Macintosh-SW/powermac-rom
1
0
Fork 0
mirror of https://github.com/elliotnunn/powermac-rom.git synced 2024-10-19 03:24:43 +00:00
Code Issues Projects Releases Wiki Activity
f1b71713d3
powermac-rom/Internal/NKPublic.a
Elliot Nunn f1b71713d3 second crack at init code
2018-07-15 01:31:15 +08:00

987 lines
30 KiB
Plaintext
Raw Blame History

;_______________________________________________________________________
; Data structures internal to the NanoKernel
;_______________________________________________________________________
;_______________________________________________________________________
; INFORECORD PAGE
;
; Lives at 5fffe000 on most (all?) PowerPC Macs. The public-ish part
; is the InfoRecord, which lives in the upper 64 bytes. This contains
; logical pointers, sizes and versions for the data structures that
; are shared between the NanoKernel and userspace. See
; PPCInfoRecordsPriv.s for the contents of these structures.
;
;_______________________________________________________________________
IRP record 0xdc0,INCR
SystemInfo ds.l 80 ; dc0:f00 ; other NK versions keep their structures elsewhere,
HWInfo ds.l 48 ; f00:fc0 ; so always use InfoRecord to find them from userspace
InfoRecord ds.l 16 ; fc0:1000 ; the public part
endr
; Some InfoRecord fields are obliquely referenced from PPCInfoRecordsPriv.h
; (e.g. nkSystemInfoPtr = 0x5FFFEFF0)
InfoRecBlkEntry
InfoRecBlk record 64,DECR
ProcInfo ds InfoRecBlkEntry
SysInfo ds InfoRecBlkEntry
DiagInfo ds InfoRecBlkEntry
NKInfo ds InfoRecBlkEntry
ProcInfo2 ds InfoRecBlkEntry
Unknown5 ds InfoRecBlkEntry
Unknown6 ds InfoRecBlkEntry
Unknown7 ds InfoRecBlkEntry
endr
InfoRecBlk record 0,INCR
UnknownPtr ds.l 1 ; 00
UnknownVer ds.l 1 ; 04
UnknownLen ds.l 1 ; 06
NKProcessorStatePtr ds.l 1 ; 08
NKProcessorStateVer ds.w 1 ; 0c
NKProcessorStateLen ds.w 1 ; 0e
NKHWInfoPtr ds.l 1 ; 10
NKHWInfoVer ds.w 1 ; 14
NKHWInfoLen ds.w 1 ; 16
NKProcessorInfoPtr ds.l 1 ; 18
NKProcessorInfoVer ds.w 1 ; 1c
NKProcessorInfoLen ds.w 1 ; 1e
NKNanoKernelInfoPtr ds.l 1 ; 20
NKNanoKernelInfoVer ds.w 1 ; 24
NKNanoKernelInfoLen ds.w 1 ; 26
NKDiagInfoPtr ds.l 1 ; 28
NKDiagInfoVer ds.w 1 ; 2c
NKDiagInfoLen ds.w 1 ; 2e
NKSystemInfoPtr ds.l 1 ; 30
NKSystemInfoVer ds.w 1 ; 34
NKSystemInfoLen ds.w 1 ; 36
NKProcessorInfoPtr2 ds.l 1 ; 38
NKProcessorInfoVer2 ds.w 1 ; 3c
NKProcessorInfoLen2 ds.w 1 ; 3e
Size equ *
endr
;_______________________________________________________________________
; PRIMARY SYSTEM AREA
;
; The PSA is Rene's homage to the ESA390's prefix storage area.
; It contains "the PowerPC IVT and some NK pointers."
;
; New to NKv2, it lives in the page below the KDP. On CPU0, this is
; also just below the below-SPRG0 part of the Exception Work Area.
; It is almost always accessed by negative offset from GPR1, hence
; the negative offsets.
;_______________________________________________________________________
PSA record {EndOfPSA},INCR
Base
HTABLock ds.l 8 ; -b90:-b70
PIHLock ds.l 8 ; -b70:-b50
SchLock ds.l 8 ; -b50:-b30
ThudLock ds.l 8 ; -b30:-b10 ; for the interactive debugger
RTASLock ds.l 8 ; -b10:-af0
DbugLock ds.l 8 ; -af0:-ad0
PoolLock ds.l 8 ; -ad0:-ab0
FreePool ds.l 4 ; -ab0 ; LLL with signature 'POOL'
FirstPoolSeg ds.l 1 ; -aa0 ; singly linked list (=>BGN=>END=>BGN...)
FirstPoolSegLogical ds.l 1 ; -a9c
IndexPtr ds.l 1 ; -a98 ; index of opaque IDs
CoherenceGrpList ds.l 4 ; -a94:-a84 ; signature 'GRPS'
TimerQueue ds.l 16 ; -a84:-a44 ; there are more of these in the pool
DelayQueue ds.l 4 ; -a44:-a34
DbugQueue ds.l 4 ; -a34:-a24
PageQueue ds.l 4 ; -a24:-a14
NotQueue ds.l 4 ; -a14:-a04
_a04 ds.l 1 ; -a04
QueueRelatedZero1 ds.l 1 ; -a00 ; set to zero when queues are inited
QueueRelatedZero2 ds.l 1 ; -9fc ; same again
_9f8 ds.l 1 ; -9f8
_9f4 ds.l 1 ; -9f4
ReadyQueues
CriticalReadyQ ds.l 8 ; -9f0:-9d0 ; unblocked tasks with priority 0
LatencyProtectReadyQ ds.l 8 ; -9d0:-9b0 ; unblocked tasks with priority 1
NominalReadyQ ds.l 8 ; -9b0:-990 ; unblocked tasks with priority 2
IdleReadyQ ds.l 8 ; -990:-970 ; unblocked tasks with priority 3
PriorityFlags ds.l 1 ; -970 ; bit 0 is 0, bit 1 is 1, etc...
