1/* 2 * PowerPC version 3 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org) 4 * 5 * Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP 6 * Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu> 7 * Adapted for Power Macintosh by Paul Mackerras. 8 * Low-level exception handlers and MMU support 9 * rewritten by Paul Mackerras. 10 * Copyright (C) 1996 Paul Mackerras. 11 * MPC8xx modifications Copyright (C) 1997 Dan Malek (dmalek@jlc.net). 12 * 13 * This file contains the low-level support and setup for the 14 * PowerPC platform, including trap and interrupt dispatch. 15 * (The PPC 8xx embedded CPUs use head_8xx.S instead.) 16 * 17 * This program is free software; you can redistribute it and/or 18 * modify it under the terms of the GNU General Public License 19 * as published by the Free Software Foundation; either version 20 * 2 of the License, or (at your option) any later version. 21 * 22 */ 23 24#include <linux/init.h> 25#include <asm/reg.h> 26#include <asm/page.h> 27#include <asm/mmu.h> 28#include <asm/pgtable.h> 29#include <asm/cputable.h> 30#include <asm/cache.h> 31#include <asm/thread_info.h> 32#include <asm/ppc_asm.h> 33#include <asm/asm-offsets.h> 34#include <asm/ptrace.h> 35#include <asm/bug.h> 36#include <asm/kvm_book3s_asm.h> 37 38/* 601 only have IBAT; cr0.eq is set on 601 when using this macro */ 39#define LOAD_BAT(n, reg, RA, RB) \ 40 /* see the comment for clear_bats() -- Cort */ \ 41 li RA,0; \ 42 mtspr SPRN_IBAT##n##U,RA; \ 43 mtspr SPRN_DBAT##n##U,RA; \ 44 lwz RA,(n*16)+0(reg); \ 45 lwz RB,(n*16)+4(reg); \ 46 mtspr SPRN_IBAT##n##U,RA; \ 47 mtspr SPRN_IBAT##n##L,RB; \ 48 beq 1f; \ 49 lwz RA,(n*16)+8(reg); \ 50 lwz RB,(n*16)+12(reg); \ 51 mtspr SPRN_DBAT##n##U,RA; \ 52 mtspr SPRN_DBAT##n##L,RB; \ 531: 54 55 __HEAD 56 .stabs "arch/powerpc/kernel/",N_SO,0,0,0f 57 .stabs "head_32.S",N_SO,0,0,0f 580: 59_ENTRY(_stext); 60 61/* 62 * _start is defined this way because the XCOFF loader in the OpenFirmware 63 * on the powermac expects the entry point to be a procedure descriptor. 64 */ 65_ENTRY(_start); 66 /* 67 * These are here for legacy reasons, the kernel used to 68 * need to look like a coff function entry for the pmac 69 * but we're always started by some kind of bootloader now. 70 * -- Cort 71 */ 72 nop /* used by __secondary_hold on prep (mtx) and chrp smp */ 73 nop /* used by __secondary_hold on prep (mtx) and chrp smp */ 74 nop 75 76/* PMAC 77 * Enter here with the kernel text, data and bss loaded starting at 78 * 0, running with virtual == physical mapping. 79 * r5 points to the prom entry point (the client interface handler 80 * address). Address translation is turned on, with the prom 81 * managing the hash table. Interrupts are disabled. The stack 82 * pointer (r1) points to just below the end of the half-meg region 83 * from 0x380000 - 0x400000, which is mapped in already. 84 * 85 * If we are booted from MacOS via BootX, we enter with the kernel 86 * image loaded somewhere, and the following values in registers: 87 * r3: 'BooX' (0x426f6f58) 88 * r4: virtual address of boot_infos_t 89 * r5: 0 90 * 91 * PREP 92 * This is jumped to on prep systems right after the kernel is relocated 93 * to its proper place in memory by the boot loader. The expected layout 94 * of the regs is: 95 * r3: ptr to residual data 96 * r4: initrd_start or if no initrd then 0 97 * r5: initrd_end - unused if r4 is 0 98 * r6: Start of command line string 99 * r7: End of command line string 100 * 101 * This just gets a minimal mmu environment setup so we can call 102 * start_here() to do the real work. 103 * -- Cort 104 */ 105 106 .globl __start 107__start: 108/* 109 * We have to do any OF calls before we map ourselves to KERNELBASE, 110 * because OF may have I/O devices mapped into that area 111 * (particularly on CHRP). 112 */ 113 cmpwi 0,r5,0 114 beq 1f 115 116#ifdef CONFIG_PPC_OF_BOOT_TRAMPOLINE 117 /* find out where we are now */ 118 bcl 20,31,$+4 1190: mflr r8 /* r8 = runtime addr here */ 120 addis r8,r8,(_stext - 0b)@ha 121 addi r8,r8,(_stext - 0b)@l /* current runtime base addr */ 122 bl prom_init 123#endif /* CONFIG_PPC_OF_BOOT_TRAMPOLINE */ 124 125 /* We never return. We also hit that trap if trying to boot 126 * from OF while CONFIG_PPC_OF_BOOT_TRAMPOLINE isn't selected */ 127 trap 128 129/* 130 * Check for BootX signature when supporting PowerMac and branch to 131 * appropriate trampoline if it's present 132 */ 133#ifdef CONFIG_PPC_PMAC 1341: lis r31,0x426f 135 ori r31,r31,0x6f58 136 cmpw 0,r3,r31 137 bne 1f 138 bl bootx_init 139 trap 140#endif /* CONFIG_PPC_PMAC */ 141 1421: mr r31,r3 /* save device tree ptr */ 143 li r24,0 /* cpu # */ 144 145/* 146 * early_init() does the early machine identification and does 147 * the necessary low-level setup and clears the BSS 148 * -- Cort <cort@fsmlabs.com> 149 */ 150 bl early_init 151 152/* Switch MMU off, clear BATs and flush TLB. At this point, r3 contains 153 * the physical address we are running at, returned by early_init() 154 */ 155 bl mmu_off 156__after_mmu_off: 157 bl clear_bats 158 bl flush_tlbs 159 160 bl initial_bats 161#if defined(CONFIG_BOOTX_TEXT) 162 bl setup_disp_bat 163#endif 164#ifdef CONFIG_PPC_EARLY_DEBUG_CPM 165 bl setup_cpm_bat 166#endif 167#ifdef CONFIG_PPC_EARLY_DEBUG_USBGECKO 168 bl setup_usbgecko_bat 169#endif 170 171/* 172 * Call setup_cpu for CPU 0 and initialize 6xx Idle 173 */ 174 bl reloc_offset 175 li r24,0 /* cpu# */ 176 bl call_setup_cpu /* Call setup_cpu for this CPU */ 177#ifdef CONFIG_6xx 178 bl reloc_offset 179 bl init_idle_6xx 180#endif /* CONFIG_6xx */ 181 182 183/* 184 * We need to run with _start at physical address 0. 