1/* SPDX-License-Identifier: GPL-2.0 */ 2/* 3 * header.S 4 * 5 * Copyright (C) 1991, 1992 Linus Torvalds 6 * 7 * Based on bootsect.S and setup.S 8 * modified by more people than can be counted 9 * 10 * Rewritten as a common file by H. Peter Anvin (Apr 2007) 11 * 12 * BIG FAT NOTE: We're in real mode using 64k segments. Therefore segment 13 * addresses must be multiplied by 16 to obtain their respective linear 14 * addresses. To avoid confusion, linear addresses are written using leading 15 * hex while segment addresses are written as segment:offset. 16 * 17 */ 18 19#include <asm/segment.h> 20#include <asm/boot.h> 21#include <asm/page_types.h> 22#include <asm/setup.h> 23#include <asm/bootparam.h> 24#include "boot.h" 25#include "voffset.h" 26#include "zoffset.h" 27 28BOOTSEG = 0x07C0 /* original address of boot-sector */ 29SYSSEG = 0x1000 /* historical load address >> 4 */ 30 31#ifndef SVGA_MODE 32#define SVGA_MODE ASK_VGA 33#endif 34 35#ifndef ROOT_RDONLY 36#define ROOT_RDONLY 1 37#endif 38 39 .code16 40 .section ".bstext", "ax" 41 42 .global bootsect_start 43bootsect_start: 44#ifdef CONFIG_EFI_STUB 45 # "MZ", MS-DOS header 46 .byte 0x4d 47 .byte 0x5a 48#endif 49 50 # Normalize the start address 51 ljmp $BOOTSEG, $start2 52 53start2: 54 movw %cs, %ax 55 movw %ax, %ds 56 movw %ax, %es 57 movw %ax, %ss 58 xorw %sp, %sp 59 sti 60 cld 61 62 movw $bugger_off_msg, %si 63 64msg_loop: 65 lodsb 66 andb %al, %al 67 jz bs_die 68 movb $0xe, %ah 69 movw $7, %bx 70 int $0x10 71 jmp msg_loop 72 73bs_die: 74 # Allow the user to press a key, then reboot 75 xorw %ax, %ax 76 int $0x16 77 int $0x19 78 79 # int 0x19 should never return. In case it does anyway, 80 # invoke the BIOS reset code... 81 ljmp $0xf000,$0xfff0 82 83#ifdef CONFIG_EFI_STUB 84 .org 0x3c 85 # 86 # Offset to the PE header. 87 # 88 .long pe_header 89#endif /* CONFIG_EFI_STUB */ 90 91 .section ".bsdata", "a" 92bugger_off_msg: 93 .ascii "Use a boot loader.\r\n" 94 .ascii "\n" 95 .ascii "Remove disk and press any key to reboot...\r\n" 96 .byte 0 97 98#ifdef CONFIG_EFI_STUB 99pe_header: 100 .ascii "PE" 101 .word 0 102 103coff_header: 104#ifdef CONFIG_X86_32 105 .word 0x14c # i386 106#else 107 .word 0x8664 # x86-64 108#endif 109 .word 4 # nr_sections 110 .long 0 # TimeDateStamp 111 .long 0 # PointerToSymbolTable 112 .long 1 # NumberOfSymbols 113 .word section_table - optional_header # SizeOfOptionalHeader 114#ifdef CONFIG_X86_32 115 .word 0x306 # Characteristics. 116 # IMAGE_FILE_32BIT_MACHINE | 117 # IMAGE_FILE_DEBUG_STRIPPED | 118 # IMAGE_FILE_EXECUTABLE_IMAGE | 119 # IMAGE_FILE_LINE_NUMS_STRIPPED 120#else 121 .word 0x206 # Characteristics 122 # IMAGE_FILE_DEBUG_STRIPPED | 123 # IMAGE_FILE_EXECUTABLE_IMAGE | 124 # IMAGE_FILE_LINE_NUMS_STRIPPED 125#endif 126 127optional_header: 128#ifdef CONFIG_X86_32 129 .word 0x10b # PE32 format 130#else 131 .word 0x20b # PE32+ format 132#endif 133 .byte 0x02 # MajorLinkerVersion 134 .byte 0x14 # MinorLinkerVersion 135 136 # Filled in by build.c 137 .long 0 # SizeOfCode 138 139 .long 0 # SizeOfInitializedData 140 .long 0 # SizeOfUninitializedData 141 142 # Filled in by build.c 143 .long 0x0000 # AddressOfEntryPoint 144 145 .long 0x0200 # BaseOfCode 146#ifdef CONFIG_X86_32 147 .long 0 # data 148#endif 149 150extra_header_fields: 151#ifdef CONFIG_X86_32 152 .long 0 # ImageBase 153#else 154 .quad 0 # ImageBase 155#endif 156 .long 0x20 # SectionAlignment 157 .long 0x20 # FileAlignment 158 .word 0 # MajorOperatingSystemVersion 159 .word 0 # MinorOperatingSystemVersion 160 .word 0 # MajorImageVersion 161 .word 0 # MinorImageVersion 162 .word 0 # MajorSubsystemVersion 163 .word 0 # MinorSubsystemVersion 164 .long 0 # Win32VersionValue 