1/* 2 * PowerPC version 3 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org) 4 * 5 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP 6 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu> 7 * Adapted for Power Macintosh by Paul Mackerras. 8 * Low-level exception handlers and MMU support 9 * rewritten by Paul Mackerras. 10 * Copyright (C) 1996 Paul Mackerras. 11 * MPC8xx modifications Copyright (C) 1997 Dan Malek (dmalek@jlc.net). 12 * Amiga/APUS changes by Jesper Skov (jskov@cygnus.co.uk). 13 * 14 * This file contains the low-level support and setup for the 15 * PowerPC platform, including trap and interrupt dispatch. 16 * (The PPC 8xx embedded CPUs use head_8xx.S instead.) 17 * 18 * This program is free software; you can redistribute it and/or 19 * modify it under the terms of the GNU General Public License 20 * as published by the Free Software Foundation; either version 21 * 2 of the License, or (at your option) any later version. 22 * 23 */ 24 25#include <asm/processor.h> 26#include <asm/page.h> 27#include <asm/mmu.h> 28#include <asm/pgtable.h> 29#include <asm/cputable.h> 30#include <asm/cache.h> 31#include <asm/thread_info.h> 32#include <asm/ppc_asm.h> 33#include <asm/asm-offsets.h> 34 35#ifdef CONFIG_APUS 36#include <asm/amigappc.h> 37#endif 38 39/* 601 only have IBAT; cr0.eq is set on 601 when using this macro */ 40#define LOAD_BAT(n, reg, RA, RB) \ 41 /* see the comment for clear_bats() -- Cort */ \ 42 li RA,0; \ 43 mtspr SPRN_IBAT##n##U,RA; \ 44 mtspr SPRN_DBAT##n##U,RA; \ 45 lwz RA,(n*16)+0(reg); \ 46 lwz RB,(n*16)+4(reg); \ 47 mtspr SPRN_IBAT##n##U,RA; \ 48 mtspr SPRN_IBAT##n##L,RB; \ 49 beq 1f; \ 50 lwz RA,(n*16)+8(reg); \ 51 lwz RB,(n*16)+12(reg); \ 52 mtspr SPRN_DBAT##n##U,RA; \ 53 mtspr SPRN_DBAT##n##L,RB; \ 541: 55 56 .text 57 .stabs "arch/ppc/kernel/",N_SO,0,0,0f 58 .stabs "head.S",N_SO,0,0,0f 590: 60 .globl _stext 61_stext: 62 63/* 64 * _start is defined this way because the XCOFF loader in the OpenFirmware 65 * on the powermac expects the entry point to be a procedure descriptor. 66 */ 67 .text 68 .globl _start 69_start: 70 /* 71 * These are here for legacy reasons, the kernel used to 72 * need to look like a coff function entry for the pmac 73 * but we're always started by some kind of bootloader now. 74 * -- Cort 75 */ 76 nop /* used by __secondary_hold on prep (mtx) and chrp smp */ 77 nop /* used by __secondary_hold on prep (mtx) and chrp smp */ 78 nop 79 80/* PMAC 81 * Enter here with the kernel text, data and bss loaded starting at 82 * 0, running with virtual == physical mapping. 83 * r5 points to the prom entry point (the client interface handler 84 * address). Address translation is turned on, with the prom 85 * managing the hash table. Interrupts are disabled. The stack 86 * pointer (r1) points to just below the end of the half-meg region 87 * from 0x380000 - 0x400000, which is mapped in already. 88 * 89 * If we are booted from MacOS via BootX, we enter with the kernel 90 * image loaded somewhere, and the following values in registers: 91 * r3: 'BooX' (0x426f6f58) 92 * r4: virtual address of boot_infos_t 93 * r5: 0 94 * 95 * APUS 96 * r3: 'APUS' 97 * r4: physical address of memory base 98 * Linux/m68k style BootInfo structure at &_end. 99 * 100 * PREP 101 * This is jumped to on prep systems right after the kernel is relocated 102 * to its proper place in memory by the boot loader. The expected layout 103 * of the regs is: 104 * r3: ptr to residual data 105 * r4: initrd_start or if no initrd then 0 106 * r5: initrd_end - unused if r4 is 0 107 * r6: Start of command line string 108 * r7: End of command line string 109 * 110 * This just gets a minimal mmu environment setup so we can call 111 * start_here() to do the real work. 112 * -- Cort 113 */ 114 115 .globl __start 116__start: 117 mr r31,r3 /* save parameters */ 118 mr r30,r4 119 mr r29,r5 120 mr r28,r6 121 mr r27,r7 122 li r24,0 /* cpu # */ 123 124/* 125 * early_init() does the early machine identification and does 126 * the necessary low-level setup and clears the BSS 127 * -- Cort <cort@fsmlabs.com> 128 */ 129 bl early_init 130 131#ifdef CONFIG_APUS 132/* On APUS the __va/__pa constants need to be set to the correct 133 * values before continuing. 134 */ 135 mr r4,r30 136 bl fix_mem_constants 137#endif /* CONFIG_APUS */ 138 139/* Switch MMU off, clear BATs and flush TLB. At this point, r3 contains 140 * the physical address we are running at, returned by early_init() 141 */ 142 bl mmu_off 143__after_mmu_off: 144 bl clear_bats 145 bl flush_tlbs 146 147 bl initial_bats 148#if !defined(CONFIG_APUS) && defined(CONFIG_BOOTX_TEXT) 149 bl setup_disp_bat 150#endif 151 152/* 153 * Call setup_cpu for CPU 0 and initialize 6xx Idle 154 */ 155 bl reloc_offset 156 li r24,0 /* cpu# */ 157 bl call_setup_cpu /* Call setup_cpu for this CPU */ 158#ifdef CONFIG_6xx 159 bl reloc_offset 160 bl init_idle_6xx 161#endif /* CONFIG_6xx */ 162 163 164#ifndef CONFIG_APUS 165/* 166 * We need to run with _start at physical address 0. 167 * If the MMU is already turned on, we copy stuff to KERNELBASE, 168 * otherwise we copy it to 0. 