head_8xx.S source code [linux/arch/powerpc/kernel/head_8xx.S]

1	/ SPDX-License-Identifier: GPL-2.0-or-later /
2	/*
3	* PowerPC version
4	* Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
5	* Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
6	* Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
7	* Low-level exception handlers and MMU support
8	* rewritten by Paul Mackerras.
9	* Copyright (C) 1996 Paul Mackerras.
10	* MPC8xx modifications by Dan Malek
11	* Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
12	*
13	* This file contains low-level support and setup for PowerPC 8xx
14	* embedded processors, including trap and interrupt dispatch.
15	*/
16
17	#include <linux/init.h>
18	#include <linux/magic.h>
19	#include <linux/pgtable.h>
20	#include <linux/sizes.h>
21	#include <linux/linkage.h>
22
23	#include <asm/processor.h>
24	#include <asm/page.h>
25	#include <asm/mmu.h>
26	#include <asm/cache.h>
27	#include <asm/cputable.h>
28	#include <asm/thread_info.h>
29	#include <asm/ppc_asm.h>
30	#include <asm/asm-offsets.h>
31	#include <asm/ptrace.h>
32	#include <asm/code-patching-asm.h>
33	#include <asm/interrupt.h>
34
35	/*
36	* Value for the bits that have fixed value in RPN entries.
37	* Also used for tagging DAR for DTLBerror.
38	*/
39	#define RPN_PATTERN 0x00f0
40
41	#include "head_32.h"
42
43	#define PAGE_SHIFT_512K 19
44	#define PAGE_SHIFT_8M 23
45
46	__HEAD
47	_GLOBAL(_stext);
48	_GLOBAL(_start);
49
50	/ MPC8xx*
51	* This port was done on an MBX board with an 860. Right now I only
52	* support an ELF compressed (zImage) boot from EPPC-Bug because the
53	* code there loads up some registers before calling us:
54	* r3: ptr to board info data
55	* r4: initrd_start or if no initrd then 0
56	* r5: initrd_end - unused if r4 is 0
57	* r6: Start of command line string
58	* r7: End of command line string
59	*
60	* I decided to use conditional compilation instead of checking PVR and
61	* adding more processor specific branches around code I don't need.
62	* Since this is an embedded processor, I also appreciate any memory
63	* savings I can get.
64	*
65	* The MPC8xx does not have any BATs, but it supports large page sizes.
66	* We first initialize the MMU to support 8M byte pages, then load one
67	* entry into each of the instruction and data TLBs to map the first
68	* 8M 1:1. I also mapped an additional I/O space 1:1 so we can get to
69	* the "internal" processor registers before MMU_init is called.
70	*
71	* -- Dan
72	*/
73	.globl __start
74	__start:
75	mr r31,r3 / save device tree ptr /
76
77	/ We have to turn on the MMU right away so we get cache modes*
78	* set correctly.
79	*/
80	bl initial_mmu
81
82	/ We now have the lower 8 Meg mapped into TLB entries, and the caches*
83	* ready to work.
84	*/
85
86	turn_on_mmu:
87	mfmsr r0
88	ori r0,r0,MSR_DR\|MSR_IR
89	mtspr SPRN_SRR1,r0
90	lis r0,start_here@h
91	ori r0,r0,start_here@l
92	mtspr SPRN_SRR0,r0
93	rfi / enables MMU /
94
95
96	#ifdef CONFIG_PERF_EVENTS
97	.align `4`
98
99	.globl itlb_miss_counter
100	itlb_miss_counter:
101	.space `4`
102
103	.globl dtlb_miss_counter
104	dtlb_miss_counter:
105	.space `4`
106
107	.globl instruction_counter
108	instruction_counter:
109	.space `4`
110	#endif
111
112	/ System reset /
113	EXCEPTION(INTERRUPT_SYSTEM_RESET, Reset, system_reset_exception)
114
115	/ Machine check /
116	START_EXCEPTION(INTERRUPT_MACHINE_CHECK, MachineCheck)
117	EXCEPTION_PROLOG INTERRUPT_MACHINE_CHECK MachineCheck handle_dar_dsisr=`1`
118	prepare_transfer_to_handler
119	bl machine_check_exception
120	b interrupt_return
121
122	/ External interrupt /
123	EXCEPTION(INTERRUPT_EXTERNAL, HardwareInterrupt, do_IRQ)
124
125	/ Alignment exception /
126	START_EXCEPTION(INTERRUPT_ALIGNMENT, Alignment)
127	EXCEPTION_PROLOG INTERRUPT_ALIGNMENT Alignment handle_dar_dsisr=`1`
128	prepare_transfer_to_handler
129	bl alignment_exception
130	REST_NVGPRS(r1)
131	b interrupt_return
132
133	/ Program check exception /
134	START_EXCEPTION(INTERRUPT_PROGRAM, ProgramCheck)
135	EXCEPTION_PROLOG INTERRUPT_PROGRAM ProgramCheck
136	prepare_transfer_to_handler
137	bl program_check_exception
138	REST_NVGPRS(r1)
139	b interrupt_return
140
141	/ Decrementer /
142	EXCEPTION(INTERRUPT_DECREMENTER, Decrementer, timer_interrupt)
143
144	/ System call /
145	START_EXCEPTION(INTERRUPT_SYSCALL, SystemCall)
146	SYSCALL_ENTRY INTERRUPT_SYSCALL
147
148	/ Single step - not used on 601 /
149	EXCEPTION(INTERRUPT_TRACE, SingleStep, single_step_exception)
150
151	/ On the MPC8xx, this is a software emulation interrupt. It occurs*
152	* for all unimplemented and illegal instructions.
