[GitHub/mt8127/android_kernel_alcatel_ttab.git] / arch / powerpc / kernel / misc_64.S

/*
 * This file contains miscellaneous low-level functions.
 *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
 *
 * Largely rewritten by Cort Dougan (cort@cs.nmt.edu)
 * and Paul Mackerras.
 * Adapted for iSeries by Mike Corrigan (mikejc@us.ibm.com)
 * PPC64 updates by Dave Engebretsen (engebret@us.ibm.com)
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version
 * 2 of the License, or (at your option) any later version.
 *
 */

#include <linux/sys.h>
#include <asm/unistd.h>
#include <asm/errno.h>
#include <asm/processor.h>
#include <asm/page.h>
#include <asm/cache.h>
#include <asm/ppc_asm.h>
#include <asm/asm-offsets.h>
#include <asm/cputable.h>
#include <asm/thread_info.h>
#include <asm/kexec.h>
#include <asm/ptrace.h>

	.text

_GLOBAL(call_do_softirq)
	mflr	r0
	std	r0,16(r1)
	stdu	r1,THREAD_SIZE-STACK_FRAME_OVERHEAD(r3)
	mr	r1,r3
	bl	.__do_softirq
	ld	r1,0(r1)
	ld	r0,16(r1)
	mtlr	r0
	blr

_GLOBAL(call_handle_irq)
	ld	r8,0(r6)
	mflr	r0
	std	r0,16(r1)
	mtctr	r8
	stdu	r1,THREAD_SIZE-STACK_FRAME_OVERHEAD(r5)
	mr	r1,r5
	bctrl
	ld	r1,0(r1)
	ld	r0,16(r1)
	mtlr	r0
	blr

	.section	".toc","aw"
PPC64_CACHES:
	.tc		ppc64_caches[TC],ppc64_caches
	.section	".text"

/*
 * Write any modified data cache blocks out to memory
 * and invalidate the corresponding instruction cache blocks.
 *
 * flush_icache_range(unsigned long start, unsigned long stop)
 *
 *   flush all bytes from start through stop-1 inclusive
 */

_KPROBE(__flush_icache_range)

/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 * and in some cases i-cache and d-cache line sizes differ from
 * each other.
 */
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)/* Get cache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of cache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
1:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	1b
	sync

/* Now invalidate the instruction cache */
	
	lwz	r7,ICACHEL1LINESIZE(r10)	/* Get Icache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5
	lwz	r9,ICACHEL1LOGLINESIZE(r10)	/* Get log-2 of Icache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
2:	icbi	0,r6
	add	r6,r6,r7
	bdnz	2b
	isync
	blr
	.previous .text
/*
 * Like above, but only do the D-cache.
 *
 * flush_dcache_range(unsigned long start, unsigned long stop)
 *
 *    flush all bytes from start to stop-1 inclusive
 */
_GLOBAL(flush_dcache_range)

/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 */
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
0:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	blr

/*
 * Like above, but works on non-mapped physical addresses.
 * Use only for non-LPAR setups ! It also assumes real mode
 * is cacheable. Used for flushing out the DART before using
 * it as uncacheable memory 
 *
 * flush_dcache_phys_range(unsigned long start, unsigned long stop)
 *
 *    flush all bytes from start to stop-1 inclusive
 */
_GLOBAL(flush_dcache_phys_range)
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mfmsr	r5			/* Disable MMU Data Relocation */
	ori	r0,r5,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsr	r0
	sync
	isync
	mtctr	r8
0:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	isync
	mtmsr	r5			/* Re-enable MMU Data Relocation */
	sync
	isync
	blr

_GLOBAL(flush_inval_dcache_range)
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	sync
	isync
	mtctr	r8
0:	dcbf	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	isync
	blr


/*
 * Flush a particular page from the data cache to RAM.
 * Note: this is necessary because the instruction cache does *not*
 * snoop from the data cache.
 *
 *	void __flush_dcache_icache(void *page)
 */
_GLOBAL(__flush_dcache_icache)
/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 */

/* Flush the dcache */
 	ld	r7,PPC64_CACHES@toc(r2)
	clrrdi	r3,r3,PAGE_SHIFT           	    /* Page align */
	lwz	r4,DCACHEL1LINESPERPAGE(r7)	/* Get # dcache lines per page */
	lwz	r5,DCACHEL1LINESIZE(r7)		/* Get dcache line size */
	mr	r6,r3
	mtctr	r4
0:	dcbst	0,r6
	add	r6,r6,r5
	bdnz	0b
	sync

