root/arch/powerpc/kernel/entry_32.S

   1 /* SPDX-License-Identifier: GPL-2.0-or-later */
   2 /*
   3  *  PowerPC version
   4  *    Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
   5  *  Rewritten by Cort Dougan (cort@fsmlabs.com) for PReP
   6  *    Copyright (C) 1996 Cort Dougan <cort@fsmlabs.com>
   7  *  Adapted for Power Macintosh by Paul Mackerras.
   8  *  Low-level exception handlers and MMU support
   9  *  rewritten by Paul Mackerras.
  10  *    Copyright (C) 1996 Paul Mackerras.
  11  *  MPC8xx modifications Copyright (C) 1997 Dan Malek (dmalek@jlc.net).
  12  *
  13  *  This file contains the system call entry code, context switch
  14  *  code, and exception/interrupt return code for PowerPC.
  15  */
  16 
  17 #include <linux/errno.h>
  18 #include <linux/err.h>
  19 #include <linux/sys.h>
  20 #include <linux/threads.h>
  21 #include <asm/reg.h>
  22 #include <asm/page.h>
  23 #include <asm/mmu.h>
  24 #include <asm/cputable.h>
  25 #include <asm/thread_info.h>
  26 #include <asm/ppc_asm.h>
  27 #include <asm/asm-offsets.h>
  28 #include <asm/unistd.h>
  29 #include <asm/ptrace.h>
  30 #include <asm/export.h>
  31 #include <asm/asm-405.h>
  32 #include <asm/feature-fixups.h>
  33 #include <asm/barrier.h>
  34 #include <asm/kup.h>
  35 #include <asm/bug.h>
  36 
  37 #include "head_32.h"
  38 
  39 /*
  40  * Align to 4k in order to ensure that all functions modyfing srr0/srr1
  41  * fit into one page in order to not encounter a TLB miss between the
  42  * modification of srr0/srr1 and the associated rfi.
  43  */
  44         .align  12
  45 
  46 #ifdef CONFIG_BOOKE
  47         .globl  mcheck_transfer_to_handler
  48 mcheck_transfer_to_handler:
  49         mfspr   r0,SPRN_DSRR0
  50         stw     r0,_DSRR0(r11)
  51         mfspr   r0,SPRN_DSRR1
  52         stw     r0,_DSRR1(r11)
  53         /* fall through */
  54 
  55         .globl  debug_transfer_to_handler
  56 debug_transfer_to_handler:
  57         mfspr   r0,SPRN_CSRR0
  58         stw     r0,_CSRR0(r11)
  59         mfspr   r0,SPRN_CSRR1
  60         stw     r0,_CSRR1(r11)
  61         /* fall through */
  62 
  63         .globl  crit_transfer_to_handler
  64 crit_transfer_to_handler:
  65 #ifdef CONFIG_PPC_BOOK3E_MMU
  66         mfspr   r0,SPRN_MAS0
  67         stw     r0,MAS0(r11)
  68         mfspr   r0,SPRN_MAS1
  69         stw     r0,MAS1(r11)
  70         mfspr   r0,SPRN_MAS2
  71         stw     r0,MAS2(r11)
  72         mfspr   r0,SPRN_MAS3
  73         stw     r0,MAS3(r11)
  74         mfspr   r0,SPRN_MAS6
  75         stw     r0,MAS6(r11)
  76 #ifdef CONFIG_PHYS_64BIT
  77         mfspr   r0,SPRN_MAS7
  78         stw     r0,MAS7(r11)
  79 #endif /* CONFIG_PHYS_64BIT */
  80 #endif /* CONFIG_PPC_BOOK3E_MMU */
  81 #ifdef CONFIG_44x
  82         mfspr   r0,SPRN_MMUCR
  83         stw     r0,MMUCR(r11)
  84 #endif
  85         mfspr   r0,SPRN_SRR0
  86         stw     r0,_SRR0(r11)
  87         mfspr   r0,SPRN_SRR1
  88         stw     r0,_SRR1(r11)
  89 
  90         /* set the stack limit to the current stack */
  91         mfspr   r8,SPRN_SPRG_THREAD
  92         lwz     r0,KSP_LIMIT(r8)
  93         stw     r0,SAVED_KSP_LIMIT(r11)
  94         rlwinm  r0,r1,0,0,(31 - THREAD_SHIFT)
  95         stw     r0,KSP_LIMIT(r8)
  96         /* fall through */
  97 #endif
  98 
  99 #ifdef CONFIG_40x
 100         .globl  crit_transfer_to_handler
 101 crit_transfer_to_handler:
 102         lwz     r0,crit_r10@l(0)
 103         stw     r0,GPR10(r11)
 104         lwz     r0,crit_r11@l(0)
 105         stw     r0,GPR11(r11)
 106         mfspr   r0,SPRN_SRR0
 107         stw     r0,crit_srr0@l(0)
 108         mfspr   r0,SPRN_SRR1
 109         stw     r0,crit_srr1@l(0)
 110 
 111         /* set the stack limit to the current stack */
 112         mfspr   r8,SPRN_SPRG_THREAD
 113         lwz     r0,KSP_LIMIT(r8)
 114         stw     r0,saved_ksp_limit@l(0)
 115         rlwinm  r0,r1,0,0,(31 - THREAD_SHIFT)
 116         stw     r0,KSP_LIMIT(r8)
 117         /* fall through */
 118 #endif
 119 
 120 /*
 121  * This code finishes saving the registers to the exception frame
 122  * and jumps to the appropriate handler for the exception, turning
 123  * on address translation.
 124  * Note that we rely on the caller having set cr0.eq iff the exception
 125  * occurred in kernel mode (i.e. MSR:PR = 0).
 126  */
 127         .globl  transfer_to_handler_full
 128 transfer_to_handler_full:
 129         SAVE_NVGPRS(r11)
 130         /* fall through */
 131 
 132         .globl  transfer_to_handler
 133 transfer_to_handler:
 134         stw     r2,GPR2(r11)
 135         stw     r12,_NIP(r11)
 136         stw     r9,_MSR(r11)
 137         andi.   r2,r9,MSR_PR
 138         mfctr   r12
 139         mfspr   r2,SPRN_XER
 140         stw     r12,_CTR(r11)
 141         stw     r2,_XER(r11)
 142         mfspr   r12,SPRN_SPRG_THREAD
 143         beq     2f                      /* if from user, fix up THREAD.regs */
 144         addi    r2, r12, -THREAD
 145         addi    r11,r1,STACK_FRAME_OVERHEAD
 146         stw     r11,PT_REGS(r12)
 147 #if defined(CONFIG_40x) || defined(CONFIG_BOOKE)
 148         /* Check to see if the dbcr0 register is set up to debug.  Use the
 149            internal debug mode bit to do this. */
 150         lwz     r12,THREAD_DBCR0(r12)
 151         andis.  r12,r12,DBCR0_IDM@h
 152 #endif
 153         ACCOUNT_CPU_USER_ENTRY(r2, r11, r12)
 154 #ifdef CONFIG_PPC_BOOK3S_32
 155         kuep_lock r11, r12
 156 #endif
 157 #if defined(CONFIG_40x) || defined(CONFIG_BOOKE)
 158         beq+    3f
 159         /* From user and task is ptraced - load up global dbcr0 */
 160         li      r12,-1                  /* clear all pending debug events */
 161         mtspr   SPRN_DBSR,r12
 162         lis     r11,global_dbcr0@ha
 163         tophys(r11,r11)
 164         addi    r11,r11,global_dbcr0@l
 165 #ifdef CONFIG_SMP
 166         lwz     r9,TASK_CPU(r2)
 167         slwi    r9,r9,3
 168         add     r11,r11,r9
 169 #endif
 170         lwz     r12,0(r11)
 171         mtspr   SPRN_DBCR0,r12
 172         lwz     r12,4(r11)
 173         addi    r12,r12,-1
 174         stw     r12,4(r11)
 175 #endif
 176 
 177         b       3f
 178 
 179 2:      /* if from kernel, check interrupted DOZE/NAP mode and
 180          * check for stack overflow
 181          */
 182         kuap_save_and_lock r11, r12, r9, r2, r6
 183         addi    r2, r12, -THREAD
 184         lwz     r9,KSP_LIMIT(r12)
 185         cmplw   r1,r9                   /* if r1 <= ksp_limit */
 186         ble-    stack_ovf               /* then the kernel stack overflowed */
 187 5:
 188 #if defined(CONFIG_PPC_BOOK3S_32) || defined(CONFIG_E500)
 189         lwz     r12,TI_LOCAL_FLAGS(r2)
 190         mtcrf   0x01,r12
 191         bt-     31-TLF_NAPPING,4f
 192         bt-     31-TLF_SLEEPING,7f
 193 #endif /* CONFIG_PPC_BOOK3S_32 || CONFIG_E500 */
 194         .globl transfer_to_handler_cont
 195 transfer_to_handler_cont:
 196 3:
 197         mflr    r9
 198         tovirt(r2, r2)                  /* set r2 to current */
 199         lwz     r11,0(r9)               /* virtual address of handler */
 200         lwz     r9,4(r9)                /* where to go when done */
 201 #if defined(CONFIG_PPC_8xx) && defined(CONFIG_PERF_EVENTS)
 202         mtspr   SPRN_NRI, r0
 203 #endif
 204 #ifdef CONFIG_TRACE_IRQFLAGS
 205         /*
 206          * When tracing IRQ state (lockdep) we enable the MMU before we call
 207          * the IRQ tracing functions as they might access vmalloc space or
 208          * perform IOs for console output.
