[deliverable/linux.git] / arch / powerpc / kernel / misc_64.S

/*
 *  arch/powerpc/kernel/misc64.S
 *
 * This file contains miscellaneous low-level functions.
 *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
 *
 * Largely rewritten by Cort Dougan (cort@cs.nmt.edu)
 * and Paul Mackerras.
 * Adapted for iSeries by Mike Corrigan (mikejc@us.ibm.com)
 * PPC64 updates by Dave Engebretsen (engebret@us.ibm.com) 
 * 
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version
 * 2 of the License, or (at your option) any later version.
 *
 */

#include <linux/config.h>
#include <linux/sys.h>
#include <asm/unistd.h>
#include <asm/errno.h>
#include <asm/processor.h>
#include <asm/page.h>
#include <asm/cache.h>
#include <asm/ppc_asm.h>
#include <asm/asm-offsets.h>
#include <asm/cputable.h>
#include <asm/thread_info.h>

	.text

/*
 * Returns (address we are running at) - (address we were linked at)
 * for use before the text and data are mapped to KERNELBASE.
 */

_GLOBAL(reloc_offset)
	mflr	r0
	bl	1f
1:	mflr	r3
	LOAD_REG_IMMEDIATE(r4,1b)
	subf	r3,r4,r3
	mtlr	r0
	blr

/*
 * add_reloc_offset(x) returns x + reloc_offset().
 */
_GLOBAL(add_reloc_offset)
	mflr	r0
	bl	1f
1:	mflr	r5
	LOAD_REG_IMMEDIATE(r4,1b)
	subf	r5,r4,r5
	add	r3,r3,r5
	mtlr	r0
	blr

_GLOBAL(get_msr)
	mfmsr	r3
	blr

_GLOBAL(get_dar)
	mfdar	r3
	blr

_GLOBAL(get_srr0)
	mfsrr0  r3
	blr

_GLOBAL(get_srr1)
	mfsrr1  r3
	blr
	
_GLOBAL(get_sp)
	mr	r3,r1
	blr

#ifdef CONFIG_IRQSTACKS
_GLOBAL(call_do_softirq)
	mflr	r0
	std	r0,16(r1)
	stdu	r1,THREAD_SIZE-112(r3)
	mr	r1,r3
	bl	.__do_softirq
	ld	r1,0(r1)
	ld	r0,16(r1)
	mtlr	r0
	blr

_GLOBAL(call___do_IRQ)
	mflr	r0
	std	r0,16(r1)
	stdu	r1,THREAD_SIZE-112(r5)
	mr	r1,r5
	bl	.__do_IRQ
	ld	r1,0(r1)
	ld	r0,16(r1)
	mtlr	r0
	blr
#endif /* CONFIG_IRQSTACKS */

	.section	".toc","aw"
PPC64_CACHES:
	.tc		ppc64_caches[TC],ppc64_caches
	.section	".text"

/*
 * Write any modified data cache blocks out to memory
 * and invalidate the corresponding instruction cache blocks.
 *
 * flush_icache_range(unsigned long start, unsigned long stop)
 *
 *   flush all bytes from start through stop-1 inclusive
 */

_KPROBE(__flush_icache_range)

/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 * and in some cases i-cache and d-cache line sizes differ from
 * each other.
 */
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)/* Get cache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of cache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
1:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	1b
	sync

/* Now invalidate the instruction cache */
	
	lwz	r7,ICACHEL1LINESIZE(r10)	/* Get Icache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5
	lwz	r9,ICACHEL1LOGLINESIZE(r10)	/* Get log-2 of Icache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
2:	icbi	0,r6
	add	r6,r6,r7
	bdnz	2b
	isync
	blr
	.previous .text
/*
 * Like above, but only do the D-cache.
 *
 * flush_dcache_range(unsigned long start, unsigned long stop)
 *
 *    flush all bytes from start to stop-1 inclusive
 */
_GLOBAL(flush_dcache_range)

/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 */
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mtctr	r8
0:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	blr

/*
 * Like above, but works on non-mapped physical addresses.
 * Use only for non-LPAR setups ! It also assumes real mode
 * is cacheable. Used for flushing out the DART before using
 * it as uncacheable memory 
 *
 * flush_dcache_phys_range(unsigned long start, unsigned long stop)
 *
 *    flush all bytes from start to stop-1 inclusive
 */
_GLOBAL(flush_dcache_phys_range)
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)	/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	mfmsr	r5			/* Disable MMU Data Relocation */
	ori	r0,r5,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsr	r0
	sync
	isync
	mtctr	r8
0:	dcbst	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	isync
	mtmsr	r5			/* Re-enable MMU Data Relocation */
	sync
	isync
	blr

_GLOBAL(flush_inval_dcache_range)
 	ld	r10,PPC64_CACHES@toc(r2)
	lwz	r7,DCACHEL1LINESIZE(r10)	/* Get dcache line size */
	addi	r5,r7,-1
	andc	r6,r3,r5		/* round low to line bdy */
	subf	r8,r6,r4		/* compute length */
	add	r8,r8,r5		/* ensure we get enough */
	lwz	r9,DCACHEL1LOGLINESIZE(r10)/* Get log-2 of dcache line size */
	srw.	r8,r8,r9		/* compute line count */
	beqlr				/* nothing to do? */
	sync
	isync
	mtctr	r8
0:	dcbf	0,r6
	add	r6,r6,r7
	bdnz	0b
	sync
	isync
	blr


/*
 * Flush a particular page from the data cache to RAM.
 * Note: this is necessary because the instruction cache does *not*
 * snoop from the data cache.
 *
 *	void __flush_dcache_icache(void *page)
 */
_GLOBAL(__flush_dcache_icache)
/*
 * Flush the data cache to memory 
 * 
 * Different systems have different cache line sizes
 */

/* Flush the dcache */
 	ld	r7,PPC64_CACHES@toc(r2)
	clrrdi	r3,r3,PAGE_SHIFT           	    /* Page align */
	lwz	r4,DCACHEL1LINESPERPAGE(r7)	/* Get # dcache lines per page */
	lwz	r5,DCACHEL1LINESIZE(r7)		/* Get dcache line size */
	mr	r6,r3
	mtctr	r4
0:	dcbst	0,r6
	add	r6,r6,r5
	bdnz	0b
	sync

/* Now invalidate the icache */	

	lwz	r4,ICACHEL1LINESPERPAGE(r7)	/* Get # icache lines per page */
	lwz	r5,ICACHEL1LINESIZE(r7)		/* Get icache line size */
	mtctr	r4
1:	icbi	0,r3
	add	r3,r3,r5
	bdnz	1b
	isync
	blr
	
