Loading...
1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * header.S
4 *
5 * Copyright (C) 1991, 1992 Linus Torvalds
6 *
7 * Based on bootsect.S and setup.S
8 * modified by more people than can be counted
9 *
10 * Rewritten as a common file by H. Peter Anvin (Apr 2007)
11 *
12 * BIG FAT NOTE: We're in real mode using 64k segments. Therefore segment
13 * addresses must be multiplied by 16 to obtain their respective linear
14 * addresses. To avoid confusion, linear addresses are written using leading
15 * hex while segment addresses are written as segment:offset.
16 *
17 */
18#include <linux/pe.h>
19#include <asm/segment.h>
20#include <asm/boot.h>
21#include <asm/page_types.h>
22#include <asm/setup.h>
23#include <asm/bootparam.h>
24#include "boot.h"
25#include "voffset.h"
26#include "zoffset.h"
27
28BOOTSEG = 0x07C0 /* original address of boot-sector */
29SYSSEG = 0x1000 /* historical load address >> 4 */
30
31#ifndef SVGA_MODE
32#define SVGA_MODE ASK_VGA
33#endif
34
35#ifndef ROOT_RDONLY
36#define ROOT_RDONLY 1
37#endif
38
39 .code16
40 .section ".bstext", "ax"
41
42 .global bootsect_start
43bootsect_start:
44#ifdef CONFIG_EFI_STUB
45 # "MZ", MS-DOS header
46 .word MZ_MAGIC
47#endif
48
49 # Normalize the start address
50 ljmp $BOOTSEG, $start2
51
52start2:
53 movw %cs, %ax
54 movw %ax, %ds
55 movw %ax, %es
56 movw %ax, %ss
57 xorw %sp, %sp
58 sti
59 cld
60
61 movw $bugger_off_msg, %si
62
63msg_loop:
64 lodsb
65 andb %al, %al
66 jz bs_die
67 movb $0xe, %ah
68 movw $7, %bx
69 int $0x10
70 jmp msg_loop
71
72bs_die:
73 # Allow the user to press a key, then reboot
74 xorw %ax, %ax
75 int $0x16
76 int $0x19
77
78 # int 0x19 should never return. In case it does anyway,
79 # invoke the BIOS reset code...
80 ljmp $0xf000,$0xfff0
81
82#ifdef CONFIG_EFI_STUB
83 .org 0x38
84 #
85 # Offset to the PE header.
86 #
87 .long LINUX_PE_MAGIC
88 .long pe_header
89#endif /* CONFIG_EFI_STUB */
90
91 .section ".bsdata", "a"
92bugger_off_msg:
93 .ascii "Use a boot loader.\r\n"
94 .ascii "\n"
95 .ascii "Remove disk and press any key to reboot...\r\n"
96 .byte 0
97
98#ifdef CONFIG_EFI_STUB
99pe_header:
100 .long PE_MAGIC
101
102coff_header:
103#ifdef CONFIG_X86_32
104 .set image_file_add_flags, IMAGE_FILE_32BIT_MACHINE
105 .set pe_opt_magic, PE_OPT_MAGIC_PE32
106 .word IMAGE_FILE_MACHINE_I386
107#else
108 .set image_file_add_flags, 0
109 .set pe_opt_magic, PE_OPT_MAGIC_PE32PLUS
110 .word IMAGE_FILE_MACHINE_AMD64
111#endif
112 .word section_count # nr_sections
113 .long 0 # TimeDateStamp
114 .long 0 # PointerToSymbolTable
115 .long 1 # NumberOfSymbols
116 .word section_table - optional_header # SizeOfOptionalHeader
117 .word IMAGE_FILE_EXECUTABLE_IMAGE | \
118 image_file_add_flags | \
119 IMAGE_FILE_DEBUG_STRIPPED | \
120 IMAGE_FILE_LINE_NUMS_STRIPPED # Characteristics
121
122optional_header:
123 .word pe_opt_magic
124 .byte 0x02 # MajorLinkerVersion
125 .byte 0x14 # MinorLinkerVersion
126
127 # Filled in by build.c
128 .long 0 # SizeOfCode
129
130 .long 0 # SizeOfInitializedData
131 .long 0 # SizeOfUninitializedData
132
133 # Filled in by build.c
134 .long 0x0000 # AddressOfEntryPoint
135
136 .long 0x0200 # BaseOfCode
137#ifdef CONFIG_X86_32
