1/* 2 * linux/arch/arm/kernel/head.S 3 * 4 * Copyright (C) 1994-2002 Russell King 5 * Copyright (c) 2003 ARM Limited 6 * All Rights Reserved 7 * 8 * This program is free software; you can redistribute it and/or modify 9 * it under the terms of the GNU General Public License version 2 as 10 * published by the Free Software Foundation. 11 * 12 * Kernel startup code for all 32-bit CPUs 13 */ 14#include <linux/linkage.h> 15#include <linux/init.h> 16 17#include <asm/assembler.h> 18#include <asm/domain.h> 19#include <asm/ptrace.h> 20#include <asm/asm-offsets.h> 21#include <asm/memory.h> 22#include <asm/thread_info.h> 23#include <asm/system.h> 24 25#ifdef CONFIG_DEBUG_LL 26#include <mach/debug-macro.S> 27#endif 28 29/* 30 * swapper_pg_dir is the virtual address of the initial page table. 31 * We place the page tables 16K below KERNEL_RAM_VADDR. Therefore, we must 32 * make sure that KERNEL_RAM_VADDR is correctly set. Currently, we expect 33 * the least significant 16 bits to be 0x8000, but we could probably 34 * relax this restriction to KERNEL_RAM_VADDR >= PAGE_OFFSET + 0x4000. 35 */ 36#define KERNEL_RAM_VADDR (PAGE_OFFSET + TEXT_OFFSET) 37#if (KERNEL_RAM_VADDR & 0xffff) != 0x8000 38#error KERNEL_RAM_VADDR must start at 0xXXXX8000 39#endif 40 41 .globl swapper_pg_dir 42 .equ swapper_pg_dir, KERNEL_RAM_VADDR - 0x4000 43 44 .macro pgtbl, rd, phys 45 add \rd, \phys, #TEXT_OFFSET - 0x4000 46 .endm 47 48#ifdef CONFIG_XIP_KERNEL 49#define KERNEL_START XIP_VIRT_ADDR(CONFIG_XIP_PHYS_ADDR) 50#define KERNEL_END _edata_loc 51#else 52#define KERNEL_START KERNEL_RAM_VADDR 53#define KERNEL_END _end 54#endif 55 56/* 57 * Kernel startup entry point. 58 * --------------------------- 59 * 60 * This is normally called from the decompressor code. The requirements 61 * are: MMU = off, D-cache = off, I-cache = dont care, r0 = 0, 62 * r1 = machine nr, r2 = atags pointer. 63 * 64 * This code is mostly position independent, so if you link the kernel at 65 * 0xc0008000, you call this at __pa(0xc0008000). 66 * 67 * See linux/arch/arm/tools/mach-types for the complete list of machine 68 * numbers for r1. 69 * 70 * We're trying to keep crap to a minimum; DO NOT add any machine specific 71 * crap here - that's what the boot loader (or in extreme, well justified 72 * circumstances, zImage) is for. 73 */ 74 __HEAD 75ENTRY(stext) 76 setmode PSR_F_BIT | PSR_I_BIT | SVC_MODE, r9 @ ensure svc mode 77 @ and irqs disabled 78 mrc p15, 0, r9, c0, c0 @ get processor id 79 bl __lookup_processor_type @ r5=procinfo r9=cpuid 80 movs r10, r5 @ invalid processor (r5=0)? 81 THUMB( it eq ) @ force fixup-able long branch encoding 82 beq __error_p @ yes, error 'p' 83 84#ifndef CONFIG_XIP_KERNEL 85 adr r3, 2f 86 ldmia r3, {r4, r8} 87 sub r4, r3, r4 @ (PHYS_OFFSET - PAGE_OFFSET) 88 add r8, r8, r4 @ PHYS_OFFSET 89#else 90 ldr r8, =PLAT_PHYS_OFFSET 91#endif 92 93 /* 94 * r1 = machine no, r2 = atags, 95 * r8 = phys_offset, r9 = cpuid, r10 = procinfo 96 */ 97 bl __vet_atags 98#ifdef CONFIG_SMP_ON_UP 99 bl __fixup_smp 100#endif 101#ifdef CONFIG_ARM_PATCH_PHYS_VIRT 102 bl __fixup_pv_table 103#endif 104 bl __create_page_tables 105 106 /* 107 * The following calls CPU specific code in a position independent 108 * manner. See arch/arm/mm/proc-*.S for details. r10 = base of 109 * xxx_proc_info structure selected by __lookup_processor_type 110 * above. On return, the CPU will be ready for the MMU to be 111 * turned on, and r0 will hold the CPU control register value. 