1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * linux/boot/head.S 4 * 5 * Copyright (C) 1991, 1992, 1993 Linus Torvalds 6 */ 7 8/* 9 * head.S contains the 32-bit startup code. 10 * 11 * NOTE!!! Startup happens at absolute address 0x00001000, which is also where 12 * the page directory will exist. The startup code will be overwritten by 13 * the page directory. [According to comments etc elsewhere on a compressed 14 * kernel it will end up at 0x1000 + 1Mb I hope so as I assume this. - AC] 15 * 16 * Page 0 is deliberately kept safe, since System Management Mode code in 17 * laptops may need to access the BIOS data stored there. This is also 18 * useful for future device drivers that either access the BIOS via VM86 19 * mode. 20 */ 21 22/* 23 * High loaded stuff by Hans Lermen & Werner Almesberger, Feb. 1996 24 */ 25 .code32 26 .text 27 28#include <linux/init.h> 29#include <linux/linkage.h> 30#include <asm/segment.h> 31#include <asm/boot.h> 32#include <asm/msr.h> 33#include <asm/processor-flags.h> 34#include <asm/asm-offsets.h> 35#include <asm/bootparam.h> 36#include <asm/desc_defs.h> 37#include "pgtable.h" 38 39/* 40 * Locally defined symbols should be marked hidden: 41 */ 42 .hidden _bss 43 .hidden _ebss 44 .hidden _end 45 46 __HEAD 47 48/* 49 * This macro gives the relative virtual address of X, i.e. the offset of X 50 * from startup_32. This is the same as the link-time virtual address of X, 51 * since startup_32 is at 0, but defining it this way tells the 52 * assembler/linker that we do not want the actual run-time address of X. This 53 * prevents the linker from trying to create unwanted run-time relocation 54 * entries for the reference when the compressed kernel is linked as PIE. 55 * 56 * A reference X(%reg) will result in the link-time VA of X being stored with 57 * the instruction, and a run-time R_X86_64_RELATIVE relocation entry that 58 * adds the 64-bit base address where the kernel is loaded. 59 * 60 * Replacing it with (X-startup_32)(%reg) results in the offset being stored, 61 * and no run-time relocation. 62 * 63 * The macro should be used as a displacement with a base register containing 64 * the run-time address of startup_32 [i.e. rva(X)(%reg)], or as an immediate 65 * [$ rva(X)]. 66 * 67 * This macro can only be used from within the .head.text section, since the 68 * expression requires startup_32 to be in the same section as the code being 69 * assembled. 70 */ 71#define rva(X) ((X) - startup_32) 72 73 .code32 74SYM_FUNC_START(startup_32) 75 /* 76 * 32bit entry is 0 and it is ABI so immutable! 77 * If we come here directly from a bootloader, 78 * kernel(text+data+bss+brk) ramdisk, zero_page, command line 79 * all need to be under the 4G limit. 80 */ 81 cld 82 cli 83 84/* 85 * Calculate the delta between where we were compiled to run 86 * at and where we were actually loaded at. This can only be done 87 * with a short local call on x86. Nothing else will tell us what 88 * address we are running at. The reserved chunk of the real-mode 89 * data at 0x1e4 (defined as a scratch field) are used as the stack 90 * for this calculation. Only 4 bytes are needed. 