Loading...
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * PowerPC version
4 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
5 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
6 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
7 * Low-level exception handlers and MMU support
8 * rewritten by Paul Mackerras.
9 * Copyright (C) 1996 Paul Mackerras.
10 * MPC8xx modifications by Dan Malek
11 * Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
12 *
13 * This file contains low-level support and setup for PowerPC 8xx
14 * embedded processors, including trap and interrupt dispatch.
15 */
16
17#include <linux/init.h>
18#include <linux/magic.h>
19#include <linux/pgtable.h>
20#include <linux/sizes.h>
21#include <linux/linkage.h>
22
23#include <asm/processor.h>
24#include <asm/page.h>
25#include <asm/mmu.h>
26#include <asm/cache.h>
27#include <asm/cputable.h>
28#include <asm/thread_info.h>
29#include <asm/ppc_asm.h>
30#include <asm/asm-offsets.h>
31#include <asm/ptrace.h>
32#include <asm/code-patching-asm.h>
33#include <asm/interrupt.h>
34
35/*
36 * Value for the bits that have fixed value in RPN entries.
37 * Also used for tagging DAR for DTLBerror.
38 */
39#define RPN_PATTERN 0x00f0
40
41#include "head_32.h"
42
43.macro compare_to_kernel_boundary scratch, addr
44#if CONFIG_TASK_SIZE <= 0x80000000 && CONFIG_PAGE_OFFSET >= 0x80000000
45/* By simply checking Address >= 0x80000000, we know if its a kernel address */
46 not. \scratch, \addr
47#else
48 rlwinm \scratch, \addr, 16, 0xfff8
49 cmpli cr0, \scratch, PAGE_OFFSET@h
50#endif
51.endm
52
53#define PAGE_SHIFT_512K 19
54#define PAGE_SHIFT_8M 23
55
56 __HEAD
57_GLOBAL(_stext);
58_GLOBAL(_start);
59
60/* MPC8xx
61 * This port was done on an MBX board with an 860. Right now I only
62 * support an ELF compressed (zImage) boot from EPPC-Bug because the
63 * code there loads up some registers before calling us:
64 * r3: ptr to board info data
65 * r4: initrd_start or if no initrd then 0
66 * r5: initrd_end - unused if r4 is 0
67 * r6: Start of command line string
68 * r7: End of command line string
69 *
70 * I decided to use conditional compilation instead of checking PVR and
71 * adding more processor specific branches around code I don't need.
72 * Since this is an embedded processor, I also appreciate any memory
73 * savings I can get.
74 *
75 * The MPC8xx does not have any BATs, but it supports large page sizes.
76 * We first initialize the MMU to support 8M byte pages, then load one
77 * entry into each of the instruction and data TLBs to map the first
78 * 8M 1:1. I also mapped an additional I/O space 1:1 so we can get to
79 * the "internal" processor registers before MMU_init is called.
80 *
81 * -- Dan
82 */
83 .globl __start
84__start:
85 mr r31,r3 /* save device tree ptr */
86
87 /* We have to turn on the MMU right away so we get cache modes
88 * set correctly.
89 */
90 bl initial_mmu
91
92/* We now have the lower 8 Meg mapped into TLB entries, and the caches
93 * ready to work.
94 */
95
96turn_on_mmu:
97 mfmsr r0
98 ori r0,r0,MSR_DR|MSR_IR
99 mtspr SPRN_SRR1,r0
100 lis r0,start_here@h
101 ori r0,r0,start_here@l
102 mtspr SPRN_SRR0,r0
103 rfi /* enables MMU */
104
105
106#ifdef CONFIG_PERF_EVENTS
107 .align 4
108
109 .globl itlb_miss_counter
110itlb_miss_counter:
111 .space 4
112
113 .globl dtlb_miss_counter
114dtlb_miss_counter:
115 .space 4
116
117 .globl instruction_counter
118instruction_counter:
119 .space 4
120#endif
121
122/* System reset */
123 EXCEPTION(INTERRUPT_SYSTEM_RESET, Reset, system_reset_exception)
124
125/* Machine check */
126 START_EXCEPTION(INTERRUPT_MACHINE_CHECK, MachineCheck)
127 EXCEPTION_PROLOG INTERRUPT_MACHINE_CHECK MachineCheck handle_dar_dsisr=1
128 prepare_transfer_to_handler
129 bl machine_check_exception
130 b interrupt_return
131
132/* External interrupt */
133 EXCEPTION(INTERRUPT_EXTERNAL, HardwareInterrupt, do_IRQ)
134
135/* Alignment exception */
136 START_EXCEPTION(INTERRUPT_ALIGNMENT, Alignment)
137 EXCEPTION_PROLOG INTERRUPT_ALIGNMENT Alignment handle_dar_dsisr=1
138 prepare_transfer_to_handler
139 bl alignment_exception
140 REST_NVGPRS(r1)
141 b interrupt_return
142
143/* Program check exception */
144 START_EXCEPTION(INTERRUPT_PROGRAM, ProgramCheck)
145 EXCEPTION_PROLOG INTERRUPT_PROGRAM ProgramCheck
146 prepare_transfer_to_handler
147 bl program_check_exception
148 REST_NVGPRS(r1)
149 b interrupt_return
150
151/* Decrementer */
152 EXCEPTION(INTERRUPT_DECREMENTER, Decrementer, timer_interrupt)
153
154/* System call */
155 START_EXCEPTION(INTERRUPT_SYSCALL, SystemCall)
156 SYSCALL_ENTRY INTERRUPT_SYSCALL
157
158/* Single step - not used on 601 */
159 EXCEPTION(INTERRUPT_TRACE, SingleStep, single_step_exception)
160
161/* On the MPC8xx, this is a software emulation interrupt. It occurs
162 * for all unimplemented and illegal instructions.
163 */
164 START_EXCEPTION(INTERRUPT_SOFT_EMU_8xx, SoftEmu)
165 EXCEPTION_PROLOG INTERRUPT_SOFT_EMU_8xx SoftEmu
166 prepare_transfer_to_handler
167 bl emulation_assist_interrupt
168 REST_NVGPRS(r1)
169 b interrupt_return
170
171/*
172 * For the MPC8xx, this is a software tablewalk to load the instruction
173 * TLB. The task switch loads the M_TWB register with the pointer to the first
174 * level table.
175 * If we discover there is no second level table (value is zero) or if there
176 * is an invalid pte, we load that into the TLB, which causes another fault
177 * into the TLB Error interrupt where we can handle such problems.
178 * We have to use the MD_xxx registers for the tablewalk because the
179 * equivalent MI_xxx registers only perform the attribute functions.
180 */
181
182#ifdef CONFIG_8xx_CPU15
183#define INVALIDATE_ADJACENT_PAGES_CPU15(addr, tmp) \
184 addi tmp, addr, PAGE_SIZE; \
185 tlbie tmp; \
186 addi tmp, addr, -PAGE_SIZE; \
187 tlbie tmp
188#else
189#define INVALIDATE_ADJACENT_PAGES_CPU15(addr, tmp)
190#endif
191
192 START_EXCEPTION(INTERRUPT_INST_TLB_MISS_8xx, InstructionTLBMiss)
193 mtspr SPRN_SPRG_SCRATCH2, r10
194 mtspr SPRN_M_TW, r11
195
196 /* If we are faulting a kernel address, we have to use the
197 * kernel page tables.
198 */
199 mfspr r10, SPRN_SRR0 /* Get effective address of fault */
200 INVALIDATE_ADJACENT_PAGES_CPU15(r10, r11)
201 mtspr SPRN_MD_EPN, r10
202#ifdef CONFIG_MODULES
203 mfcr r11
204 compare_to_kernel_boundary r10, r10
205#endif
206 mfspr r10, SPRN_M_TWB /* Get level 1 table */
207#ifdef CONFIG_MODULES
208 blt+ 3f
209 rlwinm r10, r10, 0, 20, 31
210 oris r10, r10, (swapper_pg_dir - PAGE_OFFSET)@ha
2113:
212 mtcr r11
213#endif
214 lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r10) /* Get level 1 entry */
215 mtspr SPRN_MD_TWC, r11
216 mfspr r10, SPRN_MD_TWC
217 lwz r10, 0(r10) /* Get the pte */
218 rlwimi r11, r10, 0, _PAGE_GUARDED | _PAGE_ACCESSED
219 rlwimi r11, r10, 32 - 9, _PMD_PAGE_512K
220 mtspr SPRN_MI_TWC, r11
221 /* The Linux PTE won't go exactly into the MMU TLB.
222 * Software indicator bits 20 and 23 must be clear.
223 * Software indicator bits 22, 24, 25, 26, and 27 must be
224 * set. All other Linux PTE bits control the behavior
225 * of the MMU.