112 */ 113 ldr r13, =__mmap_switched @ address to jump to after 114 @ mmu has been enabled 115 adr lr, BSYM(1f) @ return (PIC) address 116 ARM( add pc, r10, #PROCINFO_INITFUNC ) 117 THUMB( add r12, r10, #PROCINFO_INITFUNC ) 118 THUMB( mov pc, r12 ) 1191: b __enable_mmu 120ENDPROC(stext) 121 .ltorg 122#ifndef CONFIG_XIP_KERNEL 1232: .long . 124 .long PAGE_OFFSET 125#endif 126 127/* 128 * Setup the initial page tables. We only setup the barest 129 * amount which are required to get the kernel running, which 130 * generally means mapping in the kernel code. 131 * 132 * r8 = phys_offset, r9 = cpuid, r10 = procinfo 133 * 134 * Returns: 135 * r0, r3, r5-r7 corrupted 136 * r4 = physical page table address 137 */ 138__create_page_tables: 139 pgtbl r4, r8 @ page table address 140 141 /* 142 * Clear the 16K level 1 swapper page table 143 */ 144 mov r0, r4 145 mov r3, #0 146 add r6, r0, #0x4000 1471: str r3, [r0], #4 148 str r3, [r0], #4 149 str r3, [r0], #4 150 str r3, [r0], #4 151 teq r0, r6 152 bne 1b 153 154 ldr r7, [r10, #PROCINFO_MM_MMUFLAGS] @ mm_mmuflags 155 156 /* 157 * Create identity mapping to cater for __enable_mmu. 158 * This identity mapping will be removed by paging_init(). 159 */ 160 adr r0, __enable_mmu_loc 161 ldmia r0, {r3, r5, r6} 162 sub r0, r0, r3 @ virt->phys offset 163 add r5, r5, r0 @ phys __enable_mmu 164 add r6, r6, r0 @ phys __enable_mmu_end 165 mov r5, r5, lsr #20 166 mov r6, r6, lsr #20 167 1681: orr r3, r7, r5, lsl #20 @ flags + kernel base 169 str r3, [r4, r5, lsl #2] @ identity mapping 170 teq r5, r6 171 addne r5, r5, #1 @ next section 172 bne 1b 173 174 /* 175 * Now setup the pagetables for our kernel direct 176 * mapped region. 177 */ 178 mov r3, pc 179 mov r3, r3, lsr #20 180 orr r3, r7, r3, lsl #20 181 add r0, r4, #(KERNEL_START & 0xff000000) >> 18 182 str r3, [r0, #(KERNEL_START & 0x00f00000) >> 18]! 183 ldr r6, =(KERNEL_END - 1) 184 add r0, r0, #4 185 add r6, r4, r6, lsr #18 1861: cmp r0, r6 187 add r3, r3, #1 << 20 188 strls r3, [r0], #4 189 bls 1b 190 191#ifdef CONFIG_XIP_KERNEL 192 /* 193 * Map some ram to cover our .data and .bss areas. 194 */ 195 add r3, r8, #TEXT_OFFSET 196 orr r3, r3, r7 197 add r0, r4, #(KERNEL_RAM_VADDR & 0xff000000) >> 18 198 str r3, [r0, #(KERNEL_RAM_VADDR & 0x00f00000) >> 18]! 199 ldr r6, =(_end - 1) 200 add r0, r0, #4 201 add r6, r4, r6, lsr #18 2021: cmp r0, r6 203 add r3, r3, #1 << 20 204 strls r3, [r0], #4 205 bls 1b 206#endif 207 208 /* 209 * Then map boot params address in r2 or 210 * the first 1MB of ram if boot params address is not specified. 211 */ 212 mov r0, r2, lsr #20 213 movs r0, r0, lsl #20 214 moveq r0, r8 215 sub r3, r0, r8 216 add r3, r3, #PAGE_OFFSET 217 add r3, r4, r3, lsr #18 218 orr r6, r7, r0 219 str r6, [r3] 220 221#ifdef CONFIG_DEBUG_LL 222#ifndef CONFIG_DEBUG_ICEDCC 223 /* 224 * Map in IO space for serial debugging. 