ScrambledMPCallTime ds.l 1 ; -96c ; by MP call return
FlagsTemplate ds.l 1 ; -968 ; typically just bitFlagVec
UserModeMSR ds.l 1 ; -964
ThudBuffer ds.b 96 ; -960:-900 ; that's the kernel debugger
NoIdeaR23 ds.l 1 ; -900 ; r23 copies here... replated to RTAS?
_8fc ds.l 1 ; -8fc
_8f8 ds.l 1 ; -8f8
_8f4 ds.w 1 ; -8f4
_8f2 ds.w 1 ; -8f2
PA_BlueTask ds.l 1 ; -8f0 ; set at the same time as the one below
_8ec ds.l 1 ; -8ec
_8e8 ds.l 1 ; -8e8
OtherSystemContextPtr ds.l 1 ; -8e4 ; sometimes set to PA_ECB
VectorRegInitWord ds.l 1 ; -8e0 ; task vector regs get inited with this word x 4
SevenFFFDead2 ds.l 1 ; -8dc
SevenFFFDead3 ds.l 1 ; -8d8
SevenFFFDead4 ds.l 1 ; -8d4
VioletVecBase ds.l 48 ; -8d0:-810
VecBaseIdle ds.l 48 ; -810:-750 ; to wake from DOZE/NAP/SLEEP state
VecBasePIH ds.l 48 ; -750:-690 ; gets enabled by PDM PIH
VecBaseScreenConsole ds.l 48 ; -690:-5d0
DiagInfo ds.b 256 ; -5d0:-4d0
ProcessorState ds.b 128 ; -4d0:-450 ; interesting what this gets used by
FreeList ds.l 4 ; -450:-440
MCR ds.l 1 ; -440 ; reported by heartbeat code
Pending68kInt ds.w 1 ; -43c ; used when Sch interrupts blue task (-1 means "none")
_43a ds.w 1 ; -43a
DecClockRateHzCopy ds.l 1 ; -438 ; copied by Init.s
OtherTimerQueuePtr ds.l 1 ; -434 ; unsigned timer queue in the pool, set by InitTMRQs
FreePageCount ds.l 1 ; -430 ; zeroed by InitFreePageList
UnheldFreePageCount ds.l 1 ; -42c
ExternalHandlerID ds.l 1 ; -428 ; notification for PIH to bump
SystemAddressSpaceID ds.l 1 ; -424
AgerID ds.l 1 ; -420
blueProcessPtr ds.l 1 ; -41c ; physical ptr to first type-1 struct created
ThermalHandlerID ds.l 1 ; -418 ; is a Note struct
PMFHandlerID ds.l 1 ; -414 ; also a Note struct
BlueSpinningOn ds.l 1 ; -410 ; ID or 0 or -1
_40c ds.l 1 ; -40c
_408 ds.l 1 ; -408
_404 ds.l 1 ; -404
_400 ds.l 1 ; -400
OtherSystemAddrSpcPtr ds.l 1 ; -3fc
OtherSystemAddrSpcPtr2 ds.l 1 ; -3f8 ; copied from the one above by InitFreePageList
ZeroedByInitFreeList3 ds.l 1 ; -3f4
_3f0 ds.l 1 ; -3f0
_3ec ds.l 1 ; -3ec
_3e8 ds.l 1 ; -3e8
_3e4 ds.l 1 ; -3e4
_3e0 ds.l 1 ; -3e0
_3dc ds.l 1 ; -3dc
_3d8 ds.l 1 ; -3d8
_3d4 ds.l 1 ; -3d4
_3d0 ds.l 1 ; -3d0
_3cc ds.l 1 ; -3cc
_3c8 ds.l 1 ; -3c8
_3c4 ds.l 1 ; -3c4
_3c0 ds.l 1 ; -3c0
_3bc ds.l 1 ; -3bc
_3b8 ds.l 1 ; -3b8
_3b4 ds.l 1 ; -3b4
_3b0 ds.l 1 ; -3b0
_3ac ds.l 1 ; -3ac
_3a8 ds.l 1 ; -3a8
_3a4 ds.l 1 ; -3a4
_3a0 ds.l 1 ; -3a0
_39c ds.l 1 ; -39c
_398 ds.l 1 ; -398
_394 ds.l 1 ; -394
_390 ds.l 1 ; -390
_38c ds.l 1 ; -38c
_388 ds.l 1 ; -388
_384 ds.l 1 ; -384
_380 ds.l 1 ; -380
_37c ds.l 1 ; -37c
_378 ds.l 1 ; -378
_374 ds.l 1 ; -374
_370 ds.l 1 ; -370
_36c ds.l 1 ; -36c
_368 ds.l 1 ; -368
_364 ds.l 1 ; -364
_360 ds.w 1 ; -360
_35e ds.w 1 ; -35e
_35c ds.w 1 ; -35c
_35a ds.w 1 ; -35a
_358 ds.w 1 ; -358
_356 ds.w 1 ; -356
_354 ds.l 1 ; -354
_350 ds.l 1 ; -350
_34c ds.l 1 ; -34c
_348 ds.l 1 ; -348
_344 ds.l 1 ; -344
EWAFiller ds.b 0x340
EndOfPSA
endr
;_______________________________________________________________________
; EXCEPTION WORK AREA
;
; Each CPU has one of these. It is half-heartedly enclosed by a "CPU"
; MP struct. Along with the SPRG registers, it is essential in order
; for the CPU to get its bearings at interrupt time. Each CPU's SPRG0
; always points *into* that CPU's EWA.
;_______________________________________________________________________
EWA record -0x340,INCR
; Fun fact: offsets before here contain the additional kernel globals
; ("Primary System Area"), but only on CPU-0.
; It's kind of complicated, but the CPU MP struct of CPU-0
; starts life as a chunk of the kernel globals, carefully placed
; so the "middle" (zero offset) of the Exception Work Area
; within that CPU struct will equal the "middle" (zero offset)
; of the kernel globals (i.e. between the negative-index v2-only
; Primary System Area and the positive-offset Kernel Data Page).
