head_8xx.S source code [linux/arch/powerpc/kernel/head_8xx.S]

1	/ SPDX-License-Identifier: GPL-2.0-or-later /
2	/*
3	* PowerPC version
4	* Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
5	* Rewritten by Cort Dougan (cort@cs.nmt.edu) for PReP
6	* Copyright (C) 1996 Cort Dougan <cort@cs.nmt.edu>
7	* Low-level exception handlers and MMU support
8	* rewritten by Paul Mackerras.
9	* Copyright (C) 1996 Paul Mackerras.
10	* MPC8xx modifications by Dan Malek
11	* Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
12	*
13	* This file contains low-level support and setup for PowerPC 8xx
14	* embedded processors, including trap and interrupt dispatch.
15	*/
16
17	#include <linux/init.h>
18	#include <linux/magic.h>
19	#include <linux/pgtable.h>
20	#include <linux/sizes.h>
21	#include <linux/linkage.h>
22
23	#include <asm/processor.h>
24	#include <asm/page.h>
25	#include <asm/mmu.h>
26	#include <asm/cache.h>
27	#include <asm/cputable.h>
28	#include <asm/thread_info.h>
29	#include <asm/ppc_asm.h>
30	#include <asm/asm-offsets.h>
31	#include <asm/ptrace.h>
32	#include <asm/code-patching-asm.h>
33	#include <asm/interrupt.h>
34
35	/*
36	* Value for the bits that have fixed value in RPN entries.
37	* Also used for tagging DAR for DTLBerror.
38	*/
39	#define RPN_PATTERN 0x00f0
40
41	#include "head_32.h"
42
43	.macro compare_to_kernel_boundary scratch, addr
44	#if CONFIG_TASK_SIZE <= 0x80000000 && CONFIG_PAGE_OFFSET >= 0x80000000
45	/ By simply checking Address >= 0x80000000, we know if its a kernel address /
46	not. \scratch, \addr
47	#else
48	rlwinm \scratch, \addr, `16`, `0xfff8`
49	cmpli cr0, \scratch, PAGE_OFFSET@h
50	#endif
51	.endm
52
53	#define PAGE_SHIFT_512K 19
54	#define PAGE_SHIFT_8M 23
55
56	__HEAD
57	_GLOBAL(_stext);
58	_GLOBAL(_start);
59
60	/ MPC8xx*
61	* This port was done on an MBX board with an 860. Right now I only
62	* support an ELF compressed (zImage) boot from EPPC-Bug because the
63	* code there loads up some registers before calling us:
64	* r3: ptr to board info data
65	* r4: initrd_start or if no initrd then 0
66	* r5: initrd_end - unused if r4 is 0
67	* r6: Start of command line string
68	* r7: End of command line string
69	*
70	* I decided to use conditional compilation instead of checking PVR and
71	* adding more processor specific branches around code I don't need.
72	* Since this is an embedded processor, I also appreciate any memory
73	* savings I can get.
74	*
75	* The MPC8xx does not have any BATs, but it supports large page sizes.
76	* We first initialize the MMU to support 8M byte pages, then load one
77	* entry into each of the instruction and data TLBs to map the first
78	* 8M 1:1. I also mapped an additional I/O space 1:1 so we can get to
79	* the "internal" processor registers before MMU_init is called.
80	*
81	* -- Dan
82	*/
83	.globl __start
84	__start:
85	mr r31,r3 / save device tree ptr /
86
87	/ We have to turn on the MMU right away so we get cache modes*
88	* set correctly.
89	*/
90	bl initial_mmu
91
92	/ We now have the lower 8 Meg mapped into TLB entries, and the caches*
93	* ready to work.
