1/* SPDX-License-Identifier: GPL-2.0-only */ 2/* 3 * Exception handling for Microblaze 4 * 5 * Rewriten interrupt handling 6 * 7 * Copyright (C) 2008-2009 Michal Simek <monstr@monstr.eu> 8 * Copyright (C) 2008-2009 PetaLogix 9 * 10 * uClinux customisation (C) 2005 John Williams 11 * 12 * MMU code derived from arch/ppc/kernel/head_4xx.S: 13 * Copyright (C) 1995-1996 Gary Thomas <gdt@linuxppc.org> 14 * Initial PowerPC version. 15 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu> 16 * Rewritten for PReP 17 * Copyright (C) 1996 Paul Mackerras <paulus@cs.anu.edu.au> 18 * Low-level exception handers, MMU support, and rewrite. 19 * Copyright (C) 1997 Dan Malek <dmalek@jlc.net> 20 * PowerPC 8xx modifications. 21 * Copyright (C) 1998-1999 TiVo, Inc. 22 * PowerPC 403GCX modifications. 23 * Copyright (C) 1999 Grant Erickson <grant@lcse.umn.edu> 24 * PowerPC 403GCX/405GP modifications. 25 * Copyright 2000 MontaVista Software Inc. 26 * PPC405 modifications 27 * PowerPC 403GCX/405GP modifications. 28 * Author: MontaVista Software, Inc. 29 * frank_rowand@mvista.com or source@mvista.com 30 * debbie_chu@mvista.com 31 * 32 * Original code 33 * Copyright (C) 2004 Xilinx, Inc. 34 */ 35 36/* 37 * Here are the handlers which don't require enabling translation 38 * and calling other kernel code thus we can keep their design very simple 39 * and do all processing in real mode. All what they need is a valid current 40 * (that is an issue for the CONFIG_REGISTER_TASK_PTR case) 41 * This handlers use r3,r4,r5,r6 and optionally r[current] to work therefore 42 * these registers are saved/restored 43 * The handlers which require translation are in entry.S --KAA 44 * 45 * Microblaze HW Exception Handler 46 * - Non self-modifying exception handler for the following exception conditions 47 * - Unalignment 48 * - Instruction bus error 49 * - Data bus error 50 * - Illegal instruction opcode 51 * - Divide-by-zero 52 * 53 * - Privileged instruction exception (MMU) 54 * - Data storage exception (MMU) 55 * - Instruction storage exception (MMU) 56 * - Data TLB miss exception (MMU) 57 * - Instruction TLB miss exception (MMU) 58 * 59 * Note we disable interrupts during exception handling, otherwise we will 60 * possibly get multiple re-entrancy if interrupt handles themselves cause 61 * exceptions. JW 62 */ 63 64#include <asm/exceptions.h> 65#include <asm/unistd.h> 66#include <asm/page.h> 67 68#include <asm/entry.h> 69#include <asm/current.h> 70#include <linux/linkage.h> 71#include <linux/pgtable.h> 72 73#include <asm/mmu.h> 74#include <asm/signal.h> 75#include <asm/registers.h> 76#include <asm/asm-offsets.h> 77 78#undef DEBUG 79 80/* Helpful Macros */ 81#define NUM_TO_REG(num) r ## num 82 83 #define RESTORE_STATE \ 84 lwi r5, r1, 0; \ 85 mts rmsr, r5; \ 86 nop; \ 87 lwi r3, r1, PT_R3; \ 88 lwi r4, r1, PT_R4; \ 89 lwi r5, r1, PT_R5; \ 90 lwi r6, r1, PT_R6; \ 91 lwi r11, r1, PT_R11; \ 92 lwi r31, r1, PT_R31; \ 93 lwi r1, r1, PT_R1; 94 95#define LWREG_NOP \ 96 bri ex_handler_unhandled; \ 97 nop; 98 99#define SWREG_NOP \ 100 bri ex_handler_unhandled; \ 101 nop; 102 103/* r3 is the source */ 104#define R3_TO_LWREG_V(regnum) \ 105 swi r3, r1, 4 * regnum; \ 106 bri ex_handler_done; 107 108/* r3 is the source */ 109#define R3_TO_LWREG(regnum) \ 110 or NUM_TO_REG (regnum), r0, r3; \ 111 bri ex_handler_done; 112 113/* r3 is the target */ 114#define SWREG_TO_R3_V(regnum) \ 115 lwi r3, r1, 4 * regnum; \ 116 bri ex_sw_tail; 117 118/* r3 is the target */ 119#define SWREG_TO_R3(regnum) \ 120 or r3, r0, NUM_TO_REG (regnum); \ 121 bri ex_sw_tail; 122 123 #define R3_TO_LWREG_VM_V(regnum) \ 124 brid ex_lw_end_vm; \ 125 swi r3, r7, 4 * regnum; 126 127 #define R3_TO_LWREG_VM(regnum) \ 128 brid ex_lw_end_vm; \ 129 or NUM_TO_REG (regnum), r0, r3; 130 131 #define SWREG_TO_R3_VM_V(regnum) \ 132 brid ex_sw_tail_vm; \ 133 lwi r3, r7, 4 * regnum; 134 135 #define SWREG_TO_R3_VM(regnum) \ 136 brid ex_sw_tail_vm; \ 137 or r3, r0, NUM_TO_REG (regnum); 138 139 /* Shift right instruction depending on available configuration */ 140 #if CONFIG_XILINX_MICROBLAZE0_USE_BARREL == 0 141 /* Only the used shift constants defined here - add more if needed */ 142 #define BSRLI2(rD, rA) \ 143 srl rD, rA; /* << 1 */ \ 144 srl rD, rD; /* << 2 */ 