169 */ 170 bl reloc_offset 171 mr r26,r3 172 addis r4,r3,KERNELBASE@h /* current address of _start */ 173 cmpwi 0,r4,0 /* are we already running at 0? */ 174 bne relocate_kernel 175#endif /* CONFIG_APUS */ 176/* 177 * we now have the 1st 16M of ram mapped with the bats. 178 * prep needs the mmu to be turned on here, but pmac already has it on. 179 * this shouldn't bother the pmac since it just gets turned on again 180 * as we jump to our code at KERNELBASE. -- Cort 181 * Actually no, pmac doesn't have it on any more. BootX enters with MMU 182 * off, and in other cases, we now turn it off before changing BATs above. 183 */ 184turn_on_mmu: 185 mfmsr r0 186 ori r0,r0,MSR_DR|MSR_IR 187 mtspr SPRN_SRR1,r0 188 lis r0,start_here@h 189 ori r0,r0,start_here@l 190 mtspr SPRN_SRR0,r0 191 SYNC 192 RFI /* enables MMU */ 193 194/* 195 * We need __secondary_hold as a place to hold the other cpus on 196 * an SMP machine, even when we are running a UP kernel. 197 */ 198 . = 0xc0 /* for prep bootloader */ 199 li r3,1 /* MTX only has 1 cpu */ 200 .globl __secondary_hold 201__secondary_hold: 202 /* tell the master we're here */ 203 stw r3,4(0) 204#ifdef CONFIG_SMP 205100: lwz r4,0(0) 206 /* wait until we're told to start */ 207 cmpw 0,r4,r3 208 bne 100b 209 /* our cpu # was at addr 0 - go */ 210 mr r24,r3 /* cpu # */ 211 b __secondary_start 212#else 213 b . 214#endif /* CONFIG_SMP */ 215 216/* 217 * Exception entry code. This code runs with address translation 218 * turned off, i.e. using physical addresses. 219 * We assume sprg3 has the physical address of the current 220 * task's thread_struct. 221 */ 222#define EXCEPTION_PROLOG \ 223 mtspr SPRN_SPRG0,r10; \ 224 mtspr SPRN_SPRG1,r11; \ 225 mfcr r10; \ 226 EXCEPTION_PROLOG_1; \ 227 EXCEPTION_PROLOG_2 228 229#define EXCEPTION_PROLOG_1 \ 230 mfspr r11,SPRN_SRR1; /* check whether user or kernel */ \ 231 andi. r11,r11,MSR_PR; \ 232 tophys(r11,r1); /* use tophys(r1) if kernel */ \ 233 beq 1f; \ 234 mfspr r11,SPRN_SPRG3; \ 235 lwz r11,THREAD_INFO-THREAD(r11); \ 236 addi r11,r11,THREAD_SIZE; \ 237 tophys(r11,r11); \ 2381: subi r11,r11,INT_FRAME_SIZE /* alloc exc. frame */ 239 240 241#define EXCEPTION_PROLOG_2 \ 242 CLR_TOP32(r11); \ 243 stw r10,_CCR(r11); /* save registers */ \ 244 stw r12,GPR12(r11); \ 245 stw r9,GPR9(r11); \ 246 mfspr r10,SPRN_SPRG0; \ 247 stw r10,GPR10(r11); \ 248 mfspr r12,SPRN_SPRG1; \ 249 stw r12,GPR11(r11); \ 250 mflr r10; \ 251 stw r10,_LINK(r11); \ 252 mfspr r12,SPRN_SRR0; \ 253 mfspr r9,SPRN_SRR1; \ 254 stw r1,GPR1(r11); \ 255 stw r1,0(r11); \ 256 tovirt(r1,r11); /* set new kernel sp */ \ 257 li r10,MSR_KERNEL & ~(MSR_IR|MSR_DR); /* can take exceptions */ \ 258 MTMSRD(r10); /* (except for mach check in rtas) */ \ 259 stw r0,GPR0(r11); \ 260 SAVE_4GPRS(3, r11); \ 261 SAVE_2GPRS(7, r11) 262 263/* 264 * Note: code which follows this uses cr0.eq (set if from kernel), 265 * r11, r12 (SRR0), and r9 (SRR1). 266 * 267 * Note2: once we have set r1 we are in a position to take exceptions 268 * again, and we could thus set MSR:RI at that point. 269 */ 270 271/* 272 * Exception vectors. 273 */ 274#define EXCEPTION(n, label, hdlr, xfer) \ 275 . = n; \ 276label: \ 277 EXCEPTION_PROLOG; \ 278 addi r3,r1,STACK_FRAME_OVERHEAD; \ 279 xfer(n, hdlr) 280 281#define EXC_XFER_TEMPLATE(n, hdlr, trap, copyee, tfer, ret) \ 282 li r10,trap; \ 283 stw r10,TRAP(r11); \ 284 li r10,MSR_KERNEL; \ 285 copyee(r10, r9); \ 286 bl tfer; \ 287i##n: \ 288 .long hdlr; \ 289 .long ret 290 291#define COPY_EE(d, s) rlwimi d,s,0,16,16 292#define NOCOPY(d, s) 293 294#define EXC_XFER_STD(n, hdlr) \ 295 EXC_XFER_TEMPLATE(n, hdlr, n, NOCOPY, transfer_to_handler_full, \ 296 ret_from_except_full) 297 298#define EXC_XFER_LITE(n, hdlr) \ 299 EXC_XFER_TEMPLATE(n, hdlr, n+1, NOCOPY, transfer_to_handler, \ 300 ret_from_except) 301 302#define EXC_XFER_EE(n, hdlr) \ 303 EXC_XFER_TEMPLATE(n, hdlr, n, COPY_EE, transfer_to_handler_full, \ 304 ret_from_except_full) 305 306#define EXC_XFER_EE_LITE(n, hdlr) \ 307 EXC_XFER_TEMPLATE(n, hdlr, n+1, COPY_EE, transfer_to_handler, \ 308 ret_from_except) 309 310/* System reset */ 311/* core99 pmac starts the seconary here by changing the vector, and 312 putting it back to what it was (unknown_exception) when done. */ 313 EXCEPTION(0x100, Reset, unknown_exception, EXC_XFER_STD) 314 315/* Machine check */ 316 . = 0x200 317 mtspr SPRN_SPRG0,r10 318 mtspr SPRN_SPRG1,r11 319 mfcr r10 320 EXCEPTION_PROLOG_1 3217: EXCEPTION_PROLOG_2 322 addi r3,r1,STACK_FRAME_OVERHEAD 323 EXC_XFER_STD(0x200, machine_check_exception) 324 325/* Data access exception. */ 326 . = 0x300 327DataAccess: 328 EXCEPTION_PROLOG 329 mfspr r10,SPRN_DSISR 330 andis. r0,r10,0xa470 /* weird error? */ 331 bne 1f /* if not, try to put a PTE */ 332 mfspr r4,SPRN_DAR /* into the hash table */ 333 rlwinm r3,r10,32-15,21,21 /* DSISR_STORE -> _PAGE_RW */ 334 bl hash_page 3351: stw r10,_DSISR(r11) 336 mr r5,r10 337 mfspr r4,SPRN_DAR 338 EXC_XFER_EE_LITE(0x300, handle_page_fault) 339 340/* Instruction access exception. */ 341 . = 0x400 342InstructionAccess: 343 EXCEPTION_PROLOG 344 andis. r0,r9,0x4000 /* no pte found? */ 345 beq 1f /* if so, try to put a PTE */ 