xref: /freebsd/sys/arm64/arm64/locore.S (revision ea8dc498aa8ea91ce0364a3f0ccdb740a24dcfb4) 
1/*-
2 * Copyright (c) 2012-2014 Andrew Turner
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 */
26
27#include "assym.inc"
28#include "opt_kstack_pages.h"
29#include <sys/elf_common.h>
30#include <sys/syscall.h>
31#include <machine/asm.h>
32#include <machine/armreg.h>
33#include <machine/cpu.h>
34#include <machine/hypervisor.h>
35#include <machine/param.h>
36#include <machine/pte.h>
37#include <machine/vm.h>
38#include <machine/vmparam.h>
39
40#define	VIRT_BITS	48
41
42#if PAGE_SIZE == PAGE_SIZE_16K
43/*
44 * The number of level 3 tables to create. 32 will allow for 1G of address
45 * space, the same as a single level 2 page with 4k pages.
46 */
47#define	L3_PAGE_COUNT	32
48#elif PAGE_SIZE == PAGE_SIZE_4K
49/*
50 * Space for a level 3 table holding the end of the executable memory and
51 * the start of the non-executable data.
52 */
53#define	L3_PAGE_COUNT	1
54#endif
55
56/*
57 * The size of our bootstrap stack.
58 */
59#define	BOOT_STACK_SIZE	(KSTACK_PAGES * PAGE_SIZE)
60
61	.globl	kernbase
62	.set	kernbase, KERNBASE
63
64/*
65 * We assume:
66 *  MMU      on with an identity map, or off
67 *  D-Cache: off
68 *  I-Cache: on or off
69 *  We are loaded at a 2MiB aligned address
70 */
71
72ENTRY(_start)
73	/* Enter the kernel exception level */
74	bl	enter_kernel_el
75
76	/* Set the context id */
77	msr	contextidr_el1, xzr
78
79	/* Get the virt -> phys offset */
80	bl	get_load_phys_addr
81
82	/*
83	 * At this point:
84	 * x28 = Our physical load address
85	 */
86
87	/* Create the page tables */
88	bl	create_pagetables
89
90	/*
91	 * At this point:
92	 * x27 = TTBR0 table
93	 * x24 = TTBR1 table
94	 * x22 = PTE shareability attributes
95	 * x21 = BTI guarded page attribute if supported
96	 */
97
98	/* Enable the mmu */
99	bl	start_mmu
100
101	/* Load the new ttbr0 pagetable */
102	adrp	x27, pagetable_l0_ttbr0
103	add	x27, x27, :lo12:pagetable_l0_ttbr0
104
105	/* Jump to the virtual address space */
106	ldr	x15, .Lvirtdone
107	br	x15
108
109virtdone:
110	BTI_J
111
112	/* Set up the stack */
113	adrp	x25, initstack_end
114	add	x25, x25, :lo12:initstack_end
115	sub	sp, x25, #PCB_SIZE
116
117	/* Zero the BSS */
118	ldr	x15, .Lbss
119	ldr	x14, .Lend
1201:
121	stp	xzr, xzr, [x15], #16
122	cmp	x15, x14
123	b.lo	1b
124
125#if defined(PERTHREAD_SSP)
126	/* Set sp_el0 to the boot canary for early per-thread SSP to work */
127	adrp	x15, boot_canary
128	add	x15, x15, :lo12:boot_canary
129	msr	sp_el0, x15
130#endif
131
132	/* Backup the module pointer */
133	mov	x1, x0
134
135	sub	sp, sp, #BOOTPARAMS_SIZE
136	mov	x0, sp
137
138	str	x1,  [x0, #BP_MODULEP]
139	adrp	x25, initstack
140	add	x25, x25, :lo12:initstack
141	str	x25, [x0, #BP_KERN_STACK]
142	str	x27, [x0, #BP_KERN_TTBR0]
143	str	x23, [x0, #BP_BOOT_EL]
144
145	/* Set these before they are used in kasan_init_early */
146	adrp	x1, pmap_sh_attr
147	str	x22, [x1, :lo12:pmap_sh_attr]
148#ifdef __ARM_FEATURE_BTI_DEFAULT
149	adrp	x1, pmap_gp_attr
150	str	x21, [x1, :lo12:pmap_gp_attr]
151#endif
152
153#ifdef KASAN
154	/* Save bootparams */
155	mov	x19, x0
156
157	/* Bootstrap an early shadow map for the boot stack. */
158	ldr	x0, [x0, #BP_KERN_STACK]
159	ldr	x1, =BOOT_STACK_SIZE
160	bl	kasan_init_early
161
162	/* Restore bootparams */
163	mov	x0, x19
164#endif
165
166	/* trace back starts here */
167	mov	fp, #0
168	/* Branch to C code */
169	bl	initarm
170	/* We are done with the boot params */
171	add	sp, sp, #BOOTPARAMS_SIZE
172
173	/*
174	 * Enable pointer authentication in the kernel. We set the keys for
175	 * thread0 in initarm so have to wait until it returns to enable it.
176	 * If we were to enable it in initarm then any authentication when
177	 * returning would fail as it was called with pointer authentication
178	 * disabled.
