1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * This file contains the routines for handling the MMU on those
4 * PowerPC implementations where the MMU substantially follows the
5 * architecture specification. This includes the 6xx, 7xx, 7xxx,
6 * and 8260 implementations but excludes the 8xx and 4xx.
9 * Derived from arch/ppc/mm/init.c:
10 * Copyright (C) 1995-1996 Gary Thomas (gdt@linuxppc.org)
12 * Modifications by Paul Mackerras (PowerMac) (paulus@cs.anu.edu.au)
13 * and Cort Dougan (PReP) (cort@cs.nmt.edu)
14 * Copyright (C) 1996 Paul Mackerras
16 * Derived from "arch/i386/mm/init.c"
17 * Copyright (C) 1991, 1992, 1993, 1994 Linus Torvalds
20 #include <linux/kernel.h>
22 #include <linux/init.h>
23 #include <linux/highmem.h>
24 #include <linux/memblock.h>
28 #include <asm/machdep.h>
29 #include <asm/code-patching.h>
30 #include <asm/sections.h>
32 #include <mm/mmu_decl.h>
34 struct hash_pte *Hash;
35 static unsigned long Hash_size, Hash_mask;
37 static unsigned int hash_mb, hash_mb2;
39 struct ppc_bat BATS[8][2]; /* 8 pairs of IBAT, DBAT */
41 struct batrange { /* stores address ranges mapped by BATs */
48 * Return PA for this VA if it is mapped by a BAT, or 0
50 phys_addr_t v_block_mapped(unsigned long va)
53 for (b = 0; b < ARRAY_SIZE(bat_addrs); ++b)
54 if (va >= bat_addrs[b].start && va < bat_addrs[b].limit)
55 return bat_addrs[b].phys + (va - bat_addrs[b].start);
60 * Return VA for a given PA or 0 if not mapped
62 unsigned long p_block_mapped(phys_addr_t pa)
65 for (b = 0; b < ARRAY_SIZE(bat_addrs); ++b)
66 if (pa >= bat_addrs[b].phys
67 && pa < (bat_addrs[b].limit-bat_addrs[b].start)
69 return bat_addrs[b].start+(pa-bat_addrs[b].phys);
73 static int find_free_bat(void)
77 if (IS_ENABLED(CONFIG_PPC_BOOK3S_601)) {
78 for (b = 0; b < 4; b++) {
79 struct ppc_bat *bat = BATS[b];
81 if (!(bat[0].batl & 0x40))
85 int n = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4;
87 for (b = 0; b < n; b++) {
88 struct ppc_bat *bat = BATS[b];
90 if (!(bat[1].batu & 3))
98 * This function calculates the size of the larger block usable to map the
99 * beginning of an area based on the start address and size of that area:
100 * - max block size is 8M on 601 and 256 on other 6xx.
101 * - base address must be aligned to the block size. So the maximum block size
102 * is identified by the lowest bit set to 1 in the base address (for instance
103 * if base is 0x16000000, max size is 0x02000000).
104 * - block size has to be a power of two. This is calculated by finding the
105 * highest bit set to 1.
107 static unsigned int block_size(unsigned long base, unsigned long top)
109 unsigned int max_size = IS_ENABLED(CONFIG_PPC_BOOK3S_601) ? SZ_8M : SZ_256M;
110 unsigned int base_shift = (ffs(base) - 1) & 31;
111 unsigned int block_shift = (fls(top - base) - 1) & 31;
113 return min3(max_size, 1U << base_shift, 1U << block_shift);
117 * Set up one of the IBAT (block address translation) register pairs.
118 * The parameters are not checked; in particular size must be a power
119 * of 2 between 128k and 256M.