346 li r3,0 /* into the hash table */ 347 mr r4,r12 /* SRR0 is fault address */ 348 bl hash_page 3491: mr r4,r12 350 mr r5,r9 351 EXC_XFER_EE_LITE(0x400, handle_page_fault) 352 353/* External interrupt */ 354 EXCEPTION(0x500, HardwareInterrupt, do_IRQ, EXC_XFER_LITE) 355 356/* Alignment exception */ 357 . = 0x600 358Alignment: 359 EXCEPTION_PROLOG 360 mfspr r4,SPRN_DAR 361 stw r4,_DAR(r11) 362 mfspr r5,SPRN_DSISR 363 stw r5,_DSISR(r11) 364 addi r3,r1,STACK_FRAME_OVERHEAD 365 EXC_XFER_EE(0x600, alignment_exception) 366 367/* Program check exception */ 368 EXCEPTION(0x700, ProgramCheck, program_check_exception, EXC_XFER_STD) 369 370/* Floating-point unavailable */ 371 . = 0x800 372FPUnavailable: 373 EXCEPTION_PROLOG 374 bne load_up_fpu /* if from user, just load it up */ 375 addi r3,r1,STACK_FRAME_OVERHEAD 376 EXC_XFER_EE_LITE(0x800, kernel_fp_unavailable_exception) 377 378/* Decrementer */ 379 EXCEPTION(0x900, Decrementer, timer_interrupt, EXC_XFER_LITE) 380 381 EXCEPTION(0xa00, Trap_0a, unknown_exception, EXC_XFER_EE) 382 EXCEPTION(0xb00, Trap_0b, unknown_exception, EXC_XFER_EE) 383 384/* System call */ 385 . = 0xc00 386SystemCall: 387 EXCEPTION_PROLOG 388 EXC_XFER_EE_LITE(0xc00, DoSyscall) 389 390/* Single step - not used on 601 */ 391 EXCEPTION(0xd00, SingleStep, single_step_exception, EXC_XFER_STD) 392 EXCEPTION(0xe00, Trap_0e, unknown_exception, EXC_XFER_EE) 393 394/* 395 * The Altivec unavailable trap is at 0x0f20. Foo. 396 * We effectively remap it to 0x3000. 397 * We include an altivec unavailable exception vector even if 398 * not configured for Altivec, so that you can't panic a 399 * non-altivec kernel running on a machine with altivec just 400 * by executing an altivec instruction. 401 */ 402 . = 0xf00 403 b Trap_0f 404 405 . = 0xf20 406 b AltiVecUnavailable 407 408Trap_0f: 409 EXCEPTION_PROLOG 410 addi r3,r1,STACK_FRAME_OVERHEAD 411 EXC_XFER_EE(0xf00, unknown_exception) 412 413/* 414 * Handle TLB miss for instruction on 603/603e. 415 * Note: we get an alternate set of r0 - r3 to use automatically. 416 */ 417 . = 0x1000 418InstructionTLBMiss: 419/* 420 * r0: stored ctr 421 * r1: linux style pte ( later becomes ppc hardware pte ) 422 * r2: ptr to linux-style pte 423 * r3: scratch 424 */ 425 mfctr r0 426 /* Get PTE (linux-style) and check access */ 427 mfspr r3,SPRN_IMISS 428 lis r1,KERNELBASE@h /* check if kernel address */ 429 cmplw 0,r3,r1 430 mfspr r2,SPRN_SPRG3 431 li r1,_PAGE_USER|_PAGE_PRESENT /* low addresses tested as user */ 432 lwz r2,PGDIR(r2) 433 blt+ 112f 434 lis r2,swapper_pg_dir@ha /* if kernel address, use */ 435 addi r2,r2,swapper_pg_dir@l /* kernel page table */ 436 mfspr r1,SPRN_SRR1 /* and MSR_PR bit from SRR1 */ 437 rlwinm r1,r1,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */ 438112: tophys(r2,r2) 439 rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */ 440 lwz r2,0(r2) /* get pmd entry */ 441 rlwinm. r2,r2,0,0,19 /* extract address of pte page */ 442 beq- InstructionAddressInvalid /* return if no mapping */ 443 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */ 444 lwz r3,0(r2) /* get linux-style pte */ 445 andc. r1,r1,r3 /* check access & ~permission */ 446 bne- InstructionAddressInvalid /* return if access not permitted */ 447 ori r3,r3,_PAGE_ACCESSED /* set _PAGE_ACCESSED in pte */ 448 /* 449 * NOTE! We are assuming this is not an SMP system, otherwise 450 * we would need to update the pte atomically with lwarx/stwcx. 451 */ 452 stw r3,0(r2) /* update PTE (accessed bit) */ 453 /* Convert linux-style PTE to low word of PPC-style PTE */ 454 rlwinm r1,r3,32-10,31,31 /* _PAGE_RW -> PP lsb */ 455 rlwinm r2,r3,32-7,31,31 /* _PAGE_DIRTY -> PP lsb */ 456 and r1,r1,r2 /* writable if _RW and _DIRTY */ 457 rlwimi r3,r3,32-1,30,30 /* _PAGE_USER -> PP msb */ 458 rlwimi r3,r3,32-1,31,31 /* _PAGE_USER -> PP lsb */ 459 ori r1,r1,0xe14 /* clear out reserved bits and M */ 460 andc r1,r3,r1 /* PP = user? (rw&dirty? 2: 3): 0 */ 461 mtspr SPRN_RPA,r1 462 mfspr r3,SPRN_IMISS 463 tlbli r3 464 mfspr r3,SPRN_SRR1 /* Need to restore CR0 */ 465 mtcrf 0x80,r3 466 rfi 467InstructionAddressInvalid: 468 mfspr r3,SPRN_SRR1 469 rlwinm r1,r3,9,6,6 /* Get load/store bit */ 470 471 addis r1,r1,0x2000 472 mtspr SPRN_DSISR,r1 /* (shouldn't be needed) */ 473 mtctr r0 /* Restore CTR */ 474 andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */ 475 or r2,r2,r1 476 mtspr SPRN_SRR1,r2 477 mfspr r1,SPRN_IMISS /* Get failing address */ 478 rlwinm. r2,r2,0,31,31 /* Check for little endian access */ 479 rlwimi r2,r2,1,30,30 /* change 1 -> 3 */ 480 xor r1,r1,r2 481 mtspr SPRN_DAR,r1 /* Set fault address */ 482 mfmsr r0 /* Restore "normal" registers */ 483 xoris r0,r0,MSR_TGPR>>16 484 mtcrf 0x80,r3 /* Restore CR0 */ 485 mtmsr r0 486 b InstructionAccess 487 488/* 489 * Handle TLB miss for DATA Load operation on 603/603e 490 */ 491 . = 0x1100 492DataLoadTLBMiss: 493/* 494 * r0: stored ctr 495 * r1: linux style pte ( later becomes ppc hardware pte ) 496 * r2: ptr to linux-style pte 497 * r3: scratch 498 */ 499 mfctr r0 500 /* Get PTE (linux-style) and check access */ 501 mfspr r3,SPRN_DMISS 502 lis r1,KERNELBASE@h /* check