94	*/
95
96	turn_on_mmu:
97	mfmsr r0
98	ori r0,r0,MSR_DR\|MSR_IR
99	mtspr SPRN_SRR1,r0
100	lis r0,start_here@h
101	ori r0,r0,start_here@l
102	mtspr SPRN_SRR0,r0
103	rfi / enables MMU /
104
105
106	#ifdef CONFIG_PERF_EVENTS
107	.align `4`
108
109	.globl itlb_miss_counter
110	itlb_miss_counter:
111	.space `4`
112
113	.globl dtlb_miss_counter
114	dtlb_miss_counter:
115	.space `4`
116
117	.globl instruction_counter
118	instruction_counter:
119	.space `4`
120	#endif
121
122	/ System reset /
123	EXCEPTION(INTERRUPT_SYSTEM_RESET, Reset, system_reset_exception)
124
125	/ Machine check /
126	START_EXCEPTION(INTERRUPT_MACHINE_CHECK, MachineCheck)
127	EXCEPTION_PROLOG INTERRUPT_MACHINE_CHECK MachineCheck handle_dar_dsisr=`1`
128	prepare_transfer_to_handler
129	bl machine_check_exception
130	b interrupt_return
131
132	/ External interrupt /
133	EXCEPTION(INTERRUPT_EXTERNAL, HardwareInterrupt, do_IRQ)
134
135	/ Alignment exception /
136	START_EXCEPTION(INTERRUPT_ALIGNMENT, Alignment)
137	EXCEPTION_PROLOG INTERRUPT_ALIGNMENT Alignment handle_dar_dsisr=`1`
138	prepare_transfer_to_handler
139	bl alignment_exception
140	REST_NVGPRS(r1)
141	b interrupt_return
142
143	/ Program check exception /
144	START_EXCEPTION(INTERRUPT_PROGRAM, ProgramCheck)
145	EXCEPTION_PROLOG INTERRUPT_PROGRAM ProgramCheck
146	prepare_transfer_to_handler
147	bl program_check_exception
148	REST_NVGPRS(r1)
149	b interrupt_return
150
151	/ Decrementer /
152	EXCEPTION(INTERRUPT_DECREMENTER, Decrementer, timer_interrupt)
153
154	/ System call /
155	START_EXCEPTION(INTERRUPT_SYSCALL, SystemCall)
156	SYSCALL_ENTRY INTERRUPT_SYSCALL
157
158	/ Single step - not used on 601 /
159	EXCEPTION(INTERRUPT_TRACE, SingleStep, single_step_exception)
160
161	/ On the MPC8xx, this is a software emulation interrupt. It occurs*
162	* for all unimplemented and illegal instructions.
163	*/
164	START_EXCEPTION(INTERRUPT_SOFT_EMU_8xx, SoftEmu)
165	EXCEPTION_PROLOG INTERRUPT_SOFT_EMU_8xx SoftEmu
166	prepare_transfer_to_handler
167	bl emulation_assist_interrupt
168	REST_NVGPRS(r1)
169	b interrupt_return
170
171	/*
172	* For the MPC8xx, this is a software tablewalk to load the instruction
173	* TLB. The task switch loads the M_TWB register with the pointer to the first
174	* level table.
175	* If we discover there is no second level table (value is zero) or if there
176	* is an invalid pte, we load that into the TLB, which causes another fault
177	* into the TLB Error interrupt where we can handle such problems.
178	* We have to use the MD_xxx registers for the tablewalk because the
179	* equivalent MI_xxx registers only perform the attribute functions.
180	*/
181
182	#ifdef CONFIG_8xx_CPU15
183	#define INVALIDATE_ADJACENT_PAGES_CPU15(addr, tmp) \
184	addi tmp, addr, PAGE_SIZE; \
185	tlbie tmp; \
186	addi tmp, addr, -PAGE_SIZE; \
187	tlbie tmp
188	#else
189	#define INVALIDATE_ADJACENT_PAGES_CPU15(addr, tmp)
190	#endif
191
192	START_EXCEPTION(INTERRUPT_INST_TLB_MISS_8xx, InstructionTLBMiss)
193	mtspr SPRN_SPRG_SCRATCH2, r10
194	mtspr SPRN_M_TW, r11
195
196	/ If we are faulting a kernel address, we have to use the*
197	* kernel page tables.
198	*/
199	mfspr r10, SPRN_SRR0 / Get effective address of fault /
200	INVALIDATE_ADJACENT_PAGES_CPU15(r10, r11)
201	mtspr SPRN_MD_EPN, r10
202	#ifdef CONFIG_MODULES
203	mfcr r11
204	compare_to_kernel_boundary r10, r10
205	#endif
206	mfspr r10, SPRN_M_TWB / Get level 1 table /
207	#ifdef CONFIG_MODULES
208	blt+ `3f`
209	rlwinm r10, r10, `0`, `20`, `31`
210	oris r10, r10, (swapper_pg_dir - PAGE_OFFSET)@ha
211	`3`:
212	mtcr r11
213	#endif
214	lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r10) / Get level 1 entry /
215	mtspr SPRN_MD_TWC, r11
216	mfspr r10, SPRN_MD_TWC
217	lwz r10, `0`(r10) / Get the pte /
218	rlwimi r11, r10, `0`, _PAGE_GUARDED \| _PAGE_ACCESSED
219	rlwimi r11, r10, `32` - `9`, _PMD_PAGE_512K
220	mtspr SPRN_MI_TWC, r11
221	/ The Linux PTE won't go exactly into the MMU TLB.*
222	* Software indicator bits 20 and 23 must be clear.
223	* Software indicator bits 22, 24, 25, 26, and 27 must be
224	* set. All other Linux PTE bits control the behavior
225	* of the MMU.
