xref: /linux/arch/powerpc/kernel/exceptions-64e.S (revision 68c402fe5c5e5aa9a04c8bba9d99feb08a68afa7)
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 *  Boot code and exception vectors for Book3E processors
4 *
5 *  Copyright (C) 2007 Ben. Herrenschmidt (benh@kernel.crashing.org), IBM Corp.
6 */
7
8#include <linux/linkage.h>
9#include <linux/threads.h>
10#include <asm/reg.h>
11#include <asm/page.h>
12#include <asm/ppc_asm.h>
13#include <asm/asm-offsets.h>
14#include <asm/cputable.h>
15#include <asm/setup.h>
16#include <asm/thread_info.h>
17#include <asm/exception-64e.h>
18#include <asm/bug.h>
19#include <asm/irqflags.h>
20#include <asm/ptrace.h>
21#include <asm/ppc-opcode.h>
22#include <asm/mmu.h>
23#include <asm/hw_irq.h>
24#include <asm/kvm_asm.h>
25#include <asm/kvm_booke_hv_asm.h>
26#include <asm/feature-fixups.h>
27#include <asm/context_tracking.h>
28
29/* 64e interrupt returns always use SRR registers */
30#define fast_interrupt_return fast_interrupt_return_srr
31#define interrupt_return interrupt_return_srr
32
33/* XXX This will ultimately add space for a special exception save
34 *     structure used to save things like SRR0/SRR1, SPRGs, MAS, etc...
35 *     when taking special interrupts. For now we don't support that,
36 *     special interrupts from within a non-standard level will probably
37 *     blow you up
38 */
39#define SPECIAL_EXC_SRR0	0
40#define SPECIAL_EXC_SRR1	1
41#define SPECIAL_EXC_SPRG_GEN	2
42#define SPECIAL_EXC_SPRG_TLB	3
43#define SPECIAL_EXC_MAS0	4
44#define SPECIAL_EXC_MAS1	5
45#define SPECIAL_EXC_MAS2	6
46#define SPECIAL_EXC_MAS3	7
47#define SPECIAL_EXC_MAS6	8
48#define SPECIAL_EXC_MAS7	9
49#define SPECIAL_EXC_MAS5	10	/* E.HV only */
50#define SPECIAL_EXC_MAS8	11	/* E.HV only */
51#define SPECIAL_EXC_IRQHAPPENED	12
52#define SPECIAL_EXC_DEAR	13
53#define SPECIAL_EXC_ESR		14
54#define SPECIAL_EXC_SOFTE	15
55#define SPECIAL_EXC_CSRR0	16
56#define SPECIAL_EXC_CSRR1	17
57/* must be even to keep 16-byte stack alignment */
58#define SPECIAL_EXC_END		18
59
60#define SPECIAL_EXC_FRAME_SIZE	(INT_FRAME_SIZE + SPECIAL_EXC_END * 8)
61#define SPECIAL_EXC_FRAME_OFFS  (INT_FRAME_SIZE - 288)
62
63#define SPECIAL_EXC_STORE(reg, name) \
64	std	reg, (SPECIAL_EXC_##name * 8 + SPECIAL_EXC_FRAME_OFFS)(r1)
65
66#define SPECIAL_EXC_LOAD(reg, name) \
67	ld	reg, (SPECIAL_EXC_##name * 8 + SPECIAL_EXC_FRAME_OFFS)(r1)
68
69SYM_CODE_START_LOCAL(special_reg_save)
70	/*
71	 * We only need (or have stack space) to save this stuff if
72	 * we interrupted the kernel.
73	 */
74	ld	r3,_MSR(r1)
75	andi.	r3,r3,MSR_PR
76	bnelr
77
78	/*
79	 * Advance to the next TLB exception frame for handler
80	 * types that don't do it automatically.
81	 */
82	LOAD_REG_ADDR(r11,extlb_level_exc)
83	lwz	r12,0(r11)
84	mfspr	r10,SPRN_SPRG_TLB_EXFRAME
85	add	r10,r10,r12
86	mtspr	SPRN_SPRG_TLB_EXFRAME,r10
87
88	/*
89	 * Save registers needed to allow nesting of certain exceptions
90	 * (such as TLB misses) inside special exception levels
91	 */
92	mfspr	r10,SPRN_SRR0
93	SPECIAL_EXC_STORE(r10,SRR0)
94	mfspr	r10,SPRN_SRR1
95	SPECIAL_EXC_STORE(r10,SRR1)
96	mfspr	r10,SPRN_SPRG_GEN_SCRATCH
97	SPECIAL_EXC_STORE(r10,SPRG_GEN)
98	mfspr	r10,SPRN_SPRG_TLB_SCRATCH
99	SPECIAL_EXC_STORE(r10,SPRG_TLB)
100	mfspr	r10,SPRN_MAS0
101	SPECIAL_EXC_STORE(r10,MAS0)
102	mfspr	r10,SPRN_MAS1
103	SPECIAL_EXC_STORE(r10,MAS1)
104	mfspr	r10,SPRN_MAS2
105	SPECIAL_EXC_STORE(r10,MAS2)
106	mfspr	r10,SPRN_MAS3
107	SPECIAL_EXC_STORE(r10,MAS3)
108	mfspr	r10,SPRN_MAS6
109	SPECIAL_EXC_STORE(r10,MAS6)
110	mfspr	r10,SPRN_MAS7
111	SPECIAL_EXC_STORE(r10,MAS7)
112BEGIN_FTR_SECTION
113	mfspr	r10,SPRN_MAS5
114	SPECIAL_EXC_STORE(r10,MAS5)
115	mfspr	r10,SPRN_MAS8
116	SPECIAL_EXC_STORE(r10,MAS8)
117
118	/* MAS5/8 could have inappropriate values if we interrupted KVM code */
119	li	r10,0
120	mtspr	SPRN_MAS5,r10
121	mtspr	SPRN_MAS8,r10
122END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV)
123	mfspr	r10,SPRN_DEAR
124	SPECIAL_EXC_STORE(r10,DEAR)
125	mfspr	r10,SPRN_ESR
126	SPECIAL_EXC_STORE(r10,ESR)
127
128	ld	r10,_NIP(r1)
129	SPECIAL_EXC_STORE(r10,CSRR0)
130	ld	r10,_MSR(r1)
131	SPECIAL_EXC_STORE(r10,CSRR1)
132
133	blr
134SYM_CODE_END(special_reg_save)
135
136SYM_CODE_START_LOCAL(ret_from_level_except)
137	ld	r3,_MSR(r1)
138	andi.	r3,r3,MSR_PR
139	beq	1f
140	REST_NVGPRS(r1)
141	b	interrupt_return
1421:
143
144	LOAD_REG_ADDR(r11,extlb_level_exc)
145	lwz	r12,0(r11)
146	mfspr	r10,SPRN_SPRG_TLB_EXFRAME
147	sub	r10,r10,r12
148	mtspr	SPRN_SPRG_TLB_EXFRAME,r10
149
150	/*
151	 * It's possible that the special level exception interrupted a
152	 * TLB miss handler, and inserted the same entry that the
153	 * interrupted handler was about to insert.  On CPUs without TLB
154	 * write conditional, this can result in a duplicate TLB entry.
155	 * Wipe all non-bolted entries to be safe.
156	 *
157	 * Note that this doesn't protect against any TLB misses
158	 * we may take accessing the stack from here to the end of
159	 * the special level exception.  It's not clear how we can
160	 * reasonably protect against that, but only CPUs with
161	 * neither TLB write conditional nor bolted kernel memory
162	 * are affected.  Do any such CPUs even exist?
