1 /* SPDX-License-Identifier: GPL-2.0 */
5 * Copyright (C) 1991, 1992, 1993 Linus Torvalds
9 * head.S contains the 32-bit startup code.
11 * NOTE!!! Startup happens at absolute address 0x00001000, which is also where
12 * the page directory will exist. The startup code will be overwritten by
13 * the page directory. [According to comments etc elsewhere on a compressed
14 * kernel it will end up at 0x1000 + 1Mb I hope so as I assume this. - AC]
16 * Page 0 is deliberately kept safe, since System Management Mode code in
17 * laptops may need to access the BIOS data stored there. This is also
18 * useful for future device drivers that either access the BIOS via VM86
23 * High loaded stuff by Hans Lermen & Werner Almesberger, Feb. 1996
28 #include <linux/init.h>
29 #include <linux/linkage.h>
30 #include <asm/segment.h>
33 #include <asm/processor-flags.h>
34 #include <asm/asm-offsets.h>
35 #include <asm/bootparam.h>
39 * Locally defined symbols should be marked hidden:
51 * 32bit entry is 0 and it is ABI so immutable!
52 * If we come here directly from a bootloader,
53 * kernel(text+data+bss+brk) ramdisk, zero_page, command line
54 * all need to be under the 4G limit.
58 * Test KEEP_SEGMENTS flag to see if the bootloader is asking
59 * us to not reload segments
61 testb $KEEP_SEGMENTS, BP_loadflags(%esi)
65 movl $(__BOOT_DS), %eax
72 * Calculate the delta between where we were compiled to run
73 * at and where we were actually loaded at. This can only be done
74 * with a short local call on x86. Nothing else will tell us what
75 * address we are running at. The reserved chunk of the real-mode
76 * data at 0x1e4 (defined as a scratch field) are used as the stack
77 * for this calculation. Only 4 bytes are needed.
79 leal (BP_scratch+4)(%esi), %esp
84 /* setup a stack and make sure cpu supports long mode. */
85 movl $boot_stack_end, %eax
94 * Compute the delta between where we were compiled to run at
95 * and where the code will actually run at.
97 * %ebp contains the address we are loaded at by the boot loader and %ebx
98 * contains the address where we should move the kernel image temporarily
99 * for safe in-place decompression.
102 #ifdef CONFIG_RELOCATABLE
104 movl BP_kernel_alignment(%esi), %eax
109 cmpl $LOAD_PHYSICAL_ADDR, %ebx
112 movl $LOAD_PHYSICAL_ADDR, %ebx
115 /* Target address to relocate to for decompression */
116 movl BP_init_size(%esi), %eax
121 * Prepare for entering 64 bit mode
124 /* Load new GDT with the 64bit segments using 32bit descriptor */
125 addl %ebp, gdt+2(%ebp)
128 /* Enable PAE mode */
130 orl $X86_CR4_PAE, %eax
134 * Build early 4G boot pagetable
137 * If SEV is active then set the encryption mask in the page tables.
138 * This will insure that when the kernel is copied and decompressed
139 * it will be done so encrypted.
141 call get_sev_encryption_bit
145 subl $32, %eax /* Encryption bit is always above bit 31 */
146 bts %eax, %edx /* Set encryption mask for page tables */
149 /* Initialize Page tables to 0 */
150 leal pgtable(%ebx), %edi
152 movl $(BOOT_INIT_PGT_SIZE/4), %ecx
156 leal pgtable + 0(%ebx), %edi
157 leal 0x1007 (%edi), %eax
162 leal pgtable + 0x1000(%ebx), %edi
163 leal 0x1007(%edi), %eax
165 1: movl %eax, 0x00(%edi)
166 addl %edx, 0x04(%edi)
167 addl $0x00001000, %eax
173 leal pgtable + 0x2000(%ebx), %edi
174 movl $0x00000183, %eax
176 1: movl %eax, 0(%edi)
178 addl $0x00200000, %eax
183 /* Enable the boot page tables */
184 leal pgtable(%ebx), %eax
187 /* Enable Long mode in EFER (Extended Feature Enable Register) */
190 btsl $_EFER_LME, %eax
193 /* After gdt is loaded */
196 movl $__BOOT_TSS, %eax
200 * Setup for the jump to 64bit mode
202 * When the jump is performend we will be in long mode but
203 * in 32bit compatibility mode with EFER.LME = 1, CS.L = 0, CS.D = 1
204 * (and in turn EFER.LMA = 1). To jump into 64bit mode we use
205 * the new gdt/idt that has __KERNEL_CS with CS.L = 1.