145 #define BSRLI4(rD, rA) \ 146 BSRLI2(rD, rA); \ 147 BSRLI2(rD, rD) 148 #define BSRLI10(rD, rA) \ 149 srl rD, rA; /* << 1 */ \ 150 srl rD, rD; /* << 2 */ \ 151 srl rD, rD; /* << 3 */ \ 152 srl rD, rD; /* << 4 */ \ 153 srl rD, rD; /* << 5 */ \ 154 srl rD, rD; /* << 6 */ \ 155 srl rD, rD; /* << 7 */ \ 156 srl rD, rD; /* << 8 */ \ 157 srl rD, rD; /* << 9 */ \ 158 srl rD, rD /* << 10 */ 159 #define BSRLI20(rD, rA) \ 160 BSRLI10(rD, rA); \ 161 BSRLI10(rD, rD) 162 163 .macro bsrli, rD, rA, IMM 164 .if (\IMM) == 2 165 BSRLI2(\rD, \rA) 166 .elseif (\IMM) == 10 167 BSRLI10(\rD, \rA) 168 .elseif (\IMM) == 12 169 BSRLI2(\rD, \rA) 170 BSRLI10(\rD, \rD) 171 .elseif (\IMM) == 14 172 BSRLI4(\rD, \rA) 173 BSRLI10(\rD, \rD) 174 .elseif (\IMM) == 20 175 BSRLI20(\rD, \rA) 176 .elseif (\IMM) == 24 177 BSRLI4(\rD, \rA) 178 BSRLI20(\rD, \rD) 179 .elseif (\IMM) == 28 180 BSRLI4(\rD, \rA) 181 BSRLI4(\rD, \rD) 182 BSRLI20(\rD, \rD) 183 .else 184 .error "BSRLI shift macros \IMM" 185 .endif 186 .endm 187 #endif 188 189 190.extern other_exception_handler /* Defined in exception.c */ 191 192/* 193 * hw_exception_handler - Handler for exceptions 194 * 195 * Exception handler notes: 196 * - Handles all exceptions 197 * - Does not handle unaligned exceptions during load into r17, r1, r0. 198 * - Does not handle unaligned exceptions during store from r17 (cannot be 199 * done) and r1 (slows down common case) 200 * 201 * Relevant register structures 202 * 203 * EAR - |----|----|----|----|----|----|----|----| 204 * - < ## 32 bit faulting address ## > 205 * 206 * ESR - |----|----|----|----|----| - | - |-----|-----| 207 * - W S REG EXC 208 * 209 * 210 * STACK FRAME STRUCTURE (for CONFIG_MMU=n) 211 * ---------------------------------------- 212 * 213 * +-------------+ + 0 214 * | MSR | 215 * +-------------+ + 4 216 * | r1 | 217 * | . | 218 * | . | 219 * | . | 220 * | . | 221 * | r18 | 222 * +-------------+ + 76 223 * | . | 224 * | . | 225 * 226 * MMU kernel uses the same 'pt_pool_space' pointed space 227 * which is used for storing register values - noMMu style was, that values were 228 * stored in stack but in case of failure you lost information about register. 229 * Currently you can see register value in memory in specific place. 230 * In compare to with previous solution the speed should be the same. 231 * 232 * MMU exception handler has different handling compare to no MMU kernel. 233 * Exception handler use jump table for directing of what happen. For MMU kernel 234 * is this approach better because MMU relate exception are handled by asm code 235 * in this file. In compare to with MMU expect of unaligned exception 236 * is everything handled by C code. 237 */ 238 239/* 240 * every of these handlers is entered having R3/4/5/6/11/current saved on stack 241 * and clobbered so care should be taken to restore them if someone is going to 242 * return from exception 243 */ 244 245/* wrappers to restore state before coming to entry.S */ 246.section .data 247.align 4 248pt_pool_space: 249 .space PT_SIZE 250 251#ifdef DEBUG 252/* Create space for exception counting. */ 253.section .data 254.global exception_debug_table 255.align 4 256exception_debug_table: 257 /* Look at exception vector table. There is 32 exceptions * word size */ 258 .space (32 * 4) 259#endif /* DEBUG */ 260 261.section .rodata 262.align 4 263_MB_HW_ExceptionVectorTable: 264/* 0 - Undefined */ 265 .long TOPHYS(ex_handler_unhandled) 266/* 1 - Unaligned data access exception */ 267 .long TOPHYS(handle_unaligned_ex) 268/* 2 - Illegal op-code exception */ 269 .long TOPHYS(full_exception_trapw) 270/* 3 - Instruction bus error exception */ 271 .long TOPHYS(full_exception_trapw) 272/* 4 - Data bus error exception */ 273 .long TOPHYS(full_exception_trapw) 274/* 5 - Divide by zero exception */ 275 .long TOPHYS(full_exception_trapw) 276/* 6 - Floating point unit exception */ 277 .long TOPHYS(full_exception_trapw) 278/* 7 - Privileged instruction exception */ 279 .long TOPHYS(full_exception_trapw) 280/* 8 - 15 - Undefined */ 281 .long TOPHYS(ex_handler_unhandled) 282 .long TOPHYS(ex_handler_unhandled) 283 .long TOPHYS(ex_handler_unhandled) 284 .long TOPHYS(ex_handler_unhandled) 285 .long TOPHYS(ex_handler_unhandled) 286 .long TOPHYS(ex_handler_unhandled) 