226	*/
227	rlwinm r10, r10, `0`, ~`0x0f00` / Clear bits 20-23 /
228	rlwimi r10, r10, `4`, `0x0400` / Copy _PAGE_EXEC into bit 21 /
229	ori r10, r10, RPN_PATTERN \| `0x200` / Set 22 and 24-27 /
230	mtspr SPRN_MI_RPN, r10 / Update TLB entry /
231
232	/ Restore registers /
233	`0`: mfspr r10, SPRN_SPRG_SCRATCH2
234	mfspr r11, SPRN_M_TW
235	rfi
236	patch_site `0b`, patch__itlbmiss_exit_1
237
238	#ifdef CONFIG_PERF_EVENTS
239	patch_site `0f`, patch__itlbmiss_perf
240	`0`: lwz r10, (itlb_miss_counter - PAGE_OFFSET)@l(`0`)
241	addi r10, r10, `1`
242	stw r10, (itlb_miss_counter - PAGE_OFFSET)@l(`0`)
243	mfspr r10, SPRN_SPRG_SCRATCH2
244	mfspr r11, SPRN_M_TW
245	rfi
246	#endif
247
248	START_EXCEPTION(INTERRUPT_DATA_TLB_MISS_8xx, DataStoreTLBMiss)
249	mtspr SPRN_SPRG_SCRATCH2, r10
250	mtspr SPRN_M_TW, r11
251	mfcr r11
252
253	/ If we are faulting a kernel address, we have to use the*
254	* kernel page tables.
255	*/
256	mfspr r10, SPRN_MD_EPN
257	compare_to_kernel_boundary r10, r10
258	mfspr r10, SPRN_M_TWB / Get level 1 table /
259	blt+ `3f`
260	rlwinm r10, r10, `0`, `20`, `31`
261	oris r10, r10, (swapper_pg_dir - PAGE_OFFSET)@ha
262	`3`:
263	mtcr r11
264	lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r10) / Get level 1 entry /
265
266	mtspr SPRN_MD_TWC, r11
267	mfspr r10, SPRN_MD_TWC
268	lwz r10, `0`(r10) / Get the pte /
269
270	/ Insert Guarded and Accessed flags into the TWC from the Linux PTE.*
271	* It is bit 27 of both the Linux PTE and the TWC (at least
272	* I got that right :-). It will be better when we can put
273	* this into the Linux pgd/pmd and load it in the operation
274	* above.
275	*/
276	rlwimi r11, r10, `0`, _PAGE_GUARDED \| _PAGE_ACCESSED
277	rlwimi r11, r10, `32` - `9`, _PMD_PAGE_512K
278	mtspr SPRN_MD_TWC, r11
279
280	/ The Linux PTE won't go exactly into the MMU TLB.*
281	* Software indicator bits 24, 25, 26, and 27 must be
282	* set. All other Linux PTE bits control the behavior
283	* of the MMU.
284	*/
285	li r11, RPN_PATTERN
286	rlwimi r10, r11, `0`, `24`, `27` / Set 24-27 /
287	mtspr SPRN_MD_RPN, r10 / Update TLB entry /
288	mtspr SPRN_DAR, r11 / Tag DAR /
289
290	/ Restore registers /
291
292	`0`: mfspr r10, SPRN_SPRG_SCRATCH2
293	mfspr r11, SPRN_M_TW
294	rfi
295	patch_site `0b`, patch__dtlbmiss_exit_1
296
297	#ifdef CONFIG_PERF_EVENTS
298	patch_site `0f`, patch__dtlbmiss_perf
299	`0`: lwz r10, (dtlb_miss_counter - PAGE_OFFSET)@l(`0`)
300	addi r10, r10, `1`
301	stw r10, (dtlb_miss_counter - PAGE_OFFSET)@l(`0`)
302	mfspr r10, SPRN_SPRG_SCRATCH2
303	mfspr r11, SPRN_M_TW
304	rfi
305	#endif
306
307	/ This is an instruction TLB error on the MPC8xx. This could be due*
308	* to many reasons, such as executing guarded memory or illegal instruction
309	* addresses. There is nothing to do but handle a big time error fault.
310	*/
311	START_EXCEPTION(INTERRUPT_INST_TLB_ERROR_8xx, InstructionTLBError)
312	/ 0x400 is InstructionAccess exception, needed by bad_page_fault() /
313	EXCEPTION_PROLOG INTERRUPT_INST_STORAGE InstructionTLBError
314	andis. r5,r9,DSISR_SRR1_MATCH_32S@h / Filter relevant SRR1 bits /
315	andis. r10,r9,SRR1_ISI_NOPT@h
316	beq+ .Litlbie
317	tlbie r12
318	.Litlbie:
319	stw r12, _DAR(r11)
320	stw r5, _DSISR(r11)
321	prepare_transfer_to_handler
322	bl do_page_fault
323	b interrupt_return
324
325	/ This is the data TLB error on the MPC8xx. This could be due to*
326	* many reasons, including a dirty update to a pte. We bail out to
327	* a higher level function that can handle it.
