xref: /linux/arch/arm64/mm/proc.S (revision b68fc09be48edbc47de1a0f3d42ef8adf6c0ac55) 
1/*
2 * Based on arch/arm/mm/proc.S
3 *
4 * Copyright (C) 2001 Deep Blue Solutions Ltd.
5 * Copyright (C) 2012 ARM Ltd.
6 * Author: Catalin Marinas <catalin.marinas@arm.com>
7 *
8 * This program is free software; you can redistribute it and/or modify
9 * it under the terms of the GNU General Public License version 2 as
10 * published by the Free Software Foundation.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
19 */
20
21#include <linux/init.h>
22#include <linux/linkage.h>
23#include <asm/assembler.h>
24#include <asm/asm-offsets.h>
25#include <asm/hwcap.h>
26#include <asm/pgtable.h>
27#include <asm/pgtable-hwdef.h>
28#include <asm/cpufeature.h>
29#include <asm/alternative.h>
30
31#ifdef CONFIG_ARM64_64K_PAGES
32#define TCR_TG_FLAGS	TCR_TG0_64K | TCR_TG1_64K
33#elif defined(CONFIG_ARM64_16K_PAGES)
34#define TCR_TG_FLAGS	TCR_TG0_16K | TCR_TG1_16K
35#else /* CONFIG_ARM64_4K_PAGES */
36#define TCR_TG_FLAGS	TCR_TG0_4K | TCR_TG1_4K
37#endif
38
39#ifdef CONFIG_RANDOMIZE_BASE
40#define TCR_KASLR_FLAGS	TCR_NFD1
41#else
42#define TCR_KASLR_FLAGS	0
43#endif
44
45#define TCR_SMP_FLAGS	TCR_SHARED
46
47/* PTWs cacheable, inner/outer WBWA */
48#define TCR_CACHE_FLAGS	TCR_IRGN_WBWA | TCR_ORGN_WBWA
49
50#define MAIR(attr, mt)	((attr) << ((mt) * 8))
51
52/*
53 *	cpu_do_idle()
54 *
55 *	Idle the processor (wait for interrupt).
56 */
57ENTRY(cpu_do_idle)
58	dsb	sy				// WFI may enter a low-power mode
59	wfi
60	ret
61ENDPROC(cpu_do_idle)
62
63#ifdef CONFIG_CPU_PM
64/**
65 * cpu_do_suspend - save CPU registers context
66 *
67 * x0: virtual address of context pointer
68 */
69ENTRY(cpu_do_suspend)
70	mrs	x2, tpidr_el0
71	mrs	x3, tpidrro_el0
72	mrs	x4, contextidr_el1
73	mrs	x5, cpacr_el1
74	mrs	x6, tcr_el1
75	mrs	x7, vbar_el1
76	mrs	x8, mdscr_el1
77	mrs	x9, oslsr_el1
78	mrs	x10, sctlr_el1
79alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
80	mrs	x11, tpidr_el1
81alternative_else
82	mrs	x11, tpidr_el2
83alternative_endif
84	mrs	x12, sp_el0
85	stp	x2, x3, [x0]
86	stp	x4, xzr, [x0, #16]
87	stp	x5, x6, [x0, #32]
88	stp	x7, x8, [x0, #48]
89	stp	x9, x10, [x0, #64]
90	stp	x11, x12, [x0, #80]
91	ret
92ENDPROC(cpu_do_suspend)
93
94/**
95 * cpu_do_resume - restore CPU register context
96 *
97 * x0: Address of context pointer
98 */
99	.pushsection ".idmap.text", "awx"
100ENTRY(cpu_do_resume)
101	ldp	x2, x3, [x0]
102	ldp	x4, x5, [x0, #16]
103	ldp	x6, x8, [x0, #32]
104	ldp	x9, x10, [x0, #48]
105	ldp	x11, x12, [x0, #64]
106	ldp	x13, x14, [x0, #80]
107	msr	tpidr_el0, x2
108	msr	tpidrro_el0, x3
109	msr	contextidr_el1, x4
110	msr	cpacr_el1, x6
111
112	/* Don't change t0sz here, mask those bits when restoring */
113	mrs	x5, tcr_el1
114	bfi	x8, x5, TCR_T0SZ_OFFSET, TCR_TxSZ_WIDTH
115
116	msr	tcr_el1, x8
117	msr	vbar_el1, x9
118
119	/*
120	 * __cpu_setup() cleared MDSCR_EL1.MDE and friends, before unmasking
121	 * debug exceptions. By restoring MDSCR_EL1 here, we may take a debug
122	 * exception. Mask them until local_daif_restore() in cpu_suspend()
123	 * resets them.
