* [PATCH 0/8] Fix 8xx MMU/TLB
@ 2009-10-15 9:04 Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 1/8] 8xx: invalidate non present TLBs Joakim Tjernlund
` (2 more replies)
0 siblings, 3 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
Now updated with Scott's remarks.
There is still(probably) a trivial conflict in pte-8xx.h
Joakim Tjernlund (8):
8xx: invalidate non present TLBs
8xx: Update TLB asm so it behaves as linux mm expects.
8xx: Tag DAR with 0x00f0 to catch buggy instructions.
8xx: Fixup DAR from buggy dcbX instructions.
8xx: Add missing Guarded setting in DTLB Error.
8xx: Restore _PAGE_WRITETHRU
8xx: start using dcbX instructions in various copy routines
8xx: Remove DIRTY pte handling in DTLB Error.
arch/powerpc/include/asm/pte-8xx.h | 14 +-
arch/powerpc/kernel/head_8xx.S | 341 +++++++++++++++++++++++------------
arch/powerpc/kernel/misc_32.S | 18 --
arch/powerpc/lib/copy_32.S | 24 ---
arch/powerpc/mm/fault.c | 8 +-
5 files changed, 238 insertions(+), 167 deletions(-)
^ permalink raw reply [flat|nested] 32+ messages in thread
* [PATCH 1/8] 8xx: invalidate non present TLBs
2009-10-15 9:04 [PATCH 0/8] Fix 8xx MMU/TLB Joakim Tjernlund
@ 2009-10-15 9:04 ` Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 2/8] 8xx: Update TLB asm so it behaves as linux mm expects Joakim Tjernlund
2009-10-15 16:56 ` [PATCH 0/8] Fix 8xx MMU/TLB Rex Feany
2009-10-15 22:04 ` Scott Wood
2 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
8xx sometimes need to load a invalid/non-present TLBs in
it DTLB asm handler.
These must be invalidated separaly as linux mm don't.
---
arch/powerpc/mm/fault.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
diff --git a/arch/powerpc/mm/fault.c b/arch/powerpc/mm/fault.c
index 7699394..071e0ca 100644
--- a/arch/powerpc/mm/fault.c
+++ b/arch/powerpc/mm/fault.c
@@ -39,7 +39,7 @@
#include <asm/uaccess.h>
#include <asm/tlbflush.h>
#include <asm/siginfo.h>
-
+#include <mm/mmu_decl.h>
#ifdef CONFIG_KPROBES
static inline int notify_page_fault(struct pt_regs *regs)
@@ -243,6 +243,12 @@ good_area:
goto bad_area;
#endif /* CONFIG_6xx */
#if defined(CONFIG_8xx)
+ /* 8xx sometimes need to load a invalid/non-present TLBs.
+ * These must be invalidated separately as linux mm don't.
+ */
+ if (error_code & 0x40000000) /* no translation? */
+ _tlbil_va(address, 0, 0, 0);
+
/* The MPC8xx seems to always set 0x80000000, which is
* "undefined". Of those that can be set, this is the only
* one which seems bad.
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH 2/8] 8xx: Update TLB asm so it behaves as linux mm expects.
2009-10-15 9:04 ` [PATCH 1/8] 8xx: invalidate non present TLBs Joakim Tjernlund
@ 2009-10-15 9:04 ` Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 3/8] 8xx: Tag DAR with 0x00f0 to catch buggy instructions Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
Update the TLB asm to make proper use of _PAGE_DIRY and _PAGE_ACCESSED.
Get rid of _PAGE_HWWRITE too.
Pros:
- I/D TLB Miss never needs to write to the linux pte.
- _PAGE_ACCESSED is only set on TLB Error fixing accounting
- _PAGE_DIRTY is mapped to 0x100, the changed bit, and is set directly
when a page has been made dirty.
- Proper RO/RW mapping of user space.
- Free up 2 SW TLB bits in the linux pte(add back _PAGE_WRITETHRU ?)
- kernel RO/user NA support.
Cons:
- A few more instructions in the TLB Miss routines.
---
arch/powerpc/include/asm/pte-8xx.h | 13 ++---
arch/powerpc/kernel/head_8xx.S | 99 ++++++++++++++++++-----------------
2 files changed, 57 insertions(+), 55 deletions(-)
diff --git a/arch/powerpc/include/asm/pte-8xx.h b/arch/powerpc/include/asm/pte-8xx.h
index 8c6e312..f23cd15 100644
--- a/arch/powerpc/include/asm/pte-8xx.h
+++ b/arch/powerpc/include/asm/pte-8xx.h
@@ -32,22 +32,21 @@
#define _PAGE_FILE 0x0002 /* when !present: nonlinear file mapping */
#define _PAGE_NO_CACHE 0x0002 /* I: cache inhibit */
#define _PAGE_SHARED 0x0004 /* No ASID (context) compare */
+#define _PAGE_DIRTY 0x0100 /* C: page changed */
-/* These five software bits must be masked out when the entry is loaded
- * into the TLB.
+/* These 3 software bits must be masked out when the entry is loaded
+ * into the TLB, 2 SW bits left.
*/
#define _PAGE_EXEC 0x0008 /* software: i-cache coherency required */
#define _PAGE_GUARDED 0x0010 /* software: guarded access */
-#define _PAGE_DIRTY 0x0020 /* software: page changed */
-#define _PAGE_RW 0x0040 /* software: user write access allowed */
-#define _PAGE_ACCESSED 0x0080 /* software: page referenced */
+#define _PAGE_ACCESSED 0x0020 /* software: page referenced */
/* Setting any bits in the nibble with the follow two controls will
* require a TLB exception handler change. It is assumed unused bits
* are always zero.
*/
-#define _PAGE_HWWRITE 0x0100 /* h/w write enable: never set in Linux PTE */
-#define _PAGE_USER 0x0800 /* One of the PP bits, the other is USER&~RW */
+#define _PAGE_RW 0x0400 /* lsb PP bits, inverted in HW */
+#define _PAGE_USER 0x0800 /* msb PP bits */
#define _PMD_PRESENT 0x0001
#define _PMD_BAD 0x0ff0
diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index 52ff8c5..2011230 100644
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -333,26 +333,20 @@ InstructionTLBMiss:
mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
lwz r10, 0(r11) /* Get the pte */
-#ifdef CONFIG_SWAP
- /* do not set the _PAGE_ACCESSED bit of a non-present page */
- andi. r11, r10, _PAGE_PRESENT
- beq 4f
- ori r10, r10, _PAGE_ACCESSED
- mfspr r11, SPRN_MD_TWC /* get the pte address again */
- stw r10, 0(r11)
-4:
-#else
- ori r10, r10, _PAGE_ACCESSED
- stw r10, 0(r11)
-#endif
+ andi. r11, r10, _PAGE_ACCESSED | _PAGE_PRESENT
+ cmpwi cr0, r11, _PAGE_ACCESSED | _PAGE_PRESENT
+ bne- cr0, 2f
+
+ /* Clear PP lsb, 0x400 */
+ rlwinm r10, r10, 0, 22, 20
/* The Linux PTE won't go exactly into the MMU TLB.
- * Software indicator bits 21, 22 and 28 must be clear.
+ * Software indicator bits 22 and 28 must be clear.
* Software indicator bits 24, 25, 26, and 27 must be
* set. All other Linux PTE bits control the behavior
* of the MMU.
*/
-2: li r11, 0x00f0
+ li r11, 0x00f0
rlwimi r10, r11, 0, 24, 28 /* Set 24-27, clear 28 */
DO_8xx_CPU6(0x2d80, r3)
mtspr SPRN_MI_RPN, r10 /* Update TLB entry */
@@ -365,6 +359,22 @@ InstructionTLBMiss:
lwz r3, 8(r0)
#endif
rfi
+2:
+ mfspr r11, SPRN_SRR1
+ /* clear all error bits as TLB Miss
+ * sets a few unconditionally
+ */
+ rlwinm r11, r11, 0, 0xffff
+ mtspr SPRN_SRR1, r11
+
+ mfspr r10, SPRN_M_TW /* Restore registers */
+ lwz r11, 0(r0)
+ mtcr r11
+ lwz r11, 4(r0)
+#ifdef CONFIG_8xx_CPU6
+ lwz r3, 8(r0)
+#endif
+ b InstructionAccess
. = 0x1200
DataStoreTLBMiss:
@@ -409,21 +419,27 @@ DataStoreTLBMiss:
DO_8xx_CPU6(0x3b80, r3)
mtspr SPRN_MD_TWC, r11
-#ifdef CONFIG_SWAP
- /* do not set the _PAGE_ACCESSED bit of a non-present page */
- andi. r11, r10, _PAGE_PRESENT
- beq 4f
- ori r10, r10, _PAGE_ACCESSED
-4:
- /* and update pte in table */
-#else
- ori r10, r10, _PAGE_ACCESSED
-#endif
- mfspr r11, SPRN_MD_TWC /* get the pte address again */
- stw r10, 0(r11)
+ /* Both _PAGE_ACCESSED and _PAGE_PRESENT has to be set.
+ * We also need to know if the insn is a load/store, so:
+ * Clear _PAGE_PRESENT and load that which will
+ * trap into DTLB Error with store bit set accordinly.
+ */
+ /* PRESENT=0x1, ACCESSED=0x20
+ * r11 = ((r10 & PRESENT) & ((r10 & ACCESSED) >> 5));
+ * r10 = (r10 & ~PRESENT) | r11;
+ */
+ rlwinm r11, r10, 32-5, 31, 31
+ and r11, r11, r10
+ rlwimi r10, r11, 0, 31, 31
+
+ /* Honour kernel RO, User NA */
+ andi. r11, r10, _PAGE_USER | _PAGE_RW
+ bne- cr0, 5f
+ ori r10,r10, 0x200 /* Extended encoding, bit 22 */
+5: xori r10, r10, _PAGE_RW /* invert RW bit */
/* The Linux PTE won't go exactly into the MMU TLB.
- * Software indicator bits 21, 22 and 28 must be clear.
+ * Software indicator bits 22 and 28 must be clear.
* Software indicator bits 24, 25, 26, and 27 must be
* set. All other Linux PTE bits control the behavior
* of the MMU.
@@ -469,11 +485,12 @@ DataTLBError:
stw r10, 0(r0)
stw r11, 4(r0)
- /* First, make sure this was a store operation.
+ mfspr r11, SPRN_DSISR
+ andis. r11, r11, 0x4800 /* !translation or protection */
+ bne 2f /* branch if either is set */
+ /* Only Change bit left now, do it here as it is faster
+ * than trapping to the C fault handler.
*/
- mfspr r10, SPRN_DSISR
- andis. r11, r10, 0x0200 /* If set, indicates store op */
- beq 2f
/* The EA of a data TLB miss is automatically stored in the MD_EPN
* register. The EA of a data TLB error is automatically stored in
@@ -522,26 +539,12 @@ DataTLBError:
mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
lwz r10, 0(r11) /* Get the pte */
- andi. r11, r10, _PAGE_RW /* Is it writeable? */
- beq 2f /* Bail out if not */
-
- /* Update 'changed', among others.
- */
-#ifdef CONFIG_SWAP
- ori r10, r10, _PAGE_DIRTY|_PAGE_HWWRITE
- /* do not set the _PAGE_ACCESSED bit of a non-present page */
- andi. r11, r10, _PAGE_PRESENT
- beq 4f
- ori r10, r10, _PAGE_ACCESSED
-4:
-#else
- ori r10, r10, _PAGE_DIRTY|_PAGE_ACCESSED|_PAGE_HWWRITE
-#endif
- mfspr r11, SPRN_MD_TWC /* Get pte address again */
+ ori r10, r10, _PAGE_DIRTY | _PAGE_ACCESSED | _PAGE_HWWRITE
stw r10, 0(r11) /* and update pte in table */
+ xori r10, r10, _PAGE_RW /* RW bit is inverted */
/* The Linux PTE won't go exactly into the MMU TLB.
