1 /* SPDX-License-Identifier: GPL-2.0 */
5 * Copyright (C) 1991, 1992, 1993 Linus Torvalds
9 * head.S contains the 32-bit startup code.
11 * NOTE!!! Startup happens at absolute address 0x00001000, which is also where
12 * the page directory will exist. The startup code will be overwritten by
13 * the page directory. [According to comments etc elsewhere on a compressed
14 * kernel it will end up at 0x1000 + 1Mb I hope so as I assume this. - AC]
16 * Page 0 is deliberately kept safe, since System Management Mode code in
17 * laptops may need to access the BIOS data stored there. This is also
18 * useful for future device drivers that either access the BIOS via VM86
23 * High loaded stuff by Hans Lermen & Werner Almesberger, Feb. 1996
28 #include <linux/init.h>
29 #include <linux/linkage.h>
30 #include <asm/segment.h>
33 #include <asm/processor-flags.h>
34 #include <asm/asm-offsets.h>
35 #include <asm/bootparam.h>
36 #include <asm/desc_defs.h>
37 #include <asm/trapnr.h>
41 * Fix alignment at 16 bytes. Following CONFIG_FUNCTION_ALIGNMENT will result
42 * in assembly errors due to trying to move .org backward due to the excessive
46 #define __ALIGN .balign 16, 0x90
49 * Locally defined symbols should be marked hidden:
58 * This macro gives the relative virtual address of X, i.e. the offset of X
59 * from startup_32. This is the same as the link-time virtual address of X,
60 * since startup_32 is at 0, but defining it this way tells the
61 * assembler/linker that we do not want the actual run-time address of X. This
62 * prevents the linker from trying to create unwanted run-time relocation
63 * entries for the reference when the compressed kernel is linked as PIE.
65 * A reference X(%reg) will result in the link-time VA of X being stored with
66 * the instruction, and a run-time R_X86_64_RELATIVE relocation entry that
67 * adds the 64-bit base address where the kernel is loaded.
69 * Replacing it with (X-startup_32)(%reg) results in the offset being stored,
70 * and no run-time relocation.
72 * The macro should be used as a displacement with a base register containing
73 * the run-time address of startup_32 [i.e. rva(X)(%reg)], or as an immediate
76 * This macro can only be used from within the .head.text section, since the
77 * expression requires startup_32 to be in the same section as the code being
80 #define rva(X) ((X) - startup_32)
83 SYM_FUNC_START(startup_32)
85 * 32bit entry is 0 and it is ABI so immutable!
86 * If we come here directly from a bootloader,
87 * kernel(text+data+bss+brk) ramdisk, zero_page, command line
88 * all need to be under the 4G limit.
94 * Calculate the delta between where we were compiled to run
95 * at and where we were actually loaded at. This can only be done
96 * with a short local call on x86. Nothing else will tell us what
97 * address we are running at. The reserved chunk of the real-mode
98 * data at 0x1e4 (defined as a scratch field) are used as the stack
99 * for this calculation. Only 4 bytes are needed.
101 leal (BP_scratch+4)(%esi), %esp
106 /* Load new GDT with the 64bit segments using 32bit descriptor */
107 leal rva(gdt)(%ebp), %eax
111 /* Load segment registers with our descriptors */
112 movl $__BOOT_DS, %eax
119 /* Setup a stack and load CS from current GDT */
120 leal rva(boot_stack_end)(%ebp), %esp
123 leal rva(1f)(%ebp), %eax
128 /* Setup Exception handling for SEV-ES */
129 #ifdef CONFIG_AMD_MEM_ENCRYPT
130 call startup32_load_idt
133 /* Make sure cpu supports long mode. */
139 * Compute the delta between where we were compiled to run at
140 * and where the code will actually run at.
142 * %ebp contains the address we are loaded at by the boot loader and %ebx
143 * contains the address where we should move the kernel image temporarily
144 * for safe in-place decompression.
147 #ifdef CONFIG_RELOCATABLE
149 movl BP_kernel_alignment(%esi), %eax
154 cmpl $LOAD_PHYSICAL_ADDR, %ebx
157 movl $LOAD_PHYSICAL_ADDR, %ebx
160 /* Target address to relocate to for decompression */
161 addl BP_init_size(%esi), %ebx
162 subl $ rva(_end), %ebx
165 * Prepare for entering 64 bit mode
168 /* Enable PAE mode */
170 orl $X86_CR4_PAE, %eax
174 * Build early 4G boot pagetable
177 * If SEV is active then set the encryption mask in the page tables.