287 .long TOPHYS(ex_handler_unhandled) 288 .long TOPHYS(ex_handler_unhandled) 289/* 16 - Data storage exception */ 290 .long TOPHYS(handle_data_storage_exception) 291/* 17 - Instruction storage exception */ 292 .long TOPHYS(handle_instruction_storage_exception) 293/* 18 - Data TLB miss exception */ 294 .long TOPHYS(handle_data_tlb_miss_exception) 295/* 19 - Instruction TLB miss exception */ 296 .long TOPHYS(handle_instruction_tlb_miss_exception) 297/* 20 - 31 - Undefined */ 298 .long TOPHYS(ex_handler_unhandled) 299 .long TOPHYS(ex_handler_unhandled) 300 .long TOPHYS(ex_handler_unhandled) 301 .long TOPHYS(ex_handler_unhandled) 302 .long TOPHYS(ex_handler_unhandled) 303 .long TOPHYS(ex_handler_unhandled) 304 .long TOPHYS(ex_handler_unhandled) 305 .long TOPHYS(ex_handler_unhandled) 306 .long TOPHYS(ex_handler_unhandled) 307 .long TOPHYS(ex_handler_unhandled) 308 .long TOPHYS(ex_handler_unhandled) 309 .long TOPHYS(ex_handler_unhandled) 310 311.global _hw_exception_handler 312.section .text 313.align 4 314.ent _hw_exception_handler 315_hw_exception_handler: 316 swi r1, r0, TOPHYS(pt_pool_space + PT_R1); /* GET_SP */ 317 /* Save date to kernel memory. Here is the problem 318 * when you came from user space */ 319 ori r1, r0, TOPHYS(pt_pool_space); 320 swi r3, r1, PT_R3 321 swi r4, r1, PT_R4 322 swi r5, r1, PT_R5 323 swi r6, r1, PT_R6 324 325 swi r11, r1, PT_R11 326 swi r31, r1, PT_R31 327 lwi r31, r0, TOPHYS(PER_CPU(CURRENT_SAVE)) /* get saved current */ 328 329 mfs r5, rmsr; 330 nop 331 swi r5, r1, 0; 332 mfs r4, resr 333 nop 334 mfs r3, rear; 335 nop 336 337 andi r5, r4, 0x1F; /* Extract ESR[EXC] */ 338 339 /* Calculate exception vector offset = r5 << 2 */ 340 addk r6, r5, r5; /* << 1 */ 341 addk r6, r6, r6; /* << 2 */ 342 343#ifdef DEBUG 344/* counting which exception happen */ 345 lwi r5, r0, TOPHYS(exception_debug_table) 346 addi r5, r5, 1 347 swi r5, r0, TOPHYS(exception_debug_table) 348 lwi r5, r6, TOPHYS(exception_debug_table) 349 addi r5, r5, 1 350 swi r5, r6, TOPHYS(exception_debug_table) 351#endif 352/* end */ 353 /* Load the HW Exception vector */ 354 lwi r6, r6, TOPHYS(_MB_HW_ExceptionVectorTable) 355 bra r6 356 357full_exception_trapw: 358 RESTORE_STATE 359 bri full_exception_trap 360 361/* 0x01 - Unaligned data access exception 362 * This occurs when a word access is not aligned on a word boundary, 363 * or when a 16-bit access is not aligned on a 16-bit boundary. 364 * This handler perform the access, and returns, except for MMU when 365 * the unaligned address is last on a 4k page or the physical address is 366 * not found in the page table, in which case unaligned_data_trap is called. 367 */ 368handle_unaligned_ex: 369 /* Working registers already saved: R3, R4, R5, R6 370 * R4 = ESR 371 * R3 = EAR 372 */ 373 andi r6, r4, 0x1000 /* Check ESR[DS] */ 374 beqi r6, _no_delayslot /* Branch if ESR[DS] not set */ 375 mfs r17, rbtr; /* ESR[DS] set - return address in BTR */ 376 nop 377_no_delayslot: 378 /* jump to high level unaligned handler */ 379 RESTORE_STATE; 380 bri unaligned_data_trap 381 382 andi r6, r4, 0x3E0; /* Mask and extract the register operand */ 383 srl r6, r6; /* r6 >> 5 */ 384 srl r6, r6; 385 srl r6, r6; 386 srl r6, r6; 387 srl r6, r6; 388 /* Store the register operand in a temporary location */ 389 sbi r6, r0, TOPHYS(ex_reg_op); 390 391 andi r6, r4, 0x400; /* Extract ESR[S] */ 392 bnei r6, ex_sw; 393ex_lw: 394 andi r6, r4, 0x800; /* Extract ESR[W] */ 395 beqi r6, ex_lhw; 396 lbui r5, r3, 0; /* Exception address in r3 */ 397 /* Load a word, byte-by-byte from destination address 398 and save it in tmp space */ 399 sbi r5, r0, TOPHYS(ex_tmp_data_loc_0); 400 lbui r5, r3, 1; 401 sbi r5, r0, TOPHYS(ex_tmp_data_loc_1); 402 lbui r5, r3, 2; 403 sbi r5, r0, TOPHYS(ex_tmp_data_loc_2); 404 lbui r5, r3, 3; 405 sbi r5, r0, TOPHYS(ex_tmp_data_loc_3); 406 /* Get the destination register value into r4 */ 407 lwi r4, r0, TOPHYS(ex_tmp_data_loc_0); 408 bri ex_lw_tail; 409ex_lhw: 410 lbui r5, r3, 0; /* Exception address in r3 */ 411 /* Load a half-word, byte-by-byte from destination 412 address and save it in tmp space */ 413 sbi r5, r0, TOPHYS(ex_tmp_data_loc_0); 414 lbui r5, r3, 1; 415 sbi r5, r0, TOPHYS(ex_tmp_data_loc_1); 416 /* Get the destination