android_kernel_samsung_sm8650_ksu/arch/powerpc/kernel/exceptions-64s.S

/* SPDX-License-Identifier: GPL-2.0 */
/*
 * This file contains the 64-bit "server" PowerPC variant
 * of the low level exception handling including exception
 * vectors, exception return, part of the slb and stab
 * handling and other fixed offset specific things.
 *
 * This file is meant to be #included from head_64.S due to
 * position dependent assembly.
 *
 * Most of this originates from head_64.S and thus has the same
 * copyright history.
 *
 */

#include <asm/hw_irq.h>
#include <asm/exception-64s.h>
#include <asm/ptrace.h>
#include <asm/cpuidle.h>
#include <asm/head-64.h>
#include <asm/feature-fixups.h>
#include <asm/kup.h>

/*
 * Following are fixed section helper macros.
 *
 * EXC_REAL_BEGIN/END  - real, unrelocated exception vectors
 * EXC_VIRT_BEGIN/END  - virt (AIL), unrelocated exception vectors
 * TRAMP_REAL_BEGIN    - real, unrelocated helpers (virt may call these)
 * TRAMP_VIRT_BEGIN    - virt, unreloc helpers (in practice, real can use)
 * EXC_COMMON          - After switching to virtual, relocated mode.
 */

#define EXC_REAL_BEGIN(name, start, size)			\
	FIXED_SECTION_ENTRY_BEGIN_LOCATION(real_vectors, exc_real_##start##_##name, start, size)

#define EXC_REAL_END(name, start, size)				\
	FIXED_SECTION_ENTRY_END_LOCATION(real_vectors, exc_real_##start##_##name, start, size)

#define EXC_VIRT_BEGIN(name, start, size)			\
	FIXED_SECTION_ENTRY_BEGIN_LOCATION(virt_vectors, exc_virt_##start##_##name, start, size)

#define EXC_VIRT_END(name, start, size)				\
	FIXED_SECTION_ENTRY_END_LOCATION(virt_vectors, exc_virt_##start##_##name, start, size)

#define EXC_COMMON_BEGIN(name)					\
	USE_TEXT_SECTION();					\
	.balign IFETCH_ALIGN_BYTES;				\
	.global name;						\
	_ASM_NOKPROBE_SYMBOL(name);				\
	DEFINE_FIXED_SYMBOL(name, text);			\
name:

#define TRAMP_REAL_BEGIN(name)					\
	FIXED_SECTION_ENTRY_BEGIN(real_trampolines, name)

#define TRAMP_VIRT_BEGIN(name)					\
	FIXED_SECTION_ENTRY_BEGIN(virt_trampolines, name)

#define EXC_REAL_NONE(start, size)				\
	FIXED_SECTION_ENTRY_BEGIN_LOCATION(real_vectors, exc_real_##start##_##unused, start, size); \
	FIXED_SECTION_ENTRY_END_LOCATION(real_vectors, exc_real_##start##_##unused, start, size)

#define EXC_VIRT_NONE(start, size)				\
	FIXED_SECTION_ENTRY_BEGIN_LOCATION(virt_vectors, exc_virt_##start##_##unused, start, size); \
	FIXED_SECTION_ENTRY_END_LOCATION(virt_vectors, exc_virt_##start##_##unused, start, size)

/*
 * We're short on space and time in the exception prolog, so we can't
 * use the normal LOAD_REG_IMMEDIATE macro to load the address of label.
 * Instead we get the base of the kernel from paca->kernelbase and or in the low
 * part of label. This requires that the label be within 64KB of kernelbase, and
 * that kernelbase be 64K aligned.
 */
#define LOAD_HANDLER(reg, label)					\
	ld	reg,PACAKBASE(r13);	/* get high part of &label */	\
	ori	reg,reg,FIXED_SYMBOL_ABS_ADDR(label)

#define __LOAD_HANDLER(reg, label, section)					\
	ld	reg,PACAKBASE(r13);					\
	ori	reg,reg,(ABS_ADDR(label, section))@l

/*
 * Branches from unrelocated code (e.g., interrupts) to labels outside
 * head-y require >64K offsets.
 */
#define __LOAD_FAR_HANDLER(reg, label, section)					\
	ld	reg,PACAKBASE(r13);					\
	ori	reg,reg,(ABS_ADDR(label, section))@l;				\
	addis	reg,reg,(ABS_ADDR(label, section))@h

/*
 * Interrupt code generation macros
 */
#define IVEC		.L_IVEC_\name\()	/* Interrupt vector address */
#define IHSRR		.L_IHSRR_\name\()	/* Sets SRR or HSRR registers */
#define IHSRR_IF_HVMODE	.L_IHSRR_IF_HVMODE_\name\() /* HSRR if HV else SRR */
#define IAREA		.L_IAREA_\name\()	/* PACA save area */
#define IVIRT		.L_IVIRT_\name\()	/* Has virt mode entry point */
#define IISIDE		.L_IISIDE_\name\()	/* Uses SRR0/1 not DAR/DSISR */
#define ICFAR		.L_ICFAR_\name\()	/* Uses CFAR */
#define ICFAR_IF_HVMODE	.L_ICFAR_IF_HVMODE_\name\() /* Uses CFAR if HV */
#define IDAR		.L_IDAR_\name\()	/* Uses DAR (or SRR0) */
#define IDSISR		.L_IDSISR_\name\()	/* Uses DSISR (or SRR1) */
#define IBRANCH_TO_COMMON	.L_IBRANCH_TO_COMMON_\name\() /* ENTRY branch to common */
#define IREALMODE_COMMON	.L_IREALMODE_COMMON_\name\() /* Common runs in realmode */
#define IMASK		.L_IMASK_\name\()	/* IRQ soft-mask bit */
#define IKVM_REAL	.L_IKVM_REAL_\name\()	/* Real entry tests KVM */
#define __IKVM_REAL(name)	.L_IKVM_REAL_ ## name
#define IKVM_VIRT	.L_IKVM_VIRT_\name\()	/* Virt entry tests KVM */
#define ISTACK		.L_ISTACK_\name\()	/* Set regular kernel stack */
#define __ISTACK(name)	.L_ISTACK_ ## name
#define IKUAP		.L_IKUAP_\name\()	/* Do KUAP lock */

#define INT_DEFINE_BEGIN(n)						\
.macro int_define_ ## n name

#define INT_DEFINE_END(n)						\
.endm ;									\
int_define_ ## n n ;							\
do_define_int n

.macro do_define_int name
	.ifndef IVEC
		.error "IVEC not defined"
	.endif
	.ifndef IHSRR
		IHSRR=0
	.endif
	.ifndef IHSRR_IF_HVMODE
		IHSRR_IF_HVMODE=0
	.endif
	.ifndef IAREA
		IAREA=PACA_EXGEN
	.endif
	.ifndef IVIRT
		IVIRT=1
	.endif
	.ifndef IISIDE
		IISIDE=0
	.endif
	.ifndef ICFAR
		ICFAR=1
	.endif
	.ifndef ICFAR_IF_HVMODE
		ICFAR_IF_HVMODE=0
	.endif
	.ifndef IDAR
		IDAR=0
	.endif
	.ifndef IDSISR
		IDSISR=0
	.endif
	.ifndef IBRANCH_TO_COMMON
		IBRANCH_TO_COMMON=1
	.endif
	.ifndef IREALMODE_COMMON
		IREALMODE_COMMON=0
	.else
		.if ! IBRANCH_TO_COMMON
			.error "IREALMODE_COMMON=1 but IBRANCH_TO_COMMON=0"
		.endif
	.endif
	.ifndef IMASK
		IMASK=0
	.endif
	.ifndef IKVM_REAL
		IKVM_REAL=0
	.endif
	.ifndef IKVM_VIRT
		IKVM_VIRT=0
	.endif
	.ifndef ISTACK
		ISTACK=1
	.endif
	.ifndef IKUAP
		IKUAP=1
	.endif
.endm

/*
 * All interrupts which set HSRR registers, as well as SRESET and MCE and
 * syscall when invoked with "sc 1" switch to MSR[HV]=1 (HVMODE) to be taken,
 * so they all generally need to test whether they were taken in guest context.
 *
 * Note: SRESET and MCE may also be sent to the guest by the hypervisor, and be
 * taken with MSR[HV]=0.
 *
 * Interrupts which set SRR registers (with the above exceptions) do not
 * elevate to MSR[HV]=1 mode, though most can be taken when running with
 * MSR[HV]=1  (e.g., bare metal kernel and userspace). So these interrupts do
 * not need to test whether a guest is running because they get delivered to
 * the guest directly, including nested HV KVM guests.
 *
 * The exception is PR KVM, where the guest runs with MSR[PR]=1 and the host
 * runs with MSR[HV]=0, so the host takes all interrupts on behalf of the
 * guest. PR KVM runs with LPCR[AIL]=0 which causes interrupts to always be
 * delivered to the real-mode entry point, therefore such interrupts only test
 * KVM in their real mode handlers, and only when PR KVM is possible.
 *
 * Interrupts that are taken in MSR[HV]=0 and escalate to MSR[HV]=1 are always
 * delivered in real-mode when the MMU is in hash mode because the MMU
 * registers are not set appropriately to translate host addresses. In nested
 * radix mode these can be delivered in virt-mode as the host translations are
 * used implicitly (see: effective LPID, effective PID).
 */

/*
 * If an interrupt is taken while a guest is running, it is immediately routed
 * to KVM to handle.
 */

.macro KVMTEST name handler
#ifdef CONFIG_KVM_BOOK3S_64_HANDLER
	lbz	r10,HSTATE_IN_GUEST(r13)
	cmpwi	r10,0
	/* HSRR variants have the 0x2 bit added to their trap number */
	.if IHSRR_IF_HVMODE
	BEGIN_FTR_SECTION
	li	r10,(IVEC + 0x2)
	FTR_SECTION_ELSE
	li	r10,(IVEC)
	ALT_FTR_SECTION_END_IFSET(CPU_FTR_HVMODE | CPU_FTR_ARCH_206)
	.elseif IHSRR
	li	r10,(IVEC + 0x2)
	.else
	li	r10,(IVEC)
	.endif
	bne	\handler
#endif
.endm

/*
 * This is the BOOK3S interrupt entry code macro.
 *
 * This can result in one of several things happening:
 * - Branch to the _common handler, relocated, in virtual mode.
 *   These are normal interrupts (synchronous and asynchronous) handled by
 *   the kernel.
 * - Branch to KVM, relocated but real mode interrupts remain in real mode.
 *   These occur when HSTATE_IN_GUEST is set. The interrupt may be caused by
 *   / intended for host or guest kernel, but KVM must always be involved
 *   because the machine state is set for guest execution.
 * - Branch to the masked handler, unrelocated.
 *   These occur when maskable asynchronous interrupts are taken with the
 *   irq_soft_mask set.
 * - Branch to an "early" handler in real mode but relocated.
 *   This is done if early=1. MCE and HMI use these to handle errors in real
 *   mode.
 * - Fall through and continue executing in real, unrelocated mode.
 *   This is done if early=2.
 */

.macro GEN_BRANCH_TO_COMMON name, virt
	.if IREALMODE_COMMON
	LOAD_HANDLER(r10, \name\()_common)
	mtctr	r10
	bctr
	.else
	.if \virt
#ifndef CONFIG_RELOCATABLE
	b	\name\()_common_virt
#else
	LOAD_HANDLER(r10, \name\()_common_virt)
	mtctr	r10
	bctr
#endif
	.else
	LOAD_HANDLER(r10, \name\()_common_real)
	mtctr	r10
	bctr
	.endif
	.endif
.endm

.macro GEN_INT_ENTRY name, virt, ool=0
	SET_SCRATCH0(r13)			/* save r13 */
	GET_PACA(r13)
	std	r9,IAREA+EX_R9(r13)		/* save r9 */
BEGIN_FTR_SECTION
	mfspr	r9,SPRN_PPR
END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
	HMT_MEDIUM
	std	r10,IAREA+EX_R10(r13)		/* save r10 */
	.if ICFAR
BEGIN_FTR_SECTION
	mfspr	r10,SPRN_CFAR
END_FTR_SECTION_IFSET(CPU_FTR_CFAR)
	.elseif ICFAR_IF_HVMODE
BEGIN_FTR_SECTION
  BEGIN_FTR_SECTION_NESTED(69)
	mfspr	r10,SPRN_CFAR
  END_FTR_SECTION_NESTED(CPU_FTR_CFAR, CPU_FTR_CFAR, 69)
FTR_SECTION_ELSE
  BEGIN_FTR_SECTION_NESTED(69)
	li	r10,0
  END_FTR_SECTION_NESTED(CPU_FTR_CFAR, CPU_FTR_CFAR, 69)
ALT_FTR_SECTION_END_IFSET(CPU_FTR_HVMODE | CPU_FTR_ARCH_206)
	.endif
	.if \ool
	.if !\virt
	b	tramp_real_\name
	.pushsection .text
	TRAMP_REAL_BEGIN(tramp_real_\name)
	.else
	b	tramp_virt_\name
	.pushsection .text
	TRAMP_VIRT_BEGIN(tramp_virt_\name)
	.endif
	.endif

BEGIN_FTR_SECTION
	std	r9,IAREA+EX_PPR(r13)
END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
	.if ICFAR || ICFAR_IF_HVMODE
BEGIN_FTR_SECTION
	std	r10,IAREA+EX_CFAR(r13)
END_FTR_SECTION_IFSET(CPU_FTR_CFAR)
	.endif
	INTERRUPT_TO_KERNEL
	mfctr	r10
	std	r10,IAREA+EX_CTR(r13)
	mfcr	r9
	std	r11,IAREA+EX_R11(r13)		/* save r11 - r12 */
	std	r12,IAREA+EX_R12(r13)

	/*
	 * DAR/DSISR, SCRATCH0 must be read before setting MSR[RI],
	 * because a d-side MCE will clobber those registers so is
	 * not recoverable if they are live.
	 */
	GET_SCRATCH0(r10)
	std	r10,IAREA+EX_R13(r13)
	.if IDAR && !IISIDE
	.if IHSRR
	mfspr	r10,SPRN_HDAR
	.else
	mfspr	r10,SPRN_DAR
	.endif
	std	r10,IAREA+EX_DAR(r13)
	.endif
	.if IDSISR && !IISIDE
	.if IHSRR
	mfspr	r10,SPRN_HDSISR
	.else
	mfspr	r10,SPRN_DSISR
	.endif
	stw	r10,IAREA+EX_DSISR(r13)
	.endif

	.if IHSRR_IF_HVMODE
	BEGIN_FTR_SECTION
	mfspr	r11,SPRN_HSRR0		/* save HSRR0 */
	mfspr	r12,SPRN_HSRR1		/* and HSRR1 */
	FTR_SECTION_ELSE
	mfspr	r11,SPRN_SRR0		/* save SRR0 */
	mfspr	r12,SPRN_SRR1		/* and SRR1 */
	ALT_FTR_SECTION_END_IFSET(CPU_FTR_HVMODE | CPU_FTR_ARCH_206)
	.elseif IHSRR
	mfspr	r11,SPRN_HSRR0		/* save HSRR0 */
	mfspr	r12,SPRN_HSRR1		/* and HSRR1 */
	.else
	mfspr	r11,SPRN_SRR0		/* save SRR0 */
	mfspr	r12,SPRN_SRR1		/* and SRR1 */
	.endif