178 * This will ensure that when the kernel is copied and decompressed
179 * it will be done so encrypted.
182 #ifdef CONFIG_AMD_MEM_ENCRYPT
183 call get_sev_encryption_bit
187 subl $32, %eax /* Encryption bit is always above bit 31 */
188 bts %eax, %edx /* Set encryption mask for page tables */
190 * Set MSR_AMD64_SEV_ENABLED_BIT in sev_status so that
191 * startup32_check_sev_cbit() will do a check. sev_enable() will
192 * initialize sev_status with all the bits reported by
193 * MSR_AMD_SEV_STATUS later, but only MSR_AMD64_SEV_ENABLED_BIT
194 * needs to be set for now.
196 movl $1, rva(sev_status)(%ebp)
200 /* Initialize Page tables to 0 */
201 leal rva(pgtable)(%ebx), %edi
203 movl $(BOOT_INIT_PGT_SIZE/4), %ecx
207 leal rva(pgtable + 0)(%ebx), %edi
208 leal 0x1007 (%edi), %eax
213 leal rva(pgtable + 0x1000)(%ebx), %edi
214 leal 0x1007(%edi), %eax
216 1: movl %eax, 0x00(%edi)
217 addl %edx, 0x04(%edi)
218 addl $0x00001000, %eax
224 leal rva(pgtable + 0x2000)(%ebx), %edi
225 movl $0x00000183, %eax
227 1: movl %eax, 0(%edi)
229 addl $0x00200000, %eax
234 /* Enable the boot page tables */
235 leal rva(pgtable)(%ebx), %eax
238 /* Enable Long mode in EFER (Extended Feature Enable Register) */
241 btsl $_EFER_LME, %eax
244 /* After gdt is loaded */
247 movl $__BOOT_TSS, %eax
250 #ifdef CONFIG_AMD_MEM_ENCRYPT
251 /* Check if the C-bit position is correct when SEV is active */
252 call startup32_check_sev_cbit
256 * Setup for the jump to 64bit mode
258 * When the jump is performed we will be in long mode but
259 * in 32bit compatibility mode with EFER.LME = 1, CS.L = 0, CS.D = 1
260 * (and in turn EFER.LMA = 1). To jump into 64bit mode we use
261 * the new gdt/idt that has __KERNEL_CS with CS.L = 1.
262 * We place all of the values on our mini stack so lret can
263 * used to perform that far jump.
265 leal rva(startup_64)(%ebp), %eax
266 #ifdef CONFIG_EFI_MIXED
267 cmpb $1, rva(efi_is64)(%ebp)
269 leal rva(startup_64_mixed_mode)(%ebp), %eax
276 /* Enter paged protected Mode, activating Long Mode */
277 movl $CR0_STATE, %eax
280 /* Jump from 32bit compatibility mode into 64bit mode. */
282 SYM_FUNC_END(startup_32)
286 SYM_CODE_START(startup_64)
288 * 64bit entry is 0x200 and it is ABI so immutable!
289 * We come here either from startup_32 or directly from a
291 * If we come here from a bootloader, kernel(text+data+bss+brk),
292 * ramdisk, zero_page, command line could be above 4G.
293 * We depend on an identity mapped page table being provided
294 * that maps our entire kernel(text+data+bss+brk), zero page
301 /* Setup data segments. */
310 * Compute the decompressed kernel start address. It is where
311 * we were loaded at aligned to a 2M boundary. %rbp contains the
312 * decompressed kernel start address.
314 * If it is a relocatable kernel then decompress and run the kernel
315 * from load address aligned to 2MB addr, otherwise decompress and
316 * run the kernel from LOAD_PHYSICAL_ADDR
318 * We cannot rely on the calculation done in 32-bit mode, since we
319 * may have been invoked via the 64-bit entry point.
