xref: /linux/arch/powerpc/mm/book3s32/mmu.c (revision 6d9b262afe0ec1d6e0ef99321ca9d6b921310471)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * This file contains the routines for handling the MMU on those
4  * PowerPC implementations where the MMU substantially follows the
5  * architecture specification.  This includes the 6xx, 7xx, 7xxx,
6  * and 8260 implementations but excludes the 8xx and 4xx.
7  *  -- paulus
8  *
9  *  Derived from arch/ppc/mm/init.c:
10  *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
11  *
12  *  Modifications by Paul Mackerras (PowerMac) (paulus@cs.anu.edu.au)
13  *  and Cort Dougan (PReP) (cort@cs.nmt.edu)
14  *    Copyright (C) 1996 Paul Mackerras
15  *
16  *  Derived from "arch/i386/mm/init.c"
17  *    Copyright (C) 1991, 1992, 1993, 1994  Linus Torvalds
18  */
19 
20 #include <linux/kernel.h>
21 #include <linux/mm.h>
22 #include <linux/init.h>
23 #include <linux/highmem.h>
24 #include <linux/memblock.h>
25 
26 #include <asm/mmu.h>
27 #include <asm/machdep.h>
28 #include <asm/code-patching.h>
29 #include <asm/sections.h>
30 
31 #include <mm/mmu_decl.h>
32 
33 u8 __initdata early_hash[SZ_256K] __aligned(SZ_256K) = {0};
34 
35 static struct hash_pte __initdata *Hash = (struct hash_pte *)early_hash;
36 static unsigned long __initdata Hash_size, Hash_mask;
37 static unsigned int __initdata hash_mb, hash_mb2;
38 unsigned long __initdata _SDR1;
39 
40 struct ppc_bat BATS[8][2];	/* 8 pairs of IBAT, DBAT */
41 
42 static struct batrange {	/* stores address ranges mapped by BATs */
43 	unsigned long start;
44 	unsigned long limit;
45 	phys_addr_t phys;
46 } bat_addrs[8];
47 
48 #ifdef CONFIG_SMP
49 unsigned long mmu_hash_lock;
50 #endif
51 
52 /*
53  * Return PA for this VA if it is mapped by a BAT, or 0
54  */
55 phys_addr_t v_block_mapped(unsigned long va)
56 {
57 	int b;
58 	for (b = 0; b < ARRAY_SIZE(bat_addrs); ++b)
59 		if (va >= bat_addrs[b].start && va < bat_addrs[b].limit)
60 			return bat_addrs[b].phys + (va - bat_addrs[b].start);
61 	return 0;
62 }
63 
64 /*
65  * Return VA for a given PA or 0 if not mapped
66  */
67 unsigned long p_block_mapped(phys_addr_t pa)
68 {
69 	int b;
70 	for (b = 0; b < ARRAY_SIZE(bat_addrs); ++b)
71 		if (pa >= bat_addrs[b].phys
72 	    	    && pa < (bat_addrs[b].limit-bat_addrs[b].start)
73 		              +bat_addrs[b].phys)
74 			return bat_addrs[b].start+(pa-bat_addrs[b].phys);
75 	return 0;
76 }
77 
78 int __init find_free_bat(void)
79 {
80 	int b;
81 	int n = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4;
82 
83 	for (b = 0; b < n; b++) {
84 		struct ppc_bat *bat = BATS[b];
85 
86 		if (!(bat[1].batu & 3))
87 			return b;
88 	}
89 	return -1;
90 }
91 
92 /*
93  * This function calculates the size of the larger block usable to map the
94  * beginning of an area based on the start address and size of that area:
95  * - max block size is 256 on 6xx.
96  * - base address must be aligned to the block size. So the maximum block size
97  *   is identified by the lowest bit set to 1 in the base address (for instance
98  *   if base is 0x16000000, max size is 0x02000000).
99  * - block size has to be a power of two. This is calculated by finding the
100  *   highest bit set to 1.
101  */
102 unsigned int bat_block_size(unsigned long base, unsigned long top)
103 {
104 	unsigned int max_size = SZ_256M;
105 	unsigned int base_shift = (ffs(base) - 1) & 31;
106 	unsigned int block_shift = (fls(top - base) - 1) & 31;
107 
108 	return min3(max_size, 1U << base_shift, 1U << block_shift);
109 }
110 
111 /*
112  * Set up one of the IBAT (block address translation) register pairs.
113  * The parameters are not checked; in particular size must be a power
114  * of 2 between 128k and 256M.
