xref: /openbmc/linux/arch/s390/purgatory/head.S (revision 0bf49ffb) 
1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * Purgatory setup code
4 *
5 * Copyright IBM Corp. 2018
6 *
7 * Author(s): Philipp Rudo <prudo@linux.vnet.ibm.com>
8 */
9
10#include <linux/linkage.h>
11#include <asm/asm-offsets.h>
12#include <asm/page.h>
13#include <asm/sigp.h>
14#include <asm/ptrace.h>
15
16/* The purgatory is the code running between two kernels. It's main purpose
17 * is to verify that the next kernel was not corrupted after load and to
18 * start it.
19 *
20 * If the next kernel is a crash kernel there are some peculiarities to
21 * consider:
22 *
23 * First the purgatory is called twice. Once only to verify the
24 * sha digest. So if the crash kernel got corrupted the old kernel can try
25 * to trigger a stand-alone dumper. And once to actually load the crash kernel.
26 *
27 * Second the purgatory also has to swap the crash memory region with its
28 * destination at address 0. As the purgatory is part of crash memory this
29 * requires some finesse. The tactic here is that the purgatory first copies
30 * itself to the end of the destination and then swaps the rest of the
31 * memory running from there.
32 */
33
34#define bufsz purgatory_end-stack
35
36.macro MEMCPY dst,src,len
37	lgr	%r0,\dst
38	lgr	%r1,\len
39	lgr	%r2,\src
40	lgr	%r3,\len
41
4220:	mvcle	%r0,%r2,0
43	jo	20b
44.endm
45
46.macro MEMSWAP dst,src,buf,len
4710:	cghi	\len,bufsz
48	jh	11f
49	lgr	%r4,\len
50	j	12f
5111:	lghi	%r4,bufsz
52
5312:	MEMCPY	\buf,\dst,%r4
54	MEMCPY	\dst,\src,%r4
55	MEMCPY	\src,\buf,%r4
56
57	agr	\dst,%r4
58	agr	\src,%r4
59	sgr	\len,%r4
60
61	cghi	\len,0
62	jh	10b
63.endm
64
65.macro START_NEXT_KERNEL base subcode
66	lg	%r4,kernel_entry-\base(%r13)
67	lg	%r5,load_psw_mask-\base(%r13)
68	ogr	%r4,%r5
69	stg	%r4,0(%r0)
70
71	xgr	%r0,%r0
72	lghi	%r1,\subcode
73	diag	%r0,%r1,0x308
74.endm
75
76.text
77.align PAGE_SIZE
78ENTRY(purgatory_start)
79	/* The purgatory might be called after a diag308 so better set
80	 * architecture and addressing mode.
81	 */
82	lhi	%r1,1
83	sigp	%r1,%r0,SIGP_SET_ARCHITECTURE
84	sam64
85
86	larl	%r5,gprregs
87	stmg	%r6,%r15,0(%r5)
88
89	basr	%r13,0
90.base_crash:
91
92	/* Setup stack */
93	larl	%r15,purgatory_end-STACK_FRAME_OVERHEAD
94
95	/* If the next kernel is KEXEC_TYPE_CRASH the purgatory is called
96	 * directly with a flag passed in %r2 whether the purgatory shall do
97	 * checksum verification only (%r2 = 0 -> verification only).
98	 *
99	 * Check now and preserve over C function call by storing in
100	 * %r10 whith
101	 *	1 -> checksum verification only
102	 *	0 -> load new kernel
103	 */
104	lghi	%r10,0
105	lg	%r11,kernel_type-.base_crash(%r13)
106	cghi	%r11,1		/* KEXEC_TYPE_CRASH */
107	jne	.do_checksum_verification
108	cghi	%r2,0		/* checksum verification only */
109	jne	.do_checksum_verification
110	lghi	%r10,1
111
112.do_checksum_verification:
113	brasl	%r14,verify_sha256_digest
114
115	cghi	%r10,1		/* checksum verification only */
116	je	.return_old_kernel
117	cghi	%r2,0		/* checksum match */
118	jne	.disabled_wait
119
120	/* If the next kernel is a crash kernel the purgatory has to swap
121	 * the mem regions first.
122	 */
123	cghi	%r11,1 /* KEXEC_TYPE_CRASH */
124	je	.start_crash_kernel
125
126	/* start normal kernel */
127	START_NEXT_KERNEL .base_crash 0
128
129.return_old_kernel:
130	lmg	%r6,%r15,gprregs-.base_crash(%r13)
131	br	%r14
132
133.disabled_wait:
134	lpswe	disabled_wait_psw-.base_crash(%r13)
135
136.start_crash_kernel:
137	/* Location of purgatory_start in crash memory */
138	lgr	%r8,%r13
139	aghi	%r8,-(.base_crash-purgatory_start)
140
141	/* Destination for this code i.e. end of memory to be swapped. */
142	lg	%r9,crash_size-.base_crash(%r13)
143	aghi	%r9,-(purgatory_end-purgatory_start)
144
145	/* Destination in crash memory, i.e. same as r9 but in crash memory. */
146	lg	%r10,crash_start-.base_crash(%r13)
147	agr	%r10,%r9
148
149	/* Buffer location (in crash memory) and size. As the purgatory is
150	 * behind the point of no return it can re-use the stack as buffer.
