[net-next-2.6.git] / arch / powerpc / kernel / misc_64.S

/*
 * This file contains miscellaneous low-level functions.
 *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
 *
 * Largely rewritten by Cort Dougan (cort@cs.nmt.edu)
 * and Paul Mackerras.
 * Adapted for iSeries by Mike Corrigan (mikejc@us.ibm.com)
 * PPC64 updates by Dave Engebretsen (engebret@us.ibm.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version
 * 2 of the License, or (at your option) any later version.
 *
 */

#include <linux/sys.h>
#include <asm/unistd.h>
#include <asm/errno.h>
#include <asm/processor.h>
#include <asm/page.h>
#include <asm/cache.h>
#include <asm/ppc_asm.h>
#include <asm/asm-offsets.h>
#include <asm/cputable.h>
#include <asm/thread_info.h>

	.text

_GLOBAL(get_msr)
	mfmsr	r3
	blr

_GLOBAL(get_srr0)
	mfsrr0  r3
	blr

_GLOBAL(get_srr1)
	mfsrr1  r3
	blr

#ifdef CONFIG_IRQSTACKS
_GLOBAL(call_do_softirq)
	mflr	r0
	std	r0,16(r1)
	stdu	r1,THREAD_SIZE-112(r3)
	mr	r1,r3
	bl	.__do_softirq
	ld	r1,0(r1)
	ld	r0,16(r1)
	mtlr	r0
	blr

_GLOBAL(call_handle_irq)
	ld	r8,0(r6)
	mflr	r0
	std	r0,16(r1)
	mtctr	r8
	stdu	r1,THREAD_SIZE-112(r5)
	mr	r1,r5
	bctrl
	ld	r1,0(r1)
	ld	r0,16(r1)
	mtlr	r0
	blr
#endif /* CONFIG_IRQSTACKS */

	.section	".toc","aw"
PPC64_CACHES:
	.tc		ppc64_caches[TC],ppc64_caches
	.section	".text"

/*
 * Write any modified data cache blocks out to memory
 * and invalidate the corresponding instruction cache blocks.
 *
 * flush_icache_range(unsigned long start, unsigned long stop)
 *
 *   flush all bytes from start through stop-1 inclusive
 */

_KPROBE(__flush_icache_range)

/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 * and in some cases i-cache and d-cache line sizes differ from
 * each other.
 */
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)/* Get cache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of cache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
1:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	1b
	sync

/* Now invalidate the instruction cache */
	
	lwz	r7,ICACHEL1LINESIZE(r10)	/* Get Icache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5
	lwz	r9,ICACHEL1LOGLINESIZE(r10)	/* Get log-2 of Icache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
2:	icbi	0,r6
	add	r6,r6,r7
	bdnz	2b
	isync
	blr
	.previous .text
/*
 * Like above, but only do the D-cache.
 *
 * flush_dcache_range(unsigned long start, unsigned long stop)
 *
 *    flush all bytes from start to stop-1 inclusive
 */
_GLOBAL(flush_dcache_range)

/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 */
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
0:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	blr

/*
 * Like above, but works on non-mapped physical addresses.
 * Use only for non-LPAR setups ! It also assumes real mode
 * is cacheable. Used for flushing out the DART before using
 * it as uncacheable memory 
 *
 * flush_dcache_phys_range(unsigned long start, unsigned long stop)
 *
 *    flush all bytes from start to stop-1 inclusive
 */
_GLOBAL(flush_dcache_phys_range)
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mfmsr	r5			/* Disable MMU Data Relocation */
	ori	r0,r5,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsr	r0
	sync
	isync
	mtctr	r8
0:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	isync
	mtmsr	r5			/* Re-enable MMU Data Relocation */
	sync
	isync
	blr

_GLOBAL(flush_inval_dcache_range)
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	sync
	isync
	mtctr	r8
0:	dcbf	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	isync
	blr


/*
 * Flush a particular page from the data cache to RAM.
 * Note: this is necessary because the instruction cache does *not*
 * snoop from the data cache.
 *
 *	void __flush_dcache_icache(void *page)
 */
_GLOBAL(__flush_dcache_icache)
/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 */

/* Flush the dcache */
 	ld	r7,PPC64_CACHES@toc(r2)
	clrrdi	r3,r3,PAGE_SHIFT           	    /* Page align */
	lwz	r4,DCACHEL1LINESPERPAGE(r7)	/* Get # dcache lines per page */
	lwz	r5,DCACHEL1LINESIZE(r7)		/* Get dcache line size */
	mr	r6,r3
	mtctr	r4
0:	dcbst	0,r6
	add	r6,r6,r5
	bdnz	0b
	sync

/* Now invalidate the icache */	

	lwz	r4,ICACHEL1LINESPERPAGE(r7)	/* Get # icache lines per page */
	lwz	r5,ICACHEL1LINESIZE(r7)		/* Get icache line size */
	mtctr	r4
1:	icbi	0,r3
	add	r3,r3,r5
	bdnz	1b
	isync
	blr

/*
 * identify_cpu and calls setup_cpu
 * In:	r3 = base of the cpu_specs array
 *	r4 = address of cur_cpu_spec
 *	r5 = relocation offset
 */
_GLOBAL(identify_cpu)
	mfpvr	r7
1:
	lwz	r8,CPU_SPEC_PVR_MASK(r3)
	and	r8,r8,r7
	lwz	r9,CPU_SPEC_PVR_VALUE(r3)
	cmplw	0,r9,r8
	beq	1f
	addi	r3,r3,CPU_SPEC_ENTRY_SIZE
	b	1b
1:
	sub	r0,r3,r5
	std	r0,0(r4)
	ld	r4,CPU_SPEC_SETUP(r3)
	cmpdi	0,r4,0
	add	r4,r4,r5
	beqlr
	ld	r4,0(r4)
	add	r4,r4,r5
	mtctr	r4
	/* Calling convention for cpu setup is r3=offset, r4=cur_cpu_spec */
	mr	r4,r3
	mr	r3,r5
	bctr

