1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * header.S
4 *
5 * Copyright (C) 1991, 1992 Linus Torvalds
6 *
7 * Based on bootsect.S and setup.S
8 * modified by more people than can be counted
9 *
10 * Rewritten as a common file by H. Peter Anvin (Apr 2007)
11 *
12 * BIG FAT NOTE: We're in real mode using 64k segments. Therefore segment
13 * addresses must be multiplied by 16 to obtain their respective linear
14 * addresses. To avoid confusion, linear addresses are written using leading
15 * hex while segment addresses are written as segment:offset.
16 *
17 */
18#include <linux/pe.h>
19#include <asm/segment.h>
20#include <asm/boot.h>
21#include <asm/page_types.h>
22#include <asm/setup.h>
23#include <asm/bootparam.h>
24#include "boot.h"
25#include "voffset.h"
26#include "zoffset.h"
27
28BOOTSEG = 0x07C0 /* original address of boot-sector */
29SYSSEG = 0x1000 /* historical load address >> 4 */
30
31#ifndef SVGA_MODE
32#define SVGA_MODE ASK_VGA
33#endif
34
35#ifndef ROOT_RDONLY
36#define ROOT_RDONLY 1
37#endif
38
39 .set salign, 0x1000
40 .set falign, 0x200
41
42 .code16
43 .section ".bstext", "ax"
44#ifdef CONFIG_EFI_STUB
45 # "MZ", MS-DOS header
46 .word MZ_MAGIC
47 .org 0x38
48 #
49 # Offset to the PE header.
50 #
51 .long LINUX_PE_MAGIC
52 .long pe_header
53pe_header:
54 .long PE_MAGIC
55
56coff_header:
57#ifdef CONFIG_X86_32
58 .set image_file_add_flags, IMAGE_FILE_32BIT_MACHINE
59 .set pe_opt_magic, PE_OPT_MAGIC_PE32
60 .word IMAGE_FILE_MACHINE_I386
61#else
62 .set image_file_add_flags, 0
63 .set pe_opt_magic, PE_OPT_MAGIC_PE32PLUS
64 .word IMAGE_FILE_MACHINE_AMD64
65#endif
66 .word section_count # nr_sections
67 .long 0 # TimeDateStamp
68 .long 0 # PointerToSymbolTable
69 .long 1 # NumberOfSymbols
70 .word section_table - optional_header # SizeOfOptionalHeader
71 .word IMAGE_FILE_EXECUTABLE_IMAGE | \
72 image_file_add_flags | \
73 IMAGE_FILE_DEBUG_STRIPPED | \
74 IMAGE_FILE_LINE_NUMS_STRIPPED # Characteristics
75
76optional_header:
77 .word pe_opt_magic
78 .byte 0x02 # MajorLinkerVersion
79 .byte 0x14 # MinorLinkerVersion
80
81 .long ZO__data # SizeOfCode
82
83 .long ZO__end - ZO__data # SizeOfInitializedData
84 .long 0 # SizeOfUninitializedData
85
86 .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint
87
88 .long setup_size # BaseOfCode
89#ifdef CONFIG_X86_32
90 .long 0 # data
91#endif
92
93extra_header_fields:
94#ifdef CONFIG_X86_32
95 .long 0 # ImageBase
96#else
97 .quad 0 # ImageBase
98#endif
99 .long salign # SectionAlignment
100 .long falign # FileAlignment
101 .word 0 # MajorOperatingSystemVersion
102 .word 0 # MinorOperatingSystemVersion
103 .word LINUX_EFISTUB_MAJOR_VERSION # MajorImageVersion
104 .word LINUX_EFISTUB_MINOR_VERSION # MinorImageVersion
105 .word 0 # MajorSubsystemVersion
106 .word 0 # MinorSubsystemVersion
107 .long 0 # Win32VersionValue
108
109 .long setup_size + ZO__end + pecompat_vsize
110 # SizeOfImage
111
112 .long salign # SizeOfHeaders
113 .long 0 # CheckSum
114 .word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application)
115#ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES
116 .word IMAGE_DLL_CHARACTERISTICS_NX_COMPAT # DllCharacteristics
117#else
118 .word 0 # DllCharacteristics
119#endif
120#ifdef CONFIG_X86_32
121 .long 0 # SizeOfStackReserve
122 .long 0 # SizeOfStackCommit
123 .long 0 # SizeOfHeapReserve
124 .long 0 # SizeOfHeapCommit