124	 */
125	disable_daif
126	msr	mdscr_el1, x10
127
128	msr	sctlr_el1, x12
129alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
130	msr	tpidr_el1, x13
131alternative_else
132	msr	tpidr_el2, x13
133alternative_endif
134	msr	sp_el0, x14
135	/*
136	 * Restore oslsr_el1 by writing oslar_el1
137	 */
138	ubfx	x11, x11, #1, #1
139	msr	oslar_el1, x11
140	reset_pmuserenr_el0 x0			// Disable PMU access from EL0
141
142alternative_if ARM64_HAS_RAS_EXTN
143	msr_s	SYS_DISR_EL1, xzr
144alternative_else_nop_endif
145
146	isb
147	ret
148ENDPROC(cpu_do_resume)
149	.popsection
150#endif
151
152/*
153 *	cpu_do_switch_mm(pgd_phys, tsk)
154 *
155 *	Set the translation table base pointer to be pgd_phys.
156 *
157 *	- pgd_phys - physical address of new TTB
158 */
159ENTRY(cpu_do_switch_mm)
160	mrs	x2, ttbr1_el1
161	mmid	x1, x1				// get mm->context.id
162	phys_to_ttbr x3, x0
163#ifdef CONFIG_ARM64_SW_TTBR0_PAN
164	bfi	x3, x1, #48, #16		// set the ASID field in TTBR0
165#endif
166	bfi	x2, x1, #48, #16		// set the ASID
167	msr	ttbr1_el1, x2			// in TTBR1 (since TCR.A1 is set)
168	isb
169	msr	ttbr0_el1, x3			// now update TTBR0
170	isb
171	b	post_ttbr_update_workaround	// Back to C code...
172ENDPROC(cpu_do_switch_mm)
173
174	.pushsection ".idmap.text", "awx"
175
176.macro	__idmap_cpu_set_reserved_ttbr1, tmp1, tmp2
177	adrp	\tmp1, empty_zero_page
178	phys_to_ttbr \tmp2, \tmp1
179	msr	ttbr1_el1, \tmp2
180	isb
181	tlbi	vmalle1
182	dsb	nsh
183	isb
184.endm
185
186/*
187 * void idmap_cpu_replace_ttbr1(phys_addr_t new_pgd)
188 *
189 * This is the low-level counterpart to cpu_replace_ttbr1, and should not be
190 * called by anything else. It can only be executed from a TTBR0 mapping.
191 */
192ENTRY(idmap_cpu_replace_ttbr1)
193	save_and_disable_daif flags=x2
194
195	__idmap_cpu_set_reserved_ttbr1 x1, x3
196
197	phys_to_ttbr x3, x0
198	msr	ttbr1_el1, x3
199	isb
200
201	restore_daif x2
202
203	ret
204ENDPROC(idmap_cpu_replace_ttbr1)
205	.popsection
206
207#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
208	.pushsection ".idmap.text", "awx"
209
210	.macro	__idmap_kpti_get_pgtable_ent, type
211	dc	cvac, cur_\()\type\()p		// Ensure any existing dirty
212	dmb	sy				// lines are written back before
213	ldr	\type, [cur_\()\type\()p]	// loading the entry
214	tbz	\type, #0, skip_\()\type	// Skip invalid and
215	tbnz	\type, #11, skip_\()\type	// non-global entries
216	.endm
217
218	.macro __idmap_kpti_put_pgtable_ent_ng, type
219	orr	\type, \type, #PTE_NG		// Same bit for blocks and pages
220	str	\type, [cur_\()\type\()p]	// Update the entry and ensure
221	dmb	sy				// that it is visible to all
222	dc	civac, cur_\()\type\()p		// CPUs.
223	.endm
224
225/*
226 * void __kpti_install_ng_mappings(int cpu, int num_cpus, phys_addr_t swapper)
227 *
228 * Called exactly once from stop_machine context by each CPU found during boot.
