1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * Here is where the ball gets rolling as far as the kernel is concerned.
4 * When control is transferred to _start, the bootload has already
5 * loaded us to the correct address.  All that's left to do here is
6 * to set up the kernel's global pointer and jump to the kernel
7 * entry point.
8 *
9 * Copyright (C) 1998-2001, 2003, 2005 Hewlett-Packard Co
10 *	David Mosberger-Tang <davidm@hpl.hp.com>
11 *	Stephane Eranian <eranian@hpl.hp.com>
12 * Copyright (C) 1999 VA Linux Systems
13 * Copyright (C) 1999 Walt Drummond <drummond@valinux.com>
14 * Copyright (C) 1999 Intel Corp.
15 * Copyright (C) 1999 Asit Mallick <Asit.K.Mallick@intel.com>
16 * Copyright (C) 1999 Don Dugger <Don.Dugger@intel.com>
17 * Copyright (C) 2002 Fenghua Yu <fenghua.yu@intel.com>
18 *   -Optimize __ia64_save_fpu() and __ia64_load_fpu() for Itanium 2.
19 * Copyright (C) 2004 Ashok Raj <ashok.raj@intel.com>
20 *   Support for CPU Hotplug
21 */
22
23#include <linux/export.h>
24#include <linux/pgtable.h>
25#include <asm/asmmacro.h>
26#include <asm/fpu.h>
27#include <asm/kregs.h>
28#include <asm/mmu_context.h>
29#include <asm/asm-offsets.h>
30#include <asm/pal.h>
31#include <asm/processor.h>
32#include <asm/ptrace.h>
33#include <asm/mca_asm.h>
34#include <linux/init.h>
35#include <linux/linkage.h>
36
37#ifdef CONFIG_HOTPLUG_CPU
38#define SAL_PSR_BITS_TO_SET				\
39	(IA64_PSR_AC | IA64_PSR_BN | IA64_PSR_MFH | IA64_PSR_MFL)
40
41#define SAVE_FROM_REG(src, ptr, dest)	\
42	mov dest=src;;						\
43	st8 [ptr]=dest,0x08
44
45#define RESTORE_REG(reg, ptr, _tmp)		\
46	ld8 _tmp=[ptr],0x08;;				\
47	mov reg=_tmp
48
49#define SAVE_BREAK_REGS(ptr, _idx, _breg, _dest)\
50	mov ar.lc=IA64_NUM_DBG_REGS-1;; 			\
51	mov _idx=0;; 								\
521: 												\
53	SAVE_FROM_REG(_breg[_idx], ptr, _dest);;	\
54	add _idx=1,_idx;;							\
55	br.cloop.sptk.many 1b
56
57#define RESTORE_BREAK_REGS(ptr, _idx, _breg, _tmp, _lbl)\
58	mov ar.lc=IA64_NUM_DBG_REGS-1;;			\
59	mov _idx=0;;							\
60_lbl:  RESTORE_REG(_breg[_idx], ptr, _tmp);;	\
61	add _idx=1, _idx;;						\
62	br.cloop.sptk.many _lbl
63
64#define SAVE_ONE_RR(num, _reg, _tmp) \
65	movl _tmp=(num<<61);;	\
66	mov _reg=rr[_tmp]
67
68#define SAVE_REGION_REGS(_tmp, _r0, _r1, _r2, _r3, _r4, _r5, _r6, _r7) \
69	SAVE_ONE_RR(0,_r0, _tmp);; \
70	SAVE_ONE_RR(1,_r1, _tmp);; \
71	SAVE_ONE_RR(2,_r2, _tmp);; \
72	SAVE_ONE_RR(3,_r3, _tmp);; \
73	SAVE_ONE_RR(4,_r4, _tmp);; \
74	SAVE_ONE_RR(5,_r5, _tmp);; \
75	SAVE_ONE_RR(6,_r6, _tmp);; \
76	SAVE_ONE_RR(7,_r7, _tmp);;
77
78#define STORE_REGION_REGS(ptr, _r0, _r1, _r2, _r3, _r4, _r5, _r6, _r7) \
79	st8 [ptr]=_r0, 8;; \
80	st8 [ptr]=_r1, 8;; \
81	st8 [ptr]=_r2, 8;; \
82	st8 [ptr]=_r3, 8;; \
83	st8 [ptr]=_r4, 8;; \
84	st8 [ptr]=_r5, 8;; \
85	st8 [ptr]=_r6, 8;; \
86	st8 [ptr]=_r7, 8;;
87
88#define RESTORE_REGION_REGS(ptr, _idx1, _idx2, _tmp) \
89	mov		ar.lc=0x08-1;;						\
90	movl	_idx1=0x00;;						\
91RestRR:											\
92	dep.z	_idx2=_idx1,61,3;;					\
93	ld8		_tmp=[ptr],8;;						\
94	mov		rr[_idx2]=_tmp;;					\
95	srlz.d;;									\
96	add		_idx1=1,_idx1;;						\
97	br.cloop.sptk.few	RestRR
98
99#define SET_AREA_FOR_BOOTING_CPU(reg1, reg2) \
100	movl reg1=sal_state_for_booting_cpu;;	\
101	ld8 reg2=[reg1];;
102
103/*
104 * Adjust region registers saved before starting to save
105 * break regs and rest of the states that need to be preserved.