165 166 # 167 # The size of the bzImage is written in tools/build.c 168 # 169 .long 0 # SizeOfImage 170 171 .long 0x200 # SizeOfHeaders 172 .long 0 # CheckSum 173 .word 0xa # Subsystem (EFI application) 174 .word 0 # DllCharacteristics 175#ifdef CONFIG_X86_32 176 .long 0 # SizeOfStackReserve 177 .long 0 # SizeOfStackCommit 178 .long 0 # SizeOfHeapReserve 179 .long 0 # SizeOfHeapCommit 180#else 181 .quad 0 # SizeOfStackReserve 182 .quad 0 # SizeOfStackCommit 183 .quad 0 # SizeOfHeapReserve 184 .quad 0 # SizeOfHeapCommit 185#endif 186 .long 0 # LoaderFlags 187 .long 0x6 # NumberOfRvaAndSizes 188 189 .quad 0 # ExportTable 190 .quad 0 # ImportTable 191 .quad 0 # ResourceTable 192 .quad 0 # ExceptionTable 193 .quad 0 # CertificationTable 194 .quad 0 # BaseRelocationTable 195 196 # Section table 197section_table: 198 # 199 # The offset & size fields are filled in by build.c. 200 # 201 .ascii ".setup" 202 .byte 0 203 .byte 0 204 .long 0 205 .long 0x0 # startup_{32,64} 206 .long 0 # Size of initialized data 207 # on disk 208 .long 0x0 # startup_{32,64} 209 .long 0 # PointerToRelocations 210 .long 0 # PointerToLineNumbers 211 .word 0 # NumberOfRelocations 212 .word 0 # NumberOfLineNumbers 213 .long 0x60500020 # Characteristics (section flags) 214 215 # 216 # The EFI application loader requires a relocation section 217 # because EFI applications must be relocatable. The .reloc 218 # offset & size fields are filled in by build.c. 219 # 220 .ascii ".reloc" 221 .byte 0 222 .byte 0 223 .long 0 224 .long 0 225 .long 0 # SizeOfRawData 226 .long 0 # PointerToRawData 227 .long 0 # PointerToRelocations 228 .long 0 # PointerToLineNumbers 229 .word 0 # NumberOfRelocations 230 .word 0 # NumberOfLineNumbers 231 .long 0x42100040 # Characteristics (section flags) 232 233 # 234 # The offset & size fields are filled in by build.c. 235 # 236 .ascii ".text" 237 .byte 0 238 .byte 0 239 .byte 0 240 .long 0 241 .long 0x0 # startup_{32,64} 242 .long 0 # Size of initialized data 243 # on disk 244 .long 0x0 # startup_{32,64} 245 .long 0 # PointerToRelocations 246 .long 0 # PointerToLineNumbers 247 .word 0 # NumberOfRelocations 248 .word 0 # NumberOfLineNumbers 249 .long 0x60500020 # Characteristics (section flags) 250 251 # 252 # The offset & size fields are filled in by build.c. 253 # 254 .ascii ".bss" 255 .byte 0 256 .byte 0 257 .byte 0 258 .byte 0 259 .long 0 260 .long 0x0 261 .long 0 # Size of initialized data 262 # on disk 263 .long 0x0 264 .long 0 # PointerToRelocations 265 .long 0 # PointerToLineNumbers 266 .word 0 # NumberOfRelocations 267 .word 0 # NumberOfLineNumbers 268 .long 0xc8000080 # Characteristics (section flags) 269 270#endif /* CONFIG_EFI_STUB */ 271 272 # Kernel attributes; used by setup. This is part 1 of the 273 # header, from the old boot sector. 274 275 .section ".header", "a" 276 .globl sentinel 277sentinel: .byte 0xff, 0xff /* Used to detect broken loaders */ 278 279 .globl hdr 280hdr: 281setup_sects: .byte 0 /* Filled in by build.c */ 282root_flags: .word ROOT_RDONLY 283syssize: .long 0 /* Filled in by build.c */ 284ram_size: .word 0 /* Obsolete */ 285vid_mode: .word SVGA_MODE 286root_dev: .word 0 /* Filled in by build.c */ 287boot_flag: .word 0xAA55 288 289 # offset 512, entry point 290 291 .globl _start 292_start: 293 # Explicitly enter this as bytes, or the assembler 294 # tries to generate a 3-byte jump here, which causes 295 # everything else to push off to the wrong offset. 