	.if IBRANCH_TO_COMMON
	GEN_BRANCH_TO_COMMON \name \virt
	.endif

	.if \ool
	.popsection
	.endif
.endm

/*
 * __GEN_COMMON_ENTRY is required to receive the branch from interrupt
 * entry, except in the case of the real-mode handlers which require
 * __GEN_REALMODE_COMMON_ENTRY.
 *
 * This switches to virtual mode and sets MSR[RI].
 */
.macro __GEN_COMMON_ENTRY name
DEFINE_FIXED_SYMBOL(\name\()_common_real, text)
\name\()_common_real:
	.if IKVM_REAL
		KVMTEST \name kvm_interrupt
	.endif

	ld	r10,PACAKMSR(r13)	/* get MSR value for kernel */
	/* MSR[RI] is clear iff using SRR regs */
	.if IHSRR_IF_HVMODE
	BEGIN_FTR_SECTION
	xori	r10,r10,MSR_RI
	END_FTR_SECTION_IFCLR(CPU_FTR_HVMODE)
	.elseif ! IHSRR
	xori	r10,r10,MSR_RI
	.endif
	mtmsrd	r10

	.if IVIRT
	.if IKVM_VIRT
	b	1f /* skip the virt test coming from real */
	.endif

	.balign IFETCH_ALIGN_BYTES
DEFINE_FIXED_SYMBOL(\name\()_common_virt, text)
\name\()_common_virt:
	.if IKVM_VIRT
		KVMTEST \name kvm_interrupt
1:
	.endif
	.endif /* IVIRT */
.endm

/*
 * Don't switch to virt mode. Used for early MCE and HMI handlers that
 * want to run in real mode.
 */
.macro __GEN_REALMODE_COMMON_ENTRY name
DEFINE_FIXED_SYMBOL(\name\()_common_real, text)
\name\()_common_real:
	.if IKVM_REAL
		KVMTEST \name kvm_interrupt
	.endif
.endm

.macro __GEN_COMMON_BODY name
	.if IMASK
		.if ! ISTACK
		.error "No support for masked interrupt to use custom stack"
		.endif

		/* If coming from user, skip soft-mask tests. */
		andi.	r10,r12,MSR_PR
		bne	3f

		/*
		 * Kernel code running below __end_soft_masked may be
		 * implicitly soft-masked if it is within the regions
		 * in the soft mask table.
		 */
		LOAD_HANDLER(r10, __end_soft_masked)
		cmpld	r11,r10
		bge+	1f

		/* SEARCH_SOFT_MASK_TABLE clobbers r9,r10,r12 */
		mtctr	r12
		stw	r9,PACA_EXGEN+EX_CCR(r13)
		SEARCH_SOFT_MASK_TABLE
		cmpdi	r12,0
		mfctr	r12		/* Restore r12 to SRR1 */
		lwz	r9,PACA_EXGEN+EX_CCR(r13)
		beq	1f		/* Not in soft-mask table */
		li	r10,IMASK
		b	2f		/* In soft-mask table, always mask */

		/* Test the soft mask state against our interrupt's bit */
1:		lbz	r10,PACAIRQSOFTMASK(r13)
2:		andi.	r10,r10,IMASK
		/* Associate vector numbers with bits in paca->irq_happened */
		.if IVEC == 0x500 || IVEC == 0xea0
		li	r10,PACA_IRQ_EE
		.elseif IVEC == 0x900
		li	r10,PACA_IRQ_DEC
		.elseif IVEC == 0xa00 || IVEC == 0xe80
		li	r10,PACA_IRQ_DBELL
		.elseif IVEC == 0xe60
		li	r10,PACA_IRQ_HMI
		.elseif IVEC == 0xf00
		li	r10,PACA_IRQ_PMI
		.else
		.abort "Bad maskable vector"
		.endif

		.if IHSRR_IF_HVMODE
		BEGIN_FTR_SECTION
		bne	masked_Hinterrupt
		FTR_SECTION_ELSE
		bne	masked_interrupt
		ALT_FTR_SECTION_END_IFSET(CPU_FTR_HVMODE | CPU_FTR_ARCH_206)
		.elseif IHSRR
		bne	masked_Hinterrupt
		.else
		bne	masked_interrupt
		.endif
	.endif

	.if ISTACK
	andi.	r10,r12,MSR_PR		/* See if coming from user	*/
3:	mr	r10,r1			/* Save r1			*/
	subi	r1,r1,INT_FRAME_SIZE	/* alloc frame on kernel stack	*/
	beq-	100f
	ld	r1,PACAKSAVE(r13)	/* kernel stack to use		*/
100:	tdgei	r1,-INT_FRAME_SIZE	/* trap if r1 is in userspace	*/
	EMIT_BUG_ENTRY 100b,__FILE__,__LINE__,0
	.endif

	std	r9,_CCR(r1)		/* save CR in stackframe	*/
	std	r11,_NIP(r1)		/* save SRR0 in stackframe	*/
	std	r12,_MSR(r1)		/* save SRR1 in stackframe	*/
	std	r10,0(r1)		/* make stack chain pointer	*/
	std	r0,GPR0(r1)		/* save r0 in stackframe	*/
	std	r10,GPR1(r1)		/* save r1 in stackframe	*/

	/* Mark our [H]SRRs valid for return */
	li	r10,1
	.if IHSRR_IF_HVMODE
	BEGIN_FTR_SECTION
	stb	r10,PACAHSRR_VALID(r13)
	FTR_SECTION_ELSE
	stb	r10,PACASRR_VALID(r13)
	ALT_FTR_SECTION_END_IFSET(CPU_FTR_HVMODE | CPU_FTR_ARCH_206)
	.elseif IHSRR
	stb	r10,PACAHSRR_VALID(r13)
	.else
	stb	r10,PACASRR_VALID(r13)
	.endif

	.if ISTACK
	.if IKUAP
	kuap_save_amr_and_lock r9, r10, cr1, cr0
	.endif
	beq	101f			/* if from kernel mode		*/
BEGIN_FTR_SECTION
	ld	r9,IAREA+EX_PPR(r13)	/* Read PPR from paca		*/
	std	r9,_PPR(r1)
END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
101:
	.else
	.if IKUAP
	kuap_save_amr_and_lock r9, r10, cr1
	.endif
	.endif

	/* Save original regs values from save area to stack frame. */
	ld	r9,IAREA+EX_R9(r13)	/* move r9, r10 to stackframe	*/
	ld	r10,IAREA+EX_R10(r13)
	std	r9,GPR9(r1)
	std	r10,GPR10(r1)
	ld	r9,IAREA+EX_R11(r13)	/* move r11 - r13 to stackframe	*/
	ld	r10,IAREA+EX_R12(r13)
	ld	r11,IAREA+EX_R13(r13)
	std	r9,GPR11(r1)
	std	r10,GPR12(r1)
	std	r11,GPR13(r1)

	SAVE_NVGPRS(r1)

	.if IDAR
	.if IISIDE
	ld	r10,_NIP(r1)
	.else
	ld	r10,IAREA+EX_DAR(r13)
	.endif
	std	r10,_DAR(r1)
	.endif

	.if IDSISR
	.if IISIDE
	ld	r10,_MSR(r1)
	lis	r11,DSISR_SRR1_MATCH_64S@h
	and	r10,r10,r11
	.else
	lwz	r10,IAREA+EX_DSISR(r13)
	.endif
	std	r10,_DSISR(r1)
	.endif

BEGIN_FTR_SECTION
	.if ICFAR || ICFAR_IF_HVMODE
	ld	r10,IAREA+EX_CFAR(r13)
	.else
	li	r10,0
	.endif
	std	r10,ORIG_GPR3(r1)
END_FTR_SECTION_IFSET(CPU_FTR_CFAR)
	ld	r10,IAREA+EX_CTR(r13)
	std	r10,_CTR(r1)
	std	r2,GPR2(r1)		/* save r2 in stackframe	*/
	SAVE_GPRS(3, 8, r1)		/* save r3 - r8 in stackframe   */
	mflr	r9			/* Get LR, later save to stack	*/
	LOAD_PACA_TOC()			/* get kernel TOC into r2	*/
	std	r9,_LINK(r1)
	lbz	r10,PACAIRQSOFTMASK(r13)
	mfspr	r11,SPRN_XER		/* save XER in stackframe	*/
	std	r10,SOFTE(r1)
	std	r11,_XER(r1)
	li	r9,IVEC
	std	r9,_TRAP(r1)		/* set trap number		*/
	li	r10,0
	LOAD_REG_IMMEDIATE(r11, STACK_FRAME_REGS_MARKER)
	std	r10,RESULT(r1)		/* clear regs->result		*/
	std	r11,STACK_FRAME_OVERHEAD-16(r1) /* mark the frame	*/
.endm

/*
 * On entry r13 points to the paca, r9-r13 are saved in the paca,
 * r9 contains the saved CR, r11 and r12 contain the saved SRR0 and
 * SRR1, and relocation is on.
 *
 * If stack=0, then the stack is already set in r1, and r1 is saved in r10.
 * PPR save and CPU accounting is not done for the !stack case (XXX why not?)
 */
.macro GEN_COMMON name
	__GEN_COMMON_ENTRY \name
	__GEN_COMMON_BODY \name
.endm

.macro SEARCH_RESTART_TABLE
#ifdef CONFIG_RELOCATABLE
	mr	r12,r2
	LOAD_PACA_TOC()
	LOAD_REG_ADDR(r9, __start___restart_table)
	LOAD_REG_ADDR(r10, __stop___restart_table)
	mr	r2,r12
#else
	LOAD_REG_IMMEDIATE_SYM(r9, r12, __start___restart_table)
	LOAD_REG_IMMEDIATE_SYM(r10, r12, __stop___restart_table)
#endif
300:
	cmpd	r9,r10
	beq	302f
	ld	r12,0(r9)
	cmpld	r11,r12
	blt	301f
	ld	r12,8(r9)
	cmpld	r11,r12
	bge	301f
	ld	r12,16(r9)
	b	303f
301:
	addi	r9,r9,24
	b	300b
302:
	li	r12,0
303:
.endm

.macro SEARCH_SOFT_MASK_TABLE
#ifdef CONFIG_RELOCATABLE
	mr	r12,r2
	LOAD_PACA_TOC()
	LOAD_REG_ADDR(r9, __start___soft_mask_table)
	LOAD_REG_ADDR(r10, __stop___soft_mask_table)
	mr	r2,r12
#else
	LOAD_REG_IMMEDIATE_SYM(r9, r12, __start___soft_mask_table)
	LOAD_REG_IMMEDIATE_SYM(r10, r12, __stop___soft_mask_table)
#endif
300:
	cmpd	r9,r10
	beq	302f
	ld	r12,0(r9)
	cmpld	r11,r12
	blt	301f
	ld	r12,8(r9)
	cmpld	r11,r12
	bge	301f
	li	r12,1
	b	303f
301:
	addi	r9,r9,16
	b	300b
302:
	li	r12,0
303:
.endm

/*
 * Restore all registers including H/SRR0/1 saved in a stack frame of a
 * standard exception.
 */
.macro EXCEPTION_RESTORE_REGS hsrr=0
	/* Move original SRR0 and SRR1 into the respective regs */
	ld	r9,_MSR(r1)
	li	r10,0
	.if \hsrr
	mtspr	SPRN_HSRR1,r9
	stb	r10,PACAHSRR_VALID(r13)
	.else
	mtspr	SPRN_SRR1,r9
	stb	r10,PACASRR_VALID(r13)
	.endif
	ld	r9,_NIP(r1)
	.if \hsrr
	mtspr	SPRN_HSRR0,r9
	.else
	mtspr	SPRN_SRR0,r9
	.endif
	ld	r9,_CTR(r1)
	mtctr	r9
	ld	r9,_XER(r1)
	mtxer	r9
	ld	r9,_LINK(r1)
	mtlr	r9
	ld	r9,_CCR(r1)
	mtcr	r9
	REST_GPRS(2, 13, r1)
	REST_GPR(0, r1)
	/* restore original r1. */
	ld	r1,GPR1(r1)
.endm

/*
 * EARLY_BOOT_FIXUP - Fix real-mode interrupt with wrong endian in early boot.
 *
 * There's a short window during boot where although the kernel is running
 * little endian, any exceptions will cause the CPU to switch back to big
 * endian. For example a WARN() boils down to a trap instruction, which will
 * cause a program check, and we end up here but with the CPU in big endian
 * mode. The first instruction of the program check handler (in GEN_INT_ENTRY
 * below) is an mtsprg, which when executed in the wrong endian is an lhzu with
 * a ~3GB displacement from r3. The content of r3 is random, so that is a load
 * from some random location, and depending on the system can easily lead to a
 * checkstop, or an infinitely recursive page fault.
 *
 * So to handle that case we have a trampoline here that can detect we are in
 * the wrong endian and flip us back to the correct endian. We can't flip
 * MSR[LE] using mtmsr, so we have to use rfid. That requires backing up SRR0/1
 * as well as a GPR. To do that we use SPRG0/2/3, as SPRG1 is already used for
 * the paca. SPRG3 is user readable, but this trampoline is only active very
 * early in boot, and SPRG3 will be reinitialised in vdso_getcpu_init() before
 * userspace starts.
 */
.macro EARLY_BOOT_FIXUP
BEGIN_FTR_SECTION
#ifdef CONFIG_CPU_LITTLE_ENDIAN
	tdi   0,0,0x48    // Trap never, or in reverse endian: b . + 8
	b     2f          // Skip trampoline if endian is correct
	.long 0xa643707d  // mtsprg  0, r11      Backup r11
	.long 0xa6027a7d  // mfsrr0  r11
	.long 0xa643727d  // mtsprg  2, r11      Backup SRR0 in SPRG2
	.long 0xa6027b7d  // mfsrr1  r11
	.long 0xa643737d  // mtsprg  3, r11      Backup SRR1 in SPRG3
	.long 0xa600607d  // mfmsr   r11
	.long 0x01006b69  // xori    r11, r11, 1 Invert MSR[LE]
	.long 0xa6037b7d  // mtsrr1  r11
	/*
	 * This is 'li  r11,1f' where 1f is the absolute address of that
	 * label, byteswapped into the SI field of the instruction.
	 */
	.long 0x00006039 | \
		((ABS_ADDR(1f, real_vectors) & 0x00ff) << 24) | \
		((ABS_ADDR(1f, real_vectors) & 0xff00) << 8)
	.long 0xa6037a7d  // mtsrr0  r11
	.long 0x2400004c  // rfid
1:
	mfsprg r11, 3
	mtsrr1 r11        // Restore SRR1
	mfsprg r11, 2
	mtsrr0 r11        // Restore SRR0
	mfsprg r11, 0     // Restore r11
2:
#endif
	/*
	 * program check could hit at any time, and pseries can not block
	 * MSR[ME] in early boot. So check if there is anything useful in r13
	 * yet, and spin forever if not.
	 */
	mtsprg	0, r11
	mfcr	r11
	cmpdi	r13, 0
	beq	.
	mtcr	r11
	mfsprg	r11, 0
END_FTR_SECTION(0, 1)     // nop out after boot
.endm