328	*/
329	START_EXCEPTION(INTERRUPT_DATA_TLB_ERROR_8xx, DataTLBError)
330	EXCEPTION_PROLOG_0 handle_dar_dsisr=`1`
331	mfspr r11, SPRN_DAR
332	cmpwi cr1, r11, RPN_PATTERN
333	beq- cr1, FixupDAR / must be a buggy dcbX, icbi insn. /
334	DARFixed:/ Return from dcbx instruction bug workaround /
335	EXCEPTION_PROLOG_1
336	/ 0x300 is DataAccess exception, needed by bad_page_fault() /
337	EXCEPTION_PROLOG_2 INTERRUPT_DATA_STORAGE DataTLBError handle_dar_dsisr=`1`
338	lwz r4, _DAR(r11)
339	lwz r5, _DSISR(r11)
340	andis. r10,r5,DSISR_NOHPTE@h
341	beq+ .Ldtlbie
342	tlbie r4
343	.Ldtlbie:
344	prepare_transfer_to_handler
345	bl do_page_fault
346	b interrupt_return
347
348	#ifdef CONFIG_VMAP_STACK
349	vmap_stack_overflow_exception
350	#endif
351
352	/ On the MPC8xx, these next four traps are used for development*
353	* support of breakpoints and such. Someday I will get around to
354	* using them.
355	*/
356	START_EXCEPTION(INTERRUPT_DATA_BREAKPOINT_8xx, DataBreakpoint)
357	EXCEPTION_PROLOG_0 handle_dar_dsisr=`1`
358	mfspr r11, SPRN_SRR0
359	cmplwi cr1, r11, (.Ldtlbie - PAGE_OFFSET)@l
360	cmplwi cr7, r11, (.Litlbie - PAGE_OFFSET)@l
361	cror `4`cr1+eq, `4`cr1+eq, `4`*cr7+eq
362	bne cr1, `1f`
363	mtcr r10
364	mfspr r10, SPRN_SPRG_SCRATCH0
365	mfspr r11, SPRN_SPRG_SCRATCH1
366	rfi
367
368	`1`: EXCEPTION_PROLOG_1
369	EXCEPTION_PROLOG_2 INTERRUPT_DATA_BREAKPOINT_8xx DataBreakpoint handle_dar_dsisr=`1`
370	mfspr r4,SPRN_BAR
371	stw r4,_DAR(r11)
372	prepare_transfer_to_handler
373	bl do_break
374	REST_NVGPRS(r1)
375	b interrupt_return
376
377	#ifdef CONFIG_PERF_EVENTS
378	START_EXCEPTION(INTERRUPT_INST_BREAKPOINT_8xx, InstructionBreakpoint)
379	mtspr SPRN_SPRG_SCRATCH0, r10
380	lwz r10, (instruction_counter - PAGE_OFFSET)@l(`0`)
381	addi r10, r10, -`1`
382	stw r10, (instruction_counter - PAGE_OFFSET)@l(`0`)
383	lis r10, `0xffff`
384	ori r10, r10, `0x01`
385	mtspr SPRN_COUNTA, r10
386	mfspr r10, SPRN_SPRG_SCRATCH0
387	rfi
388	#else
389	EXCEPTION(INTERRUPT_INST_BREAKPOINT_8xx, Trap_1d, unknown_exception)
390	#endif
391	EXCEPTION(`0x1e00`, Trap_1e, unknown_exception)
392	EXCEPTION(`0x1f00`, Trap_1f, unknown_exception)
393
394	__HEAD
395	. = `0x2000`
396
397	/ This is the procedure to calculate the data EA for buggy dcbx,dcbi instructions*
398	* by decoding the registers used by the dcbx instruction and adding them.
399	* DAR is set to the calculated address.