register value into r4 */ 417 lhui r4, r0, TOPHYS(ex_tmp_data_loc_0); 418ex_lw_tail: 419 /* Get the destination register number into r5 */ 420 lbui r5, r0, TOPHYS(ex_reg_op); 421 /* Form load_word jump table offset (lw_table + (8 * regnum)) */ 422 addik r6, r0, TOPHYS(lw_table); 423 addk r5, r5, r5; 424 addk r5, r5, r5; 425 addk r5, r5, r5; 426 addk r5, r5, r6; 427 bra r5; 428ex_lw_end: /* Exception handling of load word, ends */ 429ex_sw: 430 /* Get the destination register number into r5 */ 431 lbui r5, r0, TOPHYS(ex_reg_op); 432 /* Form store_word jump table offset (sw_table + (8 * regnum)) */ 433 addik r6, r0, TOPHYS(sw_table); 434 add r5, r5, r5; 435 add r5, r5, r5; 436 add r5, r5, r5; 437 add r5, r5, r6; 438 bra r5; 439ex_sw_tail: 440 mfs r6, resr; 441 nop 442 andi r6, r6, 0x800; /* Extract ESR[W] */ 443 beqi r6, ex_shw; 444 /* Get the word - delay slot */ 445 swi r4, r0, TOPHYS(ex_tmp_data_loc_0); 446 /* Store the word, byte-by-byte into destination address */ 447 lbui r4, r0, TOPHYS(ex_tmp_data_loc_0); 448 sbi r4, r3, 0; 449 lbui r4, r0, TOPHYS(ex_tmp_data_loc_1); 450 sbi r4, r3, 1; 451 lbui r4, r0, TOPHYS(ex_tmp_data_loc_2); 452 sbi r4, r3, 2; 453 lbui r4, r0, TOPHYS(ex_tmp_data_loc_3); 454 sbi r4, r3, 3; 455 bri ex_handler_done; 456 457ex_shw: 458 /* Store the lower half-word, byte-by-byte into destination address */ 459 swi r4, r0, TOPHYS(ex_tmp_data_loc_0); 460 lbui r4, r0, TOPHYS(ex_tmp_data_loc_2); 461 sbi r4, r3, 0; 462 lbui r4, r0, TOPHYS(ex_tmp_data_loc_3); 463 sbi r4, r3, 1; 464ex_sw_end: /* Exception handling of store word, ends. */ 465 466ex_handler_done: 467 RESTORE_STATE; 468 rted r17, 0 469 nop 470 471 /* Exception vector entry code. This code runs with address translation 472 * turned off (i.e. using physical addresses). */ 473 474 /* Exception vectors. */ 475 476 /* 0x10 - Data Storage Exception 477 * This happens for just a few reasons. U0 set (but we don't do that), 478 * or zone protection fault (user violation, write to protected page). 479 * If this is just an update of modified status, we do that quickly 480 * and exit. Otherwise, we call heavyweight functions to do the work. 481 */ 482 handle_data_storage_exception: 483 /* Working registers already saved: R3, R4, R5, R6 484 * R3 = ESR 485 */ 486 mfs r11, rpid 487 nop 488 /* If we are faulting a kernel address, we have to use the 489 * kernel page tables. 490 */ 491 ori r5, r0, CONFIG_KERNEL_START 492 cmpu r5, r3, r5 493 bgti r5, ex3 494 /* First, check if it was a zone fault (which means a user 495 * tried to access a kernel or read-protected page - always 496 * a SEGV). All other faults here must be stores, so no 497 * need to check ESR_S as well. */ 498 andi r4, r4, ESR_DIZ /* ESR_Z - zone protection */ 499 bnei r4, ex2 500 501 ori r4, r0, swapper_pg_dir 502 mts rpid, r0 /* TLB will have 0 TID */ 503 nop 504 bri ex4 505 506 /* Get the PGD for the current thread. */ 507 ex3: 508 /* First, check if it was a zone fault (which means a user 509 * tried to access a kernel or read-protected page - always 510 * a SEGV). All other faults here must be stores, so no 511 * need to check ESR_S as well. */ 512 andi r4, r4, ESR_DIZ /* ESR_Z */ 513 bnei r4, ex2 514 /* get current task address */ 515 addi r4 ,CURRENT_TASK, TOPHYS(0); 516 lwi r4, r4, TASK_THREAD+PGDIR 517 ex4: 518 tophys(r4,r4) 519 /* Create L1 (pgdir/pmd) address */ 520 bsrli r5, r3, PGDIR_SHIFT - 2 521 andi r5, r5, PAGE_SIZE - 4 522/* Assume pgdir aligned on 4K boundary, no need for "andi r4,r4,0xfffff003" */ 523 or r4, r4, r5 524 lwi r4, r4, 0 /* Get L1 entry */ 525 andi r5, r4, PAGE_MASK /* Extract L2 (pte) base address */ 526 beqi r5, ex2 /* Bail if no table */ 527 528 tophys(r5,r5) 529 bsrli r6, r3, PTE_SHIFT /* Compute PTE address */ 530 andi r6, r6, PAGE_SIZE - 4 531 or r5, r5, r6 532 lwi r4, r5, 0 /* Get Linux PTE */ 533 534 andi r6, r4, _PAGE_RW /* Is it writeable? */ 535 beqi r6, ex2 /* Bail if not */ 536 537 /* Update 'changed' */ 538 ori r4, r4, _PAGE_DIRTY|_PAGE_ACCESSED|_PAGE_HWWRITE 539 swi r4, r5, 0 /* Update Linux page table */ 540 541 /* Most of the Linux PTE is ready to load into the TLB LO. 542 * We set ZSEL, where only the LS-bit determines user access. 