225 * This allows debug messages to be output 226 * via a serial console before paging_init. 227 */ 228 addruart r7, r3 229 230 mov r3, r3, lsr #20 231 mov r3, r3, lsl #2 232 233 add r0, r4, r3 234 rsb r3, r3, #0x4000 @ PTRS_PER_PGD*sizeof(long) 235 cmp r3, #0x0800 @ limit to 512MB 236 movhi r3, #0x0800 237 add r6, r0, r3 238 mov r3, r7, lsr #20 239 ldr r7, [r10, #PROCINFO_IO_MMUFLAGS] @ io_mmuflags 240 orr r3, r7, r3, lsl #20 2411: str r3, [r0], #4 242 add r3, r3, #1 << 20 243 teq r0, r6 244 bne 1b 245 246#else /* CONFIG_DEBUG_ICEDCC */ 247 /* we don't need any serial debugging mappings for ICEDCC */ 248 ldr r7, [r10, #PROCINFO_IO_MMUFLAGS] @ io_mmuflags 249#endif /* !CONFIG_DEBUG_ICEDCC */ 250 251#if defined(CONFIG_ARCH_NETWINDER) || defined(CONFIG_ARCH_CATS) 252 /* 253 * If we're using the NetWinder or CATS, we also need to map 254 * in the 16550-type serial port for the debug messages 255 */ 256 add r0, r4, #0xff000000 >> 18 257 orr r3, r7, #0x7c000000 258 str r3, [r0] 259#endif 260#ifdef CONFIG_ARCH_RPC 261 /* 262 * Map in screen at 0x02000000 & SCREEN2_BASE 263 * Similar reasons here - for debug. This is 264 * only for Acorn RiscPC architectures. 265 */ 266 add r0, r4, #0x02000000 >> 18 267 orr r3, r7, #0x02000000 268 str r3, [r0] 269 add r0, r4, #0xd8000000 >> 18 270 str r3, [r0] 271#endif 272#endif 273 mov pc, lr 274ENDPROC(__create_page_tables) 275 .ltorg 276 .align 277__enable_mmu_loc: 278 .long . 279 .long __enable_mmu 280 .long __enable_mmu_end 281 282#if defined(CONFIG_SMP) 283 __CPUINIT 284ENTRY(secondary_startup) 285 /* 286 * Common entry point for secondary CPUs. 287 * 288 * Ensure that we're in SVC mode, and IRQs are disabled. Lookup 289 * the processor type - there is no need to check the machine type 290 * as it has already been validated by the primary processor. 291 */ 292 setmode PSR_F_BIT | PSR_I_BIT | SVC_MODE, r9 293 mrc p15, 0, r9, c0, c0 @ get processor id 294 bl __lookup_processor_type 295 movs r10, r5 @ invalid processor? 296 moveq r0, #'p' @ yes, error 'p' 297 THUMB( it eq ) @ force fixup-able long branch encoding 298 beq __error_p 299 300 /* 301 * Use the page tables supplied from __cpu_up. 302 */ 303 adr r4, __secondary_data 304 ldmia r4, {r5, r7, r12} @ address to jump to after 305 sub r4, r4, r5 @ mmu has been enabled 306 ldr r4, [r7, r4] @ get secondary_data.pgdir 307 adr lr, BSYM(__enable_mmu) @ return address 308 mov r13, r12 @ __secondary_switched address 309 ARM( add pc, r10, #PROCINFO_INITFUNC ) @ initialise processor 310 @ (return control reg) 311 THUMB( add r12, r10, #PROCINFO_INITFUNC ) 312 THUMB( mov pc, r12 ) 313ENDPROC(secondary_startup) 314 315 /* 316 * r6 = &secondary_data 317 */ 318ENTRY(__secondary_switched) 319 ldr sp, [r7, #4] @ get secondary_data.stack 320 mov fp, #0 321 b secondary_start_kernel 322ENDPROC(__secondary_switched) 323 324 .align 325 326 .type __secondary_data, %object 327__secondary_data: 328 .long . 329 .long secondary_data 330 .long __secondary_switched 331#endif /* defined(CONFIG_SMP) */ 332 333 334 335/* 336 * Setup common bits before finally enabling the MMU. Essentially 337 * this is just loading the page table pointer and domain access 338 * registers. 