163	 */
164	PPC_TLBILX_ALL(0,R0)
165
166	REST_NVGPRS(r1)
167
168	SPECIAL_EXC_LOAD(r10,SRR0)
169	mtspr	SPRN_SRR0,r10
170	SPECIAL_EXC_LOAD(r10,SRR1)
171	mtspr	SPRN_SRR1,r10
172	SPECIAL_EXC_LOAD(r10,SPRG_GEN)
173	mtspr	SPRN_SPRG_GEN_SCRATCH,r10
174	SPECIAL_EXC_LOAD(r10,SPRG_TLB)
175	mtspr	SPRN_SPRG_TLB_SCRATCH,r10
176	SPECIAL_EXC_LOAD(r10,MAS0)
177	mtspr	SPRN_MAS0,r10
178	SPECIAL_EXC_LOAD(r10,MAS1)
179	mtspr	SPRN_MAS1,r10
180	SPECIAL_EXC_LOAD(r10,MAS2)
181	mtspr	SPRN_MAS2,r10
182	SPECIAL_EXC_LOAD(r10,MAS3)
183	mtspr	SPRN_MAS3,r10
184	SPECIAL_EXC_LOAD(r10,MAS6)
185	mtspr	SPRN_MAS6,r10
186	SPECIAL_EXC_LOAD(r10,MAS7)
187	mtspr	SPRN_MAS7,r10
188BEGIN_FTR_SECTION
189	SPECIAL_EXC_LOAD(r10,MAS5)
190	mtspr	SPRN_MAS5,r10
191	SPECIAL_EXC_LOAD(r10,MAS8)
192	mtspr	SPRN_MAS8,r10
193END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV)
194
195	SPECIAL_EXC_LOAD(r10,DEAR)
196	mtspr	SPRN_DEAR,r10
197	SPECIAL_EXC_LOAD(r10,ESR)
198	mtspr	SPRN_ESR,r10
199
200	stdcx.	r0,0,r1		/* to clear the reservation */
201
202	REST_GPRS(2, 9, r1)
203
204	ld	r10,_CTR(r1)
205	ld	r11,_XER(r1)
206	mtctr	r10
207	mtxer	r11
208
209	blr
210SYM_CODE_END(ret_from_level_except)
211
212.macro ret_from_level srr0 srr1 paca_ex scratch
213	bl	ret_from_level_except
214
215	ld	r10,_LINK(r1)
216	ld	r11,_CCR(r1)
217	ld	r0,GPR13(r1)
218	mtlr	r10
219	mtcr	r11
220
221	REST_GPRS(10, 12, r1)
222	mtspr	\scratch,r0
223
224	std	r10,\paca_ex+EX_R10(r13);
225	std	r11,\paca_ex+EX_R11(r13);
226	ld	r10,_NIP(r1)
227	ld	r11,_MSR(r1)
228	REST_GPR(0, r1)
229	REST_GPR(1, r1)
230	mtspr	\srr0,r10
231	mtspr	\srr1,r11
232	ld	r10,\paca_ex+EX_R10(r13)
233	ld	r11,\paca_ex+EX_R11(r13)
234	mfspr	r13,\scratch
235.endm
236
237SYM_CODE_START_LOCAL(ret_from_crit_except)
238	ret_from_level SPRN_CSRR0 SPRN_CSRR1 PACA_EXCRIT SPRN_SPRG_CRIT_SCRATCH
239	rfci
240SYM_CODE_END(ret_from_crit_except)
241
242SYM_CODE_START_LOCAL(ret_from_mc_except)
243	ret_from_level SPRN_MCSRR0 SPRN_MCSRR1 PACA_EXMC SPRN_SPRG_MC_SCRATCH
244	rfmci
245SYM_CODE_END(ret_from_mc_except)
246
247/* Exception prolog code for all exceptions */
248#define EXCEPTION_PROLOG(n, intnum, type, addition)	    		    \
249	mtspr	SPRN_SPRG_##type##_SCRATCH,r13;	/* get spare registers */   \
250	mfspr	r13,SPRN_SPRG_PACA;	/* get PACA */			    \
251	std	r10,PACA_EX##type+EX_R10(r13);				    \
252	std	r11,PACA_EX##type+EX_R11(r13);				    \
253	mfcr	r10;			/* save CR */			    \
254	mfspr	r11,SPRN_##type##_SRR1;/* what are we coming from */	    \
255	DO_KVM	intnum,SPRN_##type##_SRR1;    /* KVM hook */		    \
256	stw	r10,PACA_EX##type+EX_CR(r13); /* save old CR in the PACA */ \
257	addition;			/* additional code for that exc. */ \
258	std	r1,PACA_EX##type+EX_R1(r13); /* save old r1 in the PACA */  \
259	type##_SET_KSTACK;		/* get special stack if necessary */\
260	andi.	r10,r11,MSR_PR;		/* save stack pointer */	    \
261	beq	1f;			/* branch around if supervisor */   \
262	ld	r1,PACAKSAVE(r13);	/* get kernel stack coming from usr */\
2631:	type##_BTB_FLUSH		\
264	cmpdi	cr1,r1,0;		/* check if SP makes sense */	    \
265	bge-	cr1,exc_##n##_bad_stack;/* bad stack (TODO: out of line) */ \
266	mfspr	r10,SPRN_##type##_SRR0;	/* read SRR0 before touching stack */
267
268/* Exception type-specific macros */
269#define	GEN_SET_KSTACK							    \
270	subi	r1,r1,INT_FRAME_SIZE;	/* alloc frame on kernel stack */
271#define SPRN_GEN_SRR0	SPRN_SRR0
272#define SPRN_GEN_SRR1	SPRN_SRR1
273
274#define	GDBELL_SET_KSTACK	GEN_SET_KSTACK
275#define SPRN_GDBELL_SRR0	SPRN_GSRR0
276#define SPRN_GDBELL_SRR1	SPRN_GSRR1
277
278#define CRIT_SET_KSTACK						            \
279	ld	r1,PACA_CRIT_STACK(r13);				    \
280	subi	r1,r1,SPECIAL_EXC_FRAME_SIZE
281#define SPRN_CRIT_SRR0	SPRN_CSRR0
282#define SPRN_CRIT_SRR1	SPRN_CSRR1
283
284#define DBG_SET_KSTACK						            \
285	ld	r1,PACA_DBG_STACK(r13);					    \
286	subi	r1,r1,SPECIAL_EXC_FRAME_SIZE
287#define SPRN_DBG_SRR0	SPRN_DSRR0
288#define SPRN_DBG_SRR1	SPRN_DSRR1
289
290#define MC_SET_KSTACK						            \
291	ld	r1,PACA_MC_STACK(r13);					    \
292	subi	r1,r1,SPECIAL_EXC_FRAME_SIZE
293#define SPRN_MC_SRR0	SPRN_MCSRR0
294#define SPRN_MC_SRR1	SPRN_MCSRR1
295
296#define GEN_BTB_FLUSH			\
297	START_BTB_FLUSH_SECTION		\
298		beq 1f;			\
299		BTB_FLUSH(r10)			\
300		1:		\
301	END_BTB_FLUSH_SECTION
302
303#define CRIT_BTB_FLUSH			\
304	START_BTB_FLUSH_SECTION		\
305		BTB_FLUSH(r10)		\
306	END_BTB_FLUSH_SECTION
307
308#define DBG_BTB_FLUSH CRIT_BTB_FLUSH
309#define MC_BTB_FLUSH CRIT_BTB_FLUSH
310#define GDBELL_BTB_FLUSH GEN_BTB_FLUSH
311
312#define NORMAL_EXCEPTION_PROLOG(n, intnum, addition)			    \
313	EXCEPTION_PROLOG(n, intnum, GEN, addition##_GEN(n))
314
315#define CRIT_EXCEPTION_PROLOG(n, intnum, addition)			    \
316	EXCEPTION_PROLOG(n, intnum, CRIT, addition##_CRIT(n))
317
318#define DBG_EXCEPTION_PROLOG(n, intnum, addition)			    \
319	EXCEPTION_PROLOG(n, intnum, DBG, addition##_DBG(n))
320
321#define MC_EXCEPTION_PROLOG(n, intnum, addition)			    \
322	EXCEPTION_PROLOG(n, intnum, MC, addition##_MC(n))
323
324#define GDBELL_EXCEPTION_PROLOG(n, intnum, addition)			    \
325	EXCEPTION_PROLOG(n, intnum, GDBELL, addition##_GDBELL(n))
326
327/* Variants of the "addition" argument for the prolog
328 */
329#define PROLOG_ADDITION_NONE_GEN(n)
330#define PROLOG_ADDITION_NONE_GDBELL(n)
331#define PROLOG_ADDITION_NONE_CRIT(n)
332#define PROLOG_ADDITION_NONE_DBG(n)
333#define PROLOG_ADDITION_NONE_MC(n)
334
335#define PROLOG_ADDITION_MASKABLE_GEN(n)					    \
336	lbz	r10,PACAIRQSOFTMASK(r13);	/* are irqs soft-masked? */ \
337	andi.	r10,r10,IRQS_DISABLED;	/* yes -> go out of line */ \
338	bne	masked_interrupt_book3e_##n
339
340/*
341 * Additional regs must be re-loaded from paca before EXCEPTION_COMMON* is
342 * called, because that does SAVE_NVGPRS which must see the original register
343 * values, otherwise the scratch values might be restored when exiting the
344 * interrupt.