106 */
107#define SAL_TO_OS_BOOT_HANDOFF_STATE_SAVE(_reg1,_reg2,_pred)  \
108	SAVE_FROM_REG(b0,_reg1,_reg2);;						\
109	SAVE_FROM_REG(b1,_reg1,_reg2);;						\
110	SAVE_FROM_REG(b2,_reg1,_reg2);;						\
111	SAVE_FROM_REG(b3,_reg1,_reg2);;						\
112	SAVE_FROM_REG(b4,_reg1,_reg2);;						\
113	SAVE_FROM_REG(b5,_reg1,_reg2);;						\
114	st8 [_reg1]=r1,0x08;;								\
115	st8 [_reg1]=r12,0x08;;								\
116	st8 [_reg1]=r13,0x08;;								\
117	SAVE_FROM_REG(ar.fpsr,_reg1,_reg2);;				\
118	SAVE_FROM_REG(ar.pfs,_reg1,_reg2);;					\
119	SAVE_FROM_REG(ar.rnat,_reg1,_reg2);;				\
120	SAVE_FROM_REG(ar.unat,_reg1,_reg2);;				\
121	SAVE_FROM_REG(ar.bspstore,_reg1,_reg2);;			\
122	SAVE_FROM_REG(cr.dcr,_reg1,_reg2);;					\
123	SAVE_FROM_REG(cr.iva,_reg1,_reg2);;					\
124	SAVE_FROM_REG(cr.pta,_reg1,_reg2);;					\
125	SAVE_FROM_REG(cr.itv,_reg1,_reg2);;					\
126	SAVE_FROM_REG(cr.pmv,_reg1,_reg2);;					\
127	SAVE_FROM_REG(cr.cmcv,_reg1,_reg2);;				\
128	SAVE_FROM_REG(cr.lrr0,_reg1,_reg2);;				\
129	SAVE_FROM_REG(cr.lrr1,_reg1,_reg2);;				\
130	st8 [_reg1]=r4,0x08;;								\
131	st8 [_reg1]=r5,0x08;;								\
132	st8 [_reg1]=r6,0x08;;								\
133	st8 [_reg1]=r7,0x08;;								\
134	st8 [_reg1]=_pred,0x08;;							\
135	SAVE_FROM_REG(ar.lc, _reg1, _reg2);;				\
136	stf.spill.nta [_reg1]=f2,16;;						\
137	stf.spill.nta [_reg1]=f3,16;;						\
138	stf.spill.nta [_reg1]=f4,16;;						\
139	stf.spill.nta [_reg1]=f5,16;;						\
140	stf.spill.nta [_reg1]=f16,16;;						\
141	stf.spill.nta [_reg1]=f17,16;;						\
142	stf.spill.nta [_reg1]=f18,16;;						\
143	stf.spill.nta [_reg1]=f19,16;;						\
144	stf.spill.nta [_reg1]=f20,16;;						\
145	stf.spill.nta [_reg1]=f21,16;;						\
146	stf.spill.nta [_reg1]=f22,16;;						\
147	stf.spill.nta [_reg1]=f23,16;;						\
148	stf.spill.nta [_reg1]=f24,16;;						\
149	stf.spill.nta [_reg1]=f25,16;;						\
150	stf.spill.nta [_reg1]=f26,16;;						\
151	stf.spill.nta [_reg1]=f27,16;;						\
152	stf.spill.nta [_reg1]=f28,16;;						\
153	stf.spill.nta [_reg1]=f29,16;;						\
154	stf.spill.nta [_reg1]=f30,16;;						\
155	stf.spill.nta [_reg1]=f31,16;;
156
157#else
158#define SET_AREA_FOR_BOOTING_CPU(a1, a2)
159#define SAL_TO_OS_BOOT_HANDOFF_STATE_SAVE(a1,a2, a3)
160#define SAVE_REGION_REGS(_tmp, _r0, _r1, _r2, _r3, _r4, _r5, _r6, _r7)
161#define STORE_REGION_REGS(ptr, _r0, _r1, _r2, _r3, _r4, _r5, _r6, _r7)
162#endif
163
164#define SET_ONE_RR(num, pgsize, _tmp1, _tmp2, vhpt) \
165	movl _tmp1=(num << 61);;	\
166	mov _tmp2=((ia64_rid(IA64_REGION_ID_KERNEL, (num<<61)) << 8) | (pgsize << 2) | vhpt);; \
167	mov rr[_tmp1]=_tmp2
168
169	__PAGE_ALIGNED_DATA
170
171	.global empty_zero_page
172EXPORT_SYMBOL_GPL(empty_zero_page)
173empty_zero_page:
174	.skip PAGE_SIZE
175
176	.global swapper_pg_dir
177swapper_pg_dir:
178	.skip PAGE_SIZE
179
180	.rodata
181halt_msg:
182	stringz "Halting kernel\n"
183
184	__REF
185
186	.global start_ap
187
188	/*
189	 * Start the kernel.  When the bootloader passes control to _start(), r28
190	 * points to the address of the boot parameter area.  Execution reaches
191	 * here in physical mode.
192	 */
193GLOBAL_ENTRY(_start)
194start_ap:
195	.prologue
196	.save rp, r0		// terminate unwind chain with a NULL rp
197	.body
198
199	rsm psr.i | psr.ic
200	;;
201	srlz.i
202	;;
203 {
204	flushrs				// must be first insn in group
205	srlz.i
206 }
207	;;
208	/*
209	 * Save the region registers, predicate before they get clobbered
210	 */
211	SAVE_REGION_REGS(r2, r8,r9,r10,r11,r12,r13,r14,r15);
212	mov r25=pr;;
213
214	/*
215	 * Initialize kernel region registers:
216	 *	rr[0]: VHPT enabled, page size = PAGE_SHIFT
217	 *	rr[1]: VHPT enabled, page size = PAGE_SHIFT
218	 *	rr[2]: VHPT enabled, page size = PAGE_SHIFT
219	 *	rr[3]: VHPT enabled, page size = PAGE_SHIFT
220	 *	rr[4]: VHPT enabled, page size = PAGE_SHIFT
221	 *	rr[5]: VHPT enabled, page size = PAGE_SHIFT
222	 *	rr[6]: VHPT disabled, page size = IA64_GRANULE_SHIFT
223	 *	rr[7]: VHPT disabled, page size = IA64_GRANULE_SHIFT
224	 * We initialize all of them to prevent inadvertently assuming
225	 * something about the state of address translation early in boot.