; Subsequent CPU structs are just large allocations in the kernel
; pool, with the CPU's SPRG0 register being pointed to the zero
; point of that CPU struct's EWA.
CPUBase ds.b 32 ; -340:-320 ; not really part of the EWA, but more an MP struct
Base ; used when init'ed as part of the enclosing CPU struct
; Now for the actual meat of sandwich.
; Many of these fields are used by functions at interrupt time
; to save/restore registers, in lieu of a stack.
TimeList ds.l 4 ; -320:-310, cpu+020
ds.l 1 ; -310, cpu+030
ds.b 1 ; -30c, cpu+034
ds.b 1 ; -30b, cpu+035
ds.b 1 ; -30a, cpu+036
GlobalTimeIsValid ds.b 1 ; -309, cpu+037
ds.l 1 ; -308, cpu+038
ds.l 1 ; -304, cpu+03c
ds.l 1 ; -300, cpu+040
ds.l 1 ; -2fc, cpu+044
ds.l 1 ; -2f8, cpu+048
ds.l 1 ; -2f4, cpu+04c
ds.l 1 ; -2f0, cpu+050
ds.l 1 ; -2ec, cpu+054
GlobalTime ds.l 2 ; -2e8, cpu+058
ThudSavedR29 ds.l 1 ; -2e0, cpu+060
ThudSavedR30 ds.l 1 ; -2dc, cpu+064
ThudSavedR31 ds.l 1 ; -2d8, cpu+068
ds.l 1 ; -2d4, cpu+06c
SIGPSavedR10 ds.l 1 ; -2d0, cpu+070
SIGPSavedR11 ds.l 1 ; -2cc, cpu+074
SIGPSavedR12 ds.l 1 ; -2c8, cpu+078
SIGPSavedR13 ds.l 1 ; -2c4, cpu+07c
SIGPSavedXER ds.l 1 ; -2c0, cpu+080
SIGPSavedCTR ds.l 1 ; -2bc, cpu+084
SIGPSavedLR ds.l 1 ; -2b8, cpu+088
SIGPSavedR6 ds.l 1 ; -2b4, cpu+08c
SIGPSavedR7 ds.l 1 ; -2b0, cpu+090
SIGPSpacOnResume ds.l 1 ; -2ac, cpu+094 ; address space ptr to switch to when plug has executed
ds.l 1 ; -2a8, cpu+098
ds.l 1 ; -2a4, cpu+09c
ds.l 1 ; -2a0, cpu+0a0
ds.l 1 ; -29c, cpu+0a4
ds.l 1 ; -298, cpu+0a8
ds.l 1 ; -294, cpu+0ac
ds.l 1 ; -290, cpu+0b0
ds.l 1 ; -28c, cpu+0b4
ds.l 1 ; -288, cpu+0b8
ds.l 1 ; -284, cpu+0bc
ds.l 1 ; -280, cpu+0c0
ds.l 1 ; -27c, cpu+0c4
SpacesSavedLR ds.l 1 ; -278, cpu+0c8
SpacesSavedCR ds.l 1 ; -274, cpu+0cc
SpacesSavedAreaBase ds.l 1 ; -270, cpu+0d0
SpacesDeferredAreaPtr ds.l 1 ; -26c, cpu+0d4
ds.l 1 ; -268, cpu+0d8
ds.l 1 ; -264, cpu+0dc
SchSavedIncomingTask ds.l 1 ; -260, cpu+0e0
ds.l 1 ; -25c, cpu+0e4
TimerDispatchLR ds.l 1 ; -258, cpu+0e8
ds.l 1 ; -254, cpu+0ec
ds.l 1 ; -250, cpu+0f0
ds.l 1 ; -24c, cpu+0f4
ds.l 1 ; -248, cpu+0f8
ds.l 1 ; -244, cpu+0fc
ds.l 1 ; -240, cpu+100
ds.l 1 ; -23c, cpu+104
SIGPSelector ds.l 1 ; -238, cpu+108
SIGPCallR4 ds.l 1 ; -234, cpu+10c
SIGPCallR5 ds.l 1 ; -230, cpu+110
SIGPCallR6 ds.l 1 ; -22c, cpu+114
SIGPCallR7 ds.l 1 ; -228, cpu+118
SIGPCallR8 ds.l 1 ; -224, cpu+11c
SIGPCallR9 ds.l 1 ; -220, cpu+120
SIGPCallR10 ds.l 1 ; -21c, cpu+124
ds.l 1 ; -218, cpu+128
ds.l 1 ; -214, cpu+12c
ds.l 1 ; -210, cpu+130
ds.l 1 ; -20c, cpu+134
ds.l 1 ; -208, cpu+138
ds.l 1 ; -204, cpu+13c
ds.l 1 ; -200, cpu+140
ds.l 1 ; -1fc, cpu+144
ds.l 1 ; -1f8, cpu+148
ds.l 1 ; -1f4, cpu+14c
ds.l 1 ; -1f0, cpu+150
ds.l 1 ; -1ec, cpu+154
ds.l 1 ; -1e8, cpu+158
ds.l 1 ; -1e4, cpu+15c
ds.l 1 ; -1e0, cpu+160
ds.l 1 ; -1dc, cpu+164
ds.l 1 ; -1d8, cpu+168
ds.l 1 ; -1d4, cpu+16c
ds.l 1 ; -1d0, cpu+170
ds.l 1 ; -1cc, cpu+174
ds.l 1 ; -1c8, cpu+178
ds.l 1 ; -1c4, cpu+17c
ds.l 1 ; -1c0, cpu+180
ds.l 1 ; -1bc, cpu+184
ds.l 1 ; -1b8, cpu+188
ds.l 1 ; -1b4, cpu+18c
ds.l 1 ; -1b0, cpu+190
