xref: /linux/arch/powerpc/kernel/exceptions-64e.S (revision 981368e1440b76f68b1ac8f5fb14e739f80ecc4e)
1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 *  Boot code and exception vectors for Book3E processors
4 *
5 *  Copyright (C) 2007 Ben. Herrenschmidt (benh@kernel.crashing.org), IBM Corp.
6 */
7
8#include <linux/linkage.h>
9#include <linux/threads.h>
10#include <asm/reg.h>
11#include <asm/page.h>
12#include <asm/ppc_asm.h>
13#include <asm/asm-offsets.h>
14#include <asm/cputable.h>
15#include <asm/setup.h>
16#include <asm/thread_info.h>
17#include <asm/reg_a2.h>
18#include <asm/exception-64e.h>
19#include <asm/bug.h>
20#include <asm/irqflags.h>
21#include <asm/ptrace.h>
22#include <asm/ppc-opcode.h>
23#include <asm/mmu.h>
24#include <asm/hw_irq.h>
25#include <asm/kvm_asm.h>
26#include <asm/kvm_booke_hv_asm.h>
27#include <asm/feature-fixups.h>
28#include <asm/context_tracking.h>
29
30/* 64e interrupt returns always use SRR registers */
31#define fast_interrupt_return fast_interrupt_return_srr
32#define interrupt_return interrupt_return_srr
33
34/* XXX This will ultimately add space for a special exception save
35 *     structure used to save things like SRR0/SRR1, SPRGs, MAS, etc...
36 *     when taking special interrupts. For now we don't support that,
37 *     special interrupts from within a non-standard level will probably
38 *     blow you up
39 */
40#define SPECIAL_EXC_SRR0	0
41#define SPECIAL_EXC_SRR1	1
42#define SPECIAL_EXC_SPRG_GEN	2
43#define SPECIAL_EXC_SPRG_TLB	3
44#define SPECIAL_EXC_MAS0	4
45#define SPECIAL_EXC_MAS1	5
46#define SPECIAL_EXC_MAS2	6
47#define SPECIAL_EXC_MAS3	7
48#define SPECIAL_EXC_MAS6	8
49#define SPECIAL_EXC_MAS7	9
50#define SPECIAL_EXC_MAS5	10	/* E.HV only */
51#define SPECIAL_EXC_MAS8	11	/* E.HV only */
52#define SPECIAL_EXC_IRQHAPPENED	12
53#define SPECIAL_EXC_DEAR	13
54#define SPECIAL_EXC_ESR		14
55#define SPECIAL_EXC_SOFTE	15
56#define SPECIAL_EXC_CSRR0	16
57#define SPECIAL_EXC_CSRR1	17
58/* must be even to keep 16-byte stack alignment */
59#define SPECIAL_EXC_END		18
60
61#define SPECIAL_EXC_FRAME_SIZE	(INT_FRAME_SIZE + SPECIAL_EXC_END * 8)
62#define SPECIAL_EXC_FRAME_OFFS  (INT_FRAME_SIZE - 288)
63
64#define SPECIAL_EXC_STORE(reg, name) \
65	std	reg, (SPECIAL_EXC_##name * 8 + SPECIAL_EXC_FRAME_OFFS)(r1)
66
67#define SPECIAL_EXC_LOAD(reg, name) \
68	ld	reg, (SPECIAL_EXC_##name * 8 + SPECIAL_EXC_FRAME_OFFS)(r1)
69
70SYM_CODE_START_LOCAL(special_reg_save)
71	/*
72	 * We only need (or have stack space) to save this stuff if
73	 * we interrupted the kernel.
74	 */
75	ld	r3,_MSR(r1)
76	andi.	r3,r3,MSR_PR
77	bnelr
78
79	/*
80	 * Advance to the next TLB exception frame for handler
81	 * types that don't do it automatically.
82	 */
83	LOAD_REG_ADDR(r11,extlb_level_exc)
84	lwz	r12,0(r11)
85	mfspr	r10,SPRN_SPRG_TLB_EXFRAME
86	add	r10,r10,r12
87	mtspr	SPRN_SPRG_TLB_EXFRAME,r10
88
89	/*
90	 * Save registers needed to allow nesting of certain exceptions
91	 * (such as TLB misses) inside special exception levels
92	 */
93	mfspr	r10,SPRN_SRR0
94	SPECIAL_EXC_STORE(r10,SRR0)
95	mfspr	r10,SPRN_SRR1
96	SPECIAL_EXC_STORE(r10,SRR1)
97	mfspr	r10,SPRN_SPRG_GEN_SCRATCH
98	SPECIAL_EXC_STORE(r10,SPRG_GEN)
99	mfspr	r10,SPRN_SPRG_TLB_SCRATCH
100	SPECIAL_EXC_STORE(r10,SPRG_TLB)
101	mfspr	r10,SPRN_MAS0
102	SPECIAL_EXC_STORE(r10,MAS0)
103	mfspr	r10,SPRN_MAS1
104	SPECIAL_EXC_STORE(r10,MAS1)
105	mfspr	r10,SPRN_MAS2
106	SPECIAL_EXC_STORE(r10,MAS2)
107	mfspr	r10,SPRN_MAS3
108	SPECIAL_EXC_STORE(r10,MAS3)
109	mfspr	r10,SPRN_MAS6
110	SPECIAL_EXC_STORE(r10,MAS6)
111	mfspr	r10,SPRN_MAS7
112	SPECIAL_EXC_STORE(r10,MAS7)
113BEGIN_FTR_SECTION
114	mfspr	r10,SPRN_MAS5
115	SPECIAL_EXC_STORE(r10,MAS5)
116	mfspr	r10,SPRN_MAS8
117	SPECIAL_EXC_STORE(r10,MAS8)
118
119	/* MAS5/8 could have inappropriate values if we interrupted KVM code */
120	li	r10,0
121	mtspr	SPRN_MAS5,r10
122	mtspr	SPRN_MAS8,r10
123END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV)
124	mfspr	r10,SPRN_DEAR
125	SPECIAL_EXC_STORE(r10,DEAR)
126	mfspr	r10,SPRN_ESR
127	SPECIAL_EXC_STORE(r10,ESR)
128
129	ld	r10,_NIP(r1)
130	SPECIAL_EXC_STORE(r10,CSRR0)
131	ld	r10,_MSR(r1)
132	SPECIAL_EXC_STORE(r10,CSRR1)
133
134	blr
135SYM_CODE_END(special_reg_save)
136
137SYM_CODE_START_LOCAL(ret_from_level_except)
138	ld	r3,_MSR(r1)
139	andi.	r3,r3,MSR_PR
140	beq	1f
141	REST_NVGPRS(r1)
142	b	interrupt_return
1431:
144
145	LOAD_REG_ADDR(r11,extlb_level_exc)
146	lwz	r12,0(r11)
147	mfspr	r10,SPRN_SPRG_TLB_EXFRAME
148	sub	r10,r10,r12
149	mtspr	SPRN_SPRG_TLB_EXFRAME,r10
150
151	/*
152	 * It's possible that the special level exception interrupted a
153	 * TLB miss handler, and inserted the same entry that the
154	 * interrupted handler was about to insert.  On CPUs without TLB
155	 * write conditional, this can result in a duplicate TLB entry.
156	 * Wipe all non-bolted entries to be safe.
157	 *
158	 * Note that this doesn't protect against any TLB misses
159	 * we may take accessing the stack from here to the end of
160	 * the special level exception.  It's not clear how we can
161	 * reasonably protect against that, but only CPUs with
162	 * neither TLB write conditional nor bolted kernel memory
163	 * are affected.  Do any such CPUs even exist?