345 */
346#define PROLOG_ADDITION_2REGS_GEN(n)					    \
347	std	r14,PACA_EXGEN+EX_R14(r13);				    \
348	std	r15,PACA_EXGEN+EX_R15(r13)
349
350#define PROLOG_ADDITION_1REG_GEN(n)					    \
351	std	r14,PACA_EXGEN+EX_R14(r13);
352
353#define PROLOG_ADDITION_2REGS_CRIT(n)					    \
354	std	r14,PACA_EXCRIT+EX_R14(r13);				    \
355	std	r15,PACA_EXCRIT+EX_R15(r13)
356
357#define PROLOG_ADDITION_2REGS_DBG(n)					    \
358	std	r14,PACA_EXDBG+EX_R14(r13);				    \
359	std	r15,PACA_EXDBG+EX_R15(r13)
360
361#define PROLOG_ADDITION_2REGS_MC(n)					    \
362	std	r14,PACA_EXMC+EX_R14(r13);				    \
363	std	r15,PACA_EXMC+EX_R15(r13)
364
365/* Core exception code for all exceptions except TLB misses. */
366#define EXCEPTION_COMMON_LVL(n, scratch, excf)				    \
367exc_##n##_common:							    \
368	SAVE_GPR(0, r1);		/* save r0 in stackframe */	    \
369	SAVE_GPRS(2, 9, r1);		/* save r2 - r9 in stackframe */    \
370	std	r10,_NIP(r1);		/* save SRR0 to stackframe */	    \
371	std	r11,_MSR(r1);		/* save SRR1 to stackframe */	    \
372	beq	2f;			/* if from kernel mode */	    \
3732:	ld	r3,excf+EX_R10(r13);	/* get back r10 */		    \
374	ld	r4,excf+EX_R11(r13);	/* get back r11 */		    \
375	mfspr	r5,scratch;		/* get back r13 */		    \
376	SAVE_GPR(12, r1);		/* save r12 in stackframe */	    \
377	LOAD_PACA_TOC();		/* get kernel TOC into r2 */	    \
378	mflr	r6;			/* save LR in stackframe */	    \
379	mfctr	r7;			/* save CTR in stackframe */	    \
380	mfspr	r8,SPRN_XER;		/* save XER in stackframe */	    \
381	ld	r9,excf+EX_R1(r13);	/* load orig r1 back from PACA */   \
382	lwz	r10,excf+EX_CR(r13);	/* load orig CR back from PACA	*/  \
383	lbz	r11,PACAIRQSOFTMASK(r13); /* get current IRQ softe */	    \
384	LOAD_REG_IMMEDIATE(r12, STACK_FRAME_REGS_MARKER);		    \
385	ZEROIZE_GPR(0);							    \
386	std	r3,GPR10(r1);		/* save r10 to stackframe */	    \
387	std	r4,GPR11(r1);		/* save r11 to stackframe */	    \
388	std	r5,GPR13(r1);		/* save it to stackframe */	    \
389	std	r6,_LINK(r1);						    \
390	std	r7,_CTR(r1);						    \
391	std	r8,_XER(r1);						    \
392	li	r3,(n);			/* regs.trap vector */		    \
393	std	r9,0(r1);		/* store stack frame back link */   \
394	std	r10,_CCR(r1);		/* store orig CR in stackframe */   \
395	std	r9,GPR1(r1);		/* store stack frame back link */   \
396	std	r11,SOFTE(r1);		/* and save it to stackframe */     \
397	std	r12,STACK_INT_FRAME_MARKER(r1); /* mark the frame */	    \
398	std	r3,_TRAP(r1);		/* set trap number		*/  \
399	std	r0,RESULT(r1);		/* clear regs->result */	    \
400	SAVE_NVGPRS(r1);						    \
401	SANITIZE_NVGPRS();		/* minimise speculation influence */
402
403#define EXCEPTION_COMMON(n) \
404	EXCEPTION_COMMON_LVL(n, SPRN_SPRG_GEN_SCRATCH, PACA_EXGEN)
405#define EXCEPTION_COMMON_CRIT(n) \
406	EXCEPTION_COMMON_LVL(n, SPRN_SPRG_CRIT_SCRATCH, PACA_EXCRIT)
407#define EXCEPTION_COMMON_MC(n) \
408	EXCEPTION_COMMON_LVL(n, SPRN_SPRG_MC_SCRATCH, PACA_EXMC)
409#define EXCEPTION_COMMON_DBG(n) \
410	EXCEPTION_COMMON_LVL(n, SPRN_SPRG_DBG_SCRATCH, PACA_EXDBG)
411
412/* XXX FIXME: Restore r14/r15 when necessary */
413#define BAD_STACK_TRAMPOLINE(n)						    \
414exc_##n##_bad_stack:							    \
415	li	r1,(n);			/* get exception number */	    \
416	sth	r1,PACA_TRAP_SAVE(r13);	/* store trap */		    \
417	b	bad_stack_book3e;	/* bad stack error */
418
419/* WARNING: If you change the layout of this stub, make sure you check
420	*   the debug exception handler which handles single stepping
421	*   into exceptions from userspace, and the MM code in
422	*   arch/powerpc/mm/tlb_nohash.c which patches the branch here
423	*   and would need to be updated if that branch is moved
424	*/
425#define	EXCEPTION_STUB(loc, label)					\
426	. = interrupt_base_book3e + loc;				\
427	nop;	/* To make debug interrupts happy */			\
428	b	exc_##label##_book3e;
429
430#define ACK_NONE(r)
431#define ACK_DEC(r)							\
432	lis	r,TSR_DIS@h;						\
433	mtspr	SPRN_TSR,r
434#define ACK_FIT(r)							\
435	lis	r,TSR_FIS@h;						\
436	mtspr	SPRN_TSR,r
437
438/* Used by asynchronous interrupt that may happen in the idle loop.
439 *
440 * This check if the thread was in the idle loop, and if yes, returns
441 * to the caller rather than the PC. This is to avoid a race if
442 * interrupts happen before the wait instruction.
443 */
444#define CHECK_NAPPING()							\
445	ld	r11, PACA_THREAD_INFO(r13);				\
446	ld	r10,TI_LOCAL_FLAGS(r11);				\
447	andi.	r9,r10,_TLF_NAPPING;					\
448	beq+	1f;							\
449	ld	r8,_LINK(r1);						\
450	rlwinm	r7,r10,0,~_TLF_NAPPING;					\
451	std	r8,_NIP(r1);						\
452	std	r7,TI_LOCAL_FLAGS(r11);					\
4531:
454
455
456#define MASKABLE_EXCEPTION(trapnum, intnum, label, hdlr, ack)		\
457	START_EXCEPTION(label);						\
458	NORMAL_EXCEPTION_PROLOG(trapnum, intnum, PROLOG_ADDITION_MASKABLE)\
459	EXCEPTION_COMMON(trapnum)					\
460	ack(r8);							\
461	CHECK_NAPPING();						\
462	addi	r3,r1,STACK_INT_FRAME_REGS;				\
463	bl	hdlr;							\
464	b	interrupt_return
465
466/*
467 * And here we have the exception vectors !
468 */
469
470	.text
471	.balign	0x1000
472	.globl interrupt_base_book3e
473interrupt_base_book3e:					/* fake trap */
474	EXCEPTION_STUB(0x000, machine_check)
475	EXCEPTION_STUB(0x020, critical_input)		/* 0x0100 */
476	EXCEPTION_STUB(0x040, debug_crit)		/* 0x0d00 */
477	EXCEPTION_STUB(0x060, data_storage)		/* 0x0300 */
478	EXCEPTION_STUB(0x080, instruction_storage)	/* 0x0400 */
479	EXCEPTION_STUB(0x0a0, external_input)		/* 0x0500 */
480	EXCEPTION_STUB(0x0c0, alignment)		/* 0x0600 */
481	EXCEPTION_STUB(0x0e0, program)			/* 0x0700 */
482	EXCEPTION_STUB(0x100, fp_unavailable)		/* 0x0800 */
483	EXCEPTION_STUB(0x120, system_call)		/* 0x0c00 */
484	EXCEPTION_STUB(0x140, ap_unavailable)		/* 0x0f20 */
485	EXCEPTION_STUB(0x160, decrementer)		/* 0x0900 */
486	EXCEPTION_STUB(0x180, fixed_interval)		/* 0x0980 */
487	EXCEPTION_STUB(0x1a0, watchdog)			/* 0x09f0 */
488	EXCEPTION_STUB(0x1c0, data_tlb_miss)
489	EXCEPTION_STUB(0x1e0, instruction_tlb_miss)
490	EXCEPTION_STUB(0x200, altivec_unavailable)
491	EXCEPTION_STUB(0x220, altivec_assist)
492	EXCEPTION_STUB(0x260, perfmon)
493	EXCEPTION_STUB(0x280, doorbell)
494	EXCEPTION_STUB(0x2a0, doorbell_crit)
495	EXCEPTION_STUB(0x2c0, guest_doorbell)
496	EXCEPTION_STUB(0x2e0, guest_doorbell_crit)
497	EXCEPTION_STUB(0x300, hypercall)
498	EXCEPTION_STUB(0x320, ehpriv)
499	EXCEPTION_STUB(0x340, lrat_error)
500
501	.globl __end_interrupts
502__end_interrupts:
503
504/* Critical Input Interrupt */
505	START_EXCEPTION(critical_input);
506	CRIT_EXCEPTION_PROLOG(0x100, BOOKE_INTERRUPT_CRITICAL,
507			      PROLOG_ADDITION_NONE)
508	EXCEPTION_COMMON_CRIT(0x100)
509	bl	special_reg_save
510	CHECK_NAPPING();
511	addi	r3,r1,STACK_INT_FRAME_REGS
512	bl	unknown_nmi_exception
513	b	ret_from_crit_except
514
515/* Machine Check Interrupt */
516	START_EXCEPTION(machine_check);
517	MC_EXCEPTION_PROLOG(0x000, BOOKE_INTERRUPT_MACHINE_CHECK,
518			    PROLOG_ADDITION_NONE)
519	EXCEPTION_COMMON_MC(0x000)
520	bl	special_reg_save
521	CHECK_NAPPING();
522	addi	r3,r1,STACK_INT_FRAME_REGS
523	bl	machine_check_exception
524	b	ret_from_mc_except
525
526/* Data Storage Interrupt */
527	START_EXCEPTION(data_storage)
528	NORMAL_EXCEPTION_PROLOG(0x300, BOOKE_INTERRUPT_DATA_STORAGE,
529				PROLOG_ADDITION_2REGS)