91 */ 92 leal (BP_scratch+4)(%esi), %esp 93 call 1f 941: popl %ebp 95 subl $ rva(1b), %ebp 96 97 /* Load new GDT with the 64bit segments using 32bit descriptor */ 98 leal rva(gdt)(%ebp), %eax 99 movl %eax, 2(%eax) 100 lgdt (%eax) 101 102 /* Load segment registers with our descriptors */ 103 movl $__BOOT_DS, %eax 104 movl %eax, %ds 105 movl %eax, %es 106 movl %eax, %fs 107 movl %eax, %gs 108 movl %eax, %ss 109 110/* setup a stack and make sure cpu supports long mode. */ 111 leal rva(boot_stack_end)(%ebp), %esp 112 113 call verify_cpu 114 testl %eax, %eax 115 jnz .Lno_longmode 116 117/* 118 * Compute the delta between where we were compiled to run at 119 * and where the code will actually run at. 120 * 121 * %ebp contains the address we are loaded at by the boot loader and %ebx 122 * contains the address where we should move the kernel image temporarily 123 * for safe in-place decompression. 124 */ 125 126#ifdef CONFIG_RELOCATABLE 127 movl %ebp, %ebx 128 129#ifdef CONFIG_EFI_STUB 130/* 131 * If we were loaded via the EFI LoadImage service, startup_32 will be at an 132 * offset to the start of the space allocated for the image. efi_pe_entry will 133 * set up image_offset to tell us where the image actually starts, so that we 134 * can use the full available buffer. 135 * image_offset = startup_32 - image_base 136 * Otherwise image_offset will be zero and has no effect on the calculations. 137 */ 138 subl rva(image_offset)(%ebp), %ebx 139#endif 140 141 movl BP_kernel_alignment(%esi), %eax 142 decl %eax 143 addl %eax, %ebx 144 notl %eax 145 andl %eax, %ebx 146 cmpl $LOAD_PHYSICAL_ADDR, %ebx 147 jae 1f 148#endif 149 movl $LOAD_PHYSICAL_ADDR, %ebx 1501: 151 152 /* Target address to relocate to for decompression */ 153 addl BP_init_size(%esi), %ebx 154 subl $ rva(_end), %ebx 155 156/* 157 * Prepare for entering 64 bit mode 158 */ 159 160 /* Enable PAE mode */ 161 movl %cr4, %eax 162 orl $X86_CR4_PAE, %eax 163 movl %eax, %cr4 164 165 /* 166 * Build early 4G boot pagetable 167 */ 168 /* 169 * If SEV is active then set the encryption mask in the page tables. 170 * This will insure that when the kernel is copied and decompressed 171 * it will be done so encrypted. 172 */ 173 call get_sev_encryption_bit 174 xorl %edx, %edx 175#ifdef CONFIG_AMD_MEM_ENCRYPT 176 testl %eax, %eax 177 jz 1f 178 subl $32, %eax /* Encryption bit is always above bit 31 */ 179 bts %eax, %edx /* Set encryption mask for page tables */ 180 /* 181 * Mark SEV as active in sev_status so that startup32_check_sev_cbit() 182 * will do a check. The sev_status memory will be fully initialized 183 * with the contents of MSR_AMD_SEV_STATUS later in 184 * set_sev_encryption_mask(). For now it is sufficient to know that SEV 185 * is active. 186 */ 187 movl $1, rva(sev_status)(%ebp) 1881: 189#endif 190 191 /* Initialize Page tables to 0 */ 192 leal rva(pgtable)(%ebx), %edi 193 xorl %eax, %eax 194 movl $(BOOT_INIT_PGT_SIZE/4), %ecx 195 rep stosl 196 197 /* Build Level 4 */ 198 leal rva(pgtable + 0)(%ebx), %edi 199 leal 0x1007 (%edi), %eax 200 movl %eax, 0(%edi) 201 addl %edx, 4(%edi) 202 203 /* Build Level 3 */ 204 leal rva(pgtable + 0x1000)(%ebx), %edi 205 leal 0x1007(%edi), %eax 206 movl $4, %ecx 2071: movl %eax, 0x00(%edi) 208 addl %edx, 0x04(%edi) 209 addl $0x00001000, %eax 210 addl $8, %edi 211 decl %ecx 212 jnz 1b 213 214 /* Build Level 2 */ 215 leal rva(pgtable + 0x2000)(%ebx), %edi 216 movl $0x00000183, %eax 217 movl $2048, %ecx 2181: movl %eax, 0(%edi) 219 addl %edx, 4(%edi) 220 addl $0x00200000, %eax 221 addl $8, %edi 222 decl %ecx 223 jnz 1b 224 225 /* Enable the boot page tables */ 226 leal rva(pgtable)(%ebx), %eax 227 movl %eax, %cr3 228 229 /* Enable Long mode in EFER (Extended Feature Enable Register) */ 230 movl $MSR_EFER, %ecx 231 rdmsr 232 btsl $_EFER_LME, %eax 233 wrmsr 234 235 /* After gdt is loaded */ 236 xorl %eax, %eax 237 lldt %ax 238 movl $__BOOT_TSS, %eax 239 ltr %ax 240 241 /* 242 * Setup for the jump to 64bit mode 243 * 244 * When the jump is performend we will be in long mode but 245 * in 32bit compatibility mode with EFER.LME = 1, CS.L = 0, CS.D = 1 246 * (and in turn EFER.LMA = 1). To jump into 64bit mode we use 247 * the new gdt/idt that has __KERNEL_CS with CS.L = 1. 248 * We place all of the values on our mini stack so lret can 249 * used to perform that far jump. 250 */ 251 leal rva(startup_64)(%ebp), %eax 252#ifdef CONFIG_EFI_MIXED 253 movl rva(efi32_boot_args)(%ebp), %edi 254 cmp $0, %edi 255 jz 1f 256 leal rva(efi64_stub_entry)(%ebp), %eax 257 movl rva(efi32_boot_args+4)(%ebp), %esi 258 movl rva(efi32_boot_args+8)(%ebp), %edx // saved bootparams pointer 259 cmpl $0, %edx 260 jnz 1f 261 /* 262 * efi_pe_entry uses MS calling convention, which requires 32 bytes of 263 * shadow space on the stack even if all arguments are passed in 264 * registers. We also need an additional 8 bytes for the space that 265 * would be occupied by the return address, and this also results in 266 * the correct stack alignment for entry. 267 */ 268 subl $40, %esp 269 leal rva(efi_pe_entry)(%ebp), %eax 270 movl %edi, %ecx // MS calling convention 271 movl %esi, %edx 2721: 273#endif 274 /* Check if the C-bit position is correct when SEV is active */ 275 call startup32_check_sev_cbit 276 277 pushl $__KERNEL_CS 278 pushl %eax 279 280 /* Enter paged protected Mode, activating Long Mode */ 281 movl $(X86_CR0_PG | X86_CR0_PE), %eax /* Enable Paging and Protected mode */ 282 movl %eax, %cr0 283 284 /* Jump from 32bit compatibility mode into 64bit mode. */ 285 lret 286SYM_FUNC_END(startup_32) 287 288#ifdef CONFIG_EFI_MIXED 289 .org 0x190 290SYM_FUNC_START(efi32_stub_entry) 291 add $0x4, %esp /* Discard return address */ 292 popl %ecx 293 popl %edx 294 popl %esi 295 296 call 1f 2971: pop %ebp 298 subl $ rva(1b), %ebp 299 300 movl %esi, rva(efi32_boot_args+8)(%ebp) 301SYM_INNER_LABEL(efi32_pe_stub_entry, SYM_L_LOCAL) 302 movl %ecx, rva(efi32_boot_args)(%ebp) 303 movl %edx, rva(efi32_boot_args+4)(%ebp) 304 movb $0, rva(efi_is64)(%ebp) 305 306 /* Save firmware GDTR and code/data selectors */ 307 sgdtl rva(efi32_boot_gdt)(%ebp) 308 movw %cs, rva(efi32_boot_cs)(%ebp) 309 movw %ds, rva(efi32_boot_ds)(%ebp) 310 311 /* Disable paging */ 312 movl %cr0, %eax 313 btrl $X86_CR0_PG_BIT, %eax 314 movl %eax, %cr0 315 316 jmp startup_32 317SYM_FUNC_END(efi32_stub_entry) 318#endif 319 320 .code64 321 .org 0x200 322SYM_CODE_START(startup_64) 323 /* 324 * 64bit entry is 0x200 and it is ABI so immutable! 325 * We come here either from startup_32 or directly from a 326 * 64bit bootloader. 