/* Now invalidate the icache */	

	lwz	r4,ICACHEL1LINESPERPAGE(r7)	/* Get # icache lines per page */
	lwz	r5,ICACHEL1LINESIZE(r7)		/* Get icache line size */
	mtctr	r4
1:	icbi	0,r3
	add	r3,r3,r5
	bdnz	1b
	isync
	blr

_GLOBAL(__bswapdi2)
	srdi	r8,r3,32
	rlwinm	r7,r3,8,0xffffffff
	rlwimi	r7,r3,24,0,7
	rlwinm	r9,r8,8,0xffffffff
	rlwimi	r7,r3,24,16,23
	rlwimi	r9,r8,24,0,7
	rlwimi	r9,r8,24,16,23
	sldi	r7,r7,32
	or	r3,r7,r9
	blr

#if defined(CONFIG_PPC_PMAC) || defined(CONFIG_PPC_MAPLE)
/*
 * Do an IO access in real mode
 */
_GLOBAL(real_readb)
	mfmsr	r7
	ori	r0,r7,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsrd	r0
	sync
	isync
	mfspr	r6,SPRN_HID4
	rldicl	r5,r6,32,0
	ori	r5,r5,0x100
	rldicl	r5,r5,32,0
	sync
	mtspr	SPRN_HID4,r5
	isync
	slbia
	isync
	lbz	r3,0(r3)
	sync
	mtspr	SPRN_HID4,r6
	isync
	slbia
	isync
	mtmsrd	r7
	sync
	isync
	blr

	/*
 * Do an IO access in real mode
 */
_GLOBAL(real_writeb)
	mfmsr	r7
	ori	r0,r7,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsrd	r0
	sync
	isync
	mfspr	r6,SPRN_HID4
	rldicl	r5,r6,32,0
	ori	r5,r5,0x100
	rldicl	r5,r5,32,0
	sync
	mtspr	SPRN_HID4,r5
	isync
	slbia
	isync
	stb	r3,0(r4)
	sync
	mtspr	SPRN_HID4,r6
	isync
	slbia
	isync
	mtmsrd	r7
	sync
	isync
	blr
#endif /* defined(CONFIG_PPC_PMAC) || defined(CONFIG_PPC_MAPLE) */

#ifdef CONFIG_PPC_PASEMI

_GLOBAL(real_205_readb)
	mfmsr	r7
	ori	r0,r7,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsrd	r0
	sync
	isync
	LBZCIX(R3,R0,R3)
	isync
	mtmsrd	r7
	sync
	isync
	blr

_GLOBAL(real_205_writeb)
	mfmsr	r7
	ori	r0,r7,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsrd	r0
	sync
	isync
	STBCIX(R3,R0,R4)
	isync
	mtmsrd	r7
	sync
	isync
	blr

#endif /* CONFIG_PPC_PASEMI */


#if defined(CONFIG_CPU_FREQ_PMAC64) || defined(CONFIG_CPU_FREQ_MAPLE)
/*
 * SCOM access functions for 970 (FX only for now)
 *
 * unsigned long scom970_read(unsigned int address);
 * void scom970_write(unsigned int address, unsigned long value);
 *
 * The address passed in is the 24 bits register address. This code
 * is 970 specific and will not check the status bits, so you should
 * know what you are doing.
 */
_GLOBAL(scom970_read)
	/* interrupts off */
	mfmsr	r4
	ori	r0,r4,MSR_EE
	xori	r0,r0,MSR_EE
	mtmsrd	r0,1

	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	 * (including parity). On current CPUs they must be 0'd,
	 * and finally or in RW bit
	 */
	rlwinm	r3,r3,8,0,15
	ori	r3,r3,0x8000

	/* do the actual scom read */
	sync
	mtspr	SPRN_SCOMC,r3
	isync
	mfspr	r3,SPRN_SCOMD
	isync
	mfspr	r0,SPRN_SCOMC
	isync

	/* XXX:	fixup result on some buggy 970's (ouch ! we lost a bit, bah
	 * that's the best we can do). Not implemented yet as we don't use
	 * the scom on any of the bogus CPUs yet, but may have to be done
	 * ultimately
	 */

	/* restore interrupts */
	mtmsrd	r4,1
	blr


_GLOBAL(scom970_write)
	/* interrupts off */
	mfmsr	r5
	ori	r0,r5,MSR_EE
	xori	r0,r0,MSR_EE
	mtmsrd	r0,1

	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	 * (including parity). On current CPUs they must be 0'd.
	 */

	rlwinm	r3,r3,8,0,15

	sync
	mtspr	SPRN_SCOMD,r4      /* write data */
	isync
	mtspr	SPRN_SCOMC,r3      /* write command */
	isync
	mfspr	3,SPRN_SCOMC
	isync