296 .byte 0xeb # short (2-byte) jump 297 .byte start_of_setup-1f 2981: 299 300 # Part 2 of the header, from the old setup.S 301 302 .ascii "HdrS" # header signature 303 .word 0x020f # header version number (>= 0x0105) 304 # or else old loadlin-1.5 will fail) 305 .globl realmode_swtch 306realmode_swtch: .word 0, 0 # default_switch, SETUPSEG 307start_sys_seg: .word SYSSEG # obsolete and meaningless, but just 308 # in case something decided to "use" it 309 .word kernel_version-512 # pointing to kernel version string 310 # above section of header is compatible 311 # with loadlin-1.5 (header v1.5). Don't 312 # change it. 313 314type_of_loader: .byte 0 # 0 means ancient bootloader, newer 315 # bootloaders know to change this. 316 # See Documentation/x86/boot.rst for 317 # assigned ids 318 319# flags, unused bits must be zero (RFU) bit within loadflags 320loadflags: 321 .byte LOADED_HIGH # The kernel is to be loaded high 322 323setup_move_size: .word 0x8000 # size to move, when setup is not 324 # loaded at 0x90000. We will move setup 325 # to 0x90000 then just before jumping 326 # into the kernel. However, only the 327 # loader knows how much data behind 328 # us also needs to be loaded. 329 330code32_start: # here loaders can put a different 331 # start address for 32-bit code. 332 .long 0x100000 # 0x100000 = default for big kernel 333 334ramdisk_image: .long 0 # address of loaded ramdisk image 335 # Here the loader puts the 32-bit 336 # address where it loaded the image. 337 # This only will be read by the kernel. 338 339ramdisk_size: .long 0 # its size in bytes 340 341bootsect_kludge: 342 .long 0 # obsolete 343 344heap_end_ptr: .word _end+STACK_SIZE-512 345 # (Header version 0x0201 or later) 346 # space from here (exclusive) down to 347 # end of setup code can be used by setup 348 # for local heap purposes. 349 350ext_loader_ver: 351 .byte 0 # Extended boot loader version 352ext_loader_type: 353 .byte 0 # Extended boot loader type 354 355cmd_line_ptr: .long 0 # (Header version 0x0202 or later) 356 # If nonzero, a 32-bit pointer 357 # to the kernel command line. 358 # The command line should be 359 # located between the start of 360 # setup and the end of low 361 # memory (0xa0000), or it may 362 # get overwritten before it 363 # gets read. If this field is 364 # used, there is no longer 365 # anything magical about the 366 # 0x90000 segment; the setup 367 # can be located anywhere in 368 # low memory 0x10000 or higher. 369 370initrd_addr_max: .long 0x7fffffff 371 # (Header version 0x0203 or later) 372 # The highest safe address for 373 # the contents of an initrd 374 # The current kernel allows up to 4 GB, 375 # but leave it at 2 GB to avoid 376 # possible bootloader bugs. 377 378kernel_alignment: .long CONFIG_PHYSICAL_ALIGN #physical addr alignment 379 #required for protected mode 380 #kernel 381#ifdef CONFIG_RELOCATABLE 382relocatable_kernel: .byte 1 383#else 384relocatable_kernel: .byte 0 385#endif 386min_alignment: .byte MIN_KERNEL_ALIGN_LG2 # minimum alignment 387 388xloadflags: 389#ifdef CONFIG_X86_64 390# define XLF0 XLF_KERNEL_64 /* 64-bit kernel */ 391#else 392# define XLF0 0 393#endif 394 395#if defined(CONFIG_RELOCATABLE) && defined(CONFIG_X86_64) 396 /* kernel/boot_param/ramdisk could be loaded above 4g */ 397# define XLF1 XLF_CAN_BE_LOADED_ABOVE_4G 398#else 399# define XLF1 0 400#endif 401 402#ifdef CONFIG_EFI_STUB 403# ifdef CONFIG_EFI_MIXED 404# define XLF23 (XLF_EFI_HANDOVER_32|XLF_EFI_HANDOVER_64) 405# else 406# ifdef CONFIG_X86_64 407# define XLF23 XLF_EFI_HANDOVER_64 /* 64-bit EFI handover ok */ 408# else 409# define XLF23 XLF_EFI_HANDOVER_32 /* 32-bit EFI handover ok */ 410# endif 411# endif 412#else 413# define XLF23 0 414#endif 415 416#if defined(CONFIG_X86_64) && defined(CONFIG_EFI) && defined(CONFIG_KEXEC_CORE) 417# define XLF4 XLF_EFI_KEXEC 418#else 419# define XLF4 0 420#endif 421 422#ifdef CONFIG_X86_64 423#ifdef