/* SPDX-License-Identifier: GPL-2.0-only */1/*2* linux/arch/arm/boot/compressed/head.S3*4* Copyright (C) 1996-2002 Russell King5* Copyright (C) 2004 Hyok S. Choi (MPU support)6*/7#include <linux/linkage.h>8#include <asm/assembler.h>9#include <asm/v7m.h>1011#include "efi-header.S"1213#ifdef __ARMEB__14#define OF_DT_MAGIC 0xd00dfeed15#else16#define OF_DT_MAGIC 0xedfe0dd017#endif1819AR_CLASS( .arch armv7-a )20M_CLASS( .arch armv7-m )2122/*23* Debugging stuff24*25* Note that these macros must not contain any code which is not26* 100% relocatable. Any attempt to do so will result in a crash.27* Please select one of the following when turning on debugging.28*/29#ifdef DEBUG3031#if defined(CONFIG_DEBUG_ICEDCC)3233#if defined(CONFIG_CPU_V6) || defined(CONFIG_CPU_V6K) || defined(CONFIG_CPU_V7)34.macro loadsp, rb, tmp1, tmp235.endm36.macro writeb, ch, rb, tmp37mcr p14, 0, \ch, c0, c5, 038.endm39#elif defined(CONFIG_CPU_XSCALE)40.macro loadsp, rb, tmp1, tmp241.endm42.macro writeb, ch, rb, tmp43mcr p14, 0, \ch, c8, c0, 044.endm45#else46.macro loadsp, rb, tmp1, tmp247.endm48.macro writeb, ch, rb, tmp49mcr p14, 0, \ch, c1, c0, 050.endm51#endif5253#else5455#include CONFIG_DEBUG_LL_INCLUDE5657.macro writeb, ch, rb, tmp58#ifdef CONFIG_DEBUG_UART_FLOW_CONTROL59waituartcts \tmp, \rb60#endif61waituarttxrdy \tmp, \rb62senduart \ch, \rb63busyuart \tmp, \rb64.endm6566#if defined(CONFIG_ARCH_SA1100)67.macro loadsp, rb, tmp1, tmp268mov \rb, #0x80000000 @ physical base address69add \rb, \rb, #0x00010000 @ Ser170.endm71#else72.macro loadsp, rb, tmp1, tmp273addruart \rb, \tmp1, \tmp274.endm75#endif76#endif77#endif7879.macro kputc,val80mov r0, \val81bl putc82.endm8384.macro kphex,val,len85mov r0, \val86mov r1, #\len87bl phex88.endm8990/*91* Debug kernel copy by printing the memory addresses involved92*/93.macro dbgkc, begin, end, cbegin, cend94#ifdef DEBUG95kputc #'C'96kputc #':'97kputc #'0'98kputc #'x'99kphex \begin, 8 /* Start of compressed kernel */100kputc #'-'101kputc #'0'102kputc #'x'103kphex \end, 8 /* End of compressed kernel */104kputc #'-'105kputc #'>'106kputc #'0'107kputc #'x'108kphex \cbegin, 8 /* Start of kernel copy */109kputc #'-'110kputc #'0'111kputc #'x'112kphex \cend, 8 /* End of kernel copy */113kputc #'\n'114#endif115.endm116117/*118* Debug print of the final appended DTB location119*/120.macro dbgadtb, begin, size121#ifdef DEBUG122kputc #'D'123kputc #'T'124kputc #'B'125kputc #':'126kputc #'0'127kputc #'x'128kphex \begin, 8 /* Start of appended DTB */129kputc #' '130kputc #'('131kputc #'0'132kputc #'x'133kphex \size, 8 /* Size of appended DTB */134kputc #')'135kputc #'\n'136#endif137.endm138139.macro enable_cp15_barriers, reg140mrc p15, 0, \reg, c1, c0, 0 @ read SCTLR141tst \reg, #(1 << 5) @ CP15BEN bit set?142bne .L_\@143orr \reg, \reg, #(1 << 5) @ CP15 barrier instructions144mcr p15, 0, \reg, c1, c0, 0 @ write SCTLR145ARM( .inst 0xf57ff06f @ v7+ isb )146THUMB( isb )147.L_\@:148.endm149150/*151* The kernel build system appends the size of the152* decompressed kernel at the end of the compressed data153* in little-endian form.154*/155.macro get_inflated_image_size, res:req, tmp1:req, tmp2:req156adr \res, .Linflated_image_size_offset157ldr \tmp1, [\res]158add \tmp1, \tmp1, \res @ address of inflated image size159160ldrb \res, [\tmp1] @ get_unaligned_le32161ldrb \tmp2, [\tmp1, #1]162orr \res, \res, \tmp2, lsl #8163ldrb \tmp2, [\tmp1, #2]164ldrb \tmp1, [\tmp1, #3]165orr \res, \res, \tmp2, lsl #16166orr \res, \res, \tmp1, lsl #24167.endm168169.macro be32tocpu, val, tmp170#ifndef __ARMEB__171/* convert to little endian */172rev_l \val, \tmp173#endif174.endm175176.section ".start", "ax"177/*178* sort out different calling conventions179*/180.align181/*182* Always enter in ARM state for CPUs that support the ARM ISA.183* As of today (2014) that's exactly the members of the A and R184* classes.185*/186AR_CLASS( .arm )187start:188.type start,#function189/*190* These 7 nops along with the 1 nop immediately below for191* !THUMB2 form 8 nops that make the compressed kernel bootable192* on legacy ARM systems that were assuming the kernel in a.out193* binary format. The boot loaders on these systems would194* jump 32 bytes into the image to skip the a.out header.195* with these 8 nops filling exactly 32 bytes, things still196* work as expected on these legacy systems. Thumb2 mode keeps197* 7 of the nops as it turns out that some boot loaders198* were patching the initial instructions of the kernel, i.e199* had started to exploit this "patch area".200*/201__initial_nops202.rept 5203__nop204.endr205#ifndef CONFIG_THUMB2_KERNEL206__nop207#else208AR_CLASS( sub pc, pc, #3 ) @ A/R: switch to Thumb2 mode209M_CLASS( nop.w ) @ M: already in Thumb2 mode210.thumb211#endif212W(b) 1f213214.word _magic_sig @ Magic numbers to help the loader215.word _magic_start @ absolute load/run zImage address216.word _magic_end @ zImage end address217.word 0x04030201 @ endianness flag218.word 0x45454545 @ another magic