151	 */
152	lghi	%r11,bufsz
153	larl	%r12,stack
154
155	MEMCPY	%r12,%r9,%r11	/* dst	-> (crash) buf */
156	MEMCPY	%r9,%r8,%r11	/* self -> dst */
157
158	/* Jump to new location. */
159	lgr	%r7,%r9
160	aghi	%r7,.jump_to_dst-purgatory_start
161	br	%r7
162
163.jump_to_dst:
164	basr	%r13,0
165.base_dst:
166
167	/* clear buffer */
168	MEMCPY	%r12,%r10,%r11	/* (crash) buf -> (crash) dst */
169
170	/* Load new buffer location after jump */
171	larl	%r7,stack
172	aghi	%r10,stack-purgatory_start
173	MEMCPY	%r10,%r7,%r11	/* (new) buf -> (crash) buf */
174
175	/* Now the code is set up to run from its designated location. Start
176	 * swapping the rest of crash memory now.
177	 *
178	 * The registers will be used as follow:
179	 *
180	 *	%r0-%r4	reserved for macros defined above
181	 *	%r5-%r6 tmp registers
182	 *	%r7	pointer to current struct sha region
183	 *	%r8	index to iterate over all sha regions
184	 *	%r9	pointer in crash memory
185	 *	%r10	pointer in old kernel
186	 *	%r11	total size (still) to be moved
187	 *	%r12	pointer to buffer
188	 */
189	lgr	%r12,%r7
190	lgr	%r11,%r9
191	lghi	%r10,0
192	lg	%r9,crash_start-.base_dst(%r13)
193	lghi	%r8,16	/* KEXEC_SEGMENTS_MAX */
194	larl	%r7,purgatory_sha_regions
195
196	j .loop_first
197
198	/* Loop over all purgatory_sha_regions. */
199.loop_next:
200	aghi	%r8,-1
201	cghi	%r8,0
202	je	.loop_out
203
204	aghi	%r7,__KEXEC_SHA_REGION_SIZE
205
206.loop_first:
207	lg	%r5,__KEXEC_SHA_REGION_START(%r7)
208	cghi	%r5,0
209	je	.loop_next
210
211	/* Copy [end last sha region, start current sha region) */
212	/* Note: kexec_sha_region->start points in crash memory */
213	sgr	%r5,%r9
214	MEMCPY	%r9,%r10,%r5
215
216	agr	%r9,%r5
217	agr	%r10,%r5
218	sgr	%r11,%r5
219
220	/* Swap sha region */
221	lg	%r6,__KEXEC_SHA_REGION_LEN(%r7)
222	MEMSWAP	%r9,%r10,%r12,%r6
223	sg	%r11,__KEXEC_SHA_REGION_LEN(%r7)
224	j	.loop_next
225
226.loop_out:
227	/* Copy rest of crash memory */
228	MEMCPY	%r9,%r10,%r11
229
230	/* start crash kernel */
231	START_NEXT_KERNEL .base_dst 1
232
233
234load_psw_mask:
235	.long	0x00080000,0x80000000
236
237	.align	8
238disabled_wait_psw:
239	.quad	0x0002000180000000
240	.quad	0x0000000000000000 + .do_checksum_verification
241
242gprregs:
243	.rept	10
244	.quad	0
245	.endr
246
247/* Macro to define a global variable with name and size (in bytes) to be
248 * shared with C code.
249 *
250 * Add the .size and .type attribute to satisfy checks on the Elf_Sym during
251 * purgatory load.
252 */
253.macro GLOBAL_VARIABLE name,size
254\name:
255	.global \name
256	.size	\name,\size
257	.type	\name,object
258	.skip	\size,0
259.endm
260
261GLOBAL_VARIABLE purgatory_sha256_digest,32
262GLOBAL_VARIABLE purgatory_sha_regions,16*__KEXEC_SHA_REGION_SIZE
263GLOBAL_VARIABLE kernel_entry,8
264GLOBAL_VARIABLE kernel_type,8
265GLOBAL_VARIABLE crash_start,8
266GLOBAL_VARIABLE crash_size,8
267
268	.align	PAGE_SIZE
269stack:
270	/* The buffer to move this code must be as big as the code. */
271	.skip	stack-purgatory_start
272	.align	PAGE_SIZE
273purgatory_end:
274