if kernel address */ 503 cmplw 0,r3,r1 504 mfspr r2,SPRN_SPRG3 505 li r1,_PAGE_USER|_PAGE_PRESENT /* low addresses tested as user */ 506 lwz r2,PGDIR(r2) 507 blt+ 112f 508 lis r2,swapper_pg_dir@ha /* if kernel address, use */ 509 addi r2,r2,swapper_pg_dir@l /* kernel page table */ 510 mfspr r1,SPRN_SRR1 /* and MSR_PR bit from SRR1 */ 511 rlwinm r1,r1,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */ 512112: tophys(r2,r2) 513 rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */ 514 lwz r2,0(r2) /* get pmd entry */ 515 rlwinm. r2,r2,0,0,19 /* extract address of pte page */ 516 beq- DataAddressInvalid /* return if no mapping */ 517 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */ 518 lwz r3,0(r2) /* get linux-style pte */ 519 andc. r1,r1,r3 /* check access & ~permission */ 520 bne- DataAddressInvalid /* return if access not permitted */ 521 ori r3,r3,_PAGE_ACCESSED /* set _PAGE_ACCESSED in pte */ 522 /* 523 * NOTE! We are assuming this is not an SMP system, otherwise 524 * we would need to update the pte atomically with lwarx/stwcx. 525 */ 526 stw r3,0(r2) /* update PTE (accessed bit) */ 527 /* Convert linux-style PTE to low word of PPC-style PTE */ 528 rlwinm r1,r3,32-10,31,31 /* _PAGE_RW -> PP lsb */ 529 rlwinm r2,r3,32-7,31,31 /* _PAGE_DIRTY -> PP lsb */ 530 and r1,r1,r2 /* writable if _RW and _DIRTY */ 531 rlwimi r3,r3,32-1,30,30 /* _PAGE_USER -> PP msb */ 532 rlwimi r3,r3,32-1,31,31 /* _PAGE_USER -> PP lsb */ 533 ori r1,r1,0xe14 /* clear out reserved bits and M */ 534 andc r1,r3,r1 /* PP = user? (rw&dirty? 2: 3): 0 */ 535 mtspr SPRN_RPA,r1 536 mfspr r3,SPRN_DMISS 537 tlbld r3 538 mfspr r3,SPRN_SRR1 /* Need to restore CR0 */ 539 mtcrf 0x80,r3 540 rfi 541DataAddressInvalid: 542 mfspr r3,SPRN_SRR1 543 rlwinm r1,r3,9,6,6 /* Get load/store bit */ 544 addis r1,r1,0x2000 545 mtspr SPRN_DSISR,r1 546 mtctr r0 /* Restore CTR */ 547 andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */ 548 mtspr SPRN_SRR1,r2 549 mfspr r1,SPRN_DMISS /* Get failing address */ 550 rlwinm. r2,r2,0,31,31 /* Check for little endian access */ 551 beq 20f /* Jump if big endian */ 552 xori r1,r1,3 55320: mtspr SPRN_DAR,r1 /* Set fault address */ 554 mfmsr r0 /* Restore "normal" registers */ 555 xoris r0,r0,MSR_TGPR>>16 556 mtcrf 0x80,r3 /* Restore CR0 */ 557 mtmsr r0 558 b DataAccess 559 560/* 561 * Handle TLB miss for DATA Store on 603/603e 562 */ 563 . = 0x1200 564DataStoreTLBMiss: 565/* 566 * r0: stored ctr 567 * r1: linux style pte ( later becomes ppc hardware pte ) 568 * r2: ptr to linux-style pte 569 * r3: scratch 570 */ 571 mfctr r0 572 /* Get PTE (linux-style) and check access */ 573 mfspr r3,SPRN_DMISS 574 lis r1,KERNELBASE@h /* check if kernel address */ 575 cmplw 0,r3,r1 576 mfspr r2,SPRN_SPRG3 577 li r1,_PAGE_RW|_PAGE_USER|_PAGE_PRESENT /* access flags */ 578 lwz r2,PGDIR(r2) 579 blt+ 112f 580 lis r2,swapper_pg_dir@ha /* if kernel address, use */ 581 addi r2,r2,swapper_pg_dir@l /* kernel page table */ 582 mfspr r1,SPRN_SRR1 /* and MSR_PR bit from SRR1 */ 583 rlwinm r1,r1,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */ 584112: tophys(r2,r2) 585 rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */ 586 lwz r2,0(r2) /* get pmd entry */ 587 rlwinm. r2,r2,0,0,19 /* extract address of pte page */ 588 beq- DataAddressInvalid /* return if no mapping */ 589 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */ 590 lwz r3,0(r2) /* get linux-style pte */ 591 andc. r1,r1,r3 /* check access & ~permission */ 592 bne- DataAddressInvalid /* return if access not permitted */ 593 ori r3,r3,_PAGE_ACCESSED|_PAGE_DIRTY 594 /* 595 * NOTE! We are assuming this is not an SMP system, otherwise 596 * we would need to update the pte atomically with lwarx/stwcx. 597 */ 598 stw r3,0(r2) /* update PTE (accessed/dirty bits) */ 599 /* Convert linux-style PTE to low word of PPC-style PTE */ 600 rlwimi r3,r3,32-1,30,30 /* _PAGE_USER -> PP msb */ 601 li r1,0xe15 /* clear out reserved bits and M */ 602 andc r1,r3,r1 /* PP = user? 2: 0 */ 603 mtspr SPRN_RPA,r1 604 mfspr r3,SPRN_DMISS 605 tlbld r3 606 mfspr r3,SPRN_SRR1 /* Need to restore CR0 */ 607 mtcrf 0x80,r3 608 rfi 609 610#ifndef CONFIG_ALTIVEC 611#define altivec_assist_exception unknown_exception 612#endif 613 614 EXCEPTION(0x1300, Trap_13, instruction_breakpoint_exception, EXC_XFER_EE) 615 EXCEPTION(0x1400, SMI, SMIException, EXC_XFER_EE) 616 EXCEPTION(0x1500, Trap_15, unknown_exception, EXC_XFER_EE) 617 EXCEPTION(0x1600, Trap_16, altivec_assist_exception, EXC_XFER_EE) 618 EXCEPTION(0x1700, Trap_17, TAUException, EXC_XFER_STD) 619 EXCEPTION(0x1800, Trap_18, unknown_exception, EXC_XFER_EE) 620 EXCEPTION(0x1900, Trap_19, unknown_exception, EXC_XFER_EE) 621 EXCEPTION(0x1a00, Trap_1a, unknown_exception, EXC_XFER_EE) 622 EXCEPTION(0x1b00, Trap_1b, unknown_exception, EXC_XFER_EE) 623 EXCEPTION(0x1c00, Trap_1c, unknown_exception, EXC_XFER_EE) 624 EXCEPTION(0x1d00, Trap_1d, unknown_exception, EXC_XFER_EE) 625 EXCEPTION(0x1e00, Trap_1e, unknown_exception, EXC_XFER_EE) 626 EXCEPTION(0x1f00, Trap_1f, unknown_exception, EXC_XFER_EE) 627 EXCEPTION(0x2000, RunMode, RunModeException, EXC_XFER_EE) 628 