ds.l 1 ; -1ac, cpu+194
ds.l 1 ; -1a8, cpu+198
ds.l 1 ; -1a4, cpu+19c
ds.l 1 ; -1a0, cpu+1a0
ds.l 1 ; -19c, cpu+1a4
ds.l 1 ; -198, cpu+1a8
ds.l 1 ; -194, cpu+1ac
ds.l 1 ; -190, cpu+1b0
ds.l 1 ; -18c, cpu+1b4
ds.l 1 ; -188, cpu+1b8
ds.l 1 ; -184, cpu+1bc
ds.l 1 ; -180, cpu+1c0
ds.l 1 ; -17c, cpu+1c4
ds.l 1 ; -178, cpu+1c8
ds.l 1 ; -174, cpu+1cc
ds.l 1 ; -170, cpu+1d0
ds.l 1 ; -16c, cpu+1d4
ds.l 1 ; -168, cpu+1d8
ds.l 1 ; -164, cpu+1dc
ds.l 1 ; -160, cpu+1e0
ds.l 1 ; -15c, cpu+1e4
ds.l 1 ; -158, cpu+1e8
ds.l 1 ; -154, cpu+1ec
ds.l 1 ; -150, cpu+1f0
ds.l 1 ; -14c, cpu+1f4
ds.l 1 ; -148, cpu+1f8
ds.l 1 ; -144, cpu+1fc
ds.l 1 ; -140, cpu+200
ds.l 1 ; -13c, cpu+204
ds.l 1 ; -138, cpu+208
ds.l 1 ; -134, cpu+20c
ds.l 1 ; -130, cpu+210
ds.l 1 ; -12c, cpu+214
ds.l 1 ; -128, cpu+218
ds.l 1 ; -124, cpu+21c
ds.l 1 ; -120, cpu+220
ds.l 1 ; -11c, cpu+224
SchEvalFlag ds.b 1 ; -118, cpu+228
TaskPriority ds.b 1 ; -117, cpu+229
CPUIndex ds.w 1 ; -116, cpu+22a
WeMightClear ds.l 1 ; -114, cpu+22c ; still boots if not cleared
ds.l 1 ; -110, cpu+230
ds.l 1 ; -10c, cpu+234
ds.l 1 ; -108, cpu+238
ds.l 1 ; -104, cpu+23c
ds.l 1 ; -100, cpu+240
ds.l 1 ; -0fc, cpu+244
ds.l 1 ; -0f8, cpu+248
ds.l 1 ; -0f4, cpu+24c
ds.l 1 ; -0f0, cpu+250
ds.l 1 ; -0ec, cpu+254
ds.l 1 ; -0e8, cpu+258
SpecialAreaPtr ds.l 1 ; -0e4, cpu+25c ; will panic on page fault if this is not valid
ds.l 1 ; -0e0, cpu+260
ds.l 1 ; -0dc, cpu+264
ds.l 1 ; -0d8, cpu+268
ds.l 1 ; -0d4, cpu+26c
ds.l 1 ; -0d0, cpu+270
ds.l 1 ; -0cc, cpu+274
ds.l 1 ; -0c8, cpu+278
ds.l 1 ; -0c4, cpu+27c
ds.l 1 ; -0c0, cpu+280
ds.l 1 ; -0bc, cpu+284
ds.l 1 ; -0b8, cpu+288
ds.l 1 ; -0b4, cpu+28c
ds.l 1 ; -0b0, cpu+290
ds.l 1 ; -0ac, cpu+294
ds.l 1 ; -0a8, cpu+298
ds.l 1 ; -0a4, cpu+29c
ds.l 1 ; -0a0, cpu+2a0
ds.l 1 ; -09c, cpu+2a4
ds.l 1 ; -098, cpu+2a8
ds.l 1 ; -094, cpu+2ac
ds.l 1 ; -090, cpu+2b0
ds.l 1 ; -08c, cpu+2b4
ds.l 1 ; -088, cpu+2b8
ds.l 1 ; -084, cpu+2bc
ds.l 1 ; -080, cpu+2c0
ds.l 1 ; -07c, cpu+2c4
ds.l 1 ; -078, cpu+2c8
ds.l 1 ; -074, cpu+2cc
ds.l 1 ; -070, cpu+2d0
ds.l 1 ; -06c, cpu+2d4
ds.l 1 ; -068, cpu+2d8
ds.l 1 ; -064, cpu+2dc
PoolSavedLR ds.l 1 ; -060, cpu+2e0
PoolSavedSizeArg ds.l 1 ; -05c, cpu+2e4
ds.l 1 ; -058, cpu+2e8
ds.l 1 ; -054, cpu+2ec
ds.l 1 ; -050, cpu+2f0
ds.l 1 ; -04c, cpu+2f4
ds.l 1 ; -048, cpu+2f8
ds.l 1 ; -044, cpu+2fc
CreateAreaSavedLR ds.l 1 ; -040, cpu+300
CreateAreaSavedR25 ds.l 1 ; -03c, cpu+304 ; ???!!!
CreateAreaSavedR26 ds.l 1 ; -038, cpu+308
CreateAreaSavedR27 ds.l 1 ; -034, cpu+30c
CreateAreaSavedR28 ds.l 1 ; -030, cpu+310
CreateAreaSavedR29 ds.l 1 ; -02c, cpu+314
CreateAreaSavedR30 ds.l 1 ; -028, cpu+318
CreateAreaSavedR31 ds.l 1 ; -024, cpu+31c
PA_IRP ds.l 1 ; -020, cpu+320
PA_CurAddressSpace ds.l 1 ; -01c, cpu+324
PA_PSA ds.l 1 ; -018, cpu+328
PA_ContextBlock ds.l 1 ; -014, cpu+32c
Flags ds.l 1 ; -010, cpu+330
Enables ds.l 1 ; -00c, cpu+334
PA_CurTask ds.l 1 ; -008, cpu+338
PA_KDP ds.l 1 ; -004, cpu+33c
; ZERO (SPRG0 points here)
r0 ds.l 1 ; 000, cpu+340 ; used for quick register saves at exception time...
