[mirror_ubuntu-bionic-kernel.git] / arch / arm64 / mm / proc.S

/*
 * Based on arch/arm/mm/proc.S
 *
 * Copyright (C) 2001 Deep Blue Solutions Ltd.
 * Copyright (C) 2012 ARM Ltd.
 * Author: Catalin Marinas <catalin.marinas@arm.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
 * published by the Free Software Foundation.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

#include <linux/init.h>
#include <linux/linkage.h>
#include <asm/assembler.h>
#include <asm/asm-offsets.h>
#include <asm/hwcap.h>
#include <asm/pgtable.h>
#include <asm/pgtable-hwdef.h>
#include <asm/cpufeature.h>
#include <asm/alternative.h>

#ifdef CONFIG_ARM64_64K_PAGES
#define TCR_TG_FLAGS	TCR_TG0_64K | TCR_TG1_64K
#elif defined(CONFIG_ARM64_16K_PAGES)
#define TCR_TG_FLAGS	TCR_TG0_16K | TCR_TG1_16K
#else /* CONFIG_ARM64_4K_PAGES */
#define TCR_TG_FLAGS	TCR_TG0_4K | TCR_TG1_4K
#endif

#define TCR_SMP_FLAGS	TCR_SHARED

/* PTWs cacheable, inner/outer WBWA */
#define TCR_CACHE_FLAGS	TCR_IRGN_WBWA | TCR_ORGN_WBWA

#define MAIR(attr, mt)	((attr) << ((mt) * 8))

/*
 *	cpu_do_idle()
 *
 *	Idle the processor (wait for interrupt).
 */
ENTRY(cpu_do_idle)
	dsb	sy				// WFI may enter a low-power mode
	wfi
	ret
ENDPROC(cpu_do_idle)

#ifdef CONFIG_CPU_PM
/**
 * cpu_do_suspend - save CPU registers context
 *
 * x0: virtual address of context pointer
 */
ENTRY(cpu_do_suspend)
	mrs	x2, tpidr_el0
	mrs	x3, tpidrro_el0
	mrs	x4, contextidr_el1
	mrs	x5, cpacr_el1
	mrs	x6, tcr_el1
	mrs	x7, vbar_el1
	mrs	x8, mdscr_el1
	mrs	x9, oslsr_el1
	mrs	x10, sctlr_el1
alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
	mrs	x11, tpidr_el1
alternative_else
	mrs	x11, tpidr_el2
alternative_endif
	mrs	x12, sp_el0
	stp	x2, x3, [x0]
	stp	x4, xzr, [x0, #16]
	stp	x5, x6, [x0, #32]
	stp	x7, x8, [x0, #48]
	stp	x9, x10, [x0, #64]
	stp	x11, x12, [x0, #80]
	ret
ENDPROC(cpu_do_suspend)

/**
 * cpu_do_resume - restore CPU register context
 *
 * x0: Address of context pointer
 */
	.pushsection ".idmap.text", "awx"
ENTRY(cpu_do_resume)
	ldp	x2, x3, [x0]
	ldp	x4, x5, [x0, #16]
	ldp	x6, x8, [x0, #32]
	ldp	x9, x10, [x0, #48]
	ldp	x11, x12, [x0, #64]
	ldp	x13, x14, [x0, #80]
	msr	tpidr_el0, x2
	msr	tpidrro_el0, x3
	msr	contextidr_el1, x4
	msr	cpacr_el1, x6

	/* Don't change t0sz here, mask those bits when restoring */
	mrs	x5, tcr_el1
	bfi	x8, x5, TCR_T0SZ_OFFSET, TCR_TxSZ_WIDTH

	msr	tcr_el1, x8
	msr	vbar_el1, x9

	/*
	 * __cpu_setup() cleared MDSCR_EL1.MDE and friends, before unmasking
	 * debug exceptions. By restoring MDSCR_EL1 here, we may take a debug
	 * exception. Mask them until local_daif_restore() in cpu_suspend()
	 * resets them.
	 */
	disable_daif
	msr	mdscr_el1, x10

	msr	sctlr_el1, x12
alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
	msr	tpidr_el1, x13
alternative_else
	msr	tpidr_el2, x13
alternative_endif
	msr	sp_el0, x14
	/*
	 * Restore oslsr_el1 by writing oslar_el1
	 */
	ubfx	x11, x11, #1, #1
	msr	oslar_el1, x11
	reset_pmuserenr_el0 x0			// Disable PMU access from EL0
	isb
	ret
ENDPROC(cpu_do_resume)
	.popsection
#endif