322 /* Start with the delta to where the kernel will run at. */
323 #ifdef CONFIG_RELOCATABLE
324 leaq startup_32(%rip) /* - $startup_32 */, %rbp
325 movl BP_kernel_alignment(%rsi), %eax
330 cmpq $LOAD_PHYSICAL_ADDR, %rbp
333 movq $LOAD_PHYSICAL_ADDR, %rbp
336 /* Target address to relocate to for decompression */
337 movl BP_init_size(%rsi), %ebx
338 subl $ rva(_end), %ebx
341 /* Set up the stack */
342 leaq rva(boot_stack_end)(%rbx), %rsp
345 * At this point we are in long mode with 4-level paging enabled,
346 * but we might want to enable 5-level paging or vice versa.
348 * The problem is that we cannot do it directly. Setting or clearing
349 * CR4.LA57 in long mode would trigger #GP. So we need to switch off
350 * long mode and paging first.
352 * We also need a trampoline in lower memory to switch over from
353 * 4- to 5-level paging for cases when the bootloader puts the kernel
354 * above 4G, but didn't enable 5-level paging for us.
356 * The same trampoline can be used to switch from 5- to 4-level paging
357 * mode, like when starting 4-level paging kernel via kexec() when
358 * original kernel worked in 5-level paging mode.
360 * For the trampoline, we need the top page table to reside in lower
361 * memory as we don't have a way to load 64-bit values into CR3 in
365 /* Make sure we have GDT with 32-bit code segment */
366 leaq gdt64(%rip), %rax
370 /* Reload CS so IRET returns to a CS actually in the GDT */
372 leaq .Lon_kernel_cs(%rip), %rax
378 * RSI holds a pointer to a boot_params structure provided by the
379 * loader, and this needs to be preserved across C function calls. So
380 * move it into a callee saved register.
386 #ifdef CONFIG_AMD_MEM_ENCRYPT
388 * Now that the stage1 interrupt handlers are set up, #VC exceptions from
389 * CPUID instructions can be properly handled for SEV-ES guests.
391 * For SEV-SNP, the CPUID table also needs to be set up in advance of any
392 * CPUID instructions being issued, so go ahead and do that now via
393 * sev_enable(), which will also handle the rest of the SEV-related
394 * detection/setup to ensure that has been done in advance of any dependent
395 * code. Pass the boot_params pointer as the first argument.
401 /* Preserve only the CR4 bits that must be preserved, and clear the rest */
403 andl $(X86_CR4_PAE | X86_CR4_MCE | X86_CR4_LA57), %eax
407 * configure_5level_paging() updates the number of paging levels using
408 * a trampoline in 32-bit addressable memory if the current number does
409 * not match the desired number.
411 * Pass the boot_params pointer as the first argument. The second
412 * argument is the relocated address of the page table to use instead
413 * of the page table in trampoline memory (if required).
416 leaq rva(top_pgtable)(%rbx), %rsi
417 call configure_5level_paging
424 * Copy the compressed kernel to the end of our buffer
425 * where decompression in place becomes safe.
427 leaq (_bss-8)(%rip), %rsi
428 leaq rva(_bss-8)(%rbx), %rdi
429 movl $(_bss - startup_32), %ecx
436 * The GDT may get overwritten either during the copy we just did or
437 * during extract_kernel below. To avoid any issues, repoint the GDTR
438 * to the new copy of the GDT.
440 leaq rva(gdt64)(%rbx), %rax
441 leaq rva(gdt)(%rbx), %rdx
446 * Jump to the relocated address.
448 leaq rva(.Lrelocated)(%rbx), %rax
450 SYM_CODE_END(startup_64)
453 SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated)
456 * Clear BSS (stack is currently empty)
459 leaq _bss(%rip), %rdi
460 leaq _ebss(%rip), %rcx
467 /* Pass boot_params to initialize_identity_maps() */
469 call initialize_identity_maps
472 * Do the extraction, and jump to the new kernel..
474 /* pass struct boot_params pointer and output target address */
477 call extract_kernel /* returns kernel entry point in %rax */
480 * Jump to the decompressed kernel.
484 SYM_FUNC_END(.Lrelocated)
487 * This is the 32-bit trampoline that will be copied over to low memory. It
488 * will be called using the ordinary 64-bit calling convention from code
489 * running in 64-bit mode.
491 * Return address is at the top of the stack (might be above 4G).