164	 */
165	PPC_TLBILX_ALL(0,R0)
166
167	REST_NVGPRS(r1)
168
169	SPECIAL_EXC_LOAD(r10,SRR0)
170	mtspr	SPRN_SRR0,r10
171	SPECIAL_EXC_LOAD(r10,SRR1)
172	mtspr	SPRN_SRR1,r10
173	SPECIAL_EXC_LOAD(r10,SPRG_GEN)
174	mtspr	SPRN_SPRG_GEN_SCRATCH,r10
175	SPECIAL_EXC_LOAD(r10,SPRG_TLB)
176	mtspr	SPRN_SPRG_TLB_SCRATCH,r10
177	SPECIAL_EXC_LOAD(r10,MAS0)
178	mtspr	SPRN_MAS0,r10
179	SPECIAL_EXC_LOAD(r10,MAS1)
180	mtspr	SPRN_MAS1,r10
181	SPECIAL_EXC_LOAD(r10,MAS2)
182	mtspr	SPRN_MAS2,r10
183	SPECIAL_EXC_LOAD(r10,MAS3)
184	mtspr	SPRN_MAS3,r10
185	SPECIAL_EXC_LOAD(r10,MAS6)
186	mtspr	SPRN_MAS6,r10
187	SPECIAL_EXC_LOAD(r10,MAS7)
188	mtspr	SPRN_MAS7,r10
189BEGIN_FTR_SECTION
190	SPECIAL_EXC_LOAD(r10,MAS5)
191	mtspr	SPRN_MAS5,r10
192	SPECIAL_EXC_LOAD(r10,MAS8)
193	mtspr	SPRN_MAS8,r10
194END_FTR_SECTION_IFSET(CPU_FTR_EMB_HV)
195
196	SPECIAL_EXC_LOAD(r10,DEAR)
197	mtspr	SPRN_DEAR,r10
198	SPECIAL_EXC_LOAD(r10,ESR)
199	mtspr	SPRN_ESR,r10
200
201	stdcx.	r0,0,r1		/* to clear the reservation */
202
203	REST_GPRS(2, 9, r1)
204
205	ld	r10,_CTR(r1)
206	ld	r11,_XER(r1)
207	mtctr	r10
208	mtxer	r11
209
210	blr
211SYM_CODE_END(ret_from_level_except)
212
213.macro ret_from_level srr0 srr1 paca_ex scratch
214	bl	ret_from_level_except
215
216	ld	r10,_LINK(r1)
217	ld	r11,_CCR(r1)
218	ld	r0,GPR13(r1)
219	mtlr	r10
220	mtcr	r11
221
222	REST_GPRS(10, 12, r1)
223	mtspr	\scratch,r0
224
225	std	r10,\paca_ex+EX_R10(r13);
226	std	r11,\paca_ex+EX_R11(r13);
227	ld	r10,_NIP(r1)
228	ld	r11,_MSR(r1)
229	REST_GPR(0, r1)
230	REST_GPR(1, r1)
231	mtspr	\srr0,r10
232	mtspr	\srr1,r11
233	ld	r10,\paca_ex+EX_R10(r13)
234	ld	r11,\paca_ex+EX_R11(r13)
235	mfspr	r13,\scratch
236.endm
237
238SYM_CODE_START_LOCAL(ret_from_crit_except)
239	ret_from_level SPRN_CSRR0 SPRN_CSRR1 PACA_EXCRIT SPRN_SPRG_CRIT_SCRATCH
240	rfci
241SYM_CODE_END(ret_from_crit_except)
242
243SYM_CODE_START_LOCAL(ret_from_mc_except)
244	ret_from_level SPRN_MCSRR0 SPRN_MCSRR1 PACA_EXMC SPRN_SPRG_MC_SCRATCH
245	rfmci
246SYM_CODE_END(ret_from_mc_except)
247
248/* Exception prolog code for all exceptions */
249#define EXCEPTION_PROLOG(n, intnum, type, addition)	    		    \
250	mtspr	SPRN_SPRG_##type##_SCRATCH,r13;	/* get spare registers */   \
251	mfspr	r13,SPRN_SPRG_PACA;	/* get PACA */			    \
252	std	r10,PACA_EX##type+EX_R10(r13);				    \
253	std	r11,PACA_EX##type+EX_R11(r13);				    \
254	mfcr	r10;			/* save CR */			    \
255	mfspr	r11,SPRN_##type##_SRR1;/* what are we coming from */	    \
256	DO_KVM	intnum,SPRN_##type##_SRR1;    /* KVM hook */		    \
257	stw	r10,PACA_EX##type+EX_CR(r13); /* save old CR in the PACA */ \
258	addition;			/* additional code for that exc. */ \
259	std	r1,PACA_EX##type+EX_R1(r13); /* save old r1 in the PACA */  \
260	type##_SET_KSTACK;		/* get special stack if necessary */\
261	andi.	r10,r11,MSR_PR;		/* save stack pointer */	    \
262	beq	1f;			/* branch around if supervisor */   \
263	ld	r1,PACAKSAVE(r13);	/* get kernel stack coming from usr */\
2641:	type##_BTB_FLUSH		\
265	cmpdi	cr1,r1,0;		/* check if SP makes sense */	    \
266	bge-	cr1,exc_##n##_bad_stack;/* bad stack (TODO: out of line) */ \
267	mfspr	r10,SPRN_##type##_SRR0;	/* read SRR0 before touching stack */
268
269/* Exception type-specific macros */
270#define	GEN_SET_KSTACK							    \
271	subi	r1,r1,INT_FRAME_SIZE;	/* alloc frame on kernel stack */
272#define SPRN_GEN_SRR0	SPRN_SRR0
273#define SPRN_GEN_SRR1	SPRN_SRR1
274
275#define	GDBELL_SET_KSTACK	GEN_SET_KSTACK
276#define SPRN_GDBELL_SRR0	SPRN_GSRR0
277#define SPRN_GDBELL_SRR1	SPRN_GSRR1
278
279#define CRIT_SET_KSTACK						            \
280	ld	r1,PACA_CRIT_STACK(r13);				    \
281	subi	r1,r1,SPECIAL_EXC_FRAME_SIZE
282#define SPRN_CRIT_SRR0	SPRN_CSRR0
283#define SPRN_CRIT_SRR1	SPRN_CSRR1
284
285#define DBG_SET_KSTACK						            \
286	ld	r1,PACA_DBG_STACK(r13);					    \
287	subi	r1,r1,SPECIAL_EXC_FRAME_SIZE
288#define SPRN_DBG_SRR0	SPRN_DSRR0
289#define SPRN_DBG_SRR1	SPRN_DSRR1
290
291#define MC_SET_KSTACK						            \
292	ld	r1,PACA_MC_STACK(r13);					    \
293	subi	r1,r1,SPECIAL_EXC_FRAME_SIZE
294#define SPRN_MC_SRR0	SPRN_MCSRR0
295#define SPRN_MC_SRR1	SPRN_MCSRR1
296
297#define GEN_BTB_FLUSH			\
298	START_BTB_FLUSH_SECTION		\
299		beq 1f;			\
300		BTB_FLUSH(r10)			\
301		1:		\
302	END_BTB_FLUSH_SECTION
303
304#define CRIT_BTB_FLUSH			\
305	START_BTB_FLUSH_SECTION		\
306		BTB_FLUSH(r10)		\
307	END_BTB_FLUSH_SECTION
308
309#define DBG_BTB_FLUSH CRIT_BTB_FLUSH
310#define MC_BTB_FLUSH CRIT_BTB_FLUSH
311#define GDBELL_BTB_FLUSH GEN_BTB_FLUSH
312
313#define NORMAL_EXCEPTION_PROLOG(n, intnum, addition)			    \
314	EXCEPTION_PROLOG(n, intnum, GEN, addition##_GEN(n))
315
316#define CRIT_EXCEPTION_PROLOG(n, intnum, addition)			    \
317	EXCEPTION_PROLOG(n, intnum, CRIT, addition##_CRIT(n))
318
319#define DBG_EXCEPTION_PROLOG(n, intnum, addition)			    \
320	EXCEPTION_PROLOG(n, intnum, DBG, addition##_DBG(n))
321
322#define MC_EXCEPTION_PROLOG(n, intnum, addition)			    \
323	EXCEPTION_PROLOG(n, intnum, MC, addition##_MC(n))
324
325#define GDBELL_EXCEPTION_PROLOG(n, intnum, addition)			    \
326	EXCEPTION_PROLOG(n, intnum, GDBELL, addition##_GDBELL(n))
327
328/* Variants of the "addition" argument for the prolog
329 */
330#define PROLOG_ADDITION_NONE_GEN(n)
331#define PROLOG_ADDITION_NONE_GDBELL(n)
332#define PROLOG_ADDITION_NONE_CRIT(n)
333#define PROLOG_ADDITION_NONE_DBG(n)
334#define PROLOG_ADDITION_NONE_MC(n)
335
336#define PROLOG_ADDITION_MASKABLE_GEN(n)					    \
337	lbz	r10,PACAIRQSOFTMASK(r13);	/* are irqs soft-masked? */ \
338	andi.	r10,r10,IRQS_DISABLED;	/* yes -> go out of line */ \
339	bne	masked_interrupt_book3e_##n
340
341/*
342 * Additional regs must be re-loaded from paca before EXCEPTION_COMMON* is
343 * called, because that does SAVE_NVGPRS which must see the original register
344 * values, otherwise the scratch values might be restored when exiting the
345 * interrupt.