153	*/
154	START_EXCEPTION(INTERRUPT_SOFT_EMU_8xx, SoftEmu)
155	EXCEPTION_PROLOG INTERRUPT_SOFT_EMU_8xx SoftEmu
156	prepare_transfer_to_handler
157	bl emulation_assist_interrupt
158	REST_NVGPRS(r1)
159	b interrupt_return
160
161	/*
162	* For the MPC8xx, this is a software tablewalk to load the instruction
163	* TLB. The task switch loads the M_TWB register with the pointer to the first
164	* level table.
165	* If there is no second level table (value is zero) or if there
166	* is an invalid pte, we load that into the TLB, which causes another fault
167	* into the TLB Error interrupt where we can handle such problems.
168	* We have to use the MD_xxx registers for the tablewalk because the
169	* equivalent MI_xxx registers only perform the attribute functions.
170	*/
171
172	#ifdef CONFIG_8xx_CPU15
173	#define INVALIDATE_ADJACENT_PAGES_CPU15(addr, tmp) \
174	addi tmp, addr, PAGE_SIZE; \
175	tlbie tmp; \
176	addi tmp, addr, -PAGE_SIZE; \
177	tlbie tmp
178	#else
179	#define INVALIDATE_ADJACENT_PAGES_CPU15(addr, tmp)
180	#endif
181
182	START_EXCEPTION(INTERRUPT_INST_TLB_MISS_8xx, InstructionTLBMiss)
183	mtspr SPRN_SPRG_SCRATCH2, r10
184	mtspr SPRN_M_TW, r11
185
186	mfspr r10, SPRN_SRR0 / Get effective address of fault /
187	INVALIDATE_ADJACENT_PAGES_CPU15(r10, r11)
188	mtspr SPRN_MD_EPN, r10
189	mfspr r10, SPRN_M_TWB / Get level 1 table /
190	lwz r11, `0`(r10) / Get level 1 entry /
191	mtspr SPRN_MD_TWC, r11
192	mfspr r10, SPRN_MD_TWC
193	lwz r10, `0`(r10) / Get the pte /
194	rlwimi r11, r10, `0`, _PAGE_GUARDED \| _PAGE_ACCESSED
195	rlwimi r11, r10, `32` - `9`, _PMD_PAGE_512K
196	mtspr SPRN_MI_TWC, r11
197	/ The Linux PTE won't go exactly into the MMU TLB.*
198	* Software indicator bits 20 and 23 must be clear.
199	* Software indicator bits 22, 24, 25, 26, and 27 must be
200	* set. All other Linux PTE bits control the behavior
201	* of the MMU.
202	*/
203	rlwinm r10, r10, `0`, ~`0x0f00` / Clear bits 20-23 /
204	rlwimi r10, r10, `4`, `0x0400` / Copy _PAGE_EXEC into bit 21 /
205	ori r10, r10, RPN_PATTERN \| `0x200` / Set 22 and 24-27 /
206	mtspr SPRN_MI_RPN, r10 / Update TLB entry /
207
208	/ Restore registers /
209	`0`: mfspr r10, SPRN_SPRG_SCRATCH2
210	mfspr r11, SPRN_M_TW
211	rfi
212	patch_site `0b`, patch__itlbmiss_exit_1
213
214	#ifdef CONFIG_PERF_EVENTS
215	patch_site `0f`, patch__itlbmiss_perf
216	`0`: lwz r10, (itlb_miss_counter - PAGE_OFFSET)@l(`0`)
217	addi r10, r10, `1`
218	stw r10, (itlb_miss_counter - PAGE_OFFSET)@l(`0`)
219	mfspr r10, SPRN_SPRG_SCRATCH2
220	mfspr r11, SPRN_M_TW
221	rfi
222	#endif
223
224	START_EXCEPTION(INTERRUPT_DATA_TLB_MISS_8xx, DataStoreTLBMiss)
225	mtspr SPRN_SPRG_SCRATCH2, r10
226	mtspr SPRN_M_TW, r11
227
228	mfspr r10, SPRN_M_TWB / Get level 1 table /
229	lwz r11, `0`(r10) / Get level 1 entry /
230
231	mtspr SPRN_MD_TWC, r11
232	mfspr r10, SPRN_MD_TWC
233	lwz r10, `0`(r10) / Get the pte /
234
235	/ Insert Guarded and Accessed flags into the TWC from the Linux PTE.*
236	* It is bit 27 of both the Linux PTE and the TWC (at least
237	* I got that right :-). It will be better when we can put
238	* this into the Linux pgd/pmd and load it in the operation
239	* above.