/*
 * I/O string operations
 *
 * insb(port, buf, len)
 * outsb(port, buf, len)
 * insw(port, buf, len)
 * outsw(port, buf, len)
 * insl(port, buf, len)
 * outsl(port, buf, len)
 * insw_ns(port, buf, len)
 * outsw_ns(port, buf, len)
 * insl_ns(port, buf, len)
 * outsl_ns(port, buf, len)
 *
 * The *_ns versions don't do byte-swapping.
 */
_GLOBAL(_insb)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,1
	blelr-
00:	lbz	r5,0(r3)
	eieio
	stbu	r5,1(r4)
	bdnz	00b
	twi	0,r5,0
	isync
	blr

_GLOBAL(_outsb)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,1
	blelr-
00:	lbzu	r5,1(r4)
	stb	r5,0(r3)
	bdnz	00b
	sync
	blr	

_GLOBAL(_insw)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,2
	blelr-
00:	lhbrx	r5,0,r3
	eieio
	sthu	r5,2(r4)
	bdnz	00b
	twi	0,r5,0
	isync
	blr

_GLOBAL(_outsw)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,2
	blelr-
00:	lhzu	r5,2(r4)
	sthbrx	r5,0,r3	
	bdnz	00b
	sync
	blr	

_GLOBAL(_insl)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,4
	blelr-
00:	lwbrx	r5,0,r3
	eieio
	stwu	r5,4(r4)
	bdnz	00b
	twi	0,r5,0
	isync
	blr

_GLOBAL(_outsl)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,4
	blelr-
00:	lwzu	r5,4(r4)
	stwbrx	r5,0,r3
	bdnz	00b
	sync
	blr	

/* _GLOBAL(ide_insw) now in drivers/ide/ide-iops.c */
_GLOBAL(_insw_ns)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,2
	blelr-
00:	lhz	r5,0(r3)
	eieio
	sthu	r5,2(r4)
	bdnz	00b
	twi	0,r5,0
	isync
	blr

/* _GLOBAL(ide_outsw) now in drivers/ide/ide-iops.c */
_GLOBAL(_outsw_ns)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,2
	blelr-
00:	lhzu	r5,2(r4)
	sth	r5,0(r3)
	bdnz	00b
	sync
	blr	

_GLOBAL(_insl_ns)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,4
	blelr-
00:	lwz	r5,0(r3)
	eieio
	stwu	r5,4(r4)
	bdnz	00b
	twi	0,r5,0
	isync
	blr

_GLOBAL(_outsl_ns)
	cmpwi	0,r5,0
	mtctr	r5
	subi	r4,r4,4
	blelr-
00:	lwzu	r5,4(r4)
	stw	r5,0(r3)
	bdnz	00b
	sync
	blr	

/*
 * identify_cpu and calls setup_cpu
 * In:	r3 = base of the cpu_specs array
 *	r4 = address of cur_cpu_spec
 *	r5 = relocation offset
 */
_GLOBAL(identify_cpu)
	mfpvr	r7
1:
	lwz	r8,CPU_SPEC_PVR_MASK(r3)
	and	r8,r8,r7
	lwz	r9,CPU_SPEC_PVR_VALUE(r3)
	cmplw	0,r9,r8
	beq	1f
	addi	r3,r3,CPU_SPEC_ENTRY_SIZE
	b	1b
1:
	sub	r0,r3,r5
	std	r0,0(r4)
	ld	r4,CPU_SPEC_SETUP(r3)
	cmpdi	0,r4,0
	add	r4,r4,r5
	beqlr
	ld	r4,0(r4)
	add	r4,r4,r5
	mtctr	r4
	/* Calling convention for cpu setup is r3=offset, r4=cur_cpu_spec */
	mr	r4,r3
	mr	r3,r5
	bctr

/*
 * do_cpu_ftr_fixups - goes through the list of CPU feature fixups
 * and writes nop's over sections of code that don't apply for this cpu.
 * r3 = data offset (not changed)
 */
_GLOBAL(do_cpu_ftr_fixups)
	/* Get CPU 0 features */
	LOAD_REG_IMMEDIATE(r6,cur_cpu_spec)
	sub	r6,r6,r3
	ld	r4,0(r6)
	sub	r4,r4,r3
	ld	r4,CPU_SPEC_FEATURES(r4)
	/* Get the fixup table */
	LOAD_REG_IMMEDIATE(r6,__start___ftr_fixup)
	sub	r6,r6,r3
	LOAD_REG_IMMEDIATE(r7,__stop___ftr_fixup)
	sub	r7,r7,r3
	/* Do the fixup */
1:	cmpld	r6,r7
	bgelr
	addi	r6,r6,32
	ld	r8,-32(r6)	/* mask */
	and	r8,r8,r4
	ld	r9,-24(r6)	/* value */
	cmpld	r8,r9
	beq	1b
	ld	r8,-16(r6)	/* section begin */
	ld	r9,-8(r6)	/* section end */
	subf.	r9,r8,r9
	beq	1b
	/* write nops over the section of code */
	/* todo: if large section, add a branch at the start of it */
	srwi	r9,r9,2
	mtctr	r9
	sub	r8,r8,r3
	lis	r0,0x60000000@h	/* nop */
3:	stw	r0,0(r8)
	andi.	r10,r4,CPU_FTR_SPLIT_ID_CACHE@l
	beq	2f
	dcbst	0,r8		/* suboptimal, but simpler */
	sync
	icbi	0,r8
2:	addi	r8,r8,4
	bdnz	3b
	sync			/* additional sync needed on g4 */
	isync
	b	1b

#if defined(CONFIG_PPC_PMAC) || defined(CONFIG_PPC_MAPLE)
/*
 * Do an IO access in real mode
 */
_GLOBAL(real_readb)
	mfmsr	r7
	ori	r0,r7,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsrd	r0
	sync
	isync
	mfspr	r6,SPRN_HID4
	rldicl	r5,r6,32,0
	ori	r5,r5,0x100
	rldicl	r5,r5,32,0
	sync
	mtspr	SPRN_HID4,r5
	isync
	slbia
	isync
	lbz	r3,0(r3)
	sync
	mtspr	SPRN_HID4,r6
	isync
	slbia
	isync
	mtmsrd	r7
	sync
	isync
	blr

	/*
 * Do an IO access in real mode
 */
_GLOBAL(real_writeb)
	mfmsr	r7
	ori	r0,r7,MSR_DR
	xori	r0,r0,MSR_DR
	sync
	mtmsrd	r0
	sync
	isync
	mfspr	r6,SPRN_HID4
	rldicl	r5,r6,32,0
	ori	r5,r5,0x100
	rldicl	r5,r5,32,0
	sync
	mtspr	SPRN_HID4,r5
	isync
	slbia
	isync
	stb	r3,0(r4)
	sync
	mtspr	SPRN_HID4,r6
	isync
	slbia
	isync
	mtmsrd	r7
	sync
	isync
	blr
#endif /* defined(CONFIG_PPC_PMAC) || defined(CONFIG_PPC_MAPLE) */