125#else
126 .quad 0 # SizeOfStackReserve
127 .quad 0 # SizeOfStackCommit
128 .quad 0 # SizeOfHeapReserve
129 .quad 0 # SizeOfHeapCommit
130#endif
131 .long 0 # LoaderFlags
132 .long (section_table - .) / 8 # NumberOfRvaAndSizes
133
134 .quad 0 # ExportTable
135 .quad 0 # ImportTable
136 .quad 0 # ResourceTable
137 .quad 0 # ExceptionTable
138 .quad 0 # CertificationTable
139 .quad 0 # BaseRelocationTable
140
141 # Section table
142section_table:
143 .ascii ".setup"
144 .byte 0
145 .byte 0
146 .long setup_size - salign # VirtualSize
147 .long salign # VirtualAddress
148 .long pecompat_fstart - salign # SizeOfRawData
149 .long salign # PointerToRawData
150
151 .long 0, 0, 0
152 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
153 IMAGE_SCN_MEM_READ | \
154 IMAGE_SCN_MEM_DISCARDABLE # Characteristics
155
156#ifdef CONFIG_EFI_MIXED
157 .asciz ".compat"
158
159 .long 8 # VirtualSize
160 .long setup_size + ZO__end # VirtualAddress
161 .long pecompat_fsize # SizeOfRawData
162 .long pecompat_fstart # PointerToRawData
163
164 .long 0, 0, 0
165 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
166 IMAGE_SCN_MEM_READ | \
167 IMAGE_SCN_MEM_DISCARDABLE # Characteristics
168
169 /*
170 * Put the IA-32 machine type and the associated entry point address in
171 * the .compat section, so loaders can figure out which other execution
172 * modes this image supports.
173 */
174 .pushsection ".pecompat", "a", @progbits
175 .balign falign
176 .set pecompat_vsize, salign
177 .globl pecompat_fstart
178pecompat_fstart:
179 .byte 0x1 # Version
180 .byte 8 # Size
181 .word IMAGE_FILE_MACHINE_I386 # PE machine type
182 .long setup_size + ZO_efi32_pe_entry # Entrypoint
183 .popsection
184#else
185 .set pecompat_vsize, 0
186 .set pecompat_fstart, setup_size
187#endif
188 .ascii ".text"
189 .byte 0
190 .byte 0
191 .byte 0
192 .long ZO__data
193 .long setup_size
194 .long ZO__data # Size of initialized data
195 # on disk
196 .long setup_size
197 .long 0 # PointerToRelocations
198 .long 0 # PointerToLineNumbers
199 .word 0 # NumberOfRelocations
200 .word 0 # NumberOfLineNumbers
201 .long IMAGE_SCN_CNT_CODE | \
202 IMAGE_SCN_MEM_READ | \
203 IMAGE_SCN_MEM_EXECUTE # Characteristics
204
205 .ascii ".data\0\0\0"
206 .long ZO__end - ZO__data # VirtualSize
207 .long setup_size + ZO__data # VirtualAddress
208 .long ZO__edata - ZO__data # SizeOfRawData
209 .long setup_size + ZO__data # PointerToRawData
210
211 .long 0, 0, 0
212 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
213 IMAGE_SCN_MEM_READ | \
214 IMAGE_SCN_MEM_WRITE # Characteristics
215
216 .set section_count, (. - section_table) / 40
217#endif /* CONFIG_EFI_STUB */
218
219 # Kernel attributes; used by setup. This is part 1 of the
220 # header, from the old boot sector.
221
222 .section ".header", "a"
223 .globl sentinel
224sentinel: .byte 0xff, 0xff /* Used to detect broken loaders */
225
226 .globl hdr
227hdr:
228 .byte setup_sects - 1
229root_flags: .word ROOT_RDONLY
230syssize: .long ZO__edata / 16
231ram_size: .word 0 /* Obsolete */
232vid_mode: .word SVGA_MODE
233root_dev: .word 0 /* Default to major/minor 0/0 */
234boot_flag: .word 0xAA55
235
236 # offset 512, entry point
237
238 .globl _start
239_start:
240 # Explicitly enter this as bytes, or the assembler
241 # tries to generate a 3-byte jump here, which causes
242 # everything else to push off to the wrong offset.