339 * 340 * r0 = cp#15 control register 341 * r1 = machine ID 342 * r2 = atags pointer 343 * r4 = page table pointer 344 * r9 = processor ID 345 * r13 = *virtual* address to jump to upon completion 346 */ 347__enable_mmu: 348#ifdef CONFIG_ALIGNMENT_TRAP 349 orr r0, r0, #CR_A 350#else 351 bic r0, r0, #CR_A 352#endif 353#ifdef CONFIG_CPU_DCACHE_DISABLE 354 bic r0, r0, #CR_C 355#endif 356#ifdef CONFIG_CPU_BPREDICT_DISABLE 357 bic r0, r0, #CR_Z 358#endif 359#ifdef CONFIG_CPU_ICACHE_DISABLE 360 bic r0, r0, #CR_I 361#endif 362 mov r5, #(domain_val(DOMAIN_USER, DOMAIN_MANAGER) | \ 363 domain_val(DOMAIN_KERNEL, DOMAIN_MANAGER) | \ 364 domain_val(DOMAIN_TABLE, DOMAIN_MANAGER) | \ 365 domain_val(DOMAIN_IO, DOMAIN_CLIENT)) 366 mcr p15, 0, r5, c3, c0, 0 @ load domain access register 367 mcr p15, 0, r4, c2, c0, 0 @ load page table pointer 368 b __turn_mmu_on 369ENDPROC(__enable_mmu) 370 371/* 372 * Enable the MMU. This completely changes the structure of the visible 373 * memory space. You will not be able to trace execution through this. 374 * If you have an enquiry about this, *please* check the linux-arm-kernel 375 * mailing list archives BEFORE sending another post to the list. 376 * 377 * r0 = cp#15 control register 378 * r1 = machine ID 379 * r2 = atags pointer 380 * r9 = processor ID 381 * r13 = *virtual* address to jump to upon completion 382 * 383 * other registers depend on the function called upon completion 384 */ 385 .align 5 386__turn_mmu_on: 387 mov r0, r0 388 mcr p15, 0, r0, c1, c0, 0 @ write control reg 389 mrc p15, 0, r3, c0, c0, 0 @ read id reg 390 mov r3, r3 391 mov r3, r13 392 mov pc, r3 393__enable_mmu_end: 394ENDPROC(__turn_mmu_on) 395 396 397#ifdef CONFIG_SMP_ON_UP 398 __INIT 399__fixup_smp: 400 and r3, r9, #0x000f0000 @ architecture version 401 teq r3, #0x000f0000 @ CPU ID supported? 402 bne __fixup_smp_on_up @ no, assume UP 403 404 bic r3, r9, #0x00ff0000 405 bic r3, r3, #0x0000000f @ mask 0xff00fff0 406 mov r4, #0x41000000 407 orr r4, r4, #0x0000b000 408 orr r4, r4, #0x00000020 @ val 0x4100b020 409 teq r3, r4 @ ARM 11MPCore? 410 moveq pc, lr @ yes, assume SMP 411 412 mrc p15, 0, r0, c0, c0, 5 @ read MPIDR 413 and r0, r0, #0xc0000000 @ multiprocessing extensions and 414 teq r0, #0x80000000 @ not part of a uniprocessor system? 415 moveq pc, lr @ yes, assume SMP 416 417__fixup_smp_on_up: 418 adr r0, 1f 419 ldmia r0, {r3 - r5} 420 sub r3, r0, r3 421 add r4, r4, r3 422 add r5, r5, r3 423 b __do_fixup_smp_on_up 424ENDPROC(__fixup_smp) 425 426 .align 4271: .word . 428 .word __smpalt_begin 429 .word __smpalt_end 430 431 .pushsection .data 432 .globl smp_on_up 433smp_on_up: 434 ALT_SMP(.long 1) 435 ALT_UP(.long 0) 436 .popsection 437#endif 438 439 .text 440__do_fixup_smp_on_up: 441 cmp r4, r5 442 movhs pc, lr 443 ldmia r4!, {r0, r6} 444 ARM( str r6, [r0, r3] ) 445 THUMB( add r0, r0, r3 ) 446#ifdef __ARMEB__ 447 THUMB( mov r6, r6, ror #16 ) @ Convert word order for big-endian. 448#endif 449 THUMB( strh r6, [r0], #2 ) @ For Thumb-2, store as two halfwords 450 THUMB( mov r6, r6, lsr #16 ) @ to be robust against misaligned r3. 451 THUMB( strh r6, [r0] ) 452 b __do_fixup_smp_on_up 453ENDPROC(__do_fixup_smp_on_up) 454 455ENTRY(fixup_smp) 456 stmfd sp!, {r4 - r6, lr} 457 mov r4, r0 458 add r5, r0, r1 459 mov r3, #0 460 bl __do_fixup_smp_on_up 461 ldmfd sp!, {r4 - r6, pc} 462ENDPROC(fixup_smp) 463 464#ifdef CONFIG_ARM_PATCH_PHYS_VIRT 465 466/* __fixup_pv_table - patch the stub instructions with the delta between 467 * PHYS_OFFSET and PAGE_OFFSET, which is assumed to be 16MiB aligned and 468 * can be expressed by an immediate shifter operand. The stub instruction 469 * has a form of '(add|sub) rd, rn, #imm'. 