/*
 * SCOM access functions for 970 (FX only for now)
 *
 * unsigned long scom970_read(unsigned int address);
 * void scom970_write(unsigned int address, unsigned long value);
 *
 * The address passed in is the 24 bits register address. This code
 * is 970 specific and will not check the status bits, so you should
 * know what you are doing.
 */
_GLOBAL(scom970_read)
	/* interrupts off */
	mfmsr	r4
	ori	r0,r4,MSR_EE
	xori	r0,r0,MSR_EE
	mtmsrd	r0,1

	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	 * (including parity). On current CPUs they must be 0'd,
	 * and finally or in RW bit
	 */
	rlwinm	r3,r3,8,0,15
	ori	r3,r3,0x8000

	/* do the actual scom read */
	sync
	mtspr	SPRN_SCOMC,r3
	isync
	mfspr	r3,SPRN_SCOMD
	isync
	mfspr	r0,SPRN_SCOMC
	isync

	/* XXX:	fixup result on some buggy 970's (ouch ! we lost a bit, bah
	 * that's the best we can do). Not implemented yet as we don't use
	 * the scom on any of the bogus CPUs yet, but may have to be done
	 * ultimately
	 */

	/* restore interrupts */
	mtmsrd	r4,1
	blr


_GLOBAL(scom970_write)
	/* interrupts off */
	mfmsr	r5
	ori	r0,r5,MSR_EE
	xori	r0,r0,MSR_EE
	mtmsrd	r0,1

	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	 * (including parity). On current CPUs they must be 0'd.
	 */

	rlwinm	r3,r3,8,0,15

	sync
	mtspr	SPRN_SCOMD,r4      /* write data */
	isync
	mtspr	SPRN_SCOMC,r3      /* write command */
	isync
	mfspr	3,SPRN_SCOMC
	isync

	/* restore interrupts */
	mtmsrd	r5,1
	blr


/*
 * Create a kernel thread
 *   kernel_thread(fn, arg, flags)
 */
_GLOBAL(kernel_thread)
	std	r29,-24(r1)
	std	r30,-16(r1)
	stdu	r1,-STACK_FRAME_OVERHEAD(r1)
	mr	r29,r3
	mr	r30,r4
	ori	r3,r5,CLONE_VM	/* flags */
	oris	r3,r3,(CLONE_UNTRACED>>16)
	li	r4,0		/* new sp (unused) */
	li	r0,__NR_clone
	sc
	cmpdi	0,r3,0		/* parent or child? */
	bne	1f		/* return if parent */
	li	r0,0
	stdu	r0,-STACK_FRAME_OVERHEAD(r1)
	ld	r2,8(r29)
	ld	r29,0(r29)
	mtlr	r29              /* fn addr in lr */
	mr	r3,r30	        /* load arg and call fn */
	blrl
	li	r0,__NR_exit	/* exit after child exits */
        li	r3,0
	sc
1:	addi	r1,r1,STACK_FRAME_OVERHEAD	
	ld	r29,-24(r1)
	ld	r30,-16(r1)
	blr

/*
 * disable_kernel_fp()
 * Disable the FPU.
 */
_GLOBAL(disable_kernel_fp)
	mfmsr	r3
	rldicl	r0,r3,(63-MSR_FP_LG),1
	rldicl	r3,r0,(MSR_FP_LG+1),0
	mtmsrd	r3			/* disable use of fpu now */
	isync
	blr

#ifdef CONFIG_ALTIVEC

#if 0 /* this has no callers for now */
/*
 * disable_kernel_altivec()
 * Disable the VMX.
 */
_GLOBAL(disable_kernel_altivec)
	mfmsr	r3
	rldicl	r0,r3,(63-MSR_VEC_LG),1
	rldicl	r3,r0,(MSR_VEC_LG+1),0
	mtmsrd	r3			/* disable use of VMX now */
	isync
	blr
#endif /* 0 */

/*
 * giveup_altivec(tsk)
 * Disable VMX for the task given as the argument,
 * and save the vector registers in its thread_struct.
 * Enables the VMX for use in the kernel on return.
 */
_GLOBAL(giveup_altivec)
	mfmsr	r5
	oris	r5,r5,MSR_VEC@h
	mtmsrd	r5			/* enable use of VMX now */
	isync
	cmpdi	0,r3,0
	beqlr-				/* if no previous owner, done */
	addi	r3,r3,THREAD		/* want THREAD of task */
	ld	r5,PT_REGS(r3)
	cmpdi	0,r5,0
	SAVE_32VRS(0,r4,r3)
	mfvscr	vr0
	li	r4,THREAD_VSCR
	stvx	vr0,r4,r3
	beq	1f
	ld	r4,_MSR-STACK_FRAME_OVERHEAD(r5)
	lis	r3,MSR_VEC@h
	andc	r4,r4,r3		/* disable FP for previous task */
	std	r4,_MSR-STACK_FRAME_OVERHEAD(r5)
1:
#ifndef CONFIG_SMP
	li	r5,0
	ld	r4,last_task_used_altivec@got(r2)
	std	r5,0(r4)
#endif /* CONFIG_SMP */
	blr

#endif /* CONFIG_ALTIVEC */

_GLOBAL(execve)
	li	r0,__NR_execve
	sc
	bnslr
	neg	r3,r3
	blr

/* kexec_wait(phys_cpu)
 *
 * wait for the flag to change, indicating this kernel is going away but
 * the slave code for the next one is at addresses 0 to 100.
 *
 * This is used by all slaves.
 *
 * Physical (hardware) cpu id should be in r3.
 */
_GLOBAL(kexec_wait)
	bl	1f
1:	mflr	r5
	addi	r5,r5,kexec_flag-1b

99:	HMT_LOW
#ifdef CONFIG_KEXEC		/* use no memory without kexec */
	lwz	r4,0(r5)
	cmpwi	0,r4,0
	bnea	0x60
#endif
	b	99b

/* this can be in text because we won't change it until we are
 * running in real anyways
 */
kexec_flag:
	.long	0


#ifdef CONFIG_KEXEC

/* kexec_smp_wait(void)
 *
 * call with interrupts off
 * note: this is a terminal routine, it does not save lr
 *
 * get phys id from paca
 * set paca id to -1 to say we got here
 * switch to real mode
 * join other cpus in kexec_wait(phys_id)
 */
_GLOBAL(kexec_smp_wait)
	lhz	r3,PACAHWCPUID(r13)
	li	r4,-1
	sth	r4,PACAHWCPUID(r13)	/* let others know we left */
	bl	real_mode
	b	.kexec_wait