EXCEPTION(0x2100, Trap_21, unknown_exception, EXC_XFER_EE) 629 EXCEPTION(0x2200, Trap_22, unknown_exception, EXC_XFER_EE) 630 EXCEPTION(0x2300, Trap_23, unknown_exception, EXC_XFER_EE) 631 EXCEPTION(0x2400, Trap_24, unknown_exception, EXC_XFER_EE) 632 EXCEPTION(0x2500, Trap_25, unknown_exception, EXC_XFER_EE) 633 EXCEPTION(0x2600, Trap_26, unknown_exception, EXC_XFER_EE) 634 EXCEPTION(0x2700, Trap_27, unknown_exception, EXC_XFER_EE) 635 EXCEPTION(0x2800, Trap_28, unknown_exception, EXC_XFER_EE) 636 EXCEPTION(0x2900, Trap_29, unknown_exception, EXC_XFER_EE) 637 EXCEPTION(0x2a00, Trap_2a, unknown_exception, EXC_XFER_EE) 638 EXCEPTION(0x2b00, Trap_2b, unknown_exception, EXC_XFER_EE) 639 EXCEPTION(0x2c00, Trap_2c, unknown_exception, EXC_XFER_EE) 640 EXCEPTION(0x2d00, Trap_2d, unknown_exception, EXC_XFER_EE) 641 EXCEPTION(0x2e00, Trap_2e, unknown_exception, EXC_XFER_EE) 642 EXCEPTION(0x2f00, MOLTrampoline, unknown_exception, EXC_XFER_EE_LITE) 643 644 .globl mol_trampoline 645 .set mol_trampoline, i0x2f00 646 647 . = 0x3000 648 649AltiVecUnavailable: 650 EXCEPTION_PROLOG 651#ifdef CONFIG_ALTIVEC 652 bne load_up_altivec /* if from user, just load it up */ 653#endif /* CONFIG_ALTIVEC */ 654 addi r3,r1,STACK_FRAME_OVERHEAD 655 EXC_XFER_EE_LITE(0xf20, altivec_unavailable_exception) 656 657#ifdef CONFIG_ALTIVEC 658/* Note that the AltiVec support is closely modeled after the FP 659 * support. Changes to one are likely to be applicable to the 660 * other! */ 661load_up_altivec: 662/* 663 * Disable AltiVec for the task which had AltiVec previously, 664 * and save its AltiVec registers in its thread_struct. 665 * Enables AltiVec for use in the kernel on return. 666 * On SMP we know the AltiVec units are free, since we give it up every 667 * switch. -- Kumar 668 */ 669 mfmsr r5 670 oris r5,r5,MSR_VEC@h 671 MTMSRD(r5) /* enable use of AltiVec now */ 672 isync 673/* 674 * For SMP, we don't do lazy AltiVec switching because it just gets too 675 * horrendously complex, especially when a task switches from one CPU 676 * to another. Instead we call giveup_altivec in switch_to. 677 */ 678#ifndef CONFIG_SMP 679 tophys(r6,0) 680 addis r3,r6,last_task_used_altivec@ha 681 lwz r4,last_task_used_altivec@l(r3) 682 cmpwi 0,r4,0 683 beq 1f 684 add r4,r4,r6 685 addi r4,r4,THREAD /* want THREAD of last_task_used_altivec */ 686 SAVE_32VRS(0,r10,r4) 687 mfvscr vr0 688 li r10,THREAD_VSCR 689 stvx vr0,r10,r4 690 lwz r5,PT_REGS(r4) 691 add r5,r5,r6 692 lwz r4,_MSR-STACK_FRAME_OVERHEAD(r5) 693 lis r10,MSR_VEC@h 694 andc r4,r4,r10 /* disable altivec for previous task */ 695 stw r4,_MSR-STACK_FRAME_OVERHEAD(r5) 6961: 697#endif /* CONFIG_SMP */ 698 /* enable use of AltiVec after return */ 699 oris r9,r9,MSR_VEC@h 700 mfspr r5,SPRN_SPRG3 /* current task's THREAD (phys) */ 701 li r4,1 702 li r10,THREAD_VSCR 703 stw r4,THREAD_USED_VR(r5) 704 lvx vr0,r10,r5 705 mtvscr vr0 706 REST_32VRS(0,r10,r5) 707#ifndef CONFIG_SMP 708 subi r4,r5,THREAD 709 sub r4,r4,r6 710 stw r4,last_task_used_altivec@l(r3) 711#endif /* CONFIG_SMP */ 712 /* restore registers and return */ 713 /* we haven't used ctr or xer or lr */ 714 b fast_exception_return 715 716/* 717 * AltiVec unavailable trap from kernel - print a message, but let 718 * the task use AltiVec in the kernel until it returns to user mode. 719 */ 720KernelAltiVec: 721 lwz r3,_MSR(r1) 722 oris r3,r3,MSR_VEC@h 723 stw r3,_MSR(r1) /* enable use of AltiVec after return */ 724 lis r3,87f@h 725 ori r3,r3,87f@l 726 mr r4,r2 /* current */ 727 lwz r5,_NIP(r1) 728 bl printk 729 b ret_from_except 73087: .string "AltiVec used in kernel (task=%p, pc=%x) \n" 731 .align 4,0 732 733/* 734 * giveup_altivec(tsk) 735 * Disable AltiVec for the task given as the argument, 736 * and save the AltiVec registers in its thread_struct. 737 * Enables AltiVec for use in the kernel on return. 738 */ 739 740 .globl giveup_altivec 741giveup_altivec: 742 mfmsr r5 743 oris r5,r5,MSR_VEC@h 744 SYNC 745 MTMSRD(r5) /* enable use of AltiVec now */ 746 isync 747 cmpwi 0,r3,0 748 beqlr- /* if no previous owner, done */ 749 addi r3,r3,THREAD /* want THREAD of task */ 750 lwz r5,PT_REGS(r3) 751 cmpwi 0,r5,0 752 SAVE_32VRS(0, r4, r3) 753 mfvscr vr0 754 li r4,THREAD_VSCR 755 stvx vr0,r4,r3 756 beq 1f 757 lwz r4,_MSR-STACK_FRAME_OVERHEAD(r5) 758 lis r3,MSR_VEC@h 759 andc r4,r4,r3 /* disable AltiVec for previous task */ 760 stw r4,_MSR-STACK_FRAME_OVERHEAD(r5) 7611: 762#ifndef CONFIG_SMP 763 li r5,0 764 lis r4,last_task_used_altivec@ha 765 stw r5,last_task_used_altivec@l(r4) 766#endif /* CONFIG_SMP */ 767 blr 768#endif /* CONFIG_ALTIVEC */ 769 770/* 771 * This code is jumped to from the startup code to copy 772 * the kernel image to physical address 0. 773 */ 774relocate_kernel: 775 addis r9,r26,klimit@ha /* fetch klimit */ 776 lwz r25,klimit@l(r9) 777 addis r25,r25,-KERNELBASE@h 778 li r3,0 /* Destination base address */ 779 li r6,0 /* Destination offset */ 780 li r5,0x4000 /* # bytes of memory to copy */ 781 bl copy_and_flush /* copy the first 0x4000 bytes */ 782 addi r0,r3,4f@l /* jump to the address of 4f */ 783 mtctr r0 /* in copy and do the rest. */ 784 bctr /* jump to the copy */ 7854: mr r5,r25 786 bl copy_and_flush /* copy the rest */ 787 b turn_on_mmu 788 789/* 790 * Copy routine used to copy the kernel to start at physical address 0 791 * and flush and invalidate the caches as needed. 