470 */ 471 __HEAD 472__fixup_pv_table: 473 adr r0, 1f 474 ldmia r0, {r3-r5, r7} 475 sub r3, r0, r3 @ PHYS_OFFSET - PAGE_OFFSET 476 add r4, r4, r3 @ adjust table start address 477 add r5, r5, r3 @ adjust table end address 478 add r7, r7, r3 @ adjust __pv_phys_offset address 479 str r8, [r7] @ save computed PHYS_OFFSET to __pv_phys_offset 480#ifndef CONFIG_ARM_PATCH_PHYS_VIRT_16BIT 481 mov r6, r3, lsr #24 @ constant for add/sub instructions 482 teq r3, r6, lsl #24 @ must be 16MiB aligned 483#else 484 mov r6, r3, lsr #16 @ constant for add/sub instructions 485 teq r3, r6, lsl #16 @ must be 64kiB aligned 486#endif 487THUMB( it ne @ cross section branch ) 488 bne __error 489 str r6, [r7, #4] @ save to __pv_offset 490 b __fixup_a_pv_table 491ENDPROC(__fixup_pv_table) 492 493 .align 4941: .long . 495 .long __pv_table_begin 496 .long __pv_table_end 4972: .long __pv_phys_offset 498 499 .text 500__fixup_a_pv_table: 501#ifdef CONFIG_THUMB2_KERNEL 502#ifdef CONFIG_ARM_PATCH_PHYS_VIRT_16BIT 503 lsls r0, r6, #24 504 lsr r6, #8 505 beq 1f 506 clz r7, r0 507 lsr r0, #24 508 lsl r0, r7 509 bic r0, 0x0080 510 lsrs r7, #1 511 orrcs r0, #0x0080 512 orr r0, r0, r7, lsl #12 513#endif 5141: lsls r6, #24 515 beq 4f 516 clz r7, r6 517 lsr r6, #24 518 lsl r6, r7 519 bic r6, #0x0080 520 lsrs r7, #1 521 orrcs r6, #0x0080 522 orr r6, r6, r7, lsl #12 523 orr r6, #0x4000 524 b 4f 5252: @ at this point the C flag is always clear 526 add r7, r3 527#ifdef CONFIG_ARM_PATCH_PHYS_VIRT_16BIT 528 ldrh ip, [r7] 529 tst ip, 0x0400 @ the i bit tells us LS or MS byte 530 beq 3f 531 cmp r0, #0 @ set C flag, and ... 532 biceq ip, 0x0400 @ immediate zero value has a special encoding 533 streqh ip, [r7] @ that requires the i bit cleared 534#endif 5353: ldrh ip, [r7, #2] 536 and ip, 0x8f00 537 orrcc ip, r6 @ mask in offset bits 31-24 538 orrcs ip, r0 @ mask in offset bits 23-16 539 strh ip, [r7, #2] 5404: cmp r4, r5 541 ldrcc r7, [r4], #4 @ use branch for delay slot 542 bcc 2b 543 bx lr 544#else 545#ifdef CONFIG_ARM_PATCH_PHYS_VIRT_16BIT 546 and r0, r6, #255 @ offset bits 23-16 547 mov r6, r6, lsr #8 @ offset bits 31-24 548#else 549 mov r0, #0 @ just in case... 550#endif 551 b 3f 5522: ldr ip, [r7, r3] 553 bic ip, ip, #0x000000ff 554 tst ip, #0x400 @ rotate shift tells us LS or MS byte 555 orrne ip, ip, r6 @ mask in offset bits 31-24 556 orreq ip, ip, r0 @ mask in offset bits 23-16 557 str ip, [r7, r3] 5583: cmp r4, r5 559 ldrcc r7, [r4], #4 @ use branch for delay slot 560 bcc 2b 561 mov pc, lr 562#endif 563ENDPROC(__fixup_a_pv_table) 564 565ENTRY(fixup_pv_table) 566 stmfd sp!, {r4 - r7, lr} 567 ldr r2, 2f @ get address of __pv_phys_offset 568 mov r3, #0 @ no offset 569 mov r4, r0 @ r0 = table start 570 add r5, r0, r1 @ r1 = table size 571 ldr r6, [r2, #4] @ get __pv_offset 572 bl __fixup_a_pv_table 573 ldmfd sp!, {r4 - r7, pc} 574ENDPROC(fixup_pv_table) 575 576 .align 5772: .long __pv_phys_offset 578 579 .data 580 .globl __pv_phys_offset 581 .type __pv_phys_offset, %object 582__pv_phys_offset: 583 .long 0 584 .size __pv_phys_offset, . - __pv_phys_offset 585__pv_offset: 586 .long 0 587#endif 588 589#include "head-common.S" 590