122 static void setibat(int index, unsigned long virt, phys_addr_t phys,
123 unsigned int size, pgprot_t prot)
125 unsigned int bl = (size >> 17) - 1;
127 struct ppc_bat *bat = BATS[index];
128 unsigned long flags = pgprot_val(prot);
130 if (!cpu_has_feature(CPU_FTR_NEED_COHERENT))
131 flags &= ~_PAGE_COHERENT;
133 wimgxpp = (flags & _PAGE_COHERENT) | (_PAGE_EXEC ? BPP_RX : BPP_XX);
134 bat[0].batu = virt | (bl << 2) | 2; /* Vs=1, Vp=0 */
135 bat[0].batl = BAT_PHYS_ADDR(phys) | wimgxpp;
136 if (flags & _PAGE_USER)
137 bat[0].batu |= 1; /* Vp = 1 */
140 static void clearibat(int index)
142 struct ppc_bat *bat = BATS[index];
148 static unsigned long __init __mmu_mapin_ram(unsigned long base, unsigned long top)
152 while ((idx = find_free_bat()) != -1 && base != top) {
153 unsigned int size = block_size(base, top);
155 if (size < 128 << 10)
157 setbat(idx, PAGE_OFFSET + base, base, size, PAGE_KERNEL_X);
164 unsigned long __init mmu_mapin_ram(unsigned long base, unsigned long top)
167 unsigned long border = (unsigned long)__init_begin - PAGE_OFFSET;
169 if (__map_without_bats) {
170 pr_debug("RAM mapped without BATs\n");
173 if (debug_pagealloc_enabled()) {
180 if (!strict_kernel_rwx_enabled() || base >= border || top <= border)
181 return __mmu_mapin_ram(base, top);
183 done = __mmu_mapin_ram(base, border);
187 return __mmu_mapin_ram(border, top);
190 void mmu_mark_initmem_nx(void)
192 int nb = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4;
194 unsigned long base = (unsigned long)_stext - PAGE_OFFSET;
195 unsigned long top = (unsigned long)_etext - PAGE_OFFSET;
196 unsigned long border = (unsigned long)__init_begin - PAGE_OFFSET;
199 if (IS_ENABLED(CONFIG_PPC_BOOK3S_601))
202 for (i = 0; i < nb - 1 && base < top && top - base > (128 << 10);) {
203 size = block_size(base, top);
204 setibat(i++, PAGE_OFFSET + base, base, size, PAGE_KERNEL_TEXT);
208 size = block_size(base, top);
209 size = max(size, 128UL << 10);
210 if ((top - base) > size) {
212 if (strict_kernel_rwx_enabled() && base + size > border)
213 pr_warn("Some RW data is getting mapped X. "
214 "Adjust CONFIG_DATA_SHIFT to avoid that.\n");
216 setibat(i++, PAGE_OFFSET + base, base, size, PAGE_KERNEL_TEXT);
224 for (i = TASK_SIZE >> 28; i < 16; i++) {
225 /* Do not set NX on VM space for modules */
226 if (IS_ENABLED(CONFIG_MODULES) &&
227 (VMALLOC_START & 0xf0000000) == i << 28)
229 mtsrin(mfsrin(i << 28) | 0x10000000, i << 28);
233 void mmu_mark_rodata_ro(void)
235 int nb = mmu_has_feature(MMU_FTR_USE_HIGH_BATS) ? 8 : 4;
238 if (IS_ENABLED(CONFIG_PPC_BOOK3S_601))
241 for (i = 0; i < nb; i++) {
242 struct ppc_bat *bat = BATS[i];
244 if (bat_addrs[i].start < (unsigned long)__init_begin)
245 bat[1].batl = (bat[1].batl & ~BPP_RW) | BPP_RX;
252 * Set up one of the I/D BAT (block address translation) register pairs.
253 * The parameters are not checked; in particular size must be a power
254 * of 2 between 128k and 256M.