/*
 *	cpu_do_switch_mm(pgd_phys, tsk)
 *
 *	Set the translation table base pointer to be pgd_phys.
 *
 *	- pgd_phys - physical address of new TTB
 */
ENTRY(cpu_do_switch_mm)
	mrs	x2, ttbr1_el1
	mmid	x1, x1				// get mm->context.id
#ifdef CONFIG_ARM64_SW_TTBR0_PAN
	bfi	x0, x1, #48, #16		// set the ASID field in TTBR0
#endif
	bfi	x2, x1, #48, #16		// set the ASID
	msr	ttbr1_el1, x2			// in TTBR1 (since TCR.A1 is set)
	isb
	msr	ttbr0_el1, x0			// now update TTBR0
	isb
	b	post_ttbr_update_workaround	// Back to C code...
ENDPROC(cpu_do_switch_mm)

	.pushsection ".idmap.text", "awx"

.macro	__idmap_cpu_set_reserved_ttbr1, tmp1, tmp2
	adrp	\tmp1, empty_zero_page
	msr	ttbr1_el1, \tmp1
	isb
	tlbi	vmalle1
	dsb	nsh
	isb
.endm

/*
 * void idmap_cpu_replace_ttbr1(phys_addr_t new_pgd)
 *
 * This is the low-level counterpart to cpu_replace_ttbr1, and should not be
 * called by anything else. It can only be executed from a TTBR0 mapping.
 */
ENTRY(idmap_cpu_replace_ttbr1)
	save_and_disable_daif flags=x2

	__idmap_cpu_set_reserved_ttbr1 x1, x3

	msr	ttbr1_el1, x0
	isb

	restore_daif x2

	ret
ENDPROC(idmap_cpu_replace_ttbr1)
	.popsection

#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
	.pushsection ".idmap.text", "awx"

	.macro	__idmap_kpti_get_pgtable_ent, type
	dc	cvac, cur_\()\type\()p		// Ensure any existing dirty
	dmb	sy				// lines are written back before
	ldr	\type, [cur_\()\type\()p]	// loading the entry
	tbz	\type, #0, skip_\()\type	// Skip invalid and
	tbnz	\type, #11, skip_\()\type	// non-global entries
	.endm

	.macro __idmap_kpti_put_pgtable_ent_ng, type
	orr	\type, \type, #PTE_NG		// Same bit for blocks and pages
	str	\type, [cur_\()\type\()p]	// Update the entry and ensure it
	dc	civac, cur_\()\type\()p		// is visible to all CPUs.
	.endm

/*
 * void __kpti_install_ng_mappings(int cpu, int num_cpus, phys_addr_t swapper)
 *
 * Called exactly once from stop_machine context by each CPU found during boot.
 */
__idmap_kpti_flag:
	.long	1
ENTRY(idmap_kpti_install_ng_mappings)
	cpu		.req	w0
	num_cpus	.req	w1
	swapper_pa	.req	x2
	swapper_ttb	.req	x3
	flag_ptr	.req	x4
	cur_pgdp	.req	x5
	end_pgdp	.req	x6
	pgd		.req	x7
	cur_pudp	.req	x8
	end_pudp	.req	x9
	pud		.req	x10
	cur_pmdp	.req	x11
	end_pmdp	.req	x12
	pmd		.req	x13
	cur_ptep	.req	x14
	end_ptep	.req	x15
	pte		.req	x16

	mrs	swapper_ttb, ttbr1_el1
	adr	flag_ptr, __idmap_kpti_flag

	cbnz	cpu, __idmap_kpti_secondary

	/* We're the boot CPU. Wait for the others to catch up */
	sevl
1:	wfe
	ldaxr	w18, [flag_ptr]
	eor	w18, w18, num_cpus
	cbnz	w18, 1b

	/* We need to walk swapper, so turn off the MMU. */
	pre_disable_mmu_workaround
	mrs	x18, sctlr_el1
	bic	x18, x18, #SCTLR_ELx_M
	msr	sctlr_el1, x18
	isb

	/* Everybody is enjoying the idmap, so we can rewrite swapper. */
	/* PGD */
	mov	cur_pgdp, swapper_pa
	add	end_pgdp, cur_pgdp, #(PTRS_PER_PGD * 8)
do_pgd:	__idmap_kpti_get_pgtable_ent	pgd
	tbnz	pgd, #1, walk_puds
next_pgd:
	__idmap_kpti_put_pgtable_ent_ng	pgd
skip_pgd:
	add	cur_pgdp, cur_pgdp, #8
	cmp	cur_pgdp, end_pgdp
	b.ne	do_pgd

