On 05/01/13 16:52, Alexander Graf wrote:
Ah yes - wait a sec. The code in question is in arch/ppc/qemu/ofmem.c:hash_page_32() which can be called from both of the ISI/DSI exception handlers dsi_exception()/isi_exception(). And I'm sure I remember reading somewhere over the past day or so that PPC switches to real mode when handling TLB misses - could that be it?
Right. HTAB miss handling happens in real mode :).
So all we need to do is to manually resolve that global onto its actual location in ram. Since we're already in mmu helper code, that shouldn't be too hard to do, no?
Alex
Okay - I have the following patch that now works for me on PPC32 and enables BootX to start the Darwin kernel with the BIOS area set back to read-only in QEMU :)
Since I couldn't use global variables, I decided to use a fixed offset in the image by reserving 8 bytes (in preparation for PPC64?) in start.S and then applying the offset to the physical memory base similar to the existing ea_to_phys() function.
If you could review, and perhaps even enhance with the relevant change for PPC64 then that would be great!
Many thanks,
Mark.