r1 ds.l 1 ; 004, cpu+344
r2 ds.l 1 ; 008, cpu+348
r3 ds.l 1 ; 00c, cpu+34c
r4 ds.l 1 ; 010, cpu+350
r5 ds.l 1 ; 014, cpu+354
r6 ds.l 1 ; 018, cpu+358
r7 ds.l 1 ; 01c, cpu+35c
r8 ds.l 1 ; 020, cpu+360
r9 ds.l 1 ; 024, cpu+364
r10 ds.l 1 ; 028, cpu+368
r11 ds.l 1 ; 02c, cpu+36c
r12 ds.l 1 ; 030, cpu+370
r13 ds.l 1 ; 034, cpu+374
r14 ds.l 1 ; 038, cpu+378
r15 ds.l 1 ; 03c, cpu+37c
r16 ds.l 1 ; 040, cpu+380
r17 ds.l 1 ; 044, cpu+384
r18 ds.l 1 ; 048, cpu+388
r19 ds.l 1 ; 04c, cpu+38c
r20 ds.l 1 ; 050, cpu+390
r21 ds.l 1 ; 054, cpu+394
r22 ds.l 1 ; 058, cpu+398
r23 ds.l 1 ; 05c, cpu+39c
r24 ds.l 1 ; 060, cpu+3a0
r25 ds.l 1 ; 064, cpu+3a4
r26 ds.l 1 ; 068, cpu+3a8
r27 ds.l 1 ; 06c, cpu+3ac
r28 ds.l 1 ; 070, cpu+3b0
r29 ds.l 1 ; 074, cpu+3b4
r30 ds.l 1 ; 078, cpu+3b8
r31 ds.l 1 ; 07c, cpu+3bc
; Fun fact: offsets past here contain the main kernel globals
; ("Kernel Data Page"), but only on CPU-0.
endr
MemLayout record 0,INCR
SegMapPtr ds.l 1
BatMap ds.l 1 ; packed array of 4-bit indices into BATs
endr
BAT record 0,INCR
U ds.l 1
L ds.l 1
endr
;_______________________________________________________________________
; KERNEL DATA PAGE
;
; Positive offsets from the kernel global pointer (which can be found
; in the PA_KDP field of any CPU's EWA, and directly in the SPRG0 of
; CPU-0). Except for offsets < 128 bytes, which belong to the GPR save
; area of CPU-0's EWA (see the r0, r1 etc. directly above here?)
;_______________________________________________________________________
KDP record 0x80,INCR
SegMaps
SegMap32SupInit ds.l 32 ; 080:100
SegMap32UsrInit ds.l 32 ; 100:180
SegMap32CPUInit ds.l 32 ; 180:200
SegMap32OvlInit ds.l 32 ; 200:280
BATs ds.l 32 ; 280:300
CurIBAT0 ds BAT ; 300:308
CurIBAT1 ds BAT ; 308:310
CurIBAT2 ds BAT ; 310:318
CurIBAT3 ds BAT ; 318:320
CurDBAT0 ds BAT ; 320:328
CurDBAT1 ds BAT ; 328:330
CurDBAT2 ds BAT ; 330:338
CurDBAT3 ds BAT ; 338:340
NCBPointerCache
NCBCacheLA0 ds.l 1 ; 340
NCBCachePA0 ds.l 1 ; 344
NCBCacheLA1 ds.l 1 ; 348
NCBCachePA1 ds.l 1 ; 34c
NCBCacheLA2 ds.l 1 ; 350
NCBCachePA2 ds.l 1 ; 354
NCBCacheLA3 ds.l 1 ; 358
NCBCachePA3 ds.l 1 ; 35c
NCBPointerCacheEnd
VecBaseSystem ds.l 48 ; 360:420 ; when 68k emulator is running, *or* any MTask
VecBaseAlternate ds.l 48 ; 420:4e0 ; native PowerPC in blue task
VecBaseMemRetry ds.l 48 ; 4e0:5a0 ; "FDP" instruction emulation
FloatEmScratch ds.d 1 ; 5a0:5a8
TopOfFreePages ds.l 1 ; 5a8 ; gotten from the old SPRG0
ds.l 1 ; 5ac
PARPerSegmentPLEPtrs ds.l 4 ; 5b0:5c0 ; for each PAR segment, a ptr into the PAR PageList
FloatingPtTemp1 ds.l 1 ; 5c0
FloatingPtTemp2 ds.l 1 ; 5c4
SupervisorMemLayout ds MemLayout ; 5c8:5d0
UserMemLayout ds MemLayout ; 5d0:5d8
CpuMemLayout ds MemLayout ; 5d8:5e0
OverlayMemLayout ds MemLayout ; 5e0:5e8
CurrentMemLayout ds MemLayout ; 5e8:5f0
NanoKernelCallTable ds.l 16 ; 5f0:630
PA_ConfigInfo ds.l 1 ; 630
PA_EmulatorData ds.l 1 ; 634
KernelMemoryBase ds.l 1 ; 638
KernelMemoryEnd ds.l 1 ; 63c ; Top of HTAB (and entire kernel reserved area). Set by Init.s
PA_RelocatedLowMemInit ds.l 1 ; 640 ; From ConfigInfo. Ptr to Mac LowMem vars, which Init.s sets up
SharedMemoryAddr ds.l 1 ; 644 ; From ConfigInfo. Not sure what latest use is.
LA_EmulatorKernelTrapTable ds.l 1 ; 648 ; Calculated from ConfigInfo.
PA_NanoKernelCode ds.l 1 ; 64c ; Calculated by NanoKernel itself.
PA_FDP ds.l 1 ; 650 ; See notes in NanoKernel. Very interesting.
LA_ECB ds.l 1 ; 654 ; Logical ptr into EDP.