346 */
347#define PROLOG_ADDITION_2REGS_GEN(n)					    \
348	std	r14,PACA_EXGEN+EX_R14(r13);				    \
349	std	r15,PACA_EXGEN+EX_R15(r13)
350
351#define PROLOG_ADDITION_1REG_GEN(n)					    \
352	std	r14,PACA_EXGEN+EX_R14(r13);
353
354#define PROLOG_ADDITION_2REGS_CRIT(n)					    \
355	std	r14,PACA_EXCRIT+EX_R14(r13);				    \
356	std	r15,PACA_EXCRIT+EX_R15(r13)
357
358#define PROLOG_ADDITION_2REGS_DBG(n)					    \
359	std	r14,PACA_EXDBG+EX_R14(r13);				    \
360	std	r15,PACA_EXDBG+EX_R15(r13)
361
362#define PROLOG_ADDITION_2REGS_MC(n)					    \
363	std	r14,PACA_EXMC+EX_R14(r13);				    \
364	std	r15,PACA_EXMC+EX_R15(r13)
365
366/* Core exception code for all exceptions except TLB misses. */
367#define EXCEPTION_COMMON_LVL(n, scratch, excf)				    \
368exc_##n##_common:							    \
369	SAVE_GPR(0, r1);		/* save r0 in stackframe */	    \
370	SAVE_GPRS(2, 9, r1);		/* save r2 - r9 in stackframe */    \
371	std	r10,_NIP(r1);		/* save SRR0 to stackframe */	    \
372	std	r11,_MSR(r1);		/* save SRR1 to stackframe */	    \
373	beq	2f;			/* if from kernel mode */	    \
3742:	ld	r3,excf+EX_R10(r13);	/* get back r10 */		    \
375	ld	r4,excf+EX_R11(r13);	/* get back r11 */		    \
376	mfspr	r5,scratch;		/* get back r13 */		    \
377	SAVE_GPR(12, r1);		/* save r12 in stackframe */	    \
378	LOAD_PACA_TOC();		/* get kernel TOC into r2 */	    \
379	mflr	r6;			/* save LR in stackframe */	    \
380	mfctr	r7;			/* save CTR in stackframe */	    \
381	mfspr	r8,SPRN_XER;		/* save XER in stackframe */	    \
382	ld	r9,excf+EX_R1(r13);	/* load orig r1 back from PACA */   \
383	lwz	r10,excf+EX_CR(r13);	/* load orig CR back from PACA	*/  \
384	lbz	r11,PACAIRQSOFTMASK(r13); /* get current IRQ softe */	    \
385	LOAD_REG_IMMEDIATE(r12, STACK_FRAME_REGS_MARKER);		    \
386	ZEROIZE_GPR(0);							    \
387	std	r3,GPR10(r1);		/* save r10 to stackframe */	    \
388	std	r4,GPR11(r1);		/* save r11 to stackframe */	    \
389	std	r5,GPR13(r1);		/* save it to stackframe */	    \
390	std	r6,_LINK(r1);						    \
391	std	r7,_CTR(r1);						    \
392	std	r8,_XER(r1);						    \
393	li	r3,(n);			/* regs.trap vector */		    \
394	std	r9,0(r1);		/* store stack frame back link */   \
395	std	r10,_CCR(r1);		/* store orig CR in stackframe */   \
396	std	r9,GPR1(r1);		/* store stack frame back link */   \
397	std	r11,SOFTE(r1);		/* and save it to stackframe */     \
398	std	r12,STACK_INT_FRAME_MARKER(r1); /* mark the frame */	    \
399	std	r3,_TRAP(r1);		/* set trap number		*/  \
400	std	r0,RESULT(r1);		/* clear regs->result */	    \
401	SAVE_NVGPRS(r1);						    \
402	SANITIZE_NVGPRS();		/* minimise speculation influence */
403
404#define EXCEPTION_COMMON(n) \
405	EXCEPTION_COMMON_LVL(n, SPRN_SPRG_GEN_SCRATCH, PACA_EXGEN)
406#define EXCEPTION_COMMON_CRIT(n) \
407	EXCEPTION_COMMON_LVL(n, SPRN_SPRG_CRIT_SCRATCH, PACA_EXCRIT)
408#define EXCEPTION_COMMON_MC(n) \
409	EXCEPTION_COMMON_LVL(n, SPRN_SPRG_MC_SCRATCH, PACA_EXMC)
410#define EXCEPTION_COMMON_DBG(n) \
411	EXCEPTION_COMMON_LVL(n, SPRN_SPRG_DBG_SCRATCH, PACA_EXDBG)
412
413/* XXX FIXME: Restore r14/r15 when necessary */
414#define BAD_STACK_TRAMPOLINE(n)						    \
415exc_##n##_bad_stack:							    \
416	li	r1,(n);			/* get exception number */	    \
417	sth	r1,PACA_TRAP_SAVE(r13);	/* store trap */		    \
418	b	bad_stack_book3e;	/* bad stack error */
419
420/* WARNING: If you change the layout of this stub, make sure you check
421	*   the debug exception handler which handles single stepping
422	*   into exceptions from userspace, and the MM code in
423	*   arch/powerpc/mm/tlb_nohash.c which patches the branch here
424	*   and would need to be updated if that branch is moved
425	*/
426#define	EXCEPTION_STUB(loc, label)					\
427	. = interrupt_base_book3e + loc;				\
428	nop;	/* To make debug interrupts happy */			\
429	b	exc_##label##_book3e;
430
431#define ACK_NONE(r)
432#define ACK_DEC(r)							\
433	lis	r,TSR_DIS@h;						\
434	mtspr	SPRN_TSR,r
435#define ACK_FIT(r)							\
436	lis	r,TSR_FIS@h;						\
437	mtspr	SPRN_TSR,r
438
439/* Used by asynchronous interrupt that may happen in the idle loop.
440 *
441 * This check if the thread was in the idle loop, and if yes, returns
442 * to the caller rather than the PC. This is to avoid a race if
443 * interrupts happen before the wait instruction.
444 */
445#define CHECK_NAPPING()							\
446	ld	r11, PACA_THREAD_INFO(r13);				\
447	ld	r10,TI_LOCAL_FLAGS(r11);				\
448	andi.	r9,r10,_TLF_NAPPING;					\
449	beq+	1f;							\
450	ld	r8,_LINK(r1);						\
451	rlwinm	r7,r10,0,~_TLF_NAPPING;					\
452	std	r8,_NIP(r1);						\
453	std	r7,TI_LOCAL_FLAGS(r11);					\
4541:
455
456
457#define MASKABLE_EXCEPTION(trapnum, intnum, label, hdlr, ack)		\
458	START_EXCEPTION(label);						\
459	NORMAL_EXCEPTION_PROLOG(trapnum, intnum, PROLOG_ADDITION_MASKABLE)\
460	EXCEPTION_COMMON(trapnum)					\
461	ack(r8);							\
462	CHECK_NAPPING();						\
463	addi	r3,r1,STACK_INT_FRAME_REGS;				\
464	bl	hdlr;							\
465	b	interrupt_return
466
467/*
468 * And here we have the exception vectors !
469 */
470
471	.text
472	.balign	0x1000
473	.globl interrupt_base_book3e
474interrupt_base_book3e:					/* fake trap */
475	EXCEPTION_STUB(0x000, machine_check)
476	EXCEPTION_STUB(0x020, critical_input)		/* 0x0100 */
477	EXCEPTION_STUB(0x040, debug_crit)		/* 0x0d00 */
478	EXCEPTION_STUB(0x060, data_storage)		/* 0x0300 */
479	EXCEPTION_STUB(0x080, instruction_storage)	/* 0x0400 */
480	EXCEPTION_STUB(0x0a0, external_input)		/* 0x0500 */
481	EXCEPTION_STUB(0x0c0, alignment)		/* 0x0600 */
482	EXCEPTION_STUB(0x0e0, program)			/* 0x0700 */
483	EXCEPTION_STUB(0x100, fp_unavailable)		/* 0x0800 */
484	EXCEPTION_STUB(0x120, system_call)		/* 0x0c00 */
485	EXCEPTION_STUB(0x140, ap_unavailable)		/* 0x0f20 */
486	EXCEPTION_STUB(0x160, decrementer)		/* 0x0900 */
487	EXCEPTION_STUB(0x180, fixed_interval)		/* 0x0980 */
488	EXCEPTION_STUB(0x1a0, watchdog)			/* 0x09f0 */
489	EXCEPTION_STUB(0x1c0, data_tlb_miss)
490	EXCEPTION_STUB(0x1e0, instruction_tlb_miss)
491	EXCEPTION_STUB(0x200, altivec_unavailable)
492	EXCEPTION_STUB(0x220, altivec_assist)
493	EXCEPTION_STUB(0x260, perfmon)
494	EXCEPTION_STUB(0x280, doorbell)
495	EXCEPTION_STUB(0x2a0, doorbell_crit)
496	EXCEPTION_STUB(0x2c0, guest_doorbell)
497	EXCEPTION_STUB(0x2e0, guest_doorbell_crit)
498	EXCEPTION_STUB(0x300, hypercall)
499	EXCEPTION_STUB(0x320, ehpriv)
500	EXCEPTION_STUB(0x340, lrat_error)
501
502	.globl __end_interrupts
503__end_interrupts:
504
505/* Critical Input Interrupt */
506	START_EXCEPTION(critical_input);
507	CRIT_EXCEPTION_PROLOG(0x100, BOOKE_INTERRUPT_CRITICAL,
508			      PROLOG_ADDITION_NONE)
509	EXCEPTION_COMMON_CRIT(0x100)
510	bl	special_reg_save
511	CHECK_NAPPING();
512	addi	r3,r1,STACK_INT_FRAME_REGS
513	bl	unknown_nmi_exception
514	b	ret_from_crit_except
515
516/* Machine Check Interrupt */
517	START_EXCEPTION(machine_check);
518	MC_EXCEPTION_PROLOG(0x000, BOOKE_INTERRUPT_MACHINE_CHECK,
519			    PROLOG_ADDITION_NONE)
520	EXCEPTION_COMMON_MC(0x000)
521	bl	special_reg_save
522	CHECK_NAPPING();
523	addi	r3,r1,STACK_INT_FRAME_REGS
524	bl	machine_check_exception
525	b	ret_from_mc_except
526
527/* Data Storage Interrupt */
528	START_EXCEPTION(data_storage)
529	NORMAL_EXCEPTION_PROLOG(0x300, BOOKE_INTERRUPT_DATA_STORAGE,
530				PROLOG_ADDITION_2REGS)