543 * We set execute, because we don't have the granularity to 544 * properly set this at the page level (Linux problem). 545 * If shared is set, we cause a zero PID->TID load. 546 * Many of these bits are software only. Bits we don't set 547 * here we (properly should) assume have the appropriate value. 548 */ 549/* Ignore memory coherent, just LSB on ZSEL is used + EX/WR */ 550 andi r4, r4, PAGE_MASK | TLB_EX | TLB_WR | \ 551 TLB_ZSEL(1) | TLB_ATTR_MASK 552 ori r4, r4, _PAGE_HWEXEC /* make it executable */ 553 554 /* find the TLB index that caused the fault. It has to be here*/ 555 mts rtlbsx, r3 556 nop 557 mfs r5, rtlbx /* DEBUG: TBD */ 558 nop 559 mts rtlblo, r4 /* Load TLB LO */ 560 nop 561 /* Will sync shadow TLBs */ 562 563 /* Done...restore registers and get out of here. */ 564 mts rpid, r11 565 nop 566 bri 4 567 568 RESTORE_STATE; 569 rted r17, 0 570 nop 571 ex2: 572 /* The bailout. Restore registers to pre-exception conditions 573 * and call the heavyweights to help us out. */ 574 mts rpid, r11 575 nop 576 bri 4 577 RESTORE_STATE; 578 bri page_fault_data_trap 579 580 581 /* 0x11 - Instruction Storage Exception 582 * This is caused by a fetch from non-execute or guarded pages. */ 583 handle_instruction_storage_exception: 584 /* Working registers already saved: R3, R4, R5, R6 585 * R3 = ESR 586 */ 587 588 RESTORE_STATE; 589 bri page_fault_instr_trap 590 591 /* 0x12 - Data TLB Miss Exception 592 * As the name implies, translation is not in the MMU, so search the 593 * page tables and fix it. The only purpose of this function is to 594 * load TLB entries from the page table if they exist. 595 */ 596 handle_data_tlb_miss_exception: 597 /* Working registers already saved: R3, R4, R5, R6 598 * R3 = EAR, R4 = ESR 599 */ 600 mfs r11, rpid 601 nop 602 603 /* If we are faulting a kernel address, we have to use the 604 * kernel page tables. */ 605 ori r6, r0, CONFIG_KERNEL_START 606 cmpu r4, r3, r6 607 bgti r4, ex5 608 ori r4, r0, swapper_pg_dir 609 mts rpid, r0 /* TLB will have 0 TID */ 610 nop 611 bri ex6 612 613 /* Get the PGD for the current thread. */ 614 ex5: 615 /* get current task address */ 616 addi r4 ,CURRENT_TASK, TOPHYS(0); 617 lwi r4, r4, TASK_THREAD+PGDIR 618 ex6: 619 tophys(r4,r4) 620 /* Create L1 (pgdir/pmd) address */ 621 bsrli r5, r3, PGDIR_SHIFT - 2 622 andi r5, r5, PAGE_SIZE - 4 623/* Assume pgdir aligned on 4K boundary, no need for "andi r4,r4,0xfffff003" */ 624 or r4, r4, r5 625 lwi r4, r4, 0 /* Get L1 entry */ 626 andi r5, r4, PAGE_MASK /* Extract L2 (pte) base address */ 627 beqi r5, ex7 /* Bail if no table */ 628 629 tophys(r5,r5) 630 bsrli r6, r3, PTE_SHIFT /* Compute PTE address */ 631 andi r6, r6, PAGE_SIZE - 4 632 or r5, r5, r6 633 lwi r4, r5, 0 /* Get Linux PTE */ 634 635 andi r6, r4, _PAGE_PRESENT 636 beqi r6, ex7 637 638 ori r4, r4, _PAGE_ACCESSED 639 swi r4, r5, 0 640 641 /* Most of the Linux PTE is ready to load into the TLB LO. 642 * We set ZSEL, where only the LS-bit determines user access. 643 * We set execute, because we don't have the granularity to 644 * properly set this at the page level (Linux problem). 645 * If shared is set, we cause a zero PID->TID load. 646 * Many of these bits are software only. Bits we don't set 647 * here we (properly should) assume have the appropriate value. 648 */ 649 brid finish_tlb_load 650 andi r4, r4, PAGE_MASK | TLB_EX | TLB_WR | \ 651 TLB_ZSEL(1) | TLB_ATTR_MASK 652 ex7: 653 /* The bailout. Restore registers to pre-exception conditions 654 * and call the heavyweights to help us out. 655 */ 656 mts rpid, r11 657 nop 658 bri 4 659 RESTORE_STATE; 660 bri page_fault_data_trap 661 662 /* 0x13 - Instruction TLB Miss Exception 663 * Nearly the same as above, except we get our information from 664 * different registers and bailout to a different point. 665 */ 666 handle_instruction_tlb_miss_exception: 667 /* Working registers already saved: R3, R4, R5, R6 668 * R3 = ESR 669 */ 670 mfs r11, rpid 671 nop 672 673 /* If we are faulting a kernel address, we have to use the 674 * kernel page tables. 