255 * On 603+, only set IBAT when _PAGE_EXEC is set
257 void __init setbat(int index, unsigned long virt, phys_addr_t phys,
258 unsigned int size, pgprot_t prot)
263 unsigned long flags = pgprot_val(prot);
266 index = find_free_bat();
268 pr_err("%s: no BAT available for mapping 0x%llx\n", __func__,
269 (unsigned long long)phys);
274 if ((flags & _PAGE_NO_CACHE) ||
275 (cpu_has_feature(CPU_FTR_NEED_COHERENT) == 0))
276 flags &= ~_PAGE_COHERENT;
278 bl = (size >> 17) - 1;
279 if (!IS_ENABLED(CONFIG_PPC_BOOK3S_601)) {
282 wimgxpp = flags & (_PAGE_WRITETHRU | _PAGE_NO_CACHE
283 | _PAGE_COHERENT | _PAGE_GUARDED);
284 wimgxpp |= (flags & _PAGE_RW)? BPP_RW: BPP_RX;
285 bat[1].batu = virt | (bl << 2) | 2; /* Vs=1, Vp=0 */
286 bat[1].batl = BAT_PHYS_ADDR(phys) | wimgxpp;
287 if (flags & _PAGE_USER)
288 bat[1].batu |= 1; /* Vp = 1 */
289 if (flags & _PAGE_GUARDED) {
290 /* G bit must be zero in IBATs */
291 flags &= ~_PAGE_EXEC;
293 if (flags & _PAGE_EXEC)
296 bat[0].batu = bat[0].batl = 0;
301 wimgxpp = flags & (_PAGE_WRITETHRU | _PAGE_NO_CACHE
303 wimgxpp |= (flags & _PAGE_RW)?
304 ((flags & _PAGE_USER)? PP_RWRW: PP_RWXX): PP_RXRX;
305 bat->batu = virt | wimgxpp | 4; /* Ks=0, Ku=1 */
306 bat->batl = phys | bl | 0x40; /* V=1 */
309 bat_addrs[index].start = virt;
310 bat_addrs[index].limit = virt + ((bl + 1) << 17) - 1;
311 bat_addrs[index].phys = phys;
315 * Preload a translation in the hash table
317 void hash_preload(struct mm_struct *mm, unsigned long ea)
323 pmd = pmd_off(mm, ea);
325 add_hash_page(mm->context.id, ea, pmd_val(*pmd));
329 * This is called at the end of handling a user page fault, when the
330 * fault has been handled by updating a PTE in the linux page tables.
331 * We use it to preload an HPTE into the hash table corresponding to
332 * the updated linux PTE.
334 * This must always be called with the pte lock held.
336 void update_mmu_cache(struct vm_area_struct *vma, unsigned long address,
339 if (!mmu_has_feature(MMU_FTR_HPTE_TABLE))
342 * We don't need to worry about _PAGE_PRESENT here because we are
343 * called with either mm->page_table_lock held or ptl lock held
346 /* We only want HPTEs for linux PTEs that have _PAGE_ACCESSED set */
347 if (!pte_young(*ptep) || address >= TASK_SIZE)
350 /* We have to test for regs NULL since init will get here first thing at boot */
351 if (!current->thread.regs)
354 /* We also avoid filling the hash if not coming from a fault */
355 if (TRAP(current->thread.regs) != 0x300 && TRAP(current->thread.regs) != 0x400)
358 hash_preload(vma->vm_mm, address);
362 * Initialize the hash table and patch the instructions in hashtable.S.
364 void __init MMU_init_hw(void)
366 unsigned int n_hpteg, lg_n_hpteg;
368 if (!mmu_has_feature(MMU_FTR_HPTE_TABLE))
371 if ( ppc_md.progress ) ppc_md.progress("hash:enter", 0x105);
373 #define LG_HPTEG_SIZE 6 /* 64 bytes per HPTEG */
374 #define SDR1_LOW_BITS ((n_hpteg - 1) >> 10)
375 #define MIN_N_HPTEG 1024 /* min 64kB hash table */
378 * Allow 1 HPTE (1/8 HPTEG) for each page of memory.
379 * This is less than the recommended amount, but then
382 n_hpteg = total_memory / (PAGE_SIZE * 8);
383 if (n_hpteg < MIN_N_HPTEG)
384 n_hpteg = MIN_N_HPTEG;
385 lg_n_hpteg = __ilog2(n_hpteg);
386 if (n_hpteg & (n_hpteg - 1)) {
387 ++lg_n_hpteg; /* round up if not power of 2 */
388 n_hpteg = 1 << lg_n_hpteg;
390 Hash_size = n_hpteg << LG_HPTEG_SIZE;
393 * Find some memory for the hash table.