179	 */
180	bl	ptrauth_start
181
182	bl	mi_startup
183
184	/* We should not get here */
185	brk	0
186
187	.align 3
188.Lvirtdone:
189	.quad	virtdone
190.Lbss:
191	.quad	__bss_start
192.Lend:
193	.quad	__bss_end
194END(_start)
195
196#ifdef SMP
197/*
198 * void
199 * mpentry_psci(unsigned long)
200 *
201 * Called by a core when it is being brought online with psci.
202 * The data in x0 is passed straight to init_secondary.
203 */
204ENTRY(mpentry_psci)
205	mov	x26, xzr
206	b	mpentry_common
207END(mpentry_psci)
208
209/*
210 * void
211 * mpentry_spintable(void)
212 *
213 * Called by a core when it is being brought online with a spin-table.
214 * Reads the new CPU ID and passes this to init_secondary.
215 */
216ENTRY(mpentry_spintable)
217	ldr	x26, =spintable_wait
218	b	mpentry_common
219END(mpentry_spintable)
220
221/* Wait for the current CPU to be released */
222LENTRY(spintable_wait)
223	/* Read the affinity bits from mpidr_el1 */
224	mrs	x1, mpidr_el1
225	ldr	x2, =CPU_AFF_MASK
226	and	x1, x1, x2
227
228	adrp	x2, ap_cpuid
2291:
230	ldr	x0, [x2, :lo12:ap_cpuid]
231	cmp	x0, x1
232	b.ne	1b
233
234	str	xzr, [x2, :lo12:ap_cpuid]
235	dsb	sy
236	sev
237
238	ret
239LEND(mpentry_spintable)
240
241LENTRY(mpentry_common)
242	/* Disable interrupts */
243	msr	daifset, #DAIF_INTR
244
245	/* Enter the kernel exception level */
246	bl	enter_kernel_el
247
248	/* Set the context id */
249	msr	contextidr_el1, xzr
250
251	/* Load the kernel page table */
252	adrp	x24, pagetable_l0_ttbr1
253	add	x24, x24, :lo12:pagetable_l0_ttbr1
254	/* Load the identity page table */
255	adrp	x27, pagetable_l0_ttbr0_bootstrap
256	add	x27, x27, :lo12:pagetable_l0_ttbr0_bootstrap
257
258	/* Enable the mmu */
259	bl	start_mmu
260
261	/* Load the new ttbr0 pagetable */
262	adrp	x27, pagetable_l0_ttbr0
263	add	x27, x27, :lo12:pagetable_l0_ttbr0
264
265	/* Jump to the virtual address space */
266	ldr	x15, =mp_virtdone
267	br	x15
268
269mp_virtdone:
270	BTI_J
271
272	/*
273	 * Allow this CPU to wait until the kernel is ready for it,
274	 * e.g. with spin-table but each CPU uses the same release address
275	 */
276	cbz	x26, 1f
277	blr	x26
2781:
279
280	/* Start using the AP boot stack */
281	adrp	x4, bootstack
282	ldr	x4, [x4, :lo12:bootstack]
283	mov	sp, x4
284
285#if defined(PERTHREAD_SSP)
286	/* Set sp_el0 to the boot canary for early per-thread SSP to work */
287	adrp	x15, boot_canary
288	add	x15, x15, :lo12:boot_canary
289	msr	sp_el0, x15
290#endif
291
292	/* Load the kernel ttbr0 pagetable */
293	msr	ttbr0_el1, x27
294	isb
295
296	/* Invalidate the TLB */
297	tlbi	vmalle1
298	dsb	sy
299	isb
300
301	/*
302	 * Initialize the per-CPU pointer before calling into C code, for the
303	 * benefit of kernel sanitizers.
304	 */
305	adrp	x18, bootpcpu
306	ldr	x18, [x18, :lo12:bootpcpu]
307	msr	tpidr_el1, x18
308
309	b	init_secondary
310LEND(mpentry_common)
311#endif
312
313/*
314 * Enter the exception level the kernel will use:
315 *
316 *  - If in EL1 continue in EL1
317 *  - If the CPU supports FEAT_VHE then set HCR_E2H and HCR_TGE and continue
318 *    in EL2
319 *  - Configure EL2 to support running the kernel at EL1 and exit to that
320 */
321LENTRY(enter_kernel_el)
322#define	INIT_SCTLR_EL1	(SCTLR_LSMAOE | SCTLR_nTLSMD | SCTLR_EIS | \
323    SCTLR_TSCXT | SCTLR_EOS)
324	mrs	x23, CurrentEL
325	and	x23, x23, #(CURRENTEL_EL_MASK)
326	cmp	x23, #(CURRENTEL_EL_EL2)
327	b.eq	1f
328
329	ldr	x2, =INIT_SCTLR_EL1
330	msr	sctlr_el1, x2
331	/* SCTLR_EOS is set so eret is a context synchronizing event so we
332	 * need an isb here to ensure it's observed by later instructions,
333	 * but don't need it in the eret below.
334	 */
335	isb
336
337	/* Ensure SPSR_EL1 and pstate are in sync. The only wat to set the
338	 * latter is to set the former and return from an exception with eret.
339	 */
340	mov	x2, #(PSR_DAIF | PSR_M_EL1h)
341	msr	spsr_el1, x2
342	msr	elr_el1, lr
343	eret
344
3451:
346	dsb	sy
347	/*
348	 * Set just the reserved bits in sctlr_el2. This will disable the
349	 * MMU which may have broken the kernel if we enter the kernel in
350	 * EL2, e.g. when using VHE.