327 * If we come here from a bootloader, kernel(text+data+bss+brk), 328 * ramdisk, zero_page, command line could be above 4G. 329 * We depend on an identity mapped page table being provided 330 * that maps our entire kernel(text+data+bss+brk), zero page 331 * and command line. 332 */ 333 334 cld 335 cli 336 337 /* Setup data segments. */ 338 xorl %eax, %eax 339 movl %eax, %ds 340 movl %eax, %es 341 movl %eax, %ss 342 movl %eax, %fs 343 movl %eax, %gs 344 345 /* 346 * Compute the decompressed kernel start address. It is where 347 * we were loaded at aligned to a 2M boundary. %rbp contains the 348 * decompressed kernel start address. 349 * 350 * If it is a relocatable kernel then decompress and run the kernel 351 * from load address aligned to 2MB addr, otherwise decompress and 352 * run the kernel from LOAD_PHYSICAL_ADDR 353 * 354 * We cannot rely on the calculation done in 32-bit mode, since we 355 * may have been invoked via the 64-bit entry point. 356 */ 357 358 /* Start with the delta to where the kernel will run at. */ 359#ifdef CONFIG_RELOCATABLE 360 leaq startup_32(%rip) /* - $startup_32 */, %rbp 361 362#ifdef CONFIG_EFI_STUB 363/* 364 * If we were loaded via the EFI LoadImage service, startup_32 will be at an 365 * offset to the start of the space allocated for the image. efi_pe_entry will 366 * set up image_offset to tell us where the image actually starts, so that we 367 * can use the full available buffer. 368 * image_offset = startup_32 - image_base 369 * Otherwise image_offset will be zero and has no effect on the calculations. 370 */ 371 movl image_offset(%rip), %eax 372 subq %rax, %rbp 373#endif 374 375 movl BP_kernel_alignment(%rsi), %eax 376 decl %eax 377 addq %rax, %rbp 378 notq %rax 379 andq %rax, %rbp 380 cmpq $LOAD_PHYSICAL_ADDR, %rbp 381 jae 1f 382#endif 383 movq $LOAD_PHYSICAL_ADDR, %rbp 3841: 385 386 /* Target address to relocate to for decompression */ 387 movl BP_init_size(%rsi), %ebx 388 subl $ rva(_end), %ebx 389 addq %rbp, %rbx 390 391 /* Set up the stack */ 392 leaq rva(boot_stack_end)(%rbx), %rsp 393 394 /* 395 * At this point we are in long mode with 4-level paging enabled, 396 * but we might want to enable 5-level paging or vice versa. 397 * 398 * The problem is that we cannot do it directly. Setting or clearing 399 * CR4.LA57 in long mode would trigger #GP. So we need to switch off 400 * long mode and paging first. 401 * 402 * We also need a trampoline in lower memory to switch over from 403 * 4- to 5-level paging for cases when the bootloader puts the kernel 404 * above 4G, but didn't enable 5-level paging for us. 405 * 406 * The same trampoline can be used to switch from 5- to 4-level paging 407 * mode, like when starting 4-level paging kernel via kexec() when 408 * original kernel worked in 5-level paging mode. 409 * 410 * For the trampoline, we need the top page table to reside in lower 411 * memory as we don't have a way to load 64-bit values into CR3 in 412 * 32-bit mode. 413 * 414 * We go though the trampoline even if we don't have to: if we're 415 * already in a desired paging mode. This way the trampoline code gets 416 * tested on every boot. 417 */ 418 419 /* Make sure we have GDT with 32-bit code segment */ 420 leaq gdt64(%rip), %rax 421 addq %rax, 2(%rax) 422 lgdt (%rax) 423 424 /* Reload CS so IRET returns to a CS actually in the GDT */ 425 pushq $__KERNEL_CS 426 leaq .Lon_kernel_cs(%rip), %rax 427 pushq %rax 428 lretq 429 430.Lon_kernel_cs: 431 432 pushq %rsi 433 call load_stage1_idt 434 popq %rsi 435 436 /* 437 * paging_prepare() sets up the trampoline and checks if we need to 438 * enable 5-level paging. 