675 */ 676 ori r4, r0, CONFIG_KERNEL_START 677 cmpu r4, r3, r4 678 bgti r4, ex8 679 ori r4, r0, swapper_pg_dir 680 mts rpid, r0 /* TLB will have 0 TID */ 681 nop 682 bri ex9 683 684 /* Get the PGD for the current thread. */ 685 ex8: 686 /* get current task address */ 687 addi r4 ,CURRENT_TASK, TOPHYS(0); 688 lwi r4, r4, TASK_THREAD+PGDIR 689 ex9: 690 tophys(r4,r4) 691 /* Create L1 (pgdir/pmd) address */ 692 bsrli r5, r3, PGDIR_SHIFT - 2 693 andi r5, r5, PAGE_SIZE - 4 694/* Assume pgdir aligned on 4K boundary, no need for "andi r4,r4,0xfffff003" */ 695 or r4, r4, r5 696 lwi r4, r4, 0 /* Get L1 entry */ 697 andi r5, r4, PAGE_MASK /* Extract L2 (pte) base address */ 698 beqi r5, ex10 /* Bail if no table */ 699 700 tophys(r5,r5) 701 bsrli r6, r3, PTE_SHIFT /* Compute PTE address */ 702 andi r6, r6, PAGE_SIZE - 4 703 or r5, r5, r6 704 lwi r4, r5, 0 /* Get Linux PTE */ 705 706 andi r6, r4, _PAGE_PRESENT 707 beqi r6, ex10 708 709 ori r4, r4, _PAGE_ACCESSED 710 swi r4, r5, 0 711 712 /* Most of the Linux PTE is ready to load into the TLB LO. 713 * We set ZSEL, where only the LS-bit determines user access. 714 * We set execute, because we don't have the granularity to 715 * properly set this at the page level (Linux problem). 716 * If shared is set, we cause a zero PID->TID load. 717 * Many of these bits are software only. Bits we don't set 718 * here we (properly should) assume have the appropriate value. 719 */ 720 brid finish_tlb_load 721 andi r4, r4, PAGE_MASK | TLB_EX | TLB_WR | \ 722 TLB_ZSEL(1) | TLB_ATTR_MASK 723 ex10: 724 /* The bailout. Restore registers to pre-exception conditions 725 * and call the heavyweights to help us out. 726 */ 727 mts rpid, r11 728 nop 729 bri 4 730 RESTORE_STATE; 731 bri page_fault_instr_trap 732 733/* Both the instruction and data TLB miss get to this point to load the TLB. 734 * r3 - EA of fault 735 * r4 - TLB LO (info from Linux PTE) 736 * r5, r6 - available to use 737 * PID - loaded with proper value when we get here 738 * Upon exit, we reload everything and RFI. 739 * A common place to load the TLB. 740 */ 741.section .data 742.align 4 743.global tlb_skip 744 tlb_skip: 745 .long MICROBLAZE_TLB_SKIP 746 tlb_index: 747 /* MS: storing last used tlb index */ 748 .long MICROBLAZE_TLB_SIZE/2 749.previous 750 finish_tlb_load: 751 /* MS: load the last used TLB index. */ 752 lwi r5, r0, TOPHYS(tlb_index) 753 addik r5, r5, 1 /* MS: inc tlb_index -> use next one */ 754 755/* MS: FIXME this is potential fault, because this is mask not count */ 756 andi r5, r5, MICROBLAZE_TLB_SIZE - 1 757 ori r6, r0, 1 758 cmp r31, r5, r6 759 blti r31, ex12 760 lwi r5, r0, TOPHYS(tlb_skip) 761 ex12: 762 /* MS: save back current TLB index */ 763 swi r5, r0, TOPHYS(tlb_index) 764 765 ori r4, r4, _PAGE_HWEXEC /* make it executable */ 766 mts rtlbx, r5 /* MS: save current TLB */ 767 nop 768 mts rtlblo, r4 /* MS: save to TLB LO */ 769 nop 770 771 /* Create EPN. This is the faulting address plus a static 772 * set of bits. These are size, valid, E, U0, and ensure 773 * bits 20 and 21 are zero. 774 */ 775 andi r3, r3, PAGE_MASK 776 ori r3, r3, TLB_VALID | TLB_PAGESZ(PAGESZ_4K) 777 mts rtlbhi, r3 /* Load TLB HI */ 778 nop 779 780 /* Done...restore registers and get out of here. */ 781 mts rpid, r11 782 nop 783 bri 4 784 RESTORE_STATE; 785 rted r17, 0 786 nop 787 788 /* extern void giveup_fpu(struct task_struct *prev) 789 * 790 * The MicroBlaze processor may have an FPU, so this should not just 791 * return: TBD. 792 */ 793 .globl giveup_fpu; 794 .align 4; 795 giveup_fpu: 796 bralid r15,0 /* TBD */ 797 nop 798 799 /* At present, this routine just hangs. - extern void abort(void) */ 800 .globl abort; 801 .align 4; 802 abort: 803 br r0 804 805 .globl set_context; 806 .align 4; 807 set_context: 808 mts rpid, r5 /* Shadow TLBs are automatically */ 809 nop 810 bri 4 /* flushed by changing PID */ 811 rtsd r15,8 812 nop 813 814.end _hw_exception_handler 815 816/* Unaligned data access exception last on a 4k page for MMU. 817 * When this is called, we are in virtual mode with exceptions enabled 818 * and registers 1-13,15,17,18 saved. 