351	 */
352	ldr	x2, =(SCTLR_EL2_RES1 | SCTLR_EL2_EIS | SCTLR_EL2_EOS)
353	msr	sctlr_el2, x2
354	isb
355
356	/* Configure the Hypervisor */
357	ldr	x2, =(HCR_RW | HCR_APK | HCR_API | HCR_E2H)
358	msr	hcr_el2, x2
359
360	/* Stash value of HCR_EL2 for later */
361	isb
362	mrs	x4, hcr_el2
363
364	/* Load the Virtualization Process ID Register */
365	mrs	x2, midr_el1
366	msr	vpidr_el2, x2
367
368	/* Load the Virtualization Multiprocess ID Register */
369	mrs	x2, mpidr_el1
370	msr	vmpidr_el2, x2
371
372	/* Set the initial sctlr_el1 */
373	ldr	x2, =INIT_SCTLR_EL1
374	msr	sctlr_el1, x2
375
376	/* Check if the E2H flag is set */
377	tst	x4, #HCR_E2H
378	b.eq	.Lno_vhe
379
380	/*
381	 * The kernel will be running in EL2, route exceptions here rather
382	 * than EL1.
383	 */
384	orr	x4, x4, #(HCR_TGE)
385	msr	hcr_el2, x4
386	isb
387
388	msr	SCTLR_EL12_REG, x2
389	mov	x2, xzr /* CPTR_EL2 is managed by vfp.c */
390	ldr	x3, =(CNTHCTL_E2H_EL1PCTEN | CNTHCTL_E2H_EL1PTEN)
391	ldr	x5, =(PSR_DAIF | PSR_M_EL2h)
392	b	.Ldone_vhe
393
394.Lno_vhe:
395	/* Hypervisor trap functions */
396	adrp	x2, hyp_stub_vectors
397	add	x2, x2, :lo12:hyp_stub_vectors
398	msr	vbar_el2, x2
399
400	ldr	x2, =(CPTR_RES1)
401	ldr	x3, =(CNTHCTL_EL1PCTEN | CNTHCTL_EL1PCEN)
402	ldr	x5, =(PSR_DAIF | PSR_M_EL1h)
403
404.Ldone_vhe:
405
406	msr	cptr_el2, x2
407	/* Enable access to the physical timers at EL1 */
408	msr	cnthctl_el2, x3
409	/* Set the return PSTATE */
410	msr	spsr_el2, x5
411
412	/*
413	 * Configure the Extended Hypervisor register. This is only valid if
414	 * FEAT_HCX is enabled.
415	 */
416	CHECK_CPU_FEAT(x2, ID_AA64MMFR1, HCX, 2f)
417	/* Extended Hypervisor Configuration */
418	mov x2, xzr
419	msr HCRX_EL2_REG, x2
420	isb
4212:
422
423	/* Don't trap to EL2 for CP15 traps */
424	msr	hstr_el2, xzr
425
426	/* Set the counter offset to a known value */
427	msr	cntvoff_el2, xzr
428
429	/* Zero vttbr_el2 so a hypervisor can tell the host and guest apart */
430	msr	vttbr_el2, xzr
431
432	/* Check the CPU supports GIC, and configure the CPU interface */
433	CHECK_CPU_FEAT(x2, ID_AA64PFR0, GIC, 3f)
434
435	mrs	x2, icc_sre_el2
436	orr	x2, x2, #ICC_SRE_EL2_EN	/* Enable access from insecure EL1 */
437	orr	x2, x2, #ICC_SRE_EL2_SRE	/* Enable system registers */
438	msr	icc_sre_el2, x2
4393:
440
441	/* Set the address to return to our return address */
442	msr	elr_el2, x30
443	isb
444
445	eret
446#undef INIT_SCTLR_EL1
447LEND(enter_kernel_el)
448
449/*
450 * Get the physical address the kernel was loaded at.
451 */
452LENTRY(get_load_phys_addr)
453	/* Load the offset of get_load_phys_addr from KERNBASE */
454	ldr	x28, =(get_load_phys_addr - KERNBASE)
455	/* Load the physical address of get_load_phys_addr */
456	adr	x29, get_load_phys_addr
457	/* Find the physical address of KERNBASE, i.e. our load address */
458	sub	x28, x29, x28
459	ret
460LEND(get_load_phys_addr)
461
462/*
463 * This builds the page tables containing the identity map, and the kernel
464 * virtual map.