 209          *
 210          * To speed up the syscall path where interrupts stay on, let's check
 211          * first if we are changing the MSR value at all.
 212          */
 213         tophys(r12, r1)
 214         lwz     r12,_MSR(r12)
 215         andi.   r12,r12,MSR_EE
 216         bne     1f
 217 
 218         /* MSR isn't changing, just transition directly */
 219 #endif
 220         mtspr   SPRN_SRR0,r11
 221         mtspr   SPRN_SRR1,r10
 222         mtlr    r9
 223         SYNC
 224         RFI                             /* jump to handler, enable MMU */
 225 
 226 #ifdef CONFIG_TRACE_IRQFLAGS
 227 1:      /* MSR is changing, re-enable MMU so we can notify lockdep. We need to
 228          * keep interrupts disabled at this point otherwise we might risk
 229          * taking an interrupt before we tell lockdep they are enabled.
 230          */
 231         lis     r12,reenable_mmu@h
 232         ori     r12,r12,reenable_mmu@l
 233         LOAD_REG_IMMEDIATE(r0, MSR_KERNEL)
 234         mtspr   SPRN_SRR0,r12
 235         mtspr   SPRN_SRR1,r0
 236         SYNC
 237         RFI
 238 
 239 reenable_mmu:
 240         /*
 241          * We save a bunch of GPRs,
 242          * r3 can be different from GPR3(r1) at this point, r9 and r11
 243          * contains the old MSR and handler address respectively,
 244          * r4 & r5 can contain page fault arguments that need to be passed
 245          * along as well. r12, CCR, CTR, XER etc... are left clobbered as
 246          * they aren't useful past this point (aren't syscall arguments),
 247          * the rest is restored from the exception frame.
 248          */
 249 
 250         stwu    r1,-32(r1)
 251         stw     r9,8(r1)
 252         stw     r11,12(r1)
 253         stw     r3,16(r1)
 254         stw     r4,20(r1)
 255         stw     r5,24(r1)
 256 
 257         /* If we are disabling interrupts (normal case), simply log it with
 258          * lockdep
 259          */
 260 1:      bl      trace_hardirqs_off
 261 2:      lwz     r5,24(r1)
 262         lwz     r4,20(r1)
 263         lwz     r3,16(r1)
 264         lwz     r11,12(r1)
 265         lwz     r9,8(r1)
 266         addi    r1,r1,32
 267         lwz     r0,GPR0(r1)
 268         lwz     r6,GPR6(r1)
 269         lwz     r7,GPR7(r1)
 270         lwz     r8,GPR8(r1)
 271         mtctr   r11
 272         mtlr    r9
 273         bctr                            /* jump to handler */
 274 #endif /* CONFIG_TRACE_IRQFLAGS */
 275 
 276 #if defined (CONFIG_PPC_BOOK3S_32) || defined(CONFIG_E500)
 277 4:      rlwinm  r12,r12,0,~_TLF_NAPPING
 278         stw     r12,TI_LOCAL_FLAGS(r2)
 279         b       power_save_ppc32_restore
 280 
 281 7:      rlwinm  r12,r12,0,~_TLF_SLEEPING
 282         stw     r12,TI_LOCAL_FLAGS(r2)
 283         lwz     r9,_MSR(r11)            /* if sleeping, clear MSR.EE */
 284         rlwinm  r9,r9,0,~MSR_EE
 285         lwz     r12,_LINK(r11)          /* and return to address in LR */
 286         kuap_restore r11, r2, r3, r4, r5
 287         lwz     r2, GPR2(r11)
 288         b       fast_exception_return
 289 #endif
 290 
 291 /*
 292  * On kernel stack overflow, load up an initial stack pointer
 293  * and call StackOverflow(regs), which should not return.
 294  */
 295 stack_ovf:
 296         /* sometimes we use a statically-allocated stack, which is OK. */
 297         lis     r12,_end@h
 298         ori     r12,r12,_end@l
 299         cmplw   r1,r12
 300         ble     5b                      /* r1 <= &_end is OK */
 301         SAVE_NVGPRS(r11)
 302         addi    r3,r1,STACK_FRAME_OVERHEAD
 303         lis     r1,init_thread_union@ha
 304         addi    r1,r1,init_thread_union@l
 305         addi    r1,r1,THREAD_SIZE-STACK_FRAME_OVERHEAD
 306         lis     r9,StackOverflow@ha
 307         addi    r9,r9,StackOverflow@l
 308         LOAD_REG_IMMEDIATE(r10,MSR_KERNEL)
 309 #if defined(CONFIG_PPC_8xx) && defined(CONFIG_PERF_EVENTS)
 310         mtspr   SPRN_NRI, r0
 311 #endif
 312         mtspr   SPRN_SRR0,r9
 313         mtspr   SPRN_SRR1,r10
 314         SYNC
 315         RFI
 316 
 317 #ifdef CONFIG_TRACE_IRQFLAGS
 318 trace_syscall_entry_irq_off:
 319         /*
 320          * Syscall shouldn't happen while interrupts are disabled,
 321          * so let's do a warning here.
 322          */
 323 0:      trap
 324         EMIT_BUG_ENTRY 0b,__FILE__,__LINE__, BUGFLAG_WARNING
 325         bl      trace_hardirqs_on
 326 
 327         /* Now enable for real */
 328         LOAD_REG_IMMEDIATE(r10, MSR_KERNEL | MSR_EE)
 329         mtmsr   r10
 330 
 331         REST_GPR(0, r1)
 332         REST_4GPRS(3, r1)
 333         REST_2GPRS(7, r1)
 334         b       DoSyscall
 335 #endif /* CONFIG_TRACE_IRQFLAGS */
 336 
 337         .globl  transfer_to_syscall
 338 transfer_to_syscall:
 339 #ifdef CONFIG_TRACE_IRQFLAGS
 340         andi.   r12,r9,MSR_EE
 341         beq-    trace_syscall_entry_irq_off
 342 #endif /* CONFIG_TRACE_IRQFLAGS */
 343 
 344 /*
 345  * Handle a system call.