number to indicate219.word _magic_table @ additional data table220221__EFI_HEADER2221:223ARM_BE8( setend be ) @ go BE8 if compiled for BE8224AR_CLASS( mrs r9, cpsr )225#ifdef CONFIG_ARM_VIRT_EXT226bl __hyp_stub_install @ get into SVC mode, reversibly227#endif228mov r7, r1 @ save architecture ID229mov r8, r2 @ save atags pointer230231#ifndef CONFIG_CPU_V7M232/*233* Booting from Angel - need to enter SVC mode and disable234* FIQs/IRQs (numeric definitions from angel arm.h source).235* We only do this if we were in user mode on entry.236*/237mrs r2, cpsr @ get current mode238tst r2, #3 @ not user?239bne not_angel240mov r0, #0x17 @ angel_SWIreason_EnterSVC241ARM( swi 0x123456 ) @ angel_SWI_ARM242THUMB( svc 0xab ) @ angel_SWI_THUMB243not_angel:244safe_svcmode_maskall r0245msr spsr_cxsf, r9 @ Save the CPU boot mode in246@ SPSR247#endif248/*249* Note that some cache flushing and other stuff may250* be needed here - is there an Angel SWI call for this?251*/252253/*254* some architecture specific code can be inserted255* by the linker here, but it should preserve r7, r8, and r9.256*/257258.text259260#ifdef CONFIG_AUTO_ZRELADDR261/*262* Find the start of physical memory. As we are executing263* without the MMU on, we are in the physical address space.264* We just need to get rid of any offset by aligning the265* address.266*267* This alignment is a balance between the requirements of268* different platforms - we have chosen 128MB to allow269* platforms which align the start of their physical memory270* to 128MB to use this feature, while allowing the zImage271* to be placed within the first 128MB of memory on other272* platforms. Increasing the alignment means we place273* stricter alignment requirements on the start of physical274* memory, but relaxing it means that we break people who275* are already placing their zImage in (eg) the top 64MB276* of this range.277*/278mov r0, pc279and r0, r0, #0xf8000000280#ifdef CONFIG_USE_OF281adr r1, LC1282#ifdef CONFIG_ARM_APPENDED_DTB283/*284* Look for an appended DTB. If found, we cannot use it to285* validate the calculated start of physical memory, as its286* memory nodes may need to be augmented by ATAGS stored at287* an offset from the same start of physical memory.288*/289ldr r2, [r1, #4] @ get &_edata290add r2, r2, r1 @ relocate it291ldr r2, [r2] @ get DTB signature292ldr r3, =OF_DT_MAGIC293cmp r2, r3 @ do we have a DTB there?294beq 1f @ if yes, skip validation295#endif /* CONFIG_ARM_APPENDED_DTB */296297/*298* Make sure we have some stack before calling C code.299* No GOT fixup has occurred yet, but none of the code we're300* about to call uses any global variables.301*/302ldr sp, [r1] @ get stack location303add sp, sp, r1 @ apply relocation304305/* Validate calculated start against passed DTB */306mov r1, r8307bl fdt_check_mem_start3081:309#endif /* CONFIG_USE_OF */310/* Determine final kernel image address. */311add r4, r0, #TEXT_OFFSET312#else313ldr r4, =zreladdr314#endif315316/*317* Set up a page table only if it won't overwrite ourself.318* That means r4 < pc || r4 - 16k page directory > &_end.319* Given that r4 > &_end is most unfrequent, we add a rough320* additional 1MB of room for a possible appended DTB.321*/322mov r0, pc323cmp r0, r4324ldrcc r0, .Lheadroom325addcc r0, r0, pc326cmpcc r4, r0327orrcc r4, r4, #1 @ remember we skipped cache_on328blcs cache_on329330restart: adr r0, LC1331ldr sp, [r0]332ldr r6, [r0, #4]333add sp, sp, r0334add r6, r6, r0335336get_inflated_image_size r9, r10, lr337338#ifndef CONFIG_ZBOOT_ROM339/* malloc space is above the relocated stack (64k max) */340add r10, sp, #MALLOC_SIZE341#else342/*343* With ZBOOT_ROM the bss/stack is non relocatable,344* but someone could still run this code from RAM,345* in which case our reference is _edata.346*/347mov r10, r6348#endif349350mov r5, #0 @ init dtb size to 0351#ifdef CONFIG_ARM_APPENDED_DTB352/*353* r4 = final kernel address (possibly with LSB set)354* r5 = appended dtb size (still unknown)355* r6 = _edata356* r7 = architecture ID357* r8 = atags/device tree pointer358* r9 = size of decompressed image359* r10 = end of this image, including bss/stack/malloc space if non XIP360* sp = stack pointer361*362* if there are device trees (dtb) appended to zImage, advance r10 so that the363* dtb data will get relocated along with the kernel if necessary.364*/365366ldr lr, [r6, #0]367ldr r1, =OF_DT_MAGIC368cmp lr, r1369bne dtb_check_done @ not found370371#ifdef CONFIG_ARM_ATAG_DTB_COMPAT372/*373* OK... Let's do some funky business here.374* If we do have a DTB appended to zImage, and we do have375* an ATAG list around, we want the later to be translated376* and folded into the former here. No GOT fixup has occurred377* yet, but none of the code we're about to call uses any378* global variable.379*/380381/* Get the initial DTB size */382ldr r5, [r6, #4]383be32tocpu r5, r1384dbgadtb r6, r5385/* 50% DTB growth should be good enough */386add r5, r5, r5, lsr #1387/* preserve 