240	*/
241	rlwimi r11, r10, `0`, _PAGE_GUARDED \| _PAGE_ACCESSED
242	rlwimi r11, r10, `32` - `9`, _PMD_PAGE_512K
243	mtspr SPRN_MD_TWC, r11
244
245	/ The Linux PTE won't go exactly into the MMU TLB.*
246	* Software indicator bits 24, 25, 26, and 27 must be
247	* set. All other Linux PTE bits control the behavior
248	* of the MMU.
249	*/
250	li r11, RPN_PATTERN
251	rlwimi r10, r11, `0`, `24`, `27` / Set 24-27 /
252	mtspr SPRN_MD_RPN, r10 / Update TLB entry /
253	mtspr SPRN_DAR, r11 / Tag DAR /
254
255	/ Restore registers /
256
257	`0`: mfspr r10, SPRN_SPRG_SCRATCH2
258	mfspr r11, SPRN_M_TW
259	rfi
260	patch_site `0b`, patch__dtlbmiss_exit_1
261
262	#ifdef CONFIG_PERF_EVENTS
263	patch_site `0f`, patch__dtlbmiss_perf
264	`0`: lwz r10, (dtlb_miss_counter - PAGE_OFFSET)@l(`0`)
265	addi r10, r10, `1`
266	stw r10, (dtlb_miss_counter - PAGE_OFFSET)@l(`0`)
267	mfspr r10, SPRN_SPRG_SCRATCH2
268	mfspr r11, SPRN_M_TW
269	rfi
270	#endif
271
272	/ This is an instruction TLB error on the MPC8xx. This could be due*
273	* to many reasons, such as executing guarded memory or illegal instruction
274	* addresses. There is nothing to do but handle a big time error fault.
275	*/
276	START_EXCEPTION(INTERRUPT_INST_TLB_ERROR_8xx, InstructionTLBError)
277	/ 0x400 is InstructionAccess exception, needed by bad_page_fault() /
278	EXCEPTION_PROLOG INTERRUPT_INST_STORAGE InstructionTLBError
279	andis. r5,r9,DSISR_SRR1_MATCH_32S@h / Filter relevant SRR1 bits /
280	andis. r10,r9,SRR1_ISI_NOPT@h
281	beq+ .Litlbie
282	tlbie r12
283	.Litlbie:
284	stw r12, _DAR(r11)
285	stw r5, _DSISR(r11)
286	prepare_transfer_to_handler
287	bl do_page_fault
288	b interrupt_return
289
290	/ This is the data TLB error on the MPC8xx. This could be due to*
291	* many reasons, including a dirty update to a pte. We bail out to
292	* a higher level function that can handle it.
293	*/
294	START_EXCEPTION(INTERRUPT_DATA_TLB_ERROR_8xx, DataTLBError)
295	EXCEPTION_PROLOG_0 handle_dar_dsisr=`1`
296	mfspr r11, SPRN_DAR
297	cmpwi cr1, r11, RPN_PATTERN
298	beq- cr1, FixupDAR / must be a buggy dcbX, icbi insn. /
299	DARFixed:/ Return from dcbx instruction bug workaround /
300	mfspr r11, SPRN_DSISR
301	rlwinm r11, r11, `0`, DSISR_NOHPTE
302	cmpwi cr1, r11, `0`
303	beq+ cr1, .Ldtlbie
304	mfspr r11, SPRN_DAR
305	tlbie r11
306	rlwinm r11, r11, `16`, `0xffff`
307	cmplwi cr1, r11, TASK_SIZE@h
308	bge- cr1, FixupPGD
309	.Ldtlbie:
310	EXCEPTION_PROLOG_1
311	/ 0x300 is DataAccess exception, needed by bad_page_fault() /
312	EXCEPTION_PROLOG_2 INTERRUPT_DATA_STORAGE DataTLBError handle_dar_dsisr=`1`
313	prepare_transfer_to_handler
314	bl do_page_fault
315	b interrupt_return
316
317	#ifdef CONFIG_VMAP_STACK
318	vmap_stack_overflow_exception
319	#endif
320
321	/ On the MPC8xx, these next four traps are used for development*
322	* support of breakpoints and such. Someday I will get around to
323	* using them.