185 * On CHRP, we are loaded at 0x10000 since OF on CHRP uses 186 * the exception vectors at 0 (and therefore this copy 187 * overwrites OF's exception vectors with our own). 188 * The MMU is off at this point. 189 */ 190 bl reloc_offset 191 mr r26,r3 192 addis r4,r3,KERNELBASE@h /* current address of _start */ 193 lis r5,PHYSICAL_START@h 194 cmplw 0,r4,r5 /* already running at PHYSICAL_START? */ 195 bne relocate_kernel 196/* 197 * we now have the 1st 16M of ram mapped with the bats. 198 * prep needs the mmu to be turned on here, but pmac already has it on. 199 * this shouldn't bother the pmac since it just gets turned on again 200 * as we jump to our code at KERNELBASE. -- Cort 201 * Actually no, pmac doesn't have it on any more. BootX enters with MMU 202 * off, and in other cases, we now turn it off before changing BATs above. 203 */ 204turn_on_mmu: 205 mfmsr r0 206 ori r0,r0,MSR_DR|MSR_IR 207 mtspr SPRN_SRR1,r0 208 lis r0,start_here@h 209 ori r0,r0,start_here@l 210 mtspr SPRN_SRR0,r0 211 SYNC 212 RFI /* enables MMU */ 213 214/* 215 * We need __secondary_hold as a place to hold the other cpus on 216 * an SMP machine, even when we are running a UP kernel. 217 */ 218 . = 0xc0 /* for prep bootloader */ 219 li r3,1 /* MTX only has 1 cpu */ 220 .globl __secondary_hold 221__secondary_hold: 222 /* tell the master we're here */ 223 stw r3,__secondary_hold_acknowledge@l(0) 224#ifdef CONFIG_SMP 225100: lwz r4,0(0) 226 /* wait until we're told to start */ 227 cmpw 0,r4,r3 228 bne 100b 229 /* our cpu # was at addr 0 - go */ 230 mr r24,r3 /* cpu # */ 231 b __secondary_start 232#else 233 b . 234#endif /* CONFIG_SMP */ 235 236 .globl __secondary_hold_spinloop 237__secondary_hold_spinloop: 238 .long 0 239 .globl __secondary_hold_acknowledge 240__secondary_hold_acknowledge: 241 .long -1 242 243/* 244 * Exception entry code. This code runs with address translation 245 * turned off, i.e. using physical addresses. 246 * We assume sprg3 has the physical address of the current 247 * task's thread_struct. 248 */ 249#define EXCEPTION_PROLOG \ 250 mtspr SPRN_SPRG_SCRATCH0,r10; \ 251 mtspr SPRN_SPRG_SCRATCH1,r11; \ 252 mfcr r10; \ 253 EXCEPTION_PROLOG_1; \ 254 EXCEPTION_PROLOG_2 255 256#define EXCEPTION_PROLOG_1 \ 257 mfspr r11,SPRN_SRR1; /* check whether user or kernel */ \ 258 andi. r11,r11,MSR_PR; \ 259 tophys(r11,r1); /* use tophys(r1) if kernel */ \ 260 beq 1f; \ 261 mfspr r11,SPRN_SPRG_THREAD; \ 262 lwz r11,THREAD_INFO-THREAD(r11); \ 263 addi r11,r11,THREAD_SIZE; \ 264 tophys(r11,r11); \ 2651: subi r11,r11,INT_FRAME_SIZE /* alloc exc. frame */ 266 267 268#define EXCEPTION_PROLOG_2 \ 269 CLR_TOP32(r11); \ 270 stw r10,_CCR(r11); /* save registers */ \ 271 stw r12,GPR12(r11); \ 272 stw r9,GPR9(r11); \ 273 mfspr r10,SPRN_SPRG_SCRATCH0; \ 274 stw r10,GPR10(r11); \ 275 mfspr r12,SPRN_SPRG_SCRATCH1; \ 276 stw r12,GPR11(r11); \ 277 mflr r10; \ 278 stw r10,_LINK(r11); \ 279 mfspr r12,SPRN_SRR0; \ 280 mfspr r9,SPRN_SRR1; \ 281 stw r1,GPR1(r11); \ 282 stw r1,0(r11); \ 283 tovirt(r1,r11); /* set new kernel sp */ \ 284 li r10,MSR_KERNEL & ~(MSR_IR|MSR_DR); /* can take exceptions */ \ 285 MTMSRD(r10); /* (except for mach check in rtas) */ \ 286 stw r0,GPR0(r11); \ 287 lis r10,STACK_FRAME_REGS_MARKER@ha; /* exception frame marker */ \ 288 addi r10,r10,STACK_FRAME_REGS_MARKER@l; \ 289 stw r10,8(r11); \ 290 SAVE_4GPRS(3, r11); \ 291 SAVE_2GPRS(7, r11) 292 293/* 294 * Note: code which follows this uses cr0.eq (set if from kernel), 295 * r11, r12 (SRR0), and r9 (SRR1). 296 * 297 * Note2: once we have set r1 we are in a position to take exceptions 298 * again, and we could thus set MSR:RI at that point. 299 */ 300 301/* 302 * Exception vectors. 