64-bit alignment */388add r5, r5, #7389bic r5, r5, #7390/* clamp to 32KB min and 1MB max */391cmp r5, #(1 << 15)392movlo r5, #(1 << 15)393cmp r5, #(1 << 20)394movhi r5, #(1 << 20)395/* temporarily relocate the stack past the DTB work space */396add sp, sp, r5397398mov r0, r8399mov r1, r6400mov r2, r5401bl atags_to_fdt402403/*404* If returned value is 1, there is no ATAG at the location405* pointed by r8. Try the typical 0x100 offset from start406* of RAM and hope for the best.407*/408cmp r0, #1409sub r0, r4, #TEXT_OFFSET410bic r0, r0, #1411add r0, r0, #0x100412mov r1, r6413mov r2, r5414bleq atags_to_fdt415416sub sp, sp, r5417#endif418419mov r8, r6 @ use the appended device tree420421/*422* Make sure that the DTB doesn't end up in the final423* kernel's .bss area. To do so, we adjust the decompressed424* kernel size to compensate if that .bss size is larger425* than the relocated code.426*/427ldr r5, =_kernel_bss_size428adr r1, wont_overwrite429sub r1, r6, r1430subs r1, r5, r1431addhi r9, r9, r1432433/* Get the current DTB size */434ldr r5, [r6, #4]435be32tocpu r5, r1436437/* preserve 64-bit alignment */438add r5, r5, #7439bic r5, r5, #7440441/* relocate some pointers past the appended dtb */442add r6, r6, r5443add r10, r10, r5444add sp, sp, r5445dtb_check_done:446#endif447448/*449* Check to see if we will overwrite ourselves.450* r4 = final kernel address (possibly with LSB set)451* r9 = size of decompressed image452* r10 = end of this image, including bss/stack/malloc space if non XIP453* We basically want:454* r4 - 16k page directory >= r10 -> OK455* r4 + image length <= address of wont_overwrite -> OK456* Note: the possible LSB in r4 is harmless here.457*/458add r10, r10, #16384459cmp r4, r10460bhs wont_overwrite461add r10, r4, r9462adr r9, wont_overwrite463cmp r10, r9464bls wont_overwrite465466/*467* Relocate ourselves past the end of the decompressed kernel.468* r6 = _edata469* r10 = end of the decompressed kernel470* Because we always copy ahead, we need to do it from the end and go471* backward in case the source and destination overlap.472*/473/*474* Bump to the next 256-byte boundary with the size of475* the relocation code added. This avoids overwriting476* ourself when the offset is small.477*/478add r10, r10, #((reloc_code_end - restart + 256) & ~255)479bic r10, r10, #255480481/* Get start of code we want to copy and align it down. */482adr r5, restart483bic r5, r5, #31484485/* Relocate the hyp vector base if necessary */486#ifdef CONFIG_ARM_VIRT_EXT487mrs r0, spsr488and r0, r0, #MODE_MASK489cmp r0, #HYP_MODE490bne 1f491492/*493* Compute the address of the hyp vectors after relocation.494* Call __hyp_set_vectors with the new address so that we495* can HVC again after the copy.496*/497adr_l r0, __hyp_stub_vectors498sub r0, r0, r5499add r0, r0, r10500bl __hyp_set_vectors5011:502#endif503504sub r9, r6, r5 @ size to copy505add r9, r9, #31 @ rounded up to a multiple506bic r9, r9, #31 @ ... of 32 bytes507add r6, r9, r5508add r9, r9, r10509510#ifdef DEBUG511sub r10, r6, r5512sub r10, r9, r10513/*514* We are about to copy the kernel to a new memory area.515* The boundaries of the new memory area can be found in516* r10 and r9, whilst r5 and r6 contain the boundaries517* of the memory we are going to copy.518* Calling dbgkc will help with the printing of this519* information.520*/521dbgkc r5, r6, r10, r9522#endif5235241: ldmdb r6!, {r0 - r3, r10 - r12, lr}525cmp r6, r5526stmdb r9!, {r0 - r3, r10 - r12, lr}527bhi 1b528529/* Preserve offset to relocated code. */530sub r6, r9, r6531532mov r0, r9 @ start of relocated zImage533add r1, sp, r6 @ end of relocated zImage534bl cache_clean_flush535536badr r0, restart537add r0, r0, r6538mov pc, r0539540wont_overwrite:541adr r0, LC0542ldmia r0, {r1, r2, r3, r11, r12}543sub r0, r0, r1 @ calculate the delta offset544545/*546* If delta is zero, we are running at the address we were linked at.547* r0 = delta548* r2 = BSS start549* r3 = BSS end550* r4 = kernel execution address (possibly with LSB set)551* r5 = appended dtb size (0 if not present)552* r7 = architecture ID553* r8 = atags pointer554* r11 = GOT start555* r12 = GOT end556* sp = stack pointer557*/558orrs r1, r0, r5559beq not_relocated560561add r11, r11, r0562add r12, r12, r0563564#ifndef CONFIG_ZBOOT_ROM565/*566* If we're running fully PIC === CONFIG_ZBOOT_ROM = n,567* we need to fix up pointers into the BSS region.568* Note that the stack pointer has already been fixed up.569*/570add r2, r2, r0571add r3, r3, r0572573/*574* Relocate all entries in the GOT table.575* Bump bss entries to _edata + dtb size576*/5771: ldr r1, [r11, #0] @ relocate entries in the GOT578add r1, r1, r0 @ This fixes up C references579cmp r1, r2 @ if entry >= bss_start &&580cmphs r3, r1 @ bss_end > entry581addhi r1, r1, r5 @ entry += dtb size582str r1, [r11], #4 @ next entry583cmp r11, r12584blo 1b585586/* bump our bss pointers too */587add r2, r2, r5588add r3, r3, r5589590#else591592/*593* Relocate