/*
 * switch to real mode (turn mmu off)
 * we use the early kernel trick that the hardware ignores bits
 * 0 and 1 (big endian) of the effective address in real mode
 *
 * don't overwrite r3 here, it is live for kexec_wait above.
 */
real_mode:	/* assume normal blr return */
1:	li	r9,MSR_RI
	li	r10,MSR_DR|MSR_IR
	mflr	r11		/* return address to SRR0 */
	mfmsr	r12
	andc	r9,r12,r9
	andc	r10,r12,r10

	mtmsrd	r9,1
	mtspr	SPRN_SRR1,r10
	mtspr	SPRN_SRR0,r11
	rfid


/*
 * kexec_sequence(newstack, start, image, control, clear_all())
 *
 * does the grungy work with stack switching and real mode switches
 * also does simple calls to other code
 */

_GLOBAL(kexec_sequence)
	mflr	r0
	std	r0,16(r1)

	/* switch stacks to newstack -- &kexec_stack.stack */
	stdu	r1,THREAD_SIZE-112(r3)
	mr	r1,r3

	li	r0,0
	std	r0,16(r1)

	/* save regs for local vars on new stack.
	 * yes, we won't go back, but ...
	 */
	std	r31,-8(r1)
	std	r30,-16(r1)
	std	r29,-24(r1)
	std	r28,-32(r1)
	std	r27,-40(r1)
	std	r26,-48(r1)
	std	r25,-56(r1)

	stdu	r1,-112-64(r1)

	/* save args into preserved regs */
	mr	r31,r3			/* newstack (both) */
	mr	r30,r4			/* start (real) */
	mr	r29,r5			/* image (virt) */
	mr	r28,r6			/* control, unused */
	mr	r27,r7			/* clear_all() fn desc */
	mr	r26,r8			/* spare */
	lhz	r25,PACAHWCPUID(r13)	/* get our phys cpu from paca */

	/* disable interrupts, we are overwriting kernel data next */
	mfmsr	r3
	rlwinm	r3,r3,0,17,15
	mtmsrd	r3,1

	/* copy dest pages, flush whole dest image */
	mr	r3,r29
	bl	.kexec_copy_flush	/* (image) */

	/* turn off mmu */
	bl	real_mode

	/* clear out hardware hash page table and tlb */
	ld	r5,0(r27)		/* deref function descriptor */
	mtctr	r5
	bctrl				/* ppc_md.hash_clear_all(void); */

/*
 *   kexec image calling is:
 *      the first 0x100 bytes of the entry point are copied to 0
 *
 *      all slaves branch to slave = 0x60 (absolute)
 *              slave(phys_cpu_id);
 *
 *      master goes to start = entry point
 *              start(phys_cpu_id, start, 0);
 *
 *
 *   a wrapper is needed to call existing kernels, here is an approximate
 *   description of one method:
 *
 * v2: (2.6.10)
 *   start will be near the boot_block (maybe 0x100 bytes before it?)
 *   it will have a 0x60, which will b to boot_block, where it will wait
 *   and 0 will store phys into struct boot-block and load r3 from there,
 *   copy kernel 0-0x100 and tell slaves to back down to 0x60 again
 *
 * v1: (2.6.9)
 *    boot block will have all cpus scanning device tree to see if they
 *    are the boot cpu ?????
 *    other device tree differences (prop sizes, va vs pa, etc)...
 */

	/* copy  0x100 bytes starting at start to 0 */
	li	r3,0
	mr	r4,r30
	li	r5,0x100
	li	r6,0
	bl	.copy_and_flush	/* (dest, src, copy limit, start offset) */
1:	/* assume normal blr return */