CONFIG_X86_5LEVEL 424#define XLF56 (XLF_5LEVEL|XLF_5LEVEL_ENABLED) 425#else 426#define XLF56 XLF_5LEVEL 427#endif 428#else 429#define XLF56 0 430#endif 431 432 .word XLF0 | XLF1 | XLF23 | XLF4 | XLF56 433 434cmdline_size: .long COMMAND_LINE_SIZE-1 #length of the command line, 435 #added with boot protocol 436 #version 2.06 437 438hardware_subarch: .long 0 # subarchitecture, added with 2.07 439 # default to 0 for normal x86 PC 440 441hardware_subarch_data: .quad 0 442 443payload_offset: .long ZO_input_data 444payload_length: .long ZO_z_input_len 445 446setup_data: .quad 0 # 64-bit physical pointer to 447 # single linked list of 448 # struct setup_data 449 450pref_address: .quad LOAD_PHYSICAL_ADDR # preferred load addr 451 452# 453# Getting to provably safe in-place decompression is hard. Worst case 454# behaviours need to be analyzed. Here let's take the decompression of 455# a gzip-compressed kernel as example, to illustrate it: 456# 457# The file layout of gzip compressed kernel is: 458# 459# magic[2] 460# method[1] 461# flags[1] 462# timestamp[4] 463# extraflags[1] 464# os[1] 465# compressed data blocks[N] 466# crc[4] orig_len[4] 467# 468# ... resulting in +18 bytes overhead of uncompressed data. 469# 470# (For more information, please refer to RFC 1951 and RFC 1952.) 471# 472# Files divided into blocks 473# 1 bit (last block flag) 474# 2 bits (block type) 475# 476# 1 block occurs every 32K -1 bytes or when there 50% compression 477# has been achieved. The smallest block type encoding is always used. 478# 479# stored: 480# 32 bits length in bytes. 481# 482# fixed: 483# magic fixed tree. 484# symbols. 485# 486# dynamic: 487# dynamic tree encoding. 488# symbols. 489# 490# 491# The buffer for decompression in place is the length of the uncompressed 492# data, plus a small amount extra to keep the algorithm safe. The 493# compressed data is placed at the end of the buffer. The output pointer 494# is placed at the start of the buffer and the input pointer is placed 495# where the compressed data starts. Problems will occur when the output 496# pointer overruns the input pointer. 497# 498# The output pointer can only overrun the input pointer if the input 499# pointer is moving faster than the output pointer. A condition only 500# triggered by data whose compressed form is larger than the uncompressed 501# form. 502# 503# The worst case at the block level is a growth of the compressed data 504# of 5 bytes per 32767 bytes. 505# 506# The worst case internal to a compressed block is very hard to figure. 507# The worst case can at least be bounded by having one bit that represents 508# 32764 bytes and then all of the rest of the bytes representing the very 509# very last byte. 510# 511# All of which is enough to compute an amount of extra data that is required 512# to be safe. To avoid problems at the block level allocating 5 extra bytes 513# per 32767 bytes of data is sufficient. To avoid problems internal to a 514# block adding an extra 32767 bytes (the worst case uncompressed block size) 515# is sufficient, to ensure that in the worst case the decompressed data for 516# block will stop the byte before the compressed data for a block begins. 517# To avoid problems with the compressed data's meta information an extra 18 518# bytes are needed. Leading to the formula: 519# 520# extra_bytes = (uncompressed_size >> 12) + 32768 + 18 521# 522# Adding 8 bytes per 32K is a bit excessive but much easier to calculate. 523# Adding 32768 instead of 32767 just makes for round numbers. 