entries in the GOT table. We only relocate594* the entries that are outside the (relocated) BSS region.595*/5961: ldr r1, [r11, #0] @ relocate entries in the GOT597cmp r1, r2 @ entry < bss_start ||598cmphs r3, r1 @ _end < entry599addlo r1, r1, r0 @ table. This fixes up the600str r1, [r11], #4 @ C references.601cmp r11, r12602blo 1b603#endif604605not_relocated: mov r0, #06061: str r0, [r2], #4 @ clear bss607str r0, [r2], #4608str r0, [r2], #4609str r0, [r2], #4610cmp r2, r3611blo 1b612613/*614* Did we skip the cache setup earlier?615* That is indicated by the LSB in r4.616* Do it now if so.617*/618tst r4, #1619bic r4, r4, #1620blne cache_on621622/*623* The C runtime environment should now be setup sufficiently.624* Set up some pointers, and start decompressing.625* r4 = kernel execution address626* r7 = architecture ID627* r8 = atags pointer628*/629mov r0, r4630mov r1, sp @ malloc space above stack631add r2, sp, #MALLOC_SIZE @ 64k max632mov r3, r7633bl decompress_kernel634635get_inflated_image_size r1, r2, r3636637mov r0, r4 @ start of inflated image638add r1, r1, r0 @ end of inflated image639bl cache_clean_flush640bl cache_off641642#ifdef CONFIG_ARM_VIRT_EXT643mrs r0, spsr @ Get saved CPU boot mode644and r0, r0, #MODE_MASK645cmp r0, #HYP_MODE @ if not booted in HYP mode...646bne __enter_kernel @ boot kernel directly647648adr_l r0, __hyp_reentry_vectors649bl __hyp_set_vectors650__HVC(0) @ otherwise bounce to hyp mode651652b . @ should never be reached653#else654b __enter_kernel655#endif656657.align 2658.type LC0, #object659LC0: .word LC0 @ r1660.word __bss_start @ r2661.word _end @ r3662.word _got_start @ r11663.word _got_end @ ip664.size LC0, . - LC0665666.type LC1, #object667LC1: .word .L_user_stack_end - LC1 @ sp668.word _edata - LC1 @ r6669.size LC1, . - LC1670671.Lheadroom:672.word _end - restart + 16384 + 1024*1024673674.Linflated_image_size_offset:675.long (input_data_end - 4) - .676677#ifdef CONFIG_ARCH_RPC678.globl params679params: ldr r0, =0x10000100 @ params_phys for RPC680mov pc, lr681.ltorg682.align683#endif684685/*686* dcache_line_size - get the minimum D-cache line size from the CTR register687* on ARMv7.688*/689.macro dcache_line_size, reg, tmp690#ifdef CONFIG_CPU_V7M691movw \tmp, #:lower16:BASEADDR_V7M_SCB + V7M_SCB_CTR692movt \tmp, #:upper16:BASEADDR_V7M_SCB + V7M_SCB_CTR693ldr \tmp, [\tmp]694#else695mrc p15, 0, \tmp, c0, c0, 1 @ read ctr696#endif697lsr \tmp, \tmp, #16698and \tmp, \tmp, #0xf @ cache line size encoding699mov \reg, #4 @ bytes per word700mov \reg, \reg, lsl \tmp @ actual cache line size701.endm702703/*704* Turn on the cache. We need to setup some page tables so that we705* can have both the I and D caches on.706*707* We place the page tables 16k down from the kernel execution address,708* and we hope that nothing else is using it. If we're using it, we709* will go pop!710*711* On entry,712* r4 = kernel execution address713* r7 = architecture number714* r8 = atags pointer715* On exit,716* r0, r1, r2, r3, r9, r10, r12 corrupted717* This routine must preserve:718* r4, r7, r8719*/720.align 5721cache_on: mov r3, #8 @ cache_on function722b call_cache_fn723724/*725* Initialize the highest priority protection region, PR7726* to cover all 32bit address and cacheable and bufferable.727*/728__armv4_mpu_cache_on:729mov r0, #0x3f @ 4G, the whole730mcr p15, 0, r0, c6, c7, 0 @ PR7 Area Setting731mcr p15, 0, r0, c6, c7, 1732733mov r0, #0x80 @ PR7734mcr p15, 0, r0, c2, c0, 0 @ D-cache on735mcr p15, 0, r0, c2, c0, 1 @ I-cache on736mcr p15, 0, r0, c3, c0, 0 @ write-buffer on737738mov r0, #0xc000739mcr p15, 0, r0, c5, c0, 1 @ I-access permission740mcr p15, 0, r0, c5, c0, 0 @ D-access permission741742mov r0, #0743mcr p15, 0, r0, c7, c10, 4 @ drain write buffer744mcr p15, 0, r0, c7, c5, 0 @ flush(inval) I-Cache745mcr p15, 0, r0, c7, c6, 0 @ flush(inval) D-Cache746mrc p15, 0, r0, c1, c0, 0 @ read control reg747@ ...I .... ..D. WC.M748orr r0, r0, #0x002d @ .... .... ..1. 11.1749orr r0, r0, #0x1000 @ ...1 .... .... ....750751mcr p15, 0, r0, c1, c0, 0 @ write control reg752753mov r0, #0754mcr p15, 0, r0, c7, c5, 0 @ flush(inval) I-Cache755mcr p15, 0, r0, c7, c6, 0 @ flush(inval) D-Cache756mov pc, lr757758__armv3_mpu_cache_on:759mov r0, #0x3f @ 4G, the whole760mcr p15, 0, r0, c6, c7, 0 @ PR7 Area Setting761762mov r0, #0x80 @ PR7763mcr p15, 0, r0, c2, c0, 0 @ cache on764mcr p15, 0, r0, c3, c0, 0 @ write-buffer on765766mov r0, #0xc000767mcr p15, 0, r0, c5, c0, 0 @ access permission768769mov r0, #0770mcr p15, 0, r0, c7, c0, 0 @ invalidate whole cache v3771/*772* ?? ARMv3 MMU does not allow reading the control register,773* does this really work on ARMv3 MPU?774*/775mrc p15, 0, r0, c1, c0, 0 @ read control reg776@ .... .... .... WC.M777orr r0, r0, #0x000d @ .... .... .... 