/*
 * do_cpu_ftr_fixups - goes through the list of CPU feature fixups
 * and writes nop's over sections of code that don't apply for this cpu.
 * r3 = data offset (not changed)
 */
_GLOBAL(do_cpu_ftr_fixups)
	/* Get CPU 0 features */
	LOAD_REG_IMMEDIATE(r6,cur_cpu_spec)
	sub	r6,r6,r3
	ld	r4,0(r6)
	sub	r4,r4,r3
	ld	r4,CPU_SPEC_FEATURES(r4)
	/* Get the fixup table */
	LOAD_REG_IMMEDIATE(r6,__start___ftr_fixup)
	sub	r6,r6,r3
	LOAD_REG_IMMEDIATE(r7,__stop___ftr_fixup)
	sub	r7,r7,r3
	/* Do the fixup */
1:	cmpld	r6,r7
	bgelr
	addi	r6,r6,32
	ld	r8,-32(r6)	/* mask */
	and	r8,r8,r4
	ld	r9,-24(r6)	/* value */
	cmpld	r8,r9
	beq	1b
	ld	r8,-16(r6)	/* section begin */
	ld	r9,-8(r6)	/* section end */
	subf.	r9,r8,r9
	beq	1b
	/* write nops over the section of code */
	/* todo: if large section, add a branch at the start of it */
	srwi	r9,r9,2
	mtctr	r9
	sub	r8,r8,r3
	lis	r0,0x60000000@h	/* nop */
3:	stw	r0,0(r8)
	andi.	r10,r4,CPU_FTR_SPLIT_ID_CACHE@l
	beq	2f
	dcbst	0,r8		/* suboptimal, but simpler */
	sync
	icbi	0,r8
2:	addi	r8,r8,4
	bdnz	3b
	sync			/* additional sync needed on g4 */
	isync
	b	1b

/*
 * do_fw_ftr_fixups - goes through the list of firmware feature fixups
 * and writes nop's over sections of code that don't apply for this firmware.
 * r3 = data offset (not changed)
 */
_GLOBAL(do_fw_ftr_fixups)
	/* Get firmware features */
	LOAD_REG_IMMEDIATE(r6,powerpc_firmware_features)
	sub	r6,r6,r3
	ld	r4,0(r6)
	/* Get the fixup table */
	LOAD_REG_IMMEDIATE(r6,__start___fw_ftr_fixup)
	sub	r6,r6,r3
	LOAD_REG_IMMEDIATE(r7,__stop___fw_ftr_fixup)
	sub	r7,r7,r3
	/* Do the fixup */
1:	cmpld	r6,r7
	bgelr
	addi	r6,r6,32
	ld	r8,-32(r6)	/* mask */
	and	r8,r8,r4
	ld	r9,-24(r6)	/* value */
	cmpld	r8,r9
	beq	1b
	ld	r8,-16(r6)	/* section begin */
	ld	r9,-8(r6)	/* section end */
	subf.	r9,r8,r9
	beq	1b
	/* write nops over the section of code */
	/* todo: if large section, add a branch at the start of it */
	srwi	r9,r9,2
	mtctr	r9
	sub	r8,r8,r3
	lis	r0,0x60000000@h	/* nop */
3:	stw	r0,0(r8)
BEGIN_FTR_SECTION
	dcbst	0,r8		/* suboptimal, but simpler */
	sync
	icbi	0,r8
END_FTR_SECTION_IFSET(CPU_FTR_SPLIT_ID_CACHE)
	addi	r8,r8,4
	bdnz	3b
	sync			/* additional sync needed on g4 */
	isync
	b	1b

#if defined(CONFIG_PPC_PMAC) || defined(CONFIG_PPC_MAPLE)
/*
 * Do an IO access in real mode
 */
_GLOBAL(real_readb)
	mfmsr	r7
	ori	r0,r7,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsrd	r0
	sync
	isync
	mfspr	r6,SPRN_HID4
	rldicl	r5,r6,32,0
	ori	r5,r5,0x100
	rldicl	r5,r5,32,0
	sync
	mtspr	SPRN_HID4,r5
	isync
	slbia
	isync
	lbz	r3,0(r3)
	sync
	mtspr	SPRN_HID4,r6
	isync
	slbia
	isync
	mtmsrd	r7
	sync
	isync
	blr

	/*
 * Do an IO access in real mode
 */
_GLOBAL(real_writeb)
	mfmsr	r7
	ori	r0,r7,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsrd	r0
	sync
	isync
	mfspr	r6,SPRN_HID4
	rldicl	r5,r6,32,0
	ori	r5,r5,0x100
	rldicl	r5,r5,32,0
	sync
	mtspr	SPRN_HID4,r5
	isync
	slbia
	isync
	stb	r3,0(r4)
	sync
	mtspr	SPRN_HID4,r6
	isync
	slbia
	isync
	mtmsrd	r7
	sync
	isync
	blr
#endif /* defined(CONFIG_PPC_PMAC) || defined(CONFIG_PPC_MAPLE) */

#ifdef CONFIG_CPU_FREQ_PMAC64
/*
 * SCOM access functions for 970 (FX only for now)
 *
 * unsigned long scom970_read(unsigned int address);
 * void scom970_write(unsigned int address, unsigned long value);
 *
 * The address passed in is the 24 bits register address. This code
 * is 970 specific and will not check the status bits, so you should
 * know what you are doing.
 */
_GLOBAL(scom970_read)
	/* interrupts off */
	mfmsr	r4
	ori	r0,r4,MSR_EE
	xori	r0,r0,MSR_EE
	mtmsrd	r0,1

	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	 * (including parity). On current CPUs they must be 0'd,
	 * and finally or in RW bit
	 */
	rlwinm	r3,r3,8,0,15
	ori	r3,r3,0x8000

	/* do the actual scom read */
	sync
	mtspr	SPRN_SCOMC,r3
	isync
	mfspr	r3,SPRN_SCOMD
	isync
	mfspr	r0,SPRN_SCOMC
	isync

	/* XXX:	fixup result on some buggy 970's (ouch ! we lost a bit, bah
	 * that's the best we can do). Not implemented yet as we don't use
	 * the scom on any of the bogus CPUs yet, but may have to be done
	 * ultimately
	 */

	/* restore interrupts */
	mtmsrd	r4,1
	blr


_GLOBAL(scom970_write)
	/* interrupts off */
	mfmsr	r5
	ori	r0,r5,MSR_EE
	xori	r0,r0,MSR_EE
	mtmsrd	r0,1