 346  */
 347         .stabs  "arch/powerpc/kernel/",N_SO,0,0,0f
 348         .stabs  "entry_32.S",N_SO,0,0,0f
 349 0:
 350 
 351 _GLOBAL(DoSyscall)
 352         stw     r3,ORIG_GPR3(r1)
 353         li      r12,0
 354         stw     r12,RESULT(r1)
 355 #ifdef CONFIG_TRACE_IRQFLAGS
 356         /* Make sure interrupts are enabled */
 357         mfmsr   r11
 358         andi.   r12,r11,MSR_EE
 359         /* We came in with interrupts disabled, we WARN and mark them enabled
 360          * for lockdep now */
 361 0:      tweqi   r12, 0
 362         EMIT_BUG_ENTRY 0b,__FILE__,__LINE__, BUGFLAG_WARNING
 363 #endif /* CONFIG_TRACE_IRQFLAGS */
 364         lwz     r11,TI_FLAGS(r2)
 365         andi.   r11,r11,_TIF_SYSCALL_DOTRACE
 366         bne-    syscall_dotrace
 367 syscall_dotrace_cont:
 368         cmplwi  0,r0,NR_syscalls
 369         lis     r10,sys_call_table@h
 370         ori     r10,r10,sys_call_table@l
 371         slwi    r0,r0,2
 372         bge-    66f
 373 
 374         barrier_nospec_asm
 375         /*
 376          * Prevent the load of the handler below (based on the user-passed
 377          * system call number) being speculatively executed until the test
 378          * against NR_syscalls and branch to .66f above has
 379          * committed.
 380          */
 381 
 382         lwzx    r10,r10,r0      /* Fetch system call handler [ptr] */
 383         mtlr    r10
 384         addi    r9,r1,STACK_FRAME_OVERHEAD
 385         PPC440EP_ERR42
 386         blrl                    /* Call handler */
 387         .globl  ret_from_syscall
 388 ret_from_syscall:
 389 #ifdef CONFIG_DEBUG_RSEQ
 390         /* Check whether the syscall is issued inside a restartable sequence */
 391         stw     r3,GPR3(r1)
 392         addi    r3,r1,STACK_FRAME_OVERHEAD
 393         bl      rseq_syscall
 394         lwz     r3,GPR3(r1)
 395 #endif
 396         mr      r6,r3
 397         /* disable interrupts so current_thread_info()->flags can't change */
 398         LOAD_REG_IMMEDIATE(r10,MSR_KERNEL)      /* doesn't include MSR_EE */
 399         /* Note: We don't bother telling lockdep about it */
 400         SYNC
 401         MTMSRD(r10)
 402         lwz     r9,TI_FLAGS(r2)
 403         li      r8,-MAX_ERRNO
 404         andi.   r0,r9,(_TIF_SYSCALL_DOTRACE|_TIF_SINGLESTEP|_TIF_USER_WORK_MASK|_TIF_PERSYSCALL_MASK)
 405         bne-    syscall_exit_work
 406         cmplw   0,r3,r8
 407         blt+    syscall_exit_cont
 408         lwz     r11,_CCR(r1)                    /* Load CR */
 409         neg     r3,r3
 410         oris    r11,r11,0x1000  /* Set SO bit in CR */
 411         stw     r11,_CCR(r1)
 412 syscall_exit_cont:
 413         lwz     r8,_MSR(r1)
 414 #ifdef CONFIG_TRACE_IRQFLAGS
 415         /* If we are going to return from the syscall with interrupts
 416          * off, we trace that here. It shouldn't normally happen.
 417          */
 418         andi.   r10,r8,MSR_EE
 419         bne+    1f
 420         stw     r3,GPR3(r1)
 421         bl      trace_hardirqs_off
 422         lwz     r3,GPR3(r1)
 423 1:
 424 #endif /* CONFIG_TRACE_IRQFLAGS */
 425 #if defined(CONFIG_4xx) || defined(CONFIG_BOOKE)
 426         /* If the process has its own DBCR0 value, load it up.  The internal
 427            debug mode bit tells us that dbcr0 should be loaded. */
 428         lwz     r0,THREAD+THREAD_DBCR0(r2)
 429         andis.  r10,r0,DBCR0_IDM@h
 430         bnel-   load_dbcr0
 431 #endif
 432 #ifdef CONFIG_44x
 433 BEGIN_MMU_FTR_SECTION
 434         lis     r4,icache_44x_need_flush@ha
 435         lwz     r5,icache_44x_need_flush@l(r4)
 436         cmplwi  cr0,r5,0
 437         bne-    2f
 438 1:
 439 END_MMU_FTR_SECTION_IFCLR(MMU_FTR_TYPE_47x)
 440 #endif /* CONFIG_44x */
 441 BEGIN_FTR_SECTION
 442         lwarx   r7,0,r1
 443 END_FTR_SECTION_IFSET(CPU_FTR_NEED_PAIRED_STWCX)
 444         stwcx.  r0,0,r1                 /* to clear the reservation */
 445         ACCOUNT_CPU_USER_EXIT(r2, r5, r7)
 446 #ifdef CONFIG_PPC_BOOK3S_32
 447         kuep_unlock r5, r7
 448 #endif
 449         kuap_check r2, r4
 450         lwz     r4,_LINK(r1)
 451         lwz     r5,_CCR(r1)
 452         mtlr    r4
 453         mtcr    r5
 454         lwz     r7,_NIP(r1)
 455         lwz     r2,GPR2(r1)
 456         lwz     r1,GPR1(r1)
 457 #if defined(CONFIG_PPC_8xx) && defined(CONFIG_PERF_EVENTS)
 458         mtspr   SPRN_NRI, r0
 459 #endif
 460         mtspr   SPRN_SRR0,r7
 461         mtspr   SPRN_SRR1,r8
 462         SYNC
 463         RFI
 464 #ifdef CONFIG_44x
 465 2:      li      r7,0
 466         iccci   r0,r0
 467         stw     r7,icache_44x_need_flush@l(r4)
 468         b       1b
 469 #endif  /* CONFIG_44x */
 470 
 471 66:     li      r3,-ENOSYS
 472         b       ret_from_syscall
 473 
 474         .globl  ret_from_fork
 475 ret_from_fork:
 476         REST_NVGPRS(r1)
 477         bl      schedule_tail
 478         li      r3,0
 479         b       ret_from_syscall
 480 
 481         .globl  ret_from_kernel_thread
 482 ret_from_kernel_thread:
 483         REST_NVGPRS(r1)
 484         bl      schedule_tail
 485         mtlr    r14
 486         mr      r3,r15
 487         PPC440EP_ERR42
 488         blrl
 489         li      r3,0
 490         b       ret_from_syscall
 491 
 492 /* Traced system call support */
 493 syscall_dotrace:
 494         SAVE_NVGPRS(r1)
 495         li      r0,0xc00
 496         stw     r0,_TRAP(r1)
 497         addi    r3,r1,STACK_FRAME_OVERHEAD
 498         bl      do_syscall_trace_enter
 499         /*
 500          * Restore argument registers possibly just changed.
 501          * We use the return value of do_syscall_trace_enter
 502          * for call number to look up in the table (r0).