530	mfspr	r14,SPRN_DEAR
531	mfspr	r15,SPRN_ESR
532	std	r14,_DEAR(r1)
533	std	r15,_ESR(r1)
534	ld	r14,PACA_EXGEN+EX_R14(r13)
535	ld	r15,PACA_EXGEN+EX_R15(r13)
536	EXCEPTION_COMMON(0x300)
537	b	storage_fault_common
538
539/* Instruction Storage Interrupt */
540	START_EXCEPTION(instruction_storage);
541	NORMAL_EXCEPTION_PROLOG(0x400, BOOKE_INTERRUPT_INST_STORAGE,
542				PROLOG_ADDITION_2REGS)
543	li	r15,0
544	mr	r14,r10
545	std	r14,_DEAR(r1)
546	std	r15,_ESR(r1)
547	ld	r14,PACA_EXGEN+EX_R14(r13)
548	ld	r15,PACA_EXGEN+EX_R15(r13)
549	EXCEPTION_COMMON(0x400)
550	b	storage_fault_common
551
552/* External Input Interrupt */
553	MASKABLE_EXCEPTION(0x500, BOOKE_INTERRUPT_EXTERNAL,
554			   external_input, do_IRQ, ACK_NONE)
555
556/* Alignment */
557	START_EXCEPTION(alignment);
558	NORMAL_EXCEPTION_PROLOG(0x600, BOOKE_INTERRUPT_ALIGNMENT,
559				PROLOG_ADDITION_2REGS)
560	mfspr	r14,SPRN_DEAR
561	mfspr	r15,SPRN_ESR
562	std	r14,_DEAR(r1)
563	std	r15,_ESR(r1)
564	ld	r14,PACA_EXGEN+EX_R14(r13)
565	ld	r15,PACA_EXGEN+EX_R15(r13)
566	EXCEPTION_COMMON(0x600)
567	b	alignment_more	/* no room, go out of line */
568
569/* Program Interrupt */
570	START_EXCEPTION(program);
571	NORMAL_EXCEPTION_PROLOG(0x700, BOOKE_INTERRUPT_PROGRAM,
572				PROLOG_ADDITION_1REG)
573	mfspr	r14,SPRN_ESR
574	std	r14,_ESR(r1)
575	ld	r14,PACA_EXGEN+EX_R14(r13)
576	EXCEPTION_COMMON(0x700)
577	addi	r3,r1,STACK_INT_FRAME_REGS
578	bl	program_check_exception
579	REST_NVGPRS(r1)
580	b	interrupt_return
581
582/* Floating Point Unavailable Interrupt */
583	START_EXCEPTION(fp_unavailable);
584	NORMAL_EXCEPTION_PROLOG(0x800, BOOKE_INTERRUPT_FP_UNAVAIL,
585				PROLOG_ADDITION_NONE)
586	/* we can probably do a shorter exception entry for that one... */
587	EXCEPTION_COMMON(0x800)
588	ld	r12,_MSR(r1)
589	andi.	r0,r12,MSR_PR;
590	beq-	1f
591	bl	load_up_fpu
592	b	fast_interrupt_return
5931:	addi	r3,r1,STACK_INT_FRAME_REGS
594	bl	kernel_fp_unavailable_exception
595	b	interrupt_return
596
597/* Altivec Unavailable Interrupt */
598	START_EXCEPTION(altivec_unavailable);
599	NORMAL_EXCEPTION_PROLOG(0x200, BOOKE_INTERRUPT_ALTIVEC_UNAVAIL,
600				PROLOG_ADDITION_NONE)
601	/* we can probably do a shorter exception entry for that one... */
602	EXCEPTION_COMMON(0x200)
603#ifdef CONFIG_ALTIVEC
604BEGIN_FTR_SECTION
605	ld	r12,_MSR(r1)
606	andi.	r0,r12,MSR_PR;
607	beq-	1f
608	bl	load_up_altivec
609	b	fast_interrupt_return
6101:
611END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
612#endif
613	addi	r3,r1,STACK_INT_FRAME_REGS
614	bl	altivec_unavailable_exception
615	b	interrupt_return
616
617/* AltiVec Assist */
618	START_EXCEPTION(altivec_assist);
619	NORMAL_EXCEPTION_PROLOG(0x220,
620				BOOKE_INTERRUPT_ALTIVEC_ASSIST,
621				PROLOG_ADDITION_NONE)
622	EXCEPTION_COMMON(0x220)
623	addi	r3,r1,STACK_INT_FRAME_REGS
624#ifdef CONFIG_ALTIVEC
625BEGIN_FTR_SECTION
626	bl	altivec_assist_exception
627END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
628	REST_NVGPRS(r1)
629#else
630	bl	unknown_exception
631#endif
632	b	interrupt_return
633
634
635/* Decrementer Interrupt */
636	MASKABLE_EXCEPTION(0x900, BOOKE_INTERRUPT_DECREMENTER,
637			   decrementer, timer_interrupt, ACK_DEC)
638
639/* Fixed Interval Timer Interrupt */
640	MASKABLE_EXCEPTION(0x980, BOOKE_INTERRUPT_FIT,
641			   fixed_interval, unknown_exception, ACK_FIT)
642
643/* Watchdog Timer Interrupt */
644	START_EXCEPTION(watchdog);
645	CRIT_EXCEPTION_PROLOG(0x9f0, BOOKE_INTERRUPT_WATCHDOG,
646			      PROLOG_ADDITION_NONE)
647	EXCEPTION_COMMON_CRIT(0x9f0)
648	bl	special_reg_save
649	CHECK_NAPPING();
650	addi	r3,r1,STACK_INT_FRAME_REGS
651#ifdef CONFIG_BOOKE_WDT
652	bl	WatchdogException
653#else
654	bl	unknown_nmi_exception
655#endif
656	b	ret_from_crit_except
657
658/* System Call Interrupt */
659	START_EXCEPTION(system_call)
660	mr	r9,r13			/* keep a copy of userland r13 */
661	mfspr	r11,SPRN_SRR0		/* get return address */
662	mfspr	r12,SPRN_SRR1		/* get previous MSR */
663	mfspr	r13,SPRN_SPRG_PACA	/* get our PACA */
664	b	system_call_common
665
666/* Auxiliary Processor Unavailable Interrupt */
667	START_EXCEPTION(ap_unavailable);
668	NORMAL_EXCEPTION_PROLOG(0xf20, BOOKE_INTERRUPT_AP_UNAVAIL,
669				PROLOG_ADDITION_NONE)
670	EXCEPTION_COMMON(0xf20)
671	addi	r3,r1,STACK_INT_FRAME_REGS
672	bl	unknown_exception
673	b	interrupt_return
674
675/* Debug exception as a critical interrupt*/
676	START_EXCEPTION(debug_crit);
677	CRIT_EXCEPTION_PROLOG(0xd00, BOOKE_INTERRUPT_DEBUG,
678			      PROLOG_ADDITION_2REGS)
679
680	/*
681	 * If there is a single step or branch-taken exception in an
682	 * exception entry sequence, it was probably meant to apply to
683	 * the code where the exception occurred (since exception entry
684	 * doesn't turn off DE automatically).  We simulate the effect
685	 * of turning off DE on entry to an exception handler by turning
686	 * off DE in the CSRR1 value and clearing the debug status.
687	 */
688
689	mfspr	r14,SPRN_DBSR		/* check single-step/branch taken */
690	andis.	r15,r14,(DBSR_IC|DBSR_BT)@h
691	beq+	1f
692
693#ifdef CONFIG_RELOCATABLE
694	__LOAD_PACA_TOC(r15)
695	LOAD_REG_ADDR_ALTTOC(r14, r15, interrupt_base_book3e)
696	LOAD_REG_ADDR_ALTTOC(r15, r15, __end_interrupts)
697	cmpld	cr0,r10,r14
698	cmpld	cr1,r10,r15
699#else
700	LOAD_REG_IMMEDIATE_SYM(r14, r15, interrupt_base_book3e)
701	cmpld	cr0, r10, r14
702	LOAD_REG_IMMEDIATE_SYM(r14, r15, __end_interrupts)
703	cmpld	cr1, r10, r14
704#endif
705	blt+	cr0,1f
706	bge+	cr1,1f
707
708	/* here it looks like we got an inappropriate debug exception. */
709	lis	r14,(DBSR_IC|DBSR_BT)@h		/* clear the event */
710	rlwinm	r11,r11,0,~MSR_DE	/* clear DE in the CSRR1 value */
711	mtspr	SPRN_DBSR,r14
712	mtspr	SPRN_CSRR1,r11
713	lwz	r10,PACA_EXCRIT+EX_CR(r13)	/* restore registers */
714	ld	r1,PACA_EXCRIT+EX_R1(r13)
715	ld	r14,PACA_EXCRIT+EX_R14(r13)
716	ld	r15,PACA_EXCRIT+EX_R15(r13)
717	mtcr	r10
718	ld	r10,PACA_EXCRIT+EX_R10(r13)	/* restore registers */
719	ld	r11,PACA_EXCRIT+EX_R11(r13)
720	mfspr	r13,SPRN_SPRG_CRIT_SCRATCH
721	rfci
722
723	/* Normal debug exception */
724	/* XXX We only handle coming from userspace for now since we can't
725	 *     quite save properly an interrupted kernel state yet
726	 */
7271:	andi.	r14,r11,MSR_PR;		/* check for userspace again */
728	beq	kernel_dbg_exc;		/* if from kernel mode */
729
730	/* Now we mash up things to make it look like we are coming on a
731	 * normal exception
732	 */
733	mfspr	r14,SPRN_DBSR
734	std	r14,_DSISR(r1)
735	ld	r14,PACA_EXCRIT+EX_R14(r13)
736	ld	r15,PACA_EXCRIT+EX_R15(r13)
737	EXCEPTION_COMMON_CRIT(0xd00)
738	addi	r3,r1,STACK_INT_FRAME_REGS
739	bl	DebugException
740	REST_NVGPRS(r1)
741	b	interrupt_return
742
743kernel_dbg_exc:
744	b	.	/* NYI */
745
746/* Debug exception as a debug interrupt*/
747	START_EXCEPTION(debug_debug);
748	DBG_EXCEPTION_PROLOG(0xd00, BOOKE_INTERRUPT_DEBUG,
749						 PROLOG_ADDITION_2REGS)
750
751	/*
752	 * If there is a single step or branch-taken exception in an
753	 * exception entry sequence, it was probably meant to apply to
754	 * the code where the exception occurred (since exception entry
755	 * doesn't turn off DE automatically).  We simulate the effect
756	 * of turning off DE on entry to an exception handler by turning
757	 * off DE in the DSRR1 value and clearing the debug status.