439 * 440 * paging_prepare() returns a two-quadword structure which lands 441 * into RDX:RAX: 442 * - Address of the trampoline is returned in RAX. 443 * - Non zero RDX means trampoline needs to enable 5-level 444 * paging. 445 * 446 * RSI holds real mode data and needs to be preserved across 447 * this function call. 448 */ 449 pushq %rsi 450 movq %rsi, %rdi /* real mode address */ 451 call paging_prepare 452 popq %rsi 453 454 /* Save the trampoline address in RCX */ 455 movq %rax, %rcx 456 457 /* 458 * Load the address of trampoline_return() into RDI. 459 * It will be used by the trampoline to return to the main code. 460 */ 461 leaq trampoline_return(%rip), %rdi 462 463 /* Switch to compatibility mode (CS.L = 0 CS.D = 1) via far return */ 464 pushq $__KERNEL32_CS 465 leaq TRAMPOLINE_32BIT_CODE_OFFSET(%rax), %rax 466 pushq %rax 467 lretq 468trampoline_return: 469 /* Restore the stack, the 32-bit trampoline uses its own stack */ 470 leaq rva(boot_stack_end)(%rbx), %rsp 471 472 /* 473 * cleanup_trampoline() would restore trampoline memory. 474 * 475 * RDI is address of the page table to use instead of page table 476 * in trampoline memory (if required). 477 * 478 * RSI holds real mode data and needs to be preserved across 479 * this function call. 480 */ 481 pushq %rsi 482 leaq rva(top_pgtable)(%rbx), %rdi 483 call cleanup_trampoline 484 popq %rsi 485 486 /* Zero EFLAGS */ 487 pushq $0 488 popfq 489 490/* 491 * Copy the compressed kernel to the end of our buffer 492 * where decompression in place becomes safe. 493 */ 494 pushq %rsi 495 leaq (_bss-8)(%rip), %rsi 496 leaq rva(_bss-8)(%rbx), %rdi 497 movl $(_bss - startup_32), %ecx 498 shrl $3, %ecx 499 std 500 rep movsq 501 cld 502 popq %rsi 503 504 /* 505 * The GDT may get overwritten either during the copy we just did or 506 * during extract_kernel below. To avoid any issues, repoint the GDTR 507 * to the new copy of the GDT. 508 */ 509 leaq rva(gdt64)(%rbx), %rax 510 leaq rva(gdt)(%rbx), %rdx 511 movq %rdx, 2(%rax) 512 lgdt (%rax) 513 514/* 515 * Jump to the relocated address. 516 */ 517 leaq rva(.Lrelocated)(%rbx), %rax 518 jmp *%rax 519SYM_CODE_END(startup_64) 520 521#ifdef CONFIG_EFI_STUB 522 .org 0x390 523SYM_FUNC_START(efi64_stub_entry) 524SYM_FUNC_START_ALIAS(efi_stub_entry) 525 and $~0xf, %rsp /* realign the stack */ 526 movq %rdx, %rbx /* save boot_params pointer */ 527 call efi_main 528 movq %rbx,%rsi 529 leaq rva(startup_64)(%rax), %rax 530 jmp *%rax 531SYM_FUNC_END(efi64_stub_entry) 532SYM_FUNC_END_ALIAS(efi_stub_entry) 533#endif 534 535 .text 536SYM_FUNC_START_LOCAL_NOALIGN(.Lrelocated) 537 538/* 539 * Clear BSS (stack is currently empty) 540 */ 541 xorl %eax, %eax 542 leaq _bss(%rip), %rdi 543 leaq _ebss(%rip), %rcx 544 subq %rdi, %rcx 545 shrq $3, %rcx 546 rep stosq 547 548/* 549 * If running as an SEV guest, the encryption mask is required in the 550 * page-table setup code below. When the guest also has SEV-ES enabled 551 * set_sev_encryption_mask() will cause #VC exceptions, but the stage2 552 * handler can't map its GHCB because the page-table is not set up yet. 553 * So set up the encryption mask here while still on the stage1 #VC 554 * handler. Then load stage2 IDT and switch to the kernel's own 555 * page-table. 