 503          */
 504         mr      r0,r3
 505         lwz     r3,GPR3(r1)
 506         lwz     r4,GPR4(r1)
 507         lwz     r5,GPR5(r1)
 508         lwz     r6,GPR6(r1)
 509         lwz     r7,GPR7(r1)
 510         lwz     r8,GPR8(r1)
 511         REST_NVGPRS(r1)
 512 
 513         cmplwi  r0,NR_syscalls
 514         /* Return code is already in r3 thanks to do_syscall_trace_enter() */
 515         bge-    ret_from_syscall
 516         b       syscall_dotrace_cont
 517 
 518 syscall_exit_work:
 519         andi.   r0,r9,_TIF_RESTOREALL
 520         beq+    0f
 521         REST_NVGPRS(r1)
 522         b       2f
 523 0:      cmplw   0,r3,r8
 524         blt+    1f
 525         andi.   r0,r9,_TIF_NOERROR
 526         bne-    1f
 527         lwz     r11,_CCR(r1)                    /* Load CR */
 528         neg     r3,r3
 529         oris    r11,r11,0x1000  /* Set SO bit in CR */
 530         stw     r11,_CCR(r1)
 531 
 532 1:      stw     r6,RESULT(r1)   /* Save result */
 533         stw     r3,GPR3(r1)     /* Update return value */
 534 2:      andi.   r0,r9,(_TIF_PERSYSCALL_MASK)
 535         beq     4f
 536 
 537         /* Clear per-syscall TIF flags if any are set.  */
 538 
 539         li      r11,_TIF_PERSYSCALL_MASK
 540         addi    r12,r2,TI_FLAGS
 541 3:      lwarx   r8,0,r12
 542         andc    r8,r8,r11
 543 #ifdef CONFIG_IBM405_ERR77
 544         dcbt    0,r12
 545 #endif
 546         stwcx.  r8,0,r12
 547         bne-    3b
 548         
 549 4:      /* Anything which requires enabling interrupts? */
 550         andi.   r0,r9,(_TIF_SYSCALL_DOTRACE|_TIF_SINGLESTEP)
 551         beq     ret_from_except
 552 
 553         /* Re-enable interrupts. There is no need to trace that with
 554          * lockdep as we are supposed to have IRQs on at this point
 555          */
 556         ori     r10,r10,MSR_EE
 557         SYNC
 558         MTMSRD(r10)
 559 
 560         /* Save NVGPRS if they're not saved already */
 561         lwz     r4,_TRAP(r1)
 562         andi.   r4,r4,1
 563         beq     5f
 564         SAVE_NVGPRS(r1)
 565         li      r4,0xc00
 566         stw     r4,_TRAP(r1)
 567 5:
 568         addi    r3,r1,STACK_FRAME_OVERHEAD
 569         bl      do_syscall_trace_leave
 570         b       ret_from_except_full
 571 
 572 /*
 573  * The fork/clone functions need to copy the full register set into
 574  * the child process. Therefore we need to save all the nonvolatile
 575  * registers (r13 - r31) before calling the C code.
 576  */
 577         .globl  ppc_fork
 578 ppc_fork:
 579         SAVE_NVGPRS(r1)
 580         lwz     r0,_TRAP(r1)
 581         rlwinm  r0,r0,0,0,30            /* clear LSB to indicate full */
 582         stw     r0,_TRAP(r1)            /* register set saved */
 583         b       sys_fork
 584 
 585         .globl  ppc_vfork
 586 ppc_vfork:
 587         SAVE_NVGPRS(r1)
 588         lwz     r0,_TRAP(r1)
 589         rlwinm  r0,r0,0,0,30            /* clear LSB to indicate full */
 590         stw     r0,_TRAP(r1)            /* register set saved */
 591         b       sys_vfork
 592 
 593         .globl  ppc_clone
 594 ppc_clone:
 595         SAVE_NVGPRS(r1)
 596         lwz     r0,_TRAP(r1)
 597         rlwinm  r0,r0,0,0,30            /* clear LSB to indicate full */
 598         stw     r0,_TRAP(r1)            /* register set saved */
 599         b       sys_clone
 600 
 601         .globl  ppc_clone3
 602 ppc_clone3:
 603         SAVE_NVGPRS(r1)
 604         lwz     r0,_TRAP(r1)
 605         rlwinm  r0,r0,0,0,30            /* clear LSB to indicate full */
 606         stw     r0,_TRAP(r1)            /* register set saved */
 607         b       sys_clone3
 608 
 609         .globl  ppc_swapcontext
 610 ppc_swapcontext:
 611         SAVE_NVGPRS(r1)
 612         lwz     r0,_TRAP(r1)
 613         rlwinm  r0,r0,0,0,30            /* clear LSB to indicate full */
 614         stw     r0,_TRAP(r1)            /* register set saved */
 615         b       sys_swapcontext
 616 
 617 /*
 618  * Top-level page fault handling.
 619  * This is in assembler because if do_page_fault tells us that
 620  * it is a bad kernel page fault, we want to save the non-volatile
 621  * registers before calling bad_page_fault.
 622  */
 623         .globl  handle_page_fault
 624 handle_page_fault:
 625         stw     r4,_DAR(r1)
 626         addi    r3,r1,STACK_FRAME_OVERHEAD
 627 #ifdef CONFIG_PPC_BOOK3S_32
 628         andis.  r0,r5,DSISR_DABRMATCH@h
 629         bne-    handle_dabr_fault
 630 #endif
 631         bl      do_page_fault
 632         cmpwi   r3,0
 633         beq+    ret_from_except
 634         SAVE_NVGPRS(r1)
 635         lwz     r0,_TRAP(r1)
 636         clrrwi  r0,r0,1
 637         stw     r0,_TRAP(r1)
 638         mr      r5,r3
 639         addi    r3,r1,STACK_FRAME_OVERHEAD
 640         lwz     r4,_DAR(r1)
 641         bl      bad_page_fault
 642         b       ret_from_except_full
 643 
 644 #ifdef CONFIG_PPC_BOOK3S_32
 645         /* We have a data breakpoint exception - handle it */
 646 handle_dabr_fault:
 647         SAVE_NVGPRS(r1)
 648         lwz     r0,_TRAP(r1)
 649         clrrwi  r0,r0,1
 650         stw     r0,_TRAP(r1)
 651         bl      do_break
 652         b       ret_from_except_full
 653 #endif
 654 
 655 /*
 656  * This routine switches between two different tasks.  The process
 657  * state of one is saved on its kernel stack.  Then the state
 658  * of the other is restored from its kernel stack.  The memory
 659  * management hardware is updated to the second process's state.
 660  * Finally, we can return to the second process.
 661  * On entry, r3 points to the THREAD for the current task, r4
 662  * points to the THREAD for the new task.
 663  *
 664  * This routine is always called with interrupts disabled.
 665  *
 666  * Note: there are two ways to get to the "going out" portion
 667  * of this code; either by coming in via the entry (_switch)
 668  * or via "fork" which must set up an environment equivalent
 669  * to the "_switch" path.  If you change this , you'll have to
 670  * change the fork code also.
 671  *
 672  * The code which creates the new task context is in 'copy_thread'
 673  * in arch/ppc/kernel/process.c
 674  */
 675 _GLOBAL(_switch)
 676         stwu    r1,-INT_FRAME_SIZE(r1)
 677         mflr    r0
 678         stw     r0,INT_FRAME_SIZE+4(r1)
 679         /* r3-r12 are caller saved -- Cort */
 680         SAVE_NVGPRS(r1)
 681         stw     r0,_NIP(r1)     /* Return to switch caller */
 682         mfmsr   r11
 683         li      r0,MSR_FP       /* Disable floating-point */
 684 #ifdef CONFIG_ALTIVEC
 685 BEGIN_FTR_SECTION
 686         oris    r0,r0,MSR_VEC@h /* Disable altivec */
 687         mfspr   r12,SPRN_VRSAVE /* save vrsave register value */
 688         stw     r12,THREAD+THREAD_VRSAVE(r2)
 689 END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
 690 #endif /* CONFIG_ALTIVEC */
 691 #ifdef CONFIG_SPE
 692 BEGIN_FTR_SECTION
 693         oris    r0,r0,MSR_SPE@h  /* Disable SPE */
 694         mfspr   r12,SPRN_SPEFSCR /* save spefscr register value */
 695         stw     r12,THREAD+THREAD_SPEFSCR(r2)
 696 END_FTR_SECTION_IFSET(CPU_FTR_SPE)
 697 #endif /* CONFIG_SPE */
 698         and.    r0,r0,r11       /* FP or altivec or SPE enabled? */
 699         beq+    1f
 700         andc    r11,r11,r0
 701         MTMSRD(r11)
 702         isync
 703 1:      stw     r11,_MSR(r1)
 704         mfcr    r10
 705         stw     r10,_CCR(r1)
 706         stw     r1,KSP(r3)      /* Set old stack pointer */
 707 
 708         kuap_check r2, r0
 709 #ifdef CONFIG_SMP
 710         /* We need a sync somewhere here to make sure that if the
 711          * previous task gets rescheduled on another CPU, it sees all
 712          * stores it has performed on this one.