226	 */
227	SET_ONE_RR(0, PAGE_SHIFT, r2, r16, 1);;
228	SET_ONE_RR(1, PAGE_SHIFT, r2, r16, 1);;
229	SET_ONE_RR(2, PAGE_SHIFT, r2, r16, 1);;
230	SET_ONE_RR(3, PAGE_SHIFT, r2, r16, 1);;
231	SET_ONE_RR(4, PAGE_SHIFT, r2, r16, 1);;
232	SET_ONE_RR(5, PAGE_SHIFT, r2, r16, 1);;
233	SET_ONE_RR(6, IA64_GRANULE_SHIFT, r2, r16, 0);;
234	SET_ONE_RR(7, IA64_GRANULE_SHIFT, r2, r16, 0);;
235	/*
236	 * Now pin mappings into the TLB for kernel text and data
237	 */
238	mov r18=KERNEL_TR_PAGE_SHIFT<<2
239	movl r17=KERNEL_START
240	;;
241	mov cr.itir=r18
242	mov cr.ifa=r17
243	mov r16=IA64_TR_KERNEL
244	mov r3=ip
245	movl r18=PAGE_KERNEL
246	;;
247	dep r2=0,r3,0,KERNEL_TR_PAGE_SHIFT
248	;;
249	or r18=r2,r18
250	;;
251	srlz.i
252	;;
253	itr.i itr[r16]=r18
254	;;
255	itr.d dtr[r16]=r18
256	;;
257	srlz.i
258
259	/*
260	 * Switch into virtual mode:
261	 */
262	movl r16=(IA64_PSR_IT|IA64_PSR_IC|IA64_PSR_DT|IA64_PSR_RT|IA64_PSR_DFH|IA64_PSR_BN \
263		  |IA64_PSR_DI)
264	;;
265	mov cr.ipsr=r16
266	movl r17=1f
267	;;
268	mov cr.iip=r17
269	mov cr.ifs=r0
270	;;
271	rfi
272	;;
2731:	// now we are in virtual mode
274
275	SET_AREA_FOR_BOOTING_CPU(r2, r16);
276
277	STORE_REGION_REGS(r16, r8,r9,r10,r11,r12,r13,r14,r15);
278	SAL_TO_OS_BOOT_HANDOFF_STATE_SAVE(r16,r17,r25)
279	;;
280
281	// set IVT entry point---can't access I/O ports without it
282	movl r3=ia64_ivt
283	;;
284	mov cr.iva=r3
285	movl r2=FPSR_DEFAULT
286	;;
287	srlz.i
288	movl gp=__gp
289
290	mov ar.fpsr=r2
291	;;
292
293#define isAP	p2	// are we an Application Processor?
294#define isBP	p3	// are we the Bootstrap Processor?
295
296#ifdef CONFIG_SMP
297	/*
298	 * Find the init_task for the currently booting CPU.  At poweron, and in
299	 * UP mode, task_for_booting_cpu is NULL.
300	 */
301	movl r3=task_for_booting_cpu
302 	;;
303	ld8 r3=[r3]
304	movl r2=init_task
305	;;
306	cmp.eq isBP,isAP=r3,r0
307	;;
308(isAP)	mov r2=r3
309#else
310	movl r2=init_task
311	cmp.eq isBP,isAP=r0,r0
312#endif
313	;;
314	tpa r3=r2		// r3 == phys addr of task struct
315	mov r16=-1
316(isBP)	br.cond.dpnt .load_current // BP stack is on region 5 --- no need to map it
317
318	// load mapping for stack (virtaddr in r2, physaddr in r3)
319	rsm psr.ic
320	movl r17=PAGE_KERNEL
321	;;
322	srlz.d
323	dep r18=0,r3,0,12
324	;;
325	or r18=r17,r18
326	dep r2=-1,r3,61,3	// IMVA of task
327	;;
328	mov r17=rr[r2]
329	shr.u r16=r3,IA64_GRANULE_SHIFT
330	;;
331	dep r17=0,r17,8,24
332	;;
333	mov cr.itir=r17
334	mov cr.ifa=r2
335
336	mov r19=IA64_TR_CURRENT_STACK
337	;;
338	itr.d dtr[r19]=r18
339	;;
340	ssm psr.ic
341	srlz.d
342  	;;
343
344.load_current:
345	// load the "current" pointer (r13) and ar.k6 with the current task
346	mov IA64_KR(CURRENT)=r2		// virtual address
347	mov IA64_KR(CURRENT_STACK)=r16
348	mov r13=r2
349	/*
350	 * Reserve space at the top of the stack for "struct pt_regs".  Kernel
351	 * threads don't store interesting values in that structure, but the space
352	 * still needs to be there because time-critical stuff such as the context
353	 * switching can be implemented more efficiently (for example, __switch_to()
354	 * always sets the psr.dfh bit of the task it is switching to).
355	 */
356
357	addl r12=IA64_STK_OFFSET-IA64_PT_REGS_SIZE-16,r2
358	addl r2=IA64_RBS_OFFSET,r2	// initialize the RSE
359	mov ar.rsc=0		// place RSE in enforced lazy mode
360	;;
361	loadrs			// clear the dirty partition
362	movl r19=__phys_per_cpu_start
363	mov r18=PERCPU_PAGE_SIZE
364	;;
365#ifndef CONFIG_SMP
366	add r19=r19,r18
367	;;
368#else
369(isAP)	br.few 2f
370	movl r20=__cpu0_per_cpu
371	;;
372	shr.u r18=r18,3
3731:
374	ld8 r21=[r19],8;;
375	st8[r20]=r21,8
376	adds r18=-1,r18;;
377	cmp4.lt p7,p6=0,r18
378(p7)	br.cond.dptk.few 1b
379	mov r19=r20
380	;;
3812:
382#endif
383	tpa r19=r19
384	;;
385	.pred.rel.mutex isBP,isAP