	/* Publish the updated tables and nuke all the TLBs */
	dsb	sy
	tlbi	vmalle1is
	dsb	ish
	isb

	/* We're done: fire up the MMU again */
	mrs	x18, sctlr_el1
	orr	x18, x18, #SCTLR_ELx_M
	msr	sctlr_el1, x18
	isb

	/* Set the flag to zero to indicate that we're all done */
	str	wzr, [flag_ptr]
	ret

	/* PUD */
walk_puds:
	.if CONFIG_PGTABLE_LEVELS > 3
	pte_to_phys	cur_pudp, pgd
	add	end_pudp, cur_pudp, #(PTRS_PER_PUD * 8)
do_pud:	__idmap_kpti_get_pgtable_ent	pud
	tbnz	pud, #1, walk_pmds
next_pud:
	__idmap_kpti_put_pgtable_ent_ng	pud
skip_pud:
	add	cur_pudp, cur_pudp, 8
	cmp	cur_pudp, end_pudp
	b.ne	do_pud
	b	next_pgd
	.else /* CONFIG_PGTABLE_LEVELS <= 3 */
	mov	pud, pgd
	b	walk_pmds
next_pud:
	b	next_pgd
	.endif

	/* PMD */
walk_pmds:
	.if CONFIG_PGTABLE_LEVELS > 2
	pte_to_phys	cur_pmdp, pud
	add	end_pmdp, cur_pmdp, #(PTRS_PER_PMD * 8)
do_pmd:	__idmap_kpti_get_pgtable_ent	pmd
	tbnz	pmd, #1, walk_ptes
next_pmd:
	__idmap_kpti_put_pgtable_ent_ng	pmd
skip_pmd:
	add	cur_pmdp, cur_pmdp, #8
	cmp	cur_pmdp, end_pmdp
	b.ne	do_pmd
	b	next_pud
	.else /* CONFIG_PGTABLE_LEVELS <= 2 */
	mov	pmd, pud
	b	walk_ptes
next_pmd:
	b	next_pud
	.endif

	/* PTE */
walk_ptes:
	pte_to_phys	cur_ptep, pmd
	add	end_ptep, cur_ptep, #(PTRS_PER_PTE * 8)
do_pte:	__idmap_kpti_get_pgtable_ent	pte
	__idmap_kpti_put_pgtable_ent_ng	pte
skip_pte:
	add	cur_ptep, cur_ptep, #8
	cmp	cur_ptep, end_ptep
	b.ne	do_pte
	b	next_pmd

	/* Secondary CPUs end up here */
__idmap_kpti_secondary:
	/* Uninstall swapper before surgery begins */
	__idmap_cpu_set_reserved_ttbr1 x18, x17

	/* Increment the flag to let the boot CPU we're ready */
1:	ldxr	w18, [flag_ptr]
	add	w18, w18, #1
	stxr	w17, w18, [flag_ptr]
	cbnz	w17, 1b

	/* Wait for the boot CPU to finish messing around with swapper */
	sevl
1:	wfe
	ldxr	w18, [flag_ptr]
	cbnz	w18, 1b

	/* All done, act like nothing happened */
	msr	ttbr1_el1, swapper_ttb
	isb
	ret

	.unreq	cpu
	.unreq	num_cpus
	.unreq	swapper_pa
	.unreq	swapper_ttb
	.unreq	flag_ptr
	.unreq	cur_pgdp
	.unreq	end_pgdp
	.unreq	pgd
	.unreq	cur_pudp
	.unreq	end_pudp
	.unreq	pud
	.unreq	cur_pmdp
	.unreq	end_pmdp
	.unreq	pmd
	.unreq	cur_ptep
	.unreq	end_ptep
	.unreq	pte
ENDPROC(idmap_kpti_install_ng_mappings)
	.popsection
#endif

/*
 *	__cpu_setup
 *
 *	Initialise the processor for turning the MMU on.  Return in x0 the
 *	value of the SCTLR_EL1 register.
 */
	.pushsection ".idmap.text", "awx"
ENTRY(__cpu_setup)
	tlbi	vmalle1				// Invalidate local TLB
	dsb	nsh