	/* release other cpus to the new kernel secondary start at 0x60 */
	mflr	r5
	li	r6,1
	stw	r6,kexec_flag-1b(5)
	mr	r3,r25	# my phys cpu
	mr	r4,r30	# start, aka phys mem offset
	mtlr	4
	li	r5,0
	blr	/* image->start(physid, image->start, 0); */
#endif /* CONFIG_KEXEC */
Commit	Line	Data
9994a338 PM	1	/*
	2	* arch/powerpc/kernel/misc64.S
	3	*
	4	* This file contains miscellaneous low-level functions.
	5	* Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
	6	*
	7	* Largely rewritten by Cort Dougan (cort@cs.nmt.edu)
	8	* and Paul Mackerras.
	9	* Adapted for iSeries by Mike Corrigan (mikejc@us.ibm.com)
	10	* PPC64 updates by Dave Engebretsen (engebret@us.ibm.com)
	11	*
	12	* This program is free software; you can redistribute it and/or
	13	* modify it under the terms of the GNU General Public License
	14	* as published by the Free Software Foundation; either version
	15	* 2 of the License, or (at your option) any later version.
	16	*
	17	*/
	18
	19	#include <linux/config.h>
	20	#include <linux/sys.h>
	21	#include <asm/unistd.h>
	22	#include <asm/errno.h>
	23	#include <asm/processor.h>
	24	#include <asm/page.h>
	25	#include <asm/cache.h>
	26	#include <asm/ppc_asm.h>
	27	#include <asm/asm-offsets.h>
	28	#include <asm/cputable.h>
6cb7bfeb	29	#include <asm/thread_info.h>
9994a338 PM	30
	31	.text
	32
	33	/*
	34	* Returns (address we are running at) - (address we were linked at)
	35	* for use before the text and data are mapped to KERNELBASE.
	36	*/
	37
	38	_GLOBAL(reloc_offset)
	39	mflr r0
	40	bl 1f
	41	1: mflr r3
e58c3495	42	LOAD_REG_IMMEDIATE(r4,1b)
9994a338 PM	43	subf r3,r4,r3
	44	mtlr r0
	45	blr
	46
	47	/*
	48	* add_reloc_offset(x) returns x + reloc_offset().
	49	*/
	50	_GLOBAL(add_reloc_offset)
	51	mflr r0
	52	bl 1f
	53	1: mflr r5
e58c3495	54	LOAD_REG_IMMEDIATE(r4,1b)
9994a338 PM	55	subf r5,r4,r5
	56	add r3,r3,r5
	57	mtlr r0
	58	blr
	59
	60	_GLOBAL(get_msr)
	61	mfmsr r3
	62	blr
	63
	64	_GLOBAL(get_dar)
	65	mfdar r3
	66	blr
	67
	68	_GLOBAL(get_srr0)
	69	mfsrr0 r3
	70	blr
	71
	72	_GLOBAL(get_srr1)
	73	mfsrr1 r3
	74	blr
	75
	76	_GLOBAL(get_sp)
	77	mr r3,r1
	78	blr
	79
	80	#ifdef CONFIG_IRQSTACKS
	81	_GLOBAL(call_do_softirq)
	82	mflr r0
	83	std r0,16(r1)
	84	stdu r1,THREAD_SIZE-112(r3)
	85	mr r1,r3
	86	bl .__do_softirq
	87	ld r1,0(r1)
	88	ld r0,16(r1)
	89	mtlr r0
	90	blr
	91
d4be4f37	92	_GLOBAL(call___do_IRQ)
9994a338 PM	93	mflr r0
9994a338 PM	94	std r0,16(r1)
b709c083 SR	95	stdu r1,THREAD_SIZE-112(r5)
b709c083 SR	96	mr r1,r5
d4be4f37	97	bl .__do_IRQ
9994a338 PM	98	ld r1,0(r1)
	99	ld r0,16(r1)
	100	mtlr r0
	101	blr
	102	#endif /* CONFIG_IRQSTACKS */
	103
9994a338 PM	104	.section ".toc","aw"
	105	PPC64_CACHES:
	106	.tc ppc64_caches[TC],ppc64_caches
	107	.section ".text"
	108
	109	/*
	110	* Write any modified data cache blocks out to memory
	111	* and invalidate the corresponding instruction cache blocks.
	112	*
	113	* flush_icache_range(unsigned long start, unsigned long stop)
	114	*
	115	* flush all bytes from start through stop-1 inclusive
	116	*/
	117
	118	_KPROBE(__flush_icache_range)
	119
	120	/*
	121	* Flush the data cache to memory
	122	*
	123	* Different systems have different cache line sizes
	124	* and in some cases i-cache and d-cache line sizes differ from
	125	* each other.
	126	*/
	127	ld r10,PPC64_CACHES@toc(r2)
	128	lwz r7,DCACHEL1LINESIZE(r10)/* Get cache line size */
	129	addi r5,r7,-1
	130	andc r6,r3,r5 /* round low to line bdy */
	131	subf r8,r6,r4 /* compute length */
	132	add r8,r8,r5 /* ensure we get enough */
	133	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of cache line size */
	134	srw. r8,r8,r9 /* compute line count */
	135	beqlr /* nothing to do? */
	136	mtctr r8
	137	1: dcbst 0,r6
	138	add r6,r6,r7
	139	bdnz 1b
	140	sync
	141
	142	/* Now invalidate the instruction cache */
	143
	144	lwz r7,ICACHEL1LINESIZE(r10) /* Get Icache line size */
	145	addi r5,r7,-1
	146	andc r6,r3,r5 /* round low to line bdy */
	147	subf r8,r6,r4 /* compute length */
	148	add r8,r8,r5
	149	lwz r9,ICACHEL1LOGLINESIZE(r10) /* Get log-2 of Icache line size */
	150	srw. r8,r8,r9 /* compute line count */
	151	beqlr /* nothing to do? */
	152	mtctr r8
	153	2: icbi 0,r6
	154	add r6,r6,r7
	155	bdnz 2b
	156	isync
	157	blr
	158	.previous .text
	159	/*
	160	* Like above, but only do the D-cache.
	161	*
	162	* flush_dcache_range(unsigned long start, unsigned long stop)
	163	*
	164	* flush all bytes from start to stop-1 inclusive
	165	*/
	166	_GLOBAL(flush_dcache_range)
	167
168	/*
169	* Flush the data cache to memory
170	*
171	* Different systems have different cache line sizes
172	*/
173	ld r10,PPC64_CACHES@toc(r2)
174	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
175	addi r5,r7,-1
176	andc r6,r3,r5 /* round low to line bdy */
177	subf r8,r6,r4 /* compute length */
178	add r8,r8,r5 /* ensure we get enough */
179	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of dcache line size */
180	srw. r8,r8,r9 /* compute line count */
181	beqlr /* nothing to do? */
182	mtctr r8
183	0: dcbst 0,r6
184	add r6,r6,r7
185	bdnz 0b
186	sync
187	blr
188
189	/*
190	* Like above, but works on non-mapped physical addresses.
191	* Use only for non-LPAR setups ! It also assumes real mode
192	* is cacheable. Used for flushing out the DART before using
193	* it as uncacheable memory
194	*
195	* flush_dcache_phys_range(unsigned long start, unsigned long stop)
196	*
197	* flush all bytes from start to stop-1 inclusive