PA_ECB ds.l 1 ; 658 ; gets called "system context"
PA_ContextBlock ds.l 1 ; 65c ; moved to EWA (per-CPU) in NKv2
Flags ds.l 1 ; 660 ; moved to EWA (per-CPU) in NKv2
Enables ds.l 1 ; 664 ; moved to EWA (per-CPU) in NKv2
OtherContextDEC ds.l 1 ; 668 ; ticks the *inactive* context has left out of 1s
PA_PageMapEnd ds.l 1 ; 66c ; Set at the same time as PA_PageMapStart below...
TestIntMaskInit ds.l 1 ; 670 ; These are all copied from ConfigInfo...
PostIntMaskInit ds.l 1 ; 674
ClearIntMaskInit ds.l 1 ; 678
PA_EmulatorIplValue ds.l 1 ; 67c ; Physical ptr into EDP
SharedMemoryAddrPlus ds.l 1 ; 680 ; Really not sure
PA_PageMapStart ds.l 1 ; 684 ; Physical ptr to PageMap (= KDP+0x920)
PageAttributeInit ds.l 1 ; 688 ; defaults for page table entries (see ConfigInfo)
HtabTempPage ds.l 1 ; 68c
HtabTempEntryPtr ds.l 1 ; 690
NewestPageInHtab ds.l 1 ; 694
ApproxCurrentPTEG ds.l 1 ; 698
OverflowingPTEG ds.l 1 ; 69c
PTEGMask ds.l 1 ; 6a0
HTABORG ds.l 1 ; 6a4
VMLogicalPages ds.l 1 ; 6a8 ; set at init and changed by VMInit
TotalPhysicalPages ds.l 1 ; 6ac ; does not take into acct maximum MacOS memory
PARPageListPtr ds.l 1 ; 6b0 ; VM puts this in system heap
VMMaxVirtualPages ds.l 1 ; 6b4 ; always 5fffe000, even with VM on
CpuSpecificBytes
CpuSpecificByte1 ds.b 1 ; 6b8 ; seems to contain flags (set from PVR & tbl by Init.s)
CpuSpecificByte2 ds.b 1 ; 6b9 ; probably not flags (set in same way)
ds.b 1 ; 6ba
ds.b 1 ; 6bb
ds.l 1 ; 6bc
ds.l 16 ; 6c0 ; was PARPerSegmentPLEPtrs
StartOfPanicArea ; PROTECTED BY THUD LOCK
ThudSavedR0 ds.l 1 ; 700
ThudSavedR1 ds.l 1 ; 704 ; via SPRG1
ThudSavedR2 ds.l 1 ; 708
ThudSavedR3 ds.l 1 ; 70c
ThudSavedR4 ds.l 1 ; 710
ThudSavedR5 ds.l 1 ; 714
ThudSavedR6 ds.l 1 ; 718
ThudSavedR7 ds.l 1 ; 71c
ThudSavedR8 ds.l 1 ; 720
ThudSavedR9 ds.l 1 ; 724
ThudSavedR10 ds.l 1 ; 728
ThudSavedR11 ds.l 1 ; 72c
ThudSavedR12 ds.l 1 ; 730
ThudSavedR13 ds.l 1 ; 734
ThudSavedR14 ds.l 1 ; 738
ThudSavedR15 ds.l 1 ; 73c
ThudSavedR16 ds.l 1 ; 740
ThudSavedR17 ds.l 1 ; 744
ThudSavedR18 ds.l 1 ; 748
ThudSavedR19 ds.l 1 ; 74c
ThudSavedR20 ds.l 1 ; 750
ThudSavedR21 ds.l 1 ; 754
ThudSavedR22 ds.l 1 ; 758
ThudSavedR23 ds.l 1 ; 75c
ThudSavedR24 ds.l 1 ; 760
ThudSavedR25 ds.l 1 ; 764
ThudSavedR26 ds.l 1 ; 768
ThudSavedR27 ds.l 1 ; 76c
ThudSavedR28 ds.l 1 ; 770
ThudSavedR29 ds.l 1 ; 774
ThudSavedR30 ds.l 1 ; 778
ThudSavedR31 ds.l 1 ; 77c
ThudSavedCR ds.l 1 ; 780
ThudSavedMQ ds.l 1 ; 784
ThudSavedXER ds.l 1 ; 788
ThudSavedSPRG2 ds.l 1 ; 78c ; 'LR'
ThudSavedCTR ds.l 1 ; 790
ThudSavedPVR ds.l 1 ; 794
ThudSavedDSISR ds.l 1 ; 798
ThudSavedDAR ds.l 1 ; 79c
ThudSavedTBU ds.l 1 ; 7a0 ; RTCU on 601
ThudSavedTB ds.l 1 ; 7a4 ; RTCL on 601
ThudSavedDEC ds.l 1 ; 7a8
ThudSavedHID0 ds.l 1 ; 7ac
ThudSavedSDR1 ds.l 1 ; 7b0
ThudSavedSRR0 ds.l 1 ; 7b4
ThudSavedSRR1 ds.l 1 ; 7b8
ThudSavedMSR ds.l 1 ; 7bc
ThudSavedSR0 ds.l 1 ; 7c0
ThudSavedSR1 ds.l 1 ; 7c4
ThudSavedSR2 ds.l 1 ; 7c8
ThudSavedSR3 ds.l 1 ; 7cc
ThudSavedSR4 ds.l 1 ; 7d0
ThudSavedSR5 ds.l 1 ; 7d4
ThudSavedSR6 ds.l 1 ; 7d8
ThudSavedSR7 ds.l 1 ; 7dc
ThudSavedSR8 ds.l 1 ; 7e0
ThudSavedSR9 ds.l 1 ; 7e4
ThudSavedSR10 ds.l 1 ; 7e8
ThudSavedSR11 ds.l 1 ; 7ec
ThudSavedSR12 ds.l 1 ; 7f0
ThudSavedSR13 ds.l 1 ; 7f4
ThudSavedSR14 ds.l 1 ; 7f8
ThudSavedSR15 ds.l 1 ; 7fc
ThudSavedF0 ds.d 1 ; KDP.BATs + 0xa0
ThudSavedF1 ds.d 1 ; 808
ThudSavedF2 ds.d 1 ; 810
ThudSavedF3 ds.d 1 ; 818
ThudSavedF4 ds.d 1 ; 820
ThudSavedF5 ds.d 1 ; 828
ThudSavedF6 ds.d 1 ; 830
ThudSavedF7 ds.d 1 ; 838
ThudSavedF8 ds.d 1 ; 840
ThudSavedF9 ds.d 1 ; 848
ThudSavedF10 ds.d 1 ; 850
ThudSavedF11 ds.d 1 ; 858
ThudSavedF12 ds.d 1 ; 860