	mov	x0, #3 << 20
	msr	cpacr_el1, x0			// Enable FP/ASIMD
	mov	x0, #1 << 12			// Reset mdscr_el1 and disable
	msr	mdscr_el1, x0			// access to the DCC from EL0
	isb					// Unmask debug exceptions now,
	enable_dbg				// since this is per-cpu
	reset_pmuserenr_el0 x0			// Disable PMU access from EL0
	/*
	 * Memory region attributes for LPAE:
	 *
	 *   n = AttrIndx[2:0]
	 *			n	MAIR
	 *   DEVICE_nGnRnE	000	00000000
	 *   DEVICE_nGnRE	001	00000100
	 *   DEVICE_GRE		010	00001100
	 *   NORMAL_NC		011	01000100
	 *   NORMAL		100	11111111
	 *   NORMAL_WT		101	10111011
	 */
	ldr	x5, =MAIR(0x00, MT_DEVICE_nGnRnE) | \
		     MAIR(0x04, MT_DEVICE_nGnRE) | \
		     MAIR(0x0c, MT_DEVICE_GRE) | \
		     MAIR(0x44, MT_NORMAL_NC) | \
		     MAIR(0xff, MT_NORMAL) | \
		     MAIR(0xbb, MT_NORMAL_WT)
	msr	mair_el1, x5
	/*
	 * Prepare SCTLR
	 */
	mov_q	x0, SCTLR_EL1_SET
	/*
	 * Set/prepare TCR and TTBR. We use 512GB (39-bit) address range for
	 * both user and kernel.
	 */
	ldr	x10, =TCR_TxSZ(VA_BITS) | TCR_CACHE_FLAGS | TCR_SMP_FLAGS | \
			TCR_TG_FLAGS | TCR_ASID16 | TCR_TBI0 | TCR_A1
	tcr_set_idmap_t0sz	x10, x9