11.1778/* ?? this overwrites the value constructed above? */779mov r0, #0780mcr p15, 0, r0, c1, c0, 0 @ write control reg781782/* ?? invalidate for the second time? */783mcr p15, 0, r0, c7, c0, 0 @ invalidate whole cache v3784mov pc, lr785786#ifdef CONFIG_CPU_DCACHE_WRITETHROUGH787#define CB_BITS 0x08788#else789#define CB_BITS 0x0c790#endif791792__setup_mmu: sub r3, r4, #16384 @ Page directory size793bic r3, r3, #0xff @ Align the pointer794bic r3, r3, #0x3f00795/*796* Initialise the page tables, turning on the cacheable and bufferable797* bits for the RAM area only.798*/799mov r0, r3800mov r9, r0, lsr #18801mov r9, r9, lsl #18 @ start of RAM802add r10, r9, #0x10000000 @ a reasonable RAM size803mov r1, #0x12 @ XN|U + section mapping804orr r1, r1, #3 << 10 @ AP=11805add r2, r3, #163848061: cmp r1, r9 @ if virt > start of RAM807cmphs r10, r1 @ && end of RAM > virt808bic r1, r1, #0x1c @ clear XN|U + C + B809orrlo r1, r1, #0x10 @ Set XN|U for non-RAM810orrhs r1, r1, r6 @ set RAM section settings811str r1, [r0], #4 @ 1:1 mapping812add r1, r1, #1048576813teq r0, r2814bne 1b815/*816* If ever we are running from Flash, then we surely want the cache817* to be enabled also for our execution instance... We map 2MB of it818* so there is no map overlap problem for up to 1 MB compressed kernel.819* If the execution is in RAM then we would only be duplicating the above.820*/821orr r1, r6, #0x04 @ ensure B is set for this822orr r1, r1, #3 << 10823mov r2, pc824mov r2, r2, lsr #20825orr r1, r1, r2, lsl #20826add r0, r3, r2, lsl #2827str r1, [r0], #4828add r1, r1, #1048576829str r1, [r0]830mov pc, lr831ENDPROC(__setup_mmu)832833@ Enable unaligned access on v6, to allow better code generation834@ for the decompressor C code:835__armv6_mmu_cache_on:836mrc p15, 0, r0, c1, c0, 0 @ read SCTLR837bic r0, r0, #2 @ A (no unaligned access fault)838orr r0, r0, #1 << 22 @ U (v6 unaligned access model)839mcr p15, 0, r0, c1, c0, 0 @ write SCTLR840b __armv4_mmu_cache_on841842__arm926ejs_mmu_cache_on:843#ifdef CONFIG_CPU_DCACHE_WRITETHROUGH844mov r0, #4 @ put dcache in WT mode845mcr p15, 7, r0, c15, c0, 0846#endif847848__armv4_mmu_cache_on:849mov r12, lr850#ifdef CONFIG_MMU851mov r6, #CB_BITS | 0x12 @ U852bl __setup_mmu853mov r0, #0854mcr p15, 0, r0, c7, c10, 4 @ drain write buffer855mcr p15, 0, r0, c8, c7, 0 @ flush I,D TLBs856mrc p15, 0, r0, c1, c0, 0 @ read control reg857orr r0, r0, #0x5000 @ I-cache enable, RR cache replacement858orr r0, r0, #0x0030859ARM_BE8( orr r0, r0, #1 << 25 ) @ big-endian page tables860bl __common_mmu_cache_on861mov r0, #0862mcr p15, 0, r0, c8, c7, 0 @ flush I,D TLBs863#endif864mov pc, r12865866__armv7_mmu_cache_on:867enable_cp15_barriers r11868mov r12, lr869#ifdef CONFIG_MMU870mrc p15, 0, r11, c0, c1, 4 @ read ID_MMFR0871tst r11, #0xf @ VMSA872movne r6, #CB_BITS | 0x02 @ !XN873blne __setup_mmu874mov r0, #0875mcr p15, 0, r0, c7, c10, 4 @ drain write buffer876tst r11, #0xf @ VMSA877mcrne p15, 0, r0, c8, c7, 0 @ flush I,D TLBs878#endif879mrc p15, 0, r0, c1, c0, 0 @ read control reg880bic r0, r0, #1 << 28 @ clear SCTLR.TRE881orr r0, r0, #0x5000 @ I-cache enable, RR cache replacement882orr r0, r0, #0x003c @ write buffer883bic r0, r0, #2 @ A (no unaligned access fault)884orr r0, r0, #1 << 22 @ U (v6 unaligned access model)885@ (needed for ARM1176)886#ifdef CONFIG_MMU887ARM_BE8( orr r0, r0, #1 << 25 ) @ big-endian page tables888mrcne p15, 0, r6, c2, c0, 2 @ read ttb control reg889orrne r0, r0, #1 @ MMU enabled890movne r1, #0xfffffffd @ domain 0 = client891bic r6, r6, #1 << 31 @ 32-bit translation system892bic r6, r6, #(7 << 0) | (1 << 4) @ use only ttbr0893mcrne p15, 0, r3, c2, c0, 0 @ load page table pointer894mcrne p15, 0, r1, c3, c0, 0 @ load domain access control895mcrne p15, 0, r6, c2, c0, 2 @ load ttb control896#endif897mcr p15, 0, r0, c7, c5, 4 @ ISB898mcr p15, 0, r0, c1, c0, 0 @ load control register899mrc p15, 0, r0, c1, c0, 0 @ and read it back900mov r0, #0901mcr p15, 0, r0, c7, c5, 4 @ ISB902mov pc, r12903904__fa526_cache_on:905mov r12, lr906mov r6, #CB_BITS | 0x12 @ U907bl __setup_mmu908mov r0, #0909mcr p15, 0, r0, c7, c7, 0 @ Invalidate whole cache910mcr p15, 0, r0, c7, c10, 4 @ drain write buffer911mcr p15, 0, r0, c8, c7, 0 @ flush UTLB912mrc p15, 0, r0, c1, c0, 0 @ read control reg913orr r0, r0, #0x1000 @ I-cache enable914bl __common_mmu_cache_on915mov r0, #0916mcr p15, 0, r0, c8, c7, 0 @ flush UTLB917mov pc, r12918919__common_mmu_cache_on:920#ifndef CONFIG_THUMB2_KERNEL921#ifndef DEBUG922orr r0, r0, #0x000d @ Write buffer, mmu923#endif924mov r1, #-1925mcr p15, 0, r3, c2, c0, 0 @ load page table pointer926mcr p15, 0, r1, c3, c0, 0 @ load domain access control927b 1f928.align 5 @ cache line aligned9291: mcr p15, 0, r0, c1, c0, 0 @ load control register930mrc p15, 0, r0, c1, c0, 0 @ and read it back to931sub pc, lr, r0, lsr #32 @ properly flush pipeline932#endif933934#define PROC_ENTRY_SIZE (4*5)935936/*937* Here follow the relocatable cache support functions for the938* various processors. This is a generic hook for locating an939* entry and jumping to an instruction at the specified offset940* from the start of the block. Please note this is all position941* independent