	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	 * (including parity). On current CPUs they must be 0'd.
	 */

	rlwinm	r3,r3,8,0,15

	sync
	mtspr	SPRN_SCOMD,r4      /* write data */
	isync
	mtspr	SPRN_SCOMC,r3      /* write command */
	isync
	mfspr	3,SPRN_SCOMC
	isync

	/* restore interrupts */
	mtmsrd	r5,1
	blr
#endif /* CONFIG_CPU_FREQ_PMAC64 */


/*
 * Create a kernel thread
 *   kernel_thread(fn, arg, flags)
 */
_GLOBAL(kernel_thread)
	std	r29,-24(r1)
	std	r30,-16(r1)
	stdu	r1,-STACK_FRAME_OVERHEAD(r1)
	mr	r29,r3
	mr	r30,r4
	ori	r3,r5,CLONE_VM	/* flags */
	oris	r3,r3,(CLONE_UNTRACED>>16)
	li	r4,0		/* new sp (unused) */
	li	r0,__NR_clone
	sc
	cmpdi	0,r3,0		/* parent or child? */
	bne	1f		/* return if parent */
	li	r0,0
	stdu	r0,-STACK_FRAME_OVERHEAD(r1)
	ld	r2,8(r29)
	ld	r29,0(r29)
	mtlr	r29              /* fn addr in lr */
	mr	r3,r30	        /* load arg and call fn */
	blrl
	li	r0,__NR_exit	/* exit after child exits */
        li	r3,0
	sc
1:	addi	r1,r1,STACK_FRAME_OVERHEAD	
	ld	r29,-24(r1)
	ld	r30,-16(r1)
	blr

/*
 * disable_kernel_fp()
 * Disable the FPU.
 */
_GLOBAL(disable_kernel_fp)
	mfmsr	r3
	rldicl	r0,r3,(63-MSR_FP_LG),1
	rldicl	r3,r0,(MSR_FP_LG+1),0
	mtmsrd	r3			/* disable use of fpu now */
	isync
	blr

#ifdef CONFIG_ALTIVEC

#if 0 /* this has no callers for now */
/*
 * disable_kernel_altivec()
 * Disable the VMX.
 */
_GLOBAL(disable_kernel_altivec)
	mfmsr	r3
	rldicl	r0,r3,(63-MSR_VEC_LG),1
	rldicl	r3,r0,(MSR_VEC_LG+1),0
	mtmsrd	r3			/* disable use of VMX now */
	isync
	blr
#endif /* 0 */

/*
 * giveup_altivec(tsk)
 * Disable VMX for the task given as the argument,
 * and save the vector registers in its thread_struct.
 * Enables the VMX for use in the kernel on return.
 */
_GLOBAL(giveup_altivec)
	mfmsr	r5
	oris	r5,r5,MSR_VEC@h
	mtmsrd	r5			/* enable use of VMX now */
	isync
	cmpdi	0,r3,0
	beqlr-				/* if no previous owner, done */
	addi	r3,r3,THREAD		/* want THREAD of task */
	ld	r5,PT_REGS(r3)
	cmpdi	0,r5,0
	SAVE_32VRS(0,r4,r3)
	mfvscr	vr0
	li	r4,THREAD_VSCR
	stvx	vr0,r4,r3
	beq	1f
	ld	r4,_MSR-STACK_FRAME_OVERHEAD(r5)
	lis	r3,MSR_VEC@h
	andc	r4,r4,r3		/* disable FP for previous task */
	std	r4,_MSR-STACK_FRAME_OVERHEAD(r5)
1:
#ifndef CONFIG_SMP
	li	r5,0
	ld	r4,last_task_used_altivec@got(r2)
	std	r5,0(r4)
#endif /* CONFIG_SMP */
	blr

#endif /* CONFIG_ALTIVEC */

_GLOBAL(kernel_execve)
	li	r0,__NR_execve
	sc
	bnslr
	neg	r3,r3
	blr

/* kexec_wait(phys_cpu)
 *
 * wait for the flag to change, indicating this kernel is going away but
 * the slave code for the next one is at addresses 0 to 100.
 *
 * This is used by all slaves.
 *
 * Physical (hardware) cpu id should be in r3.
 */
_GLOBAL(kexec_wait)
	bl	1f
1:	mflr	r5
	addi	r5,r5,kexec_flag-1b

99:	HMT_LOW
#ifdef CONFIG_KEXEC		/* use no memory without kexec */
	lwz	r4,0(r5)
	cmpwi	0,r4,0
	bnea	0x60
#endif
	b	99b

/* this can be in text because we won't change it until we are
 * running in real anyways
 */
kexec_flag:
	.long	0


#ifdef CONFIG_KEXEC

/* kexec_smp_wait(void)
 *
 * call with interrupts off
 * note: this is a terminal routine, it does not save lr
 *
 * get phys id from paca
 * set paca id to -1 to say we got here
 * switch to real mode
 * join other cpus in kexec_wait(phys_id)
 */
_GLOBAL(kexec_smp_wait)
	lhz	r3,PACAHWCPUID(r13)
	li	r4,-1
	sth	r4,PACAHWCPUID(r13)	/* let others know we left */
	bl	real_mode
	b	.kexec_wait

/*
 * switch to real mode (turn mmu off)
 * we use the early kernel trick that the hardware ignores bits
 * 0 and 1 (big endian) of the effective address in real mode
 *
 * don't overwrite r3 here, it is live for kexec_wait above.
 */
real_mode:	/* assume normal blr return */
1:	li	r9,MSR_RI
	li	r10,MSR_DR|MSR_IR
	mflr	r11		/* return address to SRR0 */
	mfmsr	r12
	andc	r9,r12,r9
	andc	r10,r12,r10

	mtmsrd	r9,1
	mtspr	SPRN_SRR1,r10
	mtspr	SPRN_SRR0,r11
	rfid


/*
 * kexec_sequence(newstack, start, image, control, clear_all())
 *
 * does the grungy work with stack switching and real mode switches
 * also does simple calls to other code
 */

_GLOBAL(kexec_sequence)
	mflr	r0
	std	r0,16(r1)

	/* switch stacks to newstack -- &kexec_stack.stack */
	stdu	r1,THREAD_SIZE-112(r3)
	mr	r1,r3

	li	r0,0
	std	r0,16(r1)

