1 /* SPDX-License-Identifier: GPL-2.0 */
5 * Copyright (C) 1991, 1992, 1993 Linus Torvalds
9 * head.S contains the 32-bit startup code.
11 * NOTE!!! Startup happens at absolute address 0x00001000, which is also where
12 * the page directory will exist. The startup code will be overwritten by
13 * the page directory. [According to comments etc elsewhere on a compressed
14 * kernel it will end up at 0x1000 + 1Mb I hope so as I assume this. - AC]
16 * Page 0 is deliberately kept safe, since System Management Mode code in
17 * laptops may need to access the BIOS data stored there. This is also
18 * useful for future device drivers that either access the BIOS via VM86
23 * High loaded stuff by Hans Lermen & Werner Almesberger, Feb. 1996
28 #include <linux/init.h>
29 #include <linux/linkage.h>
30 #include <asm/segment.h>
33 #include <asm/processor-flags.h>
34 #include <asm/asm-offsets.h>
35 #include <asm/bootparam.h>
39 * Locally defined symbols should be marked hidden:
48 SYM_FUNC_START(startup_32)
50 * 32bit entry is 0 and it is ABI so immutable!
51 * If we come here directly from a bootloader,
52 * kernel(text+data+bss+brk) ramdisk, zero_page, command line
53 * all need to be under the 4G limit.
59 * Calculate the delta between where we were compiled to run
60 * at and where we were actually loaded at. This can only be done
61 * with a short local call on x86. Nothing else will tell us what
62 * address we are running at. The reserved chunk of the real-mode
63 * data at 0x1e4 (defined as a scratch field) are used as the stack
64 * for this calculation. Only 4 bytes are needed.
66 leal (BP_scratch+4)(%esi), %esp
71 /* Load new GDT with the 64bit segments using 32bit descriptor */
76 /* Load segment registers with our descriptors */
84 /* setup a stack and make sure cpu supports long mode. */
85 leal boot_stack_end(%ebp), %esp
92 * Compute the delta between where we were compiled to run at
93 * and where the code will actually run at.
95 * %ebp contains the address we are loaded at by the boot loader and %ebx
96 * contains the address where we should move the kernel image temporarily
97 * for safe in-place decompression.
100 #ifdef CONFIG_RELOCATABLE
103 #ifdef CONFIG_EFI_STUB
105 * If we were loaded via the EFI LoadImage service, startup_32 will be at an
106 * offset to the start of the space allocated for the image. efi_pe_entry will
107 * set up image_offset to tell us where the image actually starts, so that we
108 * can use the full available buffer.
109 * image_offset = startup_32 - image_base
110 * Otherwise image_offset will be zero and has no effect on the calculations.
112 subl image_offset(%ebp), %ebx
115 movl BP_kernel_alignment(%esi), %eax
120 cmpl $LOAD_PHYSICAL_ADDR, %ebx
123 movl $LOAD_PHYSICAL_ADDR, %ebx
126 /* Target address to relocate to for decompression */
127 addl BP_init_size(%esi), %ebx
131 * Prepare for entering 64 bit mode
134 /* Enable PAE mode */
136 orl $X86_CR4_PAE, %eax
140 * Build early 4G boot pagetable
143 * If SEV is active then set the encryption mask in the page tables.
144 * This will insure that when the kernel is copied and decompressed
145 * it will be done so encrypted.