 713          */
 714         sync
 715 #endif /* CONFIG_SMP */
 716 
 717         tophys(r0,r4)
 718         mtspr   SPRN_SPRG_THREAD,r0     /* Update current THREAD phys addr */
 719         lwz     r1,KSP(r4)      /* Load new stack pointer */
 720 
 721         /* save the old current 'last' for return value */
 722         mr      r3,r2
 723         addi    r2,r4,-THREAD   /* Update current */
 724 
 725 #ifdef CONFIG_ALTIVEC
 726 BEGIN_FTR_SECTION
 727         lwz     r0,THREAD+THREAD_VRSAVE(r2)
 728         mtspr   SPRN_VRSAVE,r0          /* if G4, restore VRSAVE reg */
 729 END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
 730 #endif /* CONFIG_ALTIVEC */
 731 #ifdef CONFIG_SPE
 732 BEGIN_FTR_SECTION
 733         lwz     r0,THREAD+THREAD_SPEFSCR(r2)
 734         mtspr   SPRN_SPEFSCR,r0         /* restore SPEFSCR reg */
 735 END_FTR_SECTION_IFSET(CPU_FTR_SPE)
 736 #endif /* CONFIG_SPE */
 737 
 738         lwz     r0,_CCR(r1)
 739         mtcrf   0xFF,r0
 740         /* r3-r12 are destroyed -- Cort */
 741         REST_NVGPRS(r1)
 742 
 743         lwz     r4,_NIP(r1)     /* Return to _switch caller in new task */
 744         mtlr    r4
 745         addi    r1,r1,INT_FRAME_SIZE
 746         blr
 747 
 748         .globl  fast_exception_return
 749 fast_exception_return:
 750 #if !(defined(CONFIG_4xx) || defined(CONFIG_BOOKE))
 751         andi.   r10,r9,MSR_RI           /* check for recoverable interrupt */
 752         beq     1f                      /* if not, we've got problems */
 753 #endif
 754 
 755 2:      REST_4GPRS(3, r11)
 756         lwz     r10,_CCR(r11)
 757         REST_GPR(1, r11)
 758         mtcr    r10
 759         lwz     r10,_LINK(r11)
 760         mtlr    r10
 761         /* Clear the exception_marker on the stack to avoid confusing stacktrace */
 762         li      r10, 0
 763         stw     r10, 8(r11)
 764         REST_GPR(10, r11)
 765 #if defined(CONFIG_PPC_8xx) && defined(CONFIG_PERF_EVENTS)
 766         mtspr   SPRN_NRI, r0
 767 #endif
 768         mtspr   SPRN_SRR1,r9
 769         mtspr   SPRN_SRR0,r12
 770         REST_GPR(9, r11)
 771         REST_GPR(12, r11)
 772         lwz     r11,GPR11(r11)
 773         SYNC
 774         RFI
 775 
 776 #if !(defined(CONFIG_4xx) || defined(CONFIG_BOOKE))
 777 /* check if the exception happened in a restartable section */
 778 1:      lis     r3,exc_exit_restart_end@ha
 779         addi    r3,r3,exc_exit_restart_end@l
 780         cmplw   r12,r3
 781 #ifdef CONFIG_PPC_BOOK3S_601
 782         bge     2b
 783 #else
 784         bge     3f
 785 #endif
 786         lis     r4,exc_exit_restart@ha
 787         addi    r4,r4,exc_exit_restart@l
 788         cmplw   r12,r4
 789 #ifdef CONFIG_PPC_BOOK3S_601
 790         blt     2b
 791 #else
 792         blt     3f
 793 #endif
 794         lis     r3,fee_restarts@ha
 795         tophys(r3,r3)
 796         lwz     r5,fee_restarts@l(r3)
 797         addi    r5,r5,1
 798         stw     r5,fee_restarts@l(r3)
 799         mr      r12,r4          /* restart at exc_exit_restart */
 800         b       2b
 801 
 802         .section .bss
 803         .align  2
 804 fee_restarts:
 805         .space  4
 806         .previous
 807 
 808 /* aargh, a nonrecoverable interrupt, panic */
 809 /* aargh, we don't know which trap this is */
 810 /* but the 601 doesn't implement the RI bit, so assume it's OK */
 811 3:
 812         li      r10,-1
 813         stw     r10,_TRAP(r11)
 814         addi    r3,r1,STACK_FRAME_OVERHEAD
 815         lis     r10,MSR_KERNEL@h
 816         ori     r10,r10,MSR_KERNEL@l
 817         bl      transfer_to_handler_full
 818         .long   unrecoverable_exception
 819         .long   ret_from_except
 820 #endif
 821 
 822         .globl  ret_from_except_full
 823 ret_from_except_full:
 824         REST_NVGPRS(r1)
 825         /* fall through */
 826 
 827         .globl  ret_from_except
 828 ret_from_except:
 829         /* Hard-disable interrupts so that current_thread_info()->flags
 830          * can't change between when we test it and when we return
 831          * from the interrupt. */
 832         /* Note: We don't bother telling lockdep about it */
 833         LOAD_REG_IMMEDIATE(r10,MSR_KERNEL)
 834         SYNC                    /* Some chip revs have problems here... */
 835         MTMSRD(r10)             /* disable interrupts */
 836 
 837         lwz     r3,_MSR(r1)     /* Returning to user mode? */
 838         andi.   r0,r3,MSR_PR
 839         beq     resume_kernel
 840 
 841 user_exc_return:                /* r10 contains MSR_KERNEL here */
 842         /* Check current_thread_info()->flags */
 843         lwz     r9,TI_FLAGS(r2)
 844         andi.   r0,r9,_TIF_USER_WORK_MASK
 845         bne     do_work
 846 
 847 restore_user:
 848 #if defined(CONFIG_4xx) || defined(CONFIG_BOOKE)
 849         /* Check whether this process has its own DBCR0 value.  The internal
 850            debug mode bit tells us that dbcr0 should be loaded. */
 851         lwz     r0,THREAD+THREAD_DBCR0(r2)
 852         andis.  r10,r0,DBCR0_IDM@h
 853         bnel-   load_dbcr0
 854 #endif
 855         ACCOUNT_CPU_USER_EXIT(r2, r10, r11)
 856 #ifdef CONFIG_PPC_BOOK3S_32
 857         kuep_unlock     r10, r11
 858 #endif
 859 
 860         b       restore
 861 
 862 /* N.B. the only way to get here is from the beq following ret_from_except. */
 863 resume_kernel:
 864         /* check current_thread_info, _TIF_EMULATE_STACK_STORE */
 865         lwz     r8,TI_FLAGS(r2)
 866         andis.  r0,r8,_TIF_EMULATE_STACK_STORE@h
 867         beq+    1f
 868 
 869         addi    r8,r1,INT_FRAME_SIZE    /* Get the kprobed function entry */
 870 
 871         lwz     r3,GPR1(r1)
 872         subi    r3,r3,INT_FRAME_SIZE    /* dst: Allocate a trampoline exception frame */
 873         mr      r4,r1                   /* src:  current exception frame */
 874         mr      r1,r3                   /* Reroute the trampoline frame to r1 */
 875 
 876         /* Copy from the original to the trampoline. */
 877         li      r5,INT_FRAME_SIZE/4     /* size: INT_FRAME_SIZE */
 878         li      r6,0                    /* start offset: 0 */
 879         mtctr   r5
 880 2:      lwzx    r0,r6,r4
 881         stwx    r0,r6,r3
 882         addi    r6,r6,4
 883         bdnz    2b
 884 
 885         /* Do real store operation to complete stwu */
 886         lwz     r5,GPR1(r1)