324	*/
325	START_EXCEPTION(INTERRUPT_DATA_BREAKPOINT_8xx, DataBreakpoint)
326	EXCEPTION_PROLOG_0 handle_dar_dsisr=`1`
327	mfspr r11, SPRN_SRR0
328	cmplwi cr1, r11, (.Ldtlbie - PAGE_OFFSET)@l
329	cmplwi cr7, r11, (.Litlbie - PAGE_OFFSET)@l
330	cror `4`cr1+eq, `4`cr1+eq, `4`*cr7+eq
331	bne cr1, `1f`
332	mtcr r10
333	mfspr r10, SPRN_SPRG_SCRATCH0
334	mfspr r11, SPRN_SPRG_SCRATCH1
335	rfi
336
337	`1`: EXCEPTION_PROLOG_1
338	EXCEPTION_PROLOG_2 INTERRUPT_DATA_BREAKPOINT_8xx DataBreakpoint handle_dar_dsisr=`1`
339	mfspr r4,SPRN_BAR
340	stw r4,_DAR(r11)
341	prepare_transfer_to_handler
342	bl do_break
343	REST_NVGPRS(r1)
344	b interrupt_return
345
346	#ifdef CONFIG_PERF_EVENTS
347	START_EXCEPTION(INTERRUPT_INST_BREAKPOINT_8xx, InstructionBreakpoint)
348	mtspr SPRN_SPRG_SCRATCH0, r10
349	lwz r10, (instruction_counter - PAGE_OFFSET)@l(`0`)
350	addi r10, r10, -`1`
351	stw r10, (instruction_counter - PAGE_OFFSET)@l(`0`)
352	lis r10, `0xffff`
353	ori r10, r10, `0x01`
354	mtspr SPRN_COUNTA, r10
355	mfspr r10, SPRN_SPRG_SCRATCH0
356	rfi
357	#else
358	EXCEPTION(INTERRUPT_INST_BREAKPOINT_8xx, Trap_1d, unknown_exception)
359	#endif
360	EXCEPTION(`0x1e00`, Trap_1e, unknown_exception)
361	EXCEPTION(`0x1f00`, Trap_1f, unknown_exception)
362
363	__HEAD
364	. = `0x2000`
365
366	FixupPGD:
367	mtspr SPRN_M_TW, r10
368	mfspr r10, SPRN_DAR
369	mtspr SPRN_MD_EPN, r10
370	mfspr r11, SPRN_M_TWB / Get level 1 table /
371	lwz r10, `0`(r11) / Get the level 1 entry /
372	cmpwi cr1, r10, `0`
373	bne cr1, `1f`
374
375	rlwinm r10, r11, `0`, `20`, `31`
376	oris r10, r10, (swapper_pg_dir - PAGE_OFFSET)@ha
377	lwz r10, (swapper_pg_dir - PAGE_OFFSET)@l(r10) / Get the level 1 entry /
378	cmpwi cr1, r10, `0`
379	beq cr1, `1f`
380	stw r10, `0`(r11) / Set the level 1 entry /
381	mfspr r10, SPRN_M_TW
382	mtcr r10
383	mfspr r10, SPRN_SPRG_SCRATCH0
384	mfspr r11, SPRN_SPRG_SCRATCH1
385	rfi
386	`1`:
387	mfspr r10, SPRN_M_TW
388	b .Ldtlbie
389
390	/ This is the procedure to calculate the data EA for buggy dcbx,dcbi instructions*
391	* by decoding the registers used by the dcbx instruction and adding them.
392	* DAR is set to the calculated address.