386(isBP)	mov IA64_KR(PER_CPU_DATA)=r19	// per-CPU base for cpu0
387(isAP)	mov IA64_KR(PER_CPU_DATA)=r0	// clear physical per-CPU base
388	;;
389	mov ar.bspstore=r2	// establish the new RSE stack
390	;;
391	mov ar.rsc=0x3		// place RSE in eager mode
392
393(isBP)	dep r28=-1,r28,61,3	// make address virtual
394(isBP)	movl r2=ia64_boot_param
395	;;
396(isBP)	st8 [r2]=r28		// save the address of the boot param area passed by the bootloader
397
398#ifdef CONFIG_SMP
399(isAP)	br.call.sptk.many rp=start_secondary
400.ret0:
401(isAP)	br.cond.sptk self
402#endif
403
404	// This is executed by the bootstrap processor (bsp) only:
405
406	br.call.sptk.many rp=start_kernel
407.ret2:	addl r3=@ltoff(halt_msg),gp
408	;;
409	alloc r2=ar.pfs,8,0,2,0
410	;;
411	ld8 out0=[r3]
412	br.call.sptk.many b0=console_print
413
414self:	hint @pause
415	br.sptk.many self		// endless loop
416END(_start)
417
418	.text
419
420GLOBAL_ENTRY(ia64_save_debug_regs)
421	alloc r16=ar.pfs,1,0,0,0
422	mov r20=ar.lc			// preserve ar.lc
423	mov ar.lc=IA64_NUM_DBG_REGS-1
424	mov r18=0
425	add r19=IA64_NUM_DBG_REGS*8,in0
426	;;
4271:	mov r16=dbr[r18]
428#ifdef CONFIG_ITANIUM
429	;;
430	srlz.d
431#endif
432	mov r17=ibr[r18]
433	add r18=1,r18
434	;;
435	st8.nta [in0]=r16,8
436	st8.nta [r19]=r17,8
437	br.cloop.sptk.many 1b
438	;;
439	mov ar.lc=r20			// restore ar.lc
440	br.ret.sptk.many rp
441END(ia64_save_debug_regs)
442
443GLOBAL_ENTRY(ia64_load_debug_regs)
444	alloc r16=ar.pfs,1,0,0,0
445	lfetch.nta [in0]
446	mov r20=ar.lc			// preserve ar.lc
447	add r19=IA64_NUM_DBG_REGS*8,in0
448	mov ar.lc=IA64_NUM_DBG_REGS-1
449	mov r18=-1
450	;;
4511:	ld8.nta r16=[in0],8
452	ld8.nta r17=[r19],8
453	add r18=1,r18
454	;;
455	mov dbr[r18]=r16
456#ifdef CONFIG_ITANIUM
457	;;
458	srlz.d				// Errata 132 (NoFix status)
459#endif
460	mov ibr[r18]=r17
461	br.cloop.sptk.many 1b
462	;;
463	mov ar.lc=r20			// restore ar.lc
464	br.ret.sptk.many rp
465END(ia64_load_debug_regs)
466
467GLOBAL_ENTRY(__ia64_save_fpu)
468	alloc r2=ar.pfs,1,4,0,0
469	adds loc0=96*16-16,in0
470	adds loc1=96*16-16-128,in0
471	;;
472	stf.spill.nta [loc0]=f127,-256
473	stf.spill.nta [loc1]=f119,-256
474	;;
475	stf.spill.nta [loc0]=f111,-256
476	stf.spill.nta [loc1]=f103,-256
477	;;
478	stf.spill.nta [loc0]=f95,-256
479	stf.spill.nta [loc1]=f87,-256
480	;;
481	stf.spill.nta [loc0]=f79,-256
482	stf.spill.nta [loc1]=f71,-256
483	;;
484	stf.spill.nta [loc0]=f63,-256
485	stf.spill.nta [loc1]=f55,-256
486	adds loc2=96*16-32,in0
487	;;
488	stf.spill.nta [loc0]=f47,-256
489	stf.spill.nta [loc1]=f39,-256
490	adds loc3=96*16-32-128,in0
491	;;
492	stf.spill.nta [loc2]=f126,-256
493	stf.spill.nta [loc3]=f118,-256
494	;;
495	stf.spill.nta [loc2]=f110,-256
496	stf.spill.nta [loc3]=f102,-256
497	;;
498	stf.spill.nta [loc2]=f94,-256
499	stf.spill.nta [loc3]=f86,-256
500	;;
501	stf.spill.nta [loc2]=f78,-256
502	stf.spill.nta [loc3]=f70,-256
503	;;
504	stf.spill.nta [loc2]=f62,-256
505	stf.spill.nta [loc3]=f54,-256
506	adds loc0=96*16-48,in0
507	;;
508	stf.spill.nta [loc2]=f46,-256
509	stf.spill.nta [loc3]=f38,-256
510	adds loc1=96*16-48-128,in0
511	;;
512	stf.spill.nta [loc0]=f125,-256
513	stf.spill.nta [loc1]=f117,-256
514	;;
515	stf.spill.nta [loc0]=f109,-256
516	stf.spill.nta [loc1]=f101,-256
517	;;
518	stf.spill.nta [loc0]=f93,-256
519	stf.spill.nta [loc1]=f85,-256
520	;;
521	stf.spill.nta [loc0]=f77,-256
522	stf.spill.nta [loc1]=f69,-256
523	;;
524	stf.spill.nta [loc0]=f61,-256
525	stf.spill.nta [loc1]=f53,-256
526	adds loc2=96*16-64,in0
527	;;
528	stf.spill.nta [loc0]=f45,-256
529	stf.spill.nta [loc1]=f37,-256
530	adds loc3=96*16-64-128,in0
531	;;
532	stf.spill.nta [loc2]=f124,-256
533	stf.spill.nta [loc3]=f116,-256
534	;;
535	stf.spill.nta [loc2]=f108,-256
536	stf.spill.nta [loc3]=f100,-256
537	;;