	/*
	 * Read the PARange bits from ID_AA64MMFR0_EL1 and set the IPS bits in
	 * TCR_EL1.
	 */
	mrs	x9, ID_AA64MMFR0_EL1
	bfi	x10, x9, #32, #3
#ifdef CONFIG_ARM64_HW_AFDBM
	/*
	 * Hardware update of the Access and Dirty bits.
	 */
	mrs	x9, ID_AA64MMFR1_EL1
	and	x9, x9, #0xf
	cbz	x9, 2f
	cmp	x9, #2
	b.lt	1f
	orr	x10, x10, #TCR_HD		// hardware Dirty flag update
1:	orr	x10, x10, #TCR_HA		// hardware Access flag update
2:
#endif	/* CONFIG_ARM64_HW_AFDBM */
	msr	tcr_el1, x10
	ret					// return to head.S
ENDPROC(__cpu_setup)
Commit	Line	Data
9cce7a43 CM	1	/*
	2	* Based on arch/arm/mm/proc.S
	3	*
	4	* Copyright (C) 2001 Deep Blue Solutions Ltd.
	5	* Copyright (C) 2012 ARM Ltd.
	6	* Author: Catalin Marinas <catalin.marinas@arm.com>
	7	*
	8	* This program is free software; you can redistribute it and/or modify
	9	* it under the terms of the GNU General Public License version 2 as
	10	* published by the Free Software Foundation.
	11	*
	12	* This program is distributed in the hope that it will be useful,
	13	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	14	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	15	* GNU General Public License for more details.
	16	*
	17	* You should have received a copy of the GNU General Public License
	18	* along with this program. If not, see <http://www.gnu.org/licenses/>.
	19	*/
	20
	21	#include <linux/init.h>
	22	#include <linux/linkage.h>
	23	#include <asm/assembler.h>
	24	#include <asm/asm-offsets.h>
	25	#include <asm/hwcap.h>
9cce7a43	26	#include <asm/pgtable.h>
cabe1c81	27	#include <asm/pgtable-hwdef.h>
104a0c02 AP	28	#include <asm/cpufeature.h>
104a0c02 AP	29	#include <asm/alternative.h>
9cce7a43	30
35a86976 CM	31	#ifdef CONFIG_ARM64_64K_PAGES
35a86976 CM	32	#define TCR_TG_FLAGS TCR_TG0_64K \| TCR_TG1_64K
44eaacf1 SP	33	#elif defined(CONFIG_ARM64_16K_PAGES)
	34	#define TCR_TG_FLAGS TCR_TG0_16K \| TCR_TG1_16K
	35	#else /* CONFIG_ARM64_4K_PAGES */
35a86976 CM	36	#define TCR_TG_FLAGS TCR_TG0_4K \| TCR_TG1_4K
	37	#endif
	38
35a86976	39	#define TCR_SMP_FLAGS TCR_SHARED
9cce7a43	40
35a86976 CM	41	/* PTWs cacheable, inner/outer WBWA */
	42	#define TCR_CACHE_FLAGS TCR_IRGN_WBWA \| TCR_ORGN_WBWA
	43
9cce7a43 CM	44	#define MAIR(attr, mt) ((attr) << ((mt) * 8))
9cce7a43 CM	45
9cce7a43 CM	46	/*
	47	* cpu_do_idle()
	48	*
	49	* Idle the processor (wait for interrupt).
	50	*/
	51	ENTRY(cpu_do_idle)
	52	dsb sy // WFI may enter a low-power mode
	53	wfi
	54	ret
	55	ENDPROC(cpu_do_idle)
	56
af3cfdbf	57	#ifdef CONFIG_CPU_PM
6732bc65 LP	58	/**
	59	* cpu_do_suspend - save CPU registers context
	60	*
	61	* x0: virtual address of context pointer
	62	*/
	63	ENTRY(cpu_do_suspend)
	64	mrs x2, tpidr_el0
	65	mrs x3, tpidrro_el0
	66	mrs x4, contextidr_el1
cabe1c81 JM	67	mrs x5, cpacr_el1
	68	mrs x6, tcr_el1
	69	mrs x7, vbar_el1
	70	mrs x8, mdscr_el1
	71	mrs x9, oslsr_el1
	72	mrs x10, sctlr_el1
53390852	73	alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
623b476f	74	mrs x11, tpidr_el1
53390852 JM	75	alternative_else
	76	mrs x11, tpidr_el2
	77	alternative_endif
623b476f	78	mrs x12, sp_el0
6732bc65	79	stp x2, x3, [x0]
cabe1c81 JM	80	stp x4, xzr, [x0, #16]
	81	stp x5, x6, [x0, #32]
	82	stp x7, x8, [x0, #48]
	83	stp x9, x10, [x0, #64]
623b476f	84	stp x11, x12, [x0, #80]
6732bc65 LP	85	ret
	86	ENDPROC(cpu_do_suspend)
	87
	88	/**
	89	* cpu_do_resume - restore CPU register context
	90	*
cabe1c81	91	* x0: Address of context pointer
6732bc65	92	*/
b159a095	93	.pushsection ".idmap.text", "awx"