393	*/
394	FixupDAR:/ Entry point for dcbx workaround. /
395	mtspr SPRN_M_TW, r10
396	/ fetch instruction from memory. /
397	mfspr r10, SPRN_SRR0
398	mtspr SPRN_MD_EPN, r10
399	rlwinm r11, r10, `16`, `0xfff8`
400	cmpli cr1, r11, TASK_SIZE@h
401	mfspr r11, SPRN_M_TWB / Get level 1 table /
402	blt+ cr1, `3f`
403
404	/ create physical page address from effective address /
405	tophys(r11, r10)
406	mfspr r11, SPRN_M_TWB / Get level 1 table /
407	rlwinm r11, r11, `0`, `20`, `31`
408	oris r11, r11, (swapper_pg_dir - PAGE_OFFSET)@h
409	ori r11, r11, (swapper_pg_dir - PAGE_OFFSET)@l
410	`3`:
411	lwz r11, `0`(r11) / Get the level 1 entry /
412	rlwinm r11, r11, `0`, ~_PMD_PAGE_8M
413	mtspr SPRN_MD_TWC, r11
414	mfspr r11, SPRN_MD_TWC
415	lwz r11, `0`(r11) / Get the pte /
416	/ concat physical page address(r11) and page offset(r10) /
417	rlwimi r11, r10, `0`, `32` - PAGE_SHIFT, `31`
418	lwz r11,`0`(r11)
419	/ Check if it really is a dcbx instruction. /
420	/ dcbt and dcbtst does not generate DTLB Misses/Errors,*
421	* no need to include them here */
422	xoris r10, r11, `0x7c00` / check if major OP code is 31 /
423	rlwinm r10, r10, `0`, `21`, `5`
424	cmpwi cr1, r10, `2028` / Is dcbz? /
425	beq+ cr1, `142f`
426	cmpwi cr1, r10, `940` / Is dcbi? /
427	beq+ cr1, `142f`
428	cmpwi cr1, r10, `108` / Is dcbst? /
429	beq+ cr1, `144f` / Fix up store bit! /
430	cmpwi cr1, r10, `172` / Is dcbf? /
431	beq+ cr1, `142f`
432	cmpwi cr1, r10, `1964` / Is icbi? /
433	beq+ cr1, `142f`
434	`141`: mfspr r10,SPRN_M_TW
435	b DARFixed / Nope, go back to normal TLB processing /
436
437	`144`: mfspr r10, SPRN_DSISR
438	rlwinm r10, r10,`0`,`7`,`5` / Clear store bit for buggy dcbst insn /
439	mtspr SPRN_DSISR, r10
440	`142`: / continue, it was a dcbx, dcbi instruction. /
441	mfctr r10
442	mtdar r10 / save ctr reg in DAR /
443	rlwinm r10, r11, `24`, `24`, `28` / offset into jump table for reg RB /
444	addi r10, r10, `150f`@l / add start of table /
445	mtctr r10 / load ctr with jump address /
446	xor r10, r10, r10 / sum starts at zero /
447	bctr / jump into table /
448	`150`:
449	add r10, r10, r0 ;b `151f`
450	add r10, r10, r1 ;b `151f`
451	add r10, r10, r2 ;b `151f`
452	add r10, r10, r3 ;b `151f`
453	add r10, r10, r4 ;b `151f`
454	add r10, r10, r5 ;b `151f`
455	add r10, r10, r6 ;b `151f`
456	add r10, r10, r7 ;b `151f`
457	add r10, r10, r8 ;b `151f`
458	add r10, r10, r9 ;b `151f`
459	mtctr r11 ;b `154f` / r10 needs special handling /
460	mtctr r11 ;b `153f` / r11 needs special handling /
461	add r10, r10, r12 ;b `151f`
462	add r10, r10, r13 ;b `151f`
463	add r10, r10, r14 ;b `151f`
464	add r10, r10, r15 ;b `151f`
465	add r10, r10, r16 ;b `151f`
466	add r10, r10, r17 ;b `151f`
467	add r10, r10, r18 ;b `151f`
468	add r10, r10, r19 ;b `151f`
469	add r10, r10, r20 ;b `151f`
470	add r10, r10, r21 ;b `151f`
471	add r10, r10, r22 ;b `151f`
472	add r10, r10, r23 ;b `151f`
473	add r10, r10, r24 ;b `151f`
474	add r10, r10, r25 ;b `151f`
475	add r10, r10, r26 ;b `151f`
476	add r10, r10, r27 ;b `151f`
477	add r10, r10, r28 ;b `151f`
478	add r10, r10, r29 ;b `151f`
479	add r10, r10, r30 ;b `151f`
480	add r10, r10, r31
481	`151`:
482	rlwinm r11,r11,`19`,`24`,`28` / offset into jump table for reg RA /
483	cmpwi cr1, r11, `0`
484	beq cr1, `152f` / if reg RA is zero, don't add it /
485	addi r11, r11, `150b`@l / add start of table /
486	mtctr r11 / load ctr with jump address /
487	rlwinm r11,r11,`0`,`16`,`10` / make sure we don't execute this more than once /
488	bctr / jump into table /
489	`152`:
490	mfdar r11
491	mtdar r10
492	mtctr r11 / restore ctr reg from DAR /
493	mfspr r11, SPRN_SPRG_THREAD
494	stw r10, DAR(r11)
495	mfspr r10, SPRN_DSISR
496	stw r10, DSISR(r11)
497	mfspr r10,SPRN_M_TW
498	b DARFixed / Go back to normal TLB handling /
499
500	/ special handling for r10,r11 since these are modified already /
501	`153`: mfspr r11, SPRN_SPRG_SCRATCH1 / load r11 from SPRN_SPRG_SCRATCH1 /
502	add r10, r10, r11 / add it /
503	mfctr r11 / restore r11 /
504	b `151b`
505	`154`: mfspr r11, SPRN_SPRG_SCRATCH0 / load r10 from SPRN_SPRG_SCRATCH0 /
506	add r10, r10, r11 / add it /
507	mfctr r11 / restore r11 /
508	b `151b`
509
510	/*
511	* This is where the main kernel code starts.