	/* restore interrupts */
	mtmsrd	r5,1
	blr
#endif /* CONFIG_CPU_FREQ_PMAC64 || CONFIG_CPU_FREQ_MAPLE */


/*
 * disable_kernel_fp()
 * Disable the FPU.
 */
_GLOBAL(disable_kernel_fp)
	mfmsr	r3
	rldicl	r0,r3,(63-MSR_FP_LG),1
	rldicl	r3,r0,(MSR_FP_LG+1),0
	mtmsrd	r3			/* disable use of fpu now */
	isync
	blr

/* kexec_wait(phys_cpu)
 *
 * wait for the flag to change, indicating this kernel is going away but
 * the slave code for the next one is at addresses 0 to 100.
 *
 * This is used by all slaves, even those that did not find a matching
 * paca in the secondary startup code.
 *
 * Physical (hardware) cpu id should be in r3.
 */
_GLOBAL(kexec_wait)
	bl	1f
1:	mflr	r5
	addi	r5,r5,kexec_flag-1b

99:	HMT_LOW
#ifdef CONFIG_KEXEC		/* use no memory without kexec */
	lwz	r4,0(r5)
	cmpwi	0,r4,0
	bnea	0x60
#endif
	b	99b

/* this can be in text because we won't change it until we are
 * running in real anyways
 */
kexec_flag:
	.long	0


#ifdef CONFIG_KEXEC

/* kexec_smp_wait(void)
 *
 * call with interrupts off
 * note: this is a terminal routine, it does not save lr
 *
 * get phys id from paca
 * switch to real mode
 * mark the paca as no longer used
 * join other cpus in kexec_wait(phys_id)
 */
_GLOBAL(kexec_smp_wait)
	lhz	r3,PACAHWCPUID(r13)
	bl	real_mode

	li	r4,KEXEC_STATE_REAL_MODE
	stb	r4,PACAKEXECSTATE(r13)
	SYNC

	b	.kexec_wait

/*
 * switch to real mode (turn mmu off)
 * we use the early kernel trick that the hardware ignores bits
 * 0 and 1 (big endian) of the effective address in real mode
 *
 * don't overwrite r3 here, it is live for kexec_wait above.
 */
real_mode:	/* assume normal blr return */
1:	li	r9,MSR_RI
	li	r10,MSR_DR|MSR_IR
	mflr	r11		/* return address to SRR0 */
	mfmsr	r12
	andc	r9,r12,r9
	andc	r10,r12,r10

	mtmsrd	r9,1
	mtspr	SPRN_SRR1,r10
	mtspr	SPRN_SRR0,r11
	rfid


/*
 * kexec_sequence(newstack, start, image, control, clear_all())
 *
 * does the grungy work with stack switching and real mode switches
 * also does simple calls to other code
 */

_GLOBAL(kexec_sequence)
	mflr	r0
	std	r0,16(r1)

	/* switch stacks to newstack -- &kexec_stack.stack */
	stdu	r1,THREAD_SIZE-STACK_FRAME_OVERHEAD(r3)
	mr	r1,r3

	li	r0,0
	std	r0,16(r1)

	/* save regs for local vars on new stack.
	 * yes, we won't go back, but ...
	 */
	std	r31,-8(r1)
	std	r30,-16(r1)
	std	r29,-24(r1)
	std	r28,-32(r1)
	std	r27,-40(r1)
	std	r26,-48(r1)
	std	r25,-56(r1)

	stdu	r1,-STACK_FRAME_OVERHEAD-64(r1)

	/* save args into preserved regs */
	mr	r31,r3			/* newstack (both) */
	mr	r30,r4			/* start (real) */
	mr	r29,r5			/* image (virt) */
	mr	r28,r6			/* control, unused */
	mr	r27,r7			/* clear_all() fn desc */
	mr	r26,r8			/* spare */
	lhz	r25,PACAHWCPUID(r13)	/* get our phys cpu from paca */

	/* disable interrupts, we are overwriting kernel data next */
	mfmsr	r3
	rlwinm	r3,r3,0,17,15
	mtmsrd	r3,1

	/* copy dest pages, flush whole dest image */
	mr	r3,r29
	bl	.kexec_copy_flush	/* (image) */

	/* turn off mmu */
	bl	real_mode

	/* copy  0x100 bytes starting at start to 0 */
	li	r3,0
	mr	r4,r30		/* start, aka phys mem offset */
	li	r5,0x100
	li	r6,0
	bl	.copy_and_flush	/* (dest, src, copy limit, start offset) */
1:	/* assume normal blr return */

	/* release other cpus to the new kernel secondary start at 0x60 */
	mflr	r5
	li	r6,1
	stw	r6,kexec_flag-1b(5)