792 * r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset 793 * on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5. 794 */ 795copy_and_flush: 796 addi r5,r5,-4 797 addi r6,r6,-4 7984: li r0,L1_CACHE_BYTES/4 799 mtctr r0 8003: addi r6,r6,4 /* copy a cache line */ 801 lwzx r0,r6,r4 802 stwx r0,r6,r3 803 bdnz 3b 804 dcbst r6,r3 /* write it to memory */ 805 sync 806 icbi r6,r3 /* flush the icache line */ 807 cmplw 0,r6,r5 808 blt 4b 809 sync /* additional sync needed on g4 */ 810 isync 811 addi r5,r5,4 812 addi r6,r6,4 813 blr 814 815#ifdef CONFIG_APUS 816/* 817 * On APUS the physical base address of the kernel is not known at compile 818 * time, which means the __pa/__va constants used are incorrect. In the 819 * __init section is recorded the virtual addresses of instructions using 820 * these constants, so all that has to be done is fix these before 821 * continuing the kernel boot. 822 * 823 * r4 = The physical address of the kernel base. 824 */ 825fix_mem_constants: 826 mr r10,r4 827 addis r10,r10,-KERNELBASE@h /* virt_to_phys constant */ 828 neg r11,r10 /* phys_to_virt constant */ 829 830 lis r12,__vtop_table_begin@h 831 ori r12,r12,__vtop_table_begin@l 832 add r12,r12,r10 /* table begin phys address */ 833 lis r13,__vtop_table_end@h 834 ori r13,r13,__vtop_table_end@l 835 add r13,r13,r10 /* table end phys address */ 836 subi r12,r12,4 837 subi r13,r13,4 8381: lwzu r14,4(r12) /* virt address of instruction */ 839 add r14,r14,r10 /* phys address of instruction */ 840 lwz r15,0(r14) /* instruction, now insert top */ 841 rlwimi r15,r10,16,16,31 /* half of vp const in low half */ 842 stw r15,0(r14) /* of instruction and restore. */ 843 dcbst r0,r14 /* write it to memory */ 844 sync 845 icbi r0,r14 /* flush the icache line */ 846 cmpw r12,r13 847 bne 1b 848 sync /* additional sync needed on g4 */ 849 isync 850 851/* 852 * Map the memory where the exception handlers will 853 * be copied to when hash constants have been patched. 854 */ 855#ifdef CONFIG_APUS_FAST_EXCEPT 856 lis r8,0xfff0 857#else 858 lis r8,0 859#endif 860 ori r8,r8,0x2 /* 128KB, supervisor */ 861 mtspr SPRN_DBAT3U,r8 862 mtspr SPRN_DBAT3L,r8 863 864 lis r12,__ptov_table_begin@h 865 ori r12,r12,__ptov_table_begin@l 866 add r12,r12,r10 /* table begin phys address */ 867 lis r13,__ptov_table_end@h 868 ori r13,r13,__ptov_table_end@l 869 add r13,r13,r10 /* table end phys address */ 870 subi r12,r12,4 871 subi r13,r13,4 8721: lwzu r14,4(r12) /* virt address of instruction */ 873 add r14,r14,r10 /* phys address of instruction */ 874 lwz r15,0(r14) /* instruction, now insert top */ 875 rlwimi r15,r11,16,16,31 /* half of pv const in low half*/ 876 stw r15,0(r14) /* of instruction and restore. */ 877 dcbst r0,r14 /* write it to memory */ 878 sync 879 icbi r0,r14 /* flush the icache line */ 880 cmpw r12,r13 881 bne 1b 882 883 sync /* additional sync needed on g4 */ 884 isync /* No speculative loading until now */ 885 blr 886 887/*********************************************************************** 888 * Please note that on APUS the exception handlers are located at the 889 * physical address 0xfff0000. For this reason, the exception handlers 890 * cannot use relative branches to access the code below. 891 ***********************************************************************/ 892#endif /* CONFIG_APUS */ 893 894#ifdef CONFIG_SMP 895 .globl __secondary_start_pmac_0 896__secondary_start_pmac_0: 897 /* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */ 898 li r24,0 899 b 1f 900 li r24,1 901 b 1f 902 li r24,2 903 b 1f 904 li r24,3 9051: 906 /* on powersurge, we come in here with IR=0 and DR=1, and DBAT 0 907 set to map the 0xf0000000 - 0xffffffff region */ 908 mfmsr r0 909 rlwinm r0,r0,0,28,26 /* clear DR (0x10) */ 910 SYNC 911 mtmsr r0 912 isync 913 914 .globl __secondary_start 915__secondary_start: 916 /* Copy some CPU settings from CPU 0 */ 917 bl __restore_cpu_setup 918 919 lis r3,-KERNELBASE@h 920 mr r4,r24 921 bl call_setup_cpu /* Call setup_cpu for this CPU */ 922#ifdef CONFIG_6xx 923 lis r3,-KERNELBASE@h 924 bl init_idle_6xx 925#endif /* CONFIG_6xx */ 926 927 /* get current_thread_info and current */ 928 lis r1,secondary_ti@ha 929 tophys(r1,r1) 930 lwz r1,secondary_ti@l(r1) 931 tophys(r2,r1) 932 lwz r2,TI_TASK(r2) 933 934 /* stack */ 935 addi r1,r1,THREAD_SIZE-STACK_FRAME_OVERHEAD 936 li r0,0 937 tophys(r3,r1) 938 stw r0,0(r3) 939 940 /* load up the MMU */ 941 bl load_up_mmu 942 943 /* ptr to phys current thread */ 944 tophys(r4,r2) 945 addi r4,r4,THREAD /* phys address of our thread_struct */ 946 CLR_TOP32(r4) 947 mtspr SPRN_SPRG3,r4 948 li r3,0 949 mtspr SPRN_SPRG2,r3 /* 0 => not in RTAS */ 950 951 /* enable MMU and jump to start_secondary */ 952 li r4,MSR_KERNEL 953 FIX_SRR1(r4,r5) 954 lis r3,start_secondary@h 955 ori r3,r3,start_secondary@l 956 mtspr SPRN_SRR0,r3 957 mtspr SPRN_SRR1,r4 958 SYNC 959 RFI 960#endif /* CONFIG_SMP */ 961 962/* 963 * Those generic dummy functions are kept for CPUs not 964 * included in CONFIG_6xx 965 */ 966#if !defined(CONFIG_6xx) 967_GLOBAL(__save_cpu_setup) 968 blr 969_GLOBAL(__restore_cpu_setup) 970 blr 971#endif /* !defined(CONFIG_6xx) */ 972 973 974/* 975 * Load stuff into the MMU. Intended to be called with 976 * IR=0 and DR=0. 