206 * We place all of the values on our mini stack so lret can
207 * used to perform that far jump.
210 leal startup_64(%ebp), %eax
211 #ifdef CONFIG_EFI_MIXED
212 movl efi32_config(%ebp), %ebx
215 leal handover_entry(%ebp), %eax
220 /* Enter paged protected Mode, activating Long Mode */
221 movl $(X86_CR0_PG | X86_CR0_PE), %eax /* Enable Paging and Protected mode */
224 /* Jump from 32bit compatibility mode into 64bit mode. */
228 #ifdef CONFIG_EFI_MIXED
230 ENTRY(efi32_stub_entry)
231 add $0x4, %esp /* Discard return address */
236 leal (BP_scratch+4)(%esi), %esp
241 movl %ecx, efi32_config(%ebp)
242 movl %edx, efi32_config+8(%ebp)
243 sgdtl efi32_boot_gdt(%ebp)
245 leal efi32_config(%ebp), %eax
246 movl %eax, efi_config(%ebp)
250 btrl $X86_CR0_PG_BIT, %eax
254 ENDPROC(efi32_stub_entry)
261 * 64bit entry is 0x200 and it is ABI so immutable!
262 * We come here either from startup_32 or directly from a
264 * If we come here from a bootloader, kernel(text+data+bss+brk),
265 * ramdisk, zero_page, command line could be above 4G.
266 * We depend on an identity mapped page table being provided
267 * that maps our entire kernel(text+data+bss+brk), zero page
271 /* Setup data segments. */
280 * Compute the decompressed kernel start address. It is where
281 * we were loaded at aligned to a 2M boundary. %rbp contains the
282 * decompressed kernel start address.
284 * If it is a relocatable kernel then decompress and run the kernel
285 * from load address aligned to 2MB addr, otherwise decompress and
286 * run the kernel from LOAD_PHYSICAL_ADDR
288 * We cannot rely on the calculation done in 32-bit mode, since we
289 * may have been invoked via the 64-bit entry point.
292 /* Start with the delta to where the kernel will run at. */
293 #ifdef CONFIG_RELOCATABLE
294 leaq startup_32(%rip) /* - $startup_32 */, %rbp
295 movl BP_kernel_alignment(%rsi), %eax
300 cmpq $LOAD_PHYSICAL_ADDR, %rbp
303 movq $LOAD_PHYSICAL_ADDR, %rbp
306 /* Target address to relocate to for decompression */
307 movl BP_init_size(%rsi), %ebx
311 /* Set up the stack */
312 leaq boot_stack_end(%rbx), %rsp
315 * paging_prepare() and cleanup_trampoline() below can have GOT
316 * references. Adjust the table with address we are running at.
318 * Zero RAX for adjust_got: the GOT was not adjusted before;
319 * there's no adjustment to undo.
324 * Calculate the address the binary is loaded at and use it as
334 * At this point we are in long mode with 4-level paging enabled,
335 * but we might want to enable 5-level paging or vice versa.
337 * The problem is that we cannot do it directly. Setting or clearing
338 * CR4.LA57 in long mode would trigger #GP. So we need to switch off
339 * long mode and paging first.
341 * We also need a trampoline in lower memory to switch over from
342 * 4- to 5-level paging for cases when the bootloader puts the kernel
343 * above 4G, but didn't enable 5-level paging for us.