ThudSavedF13 ds.d 1 ; 868
ThudSavedF14 ds.d 1 ; 870
ThudSavedF15 ds.d 1 ; 878
ThudSavedF16 ds.d 1 ; 880
ThudSavedF17 ds.d 1 ; 888
ThudSavedF18 ds.d 1 ; 890
ThudSavedF19 ds.d 1 ; 898
ThudSavedF20 ds.d 1 ; 8a0
ThudSavedF21 ds.d 1 ; 8a8
ThudSavedF22 ds.d 1 ; 8b0
ThudSavedF23 ds.d 1 ; 8b8
ThudSavedF24 ds.d 1 ; 8c0
ThudSavedF25 ds.d 1 ; 8c8
ThudSavedF26 ds.d 1 ; 8d0
ThudSavedF27 ds.d 1 ; 8d8
ThudSavedF28 ds.d 1 ; 8e0
ThudSavedF29 ds.d 1 ; 8e8
ThudSavedF30 ds.d 1 ; 8f0
ThudSavedF31 ds.d 1 ; 8f8
SomethingSerial ds.l 1 ; 900 ; 'fpscr'
ThudSavedLR ds.l 1 ; 904 ; 'caller'
RTAS_Proc ds.l 1 ; 908 ; r8 on kernel entry
EndOfPanicArea
RTAS_PrivDataArea ds.l 1 ; 90c ; copied from HWInfo
ZeroWord ds.l 1 ; 910 ; Only NewWorld and Unknown PIHes touch this
ds.l 1 ; 914
ds.l 1 ; 918
ds.l 1 ; 91c
ds.b 0x3a0 ; 920:cc0
SysInfo ds NKSystemInfo ; cc0:d80
DiagInfo ds NKDiagInfo ; d80:e80
NKInfo ds NKNanoKernelInfo; e80:f80 ; see NKNanoKernelInfo in PPCInfoRecordsPriv
ProcInfo ds NKProcessorInfo ; f80:fc0
InfoRecBlk ds InfoRecBlk ; fc0:1000 ; was main copy in NKv1, now vestigial?
endr
;_______________________________________________________________________
; KERNEL VECTOR TABLE
;
; The kernel creates several of these, and activates one by pointing
; a CPU's SPRG3 ("vecBase") register at it. Find them in PSA and KDP.
; (For want of more information, I have colour coded them for now.)
;
; Each entry is a (hopefully 64-byte aligned) physical pointer to an
; interrupt service routine in the kernel. One entry roughly
; corresponds with one of the 256-byte aligned entry points into
; the PowerPC interrupt (="exception") vector table. Code for those
; can be found in :RISC:ExceptionTable.s.
;_______________________________________________________________________
VecTable record 0,INCR
; VBGYOR
ds.l 1 ; 00 ; scratch for IVT?
SystemResetVector ds.l 1 ; 04 ; called by IVT+100 (system reset)
MachineCheckVector ds.l 1 ; 08 ; called by IVT+200 (machine check)
DSIVector ds.l 1 ; 0c ; called by IVT+300 (DSI)
ISIVector ds.l 1 ; 10 ; called by IVT+400 (ISI)
ExternalIntVector ds.l 1 ; 14 ; called by IVT+500 (external interrupt)
AlignmentIntVector ds.l 1 ; 18 ; called by IVT+600 (alignment)
ProgramIntVector ds.l 1 ; 1c ; called by IVT+700 (program)
FPUnavailVector ds.l 1 ; 20 ; called by IVT+KDP.BATs + 0xa0 (FP unavail)
DecrementerVector ds.l 1 ; 24 ; called by IVT+900 (decrementer)
ReservedVector1 ds.l 1 ; 28 ; called by IVT+a00 (reserved)
ReservedVector2 ds.l 1 ; 2c ; called by IVT+b00 (reserved)
SyscallVector ds.l 1 ; 30 ; called by IVT+c00 (system call)
TraceVector ds.l 1 ; 34 ; called by IVT+d00 (trace)
FPAssistVector ds.l 1 ; 38 ; called by IVT+e00 (FP assist)
PerfMonitorVector ds.l 1 ; 3c ; called by IVT+f00 (perf monitor)
ds.l 1 ; 40 ;
ds.l 1 ; 44 ;
ds.l 1 ; 48 ;
ds.l 1 ; 4c ; Vectors from here downwards are called from
ds.l 1 ; 50 ; odd places in the IVT????
ds.l 1 ; 54 ;
ds.l 1 ; 58 ; seems AltiVec-related
ThermalEventVector ds.l 1 ; 5c ;
ds.l 1 ; 60 ;
ds.l 1 ; 64 ;
ds.l 1 ; 68 ;
ds.l 1 ; 6c ;
ds.l 1 ; 70 ;
ds.l 1 ; 74 ;
ds.l 1 ; 78 ;
ds.l 1 ; 7c ;
ds.l 1 ; 80 ; shares with TraceVector in Y and G
ds.l 1 ; 84 ;
ds.l 1 ; 88 ;
ds.l 1 ; 8c ;
ds.l 1 ; 90 ;
ds.l 1 ; 94 ;
ds.l 1 ; 98 ;
ds.l 1 ; 9c ;
ds.l 1 ; a0 ;
ds.l 1 ; a4 ;
ds.l 1 ; a8 ;
ds.l 1 ; ac ;
ds.l 1 ; b0 ;
ds.l 1 ; b4 ;
ds.l 1 ; b8 ;
ds.l 1 ; bc ; called by IVT+0 (reserved)
Size equ *
endr
;_______________________________________________________________________
; NANOKERNEL CALL (KCALL) TABLE
;
; You can also use this record to index the NanoKernelCallCounts in
; PPCInfoRecordsPriv.s:NKNanoKernelInfo.