465 *
466 * It relys on:
467 *  We were loaded to an address that is on a 2MiB boundary
468 *  All the memory must not cross a 1GiB boundaty
469 *  x28 contains the physical address we were loaded from
470 *
471 *  There are 7 or 8 pages before that address for the page tables
472 *   The pages used are:
473 *    - The Kernel L3 tables (only for 16k kernel)
474 *    - The Kernel L2 table
475 *    - The Kernel L1 table
476 *    - The Kernel L0 table             (TTBR1)
477 *    - The identity (PA = VA) L2 table
478 *    - The identity (PA = VA) L1 table
479 *    - The identity (PA = VA) L0 table (Early TTBR0)
480 *    - The Kernel empty L0 table       (Late TTBR0)
481 */
482LENTRY(create_pagetables)
483	/* Save the Link register */
484	mov	x5, x30
485
486	/* Clean the page table */
487	adrp	x6, pagetable
488	add	x6, x6, :lo12:pagetable
489	adrp	x27, pagetable_end
490	add	x27, x27, :lo12:pagetable_end
4911:
492	stp	xzr, xzr, [x6], #16
493	stp	xzr, xzr, [x6], #16
494	stp	xzr, xzr, [x6], #16
495	stp	xzr, xzr, [x6], #16
496	cmp	x6, x27
497	b.lo	1b
498
499#ifdef __ARM_FEATURE_BTI_DEFAULT
500	/*
501	 * Check if the CPU supports BTI
502	 */
503	mrs	x6, id_aa64pfr1_el1		/* Read the ID register */
504	and	x6, x6, ID_AA64PFR1_BT_MASK	/* Mask the field we need */
505	cmp	x6, xzr				/* Check it's non-zero */
506	cset	x6, ne				/* x6 is set if non-zero */
507	lsl	x21, x6, ATTR_S1_GP_SHIFT	/* Shift to the correct bit */
508#endif
509
510	/*
511	 * Find the shareability attribute we should use. If FEAT_LPA2 is
512	 * enabled then the shareability field is moved from the page table
513	 * to tcr_el1 and the bits in the page table are reused by the
514	 * address field.
515	 */
516#if PAGE_SIZE == PAGE_SIZE_4K
517#define	LPA2_MASK	ID_AA64MMFR0_TGran4_MASK
518#define	LPA2_VAL	ID_AA64MMFR0_TGran4_LPA2
519#elif PAGE_SIZE == PAGE_SIZE_16K
520#define	LPA2_MASK	ID_AA64MMFR0_TGran16_MASK
521#define	LPA2_VAL	ID_AA64MMFR0_TGran16_LPA2
522#else
523#error Unsupported page size
524#endif
525	mrs	x6, id_aa64mmfr0_el1
526	mov	x7, LPA2_VAL
527	and	x6, x6, LPA2_MASK
528	cmp	x6, x7
529	ldr	x22, =(ATTR_SH(ATTR_SH_IS))
530	csel	x22, xzr, x22, eq
531#undef LPA2_MASK
532#undef LPA2_VAL
533
534	/*
535	 * Build the TTBR1 maps.
536	 */
537
538	/* Find the size of the kernel */
539	mov	x6, #(KERNBASE)
540
541#if defined(LINUX_BOOT_ABI)
542	/* X19 is used as 'map FDT data' flag */
543	mov	x19, xzr
544
545	/* No modules or FDT pointer ? */
546	cbz	x0, booti_no_fdt
547
548	/*
549	 * Test if x0 points to modules descriptor(virtual address) or
550	 * to FDT (physical address)
551	 */
552	cmp	x0, x6		/* x6 is #(KERNBASE) */
553	b.lo	booti_fdt
554#endif
555
556	/* Booted with modules pointer */
557	/* Find modulep - begin */
558	sub	x8, x0, x6
559	/*
560	 * Add space for the module data. When PAGE_SIZE is 4k this will
561	 * add at least 2 level 2 blocks (2 * 2MiB). When PAGE_SIZE is
562	 * larger it will be at least as large as we use smaller level 3
563	 * pages.
564	 */
565	ldr	x7, =((6 * 1024 * 1024) - 1)
566	add	x8, x8, x7
567	b	common
568
569#if defined(LINUX_BOOT_ABI)
570booti_fdt:
571	/* Booted by U-Boot booti with FDT data */
572	/* Set 'map FDT data' flag */
573	mov	x19, #1
574
575booti_no_fdt:
576	/* Booted by U-Boot booti without FTD data */
577	/* Find the end - begin */
578	ldr     x7, .Lend
579	sub     x8, x7, x6
580
581	/*
582	 * Add one 2MiB page for copy of FDT data (maximum FDT size),
583	 * one for metadata and round up
584	 */
585	ldr	x7, =(3 * L2_SIZE - 1)
586	add	x8, x8, x7
587#endif
588
589common:
590#if PAGE_SIZE != PAGE_SIZE_4K
591	/*
592	 * Create L3 and L3C pages. The kernel will be loaded at a 2M aligned
593	 * address, enabling the creation of L3C pages. However, when the page
594	 * size is larger than 4k, L2 blocks are too large to map the kernel
595	 * with 2M alignment.