524# 525# Above analysis is for decompressing gzip compressed kernel only. Up to 526# now 6 different decompressor are supported all together. And among them 527# xz stores data in chunks and has maximum chunk of 64K. Hence safety 528# margin should be updated to cover all decompressors so that we don't 529# need to deal with each of them separately. Please check 530# the description in lib/decompressor_xxx.c for specific information. 531# 532# extra_bytes = (uncompressed_size >> 12) + 65536 + 128 533# 534# LZ4 is even worse: data that cannot be further compressed grows by 0.4%, 535# or one byte per 256 bytes. OTOH, we can safely get rid of the +128 as 536# the size-dependent part now grows so fast. 537# 538# extra_bytes = (uncompressed_size >> 8) + 65536 539 540#define ZO_z_extra_bytes ((ZO_z_output_len >> 8) + 65536) 541#if ZO_z_output_len > ZO_z_input_len 542# define ZO_z_extract_offset (ZO_z_output_len + ZO_z_extra_bytes - \ 543 ZO_z_input_len) 544#else 545# define ZO_z_extract_offset ZO_z_extra_bytes 546#endif 547 548/* 549 * The extract_offset has to be bigger than ZO head section. Otherwise when 550 * the head code is running to move ZO to the end of the buffer, it will 551 * overwrite the head code itself. 552 */ 553#if (ZO__ehead - ZO_startup_32) > ZO_z_extract_offset 554# define ZO_z_min_extract_offset ((ZO__ehead - ZO_startup_32 + 4095) & ~4095) 555#else 556# define ZO_z_min_extract_offset ((ZO_z_extract_offset + 4095) & ~4095) 557#endif 558 559#define ZO_INIT_SIZE (ZO__end - ZO_startup_32 + ZO_z_min_extract_offset) 560 561#define VO_INIT_SIZE (VO__end - VO__text) 562#if ZO_INIT_SIZE > VO_INIT_SIZE 563# define INIT_SIZE ZO_INIT_SIZE 564#else 565# define INIT_SIZE VO_INIT_SIZE 566#endif 567 568init_size: .long INIT_SIZE # kernel initialization size 569handover_offset: .long 0 # Filled in by build.c 570kernel_info_offset: .long 0 # Filled in by build.c 571 572# End of setup header ##################################################### 573 574 .section ".entrytext", "ax" 575start_of_setup: 576# Force %es = %ds 577 movw %ds, %ax 578 movw %ax, %es 579 cld 580 581# Apparently some ancient versions of LILO invoked the kernel with %ss != %ds, 582# which happened to work by accident for the old code. Recalculate the stack 583# pointer if %ss is invalid. Otherwise leave it alone, LOADLIN sets up the 584# stack behind its own code, so we can't blindly put it directly past the heap. 585 586 movw %ss, %dx 587 cmpw %ax, %dx # %ds == %ss? 588 movw %sp, %dx 589 je 2f # -> assume %sp is reasonably set 590 591 # Invalid %ss, make up a new stack 592 movw $_end, %dx 593 testb $CAN_USE_HEAP, loadflags 594 jz 1f 595 movw heap_end_ptr, %dx 5961: addw $STACK_SIZE, %dx 597 jnc 2f 598 xorw %dx, %dx # Prevent wraparound 599 6002: # Now %dx should point to the end of our stack space 601 andw $~3, %dx # dword align (might as well...) 602 jnz 3f 603 movw $0xfffc, %dx # Make sure we're not zero 6043: movw %ax, %ss 605 movzwl %dx, %esp # Clear upper half of %esp 606 sti # Now we should have a working stack 607 608# We will have entered with %cs = %ds+0x20, normalize %cs so 609# it is on par with the other segments. 610 pushw %ds 611 pushw $6f 612 lretw 6136: 614 615# Check signature at end of setup 616 cmpl $0x5a5aaa55, setup_sig 617 jne setup_bad 618 619# Zero the bss 620 movw $__bss_start, %di 621 movw $_end+3, %cx 622 xorl %eax, %eax 623 subw %di, %cx 624 shrw $2, %cx 625 rep; stosl 626 627# Jump to C code (should not return) 628 calll main 629 630# Setup corrupt somehow... 631setup_bad: 632 movl $setup_corrupt, %eax 633 calll puts 634 # Fall through... 635 636 .globl die 637 .type die, @function 638die: 639 hlt 640 jmp die 641 642 .size die, .-die 643 644 .section ".initdata", "a" 645setup_corrupt: 646 .byte 7 647 .string "No setup signature found...\n" 648