/*
 * There are a few constraints to be concerned with.
 * - Real mode exceptions code/data must be located at their physical location.
 * - Virtual mode exceptions must be mapped at their 0xc000... location.
 * - Fixed location code must not call directly beyond the __end_interrupts
 *   area when built with CONFIG_RELOCATABLE. LOAD_HANDLER / bctr sequence
 *   must be used.
 * - LOAD_HANDLER targets must be within first 64K of physical 0 /
 *   virtual 0xc00...
 * - Conditional branch targets must be within +/-32K of caller.
 *
 * "Virtual exceptions" run with relocation on (MSR_IR=1, MSR_DR=1), and
 * therefore don't have to run in physically located code or rfid to
 * virtual mode kernel code. However on relocatable kernels they do have
 * to branch to KERNELBASE offset because the rest of the kernel (outside
 * the exception vectors) may be located elsewhere.
 *
 * Virtual exceptions correspond with physical, except their entry points
 * are offset by 0xc000000000000000 and also tend to get an added 0x4000
 * offset applied. Virtual exceptions are enabled with the Alternate
 * Interrupt Location (AIL) bit set in the LPCR. However this does not
 * guarantee they will be delivered virtually. Some conditions (see the ISA)
 * cause exceptions to be delivered in real mode.
 *
 * The scv instructions are a special case. They get a 0x3000 offset applied.
 * scv exceptions have unique reentrancy properties, see below.
 *
 * It's impossible to receive interrupts below 0x300 via AIL.
 *
 * KVM: None of the virtual exceptions are from the guest. Anything that
 * escalated to HV=1 from HV=0 is delivered via real mode handlers.
 *
 *
 * We layout physical memory as follows:
 * 0x0000 - 0x00ff : Secondary processor spin code
 * 0x0100 - 0x18ff : Real mode pSeries interrupt vectors
 * 0x1900 - 0x2fff : Real mode trampolines
 * 0x3000 - 0x58ff : Relon (IR=1,DR=1) mode pSeries interrupt vectors
 * 0x5900 - 0x6fff : Relon mode trampolines
 * 0x7000 - 0x7fff : FWNMI data area
 * 0x8000 -   .... : Common interrupt handlers, remaining early
 *                   setup code, rest of kernel.
 *
 * We could reclaim 0x4000-0x42ff for real mode trampolines if the space
 * is necessary. Until then it's more consistent to explicitly put VIRT_NONE
 * vectors there.
 */
OPEN_FIXED_SECTION(real_vectors,        0x0100, 0x1900)
OPEN_FIXED_SECTION(real_trampolines,    0x1900, 0x3000)
OPEN_FIXED_SECTION(virt_vectors,        0x3000, 0x5900)
OPEN_FIXED_SECTION(virt_trampolines,    0x5900, 0x7000)

#ifdef CONFIG_PPC_POWERNV
	.globl start_real_trampolines
	.globl end_real_trampolines
	.globl start_virt_trampolines
	.globl end_virt_trampolines
#endif

#if defined(CONFIG_PPC_PSERIES) || defined(CONFIG_PPC_POWERNV)
/*
 * Data area reserved for FWNMI option.
 * This address (0x7000) is fixed by the RPA.
 * pseries and powernv need to keep the whole page from
 * 0x7000 to 0x8000 free for use by the firmware
 */
ZERO_FIXED_SECTION(fwnmi_page,          0x7000, 0x8000)
OPEN_TEXT_SECTION(0x8000)
#else
OPEN_TEXT_SECTION(0x7000)
#endif

USE_FIXED_SECTION(real_vectors)

/*
 * This is the start of the interrupt handlers for pSeries
 * This code runs with relocation off.
 * Code from here to __end_interrupts gets copied down to real
 * address 0x100 when we are running a relocatable kernel.
 * Therefore any relative branches in this section must only
 * branch to labels in this section.
 */
	.globl __start_interrupts
__start_interrupts:

/**
 * Interrupt 0x3000 - System Call Vectored Interrupt (syscall).
 * This is a synchronous interrupt invoked with the "scv" instruction. The
 * system call does not alter the HV bit, so it is directed to the OS.
 *
 * Handling:
 * scv instructions enter the kernel without changing EE, RI, ME, or HV.
 * In particular, this means we can take a maskable interrupt at any point
 * in the scv handler, which is unlike any other interrupt. This is solved
 * by treating the instruction addresses in the handler as being soft-masked,
 * by adding a SOFT_MASK_TABLE entry for them.
 *
 * AIL-0 mode scv exceptions go to 0x17000-0x17fff, but we set AIL-3 and
 * ensure scv is never executed with relocation off, which means AIL-0
 * should never happen.
 *
 * Before leaving the following inside-__end_soft_masked text, at least of the
 * following must be true:
 * - MSR[PR]=1 (i.e., return to userspace)
 * - MSR_EE|MSR_RI is clear (no reentrant exceptions)
 * - Standard kernel environment is set up (stack, paca, etc)
 *
 * KVM:
 * These interrupts do not elevate HV 0->1, so HV is not involved. PR KVM
 * ensures that FSCR[SCV] is disabled whenever it has to force AIL off.
 *
 * Call convention:
 *
 * syscall register convention is in Documentation/powerpc/syscall64-abi.rst
 */
EXC_VIRT_BEGIN(system_call_vectored, 0x3000, 0x1000)
	/* SCV 0 */
	mr	r9,r13
	GET_PACA(r13)
	mflr	r11
	mfctr	r12
	li	r10,IRQS_ALL_DISABLED
	stb	r10,PACAIRQSOFTMASK(r13)
#ifdef CONFIG_RELOCATABLE
	b	system_call_vectored_tramp
#else
	b	system_call_vectored_common
#endif
	nop

	/* SCV 1 - 127 */
	.rept	127
	mr	r9,r13
	GET_PACA(r13)
	mflr	r11
	mfctr	r12
	li	r10,IRQS_ALL_DISABLED
	stb	r10,PACAIRQSOFTMASK(r13)
	li	r0,-1 /* cause failure */
#ifdef CONFIG_RELOCATABLE
	b	system_call_vectored_sigill_tramp
#else
	b	system_call_vectored_sigill
#endif
	.endr
EXC_VIRT_END(system_call_vectored, 0x3000, 0x1000)

// Treat scv vectors as soft-masked, see comment above.
// Use absolute values rather than labels here, so they don't get relocated,
// because this code runs unrelocated.
SOFT_MASK_TABLE(0xc000000000003000, 0xc000000000004000)

#ifdef CONFIG_RELOCATABLE
TRAMP_VIRT_BEGIN(system_call_vectored_tramp)
	__LOAD_HANDLER(r10, system_call_vectored_common, virt_trampolines)
	mtctr	r10
	bctr

TRAMP_VIRT_BEGIN(system_call_vectored_sigill_tramp)
	__LOAD_HANDLER(r10, system_call_vectored_sigill, virt_trampolines)
	mtctr	r10
	bctr
#endif


/* No virt vectors corresponding with 0x0..0x100 */
EXC_VIRT_NONE(0x4000, 0x100)


/**
 * Interrupt 0x100 - System Reset Interrupt (SRESET aka NMI).
 * This is a non-maskable, asynchronous interrupt always taken in real-mode.
 * It is caused by:
 * - Wake from power-saving state, on powernv.
 * - An NMI from another CPU, triggered by firmware or hypercall.
 * - As crash/debug signal injected from BMC, firmware or hypervisor.
 *
 * Handling:
 * Power-save wakeup is the only performance critical path, so this is
 * determined quickly as possible first. In this case volatile registers
 * can be discarded and SPRs like CFAR don't need to be read.
 *
 * If not a powersave wakeup, then it's run as a regular interrupt, however
 * it uses its own stack and PACA save area to preserve the regular kernel
 * environment for debugging.
 *
 * This interrupt is not maskable, so triggering it when MSR[RI] is clear,
 * or SCRATCH0 is in use, etc. may cause a crash. It's also not entirely
 * correct to switch to virtual mode to run the regular interrupt handler
 * because it might be interrupted when the MMU is in a bad state (e.g., SLB
 * is clear).
 *
 * FWNMI:
 * PAPR specifies a "fwnmi" facility which sends the sreset to a different
 * entry point with a different register set up. Some hypervisors will
 * send the sreset to 0x100 in the guest if it is not fwnmi capable.
 *
 * KVM:
 * Unlike most SRR interrupts, this may be taken by the host while executing
 * in a guest, so a KVM test is required. KVM will pull the CPU out of guest
 * mode and then raise the sreset.
 */
INT_DEFINE_BEGIN(system_reset)
	IVEC=0x100
	IAREA=PACA_EXNMI
	IVIRT=0 /* no virt entry point */
	ISTACK=0
	IKVM_REAL=1
INT_DEFINE_END(system_reset)

EXC_REAL_BEGIN(system_reset, 0x100, 0x100)
#ifdef CONFIG_PPC_P7_NAP
	/*
	 * If running native on arch 2.06 or later, check if we are waking up
	 * from nap/sleep/winkle, and branch to idle handler. This tests SRR1
	 * bits 46:47. A non-0 value indicates that we are coming from a power
	 * saving state. The idle wakeup handler initially runs in real mode,
	 * but we branch to the 0xc000... address so we can turn on relocation
	 * with mtmsrd later, after SPRs are restored.
	 *
	 * Careful to minimise cost for the fast path (idle wakeup) while
	 * also avoiding clobbering CFAR for the debug path (non-idle).
	 *
	 * For the idle wake case volatile registers can be clobbered, which
	 * is why we use those initially. If it turns out to not be an idle
	 * wake, carefully put everything back the way it was, so we can use
	 * common exception macros to handle it.
	 */
BEGIN_FTR_SECTION
	SET_SCRATCH0(r13)
	GET_PACA(r13)
	std	r3,PACA_EXNMI+0*8(r13)
	std	r4,PACA_EXNMI+1*8(r13)
	std	r5,PACA_EXNMI+2*8(r13)
	mfspr	r3,SPRN_SRR1
	mfocrf	r4,0x80
	rlwinm.	r5,r3,47-31,30,31
	bne+	system_reset_idle_wake
	/* Not powersave wakeup. Restore regs for regular interrupt handler. */
	mtocrf	0x80,r4
	ld	r3,PACA_EXNMI+0*8(r13)
	ld	r4,PACA_EXNMI+1*8(r13)
	ld	r5,PACA_EXNMI+2*8(r13)
	GET_SCRATCH0(r13)
END_FTR_SECTION_IFSET(CPU_FTR_HVMODE | CPU_FTR_ARCH_206)
#endif

	GEN_INT_ENTRY system_reset, virt=0
	/*
	 * In theory, we should not enable relocation here if it was disabled
	 * in SRR1, because the MMU may not be configured to support it (e.g.,
	 * SLB may have been cleared). In practice, there should only be a few
	 * small windows where that's the case, and sreset is considered to
	 * be dangerous anyway.
	 */
EXC_REAL_END(system_reset, 0x100, 0x100)
EXC_VIRT_NONE(0x4100, 0x100)

#ifdef CONFIG_PPC_P7_NAP
TRAMP_REAL_BEGIN(system_reset_idle_wake)
	/* We are waking up from idle, so may clobber any volatile register */
	cmpwi	cr1,r5,2
	bltlr	cr1	/* no state loss, return to idle caller with r3=SRR1 */
	__LOAD_FAR_HANDLER(r12, DOTSYM(idle_return_gpr_loss), real_trampolines)
	mtctr	r12
	bctr
#endif

#ifdef CONFIG_PPC_PSERIES
/*
 * Vectors for the FWNMI option.  Share common code.
 */
TRAMP_REAL_BEGIN(system_reset_fwnmi)
	GEN_INT_ENTRY system_reset, virt=0

#endif /* CONFIG_PPC_PSERIES */

EXC_COMMON_BEGIN(system_reset_common)
	__GEN_COMMON_ENTRY system_reset
	/*
	 * Increment paca->in_nmi. When the interrupt entry wrapper later
	 * enable MSR_RI, then SLB or MCE will be able to recover, but a nested
	 * NMI will notice in_nmi and not recover because of the use of the NMI
	 * stack. in_nmi reentrancy is tested in system_reset_exception.
	 */
	lhz	r10,PACA_IN_NMI(r13)
	addi	r10,r10,1
	sth	r10,PACA_IN_NMI(r13)

	mr	r10,r1
	ld	r1,PACA_NMI_EMERG_SP(r13)
	subi	r1,r1,INT_FRAME_SIZE
	__GEN_COMMON_BODY system_reset

	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	system_reset_exception

	/* Clear MSR_RI before setting SRR0 and SRR1. */
	li	r9,0
	mtmsrd	r9,1

	/*
	 * MSR_RI is clear, now we can decrement paca->in_nmi.
	 */
	lhz	r10,PACA_IN_NMI(r13)
	subi	r10,r10,1
	sth	r10,PACA_IN_NMI(r13)

	kuap_kernel_restore r9, r10
	EXCEPTION_RESTORE_REGS
	RFI_TO_USER_OR_KERNEL


/**
 * Interrupt 0x200 - Machine Check Interrupt (MCE).
 * This is a non-maskable interrupt always taken in real-mode. It can be
 * synchronous or asynchronous, caused by hardware or software, and it may be
 * taken in a power-saving state.
 *
 * Handling:
 * Similarly to system reset, this uses its own stack and PACA save area,
 * the difference is re-entrancy is allowed on the machine check stack.
 *
 * machine_check_early is run in real mode, and carefully decodes the
 * machine check and tries to handle it (e.g., flush the SLB if there was an
 * error detected there), determines if it was recoverable and logs the
 * event.
 *
 * This early code does not "reconcile" irq soft-mask state like SRESET or
 * regular interrupts do, so irqs_disabled() among other things may not work
 * properly (irq disable/enable already doesn't work because irq tracing can
 * not work in real mode).
 *
 * Then, depending on the execution context when the interrupt is taken, there
 * are 3 main actions:
 * - Executing in kernel mode. The event is queued with irq_work, which means
 *   it is handled when it is next safe to do so (i.e., the kernel has enabled
 *   interrupts), which could be immediately when the interrupt returns. This
 *   avoids nasty issues like switching to virtual mode when the MMU is in a
 *   bad state, or when executing OPAL code. (SRESET is exposed to such issues,
 *   but it has different priorities). Check to see if the CPU was in power
 *   save, and return via the wake up code if it was.
 *
 * - Executing in user mode. machine_check_exception is run like a normal
 *   interrupt handler, which processes the data generated by the early handler.
 *
 * - Executing in guest mode. The interrupt is run with its KVM test, and
 *   branches to KVM to deal with. KVM may queue the event for the host
 *   to report later.
 *
 * This interrupt is not maskable, so if it triggers when MSR[RI] is clear,
 * or SCRATCH0 is in use, it may cause a crash.
 *
 * KVM:
 * See SRESET.
 */
INT_DEFINE_BEGIN(machine_check_early)
	IVEC=0x200
	IAREA=PACA_EXMC
	IVIRT=0 /* no virt entry point */
	IREALMODE_COMMON=1
	ISTACK=0
	IDAR=1
	IDSISR=1
	IKUAP=0 /* We don't touch AMR here, we never go to virtual mode */
INT_DEFINE_END(machine_check_early)

INT_DEFINE_BEGIN(machine_check)
	IVEC=0x200
	IAREA=PACA_EXMC
	IVIRT=0 /* no virt entry point */
	IDAR=1
	IDSISR=1
	IKVM_REAL=1
INT_DEFINE_END(machine_check)

EXC_REAL_BEGIN(machine_check, 0x200, 0x100)
	EARLY_BOOT_FIXUP
	GEN_INT_ENTRY machine_check_early, virt=0
EXC_REAL_END(machine_check, 0x200, 0x100)
EXC_VIRT_NONE(0x4200, 0x100)

#ifdef CONFIG_PPC_PSERIES
TRAMP_REAL_BEGIN(machine_check_fwnmi)
	/* See comment at machine_check exception, don't turn on RI */
	GEN_INT_ENTRY machine_check_early, virt=0
#endif