	/* clear out hardware hash page table and tlb */
	ld	r5,0(r27)		/* deref function descriptor */
	mtctr	r5
	bctrl				/* ppc_md.hpte_clear_all(void); */

/*
 *   kexec image calling is:
 *      the first 0x100 bytes of the entry point are copied to 0
 *
 *      all slaves branch to slave = 0x60 (absolute)
 *              slave(phys_cpu_id);
 *
 *      master goes to start = entry point
 *              start(phys_cpu_id, start, 0);
 *
 *
 *   a wrapper is needed to call existing kernels, here is an approximate
 *   description of one method:
 *
 * v2: (2.6.10)
 *   start will be near the boot_block (maybe 0x100 bytes before it?)
 *   it will have a 0x60, which will b to boot_block, where it will wait
 *   and 0 will store phys into struct boot-block and load r3 from there,
 *   copy kernel 0-0x100 and tell slaves to back down to 0x60 again
 *
 * v1: (2.6.9)
 *    boot block will have all cpus scanning device tree to see if they
 *    are the boot cpu ?????
 *    other device tree differences (prop sizes, va vs pa, etc)...
 */
	mr	r3,r25	# my phys cpu
	mr	r4,r30	# start, aka phys mem offset
	mtlr	4
	li	r5,0
	blr	/* image->start(physid, image->start, 0); */
#endif /* CONFIG_KEXEC */
Commit	Line	Data
9994a338	1	/*
9994a338 PM	2	* This file contains miscellaneous low-level functions.
	3	* Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
	4	*
	5	* Largely rewritten by Cort Dougan (cort@cs.nmt.edu)
	6	* and Paul Mackerras.
	7	* Adapted for iSeries by Mike Corrigan (mikejc@us.ibm.com)
127efeb2 SR	8	* PPC64 updates by Dave Engebretsen (engebret@us.ibm.com)
127efeb2 SR	9	*
9994a338 PM	10	* This program is free software; you can redistribute it and/or
	11	* modify it under the terms of the GNU General Public License
	12	* as published by the Free Software Foundation; either version
	13	* 2 of the License, or (at your option) any later version.
	14	*
	15	*/
	16
9994a338 PM	17	#include <linux/sys.h>
	18	#include <asm/unistd.h>
	19	#include <asm/errno.h>
	20	#include <asm/processor.h>
	21	#include <asm/page.h>
	22	#include <asm/cache.h>
	23	#include <asm/ppc_asm.h>
	24	#include <asm/asm-offsets.h>
	25	#include <asm/cputable.h>
6cb7bfeb	26	#include <asm/thread_info.h>
1fc711f7	27	#include <asm/kexec.h>
46f52210	28	#include <asm/ptrace.h>
9994a338 PM	29
	30	.text
	31
9994a338 PM	32	_GLOBAL(call_do_softirq)
	33	mflr r0
	34	std r0,16(r1)
4ae2dcb6	35	stdu r1,THREAD_SIZE-STACK_FRAME_OVERHEAD(r3)
9994a338 PM	36	mr r1,r3
	37	bl .__do_softirq
	38	ld r1,0(r1)
	39	ld r0,16(r1)
	40	mtlr r0
	41	blr
	42
b9e5b4e6	43	_GLOBAL(call_handle_irq)
7d12e780	44	ld r8,0(r6)
9994a338 PM	45	mflr r0
9994a338 PM	46	std r0,16(r1)
b9e5b4e6	47	mtctr r8
4ae2dcb6	48	stdu r1,THREAD_SIZE-STACK_FRAME_OVERHEAD(r5)
7d12e780	49	mr r1,r5
b9e5b4e6	50	bctrl
9994a338 PM	51	ld r1,0(r1)
	52	ld r0,16(r1)
	53	mtlr r0
	54	blr
9994a338	55
9994a338 PM	56	.section ".toc","aw"
	57	PPC64_CACHES:
	58	.tc ppc64_caches[TC],ppc64_caches
	59	.section ".text"
	60
	61	/*
	62	* Write any modified data cache blocks out to memory
	63	* and invalidate the corresponding instruction cache blocks.
	64	*
	65	* flush_icache_range(unsigned long start, unsigned long stop)
	66	*
	67	* flush all bytes from start through stop-1 inclusive
	68	*/
	69
	70	_KPROBE(__flush_icache_range)
	71
	72	/*
	73	* Flush the data cache to memory
	74	*
	75	* Different systems have different cache line sizes