596	 */
597#define	PTE_SHIFT	L3_SHIFT
598#define	LL_PAGE_TABLE	pagetable_l3_ttbr1
599#define	BUILD_PTE_FUNC	build_l3_page_pagetable
600#else
601#define	PTE_SHIFT	L2_SHIFT
602#define	LL_PAGE_TABLE	pagetable_l2_ttbr1
603#define	BUILD_PTE_FUNC	build_l2_block_pagetable
604#endif
605
606	/* Get the number of blocks/pages to allocate, rounded down */
607	lsr	x14, x8, #(PTE_SHIFT)
608
609	ldr	x26, =etext
610#if PAGE_SIZE != PAGE_SIZE_4K
611	ldr	x8, =((1 << PTE_SHIFT) - 1)
612	add	x26, x26, x8
613#endif
614	mov	x8, #(KERNBASE)
615	sub	x25, x26, x8
616	lsr	x25, x25, #(PTE_SHIFT)
617
618#if PAGE_SIZE == PAGE_SIZE_4K
619	/* Calculate the number of executable level 3 pages to create */
620	lsr	x26, x26, #(L3_SHIFT)
621	bfc	x26, #(Ln_ENTRIES_SHIFT), #(64 - Ln_ENTRIES_SHIFT)
622
623	/* Build the L3 table holding the end of the exectuable code */
624	lsl	x15, x25, #(PTE_SHIFT)
625	adrp	x6, pagetable_l3_ttbr1
626	add	x6, x6, :lo12:pagetable_l3_ttbr1
627	ldr	x7, =(ATTR_S1_IDX(VM_MEMATTR_WRITE_BACK) | \
628	    ATTR_S1_AP(ATTR_S1_AP_RO))
629	ldr	x8, =(KERNBASE)
630	add	x8, x8, x15
631	add	x9, x28, x15
632	mov	x10, x26
633	bl	build_l3_page_pagetable
634
635	/* Build the remaining level 3 pages */
636	ldr	x7, =(ATTR_S1_IDX(VM_MEMATTR_WRITE_BACK) | ATTR_S1_XN)
637	lsl	x27, x26, #(L3_SHIFT)
638	add	x8, x8, x27
639	add	x9, x28, x15
640	add	x9, x9, x27
641	ldr	x10, =(Ln_ENTRIES)
642	sub	x10, x10, x26
643	bl	build_l3_page_pagetable
644
645	/* Link the l2 -> l3 table */
646	mov	x9, x6
647	adrp	x6, pagetable_l2_ttbr1
648	add	x6, x6, :lo12:pagetable_l2_ttbr1
649	bl	link_l2_pagetable
650#endif
651
652	/* Create the kernel space PTE table */
653	adrp	x6, LL_PAGE_TABLE
654	add	x6, x6, :lo12:LL_PAGE_TABLE
655	ldr	x7, =(ATTR_S1_IDX(VM_MEMATTR_WRITE_BACK) | \
656	    ATTR_S1_AP(ATTR_S1_AP_RO))
657	mov	x8, #(KERNBASE)
658	mov	x9, x28
659	mov	x10, x25
660	bl	BUILD_PTE_FUNC
661
662#if PAGE_SIZE == PAGE_SIZE_4K
663	/* Skip memory mapped through the L2 table */
664	add	x25, x25, #1
665#endif
666
667	/* Create the kernel space XN PTE table */
668	lsl	x10, x25, #(PTE_SHIFT)
669	ldr	x7, =(ATTR_S1_IDX(VM_MEMATTR_WRITE_BACK) | ATTR_S1_XN)
670	ldr	x8, =(KERNBASE)
671	add	x8, x8, x10
672	add	x9, x28, x10
673	sub	x10, x14, x25
674	bl	BUILD_PTE_FUNC
675
676#undef PTE_SHIFT
677#undef LL_PAGE_TABLE
678#undef BUILD_PTE_FUNC
679
680#if PAGE_SIZE != PAGE_SIZE_4K
681	/* Link the l2 -> l3 table */
682	mov	x9, x6
683	adrp	x6, pagetable_l2_ttbr1
684	add	x6, x6, :lo12:pagetable_l2_ttbr1
685	bl	link_l2_pagetable
686#endif
687
688	/* Link the l1 -> l2 table */
689	mov	x9, x6
690	adrp	x6, pagetable_l1_ttbr1
691	add	x6, x6, :lo12:pagetable_l1_ttbr1
692	bl	link_l1_pagetable
693
694	/* Link the l0 -> l1 table */
695	mov	x9, x6
696	adrp	x6, pagetable_l0_ttbr1
697	add	x6, x6, :lo12:pagetable_l0_ttbr1
698	mov	x10, #1
699	bl	link_l0_pagetable
700
701	/* Save the TTBR1 table physical address */
702	mov	x24, x6
703
704	/*
705	 * Build the TTBR0 maps.  As TTBR0 maps, they must specify ATTR_S1_nG.
706	 * They are only needed early on, so the VA = PA map is uncached.