6732bc65	94	ENTRY(cpu_do_resume)
6732bc65 LP	95	ldp x2, x3, [x0]
6732bc65 LP	96	ldp x4, x5, [x0, #16]
cabe1c81 JM	97	ldp x6, x8, [x0, #32]
	98	ldp x9, x10, [x0, #48]
	99	ldp x11, x12, [x0, #64]
623b476f	100	ldp x13, x14, [x0, #80]
6732bc65 LP	101	msr tpidr_el0, x2
	102	msr tpidrro_el0, x3
	103	msr contextidr_el1, x4
6732bc65	104	msr cpacr_el1, x6
cabe1c81 JM	105
	106	/* Don't change t0sz here, mask those bits when restoring */
	107	mrs x5, tcr_el1
	108	bfi x8, x5, TCR_T0SZ_OFFSET, TCR_TxSZ_WIDTH
	109
6732bc65 LP	110	msr tcr_el1, x8
6732bc65 LP	111	msr vbar_el1, x9
744c6c37 JM	112
	113	/*
	114	* __cpu_setup() cleared MDSCR_EL1.MDE and friends, before unmasking
	115	* debug exceptions. By restoring MDSCR_EL1 here, we may take a debug
0fbeb318	116	* exception. Mask them until local_daif_restore() in cpu_suspend()
744c6c37 JM	117	* resets them.
744c6c37 JM	118	*/
0fbeb318	119	disable_daif
6732bc65	120	msr mdscr_el1, x10
744c6c37	121
cabe1c81	122	msr sctlr_el1, x12
53390852	123	alternative_if_not ARM64_HAS_VIRT_HOST_EXTN
623b476f	124	msr tpidr_el1, x13
53390852 JM	125	alternative_else
	126	msr tpidr_el2, x13
	127	alternative_endif
623b476f	128	msr sp_el0, x14
6732bc65 LP	129	/*
	130	* Restore oslsr_el1 by writing oslar_el1
	131	*/
	132	ubfx x11, x11, #1, #1
	133	msr oslar_el1, x11
f436b2ac	134	reset_pmuserenr_el0 x0 // Disable PMU access from EL0
6732bc65 LP	135	isb
	136	ret
	137	ENDPROC(cpu_do_resume)
b6113038	138	.popsection
6732bc65 LP	139	#endif
6732bc65 LP	140
9cce7a43	141	/*
812944e9	142	* cpu_do_switch_mm(pgd_phys, tsk)
9cce7a43 CM	143	*
	144	* Set the translation table base pointer to be pgd_phys.
	145	*
	146	* - pgd_phys - physical address of new TTB
	147	*/
	148	ENTRY(cpu_do_switch_mm)
c4f25e12	149	mrs x2, ttbr1_el1
5aec715d	150	mmid x1, x1 // get mm->context.id
6884bbc7 CM	151	#ifdef CONFIG_ARM64_SW_TTBR0_PAN
	152	bfi x0, x1, #48, #16 // set the ASID field in TTBR0
	153	#endif
c4f25e12 WD	154	bfi x2, x1, #48, #16 // set the ASID
	155	msr ttbr1_el1, x2 // in TTBR1 (since TCR.A1 is set)
	156	isb
	157	msr ttbr0_el1, x0 // now update TTBR0
9cce7a43	158	isb
aafb2daf	159	b post_ttbr_update_workaround // Back to C code...
9cce7a43 CM	160	ENDPROC(cpu_do_switch_mm)
9cce7a43 CM	161
b159a095	162	.pushsection ".idmap.text", "awx"
5c10f9ca WD	163
	164	.macro __idmap_cpu_set_reserved_ttbr1, tmp1, tmp2
	165	adrp \tmp1, empty_zero_page
47d9550f	166	msr ttbr1_el1, \tmp1
5c10f9ca WD	167	isb
	168	tlbi vmalle1
	169	dsb nsh
	170	isb
	171	.endm
	172
50e1881d MR	173	/*
	174	* void idmap_cpu_replace_ttbr1(phys_addr_t new_pgd)
	175	*
	176	* This is the low-level counterpart to cpu_replace_ttbr1, and should not be
	177	* called by anything else. It can only be executed from a TTBR0 mapping.
	178	*/
	179	ENTRY(idmap_cpu_replace_ttbr1)
0fbeb318	180	save_and_disable_daif flags=x2
50e1881d	181
5c10f9ca	182	__idmap_cpu_set_reserved_ttbr1 x1, x3
50e1881d MR	183
	184	msr ttbr1_el1, x0
	185	isb
	186
0fbeb318	187	restore_daif x2
50e1881d MR	188
	189	ret
	190	ENDPROC(idmap_cpu_replace_ttbr1)
	191	.popsection
	192
5c10f9ca	193	#ifdef CONFIG_UNMAP_KERNEL_AT_EL0
b159a095	194	.pushsection ".idmap.text", "awx"
5c10f9ca WD	195
	196	.macro __idmap_kpti_get_pgtable_ent, type
	197	dc cvac, cur_\()\type\()p // Ensure any existing dirty
	198	dmb sy // lines are written back before
	199	ldr \type, [cur_\()\type\()p] // loading the entry
7ac5b9bf WD	200	tbz \type, #0, skip_\()\type // Skip invalid and
7ac5b9bf WD	201	tbnz \type, #11, skip_\()\type // non-global entries