395 if ( ppc_md.progress ) ppc_md.progress("hash:find piece", 0x322);
396 Hash = memblock_alloc(Hash_size, Hash_size);
398 panic("%s: Failed to allocate %lu bytes align=0x%lx\n",
399 __func__, Hash_size, Hash_size);
400 _SDR1 = __pa(Hash) | SDR1_LOW_BITS;
402 pr_info("Total memory = %lldMB; using %ldkB for hash table\n",
403 (unsigned long long)(total_memory >> 20), Hash_size >> 10);
406 Hash_mask = n_hpteg - 1;
407 hash_mb2 = hash_mb = 32 - LG_HPTEG_SIZE - lg_n_hpteg;
409 hash_mb2 = 16 - LG_HPTEG_SIZE;
412 * When KASAN is selected, there is already an early temporary hash
413 * table and the switch to the final hash table is done later.
415 if (IS_ENABLED(CONFIG_KASAN))
421 void __init MMU_init_hw_patch(void)
423 unsigned int hmask = Hash_mask >> (16 - LG_HPTEG_SIZE);
424 unsigned int hash = (unsigned int)Hash - PAGE_OFFSET;
427 ppc_md.progress("hash:patch", 0x345);
429 ppc_md.progress("hash:done", 0x205);
431 /* WARNING: Make sure nothing can trigger a KASAN check past this point */
434 * Patch up the instructions in hashtable.S:create_hpte
436 modify_instruction_site(&patch__hash_page_A0, 0xffff, hash >> 16);
437 modify_instruction_site(&patch__hash_page_A1, 0x7c0, hash_mb << 6);
438 modify_instruction_site(&patch__hash_page_A2, 0x7c0, hash_mb2 << 6);
439 modify_instruction_site(&patch__hash_page_B, 0xffff, hmask);
440 modify_instruction_site(&patch__hash_page_C, 0xffff, hmask);
443 * Patch up the instructions in hashtable.S:flush_hash_page
445 modify_instruction_site(&patch__flush_hash_A0, 0xffff, hash >> 16);
446 modify_instruction_site(&patch__flush_hash_A1, 0x7c0, hash_mb << 6);
447 modify_instruction_site(&patch__flush_hash_A2, 0x7c0, hash_mb2 << 6);
448 modify_instruction_site(&patch__flush_hash_B, 0xffff, hmask);
451 void setup_initial_memory_limit(phys_addr_t first_memblock_base,
452 phys_addr_t first_memblock_size)
454 /* We don't currently support the first MEMBLOCK not mapping 0
455 * physical on those processors
457 BUG_ON(first_memblock_base != 0);
459 /* 601 can only access 16MB at the moment */
460 if (IS_ENABLED(CONFIG_PPC_BOOK3S_601))
461 memblock_set_current_limit(min_t(u64, first_memblock_size, 0x01000000));
462 else /* Anything else has 256M mapped */
463 memblock_set_current_limit(min_t(u64, first_memblock_size, 0x10000000));
466 void __init print_system_hash_info(void)
468 pr_info("Hash_size = 0x%lx\n", Hash_size);
470 pr_info("Hash_mask = 0x%lx\n", Hash_mask);
473 #ifdef CONFIG_PPC_KUEP
474 void __init setup_kuep(bool disabled)
476 pr_info("Activating Kernel Userspace Execution Prevention\n");
479 pr_warn("KUEP cannot be disabled yet on 6xx when compiled in\n");
483 #ifdef CONFIG_PPC_KUAP
484 void __init setup_kuap(bool disabled)
486 pr_info("Activating Kernel Userspace Access Protection\n");
489 pr_warn("KUAP cannot be disabled yet on 6xx when compiled in\n");
projects / linux-2.6-microblaze.git / blob