758	 */
759
760	mfspr	r14,SPRN_DBSR		/* check single-step/branch taken */
761	andis.	r15,r14,(DBSR_IC|DBSR_BT)@h
762	beq+	1f
763
764#ifdef CONFIG_RELOCATABLE
765	__LOAD_PACA_TOC(r15)
766	LOAD_REG_ADDR_ALTTOC(r14, r15, interrupt_base_book3e)
767	LOAD_REG_ADDR_ALTTOC(r15, r15, __end_interrupts)
768	cmpld	cr0,r10,r14
769	cmpld	cr1,r10,r15
770#else
771	LOAD_REG_IMMEDIATE_SYM(r14, r15, interrupt_base_book3e)
772	cmpld	cr0, r10, r14
773	LOAD_REG_IMMEDIATE_SYM(r14, r15,__end_interrupts)
774	cmpld	cr1, r10, r14
775#endif
776	blt+	cr0,1f
777	bge+	cr1,1f
778
779	/* here it looks like we got an inappropriate debug exception. */
780	lis	r14,(DBSR_IC|DBSR_BT)@h		/* clear the event */
781	rlwinm	r11,r11,0,~MSR_DE	/* clear DE in the DSRR1 value */
782	mtspr	SPRN_DBSR,r14
783	mtspr	SPRN_DSRR1,r11
784	lwz	r10,PACA_EXDBG+EX_CR(r13)	/* restore registers */
785	ld	r1,PACA_EXDBG+EX_R1(r13)
786	ld	r14,PACA_EXDBG+EX_R14(r13)
787	ld	r15,PACA_EXDBG+EX_R15(r13)
788	mtcr	r10
789	ld	r10,PACA_EXDBG+EX_R10(r13)	/* restore registers */
790	ld	r11,PACA_EXDBG+EX_R11(r13)
791	mfspr	r13,SPRN_SPRG_DBG_SCRATCH
792	rfdi
793
794	/* Normal debug exception */
795	/* XXX We only handle coming from userspace for now since we can't
796	 *     quite save properly an interrupted kernel state yet
797	 */
7981:	andi.	r14,r11,MSR_PR;		/* check for userspace again */
799	beq	kernel_dbg_exc;		/* if from kernel mode */
800
801	/* Now we mash up things to make it look like we are coming on a
802	 * normal exception
803	 */
804	mfspr	r14,SPRN_DBSR
805	std	r14,_DSISR(r1)
806	ld	r14,PACA_EXDBG+EX_R14(r13)
807	ld	r15,PACA_EXDBG+EX_R15(r13)
808	EXCEPTION_COMMON_DBG(0xd08)
809	addi	r3,r1,STACK_INT_FRAME_REGS
810	bl	DebugException
811	REST_NVGPRS(r1)
812	b	interrupt_return
813
814	START_EXCEPTION(perfmon);
815	NORMAL_EXCEPTION_PROLOG(0x260, BOOKE_INTERRUPT_PERFORMANCE_MONITOR,
816				PROLOG_ADDITION_NONE)
817	EXCEPTION_COMMON(0x260)
818	CHECK_NAPPING()
819	addi	r3,r1,STACK_INT_FRAME_REGS
820	/*
821	 * XXX: Returning from performance_monitor_exception taken as a
822	 * soft-NMI (Linux irqs disabled) may be risky to use interrupt_return
823	 * and could cause bugs in return or elsewhere. That case should just
824	 * restore registers and return. There is a workaround for one known
825	 * problem in interrupt_exit_kernel_prepare().
826	 */
827	bl	performance_monitor_exception
828	b	interrupt_return
829
830/* Doorbell interrupt */
831	MASKABLE_EXCEPTION(0x280, BOOKE_INTERRUPT_DOORBELL,
832			   doorbell, doorbell_exception, ACK_NONE)
833
834/* Doorbell critical Interrupt */
835	START_EXCEPTION(doorbell_crit);
836	CRIT_EXCEPTION_PROLOG(0x2a0, BOOKE_INTERRUPT_DOORBELL_CRITICAL,
837			      PROLOG_ADDITION_NONE)
838	EXCEPTION_COMMON_CRIT(0x2a0)
839	bl	special_reg_save
840	CHECK_NAPPING();
841	addi	r3,r1,STACK_INT_FRAME_REGS
842	bl	unknown_nmi_exception
843	b	ret_from_crit_except
844
845/*
846 *	Guest doorbell interrupt
847 *	This general exception use GSRRx save/restore registers
848 */
849	START_EXCEPTION(guest_doorbell);
850	GDBELL_EXCEPTION_PROLOG(0x2c0, BOOKE_INTERRUPT_GUEST_DBELL,
851			        PROLOG_ADDITION_NONE)
852	EXCEPTION_COMMON(0x2c0)
853	addi	r3,r1,STACK_INT_FRAME_REGS
854	bl	unknown_exception
855	b	interrupt_return
856
857/* Guest Doorbell critical Interrupt */
858	START_EXCEPTION(guest_doorbell_crit);
859	CRIT_EXCEPTION_PROLOG(0x2e0, BOOKE_INTERRUPT_GUEST_DBELL_CRIT,
860			      PROLOG_ADDITION_NONE)
861	EXCEPTION_COMMON_CRIT(0x2e0)
862	bl	special_reg_save
863	CHECK_NAPPING();
864	addi	r3,r1,STACK_INT_FRAME_REGS
865	bl	unknown_nmi_exception
866	b	ret_from_crit_except
867
868/* Hypervisor call */
869	START_EXCEPTION(hypercall);
870	NORMAL_EXCEPTION_PROLOG(0x310, BOOKE_INTERRUPT_HV_SYSCALL,
871			        PROLOG_ADDITION_NONE)
872	EXCEPTION_COMMON(0x310)
873	addi	r3,r1,STACK_INT_FRAME_REGS
874	bl	unknown_exception
875	b	interrupt_return
876
877/* Embedded Hypervisor priviledged  */
878	START_EXCEPTION(ehpriv);
879	NORMAL_EXCEPTION_PROLOG(0x320, BOOKE_INTERRUPT_HV_PRIV,
880			        PROLOG_ADDITION_NONE)
881	EXCEPTION_COMMON(0x320)
882	addi	r3,r1,STACK_INT_FRAME_REGS
883	bl	unknown_exception
884	b	interrupt_return
885
886/* LRAT Error interrupt */
887	START_EXCEPTION(lrat_error);
888	NORMAL_EXCEPTION_PROLOG(0x340, BOOKE_INTERRUPT_LRAT_ERROR,
889			        PROLOG_ADDITION_NONE)
890	EXCEPTION_COMMON(0x340)
891	addi	r3,r1,STACK_INT_FRAME_REGS
892	bl	unknown_exception
893	b	interrupt_return
894
895.macro SEARCH_RESTART_TABLE
896#ifdef CONFIG_RELOCATABLE
897	__LOAD_PACA_TOC(r11)
898	LOAD_REG_ADDR_ALTTOC(r14, r11, __start___restart_table)
899	LOAD_REG_ADDR_ALTTOC(r15, r11, __stop___restart_table)
900#else
901	LOAD_REG_IMMEDIATE_SYM(r14, r11, __start___restart_table)
902	LOAD_REG_IMMEDIATE_SYM(r15, r11, __stop___restart_table)
903#endif
904300:
905	cmpd	r14,r15
906	beq	302f
907	ld	r11,0(r14)
908	cmpld	r10,r11
909	blt	301f
910	ld	r11,8(r14)
911	cmpld	r10,r11
912	bge	301f
913	ld	r11,16(r14)
914	b	303f
915301:
916	addi	r14,r14,24
917	b	300b
918302:
919	li	r11,0
920303:
921.endm
922
923/*
924 * An interrupt came in while soft-disabled; We mark paca->irq_happened
925 * accordingly and if the interrupt is level sensitive, we hard disable
926 * hard disable (full_mask) corresponds to PACA_IRQ_MUST_HARD_MASK, so
927 * keep these in synch.