- * Software indicator bits 21, 22 and 28 must be clear.
+ * Software indicator bits 22 and 28 must be clear.
* Software indicator bits 24, 25, 26, and 27 must be
* set. All other Linux PTE bits control the behavior
* of the MMU.
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH 3/8] 8xx: Tag DAR with 0x00f0 to catch buggy instructions.
2009-10-15 9:04 ` [PATCH 2/8] 8xx: Update TLB asm so it behaves as linux mm expects Joakim Tjernlund
@ 2009-10-15 9:04 ` Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 4/8] 8xx: Fixup DAR from buggy dcbX instructions Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
dcbz, dcbf, dcbi, dcbst and icbi do not set DAR when they
cause a DTLB Error. Dectect this by tagging DAR with 0x00f0
at every exception exit that modifies DAR.
Test for DAR=0x00f0 in DataTLBError and bail
to handle_page_fault().
---
arch/powerpc/kernel/head_8xx.S | 15 ++++++++++++++-
1 files changed, 14 insertions(+), 1 deletions(-)
diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index 2011230..bca22fa 100644
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -206,6 +206,8 @@ MachineCheck:
EXCEPTION_PROLOG
mfspr r4,SPRN_DAR
stw r4,_DAR(r11)
+ li r5,0x00f0
+ mtspr SPRN_DAR,r5 /* Tag DAR, to be used in DTLB Error */
mfspr r5,SPRN_DSISR
stw r5,_DSISR(r11)
addi r3,r1,STACK_FRAME_OVERHEAD
@@ -222,6 +224,8 @@ DataAccess:
stw r10,_DSISR(r11)
mr r5,r10
mfspr r4,SPRN_DAR
+ li r10,0x00f0
+ mtspr SPRN_DAR,r10 /* Tag DAR, to be used in DTLB Error */
EXC_XFER_EE_LITE(0x300, handle_page_fault)
/* Instruction access exception.
@@ -244,6 +248,8 @@ Alignment:
EXCEPTION_PROLOG
mfspr r4,SPRN_DAR
stw r4,_DAR(r11)
+ li r5,0x00f0
+ mtspr SPRN_DAR,r5 /* Tag DAR, to be used in DTLB Error */
mfspr r5,SPRN_DSISR
stw r5,_DSISR(r11)
addi r3,r1,STACK_FRAME_OVERHEAD
@@ -445,6 +451,7 @@ DataStoreTLBMiss:
* of the MMU.
*/
2: li r11, 0x00f0
+ mtspr SPRN_DAR,r11 /* Tag DAR */
rlwimi r10, r11, 0, 24, 28 /* Set 24-27, clear 28 */
DO_8xx_CPU6(0x3d80, r3)
mtspr SPRN_MD_RPN, r10 /* Update TLB entry */
@@ -485,6 +492,10 @@ DataTLBError:
stw r10, 0(r0)
stw r11, 4(r0)
+ mfspr r10, SPRN_DAR
+ cmpwi cr0, r10, 0x00f0
+ beq- 2f /* must be a buggy dcbX, icbi insn. */
+
mfspr r11, SPRN_DSISR
andis. r11, r11, 0x4800 /* !translation or protection */
bne 2f /* branch if either is set */
@@ -508,7 +519,8 @@ DataTLBError:
* are initialized in mapin_ram(). This will avoid the problem,
* assuming we only use the dcbi instruction on kernel addresses.
*/
- mfspr r10, SPRN_DAR
+
+ /* DAR is in r10 already */
rlwinm r11, r10, 0, 0, 19
ori r11, r11, MD_EVALID
mfspr r10, SPRN_M_CASID
@@ -550,6 +562,7 @@ DataTLBError:
* of the MMU.
*/
li r11, 0x00f0
+ mtspr SPRN_DAR,r11 /* Tag DAR */
rlwimi r10, r11, 0, 24, 28 /* Set 24-27, clear 28 */
DO_8xx_CPU6(0x3d80, r3)
mtspr SPRN_MD_RPN, r10 /* Update TLB entry */
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH 4/8] 8xx: Fixup DAR from buggy dcbX instructions.
2009-10-15 9:04 ` [PATCH 3/8] 8xx: Tag DAR with 0x00f0 to catch buggy instructions Joakim Tjernlund
@ 2009-10-15 9:04 ` Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 5/8] 8xx: Add missing Guarded setting in DTLB Error Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
This is an assembler version to fixup DAR not being set
by dcbX, icbi instructions. There are two versions, one
uses selfmodifing code, the other uses a
jump table but is much bigger(default).
---
arch/powerpc/kernel/head_8xx.S | 180 +++++++++++++++++++++++++++++++++++++++-
1 files changed, 176 insertions(+), 4 deletions(-)
diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index bca22fa..320f333 100644
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -494,11 +494,16 @@ DataTLBError:
mfspr r10, SPRN_DAR
cmpwi cr0, r10, 0x00f0
- beq- 2f /* must be a buggy dcbX, icbi insn. */
-
+ beq- FixupDAR /* must be a buggy dcbX, icbi insn. */
+DARFixed:/* Return from dcbx instruction bug workaround, r10 holds value of DAR */
mfspr r11, SPRN_DSISR
- andis. r11, r11, 0x4800 /* !translation or protection */
- bne 2f /* branch if either is set */
+ /* As the DAR fixup may clear store we may have all 3 states zero.
+ * Make sure only 0x0200(store) falls down into DIRTY handling
+ */
+ andis. r11, r11, 0x4a00 /* !translation, protection or store */
+ srwi r11, r11, 16
+ cmpwi cr0, r11, 0x0200 /* just store ? */
+ bne 2f
/* Only Change bit left now, do it here as it is faster
* than trapping to the C fault handler.
*/
@@ -604,6 +609,173 @@ DataTLBError:
. = 0x2000
+/* This is the procedure to calculate the data EA for buggy dcbx,dcbi instructions
+ * by decoding the registers used by the dcbx instruction and adding them.
+ * DAR is set to the calculated address and r10 also holds the EA on exit.
+ */
+#define NO_SELF_MODIFYING_CODE /* define if you don't want to use self modifying code */
+ nop /* A few nops to make the modified_instr: space below cache line aligned */
+ nop
+139: /* fetch instruction from userspace memory */
+ DO_8xx_CPU6(0x3780, r3)
+ mtspr SPRN_MD_EPN, r10
+ mfspr r11, SPRN_M_TWB /* Get level 1 table entry address */
+ lwz r11, 0(r11) /* Get the level 1 entry */
+ tophys (r11, r11)
+ DO_8xx_CPU6(0x3b80, r3)
+ mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
+ mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
+ lwz r11, 0(r11) /* Get the pte */
+ /* concat physical page address(r11) and page offset(r10) */
+ rlwimi r11, r10, 0, 20, 31
+ b 140f
+FixupDAR: /* Entry point for dcbx workaround. */
+ /* fetch instruction from memory. */
+ mfspr r10, SPRN_SRR0
+ andis. r11, r10, 0x8000
+ tophys (r11, r10)
+ beq- 139b /* Branch if user space address */
+140: lwz r11,0(r11)
+/* Check if it really is a dcbx instruction. */
+/* dcbt and dcbtst does not generate DTLB Misses/Errors,
+ * no need to include them here */
+ srwi r10, r11, 26 /* check if major OP code is 31 */
+ cmpwi cr0, r10, 31
+ bne- 141f
+ rlwinm r10, r11, 0, 21, 30
+ cmpwi cr0, r10, 2028 /* Is dcbz? */
+ beq+ 142f
+ cmpwi cr0, r10, 940 /* Is dcbi? */
+ beq+ 142f
+ cmpwi cr0, r10, 108 /* Is dcbst? */
+ beq+ 144f /* Fix up store bit! */
+ cmpwi cr0, r10, 172 /* Is dcbf? */
+ beq+ 142f
+ cmpwi cr0, r10, 1964 /* Is icbi? */
+ beq+ 142f
+141: mfspr r10, SPRN_DAR /* r10 must hold DAR at exit */
+ b DARfix /* Nope, go back to normal TLB processing */
+
+144: mfspr r10, SPRN_DSISR
+ rlwinm r10, r10,0,7,5 /* Clear store bit for buggy dcbst insn */
+ mtspr SPRN_DSISR, r10
+142: /* continue, it was a dcbx, dcbi instruction. */
+#ifdef CONFIG_8xx_CPU6
+ lwz r3, 8(r0) /* restore r3 from memory */
+#endif
+#ifndef NO_SELF_MODIFYING_CODE
+ andis. r10,r11,0x1f /* test if reg RA is r0 */
+ li r10,modified_instr@l
+ dcbtst r0,r10 /* touch for store */
+ rlwinm r11,r11,0,0,20 /* Zero lower 10 bits */
+ oris r11,r11,640 /* Transform instr. to a "add r10,RA,RB" */
+ ori r11,r11,532
+ stw r11,0(r10) /* store add/and instruction */
+ dcbf 0,r10 /* flush new instr. to memory. */
+ icbi 0,r10 /* invalidate instr. cache line */
+ lwz r11, 4(r0) /* restore r11 from memory */
+ mfspr r10, SPRN_M_TW /* restore r10 from M_TW */
+ isync /* Wait until new instr is loaded from memory */
+modified_instr:
+ .space 4 /* this is where the add/and instr. is stored */
+ bne+ 143f
+ subf r10,r0,r10 /* r10=r10-r0, only if reg RA is r0 */
+143: mtdar r10 /* store faulting EA in DAR */
+ b DARFixed /* Go back to normal TLB handling */
+#else
+ mfctr r10
+ mtdar r10 /* save ctr reg in DAR */
+ rlwinm r10, r11, 24, 24, 28 /* offset into jump table for reg RB */
+ addi r10, r10, 150f@l /* add start of table */
+ mtctr r10 /* load ctr with jump address */
+ xor r10, r10, r10 /* sum starts at zero */
+ bctr /* jump into table */
+150:
+ add r10, r10, r0
+ b 151f
+ add r10, r10, r1
+ b 151f
+ add r10, r10, r2
+ b 151f
+ add r10, r10, r3
+ b 151f
+ add r10, r10, r4
+ b 151f
+ add r10, r10, r5
+ b 151f
+ add r10, r10, r6
+ b 151f
+ add r10, r10, r7
+ b 151f
+ add r10, r10, r8
+ b 151f
+ add r10, r10, r9
+ b 151f
+ add r10, r10, r10
+ b 151f
+ add r10, r10, r11
+ b 151f
+ add r10, r10, r12
+ b 151f
+ add r10, r10, r13
+ b 151f
+ add r10, r10, r14
+ b 151f
+ add r10, r10, r15
+ b 151f
+ add r10, r10, r16
+ b 151f
+ add r10, r10, r17
+ b 151f
+ add r10, r10, r18
+ b 151f
+ add r10, r10, r19
+ b 151f
+ mtctr r11 /* r10 needs special handling */
+ b 154f
+ mtctr r11 /* r11 needs special handling */
+ b 153f
+ add r10, r10, r22
+ b 151f
+ add r10, r10, r23
+ b 151f
+ add r10, r10, r24
+ b 151f
+ add r10, r10, r25
+ b 151f
+ add r10, r10, r25
+ b 151f
+ add r10, r10, r27
+ b 151f
+ add r10, r10, r28
+ b 151f
+ add r10, r10, r29
+ b 151f
+ add r10, r10, r30
+ b 151f
+ add r10, r10, r31
+151:
+ rlwinm. r11,r11,19,24,28 /* offset into jump table for reg RA */
+ beq 152f /* if reg RA is zero, don't add it */
+ addi r11, r11, 150b@l /* add start of table */
+ mtctr r11 /* load ctr with jump address */
+ rlwinm r11,r11,0,16,10 /* make sure we don't execute this more than once */
+ bctr /* jump into table */
+152:
+ mfdar r11
+ mtctr r11 /* restore ctr reg from DAR */
+ mtdar r10 /* save fault EA to DAR */
+ b DARFixed /* Go back to normal TLB handling */
+
+ /* special handling for r10,r11 since these are modified already */
+153: lwz r11, 4(r0) /* load r11 from memory */
+ b 155f
+154: mfspr r11, SPRN_M_TW /* load r10 from M_TW */
+155: add r10, r10, r11 /* add it */
+ mfctr r11 /* restore r11 */
+ b 151b
+#endif
+
.globl giveup_fpu
giveup_fpu:
blr
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH 5/8] 8xx: Add missing Guarded setting in DTLB Error.