226 */
227 rlwinm r10, r10, 0, ~0x0f00 /* Clear bits 20-23 */
228 rlwimi r10, r10, 4, 0x0400 /* Copy _PAGE_EXEC into bit 21 */
229 ori r10, r10, RPN_PATTERN | 0x200 /* Set 22 and 24-27 */
230 mtspr SPRN_MI_RPN, r10 /* Update TLB entry */
231
232 /* Restore registers */
2330: mfspr r10, SPRN_SPRG_SCRATCH2
234 mfspr r11, SPRN_M_TW
235 rfi
236 patch_site 0b, patch__itlbmiss_exit_1
237
238#ifdef CONFIG_PERF_EVENTS
239 patch_site 0f, patch__itlbmiss_perf
2400: lwz r10, (itlb_miss_counter - PAGE_OFFSET)@l(0)
241 addi r10, r10, 1
242 stw r10, (itlb_miss_counter - PAGE_OFFSET)@l(0)
243 mfspr r10, SPRN_SPRG_SCRATCH2
244 mfspr r11, SPRN_M_TW
245 rfi
246#endif
247
248 START_EXCEPTION(INTERRUPT_DATA_TLB_MISS_8xx, DataStoreTLBMiss)
249 mtspr SPRN_SPRG_SCRATCH2, r10
250 mtspr SPRN_M_TW, r11
251 mfcr r11
252
253 /* If we are faulting a kernel address, we have to use the
254 * kernel page tables.
255 */
256 mfspr r10, SPRN_MD_EPN
257 compare_to_kernel_boundary r10, r10
258 mfspr r10, SPRN_M_TWB /* Get level 1 table */
259 blt+ 3f
260 rlwinm r10, r10, 0, 20, 31
261 oris r10, r10, (swapper_pg_dir - PAGE_OFFSET)@ha
2623:
263 mtcr r11
264 lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r10) /* Get level 1 entry */
265
266 mtspr SPRN_MD_TWC, r11
267 mfspr r10, SPRN_MD_TWC
268 lwz r10, 0(r10) /* Get the pte */
269
270 /* Insert Guarded and Accessed flags into the TWC from the Linux PTE.
271 * It is bit 27 of both the Linux PTE and the TWC (at least
272 * I got that right :-). It will be better when we can put
273 * this into the Linux pgd/pmd and load it in the operation
274 * above.
275 */
276 rlwimi r11, r10, 0, _PAGE_GUARDED | _PAGE_ACCESSED
277 rlwimi r11, r10, 32 - 9, _PMD_PAGE_512K
278 mtspr SPRN_MD_TWC, r11
279
280 /* The Linux PTE won't go exactly into the MMU TLB.
281 * Software indicator bits 24, 25, 26, and 27 must be
282 * set. All other Linux PTE bits control the behavior
283 * of the MMU.
284 */
285 li r11, RPN_PATTERN
286 rlwimi r10, r11, 0, 24, 27 /* Set 24-27 */
287 mtspr SPRN_MD_RPN, r10 /* Update TLB entry */
288 mtspr SPRN_DAR, r11 /* Tag DAR */
289
290 /* Restore registers */
291
2920: mfspr r10, SPRN_SPRG_SCRATCH2
293 mfspr r11, SPRN_M_TW
294 rfi
295 patch_site 0b, patch__dtlbmiss_exit_1
296
297#ifdef CONFIG_PERF_EVENTS
298 patch_site 0f, patch__dtlbmiss_perf
2990: lwz r10, (dtlb_miss_counter - PAGE_OFFSET)@l(0)
300 addi r10, r10, 1
301 stw r10, (dtlb_miss_counter - PAGE_OFFSET)@l(0)
302 mfspr r10, SPRN_SPRG_SCRATCH2
303 mfspr r11, SPRN_M_TW
304 rfi
305#endif
306
307/* This is an instruction TLB error on the MPC8xx. This could be due
308 * to many reasons, such as executing guarded memory or illegal instruction
309 * addresses. There is nothing to do but handle a big time error fault.
310 */
311 START_EXCEPTION(INTERRUPT_INST_TLB_ERROR_8xx, InstructionTLBError)
312 /* 0x400 is InstructionAccess exception, needed by bad_page_fault() */
313 EXCEPTION_PROLOG INTERRUPT_INST_STORAGE InstructionTLBError
314 andis. r5,r9,DSISR_SRR1_MATCH_32S@h /* Filter relevant SRR1 bits */
315 andis. r10,r9,SRR1_ISI_NOPT@h
316 beq+ .Litlbie
317 tlbie r12
318.Litlbie:
319 stw r12, _DAR(r11)
320 stw r5, _DSISR(r11)
321 prepare_transfer_to_handler
322 bl do_page_fault
323 b interrupt_return
324
325/* This is the data TLB error on the MPC8xx. This could be due to
326 * many reasons, including a dirty update to a pte. We bail out to
327 * a higher level function that can handle it.
328 */
329 START_EXCEPTION(INTERRUPT_DATA_TLB_ERROR_8xx, DataTLBError)
330 EXCEPTION_PROLOG_0 handle_dar_dsisr=1
331 mfspr r11, SPRN_DAR
332 cmpwi cr1, r11, RPN_PATTERN
333 beq- cr1, FixupDAR /* must be a buggy dcbX, icbi insn. */
334DARFixed:/* Return from dcbx instruction bug workaround */
335 EXCEPTION_PROLOG_1
336 /* 0x300 is DataAccess exception, needed by bad_page_fault() */
337 EXCEPTION_PROLOG_2 INTERRUPT_DATA_STORAGE DataTLBError handle_dar_dsisr=1
338 lwz r4, _DAR(r11)
339 lwz r5, _DSISR(r11)
340 andis. r10,r5,DSISR_NOHPTE@h
341 beq+ .Ldtlbie
342 tlbie r4
343.Ldtlbie:
344 prepare_transfer_to_handler
345 bl do_page_fault
346 b interrupt_return
347
348#ifdef CONFIG_VMAP_STACK
349 vmap_stack_overflow_exception
350#endif
351
352/* On the MPC8xx, these next four traps are used for development
353 * support of breakpoints and such. Someday I will get around to
354 * using them.
355 */
356 START_EXCEPTION(INTERRUPT_DATA_BREAKPOINT_8xx, DataBreakpoint)
357 EXCEPTION_PROLOG_0 handle_dar_dsisr=1
358 mfspr r11, SPRN_SRR0
359 cmplwi cr1, r11, (.Ldtlbie - PAGE_OFFSET)@l
360 cmplwi cr7, r11, (.Litlbie - PAGE_OFFSET)@l
361 cror 4*cr1+eq, 4*cr1+eq, 4*cr7+eq
362 bne cr1, 1f
363 mtcr r10
364 mfspr r10, SPRN_SPRG_SCRATCH0
365 mfspr r11, SPRN_SPRG_SCRATCH1
366 rfi
367
3681: EXCEPTION_PROLOG_1
369 EXCEPTION_PROLOG_2 INTERRUPT_DATA_BREAKPOINT_8xx DataBreakpoint handle_dar_dsisr=1
370 mfspr r4,SPRN_BAR
371 stw r4,_DAR(r11)
372 prepare_transfer_to_handler
373 bl do_break
374 REST_NVGPRS(r1)
375 b interrupt_return
376
377#ifdef CONFIG_PERF_EVENTS
378 START_EXCEPTION(INTERRUPT_INST_BREAKPOINT_8xx, InstructionBreakpoint)
379 mtspr SPRN_SPRG_SCRATCH0, r10
380 lwz r10, (instruction_counter - PAGE_OFFSET)@l(0)
381 addi r10, r10, -1
382 stw r10, (instruction_counter - PAGE_OFFSET)@l(0)
383 lis r10, 0xffff
384 ori r10, r10, 0x01
385 mtspr SPRN_COUNTA, r10
386 mfspr r10, SPRN_SPRG_SCRATCH0
387 rfi
388#else
389 EXCEPTION(INTERRUPT_INST_BREAKPOINT_8xx, Trap_1d, unknown_exception)
390#endif
391 EXCEPTION(0x1e00, Trap_1e, unknown_exception)
392 EXCEPTION(0x1f00, Trap_1f, unknown_exception)
393
394 __HEAD
395 . = 0x2000
396
397/* This is the procedure to calculate the data EA for buggy dcbx,dcbi instructions
398 * by decoding the registers used by the dcbx instruction and adding them.
399 * DAR is set to the calculated address.