229 */
230__idmap_kpti_flag:
231	.long	1
232ENTRY(idmap_kpti_install_ng_mappings)
233	cpu		.req	w0
234	num_cpus	.req	w1
235	swapper_pa	.req	x2
236	swapper_ttb	.req	x3
237	flag_ptr	.req	x4
238	cur_pgdp	.req	x5
239	end_pgdp	.req	x6
240	pgd		.req	x7
241	cur_pudp	.req	x8
242	end_pudp	.req	x9
243	pud		.req	x10
244	cur_pmdp	.req	x11
245	end_pmdp	.req	x12
246	pmd		.req	x13
247	cur_ptep	.req	x14
248	end_ptep	.req	x15
249	pte		.req	x16
250
251	mrs	swapper_ttb, ttbr1_el1
252	adr	flag_ptr, __idmap_kpti_flag
253
254	cbnz	cpu, __idmap_kpti_secondary
255
256	/* We're the boot CPU. Wait for the others to catch up */
257	sevl
2581:	wfe
259	ldaxr	w18, [flag_ptr]
260	eor	w18, w18, num_cpus
261	cbnz	w18, 1b
262
263	/* We need to walk swapper, so turn off the MMU. */
264	pre_disable_mmu_workaround
265	mrs	x18, sctlr_el1
266	bic	x18, x18, #SCTLR_ELx_M
267	msr	sctlr_el1, x18
268	isb
269
270	/* Everybody is enjoying the idmap, so we can rewrite swapper. */
271	/* PGD */
272	mov	cur_pgdp, swapper_pa
273	add	end_pgdp, cur_pgdp, #(PTRS_PER_PGD * 8)
274do_pgd:	__idmap_kpti_get_pgtable_ent	pgd
275	tbnz	pgd, #1, walk_puds
276next_pgd:
277	__idmap_kpti_put_pgtable_ent_ng	pgd
278skip_pgd:
279	add	cur_pgdp, cur_pgdp, #8
280	cmp	cur_pgdp, end_pgdp
281	b.ne	do_pgd
282
283	/* Publish the updated tables and nuke all the TLBs */
284	dsb	sy
285	tlbi	vmalle1is
286	dsb	ish
287	isb
288
289	/* We're done: fire up the MMU again */
290	mrs	x18, sctlr_el1
291	orr	x18, x18, #SCTLR_ELx_M
292	msr	sctlr_el1, x18
293	isb
294
295	/* Set the flag to zero to indicate that we're all done */
296	str	wzr, [flag_ptr]
297	ret
298
299	/* PUD */
300walk_puds:
301	.if CONFIG_PGTABLE_LEVELS > 3
302	pte_to_phys	cur_pudp, pgd
303	add	end_pudp, cur_pudp, #(PTRS_PER_PUD * 8)
304do_pud:	__idmap_kpti_get_pgtable_ent	pud
305	tbnz	pud, #1, walk_pmds
306next_pud:
307	__idmap_kpti_put_pgtable_ent_ng	pud
308skip_pud:
309	add	cur_pudp, cur_pudp, 8
310	cmp	cur_pudp, end_pudp
311	b.ne	do_pud
312	b	next_pgd
313	.else /* CONFIG_PGTABLE_LEVELS <= 3 */
314	mov	pud, pgd
315	b	walk_pmds
316next_pud:
317	b	next_pgd
318	.endif
319
320	/* PMD */
321walk_pmds:
322	.if CONFIG_PGTABLE_LEVELS > 2
323	pte_to_phys	cur_pmdp, pud
324	add	end_pmdp, cur_pmdp, #(PTRS_PER_PMD * 8)
325do_pmd:	__idmap_kpti_get_pgtable_ent	pmd
326	tbnz	pmd, #1, walk_ptes
327next_pmd:
328	__idmap_kpti_put_pgtable_ent_ng	pmd
329skip_pmd:
330	add	cur_pmdp, cur_pmdp, #8
331	cmp	cur_pmdp, end_pmdp
332	b.ne	do_pmd
333	b	next_pud
334	.else /* CONFIG_PGTABLE_LEVELS <= 2 */
335	mov	pmd, pud
336	b	walk_ptes
337next_pmd:
338	b	next_pud
339	.endif
340
341	/* PTE */
342walk_ptes:
343	pte_to_phys	cur_ptep, pmd
344	add	end_ptep, cur_ptep, #(PTRS_PER_PTE * 8)
345do_pte:	__idmap_kpti_get_pgtable_ent	pte
346	__idmap_kpti_put_pgtable_ent_ng	pte
347skip_pte:
348	add	cur_ptep, cur_ptep, #8
349	cmp	cur_ptep, end_ptep
350	b.ne	do_pte
351	b	next_pmd
352
353	/* Secondary CPUs end up here */
354__idmap_kpti_secondary:
355	/* Uninstall swapper before surgery begins */
356	__idmap_cpu_set_reserved_ttbr1 x18, x17
357
358	/* Increment the flag to let the boot CPU we're ready */
3591:	ldxr	w18, [flag_ptr]
360	add	w18, w18, #1
361	stxr	w17, w18, [flag_ptr]
362	cbnz	w17, 1b
363
364	/* Wait for the boot CPU to finish messing around with swapper */
365	sevl
3661:	wfe
367	ldxr	w18, [flag_ptr]
368	cbnz	w18, 1b
369
370	/* All done, act like nothing happened */
371	msr	ttbr1_el1, swapper_ttb
372	isb
373	ret
374
375	.unreq	cpu
376	.unreq	num_cpus
377	.unreq	swapper_pa
378	.unreq	swapper_ttb
379	.unreq	flag_ptr
380	.unreq	cur_pgdp
381	.unreq	end_pgdp
382	.unreq	pgd
383	.unreq	cur_pudp
384	.unreq	end_pudp
385	.unreq	pud
386	.unreq	cur_pmdp
387	.unreq	end_pmdp
388	.unreq	pmd
389	.unreq	cur_ptep
390	.unreq	end_ptep
391	.unreq	pte
392ENDPROC(idmap_kpti_install_ng_mappings)
393	.popsection
394#endif
395
396/*
397 *	__cpu_setup
398 *
399 *	Initialise the processor for turning the MMU on.  Return in x0 the
400 *	value of the SCTLR_EL1 register.
401 */
402	.pushsection ".idmap.text", "awx"
403ENTRY(__cpu_setup)
404	tlbi	vmalle1				// Invalidate local TLB
405	dsb	nsh
406
407	mov	x0, #3 << 20
408	msr	cpacr_el1, x0			// Enable FP/ASIMD
409	mov	x0, #1 << 12			// Reset mdscr_el1 and disable
410	msr	mdscr_el1, x0			// access to the DCC from EL0
411	isb					// Unmask debug exceptions now,
412	enable_dbg				// since this is per-cpu
413	reset_pmuserenr_el0 x0			// Disable PMU access from EL0
414	/*
415	 * Memory region attributes for LPAE:
416	 *
417	 *   n = AttrIndx[2:0]
418	 *			n	MAIR
419	 *   DEVICE_nGnRnE	000	00000000
420	 *   DEVICE_nGnRE	001	00000100
421	 *   DEVICE_GRE		010	00001100
422	 *   NORMAL_NC		011	01000100
423	 *   NORMAL		100	11111111
424	 *   NORMAL_WT		101	10111011
425	 */
426	ldr	x5, =MAIR(0x00, MT_DEVICE_nGnRnE) | \
427		     MAIR(0x04, MT_DEVICE_nGnRE) | \
428		     MAIR(0x0c, MT_DEVICE_GRE) | \
429		     MAIR(0x44, MT_NORMAL_NC) | \
430		     MAIR(0xff, MT_NORMAL) | \
431		     MAIR(0xbb, MT_NORMAL_WT)
432	msr	mair_el1, x5
433	/*
434	 * Prepare SCTLR
435	 */
436	mov_q	x0, SCTLR_EL1_SET
437	/*
438	 * Set/prepare TCR and TTBR. We use 512GB (39-bit) address range for
439	 * both user and kernel.
440	 */
441	ldr	x10, =TCR_TxSZ(VA_BITS) | TCR_CACHE_FLAGS | TCR_SMP_FLAGS | \
442			TCR_TG_FLAGS | TCR_KASLR_FLAGS | TCR_ASID16 | \
443			TCR_TBI0 | TCR_A1
444	tcr_set_idmap_t0sz	x10, x9
445
446	/*
447	 * Set the IPS bits in TCR_EL1.
448	 */
449	tcr_compute_pa_size x10, #TCR_IPS_SHIFT, x5, x6
450#ifdef CONFIG_ARM64_HW_AFDBM
451	/*
452	 * Enable hardware update of the Access Flags bit.
453	 * Hardware dirty bit management is enabled later,
454	 * via capabilities.
455	 */
456	mrs	x9, ID_AA64MMFR1_EL1
457	and	x9, x9, #0xf
458	cbz	x9, 1f
459	orr	x10, x10, #TCR_HA		// hardware Access flag update
4601:
461#endif	/* CONFIG_ARM64_HW_AFDBM */
462	msr	tcr_el1, x10
463	ret					// return to head.S
464ENDPROC(__cpu_setup)
465