#define MACHINE_CHECK_HANDLER_WINDUP			\
	/* Clear MSR_RI before setting SRR0 and SRR1. */\
	li	r9,0;					\
	mtmsrd	r9,1;		/* Clear MSR_RI */	\
	/* Decrement paca->in_mce now RI is clear. */	\
	lhz	r12,PACA_IN_MCE(r13);			\
	subi	r12,r12,1;				\
	sth	r12,PACA_IN_MCE(r13);			\
	EXCEPTION_RESTORE_REGS

EXC_COMMON_BEGIN(machine_check_early_common)
	__GEN_REALMODE_COMMON_ENTRY machine_check_early

	/*
	 * Switch to mc_emergency stack and handle re-entrancy (we limit
	 * the nested MCE upto level 4 to avoid stack overflow).
	 * Save MCE registers srr1, srr0, dar and dsisr and then set ME=1
	 *
	 * We use paca->in_mce to check whether this is the first entry or
	 * nested machine check. We increment paca->in_mce to track nested
	 * machine checks.
	 *
	 * If this is the first entry then set stack pointer to
	 * paca->mc_emergency_sp, otherwise r1 is already pointing to
	 * stack frame on mc_emergency stack.
	 *
	 * NOTE: We are here with MSR_ME=0 (off), which means we risk a
	 * checkstop if we get another machine check exception before we do
	 * rfid with MSR_ME=1.
	 *
	 * This interrupt can wake directly from idle. If that is the case,
	 * the machine check is handled then the idle wakeup code is called
	 * to restore state.
	 */
	lhz	r10,PACA_IN_MCE(r13)
	cmpwi	r10,0			/* Are we in nested machine check */
	cmpwi	cr1,r10,MAX_MCE_DEPTH	/* Are we at maximum nesting */
	addi	r10,r10,1		/* increment paca->in_mce */
	sth	r10,PACA_IN_MCE(r13)

	mr	r10,r1			/* Save r1 */
	bne	1f
	/* First machine check entry */
	ld	r1,PACAMCEMERGSP(r13)	/* Use MC emergency stack */
1:	/* Limit nested MCE to level 4 to avoid stack overflow */
	bgt	cr1,unrecoverable_mce	/* Check if we hit limit of 4 */
	subi	r1,r1,INT_FRAME_SIZE	/* alloc stack frame */

	__GEN_COMMON_BODY machine_check_early

BEGIN_FTR_SECTION
	bl	enable_machine_check
END_FTR_SECTION_IFSET(CPU_FTR_HVMODE)
	addi	r3,r1,STACK_FRAME_OVERHEAD
BEGIN_FTR_SECTION
	bl	machine_check_early_boot
END_FTR_SECTION(0, 1)     // nop out after boot
	bl	machine_check_early
	std	r3,RESULT(r1)	/* Save result */
	ld	r12,_MSR(r1)

#ifdef CONFIG_PPC_P7_NAP
	/*
	 * Check if thread was in power saving mode. We come here when any
	 * of the following is true:
	 * a. thread wasn't in power saving mode
	 * b. thread was in power saving mode with no state loss,
	 *    supervisor state loss or hypervisor state loss.
	 *
	 * Go back to nap/sleep/winkle mode again if (b) is true.
	 */
BEGIN_FTR_SECTION
	rlwinm.	r11,r12,47-31,30,31
	bne	machine_check_idle_common
END_FTR_SECTION_IFSET(CPU_FTR_HVMODE | CPU_FTR_ARCH_206)
#endif

#ifdef CONFIG_KVM_BOOK3S_64_HANDLER
	/*
	 * Check if we are coming from guest. If yes, then run the normal
	 * exception handler which will take the
	 * machine_check_kvm->kvm_interrupt branch to deliver the MC event
	 * to guest.
	 */
	lbz	r11,HSTATE_IN_GUEST(r13)
	cmpwi	r11,0			/* Check if coming from guest */
	bne	mce_deliver		/* continue if we are. */
#endif

	/*
	 * Check if we are coming from userspace. If yes, then run the normal
	 * exception handler which will deliver the MC event to this kernel.
	 */
	andi.	r11,r12,MSR_PR		/* See if coming from user. */
	bne	mce_deliver		/* continue in V mode if we are. */

	/*
	 * At this point we are coming from kernel context.
	 * Queue up the MCE event and return from the interrupt.
	 * But before that, check if this is an un-recoverable exception.
	 * If yes, then stay on emergency stack and panic.
	 */
	andi.	r11,r12,MSR_RI
	beq	unrecoverable_mce

	/*
	 * Check if we have successfully handled/recovered from error, if not
	 * then stay on emergency stack and panic.
	 */
	ld	r3,RESULT(r1)	/* Load result */
	cmpdi	r3,0		/* see if we handled MCE successfully */
	beq	unrecoverable_mce /* if !handled then panic */

	/*
	 * Return from MC interrupt.
	 * Queue up the MCE event so that we can log it later, while
	 * returning from kernel or opal call.
	 */
	bl	machine_check_queue_event
	MACHINE_CHECK_HANDLER_WINDUP
	RFI_TO_KERNEL

mce_deliver:
	/*
	 * This is a host user or guest MCE. Restore all registers, then
	 * run the "late" handler. For host user, this will run the
	 * machine_check_exception handler in virtual mode like a normal
	 * interrupt handler. For guest, this will trigger the KVM test
	 * and branch to the KVM interrupt similarly to other interrupts.
	 */
BEGIN_FTR_SECTION
	ld	r10,ORIG_GPR3(r1)
	mtspr	SPRN_CFAR,r10
END_FTR_SECTION_IFSET(CPU_FTR_CFAR)
	MACHINE_CHECK_HANDLER_WINDUP
	GEN_INT_ENTRY machine_check, virt=0

EXC_COMMON_BEGIN(machine_check_common)
	/*
	 * Machine check is different because we use a different
	 * save area: PACA_EXMC instead of PACA_EXGEN.
	 */
	GEN_COMMON machine_check
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	machine_check_exception_async
	b	interrupt_return_srr


#ifdef CONFIG_PPC_P7_NAP
/*
 * This is an idle wakeup. Low level machine check has already been
 * done. Queue the event then call the idle code to do the wake up.
 */
EXC_COMMON_BEGIN(machine_check_idle_common)
	bl	machine_check_queue_event

	/*
	 * GPR-loss wakeups are relatively straightforward, because the
	 * idle sleep code has saved all non-volatile registers on its
	 * own stack, and r1 in PACAR1.
	 *
	 * For no-loss wakeups the r1 and lr registers used by the
	 * early machine check handler have to be restored first. r2 is
	 * the kernel TOC, so no need to restore it.
	 *
	 * Then decrement MCE nesting after finishing with the stack.
	 */
	ld	r3,_MSR(r1)
	ld	r4,_LINK(r1)
	ld	r1,GPR1(r1)

	lhz	r11,PACA_IN_MCE(r13)
	subi	r11,r11,1
	sth	r11,PACA_IN_MCE(r13)

	mtlr	r4
	rlwinm	r10,r3,47-31,30,31
	cmpwi	cr1,r10,2
	bltlr	cr1	/* no state loss, return to idle caller with r3=SRR1 */
	b	idle_return_gpr_loss
#endif

EXC_COMMON_BEGIN(unrecoverable_mce)
	/*
	 * We are going down. But there are chances that we might get hit by
	 * another MCE during panic path and we may run into unstable state
	 * with no way out. Hence, turn ME bit off while going down, so that
	 * when another MCE is hit during panic path, system will checkstop
	 * and hypervisor will get restarted cleanly by SP.
	 */
BEGIN_FTR_SECTION
	li	r10,0 /* clear MSR_RI */
	mtmsrd	r10,1
	bl	disable_machine_check
END_FTR_SECTION_IFSET(CPU_FTR_HVMODE)
	ld	r10,PACAKMSR(r13)
	li	r3,MSR_ME
	andc	r10,r10,r3
	mtmsrd	r10

	lhz	r12,PACA_IN_MCE(r13)
	subi	r12,r12,1
	sth	r12,PACA_IN_MCE(r13)

	/*
	 * Invoke machine_check_exception to print MCE event and panic.
	 * This is the NMI version of the handler because we are called from
	 * the early handler which is a true NMI.
	 */
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	machine_check_exception

	/*
	 * We will not reach here. Even if we did, there is no way out.
	 * Call unrecoverable_exception and die.
	 */
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	unrecoverable_exception
	b	.


/**
 * Interrupt 0x300 - Data Storage Interrupt (DSI).
 * This is a synchronous interrupt generated due to a data access exception,
 * e.g., a load orstore which does not have a valid page table entry with
 * permissions. DAWR matches also fault here, as do RC updates, and minor misc
 * errors e.g., copy/paste, AMO, certain invalid CI accesses, etc.
 *
 * Handling:
 * - Hash MMU
 *   Go to do_hash_fault, which attempts to fill the HPT from an entry in the
 *   Linux page table. Hash faults can hit in kernel mode in a fairly
 *   arbitrary state (e.g., interrupts disabled, locks held) when accessing
 *   "non-bolted" regions, e.g., vmalloc space. However these should always be
 *   backed by Linux page table entries.
 *
 *   If no entry is found the Linux page fault handler is invoked (by
 *   do_hash_fault). Linux page faults can happen in kernel mode due to user
 *   copy operations of course.
 *
 *   KVM: The KVM HDSI handler may perform a load with MSR[DR]=1 in guest
 *   MMU context, which may cause a DSI in the host, which must go to the
 *   KVM handler. MSR[IR] is not enabled, so the real-mode handler will
 *   always be used regardless of AIL setting.
 *
 * - Radix MMU
 *   The hardware loads from the Linux page table directly, so a fault goes
 *   immediately to Linux page fault.
 *
 * Conditions like DAWR match are handled on the way in to Linux page fault.
 */
INT_DEFINE_BEGIN(data_access)
	IVEC=0x300
	IDAR=1
	IDSISR=1
	IKVM_REAL=1
INT_DEFINE_END(data_access)

EXC_REAL_BEGIN(data_access, 0x300, 0x80)
	GEN_INT_ENTRY data_access, virt=0
EXC_REAL_END(data_access, 0x300, 0x80)
EXC_VIRT_BEGIN(data_access, 0x4300, 0x80)
	GEN_INT_ENTRY data_access, virt=1
EXC_VIRT_END(data_access, 0x4300, 0x80)
EXC_COMMON_BEGIN(data_access_common)
	GEN_COMMON data_access
	ld	r4,_DSISR(r1)
	addi	r3,r1,STACK_FRAME_OVERHEAD
	andis.	r0,r4,DSISR_DABRMATCH@h
	bne-	1f
#ifdef CONFIG_PPC_64S_HASH_MMU
BEGIN_MMU_FTR_SECTION
	bl	do_hash_fault
MMU_FTR_SECTION_ELSE
	bl	do_page_fault
ALT_MMU_FTR_SECTION_END_IFCLR(MMU_FTR_TYPE_RADIX)
#else
	bl	do_page_fault
#endif
	b	interrupt_return_srr

1:	bl	do_break
	/*
	 * do_break() may have changed the NV GPRS while handling a breakpoint.
	 * If so, we need to restore them with their updated values.
	 */
	REST_NVGPRS(r1)
	b	interrupt_return_srr


/**
 * Interrupt 0x380 - Data Segment Interrupt (DSLB).
 * This is a synchronous interrupt in response to an MMU fault missing SLB
 * entry for HPT, or an address outside RPT translation range.
 *
 * Handling:
 * - HPT:
 *   This refills the SLB, or reports an access fault similarly to a bad page
 *   fault. When coming from user-mode, the SLB handler may access any kernel
 *   data, though it may itself take a DSLB. When coming from kernel mode,
 *   recursive faults must be avoided so access is restricted to the kernel
 *   image text/data, kernel stack, and any data allocated below
 *   ppc64_bolted_size (first segment). The kernel handler must avoid stomping
 *   on user-handler data structures.
 *
 *   KVM: Same as 0x300, DSLB must test for KVM guest.
 */
INT_DEFINE_BEGIN(data_access_slb)
	IVEC=0x380
	IDAR=1
	IKVM_REAL=1
INT_DEFINE_END(data_access_slb)

EXC_REAL_BEGIN(data_access_slb, 0x380, 0x80)
	GEN_INT_ENTRY data_access_slb, virt=0
EXC_REAL_END(data_access_slb, 0x380, 0x80)
EXC_VIRT_BEGIN(data_access_slb, 0x4380, 0x80)
	GEN_INT_ENTRY data_access_slb, virt=1
EXC_VIRT_END(data_access_slb, 0x4380, 0x80)
EXC_COMMON_BEGIN(data_access_slb_common)
	GEN_COMMON data_access_slb
#ifdef CONFIG_PPC_64S_HASH_MMU
BEGIN_MMU_FTR_SECTION
	/* HPT case, do SLB fault */
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	do_slb_fault
	cmpdi	r3,0
	bne-	1f
	b	fast_interrupt_return_srr
1:	/* Error case */
MMU_FTR_SECTION_ELSE
	/* Radix case, access is outside page table range */
	li	r3,-EFAULT
ALT_MMU_FTR_SECTION_END_IFCLR(MMU_FTR_TYPE_RADIX)
#else
	li	r3,-EFAULT
#endif
	std	r3,RESULT(r1)
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	do_bad_segment_interrupt
	b	interrupt_return_srr


/**
 * Interrupt 0x400 - Instruction Storage Interrupt (ISI).
 * This is a synchronous interrupt in response to an MMU fault due to an
 * instruction fetch.
 *
 * Handling:
 * Similar to DSI, though in response to fetch. The faulting address is found
 * in SRR0 (rather than DAR), and status in SRR1 (rather than DSISR).
 */
INT_DEFINE_BEGIN(instruction_access)
	IVEC=0x400
	IISIDE=1
	IDAR=1
	IDSISR=1
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(instruction_access)

EXC_REAL_BEGIN(instruction_access, 0x400, 0x80)
	GEN_INT_ENTRY instruction_access, virt=0
EXC_REAL_END(instruction_access, 0x400, 0x80)
EXC_VIRT_BEGIN(instruction_access, 0x4400, 0x80)
	GEN_INT_ENTRY instruction_access, virt=1
EXC_VIRT_END(instruction_access, 0x4400, 0x80)
EXC_COMMON_BEGIN(instruction_access_common)
	GEN_COMMON instruction_access
	addi	r3,r1,STACK_FRAME_OVERHEAD
#ifdef CONFIG_PPC_64S_HASH_MMU
BEGIN_MMU_FTR_SECTION
	bl	do_hash_fault
MMU_FTR_SECTION_ELSE
	bl	do_page_fault
ALT_MMU_FTR_SECTION_END_IFCLR(MMU_FTR_TYPE_RADIX)
#else
	bl	do_page_fault
#endif
	b	interrupt_return_srr


/**
 * Interrupt 0x480 - Instruction Segment Interrupt (ISLB).
 * This is a synchronous interrupt in response to an MMU fault due to an
 * instruction fetch.
 *
 * Handling:
 * Similar to DSLB, though in response to fetch. The faulting address is found
 * in SRR0 (rather than DAR).
 */
INT_DEFINE_BEGIN(instruction_access_slb)
	IVEC=0x480
	IISIDE=1
	IDAR=1
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(instruction_access_slb)