400	*/
401	FixupDAR:/ Entry point for dcbx workaround. /
402	mtspr SPRN_M_TW, r10
403	/ fetch instruction from memory. /
404	mfspr r10, SPRN_SRR0
405	mtspr SPRN_MD_EPN, r10
406	rlwinm r11, r10, `16`, `0xfff8`
407	cmpli cr1, r11, PAGE_OFFSET@h
408	mfspr r11, SPRN_M_TWB / Get level 1 table /
409	blt+ cr1, `3f`
410
411	/ create physical page address from effective address /
412	tophys(r11, r10)
413	mfspr r11, SPRN_M_TWB / Get level 1 table /
414	rlwinm r11, r11, `0`, `20`, `31`
415	oris r11, r11, (swapper_pg_dir - PAGE_OFFSET)@ha
416	`3`:
417	lwz r11, (swapper_pg_dir-PAGE_OFFSET)@l(r11) / Get the level 1 entry /
418	mtspr SPRN_MD_TWC, r11
419	mtcrf `0x01`, r11
420	mfspr r11, SPRN_MD_TWC
421	lwz r11, `0`(r11) / Get the pte /
422	bt `28`,`200f` / bit 28 = Large page (8M) /
423	/ concat physical page address(r11) and page offset(r10) /
424	rlwimi r11, r10, `0`, `32` - PAGE_SHIFT, `31`
425	`201`: lwz r11,`0`(r11)
426	/ Check if it really is a dcbx instruction. /
427	/ dcbt and dcbtst does not generate DTLB Misses/Errors,*
428	* no need to include them here */
429	xoris r10, r11, `0x7c00` / check if major OP code is 31 /
430	rlwinm r10, r10, `0`, `21`, `5`
431	cmpwi cr1, r10, `2028` / Is dcbz? /
432	beq+ cr1, `142f`
433	cmpwi cr1, r10, `940` / Is dcbi? /
434	beq+ cr1, `142f`
435	cmpwi cr1, r10, `108` / Is dcbst? /
436	beq+ cr1, `144f` / Fix up store bit! /
437	cmpwi cr1, r10, `172` / Is dcbf? /
438	beq+ cr1, `142f`
439	cmpwi cr1, r10, `1964` / Is icbi? /
440	beq+ cr1, `142f`
441	`141`: mfspr r10,SPRN_M_TW
442	b DARFixed / Nope, go back to normal TLB processing /
443
444	`200`:
445	/ concat physical page address(r11) and page offset(r10) /
446	rlwimi r11, r10, `0`, `32` - PAGE_SHIFT_8M, `31`
447	b `201b`
448
449	`144`: mfspr r10, SPRN_DSISR
450	rlwinm r10, r10,`0`,`7`,`5` / Clear store bit for buggy dcbst insn /
451	mtspr SPRN_DSISR, r10
452	`142`: / continue, it was a dcbx, dcbi instruction. /
453	mfctr r10
454	mtdar r10 / save ctr reg in DAR /
455	rlwinm r10, r11, `24`, `24`, `28` / offset into jump table for reg RB /
456	addi r10, r10, `150f`@l / add start of table /
457	mtctr r10 / load ctr with jump address /
458	xor r10, r10, r10 / sum starts at zero /
459	bctr / jump into table /
460	`150`:
461	add r10, r10, r0 ;b `151f`
462	add r10, r10, r1 ;b `151f`
463	add r10, r10, r2 ;b `151f`
464	add r10, r10, r3 ;b `151f`
465	add r10, r10, r4 ;b `151f`
466	add r10, r10, r5 ;b `151f`
467	add r10, r10, r6 ;b `151f`
468	add r10, r10, r7 ;b `151f`
469	add r10, r10, r8 ;b `151f`
470	add r10, r10, r9 ;b `151f`
471	mtctr r11 ;b `154f` / r10 needs special handling /
472	mtctr r11 ;b `153f` / r11 needs special handling /
473	add r10, r10, r12 ;b `151f`
474	add r10, r10, r13 ;b `151f`
475	add r10, r10, r14 ;b `151f`
476	add r10, r10, r15 ;b `151f`
477	add r10, r10, r16 ;b `151f`
478	add r10, r10, r17 ;b `151f`
479	add r10, r10, r18 ;b `151f`
480	add r10, r10, r19 ;b `151f`
481	add r10, r10, r20 ;b `151f`
482	add r10, r10, r21 ;b `151f`
483	add r10, r10, r22 ;b `151f`
484	add r10, r10, r23 ;b `151f`
485	add r10, r10, r24 ;b `151f`
486	add r10, r10, r25 ;b `151f`
487	add r10, r10, r26 ;b `151f`
488	add r10, r10, r27 ;b `151f`
489	add r10, r10, r28 ;b `151f`
490	add r10, r10, r29 ;b `151f`
491	add r10, r10, r30 ;b `151f`
492	add r10, r10, r31
493	`151`:
494	rlwinm r11,r11,`19`,`24`,`28` / offset into jump table for reg RA /
495	cmpwi cr1, r11, `0`
496	beq cr1, `152f` / if reg RA is zero, don't add it /
497	addi r11, r11, `150b`@l / add start of table /
498	mtctr r11 / load ctr with jump address /
499	rlwinm r11,r11,`0`,`16`,`10` / make sure we don't execute this more than once /
500	bctr / jump into table /
501	`152`:
502	mfdar r11
503	mtctr r11 / restore ctr reg from DAR /
504	mfspr r11, SPRN_SPRG_THREAD
505	stw r10, DAR(r11)
506	mfspr r10, SPRN_DSISR
507	stw r10, DSISR(r11)
508	mfspr r10,SPRN_M_TW
509	b DARFixed / Go back to normal TLB handling /
510
511	/ special handling for r10,r11 since these are modified already /
512	`153`: mfspr r11, SPRN_SPRG_SCRATCH1 / load r11 from SPRN_SPRG_SCRATCH1 /
513	add r10, r10, r11 / add it /
514	mfctr r11 / restore r11 /
515	b `151b`
516	`154`: mfspr r11, SPRN_SPRG_SCRATCH0 / load r10 from SPRN_SPRG_SCRATCH0 /
517	add r10, r10, r11 / add it /
518	mfctr r11 / restore r11 /
519	b `151b`
520
521	/*
522	* This is where the main kernel code starts.