512	*/
513	start_here:
514	/ ptr to current /
515	lis r2,init_task@h
516	ori r2,r2,init_task@l
517
518	/ ptr to phys current thread /
519	tophys(r4,r2)
520	addi r4,r4,THREAD / init task's THREAD /
521	mtspr SPRN_SPRG_THREAD,r4
522
523	/ stack /
524	lis r1,init_thread_union@ha
525	addi r1,r1,init_thread_union@l
526	lis r0, STACK_END_MAGIC@h
527	ori r0, r0, STACK_END_MAGIC@l
528	stw r0, `0`(r1)
529	li r0,`0`
530	stwu r0,THREAD_SIZE-STACK_FRAME_MIN_SIZE(r1)
531
532	lis r6, swapper_pg_dir@h
533	ori r6, r6, swapper_pg_dir@l
534	tophys(r6,r6)
535	mtspr SPRN_M_TWB, r6
536
537	bl early_init / We have to do this with MMU on /
538
539	/*
540	* Decide what sort of machine this is and initialize the MMU.
541	*/
542	#ifdef CONFIG_KASAN
543	bl kasan_early_init
544	#endif
545	li r3,`0`
546	mr r4,r31
547	bl machine_init
548	bl MMU_init
549
550	/*
551	* Go back to running unmapped so we can load up new values
552	* and change to using our exception vectors.
553	* On the 8xx, all we have to do is invalidate the TLB to clear
554	* the old 8M byte TLB mappings and load the page table base register.
555	*/
556	/ The right way to do this would be to track it down through*
557	* init's THREAD like the context switch code does, but this is
558	* easier......until someone changes init's static structures.
559	*/
560	lis r4,`2f`@h
561	ori r4,r4,`2f`@l
562	tophys(r4,r4)
563	li r3,MSR_KERNEL & ~(MSR_IR\|MSR_DR)
564	mtspr SPRN_SRR0,r4
565	mtspr SPRN_SRR1,r3
566	rfi
567	/ Load up the kernel context /
568	`2`:
569	#ifdef CONFIG_PIN_TLB_IMMR
570	lis r0, MD_TWAM@h
571	oris r0, r0, `0x1f00`
572	mtspr SPRN_MD_CTR, r0
573	LOAD_REG_IMMEDIATE(r0, VIRT_IMMR_BASE \| MD_EVALID)
574	tlbie r0
575	mtspr SPRN_MD_EPN, r0
576	LOAD_REG_IMMEDIATE(r0, MD_SVALID \| MD_PS512K \| MD_GUARDED)
577	mtspr SPRN_MD_TWC, r0
578	mfspr r0, SPRN_IMMR
579	rlwinm r0, r0, `0`, `0xfff80000`
580	ori r0, r0, `0xf0` \| _PAGE_DIRTY \| _PAGE_SPS \| _PAGE_SH \| \
581	_PAGE_NO_CACHE \| _PAGE_PRESENT
582	mtspr SPRN_MD_RPN, r0
583	lis r0, (MD_TWAM \| MD_RSV4I)@h
584	mtspr SPRN_MD_CTR, r0
585	#endif
586	#ifndef CONFIG_PIN_TLB_TEXT
587	li r0, `0`
588	mtspr SPRN_MI_CTR, r0
589	#endif
590	#if !defined(CONFIG_PIN_TLB_DATA) && !defined(CONFIG_PIN_TLB_IMMR)
591	lis r0, MD_TWAM@h
592	mtspr SPRN_MD_CTR, r0
593	#endif
594	tlbia / Clear all TLB entries /
595	sync / wait for tlbia/tlbie to finish /
596
597	/ set up the PTE pointers for the Abatron bdiGDB.*
598	*/
599	lis r5, abatron_pteptrs@h
600	ori r5, r5, abatron_pteptrs@l
601	stw r5, `0xf0`(`0`) / Must match your Abatron config file /
602	tophys(r5,r5)
603	lis r6, swapper_pg_dir@h
604	ori r6, r6, swapper_pg_dir@l
605	stw r6, `0`(r5)
606
607	/ Now turn on the MMU for real! /
608	li r4,MSR_KERNEL
609	lis r3,start_kernel@h
610	ori r3,r3,start_kernel@l
611	mtspr SPRN_SRR0,r3
612	mtspr SPRN_SRR1,r4
613	rfi / enable MMU and jump to start_kernel /
614
615	/ Set up the initial MMU state so we can do the first level of*
616	* kernel initialization. This maps the first 8 MBytes of memory 1:1
617	* virtual to physical. Also, set the cache mode since that is defined
618	* by TLB entries and perform any additional mapping (like of the IMMR).