 887         stw     r8,0(r5)
 888 
 889         /* Clear _TIF_EMULATE_STACK_STORE flag */
 890         lis     r11,_TIF_EMULATE_STACK_STORE@h
 891         addi    r5,r2,TI_FLAGS
 892 0:      lwarx   r8,0,r5
 893         andc    r8,r8,r11
 894 #ifdef CONFIG_IBM405_ERR77
 895         dcbt    0,r5
 896 #endif
 897         stwcx.  r8,0,r5
 898         bne-    0b
 899 1:
 900 
 901 #ifdef CONFIG_PREEMPT
 902         /* check current_thread_info->preempt_count */
 903         lwz     r0,TI_PREEMPT(r2)
 904         cmpwi   0,r0,0          /* if non-zero, just restore regs and return */
 905         bne     restore_kuap
 906         andi.   r8,r8,_TIF_NEED_RESCHED
 907         beq+    restore_kuap
 908         lwz     r3,_MSR(r1)
 909         andi.   r0,r3,MSR_EE    /* interrupts off? */
 910         beq     restore_kuap    /* don't schedule if so */
 911 #ifdef CONFIG_TRACE_IRQFLAGS
 912         /* Lockdep thinks irqs are enabled, we need to call
 913          * preempt_schedule_irq with IRQs off, so we inform lockdep
 914          * now that we -did- turn them off already
 915          */
 916         bl      trace_hardirqs_off
 917 #endif
 918         bl      preempt_schedule_irq
 919 #ifdef CONFIG_TRACE_IRQFLAGS
 920         /* And now, to properly rebalance the above, we tell lockdep they
 921          * are being turned back on, which will happen when we return
 922          */
 923         bl      trace_hardirqs_on
 924 #endif
 925 #endif /* CONFIG_PREEMPT */
 926 restore_kuap:
 927         kuap_restore r1, r2, r9, r10, r0
 928 
 929         /* interrupts are hard-disabled at this point */
 930 restore:
 931 #ifdef CONFIG_44x
 932 BEGIN_MMU_FTR_SECTION
 933         b       1f
 934 END_MMU_FTR_SECTION_IFSET(MMU_FTR_TYPE_47x)
 935         lis     r4,icache_44x_need_flush@ha
 936         lwz     r5,icache_44x_need_flush@l(r4)
 937         cmplwi  cr0,r5,0
 938         beq+    1f
 939         li      r6,0
 940         iccci   r0,r0
 941         stw     r6,icache_44x_need_flush@l(r4)
 942 1:
 943 #endif  /* CONFIG_44x */
 944 
 945         lwz     r9,_MSR(r1)
 946 #ifdef CONFIG_TRACE_IRQFLAGS
 947         /* Lockdep doesn't know about the fact that IRQs are temporarily turned
 948          * off in this assembly code while peeking at TI_FLAGS() and such. However
 949          * we need to inform it if the exception turned interrupts off, and we
 950          * are about to trun them back on.
 951          */
 952         andi.   r10,r9,MSR_EE
 953         beq     1f
 954         stwu    r1,-32(r1)
 955         mflr    r0
 956         stw     r0,4(r1)
 957         bl      trace_hardirqs_on
 958         addi    r1, r1, 32
 959         lwz     r9,_MSR(r1)
 960 1:
 961 #endif /* CONFIG_TRACE_IRQFLAGS */
 962 
 963         lwz     r0,GPR0(r1)
 964         lwz     r2,GPR2(r1)
 965         REST_4GPRS(3, r1)
 966         REST_2GPRS(7, r1)
 967 
 968         lwz     r10,_XER(r1)
 969         lwz     r11,_CTR(r1)
 970         mtspr   SPRN_XER,r10
 971         mtctr   r11
 972 
 973         PPC405_ERR77(0,r1)
 974 BEGIN_FTR_SECTION
 975         lwarx   r11,0,r1
 976 END_FTR_SECTION_IFSET(CPU_FTR_NEED_PAIRED_STWCX)
 977         stwcx.  r0,0,r1                 /* to clear the reservation */
 978 
 979 #if !(defined(CONFIG_4xx) || defined(CONFIG_BOOKE))
 980         andi.   r10,r9,MSR_RI           /* check if this exception occurred */
 981         beql    nonrecoverable          /* at a bad place (MSR:RI = 0) */
 982 
 983         lwz     r10,_CCR(r1)
 984         lwz     r11,_LINK(r1)
 985         mtcrf   0xFF,r10
 986         mtlr    r11
 987 
 988         /* Clear the exception_marker on the stack to avoid confusing stacktrace */
 989         li      r10, 0
 990         stw     r10, 8(r1)
 991         /*
 992          * Once we put values in SRR0 and SRR1, we are in a state
 993          * where exceptions are not recoverable, since taking an
 994          * exception will trash SRR0 and SRR1.  Therefore we clear the
 995          * MSR:RI bit to indicate this.  If we do take an exception,
 996          * we can't return to the point of the exception but we
 997          * can restart the exception exit path at the label
 998          * exc_exit_restart below.  -- paulus
 999          */
1000         LOAD_REG_IMMEDIATE(r10,MSR_KERNEL & ~MSR_RI)
1001         SYNC
1002         MTMSRD(r10)             /* clear the RI bit */
1003         .globl exc_exit_restart
1004 exc_exit_restart:
1005         lwz     r12,_NIP(r1)
1006         mtspr   SPRN_SRR0,r12
1007         mtspr   SPRN_SRR1,r9
1008         REST_4GPRS(9, r1)
1009         lwz     r1,GPR1(r1)
1010         .globl exc_exit_restart_end
1011 exc_exit_restart_end:
1012         SYNC
1013         RFI
1014 
1015 #else /* !(CONFIG_4xx || CONFIG_BOOKE) */
1016         /*
1017          * This is a bit different on 4xx/Book-E because it doesn't have
1018          * the RI bit in the MSR.
1019          * The TLB miss handler checks if we have interrupted
1020          * the exception exit path and restarts it if so
1021          * (well maybe one day it will... :).
1022          */
1023         lwz     r11,_LINK(r1)
1024         mtlr    r11
1025         lwz     r10,_CCR(r1)
1026         mtcrf   0xff,r10
1027         /* Clear the exception_marker on the stack to avoid confusing stacktrace */
1028         li      r10, 0
1029         stw     r10, 8(r1)
1030         REST_2GPRS(9, r1)
1031         .globl exc_exit_restart
1032 exc_exit_restart:
1033         lwz     r11,_NIP(r1)
1034         lwz     r12,_MSR(r1)
1035 exc_exit_start:
1036         mtspr   SPRN_SRR0,r11
1037         mtspr   SPRN_SRR1,r12
1038         REST_2GPRS(11, r1)
1039         lwz     r1,GPR1(r1)
1040         .globl exc_exit_restart_end
1041 exc_exit_restart_end:
1042         PPC405_ERR77_SYNC
1043         rfi
1044         b       .                       /* prevent prefetch past rfi */
1045 
1046 /*
1047  * Returning from a critical interrupt in user mode doesn't need
1048  * to be any different from a normal exception.  For a critical
1049  * interrupt in the kernel, we just return (without checking for
1050  * preemption) since the interrupt may have happened at some crucial
1051  * place (e.g. inside the TLB miss handler), and because we will be
1052  * running with r1 pointing into critical_stack, not the current
1053  * process's kernel stack (and therefore current_thread_info() will
1054  * give the wrong answer).