303 */ 304#define EXCEPTION(n, label, hdlr, xfer) \ 305 . = n; \ 306 DO_KVM n; \ 307label: \ 308 EXCEPTION_PROLOG; \ 309 addi r3,r1,STACK_FRAME_OVERHEAD; \ 310 xfer(n, hdlr) 311 312#define EXC_XFER_TEMPLATE(n, hdlr, trap, copyee, tfer, ret) \ 313 li r10,trap; \ 314 stw r10,_TRAP(r11); \ 315 li r10,MSR_KERNEL; \ 316 copyee(r10, r9); \ 317 bl tfer; \ 318i##n: \ 319 .long hdlr; \ 320 .long ret 321 322#define COPY_EE(d, s) rlwimi d,s,0,16,16 323#define NOCOPY(d, s) 324 325#define EXC_XFER_STD(n, hdlr) \ 326 EXC_XFER_TEMPLATE(n, hdlr, n, NOCOPY, transfer_to_handler_full, \ 327 ret_from_except_full) 328 329#define EXC_XFER_LITE(n, hdlr) \ 330 EXC_XFER_TEMPLATE(n, hdlr, n+1, NOCOPY, transfer_to_handler, \ 331 ret_from_except) 332 333#define EXC_XFER_EE(n, hdlr) \ 334 EXC_XFER_TEMPLATE(n, hdlr, n, COPY_EE, transfer_to_handler_full, \ 335 ret_from_except_full) 336 337#define EXC_XFER_EE_LITE(n, hdlr) \ 338 EXC_XFER_TEMPLATE(n, hdlr, n+1, COPY_EE, transfer_to_handler, \ 339 ret_from_except) 340 341/* System reset */ 342/* core99 pmac starts the seconary here by changing the vector, and 343 putting it back to what it was (unknown_exception) when done. */ 344 EXCEPTION(0x100, Reset, unknown_exception, EXC_XFER_STD) 345 346/* Machine check */ 347/* 348 * On CHRP, this is complicated by the fact that we could get a 349 * machine check inside RTAS, and we have no guarantee that certain 350 * critical registers will have the values we expect. The set of 351 * registers that might have bad values includes all the GPRs 352 * and all the BATs. We indicate that we are in RTAS by putting 353 * a non-zero value, the address of the exception frame to use, 354 * in SPRG2. The machine check handler checks SPRG2 and uses its 355 * value if it is non-zero. If we ever needed to free up SPRG2, 356 * we could use a field in the thread_info or thread_struct instead. 357 * (Other exception handlers assume that r1 is a valid kernel stack 358 * pointer when we take an exception from supervisor mode.) 359 * -- paulus. 360 */ 361 . = 0x200 362 DO_KVM 0x200 363 mtspr SPRN_SPRG_SCRATCH0,r10 364 mtspr SPRN_SPRG_SCRATCH1,r11 365 mfcr r10 366#ifdef CONFIG_PPC_CHRP 367 mfspr r11,SPRN_SPRG_RTAS 368 cmpwi 0,r11,0 369 bne 7f 370#endif /* CONFIG_PPC_CHRP */ 371 EXCEPTION_PROLOG_1 3727: EXCEPTION_PROLOG_2 373 addi r3,r1,STACK_FRAME_OVERHEAD 374#ifdef CONFIG_PPC_CHRP 375 mfspr r4,SPRN_SPRG_RTAS 376 cmpwi cr1,r4,0 377 bne cr1,1f 378#endif 379 EXC_XFER_STD(0x200, machine_check_exception) 380#ifdef CONFIG_PPC_CHRP 3811: b machine_check_in_rtas 382#endif 383 384/* Data access exception. */ 385 . = 0x300 386 DO_KVM 0x300 387DataAccess: 388 EXCEPTION_PROLOG 389 mfspr r10,SPRN_DSISR 390 stw r10,_DSISR(r11) 391 andis. r0,r10,0xa470 /* weird error? */ 392 bne 1f /* if not, try to put a PTE */ 393 mfspr r4,SPRN_DAR /* into the hash table */ 394 rlwinm r3,r10,32-15,21,21 /* DSISR_STORE -> _PAGE_RW */ 395 bl hash_page 3961: lwz r5,_DSISR(r11) /* get DSISR value */ 397 mfspr r4,SPRN_DAR 398 EXC_XFER_LITE(0x300, handle_page_fault) 399 400 401/* Instruction access exception. */ 402 . = 0x400 403 DO_KVM 0x400 404InstructionAccess: 405 EXCEPTION_PROLOG 406 andis. r0,r9,0x4000 /* no pte found? */ 407 beq 1f /* if so, try to put a PTE */ 408 li r3,0 /* into the hash table */ 409 mr r4,r12 /* SRR0 is fault address */ 410 bl hash_page 4111: mr r4,r12 412 mr r5,r9 413 EXC_XFER_LITE(0x400, handle_page_fault) 414 415/* External interrupt */ 416 EXCEPTION(0x500, HardwareInterrupt, do_IRQ, EXC_XFER_LITE) 417 418/* Alignment exception */ 419 . = 0x600 420 DO_KVM 0x600 421Alignment: 422 EXCEPTION_PROLOG 423 mfspr r4,SPRN_DAR 424 stw r4,_DAR(r11) 425 mfspr r5,SPRN_DSISR 426 stw r5,_DSISR(r11) 427 addi r3,r1,STACK_FRAME_OVERHEAD 428 EXC_XFER_EE(0x600, alignment_exception) 429 430/* Program check exception */ 431 EXCEPTION(0x700, ProgramCheck, program_check_exception, EXC_XFER_STD) 432 433/* Floating-point unavailable */ 434 . = 0x800 435 DO_KVM 0x800 436FPUnavailable: 437BEGIN_FTR_SECTION 438/* 439 * Certain Freescale cores don't have a FPU and treat fp instructions 440 * as a FP Unavailable exception. Redirect to illegal/emulation handling. 441 */ 442 b ProgramCheck 443END_FTR_SECTION_IFSET(CPU_FTR_FPU_UNAVAILABLE) 444 EXCEPTION_PROLOG 445 beq 1f 446 bl load_up_fpu /* if from user, just load it up */ 447 b fast_exception_return 4481: addi r3,r1,STACK_FRAME_OVERHEAD 449 EXC_XFER_EE_LITE(0x800, kernel_fp_unavailable_exception) 450 451/* Decrementer */ 452 EXCEPTION(0x900, Decrementer, timer_interrupt, EXC_XFER_LITE) 453 454 EXCEPTION(0xa00, Trap_0a, unknown_exception, EXC_XFER_EE) 455 EXCEPTION(0xb00, Trap_0b, unknown_exception, EXC_XFER_EE) 456 457/* System call */ 458 . = 0xc00 459 DO_KVM 0xc00 460SystemCall: 461 EXCEPTION_PROLOG 462 EXC_XFER_EE_LITE(0xc00, DoSyscall) 463 464/* Single step - not used on 601 */ 465 EXCEPTION(0xd00, SingleStep, single_step_exception, EXC_XFER_STD) 466 EXCEPTION(0xe00, Trap_0e, unknown_exception, EXC_XFER_EE) 467 468/* 469 * The Altivec unavailable trap is at 0x0f20. Foo. 470 * We effectively remap it to 0x3000. 471 * We include an altivec unavailable exception vector even if 472 * not configured for Altivec, so that you can't panic a 473 * non-altivec kernel running on a machine with altivec just 474 * by executing an altivec instruction. 475 */ 476 . = 0xf00 477 DO_KVM 0xf00 478 b PerformanceMonitor 479 480 . = 0xf20 481 DO_KVM 0xf20 482 b AltiVecUnavailable 483 484/* 485 * Handle TLB miss for instruction on 603/603e. 486 * Note: we get an alternate set of r0 - r3 to use automatically. 