243 .byte 0xeb # short (2-byte) jump
244 .byte start_of_setup-1f
2451:
246
247 # Part 2 of the header, from the old setup.S
248
249 .ascii "HdrS" # header signature
250 .word 0x020f # header version number (>= 0x0105)
251 # or else old loadlin-1.5 will fail)
252 .globl realmode_swtch
253realmode_swtch: .word 0, 0 # default_switch, SETUPSEG
254start_sys_seg: .word SYSSEG # obsolete and meaningless, but just
255 # in case something decided to "use" it
256 .word kernel_version-512 # pointing to kernel version string
257 # above section of header is compatible
258 # with loadlin-1.5 (header v1.5). Don't
259 # change it.
260
261type_of_loader: .byte 0 # 0 means ancient bootloader, newer
262 # bootloaders know to change this.
263 # See Documentation/arch/x86/boot.rst for
264 # assigned ids
265
266# flags, unused bits must be zero (RFU) bit within loadflags
267loadflags:
268 .byte LOADED_HIGH # The kernel is to be loaded high
269
270setup_move_size: .word 0x8000 # size to move, when setup is not
271 # loaded at 0x90000. We will move setup
272 # to 0x90000 then just before jumping
273 # into the kernel. However, only the
274 # loader knows how much data behind
275 # us also needs to be loaded.
276
277code32_start: # here loaders can put a different
278 # start address for 32-bit code.
279 .long 0x100000 # 0x100000 = default for big kernel
280
281ramdisk_image: .long 0 # address of loaded ramdisk image
282 # Here the loader puts the 32-bit
283 # address where it loaded the image.
284 # This only will be read by the kernel.
285
286ramdisk_size: .long 0 # its size in bytes
287
288bootsect_kludge:
289 .long 0 # obsolete
290
291heap_end_ptr: .word _end+STACK_SIZE-512
292 # (Header version 0x0201 or later)
293 # space from here (exclusive) down to
294 # end of setup code can be used by setup
295 # for local heap purposes.
296
297ext_loader_ver:
298 .byte 0 # Extended boot loader version
299ext_loader_type:
300 .byte 0 # Extended boot loader type
301
302cmd_line_ptr: .long 0 # (Header version 0x0202 or later)
303 # If nonzero, a 32-bit pointer
304 # to the kernel command line.
305 # The command line should be
306 # located between the start of
307 # setup and the end of low
308 # memory (0xa0000), or it may
309 # get overwritten before it
310 # gets read. If this field is
311 # used, there is no longer
312 # anything magical about the
313 # 0x90000 segment; the setup
314 # can be located anywhere in
315 # low memory 0x10000 or higher.
316
317initrd_addr_max: .long 0x7fffffff
318 # (Header version 0x0203 or later)
319 # The highest safe address for
320 # the contents of an initrd
321 # The current kernel allows up to 4 GB,
322 # but leave it at 2 GB to avoid
323 # possible bootloader bugs.
324
325kernel_alignment: .long CONFIG_PHYSICAL_ALIGN #physical addr alignment
326 #required for protected mode
327 #kernel
328#ifdef CONFIG_RELOCATABLE
329relocatable_kernel: .byte 1
330#else
331relocatable_kernel: .byte 0
332#endif
333min_alignment: .byte MIN_KERNEL_ALIGN_LG2 # minimum alignment
334
335xloadflags:
336#ifdef CONFIG_X86_64
337# define XLF0 XLF_KERNEL_64 /* 64-bit kernel */
338#else
339# define XLF0 0
340#endif
341
342#if defined(CONFIG_RELOCATABLE) && defined(CONFIG_X86_64)
343 /* kernel/boot_param/ramdisk could be loaded above 4g */
344# define XLF1 XLF_CAN_BE_LOADED_ABOVE_4G
345#else
346# define XLF1 0
347#endif
348
349#ifdef CONFIG_EFI_HANDOVER_PROTOCOL
350# ifdef CONFIG_EFI_MIXED
351# define XLF23 (XLF_EFI_HANDOVER_32|XLF_EFI_HANDOVER_64)
352# else
353# ifdef CONFIG_X86_64
354# define XLF23 XLF_EFI_HANDOVER_64 /* 64-bit EFI handover ok */
355# else
356# define XLF23 XLF_EFI_HANDOVER_32 /* 32-bit EFI handover ok */
357# endif
358# endif
359#else
360# define XLF23 0
361#endif
362
363#if defined(CONFIG_X86_64) && defined(CONFIG_EFI) && defined(CONFIG_KEXEC_CORE)
364# define XLF4 XLF_EFI_KEXEC
365#else
366# define XLF4 0
367#endif
368
369#ifdef CONFIG_X86_64
370#ifdef CONFIG_X86_5LEVEL
371#define XLF56 (XLF_5LEVEL|XLF_5LEVEL_ENABLED)
372#else
373#define XLF56 XLF_5LEVEL
374#endif
375#else
376#define XLF56 0
377#endif
378
379 .word XLF0 | XLF1 | XLF23 | XLF4 | XLF56
380
381cmdline_size: .long COMMAND_LINE_SIZE-1 #length of the command line,
