;
790
791 .globl __secondary_start
792__secondary_start:
793 /* Set thread priority to MEDIUM */
794 HMT_MEDIUM
795
796 /* Initialize the kernel stack */
797 LOAD_REG_ADDR(r3, current_set)
798 sldi r28,r24,3 /* get current_set[cpu#] */
799 ldx r14,r3,r28
800 addi r14,r14,THREAD_SIZE-STACK_FRAME_OVERHEAD
801 std r14,PACAKSAVE(r13)
802
803 /* Do early setup for that CPU (SLB and hash table pointer) */
804 bl early_setup_secondary
805
806 /*
807 * setup the new stack pointer, but *don't* use this until
808 * translation is on.
809 */
810 mr r1, r14
811
812 /* Clear backchain so we get nice backtraces */
813 li r7,0
814 mtlr r7
815
816 /* Mark interrupts soft and hard disabled (they might be enabled
817 * in the PACA when doing hotplug)
818 */
819 stb r7,PACASOFTIRQEN(r13)
820 li r0,PACA_IRQ_HARD_DIS
821 stb r0,PACAIRQHAPPENED(r13)
822
823 /* enable MMU and jump to start_secondary */
824 LOAD_REG_ADDR(r3, start_secondary_prolog)
825 LOAD_REG_IMMEDIATE(r4, MSR_KERNEL)
826
827 mtspr SPRN_SRR0,r3
828 mtspr SPRN_SRR1,r4
829 RFI
830 b . /* prevent speculative execution */
831
832/*
833 * Running with relocation on at this point. All we want to do is
834 * zero the stack back-chain pointer and get the TOC virtual address
835 * before going into C code.
836 */
837start_secondary_prolog:
838 ld r2,PACATOC(r13)
839 li r3,0
840 std r3,0(r1) /* Zero the stack frame pointer */
841 bl start_secondary
842 b .
843/*
844 * Reset stack pointer and call start_secondary
845 * to continue with online operation when woken up
846 * from cede in cpu offline.
847 */
848_GLOBAL(start_secondary_resume)
849 ld r1,PACAKSAVE(r13) /* Reload kernel stack pointer */
850 li r3,0
851 std r3,0(r1) /* Zero the stack frame pointer */
852 bl start_secondary
853 b .
854#endif
855
856/*
857 * This subroutine clobbers r11 and r12
858 */
859enable_64b_mode:
860 mfmsr r11 /* grab the current MSR */
861#ifdef CONFIG_PPC_BOOK3E
862 oris r11,r11,0x8000 /* CM bit set, we'll set ICM later */
863 mtmsr r11
864#else /* CONFIG_PPC_BOOK3E */
865 li r12,(MSR_64BIT | MSR_ISF)@highest
866 sldi r12,r12,48
867 or r11,r11,r12
868 mtmsrd r11
869 isync
870#endif
871 blr
872
873/*
874 * This puts the TOC pointer into r2, offset by 0x8000 (as expected
875 * by the toolchain). It computes the correct value for wherever we
876 * are running at the moment, using position-independent code.
877 *
878 * Note: The compiler constructs pointers using offsets from the
879 * TOC in -mcmodel=medium mode. After we relocate to 0 but before
880 * the MMU is on we need our TOC to be a virtual address otherwise
881 * these pointers will be real addresses which may get stored and
882 * accessed later with the MMU on. We use tovirt() at the call
883 * sites to handle this.
884 */
885_GLOBAL(relative_toc)
886 mflr r0
887 bcl 20,31,$+4
8880: mflr r11
889 ld r2,(p_toc - 0b)(r11)
890 add r2,r2,r11
891 mtlr r0
892 blr
893
894.balign 8
895p_toc: .llong __toc_start + 0x8000 - 0b
896
897/*
898 * This is where the main kernel code starts.