400 */
401FixupDAR:/* Entry point for dcbx workaround. */
402 mtspr SPRN_M_TW, r10
403 /* fetch instruction from memory. */
404 mfspr r10, SPRN_SRR0
405 mtspr SPRN_MD_EPN, r10
406 rlwinm r11, r10, 16, 0xfff8
407 cmpli cr1, r11, PAGE_OFFSET@h
408 mfspr r11, SPRN_M_TWB /* Get level 1 table */
409 blt+ cr1, 3f
410
411 /* create physical page address from effective address */
412 tophys(r11, r10)
413 mfspr r11, SPRN_M_TWB /* Get level 1 table */
414 rlwinm r11, r11, 0, 20, 31
415 oris r11, r11, (swapper_pg_dir - PAGE_OFFSET)@ha
4163:
417 lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r11) /* Get the level 1 entry */
418 mtspr SPRN_MD_TWC, r11
419 mtcrf 0x01, r11
420 mfspr r11, SPRN_MD_TWC
421 lwz r11, 0(r11) /* Get the pte */
422 bt 28,200f /* bit 28 = Large page (8M) */
423 /* concat physical page address(r11) and page offset(r10) */
424 rlwimi r11, r10, 0, 32 - PAGE_SHIFT, 31
425201: lwz r11,0(r11)
426/* Check if it really is a dcbx instruction. */
427/* dcbt and dcbtst does not generate DTLB Misses/Errors,
428 * no need to include them here */
429 xoris r10, r11, 0x7c00 /* check if major OP code is 31 */
430 rlwinm r10, r10, 0, 21, 5
431 cmpwi cr1, r10, 2028 /* Is dcbz? */
432 beq+ cr1, 142f
433 cmpwi cr1, r10, 940 /* Is dcbi? */
434 beq+ cr1, 142f
435 cmpwi cr1, r10, 108 /* Is dcbst? */
436 beq+ cr1, 144f /* Fix up store bit! */
437 cmpwi cr1, r10, 172 /* Is dcbf? */
438 beq+ cr1, 142f
439 cmpwi cr1, r10, 1964 /* Is icbi? */
440 beq+ cr1, 142f
441141: mfspr r10,SPRN_M_TW
442 b DARFixed /* Nope, go back to normal TLB processing */
443
444200:
445 /* concat physical page address(r11) and page offset(r10) */
446 rlwimi r11, r10, 0, 32 - PAGE_SHIFT_8M, 31
447 b 201b
448
449144: mfspr r10, SPRN_DSISR
450 rlwinm r10, r10,0,7,5 /* Clear store bit for buggy dcbst insn */
451 mtspr SPRN_DSISR, r10
452142: /* continue, it was a dcbx, dcbi instruction. */
453 mfctr r10
454 mtdar r10 /* save ctr reg in DAR */
455 rlwinm r10, r11, 24, 24, 28 /* offset into jump table for reg RB */
456 addi r10, r10, 150f@l /* add start of table */
457 mtctr r10 /* load ctr with jump address */
458 xor r10, r10, r10 /* sum starts at zero */
459 bctr /* jump into table */
460150:
461 add r10, r10, r0 ;b 151f
462 add r10, r10, r1 ;b 151f
463 add r10, r10, r2 ;b 151f
464 add r10, r10, r3 ;b 151f
465 add r10, r10, r4 ;b 151f
466 add r10, r10, r5 ;b 151f
467 add r10, r10, r6 ;b 151f
468 add r10, r10, r7 ;b 151f
469 add r10, r10, r8 ;b 151f
470 add r10, r10, r9 ;b 151f
471 mtctr r11 ;b 154f /* r10 needs special handling */
472 mtctr r11 ;b 153f /* r11 needs special handling */
473 add r10, r10, r12 ;b 151f
474 add r10, r10, r13 ;b 151f
475 add r10, r10, r14 ;b 151f
476 add r10, r10, r15 ;b 151f
477 add r10, r10, r16 ;b 151f
478 add r10, r10, r17 ;b 151f
479 add r10, r10, r18 ;b 151f
480 add r10, r10, r19 ;b 151f
481 add r10, r10, r20 ;b 151f
482 add r10, r10, r21 ;b 151f
483 add r10, r10, r22 ;b 151f
484 add r10, r10, r23 ;b 151f
485 add r10, r10, r24 ;b 151f
486 add r10, r10, r25 ;b 151f
487 add r10, r10, r26 ;b 151f
488 add r10, r10, r27 ;b 151f
489 add r10, r10, r28 ;b 151f
490 add r10, r10, r29 ;b 151f
491 add r10, r10, r30 ;b 151f
492 add r10, r10, r31
493151:
494 rlwinm r11,r11,19,24,28 /* offset into jump table for reg RA */
495 cmpwi cr1, r11, 0
496 beq cr1, 152f /* if reg RA is zero, don't add it */
497 addi r11, r11, 150b@l /* add start of table */
498 mtctr r11 /* load ctr with jump address */
499 rlwinm r11,r11,0,16,10 /* make sure we don't execute this more than once */
500 bctr /* jump into table */
501152:
502 mfdar r11
503 mtctr r11 /* restore ctr reg from DAR */
504 mfspr r11, SPRN_SPRG_THREAD
505 stw r10, DAR(r11)
506 mfspr r10, SPRN_DSISR
507 stw r10, DSISR(r11)
508 mfspr r10,SPRN_M_TW
509 b DARFixed /* Go back to normal TLB handling */
510
511 /* special handling for r10,r11 since these are modified already */
512153: mfspr r11, SPRN_SPRG_SCRATCH1 /* load r11 from SPRN_SPRG_SCRATCH1 */
513 add r10, r10, r11 /* add it */
514 mfctr r11 /* restore r11 */
515 b 151b
516154: mfspr r11, SPRN_SPRG_SCRATCH0 /* load r10 from SPRN_SPRG_SCRATCH0 */
517 add r10, r10, r11 /* add it */
518 mfctr r11 /* restore r11 */
519 b 151b
520
521/*
522 * This is where the main kernel code starts.
523 */
524start_here:
525 /* ptr to current */
526 lis r2,init_task@h
527 ori r2,r2,init_task@l
528
529 /* ptr to phys current thread */
530 tophys(r4,r2)
531 addi r4,r4,THREAD /* init task's THREAD */
532 mtspr SPRN_SPRG_THREAD,r4
533
534 /* stack */
535 lis r1,init_thread_union@ha
536 addi r1,r1,init_thread_union@l
537 lis r0, STACK_END_MAGIC@h
538 ori r0, r0, STACK_END_MAGIC@l
539 stw r0, 0(r1)
540 li r0,0
541 stwu r0,THREAD_SIZE-STACK_FRAME_MIN_SIZE(r1)
542
543 lis r6, swapper_pg_dir@ha
544 tophys(r6,r6)
545 mtspr SPRN_M_TWB, r6
546
547 bl early_init /* We have to do this with MMU on */
548
549/*
550 * Decide what sort of machine this is and initialize the MMU.
551 */
552#ifdef CONFIG_KASAN
553 bl kasan_early_init
554#endif
555 li r3,0
556 mr r4,r31
557 bl machine_init
558 bl MMU_init
559
560/*
561 * Go back to running unmapped so we can load up new values
562 * and change to using our exception vectors.
563 * On the 8xx, all we have to do is invalidate the TLB to clear
564 * the old 8M byte TLB mappings and load the page table base register.
565 */
566 /* The right way to do this would be to track it down through
567 * init's THREAD like the context switch code does, but this is
568 * easier......until someone changes init's static structures.
569 */
570 lis r4,2f@h
571 ori r4,r4,2f@l
572 tophys(r4,r4)
573 li r3,MSR_KERNEL & ~(MSR_IR|MSR_DR)
574 mtspr SPRN_SRR0,r4
575 mtspr SPRN_SRR1,r3
576 rfi
577/* Load up the kernel context */
5782:
579#ifdef CONFIG_PIN_TLB_IMMR
580 lis r0, MD_TWAM@h
581 oris r0, r0, 0x1f00
582 mtspr SPRN_MD_CTR, r0
583 LOAD_REG_IMMEDIATE(r0, VIRT_IMMR_BASE | MD_EVALID)
584 tlbie r0
585 mtspr SPRN_MD_EPN, r0
586 LOAD_REG_IMMEDIATE(r0, MD_SVALID | MD_PS512K | MD_GUARDED)
587 mtspr SPRN_MD_TWC, r0
588 mfspr r0, SPRN_IMMR
589 rlwinm r0, r0, 0, 0xfff80000
590 ori r0, r0, 0xf0 | _PAGE_DIRTY | _PAGE_SPS | _PAGE_SH | \
591 _PAGE_NO_CACHE | _PAGE_PRESENT
592 mtspr SPRN_MD_RPN, r0
593 lis r0, (MD_TWAM | MD_RSV4I)@h
594 mtspr SPRN_MD_CTR, r0
595#endif
596#if !defined(CONFIG_PIN_TLB_DATA) && !defined(CONFIG_PIN_TLB_IMMR)
597 lis r0, MD_TWAM@h
598 mtspr SPRN_MD_CTR, r0
599#endif
600 tlbia /* Clear all TLB entries */
601 sync /* wait for tlbia/tlbie to finish */
602
603 /* set up the PTE pointers for the Abatron bdiGDB.