	76	* and in some cases i-cache and d-cache line sizes differ from
	77	* each other.
	78	*/
	79	ld r10,PPC64_CACHES@toc(r2)
	80	lwz r7,DCACHEL1LINESIZE(r10)/* Get cache line size */
	81	addi r5,r7,-1
	82	andc r6,r3,r5 /* round low to line bdy */
	83	subf r8,r6,r4 /* compute length */
	84	add r8,r8,r5 /* ensure we get enough */
	85	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of cache line size */
	86	srw. r8,r8,r9 /* compute line count */
	87	beqlr /* nothing to do? */
	88	mtctr r8
	89	1: dcbst 0,r6
	90	add r6,r6,r7
	91	bdnz 1b
	92	sync
	93
	94	/* Now invalidate the instruction cache */
	95
	96	lwz r7,ICACHEL1LINESIZE(r10) /* Get Icache line size */
	97	addi r5,r7,-1
	98	andc r6,r3,r5 /* round low to line bdy */
	99	subf r8,r6,r4 /* compute length */
	100	add r8,r8,r5
	101	lwz r9,ICACHEL1LOGLINESIZE(r10) /* Get log-2 of Icache line size */
	102	srw. r8,r8,r9 /* compute line count */
	103	beqlr /* nothing to do? */
	104	mtctr r8
	105	2: icbi 0,r6
	106	add r6,r6,r7
	107	bdnz 2b
	108	isync
	109	blr
	110	.previous .text
	111	/*
	112	* Like above, but only do the D-cache.
	113	*
	114	* flush_dcache_range(unsigned long start, unsigned long stop)
	115	*
	116	* flush all bytes from start to stop-1 inclusive
	117	*/
	118	_GLOBAL(flush_dcache_range)
	119
120	/*
121	* Flush the data cache to memory
122	*
123	* Different systems have different cache line sizes
124	*/
125	ld r10,PPC64_CACHES@toc(r2)
126	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
127	addi r5,r7,-1
128	andc r6,r3,r5 /* round low to line bdy */
129	subf r8,r6,r4 /* compute length */
130	add r8,r8,r5 /* ensure we get enough */
131	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of dcache line size */
132	srw. r8,r8,r9 /* compute line count */
133	beqlr /* nothing to do? */
134	mtctr r8
135	0: dcbst 0,r6
136	add r6,r6,r7
137	bdnz 0b
138	sync
139	blr
140
141	/*
142	* Like above, but works on non-mapped physical addresses.
143	* Use only for non-LPAR setups ! It also assumes real mode
144	* is cacheable. Used for flushing out the DART before using
145	* it as uncacheable memory
146	*
147	* flush_dcache_phys_range(unsigned long start, unsigned long stop)
148	*
149	* flush all bytes from start to stop-1 inclusive
150	*/
151	_GLOBAL(flush_dcache_phys_range)
152	ld r10,PPC64_CACHES@toc(r2)
153	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
154	addi r5,r7,-1
155	andc r6,r3,r5 /* round low to line bdy */
156	subf r8,r6,r4 /* compute length */
157	add r8,r8,r5 /* ensure we get enough */
158	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of dcache line size */
159	srw. r8,r8,r9 /* compute line count */
160	beqlr /* nothing to do? */
161	mfmsr r5 /* Disable MMU Data Relocation */
162	ori r0,r5,MSR_DR
163	xori r0,r0,MSR_DR
164	sync
165	mtmsr r0
166	sync
167	isync
168	mtctr r8
169	0: dcbst 0,r6
170	add r6,r6,r7
171	bdnz 0b
172	sync
173	isync
174	mtmsr r5 /* Re-enable MMU Data Relocation */
175	sync
176	isync
177	blr
178
179	_GLOBAL(flush_inval_dcache_range)
180	ld r10,PPC64_CACHES@toc(r2)
181	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
182	addi r5,r7,-1
183	andc r6,r3,r5 /* round low to line bdy */
184	subf r8,r6,r4 /* compute length */
185	add r8,r8,r5 /* ensure we get enough */
186	lwz r9,DCACHEL1LOGLINESIZE(r10)/* Get log-2 of dcache line size */
187	srw. r8,r8,r9 /* compute line count */
188	beqlr /* nothing to do? */
189	sync
190	isync
191	mtctr r8
192	0: dcbf 0,r6
193	add r6,r6,r7