707	 */
708
709	adrp	x6, pagetable_l2_ttbr0_bootstrap
710	add	x6, x6, :lo12:pagetable_l2_ttbr0_bootstrap
711
712	/* Create the VA = PA map */
713	mov	x7, #(ATTR_S1_nG | ATTR_S1_IDX(VM_MEMATTR_WRITE_BACK))
714	adrp	x16, _start
715	and	x16, x16, #(~L2_OFFSET)
716	mov	x9, x16		/* PA start */
717	mov	x8, x16		/* VA start (== PA start) */
718	mov	x10, #1
719	bl	build_l2_block_pagetable
720
721#if defined(SOCDEV_PA)
722	/* Create a table for the UART */
723	mov	x7, #(ATTR_S1_nG | ATTR_S1_IDX(VM_MEMATTR_DEVICE))
724	ldr	x9, =(L2_SIZE)
725	add	x16, x16, x9	/* VA start */
726	mov	x8, x16
727
728	/* Store the socdev virtual address */
729	add	x17, x8, #(SOCDEV_PA & L2_OFFSET)
730	adrp	x9, socdev_va
731	str	x17, [x9, :lo12:socdev_va]
732
733	mov	x9, #(SOCDEV_PA & ~L2_OFFSET)	/* PA start */
734	mov	x10, #1
735	bl	build_l2_block_pagetable
736#endif
737
738#if defined(LINUX_BOOT_ABI)
739	/* Map FDT data ? */
740	cbz	x19, 1f
741
742	/* Create the mapping for FDT data (2 MiB max) */
743	mov	x7, #(ATTR_S1_nG | ATTR_S1_IDX(VM_MEMATTR_WRITE_BACK))
744	ldr	x9, =(L2_SIZE)
745	add	x16, x16, x9	/* VA start */
746	mov	x8, x16
747	mov	x9, x0			/* PA start */
748	/* Update the module pointer to point at the allocated memory */
749	and	x0, x0, #(L2_OFFSET)	/* Keep the lower bits */
750	add	x0, x0, x8		/* Add the aligned virtual address */
751
752	mov	x10, #1
753	bl	build_l2_block_pagetable
754
7551:
756#endif
757
758	/* Link the l1 -> l2 table */
759	mov	x9, x6
760	adrp	x6, pagetable_l1_ttbr0_bootstrap
761	add	x6, x6, :lo12:pagetable_l1_ttbr0_bootstrap
762	bl	link_l1_pagetable
763
764	/* Link the l0 -> l1 table */
765	mov	x9, x6
766	adrp	x6, pagetable_l0_ttbr0_bootstrap
767	add	x6, x6, :lo12:pagetable_l0_ttbr0_bootstrap
768	mov	x10, #1
769	bl	link_l0_pagetable
770
771	/* Save the TTBR0 table physical address */
772	mov	x27, x6
773
774	/* Restore the Link register */
775	mov	x30, x5
776	ret
777LEND(create_pagetables)
778
779/*
780 * Builds an L0 -> L1 table descriptor
781 *
782 *  x6  = L0 table
783 *  x8  = Virtual Address
784 *  x9  = L1 PA (trashed)
785 *  x10 = Entry count (trashed)
786 *  x11, x12 and x13 are trashed
787 */
788LENTRY(link_l0_pagetable)
789	/*
790	 * Link an L0 -> L1 table entry.
791	 */
792	/* Find the table index */
793	lsr	x11, x8, #L0_SHIFT
794	and	x11, x11, #L0_ADDR_MASK
795
796	/* Build the L0 block entry */
797	mov	x12, #L0_TABLE
798	orr	x12, x12, #(TATTR_UXN_TABLE | TATTR_AP_TABLE_NO_EL0)
799
800	/* Only use the output address bits */
801	lsr	x9, x9, #PAGE_SHIFT
8021:	orr	x13, x12, x9, lsl #PAGE_SHIFT
803
804	/* Store the entry */
805	str	x13, [x6, x11, lsl #3]
806
807	sub	x10, x10, #1
808	add	x11, x11, #1
809	add	x9, x9, #1
810	cbnz	x10, 1b
811
812	ret
813LEND(link_l0_pagetable)
814
815/*
816 * Builds an L1 -> L2 table descriptor
817 *
818 *  x6  = L1 table
819 *  x8  = Virtual Address
820 *  x9  = L2 PA (trashed)
821 *  x11, x12 and x13 are trashed
822 */
823LENTRY(link_l1_pagetable)
824	/*
825	 * Link an L1 -> L2 table entry.
826	 */
827	/* Find the table index */
828	lsr	x11, x8, #L1_SHIFT
829	and	x11, x11, #Ln_ADDR_MASK
830
831	/* Build the L1 block entry */
832	mov	x12, #L1_TABLE
833
834	/* Only use the output address bits */
835	lsr	x9, x9, #PAGE_SHIFT
836	orr	x13, x12, x9, lsl #PAGE_SHIFT
837
838	/* Store the entry */
839	str	x13, [x6, x11, lsl #3]
840
841	ret
842LEND(link_l1_pagetable)
843
844/*
845 * Builds count 2 MiB page table entry
846 *  x6  = L2 table
847 *  x7  = Block attributes
848 *  x8  = VA start
849 *  x9  = PA start (trashed)
850 *  x10 = Entry count (trashed)
851 *  x11, x12 and x13 are trashed
852 */
853LENTRY(build_l2_block_pagetable)
854	/*
855	 * Build the L2 table entry.
856	 */
857	/* Find the table index */
858	lsr	x11, x8, #L2_SHIFT
859	and	x11, x11, #Ln_ADDR_MASK
860
861	/* Build the L2 block entry */
862	orr	x12, x7, #L2_BLOCK
863	orr	x12, x12, #(ATTR_AF)
864	orr	x12, x12, #(ATTR_S1_UXN)
865#ifdef __ARM_FEATURE_BTI_DEFAULT
866	orr	x12, x12, x21
867#endif
868	/* Set the shareability attribute */
869	orr	x12, x12, x22
870
871	/* Only use the output address bits */
872	lsr	x9, x9, #L2_SHIFT
873
874	/* Set the physical address for this virtual address */
8751:	orr	x13, x12, x9, lsl #L2_SHIFT
876
877	/* Store the entry */
878	str	x13, [x6, x11, lsl #3]
879
880	sub	x10, x10, #1
881	add	x11, x11, #1
882	add	x9, x9, #1
883	cbnz	x10, 1b
884
885	ret
886LEND(build_l2_block_pagetable)
887
888/*
889 * Builds an L2 -> L3 table descriptor
890 *
891 *  x6  = L2 table
892 *  x8  = Virtual Address
893 *  x9  = L3 PA (trashed)
894 *  x11, x12 and x13 are trashed
895 */
896LENTRY(link_l2_pagetable)
897	/*
898	 * Link an L2 -> L3 table entry.