2009-10-15 9:04 ` [PATCH 4/8] 8xx: Fixup DAR from buggy dcbX instructions Joakim Tjernlund
@ 2009-10-15 9:04 ` Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 6/8] 8xx: Restore _PAGE_WRITETHRU Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
only DTLB Miss did set this bit, DTLB Error needs too otherwise
the setting is lost when the page becomes dirty.
---
arch/powerpc/kernel/head_8xx.S | 13 ++++++++++---
1 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index 320f333..a1512e9 100644
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -552,9 +552,16 @@ DARFixed:/* Return from dcbx instruction bug workaround, r10 holds value of DAR
*/
ori r11, r11, 1 /* Set valid bit in physical L2 page */
DO_8xx_CPU6(0x3b80, r3)
- mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
- mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
- lwz r10, 0(r11) /* Get the pte */
+ mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
+ mfspr r10, SPRN_MD_TWC /* ....and get the pte address */
+ lwz r10, 0(r10) /* Get the pte */
+ /* Insert the Guarded flag into the TWC from the Linux PTE.
+ * It is bit 27 of both the Linux PTE and the TWC
+ */
+ rlwimi r11, r10, 0, 27, 27
+ DO_8xx_CPU6(0x3b80, r3)
+ mtspr SPRN_MD_TWC, r11
+ mfspr r11, SPRN_MD_TWC /* get the pte address again */
ori r10, r10, _PAGE_DIRTY | _PAGE_ACCESSED | _PAGE_HWWRITE
stw r10, 0(r11) /* and update pte in table */
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH 6/8] 8xx: Restore _PAGE_WRITETHRU
2009-10-15 9:04 ` [PATCH 5/8] 8xx: Add missing Guarded setting in DTLB Error Joakim Tjernlund
@ 2009-10-15 9:04 ` Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 7/8] 8xx: start using dcbX instructions in various copy routines Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
8xx has not had WRITETHRU due to lack of bits in the pte.
After the recent rewrite of the 8xx TLB code, there are
two bits left. Use one of them to WRITETHRU.
Perhaps use the last SW bit to PAGE_SPECIAL or PAGE_FILE?
---
arch/powerpc/include/asm/pte-8xx.h | 5 +++--
arch/powerpc/kernel/head_8xx.S | 8 ++++++++
2 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/arch/powerpc/include/asm/pte-8xx.h b/arch/powerpc/include/asm/pte-8xx.h
index f23cd15..9349d83 100644
--- a/arch/powerpc/include/asm/pte-8xx.h
+++ b/arch/powerpc/include/asm/pte-8xx.h
@@ -34,12 +34,13 @@
#define _PAGE_SHARED 0x0004 /* No ASID (context) compare */
#define _PAGE_DIRTY 0x0100 /* C: page changed */
-/* These 3 software bits must be masked out when the entry is loaded
- * into the TLB, 2 SW bits left.
+/* These 4 software bits must be masked out when the entry is loaded
+ * into the TLB, 1 SW bit left(0x0080).
*/
#define _PAGE_EXEC 0x0008 /* software: i-cache coherency required */
#define _PAGE_GUARDED 0x0010 /* software: guarded access */
#define _PAGE_ACCESSED 0x0020 /* software: page referenced */
+#define _PAGE_WRITETHRU 0x0040 /* software: caching is write through */
/* Setting any bits in the nibble with the follow two controls will
* require a TLB exception handler change. It is assumed unused bits
diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index a1512e9..6fadc44 100644
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -422,6 +422,10 @@ DataStoreTLBMiss:
* above.
*/
rlwimi r11, r10, 0, 27, 27
+ /* Insert the WriteThru flag into the TWC from the Linux PTE.
+ * It is bit 25 in the Linux PTE and bit 30 in the TWC
+ */
+ rlwimi r11, r10, 32-5, 30, 30
DO_8xx_CPU6(0x3b80, r3)
mtspr SPRN_MD_TWC, r11
@@ -559,6 +563,10 @@ DARFixed:/* Return from dcbx instruction bug workaround, r10 holds value of DAR
* It is bit 27 of both the Linux PTE and the TWC
*/
rlwimi r11, r10, 0, 27, 27
+ /* Insert the WriteThru flag into the TWC from the Linux PTE.
+ * It is bit 25 in the Linux PTE and bit 30 in the TWC
+ */
+ rlwimi r11, r10, 32-5, 30, 30
DO_8xx_CPU6(0x3b80, r3)
mtspr SPRN_MD_TWC, r11
mfspr r11, SPRN_MD_TWC /* get the pte address again */
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH 7/8] 8xx: start using dcbX instructions in various copy routines
2009-10-15 9:04 ` [PATCH 6/8] 8xx: Restore _PAGE_WRITETHRU Joakim Tjernlund
@ 2009-10-15 9:04 ` Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 8/8] 8xx: Remove DIRTY pte handling in DTLB Error Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
Now that 8xx can fixup dcbX instructions, start using them
where possible like every other PowerPc arch do.
---
arch/powerpc/kernel/misc_32.S | 18 ------------------
arch/powerpc/lib/copy_32.S | 24 ------------------------
2 files changed, 0 insertions(+), 42 deletions(-)
diff --git a/arch/powerpc/kernel/misc_32.S b/arch/powerpc/kernel/misc_32.S
index 15f28e0..b92095e 100644
--- a/arch/powerpc/kernel/misc_32.S
+++ b/arch/powerpc/kernel/misc_32.S
@@ -495,15 +495,7 @@ _GLOBAL(clear_pages)
li r0,PAGE_SIZE/L1_CACHE_BYTES
slw r0,r0,r4
mtctr r0
-#ifdef CONFIG_8xx
- li r4, 0
-1: stw r4, 0(r3)
- stw r4, 4(r3)
- stw r4, 8(r3)
- stw r4, 12(r3)
-#else
1: dcbz 0,r3
-#endif
addi r3,r3,L1_CACHE_BYTES
bdnz 1b
blr
@@ -528,15 +520,6 @@ _GLOBAL(copy_page)
addi r3,r3,-4
addi r4,r4,-4
-#ifdef CONFIG_8xx
- /* don't use prefetch on 8xx */
- li r0,4096/L1_CACHE_BYTES
- mtctr r0
-1: COPY_16_BYTES
- bdnz 1b
- blr
-
-#else /* not 8xx, we can prefetch */
li r5,4
#if MAX_COPY_PREFETCH > 1
@@ -577,7 +560,6 @@ _GLOBAL(copy_page)
li r0,MAX_COPY_PREFETCH
li r11,4
b 2b
-#endif /* CONFIG_8xx */
/*
* void atomic_clear_mask(atomic_t mask, atomic_t *addr)
diff --git a/arch/powerpc/lib/copy_32.S b/arch/powerpc/lib/copy_32.S
index c657de5..74a7f41 100644
--- a/arch/powerpc/lib/copy_32.S
+++ b/arch/powerpc/lib/copy_32.S
@@ -98,20 +98,7 @@ _GLOBAL(cacheable_memzero)
bdnz 4b
3: mtctr r9
li r7,4
-#if !defined(CONFIG_8xx)
10: dcbz r7,r6
-#else
-10: stw r4, 4(r6)
- stw r4, 8(r6)
- stw r4, 12(r6)
- stw r4, 16(r6)
-#if CACHE_LINE_SIZE >= 32
- stw r4, 20(r6)
- stw r4, 24(r6)
- stw r4, 28(r6)
- stw r4, 32(r6)
-#endif /* CACHE_LINE_SIZE */
-#endif
addi r6,r6,CACHELINE_BYTES
bdnz 10b
clrlwi r5,r8,32-LG_CACHELINE_BYTES
@@ -200,9 +187,7 @@ _GLOBAL(cacheable_memcpy)
mtctr r0
beq 63f
53:
-#if !defined(CONFIG_8xx)
dcbz r11,r6
-#endif
COPY_16_BYTES
#if L1_CACHE_BYTES >= 32
COPY_16_BYTES
@@ -356,14 +341,6 @@ _GLOBAL(__copy_tofrom_user)
li r11,4
beq 63f
-#ifdef CONFIG_8xx
- /* Don't use prefetch on 8xx */
- mtctr r0
- li r0,0
-53: COPY_16_BYTES_WITHEX(0)
- bdnz 53b
-
-#else /* not CONFIG_8xx */
/* Here we decide how far ahead to prefetch the source */
li r3,4
cmpwi r0,1
@@ -416,7 +393,6 @@ _GLOBAL(__copy_tofrom_user)
li r3,4
li r7,0
bne 114b
-#endif /* CONFIG_8xx */
63: srwi. r0,r5,2
mtctr r0
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* [PATCH 8/8] 8xx: Remove DIRTY pte handling in DTLB Error.
2009-10-15 9:04 ` [PATCH 7/8] 8xx: start using dcbX instructions in various copy routines Joakim Tjernlund
@ 2009-10-15 9:04 ` Joakim Tjernlund
0 siblings, 0 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-15 9:04 UTC (permalink / raw)
To: Scott Wood, Rex Feany, Benjamin Herrenschmidt, linuxppc-dev
There is no need to do set the DIRTY bit directly in DTLB Error.
Trap to do_page_fault() and let the generic MM code do the work.
---
arch/powerpc/kernel/head_8xx.S | 96 ----------------------------------------
1 files changed, 0 insertions(+), 96 deletions(-)
diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index 6fadc44..c60636e 100644
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -500,102 +500,6 @@ DataTLBError:
cmpwi cr0, r10, 0x00f0
beq- FixupDAR /* must be a buggy dcbX, icbi insn. */
DARFixed:/* Return from dcbx instruction bug workaround, r10 holds value of DAR */
- mfspr r11, SPRN_DSISR
- /* As the DAR fixup may clear store we may have all 3 states zero.
- * Make sure only 0x0200(store) falls down into DIRTY handling
- */
- andis. r11, r11, 0x4a00 /* !translation, protection or store */
- srwi r11, r11, 16
- cmpwi cr0, r11, 0x0200 /* just store ? */
- bne 2f
- /* Only Change bit left now, do it here as it is faster
- * than trapping to the C fault handler.
- */
-
- /* The EA of a data TLB miss is automatically stored in the MD_EPN
- * register. The EA of a data TLB error is automatically stored in
- * the DAR, but not the MD_EPN register. We must copy the 20 most
- * significant bits of the EA from the DAR to MD_EPN before we
- * start walking the page tables. We also need to copy the CASID
- * value from the M_CASID register.