194	bdnz 0b
195	sync
196	isync
197	blr
198
199
200	/*
201	* Flush a particular page from the data cache to RAM.
202	* Note: this is necessary because the instruction cache does not
203	* snoop from the data cache.
204	*
205	* void __flush_dcache_icache(void *page)
206	*/
207	_GLOBAL(__flush_dcache_icache)
208	/*
209	* Flush the data cache to memory
210	*
211	* Different systems have different cache line sizes
212	*/
213
214	/* Flush the dcache */
215	ld r7,PPC64_CACHES@toc(r2)
216	clrrdi r3,r3,PAGE_SHIFT /* Page align */
217	lwz r4,DCACHEL1LINESPERPAGE(r7) /* Get # dcache lines per page */
218	lwz r5,DCACHEL1LINESIZE(r7) /* Get dcache line size */
219	mr r6,r3
220	mtctr r4
221	0: dcbst 0,r6
222	add r6,r6,r5
223	bdnz 0b
224	sync
225
226	/* Now invalidate the icache */
227
228	lwz r4,ICACHEL1LINESPERPAGE(r7) /* Get # icache lines per page */
229	lwz r5,ICACHEL1LINESIZE(r7) /* Get icache line size */
230	mtctr r4
231	1: icbi 0,r3
232	add r3,r3,r5
233	bdnz 1b
234	isync
235	blr
9994a338	236
ca9d7aea DW	237	_GLOBAL(__bswapdi2)
	238	srdi r8,r3,32
	239	rlwinm r7,r3,8,0xffffffff
	240	rlwimi r7,r3,24,0,7
	241	rlwinm r9,r8,8,0xffffffff
	242	rlwimi r7,r3,24,16,23
	243	rlwimi r9,r8,24,0,7
	244	rlwimi r9,r8,24,16,23
	245	sldi r7,r7,32
	246	or r3,r7,r9
	247	blr
3f639ee8	248
9994a338 PM	249	#if defined(CONFIG_PPC_PMAC) \|\| defined(CONFIG_PPC_MAPLE)
	250	/*
	251	* Do an IO access in real mode
	252	*/
	253	_GLOBAL(real_readb)
	254	mfmsr r7
	255	ori r0,r7,MSR_DR
	256	xori r0,r0,MSR_DR
	257	sync
	258	mtmsrd r0
	259	sync
	260	isync
	261	mfspr r6,SPRN_HID4
	262	rldicl r5,r6,32,0
	263	ori r5,r5,0x100
	264	rldicl r5,r5,32,0
	265	sync
	266	mtspr SPRN_HID4,r5
	267	isync
	268	slbia
	269	isync
	270	lbz r3,0(r3)
	271	sync
	272	mtspr SPRN_HID4,r6
	273	isync
	274	slbia
	275	isync
	276	mtmsrd r7
	277	sync
	278	isync
	279	blr
	280
	281	/*
	282	* Do an IO access in real mode
	283	*/
	284	_GLOBAL(real_writeb)
	285	mfmsr r7
	286	ori r0,r7,MSR_DR
	287	xori r0,r0,MSR_DR
	288	sync
	289	mtmsrd r0
	290	sync
	291	isync
	292	mfspr r6,SPRN_HID4
	293	rldicl r5,r6,32,0
	294	ori r5,r5,0x100
	295	rldicl r5,r5,32,0
	296	sync
	297	mtspr SPRN_HID4,r5
	298	isync
	299	slbia
	300	isync
	301	stb r3,0(r4)
	302	sync
	303	mtspr SPRN_HID4,r6
	304	isync
	305	slbia
	306	isync
	307	mtmsrd r7
	308	sync
	309	isync
	310	blr
	311	#endif /* defined(CONFIG_PPC_PMAC) \|\| defined(CONFIG_PPC_MAPLE) */
	312
39c870d5 OJ	313	#ifdef CONFIG_PPC_PASEMI
39c870d5 OJ	314
39c870d5 OJ	315	_GLOBAL(real_205_readb)
	316	mfmsr r7
	317	ori r0,r7,MSR_DR
	318	xori r0,r0,MSR_DR
	319	sync
	320	mtmsrd r0
	321	sync
	322	isync
e55174e9	323	LBZCIX(R3,R0,R3)
39c870d5 OJ	324	isync
	325	mtmsrd r7
	326	sync
	327	isync
	328	blr
	329
	330	_GLOBAL(real_205_writeb)
	331	mfmsr r7
	332	ori r0,r7,MSR_DR
	333	xori r0,r0,MSR_DR
	334	sync
	335	mtmsrd r0
	336	sync
	337	isync
e55174e9	338	STBCIX(R3,R0,R4)
39c870d5 OJ	339	isync
	340	mtmsrd r7
	341	sync
	342	isync
	343	blr
	344
	345	#endif /* CONFIG_PPC_PASEMI */
	346
	347
e48f7eb2	348	#if defined(CONFIG_CPU_FREQ_PMAC64) \|\| defined(CONFIG_CPU_FREQ_MAPLE)
4350147a BH	349	/*
	350	* SCOM access functions for 970 (FX only for now)
	351	*
	352	* unsigned long scom970_read(unsigned int address);
	353	* void scom970_write(unsigned int address, unsigned long value);
	354	*
	355	* The address passed in is the 24 bits register address. This code
	356	* is 970 specific and will not check the status bits, so you should