619	* If configured to pin some TLBs, we pin the first 8 Mbytes of kernel,
620	* 24 Mbytes of data, and the 512k IMMR space. Anything not covered by
621	* these mappings is mapped by page tables.
622	*/
623	SYM_FUNC_START_LOCAL(initial_mmu)
624	li r8, `0`
625	mtspr SPRN_MI_CTR, r8 / remove PINNED ITLB entries /
626	lis r10, MD_TWAM@h
627	mtspr SPRN_MD_CTR, r10 / remove PINNED DTLB entries /
628
629	tlbia / Invalidate all TLB entries /
630
631	lis r8, MI_APG_INIT@h / Set protection modes /
632	ori r8, r8, MI_APG_INIT@l
633	mtspr SPRN_MI_AP, r8
634	lis r8, MD_APG_INIT@h
635	ori r8, r8, MD_APG_INIT@l
636	mtspr SPRN_MD_AP, r8
637
638	/ Map the lower RAM (up to 32 Mbytes) into the ITLB and DTLB /
639	lis r8, MI_RSV4I@h
640	ori r8, r8, `0x1c00`
641	oris r12, r10, MD_RSV4I@h
642	ori r12, r12, `0x1c00`
643	li r9, `4` / up to 4 pages of 8M /
644	mtctr r9
645	lis r9, KERNELBASE@h / Create vaddr for TLB /
646	li r10, MI_PS8MEG \| _PMD_ACCESSED \| MI_SVALID
647	li r11, MI_BOOTINIT / Create RPN for address 0 /
648	`1`:
649	mtspr SPRN_MI_CTR, r8 / Set instruction MMU control /
650	addi r8, r8, `0x100`
651	ori r0, r9, MI_EVALID / Mark it valid /
652	mtspr SPRN_MI_EPN, r0
653	mtspr SPRN_MI_TWC, r10
654	mtspr SPRN_MI_RPN, r11 / Store TLB entry /
655	mtspr SPRN_MD_CTR, r12
656	addi r12, r12, `0x100`
657	mtspr SPRN_MD_EPN, r0
658	mtspr SPRN_MD_TWC, r10
659	mtspr SPRN_MD_RPN, r11
660	addis r9, r9, `0x80`
661	addis r11, r11, `0x80`
662
663	bdnz `1b`
664
665	/ Since the cache is enabled according to the information we*
666	* just loaded into the TLB, invalidate and enable the caches here.
667	* We should probably check/set other modes....later.
668	*/
669	lis r8, IDC_INVALL@h
670	mtspr SPRN_IC_CST, r8
671	mtspr SPRN_DC_CST, r8
672	lis r8, IDC_ENABLE@h
673	mtspr SPRN_IC_CST, r8
674	mtspr SPRN_DC_CST, r8
675	/ Disable debug mode entry on breakpoints /
676	mfspr r8, SPRN_DER
677	#ifdef CONFIG_PERF_EVENTS
678	rlwinm r8, r8, `0`, ~`0xc`
679	#else
680	rlwinm r8, r8, `0`, ~`0x8`
681	#endif
682	mtspr SPRN_DER, r8
683	blr
684	SYM_FUNC_END(initial_mmu)
685
686	#ifdef CONFIG_PIN_TLB
687	_GLOBAL(mmu_pin_tlb)
688	lis r9, (`1f` - PAGE_OFFSET)@h
689	ori r9, r9, (`1f` - PAGE_OFFSET)@l
690	mfmsr r10
691	mflr r11
692	li r12, MSR_KERNEL & ~(MSR_IR \| MSR_DR \| MSR_RI)
693	rlwinm r0, r10, `0`, ~MSR_RI
694	rlwinm r0, r0, `0`, ~MSR_EE
695	mtmsr r0
696	isync
697	.align `4`
698	mtspr SPRN_SRR0, r9
699	mtspr SPRN_SRR1, r12
700	rfi
701	`1`:
702	li r5, `0`
703	lis r6, MD_TWAM@h
704	mtspr SPRN_MI_CTR, r5