- * Addendum: The EA of a data TLB error is _supposed_ to be stored
- * in DAR, but it seems that this doesn't happen in some cases, such
- * as when the error is due to a dcbi instruction to a page with a
- * TLB that doesn't have the changed bit set. In such cases, there
- * does not appear to be any way to recover the EA of the error
- * since it is neither in DAR nor MD_EPN. As a workaround, the
- * _PAGE_HWWRITE bit is set for all kernel data pages when the PTEs
- * are initialized in mapin_ram(). This will avoid the problem,
- * assuming we only use the dcbi instruction on kernel addresses.
- */
-
- /* DAR is in r10 already */
- rlwinm r11, r10, 0, 0, 19
- ori r11, r11, MD_EVALID
- mfspr r10, SPRN_M_CASID
- rlwimi r11, r10, 0, 28, 31
- DO_8xx_CPU6(0x3780, r3)
- mtspr SPRN_MD_EPN, r11
-
- mfspr r10, SPRN_M_TWB /* Get level 1 table entry address */
-
- /* If we are faulting a kernel address, we have to use the
- * kernel page tables.
- */
- andi. r11, r10, 0x0800
- beq 3f
- lis r11, swapper_pg_dir@h
- ori r11, r11, swapper_pg_dir@l
- rlwimi r10, r11, 0, 2, 19
-3:
- lwz r11, 0(r10) /* Get the level 1 entry */
- rlwinm. r10, r11,0,0,19 /* Extract page descriptor page address */
- beq 2f /* If zero, bail */
-
- /* We have a pte table, so fetch the pte from the table.
- */
- ori r11, r11, 1 /* Set valid bit in physical L2 page */
- DO_8xx_CPU6(0x3b80, r3)
- mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
- mfspr r10, SPRN_MD_TWC /* ....and get the pte address */
- lwz r10, 0(r10) /* Get the pte */
- /* Insert the Guarded flag into the TWC from the Linux PTE.
- * It is bit 27 of both the Linux PTE and the TWC
- */
- rlwimi r11, r10, 0, 27, 27
- /* Insert the WriteThru flag into the TWC from the Linux PTE.
- * It is bit 25 in the Linux PTE and bit 30 in the TWC
- */
- rlwimi r11, r10, 32-5, 30, 30
- DO_8xx_CPU6(0x3b80, r3)
- mtspr SPRN_MD_TWC, r11
- mfspr r11, SPRN_MD_TWC /* get the pte address again */
-
- ori r10, r10, _PAGE_DIRTY | _PAGE_ACCESSED | _PAGE_HWWRITE
- stw r10, 0(r11) /* and update pte in table */
- xori r10, r10, _PAGE_RW /* RW bit is inverted */
-
- /* The Linux PTE won't go exactly into the MMU TLB.
- * Software indicator bits 22 and 28 must be clear.
- * Software indicator bits 24, 25, 26, and 27 must be
- * set. All other Linux PTE bits control the behavior
- * of the MMU.
- */
- li r11, 0x00f0
- mtspr SPRN_DAR,r11 /* Tag DAR */
- rlwimi r10, r11, 0, 24, 28 /* Set 24-27, clear 28 */
- DO_8xx_CPU6(0x3d80, r3)
- mtspr SPRN_MD_RPN, r10 /* Update TLB entry */
-
- mfspr r10, SPRN_M_TW /* Restore registers */
- lwz r11, 0(r0)
- mtcr r11
- lwz r11, 4(r0)
-#ifdef CONFIG_8xx_CPU6
- lwz r3, 8(r0)
-#endif
- rfi
-2:
mfspr r10, SPRN_M_TW /* Restore registers */
lwz r11, 0(r0)
mtcr r11
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-15 9:04 [PATCH 0/8] Fix 8xx MMU/TLB Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 1/8] 8xx: invalidate non present TLBs Joakim Tjernlund
@ 2009-10-15 16:56 ` Rex Feany
2009-10-16 8:16 ` Joakim Tjernlund
2009-10-15 22:04 ` Scott Wood
2 siblings, 1 reply; 32+ messages in thread
From: Rex Feany @ 2009-10-15 16:56 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Scott Wood, linuxppc-dev
arch/powerpc/kernel/head_8xx.o: In function `FixupDAR':
/home/rfeany/src/lnxnm/linux-dev/arch/powerpc/kernel/head_8xx.S:576: undefined reference to `DARfix'
With all of your patches applied I have this problem:
open("/proc/mounts", O_RDONLY) = 3
fstat64(0x3, 0x7fc6ad58) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3001f000
read(3, 0x3001f000, 1024) = -1 EFAULT (Bad address)
exit_group(0) = ?
but it works fine with /dev/zero:
open("/dev/zero", O_RDONLY) = 3
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x30001000
read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1024) = 1024
If I revert "8xx: start using dcbX instructions in various copy
routines" then it works again. I think it is the cache instructions
added to __copy_tofrom_user: reading from /dev/zero is OK (it uses
__clear_user, no dcbX), but copy_to_user() fails.
It seems stable with all but the dcbX patch applied. I haven't been able
to crash it yet, anyway :)
take care!
/rex.
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-15 9:04 [PATCH 0/8] Fix 8xx MMU/TLB Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 1/8] 8xx: invalidate non present TLBs Joakim Tjernlund
2009-10-15 16:56 ` [PATCH 0/8] Fix 8xx MMU/TLB Rex Feany
@ 2009-10-15 22:04 ` Scott Wood
2 siblings, 0 replies; 32+ messages in thread
From: Scott Wood @ 2009-10-15 22:04 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: linuxppc-dev, Rex Feany
Joakim Tjernlund wrote:
> Now updated with Scott's remarks.
> There is still(probably) a trivial conflict in pte-8xx.h
>
> Joakim Tjernlund (8):
> 8xx: invalidate non present TLBs
> 8xx: Update TLB asm so it behaves as linux mm expects.
> 8xx: Tag DAR with 0x00f0 to catch buggy instructions.
> 8xx: Fixup DAR from buggy dcbX instructions.
> 8xx: Add missing Guarded setting in DTLB Error.
> 8xx: Restore _PAGE_WRITETHRU
> 8xx: start using dcbX instructions in various copy routines
> 8xx: Remove DIRTY pte handling in DTLB Error.
>
> arch/powerpc/include/asm/pte-8xx.h | 14 +-
> arch/powerpc/kernel/head_8xx.S | 341 +++++++++++++++++++++++------------
> arch/powerpc/kernel/misc_32.S | 18 --
> arch/powerpc/lib/copy_32.S | 24 ---
> arch/powerpc/mm/fault.c | 8 +-
> 5 files changed, 238 insertions(+), 167 deletions(-)
I still see the lockup with the dcbX patch. Reverting that (and with
Rex's patch) things look OK.
-Scott
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-15 16:56 ` [PATCH 0/8] Fix 8xx MMU/TLB Rex Feany
@ 2009-10-16 8:16 ` Joakim Tjernlund
2009-10-16 20:25 ` Rex Feany
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-16 8:16 UTC (permalink / raw)
To: Rex Feany; +Cc: Scott Wood, linuxppc-dev
Rex Feany <RFeany@mrv.com> wrote on 15/10/2009 18:56:50:
>
> arch/powerpc/kernel/head_8xx.o: In function `FixupDAR':
> /home/rfeany/src/lnxnm/linux-dev/arch/powerpc/kernel/head_8xx.S:576: undefined
> reference to `DARfix'
>
> With all of your patches applied I have this problem:
>
> open("/proc/mounts", O_RDONLY) = 3
> fstat64(0x3, 0x7fc6ad58) = 0
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x3001f000
> read(3, 0x3001f000, 1024) = -1 EFAULT (Bad address)
> exit_group(0) = ?
>
> but it works fine with /dev/zero:
>
> open("/dev/zero", O_RDONLY) = 3
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x30001000
> read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0
> \0"..., 1024) = 1024
>
> If I revert "8xx: start using dcbX instructions in various copy
> routines" then it works again. I think it is the cache instructions
> added to __copy_tofrom_user: reading from /dev/zero is OK (it uses
> __clear_user, no dcbX), but copy_to_user() fails.
Yes, only copy_tofrom_user will actually case a TLBError with
the dcbX insn.
>
> It seems stable with all but the dcbX patch applied. I haven't been able
> to crash it yet, anyway :)
Right, it is the pte table walk that is blowing up.
I just noted that 2.6 lacks a tophys() call in its table walk
so I removed that one(there is one more tophys call but I don't think
it should be removed).
Try this addon patch:
diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index 3df4a17..0e91da4 100644
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -540,7 +540,6 @@ DARFixed:/* Return from dcbx instruction bug workaround, r10 holds value of DAR
mtspr SPRN_MD_EPN, r10
mfspr r11, SPRN_M_TWB /* Get level 1 table entry address */
lwz r11, 0(r11) /* Get the level 1 entry */
- tophys (r11, r11)
DO_8xx_CPU6(0x3b80, r3)
mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-16 8:16 ` Joakim Tjernlund
@ 2009-10-16 20:25 ` Rex Feany
2009-10-17 11:24 ` Joakim Tjernlund
[not found] ` <OF2BB5EF59.1EE0A77D-ONC1257652.003D79DC-C1257652.003EA687@LocalDomain>
0 siblings, 2 replies; 32+ messages in thread
From: Rex Feany @ 2009-10-16 20:25 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Scott Wood, linuxppc-dev
Thus spake Joakim Tjernlund (joakim.tjernlund@transmode.se):
> Right, it is the pte table walk that is blowing up.
> I just noted that 2.6 lacks a tophys() call in its table walk
> so I removed that one(there is one more tophys call but I don't think
> it should be removed).
> Try this addon patch:
no difference
take care!
/rex.
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-16 20:25 ` Rex Feany
@ 2009-10-17 11:24 ` Joakim Tjernlund
[not found] ` <OF2BB5EF59.1EE0A77D-ONC1257652.003D79DC-C1257652.003EA687@LocalDomain>
1 sibling, 0 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-17 11:24 UTC (permalink / raw)
To: Rex Feany; +Cc: Scott Wood, linuxppc-dev
Rex Feany <RFeany@mrv.com> wrote on 16/10/2009 22:25:41:
>
> Thus spake Joakim Tjernlund (joakim.tjernlund@transmode.se):
>
> > Right, it is the pte table walk that is blowing up.
> > I just noted that 2.6 lacks a tophys() call in its table walk
> > so I removed that one(there is one more tophys call but I don't think
> > it should be removed).
> > Try this addon patch:
>
> no difference
OK, thinking a bit more, this part should not be executed as
copy_tofrom_user executes in kernel space.
Any chance you can stick a HW breakpoint on FixupDAR?
Perhaps there is something different with kernel
virtual address to phys address?
A simple topys() works in 2.4, but perhaps not in 2.6?
this is the part of interest:
FixupDAR: /* Entry point for dcbx workaround. */
/* fetch instruction from memory. */
mfspr r10, SPRN_SRR0
andis. r11, r10, 0x8000
tophys (r11, r10)
beq- 139b /* Branch if user space address */
140: lwz r11,0(r11)
If not kernel dcbX works, you could see if user space does.