	357	* know what you are doing.
	358	*/
	359	_GLOBAL(scom970_read)
	360	/* interrupts off */
	361	mfmsr r4
	362	ori r0,r4,MSR_EE
	363	xori r0,r0,MSR_EE
	364	mtmsrd r0,1
	365
	366	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	367	* (including parity). On current CPUs they must be 0'd,
	368	* and finally or in RW bit
	369	*/
	370	rlwinm r3,r3,8,0,15
	371	ori r3,r3,0x8000
	372
	373	/* do the actual scom read */
	374	sync
	375	mtspr SPRN_SCOMC,r3
	376	isync
	377	mfspr r3,SPRN_SCOMD
	378	isync
	379	mfspr r0,SPRN_SCOMC
	380	isync
	381
	382	/* XXX: fixup result on some buggy 970's (ouch ! we lost a bit, bah
	383	* that's the best we can do). Not implemented yet as we don't use
	384	* the scom on any of the bogus CPUs yet, but may have to be done
	385	* ultimately
	386	*/
	387
	388	/* restore interrupts */
	389	mtmsrd r4,1
	390	blr
	391
	392
	393	_GLOBAL(scom970_write)
	394	/* interrupts off */
	395	mfmsr r5
	396	ori r0,r5,MSR_EE
	397	xori r0,r0,MSR_EE
	398	mtmsrd r0,1
	399
	400	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	401	* (including parity). On current CPUs they must be 0'd.
	402	*/
	403
	404	rlwinm r3,r3,8,0,15
	405
	406	sync
	407	mtspr SPRN_SCOMD,r4 /* write data */
	408	isync
	409	mtspr SPRN_SCOMC,r3 /* write command */
	410	isync
	411	mfspr 3,SPRN_SCOMC
	412	isync
413
414	/* restore interrupts */
415	mtmsrd r5,1
416	blr
e48f7eb2	417	#endif /* CONFIG_CPU_FREQ_PMAC64 \|\| CONFIG_CPU_FREQ_MAPLE */
4350147a BH	418
4350147a BH	419
9994a338 PM	420	/*
	421	* disable_kernel_fp()
	422	* Disable the FPU.
	423	*/
	424	_GLOBAL(disable_kernel_fp)
	425	mfmsr r3
	426	rldicl r0,r3,(63-MSR_FP_LG),1
	427	rldicl r3,r0,(MSR_FP_LG+1),0
	428	mtmsrd r3 /* disable use of fpu now */
	429	isync
	430	blr
	431
9994a338 PM	432	/* kexec_wait(phys_cpu)
	433	*
	434	* wait for the flag to change, indicating this kernel is going away but
	435	* the slave code for the next one is at addresses 0 to 100.
	436	*
3d2cea73 MM	437	* This is used by all slaves, even those that did not find a matching
3d2cea73 MM	438	* paca in the secondary startup code.
9994a338 PM	439	*
	440	* Physical (hardware) cpu id should be in r3.
	441	*/
	442	_GLOBAL(kexec_wait)
	443	bl 1f
	444	1: mflr r5
	445	addi r5,r5,kexec_flag-1b
	446
	447	99: HMT_LOW
	448	#ifdef CONFIG_KEXEC /* use no memory without kexec */
	449	lwz r4,0(r5)
	450	cmpwi 0,r4,0
	451	bnea 0x60
	452	#endif
	453	b 99b
	454
	455	/* this can be in text because we won't change it until we are
	456	* running in real anyways
	457	*/
	458	kexec_flag:
	459	.long 0
	460
	461
	462	#ifdef CONFIG_KEXEC
	463
	464	/* kexec_smp_wait(void)
	465	*
	466	* call with interrupts off
	467	* note: this is a terminal routine, it does not save lr
	468	*
	469	* get phys id from paca
9994a338	470	* switch to real mode
3d2cea73	471	* mark the paca as no longer used
9994a338 PM	472	* join other cpus in kexec_wait(phys_id)
	473	*/
	474	_GLOBAL(kexec_smp_wait)
	475	lhz r3,PACAHWCPUID(r13)
9994a338	476	bl real_mode
3d2cea73 MM	477
	478	li r4,KEXEC_STATE_REAL_MODE
	479	stb r4,PACAKEXECSTATE(r13)
	480	SYNC
	481
9994a338 PM	482	b .kexec_wait
	483
	484	/*
	485	* switch to real mode (turn mmu off)
	486	* we use the early kernel trick that the hardware ignores bits
	487	* 0 and 1 (big endian) of the effective address in real mode
	488	*
	489	* don't overwrite r3 here, it is live for kexec_wait above.
	490	*/
	491	real_mode: /* assume normal blr return */