	/* save regs for local vars on new stack.
	 * yes, we won't go back, but ...
	 */
	std	r31,-8(r1)
	std	r30,-16(r1)
	std	r29,-24(r1)
	std	r28,-32(r1)
	std	r27,-40(r1)
	std	r26,-48(r1)
	std	r25,-56(r1)

	stdu	r1,-112-64(r1)

	/* save args into preserved regs */
	mr	r31,r3			/* newstack (both) */
	mr	r30,r4			/* start (real) */
	mr	r29,r5			/* image (virt) */
	mr	r28,r6			/* control, unused */
	mr	r27,r7			/* clear_all() fn desc */
	mr	r26,r8			/* spare */
	lhz	r25,PACAHWCPUID(r13)	/* get our phys cpu from paca */

	/* disable interrupts, we are overwriting kernel data next */
	mfmsr	r3
	rlwinm	r3,r3,0,17,15
	mtmsrd	r3,1

	/* copy dest pages, flush whole dest image */
	mr	r3,r29
	bl	.kexec_copy_flush	/* (image) */

	/* turn off mmu */
	bl	real_mode

	/* clear out hardware hash page table and tlb */
	ld	r5,0(r27)		/* deref function descriptor */
	mtctr	r5
	bctrl				/* ppc_md.hpte_clear_all(void); */

/*
 *   kexec image calling is:
 *      the first 0x100 bytes of the entry point are copied to 0
 *
 *      all slaves branch to slave = 0x60 (absolute)
 *              slave(phys_cpu_id);
 *
 *      master goes to start = entry point
 *              start(phys_cpu_id, start, 0);
 *
 *
 *   a wrapper is needed to call existing kernels, here is an approximate
 *   description of one method:
 *
 * v2: (2.6.10)
 *   start will be near the boot_block (maybe 0x100 bytes before it?)
 *   it will have a 0x60, which will b to boot_block, where it will wait
 *   and 0 will store phys into struct boot-block and load r3 from there,
 *   copy kernel 0-0x100 and tell slaves to back down to 0x60 again
 *
 * v1: (2.6.9)
 *    boot block will have all cpus scanning device tree to see if they
 *    are the boot cpu ?????
 *    other device tree differences (prop sizes, va vs pa, etc)...
 */

	/* copy  0x100 bytes starting at start to 0 */
	li	r3,0
	mr	r4,r30
	li	r5,0x100
	li	r6,0
	bl	.copy_and_flush	/* (dest, src, copy limit, start offset) */
1:	/* assume normal blr return */