556 */ 557 pushq %rsi 558 call set_sev_encryption_mask 559 call load_stage2_idt 560 561 /* Pass boot_params to initialize_identity_maps() */ 562 movq (%rsp), %rdi 563 call initialize_identity_maps 564 popq %rsi 565 566/* 567 * Do the extraction, and jump to the new kernel.. 568 */ 569 pushq %rsi /* Save the real mode argument */ 570 movq %rsi, %rdi /* real mode address */ 571 leaq boot_heap(%rip), %rsi /* malloc area for uncompression */ 572 leaq input_data(%rip), %rdx /* input_data */ 573 movl input_len(%rip), %ecx /* input_len */ 574 movq %rbp, %r8 /* output target address */ 575 movl output_len(%rip), %r9d /* decompressed length, end of relocs */ 576 call extract_kernel /* returns kernel location in %rax */ 577 popq %rsi 578 579/* 580 * Jump to the decompressed kernel. 581 */ 582 jmp *%rax 583SYM_FUNC_END(.Lrelocated) 584 585 .code32 586/* 587 * This is the 32-bit trampoline that will be copied over to low memory. 588 * 589 * RDI contains the return address (might be above 4G). 590 * ECX contains the base address of the trampoline memory. 591 * Non zero RDX means trampoline needs to enable 5-level paging. 592 */ 593SYM_CODE_START(trampoline_32bit_src) 594 /* Set up data and stack segments */ 595 movl $__KERNEL_DS, %eax 596 movl %eax, %ds 597 movl %eax, %ss 598 599 /* Set up new stack */ 600 leal TRAMPOLINE_32BIT_STACK_END(%ecx), %esp 601 602 /* Disable paging */ 603 movl %cr0, %eax 604 btrl $X86_CR0_PG_BIT, %eax 605 movl %eax, %cr0 606 607 /* Check what paging mode we want to be in after the trampoline */ 608 cmpl $0, %edx 609 jz 1f 610 611 /* We want 5-level paging: don't touch CR3 if it already points to 5-level page tables */ 612 movl %cr4, %eax 613 testl $X86_CR4_LA57, %eax 614 jnz 3f 615 jmp 2f 6161: 617 /* We want 4-level paging: don't touch CR3 if it already points to 4-level page tables */ 618 movl %cr4, %eax 619 testl $X86_CR4_LA57, %eax 620 jz 3f 6212: 622 /* Point CR3 to the trampoline's new top level page table */ 623 leal TRAMPOLINE_32BIT_PGTABLE_OFFSET(%ecx), %eax 624 movl %eax, %cr3 6253: 626 /* Set EFER.LME=1 as a precaution in case hypervsior pulls the rug */ 627 pushl %ecx 628 pushl %edx 629 movl $MSR_EFER, %ecx 630 rdmsr 631 btsl $_EFER_LME, %eax 632 wrmsr 633 popl %edx 634 popl %ecx 635 636 /* Enable PAE and LA57 (if required) paging modes */ 637 movl $X86_CR4_PAE, %eax 638 cmpl $0, %edx 639 jz 1f 640 orl $X86_CR4_LA57, %eax 6411: 642 movl %eax, %cr4 643 644 /* Calculate address of paging_enabled() once we are executing in the trampoline */ 645 leal .Lpaging_enabled - trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_OFFSET(%ecx), %eax 646 647 /* Prepare the stack for far return to Long Mode */ 648 pushl $__KERNEL_CS 649 pushl %eax 650 651 /* Enable paging again */ 652 movl $(X86_CR0_PG | X86_CR0_PE), %eax 653 movl %eax, %cr0 654 655 lret 656SYM_CODE_END(trampoline_32bit_src) 657 658 .code64 659SYM_FUNC_START_LOCAL_NOALIGN(.Lpaging_enabled) 660 /* Return from the trampoline */ 661 jmp *%rdi 662SYM_FUNC_END(.Lpaging_enabled) 663 664 /* 665 * The trampoline code has a size limit. 666 * Make sure we fail to compile if the trampoline code grows 667 * beyond TRAMPOLINE_32BIT_CODE_SIZE bytes. 