EXC_REAL_BEGIN(instruction_access_slb, 0x480, 0x80)
	GEN_INT_ENTRY instruction_access_slb, virt=0
EXC_REAL_END(instruction_access_slb, 0x480, 0x80)
EXC_VIRT_BEGIN(instruction_access_slb, 0x4480, 0x80)
	GEN_INT_ENTRY instruction_access_slb, virt=1
EXC_VIRT_END(instruction_access_slb, 0x4480, 0x80)
EXC_COMMON_BEGIN(instruction_access_slb_common)
	GEN_COMMON instruction_access_slb
#ifdef CONFIG_PPC_64S_HASH_MMU
BEGIN_MMU_FTR_SECTION
	/* HPT case, do SLB fault */
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	do_slb_fault
	cmpdi	r3,0
	bne-	1f
	b	fast_interrupt_return_srr
1:	/* Error case */
MMU_FTR_SECTION_ELSE
	/* Radix case, access is outside page table range */
	li	r3,-EFAULT
ALT_MMU_FTR_SECTION_END_IFCLR(MMU_FTR_TYPE_RADIX)
#else
	li	r3,-EFAULT
#endif
	std	r3,RESULT(r1)
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	do_bad_segment_interrupt
	b	interrupt_return_srr


/**
 * Interrupt 0x500 - External Interrupt.
 * This is an asynchronous maskable interrupt in response to an "external
 * exception" from the interrupt controller or hypervisor (e.g., device
 * interrupt). It is maskable in hardware by clearing MSR[EE], and
 * soft-maskable with IRQS_DISABLED mask (i.e., local_irq_disable()).
 *
 * When running in HV mode, Linux sets up the LPCR[LPES] bit such that
 * interrupts are delivered with HSRR registers, guests use SRRs, which
 * reqiures IHSRR_IF_HVMODE.
 *
 * On bare metal POWER9 and later, Linux sets the LPCR[HVICE] bit such that
 * external interrupts are delivered as Hypervisor Virtualization Interrupts
 * rather than External Interrupts.
 *
 * Handling:
 * This calls into Linux IRQ handler. NVGPRs are not saved to reduce overhead,
 * because registers at the time of the interrupt are not so important as it is
 * asynchronous.
 *
 * If soft masked, the masked handler will note the pending interrupt for
 * replay, and clear MSR[EE] in the interrupted context.
 *
 * CFAR is not required because this is an asynchronous interrupt that in
 * general won't have much bearing on the state of the CPU, with the possible
 * exception of crash/debug IPIs, but those are generally moving to use SRESET
 * IPIs. Unless this is an HV interrupt and KVM HV is possible, in which case
 * it may be exiting the guest and need CFAR to be saved.
 */
INT_DEFINE_BEGIN(hardware_interrupt)
	IVEC=0x500
	IHSRR_IF_HVMODE=1
	IMASK=IRQS_DISABLED
	IKVM_REAL=1
	IKVM_VIRT=1
	ICFAR=0
#ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE
	ICFAR_IF_HVMODE=1
#endif
INT_DEFINE_END(hardware_interrupt)

EXC_REAL_BEGIN(hardware_interrupt, 0x500, 0x100)
	GEN_INT_ENTRY hardware_interrupt, virt=0
EXC_REAL_END(hardware_interrupt, 0x500, 0x100)
EXC_VIRT_BEGIN(hardware_interrupt, 0x4500, 0x100)
	GEN_INT_ENTRY hardware_interrupt, virt=1
EXC_VIRT_END(hardware_interrupt, 0x4500, 0x100)
EXC_COMMON_BEGIN(hardware_interrupt_common)
	GEN_COMMON hardware_interrupt
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	do_IRQ
	BEGIN_FTR_SECTION
	b	interrupt_return_hsrr
	FTR_SECTION_ELSE
	b	interrupt_return_srr
	ALT_FTR_SECTION_END_IFSET(CPU_FTR_HVMODE | CPU_FTR_ARCH_206)


/**
 * Interrupt 0x600 - Alignment Interrupt
 * This is a synchronous interrupt in response to data alignment fault.
 */
INT_DEFINE_BEGIN(alignment)
	IVEC=0x600
	IDAR=1
	IDSISR=1
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(alignment)

EXC_REAL_BEGIN(alignment, 0x600, 0x100)
	GEN_INT_ENTRY alignment, virt=0
EXC_REAL_END(alignment, 0x600, 0x100)
EXC_VIRT_BEGIN(alignment, 0x4600, 0x100)
	GEN_INT_ENTRY alignment, virt=1
EXC_VIRT_END(alignment, 0x4600, 0x100)
EXC_COMMON_BEGIN(alignment_common)
	GEN_COMMON alignment
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	alignment_exception
	REST_NVGPRS(r1) /* instruction emulation may change GPRs */
	b	interrupt_return_srr


/**
 * Interrupt 0x700 - Program Interrupt (program check).
 * This is a synchronous interrupt in response to various instruction faults:
 * traps, privilege errors, TM errors, floating point exceptions.
 *
 * Handling:
 * This interrupt may use the "emergency stack" in some cases when being taken
 * from kernel context, which complicates handling.
 */
INT_DEFINE_BEGIN(program_check)
	IVEC=0x700
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(program_check)

EXC_REAL_BEGIN(program_check, 0x700, 0x100)
	EARLY_BOOT_FIXUP
	GEN_INT_ENTRY program_check, virt=0
EXC_REAL_END(program_check, 0x700, 0x100)
EXC_VIRT_BEGIN(program_check, 0x4700, 0x100)
	GEN_INT_ENTRY program_check, virt=1
EXC_VIRT_END(program_check, 0x4700, 0x100)
EXC_COMMON_BEGIN(program_check_common)
	__GEN_COMMON_ENTRY program_check

	/*
	 * It's possible to receive a TM Bad Thing type program check with
	 * userspace register values (in particular r1), but with SRR1 reporting
	 * that we came from the kernel. Normally that would confuse the bad
	 * stack logic, and we would report a bad kernel stack pointer. Instead
	 * we switch to the emergency stack if we're taking a TM Bad Thing from
	 * the kernel.
	 */

	andi.	r10,r12,MSR_PR
	bne	.Lnormal_stack		/* If userspace, go normal path */

	andis.	r10,r12,(SRR1_PROGTM)@h
	bne	.Lemergency_stack	/* If TM, emergency		*/

	cmpdi	r1,-INT_FRAME_SIZE	/* check if r1 is in userspace	*/
	blt	.Lnormal_stack		/* normal path if not		*/

	/* Use the emergency stack					*/
.Lemergency_stack:
	andi.	r10,r12,MSR_PR		/* Set CR0 correctly for label	*/
					/* 3 in EXCEPTION_PROLOG_COMMON	*/
	mr	r10,r1			/* Save r1			*/
	ld	r1,PACAEMERGSP(r13)	/* Use emergency stack		*/
	subi	r1,r1,INT_FRAME_SIZE	/* alloc stack frame		*/
	__ISTACK(program_check)=0
	__GEN_COMMON_BODY program_check
	b .Ldo_program_check

.Lnormal_stack:
	__ISTACK(program_check)=1
	__GEN_COMMON_BODY program_check

.Ldo_program_check:
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	program_check_exception
	REST_NVGPRS(r1) /* instruction emulation may change GPRs */
	b	interrupt_return_srr


/*
 * Interrupt 0x800 - Floating-Point Unavailable Interrupt.
 * This is a synchronous interrupt in response to executing an fp instruction
 * with MSR[FP]=0.
 *
 * Handling:
 * This will load FP registers and enable the FP bit if coming from userspace,
 * otherwise report a bad kernel use of FP.
 */
INT_DEFINE_BEGIN(fp_unavailable)
	IVEC=0x800
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(fp_unavailable)

EXC_REAL_BEGIN(fp_unavailable, 0x800, 0x100)
	GEN_INT_ENTRY fp_unavailable, virt=0
EXC_REAL_END(fp_unavailable, 0x800, 0x100)
EXC_VIRT_BEGIN(fp_unavailable, 0x4800, 0x100)
	GEN_INT_ENTRY fp_unavailable, virt=1
EXC_VIRT_END(fp_unavailable, 0x4800, 0x100)
EXC_COMMON_BEGIN(fp_unavailable_common)
	GEN_COMMON fp_unavailable
	bne	1f			/* if from user, just load it up */
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	kernel_fp_unavailable_exception
0:	trap
	EMIT_BUG_ENTRY 0b, __FILE__, __LINE__, 0
1:
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
BEGIN_FTR_SECTION
	/* Test if 2 TM state bits are zero.  If non-zero (ie. userspace was in
	 * transaction), go do TM stuff
	 */
	rldicl.	r0, r12, (64-MSR_TS_LG), (64-2)
	bne-	2f
END_FTR_SECTION_IFSET(CPU_FTR_TM)
#endif
	bl	load_up_fpu
	b	fast_interrupt_return_srr
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
2:	/* User process was in a transaction */
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	fp_unavailable_tm
	b	interrupt_return_srr
#endif


/**
 * Interrupt 0x900 - Decrementer Interrupt.
 * This is an asynchronous interrupt in response to a decrementer exception
 * (e.g., DEC has wrapped below zero). It is maskable in hardware by clearing
 * MSR[EE], and soft-maskable with IRQS_DISABLED mask (i.e.,
 * local_irq_disable()).
 *
 * Handling:
 * This calls into Linux timer handler. NVGPRs are not saved (see 0x500).
 *
 * If soft masked, the masked handler will note the pending interrupt for
 * replay, and bump the decrementer to a high value, leaving MSR[EE] enabled
 * in the interrupted context.
 * If PPC_WATCHDOG is configured, the soft masked handler will actually set
 * things back up to run soft_nmi_interrupt as a regular interrupt handler
 * on the emergency stack.
 *
 * CFAR is not required because this is asynchronous (see hardware_interrupt).
 * A watchdog interrupt may like to have CFAR, but usually the interesting
 * branch is long gone by that point (e.g., infinite loop).
 */
INT_DEFINE_BEGIN(decrementer)
	IVEC=0x900
	IMASK=IRQS_DISABLED
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
	ICFAR=0
INT_DEFINE_END(decrementer)

EXC_REAL_BEGIN(decrementer, 0x900, 0x80)
	GEN_INT_ENTRY decrementer, virt=0
EXC_REAL_END(decrementer, 0x900, 0x80)
EXC_VIRT_BEGIN(decrementer, 0x4900, 0x80)
	GEN_INT_ENTRY decrementer, virt=1
EXC_VIRT_END(decrementer, 0x4900, 0x80)
EXC_COMMON_BEGIN(decrementer_common)
	GEN_COMMON decrementer
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	timer_interrupt
	b	interrupt_return_srr


/**
 * Interrupt 0x980 - Hypervisor Decrementer Interrupt.
 * This is an asynchronous interrupt, similar to 0x900 but for the HDEC
 * register.
 *
 * Handling:
 * Linux does not use this outside KVM where it's used to keep a host timer
 * while the guest is given control of DEC. It should normally be caught by
 * the KVM test and routed there.
 */
INT_DEFINE_BEGIN(hdecrementer)
	IVEC=0x980
	IHSRR=1
	ISTACK=0
	IKVM_REAL=1
	IKVM_VIRT=1
INT_DEFINE_END(hdecrementer)

EXC_REAL_BEGIN(hdecrementer, 0x980, 0x80)
	GEN_INT_ENTRY hdecrementer, virt=0
EXC_REAL_END(hdecrementer, 0x980, 0x80)
EXC_VIRT_BEGIN(hdecrementer, 0x4980, 0x80)
	GEN_INT_ENTRY hdecrementer, virt=1
EXC_VIRT_END(hdecrementer, 0x4980, 0x80)
EXC_COMMON_BEGIN(hdecrementer_common)
	__GEN_COMMON_ENTRY hdecrementer
	/*
	 * Hypervisor decrementer interrupts not caught by the KVM test
	 * shouldn't occur but are sometimes left pending on exit from a KVM
	 * guest.  We don't need to do anything to clear them, as they are
	 * edge-triggered.
	 *
	 * Be careful to avoid touching the kernel stack.
	 */
	li	r10,0
	stb	r10,PACAHSRR_VALID(r13)
	ld	r10,PACA_EXGEN+EX_CTR(r13)
	mtctr	r10
	mtcrf	0x80,r9
	ld	r9,PACA_EXGEN+EX_R9(r13)
	ld	r10,PACA_EXGEN+EX_R10(r13)
	ld	r11,PACA_EXGEN+EX_R11(r13)
	ld	r12,PACA_EXGEN+EX_R12(r13)
	ld	r13,PACA_EXGEN+EX_R13(r13)
	HRFI_TO_KERNEL


/**
 * Interrupt 0xa00 - Directed Privileged Doorbell Interrupt.
 * This is an asynchronous interrupt in response to a msgsndp doorbell.
 * It is maskable in hardware by clearing MSR[EE], and soft-maskable with
 * IRQS_DISABLED mask (i.e., local_irq_disable()).
 *
 * Handling:
 * Guests may use this for IPIs between threads in a core if the
 * hypervisor supports it. NVGPRS are not saved (see 0x500).
 *
 * If soft masked, the masked handler will note the pending interrupt for
 * replay, leaving MSR[EE] enabled in the interrupted context because the
 * doorbells are edge triggered.
 *
 * CFAR is not required, similarly to hardware_interrupt.
 */
INT_DEFINE_BEGIN(doorbell_super)
	IVEC=0xa00
	IMASK=IRQS_DISABLED
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
	ICFAR=0
INT_DEFINE_END(doorbell_super)

EXC_REAL_BEGIN(doorbell_super, 0xa00, 0x100)
	GEN_INT_ENTRY doorbell_super, virt=0
EXC_REAL_END(doorbell_super, 0xa00, 0x100)
EXC_VIRT_BEGIN(doorbell_super, 0x4a00, 0x100)
	GEN_INT_ENTRY doorbell_super, virt=1
EXC_VIRT_END(doorbell_super, 0x4a00, 0x100)
EXC_COMMON_BEGIN(doorbell_super_common)
	GEN_COMMON doorbell_super
	addi	r3,r1,STACK_FRAME_OVERHEAD
#ifdef CONFIG_PPC_DOORBELL
	bl	doorbell_exception
#else
	bl	unknown_async_exception
#endif
	b	interrupt_return_srr


EXC_REAL_NONE(0xb00, 0x100)
EXC_VIRT_NONE(0x4b00, 0x100)

/**
 * Interrupt 0xc00 - System Call Interrupt (syscall, hcall).
 * This is a synchronous interrupt invoked with the "sc" instruction. The
 * system call is invoked with "sc 0" and does not alter the HV bit, so it
 * is directed to the currently running OS. The hypercall is invoked with
 * "sc 1" and it sets HV=1, so it elevates to hypervisor.
 *
 * In HPT, sc 1 always goes to 0xc00 real mode. In RADIX, sc 1 can go to
 * 0x4c00 virtual mode.
 *
 * Handling:
 * If the KVM test fires then it was due to a hypercall and is accordingly
 * routed to KVM. Otherwise this executes a normal Linux system call.
 *
 * Call convention:
 *
 * syscall and hypercalls register conventions are documented in
 * Documentation/powerpc/syscall64-abi.rst and
 * Documentation/powerpc/papr_hcalls.rst respectively.
 *
 * The intersection of volatile registers that don't contain possible
 * inputs is: cr0, xer, ctr. We may use these as scratch regs upon entry
 * without saving, though xer is not a good idea to use, as hardware may
 * interpret some bits so it may be costly to change them.
 */
INT_DEFINE_BEGIN(system_call)
	IVEC=0xc00
	IKVM_REAL=1
	IKVM_VIRT=1
	ICFAR=0
INT_DEFINE_END(system_call)