531	mfspr	r14,SPRN_DEAR
532	mfspr	r15,SPRN_ESR
533	std	r14,_DEAR(r1)
534	std	r15,_ESR(r1)
535	ld	r14,PACA_EXGEN+EX_R14(r13)
536	ld	r15,PACA_EXGEN+EX_R15(r13)
537	EXCEPTION_COMMON(0x300)
538	b	storage_fault_common
539
540/* Instruction Storage Interrupt */
541	START_EXCEPTION(instruction_storage);
542	NORMAL_EXCEPTION_PROLOG(0x400, BOOKE_INTERRUPT_INST_STORAGE,
543				PROLOG_ADDITION_2REGS)
544	li	r15,0
545	mr	r14,r10
546	std	r14,_DEAR(r1)
547	std	r15,_ESR(r1)
548	ld	r14,PACA_EXGEN+EX_R14(r13)
549	ld	r15,PACA_EXGEN+EX_R15(r13)
550	EXCEPTION_COMMON(0x400)
551	b	storage_fault_common
552
553/* External Input Interrupt */
554	MASKABLE_EXCEPTION(0x500, BOOKE_INTERRUPT_EXTERNAL,
555			   external_input, do_IRQ, ACK_NONE)
556
557/* Alignment */
558	START_EXCEPTION(alignment);
559	NORMAL_EXCEPTION_PROLOG(0x600, BOOKE_INTERRUPT_ALIGNMENT,
560				PROLOG_ADDITION_2REGS)
561	mfspr	r14,SPRN_DEAR
562	mfspr	r15,SPRN_ESR
563	std	r14,_DEAR(r1)
564	std	r15,_ESR(r1)
565	ld	r14,PACA_EXGEN+EX_R14(r13)
566	ld	r15,PACA_EXGEN+EX_R15(r13)
567	EXCEPTION_COMMON(0x600)
568	b	alignment_more	/* no room, go out of line */
569
570/* Program Interrupt */
571	START_EXCEPTION(program);
572	NORMAL_EXCEPTION_PROLOG(0x700, BOOKE_INTERRUPT_PROGRAM,
573				PROLOG_ADDITION_1REG)
574	mfspr	r14,SPRN_ESR
575	std	r14,_ESR(r1)
576	ld	r14,PACA_EXGEN+EX_R14(r13)
577	EXCEPTION_COMMON(0x700)
578	addi	r3,r1,STACK_INT_FRAME_REGS
579	bl	program_check_exception
580	REST_NVGPRS(r1)
581	b	interrupt_return
582
583/* Floating Point Unavailable Interrupt */
584	START_EXCEPTION(fp_unavailable);
585	NORMAL_EXCEPTION_PROLOG(0x800, BOOKE_INTERRUPT_FP_UNAVAIL,
586				PROLOG_ADDITION_NONE)
587	/* we can probably do a shorter exception entry for that one... */
588	EXCEPTION_COMMON(0x800)
589	ld	r12,_MSR(r1)
590	andi.	r0,r12,MSR_PR;
591	beq-	1f
592	bl	load_up_fpu
593	b	fast_interrupt_return
5941:	addi	r3,r1,STACK_INT_FRAME_REGS
595	bl	kernel_fp_unavailable_exception
596	b	interrupt_return
597
598/* Altivec Unavailable Interrupt */
599	START_EXCEPTION(altivec_unavailable);
600	NORMAL_EXCEPTION_PROLOG(0x200, BOOKE_INTERRUPT_ALTIVEC_UNAVAIL,
601				PROLOG_ADDITION_NONE)
602	/* we can probably do a shorter exception entry for that one... */
603	EXCEPTION_COMMON(0x200)
604#ifdef CONFIG_ALTIVEC
605BEGIN_FTR_SECTION
606	ld	r12,_MSR(r1)
607	andi.	r0,r12,MSR_PR;
608	beq-	1f
609	bl	load_up_altivec
610	b	fast_interrupt_return
6111:
612END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
613#endif
614	addi	r3,r1,STACK_INT_FRAME_REGS
615	bl	altivec_unavailable_exception
616	b	interrupt_return
617
618/* AltiVec Assist */
619	START_EXCEPTION(altivec_assist);
620	NORMAL_EXCEPTION_PROLOG(0x220,
621				BOOKE_INTERRUPT_ALTIVEC_ASSIST,
622				PROLOG_ADDITION_NONE)
623	EXCEPTION_COMMON(0x220)
624	addi	r3,r1,STACK_INT_FRAME_REGS
625#ifdef CONFIG_ALTIVEC
626BEGIN_FTR_SECTION
627	bl	altivec_assist_exception
628END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
629	REST_NVGPRS(r1)
630#else
631	bl	unknown_exception
632#endif
633	b	interrupt_return
634
635
636/* Decrementer Interrupt */
637	MASKABLE_EXCEPTION(0x900, BOOKE_INTERRUPT_DECREMENTER,
638			   decrementer, timer_interrupt, ACK_DEC)
639
640/* Fixed Interval Timer Interrupt */
641	MASKABLE_EXCEPTION(0x980, BOOKE_INTERRUPT_FIT,
642			   fixed_interval, unknown_exception, ACK_FIT)
643
644/* Watchdog Timer Interrupt */
645	START_EXCEPTION(watchdog);
646	CRIT_EXCEPTION_PROLOG(0x9f0, BOOKE_INTERRUPT_WATCHDOG,
647			      PROLOG_ADDITION_NONE)
648	EXCEPTION_COMMON_CRIT(0x9f0)
649	bl	special_reg_save
650	CHECK_NAPPING();
651	addi	r3,r1,STACK_INT_FRAME_REGS
652#ifdef CONFIG_BOOKE_WDT
653	bl	WatchdogException
654#else
655	bl	unknown_nmi_exception
656#endif
657	b	ret_from_crit_except
658
659/* System Call Interrupt */
660	START_EXCEPTION(system_call)
661	mr	r9,r13			/* keep a copy of userland r13 */
662	mfspr	r11,SPRN_SRR0		/* get return address */
663	mfspr	r12,SPRN_SRR1		/* get previous MSR */
664	mfspr	r13,SPRN_SPRG_PACA	/* get our PACA */
665	b	system_call_common
666
667/* Auxiliary Processor Unavailable Interrupt */
668	START_EXCEPTION(ap_unavailable);
669	NORMAL_EXCEPTION_PROLOG(0xf20, BOOKE_INTERRUPT_AP_UNAVAIL,
670				PROLOG_ADDITION_NONE)
671	EXCEPTION_COMMON(0xf20)
672	addi	r3,r1,STACK_INT_FRAME_REGS
673	bl	unknown_exception
674	b	interrupt_return
675
676/* Debug exception as a critical interrupt*/
677	START_EXCEPTION(debug_crit);
678	CRIT_EXCEPTION_PROLOG(0xd00, BOOKE_INTERRUPT_DEBUG,
679			      PROLOG_ADDITION_2REGS)
680
681	/*
682	 * If there is a single step or branch-taken exception in an
683	 * exception entry sequence, it was probably meant to apply to
684	 * the code where the exception occurred (since exception entry
685	 * doesn't turn off DE automatically).  We simulate the effect
686	 * of turning off DE on entry to an exception handler by turning
687	 * off DE in the CSRR1 value and clearing the debug status.
688	 */
689
690	mfspr	r14,SPRN_DBSR		/* check single-step/branch taken */
691	andis.	r15,r14,(DBSR_IC|DBSR_BT)@h
692	beq+	1f
693
694#ifdef CONFIG_RELOCATABLE
695	__LOAD_PACA_TOC(r15)
696	LOAD_REG_ADDR_ALTTOC(r14, r15, interrupt_base_book3e)
697	LOAD_REG_ADDR_ALTTOC(r15, r15, __end_interrupts)
698	cmpld	cr0,r10,r14
699	cmpld	cr1,r10,r15
700#else
701	LOAD_REG_IMMEDIATE_SYM(r14, r15, interrupt_base_book3e)
702	cmpld	cr0, r10, r14
703	LOAD_REG_IMMEDIATE_SYM(r14, r15, __end_interrupts)
704	cmpld	cr1, r10, r14
705#endif
706	blt+	cr0,1f
707	bge+	cr1,1f
708
709	/* here it looks like we got an inappropriate debug exception. */
710	lis	r14,(DBSR_IC|DBSR_BT)@h		/* clear the event */
711	rlwinm	r11,r11,0,~MSR_DE	/* clear DE in the CSRR1 value */
712	mtspr	SPRN_DBSR,r14
713	mtspr	SPRN_CSRR1,r11
714	lwz	r10,PACA_EXCRIT+EX_CR(r13)	/* restore registers */
715	ld	r1,PACA_EXCRIT+EX_R1(r13)
716	ld	r14,PACA_EXCRIT+EX_R14(r13)
717	ld	r15,PACA_EXCRIT+EX_R15(r13)
718	mtcr	r10
719	ld	r10,PACA_EXCRIT+EX_R10(r13)	/* restore registers */
720	ld	r11,PACA_EXCRIT+EX_R11(r13)
721	mfspr	r13,SPRN_SPRG_CRIT_SCRATCH
722	rfci
723
724	/* Normal debug exception */
725	/* XXX We only handle coming from userspace for now since we can't
726	 *     quite save properly an interrupted kernel state yet
727	 */
7281:	andi.	r14,r11,MSR_PR;		/* check for userspace again */
729	beq	kernel_dbg_exc;		/* if from kernel mode */
730
731	/* Now we mash up things to make it look like we are coming on a
732	 * normal exception
733	 */
734	mfspr	r14,SPRN_DBSR
735	std	r14,_DSISR(r1)
736	ld	r14,PACA_EXCRIT+EX_R14(r13)
737	ld	r15,PACA_EXCRIT+EX_R15(r13)
738	EXCEPTION_COMMON_CRIT(0xd00)
739	addi	r3,r1,STACK_INT_FRAME_REGS
740	bl	DebugException
741	REST_NVGPRS(r1)
742	b	interrupt_return
743
744kernel_dbg_exc:
745	b	.	/* NYI */
746
747/* Debug exception as a debug interrupt*/
748	START_EXCEPTION(debug_debug);
749	DBG_EXCEPTION_PROLOG(0xd00, BOOKE_INTERRUPT_DEBUG,
750						 PROLOG_ADDITION_2REGS)
751
752	/*
753	 * If there is a single step or branch-taken exception in an
754	 * exception entry sequence, it was probably meant to apply to
755	 * the code where the exception occurred (since exception entry
756	 * doesn't turn off DE automatically).  We simulate the effect
757	 * of turning off DE on entry to an exception handler by turning
758	 * off DE in the DSRR1 value and clearing the debug status.