523	*/
524	start_here:
525	/ ptr to current /
526	lis r2,init_task@h
527	ori r2,r2,init_task@l
528
529	/ ptr to phys current thread /
530	tophys(r4,r2)
531	addi r4,r4,THREAD / init task's THREAD /
532	mtspr SPRN_SPRG_THREAD,r4
533
534	/ stack /
535	lis r1,init_thread_union@ha
536	addi r1,r1,init_thread_union@l
537	lis r0, STACK_END_MAGIC@h
538	ori r0, r0, STACK_END_MAGIC@l
539	stw r0, `0`(r1)
540	li r0,`0`
541	stwu r0,THREAD_SIZE-STACK_FRAME_MIN_SIZE(r1)
542
543	lis r6, swapper_pg_dir@ha
544	tophys(r6,r6)
545	mtspr SPRN_M_TWB, r6
546
547	bl early_init / We have to do this with MMU on /
548
549	/*
550	* Decide what sort of machine this is and initialize the MMU.
551	*/
552	#ifdef CONFIG_KASAN
553	bl kasan_early_init
554	#endif
555	li r3,`0`
556	mr r4,r31
557	bl machine_init
558	bl MMU_init
559
560	/*
561	* Go back to running unmapped so we can load up new values
562	* and change to using our exception vectors.
563	* On the 8xx, all we have to do is invalidate the TLB to clear
564	* the old 8M byte TLB mappings and load the page table base register.
565	*/
566	/ The right way to do this would be to track it down through*
567	* init's THREAD like the context switch code does, but this is
568	* easier......until someone changes init's static structures.
569	*/
570	lis r4,`2f`@h
571	ori r4,r4,`2f`@l
572	tophys(r4,r4)
573	li r3,MSR_KERNEL & ~(MSR_IR\|MSR_DR)
574	mtspr SPRN_SRR0,r4
575	mtspr SPRN_SRR1,r3
576	rfi
577	/ Load up the kernel context /
578	`2`:
579	#ifdef CONFIG_PIN_TLB_IMMR
580	lis r0, MD_TWAM@h
581	oris r0, r0, `0x1f00`
582	mtspr SPRN_MD_CTR, r0
583	LOAD_REG_IMMEDIATE(r0, VIRT_IMMR_BASE \| MD_EVALID)
584	tlbie r0
585	mtspr SPRN_MD_EPN, r0
586	LOAD_REG_IMMEDIATE(r0, MD_SVALID \| MD_PS512K \| MD_GUARDED)
587	mtspr SPRN_MD_TWC, r0
588	mfspr r0, SPRN_IMMR
589	rlwinm r0, r0, `0`, `0xfff80000`
590	ori r0, r0, `0xf0` \| _PAGE_DIRTY \| _PAGE_SPS \| _PAGE_SH \| \
591	_PAGE_NO_CACHE \| _PAGE_PRESENT
592	mtspr SPRN_MD_RPN, r0
593	lis r0, (MD_TWAM \| MD_RSV4I)@h
594	mtspr SPRN_MD_CTR, r0
595	#endif
596	#if !defined(CONFIG_PIN_TLB_DATA) && !defined(CONFIG_PIN_TLB_IMMR)
597	lis r0, MD_TWAM@h
598	mtspr SPRN_MD_CTR, r0
599	#endif
600	tlbia / Clear all TLB entries /
601	sync / wait for tlbia/tlbie to finish /
602
603	/ set up the PTE pointers for the Abatron bdiGDB.*
604	*/
605	lis r5, abatron_pteptrs@h
606	ori r5, r5, abatron_pteptrs@l
607	stw r5, `0xf0`(`0`) / Must match your Abatron config file /
608	tophys(r5,r5)
609	lis r6, swapper_pg_dir@h
610	ori r6, r6, swapper_pg_dir@l
611	stw r6, `0`(r5)
612
613	/ Now turn on the MMU for real! /
614	li r4,MSR_KERNEL
615	lis r3,start_kernel@h
616	ori r3,r3,start_kernel@l
617	mtspr SPRN_SRR0,r3
618	mtspr SPRN_SRR1,r4
619	rfi / enable MMU and jump to start_kernel /
620
621	/ Set up the initial MMU state so we can do the first level of*
622	* kernel initialization. This maps the first 8 MBytes of memory 1:1
623	* virtual to physical. Also, set the cache mode since that is defined
624	* by TLB entries and perform any additional mapping (like of the IMMR).