code.942*943* r1 = corrupted944* r2 = corrupted945* r3 = block offset946* r9 = corrupted947* r12 = corrupted948*/949950call_cache_fn: adr r12, proc_types951#ifdef CONFIG_CPU_CP15952mrc p15, 0, r9, c0, c0 @ get processor ID953#elif defined(CONFIG_CPU_V7M)954/*955* On v7-M the processor id is located in the V7M_SCB_CPUID956* register, but as cache handling is IMPLEMENTATION DEFINED on957* v7-M (if existant at all) we just return early here.958* If V7M_SCB_CPUID were used the cpu ID functions (i.e.959* __armv7_mmu_cache_{on,off,flush}) would be selected which960* use cp15 registers that are not implemented on v7-M.961*/962bx lr963#else964ldr r9, =CONFIG_PROCESSOR_ID965#endif9661: ldr r1, [r12, #0] @ get value967ldr r2, [r12, #4] @ get mask968eor r1, r1, r9 @ (real ^ match)969tst r1, r2 @ & mask970ARM( addeq pc, r12, r3 ) @ call cache function971THUMB( addeq r12, r3 )972THUMB( moveq pc, r12 ) @ call cache function973add r12, r12, #PROC_ENTRY_SIZE974b 1b975976/*977* Table for cache operations. This is basically:978* - CPU ID match979* - CPU ID mask980* - 'cache on' method instruction981* - 'cache off' method instruction982* - 'cache flush' method instruction983*984* We match an entry using: ((real_id ^ match) & mask) == 0985*986* Writethrough caches generally only need 'on' and 'off'987* methods. Writeback caches _must_ have the flush method988* defined.989*/990.align 2991.type proc_types,#object992proc_types:993.word 0x41000000 @ old ARM ID994.word 0xff00f000995mov pc, lr996THUMB( nop )997mov pc, lr998THUMB( nop )999mov pc, lr1000THUMB( nop )10011002.word 0x41007000 @ ARM7/7101003.word 0xfff8fe001004mov pc, lr1005THUMB( nop )1006mov pc, lr1007THUMB( nop )1008mov pc, lr1009THUMB( nop )10101011.word 0x41807200 @ ARM720T (writethrough)1012.word 0xffffff001013W(b) __armv4_mmu_cache_on1014W(b) __armv4_mmu_cache_off1015mov pc, lr1016THUMB( nop )10171018.word 0x41007400 @ ARM74x1019.word 0xff00ff001020W(b) __armv3_mpu_cache_on1021W(b) __armv3_mpu_cache_off1022W(b) __armv3_mpu_cache_flush10231024.word 0x41009400 @ ARM94x1025.word 0xff00ff001026W(b) __armv4_mpu_cache_on1027W(b) __armv4_mpu_cache_off1028W(b) __armv4_mpu_cache_flush10291030.word 0x41069260 @ ARM926EJ-S (v5TEJ)1031.word 0xff0ffff01032W(b) __arm926ejs_mmu_cache_on1033W(b) __armv4_mmu_cache_off1034W(b) __armv5tej_mmu_cache_flush10351036.word 0x00007000 @ ARM7 IDs1037.word 0x0000f0001038mov pc, lr1039THUMB( nop )1040mov pc, lr1041THUMB( nop )1042mov pc, lr1043THUMB( nop )10441045@ Everything from here on will be the new ID system.10461047.word 0x4401a100 @ sa110 / sa11001048.word 0xffffffe01049W(b) __armv4_mmu_cache_on1050W(b) __armv4_mmu_cache_off1051W(b) __armv4_mmu_cache_flush10521053.word 0x6901b110 @ sa11101054.word 0xfffffff01055W(b) __armv4_mmu_cache_on1056W(b) __armv4_mmu_cache_off1057W(b) __armv4_mmu_cache_flush10581059.word 0x560569001060.word 0xffffff00 @ PXA9xx1061W(b) __armv4_mmu_cache_on1062W(b) __armv4_mmu_cache_off1063W(b) __armv4_mmu_cache_flush10641065.word 0x56158000 @ PXA1681066.word 0xfffff0001067W(b) __armv4_mmu_cache_on1068W(b) __armv4_mmu_cache_off1069W(b) __armv5tej_mmu_cache_flush10701071.word 0x56050000 @ Feroceon1072.word 0xff0f00001073W(b) __armv4_mmu_cache_on1074W(b) __armv4_mmu_cache_off1075W(b) __armv5tej_mmu_cache_flush10761077#ifdef CONFIG_CPU_FEROCEON_OLD_ID1078/* this conflicts with the standard ARMv5TE entry */1079.long 0x41009260 @ Old Feroceon1080.long 0xff00fff01081b __armv4_mmu_cache_on1082b __armv4_mmu_cache_off1083b __armv5tej_mmu_cache_flush1084#endif10851086.word 0x66015261 @ FA5261087.word 0xff01fff11088W(b) __fa526_cache_on1089W(b) __armv4_mmu_cache_off1090W(b) __fa526_cache_flush10911092@ These match on the architecture ID10931094.word 0x00020000 @ ARMv4T1095.word 0x000f00001096W(b) __armv4_mmu_cache_on1097W(b) __armv4_mmu_cache_off1098W(b) __armv4_mmu_cache_flush10991100.word 0x00050000 @ ARMv5TE1101.word 0x000f00001102W(b) __armv4_mmu_cache_on1103W(b) __armv4_mmu_cache_off1104W(b) __armv4_mmu_cache_flush11051106.word 0x00060000 @ ARMv5TEJ1107.word 0x000f00001108W(b) __armv4_mmu_cache_on1109W(b) __armv4_mmu_cache_off1110W(b) __armv5tej_mmu_cache_flush11111112.word 0x0007b000 @ ARMv61113.word 0x000ff0001114W(b) __armv6_mmu_cache_on1115W(b) __armv4_mmu_cache_off1116W(b) __armv6_mmu_cache_flush11171118.word 0x000f0000 @ new CPU Id1119.word 0x000f00001120W(b) __armv7_mmu_cache_on1121W(b) __armv7_mmu_cache_off1122W(b) __armv7_mmu_cache_flush11231124.word 0 @ unrecognised type1125.word 01126mov pc, lr1127THUMB( nop )1128mov pc, lr1129THUMB( nop )1130mov pc, lr1131THUMB( nop )11321133.size proc_types, . - proc_types11341135/*1136* If you get a "non-constant expression in ".if" statement"1137* error from the assembler on this line, check that you have1138* not accidentally written a "b" instruction where you should1139* have written W(b).1140*/1141.if (. - proc_types) % PROC_ENTRY_SIZE != 01142.error "The size of one or more proc_types entries is wrong."1143.endif11441145/*1146* Turn