115  */
116 static void setibat(int index, unsigned long virt, phys_addr_t phys,
117 		    unsigned int size, pgprot_t prot)
118 {
119 	unsigned int bl = (size >> 17) - 1;
120 	int wimgxpp;
121 	struct ppc_bat *bat = BATS[index];
122 	unsigned long flags = pgprot_val(prot);
123 
124 	if (!cpu_has_feature(CPU_FTR_NEED_COHERENT))
125 		flags &= ~_PAGE_COHERENT;
126 
127 	wimgxpp = (flags & _PAGE_COHERENT) | (_PAGE_EXEC ? BPP_RX : BPP_XX);
128 	bat[0].batu = virt | (bl << 2) | 2; /* Vs=1, Vp=0 */
129 	bat[0].batl = BAT_PHYS_ADDR(phys) | wimgxpp;
130 	if (!is_kernel_addr(virt))
131 		bat[0].batu |= 1;	/* Vp = 1 */
132 }
133 
134 static void clearibat(int index)
135 {
136 	struct ppc_bat *bat = BATS[index];
137 
138 	bat[0].batu = 0;
139 	bat[0].batl = 0;
140 }
141 
142 static unsigned long __init __mmu_mapin_ram(unsigned long base, unsigned long top)
143 {
144 	int idx;
145 
146 	while ((idx = find_free_bat()) != -1 && base != top) {
147 		unsigned int size = bat_block_size(base, top);
148 
149 		if (size < 128 << 10)
150 			break;
151 		setbat(idx, PAGE_OFFSET + base, base, size, PAGE_KERNEL_X);
152 		base += size;
153 	}
154 
155 	return base;
156 }
157 
158 unsigned long __init mmu_mapin_ram(unsigned long base, unsigned long top)
159 {
160 	unsigned long done;
161 	unsigned long border = (unsigned long)__srwx_boundary - PAGE_OFFSET;
162 	unsigned long size;
163 
164 	size = roundup_pow_of_two((unsigned long)_einittext - PAGE_OFFSET);
165 	setibat(0, PAGE_OFFSET, 0, size, PAGE_KERNEL_X);
166 
167 	if (debug_pagealloc_enabled_or_kfence()) {
168 		pr_debug_once("Read-Write memory mapped without BATs\n");
169 		if (base >= border)
170 			return base;
171 		if (top >= border)
172 			top = border;
173 	}
174 
175 	if (!strict_kernel_rwx_enabled() || base >= border || top <= border)
176 		return __mmu_mapin_ram(base, top);
177 
178 	done = __mmu_mapin_ram(base, border);
179 	if (done != border)
180 		return done;
181 
182 	return __mmu_mapin_ram(border, top);
183 }
184 
185 static bool is_module_segment(unsigned long addr)
186 {
187 	if (!IS_ENABLED(CONFIG_MODULES))
188 		return false;
189 	if (addr < ALIGN_DOWN(MODULES_VADDR, SZ_256M))
190 		return false;
191 	if (addr > ALIGN(MODULES_END, SZ_256M) - 1)
192 		return false;
193 	return true;
194 }
195 
196 int mmu_mark_initmem_nx(void)
197 {
198 	int nb = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4;
199 	int i;
200 	unsigned long base = (unsigned long)_stext - PAGE_OFFSET;
201 	unsigned long top = ALIGN((unsigned long)_etext - PAGE_OFFSET, SZ_128K);
202 	unsigned long border = (unsigned long)__init_begin - PAGE_OFFSET;
203 	unsigned long size;
204 
205 	for (i = 0; i < nb - 1 && base < top;) {
206 		size = bat_block_size(base, top);
207 		setibat(i++, PAGE_OFFSET + base, base, size, PAGE_KERNEL_TEXT);
208 		base += size;
209 	}
210 	if (base < top) {
211 		size = bat_block_size(base, top);
212 		if ((top - base) > size) {
213 			size <<= 1;
214 			if (strict_kernel_rwx_enabled() && base + size > border)
215 				pr_warn("Some RW data is getting mapped X. "
216 					"Adjust CONFIG_DATA_SHIFT to avoid that.\n");
217 		}
218 		setibat(i++, PAGE_OFFSET + base, base, size, PAGE_KERNEL_TEXT);
219 		base += size;
220 	}
221 	for (; i < nb; i++)
222 		clearibat(i);
223 
224 	update_bats();
225 
226 	for (i = TASK_SIZE >> 28; i < 16; i++) {
227 		/* Do not set NX on VM space for modules */
228 		if (is_module_segment(i << 28))
229 			continue;
230 
231 		mtsr(mfsr(i << 28) | 0x10000000, i << 28);
232 	}
233 	return 0;
234 }
235 
236 int mmu_mark_rodata_ro(void)
237 {
238 	int nb = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4;
239 	int i;
240 
241 	for (i = 0; i < nb; i++) {
242 		struct ppc_bat *bat = BATS[i];
243 
244 		if (bat_addrs[i].start < (unsigned long)__end_rodata)
245 			bat[1].batl = (bat[1].batl & ~BPP_RW) | BPP_RX;
246 	}
247 
248 	update_bats();
249 
250 	return 0;
251 }
252 
253 /*
254  * Set up one of the D BAT (block address translation) register pairs.