538	stf.spill.nta [loc2]=f92,-256
539	stf.spill.nta [loc3]=f84,-256
540	;;
541	stf.spill.nta [loc2]=f76,-256
542	stf.spill.nta [loc3]=f68,-256
543	;;
544	stf.spill.nta [loc2]=f60,-256
545	stf.spill.nta [loc3]=f52,-256
546	adds loc0=96*16-80,in0
547	;;
548	stf.spill.nta [loc2]=f44,-256
549	stf.spill.nta [loc3]=f36,-256
550	adds loc1=96*16-80-128,in0
551	;;
552	stf.spill.nta [loc0]=f123,-256
553	stf.spill.nta [loc1]=f115,-256
554	;;
555	stf.spill.nta [loc0]=f107,-256
556	stf.spill.nta [loc1]=f99,-256
557	;;
558	stf.spill.nta [loc0]=f91,-256
559	stf.spill.nta [loc1]=f83,-256
560	;;
561	stf.spill.nta [loc0]=f75,-256
562	stf.spill.nta [loc1]=f67,-256
563	;;
564	stf.spill.nta [loc0]=f59,-256
565	stf.spill.nta [loc1]=f51,-256
566	adds loc2=96*16-96,in0
567	;;
568	stf.spill.nta [loc0]=f43,-256
569	stf.spill.nta [loc1]=f35,-256
570	adds loc3=96*16-96-128,in0
571	;;
572	stf.spill.nta [loc2]=f122,-256
573	stf.spill.nta [loc3]=f114,-256
574	;;
575	stf.spill.nta [loc2]=f106,-256
576	stf.spill.nta [loc3]=f98,-256
577	;;
578	stf.spill.nta [loc2]=f90,-256
579	stf.spill.nta [loc3]=f82,-256
580	;;
581	stf.spill.nta [loc2]=f74,-256
582	stf.spill.nta [loc3]=f66,-256
583	;;
584	stf.spill.nta [loc2]=f58,-256
585	stf.spill.nta [loc3]=f50,-256
586	adds loc0=96*16-112,in0
587	;;
588	stf.spill.nta [loc2]=f42,-256
589	stf.spill.nta [loc3]=f34,-256
590	adds loc1=96*16-112-128,in0
591	;;
592	stf.spill.nta [loc0]=f121,-256
593	stf.spill.nta [loc1]=f113,-256
594	;;
595	stf.spill.nta [loc0]=f105,-256
596	stf.spill.nta [loc1]=f97,-256
597	;;
598	stf.spill.nta [loc0]=f89,-256
599	stf.spill.nta [loc1]=f81,-256
600	;;
601	stf.spill.nta [loc0]=f73,-256
602	stf.spill.nta [loc1]=f65,-256
603	;;
604	stf.spill.nta [loc0]=f57,-256
605	stf.spill.nta [loc1]=f49,-256
606	adds loc2=96*16-128,in0
607	;;
608	stf.spill.nta [loc0]=f41,-256
609	stf.spill.nta [loc1]=f33,-256
610	adds loc3=96*16-128-128,in0
611	;;
612	stf.spill.nta [loc2]=f120,-256
613	stf.spill.nta [loc3]=f112,-256
614	;;
615	stf.spill.nta [loc2]=f104,-256
616	stf.spill.nta [loc3]=f96,-256
617	;;
618	stf.spill.nta [loc2]=f88,-256
619	stf.spill.nta [loc3]=f80,-256
620	;;
621	stf.spill.nta [loc2]=f72,-256
622	stf.spill.nta [loc3]=f64,-256
623	;;
624	stf.spill.nta [loc2]=f56,-256
625	stf.spill.nta [loc3]=f48,-256
626	;;
627	stf.spill.nta [loc2]=f40
628	stf.spill.nta [loc3]=f32
629	br.ret.sptk.many rp
630END(__ia64_save_fpu)
631
632GLOBAL_ENTRY(__ia64_load_fpu)
633	alloc r2=ar.pfs,1,2,0,0
634	adds r3=128,in0
635	adds r14=256,in0
636	adds r15=384,in0
637	mov loc0=512
638	mov loc1=-1024+16
639	;;
640	ldf.fill.nta f32=[in0],loc0
641	ldf.fill.nta f40=[ r3],loc0
642	ldf.fill.nta f48=[r14],loc0
643	ldf.fill.nta f56=[r15],loc0
644	;;
645	ldf.fill.nta f64=[in0],loc0
646	ldf.fill.nta f72=[ r3],loc0
647	ldf.fill.nta f80=[r14],loc0
648	ldf.fill.nta f88=[r15],loc0
649	;;
650	ldf.fill.nta f96=[in0],loc1
651	ldf.fill.nta f104=[ r3],loc1
652	ldf.fill.nta f112=[r14],loc1
653	ldf.fill.nta f120=[r15],loc1
654	;;
655	ldf.fill.nta f33=[in0],loc0
656	ldf.fill.nta f41=[ r3],loc0
657	ldf.fill.nta f49=[r14],loc0
658	ldf.fill.nta f57=[r15],loc0
659	;;
660	ldf.fill.nta f65=[in0],loc0
661	ldf.fill.nta f73=[ r3],loc0
662	ldf.fill.nta f81=[r14],loc0
663	ldf.fill.nta f89=[r15],loc0
664	;;
665	ldf.fill.nta f97=[in0],loc1
666	ldf.fill.nta f105=[ r3],loc1
667	ldf.fill.nta f113=[r14],loc1
668	ldf.fill.nta f121=[r15],loc1
669	;;
670	ldf.fill.nta f34=[in0],loc0
671	ldf.fill.nta f42=[ r3],loc0
672	ldf.fill.nta f50=[r14],loc0
673	ldf.fill.nta f58=[r15],loc0
674	;;
675	ldf.fill.nta f66=[in0],loc0
676	ldf.fill.nta f74=[ r3],loc0
677	ldf.fill.nta f82=[r14],loc0
678	ldf.fill.nta f90=[r15],loc0
679	;;
680	ldf.fill.nta f98=[in0],loc1
681	ldf.fill.nta f106=[ r3],loc1
682	ldf.fill.nta f114=[r14],loc1
683	ldf.fill.nta f122=[r15],loc1