;_______________________________________________________________________
NanoKernelCallTable record 0,INCR
ReturnFromException ds.l 1 ; 00, kdp+5f0, trap 0 ; SS replaces with jump to emu+f900
RunAlternateContext ds.l 1 ; 04, kdp+5f4, trap 1
ResetSystem ds.l 1 ; 08, kdp+5f8, trap 2 ; SS replaces with jump to emu+fb00
VMDispatch ds.l 1 ; 0c, kdp+5fc, trap 3 ; FE0A (VM/MMU/NK) trap
PrioritizeInterrupts ds.l 1 ; 10, kdp+600, trap 4 ; SS forbids
PowerDispatch ds.l 1 ; 14, kdp+604, trap 5 ; FEOF
RTASDispatch ds.l 1 ; 18, kdp+608, trap 6 ; SS forbids the use of this trap and below
CacheDispatch ds.l 1 ; 1c, kdp+60c, trap 7
MPDispatch ds.l 1 ; 20, kdp+610, trap 8 ; also accessible via syscall interface
ds.l 1 ; 24, kdp+614, trap 9 ; unused
ds.l 1 ; 28, kdp+618, trap 10 ; unused
ds.l 1 ; 2c, kdp+61c, trap 11 ; unused
CallAdapterProcPPC ds.l 1 ; 30, kdp+620, trap 12 ; unused
ds.l 1 ; 34, kdp+624, trap 13 ; unused
CallAdapterProc68k ds.l 1 ; 38, kdp+628, trap 14 ; unused
Thud ds.l 1 ; 3c, kdp+62c, trap 15 ; basically just panic
Size equ *
endr
;_______________________________________________________________________
; PAGEMAP DESCRIPTOR TABLE
;
; An 8-byte entry in the PageMap tables passed to the NanoKernel via
; ConfigInfo. Roughly corresponds with a contiguous logical address
; range lying within 256MB (segment) boundaries, and therefore
; roughly corresponds with the NKv2 MP "Area" struct.
;
; It could be that these are actually PageMap Descriptor *Entries*,
; and I have misunderstood.
;_______________________________________________________________________
PME record 0,INCR
LBase ds.w 1 ; 0 ; (base - segment) >> 12
PageCount ds.w 1 ; 2 ; page count MINUS ONE
PBaseAndFlags ds.l 1 ; 4 ; PBase page aligned
PBaseBits equ 20
FirstFlagBit equ 20
FirstFlag equ 0x800
DaddyFlag equ 0x800
CountingFlag equ 0x400
PhysicalIsRelativeFlag equ 0x200
; try not to use the equates above; they are dicey
TopFieldMask equ 0xe00
Size equ *
endr
;_______________________________________________________________________
; KERNEL SPINLOCK
;
; Seven of these, each with a four-byte signature, live in the PSA.
; The signatures describe the protected structures adequately.
;
; The function to acquire a lock seems to have been inlined, because
; it always saves and restores r8 and r9 (even to and from themselves)
; around a bl to NanoKernelInit.s:AcquireLock. It has therefore been
; macrofied as NanoKernelMacros.s:_Lock.
;_______________________________________________________________________
Lock record 0,INCR
Count ds.l 1 ; 00 ; target for lwarx/stwcx
Signature ds.l 1 ; 04
kHTABLockSignature equ 'htab'
kPIHLockSignature equ 'pih '
kSchLockSignature equ 'sch '
kThudLockSignature equ 'thud'
kRTASLockSignature equ 'rtas'
kDbugLockSignature equ 'dbug'
kPoolLockSignature equ 'pool'
org 0x10
Holder ds.l 1 ; 10
org 0x20
endr
; Structs after this point are inadequately commented. Sorry!
Index record 0,INCR
kSignature equ 'INDX'
HalfOne ds.w 1 ; 000
HalfTwo ds.w 1 ; 002
Signature ds.l 1 ; 004
IDsPtr ds.l 1 ; 008
org 520
Size equ *
endr
; Special opaque NanoKernel stuff!
; These seem to go in a notification queue?
LLL record 0,INCR
Freeform ds.l 1 ; 0
Signature ds.l 1 ; 4
Next ds.l 1 ; 8
Prev ds.l 1 ; c
endr
; Special case of LLL
; Init'ed by InitTMRQs (called by Init.s)
; There is one copy of this struct at kdp-a84 below the (shorter) queue structs,
; and two copies in the pool, pointed to by kdp-434 and kdp-364.
TimerQueueStruct record 0,INCR
LLL ds.l 4 ; 00
Unused ds.l 1 ; 10
ZeroByte ds.b 1 ; 14 ; can also be set to 7 or 8
UnusedByte ds.b 1 ; 15
OneByte1 ds.b 1 ; 16
OneByte2 ds.b 1 ; 17 ; can also be unset
; GAP
org 0x38
TimeCtr ds.d 1 ; 38 ; high half in DEC reg or whole thing in TB
endr
; For altivec, mofo
VectorSaveArea record 0,INCR
org 23*16
;RegisterAreaSize equ *-VectorSaveArea
RegisterAreaSize equ 23*16
org 32*16 + 20
endr
Reference in New Issue View Git Blame Copy Permalink