604 */
605 lis r5, abatron_pteptrs@h
606 ori r5, r5, abatron_pteptrs@l
607 stw r5, 0xf0(0) /* Must match your Abatron config file */
608 tophys(r5,r5)
609 lis r6, swapper_pg_dir@h
610 ori r6, r6, swapper_pg_dir@l
611 stw r6, 0(r5)
612
613/* Now turn on the MMU for real! */
614 li r4,MSR_KERNEL
615 lis r3,start_kernel@h
616 ori r3,r3,start_kernel@l
617 mtspr SPRN_SRR0,r3
618 mtspr SPRN_SRR1,r4
619 rfi /* enable MMU and jump to start_kernel */
620
621/* Set up the initial MMU state so we can do the first level of
622 * kernel initialization. This maps the first 8 MBytes of memory 1:1
623 * virtual to physical. Also, set the cache mode since that is defined
624 * by TLB entries and perform any additional mapping (like of the IMMR).
625 * If configured to pin some TLBs, we pin the first 8 Mbytes of kernel,
626 * 24 Mbytes of data, and the 512k IMMR space. Anything not covered by
627 * these mappings is mapped by page tables.
628 */
629SYM_FUNC_START_LOCAL(initial_mmu)
630 li r8, 0
631 mtspr SPRN_MI_CTR, r8 /* remove PINNED ITLB entries */
632 lis r10, MD_TWAM@h
633 mtspr SPRN_MD_CTR, r10 /* remove PINNED DTLB entries */
634
635 tlbia /* Invalidate all TLB entries */
636
637 lis r8, MI_APG_INIT@h /* Set protection modes */
638 ori r8, r8, MI_APG_INIT@l
639 mtspr SPRN_MI_AP, r8
640 lis r8, MD_APG_INIT@h
641 ori r8, r8, MD_APG_INIT@l
642 mtspr SPRN_MD_AP, r8
643
644 /* Map the lower RAM (up to 32 Mbytes) into the ITLB and DTLB */
645 lis r8, MI_RSV4I@h
646 ori r8, r8, 0x1c00
647 oris r12, r10, MD_RSV4I@h
648 ori r12, r12, 0x1c00
649 li r9, 4 /* up to 4 pages of 8M */
650 mtctr r9
651 lis r9, KERNELBASE@h /* Create vaddr for TLB */
652 li r10, MI_PS8MEG | _PMD_ACCESSED | MI_SVALID
653 li r11, MI_BOOTINIT /* Create RPN for address 0 */
6541:
655 mtspr SPRN_MI_CTR, r8 /* Set instruction MMU control */
656 addi r8, r8, 0x100
657 ori r0, r9, MI_EVALID /* Mark it valid */
658 mtspr SPRN_MI_EPN, r0
659 mtspr SPRN_MI_TWC, r10
660 mtspr SPRN_MI_RPN, r11 /* Store TLB entry */
661 mtspr SPRN_MD_CTR, r12
662 addi r12, r12, 0x100
663 mtspr SPRN_MD_EPN, r0
664 mtspr SPRN_MD_TWC, r10
665 mtspr SPRN_MD_RPN, r11
666 addis r9, r9, 0x80
667 addis r11, r11, 0x80
668
669 bdnz 1b
670
671 /* Since the cache is enabled according to the information we
672 * just loaded into the TLB, invalidate and enable the caches here.
673 * We should probably check/set other modes....later.
674 */
675 lis r8, IDC_INVALL@h
676 mtspr SPRN_IC_CST, r8
677 mtspr SPRN_DC_CST, r8
678 lis r8, IDC_ENABLE@h
679 mtspr SPRN_IC_CST, r8
680 mtspr SPRN_DC_CST, r8
681 /* Disable debug mode entry on breakpoints */
682 mfspr r8, SPRN_DER
683#ifdef CONFIG_PERF_EVENTS
684 rlwinm r8, r8, 0, ~0xc
685#else
686 rlwinm r8, r8, 0, ~0x8
687#endif
688 mtspr SPRN_DER, r8
689 blr
690SYM_FUNC_END(initial_mmu)
691
692_GLOBAL(mmu_pin_tlb)
693 lis r9, (1f - PAGE_OFFSET)@h
694 ori r9, r9, (1f - PAGE_OFFSET)@l
695 mfmsr r10
696 mflr r11
697 li r12, MSR_KERNEL & ~(MSR_IR | MSR_DR | MSR_RI)
698 rlwinm r0, r10, 0, ~MSR_RI
699 rlwinm r0, r0, 0, ~MSR_EE
700 mtmsr r0
701 isync
702 .align 4
703 mtspr SPRN_SRR0, r9
704 mtspr SPRN_SRR1, r12
705 rfi
7061:
707 li r5, 0
708 lis r6, MD_TWAM@h
709 mtspr SPRN_MI_CTR, r5
710 mtspr SPRN_MD_CTR, r6
711 tlbia
712
713 LOAD_REG_IMMEDIATE(r5, 28 << 8)
714 LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET)
715 LOAD_REG_IMMEDIATE(r7, MI_SVALID | MI_PS8MEG | _PMD_ACCESSED)
716 LOAD_REG_IMMEDIATE(r8, 0xf0 | _PAGE_RO | _PAGE_SPS | _PAGE_SH | _PAGE_PRESENT)
717 LOAD_REG_ADDR(r9, _sinittext)
718 li r0, 4
719 mtctr r0
720
7212: ori r0, r6, MI_EVALID
722 mtspr SPRN_MI_CTR, r5
723 mtspr SPRN_MI_EPN, r0
724 mtspr SPRN_MI_TWC, r7
725 mtspr SPRN_MI_RPN, r8
726 addi r5, r5, 0x100
727 addis r6, r6, SZ_8M@h
728 addis r8, r8, SZ_8M@h
729 cmplw r6, r9
730 bdnzt lt, 2b
731 lis r0, MI_RSV4I@h
732 mtspr SPRN_MI_CTR, r0
733
734 LOAD_REG_IMMEDIATE(r5, 28 << 8 | MD_TWAM)
735#ifdef CONFIG_PIN_TLB_DATA
736 LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET)
737 LOAD_REG_IMMEDIATE(r7, MI_SVALID | MI_PS8MEG | _PMD_ACCESSED)
738 li r8, 0
739#ifdef CONFIG_PIN_TLB_IMMR
740 li r0, 3
741#else
742 li r0, 4
743#endif
744 mtctr r0
745 cmpwi r4, 0
746 beq 4f
747 LOAD_REG_ADDR(r9, _sinittext)
748
7492: ori r0, r6, MD_EVALID
750 ori r12, r8, 0xf0 | _PAGE_RO | _PAGE_SPS | _PAGE_SH | _PAGE_PRESENT
751 mtspr SPRN_MD_CTR, r5
752 mtspr SPRN_MD_EPN, r0
753 mtspr SPRN_MD_TWC, r7
754 mtspr SPRN_MD_RPN, r12
755 addi r5, r5, 0x100
756 addis r6, r6, SZ_8M@h
757 addis r8, r8, SZ_8M@h
758 cmplw r6, r9
759 bdnzt lt, 2b
7604:
7612: ori r0, r6, MD_EVALID
762 ori r12, r8, 0xf0 | _PAGE_DIRTY | _PAGE_SPS | _PAGE_SH | _PAGE_PRESENT
763 mtspr SPRN_MD_CTR, r5
764 mtspr SPRN_MD_EPN, r0
765 mtspr SPRN_MD_TWC, r7
766 mtspr SPRN_MD_RPN, r12
767 addi r5, r5, 0x100
768 addis r6, r6, SZ_8M@h
769 addis r8, r8, SZ_8M@h
770 cmplw r6, r3
771 bdnzt lt, 2b
772#endif
773#ifdef CONFIG_PIN_TLB_IMMR
774 LOAD_REG_IMMEDIATE(r0, VIRT_IMMR_BASE | MD_EVALID)
775 LOAD_REG_IMMEDIATE(r7, MD_SVALID | MD_PS512K | MD_GUARDED | _PMD_ACCESSED)
776 mfspr r8, SPRN_IMMR
777 rlwinm r8, r8, 0, 0xfff80000
778 ori r8, r8, 0xf0 | _PAGE_DIRTY | _PAGE_SPS | _PAGE_SH | \
779 _PAGE_NO_CACHE | _PAGE_PRESENT
780 mtspr SPRN_MD_CTR, r5
781 mtspr SPRN_MD_EPN, r0
782 mtspr SPRN_MD_TWC, r7
783 mtspr SPRN_MD_RPN, r8
784#endif
785#if defined(CONFIG_PIN_TLB_IMMR) || defined(CONFIG_PIN_TLB_DATA)
786 lis r0, (MD_RSV4I | MD_TWAM)@h
787 mtspr SPRN_MD_CTR, r0
788#endif
789 mtspr SPRN_SRR1, r10
790 mtspr SPRN_SRR0, r11
791 rfi
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * PowerPC version
4 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
5 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
6 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
7 * Low-level exception handlers and MMU support
8 * rewritten by Paul Mackerras.
9 * Copyright (C) 1996 Paul Mackerras.