147 call get_sev_encryption_bit
151 subl $32, %eax /* Encryption bit is always above bit 31 */
152 bts %eax, %edx /* Set encryption mask for page tables */
155 /* Initialize Page tables to 0 */
156 leal pgtable(%ebx), %edi
158 movl $(BOOT_INIT_PGT_SIZE/4), %ecx
162 leal pgtable + 0(%ebx), %edi
163 leal 0x1007 (%edi), %eax
168 leal pgtable + 0x1000(%ebx), %edi
169 leal 0x1007(%edi), %eax
171 1: movl %eax, 0x00(%edi)
172 addl %edx, 0x04(%edi)
173 addl $0x00001000, %eax
179 leal pgtable + 0x2000(%ebx), %edi
180 movl $0x00000183, %eax
182 1: movl %eax, 0(%edi)
184 addl $0x00200000, %eax
189 /* Enable the boot page tables */
190 leal pgtable(%ebx), %eax
193 /* Enable Long mode in EFER (Extended Feature Enable Register) */
196 btsl $_EFER_LME, %eax
199 /* After gdt is loaded */
202 movl $__BOOT_TSS, %eax
206 * Setup for the jump to 64bit mode
208 * When the jump is performend we will be in long mode but
209 * in 32bit compatibility mode with EFER.LME = 1, CS.L = 0, CS.D = 1
210 * (and in turn EFER.LMA = 1). To jump into 64bit mode we use
211 * the new gdt/idt that has __KERNEL_CS with CS.L = 1.
212 * We place all of the values on our mini stack so lret can
213 * used to perform that far jump.
216 leal startup_64(%ebp), %eax
217 #ifdef CONFIG_EFI_MIXED
218 movl efi32_boot_args(%ebp), %edi
221 leal efi64_stub_entry(%ebp), %eax
222 movl efi32_boot_args+4(%ebp), %esi
223 movl efi32_boot_args+8(%ebp), %edx // saved bootparams pointer
226 leal efi_pe_entry(%ebp), %eax
227 movl %edi, %ecx // MS calling convention
233 /* Enter paged protected Mode, activating Long Mode */
234 movl $(X86_CR0_PG | X86_CR0_PE), %eax /* Enable Paging and Protected mode */
237 /* Jump from 32bit compatibility mode into 64bit mode. */
239 SYM_FUNC_END(startup_32)
241 #ifdef CONFIG_EFI_MIXED
243 SYM_FUNC_START(efi32_stub_entry)
244 add $0x4, %esp /* Discard return address */
253 movl %esi, efi32_boot_args+8(%ebp)
254 SYM_INNER_LABEL(efi32_pe_stub_entry, SYM_L_LOCAL)
255 movl %ecx, efi32_boot_args(%ebp)
256 movl %edx, efi32_boot_args+4(%ebp)
257 movb $0, efi_is64(%ebp)
259 /* Save firmware GDTR and code/data selectors */
260 sgdtl efi32_boot_gdt(%ebp)
261 movw %cs, efi32_boot_cs(%ebp)
262 movw %ds, efi32_boot_ds(%ebp)
266 btrl $X86_CR0_PG_BIT, %eax
270 SYM_FUNC_END(efi32_stub_entry)
275 SYM_CODE_START(startup_64)
277 * 64bit entry is 0x200 and it is ABI so immutable!
278 * We come here either from startup_32 or directly from a
280 * If we come here from a bootloader, kernel(text+data+bss+brk),
281 * ramdisk, zero_page, command line could be above 4G.
282 * We depend on an identity mapped page table being provided
283 * that maps our entire kernel(text+data+bss+brk), zero page
290 /* Setup data segments. */
299 * Compute the decompressed kernel start address. It is where
300 * we were loaded at aligned to a 2M boundary. %rbp contains the
301 * decompressed kernel start address.
303 * If it is a relocatable kernel then decompress and run the kernel
304 * from load address aligned to 2MB addr, otherwise decompress and
305 * run the kernel from LOAD_PHYSICAL_ADDR
307 * We cannot rely on the calculation done in 32-bit mode, since we
308 * may have been invoked via the 64-bit entry point.
311 /* Start with the delta to where the kernel will run at. */
312 #ifdef CONFIG_RELOCATABLE
313 leaq startup_32(%rip) /* - $startup_32 */, %rbp
315 #ifdef CONFIG_EFI_STUB
317 * If we were loaded via the EFI LoadImage service, startup_32 will be at an
318 * offset to the start of the space allocated for the image. efi_pe_entry will
319 * set up image_offset to tell us where the image actually starts, so that we
320 * can use the full available buffer.
321 * image_offset = startup_32 - image_base
322 * Otherwise image_offset will be zero and has no effect on the calculations.