382 #added with boot protocol
383 #version 2.06
384
385hardware_subarch: .long 0 # subarchitecture, added with 2.07
386 # default to 0 for normal x86 PC
387
388hardware_subarch_data: .quad 0
389
390payload_offset: .long ZO_input_data
391payload_length: .long ZO_z_input_len
392
393setup_data: .quad 0 # 64-bit physical pointer to
394 # single linked list of
395 # struct setup_data
396
397pref_address: .quad LOAD_PHYSICAL_ADDR # preferred load addr
398
399#
400# Getting to provably safe in-place decompression is hard. Worst case
401# behaviours need to be analyzed. Here let's take the decompression of
402# a gzip-compressed kernel as example, to illustrate it:
403#
404# The file layout of gzip compressed kernel is:
405#
406# magic[2]
407# method[1]
408# flags[1]
409# timestamp[4]
410# extraflags[1]
411# os[1]
412# compressed data blocks[N]
413# crc[4] orig_len[4]
414#
415# ... resulting in +18 bytes overhead of uncompressed data.
416#
417# (For more information, please refer to RFC 1951 and RFC 1952.)
418#
419# Files divided into blocks
420# 1 bit (last block flag)
421# 2 bits (block type)
422#
423# 1 block occurs every 32K -1 bytes or when there 50% compression
424# has been achieved. The smallest block type encoding is always used.
425#
426# stored:
427# 32 bits length in bytes.
428#
429# fixed:
430# magic fixed tree.
431# symbols.
432#
433# dynamic:
434# dynamic tree encoding.
435# symbols.
436#
437#
438# The buffer for decompression in place is the length of the uncompressed
439# data, plus a small amount extra to keep the algorithm safe. The
440# compressed data is placed at the end of the buffer. The output pointer
441# is placed at the start of the buffer and the input pointer is placed
442# where the compressed data starts. Problems will occur when the output
443# pointer overruns the input pointer.
444#
445# The output pointer can only overrun the input pointer if the input
446# pointer is moving faster than the output pointer. A condition only
447# triggered by data whose compressed form is larger than the uncompressed
448# form.
449#
450# The worst case at the block level is a growth of the compressed data
451# of 5 bytes per 32767 bytes.
452#
453# The worst case internal to a compressed block is very hard to figure.
454# The worst case can at least be bounded by having one bit that represents
455# 32764 bytes and then all of the rest of the bytes representing the very
456# very last byte.
457#
458# All of which is enough to compute an amount of extra data that is required
459# to be safe. To avoid problems at the block level allocating 5 extra bytes
460# per 32767 bytes of data is sufficient. To avoid problems internal to a
461# block adding an extra 32767 bytes (the worst case uncompressed block size)
462# is sufficient, to ensure that in the worst case the decompressed data for
463# block will stop the byte before the compressed data for a block begins.
464# To avoid problems with the compressed data's meta information an extra 18
465# bytes are needed. Leading to the formula:
466#
467# extra_bytes = (uncompressed_size >> 12) + 32768 + 18
468#
469# Adding 8 bytes per 32K is a bit excessive but much easier to calculate.
470# Adding 32768 instead of 32767 just makes for round numbers.
471#
472# Above analysis is for decompressing gzip compressed kernel only. Up to
473# now 6 different decompressor are supported all together. And among them
474# xz stores data in chunks and has maximum chunk of 64K. Hence safety
475# margin should be updated to cover all decompressors so that we don't
476# need to deal with each of them separately. Please check
477# the description in lib/decompressor_xxx.c for specific information.
478#
479# extra_bytes = (uncompressed_size >> 12) + 65536 + 128
480#
481# LZ4 is even worse: data that cannot be further compressed grows by 0.4%,
482# or one byte per 256 bytes. OTOH, we can safely get rid of the +128 as
483# the size-dependent part now grows so fast.
484#
485# extra_bytes = (uncompressed_size >> 8) + 65536
486#
487# ZSTD compressed data grows by at most 3 bytes per 128K, and only has a 22
488# byte fixed overhead but has a maximum block size of 128K, so it needs a
489# larger margin.