819 * 820 * R3 = ESR 821 * R4 = EAR 822 * R7 = pointer to saved registers (struct pt_regs *regs) 823 * 824 * This handler perform the access, and returns via ret_from_exc. 825 */ 826.global _unaligned_data_exception 827.ent _unaligned_data_exception 828_unaligned_data_exception: 829 andi r8, r3, 0x3E0; /* Mask and extract the register operand */ 830 bsrli r8, r8, 2; /* r8 >> 2 = register operand * 8 */ 831 andi r6, r3, 0x400; /* Extract ESR[S] */ 832 bneid r6, ex_sw_vm; 833 andi r6, r3, 0x800; /* Extract ESR[W] - delay slot */ 834ex_lw_vm: 835 beqid r6, ex_lhw_vm; 836load1: lbui r5, r4, 0; /* Exception address in r4 - delay slot */ 837/* Load a word, byte-by-byte from destination address and save it in tmp space*/ 838 addik r6, r0, ex_tmp_data_loc_0; 839 sbi r5, r6, 0; 840load2: lbui r5, r4, 1; 841 sbi r5, r6, 1; 842load3: lbui r5, r4, 2; 843 sbi r5, r6, 2; 844load4: lbui r5, r4, 3; 845 sbi r5, r6, 3; 846 brid ex_lw_tail_vm; 847/* Get the destination register value into r3 - delay slot */ 848 lwi r3, r6, 0; 849ex_lhw_vm: 850 /* Load a half-word, byte-by-byte from destination address and 851 * save it in tmp space */ 852 addik r6, r0, ex_tmp_data_loc_0; 853 sbi r5, r6, 0; 854load5: lbui r5, r4, 1; 855 sbi r5, r6, 1; 856 lhui r3, r6, 0; /* Get the destination register value into r3 */ 857ex_lw_tail_vm: 858 /* Form load_word jump table offset (lw_table_vm + (8 * regnum)) */ 859 addik r5, r8, lw_table_vm; 860 bra r5; 861ex_lw_end_vm: /* Exception handling of load word, ends */ 862 brai ret_from_exc; 863ex_sw_vm: 864/* Form store_word jump table offset (sw_table_vm + (8 * regnum)) */ 865 addik r5, r8, sw_table_vm; 866 bra r5; 867ex_sw_tail_vm: 868 addik r5, r0, ex_tmp_data_loc_0; 869 beqid r6, ex_shw_vm; 870 swi r3, r5, 0; /* Get the word - delay slot */ 871 /* Store the word, byte-by-byte into destination address */ 872 lbui r3, r5, 0; 873store1: sbi r3, r4, 0; 874 lbui r3, r5, 1; 875store2: sbi r3, r4, 1; 876 lbui r3, r5, 2; 877store3: sbi r3, r4, 2; 878 lbui r3, r5, 3; 879 brid ret_from_exc; 880store4: sbi r3, r4, 3; /* Delay slot */ 881ex_shw_vm: 882 /* Store the lower half-word, byte-by-byte into destination address */ 883#ifdef __MICROBLAZEEL__ 884 lbui r3, r5, 0; 885store5: sbi r3, r4, 0; 886 lbui r3, r5, 1; 887 brid ret_from_exc; 888store6: sbi r3, r4, 1; /* Delay slot */ 889#else 890 lbui r3, r5, 2; 891store5: sbi r3, r4, 0; 892 lbui r3, r5, 3; 893 brid ret_from_exc; 894store6: sbi r3, r4, 1; /* Delay slot */ 895#endif 896 897ex_sw_end_vm: /* Exception handling of store word, ends. */ 898 899/* We have to prevent cases that get/put_user macros get unaligned pointer 900 * to bad page area. We have to find out which origin instruction caused it 901 * and called fixup for that origin instruction not instruction in unaligned 902 * handler */ 903ex_unaligned_fixup: 904 ori r5, r7, 0 /* setup pointer to pt_regs */ 905 lwi r6, r7, PT_PC; /* faulting address is one instruction above */ 906 addik r6, r6, -4 /* for finding proper fixup */ 907 swi r6, r7, PT_PC; /* a save back it to PT_PC */ 908 addik r7, r0, SIGSEGV 909 /* call bad_page_fault for finding aligned fixup, fixup address is saved 910 * in PT_PC which is used as return address from exception */ 911 addik r15, r0, ret_from_exc-8 /* setup return address */ 912 brid bad_page_fault 913 nop 914 915/* We prevent all load/store because it could failed any attempt to access */ 916.section __ex_table,"a"; 917 .word load1,ex_unaligned_fixup; 918 .word load2,ex_unaligned_fixup; 919 .word load3,ex_unaligned_fixup; 920 .word load4,ex_unaligned_fixup; 921 .word load5,ex_unaligned_fixup; 922 .word store1,ex_unaligned_fixup; 923 .word store2,ex_unaligned_fixup; 924 .word store3,ex_unaligned_fixup; 925 .word store4,ex_unaligned_fixup; 926 .word store5,ex_unaligned_fixup; 927 .word store6,ex_unaligned_fixup; 928.previous; 929.end _unaligned_data_exception 930 931.global ex_handler_unhandled 932ex_handler_unhandled: 933/* FIXME add handle function for unhandled exception - dump register */ 934 bri 0 935 936/* 937 * hw_exception_handler Jump Table 938 * - Contains code snippets for each register that caused the unalign exception 939 * - Hence exception handler is NOT self-modifying 940 * - Separate table for load exceptions and store exceptions. 