977 */ 978load_up_mmu: 979 sync /* Force all PTE updates to finish */ 980 isync 981 tlbia /* Clear all TLB entries */ 982 sync /* wait for tlbia/tlbie to finish */ 983 TLBSYNC /* ... on all CPUs */ 984 /* Load the SDR1 register (hash table base & size) */ 985 lis r6,_SDR1@ha 986 tophys(r6,r6) 987 lwz r6,_SDR1@l(r6) 988 mtspr SPRN_SDR1,r6 989 li r0,16 /* load up segment register values */ 990 mtctr r0 /* for context 0 */ 991 lis r3,0x2000 /* Ku = 1, VSID = 0 */ 992 li r4,0 9933: mtsrin r3,r4 994 addi r3,r3,0x111 /* increment VSID */ 995 addis r4,r4,0x1000 /* address of next segment */ 996 bdnz 3b 997 998/* Load the BAT registers with the values set up by MMU_init. 999 MMU_init takes care of whether we're on a 601 or not. */ 1000 mfpvr r3 1001 srwi r3,r3,16 1002 cmpwi r3,1 1003 lis r3,BATS@ha 1004 addi r3,r3,BATS@l 1005 tophys(r3,r3) 1006 LOAD_BAT(0,r3,r4,r5) 1007 LOAD_BAT(1,r3,r4,r5) 1008 LOAD_BAT(2,r3,r4,r5) 1009 LOAD_BAT(3,r3,r4,r5) 1010 1011 blr 1012 1013/* 1014 * This is where the main kernel code starts. 1015 */ 1016start_here: 1017 /* ptr to current */ 1018 lis r2,init_task@h 1019 ori r2,r2,init_task@l 1020 /* Set up for using our exception vectors */ 1021 /* ptr to phys current thread */ 1022 tophys(r4,r2) 1023 addi r4,r4,THREAD /* init task's THREAD */ 1024 CLR_TOP32(r4) 1025 mtspr SPRN_SPRG3,r4 1026 li r3,0 1027 mtspr SPRN_SPRG2,r3 /* 0 => not in RTAS */ 1028 1029 /* stack */ 1030 lis r1,init_thread_union@ha 1031 addi r1,r1,init_thread_union@l 1032 li r0,0 1033 stwu r0,THREAD_SIZE-STACK_FRAME_OVERHEAD(r1) 1034/* 1035 * Do early bootinfo parsing, platform-specific initialization, 1036 * and set up the MMU. 1037 */ 1038 mr r3,r31 1039 mr r4,r30 1040 mr r5,r29 1041 mr r6,r28 1042 mr r7,r27 1043 bl machine_init 1044 bl MMU_init 1045 1046#ifdef CONFIG_APUS 1047 /* Copy exception code to exception vector base on APUS. */ 1048 lis r4,KERNELBASE@h 1049#ifdef CONFIG_APUS_FAST_EXCEPT 1050 lis r3,0xfff0 /* Copy to 0xfff00000 */ 1051#else 1052 lis r3,0 /* Copy to 0x00000000 */ 1053#endif 1054 li r5,0x4000 /* # bytes of memory to copy */ 1055 li r6,0 1056 bl copy_and_flush /* copy the first 0x4000 bytes */ 1057#endif /* CONFIG_APUS */ 1058 1059/* 1060 * Go back to running unmapped so we can load up new values 1061 * for SDR1 (hash table pointer) and the segment registers 1062 * and change to using our exception vectors. 1063 */ 1064 lis r4,2f@h 1065 ori r4,r4,2f@l 1066 tophys(r4,r4) 1067 li r3,MSR_KERNEL & ~(MSR_IR|MSR_DR) 1068 FIX_SRR1(r3,r5) 1069 mtspr SPRN_SRR0,r4 1070 mtspr SPRN_SRR1,r3 1071 SYNC 1072 RFI 1073/* Load up the kernel context */ 10742: bl load_up_mmu 1075 1076#ifdef CONFIG_BDI_SWITCH 1077 /* Add helper information for the Abatron bdiGDB debugger. 1078 * We do this here because we know the mmu is disabled, and 1079 * will be enabled for real in just a few instructions. 1080 */ 1081 lis r5, abatron_pteptrs@h 1082 ori r5, r5, abatron_pteptrs@l 1083 stw r5, 0xf0(r0) /* This much match your Abatron config */ 1084 lis r6, swapper_pg_dir@h 1085 ori r6, r6, swapper_pg_dir@l 1086 tophys(r5, r5) 1087 stw r6, 0(r5) 1088#endif /* CONFIG_BDI_SWITCH */ 1089 1090/* Now turn on the MMU for real! */ 1091 li r4,MSR_KERNEL 1092 FIX_SRR1(r4,r5) 1093 lis r3,start_kernel@h 1094 ori r3,r3,start_kernel@l 1095 mtspr SPRN_SRR0,r3 1096 mtspr SPRN_SRR1,r4 1097 SYNC 1098 RFI 1099 1100/* 1101 * Set up the segment registers for a new context. 1102 */ 1103_GLOBAL(set_context) 1104 mulli r3,r3,897 /* multiply context by skew factor */ 1105 rlwinm r3,r3,4,8,27 /* VSID = (context & 0xfffff) << 4 */ 1106 addis r3,r3,0x6000 /* Set Ks, Ku bits */ 1107 li r0,NUM_USER_SEGMENTS 1108 mtctr r0 1109 1110#ifdef CONFIG_BDI_SWITCH 1111 /* Context switch the PTE pointer for the Abatron BDI2000. 1112 * The PGDIR is passed as second argument. 1113 */ 1114 lis r5, KERNELBASE@h 1115 lwz r5, 0xf0(r5) 1116 stw r4, 0x4(r5) 1117#endif 1118 li r4,0 1119 isync 11203: 1121 mtsrin r3,r4 1122 addi r3,r3,0x111 /* next VSID */ 1123 rlwinm r3,r3,0,8,3 /* clear out any overflow from VSID field */ 1124 addis r4,r4,0x1000 /* address of next segment */ 1125 bdnz 3b 1126 sync 1127 isync 1128 blr 1129 1130/* 1131 * An undocumented "feature" of 604e requires that the v bit 1132 * be cleared before changing BAT values. 