928 */
929
930.macro masked_interrupt_book3e paca_irq full_mask
931	std	r14,PACA_EXGEN+EX_R14(r13)
932	std	r15,PACA_EXGEN+EX_R15(r13)
933
934	lbz	r10,PACAIRQHAPPENED(r13)
935	.if \full_mask == 1
936	ori	r10,r10,\paca_irq | PACA_IRQ_HARD_DIS
937	.else
938	ori	r10,r10,\paca_irq
939	.endif
940	stb	r10,PACAIRQHAPPENED(r13)
941
942	.if \full_mask == 1
943	xori	r11,r11,MSR_EE		/* clear MSR_EE */
944	mtspr	SPRN_SRR1,r11
945	.endif
946
947	mfspr	r10,SPRN_SRR0
948	SEARCH_RESTART_TABLE
949	cmpdi	r11,0
950	beq	1f
951	mtspr	SPRN_SRR0,r11		/* return to restart address */
9521:
953
954	lwz	r11,PACA_EXGEN+EX_CR(r13)
955	mtcr	r11
956	ld	r10,PACA_EXGEN+EX_R10(r13)
957	ld	r11,PACA_EXGEN+EX_R11(r13)
958	ld	r14,PACA_EXGEN+EX_R14(r13)
959	ld	r15,PACA_EXGEN+EX_R15(r13)
960	mfspr	r13,SPRN_SPRG_GEN_SCRATCH
961	rfi
962	b	.
963.endm
964
965masked_interrupt_book3e_0x500:
966	masked_interrupt_book3e PACA_IRQ_EE 1
967
968masked_interrupt_book3e_0x900:
969	ACK_DEC(r10);
970	masked_interrupt_book3e PACA_IRQ_DEC 0
971
972masked_interrupt_book3e_0x980:
973	ACK_FIT(r10);
974	masked_interrupt_book3e PACA_IRQ_DEC 0
975
976masked_interrupt_book3e_0x280:
977masked_interrupt_book3e_0x2c0:
978	masked_interrupt_book3e PACA_IRQ_DBELL 0
979
980/*
981 * This is called from 0x300 and 0x400 handlers after the prologs with
982 * r14 and r15 containing the fault address and error code, with the
983 * original values stashed away in the PACA
984 */
985SYM_CODE_START_LOCAL(storage_fault_common)
986	addi	r3,r1,STACK_INT_FRAME_REGS
987	bl	do_page_fault
988	b	interrupt_return
989SYM_CODE_END(storage_fault_common)
990
991/*
992 * Alignment exception doesn't fit entirely in the 0x100 bytes so it
993 * continues here.
994 */
995SYM_CODE_START_LOCAL(alignment_more)
996	addi	r3,r1,STACK_INT_FRAME_REGS
997	bl	alignment_exception
998	REST_NVGPRS(r1)
999	b	interrupt_return
1000SYM_CODE_END(alignment_more)
1001
1002/*
1003 * Trampolines used when spotting a bad kernel stack pointer in
1004 * the exception entry code.
1005 *
1006 * TODO: move some bits like SRR0 read to trampoline, pass PACA
1007 * index around, etc... to handle crit & mcheck
1008 */
1009BAD_STACK_TRAMPOLINE(0x000)
1010BAD_STACK_TRAMPOLINE(0x100)
1011BAD_STACK_TRAMPOLINE(0x200)
1012BAD_STACK_TRAMPOLINE(0x220)
1013BAD_STACK_TRAMPOLINE(0x260)
1014BAD_STACK_TRAMPOLINE(0x280)
1015BAD_STACK_TRAMPOLINE(0x2a0)
1016BAD_STACK_TRAMPOLINE(0x2c0)
1017BAD_STACK_TRAMPOLINE(0x2e0)
1018BAD_STACK_TRAMPOLINE(0x300)
1019BAD_STACK_TRAMPOLINE(0x310)
1020BAD_STACK_TRAMPOLINE(0x320)
1021BAD_STACK_TRAMPOLINE(0x340)
1022BAD_STACK_TRAMPOLINE(0x400)
1023BAD_STACK_TRAMPOLINE(0x500)
1024BAD_STACK_TRAMPOLINE(0x600)
1025BAD_STACK_TRAMPOLINE(0x700)
1026BAD_STACK_TRAMPOLINE(0x800)
1027BAD_STACK_TRAMPOLINE(0x900)
1028BAD_STACK_TRAMPOLINE(0x980)
1029BAD_STACK_TRAMPOLINE(0x9f0)
1030BAD_STACK_TRAMPOLINE(0xa00)
1031BAD_STACK_TRAMPOLINE(0xb00)
1032BAD_STACK_TRAMPOLINE(0xc00)
1033BAD_STACK_TRAMPOLINE(0xd00)
1034BAD_STACK_TRAMPOLINE(0xd08)
1035BAD_STACK_TRAMPOLINE(0xe00)
1036BAD_STACK_TRAMPOLINE(0xf00)
1037BAD_STACK_TRAMPOLINE(0xf20)
1038
1039_GLOBAL(bad_stack_book3e)
1040	/* XXX: Needs to make SPRN_SPRG_GEN depend on exception type */
1041	mfspr	r10,SPRN_SRR0;		  /* read SRR0 before touching stack */
1042	ld	r1,PACAEMERGSP(r13)
1043	subi	r1,r1,64+INT_FRAME_SIZE
1044	std	r10,_NIP(r1)
1045	std	r11,_MSR(r1)
1046	ld	r10,PACA_EXGEN+EX_R1(r13) /* FIXME for crit & mcheck */
1047	lwz	r11,PACA_EXGEN+EX_CR(r13) /* FIXME for crit & mcheck */
1048	std	r10,GPR1(r1)
1049	std	r11,_CCR(r1)
1050	mfspr	r10,SPRN_DEAR
1051	mfspr	r11,SPRN_ESR
1052	std	r10,_DEAR(r1)
1053	std	r11,_ESR(r1)
1054	SAVE_GPR(0, r1);		/* save r0 in stackframe */	    \
1055	SAVE_GPRS(2, 9, r1);		/* save r2 - r9 in stackframe */    \
1056	ld	r3,PACA_EXGEN+EX_R10(r13);/* get back r10 */		    \
1057	ld	r4,PACA_EXGEN+EX_R11(r13);/* get back r11 */		    \
1058	mfspr	r5,SPRN_SPRG_GEN_SCRATCH;/* get back r13 XXX can be wrong */ \
1059	std	r3,GPR10(r1);		/* save r10 to stackframe */	    \
1060	std	r4,GPR11(r1);		/* save r11 to stackframe */	    \
1061	SAVE_GPR(12, r1);		/* save r12 in stackframe */	    \
1062	std	r5,GPR13(r1);		/* save it to stackframe */	    \
1063	mflr	r10
1064	mfctr	r11
1065	mfxer	r12
1066	std	r10,_LINK(r1)
1067	std	r11,_CTR(r1)
1068	std	r12,_XER(r1)
1069	SAVE_NVGPRS(r1)
1070	lhz	r12,PACA_TRAP_SAVE(r13)
1071	std	r12,_TRAP(r1)
1072	addi	r11,r1,INT_FRAME_SIZE
1073	std	r11,0(r1)
1074	ZEROIZE_GPR(12)
1075	std	r12,0(r11)
1076	LOAD_PACA_TOC()
10771:	addi	r3,r1,STACK_INT_FRAME_REGS
1078	bl	kernel_bad_stack
1079	b	1b
1080
1081/*
1082 * Setup the initial TLB for a core. This current implementation
1083 * assume that whatever we are running off will not conflict with
1084 * the new mapping at PAGE_OFFSET.