	/* release other cpus to the new kernel secondary start at 0x60 */
	mflr	r5
	li	r6,1
	stw	r6,kexec_flag-1b(5)
	mr	r3,r25	# my phys cpu
	mr	r4,r30	# start, aka phys mem offset
	mtlr	4
	li	r5,0
	blr	/* image->start(physid, image->start, 0); */
#endif /* CONFIG_KEXEC */
Commit	Line	Data
9994a338	1	/*
9994a338 PM	2	* This file contains miscellaneous low-level functions.
	3	* Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
	4	*
	5	* Largely rewritten by Cort Dougan (cort@cs.nmt.edu)
	6	* and Paul Mackerras.
	7	* Adapted for iSeries by Mike Corrigan (mikejc@us.ibm.com)
127efeb2 SR	8	* PPC64 updates by Dave Engebretsen (engebret@us.ibm.com)
127efeb2 SR	9	*
9994a338 PM	10	* This program is free software; you can redistribute it and/or
	11	* modify it under the terms of the GNU General Public License
	12	* as published by the Free Software Foundation; either version
	13	* 2 of the License, or (at your option) any later version.
	14	*
	15	*/
	16
9994a338 PM	17	#include <linux/sys.h>
	18	#include <asm/unistd.h>
	19	#include <asm/errno.h>
	20	#include <asm/processor.h>
	21	#include <asm/page.h>
	22	#include <asm/cache.h>
	23	#include <asm/ppc_asm.h>
	24	#include <asm/asm-offsets.h>
	25	#include <asm/cputable.h>
6cb7bfeb	26	#include <asm/thread_info.h>
9994a338 PM	27
	28	.text
	29
9994a338 PM	30	_GLOBAL(get_msr)
	31	mfmsr r3
	32	blr
	33
9994a338 PM	34	_GLOBAL(get_srr0)
	35	mfsrr0 r3
	36	blr
	37
	38	_GLOBAL(get_srr1)
	39	mfsrr1 r3
	40	blr
9994a338 PM	41
	42	#ifdef CONFIG_IRQSTACKS
	43	_GLOBAL(call_do_softirq)
	44	mflr r0
	45	std r0,16(r1)
	46	stdu r1,THREAD_SIZE-112(r3)
	47	mr r1,r3
	48	bl .__do_softirq
	49	ld r1,0(r1)
	50	ld r0,16(r1)
	51	mtlr r0
	52	blr
	53
b9e5b4e6	54	_GLOBAL(call_handle_irq)
7d12e780	55	ld r8,0(r6)
9994a338 PM	56	mflr r0
9994a338 PM	57	std r0,16(r1)
b9e5b4e6	58	mtctr r8
7d12e780 DH	59	stdu r1,THREAD_SIZE-112(r5)
7d12e780 DH	60	mr r1,r5
b9e5b4e6	61	bctrl
9994a338 PM	62	ld r1,0(r1)
	63	ld r0,16(r1)
	64	mtlr r0
	65	blr
	66	#endif /* CONFIG_IRQSTACKS */
	67
9994a338 PM	68	.section ".toc","aw"
	69	PPC64_CACHES:
	70	.tc ppc64_caches[TC],ppc64_caches
	71	.section ".text"
	72
	73	/*
	74	* Write any modified data cache blocks out to memory
	75	* and invalidate the corresponding instruction cache blocks.
	76	*
	77	* flush_icache_range(unsigned long start, unsigned long stop)
	78	*
	79	* flush all bytes from start through stop-1 inclusive
	80	*/
	81
	82	_KPROBE(__flush_icache_range)
	83
	84	/*
	85	* Flush the data cache to memory
	86	*
	87	* Different systems have different cache line sizes
	88	* and in some cases i-cache and d-cache line sizes differ from
	89	* each other.
	90	*/
	91	ld r10,PPC64_CACHES@toc(r2)
	92	lwz r7,DCACHEL1LINESIZE(r10)/* Get cache line size */
	93	addi r5,r7,-1
	94	andc r6,r3,r5 /* round low to line bdy */
	95	subf r8,r6,r4 /* compute length */
	96	add r8,r8,r5 /* ensure we get enough */
	97	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of cache line size */
	98	srw. r8,r8,r9 /* compute line count */
	99	beqlr /* nothing to do? */
	100	mtctr r8
	101	1: dcbst 0,r6
	102	add r6,r6,r7
	103	bdnz 1b
	104	sync
	105
	106	/* Now invalidate the instruction cache */
	107
	108	lwz r7,ICACHEL1LINESIZE(r10) /* Get Icache line size */
	109	addi r5,r7,-1
	110	andc r6,r3,r5 /* round low to line bdy */
	111	subf r8,r6,r4 /* compute length */
	112	add r8,r8,r5
	113	lwz r9,ICACHEL1LOGLINESIZE(r10) /* Get log-2 of Icache line size */
	114	srw. r8,r8,r9 /* compute line count */
	115	beqlr /* nothing to do? */
	116	mtctr r8
	117	2: icbi 0,r6
	118	add r6,r6,r7
	119	bdnz 2b
	120	isync
	121	blr
	122	.previous .text
	123	/*
	124	* Like above, but only do the D-cache.
	125	*
	126	* flush_dcache_range(unsigned long start, unsigned long stop)
	127	*
	128	* flush all bytes from start to stop-1 inclusive
	129	*/
	130	_GLOBAL(flush_dcache_range)
	131
132	/*
133	* Flush the data cache to memory
134	*
135	* Different systems have different cache line sizes
136	*/
137	ld r10,PPC64_CACHES@toc(r2)
138	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
139	addi r5,r7,-1
140	andc r6,r3,r5 /* round low to line bdy */
141	subf r8,r6,r4 /* compute length */
142	add r8,r8,r5 /* ensure we get enough */
143	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of dcache line size */
144	srw. r8,r8,r9 /* compute line count */
145	beqlr /* nothing to do? */
146	mtctr r8
147	0: dcbst 0,r6
148	add r6,r6,r7
149	bdnz 0b
150	sync
151	blr
152
153	/*
154	* Like above, but works on non-mapped physical addresses.
155	* Use only for non-LPAR setups ! It also assumes real mode
156	* is cacheable. Used for flushing out the DART before using
157	* it as uncacheable memory
158	*
159	* flush_dcache_phys_range(unsigned long start, unsigned long stop)
160	*
161	* flush all bytes from start to stop-1 inclusive
162	*/
163	_GLOBAL(flush_dcache_phys_range)
164	ld r10,PPC64_CACHES@toc(r2)
165	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
166	addi r5,r7,-1
167	andc r6,r3,r5 /* round low to line bdy */
168	subf r8,r6,r4 /* compute length */
169	add r8,r8,r5 /* ensure we get enough */