324 movl image_offset(%rip), %eax
328 movl BP_kernel_alignment(%rsi), %eax
333 cmpq $LOAD_PHYSICAL_ADDR, %rbp
336 movq $LOAD_PHYSICAL_ADDR, %rbp
339 /* Target address to relocate to for decompression */
340 movl BP_init_size(%rsi), %ebx
344 /* Set up the stack */
345 leaq boot_stack_end(%rbx), %rsp
348 * paging_prepare() and cleanup_trampoline() below can have GOT
349 * references. Adjust the table with address we are running at.
351 * Zero RAX for adjust_got: the GOT was not adjusted before;
352 * there's no adjustment to undo.
357 * Calculate the address the binary is loaded at and use it as
367 * At this point we are in long mode with 4-level paging enabled,
368 * but we might want to enable 5-level paging or vice versa.
370 * The problem is that we cannot do it directly. Setting or clearing
371 * CR4.LA57 in long mode would trigger #GP. So we need to switch off
372 * long mode and paging first.
374 * We also need a trampoline in lower memory to switch over from
375 * 4- to 5-level paging for cases when the bootloader puts the kernel
376 * above 4G, but didn't enable 5-level paging for us.
378 * The same trampoline can be used to switch from 5- to 4-level paging
379 * mode, like when starting 4-level paging kernel via kexec() when
380 * original kernel worked in 5-level paging mode.
382 * For the trampoline, we need the top page table to reside in lower
383 * memory as we don't have a way to load 64-bit values into CR3 in
386 * We go though the trampoline even if we don't have to: if we're
387 * already in a desired paging mode. This way the trampoline code gets
388 * tested on every boot.
391 /* Make sure we have GDT with 32-bit code segment */
392 leaq gdt64(%rip), %rax
397 * paging_prepare() sets up the trampoline and checks if we need to
398 * enable 5-level paging.
400 * paging_prepare() returns a two-quadword structure which lands
402 * - Address of the trampoline is returned in RAX.
403 * - Non zero RDX means trampoline needs to enable 5-level
406 * RSI holds real mode data and needs to be preserved across
407 * this function call.
410 movq %rsi, %rdi /* real mode address */
414 /* Save the trampoline address in RCX */
418 * Load the address of trampoline_return() into RDI.
419 * It will be used by the trampoline to return to the main code.
421 leaq trampoline_return(%rip), %rdi
423 /* Switch to compatibility mode (CS.L = 0 CS.D = 1) via far return */
425 leaq TRAMPOLINE_32BIT_CODE_OFFSET(%rax), %rax
429 /* Restore the stack, the 32-bit trampoline uses its own stack */
430 leaq boot_stack_end(%rbx), %rsp
433 * cleanup_trampoline() would restore trampoline memory.
435 * RDI is address of the page table to use instead of page table
436 * in trampoline memory (if required).
438 * RSI holds real mode data and needs to be preserved across
439 * this function call.
442 leaq top_pgtable(%rbx), %rdi
443 call cleanup_trampoline
451 * Previously we've adjusted the GOT with address the binary was
452 * loaded at. Now we need to re-adjust for relocation address.
454 * Calculate the address the binary is loaded at, so that we can
455 * undo the previous GOT adjustment.
461 /* The new adjustment is the relocation address */
466 * Copy the compressed kernel to the end of our buffer
467 * where decompression in place becomes safe.
470 leaq (_bss-8)(%rip), %rsi
471 leaq (_bss-8)(%rbx), %rdi
472 movq $_bss /* - $startup_32 */, %rcx
480 * The GDT may get overwritten either during the copy we just did or
481 * during extract_kernel below. To avoid any issues, repoint the GDTR
482 * to the new copy of the GDT.
484 leaq gdt64(%rbx), %rax
490 * Jump to the relocated address.