487 */ 488 . = 0x1000 489InstructionTLBMiss: 490/* 491 * r0: scratch 492 * r1: linux style pte ( later becomes ppc hardware pte ) 493 * r2: ptr to linux-style pte 494 * r3: scratch 495 */ 496 /* Get PTE (linux-style) and check access */ 497 mfspr r3,SPRN_IMISS 498 lis r1,PAGE_OFFSET@h /* check if kernel address */ 499 cmplw 0,r1,r3 500 mfspr r2,SPRN_SPRG_THREAD 501 li r1,_PAGE_USER|_PAGE_PRESENT /* low addresses tested as user */ 502 lwz r2,PGDIR(r2) 503 bge- 112f 504 mfspr r2,SPRN_SRR1 /* and MSR_PR bit from SRR1 */ 505 rlwimi r1,r2,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */ 506 lis r2,swapper_pg_dir@ha /* if kernel address, use */ 507 addi r2,r2,swapper_pg_dir@l /* kernel page table */ 508112: tophys(r2,r2) 509 rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */ 510 lwz r2,0(r2) /* get pmd entry */ 511 rlwinm. r2,r2,0,0,19 /* extract address of pte page */ 512 beq- InstructionAddressInvalid /* return if no mapping */ 513 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */ 514 lwz r0,0(r2) /* get linux-style pte */ 515 andc. r1,r1,r0 /* check access & ~permission */ 516 bne- InstructionAddressInvalid /* return if access not permitted */ 517 ori r0,r0,_PAGE_ACCESSED /* set _PAGE_ACCESSED in pte */ 518 /* 519 * NOTE! We are assuming this is not an SMP system, otherwise 520 * we would need to update the pte atomically with lwarx/stwcx. 521 */ 522 stw r0,0(r2) /* update PTE (accessed bit) */ 523 /* Convert linux-style PTE to low word of PPC-style PTE */ 524 rlwinm r1,r0,32-10,31,31 /* _PAGE_RW -> PP lsb */ 525 rlwinm r2,r0,32-7,31,31 /* _PAGE_DIRTY -> PP lsb */ 526 and r1,r1,r2 /* writable if _RW and _DIRTY */ 527 rlwimi r0,r0,32-1,30,30 /* _PAGE_USER -> PP msb */ 528 rlwimi r0,r0,32-1,31,31 /* _PAGE_USER -> PP lsb */ 529 ori r1,r1,0xe04 /* clear out reserved bits */ 530 andc r1,r0,r1 /* PP = user? (rw&dirty? 2: 3): 0 */ 531BEGIN_FTR_SECTION 532 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */ 533END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT) 534 mtspr SPRN_RPA,r1 535 tlbli r3 536 mfspr r3,SPRN_SRR1 /* Need to restore CR0 */ 537 mtcrf 0x80,r3 538 rfi 539InstructionAddressInvalid: 540 mfspr r3,SPRN_SRR1 541 rlwinm r1,r3,9,6,6 /* Get load/store bit */ 542 543 addis r1,r1,0x2000 544 mtspr SPRN_DSISR,r1 /* (shouldn't be needed) */ 545 andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */ 546 or r2,r2,r1 547 mtspr SPRN_SRR1,r2 548 mfspr r1,SPRN_IMISS /* Get failing address */ 549 rlwinm. r2,r2,0,31,31 /* Check for little endian access */ 550 rlwimi r2,r2,1,30,30 /* change 1 -> 3 */ 551 xor r1,r1,r2 552 mtspr SPRN_DAR,r1 /* Set fault address */ 553 mfmsr r0 /* Restore "normal" registers */ 554 xoris r0,r0,MSR_TGPR>>16 555 mtcrf 0x80,r3 /* Restore CR0 */ 556 mtmsr r0 557 b InstructionAccess 558 559/* 560 * Handle TLB miss for DATA Load operation on 603/603e 561 */ 562 . = 0x1100 563DataLoadTLBMiss: 564/* 565 * r0: scratch 566 * r1: linux style pte ( later becomes ppc hardware pte ) 567 * r2: ptr to linux-style pte 568 * r3: scratch 569 */ 570 /* Get PTE (linux-style) and check access */ 571 mfspr r3,SPRN_DMISS 572 lis r1,PAGE_OFFSET@h /* check if kernel address */ 573 cmplw 0,r1,r3 574 mfspr r2,SPRN_SPRG_THREAD 575 li r1,_PAGE_USER|_PAGE_PRESENT /* low addresses tested as user */ 576 lwz r2,PGDIR(r2) 577 bge- 112f 578 mfspr r2,SPRN_SRR1 /* and MSR_PR bit from SRR1 */ 579 rlwimi r1,r2,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */ 580 lis r2,swapper_pg_dir@ha /* if kernel address, use */ 581 addi r2,r2,swapper_pg_dir@l /* kernel page table */ 582112: tophys(r2,r2) 583 rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */ 584 lwz r2,0(r2) /* get pmd entry */ 585 rlwinm. r2,r2,0,0,19 /* extract address of pte page */ 586 beq- DataAddressInvalid /* return if no mapping */ 587 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */ 588 lwz r0,0(r2) /* get linux-style pte */ 589 andc. r1,r1,r0 /* check access & ~permission */ 590 bne- DataAddressInvalid /* return if access not permitted */ 591 ori r0,r0,_PAGE_ACCESSED /* set _PAGE_ACCESSED in pte */ 592 /* 593 * NOTE! We are assuming this is not an SMP system, otherwise 594 * we would need to update the pte atomically with lwarx/stwcx. 595 */ 596 stw r0,0(r2) /* update PTE (accessed bit) */ 597 /* Convert linux-style PTE to low word of PPC-style PTE */ 598 rlwinm r1,r0,32-10,31,31 /* _PAGE_RW -> PP lsb */ 599 rlwinm r2,r0,32-7,31,31 /* _PAGE_DIRTY -> PP lsb */ 600 and r1,r1,r2 /* writable if _RW and _DIRTY */ 601 rlwimi r0,r0,32-1,30,30 /* _PAGE_USER -> PP msb */ 602 rlwimi r0,r0,32-1,31,31 /* _PAGE_USER -> PP lsb */ 603 ori r1,r1,0xe04 /* clear out reserved bits */ 604 andc r1,r0,r1 /* PP = user? (rw&dirty? 