Here is a start:
#include <errno.h>
#include <sys/mman.h>
#include <stdio.h>
dcbz(void const *ptr)
{
__asm__ ("dcbz 0, %0" : : "r" (ptr) : "memory");
}
dcbf(void const *ptr)
{
__asm__ ("dcbf 0, %0" : : "r" (ptr) : "memory");
}
dcbi(void const *ptr)
{
__asm__ ("dcbi 0, %0" : : "r" (ptr) : "memory");
}
dcbst(void const *ptr)
{
__asm__ ("dcbst 0, %0" : : "r" (ptr) : "memory");
}
icbi(void const *ptr)
{
__asm__ ("icbi 0, %0" : : "r" (ptr) : "memory");
}
dcbt(void const *ptr) /* no TLB Miss */
{
__asm__ ("dcbt 0, %0" : : "r" (ptr) : "memory");
}
dcbtst(void const *ptr) /* no TLB Miss */
{
__asm__ ("dcbtst 0, %0" : : "r" (ptr) : "memory");
}
static const unsigned long const a[16*4094] ;
main()
{
volatile unsigned long b, *ptr = &a[10*4096], *mptr;
b = *ptr;
mptr = mmap(NULL, 16*4094, PROT_WRITE | PROT_READ, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (mptr == MAP_FAILED)
printf("mmap failed:%s\n", strerror(errno));
ptr = mptr;
#if 0
dcbst(&a[2*4096]);
b = *ptr;
dcbf(&a[6*4096]);
b = *ptr;
dcbz(&a[4*4096]);
b = *ptr;
dcbst(&a[8*4096]);
dcbst(&a[8*4096]);
#endif
*ptr = 17;
printf("dcbst(ptr)\n"); fflush(stdout);
dcbst(ptr);
*(ptr+3+1024) = 18;
printf("dcbst(ptr+3*1024)\n"); fflush(stdout);
dcbst(ptr+3*1024);
printf("dcbt(ptr+5*1024)\n"); fflush(stdout);
dcbt(ptr+5*1024);
printf("dcbz(ptr+2*1024)\n"); fflush(stdout);
dcbf(&a[6*4096]);
printf("dcbz(&a[4*4096])\n"); fflush(stdout);
dcbz(&a[4*4096]); fflush(stdout);
printf("dcbf(&a[6*4096])\n"); fflush(stdout);
dcbf(&a[6*4096]);
//dcbz(ptr+2*1024);
//dcbi(&a[6*4096]);
//icbi(&a[8*4096]);
}
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
[not found] ` <OF2BB5EF59.1EE0A77D-ONC1257652.003D79DC-C1257652.003EA687@LocalDomain>
@ 2009-10-17 12:01 ` Joakim Tjernlund
2009-10-26 22:47 ` Benjamin Herrenschmidt
` (2 more replies)
0 siblings, 3 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-17 12:01 UTC (permalink / raw)
Cc: Scott Wood, Rex Feany, linuxppc-dev
Joakim Tjernlund/Transmode wrote on 17/10/2009 13:24:18:
>
> Rex Feany <RFeany@mrv.com> wrote on 16/10/2009 22:25:41:
> >
> > Thus spake Joakim Tjernlund (joakim.tjernlund@transmode.se):
> >
> > > Right, it is the pte table walk that is blowing up.
> > > I just noted that 2.6 lacks a tophys() call in its table walk
> > > so I removed that one(there is one more tophys call but I don't think
> > > it should be removed).
> > > Try this addon patch:
> >
> > no difference
> OK, thinking a bit more, this part should not be executed as
> copy_tofrom_user executes in kernel space.
>
> Any chance you can stick a HW breakpoint on FixupDAR?
> Perhaps there is something different with kernel
> virtual address to phys address?
> A simple topys() works in 2.4, but perhaps not in 2.6?
> this is the part of interest:
> FixupDAR: /* Entry point for dcbx workaround. */
> /* fetch instruction from memory. */
> mfspr r10, SPRN_SRR0
> andis. r11, r10, 0x8000
> tophys (r11, r10)
> beq- 139b /* Branch if user space address */
> 140: lwz r11,0(r11)
Probably better to walk the kernel page table too. Does this
make a difference(needs the tophys() patch I posted earlier):
>From 862dda30c3d3d3bedcc605e8520626408a26891c Mon Sep 17 00:00:00 2001
From: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
Date: Sat, 17 Oct 2009 13:54:03 +0200
Subject: [PATCH] 8xx: Walk the page table for kernel addresses too.
---
arch/powerpc/kernel/head_8xx.S | 25 ++++++++++++-------------
1 files changed, 12 insertions(+), 13 deletions(-)
diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
index 0e91da4..edc9e9b 100644
--- a/arch/powerpc/kernel/head_8xx.S
+++ b/arch/powerpc/kernel/head_8xx.S
@@ -532,28 +532,27 @@ DARFixed:/* Return from dcbx instruction bug workaround, r10 holds value of DAR
* by decoding the registers used by the dcbx instruction and adding them.
* DAR is set to the calculated address and r10 also holds the EA on exit.
*/
-#define NO_SELF_MODIFYING_CODE /* define if you don't want to use self modifying code */
- nop /* A few nops to make the modified_instr: space below cache line aligned */
- nop
-139: /* fetch instruction from userspace memory */
+ /* define if you don't want to use self modifying code */
+#define NO_SELF_MODIFYING_CODE
+FixupDAR:/* Entry point for dcbx workaround. */
+ /* fetch instruction from memory. */
+ mfspr r10, SPRN_SRR0
DO_8xx_CPU6(0x3780, r3)
mtspr SPRN_MD_EPN, r10
mfspr r11, SPRN_M_TWB /* Get level 1 table entry address */
- lwz r11, 0(r11) /* Get the level 1 entry */
+ cmplwi cr0, r11, 0x0800
+ blt- 3f /* Branch if user space */
+ lis r11, swapper_pg_dir@h
+ ori r11, r11, swapper_pg_dir@l
+ rlwimi r11, r11, 0, 2, 19
+3: lwz r11, 0(r11) /* Get the level 1 entry */
DO_8xx_CPU6(0x3b80, r3)
mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
lwz r11, 0(r11) /* Get the pte */
/* concat physical page address(r11) and page offset(r10) */
rlwimi r11, r10, 0, 20, 31
- b 140f
-FixupDAR: /* Entry point for dcbx workaround. */
- /* fetch instruction from memory. */
- mfspr r10, SPRN_SRR0
- andis. r11, r10, 0x8000
- tophys (r11, r10)
- beq- 139b /* Branch if user space address */
-140: lwz r11,0(r11)
+ lwz r11,0(r11)
/* Check if it really is a dcbx instruction. */
/* dcbt and dcbtst does not generate DTLB Misses/Errors,
* no need to include them here */
--
1.6.4.4
^ permalink raw reply related [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-17 12:01 ` Joakim Tjernlund
@ 2009-10-26 22:47 ` Benjamin Herrenschmidt
2009-10-26 23:26 ` Dan Malek
2009-10-30 0:12 ` Scott Wood
2009-10-30 17:16 ` Scott Wood
2 siblings, 1 reply; 32+ messages in thread
From: Benjamin Herrenschmidt @ 2009-10-26 22:47 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Scott Wood, linuxppc-dev, Rex Feany
> Probably better to walk the kernel page table too. Does this
> make a difference(needs the tophys() patch I posted earlier):
This whole thing would be a -lot- easier to do from C code. Why ? Simply
because you could just use get_user() to load the instruction rather
than doing this page table walking in asm, which is simpler, faster, and
more fool proof (ok, you do pay the price of a kernel entry/exit
instead, but I still believe that code simplicity and maintainability
wins here).
Ben.
> >From 862dda30c3d3d3bedcc605e8520626408a26891c Mon Sep 17 00:00:00 2001
> From: Joakim Tjernlund <Joakim.Tjernlund@transmode.se>
> Date: Sat, 17 Oct 2009 13:54:03 +0200
> Subject: [PATCH] 8xx: Walk the page table for kernel addresses too.
>
> ---
> arch/powerpc/kernel/head_8xx.S | 25 ++++++++++++-------------
> 1 files changed, 12 insertions(+), 13 deletions(-)
>
> diff --git a/arch/powerpc/kernel/head_8xx.S b/arch/powerpc/kernel/head_8xx.S
> index 0e91da4..edc9e9b 100644
> --- a/arch/powerpc/kernel/head_8xx.S
> +++ b/arch/powerpc/kernel/head_8xx.S
> @@ -532,28 +532,27 @@ DARFixed:/* Return from dcbx instruction bug workaround, r10 holds value of DAR
> * by decoding the registers used by the dcbx instruction and adding them.
> * DAR is set to the calculated address and r10 also holds the EA on exit.
> */
> -#define NO_SELF_MODIFYING_CODE /* define if you don't want to use self modifying code */
> - nop /* A few nops to make the modified_instr: space below cache line aligned */
> - nop
> -139: /* fetch instruction from userspace memory */
> + /* define if you don't want to use self modifying code */
> +#define NO_SELF_MODIFYING_CODE
> +FixupDAR:/* Entry point for dcbx workaround. */
> + /* fetch instruction from memory. */
> + mfspr r10, SPRN_SRR0
> DO_8xx_CPU6(0x3780, r3)
> mtspr SPRN_MD_EPN, r10
> mfspr r11, SPRN_M_TWB /* Get level 1 table entry address */
> - lwz r11, 0(r11) /* Get the level 1 entry */
> + cmplwi cr0, r11, 0x0800
> + blt- 3f /* Branch if user space */
> + lis r11, swapper_pg_dir@h
> + ori r11, r11, swapper_pg_dir@l
> + rlwimi r11, r11, 0, 2, 19
> +3: lwz r11, 0(r11) /* Get the level 1 entry */
> DO_8xx_CPU6(0x3b80, r3)
> mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
> mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
> lwz r11, 0(r11) /* Get the pte */
> /* concat physical page address(r11) and page offset(r10) */
> rlwimi r11, r10, 0, 20, 31
> - b 140f
> -FixupDAR: /* Entry point for dcbx workaround. */
> - /* fetch instruction from memory. */
> - mfspr r10, SPRN_SRR0
> - andis. r11, r10, 0x8000
> - tophys (r11, r10)
> - beq- 139b /* Branch if user space address */
> -140: lwz r11,0(r11)
> + lwz r11,0(r11)
> /* Check if it really is a dcbx instruction. */
> /* dcbt and dcbtst does not generate DTLB Misses/Errors,
> * no need to include them here */
> --
> 1.6.4.4
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-26 22:47 ` Benjamin Herrenschmidt
@ 2009-10-26 23:26 ` Dan Malek
2009-10-27 0:00 ` Benjamin Herrenschmidt
0 siblings, 1 reply; 32+ messages in thread
From: Dan Malek @ 2009-10-26 23:26 UTC (permalink / raw)
To: Benjamin Herrenschmidt; +Cc: Scott Wood, linuxppc-dev, Rex Feany
On Oct 26, 2009, at 3:47 PM, Benjamin Herrenschmidt wrote:
> This whole thing would be a -lot- easier to do from C code. Why ?
> Simply
> because you could just use get_user() to load the instruction rather
> than doing this page table walking in asm,
Just be careful the get_user() doesn't regenerate the same
translation error you are trying to fix by being here......
It is nice doing things in C code, but you have to be aware
of the environment and the side effects when in this kind
of exception state.
Thanks.
-- Dan
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-26 23:26 ` Dan Malek
@ 2009-10-27 0:00 ` Benjamin Herrenschmidt
2009-10-27 9:16 ` Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Benjamin Herrenschmidt @ 2009-10-27 0:00 UTC (permalink / raw)
To: Dan Malek; +Cc: Scott Wood, linuxppc-dev, Rex Feany
On Mon, 2009-10-26 at 16:26 -0700, Dan Malek wrote:
> Just be careful the get_user() doesn't regenerate the same
> translation error you are trying to fix by being here......