1133 * 1134 * Also, newer IBM firmware does not clear bat3 and 4 so 1135 * this makes sure it's done. 1136 * -- Cort 1137 */ 1138clear_bats: 1139 li r10,0 1140 mfspr r9,SPRN_PVR 1141 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */ 1142 cmpwi r9, 1 1143 beq 1f 1144 1145 mtspr SPRN_DBAT0U,r10 1146 mtspr SPRN_DBAT0L,r10 1147 mtspr SPRN_DBAT1U,r10 1148 mtspr SPRN_DBAT1L,r10 1149 mtspr SPRN_DBAT2U,r10 1150 mtspr SPRN_DBAT2L,r10 1151 mtspr SPRN_DBAT3U,r10 1152 mtspr SPRN_DBAT3L,r10 11531: 1154 mtspr SPRN_IBAT0U,r10 1155 mtspr SPRN_IBAT0L,r10 1156 mtspr SPRN_IBAT1U,r10 1157 mtspr SPRN_IBAT1L,r10 1158 mtspr SPRN_IBAT2U,r10 1159 mtspr SPRN_IBAT2L,r10 1160 mtspr SPRN_IBAT3U,r10 1161 mtspr SPRN_IBAT3L,r10 1162BEGIN_FTR_SECTION 1163 /* Here's a tweak: at this point, CPU setup have 1164 * not been called yet, so HIGH_BAT_EN may not be 1165 * set in HID0 for the 745x processors. However, it 1166 * seems that doesn't affect our ability to actually 1167 * write to these SPRs. 1168 */ 1169 mtspr SPRN_DBAT4U,r10 1170 mtspr SPRN_DBAT4L,r10 1171 mtspr SPRN_DBAT5U,r10 1172 mtspr SPRN_DBAT5L,r10 1173 mtspr SPRN_DBAT6U,r10 1174 mtspr SPRN_DBAT6L,r10 1175 mtspr SPRN_DBAT7U,r10 1176 mtspr SPRN_DBAT7L,r10 1177 mtspr SPRN_IBAT4U,r10 1178 mtspr SPRN_IBAT4L,r10 1179 mtspr SPRN_IBAT5U,r10 1180 mtspr SPRN_IBAT5L,r10 1181 mtspr SPRN_IBAT6U,r10 1182 mtspr SPRN_IBAT6L,r10 1183 mtspr SPRN_IBAT7U,r10 1184 mtspr SPRN_IBAT7L,r10 1185END_FTR_SECTION_IFSET(CPU_FTR_HAS_HIGH_BATS) 1186 blr 1187 1188flush_tlbs: 1189 lis r10, 0x40 11901: addic. r10, r10, -0x1000 1191 tlbie r10 1192 blt 1b 1193 sync 1194 blr 1195 1196mmu_off: 1197 addi r4, r3, __after_mmu_off - _start 1198 mfmsr r3 1199 andi. r0,r3,MSR_DR|MSR_IR /* MMU enabled? */ 1200 beqlr 1201 andc r3,r3,r0 1202 mtspr SPRN_SRR0,r4 1203 mtspr SPRN_SRR1,r3 1204 sync 1205 RFI 1206 1207/* 1208 * Use the first pair of BAT registers to map the 1st 16MB 1209 * of RAM to KERNELBASE. From this point on we can't safely 1210 * call OF any more. 1211 */ 1212initial_bats: 1213 lis r11,KERNELBASE@h 1214 mfspr r9,SPRN_PVR 1215 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */ 1216 cmpwi 0,r9,1 1217 bne 4f 1218 ori r11,r11,4 /* set up BAT registers for 601 */ 1219 li r8,0x7f /* valid, block length = 8MB */ 1220 oris r9,r11,0x800000@h /* set up BAT reg for 2nd 8M */ 1221 oris r10,r8,0x800000@h /* set up BAT reg for 2nd 8M */ 1222 mtspr SPRN_IBAT0U,r11 /* N.B. 601 has valid bit in */ 1223 mtspr SPRN_IBAT0L,r8 /* lower BAT register */ 1224 mtspr SPRN_IBAT1U,r9 1225 mtspr SPRN_IBAT1L,r10 1226 isync 1227 blr 1228 12294: tophys(r8,r11) 1230#ifdef CONFIG_SMP 1231 ori r8,r8,0x12 /* R/W access, M=1 */ 1232#else 1233 ori r8,r8,2 /* R/W access */ 1234#endif /* CONFIG_SMP */ 1235#ifdef CONFIG_APUS 1236 ori r11,r11,BL_8M<<2|0x2 /* set up 8MB BAT registers for 604 */ 1237#else 1238 ori r11,r11,BL_256M<<2|0x2 /* set up BAT registers for 604 */ 1239#endif /* CONFIG_APUS */ 1240 1241 mtspr SPRN_DBAT0L,r8 /* N.B. 6xx (not 601) have valid */ 1242 mtspr SPRN_DBAT0U,r11 /* bit in upper BAT register */ 1243 mtspr SPRN_IBAT0L,r8 1244 mtspr SPRN_IBAT0U,r11 1245 isync 1246 blr 1247 1248#if !defined(CONFIG_APUS) && defined(CONFIG_BOOTX_TEXT) 1249setup_disp_bat: 1250 /* 1251 * setup the display bat prepared for us in prom.c 1252 */ 1253 mflr r8 1254 bl reloc_offset 1255 mtlr r8 1256 addis r8,r3,disp_BAT@ha 1257 addi r8,r8,disp_BAT@l 1258 lwz r11,0(r8) 1259 lwz r8,4(r8) 1260 mfspr r9,SPRN_PVR 1261 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */ 1262 cmpwi 0,r9,1 1263 beq 1f 1264 mtspr SPRN_DBAT3L,r8 1265 mtspr SPRN_DBAT3U,r11 1266 blr 12671: mtspr SPRN_IBAT3L,r8 1268 mtspr SPRN_IBAT3U,r11 1269 blr 1270 1271#endif /* !defined(CONFIG_APUS) && defined(CONFIG_BOOTX_TEXT) */ 1272 1273#ifdef CONFIG_8260 1274/* Jump into the system reset for the rom. 1275 * We first disable the MMU, and then jump to the ROM reset address. 1276 * 1277 * r3 is the board info structure, r4 is the location for starting. 1278 * I use this for building a small kernel that can load other kernels, 1279 * rather than trying to write or rely on a rom monitor that can tftp load. 1280 */ 1281 .globl m8260_gorom 1282m8260_gorom: 1283 mfmsr r0 1284 rlwinm r0,r0,0,17,15 /* clear MSR_EE in r0 */ 1285 sync 1286 mtmsr r0 1287 sync 1288 mfspr r11, SPRN_HID0 1289 lis r10, 0 1290 ori r10,r10,HID0_ICE|HID0_DCE 1291 andc r11, r11, r10 1292 mtspr SPRN_HID0, r11 1293 isync 1294 li r5, MSR_ME|MSR_RI 1295 lis r6,2f@h 1296 addis r6,r6,-KERNELBASE@h 1297 ori r6,r6,2f@l 1298 mtspr SPRN_SRR0,r6 1299 mtspr SPRN_SRR1,r5 1300 isync 1301 sync 1302 rfi 13032: 1304 mtlr r4 1305 blr 1306#endif 1307 1308 1309/* 1310 * We put a few things here that have to be page-aligned. 1311 * This stuff goes at the beginning of the data segment, 1312 * which is page-aligned. 1313 */ 1314 .data 1315 .globl sdata 1316sdata: 1317 .globl empty_zero_page 1318empty_zero_page: 1319 .space 4096 1320 1321 .globl swapper_pg_dir 1322swapper_pg_dir: 1323 .space 4096 1324 1325/* 1326 * This space gets a copy of optional info passed to us by the bootstrap 1327 * Used to pass parameters into the kernel like root=/dev/sda1, etc. 1328 */ 1329 .globl cmd_line 1330cmd_line: 1331 .space 512 1332 1333 .globl intercept_table 1334intercept_table: 1335 .long 0, 0, i0x200, i0x300, i0x400, 0, i0x600, i0x700 1336 .long i0x800, 0, 0, 0, 0, i0xd00, 0, 0 1337 .long 0, 0, 0, i0x1300, 0, 0, 0, 0 1338 .long 0, 0, 0, 0, 0, 0, 0, 0 1339 .long 0, 0, 0, 0, 0, 0, 0, 0 1340 .long 0, 0, 0, 0, 0, 0, 0, 0 1341 1342/* Room for two PTE pointers, usually the kernel and current user pointers 1343 * to their respective root page table. 1344 */ 1345abatron_pteptrs: 1346 .space 8 1347