759	 */
760
761	mfspr	r14,SPRN_DBSR		/* check single-step/branch taken */
762	andis.	r15,r14,(DBSR_IC|DBSR_BT)@h
763	beq+	1f
764
765#ifdef CONFIG_RELOCATABLE
766	__LOAD_PACA_TOC(r15)
767	LOAD_REG_ADDR_ALTTOC(r14, r15, interrupt_base_book3e)
768	LOAD_REG_ADDR_ALTTOC(r15, r15, __end_interrupts)
769	cmpld	cr0,r10,r14
770	cmpld	cr1,r10,r15
771#else
772	LOAD_REG_IMMEDIATE_SYM(r14, r15, interrupt_base_book3e)
773	cmpld	cr0, r10, r14
774	LOAD_REG_IMMEDIATE_SYM(r14, r15,__end_interrupts)
775	cmpld	cr1, r10, r14
776#endif
777	blt+	cr0,1f
778	bge+	cr1,1f
779
780	/* here it looks like we got an inappropriate debug exception. */
781	lis	r14,(DBSR_IC|DBSR_BT)@h		/* clear the event */
782	rlwinm	r11,r11,0,~MSR_DE	/* clear DE in the DSRR1 value */
783	mtspr	SPRN_DBSR,r14
784	mtspr	SPRN_DSRR1,r11
785	lwz	r10,PACA_EXDBG+EX_CR(r13)	/* restore registers */
786	ld	r1,PACA_EXDBG+EX_R1(r13)
787	ld	r14,PACA_EXDBG+EX_R14(r13)
788	ld	r15,PACA_EXDBG+EX_R15(r13)
789	mtcr	r10
790	ld	r10,PACA_EXDBG+EX_R10(r13)	/* restore registers */
791	ld	r11,PACA_EXDBG+EX_R11(r13)
792	mfspr	r13,SPRN_SPRG_DBG_SCRATCH
793	rfdi
794
795	/* Normal debug exception */
796	/* XXX We only handle coming from userspace for now since we can't
797	 *     quite save properly an interrupted kernel state yet
798	 */
7991:	andi.	r14,r11,MSR_PR;		/* check for userspace again */
800	beq	kernel_dbg_exc;		/* if from kernel mode */
801
802	/* Now we mash up things to make it look like we are coming on a
803	 * normal exception
804	 */
805	mfspr	r14,SPRN_DBSR
806	std	r14,_DSISR(r1)
807	ld	r14,PACA_EXDBG+EX_R14(r13)
808	ld	r15,PACA_EXDBG+EX_R15(r13)
809	EXCEPTION_COMMON_DBG(0xd08)
810	addi	r3,r1,STACK_INT_FRAME_REGS
811	bl	DebugException
812	REST_NVGPRS(r1)
813	b	interrupt_return
814
815	START_EXCEPTION(perfmon);
816	NORMAL_EXCEPTION_PROLOG(0x260, BOOKE_INTERRUPT_PERFORMANCE_MONITOR,
817				PROLOG_ADDITION_NONE)
818	EXCEPTION_COMMON(0x260)
819	CHECK_NAPPING()
820	addi	r3,r1,STACK_INT_FRAME_REGS
821	/*
822	 * XXX: Returning from performance_monitor_exception taken as a
823	 * soft-NMI (Linux irqs disabled) may be risky to use interrupt_return
824	 * and could cause bugs in return or elsewhere. That case should just
825	 * restore registers and return. There is a workaround for one known
826	 * problem in interrupt_exit_kernel_prepare().
827	 */
828	bl	performance_monitor_exception
829	b	interrupt_return
830
831/* Doorbell interrupt */
832	MASKABLE_EXCEPTION(0x280, BOOKE_INTERRUPT_DOORBELL,
833			   doorbell, doorbell_exception, ACK_NONE)
834
835/* Doorbell critical Interrupt */
836	START_EXCEPTION(doorbell_crit);
837	CRIT_EXCEPTION_PROLOG(0x2a0, BOOKE_INTERRUPT_DOORBELL_CRITICAL,
838			      PROLOG_ADDITION_NONE)
839	EXCEPTION_COMMON_CRIT(0x2a0)
840	bl	special_reg_save
841	CHECK_NAPPING();
842	addi	r3,r1,STACK_INT_FRAME_REGS
843	bl	unknown_nmi_exception
844	b	ret_from_crit_except
845
846/*
847 *	Guest doorbell interrupt
848 *	This general exception use GSRRx save/restore registers
849 */
850	START_EXCEPTION(guest_doorbell);
851	GDBELL_EXCEPTION_PROLOG(0x2c0, BOOKE_INTERRUPT_GUEST_DBELL,
852			        PROLOG_ADDITION_NONE)
853	EXCEPTION_COMMON(0x2c0)
854	addi	r3,r1,STACK_INT_FRAME_REGS
855	bl	unknown_exception
856	b	interrupt_return
857
858/* Guest Doorbell critical Interrupt */
859	START_EXCEPTION(guest_doorbell_crit);
860	CRIT_EXCEPTION_PROLOG(0x2e0, BOOKE_INTERRUPT_GUEST_DBELL_CRIT,
861			      PROLOG_ADDITION_NONE)
862	EXCEPTION_COMMON_CRIT(0x2e0)
863	bl	special_reg_save
864	CHECK_NAPPING();
865	addi	r3,r1,STACK_INT_FRAME_REGS
866	bl	unknown_nmi_exception
867	b	ret_from_crit_except
868
869/* Hypervisor call */
870	START_EXCEPTION(hypercall);
871	NORMAL_EXCEPTION_PROLOG(0x310, BOOKE_INTERRUPT_HV_SYSCALL,
872			        PROLOG_ADDITION_NONE)
873	EXCEPTION_COMMON(0x310)
874	addi	r3,r1,STACK_INT_FRAME_REGS
875	bl	unknown_exception
876	b	interrupt_return
877
878/* Embedded Hypervisor priviledged  */
879	START_EXCEPTION(ehpriv);
880	NORMAL_EXCEPTION_PROLOG(0x320, BOOKE_INTERRUPT_HV_PRIV,
881			        PROLOG_ADDITION_NONE)
882	EXCEPTION_COMMON(0x320)
883	addi	r3,r1,STACK_INT_FRAME_REGS
884	bl	unknown_exception
885	b	interrupt_return
886
887/* LRAT Error interrupt */
888	START_EXCEPTION(lrat_error);
889	NORMAL_EXCEPTION_PROLOG(0x340, BOOKE_INTERRUPT_LRAT_ERROR,
890			        PROLOG_ADDITION_NONE)
891	EXCEPTION_COMMON(0x340)
892	addi	r3,r1,STACK_INT_FRAME_REGS
893	bl	unknown_exception
894	b	interrupt_return
895
896.macro SEARCH_RESTART_TABLE
897#ifdef CONFIG_RELOCATABLE
898	__LOAD_PACA_TOC(r11)
899	LOAD_REG_ADDR_ALTTOC(r14, r11, __start___restart_table)
900	LOAD_REG_ADDR_ALTTOC(r15, r11, __stop___restart_table)
901#else
902	LOAD_REG_IMMEDIATE_SYM(r14, r11, __start___restart_table)
903	LOAD_REG_IMMEDIATE_SYM(r15, r11, __stop___restart_table)
904#endif
905300:
906	cmpd	r14,r15
907	beq	302f
908	ld	r11,0(r14)
909	cmpld	r10,r11
910	blt	301f
911	ld	r11,8(r14)
912	cmpld	r10,r11
913	bge	301f
914	ld	r11,16(r14)
915	b	303f
916301:
917	addi	r14,r14,24
918	b	300b
919302:
920	li	r11,0
921303:
922.endm
923
924/*
925 * An interrupt came in while soft-disabled; We mark paca->irq_happened
926 * accordingly and if the interrupt is level sensitive, we hard disable
927 * hard disable (full_mask) corresponds to PACA_IRQ_MUST_HARD_MASK, so
928 * keep these in synch.