198	*/
199	_GLOBAL(flush_dcache_phys_range)
200	ld r10,PPC64_CACHES@toc(r2)
201	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
202	addi r5,r7,-1
203	andc r6,r3,r5 /* round low to line bdy */
204	subf r8,r6,r4 /* compute length */
205	add r8,r8,r5 /* ensure we get enough */
206	lwz r9,DCACHEL1LOGLINESIZE(r10) /* Get log-2 of dcache line size */
207	srw. r8,r8,r9 /* compute line count */
208	beqlr /* nothing to do? */
209	mfmsr r5 /* Disable MMU Data Relocation */
210	ori r0,r5,MSR_DR
211	xori r0,r0,MSR_DR
212	sync
213	mtmsr r0
214	sync
215	isync
216	mtctr r8
217	0: dcbst 0,r6
218	add r6,r6,r7
219	bdnz 0b
220	sync
221	isync
222	mtmsr r5 /* Re-enable MMU Data Relocation */
223	sync
224	isync
225	blr
226
227	_GLOBAL(flush_inval_dcache_range)
228	ld r10,PPC64_CACHES@toc(r2)
229	lwz r7,DCACHEL1LINESIZE(r10) /* Get dcache line size */
230	addi r5,r7,-1
231	andc r6,r3,r5 /* round low to line bdy */
232	subf r8,r6,r4 /* compute length */
233	add r8,r8,r5 /* ensure we get enough */
234	lwz r9,DCACHEL1LOGLINESIZE(r10)/* Get log-2 of dcache line size */
235	srw. r8,r8,r9 /* compute line count */
236	beqlr /* nothing to do? */
237	sync
238	isync
239	mtctr r8
240	0: dcbf 0,r6
241	add r6,r6,r7
242	bdnz 0b
243	sync
244	isync
245	blr
246
247
248	/*
249	* Flush a particular page from the data cache to RAM.
250	* Note: this is necessary because the instruction cache does not
251	* snoop from the data cache.
252	*
253	* void __flush_dcache_icache(void *page)
254	*/
255	_GLOBAL(__flush_dcache_icache)
256	/*
257	* Flush the data cache to memory
258	*
259	* Different systems have different cache line sizes
260	*/
261
262	/* Flush the dcache */
263	ld r7,PPC64_CACHES@toc(r2)
264	clrrdi r3,r3,PAGE_SHIFT /* Page align */
265	lwz r4,DCACHEL1LINESPERPAGE(r7) /* Get # dcache lines per page */
266	lwz r5,DCACHEL1LINESIZE(r7) /* Get dcache line size */
267	mr r6,r3
268	mtctr r4
269	0: dcbst 0,r6
270	add r6,r6,r5
271	bdnz 0b
272	sync
273
274	/* Now invalidate the icache */
275
276	lwz r4,ICACHEL1LINESPERPAGE(r7) /* Get # icache lines per page */
277	lwz r5,ICACHEL1LINESIZE(r7) /* Get icache line size */
278	mtctr r4
279	1: icbi 0,r3
280	add r3,r3,r5
281	bdnz 1b
282	isync
283	blr
284
285	/*
286	* I/O string operations
287	*
288	* insb(port, buf, len)
289	* outsb(port, buf, len)
290	* insw(port, buf, len)
291	* outsw(port, buf, len)
292	* insl(port, buf, len)
293	* outsl(port, buf, len)
294	* insw_ns(port, buf, len)
295	* outsw_ns(port, buf, len)
296	* insl_ns(port, buf, len)
297	* outsl_ns(port, buf, len)
298	*
299	* The *_ns versions don't do byte-swapping.
300	*/
301	_GLOBAL(_insb)
302	cmpwi 0,r5,0
303	mtctr r5
304	subi r4,r4,1
305	blelr-
306	00: lbz r5,0(r3)
307	eieio
308	stbu r5,1(r4)
309	bdnz 00b
310	twi 0,r5,0
311	isync
312	blr
313
314	_GLOBAL(_outsb)
315	cmpwi 0,r5,0
316	mtctr r5
317	subi r4,r4,1
318	blelr-
319	00: lbzu r5,1(r4)
320	stb r5,0(r3)
321	bdnz 00b
322	sync
323	blr
324
325	_GLOBAL(_insw)
326	cmpwi 0,r5,0
327	mtctr r5
328	subi r4,r4,2
329	blelr-
330	00: lhbrx r5,0,r3
331	eieio
332	sthu r5,2(r4)
333	bdnz 00b
334	twi 0,r5,0
335	isync
336	blr
337
338	_GLOBAL(_outsw)
339	cmpwi 0,r5,0
340	mtctr r5
341	subi r4,r4,2
342	blelr-
343	00: lhzu r5,2(r4)
344	sthbrx r5,0,r3
345	bdnz 00b
346	sync
347	blr
348
349	_GLOBAL(_insl)
350	cmpwi 0,r5,0
351	mtctr r5
352	subi r4,r4,4
353	blelr-
354	00: lwbrx r5,0,r3
355	eieio
356	stwu r5,4(r4)
357	bdnz 00b
358	twi 0,r5,0
359	isync
360	blr
361
362	_GLOBAL(_outsl)
363	cmpwi 0,r5,0
364	mtctr r5
365	subi r4,r4,4
366	blelr-
367	00: lwzu r5,4(r4)
368	stwbrx r5,0,r3
369	bdnz 00b
370	sync
371	blr
372
373	/* _GLOBAL(ide_insw) now in drivers/ide/ide-iops.c */
374	_GLOBAL(_insw_ns)
375	cmpwi 0,r5,0
376	mtctr r5
377	subi r4,r4,2
378	blelr-
379	00: lhz r5,0(r3)
380	eieio
381	sthu r5,2(r4)
382	bdnz 00b
383	twi 0,r5,0
384	isync
385	blr
386
387	/* _GLOBAL(ide_outsw) now in drivers/ide/ide-iops.c */
388	_GLOBAL(_outsw_ns)
389	cmpwi 0,r5,0
390	mtctr r5
391	subi r4,r4,2
392	blelr-
393	00: lhzu r5,2(r4)
394	sth r5,0(r3)
395	bdnz 00b
396	sync
397	blr
398
399	_GLOBAL(_insl_ns)
400	cmpwi 0,r5,0
401	mtctr r5
402	subi r4,r4,4
403	blelr-
404	00: lwz r5,0(r3)
405	eieio
406	stwu r5,4(r4)
407	bdnz 00b
408	twi 0,r5,0
409	isync
410	blr
411
412	_GLOBAL(_outsl_ns)
413	cmpwi 0,r5,0
414	mtctr r5
415	subi r4,r4,4
416	blelr-
417	00: lwzu r5,4(r4)
418	stw r5,0(r3)
419	bdnz 00b
420	sync
421	blr
422
9994a338 PM	423	/*
	424	* identify_cpu and calls setup_cpu
	425	* In: r3 = base of the cpu_specs array
	426	* r4 = address of cur_cpu_spec
	427	* r5 = relocation offset
	428	*/
	429	_GLOBAL(identify_cpu)
	430	mfpvr r7
	431	1:
	432	lwz r8,CPU_SPEC_PVR_MASK(r3)
	433	and r8,r8,r7
	434	lwz r9,CPU_SPEC_PVR_VALUE(r3)
	435	cmplw 0,r9,r8
	436	beq 1f
	437	addi r3,r3,CPU_SPEC_ENTRY_SIZE
	438	b 1b
	439	1:
	440	sub r0,r3,r5
	441	std r0,0(r4)
	442	ld r4,CPU_SPEC_SETUP(r3)
b26f100d	443	cmpdi 0,r4,0
9994a338	444	add r4,r4,r5
b26f100d	445	beqlr
9994a338 PM	446	ld r4,0(r4)
	447	add r4,r4,r5
	448	mtctr r4
	449	/* Calling convention for cpu setup is r3=offset, r4=cur_cpu_spec */
	450	mr r4,r3
	451	mr r3,r5
	452	bctr
	453
	454	/*
	455	* do_cpu_ftr_fixups - goes through the list of CPU feature fixups
	456	* and writes nop's over sections of code that don't apply for this cpu.
	457	* r3 = data offset (not changed)
	458	*/
	459	_GLOBAL(do_cpu_ftr_fixups)
	460	/* Get CPU 0 features */
e58c3495	461	LOAD_REG_IMMEDIATE(r6,cur_cpu_spec)