492 leaq .Lrelocated(%rbx), %rax
494 SYM_CODE_END(startup_64)
496 #ifdef CONFIG_EFI_STUB
498 SYM_FUNC_START(efi64_stub_entry)
499 SYM_FUNC_START_ALIAS(efi_stub_entry)
500 and $~0xf, %rsp /* realign the stack */
501 movq %rdx, %rbx /* save boot_params pointer */
504 leaq startup_64(%rax), %rax
506 SYM_FUNC_END(efi64_stub_entry)
507 SYM_FUNC_END_ALIAS(efi_stub_entry)
511 SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
514 * Clear BSS (stack is currently empty)
517 leaq _bss(%rip), %rdi
518 leaq _ebss(%rip), %rcx
524 * Do the extraction, and jump to the new kernel..
526 pushq %rsi /* Save the real mode argument */
527 movq %rsi, %rdi /* real mode address */
528 leaq boot_heap(%rip), %rsi /* malloc area for uncompression */
529 leaq input_data(%rip), %rdx /* input_data */
530 movl $z_input_len, %ecx /* input_len */
531 movq %rbp, %r8 /* output target address */
532 movl $z_output_len, %r9d /* decompressed length, end of relocs */
533 call extract_kernel /* returns kernel location in %rax */
537 * Jump to the decompressed kernel.
540 SYM_FUNC_END(.Lrelocated)
543 * Adjust the global offset table
545 * RAX is the previous adjustment of the table to undo (use 0 if it's the
546 * first time we touch GOT).
547 * RDI is the new adjustment to apply.
550 /* Walk through the GOT adding the address to the entries */
551 leaq _got(%rip), %rdx
552 leaq _egot(%rip), %rcx
556 subq %rax, (%rdx) /* Undo previous adjustment */
557 addq %rdi, (%rdx) /* Apply the new adjustment */
565 * This is the 32-bit trampoline that will be copied over to low memory.
567 * RDI contains the return address (might be above 4G).
568 * ECX contains the base address of the trampoline memory.
569 * Non zero RDX means trampoline needs to enable 5-level paging.
571 SYM_CODE_START(trampoline_32bit_src)
572 /* Set up data and stack segments */
573 movl $__KERNEL_DS, %eax
577 /* Set up new stack */
578 leal TRAMPOLINE_32BIT_STACK_END(%ecx), %esp
582 btrl $X86_CR0_PG_BIT, %eax
585 /* Check what paging mode we want to be in after the trampoline */
589 /* We want 5-level paging: don't touch CR3 if it already points to 5-level page tables */
591 testl $X86_CR4_LA57, %eax
595 /* We want 4-level paging: don't touch CR3 if it already points to 4-level page tables */
597 testl $X86_CR4_LA57, %eax
600 /* Point CR3 to the trampoline's new top level page table */
601 leal TRAMPOLINE_32BIT_PGTABLE_OFFSET(%ecx), %eax
604 /* Set EFER.LME=1 as a precaution in case hypervsior pulls the rug */
609 btsl $_EFER_LME, %eax
614 /* Enable PAE and LA57 (if required) paging modes */
615 movl $X86_CR4_PAE, %eax
618 orl $X86_CR4_LA57, %eax
622 /* Calculate address of paging_enabled() once we are executing in the trampoline */
623 leal .Lpaging_enabled - trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_OFFSET(%ecx), %eax
625 /* Prepare the stack for far return to Long Mode */
629 /* Enable paging again */
630 movl $(X86_CR0_PG | X86_CR0_PE), %eax
634 SYM_CODE_END(trampoline_32bit_src)
637 SYM_FUNC_START_LOCAL_NOALIGN(.Lpaging_enabled)
638 /* Return from the trampoline */
640 SYM_FUNC_END(.Lpaging_enabled)
643 * The trampoline code has a size limit.
644 * Make sure we fail to compile if the trampoline code grows
645 * beyond TRAMPOLINE_32BIT_CODE_SIZE bytes.