10 * MPC8xx modifications by Dan Malek
11 * Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
12 *
13 * This file contains low-level support and setup for PowerPC 8xx
14 * embedded processors, including trap and interrupt dispatch.
15 */
16
17#include <linux/init.h>
18#include <linux/magic.h>
19#include <linux/pgtable.h>
20#include <linux/sizes.h>
21#include <linux/linkage.h>
22
23#include <asm/processor.h>
24#include <asm/page.h>
25#include <asm/mmu.h>
26#include <asm/cache.h>
27#include <asm/cputable.h>
28#include <asm/thread_info.h>
29#include <asm/ppc_asm.h>
30#include <asm/asm-offsets.h>
31#include <asm/ptrace.h>
32#include <asm/code-patching-asm.h>
33#include <asm/interrupt.h>
34
35/*
36 * Value for the bits that have fixed value in RPN entries.
37 * Also used for tagging DAR for DTLBerror.
38 */
39#define RPN_PATTERN 0x00f0
40
41#include "head_32.h"
42
43#define PAGE_SHIFT_512K 19
44#define PAGE_SHIFT_8M 23
45
46 __HEAD
47_GLOBAL(_stext);
48_GLOBAL(_start);
49
50/* MPC8xx
51 * This port was done on an MBX board with an 860. Right now I only
52 * support an ELF compressed (zImage) boot from EPPC-Bug because the
53 * code there loads up some registers before calling us:
54 * r3: ptr to board info data
55 * r4: initrd_start or if no initrd then 0
56 * r5: initrd_end - unused if r4 is 0
57 * r6: Start of command line string
58 * r7: End of command line string
59 *
60 * I decided to use conditional compilation instead of checking PVR and
61 * adding more processor specific branches around code I don't need.
62 * Since this is an embedded processor, I also appreciate any memory
63 * savings I can get.
64 *
65 * The MPC8xx does not have any BATs, but it supports large page sizes.
66 * We first initialize the MMU to support 8M byte pages, then load one
67 * entry into each of the instruction and data TLBs to map the first
68 * 8M 1:1. I also mapped an additional I/O space 1:1 so we can get to
69 * the "internal" processor registers before MMU_init is called.
70 *
71 * -- Dan
72 */
73 .globl __start
74__start:
75 mr r31,r3 /* save device tree ptr */
76
77 /* We have to turn on the MMU right away so we get cache modes
78 * set correctly.
79 */
80 bl initial_mmu
81
82/* We now have the lower 8 Meg mapped into TLB entries, and the caches
83 * ready to work.
84 */
85
86turn_on_mmu:
87 mfmsr r0
88 ori r0,r0,MSR_DR|MSR_IR
89 mtspr SPRN_SRR1,r0
90 lis r0,start_here@h
91 ori r0,r0,start_here@l
92 mtspr SPRN_SRR0,r0
93 rfi /* enables MMU */
94
95
96#ifdef CONFIG_PERF_EVENTS
97 .align 4
98
99 .globl itlb_miss_counter
100itlb_miss_counter:
101 .space 4
102
103 .globl dtlb_miss_counter
104dtlb_miss_counter:
105 .space 4
106
107 .globl instruction_counter
108instruction_counter:
109 .space 4
110#endif
111
112/* System reset */
113 EXCEPTION(INTERRUPT_SYSTEM_RESET, Reset, system_reset_exception)
114
115/* Machine check */
116 START_EXCEPTION(INTERRUPT_MACHINE_CHECK, MachineCheck)
117 EXCEPTION_PROLOG INTERRUPT_MACHINE_CHECK MachineCheck handle_dar_dsisr=1
118 prepare_transfer_to_handler
119 bl machine_check_exception
120 b interrupt_return
121
122/* External interrupt */
123 EXCEPTION(INTERRUPT_EXTERNAL, HardwareInterrupt, do_IRQ)
124
125/* Alignment exception */
126 START_EXCEPTION(INTERRUPT_ALIGNMENT, Alignment)
127 EXCEPTION_PROLOG INTERRUPT_ALIGNMENT Alignment handle_dar_dsisr=1
128 prepare_transfer_to_handler
129 bl alignment_exception
130 REST_NVGPRS(r1)
131 b interrupt_return
132
133/* Program check exception */
134 START_EXCEPTION(INTERRUPT_PROGRAM, ProgramCheck)
135 EXCEPTION_PROLOG INTERRUPT_PROGRAM ProgramCheck
136 prepare_transfer_to_handler
137 bl program_check_exception
138 REST_NVGPRS(r1)
139 b interrupt_return
140
141/* Decrementer */
142 EXCEPTION(INTERRUPT_DECREMENTER, Decrementer, timer_interrupt)
143
144/* System call */
145 START_EXCEPTION(INTERRUPT_SYSCALL, SystemCall)
146 SYSCALL_ENTRY INTERRUPT_SYSCALL
147
148/* Single step - not used on 601 */
149 EXCEPTION(INTERRUPT_TRACE, SingleStep, single_step_exception)
150
151/* On the MPC8xx, this is a software emulation interrupt. It occurs
152 * for all unimplemented and illegal instructions.
153 */
154 START_EXCEPTION(INTERRUPT_SOFT_EMU_8xx, SoftEmu)
155 EXCEPTION_PROLOG INTERRUPT_SOFT_EMU_8xx SoftEmu
156 prepare_transfer_to_handler
157 bl emulation_assist_interrupt
158 REST_NVGPRS(r1)
159 b interrupt_return
160
161/*
162 * For the MPC8xx, this is a software tablewalk to load the instruction
163 * TLB. The task switch loads the M_TWB register with the pointer to the first
164 * level table.
165 * If we discover there is no second level table (value is zero) or if there
166 * is an invalid pte, we load that into the TLB, which causes another fault
167 * into the TLB Error interrupt where we can handle such problems.
168 * We have to use the MD_xxx registers for the tablewalk because the
169 * equivalent MI_xxx registers only perform the attribute functions.
170 */
171
172#ifdef CONFIG_8xx_CPU15
173#define INVALIDATE_ADJACENT_PAGES_CPU15(addr, tmp) \
174 addi tmp, addr, PAGE_SIZE; \
175 tlbie tmp; \
176 addi tmp, addr, -PAGE_SIZE; \
177 tlbie tmp
178#else
179#define INVALIDATE_ADJACENT_PAGES_CPU15(addr, tmp)
180#endif
181
182 START_EXCEPTION(INTERRUPT_INST_TLB_MISS_8xx, InstructionTLBMiss)
183 mtspr SPRN_SPRG_SCRATCH2, r10
184 mtspr SPRN_M_TW, r11
185
186 /* If we are faulting a kernel address, we have to use the
187 * kernel page tables.
188 */
189 mfspr r10, SPRN_SRR0 /* Get effective address of fault */
190 INVALIDATE_ADJACENT_PAGES_CPU15(r10, r11)
191 mtspr SPRN_MD_EPN, r10
192 mfspr r10, SPRN_M_TWB /* Get level 1 table */
193 lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r10) /* Get level 1 entry */
194 mtspr SPRN_MD_TWC, r11
195 mfspr r10, SPRN_MD_TWC
196 lwz r10, 0(r10) /* Get the pte */
197 rlwimi r11, r10, 0, _PAGE_GUARDED | _PAGE_ACCESSED
198 rlwimi r11, r10, 32 - 9, _PMD_PAGE_512K
199 mtspr SPRN_MI_TWC, r11
200 /* The Linux PTE won't go exactly into the MMU TLB.
201 * Software indicator bits 20 and 23 must be clear.
202 * Software indicator bits 22, 24, 25, 26, and 27 must be
203 * set. All other Linux PTE bits control the behavior
204 * of the MMU.
205 */
206 rlwinm r10, r10, 0, ~0x0f00 /* Clear bits 20-23 */
207 rlwimi r10, r10, 4, 0x0400 /* Copy _PAGE_EXEC into bit 21 */
208 ori r10, r10, RPN_PATTERN | 0x200 /* Set 22 and 24-27 */
209 mtspr SPRN_MI_RPN, r10 /* Update TLB entry */
210
211 /* Restore registers */
2120: mfspr r10, SPRN_SPRG_SCRATCH2
213 mfspr r11, SPRN_M_TW
214 rfi
215 patch_site 0b, patch__itlbmiss_exit_1
216
217#ifdef CONFIG_PERF_EVENTS
218 patch_site 0f, patch__itlbmiss_perf
2190: lwz r10, (itlb_miss_counter - PAGE_OFFSET)@l(0)
220 addi r10, r10, 1
221 stw r10, (itlb_miss_counter - PAGE_OFFSET)@l(0)
222 mfspr r10, SPRN_SPRG_SCRATCH2
223 mfspr r11, SPRN_M_TW
224 rfi
225#endif
226
227 START_EXCEPTION(INTERRUPT_DATA_TLB_MISS_8xx, DataStoreTLBMiss)
228 mtspr SPRN_SPRG_SCRATCH2, r10
229 mtspr SPRN_M_TW, r11
230
231 /* If we are faulting a kernel address, we have to use the
232 * kernel page tables.