5c10f9ca WD	202	.endm
	203
	204	.macro __idmap_kpti_put_pgtable_ent_ng, type
	205	orr \type, \type, #PTE_NG // Same bit for blocks and pages
	206	str \type, [cur_\()\type\()p] // Update the entry and ensure it
	207	dc civac, cur_\()\type\()p // is visible to all CPUs.
	208	.endm
	209
	210	/*
	211	* void __kpti_install_ng_mappings(int cpu, int num_cpus, phys_addr_t swapper)
	212	*
	213	* Called exactly once from stop_machine context by each CPU found during boot.
	214	*/
	215	__idmap_kpti_flag:
	216	.long 1
	217	ENTRY(idmap_kpti_install_ng_mappings)
	218	cpu .req w0
	219	num_cpus .req w1
	220	swapper_pa .req x2
	221	swapper_ttb .req x3
	222	flag_ptr .req x4
	223	cur_pgdp .req x5
	224	end_pgdp .req x6
	225	pgd .req x7
	226	cur_pudp .req x8
	227	end_pudp .req x9
	228	pud .req x10
	229	cur_pmdp .req x11
	230	end_pmdp .req x12
	231	pmd .req x13
	232	cur_ptep .req x14
	233	end_ptep .req x15
	234	pte .req x16
	235
	236	mrs swapper_ttb, ttbr1_el1
	237	adr flag_ptr, __idmap_kpti_flag
	238
	239	cbnz cpu, __idmap_kpti_secondary
	240
	241	/* We're the boot CPU. Wait for the others to catch up */
	242	sevl
	243	1: wfe
	244	ldaxr w18, [flag_ptr]
	245	eor w18, w18, num_cpus
	246	cbnz w18, 1b
	247
	248	/* We need to walk swapper, so turn off the MMU. */
	249	pre_disable_mmu_workaround
	250	mrs x18, sctlr_el1
	251	bic x18, x18, #SCTLR_ELx_M
	252	msr sctlr_el1, x18
	253	isb
	254
	255	/* Everybody is enjoying the idmap, so we can rewrite swapper. */
	256	/* PGD */
	257	mov cur_pgdp, swapper_pa
	258	add end_pgdp, cur_pgdp, #(PTRS_PER_PGD * 8)
	259	do_pgd: __idmap_kpti_get_pgtable_ent pgd
	260	tbnz pgd, #1, walk_puds
5c10f9ca	261	next_pgd:
7ac5b9bf WD	262	__idmap_kpti_put_pgtable_ent_ng pgd
7ac5b9bf WD	263	skip_pgd:
5c10f9ca WD	264	add cur_pgdp, cur_pgdp, #8
	265	cmp cur_pgdp, end_pgdp
	266	b.ne do_pgd
	267
	268	/* Publish the updated tables and nuke all the TLBs */
	269	dsb sy
	270	tlbi vmalle1is
	271	dsb ish
	272	isb
	273
	274	/* We're done: fire up the MMU again */
	275	mrs x18, sctlr_el1
	276	orr x18, x18, #SCTLR_ELx_M
	277	msr sctlr_el1, x18
	278	isb
	279
	280	/* Set the flag to zero to indicate that we're all done */
	281	str wzr, [flag_ptr]
	282	ret
	283
	284	/* PUD */
	285	walk_puds:
	286	.if CONFIG_PGTABLE_LEVELS > 3
	287	pte_to_phys cur_pudp, pgd
	288	add end_pudp, cur_pudp, #(PTRS_PER_PUD * 8)
	289	do_pud: __idmap_kpti_get_pgtable_ent pud
	290	tbnz pud, #1, walk_pmds
5c10f9ca	291	next_pud:
7ac5b9bf WD	292	__idmap_kpti_put_pgtable_ent_ng pud
7ac5b9bf WD	293	skip_pud:
5c10f9ca WD	294	add cur_pudp, cur_pudp, 8
	295	cmp cur_pudp, end_pudp
	296	b.ne do_pud
	297	b next_pgd
	298	.else /* CONFIG_PGTABLE_LEVELS <= 3 */
	299	mov pud, pgd
	300	b walk_pmds
	301	next_pud:
	302	b next_pgd
	303	.endif
	304
	305	/* PMD */
	306	walk_pmds:
	307	.if CONFIG_PGTABLE_LEVELS > 2
	308	pte_to_phys cur_pmdp, pud
	309	add end_pmdp, cur_pmdp, #(PTRS_PER_PMD * 8)
	310	do_pmd: __idmap_kpti_get_pgtable_ent pmd
	311	tbnz pmd, #1, walk_ptes
5c10f9ca	312	next_pmd:
7ac5b9bf WD	313	__idmap_kpti_put_pgtable_ent_ng pmd
7ac5b9bf WD	314	skip_pmd:
5c10f9ca WD	315	add cur_pmdp, cur_pmdp, #8
	316	cmp cur_pmdp, end_pmdp
	317	b.ne do_pmd
	318	b next_pud
	319	.else /* CONFIG_PGTABLE_LEVELS <= 2 */
	320	mov pmd, pud
	321	b walk_ptes
	322	next_pmd:
	323	b next_pud
	324	.endif
	325
	326	/* PTE */
	327	walk_ptes:
	328	pte_to_phys cur_ptep, pmd
	329	add end_ptep, cur_ptep, #(PTRS_PER_PTE * 8)
	330	do_pte: __idmap_kpti_get_pgtable_ent pte
	331	__idmap_kpti_put_pgtable_ent_ng pte