929 */
930
931.macro masked_interrupt_book3e paca_irq full_mask
932	std	r14,PACA_EXGEN+EX_R14(r13)
933	std	r15,PACA_EXGEN+EX_R15(r13)
934
935	lbz	r10,PACAIRQHAPPENED(r13)
936	.if \full_mask == 1
937	ori	r10,r10,\paca_irq | PACA_IRQ_HARD_DIS
938	.else
939	ori	r10,r10,\paca_irq
940	.endif
941	stb	r10,PACAIRQHAPPENED(r13)
942
943	.if \full_mask == 1
944	xori	r11,r11,MSR_EE		/* clear MSR_EE */
945	mtspr	SPRN_SRR1,r11
946	.endif
947
948	mfspr	r10,SPRN_SRR0
949	SEARCH_RESTART_TABLE
950	cmpdi	r11,0
951	beq	1f
952	mtspr	SPRN_SRR0,r11		/* return to restart address */
9531:
954
955	lwz	r11,PACA_EXGEN+EX_CR(r13)
956	mtcr	r11
957	ld	r10,PACA_EXGEN+EX_R10(r13)
958	ld	r11,PACA_EXGEN+EX_R11(r13)
959	ld	r14,PACA_EXGEN+EX_R14(r13)
960	ld	r15,PACA_EXGEN+EX_R15(r13)
961	mfspr	r13,SPRN_SPRG_GEN_SCRATCH
962	rfi
963	b	.
964.endm
965
966masked_interrupt_book3e_0x500:
967	masked_interrupt_book3e PACA_IRQ_EE 1
968
969masked_interrupt_book3e_0x900:
970	ACK_DEC(r10);
971	masked_interrupt_book3e PACA_IRQ_DEC 0
972
973masked_interrupt_book3e_0x980:
974	ACK_FIT(r10);
975	masked_interrupt_book3e PACA_IRQ_DEC 0
976
977masked_interrupt_book3e_0x280:
978masked_interrupt_book3e_0x2c0:
979	masked_interrupt_book3e PACA_IRQ_DBELL 0
980
981/*
982 * This is called from 0x300 and 0x400 handlers after the prologs with
983 * r14 and r15 containing the fault address and error code, with the
984 * original values stashed away in the PACA
985 */
986SYM_CODE_START_LOCAL(storage_fault_common)
987	addi	r3,r1,STACK_INT_FRAME_REGS
988	bl	do_page_fault
989	b	interrupt_return
990SYM_CODE_END(storage_fault_common)
991
992/*
993 * Alignment exception doesn't fit entirely in the 0x100 bytes so it
994 * continues here.
995 */
996SYM_CODE_START_LOCAL(alignment_more)
997	addi	r3,r1,STACK_INT_FRAME_REGS
998	bl	alignment_exception
999	REST_NVGPRS(r1)
1000	b	interrupt_return
1001SYM_CODE_END(alignment_more)
1002
1003/*
1004 * Trampolines used when spotting a bad kernel stack pointer in
1005 * the exception entry code.
1006 *
1007 * TODO: move some bits like SRR0 read to trampoline, pass PACA
1008 * index around, etc... to handle crit & mcheck
1009 */
1010BAD_STACK_TRAMPOLINE(0x000)
1011BAD_STACK_TRAMPOLINE(0x100)
1012BAD_STACK_TRAMPOLINE(0x200)
1013BAD_STACK_TRAMPOLINE(0x220)
1014BAD_STACK_TRAMPOLINE(0x260)
1015BAD_STACK_TRAMPOLINE(0x280)
1016BAD_STACK_TRAMPOLINE(0x2a0)
1017BAD_STACK_TRAMPOLINE(0x2c0)
1018BAD_STACK_TRAMPOLINE(0x2e0)
1019BAD_STACK_TRAMPOLINE(0x300)
1020BAD_STACK_TRAMPOLINE(0x310)
1021BAD_STACK_TRAMPOLINE(0x320)
1022BAD_STACK_TRAMPOLINE(0x340)
1023BAD_STACK_TRAMPOLINE(0x400)
1024BAD_STACK_TRAMPOLINE(0x500)
1025BAD_STACK_TRAMPOLINE(0x600)
1026BAD_STACK_TRAMPOLINE(0x700)
1027BAD_STACK_TRAMPOLINE(0x800)
1028BAD_STACK_TRAMPOLINE(0x900)
1029BAD_STACK_TRAMPOLINE(0x980)
1030BAD_STACK_TRAMPOLINE(0x9f0)
1031BAD_STACK_TRAMPOLINE(0xa00)
1032BAD_STACK_TRAMPOLINE(0xb00)
1033BAD_STACK_TRAMPOLINE(0xc00)
1034BAD_STACK_TRAMPOLINE(0xd00)
1035BAD_STACK_TRAMPOLINE(0xd08)
1036BAD_STACK_TRAMPOLINE(0xe00)
1037BAD_STACK_TRAMPOLINE(0xf00)
1038BAD_STACK_TRAMPOLINE(0xf20)
1039
1040_GLOBAL(bad_stack_book3e)
1041	/* XXX: Needs to make SPRN_SPRG_GEN depend on exception type */
1042	mfspr	r10,SPRN_SRR0;		  /* read SRR0 before touching stack */
1043	ld	r1,PACAEMERGSP(r13)
1044	subi	r1,r1,64+INT_FRAME_SIZE
1045	std	r10,_NIP(r1)
1046	std	r11,_MSR(r1)
1047	ld	r10,PACA_EXGEN+EX_R1(r13) /* FIXME for crit & mcheck */
1048	lwz	r11,PACA_EXGEN+EX_CR(r13) /* FIXME for crit & mcheck */
1049	std	r10,GPR1(r1)
1050	std	r11,_CCR(r1)
1051	mfspr	r10,SPRN_DEAR
1052	mfspr	r11,SPRN_ESR
1053	std	r10,_DEAR(r1)
1054	std	r11,_ESR(r1)
1055	SAVE_GPR(0, r1);		/* save r0 in stackframe */	    \
1056	SAVE_GPRS(2, 9, r1);		/* save r2 - r9 in stackframe */    \
1057	ld	r3,PACA_EXGEN+EX_R10(r13);/* get back r10 */		    \
1058	ld	r4,PACA_EXGEN+EX_R11(r13);/* get back r11 */		    \
1059	mfspr	r5,SPRN_SPRG_GEN_SCRATCH;/* get back r13 XXX can be wrong */ \
1060	std	r3,GPR10(r1);		/* save r10 to stackframe */	    \
1061	std	r4,GPR11(r1);		/* save r11 to stackframe */	    \
1062	SAVE_GPR(12, r1);		/* save r12 in stackframe */	    \
1063	std	r5,GPR13(r1);		/* save it to stackframe */	    \
1064	mflr	r10
1065	mfctr	r11
1066	mfxer	r12
1067	std	r10,_LINK(r1)
1068	std	r11,_CTR(r1)
1069	std	r12,_XER(r1)
1070	SAVE_NVGPRS(r1)
1071	lhz	r12,PACA_TRAP_SAVE(r13)
1072	std	r12,_TRAP(r1)
1073	addi	r11,r1,INT_FRAME_SIZE
1074	std	r11,0(r1)
1075	ZEROIZE_GPR(12)
1076	std	r12,0(r11)
1077	LOAD_PACA_TOC()
10781:	addi	r3,r1,STACK_INT_FRAME_REGS
1079	bl	kernel_bad_stack
1080	b	1b
1081
1082/*
1083 * Setup the initial TLB for a core. This current implementation
1084 * assume that whatever we are running off will not conflict with
1085 * the new mapping at PAGE_OFFSET.