255  * The parameters are not checked; in particular size must be a power
256  * of 2 between 128k and 256M.
257  */
258 void __init setbat(int index, unsigned long virt, phys_addr_t phys,
259 		   unsigned int size, pgprot_t prot)
260 {
261 	unsigned int bl;
262 	int wimgxpp;
263 	struct ppc_bat *bat;
264 	unsigned long flags = pgprot_val(prot);
265 
266 	if (index == -1)
267 		index = find_free_bat();
268 	if (index == -1) {
269 		pr_err("%s: no BAT available for mapping 0x%llx\n", __func__,
270 		       (unsigned long long)phys);
271 		return;
272 	}
273 	bat = BATS[index];
274 
275 	if ((flags & _PAGE_NO_CACHE) ||
276 	    (cpu_has_feature(CPU_FTR_NEED_COHERENT) == 0))
277 		flags &= ~_PAGE_COHERENT;
278 
279 	bl = (size >> 17) - 1;
280 	/* Do DBAT first */
281 	wimgxpp = flags & (_PAGE_WRITETHRU | _PAGE_NO_CACHE
282 			   | _PAGE_COHERENT | _PAGE_GUARDED);
283 	wimgxpp |= (flags & _PAGE_WRITE) ? BPP_RW : BPP_RX;
284 	bat[1].batu = virt | (bl << 2) | 2; /* Vs=1, Vp=0 */
285 	bat[1].batl = BAT_PHYS_ADDR(phys) | wimgxpp;
286 	if (!is_kernel_addr(virt))
287 		bat[1].batu |= 1; 	/* Vp = 1 */
288 	if (flags & _PAGE_GUARDED) {
289 		/* G bit must be zero in IBATs */
290 		flags &= ~_PAGE_EXEC;
291 	}
292 
293 	bat_addrs[index].start = virt;
294 	bat_addrs[index].limit = virt + ((bl + 1) << 17) - 1;
295 	bat_addrs[index].phys = phys;
296 }
297 
298 /*
299  * Preload a translation in the hash table
300  */
301 static void hash_preload(struct mm_struct *mm, unsigned long ea)
302 {
303 	pmd_t *pmd;
304 
305 	if (!mmu_has_feature(MMU_FTR_HPTE_TABLE))
306 		return;
307 	pmd = pmd_off(mm, ea);
308 	if (!pmd_none(*pmd))
309 		add_hash_page(mm->context.id, ea, pmd_val(*pmd));
310 }
311 
312 /*
313  * This is called at the end of handling a user page fault, when the
314  * fault has been handled by updating a PTE in the linux page tables.
315  * We use it to preload an HPTE into the hash table corresponding to
316  * the updated linux PTE.
317  *
318  * This must always be called with the pte lock held.
319  */
320 void __update_mmu_cache(struct vm_area_struct *vma, unsigned long address,
321 		      pte_t *ptep)
322 {
323 	/*
324 	 * We don't need to worry about _PAGE_PRESENT here because we are
325 	 * called with either mm->page_table_lock held or ptl lock held
326 	 */
327 
328 	/* We only want HPTEs for linux PTEs that have _PAGE_ACCESSED set */
329 	if (!pte_young(*ptep) || address >= TASK_SIZE)
330 		return;
331 
332 	/* We have to test for regs NULL since init will get here first thing at boot */
333 	if (!current->thread.regs)
334 		return;
335 
336 	/* We also avoid filling the hash if not coming from a fault */
337 	if (TRAP(current->thread.regs) != 0x300 && TRAP(current->thread.regs) != 0x400)
338 		return;
339 
340 	hash_preload(vma->vm_mm, address);
341 }
342 
343 /*
344  * Initialize the hash table and patch the instructions in hashtable.S.