2: 3): 0 */ 605BEGIN_FTR_SECTION 606 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */ 607END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT) 608 mtspr SPRN_RPA,r1 609 mfspr r2,SPRN_SRR1 /* Need to restore CR0 */ 610 mtcrf 0x80,r2 611BEGIN_MMU_FTR_SECTION 612 li r0,1 613 mfspr r1,SPRN_SPRG_603_LRU 614 rlwinm r2,r3,20,27,31 /* Get Address bits 15:19 */ 615 slw r0,r0,r2 616 xor r1,r0,r1 617 srw r0,r1,r2 618 mtspr SPRN_SPRG_603_LRU,r1 619 mfspr r2,SPRN_SRR1 620 rlwimi r2,r0,31-14,14,14 621 mtspr SPRN_SRR1,r2 622END_MMU_FTR_SECTION_IFSET(MMU_FTR_NEED_DTLB_SW_LRU) 623 tlbld r3 624 rfi 625DataAddressInvalid: 626 mfspr r3,SPRN_SRR1 627 rlwinm r1,r3,9,6,6 /* Get load/store bit */ 628 addis r1,r1,0x2000 629 mtspr SPRN_DSISR,r1 630 andi. r2,r3,0xFFFF /* Clear upper bits of SRR1 */ 631 mtspr SPRN_SRR1,r2 632 mfspr r1,SPRN_DMISS /* Get failing address */ 633 rlwinm. r2,r2,0,31,31 /* Check for little endian access */ 634 beq 20f /* Jump if big endian */ 635 xori r1,r1,3 63620: mtspr SPRN_DAR,r1 /* Set fault address */ 637 mfmsr r0 /* Restore "normal" registers */ 638 xoris r0,r0,MSR_TGPR>>16 639 mtcrf 0x80,r3 /* Restore CR0 */ 640 mtmsr r0 641 b DataAccess 642 643/* 644 * Handle TLB miss for DATA Store on 603/603e 645 */ 646 . = 0x1200 647DataStoreTLBMiss: 648/* 649 * r0: scratch 650 * r1: linux style pte ( later becomes ppc hardware pte ) 651 * r2: ptr to linux-style pte 652 * r3: scratch 653 */ 654 /* Get PTE (linux-style) and check access */ 655 mfspr r3,SPRN_DMISS 656 lis r1,PAGE_OFFSET@h /* check if kernel address */ 657 cmplw 0,r1,r3 658 mfspr r2,SPRN_SPRG_THREAD 659 li r1,_PAGE_RW|_PAGE_USER|_PAGE_PRESENT /* access flags */ 660 lwz r2,PGDIR(r2) 661 bge- 112f 662 mfspr r2,SPRN_SRR1 /* and MSR_PR bit from SRR1 */ 663 rlwimi r1,r2,32-12,29,29 /* shift MSR_PR to _PAGE_USER posn */ 664 lis r2,swapper_pg_dir@ha /* if kernel address, use */ 665 addi r2,r2,swapper_pg_dir@l /* kernel page table */ 666112: tophys(r2,r2) 667 rlwimi r2,r3,12,20,29 /* insert top 10 bits of address */ 668 lwz r2,0(r2) /* get pmd entry */ 669 rlwinm. r2,r2,0,0,19 /* extract address of pte page */ 670 beq- DataAddressInvalid /* return if no mapping */ 671 rlwimi r2,r3,22,20,29 /* insert next 10 bits of address */ 672 lwz r0,0(r2) /* get linux-style pte */ 673 andc. r1,r1,r0 /* check access & ~permission */ 674 bne- DataAddressInvalid /* return if access not permitted */ 675 ori r0,r0,_PAGE_ACCESSED|_PAGE_DIRTY 676 /* 677 * NOTE! We are assuming this is not an SMP system, otherwise 678 * we would need to update the pte atomically with lwarx/stwcx. 679 */ 680 stw r0,0(r2) /* update PTE (accessed/dirty bits) */ 681 /* Convert linux-style PTE to low word of PPC-style PTE */ 682 rlwimi r0,r0,32-1,30,30 /* _PAGE_USER -> PP msb */ 683 li r1,0xe05 /* clear out reserved bits & PP lsb */ 684 andc r1,r0,r1 /* PP = user? 2: 0 */ 685BEGIN_FTR_SECTION 686 rlwinm r1,r1,0,~_PAGE_COHERENT /* clear M (coherence not required) */ 687END_FTR_SECTION_IFCLR(CPU_FTR_NEED_COHERENT) 688 mtspr SPRN_RPA,r1 689 mfspr r2,SPRN_SRR1 /* Need to restore CR0 */ 690 mtcrf 0x80,r2 691BEGIN_MMU_FTR_SECTION 692 li r0,1 693 mfspr r1,SPRN_SPRG_603_LRU 694 rlwinm r2,r3,20,27,31 /* Get Address bits 15:19 */ 695 slw r0,r0,r2 696 xor r1,r0,r1 697 srw r0,r1,r2 698 mtspr SPRN_SPRG_603_LRU,r1 699 mfspr r2,SPRN_SRR1 700 rlwimi r2,r0,31-14,14,14 701 mtspr SPRN_SRR1,r2 702END_MMU_FTR_SECTION_IFSET(MMU_FTR_NEED_DTLB_SW_LRU) 703 tlbld r3 704 rfi 705 706#ifndef CONFIG_ALTIVEC 707#define altivec_assist_exception unknown_exception 708#endif 709 710 EXCEPTION(0x1300, Trap_13, instruction_breakpoint_exception, EXC_XFER_EE) 711 EXCEPTION(0x1400, SMI, SMIException, EXC_XFER_EE) 712 EXCEPTION(0x1500, Trap_15, unknown_exception, EXC_XFER_EE) 713 EXCEPTION(0x1600, Trap_16, altivec_assist_exception, EXC_XFER_EE) 714 EXCEPTION(0x1700, Trap_17, TAUException, EXC_XFER_STD) 715 EXCEPTION(0x1800, Trap_18, unknown_exception, EXC_XFER_EE) 716 EXCEPTION(0x1900, Trap_19, unknown_exception, EXC_XFER_EE) 717 EXCEPTION(0x1a00, Trap_1a, unknown_exception, EXC_XFER_EE) 718 EXCEPTION(0x1b00, Trap_1b, unknown_exception, EXC_XFER_EE) 719 EXCEPTION(0x1c00, Trap_1c, unknown_exception, EXC_XFER_EE) 720 EXCEPTION(0x1d00, Trap_1d, unknown_exception, EXC_XFER_EE) 721 EXCEPTION(0x1e00, Trap_1e, unknown_exception, EXC_XFER_EE) 722 EXCEPTION(0x1f00, Trap_1f, unknown_exception, EXC_XFER_EE) 723 EXCEPTION(0x2000, RunMode, RunModeException, EXC_XFER_EE) 724 EXCEPTION(0x2100, Trap_21, unknown_exception, EXC_XFER_EE) 725 EXCEPTION(0x2200, Trap_22, unknown_exception, EXC_XFER_EE) 726 EXCEPTION(0x2300, Trap_23, unknown_exception, EXC_XFER_EE) 727 EXCEPTION(0x2400, Trap_24, unknown_exception, EXC_XFER_EE) 728 EXCEPTION(0x2500, Trap_25, unknown_exception, EXC_XFER_EE) 729 EXCEPTION(0x2600, Trap_26, unknown_exception, EXC_XFER_EE) 730 EXCEPTION(0x2700, Trap_27, unknown_exception, EXC_XFER_EE) 731 EXCEPTION(0x2800, Trap_28, unknown_exception, EXC_XFER_EE) 732 EXCEPTION(0x2900, Trap_29, unknown_exception, EXC_XFER_EE) 733 EXCEPTION(0x2a00, Trap_2a, unknown_exception, EXC_XFER_EE) 734 