899	 */
900	/* Find the table index */
901	lsr	x11, x8, #L2_SHIFT
902	and	x11, x11, #Ln_ADDR_MASK
903
904	/* Build the L1 block entry */
905	mov	x12, #L2_TABLE
906
907	/* Only use the output address bits */
908	lsr	x9, x9, #PAGE_SHIFT
909	orr	x13, x12, x9, lsl #PAGE_SHIFT
910
911	/* Store the entry */
912	str	x13, [x6, x11, lsl #3]
913
914	ret
915LEND(link_l2_pagetable)
916
917/*
918 * Builds count level 3 page table entries. Uses ATTR_CONTIGUOUS to create
919 * large page (L3C) mappings when the current VA and remaining count allow
920 * it.
921 *  x6  = L3 table
922 *  x7  = Block attributes
923 *  x8  = VA start
924 *  x9  = PA start (trashed)
925 *  x10 = Entry count (trashed)
926 *  x11, x12 and x13 are trashed
927 *
928 * VA start (x8) modulo L3C_SIZE must equal PA start (x9) modulo L3C_SIZE.
929 */
930LENTRY(build_l3_page_pagetable)
931	cbz	x10, 2f
932	/*
933	 * Build the L3 table entry.
934	 */
935	/* Find the table index */
936	lsr	x11, x8, #L3_SHIFT
937	and	x11, x11, #Ln_ADDR_MASK
938
939	/* Build the L3 page entry */
940	orr	x12, x7, #L3_PAGE
941	orr	x12, x12, #(ATTR_AF)
942	orr	x12, x12, #(ATTR_S1_UXN)
943#ifdef __ARM_FEATURE_BTI_DEFAULT
944	orr	x12, x12, x21
945#endif
946	/* Set the shareability attribute */
947	orr	x12, x12, x22
948
949	/* Only use the output address bits */
950	lsr	x9, x9, #L3_SHIFT
951
952	/* Check if an ATTR_CONTIGUOUS mapping is possible */
9531:	tst	x11, #(L3C_ENTRIES - 1)
954	b.ne	2f
955	cmp	x10, #L3C_ENTRIES
956	b.lo	3f
957	orr	x12, x12, #(ATTR_CONTIGUOUS)
958	b	2f
9593:	and	x12, x12, #(~ATTR_CONTIGUOUS)
960
961	/* Set the physical address for this virtual address */
9622:	orr	x13, x12, x9, lsl #L3_SHIFT
963
964	/* Store the entry */
965	str	x13, [x6, x11, lsl #3]
966
967	sub	x10, x10, #1
968	add	x11, x11, #1
969	add	x9, x9, #1
970	cbnz	x10, 1b
9712:
972
973	ret
974LEND(build_l3_page_pagetable)
975
976LENTRY(start_mmu)
977	dsb	sy
978
979	/* Load the exception vectors */
980	ldr	x2, =exception_vectors
981	msr	vbar_el1, x2
982
983	/* Load ttbr0 and ttbr1 */
984	msr	ttbr0_el1, x27
985	msr	ttbr1_el1, x24
986	isb
987
988	/* Clear the Monitor Debug System control register */
989	msr	mdscr_el1, xzr
990
991	/* Invalidate the TLB */
992	tlbi	vmalle1is
993	dsb	ish
994	isb
995
996	ldr	x2, mair
997	msr	mair_el1, x2
998
999	/*
1000	 * Setup TCR according to the PARange and ASIDBits fields
1001	 * from ID_AA64MMFR0_EL1 and the HAFDBS field from the
1002	 * ID_AA64MMFR1_EL1.  More precisely, set TCR_EL1.AS
1003	 * to 1 only if the ASIDBits field equals 0b0010.
1004	 */
1005	ldr	x2, tcr
1006
1007	/* If x22 contains a non-zero value then LPA2 is not implemented */
1008	cbnz	x22, .Lno_lpa2
1009	ldr	x3, =(TCR_DS)
1010	orr	x2, x2, x3
1011.Lno_lpa2:
1012
1013	mrs	x3, id_aa64mmfr0_el1
1014
1015	/* Copy the bottom 3 bits from id_aa64mmfr0_el1 into TCR.IPS */
1016	bfi	x2, x3, #(TCR_IPS_SHIFT), #(TCR_IPS_WIDTH)
1017	and	x3, x3, #(ID_AA64MMFR0_ASIDBits_MASK)
1018
1019	/* Check if the HW supports 16 bit ASIDS */
1020	cmp	x3, #(ID_AA64MMFR0_ASIDBits_16)
1021	/* If so x3 == 1, else x3 == 0 */
1022	cset	x3, eq
1023	/* Set TCR.AS with x3 */
1024	bfi	x2, x3, #(TCR_ASID_SHIFT), #(TCR_ASID_WIDTH)
1025
1026	/*
1027	 * Check if the HW supports access flag updates, and set
1028	 * TCR_EL1.HA accordingly. The TCR_EL1.HD flag to enable
1029	 * HW management of dirty state is set in C code as it may
1030	 * need to be disabled because of CPU errata.
1031	 */
1032	CHECK_CPU_FEAT(x3, ID_AA64MMFR1, HAFDBS, 1f)
1033	orr	x2, x2, #(TCR_HA)
10341:
1035
1036	msr	tcr_el1, x2
1037
1038	/*
1039	 * Setup SCTLR.