off the Cache and MMU. ARMv3 does not support1147* reading the control register, but ARMv4 does.1148*1149* On exit,1150* r0, r1, r2, r3, r9, r12 corrupted1151* This routine must preserve:1152* r4, r7, r81153*/1154.align 51155cache_off: mov r3, #12 @ cache_off function1156b call_cache_fn11571158__armv4_mpu_cache_off:1159mrc p15, 0, r0, c1, c01160bic r0, r0, #0x000d1161mcr p15, 0, r0, c1, c0 @ turn MPU and cache off1162mov r0, #01163mcr p15, 0, r0, c7, c10, 4 @ drain write buffer1164mcr p15, 0, r0, c7, c6, 0 @ flush D-Cache1165mcr p15, 0, r0, c7, c5, 0 @ flush I-Cache1166mov pc, lr11671168__armv3_mpu_cache_off:1169mrc p15, 0, r0, c1, c01170bic r0, r0, #0x000d1171mcr p15, 0, r0, c1, c0, 0 @ turn MPU and cache off1172mov r0, #01173mcr p15, 0, r0, c7, c0, 0 @ invalidate whole cache v31174mov pc, lr11751176__armv4_mmu_cache_off:1177#ifdef CONFIG_MMU1178mrc p15, 0, r0, c1, c01179bic r0, r0, #0x000d1180mcr p15, 0, r0, c1, c0 @ turn MMU and cache off1181mov r0, #01182mcr p15, 0, r0, c7, c7 @ invalidate whole cache v41183mcr p15, 0, r0, c8, c7 @ invalidate whole TLB v41184#endif1185mov pc, lr11861187__armv7_mmu_cache_off:1188mrc p15, 0, r0, c1, c01189#ifdef CONFIG_MMU1190bic r0, r0, #0x00051191#else1192bic r0, r0, #0x00041193#endif1194mcr p15, 0, r0, c1, c0 @ turn MMU and cache off1195mov r0, #01196#ifdef CONFIG_MMU1197mcr p15, 0, r0, c8, c7, 0 @ invalidate whole TLB1198#endif1199mcr p15, 0, r0, c7, c5, 6 @ invalidate BTC1200mcr p15, 0, r0, c7, c10, 4 @ DSB1201mcr p15, 0, r0, c7, c5, 4 @ ISB1202mov pc, lr12031204/*1205* Clean and flush the cache to maintain consistency.1206*1207* On entry,1208* r0 = start address1209* r1 = end address (exclusive)1210* On exit,1211* r1, r2, r3, r9, r10, r11, r12 corrupted1212* This routine must preserve:1213* r4, r6, r7, r81214*/1215.align 51216cache_clean_flush:1217mov r3, #161218mov r11, r11219b call_cache_fn12201221__armv4_mpu_cache_flush:1222tst r4, #11223movne pc, lr1224mov r2, #11225mov r3, #01226mcr p15, 0, ip, c7, c6, 0 @ invalidate D cache1227mov r1, #7 << 5 @ 8 segments12281: orr r3, r1, #63 << 26 @ 64 entries12292: mcr p15, 0, r3, c7, c14, 2 @ clean & invalidate D index1230subs r3, r3, #1 << 261231bcs 2b @ entries 63 to 01232subs r1, r1, #1 << 51233bcs 1b @ segments 7 to 012341235teq r2, #01236mcrne p15, 0, ip, c7, c5, 0 @ invalidate I cache1237mcr p15, 0, ip, c7, c10, 4 @ drain WB1238mov pc, lr12391240__fa526_cache_flush:1241tst r4, #11242movne pc, lr1243mov r1, #01244mcr p15, 0, r1, c7, c14, 0 @ clean and invalidate D cache1245mcr p15, 0, r1, c7, c5, 0 @ flush I cache1246mcr p15, 0, r1, c7, c10, 4 @ drain WB1247mov pc, lr12481249__armv6_mmu_cache_flush:1250mov r1, #01251tst r4, #11252mcreq p15, 0, r1, c7, c14, 0 @ clean+invalidate D1253mcr p15, 0, r1, c7, c5, 0 @ invalidate I+BTB1254mcreq p15, 0, r1, c7, c15, 0 @ clean+invalidate unified1255mcr p15, 0, r1, c7, c10, 4 @ drain WB1256mov pc, lr12571258__armv7_mmu_cache_flush:1259enable_cp15_barriers r101260tst r4, #11261bne iflush1262mrc p15, 0, r10, c0, c1, 5 @ read ID_MMFR11263tst r10, #0xf << 16 @ hierarchical cache (ARMv7)1264mov r10, #01265beq hierarchical1266mcr p15, 0, r10, c7, c14, 0 @ clean+invalidate D1267b iflush1268hierarchical:1269dcache_line_size r1, r2 @ r1 := dcache min line size1270sub r2, r1, #1 @ r2 := line size mask1271bic r0, r0, r2 @ round down start to line size1272sub r11, r11, #1 @ end address is exclusive1273bic r11, r11, r2 @ round down end to line size12740: cmp r0, r11 @ finished?1275bgt iflush1276mcr p15, 0, r0, c7, c14, 1 @ Dcache clean/invalidate by VA1277add r0, r0, r11278b 0b1279iflush:1280mcr p15, 0, r10, c7, c10, 4 @ DSB1281mcr p15, 0, r10, c7, c5, 0 @ invalidate I+BTB1282mcr p15, 0, r10, c7, c10, 4 @ DSB1283mcr p15, 0, r10, c7, c5, 4 @ ISB1284mov pc, lr12851286__armv5tej_mmu_cache_flush:1287tst r4, #11288movne pc, lr12891: mrc p15, 0, APSR_nzcv, c7, c14, 3 @ test,clean,invalidate D cache1290bne 1b1291mcr p15, 0, r0, c7, c5, 0 @ flush I cache1292mcr p15, 0, r0, c7, c10, 4 @ drain WB1293mov pc, lr12941295__armv4_mmu_cache_flush:1296tst r4, #11297movne pc, lr1298mov r2, #64*1024 @ default: 32K dcache size (*2)1299mov r11, #32 @ default: 32 byte line size1300mrc p15, 0, r3, c0, c0, 1 @ read cache type1301teq r3, r9 @ cache ID register present?1302beq no_cache_id1303mov r1, r3, lsr #181304and r1, r1, #71305mov r2, #10241306mov r2, r2, lsl r1 @ base dcache size *21307tst r3, #1 << 14 @ test M bit1308addne r2, r2, r2, lsr #1 @ +1/2 size if M == 11309mov r3, r3, lsr #121310and r3, r3, #31311mov r11, #81312mov r11, r11, lsl r3 @ cache line size in bytes1313no_cache_id:1314mov r1, pc1315bic r1, r1, #63 @ align to longest cache line1316add r2, r1, r213171:1318ARM( ldr r3, [r1], r11 ) @ s/w flush D cache1319THUMB( ldr r3, [r1] ) @ s/w flush D cache1320THUMB( add r1, r1, r11 )1321teq r1, r21322bne 1b13231324mcr p15, 0, r1, c7, c5, 0 @ flush I cache1325mcr p15, 0, r1, c7, c6, 0 @ flush D cache1326mcr p15, 0, r1, c7, c10, 4 @ drain WB1327mov