625	* If configured to pin some TLBs, we pin the first 8 Mbytes of kernel,
626	* 24 Mbytes of data, and the 512k IMMR space. Anything not covered by
627	* these mappings is mapped by page tables.
628	*/
629	SYM_FUNC_START_LOCAL(initial_mmu)
630	li r8, `0`
631	mtspr SPRN_MI_CTR, r8 / remove PINNED ITLB entries /
632	lis r10, MD_TWAM@h
633	mtspr SPRN_MD_CTR, r10 / remove PINNED DTLB entries /
634
635	tlbia / Invalidate all TLB entries /
636
637	lis r8, MI_APG_INIT@h / Set protection modes /
638	ori r8, r8, MI_APG_INIT@l
639	mtspr SPRN_MI_AP, r8
640	lis r8, MD_APG_INIT@h
641	ori r8, r8, MD_APG_INIT@l
642	mtspr SPRN_MD_AP, r8
643
644	/ Map the lower RAM (up to 32 Mbytes) into the ITLB and DTLB /
645	lis r8, MI_RSV4I@h
646	ori r8, r8, `0x1c00`
647	oris r12, r10, MD_RSV4I@h
648	ori r12, r12, `0x1c00`
649	li r9, `4` / up to 4 pages of 8M /
650	mtctr r9
651	lis r9, KERNELBASE@h / Create vaddr for TLB /
652	li r10, MI_PS8MEG \| _PMD_ACCESSED \| MI_SVALID
653	li r11, MI_BOOTINIT / Create RPN for address 0 /
654	`1`:
655	mtspr SPRN_MI_CTR, r8 / Set instruction MMU control /
656	addi r8, r8, `0x100`
657	ori r0, r9, MI_EVALID / Mark it valid /
658	mtspr SPRN_MI_EPN, r0
659	mtspr SPRN_MI_TWC, r10
660	mtspr SPRN_MI_RPN, r11 / Store TLB entry /
661	mtspr SPRN_MD_CTR, r12
662	addi r12, r12, `0x100`
663	mtspr SPRN_MD_EPN, r0
664	mtspr SPRN_MD_TWC, r10
665	mtspr SPRN_MD_RPN, r11
666	addis r9, r9, `0x80`
667	addis r11, r11, `0x80`
668
669	bdnz `1b`
670
671	/ Since the cache is enabled according to the information we*
672	* just loaded into the TLB, invalidate and enable the caches here.
673	* We should probably check/set other modes....later.