170	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of dcache line size */
171	srw. r8,r8,r9 /* compute line count */
172	beqlr /* nothing to do? */
173	mfmsr r5 /* Disable MMU Data Relocation */
174	ori r0,r5,MSR_DR
175	xori r0,r0,MSR_DR
176	sync
177	mtmsr r0
178	sync
179	isync
180	mtctr r8
181	0: dcbst 0,r6
182	add r6,r6,r7
183	bdnz 0b
184	sync
185	isync
186	mtmsr r5 /* Re-enable MMU Data Relocation */
187	sync
188	isync
189	blr
190
191	_GLOBAL(flush_inval_dcache_range)
192	ld r10,PPC64_CACHES@toc(r2)
193	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
194	addi r5,r7,-1
195	andc r6,r3,r5 /* round low to line bdy */
196	subf r8,r6,r4 /* compute length */
197	add r8,r8,r5 /* ensure we get enough */
198	lwz r9,DCACHEL1LOGLINESIZE(r10)/* Get log-2 of dcache line size */
199	srw. r8,r8,r9 /* compute line count */
200	beqlr /* nothing to do? */
201	sync
202	isync
203	mtctr r8
204	0: dcbf 0,r6
205	add r6,r6,r7
206	bdnz 0b
207	sync
208	isync
209	blr
210
211
212	/*
213	* Flush a particular page from the data cache to RAM.
214	* Note: this is necessary because the instruction cache does not
215	* snoop from the data cache.
216	*
217	* void __flush_dcache_icache(void *page)
218	*/
219	_GLOBAL(__flush_dcache_icache)
220	/*
221	* Flush the data cache to memory
222	*
223	* Different systems have different cache line sizes
224	*/
225
226	/* Flush the dcache */
227	ld r7,PPC64_CACHES@toc(r2)
228	clrrdi r3,r3,PAGE_SHIFT /* Page align */
229	lwz r4,DCACHEL1LINESPERPAGE(r7) /* Get # dcache lines per page */
230	lwz r5,DCACHEL1LINESIZE(r7) /* Get dcache line size */
231	mr r6,r3
232	mtctr r4
233	0: dcbst 0,r6
234	add r6,r6,r5
235	bdnz 0b
236	sync
237
238	/* Now invalidate the icache */
239
240	lwz r4,ICACHEL1LINESPERPAGE(r7) /* Get # icache lines per page */
241	lwz r5,ICACHEL1LINESIZE(r7) /* Get icache line size */
242	mtctr r4
243	1: icbi 0,r3
244	add r3,r3,r5
245	bdnz 1b
246	isync
247	blr
9994a338	248
9994a338 PM	249	/*
	250	* identify_cpu and calls setup_cpu
	251	* In: r3 = base of the cpu_specs array
	252	* r4 = address of cur_cpu_spec
	253	* r5 = relocation offset
	254	*/
	255	_GLOBAL(identify_cpu)
	256	mfpvr r7
	257	1:
	258	lwz r8,CPU_SPEC_PVR_MASK(r3)
	259	and r8,r8,r7
	260	lwz r9,CPU_SPEC_PVR_VALUE(r3)
	261	cmplw 0,r9,r8
	262	beq 1f
	263	addi r3,r3,CPU_SPEC_ENTRY_SIZE
	264	b 1b
	265	1:
	266	sub r0,r3,r5
	267	std r0,0(r4)
	268	ld r4,CPU_SPEC_SETUP(r3)
b26f100d	269	cmpdi 0,r4,0
9994a338	270	add r4,r4,r5
b26f100d	271	beqlr
9994a338 PM	272	ld r4,0(r4)
	273	add r4,r4,r5
	274	mtctr r4
	275	/* Calling convention for cpu setup is r3=offset, r4=cur_cpu_spec */
	276	mr r4,r3
	277	mr r3,r5
	278	bctr
	279
	280	/*
	281	* do_cpu_ftr_fixups - goes through the list of CPU feature fixups
	282	* and writes nop's over sections of code that don't apply for this cpu.
	283	* r3 = data offset (not changed)
	284	*/
	285	_GLOBAL(do_cpu_ftr_fixups)
	286	/* Get CPU 0 features */
e58c3495	287	LOAD_REG_IMMEDIATE(r6,cur_cpu_spec)
9994a338 PM	288	sub r6,r6,r3
	289	ld r4,0(r6)
	290	sub r4,r4,r3
	291	ld r4,CPU_SPEC_FEATURES(r4)
	292	/* Get the fixup table */
e58c3495	293	LOAD_REG_IMMEDIATE(r6,__start___ftr_fixup)
9994a338	294	sub r6,r6,r3
e58c3495	295	LOAD_REG_IMMEDIATE(r7,__stop___ftr_fixup)
9994a338 PM	296	sub r7,r7,r3
	297	/* Do the fixup */
	298	1: cmpld r6,r7
	299	bgelr
	300	addi r6,r6,32
	301	ld r8,-32(r6) /* mask */
	302	and r8,r8,r4
	303	ld r9,-24(r6) /* value */
	304	cmpld r8,r9
	305	beq 1b
	306	ld r8,-16(r6) /* section begin */
	307	ld r9,-8(r6) /* section end */
	308	subf. r9,r8,r9
	309	beq 1b
	310	/* write nops over the section of code */
	311	/* todo: if large section, add a branch at the start of it */
	312	srwi r9,r9,2
	313	mtctr r9
	314	sub r8,r8,r3
	315	lis r0,0x60000000@h /* nop */
	316	3: stw r0,0(r8)
	317	andi. r10,r4,CPU_FTR_SPLIT_ID_CACHE@l
	318	beq 2f
	319	dcbst 0,r8 /* suboptimal, but simpler */
	320	sync
	321	icbi 0,r8
	322	2: addi r8,r8,4
	323	bdnz 3b
	324	sync /* additional sync needed on g4 */
	325	isync
	326	b 1b
	327
3f639ee8 SR	328	/*
	329	* do_fw_ftr_fixups - goes through the list of firmware feature fixups
	330	* and writes nop's over sections of code that don't apply for this firmware.
	331	* r3 = data offset (not changed)
	332	*/
	333	_GLOBAL(do_fw_ftr_fixups)
	334	/* Get firmware features */
	335	LOAD_REG_IMMEDIATE(r6,powerpc_firmware_features)
	336	sub r6,r6,r3
	337	ld r4,0(r6)
	338	/* Get the fixup table */
	339	LOAD_REG_IMMEDIATE(r6,__start___fw_ftr_fixup)
	340	sub r6,r6,r3
	341	LOAD_REG_IMMEDIATE(r7,__stop___fw_ftr_fixup)
	342	sub r7,r7,r3
	343	/* Do the fixup */
	344	1: cmpld r6,r7
	345	bgelr
	346	addi r6,r6,32
	347	ld r8,-32(r6) /* mask */
	348	and r8,r8,r4
	349	ld r9,-24(r6) /* value */
	350	cmpld r8,r9
	351	beq 1b
	352	ld r8,-16(r6) /* section begin */
	353	ld r9,-8(r6) /* section end */
	354	subf. r9,r8,r9
	355	beq 1b
	356	/* write nops over the section of code */
	357	/* todo: if large section, add a branch at the start of it */
	358	srwi r9,r9,2
	359	mtctr r9
	360	sub r8,r8,r3
	361	lis r0,0x60000000@h /* nop */
	362	3: stw r0,0(r8)
	363	BEGIN_FTR_SECTION
	364	dcbst 0,r8 /* suboptimal, but simpler */