647 .org trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_SIZE
650 SYM_FUNC_START_LOCAL_NOALIGN(.Lno_longmode)
651 /* This isn't an x86-64 CPU, so hang intentionally, we cannot continue */
655 SYM_FUNC_END(.Lno_longmode)
657 #include "../../kernel/verify_cpu.S"
660 SYM_DATA_START_LOCAL(gdt64)
661 .word gdt_end - gdt - 1
665 SYM_DATA_START_LOCAL(gdt)
666 .word gdt_end - gdt - 1
669 .quad 0x00cf9a000000ffff /* __KERNEL32_CS */
670 .quad 0x00af9a000000ffff /* __KERNEL_CS */
671 .quad 0x00cf92000000ffff /* __KERNEL_DS */
672 .quad 0x0080890000000000 /* TS descriptor */
673 .quad 0x0000000000000000 /* TS continued */
674 SYM_DATA_END_LABEL(gdt, SYM_L_LOCAL, gdt_end)
676 #ifdef CONFIG_EFI_STUB
677 SYM_DATA(image_offset, .long 0)
680 #ifdef CONFIG_EFI_MIXED
681 SYM_DATA_LOCAL(efi32_boot_args, .long 0, 0, 0)
682 SYM_DATA(efi_is64, .byte 1)
684 #define ST32_boottime 60 // offsetof(efi_system_table_32_t, boottime)
685 #define BS32_handle_protocol 88 // offsetof(efi_boot_services_32_t, handle_protocol)
686 #define LI32_image_base 32 // offsetof(efi_loaded_image_32_t, image_base)
690 SYM_FUNC_START(efi32_pe_entry)
692 * efi_status_t efi32_pe_entry(efi_handle_t image_handle,
693 * efi_system_table_32_t *sys_table)
698 pushl %eax // dummy push to allocate loaded_image
700 pushl %ebx // save callee-save registers
703 call verify_cpu // check for long mode support
705 movl $0x80000003, %eax // EFI_UNSUPPORTED
712 /* Get the loaded image protocol pointer from the image handle */
714 pushl %eax // &loaded_image
715 leal loaded_image_proto(%ebx), %eax
716 pushl %eax // pass the GUID address
717 pushl 8(%ebp) // pass the image handle
720 * Note the alignment of the stack frame.
722 * handle <-- 16-byte aligned on entry by ABI
725 * loaded_image <-- local variable
726 * saved %ebx <-- 16-byte aligned here
729 * &loaded_image_proto
730 * handle <-- 16-byte aligned for call to handle_protocol
733 movl 12(%ebp), %eax // sys_table
734 movl ST32_boottime(%eax), %eax // sys_table->boottime
735 call *BS32_handle_protocol(%eax) // sys_table->boottime->handle_protocol
736 addl $12, %esp // restore argument space
740 movl 8(%ebp), %ecx // image_handle
741 movl 12(%ebp), %edx // sys_table
742 movl -4(%ebp), %esi // loaded_image
743 movl LI32_image_base(%esi), %esi // loaded_image->image_base
744 movl %ebx, %ebp // startup_32 for efi32_pe_stub_entry
746 * We need to set the image_offset variable here since startup_32() will
747 * use it before we get to the 64-bit efi_pe_entry() in C code.
750 movl %ebx, image_offset(%ebp) // save image_offset
751 jmp efi32_pe_stub_entry
753 2: popl %edi // restore callee-save registers
757 SYM_FUNC_END(efi32_pe_entry)
760 /* EFI loaded image protocol GUID */
762 SYM_DATA_START_LOCAL(loaded_image_proto)
765 .byte 0x8e, 0x3f, 0x00, 0xa0, 0xc9, 0x69, 0x72, 0x3b
766 SYM_DATA_END(loaded_image_proto)
770 * Stack and heap for uncompression
774 SYM_DATA_LOCAL(boot_heap, .fill BOOT_HEAP_SIZE, 1, 0)
776 SYM_DATA_START_LOCAL(boot_stack)
777 .fill BOOT_STACK_SIZE, 1, 0
778 SYM_DATA_END_LABEL(boot_stack, SYM_L_LOCAL, boot_stack_end)
781 * Space for page tables (not in .bss so not zeroed)
783 .section ".pgtable","aw",@nobits
785 SYM_DATA_LOCAL(pgtable, .fill BOOT_PGT_SIZE, 1, 0)
788 * The page table is going to be used instead of page table in the trampoline
791 SYM_DATA_LOCAL(top_pgtable, .fill PAGE_SIZE, 1, 0)
projects / librecmc / linux-libre.git / blob