It shouldn't since it will always come up with a proper DAR but
you may want to double check before hand that your instruction
address you are loading from is -not- your marker value for bad DAR.
> It is nice doing things in C code, but you have to be aware
> of the environment and the side effects when in this kind
Yup.
Cheers,
Ben.
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-27 0:00 ` Benjamin Herrenschmidt
@ 2009-10-27 9:16 ` Joakim Tjernlund
2009-10-27 15:58 ` Scott Wood
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-27 9:16 UTC (permalink / raw)
To: Benjamin Herrenschmidt; +Cc: Scott Wood, linuxppc-dev, Rex Feany
Benjamin Herrenschmidt <benh@kernel.crashing.org> wrote on 27/10/2009 01:00:53:
>
> On Mon, 2009-10-26 at 16:26 -0700, Dan Malek wrote:
> > Just be careful the get_user() doesn't regenerate the same
> > translation error you are trying to fix by being here......
yes, I had some problems with this initially but managed to work around that.
I noticed another problem though, I got multiple TLB errors for the same
address when I did it in C. Noticed by just printk:ing every hit
for a dcbX insn in do_page_fault. I can't explain it, but it seems
like when moving to C you have to execute a rfi insn and that might somehow
restart the dcbX insn before moving on to the page fault routine(or something
totally different)
>
> It shouldn't since it will always come up with a proper DAR but
> you may want to double check before hand that your instruction
> address you are loading from is -not- your marker value for bad DAR.
hmm, I check that the insn really is a dcbX insn, but not that the address is
!= 0x00f0. Don't see how it could be as if something is wrong with
the insn address you get ITLB error instead of a DTLB error.
Anyhow, things seems stalled as I haven't heard from Scott or Rex for a while.
If this isn't working now, I really don't know what is wrong and need
some debugging help.
>
> > It is nice doing things in C code, but you have to be aware
> > of the environment and the side effects when in this kind
>
> Yup.
>
> Cheers,
> Ben.
>
>
>
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-27 9:16 ` Joakim Tjernlund
@ 2009-10-27 15:58 ` Scott Wood
2009-10-27 16:38 ` Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Scott Wood @ 2009-10-27 15:58 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Rex Feany, linuxppc-dev
On Tue, Oct 27, 2009 at 10:16:17AM +0100, Joakim Tjernlund wrote:
> Benjamin Herrenschmidt <benh@kernel.crashing.org> wrote on 27/10/2009 01:00:53:
> >
> > On Mon, 2009-10-26 at 16:26 -0700, Dan Malek wrote:
> > > Just be careful the get_user() doesn't regenerate the same
> > > translation error you are trying to fix by being here......
>
> yes, I had some problems with this initially but managed to work around
> that. I noticed another problem though, I got multiple TLB errors for the
> same address when I did it in C. Noticed by just printk:ing every hit for
> a dcbX insn in do_page_fault. I can't explain it, but it seems like when
> moving to C you have to execute a rfi insn and that might somehow restart
> the dcbX insn before moving on to the page fault routine(or something
> totally different)
The rfi should be to other kernel code -- there is no way that it should be
restarting the dcbX (other than when trying to turn a TLB miss into a TLB
error). Can you post the C version, maybe we can see what's going wrong?
Is the empty TLB entry from the miss getting invalidated in the dcbX fixup
case?
> > It shouldn't since it will always come up with a proper DAR but
> > you may want to double check before hand that your instruction
> > address you are loading from is -not- your marker value for bad DAR.
>
> hmm, I check that the insn really is a dcbX insn, but not that the address is
> != 0x00f0. Don't see how it could be as if something is wrong with
> the insn address you get ITLB error instead of a DTLB error.
I'm guessing he meant the data address you're loading.
> Anyhow, things seems stalled as I haven't heard from Scott or Rex for a
> while. If this isn't working now, I really don't know what is wrong and
> need some debugging help.
I'll test the latest version, but I have some scheduling latency. :-)
-Scott
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-27 15:58 ` Scott Wood
@ 2009-10-27 16:38 ` Joakim Tjernlund
0 siblings, 0 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-27 16:38 UTC (permalink / raw)
To: Scott Wood; +Cc: Rex Feany, linuxppc-dev
Scott Wood <scottwood@freescale.com> wrote on 27/10/2009 16:58:41:
>
> On Tue, Oct 27, 2009 at 10:16:17AM +0100, Joakim Tjernlund wrote:
> > Benjamin Herrenschmidt <benh@kernel.crashing.org> wrote on 27/10/2009 01:00:53:
> > >
> > > On Mon, 2009-10-26 at 16:26 -0700, Dan Malek wrote:
> > > > Just be careful the get_user() doesn't regenerate the same
> > > > translation error you are trying to fix by being here......
> >
> > yes, I had some problems with this initially but managed to work around
> > that. I noticed another problem though, I got multiple TLB errors for the
> > same address when I did it in C. Noticed by just printk:ing every hit for
> > a dcbX insn in do_page_fault. I can't explain it, but it seems like when
> > moving to C you have to execute a rfi insn and that might somehow restart
> > the dcbX insn before moving on to the page fault routine(or something
> > totally different)
>
> The rfi should be to other kernel code -- there is no way that it should be
> restarting the dcbX (other than when trying to turn a TLB miss into a TLB
> error). Can you post the C version, maybe we can see what's going wrong?
I don't have it for 2.6 and I never did cleanup up my 2.4 version.
Your best bet is to look at one of the earlier patches such
as:
Add some debug code to do_page_fault
and fix the remaining bits.
> Is the empty TLB entry from the miss getting invalidated in the dcbX fixup
> case?
Yes, in all cases it was invalidated.
>
> > > It shouldn't since it will always come up with a proper DAR but
> > > you may want to double check before hand that your instruction
> > > address you are loading from is -not- your marker value for bad DAR.
> >
> > hmm, I check that the insn really is a dcbX insn, but not that the address is
> > != 0x00f0. Don't see how it could be as if something is wrong with
> > the insn address you get ITLB error instead of a DTLB error.
>
> I'm guessing he meant the data address you're loading.
Hopefully and I am already looking at the OP code to make sure it is
a dcbX insn.
>
> > Anyhow, things seems stalled as I haven't heard from Scott or Rex for a
> > while. If this isn't working now, I really don't know what is wrong and
> > need some debugging help.
>
> I'll test the latest version, but I have some scheduling latency. :-)
Get yourself a new scheduler :)
Jocke
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-17 12:01 ` Joakim Tjernlund
2009-10-26 22:47 ` Benjamin Herrenschmidt
@ 2009-10-30 0:12 ` Scott Wood
2009-10-30 0:51 ` Joakim Tjernlund
2009-10-30 17:16 ` Scott Wood
2 siblings, 1 reply; 32+ messages in thread
From: Scott Wood @ 2009-10-30 0:12 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Rex Feany, linuxppc-dev
On Sat, Oct 17, 2009 at 02:01:38PM +0200, Joakim Tjernlund wrote:
> Joakim Tjernlund/Transmode wrote on 17/10/2009 13:24:18:
> >
> > Rex Feany <RFeany@mrv.com> wrote on 16/10/2009 22:25:41:
> > >
> > > Thus spake Joakim Tjernlund (joakim.tjernlund@transmode.se):
> > >
> > > > Right, it is the pte table walk that is blowing up.
> > > > I just noted that 2.6 lacks a tophys() call in its table walk
> > > > so I removed that one(there is one more tophys call but I don't think
> > > > it should be removed).
> > > > Try this addon patch:
> > >
> > > no difference
>
> > OK, thinking a bit more, this part should not be executed as
> > copy_tofrom_user executes in kernel space.
> >
> > Any chance you can stick a HW breakpoint on FixupDAR?
> > Perhaps there is something different with kernel
> > virtual address to phys address?
> > A simple topys() works in 2.4, but perhaps not in 2.6?
> > this is the part of interest:
> > FixupDAR: /* Entry point for dcbx workaround. */
> > /* fetch instruction from memory. */
> > mfspr r10, SPRN_SRR0
> > andis. r11, r10, 0x8000
> > tophys (r11, r10)
> > beq- 139b /* Branch if user space address */
> > 140: lwz r11,0(r11)
>
> Probably better to walk the kernel page table too. Does this
> make a difference(needs the tophys() patch I posted earlier):
After applying by hand (whitespace damage), I get this and a bunch more:
VFS: Mounted root (nfs filesystem) readonly on device 0:12.
Freeing unused kernel memory: 96k init
INIT: version 2.85 booting
Mounting /proc and /sys
Oops: Machine check, sig: 7 [#1]
Embedded Planet EP88xC
NIP: 00002020 LR: c0089c58 CTR: 00000038
REGS: c38d7de0 TRAP: 0200 Not tainted (2.6.32-rc4-00971-g2edbf13-dirty)
MSR: 00001000 <ME> CR: 44002428 XER: 00000000
TASK = c383b7a0[173] 'udev' THREAD: c38d6000
GPR00: 00000001 c38d7e90 c383b7a0 00000014 c380bffc 0000000c 3001fffc 00000001
GPR08: 00000038 0000039b c001137c c021c000 00000000 100c7368 c01f59f4 c01f59d0
GPR16: c0240000 100982dc 100c0aac 10095ccc 00000047 c38a5868 c38d7f20 00000000
GPR24: c38dd880 00000400 30020000 00000000 c38d7ea0 00000000 0000039c c38a5840
NIP [00002020] 0x2020
LR [c0089c58] seq_read+0x488/0x558
Call Trace:
[c38d7e90] [c0089a74] seq_read+0x2a4/0x558 (unreliable)
[c38d7ee0] [c00ac264] proc_reg_read+0x4c/0x70
[c38d7ef0] [c006f7f4] vfs_read+0xb4/0x158
[c38d7f10] [c006fb04] sys_read+0x4c/0x90
[c38d7f40] [c000dfb8] ret_from_syscall+0x0/0x38
Instruction dump:
00000000 XXXXXXXX XXXXXXXX XXXXXXXX 7d5a02a6 XXXXXXXX XXXXXXXX XXXXXXXX
41800010 XXXXXXXX XXXXXXXX XXXXXXXX 816b0000 XXXXXXXX XXXXXXXX XXXXXXXX
---[ end trace fab819d28e265675 ]---
/etc/rc.d/rcS: line 24: 173 Bus error /etc/rc.d/init.d/$i $mode
-Scott
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-30 0:12 ` Scott Wood
@ 2009-10-30 0:51 ` Joakim Tjernlund
0 siblings, 0 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-30 0:51 UTC (permalink / raw)
To: Scott Wood; +Cc: Rex Feany, linuxppc-dev
Scott Wood <scottwood@freescale.com> wrote on 30/10/2009 01:12:28:
>
> On Sat, Oct 17, 2009 at 02:01:38PM +0200, Joakim Tjernlund wrote:
> > Joakim Tjernlund/Transmode wrote on 17/10/2009 13:24:18:
> > >
> > > Rex Feany <RFeany@mrv.com> wrote on 16/10/2009 22:25:41:
> > > >
> > > > Thus spake Joakim Tjernlund (joakim.tjernlund@transmode.se):
> > > >
> > > > > Right, it is the pte table walk that is blowing up.
> > > > > I just noted that 2.6 lacks a tophys() call in its table walk
> > > > > so I removed that one(there is one more tophys call but I don't think
> > > > > it should be removed).
> > > > > Try this addon patch:
> > > >
> > > > no difference
> >
> > > OK, thinking a bit more, this part should not be executed as
> > > copy_tofrom_user executes in kernel space.