345 * The same trampoline can be used to switch from 5- to 4-level paging
346 * mode, like when starting 4-level paging kernel via kexec() when
347 * original kernel worked in 5-level paging mode.
349 * For the trampoline, we need the top page table to reside in lower
350 * memory as we don't have a way to load 64-bit values into CR3 in
353 * We go though the trampoline even if we don't have to: if we're
354 * already in a desired paging mode. This way the trampoline code gets
355 * tested on every boot.
358 /* Make sure we have GDT with 32-bit code segment */
360 movq %rax, gdt64+2(%rip)
364 * paging_prepare() sets up the trampoline and checks if we need to
365 * enable 5-level paging.
367 * Address of the trampoline is returned in RAX.
368 * Non zero RDX on return means we need to enable 5-level paging.
370 * RSI holds real mode data and needs to be preserved across
371 * this function call.
374 movq %rsi, %rdi /* real mode address */
378 /* Save the trampoline address in RCX */
382 * Load the address of trampoline_return() into RDI.
383 * It will be used by the trampoline to return to the main code.
385 leaq trampoline_return(%rip), %rdi
387 /* Switch to compatibility mode (CS.L = 0 CS.D = 1) via far return */
389 leaq TRAMPOLINE_32BIT_CODE_OFFSET(%rax), %rax
393 /* Restore the stack, the 32-bit trampoline uses its own stack */
394 leaq boot_stack_end(%rbx), %rsp
397 * cleanup_trampoline() would restore trampoline memory.
399 * RDI is address of the page table to use instead of page table
400 * in trampoline memory (if required).
402 * RSI holds real mode data and needs to be preserved across
403 * this function call.
406 leaq top_pgtable(%rbx), %rdi
407 call cleanup_trampoline
415 * Previously we've adjusted the GOT with address the binary was
416 * loaded at. Now we need to re-adjust for relocation address.
418 * Calculate the address the binary is loaded at, so that we can
419 * undo the previous GOT adjustment.
425 /* The new adjustment is the relocation address */
430 * Copy the compressed kernel to the end of our buffer
431 * where decompression in place becomes safe.
434 leaq (_bss-8)(%rip), %rsi
435 leaq (_bss-8)(%rbx), %rdi
436 movq $_bss /* - $startup_32 */, %rcx
444 * Jump to the relocated address.
446 leaq relocated(%rbx), %rax
449 #ifdef CONFIG_EFI_STUB
451 /* The entry point for the PE/COFF executable is efi_pe_entry. */
453 movq %rcx, efi64_config(%rip) /* Handle */
454 movq %rdx, efi64_config+8(%rip) /* EFI System table pointer */
456 leaq efi64_config(%rip), %rax
457 movq %rax, efi_config(%rip)
464 * Relocate efi_config->call().
466 addq %rbp, efi64_config+40(%rip)
469 call make_boot_params
473 leaq startup_32(%rip), %rax
474 movl %eax, BP_code32_start(%rsi)
475 jmp 2f /* Skip the relocation */
483 * Relocate efi_config->call().
485 movq efi_config(%rip), %rax
488 movq efi_config(%rip), %rdi
494 /* EFI init failed, so hang. */
498 movl BP_code32_start(%esi), %eax
499 leaq startup_64(%rax), %rax
501 ENDPROC(efi_pe_entry)
504 ENTRY(efi64_stub_entry)
505 movq %rdi, efi64_config(%rip) /* Handle */
506 movq %rsi, efi64_config+8(%rip) /* EFI System table pointer */
508 leaq efi64_config(%rip), %rax
509 movq %rax, efi_config(%rip)
513 ENDPROC(efi64_stub_entry)
520 * Clear BSS (stack is currently empty)
523 leaq _bss(%rip), %rdi
524 leaq _ebss(%rip), %rcx
530 * Do the extraction, and jump to the new kernel..