684	;;
685	ldf.fill.nta f35=[in0],loc0
686	ldf.fill.nta f43=[ r3],loc0
687	ldf.fill.nta f51=[r14],loc0
688	ldf.fill.nta f59=[r15],loc0
689	;;
690	ldf.fill.nta f67=[in0],loc0
691	ldf.fill.nta f75=[ r3],loc0
692	ldf.fill.nta f83=[r14],loc0
693	ldf.fill.nta f91=[r15],loc0
694	;;
695	ldf.fill.nta f99=[in0],loc1
696	ldf.fill.nta f107=[ r3],loc1
697	ldf.fill.nta f115=[r14],loc1
698	ldf.fill.nta f123=[r15],loc1
699	;;
700	ldf.fill.nta f36=[in0],loc0
701	ldf.fill.nta f44=[ r3],loc0
702	ldf.fill.nta f52=[r14],loc0
703	ldf.fill.nta f60=[r15],loc0
704	;;
705	ldf.fill.nta f68=[in0],loc0
706	ldf.fill.nta f76=[ r3],loc0
707	ldf.fill.nta f84=[r14],loc0
708	ldf.fill.nta f92=[r15],loc0
709	;;
710	ldf.fill.nta f100=[in0],loc1
711	ldf.fill.nta f108=[ r3],loc1
712	ldf.fill.nta f116=[r14],loc1
713	ldf.fill.nta f124=[r15],loc1
714	;;
715	ldf.fill.nta f37=[in0],loc0
716	ldf.fill.nta f45=[ r3],loc0
717	ldf.fill.nta f53=[r14],loc0
718	ldf.fill.nta f61=[r15],loc0
719	;;
720	ldf.fill.nta f69=[in0],loc0
721	ldf.fill.nta f77=[ r3],loc0
722	ldf.fill.nta f85=[r14],loc0
723	ldf.fill.nta f93=[r15],loc0
724	;;
725	ldf.fill.nta f101=[in0],loc1
726	ldf.fill.nta f109=[ r3],loc1
727	ldf.fill.nta f117=[r14],loc1
728	ldf.fill.nta f125=[r15],loc1
729	;;
730	ldf.fill.nta f38 =[in0],loc0
731	ldf.fill.nta f46 =[ r3],loc0
732	ldf.fill.nta f54 =[r14],loc0
733	ldf.fill.nta f62 =[r15],loc0
734	;;
735	ldf.fill.nta f70 =[in0],loc0
736	ldf.fill.nta f78 =[ r3],loc0
737	ldf.fill.nta f86 =[r14],loc0
738	ldf.fill.nta f94 =[r15],loc0
739	;;
740	ldf.fill.nta f102=[in0],loc1
741	ldf.fill.nta f110=[ r3],loc1
742	ldf.fill.nta f118=[r14],loc1
743	ldf.fill.nta f126=[r15],loc1
744	;;
745	ldf.fill.nta f39 =[in0],loc0
746	ldf.fill.nta f47 =[ r3],loc0
747	ldf.fill.nta f55 =[r14],loc0
748	ldf.fill.nta f63 =[r15],loc0
749	;;
750	ldf.fill.nta f71 =[in0],loc0
751	ldf.fill.nta f79 =[ r3],loc0
752	ldf.fill.nta f87 =[r14],loc0
753	ldf.fill.nta f95 =[r15],loc0
754	;;
755	ldf.fill.nta f103=[in0]
756	ldf.fill.nta f111=[ r3]
757	ldf.fill.nta f119=[r14]
758	ldf.fill.nta f127=[r15]
759	br.ret.sptk.many rp
760END(__ia64_load_fpu)
761
762GLOBAL_ENTRY(__ia64_init_fpu)
763	stf.spill [sp]=f0		// M3
764	mov	 f32=f0			// F
765	nop.b	 0
766
767	ldfps	 f33,f34=[sp]		// M0
768	ldfps	 f35,f36=[sp]		// M1
769	mov      f37=f0			// F
770	;;
771
772	setf.s	 f38=r0			// M2
773	setf.s	 f39=r0			// M3
774	mov      f40=f0			// F
775
776	ldfps	 f41,f42=[sp]		// M0
777	ldfps	 f43,f44=[sp]		// M1
778	mov      f45=f0			// F
779
780	setf.s	 f46=r0			// M2
781	setf.s	 f47=r0			// M3
782	mov      f48=f0			// F
783
784	ldfps	 f49,f50=[sp]		// M0
785	ldfps	 f51,f52=[sp]		// M1
786	mov      f53=f0			// F
787
788	setf.s	 f54=r0			// M2
789	setf.s	 f55=r0			// M3
790	mov      f56=f0			// F
791
792	ldfps	 f57,f58=[sp]		// M0
793	ldfps	 f59,f60=[sp]		// M1
794	mov      f61=f0			// F
795
796	setf.s	 f62=r0			// M2
797	setf.s	 f63=r0			// M3
798	mov      f64=f0			// F
799
800	ldfps	 f65,f66=[sp]		// M0
801	ldfps	 f67,f68=[sp]		// M1
802	mov      f69=f0			// F
803
804	setf.s	 f70=r0			// M2
805	setf.s	 f71=r0			// M3
806	mov      f72=f0			// F
807
808	ldfps	 f73,f74=[sp]		// M0
809	ldfps	 f75,f76=[sp]		// M1
810	mov      f77=f0			// F
811
812	setf.s	 f78=r0			// M2
813	setf.s	 f79=r0			// M3
814	mov      f80=f0			// F
815
816	ldfps	 f81,f82=[sp]		// M0
817	ldfps	 f83,f84=[sp]		// M1
818	mov      f85=f0			// F
819
820	setf.s	 f86=r0			// M2
821	setf.s	 f87=r0			// M3
822	mov      f88=f0			// F
823
824	/*
825	 * When the instructions are cached, it would be faster to initialize
826	 * the remaining registers with simply mov instructions (F-unit).
827	 * This gets the time down to ~29 cycles.  However, this would use up
828	 * 33 bundles, whereas continuing with the above pattern yields
829	 * 10 bundles and ~30 cycles.