899 */
900start_here_multiplatform:
901 /* set up the TOC */
902 bl relative_toc
903 tovirt(r2,r2)
904
905 /* Clear out the BSS. It may have been done in prom_init,
906 * already but that's irrelevant since prom_init will soon
907 * be detached from the kernel completely. Besides, we need
908 * to clear it now for kexec-style entry.
909 */
910 LOAD_REG_ADDR(r11,__bss_stop)
911 LOAD_REG_ADDR(r8,__bss_start)
912 sub r11,r11,r8 /* bss size */
913 addi r11,r11,7 /* round up to an even double word */
914 srdi. r11,r11,3 /* shift right by 3 */
915 beq 4f
916 addi r8,r8,-8
917 li r0,0
918 mtctr r11 /* zero this many doublewords */
9193: stdu r0,8(r8)
920 bdnz 3b
9214:
922
923#ifdef CONFIG_PPC_EARLY_DEBUG_OPAL
924 /* Setup OPAL entry */
925 LOAD_REG_ADDR(r11, opal)
926 std r28,0(r11);
927 std r29,8(r11);
928#endif
929
930#ifndef CONFIG_PPC_BOOK3E
931 mfmsr r6
932 ori r6,r6,MSR_RI
933 mtmsrd r6 /* RI on */
934#endif
935
936#ifdef CONFIG_RELOCATABLE
937 /* Save the physical address we're running at in kernstart_addr */
938 LOAD_REG_ADDR(r4, kernstart_addr)
939 clrldi r0,r25,2
940 std r0,0(r4)
941#endif
942
943 /* The following gets the stack set up with the regs */
944 /* pointing to the real addr of the kernel stack. This is */
945 /* all done to support the C function call below which sets */
946 /* up the htab. This is done because we have relocated the */
947 /* kernel but are still running in real mode. */
948
949 LOAD_REG_ADDR(r3,init_thread_union)
950
951 /* set up a stack pointer */
952 addi r1,r3,THREAD_SIZE
953 li r0,0
954 stdu r0,-STACK_FRAME_OVERHEAD(r1)
955
956 /*
957 * Do very early kernel initializations, including initial hash table
958 * and SLB setup before we turn on relocation.
959 */
960
961 /* Restore parameters passed from prom_init/kexec */
962 mr r3,r31
963 bl early_setup /* also sets r13 and SPRG_PACA */
964
965 LOAD_REG_ADDR(r3, start_here_common)
966 ld r4,PACAKMSR(r13)
967 mtspr SPRN_SRR0,r3
968 mtspr SPRN_SRR1,r4
969 RFI
970 b . /* prevent speculative execution */
971
972 /* This is where all platforms converge execution */
973
974start_here_common:
975 /* relocation is on at this point */
976 std r1,PACAKSAVE(r13)
977
978 /* Load the TOC (virtual address) */
979 ld r2,PACATOC(r13)
980
981 /* Mark interrupts soft and hard disabled (they might be enabled
982 * in the PACA when doing hotplug)
983 */
984 li r0,0
985 stb r0,PACASOFTIRQEN(r13)
986 li r0,PACA_IRQ_HARD_DIS
987 stb r0,PACAIRQHAPPENED(r13)
988
989 /* Generic kernel entry */
990 bl start_kernel
991
992 /* Not reached */
993 BUG_OPCODE
994
995/*
996 * We put a few things here that have to be page-aligned.
997 * This stuff goes at the beginning of the bss, which is page-aligned.
998 */
999 .section ".bss"
1000/*
1001 * pgd dir should be aligned to PGD_TABLE_SIZE which is 64K.
1002 * We will need to find a better way to fix this
1003 */
1004 .align 16
1005
1006 .globl swapper_pg_dir
1007swapper_pg_dir:
1008 .space PGD_TABLE_SIZE
1009
1010 .globl empty_zero_page
1011empty_zero_page:
1012 .space PAGE_SIZE
1013EXPORT_SYMBOL(empty_zero_page)