	365	sync
	366	icbi 0,r8
	367	END_FTR_SECTION_IFSET(CPU_FTR_SPLIT_ID_CACHE)
	368	addi r8,r8,4
	369	bdnz 3b
	370	sync /* additional sync needed on g4 */
	371	isync
	372	b 1b
	373
9994a338 PM	374	#if defined(CONFIG_PPC_PMAC) \|\| defined(CONFIG_PPC_MAPLE)
	375	/*
	376	* Do an IO access in real mode
	377	*/
	378	_GLOBAL(real_readb)
	379	mfmsr r7
	380	ori r0,r7,MSR_DR
	381	xori r0,r0,MSR_DR
	382	sync
	383	mtmsrd r0
	384	sync
	385	isync
	386	mfspr r6,SPRN_HID4
	387	rldicl r5,r6,32,0
	388	ori r5,r5,0x100
	389	rldicl r5,r5,32,0
	390	sync
	391	mtspr SPRN_HID4,r5
	392	isync
	393	slbia
	394	isync
	395	lbz r3,0(r3)
	396	sync
	397	mtspr SPRN_HID4,r6
	398	isync
	399	slbia
	400	isync
	401	mtmsrd r7
	402	sync
	403	isync
	404	blr
	405
	406	/*
	407	* Do an IO access in real mode
	408	*/
	409	_GLOBAL(real_writeb)
	410	mfmsr r7
	411	ori r0,r7,MSR_DR
	412	xori r0,r0,MSR_DR
	413	sync
	414	mtmsrd r0
	415	sync
	416	isync
	417	mfspr r6,SPRN_HID4
	418	rldicl r5,r6,32,0
	419	ori r5,r5,0x100
	420	rldicl r5,r5,32,0
	421	sync
	422	mtspr SPRN_HID4,r5
	423	isync
	424	slbia
	425	isync
	426	stb r3,0(r4)
	427	sync
	428	mtspr SPRN_HID4,r6
	429	isync
	430	slbia
	431	isync
	432	mtmsrd r7
	433	sync
	434	isync
	435	blr
	436	#endif /* defined(CONFIG_PPC_PMAC) \|\| defined(CONFIG_PPC_MAPLE) */
	437
127efeb2	438	#ifdef CONFIG_CPU_FREQ_PMAC64
4350147a BH	439	/*
	440	* SCOM access functions for 970 (FX only for now)
	441	*
	442	* unsigned long scom970_read(unsigned int address);
	443	* void scom970_write(unsigned int address, unsigned long value);
	444	*
	445	* The address passed in is the 24 bits register address. This code
	446	* is 970 specific and will not check the status bits, so you should
	447	* know what you are doing.
	448	*/
	449	_GLOBAL(scom970_read)
	450	/* interrupts off */
	451	mfmsr r4
	452	ori r0,r4,MSR_EE
	453	xori r0,r0,MSR_EE
	454	mtmsrd r0,1
	455
	456	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	457	* (including parity). On current CPUs they must be 0'd,
	458	* and finally or in RW bit
	459	*/
	460	rlwinm r3,r3,8,0,15
	461	ori r3,r3,0x8000
	462
	463	/* do the actual scom read */
	464	sync
	465	mtspr SPRN_SCOMC,r3
	466	isync
	467	mfspr r3,SPRN_SCOMD
	468	isync
	469	mfspr r0,SPRN_SCOMC
	470	isync
	471
	472	/* XXX: fixup result on some buggy 970's (ouch ! we lost a bit, bah
	473	* that's the best we can do). Not implemented yet as we don't use
	474	* the scom on any of the bogus CPUs yet, but may have to be done
	475	* ultimately
	476	*/
	477
	478	/* restore interrupts */
	479	mtmsrd r4,1
	480	blr
	481
	482
	483	_GLOBAL(scom970_write)
	484	/* interrupts off */
	485	mfmsr r5
	486	ori r0,r5,MSR_EE
	487	xori r0,r0,MSR_EE
	488	mtmsrd r0,1
	489
	490	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	491	* (including parity). On current CPUs they must be 0'd.
	492	*/
	493
	494	rlwinm r3,r3,8,0,15
	495
	496	sync
	497	mtspr SPRN_SCOMD,r4 /* write data */
	498	isync
	499	mtspr SPRN_SCOMC,r3 /* write command */
	500	isync
	501	mfspr 3,SPRN_SCOMC
	502	isync
503
504	/* restore interrupts */
505	mtmsrd r5,1
506	blr
127efeb2	507	#endif /* CONFIG_CPU_FREQ_PMAC64 */
4350147a BH	508
4350147a BH	509
9994a338 PM	510	/*
	511	* Create a kernel thread
	512	* kernel_thread(fn, arg, flags)
	513	*/
	514	_GLOBAL(kernel_thread)
	515	std r29,-24(r1)
	516	std r30,-16(r1)
	517	stdu r1,-STACK_FRAME_OVERHEAD(r1)
	518	mr r29,r3
	519	mr r30,r4
	520	ori r3,r5,CLONE_VM /* flags */
	521	oris r3,r3,(CLONE_UNTRACED>>16)
	522	li r4,0 /* new sp (unused) */
	523	li r0,__NR_clone
	524	sc
	525	cmpdi 0,r3,0 /* parent or child? */
	526	bne 1f /* return if parent */
	527	li r0,0
	528	stdu r0,-STACK_FRAME_OVERHEAD(r1)
	529	ld r2,8(r29)
	530	ld r29,0(r29)
	531	mtlr r29 /* fn addr in lr */
	532	mr r3,r30 /* load arg and call fn */
	533	blrl
	534	li r0,__NR_exit /* exit after child exits */
	535	li r3,0
	536	sc
	537	1: addi r1,r1,STACK_FRAME_OVERHEAD
	538	ld r29,-24(r1)
	539	ld r30,-16(r1)
	540	blr
	541
	542	/*
	543	* disable_kernel_fp()
	544	* Disable the FPU.
	545	*/
	546	_GLOBAL(disable_kernel_fp)
	547	mfmsr r3
	548	rldicl r0,r3,(63-MSR_FP_LG),1
	549	rldicl r3,r0,(MSR_FP_LG+1),0
	550	mtmsrd r3 /* disable use of fpu now */
	551	isync
	552	blr
	553
	554	#ifdef CONFIG_ALTIVEC
	555
	556	#if 0 /* this has no callers for now */
	557	/*
	558	* disable_kernel_altivec()
	559	* Disable the VMX.
	560	*/
	561	_GLOBAL(disable_kernel_altivec)
	562	mfmsr r3
	563	rldicl r0,r3,(63-MSR_VEC_LG),1
	564	rldicl r3,r0,(MSR_VEC_LG+1),0
	565	mtmsrd r3 /* disable use of VMX now */
	566	isync
	567	blr
	568	#endif /* 0 */
	569
	570	/*
	571	* giveup_altivec(tsk)
	572	* Disable VMX for the task given as the argument,
	573	* and save the vector registers in its thread_struct.
574	* Enables the VMX for use in the kernel on return.
575	*/
576	_GLOBAL(giveup_altivec)
577	mfmsr r5
578	oris r5,r5,MSR_VEC@h
579	mtmsrd r5 /* enable use of VMX now */
580	isync
581	cmpdi 0,r3,0
582	beqlr- /* if no previous owner, done */
583	addi r3,r3,THREAD /* want THREAD of task */
584	ld r5,PT_REGS(r3)
585	cmpdi 0,r5,0
586	SAVE_32VRS(0,r4,r3)
587	mfvscr vr0
588	li r4,THREAD_VSCR