pc, lr13281329__armv3_mmu_cache_flush:1330__armv3_mpu_cache_flush:1331tst r4, #11332movne pc, lr1333mov r1, #01334mcr p15, 0, r1, c7, c0, 0 @ invalidate whole cache v31335mov pc, lr13361337/*1338* Various debugging routines for printing hex characters and1339* memory, which again must be relocatable.1340*/1341#ifdef DEBUG1342.align 21343.type phexbuf,#object1344phexbuf: .space 121345.size phexbuf, . - phexbuf13461347@ phex corrupts {r0, r1, r2, r3}1348phex: adr r3, phexbuf1349mov r2, #01350strb r2, [r3, r1]13511: subs r1, r1, #11352movmi r0, r31353bmi puts1354and r2, r0, #151355mov r0, r0, lsr #41356cmp r2, #101357addge r2, r2, #71358add r2, r2, #'0'1359strb r2, [r3, r1]1360b 1b13611362@ puts corrupts {r0, r1, r2, r3}1363puts: loadsp r3, r2, r113641: ldrb r2, [r0], #11365teq r2, #01366moveq pc, lr13672: writeb r2, r3, r11368mov r1, #0x0002000013693: subs r1, r1, #11370bne 3b1371teq r2, #'\n'1372moveq r2, #'\r'1373beq 2b1374teq r0, #01375bne 1b1376mov pc, lr1377@ putc corrupts {r0, r1, r2, r3}1378putc:1379mov r2, r01380loadsp r3, r1, r01381mov r0, #01382b 2b13831384@ memdump corrupts {r0, r1, r2, r3, r10, r11, r12, lr}1385memdump: mov r12, r01386mov r10, lr1387mov r11, #013882: mov r0, r11, lsl #21389add r0, r0, r121390mov r1, #81391bl phex1392mov r0, #':'1393bl putc13941: mov r0, #' '1395bl putc1396ldr r0, [r12, r11, lsl #2]1397mov r1, #81398bl phex1399and r0, r11, #71400teq r0, #31401moveq r0, #' '1402bleq putc1403and r0, r11, #71404add r11, r11, #11405teq r0, #71406bne 1b1407mov r0, #'\n'1408bl putc1409cmp r11, #641410blt 2b1411mov pc, r101412#endif14131414.ltorg14151416#ifdef CONFIG_ARM_VIRT_EXT1417.align 51418__hyp_reentry_vectors:1419W(b) . @ reset1420W(b) . @ undef1421#ifdef CONFIG_EFI_STUB1422W(b) __enter_kernel_from_hyp @ hvc from HYP1423#else1424W(b) . @ svc1425#endif1426W(b) . @ pabort1427W(b) . @ dabort1428W(b) __enter_kernel @ hyp1429W(b) . @ irq1430W(b) . @ fiq1431#endif /* CONFIG_ARM_VIRT_EXT */14321433__enter_kernel:1434mov r0, #0 @ must be 01435mov r1, r7 @ restore architecture number1436mov r2, r8 @ restore atags pointer1437ARM( mov pc, r4 ) @ call kernel1438M_CLASS( add r4, r4, #1 ) @ enter in Thumb mode for M class1439THUMB( bx r4 ) @ entry point is always ARM for A/R classes14401441reloc_code_end:14421443#ifdef CONFIG_EFI_STUB1444__enter_kernel_from_hyp:1445mrc p15, 4, r0, c1, c0, 0 @ read HSCTLR1446bic r0, r0, #0x5 @ disable MMU and caches1447mcr p15, 4, r0, c1, c0, 0 @ write HSCTLR1448isb1449b __enter_kernel14501451ENTRY(efi_enter_kernel)1452mov r4, r0 @ preserve image base1453mov r8, r1 @ preserve DT pointer14541455adr_l r0, call_cache_fn1456adr r1, 0f @ clean the region of code we1457bl cache_clean_flush @ may run with the MMU off14581459#ifdef CONFIG_ARM_VIRT_EXT1460@1461@ The EFI spec does not support booting on ARM in HYP mode,1462@ since it mandates that the MMU and caches are on, with all1463@ 32-bit addressable DRAM mapped 1:1 using short descriptors.1464@1465@ While the EDK2 reference implementation adheres to this,1466@ U-Boot might decide to enter the EFI stub in HYP mode1467@ anyway, with the MMU and caches either on or off.1468@1469mrs r0, cpsr @ get the current mode1470msr spsr_cxsf, r0 @ record boot mode1471and r0, r0, #MODE_MASK @ are we running in HYP mode?1472cmp r0, #HYP_MODE1473bne .Lefi_svc14741475mrc p15, 4, r1, c1, c0, 0 @ read HSCTLR1476tst r1, #0x1 @ MMU enabled at HYP?1477beq 1f14781479@1480@ When running in HYP mode with the caches on, we're better1481@ off just carrying on using the cached 1:1 mapping that the1482@ firmware provided. Set up the HYP vectors so HVC instructions1483@ issued from HYP mode take us to the correct handler code. We1484@ will disable the MMU before jumping to the kernel proper.1485@1486ARM( bic r1, r1, #(1 << 30) ) @ clear HSCTLR.TE1487THUMB( orr r1, r1, #(1 << 30) ) @ set HSCTLR.TE1488mcr p15, 4, r1, c1, c0, 01489adr r0, __hyp_reentry_vectors1490mcr p15, 4, r0, c12, c0, 0 @ set HYP vector base (HVBAR)1491isb1492b .Lefi_hyp14931494@1495@ When running in HYP mode with the caches off, we need to drop1496@ into SVC mode now, and let the decompressor set up its cached1497@ 1:1 mapping as usual.1498@14991: mov r9, r4 @ preserve image base1500bl __hyp_stub_install @ install HYP stub vectors1501safe_svcmode_maskall r1 @ drop to SVC mode1502msr spsr_cxsf, r0 @ record boot mode1503orr r4, r9, #1 @ restore image base and set LSB1504b .Lefi_hyp1505.Lefi_svc:1506#endif1507mrc p15, 0, r0, c1, c0, 0 @ read SCTLR1508tst r0, #0x1 @ MMU enabled?1509orreq r4, r4, #1 @ set LSB if not15101511.Lefi_hyp:1512mov r0, r8 @ DT start1513add r1, r8, r2 @ DT end1514bl cache_clean_flush15151516adr r0, 0f @ switch to our stack1517ldr sp, [r0]1518add sp, sp, r015191520mov r5, #0 @ appended DTB size1521mov r7, #0xFFFFFFFF @ machine ID1522b wont_overwrite1523ENDPROC(efi_enter_kernel)15240: .long .L_user_stack_end - .1525#endif15261527.align1528.section ".stack", "aw", %nobits1529.L_user_stack: .space 40961530.L_user_stack_end:153115321533