EXCEPTION(0x2b00, Trap_2b, unknown_exception, EXC_XFER_EE) 735 EXCEPTION(0x2c00, Trap_2c, unknown_exception, EXC_XFER_EE) 736 EXCEPTION(0x2d00, Trap_2d, unknown_exception, EXC_XFER_EE) 737 EXCEPTION(0x2e00, Trap_2e, unknown_exception, EXC_XFER_EE) 738 EXCEPTION(0x2f00, MOLTrampoline, unknown_exception, EXC_XFER_EE_LITE) 739 740 .globl mol_trampoline 741 .set mol_trampoline, i0x2f00 742 743 . = 0x3000 744 745AltiVecUnavailable: 746 EXCEPTION_PROLOG 747#ifdef CONFIG_ALTIVEC 748 beq 1f 749 bl load_up_altivec /* if from user, just load it up */ 750 b fast_exception_return 751#endif /* CONFIG_ALTIVEC */ 7521: addi r3,r1,STACK_FRAME_OVERHEAD 753 EXC_XFER_EE_LITE(0xf20, altivec_unavailable_exception) 754 755PerformanceMonitor: 756 EXCEPTION_PROLOG 757 addi r3,r1,STACK_FRAME_OVERHEAD 758 EXC_XFER_STD(0xf00, performance_monitor_exception) 759 760 761/* 762 * This code is jumped to from the startup code to copy 763 * the kernel image to physical address PHYSICAL_START. 764 */ 765relocate_kernel: 766 addis r9,r26,klimit@ha /* fetch klimit */ 767 lwz r25,klimit@l(r9) 768 addis r25,r25,-KERNELBASE@h 769 lis r3,PHYSICAL_START@h /* Destination base address */ 770 li r6,0 /* Destination offset */ 771 li r5,0x4000 /* # bytes of memory to copy */ 772 bl copy_and_flush /* copy the first 0x4000 bytes */ 773 addi r0,r3,4f@l /* jump to the address of 4f */ 774 mtctr r0 /* in copy and do the rest. */ 775 bctr /* jump to the copy */ 7764: mr r5,r25 777 bl copy_and_flush /* copy the rest */ 778 b turn_on_mmu 779 780/* 781 * Copy routine used to copy the kernel to start at physical address 0 782 * and flush and invalidate the caches as needed. 783 * r3 = dest addr, r4 = source addr, r5 = copy limit, r6 = start offset 784 * on exit, r3, r4, r5 are unchanged, r6 is updated to be >= r5. 785 */ 786_ENTRY(copy_and_flush) 787 addi r5,r5,-4 788 addi r6,r6,-4 7894: li r0,L1_CACHE_BYTES/4 790 mtctr r0 7913: addi r6,r6,4 /* copy a cache line */ 792 lwzx r0,r6,r4 793 stwx r0,r6,r3 794 bdnz 3b 795 dcbst r6,r3 /* write it to memory */ 796 sync 797 icbi r6,r3 /* flush the icache line */ 798 cmplw 0,r6,r5 799 blt 4b 800 sync /* additional sync needed on g4 */ 801 isync 802 addi r5,r5,4 803 addi r6,r6,4 804 blr 805 806#ifdef CONFIG_SMP 807 .globl __secondary_start_mpc86xx 808__secondary_start_mpc86xx: 809 mfspr r3, SPRN_PIR 810 stw r3, __secondary_hold_acknowledge@l(0) 811 mr r24, r3 /* cpu # */ 812 b __secondary_start 813 814 .globl __secondary_start_pmac_0 815__secondary_start_pmac_0: 816 /* NB the entries for cpus 0, 1, 2 must each occupy 8 bytes. */ 817 li r24,0 818 b 1f 819 li r24,1 820 b 1f 821 li r24,2 822 b 1f 823 li r24,3 8241: 825 /* on powersurge, we come in here with IR=0 and DR=1, and DBAT 0 826 set to map the 0xf0000000 - 0xffffffff region */ 827 mfmsr r0 828 rlwinm r0,r0,0,28,26 /* clear DR (0x10) */ 829 SYNC 830 mtmsr r0 831 isync 832 833 .globl __secondary_start 834__secondary_start: 835 /* Copy some CPU settings from CPU 0 */ 836 bl __restore_cpu_setup 837 838 lis r3,-KERNELBASE@h 839 mr r4,r24 840 bl call_setup_cpu /* Call setup_cpu for this CPU */ 841#ifdef CONFIG_6xx 842 lis r3,-KERNELBASE@h 843 bl init_idle_6xx 844#endif /* CONFIG_6xx */ 845 846 /* get current_thread_info and current */ 847 lis r1,secondary_ti@ha 848 tophys(r1,r1) 849 lwz r1,secondary_ti@l(r1) 850 tophys(r2,r1) 851 lwz r2,TI_TASK(r2) 852 853 /* stack */ 854 addi r1,r1,THREAD_SIZE-STACK_FRAME_OVERHEAD 855 li r0,0 856 tophys(r3,r1) 857 stw r0,0(r3) 858 859 /* load up the MMU */ 860 bl load_up_mmu 861 862 /* ptr to phys current thread */ 863 tophys(r4,r2) 864 addi r4,r4,THREAD /* phys address of our thread_struct */ 865 CLR_TOP32(r4) 866 mtspr SPRN_SPRG_THREAD,r4 867 li r3,0 868 mtspr SPRN_SPRG_RTAS,r3 /* 0 => not in RTAS */ 869 870 /* enable MMU and jump to start_secondary */ 871 li r4,MSR_KERNEL 872 FIX_SRR1(r4,r5) 873 lis r3,start_secondary@h 874 ori r3,r3,start_secondary@l 875 mtspr SPRN_SRR0,r3 876 mtspr SPRN_SRR1,r4 877 SYNC 878 RFI 879#endif /* CONFIG_SMP */ 880 881#ifdef CONFIG_KVM_BOOK3S_HANDLER 882#include "../kvm/book3s_rmhandlers.S" 883#endif 884 885/* 886 * Those generic dummy functions are kept for CPUs not 887 * included in CONFIG_6xx 888 */ 889#if !defined(CONFIG_6xx) 890_ENTRY(__save_cpu_setup) 891 blr 892_ENTRY(__restore_cpu_setup) 893 blr 894#endif /* !defined(CONFIG_6xx) */ 895 896 897/* 898 * Load stuff into the MMU. Intended to be called with 899 * IR=0 and DR=0. 