233 */
234 mfspr r10, SPRN_MD_EPN
235 mfspr r10, SPRN_M_TWB /* Get level 1 table */
236 lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r10) /* Get level 1 entry */
237
238 mtspr SPRN_MD_TWC, r11
239 mfspr r10, SPRN_MD_TWC
240 lwz r10, 0(r10) /* Get the pte */
241
242 /* Insert Guarded and Accessed flags into the TWC from the Linux PTE.
243 * It is bit 27 of both the Linux PTE and the TWC (at least
244 * I got that right :-). It will be better when we can put
245 * this into the Linux pgd/pmd and load it in the operation
246 * above.
247 */
248 rlwimi r11, r10, 0, _PAGE_GUARDED | _PAGE_ACCESSED
249 rlwimi r11, r10, 32 - 9, _PMD_PAGE_512K
250 mtspr SPRN_MD_TWC, r11
251
252 /* The Linux PTE won't go exactly into the MMU TLB.
253 * Software indicator bits 24, 25, 26, and 27 must be
254 * set. All other Linux PTE bits control the behavior
255 * of the MMU.
256 */
257 li r11, RPN_PATTERN
258 rlwimi r10, r11, 0, 24, 27 /* Set 24-27 */
259 mtspr SPRN_MD_RPN, r10 /* Update TLB entry */
260 mtspr SPRN_DAR, r11 /* Tag DAR */
261
262 /* Restore registers */
263
2640: mfspr r10, SPRN_SPRG_SCRATCH2
265 mfspr r11, SPRN_M_TW
266 rfi
267 patch_site 0b, patch__dtlbmiss_exit_1
268
269#ifdef CONFIG_PERF_EVENTS
270 patch_site 0f, patch__dtlbmiss_perf
2710: lwz r10, (dtlb_miss_counter - PAGE_OFFSET)@l(0)
272 addi r10, r10, 1
273 stw r10, (dtlb_miss_counter - PAGE_OFFSET)@l(0)
274 mfspr r10, SPRN_SPRG_SCRATCH2
275 mfspr r11, SPRN_M_TW
276 rfi
277#endif
278
279/* This is an instruction TLB error on the MPC8xx. This could be due
280 * to many reasons, such as executing guarded memory or illegal instruction
281 * addresses. There is nothing to do but handle a big time error fault.
282 */
283 START_EXCEPTION(INTERRUPT_INST_TLB_ERROR_8xx, InstructionTLBError)
284 /* 0x400 is InstructionAccess exception, needed by bad_page_fault() */
285 EXCEPTION_PROLOG INTERRUPT_INST_STORAGE InstructionTLBError
286 andis. r5,r9,DSISR_SRR1_MATCH_32S@h /* Filter relevant SRR1 bits */
287 andis. r10,r9,SRR1_ISI_NOPT@h
288 beq+ .Litlbie
289 tlbie r12
290.Litlbie:
291 stw r12, _DAR(r11)
292 stw r5, _DSISR(r11)
293 prepare_transfer_to_handler
294 bl do_page_fault
295 b interrupt_return
296
297/* This is the data TLB error on the MPC8xx. This could be due to
298 * many reasons, including a dirty update to a pte. We bail out to
299 * a higher level function that can handle it.
300 */
301 START_EXCEPTION(INTERRUPT_DATA_TLB_ERROR_8xx, DataTLBError)
302 EXCEPTION_PROLOG_0 handle_dar_dsisr=1
303 mfspr r11, SPRN_DAR
304 cmpwi cr1, r11, RPN_PATTERN
305 beq- cr1, FixupDAR /* must be a buggy dcbX, icbi insn. */
306DARFixed:/* Return from dcbx instruction bug workaround */
307 mfspr r11, SPRN_DSISR
308 rlwinm r11, r11, 0, DSISR_NOHPTE
309 cmpwi cr1, r11, 0
310 beq+ cr1, .Ldtlbie
311 mfspr r11, SPRN_DAR
312 tlbie r11
313 rlwinm r11, r11, 16, 0xffff
314 cmplwi cr1, r11, TASK_SIZE@h
315 bge- cr1, FixupPGD
316.Ldtlbie:
317 EXCEPTION_PROLOG_1
318 /* 0x300 is DataAccess exception, needed by bad_page_fault() */
319 EXCEPTION_PROLOG_2 INTERRUPT_DATA_STORAGE DataTLBError handle_dar_dsisr=1
320 prepare_transfer_to_handler
321 bl do_page_fault
322 b interrupt_return
323
324#ifdef CONFIG_VMAP_STACK
325 vmap_stack_overflow_exception
326#endif
327
328/* On the MPC8xx, these next four traps are used for development
329 * support of breakpoints and such. Someday I will get around to
330 * using them.
331 */
332 START_EXCEPTION(INTERRUPT_DATA_BREAKPOINT_8xx, DataBreakpoint)
333 EXCEPTION_PROLOG_0 handle_dar_dsisr=1
334 mfspr r11, SPRN_SRR0
335 cmplwi cr1, r11, (.Ldtlbie - PAGE_OFFSET)@l
336 cmplwi cr7, r11, (.Litlbie - PAGE_OFFSET)@l
337 cror 4*cr1+eq, 4*cr1+eq, 4*cr7+eq
338 bne cr1, 1f
339 mtcr r10
340 mfspr r10, SPRN_SPRG_SCRATCH0
341 mfspr r11, SPRN_SPRG_SCRATCH1
342 rfi
343
3441: EXCEPTION_PROLOG_1
345 EXCEPTION_PROLOG_2 INTERRUPT_DATA_BREAKPOINT_8xx DataBreakpoint handle_dar_dsisr=1
346 mfspr r4,SPRN_BAR
347 stw r4,_DAR(r11)
348 prepare_transfer_to_handler
349 bl do_break
350 REST_NVGPRS(r1)
351 b interrupt_return
352
353#ifdef CONFIG_PERF_EVENTS
354 START_EXCEPTION(INTERRUPT_INST_BREAKPOINT_8xx, InstructionBreakpoint)
355 mtspr SPRN_SPRG_SCRATCH0, r10
356 lwz r10, (instruction_counter - PAGE_OFFSET)@l(0)
357 addi r10, r10, -1
358 stw r10, (instruction_counter - PAGE_OFFSET)@l(0)
359 lis r10, 0xffff
360 ori r10, r10, 0x01
361 mtspr SPRN_COUNTA, r10
362 mfspr r10, SPRN_SPRG_SCRATCH0
363 rfi
364#else
365 EXCEPTION(INTERRUPT_INST_BREAKPOINT_8xx, Trap_1d, unknown_exception)
366#endif
367 EXCEPTION(0x1e00, Trap_1e, unknown_exception)
368 EXCEPTION(0x1f00, Trap_1f, unknown_exception)
369
370 __HEAD
371 . = 0x2000
372
373FixupPGD:
374 mtspr SPRN_M_TW, r10
375 mfspr r10, SPRN_DAR
376 mtspr SPRN_MD_EPN, r10
377 mfspr r11, SPRN_M_TWB /* Get level 1 table */
378 lwz r10, (swapper_pg_dir - PAGE_OFFSET)@l(r11) /* Get the level 1 entry */
379 cmpwi cr1, r10, 0
380 bne cr1, 1f
381
382 rlwinm r10, r11, 0, 20, 31
383 oris r10, r10, (swapper_pg_dir - PAGE_OFFSET)@ha
384 lwz r10, (swapper_pg_dir - PAGE_OFFSET)@l(r10) /* Get the level 1 entry */
385 cmpwi cr1, r10, 0
386 beq cr1, 1f
387 stw r10, (swapper_pg_dir - PAGE_OFFSET)@l(r11) /* Set the level 1 entry */
388 mfspr r10, SPRN_M_TW
389 mtcr r10
390 mfspr r10, SPRN_SPRG_SCRATCH0
391 mfspr r11, SPRN_SPRG_SCRATCH1
392 rfi
3931:
394 mfspr r10, SPRN_M_TW
395 b .Ldtlbie
396
397/* This is the procedure to calculate the data EA for buggy dcbx,dcbi instructions
398 * by decoding the registers used by the dcbx instruction and adding them.
399 * DAR is set to the calculated address.