589	stvx vr0,r4,r3
590	beq 1f
591	ld r4,_MSR-STACK_FRAME_OVERHEAD(r5)
592	lis r3,MSR_VEC@h
593	andc r4,r4,r3 /* disable FP for previous task */
594	std r4,_MSR-STACK_FRAME_OVERHEAD(r5)
595	1:
596	#ifndef CONFIG_SMP
597	li r5,0
598	ld r4,last_task_used_altivec@got(r2)
599	std r5,0(r4)
600	#endif /* CONFIG_SMP */
601	blr
602
603	#endif /* CONFIG_ALTIVEC */
604
3db03b4a	605	_GLOBAL(kernel_execve)
9994a338 PM	606	li r0,__NR_execve
	607	sc
	608	bnslr
	609	neg r3,r3
	610	blr
	611
	612	/* kexec_wait(phys_cpu)
	613	*
	614	* wait for the flag to change, indicating this kernel is going away but
	615	* the slave code for the next one is at addresses 0 to 100.
	616	*
	617	* This is used by all slaves.
	618	*
	619	* Physical (hardware) cpu id should be in r3.
	620	*/
	621	_GLOBAL(kexec_wait)
	622	bl 1f
	623	1: mflr r5
	624	addi r5,r5,kexec_flag-1b
	625
	626	99: HMT_LOW
	627	#ifdef CONFIG_KEXEC /* use no memory without kexec */
	628	lwz r4,0(r5)
	629	cmpwi 0,r4,0
	630	bnea 0x60
	631	#endif
	632	b 99b
	633
	634	/* this can be in text because we won't change it until we are
	635	* running in real anyways
	636	*/
	637	kexec_flag:
	638	.long 0
	639
	640
	641	#ifdef CONFIG_KEXEC
	642
	643	/* kexec_smp_wait(void)
	644	*
	645	* call with interrupts off
	646	* note: this is a terminal routine, it does not save lr
	647	*
	648	* get phys id from paca
	649	* set paca id to -1 to say we got here
	650	* switch to real mode
	651	* join other cpus in kexec_wait(phys_id)
	652	*/
	653	_GLOBAL(kexec_smp_wait)
	654	lhz r3,PACAHWCPUID(r13)
	655	li r4,-1
	656	sth r4,PACAHWCPUID(r13) /* let others know we left */
	657	bl real_mode
	658	b .kexec_wait
	659
	660	/*
	661	* switch to real mode (turn mmu off)
	662	* we use the early kernel trick that the hardware ignores bits
	663	* 0 and 1 (big endian) of the effective address in real mode
	664	*
	665	* don't overwrite r3 here, it is live for kexec_wait above.
	666	*/
	667	real_mode: /* assume normal blr return */
	668	1: li r9,MSR_RI
	669	li r10,MSR_DR\|MSR_IR
670	mflr r11 /* return address to SRR0 */
671	mfmsr r12
672	andc r9,r12,r9
673	andc r10,r12,r10
674
675	mtmsrd r9,1
676	mtspr SPRN_SRR1,r10
677	mtspr SPRN_SRR0,r11
678	rfid
679
680
681	/*
682	* kexec_sequence(newstack, start, image, control, clear_all())
683	*
684	* does the grungy work with stack switching and real mode switches
685	* also does simple calls to other code
686	*/
687
688	_GLOBAL(kexec_sequence)
689	mflr r0
690	std r0,16(r1)
691
692	/* switch stacks to newstack -- &kexec_stack.stack */
693	stdu r1,THREAD_SIZE-112(r3)
694	mr r1,r3
695
696	li r0,0
697	std r0,16(r1)
698
699	/* save regs for local vars on new stack.
700	* yes, we won't go back, but ...
701	*/
702	std r31,-8(r1)
703	std r30,-16(r1)
704	std r29,-24(r1)
705	std r28,-32(r1)
706	std r27,-40(r1)
707	std r26,-48(r1)
708	std r25,-56(r1)
709
710	stdu r1,-112-64(r1)
711
712	/* save args into preserved regs */
713	mr r31,r3 /* newstack (both) */
714	mr r30,r4 /* start (real) */
715	mr r29,r5 /* image (virt) */
716	mr r28,r6 /* control, unused */
717	mr r27,r7 /* clear_all() fn desc */
718	mr r26,r8 /* spare */
719	lhz r25,PACAHWCPUID(r13) /* get our phys cpu from paca */
720
721	/* disable interrupts, we are overwriting kernel data next */
722	mfmsr r3
723	rlwinm r3,r3,0,17,15
724	mtmsrd r3,1
725
726	/* copy dest pages, flush whole dest image */
727	mr r3,r29
728	bl .kexec_copy_flush /* (image) */
729
730	/* turn off mmu */
731	bl real_mode
732
733	/* clear out hardware hash page table and tlb */
734	ld r5,0(r27) /* deref function descriptor */
735	mtctr r5
8d950cb8	736	bctrl /* ppc_md.hpte_clear_all(void); */
9994a338 PM	737
	738	/*
	739	* kexec image calling is:
	740	* the first 0x100 bytes of the entry point are copied to 0
	741	*
	742	* all slaves branch to slave = 0x60 (absolute)
	743	* slave(phys_cpu_id);
	744	*
	745	* master goes to start = entry point
	746	* start(phys_cpu_id, start, 0);
	747	*
	748	*
	749	* a wrapper is needed to call existing kernels, here is an approximate
	750	* description of one method:
	751	*
	752	* v2: (2.6.10)
	753	* start will be near the boot_block (maybe 0x100 bytes before it?)
	754	* it will have a 0x60, which will b to boot_block, where it will wait
	755	* and 0 will store phys into struct boot-block and load r3 from there,
	756	* copy kernel 0-0x100 and tell slaves to back down to 0x60 again
	757	*
	758	* v1: (2.6.9)
	759	* boot block will have all cpus scanning device tree to see if they
	760	* are the boot cpu ?????
	761	* other device tree differences (prop sizes, va vs pa, etc)...
	762	*/
	763
	764	/* copy 0x100 bytes starting at start to 0 */
	765	li r3,0
	766	mr r4,r30
	767	li r5,0x100
	768	li r6,0
	769	bl .copy_and_flush /* (dest, src, copy limit, start offset) */
	770	1: /* assume normal blr return */
	771
	772	/* release other cpus to the new kernel secondary start at 0x60 */
	773	mflr r5
	774	li r6,1
	775	stw r6,kexec_flag-1b(5)
	776	mr r3,r25 # my phys cpu
	777	mr r4,r30 # start, aka phys mem offset
	778	mtlr 4
	779	li r5,0
	780	blr /* image->start(physid, image->start, 0); */
	781	#endif /* CONFIG_KEXEC */