1086 */
1087_GLOBAL(initial_tlb_book3e)
1088
1089	/* Look for the first TLB with IPROT set */
1090	mfspr	r4,SPRN_TLB0CFG
1091	andi.	r3,r4,TLBnCFG_IPROT
1092	lis	r3,MAS0_TLBSEL(0)@h
1093	bne	found_iprot
1094
1095	mfspr	r4,SPRN_TLB1CFG
1096	andi.	r3,r4,TLBnCFG_IPROT
1097	lis	r3,MAS0_TLBSEL(1)@h
1098	bne	found_iprot
1099
1100	mfspr	r4,SPRN_TLB2CFG
1101	andi.	r3,r4,TLBnCFG_IPROT
1102	lis	r3,MAS0_TLBSEL(2)@h
1103	bne	found_iprot
1104
1105	lis	r3,MAS0_TLBSEL(3)@h
1106	mfspr	r4,SPRN_TLB3CFG
1107	/* fall through */
1108
1109found_iprot:
1110	andi.	r5,r4,TLBnCFG_HES
1111	bne	have_hes
1112
1113	mflr	r8				/* save LR */
1114/* 1. Find the index of the entry we're executing in
1115 *
1116 * r3 = MAS0_TLBSEL (for the iprot array)
1117 * r4 = SPRN_TLBnCFG
1118 */
1119	bcl	20,31,$+4			/* Find our address */
1120invstr:	mflr	r6				/* Make it accessible */
1121	mfmsr	r7
1122	rlwinm	r5,r7,27,31,31			/* extract MSR[IS] */
1123	mfspr	r7,SPRN_PID
1124	slwi	r7,r7,16
1125	or	r7,r7,r5
1126	mtspr	SPRN_MAS6,r7
1127	tlbsx	0,r6				/* search MSR[IS], SPID=PID */
1128
1129	mfspr	r3,SPRN_MAS0
1130	rlwinm	r5,r3,16,20,31			/* Extract MAS0(Entry) */
1131
1132	mfspr	r7,SPRN_MAS1			/* Insure IPROT set */
1133	oris	r7,r7,MAS1_IPROT@h
1134	mtspr	SPRN_MAS1,r7
1135	tlbwe
1136
1137/* 2. Invalidate all entries except the entry we're executing in
1138 *
1139 * r3 = MAS0 w/TLBSEL & ESEL for the entry we are running in
1140 * r4 = SPRN_TLBnCFG
1141 * r5 = ESEL of entry we are running in
1142 */
1143	andi.	r4,r4,TLBnCFG_N_ENTRY		/* Extract # entries */
1144	li	r6,0				/* Set Entry counter to 0 */
11451:	mr	r7,r3				/* Set MAS0(TLBSEL) */
1146	rlwimi	r7,r6,16,4,15			/* Setup MAS0 = TLBSEL | ESEL(r6) */
1147	mtspr	SPRN_MAS0,r7
1148	tlbre
1149	mfspr	r7,SPRN_MAS1
1150	rlwinm	r7,r7,0,2,31			/* Clear MAS1 Valid and IPROT */
1151	cmpw	r5,r6
1152	beq	skpinv				/* Dont update the current execution TLB */
1153	mtspr	SPRN_MAS1,r7
1154	tlbwe
1155	isync
1156skpinv:	addi	r6,r6,1				/* Increment */
1157	cmpw	r6,r4				/* Are we done? */
1158	bne	1b				/* If not, repeat */
1159
1160	/* Invalidate all TLBs */
1161	PPC_TLBILX_ALL(0,R0)
1162	sync
1163	isync
1164
1165/* 3. Setup a temp mapping and jump to it
1166 *
1167 * r3 = MAS0 w/TLBSEL & ESEL for the entry we are running in
1168 * r5 = ESEL of entry we are running in
1169 */
1170	andi.	r7,r5,0x1	/* Find an entry not used and is non-zero */
1171	addi	r7,r7,0x1
1172	mr	r4,r3		/* Set MAS0(TLBSEL) = 1 */
1173	mtspr	SPRN_MAS0,r4
1174	tlbre
1175
1176	rlwimi	r4,r7,16,4,15	/* Setup MAS0 = TLBSEL | ESEL(r7) */
1177	mtspr	SPRN_MAS0,r4
1178
1179	mfspr	r7,SPRN_MAS1
1180	xori	r6,r7,MAS1_TS		/* Setup TMP mapping in the other Address space */
1181	mtspr	SPRN_MAS1,r6
1182
1183	tlbwe
1184
1185	mfmsr	r6
1186	xori	r6,r6,MSR_IS
1187	mtspr	SPRN_SRR1,r6
1188	bcl	20,31,$+4	/* Find our address */
11891:	mflr	r6
1190	addi	r6,r6,(2f - 1b)
1191	mtspr	SPRN_SRR0,r6
1192	rfi
11932:
1194
1195/* 4. Clear out PIDs & Search info
1196 *
1197 * r3 = MAS0 w/TLBSEL & ESEL for the entry we started in
1198 * r4 = MAS0 w/TLBSEL & ESEL for the temp mapping
1199 * r5 = MAS3
1200 */
1201	li	r6,0
1202	mtspr   SPRN_MAS6,r6
1203	mtspr	SPRN_PID,r6
1204
1205/* 5. Invalidate mapping we started in
1206 *
1207 * r3 = MAS0 w/TLBSEL & ESEL for the entry we started in
1208 * r4 = MAS0 w/TLBSEL & ESEL for the temp mapping
1209 * r5 = MAS3
1210 */
1211	mtspr	SPRN_MAS0,r3
1212	tlbre
1213	mfspr	r6,SPRN_MAS1
1214	rlwinm	r6,r6,0,2,31	/* clear IPROT and VALID */
1215	mtspr	SPRN_MAS1,r6
1216	tlbwe
1217	sync
1218	isync
1219
1220/* 6. Setup KERNELBASE mapping in TLB[0]
1221 *
1222 * r3 = MAS0 w/TLBSEL & ESEL for the entry we started in
1223 * r4 = MAS0 w/TLBSEL & ESEL for the temp mapping
1224 * r5 = MAS3
1225 */
1226	rlwinm	r3,r3,0,16,3	/* clear ESEL */
1227	mtspr	SPRN_MAS0,r3
1228	lis	r6,(MAS1_VALID|MAS1_IPROT)@h
1229	ori	r6,r6,(MAS1_TSIZE(BOOK3E_PAGESZ_1GB))@l
1230	mtspr	SPRN_MAS1,r6
1231
1232	LOAD_REG_IMMEDIATE(r6, PAGE_OFFSET | MAS2_M_IF_NEEDED)
1233	mtspr	SPRN_MAS2,r6
1234
1235	rlwinm	r5,r5,0,0,25
1236	ori	r5,r5,MAS3_SR | MAS3_SW | MAS3_SX
1237	mtspr	SPRN_MAS3,r5
1238	li	r5,-1
1239	rlwinm	r5,r5,0,0,25
1240
1241	tlbwe
1242
1243/* 7. Jump to KERNELBASE mapping
1244 *
1245 * r4 = MAS0 w/TLBSEL & ESEL for the temp mapping
1246 */
1247	/* Now we branch the new virtual address mapped by this entry */
1248	bcl	20,31,$+4	/* Find our address */
12491:	mflr	r6
1250	addi	r6,r6,(2f - 1b)
1251	tovirt(r6,r6)
1252	lis	r7,MSR_KERNEL@h
1253	ori	r7,r7,MSR_KERNEL@l
1254	mtspr	SPRN_SRR0,r6
1255	mtspr	SPRN_SRR1,r7
1256	rfi				/* start execution out of TLB1[0] entry */
12572:
1258
1259/* 8. Clear out the temp mapping
1260 *
1261 * r4 = MAS0 w/TLBSEL & ESEL for the entry we are running in
1262 */
1263	mtspr	SPRN_MAS0,r4
1264	tlbre
1265	mfspr	r5,SPRN_MAS1
1266	rlwinm	r5,r5,0,2,31	/* clear IPROT and VALID */
1267	mtspr	SPRN_MAS1,r5
1268	tlbwe
1269	sync
1270	isync
1271
1272	/* We translate LR and return */
1273	tovirt(r8,r8)
1274	mtlr	r8
1275	blr
1276
1277have_hes:
1278	/* Setup MAS 0,1,2,3 and 7 for tlbwe of a 1G entry that maps the
1279	 * kernel linear mapping. We also set MAS8 once for all here though
1280	 * that will have to be made dependent on whether we are running under
1281	 * a hypervisor I suppose.
1282	 */
1283
1284	/* BEWARE, MAGIC
1285	 * This code is called as an ordinary function on the boot CPU. But to
1286	 * avoid duplication, this code is also used in SCOM bringup of
1287	 * secondary CPUs. We read the code between the initial_tlb_code_start
1288	 * and initial_tlb_code_end labels one instruction at a time and RAM it
1289	 * into the new core via SCOM. That doesn't process branches, so there
1290	 * must be none between those two labels. It also means if this code
1291	 * ever takes any parameters, the SCOM code must also be updated to
1292	 * provide them.