490#
491# extra_bytes = (uncompressed_size >> 8) + 131072
492
493#define ZO_z_extra_bytes ((ZO_z_output_len >> 8) + 131072)
494#if ZO_z_output_len > ZO_z_input_len
495# define ZO_z_extract_offset (ZO_z_output_len + ZO_z_extra_bytes - \
496 ZO_z_input_len)
497#else
498# define ZO_z_extract_offset ZO_z_extra_bytes
499#endif
500
501/*
502 * The extract_offset has to be bigger than ZO head section. Otherwise when
503 * the head code is running to move ZO to the end of the buffer, it will
504 * overwrite the head code itself.
505 */
506#if (ZO__ehead - ZO_startup_32) > ZO_z_extract_offset
507# define ZO_z_min_extract_offset ((ZO__ehead - ZO_startup_32 + 4095) & ~4095)
508#else
509# define ZO_z_min_extract_offset ((ZO_z_extract_offset + 4095) & ~4095)
510#endif
511
512#define ZO_INIT_SIZE (ZO__end - ZO_startup_32 + ZO_z_min_extract_offset)
513
514#define VO_INIT_SIZE (VO__end - VO__text)
515#if ZO_INIT_SIZE > VO_INIT_SIZE
516# define INIT_SIZE ZO_INIT_SIZE
517#else
518# define INIT_SIZE VO_INIT_SIZE
519#endif
520
521 .macro __handover_offset
522#ifndef CONFIG_EFI_HANDOVER_PROTOCOL
523 .long 0
524#elif !defined(CONFIG_X86_64)
525 .long ZO_efi32_stub_entry
526#else
527 /* Yes, this is really how we defined it :( */
528 .long ZO_efi64_stub_entry - 0x200
529#ifdef CONFIG_EFI_MIXED
530 .if ZO_efi32_stub_entry != ZO_efi64_stub_entry - 0x200
531 .error "32-bit and 64-bit EFI entry points do not match"
532 .endif
533#endif
534#endif
535 .endm
536
537init_size: .long INIT_SIZE # kernel initialization size
538handover_offset: __handover_offset
539kernel_info_offset: .long ZO_kernel_info
540
541# End of setup header #####################################################
542
543 .section ".entrytext", "ax"
544start_of_setup:
545# Force %es = %ds
546 movw %ds, %ax
547 movw %ax, %es
548 cld
549
550# Apparently some ancient versions of LILO invoked the kernel with %ss != %ds,
551# which happened to work by accident for the old code. Recalculate the stack
552# pointer if %ss is invalid. Otherwise leave it alone, LOADLIN sets up the
553# stack behind its own code, so we can't blindly put it directly past the heap.
554
555 movw %ss, %dx
556 cmpw %ax, %dx # %ds == %ss?
557 movw %sp, %dx
558 je 2f # -> assume %sp is reasonably set
559
560 # Invalid %ss, make up a new stack
561 movw $_end, %dx
562 testb $CAN_USE_HEAP, loadflags
563 jz 1f
564 movw heap_end_ptr, %dx
5651: addw $STACK_SIZE, %dx
566 jnc 2f
567 xorw %dx, %dx # Prevent wraparound
568
5692: # Now %dx should point to the end of our stack space
570 andw $~3, %dx # dword align (might as well...)
571 jnz 3f
572 movw $0xfffc, %dx # Make sure we're not zero
5733: movw %ax, %ss
574 movzwl %dx, %esp # Clear upper half of %esp
575 sti # Now we should have a working stack
576
577# We will have entered with %cs = %ds+0x20, normalize %cs so
578# it is on par with the other segments.
579 pushw %ds
580 pushw $6f
581 lretw
5826:
583
584# Check signature at end of setup
585 cmpl $0x5a5aaa55, setup_sig
586 jne setup_bad
587
588# Zero the bss
589 movw $__bss_start, %di
590 movw $_end+3, %cx
591 xorl %eax, %eax
592 subw %di, %cx
593 shrw $2, %cx
594 rep; stosl
595
596# Jump to C code (should not return)
597 calll main
598
599# Setup corrupt somehow...
600setup_bad:
601 movl $setup_corrupt, %eax
602 calll puts
603 # Fall through...
604
605 .globl die
606 .type die, @function
607die:
608 hlt
609 jmp die
610
611 .size die, .-die
612
613 .section ".initdata", "a"
614setup_corrupt:
615 .byte 7
616 .string "No setup signature found...\n"
617

source code of linux/arch/x86/boot/header.S