> > >
> > > Any chance you can stick a HW breakpoint on FixupDAR?
> > > Perhaps there is something different with kernel
> > > virtual address to phys address?
> > > A simple topys() works in 2.4, but perhaps not in 2.6?
> > > this is the part of interest:
> > > FixupDAR: /* Entry point for dcbx workaround. */
> > > /* fetch instruction from memory. */
> > > mfspr r10, SPRN_SRR0
> > > andis. r11, r10, 0x8000
> > > tophys (r11, r10)
> > > beq- 139b /* Branch if user space address */
> > > 140: lwz r11,0(r11)
> >
> > Probably better to walk the kernel page table too. Does this
> > make a difference(needs the tophys() patch I posted earlier):
>
> After applying by hand (whitespace damage), I get this and a bunch more:
OK, please send your diff to head_8xx.S. Maybe I can spot an
error, otherwise you will have to set a hw BP on fixDAR and step
through it.
Jocke
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-17 12:01 ` Joakim Tjernlund
2009-10-26 22:47 ` Benjamin Herrenschmidt
2009-10-30 0:12 ` Scott Wood
@ 2009-10-30 17:16 ` Scott Wood
2009-10-30 17:37 ` Scott Wood
2 siblings, 1 reply; 32+ messages in thread
From: Scott Wood @ 2009-10-30 17:16 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Rex Feany, linuxppc-dev
On Sat, Oct 17, 2009 at 02:01:38PM +0200, Joakim Tjernlund wrote:
> + mfspr r10, SPRN_SRR0
> DO_8xx_CPU6(0x3780, r3)
> mtspr SPRN_MD_EPN, r10
> mfspr r11, SPRN_M_TWB /* Get level 1 table entry address */
> - lwz r11, 0(r11) /* Get the level 1 entry */
> + cmplwi cr0, r11, 0x0800
> + blt- 3f /* Branch if user space */
> + lis r11, swapper_pg_dir@h
> + ori r11, r11, swapper_pg_dir@l
> + rlwimi r11, r11, 0, 2, 19
That rlwimi is a no-op -- I think you meant to use a different register
here?
> +3: lwz r11, 0(r11) /* Get the level 1 entry */
> DO_8xx_CPU6(0x3b80, r3)
> mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
> mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
> lwz r11, 0(r11) /* Get the pte */
> /* concat physical page address(r11) and page offset(r10) */
> rlwimi r11, r10, 0, 20, 31
But r10 here contains SRR0 from above, and this is a data TLB error.
-Scott
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-30 17:16 ` Scott Wood
@ 2009-10-30 17:37 ` Scott Wood
2009-10-31 10:31 ` Joakim Tjernlund
2009-11-03 13:32 ` Joakim Tjernlund
0 siblings, 2 replies; 32+ messages in thread
From: Scott Wood @ 2009-10-30 17:37 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Rex Feany, linuxppc-dev
On Fri, Oct 30, 2009 at 12:16:07PM -0500, Scott Wood wrote:
> On Sat, Oct 17, 2009 at 02:01:38PM +0200, Joakim Tjernlund wrote:
> > + mfspr r10, SPRN_SRR0
> > DO_8xx_CPU6(0x3780, r3)
> > mtspr SPRN_MD_EPN, r10
> > mfspr r11, SPRN_M_TWB /* Get level 1 table entry address */
> > - lwz r11, 0(r11) /* Get the level 1 entry */
> > + cmplwi cr0, r11, 0x0800
> > + blt- 3f /* Branch if user space */
> > + lis r11, swapper_pg_dir@h
> > + ori r11, r11, swapper_pg_dir@l
> > + rlwimi r11, r11, 0, 2, 19
>
> That rlwimi is a no-op -- I think you meant to use a different register
> here?
>
> > +3: lwz r11, 0(r11) /* Get the level 1 entry */
> > DO_8xx_CPU6(0x3b80, r3)
> > mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
> > mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
> > lwz r11, 0(r11) /* Get the pte */
> > /* concat physical page address(r11) and page offset(r10) */
> > rlwimi r11, r10, 0, 20, 31
>
> But r10 here contains SRR0 from above, and this is a data TLB error.
Never mind that last one, forgot that you'd be wanting to load the
instruction. :-P
But the rlwimi is what's causing the machine checks. I replaced it with:
rlwinm r11, r11, 0, 0x3ffff000
rlwimi r11, r10, 22, 0xffc
and things seem to work. You could probably replace the rlwinm by
subtracting PAGE_OFFSET from swapper_pg_dir instead.
-Scott
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-30 17:37 ` Scott Wood
@ 2009-10-31 10:31 ` Joakim Tjernlund
2009-11-03 13:32 ` Joakim Tjernlund
1 sibling, 0 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-31 10:31 UTC (permalink / raw)
To: Scott Wood; +Cc: Rex Feany, linuxppc-dev
Scott Wood <scottwood@freescale.com> wrote on 30/10/2009 18:37:49:
>
> On Fri, Oct 30, 2009 at 12:16:07PM -0500, Scott Wood wrote:
> > On Sat, Oct 17, 2009 at 02:01:38PM +0200, Joakim Tjernlund wrote:
> > > + mfspr r10, SPRN_SRR0
> > > DO_8xx_CPU6(0x3780, r3)
> > > mtspr SPRN_MD_EPN, r10
> > > mfspr r11, SPRN_M_TWB /* Get level 1 table entry address */
> > > - lwz r11, 0(r11) /* Get the level 1 entry */
> > > + cmplwi cr0, r11, 0x0800
> > > + blt- 3f /* Branch if user space */
> > > + lis r11, swapper_pg_dir@h
> > > + ori r11, r11, swapper_pg_dir@l
> > > + rlwimi r11, r11, 0, 2, 19
> >
> > That rlwimi is a no-op -- I think you meant to use a different register
> > here?
> >
> > > +3: lwz r11, 0(r11) /* Get the level 1 entry */
> > > DO_8xx_CPU6(0x3b80, r3)
> > > mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
> > > mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
> > > lwz r11, 0(r11) /* Get the pte */
> > > /* concat physical page address(r11) and page offset(r10) */
> > > rlwimi r11, r10, 0, 20, 31
> >
> > But r10 here contains SRR0 from above, and this is a data TLB error.
>
> Never mind that last one, forgot that you'd be wanting to load the
> instruction. :-P
>
> But the rlwimi is what's causing the machine checks. I replaced it with:
Yes, I see now that it is wrong.
> rlwinm r11, r11, 0, 0x3ffff000
> rlwimi r11, r10, 22, 0xffc
>
> and things seem to work. You could probably replace the rlwinm by
> subtracting PAGE_OFFSET from swapper_pg_dir instead.
Would you mind produce a proper path on top of my series? I am blind
here so I can only guess what will work or not.
Then Rex can give it some beating and we can push this to Ben
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-10-30 17:37 ` Scott Wood
2009-10-31 10:31 ` Joakim Tjernlund
@ 2009-11-03 13:32 ` Joakim Tjernlund
2009-11-03 16:59 ` Scott Wood
1 sibling, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-11-03 13:32 UTC (permalink / raw)
To: Scott Wood; +Cc: Rex Feany, linuxppc-dev
Scott Wood <scottwood@freescale.com> wrote on 30/10/2009 18:37:49:
>
> On Fri, Oct 30, 2009 at 12:16:07PM -0500, Scott Wood wrote:
> > On Sat, Oct 17, 2009 at 02:01:38PM +0200, Joakim Tjernlund wrote:
> > > + mfspr r10, SPRN_SRR0
> > > DO_8xx_CPU6(0x3780, r3)
> > > mtspr SPRN_MD_EPN, r10
> > > mfspr r11, SPRN_M_TWB /* Get level 1 table entry address */
> > > - lwz r11, 0(r11) /* Get the level 1 entry */
> > > + cmplwi cr0, r11, 0x0800
> > > + blt- 3f /* Branch if user space */
> > > + lis r11, swapper_pg_dir@h
> > > + ori r11, r11, swapper_pg_dir@l
> > > + rlwimi r11, r11, 0, 2, 19
> >
> > That rlwimi is a no-op -- I think you meant to use a different register
> > here?
> >
> > > +3: lwz r11, 0(r11) /* Get the level 1 entry */
> > > DO_8xx_CPU6(0x3b80, r3)
> > > mtspr SPRN_MD_TWC, r11 /* Load pte table base address */
> > > mfspr r11, SPRN_MD_TWC /* ....and get the pte address */
> > > lwz r11, 0(r11) /* Get the pte */
> > > /* concat physical page address(r11) and page offset(r10) */
> > > rlwimi r11, r10, 0, 20, 31
> >
> > But r10 here contains SRR0 from above, and this is a data TLB error.
>
> Never mind that last one, forgot that you'd be wanting to load the
> instruction. :-P
>
> But the rlwimi is what's causing the machine checks. I replaced it with:
> rlwinm r11, r11, 0, 0x3ffff000
> rlwimi r11, r10, 22, 0xffc
>
> and things seem to work. You could probably replace the rlwinm by
> subtracting PAGE_OFFSET from swapper_pg_dir instead.
Just guessing here, do you mean:
lis r11, (swapper_pg_dir-PAGE_OFFSET)@h
ori r11, r11, (swapper_pg_dir-PAGE_OFFSET)@l
rlwimi r11, r10, 22, 0xffc
or
lis r11, swapper_pg_dir@h
ori r11, r11, swapper_pg_dir@l
subis r11, r11 PAGE_OFFSET
rlwimi r11, r10, 22, 0xffc
Jocke
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-11-03 13:32 ` Joakim Tjernlund
@ 2009-11-03 16:59 ` Scott Wood
2009-11-03 17:16 ` Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Scott Wood @ 2009-11-03 16:59 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Rex Feany, linuxppc-dev
Joakim Tjernlund wrote:
>> and things seem to work. You could probably replace the rlwinm by
>> subtracting PAGE_OFFSET from swapper_pg_dir instead.
>
> Just guessing here, do you mean:
> lis r11, (swapper_pg_dir-PAGE_OFFSET)@h
> ori r11, r11, (swapper_pg_dir-PAGE_OFFSET)@l
> rlwimi r11, r10, 22, 0xffc
> or
> lis r11, swapper_pg_dir@h
> ori r11, r11, swapper_pg_dir@l
> subis r11, r11 PAGE_OFFSET
> rlwimi r11, r10, 22, 0xffc
The former.
-Scott
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB
2009-11-03 16:59 ` Scott Wood
@ 2009-11-03 17:16 ` Joakim Tjernlund
0 siblings, 0 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-11-03 17:16 UTC (permalink / raw)
To: Scott Wood; +Cc: Rex Feany, linuxppc-dev
Scott Wood <scottwood@freescale.com> wrote on 03/11/2009 17:59:30:
>
> Joakim Tjernlund wrote:
> >> and things seem to work. You could probably replace the rlwinm by
> >> subtracting PAGE_OFFSET from swapper_pg_dir instead.
> >
> > Just guessing here, do you mean:
> > lis r11, (swapper_pg_dir-PAGE_OFFSET)@h
> > ori r11, r11, (swapper_pg_dir-PAGE_OFFSET)@l
> > rlwimi r11, r10, 22, 0xffc
> > or
> > lis r11, swapper_pg_dir@h
> > ori r11, r11, swapper_pg_dir@l
> > subis r11, r11 PAGE_OFFSET
> > rlwimi r11, r10, 22, 0xffc
>
> The former.