900 */ 901load_up_mmu: 902 sync /* Force all PTE updates to finish */ 903 isync 904 tlbia /* Clear all TLB entries */ 905 sync /* wait for tlbia/tlbie to finish */ 906 TLBSYNC /* ... on all CPUs */ 907 /* Load the SDR1 register (hash table base & size) */ 908 lis r6,_SDR1@ha 909 tophys(r6,r6) 910 lwz r6,_SDR1@l(r6) 911 mtspr SPRN_SDR1,r6 912 li r0,16 /* load up segment register values */ 913 mtctr r0 /* for context 0 */ 914 lis r3,0x2000 /* Ku = 1, VSID = 0 */ 915 li r4,0 9163: mtsrin r3,r4 917 addi r3,r3,0x111 /* increment VSID */ 918 addis r4,r4,0x1000 /* address of next segment */ 919 bdnz 3b 920 921/* Load the BAT registers with the values set up by MMU_init. 922 MMU_init takes care of whether we're on a 601 or not. */ 923 mfpvr r3 924 srwi r3,r3,16 925 cmpwi r3,1 926 lis r3,BATS@ha 927 addi r3,r3,BATS@l 928 tophys(r3,r3) 929 LOAD_BAT(0,r3,r4,r5) 930 LOAD_BAT(1,r3,r4,r5) 931 LOAD_BAT(2,r3,r4,r5) 932 LOAD_BAT(3,r3,r4,r5) 933BEGIN_MMU_FTR_SECTION 934 LOAD_BAT(4,r3,r4,r5) 935 LOAD_BAT(5,r3,r4,r5) 936 LOAD_BAT(6,r3,r4,r5) 937 LOAD_BAT(7,r3,r4,r5) 938END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS) 939 blr 940 941/* 942 * This is where the main kernel code starts. 943 */ 944start_here: 945 /* ptr to current */ 946 lis r2,init_task@h 947 ori r2,r2,init_task@l 948 /* Set up for using our exception vectors */ 949 /* ptr to phys current thread */ 950 tophys(r4,r2) 951 addi r4,r4,THREAD /* init task's THREAD */ 952 CLR_TOP32(r4) 953 mtspr SPRN_SPRG_THREAD,r4 954 li r3,0 955 mtspr SPRN_SPRG_RTAS,r3 /* 0 => not in RTAS */ 956 957 /* stack */ 958 lis r1,init_thread_union@ha 959 addi r1,r1,init_thread_union@l 960 li r0,0 961 stwu r0,THREAD_SIZE-STACK_FRAME_OVERHEAD(r1) 962/* 963 * Do early platform-specific initialization, 964 * and set up the MMU. 965 */ 966 li r3,0 967 mr r4,r31 968 bl machine_init 969 bl __save_cpu_setup 970 bl MMU_init 971 972/* 973 * Go back to running unmapped so we can load up new values 974 * for SDR1 (hash table pointer) and the segment registers 975 * and change to using our exception vectors. 976 */ 977 lis r4,2f@h 978 ori r4,r4,2f@l 979 tophys(r4,r4) 980 li r3,MSR_KERNEL & ~(MSR_IR|MSR_DR) 981 FIX_SRR1(r3,r5) 982 mtspr SPRN_SRR0,r4 983 mtspr SPRN_SRR1,r3 984 SYNC 985 RFI 986/* Load up the kernel context */ 9872: bl load_up_mmu 988 989#ifdef CONFIG_BDI_SWITCH 990 /* Add helper information for the Abatron bdiGDB debugger. 991 * We do this here because we know the mmu is disabled, and 992 * will be enabled for real in just a few instructions. 993 */ 994 lis r5, abatron_pteptrs@h 995 ori r5, r5, abatron_pteptrs@l 996 stw r5, 0xf0(r0) /* This much match your Abatron config */ 997 lis r6, swapper_pg_dir@h 998 ori r6, r6, swapper_pg_dir@l 999 tophys(r5, r5) 1000 stw r6, 0(r5) 1001#endif /* CONFIG_BDI_SWITCH */ 1002 1003/* Now turn on the MMU for real! */ 1004 li r4,MSR_KERNEL 1005 FIX_SRR1(r4,r5) 1006 lis r3,start_kernel@h 1007 ori r3,r3,start_kernel@l 1008 mtspr SPRN_SRR0,r3 1009 mtspr SPRN_SRR1,r4 1010 SYNC 1011 RFI 1012 1013/* 1014 * void switch_mmu_context(struct mm_struct *prev, struct mm_struct *next); 1015 * 1016 * Set up the segment registers for a new context. 1017 */ 1018_ENTRY(switch_mmu_context) 1019 lwz r3,MMCONTEXTID(r4) 1020 cmpwi cr0,r3,0 1021 blt- 4f 1022 mulli r3,r3,897 /* multiply context by skew factor */ 1023 rlwinm r3,r3,4,8,27 /* VSID = (context & 0xfffff) << 4 */ 1024 addis r3,r3,0x6000 /* Set Ks, Ku bits */ 1025 li r0,NUM_USER_SEGMENTS 1026 mtctr r0 1027 1028#ifdef CONFIG_BDI_SWITCH 1029 /* Context switch the PTE pointer for the Abatron BDI2000. 1030 * The PGDIR is passed as second argument. 1031 */ 1032 lwz r4,MM_PGD(r4) 1033 lis r5, KERNELBASE@h 1034 lwz r5, 0xf0(r5) 1035 stw r4, 0x4(r5) 1036#endif 1037 li r4,0 1038 isync 10393: 1040 mtsrin r3,r4 1041 addi r3,r3,0x111 /* next VSID */ 1042 rlwinm r3,r3,0,8,3 /* clear out any overflow from VSID field */ 1043 addis r4,r4,0x1000 /* address of next segment */ 1044 bdnz 3b 1045 sync 1046 isync 1047 blr 10484: trap 1049 EMIT_BUG_ENTRY 4b,__FILE__,__LINE__,0 1050 blr 1051 1052/* 1053 * An undocumented "feature" of 604e requires that the v bit 1054 * be cleared before changing BAT values. 1055 * 1056 * Also, newer IBM firmware does not clear bat3 and 4 so 1057 * this makes sure it's done. 1058 * -- Cort 1059 */ 1060clear_bats: 1061 li r10,0 1062 mfspr r9,SPRN_PVR 1063 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */ 1064 cmpwi r9, 1 1065 beq 1f 1066 1067 mtspr SPRN_DBAT0U,r10 1068 mtspr SPRN_DBAT0L,r10 1069 mtspr SPRN_DBAT1U,r10 1070 mtspr SPRN_DBAT1L,r10 1071 mtspr SPRN_DBAT2U,r10 1072 mtspr SPRN_DBAT2L,r10 1073 mtspr SPRN_DBAT3U,r10 1074 mtspr SPRN_DBAT3L,r10 10751: 1076 mtspr SPRN_IBAT0U,r10 1077 mtspr SPRN_IBAT0L,r10 1078 mtspr SPRN_IBAT1U,r10 1079 mtspr SPRN_IBAT1L,r10 1080 mtspr SPRN_IBAT2U,r10 1081 mtspr SPRN_IBAT2L,r10 1082 mtspr SPRN_IBAT3U,r10 1083 mtspr SPRN_IBAT3L,r10 1084BEGIN_MMU_FTR_SECTION 1085 /* Here's a tweak: at this point, CPU setup have 1086 * not been called yet, so HIGH_BAT_EN may not be 1087 * set in HID0 for the 745x processors. However, it 1088 * seems that doesn't affect our ability to actually 1089 * write to these SPRs. 1090 */ 1091 mtspr SPRN_DBAT4U,r10 1092 mtspr SPRN_DBAT4L,r10 1093 mtspr SPRN_DBAT5U,r10 1094 mtspr SPRN_DBAT5L,r10 1095 mtspr SPRN_DBAT6U,r10 1096 mtspr SPRN_DBAT6L,r10 1097 mtspr SPRN_DBAT7U,r10 1098 mtspr SPRN_DBAT7L,r10 1099 mtspr SPRN_IBAT4U,r10 1100 mtspr SPRN_IBAT4L,r10 1101 mtspr SPRN_IBAT5U,r10 1102 