668 */ 669 .org trampoline_32bit_src + TRAMPOLINE_32BIT_CODE_SIZE 670 671 .code32 672SYM_FUNC_START_LOCAL_NOALIGN(.Lno_longmode) 673 /* This isn't an x86-64 CPU, so hang intentionally, we cannot continue */ 6741: 675 hlt 676 jmp 1b 677SYM_FUNC_END(.Lno_longmode) 678 679#include "../../kernel/verify_cpu.S" 680 681 .data 682SYM_DATA_START_LOCAL(gdt64) 683 .word gdt_end - gdt - 1 684 .quad gdt - gdt64 685SYM_DATA_END(gdt64) 686 .balign 8 687SYM_DATA_START_LOCAL(gdt) 688 .word gdt_end - gdt - 1 689 .long 0 690 .word 0 691 .quad 0x00cf9a000000ffff /* __KERNEL32_CS */ 692 .quad 0x00af9a000000ffff /* __KERNEL_CS */ 693 .quad 0x00cf92000000ffff /* __KERNEL_DS */ 694 .quad 0x0080890000000000 /* TS descriptor */ 695 .quad 0x0000000000000000 /* TS continued */ 696SYM_DATA_END_LABEL(gdt, SYM_L_LOCAL, gdt_end) 697 698SYM_DATA_START(boot_idt_desc) 699 .word boot_idt_end - boot_idt - 1 700 .quad 0 701SYM_DATA_END(boot_idt_desc) 702 .balign 8 703SYM_DATA_START(boot_idt) 704 .rept BOOT_IDT_ENTRIES 705 .quad 0 706 .quad 0 707 .endr 708SYM_DATA_END_LABEL(boot_idt, SYM_L_GLOBAL, boot_idt_end) 709 710#ifdef CONFIG_EFI_STUB 711SYM_DATA(image_offset, .long 0) 712#endif 713#ifdef CONFIG_EFI_MIXED 714SYM_DATA_LOCAL(efi32_boot_args, .long 0, 0, 0) 715SYM_DATA(efi_is64, .byte 1) 716 717#define ST32_boottime 60 // offsetof(efi_system_table_32_t, boottime) 718#define BS32_handle_protocol 88 // offsetof(efi_boot_services_32_t, handle_protocol) 719#define LI32_image_base 32 // offsetof(efi_loaded_image_32_t, image_base) 720 721 __HEAD 722 .code32 723SYM_FUNC_START(efi32_pe_entry) 724/* 725 * efi_status_t efi32_pe_entry(efi_handle_t image_handle, 726 * efi_system_table_32_t *sys_table) 727 */ 728 729 pushl %ebp 730 movl %esp, %ebp 731 pushl %eax // dummy push to allocate loaded_image 732 733 pushl %ebx // save callee-save registers 734 pushl %edi 735 736 call verify_cpu // check for long mode support 737 testl %eax, %eax 738 movl $0x80000003, %eax // EFI_UNSUPPORTED 739 jnz 2f 740 741 call 1f 7421: pop %ebx 743 subl $ rva(1b), %ebx 744 745 /* Get the loaded image protocol pointer from the image handle */ 746 leal -4(%ebp), %eax 747 pushl %eax // &loaded_image 748 leal rva(loaded_image_proto)(%ebx), %eax 749 pushl %eax // pass the GUID address 750 pushl 8(%ebp) // pass the image handle 751 752 /* 753 * Note the alignment of the stack frame. 754 * sys_table 755 * handle <-- 16-byte aligned on entry by ABI 756 * return address 757 * frame pointer 758 * loaded_image <-- local variable 759 * saved %ebx <-- 16-byte aligned here 760 * saved %edi 761 * &loaded_image 762 * &loaded_image_proto 763 * handle <-- 16-byte aligned for call to handle_protocol 764 */ 765 766 movl 12(%ebp), %eax // sys_table 767 movl ST32_boottime(%eax), %eax // sys_table->boottime 768 call *BS32_handle_protocol(%eax) // sys_table->boottime->handle_protocol 769 addl $12, %esp // restore argument space 770 testl %eax, %eax 771 jnz 2f 772 773 movl 8(%ebp), %ecx // image_handle 774 movl 12(%ebp), %edx // sys_table 775 movl -4(%ebp), %esi // loaded_image 776 movl LI32_image_base(%esi), %esi // loaded_image->image_base 777 movl %ebx, %ebp // startup_32 for efi32_pe_stub_entry 778 /* 779 * We need to set the image_offset variable here since startup_32() will 780 * use it before we get to the 64-bit efi_pe_entry() in C code. 781 */ 782 subl %esi, %ebx 783 movl %ebx, rva(image_offset)(%ebp) // save image_offset 784 jmp efi32_pe_stub_entry 785 7862: popl %edi // restore callee-save registers 787 popl %ebx 788 leave 789 RET 790SYM_FUNC_END(efi32_pe_entry) 791 792 .section ".rodata" 793 /* EFI loaded image protocol GUID */ 794 .balign 4 795SYM_DATA_START_LOCAL(loaded_image_proto) 796 .long 0x5b1b31a1 797 .word 0x9562, 0x11d2 798 .byte 0x8e, 0x3f, 0x00, 0xa0, 0xc9, 0x69, 0x72, 0x3b 799SYM_DATA_END(loaded_image_proto) 800#endif 801 802/* 803 * Check for the correct C-bit position when the startup_32 boot-path is used. 804 * 805 * The check makes use of the fact that all memory is encrypted when paging is 806 * disabled. The function creates 64 bits of random data using the RDRAND 807 * instruction. RDRAND is mandatory for SEV guests, so always available. If the 808 * hypervisor violates that the kernel will crash right here. 809 * 810 * The 64 bits of random data are stored to a memory location and at the same 811 * time kept in the %eax and %ebx registers. Since encryption is always active 812 * when paging is off the random data will be stored encrypted in main memory. 813 * 814 * Then paging is enabled. When the C-bit position is correct all memory is 815 * still mapped encrypted and comparing the register values with memory will 816 * succeed. An incorrect C-bit position will map all memory unencrypted, so that 817 * the compare will use the encrypted random data and fail. 818 */ 819 __HEAD 820 .code32 821SYM_FUNC_START(startup32_check_sev_cbit) 822#ifdef CONFIG_AMD_MEM_ENCRYPT 823 pushl %eax 824 pushl %ebx 825 pushl %ecx 826 pushl %edx 827 828 /* Check for non-zero sev_status */ 829 movl rva(sev_status)(%ebp), %eax 830 testl %eax, %eax 831 jz 4f 832 833 /* 834 * Get two 32-bit random values - Don't bail out if RDRAND fails 835 * because it is better to prevent forward progress if no random value 836 * can be gathered. 837 */ 8381: rdrand %eax 839 jnc 1b 8402: rdrand %ebx 841 jnc 2b 842 843 /* Store to memory and keep it in the registers */ 844 movl %eax, rva(sev_check_data)(%ebp) 845 movl %ebx, rva(sev_check_data+4)(%ebp) 846 847 /* Enable paging to see if encryption is active */ 848 movl %cr0, %edx /* Backup %cr0 in %edx */ 849 movl $(X86_CR0_PG | X86_CR0_PE), %ecx /* Enable Paging and Protected mode */ 850 movl %ecx, %cr0 851 852 cmpl %eax, rva(sev_check_data)(%ebp) 853 jne 3f 854 cmpl %ebx, rva(sev_check_data+4)(%ebp) 855 jne 3f 856 857 movl %edx, %cr0 /* Restore previous %cr0 */ 858 859 jmp 4f 860 8613: /* Check failed - hlt the machine */ 862 hlt 863 jmp 3b 864 8654: 866 popl %edx 867 popl %ecx 868 popl %ebx 869 popl %eax 870#endif 871 RET 872SYM_FUNC_END(startup32_check_sev_cbit) 873 874/* 875 * Stack and heap for uncompression 876 */ 877 .bss 878 .balign 4 879SYM_DATA_LOCAL(boot_heap, .fill BOOT_HEAP_SIZE, 1, 0) 880 881SYM_DATA_START_LOCAL(boot_stack) 882 .fill BOOT_STACK_SIZE, 1, 0 883 .balign 16 884SYM_DATA_END_LABEL(boot_stack, SYM_L_LOCAL, boot_stack_end) 885 886/* 887 * Space for page tables (not in .bss so not zeroed) 888 */ 889 .section ".pgtable","aw",@nobits 890 .balign 4096 891SYM_DATA_LOCAL(pgtable, .fill BOOT_PGT_SIZE, 1, 0) 892 893/* 894 * The page table is going to be used instead of page table in the trampoline 895 * memory. 896 */ 897SYM_DATA_LOCAL(top_pgtable, .fill PAGE_SIZE, 1, 0) 898