1085 */
1086_GLOBAL(initial_tlb_book3e)
1087
1088	/* Look for the first TLB with IPROT set */
1089	mfspr	r4,SPRN_TLB0CFG
1090	andi.	r3,r4,TLBnCFG_IPROT
1091	lis	r3,MAS0_TLBSEL(0)@h
1092	bne	found_iprot
1093
1094	mfspr	r4,SPRN_TLB1CFG
1095	andi.	r3,r4,TLBnCFG_IPROT
1096	lis	r3,MAS0_TLBSEL(1)@h
1097	bne	found_iprot
1098
1099	mfspr	r4,SPRN_TLB2CFG
1100	andi.	r3,r4,TLBnCFG_IPROT
1101	lis	r3,MAS0_TLBSEL(2)@h
1102	bne	found_iprot
1103
1104	lis	r3,MAS0_TLBSEL(3)@h
1105	mfspr	r4,SPRN_TLB3CFG
1106	/* fall through */
1107
1108found_iprot:
1109	andi.	r5,r4,TLBnCFG_HES
1110	bne	have_hes
1111
1112	mflr	r8				/* save LR */
1113/* 1. Find the index of the entry we're executing in
1114 *
1115 * r3 = MAS0_TLBSEL (for the iprot array)
1116 * r4 = SPRN_TLBnCFG
1117 */
1118	bcl	20,31,$+4			/* Find our address */
1119invstr:	mflr	r6				/* Make it accessible */
1120	mfmsr	r7
1121	rlwinm	r5,r7,27,31,31			/* extract MSR[IS] */
1122	mfspr	r7,SPRN_PID
1123	slwi	r7,r7,16
1124	or	r7,r7,r5
1125	mtspr	SPRN_MAS6,r7
1126	tlbsx	0,r6				/* search MSR[IS], SPID=PID */
1127
1128	mfspr	r3,SPRN_MAS0
1129	rlwinm	r5,r3,16,20,31			/* Extract MAS0(Entry) */
1130
1131	mfspr	r7,SPRN_MAS1			/* Insure IPROT set */
1132	oris	r7,r7,MAS1_IPROT@h
1133	mtspr	SPRN_MAS1,r7
1134	tlbwe
1135
1136/* 2. Invalidate all entries except the entry we're executing in
1137 *
1138 * r3 = MAS0 w/TLBSEL & ESEL for the entry we are running in
1139 * r4 = SPRN_TLBnCFG
1140 * r5 = ESEL of entry we are running in
1141 */
1142	andi.	r4,r4,TLBnCFG_N_ENTRY		/* Extract # entries */
1143	li	r6,0				/* Set Entry counter to 0 */
11441:	mr	r7,r3				/* Set MAS0(TLBSEL) */
1145	rlwimi	r7,r6,16,4,15			/* Setup MAS0 = TLBSEL | ESEL(r6) */
1146	mtspr	SPRN_MAS0,r7
1147	tlbre
1148	mfspr	r7,SPRN_MAS1
1149	rlwinm	r7,r7,0,2,31			/* Clear MAS1 Valid and IPROT */
1150	cmpw	r5,r6
1151	beq	skpinv				/* Dont update the current execution TLB */
1152	mtspr	SPRN_MAS1,r7
1153	tlbwe
1154	isync
1155skpinv:	addi	r6,r6,1				/* Increment */
1156	cmpw	r6,r4				/* Are we done? */
1157	bne	1b				/* If not, repeat */
1158
1159	/* Invalidate all TLBs */
1160	PPC_TLBILX_ALL(0,R0)
1161	sync
1162	isync
1163
1164/* 3. Setup a temp mapping and jump to it
1165 *
1166 * r3 = MAS0 w/TLBSEL & ESEL for the entry we are running in
1167 * r5 = ESEL of entry we are running in
1168 */
1169	andi.	r7,r5,0x1	/* Find an entry not used and is non-zero */
1170	addi	r7,r7,0x1
1171	mr	r4,r3		/* Set MAS0(TLBSEL) = 1 */
1172	mtspr	SPRN_MAS0,r4
1173	tlbre
1174
1175	rlwimi	r4,r7,16,4,15	/* Setup MAS0 = TLBSEL | ESEL(r7) */
1176	mtspr	SPRN_MAS0,r4
1177
1178	mfspr	r7,SPRN_MAS1
1179	xori	r6,r7,MAS1_TS		/* Setup TMP mapping in the other Address space */
1180	mtspr	SPRN_MAS1,r6
1181
1182	tlbwe
1183
1184	mfmsr	r6
1185	xori	r6,r6,MSR_IS
1186	mtspr	SPRN_SRR1,r6
1187	bcl	20,31,$+4	/* Find our address */
11881:	mflr	r6
1189	addi	r6,r6,(2f - 1b)
1190	mtspr	SPRN_SRR0,r6
1191	rfi
11922:
1193
1194/* 4. Clear out PIDs & Search info
1195 *
1196 * r3 = MAS0 w/TLBSEL & ESEL for the entry we started in
1197 * r4 = MAS0 w/TLBSEL & ESEL for the temp mapping
1198 * r5 = MAS3
1199 */
1200	li	r6,0
1201	mtspr   SPRN_MAS6,r6
1202	mtspr	SPRN_PID,r6
1203
1204/* 5. Invalidate mapping we started in
1205 *
1206 * r3 = MAS0 w/TLBSEL & ESEL for the entry we started in
1207 * r4 = MAS0 w/TLBSEL & ESEL for the temp mapping
1208 * r5 = MAS3
1209 */
1210	mtspr	SPRN_MAS0,r3
1211	tlbre
1212	mfspr	r6,SPRN_MAS1
1213	rlwinm	r6,r6,0,2,31	/* clear IPROT and VALID */
1214	mtspr	SPRN_MAS1,r6
1215	tlbwe
1216	sync
1217	isync
1218
1219/* 6. Setup KERNELBASE mapping in TLB[0]
1220 *
1221 * r3 = MAS0 w/TLBSEL & ESEL for the entry we started in
1222 * r4 = MAS0 w/TLBSEL & ESEL for the temp mapping
1223 * r5 = MAS3
1224 */
1225	rlwinm	r3,r3,0,16,3	/* clear ESEL */
1226	mtspr	SPRN_MAS0,r3
1227	lis	r6,(MAS1_VALID|MAS1_IPROT)@h
1228	ori	r6,r6,(MAS1_TSIZE(BOOK3E_PAGESZ_1GB))@l
1229	mtspr	SPRN_MAS1,r6
1230
1231	LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET | MAS2_M_IF_NEEDED)
1232	mtspr	SPRN_MAS2,r6
1233
1234	rlwinm	r5,r5,0,0,25
1235	ori	r5,r5,MAS3_SR | MAS3_SW | MAS3_SX
1236	mtspr	SPRN_MAS3,r5
1237	li	r5,-1
1238	rlwinm	r5,r5,0,0,25
1239
1240	tlbwe
1241
1242/* 7. Jump to KERNELBASE mapping
1243 *
1244 * r4 = MAS0 w/TLBSEL & ESEL for the temp mapping
1245 */
1246	/* Now we branch the new virtual address mapped by this entry */
1247	bcl	20,31,$+4	/* Find our address */
12481:	mflr	r6
1249	addi	r6,r6,(2f - 1b)
1250	tovirt(r6,r6)
1251	lis	r7,MSR_KERNEL@h
1252	ori	r7,r7,MSR_KERNEL@l
1253	mtspr	SPRN_SRR0,r6
1254	mtspr	SPRN_SRR1,r7
1255	rfi				/* start execution out of TLB1[0] entry */
12562:
1257
1258/* 8. Clear out the temp mapping
1259 *
1260 * r4 = MAS0 w/TLBSEL & ESEL for the entry we are running in
1261 */
1262	mtspr	SPRN_MAS0,r4
1263	tlbre
1264	mfspr	r5,SPRN_MAS1
1265	rlwinm	r5,r5,0,2,31	/* clear IPROT and VALID */
1266	mtspr	SPRN_MAS1,r5
1267	tlbwe
1268	sync
1269	isync
1270
1271	/* We translate LR and return */
1272	tovirt(r8,r8)
1273	mtlr	r8
1274	blr
1275
1276have_hes:
1277	/* Setup MAS 0,1,2,3 and 7 for tlbwe of a 1G entry that maps the
1278	 * kernel linear mapping. We also set MAS8 once for all here though
1279	 * that will have to be made dependent on whether we are running under
1280	 * a hypervisor I suppose.
1281	 */
1282
1283	/* BEWARE, MAGIC
1284	 * This code is called as an ordinary function on the boot CPU. But to
1285	 * avoid duplication, this code is also used in SCOM bringup of
1286	 * secondary CPUs. We read the code between the initial_tlb_code_start
1287	 * and initial_tlb_code_end labels one instruction at a time and RAM it
1288	 * into the new core via SCOM. That doesn't process branches, so there
1289	 * must be none between those two labels. It also means if this code
1290	 * ever takes any parameters, the SCOM code must also be updated to
1291	 * provide them.