.macro SYSTEM_CALL virt
#ifdef CONFIG_KVM_BOOK3S_64_HANDLER
	/*
	 * There is a little bit of juggling to get syscall and hcall
	 * working well. Save r13 in ctr to avoid using SPRG scratch
	 * register.
	 *
	 * Userspace syscalls have already saved the PPR, hcalls must save
	 * it before setting HMT_MEDIUM.
	 */
	mtctr	r13
	GET_PACA(r13)
	std	r10,PACA_EXGEN+EX_R10(r13)
	INTERRUPT_TO_KERNEL
	KVMTEST system_call kvm_hcall /* uses r10, branch to kvm_hcall */
	mfctr	r9
#else
	mr	r9,r13
	GET_PACA(r13)
	INTERRUPT_TO_KERNEL
#endif

#ifdef CONFIG_PPC_FAST_ENDIAN_SWITCH
BEGIN_FTR_SECTION
	cmpdi	r0,0x1ebe
	beq-	1f
END_FTR_SECTION_IFSET(CPU_FTR_REAL_LE)
#endif

	/* We reach here with PACA in r13, r13 in r9. */
	mfspr	r11,SPRN_SRR0
	mfspr	r12,SPRN_SRR1

	HMT_MEDIUM

	.if ! \virt
	__LOAD_HANDLER(r10, system_call_common_real, real_vectors)
	mtctr	r10
	bctr
	.else
#ifdef CONFIG_RELOCATABLE
	__LOAD_HANDLER(r10, system_call_common, virt_vectors)
	mtctr	r10
	bctr
#else
	b	system_call_common
#endif
	.endif

#ifdef CONFIG_PPC_FAST_ENDIAN_SWITCH
	/* Fast LE/BE switch system call */
1:	mfspr	r12,SPRN_SRR1
	xori	r12,r12,MSR_LE
	mtspr	SPRN_SRR1,r12
	mr	r13,r9
	RFI_TO_USER	/* return to userspace */
	b	.	/* prevent speculative execution */
#endif
.endm

EXC_REAL_BEGIN(system_call, 0xc00, 0x100)
	SYSTEM_CALL 0
EXC_REAL_END(system_call, 0xc00, 0x100)
EXC_VIRT_BEGIN(system_call, 0x4c00, 0x100)
	SYSTEM_CALL 1
EXC_VIRT_END(system_call, 0x4c00, 0x100)

#ifdef CONFIG_KVM_BOOK3S_64_HANDLER
TRAMP_REAL_BEGIN(kvm_hcall)
	std	r9,PACA_EXGEN+EX_R9(r13)
	std	r11,PACA_EXGEN+EX_R11(r13)
	std	r12,PACA_EXGEN+EX_R12(r13)
	mfcr	r9
	mfctr	r10
	std	r10,PACA_EXGEN+EX_R13(r13)
	li	r10,0
	std	r10,PACA_EXGEN+EX_CFAR(r13)
	std	r10,PACA_EXGEN+EX_CTR(r13)
	 /*
	  * Save the PPR (on systems that support it) before changing to
	  * HMT_MEDIUM. That allows the KVM code to save that value into the
	  * guest state (it is the guest's PPR value).
	  */
BEGIN_FTR_SECTION
	mfspr	r10,SPRN_PPR
	std	r10,PACA_EXGEN+EX_PPR(r13)
END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)

	HMT_MEDIUM

#ifdef CONFIG_RELOCATABLE
	/*
	 * Requires __LOAD_FAR_HANDLER beause kvmppc_hcall lives
	 * outside the head section.
	 */
	__LOAD_FAR_HANDLER(r10, kvmppc_hcall, real_trampolines)
	mtctr   r10
	bctr
#else
	b       kvmppc_hcall
#endif
#endif

/**
 * Interrupt 0xd00 - Trace Interrupt.
 * This is a synchronous interrupt in response to instruction step or
 * breakpoint faults.
 */
INT_DEFINE_BEGIN(single_step)
	IVEC=0xd00
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(single_step)

EXC_REAL_BEGIN(single_step, 0xd00, 0x100)
	GEN_INT_ENTRY single_step, virt=0
EXC_REAL_END(single_step, 0xd00, 0x100)
EXC_VIRT_BEGIN(single_step, 0x4d00, 0x100)
	GEN_INT_ENTRY single_step, virt=1
EXC_VIRT_END(single_step, 0x4d00, 0x100)
EXC_COMMON_BEGIN(single_step_common)
	GEN_COMMON single_step
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	single_step_exception
	b	interrupt_return_srr


/**
 * Interrupt 0xe00 - Hypervisor Data Storage Interrupt (HDSI).
 * This is a synchronous interrupt in response to an MMU fault caused by a
 * guest data access.
 *
 * Handling:
 * This should always get routed to KVM. In radix MMU mode, this is caused
 * by a guest nested radix access that can't be performed due to the
 * partition scope page table. In hash mode, this can be caused by guests
 * running with translation disabled (virtual real mode) or with VPM enabled.
 * KVM will update the page table structures or disallow the access.
 */
INT_DEFINE_BEGIN(h_data_storage)
	IVEC=0xe00
	IHSRR=1
	IDAR=1
	IDSISR=1
	IKVM_REAL=1
	IKVM_VIRT=1
INT_DEFINE_END(h_data_storage)

EXC_REAL_BEGIN(h_data_storage, 0xe00, 0x20)
	GEN_INT_ENTRY h_data_storage, virt=0, ool=1
EXC_REAL_END(h_data_storage, 0xe00, 0x20)
EXC_VIRT_BEGIN(h_data_storage, 0x4e00, 0x20)
	GEN_INT_ENTRY h_data_storage, virt=1, ool=1
EXC_VIRT_END(h_data_storage, 0x4e00, 0x20)
EXC_COMMON_BEGIN(h_data_storage_common)
	GEN_COMMON h_data_storage
	addi    r3,r1,STACK_FRAME_OVERHEAD
BEGIN_MMU_FTR_SECTION
	bl      do_bad_page_fault_segv
MMU_FTR_SECTION_ELSE
	bl      unknown_exception
ALT_MMU_FTR_SECTION_END_IFSET(MMU_FTR_TYPE_RADIX)
	b       interrupt_return_hsrr


/**
 * Interrupt 0xe20 - Hypervisor Instruction Storage Interrupt (HISI).
 * This is a synchronous interrupt in response to an MMU fault caused by a
 * guest instruction fetch, similar to HDSI.
 */
INT_DEFINE_BEGIN(h_instr_storage)
	IVEC=0xe20
	IHSRR=1
	IKVM_REAL=1
	IKVM_VIRT=1
INT_DEFINE_END(h_instr_storage)

EXC_REAL_BEGIN(h_instr_storage, 0xe20, 0x20)
	GEN_INT_ENTRY h_instr_storage, virt=0, ool=1
EXC_REAL_END(h_instr_storage, 0xe20, 0x20)
EXC_VIRT_BEGIN(h_instr_storage, 0x4e20, 0x20)
	GEN_INT_ENTRY h_instr_storage, virt=1, ool=1
EXC_VIRT_END(h_instr_storage, 0x4e20, 0x20)
EXC_COMMON_BEGIN(h_instr_storage_common)
	GEN_COMMON h_instr_storage
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	unknown_exception
	b	interrupt_return_hsrr


/**
 * Interrupt 0xe40 - Hypervisor Emulation Assistance Interrupt.
 */
INT_DEFINE_BEGIN(emulation_assist)
	IVEC=0xe40
	IHSRR=1
	IKVM_REAL=1
	IKVM_VIRT=1
INT_DEFINE_END(emulation_assist)

EXC_REAL_BEGIN(emulation_assist, 0xe40, 0x20)
	GEN_INT_ENTRY emulation_assist, virt=0, ool=1
EXC_REAL_END(emulation_assist, 0xe40, 0x20)
EXC_VIRT_BEGIN(emulation_assist, 0x4e40, 0x20)
	GEN_INT_ENTRY emulation_assist, virt=1, ool=1
EXC_VIRT_END(emulation_assist, 0x4e40, 0x20)
EXC_COMMON_BEGIN(emulation_assist_common)
	GEN_COMMON emulation_assist
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	emulation_assist_interrupt
	REST_NVGPRS(r1) /* instruction emulation may change GPRs */
	b	interrupt_return_hsrr


/**
 * Interrupt 0xe60 - Hypervisor Maintenance Interrupt (HMI).
 * This is an asynchronous interrupt caused by a Hypervisor Maintenance
 * Exception. It is always taken in real mode but uses HSRR registers
 * unlike SRESET and MCE.
 *
 * It is maskable in hardware by clearing MSR[EE], and partially soft-maskable
 * with IRQS_DISABLED mask (i.e., local_irq_disable()).
 *
 * Handling:
 * This is a special case, this is handled similarly to machine checks, with an
 * initial real mode handler that is not soft-masked, which attempts to fix the
 * problem. Then a regular handler which is soft-maskable and reports the
 * problem.
 *
 * The emergency stack is used for the early real mode handler.
 *
 * XXX: unclear why MCE and HMI schemes could not be made common, e.g.,
 * either use soft-masking for the MCE, or use irq_work for the HMI.
 *
 * KVM:
 * Unlike MCE, this calls into KVM without calling the real mode handler
 * first.
 */
INT_DEFINE_BEGIN(hmi_exception_early)
	IVEC=0xe60
	IHSRR=1
	IREALMODE_COMMON=1
	ISTACK=0
	IKUAP=0 /* We don't touch AMR here, we never go to virtual mode */
	IKVM_REAL=1
INT_DEFINE_END(hmi_exception_early)

INT_DEFINE_BEGIN(hmi_exception)
	IVEC=0xe60
	IHSRR=1
	IMASK=IRQS_DISABLED
	IKVM_REAL=1
INT_DEFINE_END(hmi_exception)

EXC_REAL_BEGIN(hmi_exception, 0xe60, 0x20)
	GEN_INT_ENTRY hmi_exception_early, virt=0, ool=1
EXC_REAL_END(hmi_exception, 0xe60, 0x20)
EXC_VIRT_NONE(0x4e60, 0x20)

EXC_COMMON_BEGIN(hmi_exception_early_common)
	__GEN_REALMODE_COMMON_ENTRY hmi_exception_early

	mr	r10,r1			/* Save r1 */
	ld	r1,PACAEMERGSP(r13)	/* Use emergency stack for realmode */
	subi	r1,r1,INT_FRAME_SIZE	/* alloc stack frame		*/

	__GEN_COMMON_BODY hmi_exception_early

	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	hmi_exception_realmode
	cmpdi	cr0,r3,0
	bne	1f

	EXCEPTION_RESTORE_REGS hsrr=1
	HRFI_TO_USER_OR_KERNEL

1:
	/*
	 * Go to virtual mode and pull the HMI event information from
	 * firmware.
	 */
	EXCEPTION_RESTORE_REGS hsrr=1
	GEN_INT_ENTRY hmi_exception, virt=0

EXC_COMMON_BEGIN(hmi_exception_common)
	GEN_COMMON hmi_exception
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	handle_hmi_exception
	b	interrupt_return_hsrr


/**
 * Interrupt 0xe80 - Directed Hypervisor Doorbell Interrupt.
 * This is an asynchronous interrupt in response to a msgsnd doorbell.
 * Similar to the 0xa00 doorbell but for host rather than guest.
 *
 * CFAR is not required (similar to doorbell_interrupt), unless KVM HV
 * is enabled, in which case it may be a guest exit. Most PowerNV kernels
 * include KVM support so it would be nice if this could be dynamically
 * patched out if KVM was not currently running any guests.
 */
INT_DEFINE_BEGIN(h_doorbell)
	IVEC=0xe80
	IHSRR=1
	IMASK=IRQS_DISABLED
	IKVM_REAL=1
	IKVM_VIRT=1
#ifndef CONFIG_KVM_BOOK3S_HV_POSSIBLE
	ICFAR=0
#endif
INT_DEFINE_END(h_doorbell)

EXC_REAL_BEGIN(h_doorbell, 0xe80, 0x20)
	GEN_INT_ENTRY h_doorbell, virt=0, ool=1
EXC_REAL_END(h_doorbell, 0xe80, 0x20)
EXC_VIRT_BEGIN(h_doorbell, 0x4e80, 0x20)
	GEN_INT_ENTRY h_doorbell, virt=1, ool=1
EXC_VIRT_END(h_doorbell, 0x4e80, 0x20)
EXC_COMMON_BEGIN(h_doorbell_common)
	GEN_COMMON h_doorbell
	addi	r3,r1,STACK_FRAME_OVERHEAD
#ifdef CONFIG_PPC_DOORBELL
	bl	doorbell_exception
#else
	bl	unknown_async_exception
#endif
	b	interrupt_return_hsrr


/**
 * Interrupt 0xea0 - Hypervisor Virtualization Interrupt.
 * This is an asynchronous interrupt in response to an "external exception".
 * Similar to 0x500 but for host only.
 *
 * Like h_doorbell, CFAR is only required for KVM HV because this can be
 * a guest exit.
 */
INT_DEFINE_BEGIN(h_virt_irq)
	IVEC=0xea0
	IHSRR=1
	IMASK=IRQS_DISABLED
	IKVM_REAL=1
	IKVM_VIRT=1
#ifndef CONFIG_KVM_BOOK3S_HV_POSSIBLE
	ICFAR=0
#endif
INT_DEFINE_END(h_virt_irq)

EXC_REAL_BEGIN(h_virt_irq, 0xea0, 0x20)
	GEN_INT_ENTRY h_virt_irq, virt=0, ool=1
EXC_REAL_END(h_virt_irq, 0xea0, 0x20)
EXC_VIRT_BEGIN(h_virt_irq, 0x4ea0, 0x20)
	GEN_INT_ENTRY h_virt_irq, virt=1, ool=1
EXC_VIRT_END(h_virt_irq, 0x4ea0, 0x20)
EXC_COMMON_BEGIN(h_virt_irq_common)
	GEN_COMMON h_virt_irq
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	do_IRQ
	b	interrupt_return_hsrr


EXC_REAL_NONE(0xec0, 0x20)
EXC_VIRT_NONE(0x4ec0, 0x20)
EXC_REAL_NONE(0xee0, 0x20)
EXC_VIRT_NONE(0x4ee0, 0x20)


/*
 * Interrupt 0xf00 - Performance Monitor Interrupt (PMI, PMU).
 * This is an asynchronous interrupt in response to a PMU exception.
 * It is maskable in hardware by clearing MSR[EE], and soft-maskable with
 * IRQS_PMI_DISABLED mask (NOTE: NOT local_irq_disable()).
 *
 * Handling:
 * This calls into the perf subsystem.
 *
 * Like the watchdog soft-nmi, it appears an NMI interrupt to Linux, in that it
 * runs under local_irq_disable. However it may be soft-masked in
 * powerpc-specific code.
 *
 * If soft masked, the masked handler will note the pending interrupt for
 * replay, and clear MSR[EE] in the interrupted context.
 *
 * CFAR is not used by perf interrupts so not required.
 */
INT_DEFINE_BEGIN(performance_monitor)
	IVEC=0xf00
	IMASK=IRQS_PMI_DISABLED
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
	ICFAR=0
INT_DEFINE_END(performance_monitor)