1040	 */
1041	ldr	x2, sctlr_set
1042	ldr	x3, sctlr_clear
1043	mrs	x1, sctlr_el1
1044	bic	x1, x1, x3	/* Clear the required bits */
1045	orr	x1, x1, x2	/* Set the required bits */
1046	msr	sctlr_el1, x1
1047	isb
1048
1049	ret
1050
1051	.align 3
1052mair:
1053	.quad	MAIR_ATTR(MAIR_DEVICE_nGnRnE, VM_MEMATTR_DEVICE_nGnRnE) | \
1054		MAIR_ATTR(MAIR_NORMAL_NC, VM_MEMATTR_UNCACHEABLE)   |	\
1055		MAIR_ATTR(MAIR_NORMAL_WB, VM_MEMATTR_WRITE_BACK)    |	\
1056		MAIR_ATTR(MAIR_NORMAL_WT, VM_MEMATTR_WRITE_THROUGH) |	\
1057		MAIR_ATTR(MAIR_DEVICE_nGnRE, VM_MEMATTR_DEVICE_nGnRE)
1058tcr:
1059#if PAGE_SIZE == PAGE_SIZE_4K
1060#define	TCR_TG	(TCR_TG1_4K | TCR_TG0_4K)
1061#elif PAGE_SIZE == PAGE_SIZE_16K
1062#define	TCR_TG	(TCR_TG1_16K | TCR_TG0_16K)
1063#else
1064#error Unsupported page size
1065#endif
1066
1067	.quad (TCR_TxSZ(64 - VIRT_BITS) | TCR_TG |			\
1068	    TCR_SH1_IS | TCR_ORGN1_WBWA | TCR_IRGN1_WBWA |		\
1069	    TCR_SH0_IS | TCR_ORGN0_WBWA | TCR_IRGN0_WBWA)
1070sctlr_set:
1071	/* Bits to set */
1072	.quad (SCTLR_LSMAOE | SCTLR_nTLSMD | SCTLR_UCI | SCTLR_SPAN | \
1073	    SCTLR_nTWE | SCTLR_nTWI | SCTLR_UCT | SCTLR_DZE | \
1074	    SCTLR_I | SCTLR_SED | SCTLR_SA0 | SCTLR_SA | SCTLR_C | \
1075	    SCTLR_M | SCTLR_CP15BEN | SCTLR_BT1 | SCTLR_BT0)
1076sctlr_clear:
1077	/* Bits to clear */
1078	.quad (SCTLR_EE | SCTLR_E0E | SCTLR_IESB | SCTLR_WXN | SCTLR_UMA | \
1079	    SCTLR_ITD | SCTLR_A)
1080LEND(start_mmu)
1081
1082ENTRY(abort)
1083	b abort
1084END(abort)
1085
1086.bss
1087	.align	PAGE_SHIFT
1088initstack:
1089	.space	BOOT_STACK_SIZE
1090initstack_end:
1091
1092	.section .init_pagetable, "aw", %nobits
1093	.align PAGE_SHIFT
1094	/*
1095	 * 6 initial tables (in the following order):
1096	 *           L2 for kernel (High addresses)
1097	 *           L1 for kernel
1098	 *           L0 for kernel
1099	 *           L1 bootstrap for user   (Low addresses)
1100	 *           L0 bootstrap for user
1101	 *           L0 for user
1102	 */
1103	.globl pagetable_l0_ttbr1
1104pagetable:
1105pagetable_l3_ttbr1:
1106	.space	(PAGE_SIZE * L3_PAGE_COUNT)
1107pagetable_l2_ttbr1:
1108	.space	PAGE_SIZE
1109pagetable_l1_ttbr1:
1110	.space	PAGE_SIZE
1111pagetable_l0_ttbr1:
1112	.space	PAGE_SIZE
1113pagetable_l2_ttbr0_bootstrap:
1114	.space	PAGE_SIZE
1115pagetable_l1_ttbr0_bootstrap:
1116	.space	PAGE_SIZE
1117pagetable_l0_ttbr0_bootstrap:
1118	.space	PAGE_SIZE
1119pagetable_l0_ttbr0:
1120	.space	PAGE_SIZE
1121pagetable_end:
1122
1123el2_pagetable:
1124	.space	PAGE_SIZE
1125
1126	.section .rodata, "a", %progbits
1127	.globl	aarch32_sigcode
1128	.align 2
1129aarch32_sigcode:
1130	.word 0xe1a0000d	// mov r0, sp
1131	.word 0xe2800040	// add r0, r0, #SIGF_UC
1132	.word 0xe59f700c	// ldr r7, [pc, #12]
1133	.word 0xef000000	// swi #0
1134	.word 0xe59f7008	// ldr r7, [pc, #8]
1135	.word 0xef000000	// swi #0
1136	.word 0xeafffffa	// b . - 16
1137	.word SYS_sigreturn
1138	.word SYS_exit
1139	.align	3
1140	.size aarch32_sigcode, . - aarch32_sigcode
1141aarch32_esigcode:
1142	.data
1143	.global sz_aarch32_sigcode
1144sz_aarch32_sigcode:
1145	.quad aarch32_esigcode - aarch32_sigcode
1146
1147GNU_PROPERTY_AARCH64_FEATURE_1_NOTE(GNU_PROPERTY_AARCH64_FEATURE_1_VAL)
1148