7ac5b9bf	332	skip_pte:
5c10f9ca WD	333	add cur_ptep, cur_ptep, #8
	334	cmp cur_ptep, end_ptep
	335	b.ne do_pte
	336	b next_pmd
	337
	338	/* Secondary CPUs end up here */
	339	__idmap_kpti_secondary:
	340	/* Uninstall swapper before surgery begins */
	341	__idmap_cpu_set_reserved_ttbr1 x18, x17
	342
	343	/* Increment the flag to let the boot CPU we're ready */
	344	1: ldxr w18, [flag_ptr]
	345	add w18, w18, #1
	346	stxr w17, w18, [flag_ptr]
	347	cbnz w17, 1b
	348
	349	/* Wait for the boot CPU to finish messing around with swapper */
	350	sevl
	351	1: wfe
	352	ldxr w18, [flag_ptr]
	353	cbnz w18, 1b
	354
	355	/* All done, act like nothing happened */
	356	msr ttbr1_el1, swapper_ttb
	357	isb
	358	ret
	359
	360	.unreq cpu
	361	.unreq num_cpus
	362	.unreq swapper_pa
	363	.unreq swapper_ttb
	364	.unreq flag_ptr
	365	.unreq cur_pgdp
	366	.unreq end_pgdp
	367	.unreq pgd
	368	.unreq cur_pudp
	369	.unreq end_pudp
	370	.unreq pud
	371	.unreq cur_pmdp
	372	.unreq end_pmdp
	373	.unreq pmd
	374	.unreq cur_ptep
	375	.unreq end_ptep
	376	.unreq pte
	377	ENDPROC(idmap_kpti_install_ng_mappings)
	378	.popsection
	379	#endif
	380
9cce7a43 CM	381	/*
	382	* __cpu_setup
	383	*
	384	* Initialise the processor for turning the MMU on. Return in x0 the
	385	* value of the SCTLR_EL1 register.
	386	*/
b159a095	387	.pushsection ".idmap.text", "awx"
9cce7a43	388	ENTRY(__cpu_setup)
fa7aae8a WD	389	tlbi vmalle1 // Invalidate local TLB
fa7aae8a WD	390	dsb nsh
9cce7a43 CM	391
	392	mov x0, #3 << 20
	393	msr cpacr_el1, x0 // Enable FP/ASIMD
d8d23fa0 WD	394	mov x0, #1 << 12 // Reset mdscr_el1 and disable
d8d23fa0 WD	395	msr mdscr_el1, x0 // access to the DCC from EL0
2ce39ad1 WD	396	isb // Unmask debug exceptions now,
2ce39ad1 WD	397	enable_dbg // since this is per-cpu
f436b2ac	398	reset_pmuserenr_el0 x0 // Disable PMU access from EL0
9cce7a43 CM	399	/*
	400	* Memory region attributes for LPAE:
	401	*
	402	* n = AttrIndx[2:0]
	403	* n MAIR
	404	* DEVICE_nGnRnE 000 00000000
	405	* DEVICE_nGnRE 001 00000100
	406	* DEVICE_GRE 010 00001100
	407	* NORMAL_NC 011 01000100
	408	* NORMAL 100 11111111
8d446c86	409	* NORMAL_WT 101 10111011
9cce7a43 CM	410	*/
	411	ldr x5, =MAIR(0x00, MT_DEVICE_nGnRnE) \| \
	412	MAIR(0x04, MT_DEVICE_nGnRE) \| \
	413	MAIR(0x0c, MT_DEVICE_GRE) \| \
	414	MAIR(0x44, MT_NORMAL_NC) \| \
8d446c86 JZZ	415	MAIR(0xff, MT_NORMAL) \| \
8d446c86 JZZ	416	MAIR(0xbb, MT_NORMAL_WT)
9cce7a43 CM	417	msr mair_el1, x5
	418	/*
	419	* Prepare SCTLR
	420	*/
99501991	421	mov_q x0, SCTLR_EL1_SET
9cce7a43 CM	422	/*
	423	* Set/prepare TCR and TTBR. We use 512GB (39-bit) address range for
	424	* both user and kernel.
	425	*/
35a86976	426	ldr x10, =TCR_TxSZ(VA_BITS) \| TCR_CACHE_FLAGS \| TCR_SMP_FLAGS \| \
c4f25e12	427	TCR_TG_FLAGS \| TCR_ASID16 \| TCR_TBI0 \| TCR_A1
dd006da2 AB	428	tcr_set_idmap_t0sz x10, x9
dd006da2 AB	429
87366d8c RMC	430	/*
	431	* Read the PARange bits from ID_AA64MMFR0_EL1 and set the IPS bits in
	432	* TCR_EL1.
	433	*/
	434	mrs x9, ID_AA64MMFR0_EL1
	435	bfi x10, x9, #32, #3
2f4b829c CM	436	#ifdef CONFIG_ARM64_HW_AFDBM
	437	/*
	438	* Hardware update of the Access and Dirty bits.
	439	*/
	440	mrs x9, ID_AA64MMFR1_EL1
	441	and x9, x9, #0xf
	442	cbz x9, 2f
	443	cmp x9, #2
	444	b.lt 1f
	445	orr x10, x10, #TCR_HD // hardware Dirty flag update
	446	1: orr x10, x10, #TCR_HA // hardware Access flag update
	447	2:
	448	#endif /* CONFIG_ARM64_HW_AFDBM */
9cce7a43 CM	449	msr tcr_el1, x10
	450	ret // return to head.S
	451	ENDPROC(__cpu_setup)