532 pushq %rsi /* Save the real mode argument */
533 movq %rsi, %rdi /* real mode address */
534 leaq boot_heap(%rip), %rsi /* malloc area for uncompression */
535 leaq input_data(%rip), %rdx /* input_data */
536 movl $z_input_len, %ecx /* input_len */
537 movq %rbp, %r8 /* output target address */
538 movq $z_output_len, %r9 /* decompressed length, end of relocs */
539 call extract_kernel /* returns kernel location in %rax */
543 * Jump to the decompressed kernel.
548 * Adjust the global offset table
550 * RAX is the previous adjustment of the table to undo (use 0 if it's the
551 * first time we touch GOT).
552 * RDI is the new adjustment to apply.
555 /* Walk through the GOT adding the address to the entries */
556 leaq _got(%rip), %rdx
557 leaq _egot(%rip), %rcx
561 subq %rax, (%rdx) /* Undo previous adjustment */
562 addq %rdi, (%rdx) /* Apply the new adjustment */
570 * This is the 32-bit trampoline that will be copied over to low memory.
572 * RDI contains the return address (might be above 4G).
573 * ECX contains the base address of the trampoline memory.
574 * Non zero RDX on return means we need to enable 5-level paging.
576 ENTRY(trampoline_32bit_src)
577 /* Set up data and stack segments */
578 movl $__KERNEL_DS, %eax
582 /* Set up new stack */
583 leal TRAMPOLINE_32BIT_STACK_END(%ecx), %esp
587 btrl $X86_CR0_PG_BIT, %eax
590 /* Check what paging mode we want to be in after the trampoline */
594 /* We want 5-level paging: don't touch CR3 if it already points to 5-level page tables */
596 testl $X86_CR4_LA57, %eax
600 /* We want 4-level paging: don't touch CR3 if it already points to 4-level page tables */
602 testl $X86_CR4_LA57, %eax
605 /* Point CR3 to the trampoline's new top level page table */
606 leal TRAMPOLINE_32BIT_PGTABLE_OFFSET(%ecx), %eax
609 /* Set EFER.LME=1 as a precaution in case hypervsior pulls the rug */
614 btsl $_EFER_LME, %eax
619 /* Enable PAE and LA57 (if required) paging modes */
620 movl $X86_CR4_PAE, %eax
623 orl $X86_CR4_LA57, %eax
627 /* Calculate address of paging_enabled() once we are executing in the trampoline */
628 leal paging_enabled - trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_OFFSET(%ecx), %eax
630 /* Prepare the stack for far return to Long Mode */
634 /* Enable paging again */
635 movl $(X86_CR0_PG | X86_CR0_PE), %eax
642 /* Return from the trampoline */
646 * The trampoline code has a size limit.
647 * Make sure we fail to compile if the trampoline code grows
648 * beyond TRAMPOLINE_32BIT_CODE_SIZE bytes.
650 .org trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_SIZE
654 /* This isn't an x86-64 CPU, so hang intentionally, we cannot continue */
659 #include "../../kernel/verify_cpu.S"
671 .quad 0x00cf9a000000ffff /* __KERNEL32_CS */
672 .quad 0x00af9a000000ffff /* __KERNEL_CS */
673 .quad 0x00cf92000000ffff /* __KERNEL_DS */
674 .quad 0x0080890000000000 /* TS descriptor */
675 .quad 0x0000000000000000 /* TS continued */
678 #ifdef CONFIG_EFI_STUB
682 #ifdef CONFIG_EFI_MIXED
695 #endif /* CONFIG_EFI_STUB */
698 * Stack and heap for uncompression
703 .fill BOOT_HEAP_SIZE, 1, 0
705 .fill BOOT_STACK_SIZE, 1, 0
709 * Space for page tables (not in .bss so not zeroed)
711 .section ".pgtable","a",@nobits
714 .fill BOOT_PGT_SIZE, 1, 0
717 * The page table is going to be used instead of page table in the trampoline
721 .fill PAGE_SIZE, 1, 0
projects / releases.git / blob