1292	 */
1293_GLOBAL(a2_tlbinit_code_start)
1294
1295	ori	r11,r3,MAS0_WQ_ALLWAYS
1296	oris	r11,r11,MAS0_ESEL(3)@h /* Use way 3: workaround A2 erratum 376 */
1297	mtspr	SPRN_MAS0,r11
1298	lis	r3,(MAS1_VALID | MAS1_IPROT)@h
1299	ori	r3,r3,BOOK3E_PAGESZ_1GB << MAS1_TSIZE_SHIFT
1300	mtspr	SPRN_MAS1,r3
1301	LOAD_REG_IMMEDIATE(r3, PAGE_OFFSET | MAS2_M)
1302	mtspr	SPRN_MAS2,r3
1303	li	r3,MAS3_SR | MAS3_SW | MAS3_SX
1304	mtspr	SPRN_MAS7_MAS3,r3
1305	li	r3,0
1306	mtspr	SPRN_MAS8,r3
1307
1308	/* Write the TLB entry */
1309	tlbwe
1310
1311	.globl a2_tlbinit_after_linear_map
1312a2_tlbinit_after_linear_map:
1313
1314	/* Now we branch the new virtual address mapped by this entry */
1315#ifdef CONFIG_RELOCATABLE
1316	__LOAD_PACA_TOC(r5)
1317	LOAD_REG_ADDR_ALTTOC(r3, r5, 1f)
1318#else
1319	LOAD_REG_IMMEDIATE_SYM(r3, r5, 1f)
1320#endif
1321	mtctr	r3
1322	bctr
1323
13241:	/* We are now running at PAGE_OFFSET, clean the TLB of everything
1325	 * else (including IPROTed things left by firmware)
1326	 * r4 = TLBnCFG
1327	 * r3 = current address (more or less)
1328	 */
1329
1330	li	r5,0
1331	mtspr	SPRN_MAS6,r5
1332	tlbsx	0,r3
1333
1334	rlwinm	r9,r4,0,TLBnCFG_N_ENTRY
1335	rlwinm	r10,r4,8,0xff
1336	addi	r10,r10,-1	/* Get inner loop mask */
1337
1338	li	r3,1
1339
1340	mfspr	r5,SPRN_MAS1
1341	rlwinm	r5,r5,0,(~(MAS1_VALID|MAS1_IPROT))
1342
1343	mfspr	r6,SPRN_MAS2
1344	rldicr	r6,r6,0,51		/* Extract EPN */
1345
1346	mfspr	r7,SPRN_MAS0
1347	rlwinm	r7,r7,0,0xffff0fff	/* Clear HES and WQ */
1348
1349	rlwinm	r8,r7,16,0xfff		/* Extract ESEL */
1350
13512:	add	r4,r3,r8
1352	and	r4,r4,r10
1353
1354	rlwimi	r7,r4,16,MAS0_ESEL_MASK
1355
1356	mtspr	SPRN_MAS0,r7
1357	mtspr	SPRN_MAS1,r5
1358	mtspr	SPRN_MAS2,r6
1359	tlbwe
1360
1361	addi	r3,r3,1
1362	and.	r4,r3,r10
1363
1364	bne	3f
1365	addis	r6,r6,(1<<30)@h
13663:
1367	cmpw	r3,r9
1368	blt	2b
1369
1370	.globl  a2_tlbinit_after_iprot_flush
1371a2_tlbinit_after_iprot_flush:
1372
1373	PPC_TLBILX(0,0,R0)
1374	sync
1375	isync
1376
1377	.globl a2_tlbinit_code_end
1378a2_tlbinit_code_end:
1379
1380	/* We translate LR and return */
1381	mflr	r3
1382	tovirt(r3,r3)
1383	mtlr	r3
1384	blr
1385
1386/*
1387 * Main entry (boot CPU, thread 0)
1388 *
1389 * We enter here from head_64.S, possibly after the prom_init trampoline
1390 * with r3 and r4 already saved to r31 and 30 respectively and in 64 bits
1391 * mode. Anything else is as it was left by the bootloader
1392 *
1393 * Initial requirements of this port:
1394 *
1395 * - Kernel loaded at 0 physical
1396 * - A good lump of memory mapped 0:0 by UTLB entry 0
1397 * - MSR:IS & MSR:DS set to 0
1398 *
1399 * Note that some of the above requirements will be relaxed in the future
1400 * as the kernel becomes smarter at dealing with different initial conditions
1401 * but for now you have to be careful
1402 */
1403_GLOBAL(start_initialization_book3e)
1404	mflr	r28
1405
1406	/* First, we need to setup some initial TLBs to map the kernel
1407	 * text, data and bss at PAGE_OFFSET. We don't have a real mode
1408	 * and always use AS 0, so we just set it up to match our link
1409	 * address and never use 0 based addresses.
1410	 */
1411	bl	initial_tlb_book3e
1412
1413	/* Init global core bits */
1414	bl	init_core_book3e
1415
1416	/* Init per-thread bits */
1417	bl	init_thread_book3e
1418
1419	/* Return to common init code */
1420	tovirt(r28,r28)
1421	mtlr	r28
1422	blr
1423
1424
1425/*
1426 * Secondary core/processor entry
1427 *
1428 * This is entered for thread 0 of a secondary core, all other threads
1429 * are expected to be stopped. It's similar to start_initialization_book3e
1430 * except that it's generally entered from the holding loop in head_64.S
1431 * after CPUs have been gathered by Open Firmware.
1432 *
1433 * We assume we are in 32 bits mode running with whatever TLB entry was
1434 * set for us by the firmware or POR engine.
1435 */
1436_GLOBAL(book3e_secondary_core_init_tlb_set)
1437	li	r4,1
1438	b	generic_secondary_smp_init
1439
1440_GLOBAL(book3e_secondary_core_init)
1441	mflr	r28
1442
1443	/* Do we need to setup initial TLB entry ? */
1444	cmplwi	r4,0
1445	bne	2f
1446
1447	/* Setup TLB for this core */
1448	bl	initial_tlb_book3e
1449
1450	/* We can return from the above running at a different
1451	 * address, so recalculate r2 (TOC)
1452	 */
1453	bl	relative_toc
1454
1455	/* Init global core bits */
14562:	bl	init_core_book3e
1457
1458	/* Init per-thread bits */
14593:	bl	init_thread_book3e
1460
1461	/* Return to common init code at proper virtual address.
1462	 *
1463	 * Due to various previous assumptions, we know we entered this
1464	 * function at either the final PAGE_OFFSET mapping or using a
1465	 * 1:1 mapping at 0, so we don't bother doing a complicated check
1466	 * here, we just ensure the return address has the right top bits.
1467	 *
1468	 * Note that if we ever want to be smarter about where we can be
1469	 * started from, we have to be careful that by the time we reach
1470	 * the code below we may already be running at a different location
1471	 * than the one we were called from since initial_tlb_book3e can
1472	 * have moved us already.
1473	 */
1474	cmpdi	cr0,r28,0
1475	blt	1f
1476	lis	r3,PAGE_OFFSET@highest
1477	sldi	r3,r3,32
1478	or	r28,r28,r3
14791:	mtlr	r28
1480	blr
1481
1482_GLOBAL(book3e_secondary_thread_init)
1483	mflr	r28
1484	b	3b
1485
1486_GLOBAL(init_core_book3e)
1487	/* Establish the interrupt vector base */
1488	tovirt(r2,r2)
1489	LOAD_REG_ADDR(r3, interrupt_base_book3e)
1490	mtspr	SPRN_IVPR,r3
1491	sync
1492	blr
1493
1494SYM_CODE_START_LOCAL(init_thread_book3e)
1495	lis	r3,(SPRN_EPCR_ICM | SPRN_EPCR_GICM)@h
1496	mtspr	SPRN_EPCR,r3
1497
1498	/* Make sure interrupts are off */
1499	wrteei	0
1500
1501	/* disable all timers and clear out status */
1502	li	r3,0
1503	mtspr	SPRN_TCR,r3
1504	mfspr	r3,SPRN_TSR
1505	mtspr	SPRN_TSR,r3
1506
1507	blr
1508SYM_CODE_END(init_thread_book3e)
1509
1510_GLOBAL(__setup_base_ivors)
1511	SET_IVOR(0, 0x020) /* Critical Input */
1512	SET_IVOR(1, 0x000) /* Machine Check */
1513	SET_IVOR(2, 0x060) /* Data Storage */
1514	SET_IVOR(3, 0x080) /* Instruction Storage */
1515	SET_IVOR(4, 0x0a0) /* External Input */
1516	SET_IVOR(5, 0x0c0) /* Alignment */
1517	SET_IVOR(6, 0x0e0) /* Program */
1518	SET_IVOR(7, 0x100) /* FP Unavailable */
1519	SET_IVOR(8, 0x120) /* System Call */
1520	SET_IVOR(9, 0x140) /* Auxiliary Processor Unavailable */
1521	SET_IVOR(10, 0x160) /* Decrementer */
1522	SET_IVOR(11, 0x180) /* Fixed Interval Timer */
1523	SET_IVOR(12, 0x1a0) /* Watchdog Timer */
1524	SET_IVOR(13, 0x1c0) /* Data TLB Error */
1525	SET_IVOR(14, 0x1e0) /* Instruction TLB Error */
1526	SET_IVOR(15, 0x040) /* Debug */
1527
1528	sync
1529
1530	blr
1531
1532_GLOBAL(setup_altivec_ivors)
1533	SET_IVOR(32, 0x200) /* AltiVec Unavailable */
1534	SET_IVOR(33, 0x220) /* AltiVec Assist */
1535	blr
1536
1537_GLOBAL(setup_perfmon_ivor)
1538	SET_IVOR(35, 0x260) /* Performance Monitor */
1539	blr
1540
1541_GLOBAL(setup_doorbell_ivors)
1542	SET_IVOR(36, 0x280) /* Processor Doorbell */
1543	SET_IVOR(37, 0x2a0) /* Processor Doorbell Crit */
1544	blr
1545
1546_GLOBAL(setup_ehv_ivors)
1547	SET_IVOR(40, 0x300) /* Embedded Hypervisor System Call */
1548	SET_IVOR(41, 0x320) /* Embedded Hypervisor Privilege */
1549	SET_IVOR(38, 0x2c0) /* Guest Processor Doorbell */
1550	SET_IVOR(39, 0x2e0) /* Guest Processor Doorbell Crit/MC */
1551	blr
1552
1553_GLOBAL(setup_lrat_ivor)
1554	SET_IVOR(42, 0x340) /* LRAT Error */
1555	blr
1556