674	*/
675	lis r8, IDC_INVALL@h
676	mtspr SPRN_IC_CST, r8
677	mtspr SPRN_DC_CST, r8
678	lis r8, IDC_ENABLE@h
679	mtspr SPRN_IC_CST, r8
680	mtspr SPRN_DC_CST, r8
681	/ Disable debug mode entry on breakpoints /
682	mfspr r8, SPRN_DER
683	#ifdef CONFIG_PERF_EVENTS
684	rlwinm r8, r8, `0`, ~`0xc`
685	#else
686	rlwinm r8, r8, `0`, ~`0x8`
687	#endif
688	mtspr SPRN_DER, r8
689	blr
690	SYM_FUNC_END(initial_mmu)
691
692	_GLOBAL(mmu_pin_tlb)
693	lis r9, (`1f` - PAGE_OFFSET)@h
694	ori r9, r9, (`1f` - PAGE_OFFSET)@l
695	mfmsr r10
696	mflr r11
697	li r12, MSR_KERNEL & ~(MSR_IR \| MSR_DR \| MSR_RI)
698	rlwinm r0, r10, `0`, ~MSR_RI
699	rlwinm r0, r0, `0`, ~MSR_EE
700	mtmsr r0
701	isync
702	.align `4`
703	mtspr SPRN_SRR0, r9
704	mtspr SPRN_SRR1, r12
705	rfi
706	`1`:
707	li r5, `0`
708	lis r6, MD_TWAM@h
709	mtspr SPRN_MI_CTR, r5
710	mtspr SPRN_MD_CTR, r6
711	tlbia
712
713	LOAD_REG_IMMEDIATE(r5, `28` << `8`)
714	LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET)
715	LOAD_REG_IMMEDIATE(r7, MI_SVALID \| MI_PS8MEG \| _PMD_ACCESSED)
716	LOAD_REG_IMMEDIATE(r8, `0xf0` \| _PAGE_RO \| _PAGE_SPS \| _PAGE_SH \| _PAGE_PRESENT)
717	LOAD_REG_ADDR(r9, _sinittext)
718	li r0, `4`
719	mtctr r0
720
721	`2`: ori r0, r6, MI_EVALID
722	mtspr SPRN_MI_CTR, r5
723	mtspr SPRN_MI_EPN, r0
724	mtspr SPRN_MI_TWC, r7
725	mtspr SPRN_MI_RPN, r8
726	addi r5, r5, `0x100`
727	addis r6, r6, SZ_8M@h
728	addis r8, r8, SZ_8M@h
729	cmplw r6, r9
730	bdnzt lt, `2b`
731	lis r0, MI_RSV4I@h
732	mtspr SPRN_MI_CTR, r0
733
734	LOAD_REG_IMMEDIATE(r5, `28` << `8` \| MD_TWAM)
735	#ifdef CONFIG_PIN_TLB_DATA
736	LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET)
737	LOAD_REG_IMMEDIATE(r7, MI_SVALID \| MI_PS8MEG \| _PMD_ACCESSED)
738	li r8, `0`
739	#ifdef CONFIG_PIN_TLB_IMMR
740	li r0, `3`
741	#else
742	li r0, `4`
743	#endif
744	mtctr r0
745	cmpwi r4, `0`
746	beq `4f`
747	LOAD_REG_ADDR(r9, _sinittext)
748
749	`2`: ori r0, r6, MD_EVALID
750	ori r12, r8, `0xf0` \| _PAGE_RO \| _PAGE_SPS \| _PAGE_SH \| _PAGE_PRESENT
751	mtspr SPRN_MD_CTR, r5
752	mtspr SPRN_MD_EPN, r0
753	mtspr SPRN_MD_TWC, r7
754	mtspr SPRN_MD_RPN, r12
755	addi r5, r5, `0x100`
756	addis r6, r6, SZ_8M@h
757	addis r8, r8, SZ_8M@h
758	cmplw r6, r9
759	bdnzt lt, `2b`
760	`4`:
761	`2`: ori r0, r6, MD_EVALID
762	ori r12, r8, `0xf0` \| _PAGE_DIRTY \| _PAGE_SPS \| _PAGE_SH \| _PAGE_PRESENT
763	mtspr SPRN_MD_CTR, r5
764	mtspr SPRN_MD_EPN, r0
765	mtspr SPRN_MD_TWC, r7
766	mtspr SPRN_MD_RPN, r12
767	addi r5, r5, `0x100`
768	addis r6, r6, SZ_8M@h
769	addis r8, r8, SZ_8M@h
770	cmplw r6, r3
771	bdnzt lt, `2b`
772	#endif
773	#ifdef CONFIG_PIN_TLB_IMMR
774	LOAD_REG_IMMEDIATE(r0, VIRT_IMMR_BASE \| MD_EVALID)
775	LOAD_REG_IMMEDIATE(r7, MD_SVALID \| MD_PS512K \| MD_GUARDED \| _PMD_ACCESSED)
776	mfspr r8, SPRN_IMMR
777	rlwinm r8, r8, `0`, `0xfff80000`
778	ori r8, r8, `0xf0` \| _PAGE_DIRTY \| _PAGE_SPS \| _PAGE_SH \| \
779	_PAGE_NO_CACHE \| _PAGE_PRESENT
780	mtspr SPRN_MD_CTR, r5
781	mtspr SPRN_MD_EPN, r0
782	mtspr SPRN_MD_TWC, r7
783	mtspr SPRN_MD_RPN, r8
784	#endif
785	#if defined(CONFIG_PIN_TLB_IMMR) \|\| defined(CONFIG_PIN_TLB_DATA)
786	lis r0, (MD_RSV4I \| MD_TWAM)@h
787	mtspr SPRN_MD_CTR, r0
788	#endif
789	mtspr SPRN_SRR1, r10
790	mtspr SPRN_SRR0, r11
791	rfi
792

source code of linux/arch/powerpc/kernel/head_8xx.S