400 */
401FixupDAR:/* Entry point for dcbx workaround. */
402 mtspr SPRN_M_TW, r10
403 /* fetch instruction from memory. */
404 mfspr r10, SPRN_SRR0
405 mtspr SPRN_MD_EPN, r10
406 rlwinm r11, r10, 16, 0xfff8
407 cmpli cr1, r11, TASK_SIZE@h
408 mfspr r11, SPRN_M_TWB /* Get level 1 table */
409 blt+ cr1, 3f
410
411 /* create physical page address from effective address */
412 tophys(r11, r10)
413 mfspr r11, SPRN_M_TWB /* Get level 1 table */
414 rlwinm r11, r11, 0, 20, 31
415 oris r11, r11, (swapper_pg_dir - PAGE_OFFSET)@ha
4163:
417 lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r11) /* Get the level 1 entry */
418 rlwinm r11, r11, 0, ~_PMD_PAGE_8M
419 mtspr SPRN_MD_TWC, r11
420 mfspr r11, SPRN_MD_TWC
421 lwz r11, 0(r11) /* Get the pte */
422 /* concat physical page address(r11) and page offset(r10) */
423 rlwimi r11, r10, 0, 32 - PAGE_SHIFT, 31
424 lwz r11,0(r11)
425/* Check if it really is a dcbx instruction. */
426/* dcbt and dcbtst does not generate DTLB Misses/Errors,
427 * no need to include them here */
428 xoris r10, r11, 0x7c00 /* check if major OP code is 31 */
429 rlwinm r10, r10, 0, 21, 5
430 cmpwi cr1, r10, 2028 /* Is dcbz? */
431 beq+ cr1, 142f
432 cmpwi cr1, r10, 940 /* Is dcbi? */
433 beq+ cr1, 142f
434 cmpwi cr1, r10, 108 /* Is dcbst? */
435 beq+ cr1, 144f /* Fix up store bit! */
436 cmpwi cr1, r10, 172 /* Is dcbf? */
437 beq+ cr1, 142f
438 cmpwi cr1, r10, 1964 /* Is icbi? */
439 beq+ cr1, 142f
440141: mfspr r10,SPRN_M_TW
441 b DARFixed /* Nope, go back to normal TLB processing */
442
443144: mfspr r10, SPRN_DSISR
444 rlwinm r10, r10,0,7,5 /* Clear store bit for buggy dcbst insn */
445 mtspr SPRN_DSISR, r10
446142: /* continue, it was a dcbx, dcbi instruction. */
447 mfctr r10
448 mtdar r10 /* save ctr reg in DAR */
449 rlwinm r10, r11, 24, 24, 28 /* offset into jump table for reg RB */
450 addi r10, r10, 150f@l /* add start of table */
451 mtctr r10 /* load ctr with jump address */
452 xor r10, r10, r10 /* sum starts at zero */
453 bctr /* jump into table */
454150:
455 add r10, r10, r0 ;b 151f
456 add r10, r10, r1 ;b 151f
457 add r10, r10, r2 ;b 151f
458 add r10, r10, r3 ;b 151f
459 add r10, r10, r4 ;b 151f
460 add r10, r10, r5 ;b 151f
461 add r10, r10, r6 ;b 151f
462 add r10, r10, r7 ;b 151f
463 add r10, r10, r8 ;b 151f
464 add r10, r10, r9 ;b 151f
465 mtctr r11 ;b 154f /* r10 needs special handling */
466 mtctr r11 ;b 153f /* r11 needs special handling */
467 add r10, r10, r12 ;b 151f
468 add r10, r10, r13 ;b 151f
469 add r10, r10, r14 ;b 151f
470 add r10, r10, r15 ;b 151f
471 add r10, r10, r16 ;b 151f
472 add r10, r10, r17 ;b 151f
473 add r10, r10, r18 ;b 151f
474 add r10, r10, r19 ;b 151f
475 add r10, r10, r20 ;b 151f
476 add r10, r10, r21 ;b 151f
477 add r10, r10, r22 ;b 151f
478 add r10, r10, r23 ;b 151f
479 add r10, r10, r24 ;b 151f
480 add r10, r10, r25 ;b 151f
481 add r10, r10, r26 ;b 151f
482 add r10, r10, r27 ;b 151f
483 add r10, r10, r28 ;b 151f
484 add r10, r10, r29 ;b 151f
485 add r10, r10, r30 ;b 151f
486 add r10, r10, r31
487151:
488 rlwinm r11,r11,19,24,28 /* offset into jump table for reg RA */
489 cmpwi cr1, r11, 0
490 beq cr1, 152f /* if reg RA is zero, don't add it */
491 addi r11, r11, 150b@l /* add start of table */
492 mtctr r11 /* load ctr with jump address */
493 rlwinm r11,r11,0,16,10 /* make sure we don't execute this more than once */
494 bctr /* jump into table */
495152:
496 mfdar r11
497 mtdar r10
498 mtctr r11 /* restore ctr reg from DAR */
499 mfspr r11, SPRN_SPRG_THREAD
500 stw r10, DAR(r11)
501 mfspr r10, SPRN_DSISR
502 stw r10, DSISR(r11)
503 mfspr r10,SPRN_M_TW
504 b DARFixed /* Go back to normal TLB handling */
505
506 /* special handling for r10,r11 since these are modified already */
507153: mfspr r11, SPRN_SPRG_SCRATCH1 /* load r11 from SPRN_SPRG_SCRATCH1 */
508 add r10, r10, r11 /* add it */
509 mfctr r11 /* restore r11 */
510 b 151b
511154: mfspr r11, SPRN_SPRG_SCRATCH0 /* load r10 from SPRN_SPRG_SCRATCH0 */
512 add r10, r10, r11 /* add it */
513 mfctr r11 /* restore r11 */
514 b 151b
515
516/*
517 * This is where the main kernel code starts.
518 */
519start_here:
520 /* ptr to current */
521 lis r2,init_task@h
522 ori r2,r2,init_task@l
523
524 /* ptr to phys current thread */
525 tophys(r4,r2)
526 addi r4,r4,THREAD /* init task's THREAD */
527 mtspr SPRN_SPRG_THREAD,r4
528
529 /* stack */
530 lis r1,init_thread_union@ha
531 addi r1,r1,init_thread_union@l
532 lis r0, STACK_END_MAGIC@h
533 ori r0, r0, STACK_END_MAGIC@l
534 stw r0, 0(r1)
535 li r0,0
536 stwu r0,THREAD_SIZE-STACK_FRAME_MIN_SIZE(r1)
537
538 lis r6, swapper_pg_dir@ha
539 tophys(r6,r6)
540 mtspr SPRN_M_TWB, r6
541
542 bl early_init /* We have to do this with MMU on */
543
544/*
545 * Decide what sort of machine this is and initialize the MMU.
546 */
547#ifdef CONFIG_KASAN
548 bl kasan_early_init
549#endif
550 li r3,0
551 mr r4,r31
552 bl machine_init
553 bl MMU_init
554
555/*
556 * Go back to running unmapped so we can load up new values
557 * and change to using our exception vectors.
558 * On the 8xx, all we have to do is invalidate the TLB to clear
559 * the old 8M byte TLB mappings and load the page table base register.
560 */
561 /* The right way to do this would be to track it down through
562 * init's THREAD like the context switch code does, but this is
563 * easier......until someone changes init's static structures.
564 */
565 lis r4,2f@h
566 ori r4,r4,2f@l
567 tophys(r4,r4)
568 li r3,MSR_KERNEL & ~(MSR_IR|MSR_DR)
569 mtspr SPRN_SRR0,r4
570 mtspr SPRN_SRR1,r3
571 rfi
572/* Load up the kernel context */
5732:
574#ifdef CONFIG_PIN_TLB_IMMR
575 lis r0, MD_TWAM@h
576 oris r0, r0, 0x1f00
577 mtspr SPRN_MD_CTR, r0
578 LOAD_REG_IMMEDIATE(r0, VIRT_IMMR_BASE | MD_EVALID)
579 tlbie r0
580 mtspr SPRN_MD_EPN, r0
581 LOAD_REG_IMMEDIATE(r0, MD_SVALID | MD_PS512K | MD_GUARDED)
582 mtspr SPRN_MD_TWC, r0
583 mfspr r0, SPRN_IMMR
584 rlwinm r0, r0, 0, 0xfff80000
585 ori r0, r0, 0xf0 | _PAGE_DIRTY | _PAGE_SPS | _PAGE_SH | \
586 _PAGE_NO_CACHE | _PAGE_PRESENT
587 mtspr SPRN_MD_RPN, r0
588 lis r0, (MD_TWAM | MD_RSV4I)@h
589 mtspr SPRN_MD_CTR, r0
590#endif
591#ifndef CONFIG_PIN_TLB_TEXT
592 li r0, 0
593 mtspr SPRN_MI_CTR, r0
594#endif
595#if !defined(CONFIG_PIN_TLB_DATA) && !defined(CONFIG_PIN_TLB_IMMR)
596 lis r0, MD_TWAM@h
597 mtspr SPRN_MD_CTR, r0
598#endif
599 tlbia /* Clear all TLB entries */
600 sync /* wait for tlbia/tlbie to finish */
601
602 /* set up the PTE pointers for the Abatron bdiGDB.