705	mtspr SPRN_MD_CTR, r6
706	tlbia
707
708	#ifdef CONFIG_PIN_TLB_TEXT
709	LOAD_REG_IMMEDIATE(r5, `28` << `8`)
710	LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET)
711	LOAD_REG_IMMEDIATE(r7, MI_SVALID \| MI_PS8MEG \| _PMD_ACCESSED)
712	LOAD_REG_IMMEDIATE(r8, `0xf0` \| _PAGE_RO \| _PAGE_SPS \| _PAGE_SH \| _PAGE_PRESENT)
713	LOAD_REG_ADDR(r9, _sinittext)
714	li r0, `4`
715	mtctr r0
716
717	`2`: ori r0, r6, MI_EVALID
718	mtspr SPRN_MI_CTR, r5
719	mtspr SPRN_MI_EPN, r0
720	mtspr SPRN_MI_TWC, r7
721	mtspr SPRN_MI_RPN, r8
722	addi r5, r5, `0x100`
723	addis r6, r6, SZ_8M@h
724	addis r8, r8, SZ_8M@h
725	cmplw r6, r9
726	bdnzt lt, `2b`
727	lis r0, MI_RSV4I@h
728	mtspr SPRN_MI_CTR, r0
729	#endif
730
731	LOAD_REG_IMMEDIATE(r5, `28` << `8` \| MD_TWAM)
732	#ifdef CONFIG_PIN_TLB_DATA
733	LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET)
734	LOAD_REG_IMMEDIATE(r7, MI_SVALID \| MI_PS8MEG \| _PMD_ACCESSED)
735	li r8, `0`
736	#ifdef CONFIG_PIN_TLB_IMMR
737	li r0, `3`
738	#else
739	li r0, `4`
740	#endif
741	mtctr r0
742	cmpwi r4, `0`
743	beq `4f`
744	LOAD_REG_ADDR(r9, _sinittext)
745
746	`2`: ori r0, r6, MD_EVALID
747	ori r12, r8, `0xf0` \| _PAGE_RO \| _PAGE_SPS \| _PAGE_SH \| _PAGE_PRESENT
748	mtspr SPRN_MD_CTR, r5
749	mtspr SPRN_MD_EPN, r0
750	mtspr SPRN_MD_TWC, r7
751	mtspr SPRN_MD_RPN, r12
752	addi r5, r5, `0x100`
753	addis r6, r6, SZ_8M@h
754	addis r8, r8, SZ_8M@h
755	cmplw r6, r9
756	bdnzt lt, `2b`
757	`4`:
758	`2`: ori r0, r6, MD_EVALID
759	ori r12, r8, `0xf0` \| _PAGE_DIRTY \| _PAGE_SPS \| _PAGE_SH \| _PAGE_PRESENT
760	mtspr SPRN_MD_CTR, r5
761	mtspr SPRN_MD_EPN, r0
762	mtspr SPRN_MD_TWC, r7
763	mtspr SPRN_MD_RPN, r12
764	addi r5, r5, `0x100`
765	addis r6, r6, SZ_8M@h
766	addis r8, r8, SZ_8M@h
767	cmplw r6, r3
768	bdnzt lt, `2b`
769	#endif
770	#ifdef CONFIG_PIN_TLB_IMMR
771	LOAD_REG_IMMEDIATE(r0, VIRT_IMMR_BASE \| MD_EVALID)
772	LOAD_REG_IMMEDIATE(r7, MD_SVALID \| MD_PS512K \| MD_GUARDED \| _PMD_ACCESSED)
773	mfspr r8, SPRN_IMMR
774	rlwinm r8, r8, `0`, `0xfff80000`
775	ori r8, r8, `0xf0` \| _PAGE_DIRTY \| _PAGE_SPS \| _PAGE_SH \| \
776	_PAGE_NO_CACHE \| _PAGE_PRESENT
777	mtspr SPRN_MD_CTR, r5
778	mtspr SPRN_MD_EPN, r0
779	mtspr SPRN_MD_TWC, r7
780	mtspr SPRN_MD_RPN, r8
781	#endif
782	#if defined(CONFIG_PIN_TLB_IMMR) \|\| defined(CONFIG_PIN_TLB_DATA)
783	lis r0, (MD_RSV4I \| MD_TWAM)@h
784	mtspr SPRN_MD_CTR, r0
785	#endif
786	mtspr SPRN_SRR1, r10
787	mtspr SPRN_SRR0, r11
788	rfi
789	#endif
790

source code of linux/arch/powerpc/kernel/head_8xx.S