OK, I will regenerate the patch series with the
lis r11, (swapper_pg_dir-PAGE_OFFSET)@h
ori r11, r11, (swapper_pg_dir-PAGE_OFFSET)@l
rlwimi r11, r10, 22, 0xffc
fix.
Have you already confirmed that this works too?
Jocke
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB.
2009-10-14 17:23 ` Scott Wood
@ 2009-10-14 18:46 ` Joakim Tjernlund
0 siblings, 0 replies; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-14 18:46 UTC (permalink / raw)
To: Scott Wood; +Cc: Rex Feany, linuxppc-dev
Scott Wood <scottwood@freescale.com> wrote on 14/10/2009 19:23:51:
>
> On Sun, Oct 11, 2009 at 06:35:04PM +0200, Joakim Tjernlund wrote:
> > This is the latest batch of mu 8xx MMU/TLB rework.
> > I think this is complete now and will relax with
> > other work the next few days. I hope I can get some
> > testing from Scott and Rex during this time.
>
> I applied this stack plus "Remove DIRTY pte handling in DTLB Error" (fixing
> up conflicts again, as well as the noted build errors), and got this:
Sorry about the build problems, will fixup.
Don't know what is causing the error though, works just fine on 2.4 :(
Assuming you fixup this error:
arch/powerpc/kernel/head_8xx.S:577: undefined reference to `DARfix'
with a "b DARFix" I can only guess and I don't have a good guess even :(
You could back out
8xx: start using dcbX instructions in various copy routines
to see if it is the dcbX insn that is causing the error.
>
> INIT: version 2.85 booting
> Mounting /proc and /sys
> Starting the hotplug events dispatcher udevd
> udevd[177]: add_to_rules: unknown key 'MODALIAS' in /etc/udev/rules.d/60-pcmcia.rules:4
> udevd[177]: add_to_rules: unknown key 'MODALIAS' in /etc/udev/rules.d/60-pcmcia.rules:10
> udevd[177]: add_to_rules: unknown key 'MODALIAS' in /etc/udev/rules.d/60-pcmcia.rules:14
> Synthesizing initial hotplug events
> /etc/rc.d/init.d/udev: line 41: 187 Segmentation fault udevsettle --timeout=300
This looks like the first error?
> Setting the hostname to 8xx
> Running depmod
> WARNING: Couldn't open directory /lib/modules/2.6.31-08384-g2cb4b47-dirty: No
> such file or directory
> FATAL: Could not open /lib/modules/2.6.31-08384-g2cb4b47-dirty/
> modules.dep.tempfor writing: No such file or directory
> Mounting filesystems
> BUG: soft lockup - CPU#0 stuck for 61s! [cat:265]
Perhaps it is looping on the same TLB Error, caused by dcbX insn?
> NIP: c000f160 LR: c000f160 CTR: 00000007
> REGS: c3919c70 TRAP: 0901 Not tainted (2.6.31-08384-g2cb4b47-dirty)
> MSR: 00009032 <EE,ME,IR,DR> CR: 88008424 XER: 00000000
> TASK = c3944bd0[265] 'cat' THREAD: c3918000
> GPR00: c000f160 c3919d20 c3944bd0 00000000 100180fc 00000000 00000000 00000001
> GPR08: c393e700 00000000 03ca9d21 00000001 48000428
> NIP [c000f160] do_page_fault+0x188/0x49c
> LR [c000f160] do_page_fault+0x188/0x49c
> Call Trace:
> [c3919d20] [c000f160] do_page_fault+0x188/0x49c (unreliable)
> [c3919dd0] [c000e3f0] handle_page_fault+0xc/0x80
> [c3919e90] [c008910c] seq_read+0x2a4/0x558
> [c3919ee0] [c00ab7c0] proc_reg_read+0x4c/0x70
> [c3919ef0] [c006f47c] vfs_read+0xb4/0x158
> [c3919f10] [c006f78c] sys_read+0x4c/0x90
> [c3919f40] [c000dfc0] ret_from_syscall+0x0/0x38
> Instruction dump:
> 2f990000 419e01f0 801f0014 700a0002 418201f8 7c1900d0 541e0ffe 7fe4fb78
> 7f85e378 7fc6f378 7f63db78 4804c31d <70690003> 7c601b78 40820230 70690004
>
> -Scott
>
>
^ permalink raw reply [flat|nested] 32+ messages in thread
* Re: [PATCH 0/8] Fix 8xx MMU/TLB.
2009-10-11 16:35 Joakim Tjernlund
@ 2009-10-14 17:23 ` Scott Wood
2009-10-14 18:46 ` Joakim Tjernlund
0 siblings, 1 reply; 32+ messages in thread
From: Scott Wood @ 2009-10-14 17:23 UTC (permalink / raw)
To: Joakim Tjernlund; +Cc: Rex Feany, linuxppc-dev
On Sun, Oct 11, 2009 at 06:35:04PM +0200, Joakim Tjernlund wrote:
> This is the latest batch of mu 8xx MMU/TLB rework.
> I think this is complete now and will relax with
> other work the next few days. I hope I can get some
> testing from Scott and Rex during this time.
I applied this stack plus "Remove DIRTY pte handling in DTLB Error" (fixing
up conflicts again, as well as the noted build errors), and got this:
INIT: version 2.85 booting
Mounting /proc and /sys
Starting the hotplug events dispatcher udevd
udevd[177]: add_to_rules: unknown key 'MODALIAS' in /etc/udev/rules.d/60-pcmcia.rules:4
udevd[177]: add_to_rules: unknown key 'MODALIAS' in /etc/udev/rules.d/60-pcmcia.rules:10
udevd[177]: add_to_rules: unknown key 'MODALIAS' in /etc/udev/rules.d/60-pcmcia.rules:14
Synthesizing initial hotplug events
/etc/rc.d/init.d/udev: line 41: 187 Segmentation fault udevsettle --timeout=300
Setting the hostname to 8xx
Running depmod
WARNING: Couldn't open directory /lib/modules/2.6.31-08384-g2cb4b47-dirty: No such file or directory
FATAL: Could not open /lib/modules/2.6.31-08384-g2cb4b47-dirty/modules.dep.tempfor writing: No such file or directory
Mounting filesystems
BUG: soft lockup - CPU#0 stuck for 61s! [cat:265]
NIP: c000f160 LR: c000f160 CTR: 00000007
REGS: c3919c70 TRAP: 0901 Not tainted (2.6.31-08384-g2cb4b47-dirty)
MSR: 00009032 <EE,ME,IR,DR> CR: 88008424 XER: 00000000
TASK = c3944bd0[265] 'cat' THREAD: c3918000
GPR00: c000f160 c3919d20 c3944bd0 00000000 100180fc 00000000 00000000 00000001
GPR08: c393e700 00000000 03ca9d21 00000001 48000428
NIP [c000f160] do_page_fault+0x188/0x49c
LR [c000f160] do_page_fault+0x188/0x49c
Call Trace:
[c3919d20] [c000f160] do_page_fault+0x188/0x49c (unreliable)
[c3919dd0] [c000e3f0] handle_page_fault+0xc/0x80
[c3919e90] [c008910c] seq_read+0x2a4/0x558
[c3919ee0] [c00ab7c0] proc_reg_read+0x4c/0x70
[c3919ef0] [c006f47c] vfs_read+0xb4/0x158
[c3919f10] [c006f78c] sys_read+0x4c/0x90
[c3919f40] [c000dfc0] ret_from_syscall+0x0/0x38
Instruction dump:
2f990000 419e01f0 801f0014 700a0002 418201f8 7c1900d0 541e0ffe 7fe4fb78
7f85e378 7fc6f378 7f63db78 4804c31d <70690003> 7c601b78 40820230 70690004
-Scott
^ permalink raw reply [flat|nested] 32+ messages in thread
* [PATCH 0/8] Fix 8xx MMU/TLB.
@ 2009-10-11 16:35 Joakim Tjernlund
2009-10-14 17:23 ` Scott Wood
0 siblings, 1 reply; 32+ messages in thread
From: Joakim Tjernlund @ 2009-10-11 16:35 UTC (permalink / raw)
To: Benjamin Herrenschmidt, linuxppc-dev, Rex Feany, Scott Wood
This is the latest batch of mu 8xx MMU/TLB rework.
I think this is complete now and will relax with
other work the next few days. I hope I can get some
testing from Scott and Rex during this time.
Joakim Tjernlund (8):
8xx: invalidate non present TLBs
8xx: Update TLB asm so it behaves as linux mm expects.
8xx: Tag DAR with 0x00f0 to catch buggy instructions.
8xx: Fixup DAR from buggy dcbX instructions.
8xx: dcbst sets store bit in DTLB error, workaround.
8xx: Add missing Guarded setting in DTLB Error.
8xx: Restore _PAGE_WRITETHRU
8xx: start using dcbX instructions in various copy routines
arch/powerpc/include/asm/pte-8xx.h | 14 +-
arch/powerpc/kernel/head_8xx.S | 307 ++++++++++++++++++++++++++++++------
arch/powerpc/kernel/misc_32.S | 18 --
arch/powerpc/lib/copy_32.S | 24 ---
arch/powerpc/mm/fault.c | 8 +-
5 files changed, 269 insertions(+), 102 deletions(-)
^ permalink raw reply [flat|nested] 32+ messages in thread
end of thread, other threads:[~2009-11-03 17:16 UTC | newest]
Thread overview: 32+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-10-15 9:04 [PATCH 0/8] Fix 8xx MMU/TLB Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 1/8] 8xx: invalidate non present TLBs Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 2/8] 8xx: Update TLB asm so it behaves as linux mm expects Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 3/8] 8xx: Tag DAR with 0x00f0 to catch buggy instructions Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 4/8] 8xx: Fixup DAR from buggy dcbX instructions Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 5/8] 8xx: Add missing Guarded setting in DTLB Error Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 6/8] 8xx: Restore _PAGE_WRITETHRU Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 7/8] 8xx: start using dcbX instructions in various copy routines Joakim Tjernlund
2009-10-15 9:04 ` [PATCH 8/8] 8xx: Remove DIRTY pte handling in DTLB Error Joakim Tjernlund
2009-10-15 16:56 ` [PATCH 0/8] Fix 8xx MMU/TLB Rex Feany
2009-10-16 8:16 ` Joakim Tjernlund
2009-10-16 20:25 ` Rex Feany
2009-10-17 11:24 ` Joakim Tjernlund
[not found] ` <OF2BB5EF59.1EE0A77D-ONC1257652.003D79DC-C1257652.003EA687@LocalDomain>
2009-10-17 12:01 ` Joakim Tjernlund
2009-10-26 22:47 ` Benjamin Herrenschmidt
2009-10-26 23:26 ` Dan Malek
2009-10-27 0:00 ` Benjamin Herrenschmidt
2009-10-27 9:16 ` Joakim Tjernlund
2009-10-27 15:58 ` Scott Wood
2009-10-27 16:38 ` Joakim Tjernlund
2009-10-30 0:12 ` Scott Wood
2009-10-30 0:51 ` Joakim Tjernlund
2009-10-30 17:16 ` Scott Wood
2009-10-30 17:37 ` Scott Wood
2009-10-31 10:31 ` Joakim Tjernlund
2009-11-03 13:32 ` Joakim Tjernlund
2009-11-03 16:59 ` Scott Wood
2009-11-03 17:16 ` Joakim Tjernlund
2009-10-15 22:04 ` Scott Wood
-- strict thread matches above, loose matches on Subject: below --
2009-10-11 16:35 Joakim Tjernlund
2009-10-14 17:23 ` Scott Wood
2009-10-14 18:46 ` Joakim Tjernlund
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.