EXC_REAL_BEGIN(performance_monitor, 0xf00, 0x20)
	GEN_INT_ENTRY performance_monitor, virt=0, ool=1
EXC_REAL_END(performance_monitor, 0xf00, 0x20)
EXC_VIRT_BEGIN(performance_monitor, 0x4f00, 0x20)
	GEN_INT_ENTRY performance_monitor, virt=1, ool=1
EXC_VIRT_END(performance_monitor, 0x4f00, 0x20)
EXC_COMMON_BEGIN(performance_monitor_common)
	GEN_COMMON performance_monitor
	addi	r3,r1,STACK_FRAME_OVERHEAD
	lbz	r4,PACAIRQSOFTMASK(r13)
	cmpdi	r4,IRQS_ENABLED
	bne	1f
	bl	performance_monitor_exception_async
	b	interrupt_return_srr
1:
	bl	performance_monitor_exception_nmi
	/* Clear MSR_RI before setting SRR0 and SRR1. */
	li	r9,0
	mtmsrd	r9,1

	kuap_kernel_restore r9, r10

	EXCEPTION_RESTORE_REGS hsrr=0
	RFI_TO_KERNEL

/**
 * Interrupt 0xf20 - Vector Unavailable Interrupt.
 * This is a synchronous interrupt in response to
 * executing a vector (or altivec) instruction with MSR[VEC]=0.
 * Similar to FP unavailable.
 */
INT_DEFINE_BEGIN(altivec_unavailable)
	IVEC=0xf20
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(altivec_unavailable)

EXC_REAL_BEGIN(altivec_unavailable, 0xf20, 0x20)
	GEN_INT_ENTRY altivec_unavailable, virt=0, ool=1
EXC_REAL_END(altivec_unavailable, 0xf20, 0x20)
EXC_VIRT_BEGIN(altivec_unavailable, 0x4f20, 0x20)
	GEN_INT_ENTRY altivec_unavailable, virt=1, ool=1
EXC_VIRT_END(altivec_unavailable, 0x4f20, 0x20)
EXC_COMMON_BEGIN(altivec_unavailable_common)
	GEN_COMMON altivec_unavailable
#ifdef CONFIG_ALTIVEC
BEGIN_FTR_SECTION
	beq	1f
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
  BEGIN_FTR_SECTION_NESTED(69)
	/* Test if 2 TM state bits are zero.  If non-zero (ie. userspace was in
	 * transaction), go do TM stuff
	 */
	rldicl.	r0, r12, (64-MSR_TS_LG), (64-2)
	bne-	2f
  END_FTR_SECTION_NESTED(CPU_FTR_TM, CPU_FTR_TM, 69)
#endif
	bl	load_up_altivec
	b	fast_interrupt_return_srr
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
2:	/* User process was in a transaction */
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	altivec_unavailable_tm
	b	interrupt_return_srr
#endif
1:
END_FTR_SECTION_IFSET(CPU_FTR_ALTIVEC)
#endif
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	altivec_unavailable_exception
	b	interrupt_return_srr


/**
 * Interrupt 0xf40 - VSX Unavailable Interrupt.
 * This is a synchronous interrupt in response to
 * executing a VSX instruction with MSR[VSX]=0.
 * Similar to FP unavailable.
 */
INT_DEFINE_BEGIN(vsx_unavailable)
	IVEC=0xf40
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(vsx_unavailable)

EXC_REAL_BEGIN(vsx_unavailable, 0xf40, 0x20)
	GEN_INT_ENTRY vsx_unavailable, virt=0, ool=1
EXC_REAL_END(vsx_unavailable, 0xf40, 0x20)
EXC_VIRT_BEGIN(vsx_unavailable, 0x4f40, 0x20)
	GEN_INT_ENTRY vsx_unavailable, virt=1, ool=1
EXC_VIRT_END(vsx_unavailable, 0x4f40, 0x20)
EXC_COMMON_BEGIN(vsx_unavailable_common)
	GEN_COMMON vsx_unavailable
#ifdef CONFIG_VSX
BEGIN_FTR_SECTION
	beq	1f
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
  BEGIN_FTR_SECTION_NESTED(69)
	/* Test if 2 TM state bits are zero.  If non-zero (ie. userspace was in
	 * transaction), go do TM stuff
	 */
	rldicl.	r0, r12, (64-MSR_TS_LG), (64-2)
	bne-	2f
  END_FTR_SECTION_NESTED(CPU_FTR_TM, CPU_FTR_TM, 69)
#endif
	b	load_up_vsx
#ifdef CONFIG_PPC_TRANSACTIONAL_MEM
2:	/* User process was in a transaction */
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	vsx_unavailable_tm
	b	interrupt_return_srr
#endif
1:
END_FTR_SECTION_IFSET(CPU_FTR_VSX)
#endif
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	vsx_unavailable_exception
	b	interrupt_return_srr


/**
 * Interrupt 0xf60 - Facility Unavailable Interrupt.
 * This is a synchronous interrupt in response to
 * executing an instruction without access to the facility that can be
 * resolved by the OS (e.g., FSCR, MSR).
 * Similar to FP unavailable.
 */
INT_DEFINE_BEGIN(facility_unavailable)
	IVEC=0xf60
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(facility_unavailable)

EXC_REAL_BEGIN(facility_unavailable, 0xf60, 0x20)
	GEN_INT_ENTRY facility_unavailable, virt=0, ool=1
EXC_REAL_END(facility_unavailable, 0xf60, 0x20)
EXC_VIRT_BEGIN(facility_unavailable, 0x4f60, 0x20)
	GEN_INT_ENTRY facility_unavailable, virt=1, ool=1
EXC_VIRT_END(facility_unavailable, 0x4f60, 0x20)
EXC_COMMON_BEGIN(facility_unavailable_common)
	GEN_COMMON facility_unavailable
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	facility_unavailable_exception
	REST_NVGPRS(r1) /* instruction emulation may change GPRs */
	b	interrupt_return_srr


/**
 * Interrupt 0xf60 - Hypervisor Facility Unavailable Interrupt.
 * This is a synchronous interrupt in response to
 * executing an instruction without access to the facility that can only
 * be resolved in HV mode (e.g., HFSCR).
 * Similar to FP unavailable.
 */
INT_DEFINE_BEGIN(h_facility_unavailable)
	IVEC=0xf80
	IHSRR=1
	IKVM_REAL=1
	IKVM_VIRT=1
INT_DEFINE_END(h_facility_unavailable)

EXC_REAL_BEGIN(h_facility_unavailable, 0xf80, 0x20)
	GEN_INT_ENTRY h_facility_unavailable, virt=0, ool=1
EXC_REAL_END(h_facility_unavailable, 0xf80, 0x20)
EXC_VIRT_BEGIN(h_facility_unavailable, 0x4f80, 0x20)
	GEN_INT_ENTRY h_facility_unavailable, virt=1, ool=1
EXC_VIRT_END(h_facility_unavailable, 0x4f80, 0x20)
EXC_COMMON_BEGIN(h_facility_unavailable_common)
	GEN_COMMON h_facility_unavailable
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	facility_unavailable_exception
	REST_NVGPRS(r1) /* XXX Shouldn't be necessary in practice */
	b	interrupt_return_hsrr


EXC_REAL_NONE(0xfa0, 0x20)
EXC_VIRT_NONE(0x4fa0, 0x20)
EXC_REAL_NONE(0xfc0, 0x20)
EXC_VIRT_NONE(0x4fc0, 0x20)
EXC_REAL_NONE(0xfe0, 0x20)
EXC_VIRT_NONE(0x4fe0, 0x20)

EXC_REAL_NONE(0x1000, 0x100)
EXC_VIRT_NONE(0x5000, 0x100)
EXC_REAL_NONE(0x1100, 0x100)
EXC_VIRT_NONE(0x5100, 0x100)

#ifdef CONFIG_CBE_RAS
INT_DEFINE_BEGIN(cbe_system_error)
	IVEC=0x1200
	IHSRR=1
INT_DEFINE_END(cbe_system_error)

EXC_REAL_BEGIN(cbe_system_error, 0x1200, 0x100)
	GEN_INT_ENTRY cbe_system_error, virt=0
EXC_REAL_END(cbe_system_error, 0x1200, 0x100)
EXC_VIRT_NONE(0x5200, 0x100)
EXC_COMMON_BEGIN(cbe_system_error_common)
	GEN_COMMON cbe_system_error
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	cbe_system_error_exception
	b	interrupt_return_hsrr

#else /* CONFIG_CBE_RAS */
EXC_REAL_NONE(0x1200, 0x100)
EXC_VIRT_NONE(0x5200, 0x100)
#endif

/**
 * Interrupt 0x1300 - Instruction Address Breakpoint Interrupt.
 * This has been removed from the ISA before 2.01, which is the earliest
 * 64-bit BookS ISA supported, however the G5 / 970 implements this
 * interrupt with a non-architected feature available through the support
 * processor interface.
 */
INT_DEFINE_BEGIN(instruction_breakpoint)
	IVEC=0x1300
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(instruction_breakpoint)

EXC_REAL_BEGIN(instruction_breakpoint, 0x1300, 0x100)
	GEN_INT_ENTRY instruction_breakpoint, virt=0
EXC_REAL_END(instruction_breakpoint, 0x1300, 0x100)
EXC_VIRT_BEGIN(instruction_breakpoint, 0x5300, 0x100)
	GEN_INT_ENTRY instruction_breakpoint, virt=1
EXC_VIRT_END(instruction_breakpoint, 0x5300, 0x100)
EXC_COMMON_BEGIN(instruction_breakpoint_common)
	GEN_COMMON instruction_breakpoint
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	instruction_breakpoint_exception
	b	interrupt_return_srr


EXC_REAL_NONE(0x1400, 0x100)
EXC_VIRT_NONE(0x5400, 0x100)

/**
 * Interrupt 0x1500 - Soft Patch Interrupt
 *
 * Handling:
 * This is an implementation specific interrupt which can be used for a
 * range of exceptions.
 *
 * This interrupt handler is unique in that it runs the denormal assist
 * code even for guests (and even in guest context) without going to KVM,
 * for speed. POWER9 does not raise denorm exceptions, so this special case
 * could be phased out in future to reduce special cases.
 */
INT_DEFINE_BEGIN(denorm_exception)
	IVEC=0x1500
	IHSRR=1
	IBRANCH_TO_COMMON=0
	IKVM_REAL=1
INT_DEFINE_END(denorm_exception)

EXC_REAL_BEGIN(denorm_exception, 0x1500, 0x100)
	GEN_INT_ENTRY denorm_exception, virt=0
#ifdef CONFIG_PPC_DENORMALISATION
	andis.	r10,r12,(HSRR1_DENORM)@h /* denorm? */
	bne+	denorm_assist
#endif
	GEN_BRANCH_TO_COMMON denorm_exception, virt=0
EXC_REAL_END(denorm_exception, 0x1500, 0x100)
#ifdef CONFIG_PPC_DENORMALISATION
EXC_VIRT_BEGIN(denorm_exception, 0x5500, 0x100)
	GEN_INT_ENTRY denorm_exception, virt=1
	andis.	r10,r12,(HSRR1_DENORM)@h /* denorm? */
	bne+	denorm_assist
	GEN_BRANCH_TO_COMMON denorm_exception, virt=1
EXC_VIRT_END(denorm_exception, 0x5500, 0x100)
#else
EXC_VIRT_NONE(0x5500, 0x100)
#endif

#ifdef CONFIG_PPC_DENORMALISATION
TRAMP_REAL_BEGIN(denorm_assist)
BEGIN_FTR_SECTION
/*
 * To denormalise we need to move a copy of the register to itself.
 * For POWER6 do that here for all FP regs.
 */
	mfmsr	r10
	ori	r10,r10,(MSR_FP|MSR_FE0|MSR_FE1)
	xori	r10,r10,(MSR_FE0|MSR_FE1)
	mtmsrd	r10
	sync

	.Lreg=0
	.rept 32
	fmr	.Lreg,.Lreg
	.Lreg=.Lreg+1
	.endr

FTR_SECTION_ELSE
/*
 * To denormalise we need to move a copy of the register to itself.
 * For POWER7 do that here for the first 32 VSX registers only.
 */
	mfmsr	r10
	oris	r10,r10,MSR_VSX@h
	mtmsrd	r10
	sync

	.Lreg=0
	.rept 32
	XVCPSGNDP(.Lreg,.Lreg,.Lreg)
	.Lreg=.Lreg+1
	.endr

ALT_FTR_SECTION_END_IFCLR(CPU_FTR_ARCH_206)

BEGIN_FTR_SECTION
	b	denorm_done
END_FTR_SECTION_IFCLR(CPU_FTR_ARCH_207S)
/*
 * To denormalise we need to move a copy of the register to itself.
 * For POWER8 we need to do that for all 64 VSX registers
 */
	.Lreg=32
	.rept 32
	XVCPSGNDP(.Lreg,.Lreg,.Lreg)
	.Lreg=.Lreg+1
	.endr

denorm_done:
	mfspr	r11,SPRN_HSRR0
	subi	r11,r11,4
	mtspr	SPRN_HSRR0,r11
	mtcrf	0x80,r9
	ld	r9,PACA_EXGEN+EX_R9(r13)
BEGIN_FTR_SECTION
	ld	r10,PACA_EXGEN+EX_PPR(r13)
	mtspr	SPRN_PPR,r10
END_FTR_SECTION_IFSET(CPU_FTR_HAS_PPR)
BEGIN_FTR_SECTION
	ld	r10,PACA_EXGEN+EX_CFAR(r13)
	mtspr	SPRN_CFAR,r10
END_FTR_SECTION_IFSET(CPU_FTR_CFAR)
	li	r10,0
	stb	r10,PACAHSRR_VALID(r13)
	ld	r10,PACA_EXGEN+EX_R10(r13)
	ld	r11,PACA_EXGEN+EX_R11(r13)
	ld	r12,PACA_EXGEN+EX_R12(r13)
	ld	r13,PACA_EXGEN+EX_R13(r13)
	HRFI_TO_UNKNOWN
	b	.
#endif

EXC_COMMON_BEGIN(denorm_exception_common)
	GEN_COMMON denorm_exception
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	unknown_exception
	b	interrupt_return_hsrr


#ifdef CONFIG_CBE_RAS
INT_DEFINE_BEGIN(cbe_maintenance)
	IVEC=0x1600
	IHSRR=1
INT_DEFINE_END(cbe_maintenance)

EXC_REAL_BEGIN(cbe_maintenance, 0x1600, 0x100)
	GEN_INT_ENTRY cbe_maintenance, virt=0
EXC_REAL_END(cbe_maintenance, 0x1600, 0x100)
EXC_VIRT_NONE(0x5600, 0x100)
EXC_COMMON_BEGIN(cbe_maintenance_common)
	GEN_COMMON cbe_maintenance
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	cbe_maintenance_exception
	b	interrupt_return_hsrr

#else /* CONFIG_CBE_RAS */
EXC_REAL_NONE(0x1600, 0x100)
EXC_VIRT_NONE(0x5600, 0x100)
#endif


INT_DEFINE_BEGIN(altivec_assist)
	IVEC=0x1700
#ifdef CONFIG_KVM_BOOK3S_PR_POSSIBLE
	IKVM_REAL=1
#endif
INT_DEFINE_END(altivec_assist)