492 * The first argument (EDI) contains the address of the temporary PGD level
493 * page table in 32-bit addressable memory which will be programmed into
496 .section ".rodata", "a", @progbits
497 SYM_CODE_START(trampoline_32bit_src)
499 * Preserve callee save 64-bit registers on the stack: this is
500 * necessary because the architecture does not guarantee that GPRs will
501 * retain their full 64-bit values across a 32-bit mode switch.
510 /* Preserve top half of RSP in a legacy mode GPR to avoid truncation */
514 /* Switch to compatibility mode (CS.L = 0 CS.D = 1) via far return */
521 * The 32-bit code below will do a far jump back to long mode and end
522 * up here after reconfiguring the number of paging levels. First, the
523 * stack pointer needs to be restored to its full 64-bit value before
524 * the callee save register contents can be popped from the stack.
530 /* Restore the preserved 64-bit registers */
543 btrl $X86_CR0_PG_BIT, %eax
546 /* Point CR3 to the trampoline's new top level page table */
549 /* Set EFER.LME=1 as a precaution in case hypervsior pulls the rug */
552 btsl $_EFER_LME, %eax
553 /* Avoid writing EFER if no change was made (for TDX guest) */
557 /* Toggle CR4.LA57 */
559 btcl $X86_CR4_LA57_BIT, %eax
562 /* Enable paging again. */
564 btsl $X86_CR0_PG_BIT, %eax
568 * Return to the 64-bit calling code using LJMP rather than LRET, to
569 * avoid the need for a 32-bit addressable stack. The destination
570 * address will be adjusted after the template code is copied into a
571 * 32-bit addressable buffer.
573 .Ljmp: ljmpl $__KERNEL_CS, $(.Lret - trampoline_32bit_src)
574 SYM_CODE_END(trampoline_32bit_src)
577 * This symbol is placed right after trampoline_32bit_src() so its address can
578 * be used to infer the size of the trampoline code.
580 SYM_DATA(trampoline_ljmp_imm_offset, .word .Ljmp + 1 - trampoline_32bit_src)
583 * The trampoline code has a size limit.
584 * Make sure we fail to compile if the trampoline code grows
585 * beyond TRAMPOLINE_32BIT_CODE_SIZE bytes.
587 .org trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_SIZE
590 SYM_FUNC_START_LOCAL_NOALIGN(.Lno_longmode)
591 /* This isn't an x86-64 CPU, so hang intentionally, we cannot continue */
595 SYM_FUNC_END(.Lno_longmode)
598 #include "../../kernel/verify_cpu.S"
601 SYM_DATA_START_LOCAL(gdt64)
602 .word gdt_end - gdt - 1
606 SYM_DATA_START_LOCAL(gdt)
607 .word gdt_end - gdt - 1
610 .quad 0x00cf9a000000ffff /* __KERNEL32_CS */
611 .quad 0x00af9a000000ffff /* __KERNEL_CS */
612 .quad 0x00cf92000000ffff /* __KERNEL_DS */
613 .quad 0x0080890000000000 /* TS descriptor */
614 .quad 0x0000000000000000 /* TS continued */
615 SYM_DATA_END_LABEL(gdt, SYM_L_LOCAL, gdt_end)
617 SYM_DATA_START(boot_idt_desc)
618 .word boot_idt_end - boot_idt - 1
620 SYM_DATA_END(boot_idt_desc)
622 SYM_DATA_START(boot_idt)
623 .rept BOOT_IDT_ENTRIES
627 SYM_DATA_END_LABEL(boot_idt, SYM_L_GLOBAL, boot_idt_end)
630 * Stack and heap for uncompression
634 SYM_DATA_START_LOCAL(boot_stack)
635 .fill BOOT_STACK_SIZE, 1, 0
637 SYM_DATA_END_LABEL(boot_stack, SYM_L_LOCAL, boot_stack_end)
640 * Space for page tables (not in .bss so not zeroed)
642 .section ".pgtable","aw",@nobits
644 SYM_DATA_LOCAL(pgtable, .fill BOOT_PGT_SIZE, 1, 0)
647 * The page table is going to be used instead of page table in the trampoline
650 SYM_DATA_LOCAL(top_pgtable, .fill PAGE_SIZE, 1, 0)
projects / linux-2.6-block.git / blob