603 */
604 lis r5, abatron_pteptrs@h
605 ori r5, r5, abatron_pteptrs@l
606 stw r5, 0xf0(0) /* Must match your Abatron config file */
607 tophys(r5,r5)
608 lis r6, swapper_pg_dir@h
609 ori r6, r6, swapper_pg_dir@l
610 stw r6, 0(r5)
611
612/* Now turn on the MMU for real! */
613 li r4,MSR_KERNEL
614 lis r3,start_kernel@h
615 ori r3,r3,start_kernel@l
616 mtspr SPRN_SRR0,r3
617 mtspr SPRN_SRR1,r4
618 rfi /* enable MMU and jump to start_kernel */
619
620/* Set up the initial MMU state so we can do the first level of
621 * kernel initialization. This maps the first 8 MBytes of memory 1:1
622 * virtual to physical. Also, set the cache mode since that is defined
623 * by TLB entries and perform any additional mapping (like of the IMMR).
624 * If configured to pin some TLBs, we pin the first 8 Mbytes of kernel,
625 * 24 Mbytes of data, and the 512k IMMR space. Anything not covered by
626 * these mappings is mapped by page tables.
627 */
628SYM_FUNC_START_LOCAL(initial_mmu)
629 li r8, 0
630 mtspr SPRN_MI_CTR, r8 /* remove PINNED ITLB entries */
631 lis r10, MD_TWAM@h
632 mtspr SPRN_MD_CTR, r10 /* remove PINNED DTLB entries */
633
634 tlbia /* Invalidate all TLB entries */
635
636 lis r8, MI_APG_INIT@h /* Set protection modes */
637 ori r8, r8, MI_APG_INIT@l
638 mtspr SPRN_MI_AP, r8
639 lis r8, MD_APG_INIT@h
640 ori r8, r8, MD_APG_INIT@l
641 mtspr SPRN_MD_AP, r8
642
643 /* Map the lower RAM (up to 32 Mbytes) into the ITLB and DTLB */
644 lis r8, MI_RSV4I@h
645 ori r8, r8, 0x1c00
646 oris r12, r10, MD_RSV4I@h
647 ori r12, r12, 0x1c00
648 li r9, 4 /* up to 4 pages of 8M */
649 mtctr r9
650 lis r9, KERNELBASE@h /* Create vaddr for TLB */
651 li r10, MI_PS8MEG | _PMD_ACCESSED | MI_SVALID
652 li r11, MI_BOOTINIT /* Create RPN for address 0 */
6531:
654 mtspr SPRN_MI_CTR, r8 /* Set instruction MMU control */
655 addi r8, r8, 0x100
656 ori r0, r9, MI_EVALID /* Mark it valid */
657 mtspr SPRN_MI_EPN, r0
658 mtspr SPRN_MI_TWC, r10
659 mtspr SPRN_MI_RPN, r11 /* Store TLB entry */
660 mtspr SPRN_MD_CTR, r12
661 addi r12, r12, 0x100
662 mtspr SPRN_MD_EPN, r0
663 mtspr SPRN_MD_TWC, r10
664 mtspr SPRN_MD_RPN, r11
665 addis r9, r9, 0x80
666 addis r11, r11, 0x80
667
668 bdnz 1b
669
670 /* Since the cache is enabled according to the information we
671 * just loaded into the TLB, invalidate and enable the caches here.
672 * We should probably check/set other modes....later.
673 */
674 lis r8, IDC_INVALL@h
675 mtspr SPRN_IC_CST, r8
676 mtspr SPRN_DC_CST, r8
677 lis r8, IDC_ENABLE@h
678 mtspr SPRN_IC_CST, r8
679 mtspr SPRN_DC_CST, r8
680 /* Disable debug mode entry on breakpoints */
681 mfspr r8, SPRN_DER
682#ifdef CONFIG_PERF_EVENTS
683 rlwinm r8, r8, 0, ~0xc
684#else
685 rlwinm r8, r8, 0, ~0x8
686#endif
687 mtspr SPRN_DER, r8
688 blr
689SYM_FUNC_END(initial_mmu)
690
691#ifdef CONFIG_PIN_TLB
692_GLOBAL(mmu_pin_tlb)
693 lis r9, (1f - PAGE_OFFSET)@h
694 ori r9, r9, (1f - PAGE_OFFSET)@l
695 mfmsr r10
696 mflr r11
697 li r12, MSR_KERNEL & ~(MSR_IR | MSR_DR | MSR_RI)
698 rlwinm r0, r10, 0, ~MSR_RI
699 rlwinm r0, r0, 0, ~MSR_EE
700 mtmsr r0
701 isync
702 .align 4
703 mtspr SPRN_SRR0, r9
704 mtspr SPRN_SRR1, r12
705 rfi
7061:
707 li r5, 0
708 lis r6, MD_TWAM@h
709 mtspr SPRN_MI_CTR, r5
710 mtspr SPRN_MD_CTR, r6
711 tlbia
712
713#ifdef CONFIG_PIN_TLB_TEXT
714 LOAD_REG_IMMEDIATE(r5, 28 << 8)
715 LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET)
716 LOAD_REG_IMMEDIATE(r7, MI_SVALID | MI_PS8MEG | _PMD_ACCESSED)
717 LOAD_REG_IMMEDIATE(r8, 0xf0 | _PAGE_RO | _PAGE_SPS | _PAGE_SH | _PAGE_PRESENT)
718 LOAD_REG_ADDR(r9, _sinittext)
719 li r0, 4
720 mtctr r0
721
7222: ori r0, r6, MI_EVALID
723 mtspr SPRN_MI_CTR, r5
724 mtspr SPRN_MI_EPN, r0
725 mtspr SPRN_MI_TWC, r7
726 mtspr SPRN_MI_RPN, r8
727 addi r5, r5, 0x100
728 addis r6, r6, SZ_8M@h
729 addis r8, r8, SZ_8M@h
730 cmplw r6, r9
731 bdnzt lt, 2b
732 lis r0, MI_RSV4I@h
733 mtspr SPRN_MI_CTR, r0
734#endif
735
736 LOAD_REG_IMMEDIATE(r5, 28 << 8 | MD_TWAM)
737#ifdef CONFIG_PIN_TLB_DATA
738 LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET)
739 LOAD_REG_IMMEDIATE(r7, MI_SVALID | MI_PS8MEG | _PMD_ACCESSED)
740 li r8, 0
741#ifdef CONFIG_PIN_TLB_IMMR
742 li r0, 3
743#else
744 li r0, 4
745#endif
746 mtctr r0
747 cmpwi r4, 0
748 beq 4f
749 LOAD_REG_ADDR(r9, _sinittext)
750
7512: ori r0, r6, MD_EVALID
752 ori r12, r8, 0xf0 | _PAGE_RO | _PAGE_SPS | _PAGE_SH | _PAGE_PRESENT
753 mtspr SPRN_MD_CTR, r5
754 mtspr SPRN_MD_EPN, r0
755 mtspr SPRN_MD_TWC, r7
756 mtspr SPRN_MD_RPN, r12
757 addi r5, r5, 0x100
758 addis r6, r6, SZ_8M@h
759 addis r8, r8, SZ_8M@h
760 cmplw r6, r9
761 bdnzt lt, 2b
7624:
7632: ori r0, r6, MD_EVALID
764 ori r12, r8, 0xf0 | _PAGE_DIRTY | _PAGE_SPS | _PAGE_SH | _PAGE_PRESENT
765 mtspr SPRN_MD_CTR, r5
766 mtspr SPRN_MD_EPN, r0
767 mtspr SPRN_MD_TWC, r7
768 mtspr SPRN_MD_RPN, r12
769 addi r5, r5, 0x100
770 addis r6, r6, SZ_8M@h
771 addis r8, r8, SZ_8M@h
772 cmplw r6, r3
773 bdnzt lt, 2b
774#endif
775#ifdef CONFIG_PIN_TLB_IMMR
776 LOAD_REG_IMMEDIATE(r0, VIRT_IMMR_BASE | MD_EVALID)
777 LOAD_REG_IMMEDIATE(r7, MD_SVALID | MD_PS512K | MD_GUARDED | _PMD_ACCESSED)
778 mfspr r8, SPRN_IMMR
779 rlwinm r8, r8, 0, 0xfff80000
780 ori r8, r8, 0xf0 | _PAGE_DIRTY | _PAGE_SPS | _PAGE_SH | \
781 _PAGE_NO_CACHE | _PAGE_PRESENT
782 mtspr SPRN_MD_CTR, r5
783 mtspr SPRN_MD_EPN, r0
784 mtspr SPRN_MD_TWC, r7
785 mtspr SPRN_MD_RPN, r8
786#endif
787#if defined(CONFIG_PIN_TLB_IMMR) || defined(CONFIG_PIN_TLB_DATA)
788 lis r0, (MD_RSV4I | MD_TWAM)@h
789 mtspr SPRN_MD_CTR, r0
790#endif
791 mtspr SPRN_SRR1, r10
792 mtspr SPRN_SRR0, r11
793 rfi
794#endif