	492	1: li r9,MSR_RI
	493	li r10,MSR_DR\|MSR_IR
	494	mflr r11 /* return address to SRR0 */
	495	mfmsr r12
	496	andc r9,r12,r9
	497	andc r10,r12,r10
	498
	499	mtmsrd r9,1
	500	mtspr SPRN_SRR1,r10
	501	mtspr SPRN_SRR0,r11
	502	rfid
	503
	504
	505	/*
1767c8f3	506	* kexec_sequence(newstack, start, image, control, clear_all())
9994a338 PM	507	*
	508	* does the grungy work with stack switching and real mode switches
	509	* also does simple calls to other code
	510	*/
	511
	512	_GLOBAL(kexec_sequence)
	513	mflr r0
	514	std r0,16(r1)
	515
	516	/* switch stacks to newstack -- &kexec_stack.stack */
4ae2dcb6	517	stdu r1,THREAD_SIZE-STACK_FRAME_OVERHEAD(r3)
9994a338 PM	518	mr r1,r3
	519
	520	li r0,0
	521	std r0,16(r1)
	522
	523	/* save regs for local vars on new stack.
	524	* yes, we won't go back, but ...
	525	*/
	526	std r31,-8(r1)
	527	std r30,-16(r1)
	528	std r29,-24(r1)
	529	std r28,-32(r1)
	530	std r27,-40(r1)
	531	std r26,-48(r1)
	532	std r25,-56(r1)
	533
4ae2dcb6	534	stdu r1,-STACK_FRAME_OVERHEAD-64(r1)
9994a338 PM	535
	536	/* save args into preserved regs */
	537	mr r31,r3 /* newstack (both) */
	538	mr r30,r4 /* start (real) */
	539	mr r29,r5 /* image (virt) */
	540	mr r28,r6 /* control, unused */
	541	mr r27,r7 /* clear_all() fn desc */
1767c8f3	542	mr r26,r8 /* spare */
9994a338 PM	543	lhz r25,PACAHWCPUID(r13) /* get our phys cpu from paca */
	544
	545	/* disable interrupts, we are overwriting kernel data next */
	546	mfmsr r3
	547	rlwinm r3,r3,0,17,15
	548	mtmsrd r3,1
	549
	550	/* copy dest pages, flush whole dest image */
	551	mr r3,r29
	552	bl .kexec_copy_flush /* (image) */
	553
	554	/* turn off mmu */
	555	bl real_mode
	556
ee46a90b MM	557	/* copy 0x100 bytes starting at start to 0 */
	558	li r3,0
	559	mr r4,r30 /* start, aka phys mem offset */
	560	li r5,0x100
	561	li r6,0
	562	bl .copy_and_flush /* (dest, src, copy limit, start offset) */
	563	1: /* assume normal blr return */
	564
	565	/* release other cpus to the new kernel secondary start at 0x60 */
	566	mflr r5
	567	li r6,1
	568	stw r6,kexec_flag-1b(5)
	569
9994a338 PM	570	/* clear out hardware hash page table and tlb */
	571	ld r5,0(r27) /* deref function descriptor */
	572	mtctr r5
8d950cb8	573	bctrl /* ppc_md.hpte_clear_all(void); */
9994a338 PM	574
	575	/*
	576	* kexec image calling is:
	577	* the first 0x100 bytes of the entry point are copied to 0
	578	*
	579	* all slaves branch to slave = 0x60 (absolute)
	580	* slave(phys_cpu_id);
	581	*
	582	* master goes to start = entry point
	583	* start(phys_cpu_id, start, 0);
	584	*
	585	*
	586	* a wrapper is needed to call existing kernels, here is an approximate
	587	* description of one method:
	588	*
	589	* v2: (2.6.10)
	590	* start will be near the boot_block (maybe 0x100 bytes before it?)
	591	* it will have a 0x60, which will b to boot_block, where it will wait
	592	* and 0 will store phys into struct boot-block and load r3 from there,
	593	* copy kernel 0-0x100 and tell slaves to back down to 0x60 again
	594	*
	595	* v1: (2.6.9)
	596	* boot block will have all cpus scanning device tree to see if they
	597	* are the boot cpu ?????
	598	* other device tree differences (prop sizes, va vs pa, etc)...
	599	*/
9994a338 PM	600	mr r3,r25 # my phys cpu
	601	mr r4,r30 # start, aka phys mem offset
	602	mtlr 4
	603	li r5,0
1767c8f3	604	blr /* image->start(physid, image->start, 0); */
9994a338	605	#endif /* CONFIG_KEXEC */