941 * - Each table is of size: (8 * 32) = 256 bytes 942 */ 943 944.section .text 945.align 4 946lw_table: 947lw_r0: R3_TO_LWREG (0); 948lw_r1: LWREG_NOP; 949lw_r2: R3_TO_LWREG (2); 950lw_r3: R3_TO_LWREG_V (3); 951lw_r4: R3_TO_LWREG_V (4); 952lw_r5: R3_TO_LWREG_V (5); 953lw_r6: R3_TO_LWREG_V (6); 954lw_r7: R3_TO_LWREG (7); 955lw_r8: R3_TO_LWREG (8); 956lw_r9: R3_TO_LWREG (9); 957lw_r10: R3_TO_LWREG (10); 958lw_r11: R3_TO_LWREG (11); 959lw_r12: R3_TO_LWREG (12); 960lw_r13: R3_TO_LWREG (13); 961lw_r14: R3_TO_LWREG (14); 962lw_r15: R3_TO_LWREG (15); 963lw_r16: R3_TO_LWREG (16); 964lw_r17: LWREG_NOP; 965lw_r18: R3_TO_LWREG (18); 966lw_r19: R3_TO_LWREG (19); 967lw_r20: R3_TO_LWREG (20); 968lw_r21: R3_TO_LWREG (21); 969lw_r22: R3_TO_LWREG (22); 970lw_r23: R3_TO_LWREG (23); 971lw_r24: R3_TO_LWREG (24); 972lw_r25: R3_TO_LWREG (25); 973lw_r26: R3_TO_LWREG (26); 974lw_r27: R3_TO_LWREG (27); 975lw_r28: R3_TO_LWREG (28); 976lw_r29: R3_TO_LWREG (29); 977lw_r30: R3_TO_LWREG (30); 978lw_r31: R3_TO_LWREG_V (31); 979 980sw_table: 981sw_r0: SWREG_TO_R3 (0); 982sw_r1: SWREG_NOP; 983sw_r2: SWREG_TO_R3 (2); 984sw_r3: SWREG_TO_R3_V (3); 985sw_r4: SWREG_TO_R3_V (4); 986sw_r5: SWREG_TO_R3_V (5); 987sw_r6: SWREG_TO_R3_V (6); 988sw_r7: SWREG_TO_R3 (7); 989sw_r8: SWREG_TO_R3 (8); 990sw_r9: SWREG_TO_R3 (9); 991sw_r10: SWREG_TO_R3 (10); 992sw_r11: SWREG_TO_R3 (11); 993sw_r12: SWREG_TO_R3 (12); 994sw_r13: SWREG_TO_R3 (13); 995sw_r14: SWREG_TO_R3 (14); 996sw_r15: SWREG_TO_R3 (15); 997sw_r16: SWREG_TO_R3 (16); 998sw_r17: SWREG_NOP; 999sw_r18: SWREG_TO_R3 (18); 1000sw_r19: SWREG_TO_R3 (19); 1001sw_r20: SWREG_TO_R3 (20); 1002sw_r21: SWREG_TO_R3 (21); 1003sw_r22: SWREG_TO_R3 (22); 1004sw_r23: SWREG_TO_R3 (23); 1005sw_r24: SWREG_TO_R3 (24); 1006sw_r25: SWREG_TO_R3 (25); 1007sw_r26: SWREG_TO_R3 (26); 1008sw_r27: SWREG_TO_R3 (27); 1009sw_r28: SWREG_TO_R3 (28); 1010sw_r29: SWREG_TO_R3 (29); 1011sw_r30: SWREG_TO_R3 (30); 1012sw_r31: SWREG_TO_R3_V (31); 1013 1014lw_table_vm: 1015lw_r0_vm: R3_TO_LWREG_VM (0); 1016lw_r1_vm: R3_TO_LWREG_VM_V (1); 1017lw_r2_vm: R3_TO_LWREG_VM_V (2); 1018lw_r3_vm: R3_TO_LWREG_VM_V (3); 1019lw_r4_vm: R3_TO_LWREG_VM_V (4); 1020lw_r5_vm: R3_TO_LWREG_VM_V (5); 1021lw_r6_vm: R3_TO_LWREG_VM_V (6); 1022lw_r7_vm: R3_TO_LWREG_VM_V (7); 1023lw_r8_vm: R3_TO_LWREG_VM_V (8); 1024lw_r9_vm: R3_TO_LWREG_VM_V (9); 1025lw_r10_vm: R3_TO_LWREG_VM_V (10); 1026lw_r11_vm: R3_TO_LWREG_VM_V (11); 1027lw_r12_vm: R3_TO_LWREG_VM_V (12); 1028lw_r13_vm: R3_TO_LWREG_VM_V (13); 1029lw_r14_vm: R3_TO_LWREG_VM_V (14); 1030lw_r15_vm: R3_TO_LWREG_VM_V (15); 1031lw_r16_vm: R3_TO_LWREG_VM_V (16); 1032lw_r17_vm: R3_TO_LWREG_VM_V (17); 1033lw_r18_vm: R3_TO_LWREG_VM_V (18); 1034lw_r19_vm: R3_TO_LWREG_VM_V (19); 1035lw_r20_vm: R3_TO_LWREG_VM_V (20); 1036lw_r21_vm: R3_TO_LWREG_VM_V (21); 1037lw_r22_vm: R3_TO_LWREG_VM_V (22); 1038lw_r23_vm: R3_TO_LWREG_VM_V (23); 1039lw_r24_vm: R3_TO_LWREG_VM_V (24); 1040lw_r25_vm: R3_TO_LWREG_VM_V (25); 1041lw_r26_vm: R3_TO_LWREG_VM_V (26); 1042lw_r27_vm: R3_TO_LWREG_VM_V (27); 1043lw_r28_vm: R3_TO_LWREG_VM_V (28); 1044lw_r29_vm: R3_TO_LWREG_VM_V (29); 1045lw_r30_vm: R3_TO_LWREG_VM_V (30); 1046lw_r31_vm: R3_TO_LWREG_VM_V (31); 1047 1048sw_table_vm: 1049sw_r0_vm: SWREG_TO_R3_VM (0); 1050sw_r1_vm: SWREG_TO_R3_VM_V (1); 1051sw_r2_vm: SWREG_TO_R3_VM_V (2); 1052sw_r3_vm: SWREG_TO_R3_VM_V (3); 1053sw_r4_vm: SWREG_TO_R3_VM_V (4); 1054sw_r5_vm: SWREG_TO_R3_VM_V (5); 1055sw_r6_vm: SWREG_TO_R3_VM_V (6); 1056sw_r7_vm: SWREG_TO_R3_VM_V (7); 1057sw_r8_vm: SWREG_TO_R3_VM_V (8); 1058sw_r9_vm: SWREG_TO_R3_VM_V (9); 1059sw_r10_vm: SWREG_TO_R3_VM_V (10); 1060sw_r11_vm: SWREG_TO_R3_VM_V (11); 1061sw_r12_vm: SWREG_TO_R3_VM_V (12); 1062sw_r13_vm: SWREG_TO_R3_VM_V (13); 1063sw_r14_vm: SWREG_TO_R3_VM_V (14); 1064sw_r15_vm: SWREG_TO_R3_VM_V (15); 1065sw_r16_vm: SWREG_TO_R3_VM_V (16); 1066sw_r17_vm: SWREG_TO_R3_VM_V (17); 1067sw_r18_vm: SWREG_TO_R3_VM_V (18); 1068sw_r19_vm: SWREG_TO_R3_VM_V (19); 1069sw_r20_vm: SWREG_TO_R3_VM_V (20); 1070sw_r21_vm: SWREG_TO_R3_VM_V (21); 1071sw_r22_vm: SWREG_TO_R3_VM_V (22); 1072sw_r23_vm: SWREG_TO_R3_VM_V (23); 1073sw_r24_vm: SWREG_TO_R3_VM_V (24); 1074sw_r25_vm: SWREG_TO_R3_VM_V (25); 1075sw_r26_vm: SWREG_TO_R3_VM_V (26); 1076sw_r27_vm: SWREG_TO_R3_VM_V (27); 1077sw_r28_vm: SWREG_TO_R3_VM_V (28); 1078sw_r29_vm: SWREG_TO_R3_VM_V (29); 1079sw_r30_vm: SWREG_TO_R3_VM_V (30); 1080sw_r31_vm: SWREG_TO_R3_VM_V (31); 1081 1082/* Temporary data structures used in the handler */ 1083.section .data 1084.align 4 1085ex_tmp_data_loc_0: 1086 .byte 0 1087ex_tmp_data_loc_1: 1088 .byte 0 1089ex_tmp_data_loc_2: 1090 .byte 0 1091ex_tmp_data_loc_3: 1092 .byte 0 1093ex_reg_op: 1094 .byte 0 1095