9994a338 PM	462	sub r6,r6,r3
	463	ld r4,0(r6)
	464	sub r4,r4,r3
	465	ld r4,CPU_SPEC_FEATURES(r4)
	466	/* Get the fixup table */
e58c3495	467	LOAD_REG_IMMEDIATE(r6,__start___ftr_fixup)
9994a338	468	sub r6,r6,r3
e58c3495	469	LOAD_REG_IMMEDIATE(r7,__stop___ftr_fixup)
9994a338 PM	470	sub r7,r7,r3
	471	/* Do the fixup */
	472	1: cmpld r6,r7
	473	bgelr
	474	addi r6,r6,32
	475	ld r8,-32(r6) /* mask */
	476	and r8,r8,r4
	477	ld r9,-24(r6) /* value */
	478	cmpld r8,r9
	479	beq 1b
	480	ld r8,-16(r6) /* section begin */
	481	ld r9,-8(r6) /* section end */
	482	subf. r9,r8,r9
	483	beq 1b
	484	/* write nops over the section of code */
	485	/* todo: if large section, add a branch at the start of it */
	486	srwi r9,r9,2
	487	mtctr r9
	488	sub r8,r8,r3
	489	lis r0,0x60000000@h /* nop */
	490	3: stw r0,0(r8)
	491	andi. r10,r4,CPU_FTR_SPLIT_ID_CACHE@l
	492	beq 2f
	493	dcbst 0,r8 /* suboptimal, but simpler */
	494	sync
	495	icbi 0,r8
	496	2: addi r8,r8,4
	497	bdnz 3b
	498	sync /* additional sync needed on g4 */
	499	isync
	500	b 1b
	501
	502	#if defined(CONFIG_PPC_PMAC) \|\| defined(CONFIG_PPC_MAPLE)
	503	/*
	504	* Do an IO access in real mode
	505	*/
	506	_GLOBAL(real_readb)
	507	mfmsr r7
	508	ori r0,r7,MSR_DR
	509	xori r0,r0,MSR_DR
	510	sync
	511	mtmsrd r0
	512	sync
	513	isync
	514	mfspr r6,SPRN_HID4
	515	rldicl r5,r6,32,0
	516	ori r5,r5,0x100
	517	rldicl r5,r5,32,0
	518	sync
	519	mtspr SPRN_HID4,r5
	520	isync
	521	slbia
	522	isync
	523	lbz r3,0(r3)
	524	sync
	525	mtspr SPRN_HID4,r6
	526	isync
	527	slbia
	528	isync
	529	mtmsrd r7
	530	sync
	531	isync
	532	blr
	533
534	/*
535	* Do an IO access in real mode
536	*/
537	_GLOBAL(real_writeb)
538	mfmsr r7
539	ori r0,r7,MSR_DR
540	xori r0,r0,MSR_DR
541	sync
542	mtmsrd r0
543	sync
544	isync
545	mfspr r6,SPRN_HID4
546	rldicl r5,r6,32,0
547	ori r5,r5,0x100
548	rldicl r5,r5,32,0
549	sync
550	mtspr SPRN_HID4,r5
551	isync
552	slbia
553	isync
554	stb r3,0(r4)
555	sync
556	mtspr SPRN_HID4,r6
557	isync
558	slbia
559	isync
560	mtmsrd r7
561	sync
562	isync
563	blr
564	#endif /* defined(CONFIG_PPC_PMAC) \|\| defined(CONFIG_PPC_MAPLE) */
565
4350147a BH	566	/*
	567	* SCOM access functions for 970 (FX only for now)
	568	*
	569	* unsigned long scom970_read(unsigned int address);
	570	* void scom970_write(unsigned int address, unsigned long value);
	571	*
	572	* The address passed in is the 24 bits register address. This code
	573	* is 970 specific and will not check the status bits, so you should
	574	* know what you are doing.
	575	*/
	576	_GLOBAL(scom970_read)
	577	/* interrupts off */
	578	mfmsr r4
	579	ori r0,r4,MSR_EE
	580	xori r0,r0,MSR_EE
	581	mtmsrd r0,1
	582
	583	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	584	* (including parity). On current CPUs they must be 0'd,
	585	* and finally or in RW bit
	586	*/
	587	rlwinm r3,r3,8,0,15
	588	ori r3,r3,0x8000
	589
	590	/* do the actual scom read */
	591	sync
	592	mtspr SPRN_SCOMC,r3
	593	isync
	594	mfspr r3,SPRN_SCOMD
	595	isync
	596	mfspr r0,SPRN_SCOMC
	597	isync
	598
	599	/* XXX: fixup result on some buggy 970's (ouch ! we lost a bit, bah
	600	* that's the best we can do). Not implemented yet as we don't use
	601	* the scom on any of the bogus CPUs yet, but may have to be done
	602	* ultimately
	603	*/
	604
	605	/* restore interrupts */
	606	mtmsrd r4,1
	607	blr
	608
	609
	610	_GLOBAL(scom970_write)
	611	/* interrupts off */
	612	mfmsr r5
	613	ori r0,r5,MSR_EE
	614	xori r0,r0,MSR_EE
	615	mtmsrd r0,1
	616
	617	/* rotate 24 bits SCOM address 8 bits left and mask out it's low 8 bits
	618	* (including parity). On current CPUs they must be 0'd.
	619	*/
	620
	621	rlwinm r3,r3,8,0,15
	622
	623	sync
	624	mtspr SPRN_SCOMD,r4 /* write data */
	625	isync
	626	mtspr SPRN_SCOMC,r3 /* write command */
	627	isync
	628	mfspr 3,SPRN_SCOMC
	629	isync
630
631	/* restore interrupts */
632	mtmsrd r5,1
633	blr
634
635
9994a338 PM	636	/*
	637	* Create a kernel thread
	638	* kernel_thread(fn, arg, flags)
	639	*/
	640	_GLOBAL(kernel_thread)
	641	std r29,-24(r1)
	642	std r30,-16(r1)
	643	stdu r1,-STACK_FRAME_OVERHEAD(r1)
	644	mr r29,r3
	645	mr r30,r4
	646	ori r3,r5,CLONE_VM /* flags */
	647	oris r3,r3,(CLONE_UNTRACED>>16)
	648	li r4,0 /* new sp (unused) */
	649	li r0,__NR_clone
	650	sc
	651	cmpdi 0,r3,0 /* parent or child? */
	652	bne 1f /* return if parent */
	653	li r0,0
	654	stdu r0,-STACK_FRAME_OVERHEAD(r1)
	655	ld r2,8(r29)
	656	ld r29,0(r29)
	657	mtlr r29 /* fn addr in lr */
	658	mr r3,r30 /* load arg and call fn */
	659	blrl
	660	li r0,__NR_exit /* exit after child exits */
	661	li r3,0
	662	sc
	663	1: addi r1,r1,STACK_FRAME_OVERHEAD
	664	ld r29,-24(r1)
	665	ld r30,-16(r1)
	666	blr
	667
	668	/*
	669	* disable_kernel_fp()
	670	* Disable the FPU.
	671	*/
	672	_GLOBAL(disable_kernel_fp)
	673	mfmsr r3
	674	rldicl r0,r3,(63-MSR_FP_LG),1
	675	rldicl r3,r0,(MSR_FP_LG+1),0
	676	mtmsrd r3 /* disable use of fpu now */
	677	isync
	678	blr
	679
	680	#ifdef CONFIG_ALTIVEC
	681
	682	#if 0 /* this has no callers for now */
	683	/*
	684	* disable_kernel_altivec()
	685	* Disable the VMX.
	686	*/
	687	_GLOBAL(disable_kernel_altivec)
	688	mfmsr r3
	689	rldicl r0,r3,(63-MSR_VEC_LG),1
	690	rldicl r3,r0,(MSR_VEC_LG+1),0
	691	mtmsrd r3 /* disable use of VMX now */
	692	isync
	693	blr
	694	#endif /* 0 */
	695
	696	/*
	697	* giveup_altivec(tsk)
	698	* Disable VMX for the task given as the argument,
	699	* and save the vector registers in its thread_struct.