830	 */
831
832	ldfps	 f89,f90=[sp]		// M0
833	ldfps	 f91,f92=[sp]		// M1
834	mov      f93=f0			// F
835
836	setf.s	 f94=r0			// M2
837	setf.s	 f95=r0			// M3
838	mov      f96=f0			// F
839
840	ldfps	 f97,f98=[sp]		// M0
841	ldfps	 f99,f100=[sp]		// M1
842	mov      f101=f0		// F
843
844	setf.s	 f102=r0		// M2
845	setf.s	 f103=r0		// M3
846	mov      f104=f0		// F
847
848	ldfps	 f105,f106=[sp]		// M0
849	ldfps	 f107,f108=[sp]		// M1
850	mov      f109=f0		// F
851
852	setf.s	 f110=r0		// M2
853	setf.s	 f111=r0		// M3
854	mov      f112=f0		// F
855
856	ldfps	 f113,f114=[sp]		// M0
857	ldfps	 f115,f116=[sp]		// M1
858	mov      f117=f0		// F
859
860	setf.s	 f118=r0		// M2
861	setf.s	 f119=r0		// M3
862	mov      f120=f0		// F
863
864	ldfps	 f121,f122=[sp]		// M0
865	ldfps	 f123,f124=[sp]		// M1
866	mov      f125=f0		// F
867
868	setf.s	 f126=r0		// M2
869	setf.s	 f127=r0		// M3
870	br.ret.sptk.many rp		// F
871END(__ia64_init_fpu)
872
873/*
874 * Switch execution mode from virtual to physical
875 *
876 * Inputs:
877 *	r16 = new psr to establish
878 * Output:
879 *	r19 = old virtual address of ar.bsp
880 *	r20 = old virtual address of sp
881 *
882 * Note: RSE must already be in enforced lazy mode
883 */
884GLOBAL_ENTRY(ia64_switch_mode_phys)
885 {
886	rsm psr.i | psr.ic		// disable interrupts and interrupt collection
887	mov r15=ip
888 }
889	;;
890 {
891	flushrs				// must be first insn in group
892	srlz.i
893 }
894	;;
895	mov cr.ipsr=r16			// set new PSR
896	add r3=1f-ia64_switch_mode_phys,r15
897
898	mov r19=ar.bsp
899	mov r20=sp
900	mov r14=rp			// get return address into a general register
901	;;
902
903	// going to physical mode, use tpa to translate virt->phys
904	tpa r17=r19
905	tpa r3=r3
906	tpa sp=sp
907	tpa r14=r14
908	;;
909
910	mov r18=ar.rnat			// save ar.rnat
911	mov ar.bspstore=r17		// this steps on ar.rnat
912	mov cr.iip=r3
913	mov cr.ifs=r0
914	;;
915	mov ar.rnat=r18			// restore ar.rnat
916	rfi				// must be last insn in group
917	;;
9181:	mov rp=r14
919	br.ret.sptk.many rp
920END(ia64_switch_mode_phys)
921
922/*
923 * Switch execution mode from physical to virtual
924 *
925 * Inputs:
926 *	r16 = new psr to establish
927 *	r19 = new bspstore to establish
928 *	r20 = new sp to establish
929 *
930 * Note: RSE must already be in enforced lazy mode
931 */
932GLOBAL_ENTRY(ia64_switch_mode_virt)
933 {
934	rsm psr.i | psr.ic		// disable interrupts and interrupt collection
935	mov r15=ip
936 }
937	;;
938 {
939	flushrs				// must be first insn in group
940	srlz.i
941 }
942	;;
943	mov cr.ipsr=r16			// set new PSR
944	add r3=1f-ia64_switch_mode_virt,r15
945
946	mov r14=rp			// get return address into a general register
947	;;
948
949	// going to virtual
950	//   - for code addresses, set upper bits of addr to KERNEL_START
951	//   - for stack addresses, copy from input argument
952	movl r18=KERNEL_START
953	dep r3=0,r3,KERNEL_TR_PAGE_SHIFT,64-KERNEL_TR_PAGE_SHIFT
954	dep r14=0,r14,KERNEL_TR_PAGE_SHIFT,64-KERNEL_TR_PAGE_SHIFT
955	mov sp=r20
956	;;
957	or r3=r3,r18
958	or r14=r14,r18
959	;;
960
961	mov r18=ar.rnat			// save ar.rnat
962	mov ar.bspstore=r19		// this steps on ar.rnat
963	mov cr.iip=r3
964	mov cr.ifs=r0
965	;;
966	mov ar.rnat=r18			// restore ar.rnat
967	rfi				// must be last insn in group
968	;;
9691:	mov rp=r14
970	br.ret.sptk.many rp
971END(ia64_switch_mode_virt)
972
973GLOBAL_ENTRY(ia64_delay_loop)
974	.prologue
975{	nop 0			// work around GAS unwind info generation bug...
976	.save ar.lc,r2
977	mov r2=ar.lc
978	.body
979	;;
980	mov ar.lc=r32
981}
982	;;
983	// force loop to be 32-byte aligned (GAS bug means we cannot use .align
984	// inside function body without corrupting unwind info).
985{	nop 0 }
9861:	br.cloop.sptk.few 1b
987	;;
988	mov ar.lc=r2
989	br.ret.sptk.many rp
990END(ia64_delay_loop)
991
992/*
993 * Return a CPU-local timestamp in nano-seconds.  This timestamp is
994 * NOT synchronized across CPUs its return value must never be
995 * compared against the values returned on another CPU.  The usage in
996 * kernel/sched/core.c ensures that.
997 *
998 * The return-value of sched_clock() is NOT supposed to wrap-around.
999 * If it did, it would cause some scheduling hiccups (at the worst).
1000 * Fortunately, with a 64-bit cycle-counter ticking at 100GHz, even
1001 * that would happen only once every 5+ years.
1002 *
1003 * The code below basically calculates:
1004 *
1005 *   (ia64_get_itc() * local_cpu_data->nsec_per_cyc) >> IA64_NSEC_PER_CYC_SHIFT
1006 *
1007 * except that the multiplication and the shift are done with 128-bit
1008 * intermediate precision so that we can produce a full 64-bit result.
1009 */
1010GLOBAL_ENTRY(ia64_native_sched_clock)
1011	addl r8=THIS_CPU(ia64_cpu_info) + IA64_CPUINFO_NSEC_PER_CYC_OFFSET,r0
1012	mov.m r9=ar.itc		// fetch cycle-counter				(35 cyc)
1013	;;
1014	ldf8 f8=[r8]
1015	;;
1016	setf.sig f9=r9		// certain to stall, so issue it _after_ ldf8...
1017	;;
1018	xmpy.lu f10=f9,f8	// calculate low 64 bits of 128-bit product	(4 cyc)
1019	xmpy.hu f11=f9,f8	// calculate high 64 bits of 128-bit product
1020	;;
1021	getf.sig r8=f10		//						(5 cyc)
1022	getf.sig r9=f11
1023	;;
1024	shrp r8=r9,r8,IA64_NSEC_PER_CYC_SHIFT
1025	br.ret.sptk.many rp
1026END(ia64_native_sched_clock)
1027
1028#ifdef CONFIG_VIRT_CPU_ACCOUNTING_NATIVE
1029GLOBAL_ENTRY(cycle_to_nsec)
1030	alloc r16=ar.pfs,1,0,0,0
1031	addl r8=THIS_CPU(ia64_cpu_info) + IA64_CPUINFO_NSEC_PER_CYC_OFFSET,r0
1032	;;
1033	ldf8 f8=[r8]
1034	;;
1035	setf.sig f9=r32
1036	;;
1037	xmpy.lu f10=f9,f8	// calculate low 64 bits of 128-bit product	(4 cyc)
1038	xmpy.hu f11=f9,f8	// calculate high 64 bits of 128-bit product
1039	;;
1040	getf.sig r8=f10		//						(5 cyc)
1041	getf.sig r9=f11
1042	;;
1043	shrp r8=r9,r8,IA64_NSEC_PER_CYC_SHIFT
1044	br.ret.sptk.many rp
1045END(cycle_to_nsec)
1046#endif /* CONFIG_VIRT_CPU_ACCOUNTING_NATIVE */
1047
1048#ifdef CONFIG_IA64_BRL_EMU
1049
1050/*
1051 *  Assembly routines used by brl_emu.c to set preserved register state.