1055  * We have to restore various SPRs that may have been in use at the
1056  * time of the critical interrupt.
1057  *
1058  */
1059 #ifdef CONFIG_40x
1060 #define PPC_40x_TURN_OFF_MSR_DR                                             \
1061         /* avoid any possible TLB misses here by turning off MSR.DR, we     \
1062          * assume the instructions here are mapped by a pinned TLB entry */ \
1063         li      r10,MSR_IR;                                                 \
1064         mtmsr   r10;                                                        \
1065         isync;                                                              \
1066         tophys(r1, r1);
1067 #else
1068 #define PPC_40x_TURN_OFF_MSR_DR
1069 #endif
1070 
1071 #define RET_FROM_EXC_LEVEL(exc_lvl_srr0, exc_lvl_srr1, exc_lvl_rfi)     \
1072         REST_NVGPRS(r1);                                                \
1073         lwz     r3,_MSR(r1);                                            \
1074         andi.   r3,r3,MSR_PR;                                           \
1075         LOAD_REG_IMMEDIATE(r10,MSR_KERNEL);                             \
1076         bne     user_exc_return;                                        \
1077         lwz     r0,GPR0(r1);                                            \
1078         lwz     r2,GPR2(r1);                                            \
1079         REST_4GPRS(3, r1);                                              \
1080         REST_2GPRS(7, r1);                                              \
1081         lwz     r10,_XER(r1);                                           \
1082         lwz     r11,_CTR(r1);                                           \
1083         mtspr   SPRN_XER,r10;                                           \
1084         mtctr   r11;                                                    \
1085         PPC405_ERR77(0,r1);                                             \
1086         stwcx.  r0,0,r1;                /* to clear the reservation */  \
1087         lwz     r11,_LINK(r1);                                          \
1088         mtlr    r11;                                                    \
1089         lwz     r10,_CCR(r1);                                           \
1090         mtcrf   0xff,r10;                                               \
1091         PPC_40x_TURN_OFF_MSR_DR;                                        \
1092         lwz     r9,_DEAR(r1);                                           \
1093         lwz     r10,_ESR(r1);                                           \
1094         mtspr   SPRN_DEAR,r9;                                           \
1095         mtspr   SPRN_ESR,r10;                                           \
1096         lwz     r11,_NIP(r1);                                           \
1097         lwz     r12,_MSR(r1);                                           \
1098         mtspr   exc_lvl_srr0,r11;                                       \
1099         mtspr   exc_lvl_srr1,r12;                                       \
1100         lwz     r9,GPR9(r1);                                            \
1101         lwz     r12,GPR12(r1);                                          \
1102         lwz     r10,GPR10(r1);                                          \
1103         lwz     r11,GPR11(r1);                                          \
1104         lwz     r1,GPR1(r1);                                            \
1105         PPC405_ERR77_SYNC;                                              \
1106         exc_lvl_rfi;                                                    \
1107         b       .;              /* prevent prefetch past exc_lvl_rfi */
1108 
1109 #define RESTORE_xSRR(exc_lvl_srr0, exc_lvl_srr1)                        \
1110         lwz     r9,_##exc_lvl_srr0(r1);                                 \
1111         lwz     r10,_##exc_lvl_srr1(r1);                                \
1112         mtspr   SPRN_##exc_lvl_srr0,r9;                                 \
1113         mtspr   SPRN_##exc_lvl_srr1,r10;
1114 
1115 #if defined(CONFIG_PPC_BOOK3E_MMU)
1116 #ifdef CONFIG_PHYS_64BIT
1117 #define RESTORE_MAS7                                                    \
1118         lwz     r11,MAS7(r1);                                           \
1119         mtspr   SPRN_MAS7,r11;
1120 #else
1121 #define RESTORE_MAS7
1122 #endif /* CONFIG_PHYS_64BIT */
1123 #define RESTORE_MMU_REGS                                                \
1124         lwz     r9,MAS0(r1);                                            \
1125         lwz     r10,MAS1(r1);                                           \
1126         lwz     r11,MAS2(r1);                                           \
1127         mtspr   SPRN_MAS0,r9;                                           \
1128         lwz     r9,MAS3(r1);                                            \
1129         mtspr   SPRN_MAS1,r10;                                          \
1130         lwz     r10,MAS6(r1);                                           \
1131         mtspr   SPRN_MAS2,r11;                                          \
1132         mtspr   SPRN_MAS3,r9;                                           \
1133         mtspr   SPRN_MAS6,r10;                                          \
1134         RESTORE_MAS7;
1135 #elif defined(CONFIG_44x)
1136 #define RESTORE_MMU_REGS                                                \
1137         lwz     r9,MMUCR(r1);                                           \
1138         mtspr   SPRN_MMUCR,r9;
1139 #else
1140 #define RESTORE_MMU_REGS
1141 #endif
1142 
1143 #ifdef CONFIG_40x
1144         .globl  ret_from_crit_exc
1145 ret_from_crit_exc:
1146         mfspr   r9,SPRN_SPRG_THREAD
1147         lis     r10,saved_ksp_limit@ha;
1148         lwz     r10,saved_ksp_limit@l(r10);
1149         tovirt(r9,r9);
1150         stw     r10,KSP_LIMIT(r9)
1151         lis     r9,crit_srr0@ha;
1152         lwz     r9,crit_srr0@l(r9);
1153         lis     r10,crit_srr1@ha;
1154         lwz     r10,crit_srr1@l(r10);
1155         mtspr   SPRN_SRR0,r9;
1156         mtspr   SPRN_SRR1,r10;
1157         RET_FROM_EXC_LEVEL(SPRN_CSRR0, SPRN_CSRR1, PPC_RFCI)
1158 #endif /* CONFIG_40x */
1159 
1160 #ifdef CONFIG_BOOKE
1161         .globl  ret_from_crit_exc
1162 ret_from_crit_exc:
1163         mfspr   r9,SPRN_SPRG_THREAD
1164         lwz     r10,SAVED_KSP_LIMIT(r1)
1165         stw     r10,KSP_LIMIT(r9)
1166         RESTORE_xSRR(SRR0,SRR1);
1167         RESTORE_MMU_REGS;
1168         RET_FROM_EXC_LEVEL(SPRN_CSRR0, SPRN_CSRR1, PPC_RFCI)
1169 
1170         .globl  ret_from_debug_exc
1171 ret_from_debug_exc:
1172         mfspr   r9,SPRN_SPRG_THREAD
1173         lwz     r10,SAVED_KSP_LIMIT(r1)
1174         stw     r10,KSP_LIMIT(r9)
1175         RESTORE_xSRR(SRR0,SRR1);
1176         RESTORE_xSRR(CSRR0,CSRR1);
1177         RESTORE_MMU_REGS;
1178         RET_FROM_EXC_LEVEL(SPRN_DSRR0, SPRN_DSRR1, PPC_RFDI)
1179 
1180         .globl  ret_from_mcheck_exc
1181 ret_from_mcheck_exc:
1182         mfspr   r9,SPRN_SPRG_THREAD
1183         lwz     r10,SAVED_KSP_LIMIT(r1)
1184         stw     r10,KSP_LIMIT(r9)
1185         RESTORE_xSRR(SRR0,SRR1);
1186         RESTORE_xSRR(CSRR0,CSRR1);
1187         RESTORE_xSRR(DSRR0,DSRR1);
1188         RESTORE_MMU_REGS;
1189         RET_FROM_EXC_LEVEL(SPRN_MCSRR0, SPRN_MCSRR1, PPC_RFMCI)
1190 #endif /* CONFIG_BOOKE */
1191 
1192 /*
1193  * Load the DBCR0 value for a task that is being ptraced,
1194  * having first saved away the global DBCR0.  Note that r0
1195  * has the dbcr0 value to set upon entry to this.