mtspr SPRN_IBAT5L,r10 1103 mtspr SPRN_IBAT6U,r10 1104 mtspr SPRN_IBAT6L,r10 1105 mtspr SPRN_IBAT7U,r10 1106 mtspr SPRN_IBAT7L,r10 1107END_MMU_FTR_SECTION_IFSET(MMU_FTR_USE_HIGH_BATS) 1108 blr 1109 1110flush_tlbs: 1111 lis r10, 0x40 11121: addic. r10, r10, -0x1000 1113 tlbie r10 1114 bgt 1b 1115 sync 1116 blr 1117 1118mmu_off: 1119 addi r4, r3, __after_mmu_off - _start 1120 mfmsr r3 1121 andi. r0,r3,MSR_DR|MSR_IR /* MMU enabled? */ 1122 beqlr 1123 andc r3,r3,r0 1124 mtspr SPRN_SRR0,r4 1125 mtspr SPRN_SRR1,r3 1126 sync 1127 RFI 1128 1129/* 1130 * On 601, we use 3 BATs to map up to 24M of RAM at _PAGE_OFFSET 1131 * (we keep one for debugging) and on others, we use one 256M BAT. 1132 */ 1133initial_bats: 1134 lis r11,PAGE_OFFSET@h 1135 mfspr r9,SPRN_PVR 1136 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */ 1137 cmpwi 0,r9,1 1138 bne 4f 1139 ori r11,r11,4 /* set up BAT registers for 601 */ 1140 li r8,0x7f /* valid, block length = 8MB */ 1141 mtspr SPRN_IBAT0U,r11 /* N.B. 601 has valid bit in */ 1142 mtspr SPRN_IBAT0L,r8 /* lower BAT register */ 1143 addis r11,r11,0x800000@h 1144 addis r8,r8,0x800000@h 1145 mtspr SPRN_IBAT1U,r11 1146 mtspr SPRN_IBAT1L,r8 1147 addis r11,r11,0x800000@h 1148 addis r8,r8,0x800000@h 1149 mtspr SPRN_IBAT2U,r11 1150 mtspr SPRN_IBAT2L,r8 1151 isync 1152 blr 1153 11544: tophys(r8,r11) 1155#ifdef CONFIG_SMP 1156 ori r8,r8,0x12 /* R/W access, M=1 */ 1157#else 1158 ori r8,r8,2 /* R/W access */ 1159#endif /* CONFIG_SMP */ 1160 ori r11,r11,BL_256M<<2|0x2 /* set up BAT registers for 604 */ 1161 1162 mtspr SPRN_DBAT0L,r8 /* N.B. 6xx (not 601) have valid */ 1163 mtspr SPRN_DBAT0U,r11 /* bit in upper BAT register */ 1164 mtspr SPRN_IBAT0L,r8 1165 mtspr SPRN_IBAT0U,r11 1166 isync 1167 blr 1168 1169 1170#ifdef CONFIG_BOOTX_TEXT 1171setup_disp_bat: 1172 /* 1173 * setup the display bat prepared for us in prom.c 1174 */ 1175 mflr r8 1176 bl reloc_offset 1177 mtlr r8 1178 addis r8,r3,disp_BAT@ha 1179 addi r8,r8,disp_BAT@l 1180 cmpwi cr0,r8,0 1181 beqlr 1182 lwz r11,0(r8) 1183 lwz r8,4(r8) 1184 mfspr r9,SPRN_PVR 1185 rlwinm r9,r9,16,16,31 /* r9 = 1 for 601, 4 for 604 */ 1186 cmpwi 0,r9,1 1187 beq 1f 1188 mtspr SPRN_DBAT3L,r8 1189 mtspr SPRN_DBAT3U,r11 1190 blr 11911: mtspr SPRN_IBAT3L,r8 1192 mtspr SPRN_IBAT3U,r11 1193 blr 1194#endif /* CONFIG_BOOTX_TEXT */ 1195 1196#ifdef CONFIG_PPC_EARLY_DEBUG_CPM 1197setup_cpm_bat: 1198 lis r8, 0xf000 1199 ori r8, r8, 0x002a 1200 mtspr SPRN_DBAT1L, r8 1201 1202 lis r11, 0xf000 1203 ori r11, r11, (BL_1M << 2) | 2 1204 mtspr SPRN_DBAT1U, r11 1205 1206 blr 1207#endif 1208 1209#ifdef CONFIG_PPC_EARLY_DEBUG_USBGECKO 1210setup_usbgecko_bat: 1211 /* prepare a BAT for early io */ 1212#if defined(CONFIG_GAMECUBE) 1213 lis r8, 0x0c00 1214#elif defined(CONFIG_WII) 1215 lis r8, 0x0d00 1216#else 1217#error Invalid platform for USB Gecko based early debugging. 1218#endif 1219 /* 1220 * The virtual address used must match the virtual address 1221 * associated to the fixmap entry FIX_EARLY_DEBUG_BASE. 1222 */ 1223 lis r11, 0xfffe /* top 128K */ 1224 ori r8, r8, 0x002a /* uncached, guarded ,rw */ 1225 ori r11, r11, 0x2 /* 128K, Vs=1, Vp=0 */ 1226 mtspr SPRN_DBAT1L, r8 1227 mtspr SPRN_DBAT1U, r11 1228 blr 1229#endif 1230 1231#ifdef CONFIG_8260 1232/* Jump into the system reset for the rom. 1233 * We first disable the MMU, and then jump to the ROM reset address. 1234 * 1235 * r3 is the board info structure, r4 is the location for starting. 1236 * I use this for building a small kernel that can load other kernels, 1237 * rather than trying to write or rely on a rom monitor that can tftp load. 1238 */ 1239 .globl m8260_gorom 1240m8260_gorom: 1241 mfmsr r0 1242 rlwinm r0,r0,0,17,15 /* clear MSR_EE in r0 */ 1243 sync 1244 mtmsr r0 1245 sync 1246 mfspr r11, SPRN_HID0 1247 lis r10, 0 1248 ori r10,r10,HID0_ICE|HID0_DCE 1249 andc r11, r11, r10 1250 mtspr SPRN_HID0, r11 1251 isync 1252 li r5, MSR_ME|MSR_RI 1253 lis r6,2f@h 1254 addis r6,r6,-KERNELBASE@h 1255 ori r6,r6,2f@l 1256 mtspr SPRN_SRR0,r6 1257 mtspr SPRN_SRR1,r5 1258 isync 1259 sync 1260 rfi 12612: 1262 mtlr r4 1263 blr 1264#endif 1265 1266 1267/* 1268 * We put a few things here that have to be page-aligned. 1269 * This stuff goes at the beginning of the data segment, 1270 * which is page-aligned. 1271 */ 1272 .data 1273 .globl sdata 1274sdata: 1275 .globl empty_zero_page 1276empty_zero_page: 1277 .space 4096 1278 1279 .globl swapper_pg_dir 1280swapper_pg_dir: 1281 .space PGD_TABLE_SIZE 1282 1283 .globl intercept_table 1284intercept_table: 1285 .long 0, 0, i0x200, i0x300, i0x400, 0, i0x600, i0x700 1286 .long i0x800, 0, 0, 0, 0, i0xd00, 0, 0 1287 .long 0, 0, 0, i0x1300, 0, 0, 0, 0 1288 .long 0, 0, 0, 0, 0, 0, 0, 0 1289 .long 0, 0, 0, 0, 0, 0, 0, 0 1290 .long 0, 0, 0, 0, 0, 0, 0, 0 1291 1292/* Room for two PTE pointers, usually the kernel and current user pointers 1293 * to their respective root page table. 1294 */ 1295abatron_pteptrs: 1296 .space 8 1297