1052 */
1053
1054#define SET_REG(reg)				\
1055 GLOBAL_ENTRY(ia64_set_##reg);			\
1056	alloc r16=ar.pfs,1,0,0,0;		\
1057	mov reg=r32;				\
1058	;;					\
1059	br.ret.sptk.many rp;			\
1060 END(ia64_set_##reg)
1061
1062SET_REG(b1);
1063SET_REG(b2);
1064SET_REG(b3);
1065SET_REG(b4);
1066SET_REG(b5);
1067
1068#endif /* CONFIG_IA64_BRL_EMU */
1069
1070#ifdef CONFIG_SMP
1071
1072#ifdef CONFIG_HOTPLUG_CPU
1073GLOBAL_ENTRY(ia64_jump_to_sal)
1074	alloc r16=ar.pfs,1,0,0,0;;
1075	rsm psr.i  | psr.ic
1076{
1077	flushrs
1078	srlz.i
1079}
1080	tpa r25=in0
1081	movl r18=tlb_purge_done;;
1082	DATA_VA_TO_PA(r18);;
1083	mov b1=r18 	// Return location
1084	movl r18=ia64_do_tlb_purge;;
1085	DATA_VA_TO_PA(r18);;
1086	mov b2=r18 	// doing tlb_flush work
1087	mov ar.rsc=0  // Put RSE  in enforced lazy, LE mode
1088	movl r17=1f;;
1089	DATA_VA_TO_PA(r17);;
1090	mov cr.iip=r17
1091	movl r16=SAL_PSR_BITS_TO_SET;;
1092	mov cr.ipsr=r16
1093	mov cr.ifs=r0;;
1094	rfi;;			// note: this unmask MCA/INIT (psr.mc)
10951:
1096	/*
1097	 * Invalidate all TLB data/inst
1098	 */
1099	br.sptk.many b2;; // jump to tlb purge code
1100
1101tlb_purge_done:
1102	RESTORE_REGION_REGS(r25, r17,r18,r19);;
1103	RESTORE_REG(b0, r25, r17);;
1104	RESTORE_REG(b1, r25, r17);;
1105	RESTORE_REG(b2, r25, r17);;
1106	RESTORE_REG(b3, r25, r17);;
1107	RESTORE_REG(b4, r25, r17);;
1108	RESTORE_REG(b5, r25, r17);;
1109	ld8 r1=[r25],0x08;;
1110	ld8 r12=[r25],0x08;;
1111	ld8 r13=[r25],0x08;;
1112	RESTORE_REG(ar.fpsr, r25, r17);;
1113	RESTORE_REG(ar.pfs, r25, r17);;
1114	RESTORE_REG(ar.rnat, r25, r17);;
1115	RESTORE_REG(ar.unat, r25, r17);;
1116	RESTORE_REG(ar.bspstore, r25, r17);;
1117	RESTORE_REG(cr.dcr, r25, r17);;
1118	RESTORE_REG(cr.iva, r25, r17);;
1119	RESTORE_REG(cr.pta, r25, r17);;
1120	srlz.d;;	// required not to violate RAW dependency
1121	RESTORE_REG(cr.itv, r25, r17);;
1122	RESTORE_REG(cr.pmv, r25, r17);;
1123	RESTORE_REG(cr.cmcv, r25, r17);;
1124	RESTORE_REG(cr.lrr0, r25, r17);;
1125	RESTORE_REG(cr.lrr1, r25, r17);;
1126	ld8 r4=[r25],0x08;;
1127	ld8 r5=[r25],0x08;;
1128	ld8 r6=[r25],0x08;;
1129	ld8 r7=[r25],0x08;;
1130	ld8 r17=[r25],0x08;;
1131	mov pr=r17,-1;;
1132	RESTORE_REG(ar.lc, r25, r17);;
1133	/*
1134	 * Now Restore floating point regs
1135	 */
1136	ldf.fill.nta f2=[r25],16;;
1137	ldf.fill.nta f3=[r25],16;;
1138	ldf.fill.nta f4=[r25],16;;
1139	ldf.fill.nta f5=[r25],16;;
1140	ldf.fill.nta f16=[r25],16;;
1141	ldf.fill.nta f17=[r25],16;;
1142	ldf.fill.nta f18=[r25],16;;
1143	ldf.fill.nta f19=[r25],16;;
1144	ldf.fill.nta f20=[r25],16;;
1145	ldf.fill.nta f21=[r25],16;;
1146	ldf.fill.nta f22=[r25],16;;
1147	ldf.fill.nta f23=[r25],16;;
1148	ldf.fill.nta f24=[r25],16;;
1149	ldf.fill.nta f25=[r25],16;;
1150	ldf.fill.nta f26=[r25],16;;
1151	ldf.fill.nta f27=[r25],16;;
1152	ldf.fill.nta f28=[r25],16;;
1153	ldf.fill.nta f29=[r25],16;;
1154	ldf.fill.nta f30=[r25],16;;
1155	ldf.fill.nta f31=[r25],16;;
1156
1157	/*
1158	 * Now that we have done all the register restores
1159	 * we are now ready for the big DIVE to SAL Land
1160	 */
1161	ssm psr.ic;;
1162	srlz.d;;
1163	br.ret.sptk.many b0;;
1164END(ia64_jump_to_sal)
1165#endif /* CONFIG_HOTPLUG_CPU */
1166
1167#endif /* CONFIG_SMP */
1168