1293	 */
1294_GLOBAL(a2_tlbinit_code_start)
1295
1296	ori	r11,r3,MAS0_WQ_ALLWAYS
1297	oris	r11,r11,MAS0_ESEL(3)@h /* Use way 3: workaround A2 erratum 376 */
1298	mtspr	SPRN_MAS0,r11
1299	lis	r3,(MAS1_VALID | MAS1_IPROT)@h
1300	ori	r3,r3,BOOK3E_PAGESZ_1GB << MAS1_TSIZE_SHIFT
1301	mtspr	SPRN_MAS1,r3
1302	LOAD_REG_IMMEDIATE(r3, PAGE_OFFSET | MAS2_M)
1303	mtspr	SPRN_MAS2,r3
1304	li	r3,MAS3_SR | MAS3_SW | MAS3_SX
1305	mtspr	SPRN_MAS7_MAS3,r3
1306	li	r3,0
1307	mtspr	SPRN_MAS8,r3
1308
1309	/* Write the TLB entry */
1310	tlbwe
1311
1312	.globl a2_tlbinit_after_linear_map
1313a2_tlbinit_after_linear_map:
1314
1315	/* Now we branch the new virtual address mapped by this entry */
1316#ifdef CONFIG_RELOCATABLE
1317	__LOAD_PACA_TOC(r5)
1318	LOAD_REG_ADDR_ALTTOC(r3, r5, 1f)
1319#else
1320	LOAD_REG_IMMEDIATE_SYM(r3, r5, 1f)
1321#endif
1322	mtctr	r3
1323	bctr
1324
13251:	/* We are now running at PAGE_OFFSET, clean the TLB of everything
1326	 * else (including IPROTed things left by firmware)
1327	 * r4 = TLBnCFG
1328	 * r3 = current address (more or less)
1329	 */
1330
1331	li	r5,0
1332	mtspr	SPRN_MAS6,r5
1333	tlbsx	0,r3
1334
1335	rlwinm	r9,r4,0,TLBnCFG_N_ENTRY
1336	rlwinm	r10,r4,8,0xff
1337	addi	r10,r10,-1	/* Get inner loop mask */
1338
1339	li	r3,1
1340
1341	mfspr	r5,SPRN_MAS1
1342	rlwinm	r5,r5,0,(~(MAS1_VALID|MAS1_IPROT))
1343
1344	mfspr	r6,SPRN_MAS2
1345	rldicr	r6,r6,0,51		/* Extract EPN */
1346
1347	mfspr	r7,SPRN_MAS0
1348	rlwinm	r7,r7,0,0xffff0fff	/* Clear HES and WQ */
1349
1350	rlwinm	r8,r7,16,0xfff		/* Extract ESEL */
1351
13522:	add	r4,r3,r8
1353	and	r4,r4,r10
1354
1355	rlwimi	r7,r4,16,MAS0_ESEL_MASK
1356
1357	mtspr	SPRN_MAS0,r7
1358	mtspr	SPRN_MAS1,r5
1359	mtspr	SPRN_MAS2,r6
1360	tlbwe
1361
1362	addi	r3,r3,1
1363	and.	r4,r3,r10
1364
1365	bne	3f
1366	addis	r6,r6,(1<<30)@h
13673:
1368	cmpw	r3,r9
1369	blt	2b
1370
1371	.globl  a2_tlbinit_after_iprot_flush
1372a2_tlbinit_after_iprot_flush:
1373
1374	PPC_TLBILX(0,0,R0)
1375	sync
1376	isync
1377
1378	.globl a2_tlbinit_code_end
1379a2_tlbinit_code_end:
1380
1381	/* We translate LR and return */
1382	mflr	r3
1383	tovirt(r3,r3)
1384	mtlr	r3
1385	blr
1386
1387/*
1388 * Main entry (boot CPU, thread 0)
1389 *
1390 * We enter here from head_64.S, possibly after the prom_init trampoline
1391 * with r3 and r4 already saved to r31 and 30 respectively and in 64 bits
1392 * mode. Anything else is as it was left by the bootloader
1393 *
1394 * Initial requirements of this port:
1395 *
1396 * - Kernel loaded at 0 physical
1397 * - A good lump of memory mapped 0:0 by UTLB entry 0
1398 * - MSR:IS & MSR:DS set to 0
1399 *
1400 * Note that some of the above requirements will be relaxed in the future
1401 * as the kernel becomes smarter at dealing with different initial conditions
1402 * but for now you have to be careful
1403 */
1404_GLOBAL(start_initialization_book3e)
1405	mflr	r28
1406
1407	/* First, we need to setup some initial TLBs to map the kernel
1408	 * text, data and bss at PAGE_OFFSET. We don't have a real mode
1409	 * and always use AS 0, so we just set it up to match our link
1410	 * address and never use 0 based addresses.
1411	 */
1412	bl	initial_tlb_book3e
1413
1414	/* Init global core bits */
1415	bl	init_core_book3e
1416
1417	/* Init per-thread bits */
1418	bl	init_thread_book3e
1419
1420	/* Return to common init code */
1421	tovirt(r28,r28)
1422	mtlr	r28
1423	blr
1424
1425
1426/*
1427 * Secondary core/processor entry
1428 *
1429 * This is entered for thread 0 of a secondary core, all other threads
1430 * are expected to be stopped. It's similar to start_initialization_book3e
1431 * except that it's generally entered from the holding loop in head_64.S
1432 * after CPUs have been gathered by Open Firmware.
1433 *
1434 * We assume we are in 32 bits mode running with whatever TLB entry was
1435 * set for us by the firmware or POR engine.
1436 */
1437_GLOBAL(book3e_secondary_core_init_tlb_set)
1438	li	r4,1
1439	b	generic_secondary_smp_init
1440
1441_GLOBAL(book3e_secondary_core_init)
1442	mflr	r28
1443
1444	/* Do we need to setup initial TLB entry ? */
1445	cmplwi	r4,0
1446	bne	2f
1447
1448	/* Setup TLB for this core */
1449	bl	initial_tlb_book3e
1450
1451	/* We can return from the above running at a different
1452	 * address, so recalculate r2 (TOC)
1453	 */
1454	bl	relative_toc
1455
1456	/* Init global core bits */
14572:	bl	init_core_book3e
1458
1459	/* Init per-thread bits */
14603:	bl	init_thread_book3e
1461
1462	/* Return to common init code at proper virtual address.
1463	 *
1464	 * Due to various previous assumptions, we know we entered this
1465	 * function at either the final PAGE_OFFSET mapping or using a
1466	 * 1:1 mapping at 0, so we don't bother doing a complicated check
1467	 * here, we just ensure the return address has the right top bits.
1468	 *
1469	 * Note that if we ever want to be smarter about where we can be
1470	 * started from, we have to be careful that by the time we reach
1471	 * the code below we may already be running at a different location
1472	 * than the one we were called from since initial_tlb_book3e can
1473	 * have moved us already.
1474	 */
1475	cmpdi	cr0,r28,0
1476	blt	1f
1477	lis	r3,PAGE_OFFSET@highest
1478	sldi	r3,r3,32
1479	or	r28,r28,r3
14801:	mtlr	r28
1481	blr
1482
1483_GLOBAL(book3e_secondary_thread_init)
1484	mflr	r28
1485	b	3b
1486
1487_GLOBAL(init_core_book3e)
1488	/* Establish the interrupt vector base */
1489	tovirt(r2,r2)
1490	LOAD_REG_ADDR(r3, interrupt_base_book3e)
1491	mtspr	SPRN_IVPR,r3
1492	sync
1493	blr
1494
1495SYM_CODE_START_LOCAL(init_thread_book3e)
1496	lis	r3,(SPRN_EPCR_ICM | SPRN_EPCR_GICM)@h
1497	mtspr	SPRN_EPCR,r3
1498
1499	/* Make sure interrupts are off */
1500	wrteei	0
1501
1502	/* disable all timers and clear out status */
1503	li	r3,0
1504	mtspr	SPRN_TCR,r3
1505	mfspr	r3,SPRN_TSR
1506	mtspr	SPRN_TSR,r3
1507
1508	blr
1509SYM_CODE_END(init_thread_book3e)
1510
1511_GLOBAL(__setup_base_ivors)
1512	SET_IVOR(0, 0x020) /* Critical Input */
1513	SET_IVOR(1, 0x000) /* Machine Check */
1514	SET_IVOR(2, 0x060) /* Data Storage */
1515	SET_IVOR(3, 0x080) /* Instruction Storage */
1516	SET_IVOR(4, 0x0a0) /* External Input */
1517	SET_IVOR(5, 0x0c0) /* Alignment */
1518	SET_IVOR(6, 0x0e0) /* Program */
1519	SET_IVOR(7, 0x100) /* FP Unavailable */
1520	SET_IVOR(8, 0x120) /* System Call */
1521	SET_IVOR(9, 0x140) /* Auxiliary Processor Unavailable */
1522	SET_IVOR(10, 0x160) /* Decrementer */
1523	SET_IVOR(11, 0x180) /* Fixed Interval Timer */
1524	SET_IVOR(12, 0x1a0) /* Watchdog Timer */
1525	SET_IVOR(13, 0x1c0) /* Data TLB Error */
1526	SET_IVOR(14, 0x1e0) /* Instruction TLB Error */
1527	SET_IVOR(15, 0x040) /* Debug */
1528
1529	sync
1530
1531	blr
1532
1533_GLOBAL(setup_altivec_ivors)
1534	SET_IVOR(32, 0x200) /* AltiVec Unavailable */
1535	SET_IVOR(33, 0x220) /* AltiVec Assist */
1536	blr
1537
1538_GLOBAL(setup_perfmon_ivor)
1539	SET_IVOR(35, 0x260) /* Performance Monitor */
1540	blr
1541
1542_GLOBAL(setup_doorbell_ivors)
1543	SET_IVOR(36, 0x280) /* Processor Doorbell */
1544	SET_IVOR(37, 0x2a0) /* Processor Doorbell Crit */
1545	blr
1546
1547_GLOBAL(setup_ehv_ivors)
1548	SET_IVOR(40, 0x300) /* Embedded Hypervisor System Call */
1549	SET_IVOR(41, 0x320) /* Embedded Hypervisor Privilege */
1550	SET_IVOR(38, 0x2c0) /* Guest Processor Doorbell */
1551	SET_IVOR(39, 0x2e0) /* Guest Processor Doorbell Crit/MC */
1552	blr
1553
1554_GLOBAL(setup_lrat_ivor)
1555	SET_IVOR(42, 0x340) /* LRAT Error */
1556	blr
1557