700	* Enables the VMX for use in the kernel on return.
701	*/
702	_GLOBAL(giveup_altivec)
703	mfmsr r5
704	oris r5,r5,MSR_VEC@h
705	mtmsrd r5 /* enable use of VMX now */
706	isync
707	cmpdi 0,r3,0
708	beqlr- /* if no previous owner, done */
709	addi r3,r3,THREAD /* want THREAD of task */
710	ld r5,PT_REGS(r3)
711	cmpdi 0,r5,0
712	SAVE_32VRS(0,r4,r3)
713	mfvscr vr0
714	li r4,THREAD_VSCR
715	stvx vr0,r4,r3
716	beq 1f
717	ld r4,_MSR-STACK_FRAME_OVERHEAD(r5)
718	lis r3,MSR_VEC@h
719	andc r4,r4,r3 /* disable FP for previous task */
720	std r4,_MSR-STACK_FRAME_OVERHEAD(r5)
721	1:
722	#ifndef CONFIG_SMP
723	li r5,0
724	ld r4,last_task_used_altivec@got(r2)
725	std r5,0(r4)
726	#endif /* CONFIG_SMP */
727	blr
728
729	#endif /* CONFIG_ALTIVEC */
730
9994a338 PM	731	_GLOBAL(execve)
	732	li r0,__NR_execve
	733	sc
	734	bnslr
	735	neg r3,r3
	736	blr
	737
	738	/* kexec_wait(phys_cpu)
	739	*
	740	* wait for the flag to change, indicating this kernel is going away but
	741	* the slave code for the next one is at addresses 0 to 100.
	742	*
	743	* This is used by all slaves.
	744	*
	745	* Physical (hardware) cpu id should be in r3.
	746	*/
	747	_GLOBAL(kexec_wait)
	748	bl 1f
	749	1: mflr r5
	750	addi r5,r5,kexec_flag-1b
	751
	752	99: HMT_LOW
	753	#ifdef CONFIG_KEXEC /* use no memory without kexec */
	754	lwz r4,0(r5)
	755	cmpwi 0,r4,0
	756	bnea 0x60
	757	#endif
	758	b 99b
	759
	760	/* this can be in text because we won't change it until we are
	761	* running in real anyways
	762	*/
	763	kexec_flag:
	764	.long 0
	765
	766
	767	#ifdef CONFIG_KEXEC
	768
	769	/* kexec_smp_wait(void)
	770	*
	771	* call with interrupts off
	772	* note: this is a terminal routine, it does not save lr
	773	*
	774	* get phys id from paca
	775	* set paca id to -1 to say we got here
	776	* switch to real mode
	777	* join other cpus in kexec_wait(phys_id)
	778	*/
	779	_GLOBAL(kexec_smp_wait)
	780	lhz r3,PACAHWCPUID(r13)
	781	li r4,-1
	782	sth r4,PACAHWCPUID(r13) /* let others know we left */
	783	bl real_mode
	784	b .kexec_wait
	785
	786	/*
	787	* switch to real mode (turn mmu off)
	788	* we use the early kernel trick that the hardware ignores bits
	789	* 0 and 1 (big endian) of the effective address in real mode
	790	*
	791	* don't overwrite r3 here, it is live for kexec_wait above.
	792	*/
	793	real_mode: /* assume normal blr return */
	794	1: li r9,MSR_RI
795	li r10,MSR_DR\|MSR_IR
796	mflr r11 /* return address to SRR0 */
797	mfmsr r12
798	andc r9,r12,r9
799	andc r10,r12,r10
800
801	mtmsrd r9,1
802	mtspr SPRN_SRR1,r10
803	mtspr SPRN_SRR0,r11
804	rfid
805
806
807	/*
808	* kexec_sequence(newstack, start, image, control, clear_all())
809	*
810	* does the grungy work with stack switching and real mode switches
811	* also does simple calls to other code
812	*/
813
814	_GLOBAL(kexec_sequence)
815	mflr r0
816	std r0,16(r1)
817
818	/* switch stacks to newstack -- &kexec_stack.stack */
819	stdu r1,THREAD_SIZE-112(r3)
820	mr r1,r3
821
822	li r0,0
823	std r0,16(r1)
824
825	/* save regs for local vars on new stack.
826	* yes, we won't go back, but ...
827	*/
828	std r31,-8(r1)
829	std r30,-16(r1)
830	std r29,-24(r1)
831	std r28,-32(r1)
832	std r27,-40(r1)
833	std r26,-48(r1)
834	std r25,-56(r1)
835
836	stdu r1,-112-64(r1)
837
838	/* save args into preserved regs */
839	mr r31,r3 /* newstack (both) */
840	mr r30,r4 /* start (real) */
841	mr r29,r5 /* image (virt) */
842	mr r28,r6 /* control, unused */
843	mr r27,r7 /* clear_all() fn desc */
844	mr r26,r8 /* spare */
845	lhz r25,PACAHWCPUID(r13) /* get our phys cpu from paca */
846
847	/* disable interrupts, we are overwriting kernel data next */
848	mfmsr r3
849	rlwinm r3,r3,0,17,15
850	mtmsrd r3,1
851
852	/* copy dest pages, flush whole dest image */
853	mr r3,r29
854	bl .kexec_copy_flush /* (image) */
855
856	/* turn off mmu */
857	bl real_mode
858
859	/* clear out hardware hash page table and tlb */
860	ld r5,0(r27) /* deref function descriptor */
861	mtctr r5
862	bctrl /* ppc_md.hash_clear_all(void); */
863
864	/*
865	* kexec image calling is:
866	* the first 0x100 bytes of the entry point are copied to 0
867	*
868	* all slaves branch to slave = 0x60 (absolute)
869	* slave(phys_cpu_id);
870	*
871	* master goes to start = entry point
872	* start(phys_cpu_id, start, 0);
873	*
874	*
875	* a wrapper is needed to call existing kernels, here is an approximate
876	* description of one method:
877	*
878	* v2: (2.6.10)
879	* start will be near the boot_block (maybe 0x100 bytes before it?)
880	* it will have a 0x60, which will b to boot_block, where it will wait
881	* and 0 will store phys into struct boot-block and load r3 from there,
882	* copy kernel 0-0x100 and tell slaves to back down to 0x60 again
883	*
884	* v1: (2.6.9)
885	* boot block will have all cpus scanning device tree to see if they
886	* are the boot cpu ?????
887	* other device tree differences (prop sizes, va vs pa, etc)...
888	*/
889
890	/* copy 0x100 bytes starting at start to 0 */
891	li r3,0
892	mr r4,r30
893	li r5,0x100
894	li r6,0
895	bl .copy_and_flush /* (dest, src, copy limit, start offset) */
896	1: /* assume normal blr return */
897
898	/* release other cpus to the new kernel secondary start at 0x60 */
899	mflr r5
900	li r6,1
901	stw r6,kexec_flag-1b(5)
902	mr r3,r25 # my phys cpu
903	mr r4,r30 # start, aka phys mem offset
904	mtlr 4
905	li r5,0
906	blr /* image->start(physid, image->start, 0); */
907	#endif /* CONFIG_KEXEC */