1196  */
1197 load_dbcr0:
1198         mfmsr   r10             /* first disable debug exceptions */
1199         rlwinm  r10,r10,0,~MSR_DE
1200         mtmsr   r10
1201         isync
1202         mfspr   r10,SPRN_DBCR0
1203         lis     r11,global_dbcr0@ha
1204         addi    r11,r11,global_dbcr0@l
1205 #ifdef CONFIG_SMP
1206         lwz     r9,TASK_CPU(r2)
1207         slwi    r9,r9,3
1208         add     r11,r11,r9
1209 #endif
1210         stw     r10,0(r11)
1211         mtspr   SPRN_DBCR0,r0
1212         lwz     r10,4(r11)
1213         addi    r10,r10,1
1214         stw     r10,4(r11)
1215         li      r11,-1
1216         mtspr   SPRN_DBSR,r11   /* clear all pending debug events */
1217         blr
1218 
1219         .section .bss
1220         .align  4
1221         .global global_dbcr0
1222 global_dbcr0:
1223         .space  8*NR_CPUS
1224         .previous
1225 #endif /* !(CONFIG_4xx || CONFIG_BOOKE) */
1226 
1227 do_work:                        /* r10 contains MSR_KERNEL here */
1228         andi.   r0,r9,_TIF_NEED_RESCHED
1229         beq     do_user_signal
1230 
1231 do_resched:                     /* r10 contains MSR_KERNEL here */
1232 #ifdef CONFIG_TRACE_IRQFLAGS
1233         bl      trace_hardirqs_on
1234         mfmsr   r10
1235 #endif
1236         ori     r10,r10,MSR_EE
1237         SYNC
1238         MTMSRD(r10)             /* hard-enable interrupts */
1239         bl      schedule
1240 recheck:
1241         /* Note: And we don't tell it we are disabling them again
1242          * neither. Those disable/enable cycles used to peek at
1243          * TI_FLAGS aren't advertised.
1244          */
1245         LOAD_REG_IMMEDIATE(r10,MSR_KERNEL)
1246         SYNC
1247         MTMSRD(r10)             /* disable interrupts */
1248         lwz     r9,TI_FLAGS(r2)
1249         andi.   r0,r9,_TIF_NEED_RESCHED
1250         bne-    do_resched
1251         andi.   r0,r9,_TIF_USER_WORK_MASK
1252         beq     restore_user
1253 do_user_signal:                 /* r10 contains MSR_KERNEL here */
1254         ori     r10,r10,MSR_EE
1255         SYNC
1256         MTMSRD(r10)             /* hard-enable interrupts */
1257         /* save r13-r31 in the exception frame, if not already done */
1258         lwz     r3,_TRAP(r1)
1259         andi.   r0,r3,1
1260         beq     2f
1261         SAVE_NVGPRS(r1)
1262         rlwinm  r3,r3,0,0,30
1263         stw     r3,_TRAP(r1)
1264 2:      addi    r3,r1,STACK_FRAME_OVERHEAD
1265         mr      r4,r9
1266         bl      do_notify_resume
1267         REST_NVGPRS(r1)
1268         b       recheck
1269 
1270 /*
1271  * We come here when we are at the end of handling an exception
1272  * that occurred at a place where taking an exception will lose
1273  * state information, such as the contents of SRR0 and SRR1.
1274  */
1275 nonrecoverable:
1276         lis     r10,exc_exit_restart_end@ha
1277         addi    r10,r10,exc_exit_restart_end@l
1278         cmplw   r12,r10
1279 #ifdef CONFIG_PPC_BOOK3S_601
1280         bgelr
1281 #else
1282         bge     3f
1283 #endif
1284         lis     r11,exc_exit_restart@ha
1285         addi    r11,r11,exc_exit_restart@l
1286         cmplw   r12,r11
1287 #ifdef CONFIG_PPC_BOOK3S_601
1288         bltlr
1289 #else
1290         blt     3f
1291 #endif
1292         lis     r10,ee_restarts@ha
1293         lwz     r12,ee_restarts@l(r10)
1294         addi    r12,r12,1
1295         stw     r12,ee_restarts@l(r10)
1296         mr      r12,r11         /* restart at exc_exit_restart */
1297         blr
1298 3:      /* OK, we can't recover, kill this process */
1299         /* but the 601 doesn't implement the RI bit, so assume it's OK */
1300         lwz     r3,_TRAP(r1)
1301         andi.   r0,r3,1
1302         beq     5f
1303         SAVE_NVGPRS(r1)
1304         rlwinm  r3,r3,0,0,30
1305         stw     r3,_TRAP(r1)
1306 5:      mfspr   r2,SPRN_SPRG_THREAD
1307         addi    r2,r2,-THREAD
1308         tovirt(r2,r2)                   /* set back r2 to current */
1309 4:      addi    r3,r1,STACK_FRAME_OVERHEAD
1310         bl      unrecoverable_exception
1311         /* shouldn't return */
1312         b       4b
1313 
1314         .section .bss
1315         .align  2
1316 ee_restarts:
1317         .space  4
1318         .previous
1319 
1320 /*
1321  * PROM code for specific machines follows.  Put it
1322  * here so it's easy to add arch-specific sections later.
1323  * -- Cort
1324  */
1325 #ifdef CONFIG_PPC_RTAS
1326 /*
1327  * On CHRP, the Run-Time Abstraction Services (RTAS) have to be
1328  * called with the MMU off.
1329  */
1330 _GLOBAL(enter_rtas)
1331         stwu    r1,-INT_FRAME_SIZE(r1)
1332         mflr    r0
1333         stw     r0,INT_FRAME_SIZE+4(r1)
1334         LOAD_REG_ADDR(r4, rtas)
1335         lis     r6,1f@ha        /* physical return address for rtas */
1336         addi    r6,r6,1f@l
1337         tophys(r6,r6)
1338         tophys(r7,r1)
1339         lwz     r8,RTASENTRY(r4)
1340         lwz     r4,RTASBASE(r4)
1341         mfmsr   r9
1342         stw     r9,8(r1)
1343         LOAD_REG_IMMEDIATE(r0,MSR_KERNEL)
1344         SYNC                    /* disable interrupts so SRR0/1 */
1345         MTMSRD(r0)              /* don't get trashed */
1346         li      r9,MSR_KERNEL & ~(MSR_IR|MSR_DR)
1347         mtlr    r6
1348         stw     r7, THREAD + RTAS_SP(r2)
1349         mtspr   SPRN_SRR0,r8
1350         mtspr   SPRN_SRR1,r9
1351         RFI
1352 1:      tophys(r9,r1)
1353         lwz     r8,INT_FRAME_SIZE+4(r9) /* get return address */
1354         lwz     r9,8(r9)        /* original msr value */
1355         addi    r1,r1,INT_FRAME_SIZE
1356         li      r0,0
1357         tophys(r7, r2)
1358         stw     r0, THREAD + RTAS_SP(r7)
1359         mtspr   SPRN_SRR0,r8
1360         mtspr   SPRN_SRR1,r9
1361         RFI                     /* return to caller */
1362 
1363         .globl  machine_check_in_rtas
1364 machine_check_in_rtas:
1365         twi     31,0,0
1366         /* XXX load up BATs and panic */
1367 
1368 #endif /* CONFIG_PPC_RTAS */