EXC_REAL_BEGIN(altivec_assist, 0x1700, 0x100)
	GEN_INT_ENTRY altivec_assist, virt=0
EXC_REAL_END(altivec_assist, 0x1700, 0x100)
EXC_VIRT_BEGIN(altivec_assist, 0x5700, 0x100)
	GEN_INT_ENTRY altivec_assist, virt=1
EXC_VIRT_END(altivec_assist, 0x5700, 0x100)
EXC_COMMON_BEGIN(altivec_assist_common)
	GEN_COMMON altivec_assist
	addi	r3,r1,STACK_FRAME_OVERHEAD
#ifdef CONFIG_ALTIVEC
	bl	altivec_assist_exception
	REST_NVGPRS(r1) /* instruction emulation may change GPRs */
#else
	bl	unknown_exception
#endif
	b	interrupt_return_srr


#ifdef CONFIG_CBE_RAS
INT_DEFINE_BEGIN(cbe_thermal)
	IVEC=0x1800
	IHSRR=1
INT_DEFINE_END(cbe_thermal)

EXC_REAL_BEGIN(cbe_thermal, 0x1800, 0x100)
	GEN_INT_ENTRY cbe_thermal, virt=0
EXC_REAL_END(cbe_thermal, 0x1800, 0x100)
EXC_VIRT_NONE(0x5800, 0x100)
EXC_COMMON_BEGIN(cbe_thermal_common)
	GEN_COMMON cbe_thermal
	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	cbe_thermal_exception
	b	interrupt_return_hsrr

#else /* CONFIG_CBE_RAS */
EXC_REAL_NONE(0x1800, 0x100)
EXC_VIRT_NONE(0x5800, 0x100)
#endif


#ifdef CONFIG_PPC_WATCHDOG

INT_DEFINE_BEGIN(soft_nmi)
	IVEC=0x900
	ISTACK=0
	ICFAR=0
INT_DEFINE_END(soft_nmi)

/*
 * Branch to soft_nmi_interrupt using the emergency stack. The emergency
 * stack is one that is usable by maskable interrupts so long as MSR_EE
 * remains off. It is used for recovery when something has corrupted the
 * normal kernel stack, for example. The "soft NMI" must not use the process
 * stack because we want irq disabled sections to avoid touching the stack
 * at all (other than PMU interrupts), so use the emergency stack for this,
 * and run it entirely with interrupts hard disabled.
 */
EXC_COMMON_BEGIN(soft_nmi_common)
	mr	r10,r1
	ld	r1,PACAEMERGSP(r13)
	subi	r1,r1,INT_FRAME_SIZE
	__GEN_COMMON_BODY soft_nmi

	addi	r3,r1,STACK_FRAME_OVERHEAD
	bl	soft_nmi_interrupt

	/* Clear MSR_RI before setting SRR0 and SRR1. */
	li	r9,0
	mtmsrd	r9,1

	kuap_kernel_restore r9, r10

	EXCEPTION_RESTORE_REGS hsrr=0
	RFI_TO_KERNEL

#endif /* CONFIG_PPC_WATCHDOG */

/*
 * An interrupt came in while soft-disabled. We set paca->irq_happened, then:
 * - If it was a decrementer interrupt, we bump the dec to max and return.
 * - If it was a doorbell we return immediately since doorbells are edge
 *   triggered and won't automatically refire.
 * - If it was a HMI we return immediately since we handled it in realmode
 *   and it won't refire.
 * - Else it is one of PACA_IRQ_MUST_HARD_MASK, so hard disable and return.
 * This is called with r10 containing the value to OR to the paca field.
 */
.macro MASKED_INTERRUPT hsrr=0
	.if \hsrr
masked_Hinterrupt:
	.else
masked_interrupt:
	.endif
	stw	r9,PACA_EXGEN+EX_CCR(r13)
#ifdef CONFIG_PPC_IRQ_SOFT_MASK_DEBUG
	/*
	 * Ensure there was no previous MUST_HARD_MASK interrupt or
	 * HARD_DIS setting. If this does fire, the interrupt is still
	 * masked and MSR[EE] will be cleared on return, so no need to
	 * panic, but somebody probably enabled MSR[EE] under
	 * PACA_IRQ_HARD_DIS, mtmsr(mfmsr() | MSR_x) being a common
	 * cause.
	 */
	lbz	r9,PACAIRQHAPPENED(r13)
	andi.	r9,r9,(PACA_IRQ_MUST_HARD_MASK|PACA_IRQ_HARD_DIS)
0:	tdnei	r9,0
	EMIT_WARN_ENTRY 0b,__FILE__,__LINE__,(BUGFLAG_WARNING | BUGFLAG_ONCE)
#endif
	lbz	r9,PACAIRQHAPPENED(r13)
	or	r9,r9,r10
	stb	r9,PACAIRQHAPPENED(r13)

	.if ! \hsrr
	cmpwi	r10,PACA_IRQ_DEC
	bne	1f
	LOAD_REG_IMMEDIATE(r9, 0x7fffffff)
	mtspr	SPRN_DEC,r9
#ifdef CONFIG_PPC_WATCHDOG
	lwz	r9,PACA_EXGEN+EX_CCR(r13)
	b	soft_nmi_common
#else
	b	2f
#endif
	.endif

1:	andi.	r10,r10,PACA_IRQ_MUST_HARD_MASK
	beq	2f
	xori	r12,r12,MSR_EE	/* clear MSR_EE */
	.if \hsrr
	mtspr	SPRN_HSRR1,r12
	.else
	mtspr	SPRN_SRR1,r12
	.endif
	ori	r9,r9,PACA_IRQ_HARD_DIS
	stb	r9,PACAIRQHAPPENED(r13)
2:	/* done */
	li	r9,0
	.if \hsrr
	stb	r9,PACAHSRR_VALID(r13)
	.else
	stb	r9,PACASRR_VALID(r13)
	.endif

	SEARCH_RESTART_TABLE
	cmpdi	r12,0
	beq	3f
	.if \hsrr
	mtspr	SPRN_HSRR0,r12
	.else
	mtspr	SPRN_SRR0,r12
	.endif
3:

	ld	r9,PACA_EXGEN+EX_CTR(r13)
	mtctr	r9
	lwz	r9,PACA_EXGEN+EX_CCR(r13)
	mtcrf	0x80,r9
	std	r1,PACAR1(r13)
	ld	r9,PACA_EXGEN+EX_R9(r13)
	ld	r10,PACA_EXGEN+EX_R10(r13)
	ld	r11,PACA_EXGEN+EX_R11(r13)
	ld	r12,PACA_EXGEN+EX_R12(r13)
	ld	r13,PACA_EXGEN+EX_R13(r13)
	/* May return to masked low address where r13 is not set up */
	.if \hsrr
	HRFI_TO_KERNEL
	.else
	RFI_TO_KERNEL
	.endif
	b	.
.endm

TRAMP_REAL_BEGIN(stf_barrier_fallback)
	std	r9,PACA_EXRFI+EX_R9(r13)
	std	r10,PACA_EXRFI+EX_R10(r13)
	sync
	ld	r9,PACA_EXRFI+EX_R9(r13)
	ld	r10,PACA_EXRFI+EX_R10(r13)
	ori	31,31,0
	.rept 14
	b	1f
1:
	.endr
	blr

/* Clobbers r10, r11, ctr */
.macro L1D_DISPLACEMENT_FLUSH
	ld	r10,PACA_RFI_FLUSH_FALLBACK_AREA(r13)
	ld	r11,PACA_L1D_FLUSH_SIZE(r13)
	srdi	r11,r11,(7 + 3) /* 128 byte lines, unrolled 8x */
	mtctr	r11
	DCBT_BOOK3S_STOP_ALL_STREAM_IDS(r11) /* Stop prefetch streams */

	/* order ld/st prior to dcbt stop all streams with flushing */
	sync

	/*
	 * The load addresses are at staggered offsets within cachelines,
	 * which suits some pipelines better (on others it should not
	 * hurt).
	 */
1:
	ld	r11,(0x80 + 8)*0(r10)
	ld	r11,(0x80 + 8)*1(r10)
	ld	r11,(0x80 + 8)*2(r10)
	ld	r11,(0x80 + 8)*3(r10)
	ld	r11,(0x80 + 8)*4(r10)
	ld	r11,(0x80 + 8)*5(r10)
	ld	r11,(0x80 + 8)*6(r10)
	ld	r11,(0x80 + 8)*7(r10)
	addi	r10,r10,0x80*8
	bdnz	1b
.endm

TRAMP_REAL_BEGIN(entry_flush_fallback)
	std	r9,PACA_EXRFI+EX_R9(r13)
	std	r10,PACA_EXRFI+EX_R10(r13)
	std	r11,PACA_EXRFI+EX_R11(r13)
	mfctr	r9
	L1D_DISPLACEMENT_FLUSH
	mtctr	r9
	ld	r9,PACA_EXRFI+EX_R9(r13)
	ld	r10,PACA_EXRFI+EX_R10(r13)
	ld	r11,PACA_EXRFI+EX_R11(r13)
	blr

/*
 * The SCV entry flush happens with interrupts enabled, so it must disable
 * to prevent EXRFI being clobbered by NMIs (e.g., soft_nmi_common). r10
 * (containing LR) does not need to be preserved here because scv entry
 * puts 0 in the pt_regs, CTR can be clobbered for the same reason.
 */
TRAMP_REAL_BEGIN(scv_entry_flush_fallback)
	li	r10,0
	mtmsrd	r10,1
	lbz	r10,PACAIRQHAPPENED(r13)
	ori	r10,r10,PACA_IRQ_HARD_DIS
	stb	r10,PACAIRQHAPPENED(r13)
	std	r11,PACA_EXRFI+EX_R11(r13)
	L1D_DISPLACEMENT_FLUSH
	ld	r11,PACA_EXRFI+EX_R11(r13)
	li	r10,MSR_RI
	mtmsrd	r10,1
	blr

TRAMP_REAL_BEGIN(rfi_flush_fallback)
	SET_SCRATCH0(r13);
	GET_PACA(r13);
	std	r1,PACA_EXRFI+EX_R12(r13)
	ld	r1,PACAKSAVE(r13)
	std	r9,PACA_EXRFI+EX_R9(r13)
	std	r10,PACA_EXRFI+EX_R10(r13)
	std	r11,PACA_EXRFI+EX_R11(r13)
	mfctr	r9
	L1D_DISPLACEMENT_FLUSH
	mtctr	r9
	ld	r9,PACA_EXRFI+EX_R9(r13)
	ld	r10,PACA_EXRFI+EX_R10(r13)
	ld	r11,PACA_EXRFI+EX_R11(r13)
	ld	r1,PACA_EXRFI+EX_R12(r13)
	GET_SCRATCH0(r13);
	rfid

TRAMP_REAL_BEGIN(hrfi_flush_fallback)
	SET_SCRATCH0(r13);
	GET_PACA(r13);
	std	r1,PACA_EXRFI+EX_R12(r13)
	ld	r1,PACAKSAVE(r13)
	std	r9,PACA_EXRFI+EX_R9(r13)
	std	r10,PACA_EXRFI+EX_R10(r13)
	std	r11,PACA_EXRFI+EX_R11(r13)
	mfctr	r9
	L1D_DISPLACEMENT_FLUSH
	mtctr	r9
	ld	r9,PACA_EXRFI+EX_R9(r13)
	ld	r10,PACA_EXRFI+EX_R10(r13)
	ld	r11,PACA_EXRFI+EX_R11(r13)
	ld	r1,PACA_EXRFI+EX_R12(r13)
	GET_SCRATCH0(r13);
	hrfid

TRAMP_REAL_BEGIN(rfscv_flush_fallback)
	/* system call volatile */
	mr	r7,r13
	GET_PACA(r13);
	mr	r8,r1
	ld	r1,PACAKSAVE(r13)
	mfctr	r9
	ld	r10,PACA_RFI_FLUSH_FALLBACK_AREA(r13)
	ld	r11,PACA_L1D_FLUSH_SIZE(r13)
	srdi	r11,r11,(7 + 3) /* 128 byte lines, unrolled 8x */
	mtctr	r11
	DCBT_BOOK3S_STOP_ALL_STREAM_IDS(r11) /* Stop prefetch streams */

	/* order ld/st prior to dcbt stop all streams with flushing */
	sync

	/*
	 * The load adresses are at staggered offsets within cachelines,
	 * which suits some pipelines better (on others it should not
	 * hurt).
	 */
1:
	ld	r11,(0x80 + 8)*0(r10)
	ld	r11,(0x80 + 8)*1(r10)
	ld	r11,(0x80 + 8)*2(r10)
	ld	r11,(0x80 + 8)*3(r10)
	ld	r11,(0x80 + 8)*4(r10)
	ld	r11,(0x80 + 8)*5(r10)
	ld	r11,(0x80 + 8)*6(r10)
	ld	r11,(0x80 + 8)*7(r10)
	addi	r10,r10,0x80*8
	bdnz	1b

	mtctr	r9
	li	r9,0
	li	r10,0
	li	r11,0
	mr	r1,r8
	mr	r13,r7
	RFSCV

USE_TEXT_SECTION()

#ifdef CONFIG_KVM_BOOK3S_64_HANDLER
kvm_interrupt:
	/*
	 * The conditional branch in KVMTEST can't reach all the way,
	 * make a stub.
	 */
	b	kvmppc_interrupt
#endif

_GLOBAL(do_uaccess_flush)
	UACCESS_FLUSH_FIXUP_SECTION
	nop
	nop
	nop
	blr
	L1D_DISPLACEMENT_FLUSH
	blr
_ASM_NOKPROBE_SYMBOL(do_uaccess_flush)
EXPORT_SYMBOL(do_uaccess_flush)


MASKED_INTERRUPT
MASKED_INTERRUPT hsrr=1

USE_FIXED_SECTION(virt_trampolines)
	/*
	 * All code below __end_soft_masked is treated as soft-masked. If
	 * any code runs here with MSR[EE]=1, it must then cope with pending
	 * soft interrupt being raised (i.e., by ensuring it is replayed).
	 *
	 * The __end_interrupts marker must be past the out-of-line (OOL)
	 * handlers, so that they are copied to real address 0x100 when running
	 * a relocatable kernel. This ensures they can be reached from the short
	 * trampoline handlers (like 0x4f00, 0x4f20, etc.) which branch
	 * directly, without using LOAD_HANDLER().
	 */
	.align	7
	.globl	__end_interrupts
__end_interrupts:
DEFINE_FIXED_SYMBOL(__end_interrupts, virt_trampolines)

CLOSE_FIXED_SECTION(real_vectors);
CLOSE_FIXED_SECTION(real_trampolines);
CLOSE_FIXED_SECTION(virt_vectors);
CLOSE_FIXED_SECTION(virt_trampolines);

USE_TEXT_SECTION()

/* MSR[RI] should be clear because this uses SRR[01] */
_GLOBAL(enable_machine_check)
	mflr	r0
	bcl	20,31,$+4
0:	mflr	r3
	addi	r3,r3,(1f - 0b)
	mtspr	SPRN_SRR0,r3
	mfmsr	r3
	ori	r3,r3,MSR_ME
	mtspr	SPRN_SRR1,r3
	RFI_TO_KERNEL
1:	mtlr	r0
	blr

/* MSR[RI] should be clear because this uses SRR[01] */
disable_machine_check:
	mflr	r0
	bcl	20,31,$+4
0:	mflr	r3
	addi	r3,r3,(1f - 0b)
	mtspr	SPRN_SRR0,r3
	mfmsr	r3
	li	r4,MSR_ME
	andc	r3,r3,r4
	mtspr	SPRN_SRR1,r3
	RFI_TO_KERNEL
1:	mtlr	r0
	blr