345  */
346 void __init MMU_init_hw(void)
347 {
348 	unsigned int n_hpteg, lg_n_hpteg;
349 
350 	if (!mmu_has_feature(MMU_FTR_HPTE_TABLE))
351 		return;
352 
353 	if ( ppc_md.progress ) ppc_md.progress("hash:enter", 0x105);
354 
355 #define LG_HPTEG_SIZE	6		/* 64 bytes per HPTEG */
356 #define SDR1_LOW_BITS	((n_hpteg - 1) >> 10)
357 #define MIN_N_HPTEG	1024		/* min 64kB hash table */
358 
359 	/*
360 	 * Allow 1 HPTE (1/8 HPTEG) for each page of memory.
361 	 * This is less than the recommended amount, but then
362 	 * Linux ain't AIX.
363 	 */
364 	n_hpteg = total_memory / (PAGE_SIZE * 8);
365 	if (n_hpteg < MIN_N_HPTEG)
366 		n_hpteg = MIN_N_HPTEG;
367 	lg_n_hpteg = __ilog2(n_hpteg);
368 	if (n_hpteg & (n_hpteg - 1)) {
369 		++lg_n_hpteg;		/* round up if not power of 2 */
370 		n_hpteg = 1 << lg_n_hpteg;
371 	}
372 	Hash_size = n_hpteg << LG_HPTEG_SIZE;
373 
374 	/*
375 	 * Find some memory for the hash table.
376 	 */
377 	if ( ppc_md.progress ) ppc_md.progress("hash:find piece", 0x322);
378 	Hash = memblock_alloc(Hash_size, Hash_size);
379 	if (!Hash)
380 		panic("%s: Failed to allocate %lu bytes align=0x%lx\n",
381 		      __func__, Hash_size, Hash_size);
382 	_SDR1 = __pa(Hash) | SDR1_LOW_BITS;
383 
384 	pr_info("Total memory = %lldMB; using %ldkB for hash table\n",
385 		(unsigned long long)(total_memory >> 20), Hash_size >> 10);
386 
387 
388 	Hash_mask = n_hpteg - 1;
389 	hash_mb2 = hash_mb = 32 - LG_HPTEG_SIZE - lg_n_hpteg;
390 	if (lg_n_hpteg > 16)
391 		hash_mb2 = 16 - LG_HPTEG_SIZE;
392 }
393 
394 void __init MMU_init_hw_patch(void)
395 {
396 	unsigned int hmask = Hash_mask >> (16 - LG_HPTEG_SIZE);
397 	unsigned int hash = (unsigned int)Hash - PAGE_OFFSET;
398 
399 	if (!mmu_has_feature(MMU_FTR_HPTE_TABLE))
400 		return;
401 
402 	if (ppc_md.progress)
403 		ppc_md.progress("hash:patch", 0x345);
404 	if (ppc_md.progress)
405 		ppc_md.progress("hash:done", 0x205);
406 
407 	/* WARNING: Make sure nothing can trigger a KASAN check past this point */
408 
409 	/*
410 	 * Patch up the instructions in hashtable.S:create_hpte
411 	 */
412 	modify_instruction_site(&patch__hash_page_A0, 0xffff, hash >> 16);
413 	modify_instruction_site(&patch__hash_page_A1, 0x7c0, hash_mb << 6);
414 	modify_instruction_site(&patch__hash_page_A2, 0x7c0, hash_mb2 << 6);
415 	modify_instruction_site(&patch__hash_page_B, 0xffff, hmask);
416 	modify_instruction_site(&patch__hash_page_C, 0xffff, hmask);
417 
418 	/*
419 	 * Patch up the instructions in hashtable.S:flush_hash_page
420 	 */
421 	modify_instruction_site(&patch__flush_hash_A0, 0xffff, hash >> 16);
422 	modify_instruction_site(&patch__flush_hash_A1, 0x7c0, hash_mb << 6);
423 	modify_instruction_site(&patch__flush_hash_A2, 0x7c0, hash_mb2 << 6);
424 	modify_instruction_site(&patch__flush_hash_B, 0xffff, hmask);
425 }
426 
427 void setup_initial_memory_limit(phys_addr_t first_memblock_base,
428 				phys_addr_t first_memblock_size)
429 {
430 	/* We don't currently support the first MEMBLOCK not mapping 0
431 	 * physical on those processors
432 	 */
433 	BUG_ON(first_memblock_base != 0);
434 
435 	memblock_set_current_limit(min_t(u64, first_memblock_size, SZ_256M));
436 }
437 
438 void __init print_system_hash_info(void)
439 {
440 	pr_info("Hash_size         = 0x%lx\n", Hash_size);
441 	if (Hash_mask)
442 		pr_info("Hash_mask         = 0x%lx\n", Hash_mask);
443 }
444 
445 void __init early_init_mmu(void)
446 {
447 }
448