thoughts and questions on 8xx patches

Robert P. J. Day rpjday at
Tue Sep 21 06:05:09 EST 2004

   based on my reading the source (and, in this case, 
arch/ppc/8xx_io/micropatch.c), i have a number of 
questions/observations on the whole ugly area of microcode patches, so 
i saved them all up and i'll ask them all at once.

   as a quick intro, the RISC Controller Config Register (RCCR) is 
what determines which regions of DPRAM can contain executable 
microcode.  according to the MPC850 manual, there are four 
possibilities for the ucode settings in that register (bits 14-15):

   00: no microcode execution
   01: 512 bytes at 0x2000, 256 bytes at 0x2f00
   10: 1K at 0x2000, 256 bytes at 0x2f00
   11: 2K at 0x2000, 512 bytes at 0x2e00

1) am i to assume that the two chunks of microcode written to these
    two different addresses are run independently?  and that it's
    *always* the case that, if there is any microcode at all, there
    will *always* be exactly two segments at the selected addresses?
    (that is, it's not possible to just write a patch to the first
    address and leave it at that.  or is it?  the docs don't make
    this clear.)

remaining questions deal with micropatch.c

2) in cpm_load_patch(), before writing microcode into dpmem, the
    RCCR register is set to disable microcode:

    commproc->cp_rccr = 0;

    and is reactivated later.  is this necessary while you're
    installing ucode?

3) next, in micropatch.c, microcode is directly copied from the
    patch arrays patch_2000[] and patch_2f00[] into the respective
    addresses in dpmem.  but who's to say that these arrays are
    always guaranteed to exist?  notice above that there could very
    well exist a patch that writes to 2000 and 2e00 instead.  it
    seems like a bad idea to just flat-out assume that those two
    arrays will always exist, unless there's something more subtle
    happening here that i missed.

4) if the USB SOF patch is being applied, i notice that the RCCR
    register is reset with the value 0x0009, which not only sets
    the microcode address sizes, but sets the RCCR bit for EIE --
    external interrupt enable.  i'm not even going to ask what that
    does, but it will come up later.  i'm just going to accept it as
    magic and move on.

5) if you've defined either SMC PATCH or IIC PATCH, then this
    routine defines the relocation base for the IIC and SPI structs:

    #define RPBASE 0x0400

    this is an error since, from above in that file, the size of the
    SMC/IIC/SPI patch is not 1024 bytes, but 1280, which means that
    the patch will clash with those relocated structures at offset
    0x0400.  redefine RPBASE to 0x0500 to fix this.

6) if you're applying the SMC patch, notice that this routine will
    also apply the patch array patch_2e00[].  now, how exactly does
    that co-operate with the patch_2f00[] array that has *already* been
    installed?  the 2e00 patch is awfully short, and *that's* the ucode
    that's going to be run.  what happens with the stuff that was
    installed at offset 0x2f00 earlier?  will it be run as well?  how?

7) finally, the function verify_patch() clearly does just that --
    verifies the patch contents.  at the top, it disables ucode
    execution (again, why?) with:

    commproc->cp_rccr = 0;

    but at the bottom, it resets the RCCR register with:

    commproc->cp_rccr = 0x0009;

    huh?  i'm pretty sure that's a bad idea, given that the restored
    value should reflect what was in that register before, rather
    than just hardcoding it to 0x0009.  this is fine if you're
    verifying the USB SOF patch, but it's not so good if you're
    verifying any other kind of patch.



More information about the Linuxppc-dev mailing list