138 .long 0 # data
139#endif
140
141extra_header_fields:
142 # PE specification requires ImageBase to be 64k aligned
143 .set image_base, (LOAD_PHYSICAL_ADDR + 0xffff) & ~0xffff
144#ifdef CONFIG_X86_32
145 .long image_base # ImageBase
146#else
147 .quad image_base # ImageBase
148#endif
149 .long 0x20 # SectionAlignment
150 .long 0x20 # FileAlignment
151 .word 0 # MajorOperatingSystemVersion
152 .word 0 # MinorOperatingSystemVersion
153 .word LINUX_EFISTUB_MAJOR_VERSION # MajorImageVersion
154 .word LINUX_EFISTUB_MINOR_VERSION # MinorImageVersion
155 .word 0 # MajorSubsystemVersion
156 .word 0 # MinorSubsystemVersion
157 .long 0 # Win32VersionValue
158
159 #
160 # The size of the bzImage is written in tools/build.c
161 #
162 .long 0 # SizeOfImage
163
164 .long 0x200 # SizeOfHeaders
165 .long 0 # CheckSum
166 .word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application)
167#ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES
168 .word IMAGE_DLL_CHARACTERISTICS_NX_COMPAT # DllCharacteristics
169#else
170 .word 0 # DllCharacteristics
171#endif
172#ifdef CONFIG_X86_32
173 .long 0 # SizeOfStackReserve
174 .long 0 # SizeOfStackCommit
175 .long 0 # SizeOfHeapReserve
176 .long 0 # SizeOfHeapCommit
177#else
178 .quad 0 # SizeOfStackReserve
179 .quad 0 # SizeOfStackCommit
180 .quad 0 # SizeOfHeapReserve
181 .quad 0 # SizeOfHeapCommit
182#endif
183 .long 0 # LoaderFlags
184 .long (section_table - .) / 8 # NumberOfRvaAndSizes
185
186 .quad 0 # ExportTable
187 .quad 0 # ImportTable
188 .quad 0 # ResourceTable
189 .quad 0 # ExceptionTable
190 .quad 0 # CertificationTable
191 .quad 0 # BaseRelocationTable
192
193 # Section table
194section_table:
195 #
196 # The offset & size fields are filled in by build.c.
197 #
198 .ascii ".setup"
199 .byte 0
200 .byte 0
201 .long 0
202 .long 0x0 # startup_{32,64}
203 .long 0 # Size of initialized data
204 # on disk
205 .long 0x0 # startup_{32,64}
206 .long 0 # PointerToRelocations
207 .long 0 # PointerToLineNumbers
208 .word 0 # NumberOfRelocations
209 .word 0 # NumberOfLineNumbers
210 .long IMAGE_SCN_CNT_CODE | \
211 IMAGE_SCN_MEM_READ | \
212 IMAGE_SCN_MEM_EXECUTE | \
213 IMAGE_SCN_ALIGN_16BYTES # Characteristics
214
215 #
216 # The EFI application loader requires a relocation section
217 # because EFI applications must be relocatable. The .reloc
218 # offset & size fields are filled in by build.c.
219 #
220 .ascii ".reloc"
221 .byte 0
222 .byte 0
223 .long 0
224 .long 0
225 .long 0 # SizeOfRawData
226 .long 0 # PointerToRawData
227 .long 0 # PointerToRelocations
228 .long 0 # PointerToLineNumbers
229 .word 0 # NumberOfRelocations
230 .word 0 # NumberOfLineNumbers
231 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
232 IMAGE_SCN_MEM_READ | \
233 IMAGE_SCN_MEM_DISCARDABLE | \
234 IMAGE_SCN_ALIGN_1BYTES # Characteristics
235
236#ifdef CONFIG_EFI_MIXED
237 #
238 # The offset & size fields are filled in by build.c.
239 #
240 .asciz ".compat"
241 .long 0
242 .long 0x0
243 .long 0 # Size of initialized data
244 # on disk
245 .long 0x0
246 .long 0 # PointerToRelocations
247 .long 0 # PointerToLineNumbers
248 .word 0 # NumberOfRelocations
249 .word 0 # NumberOfLineNumbers
250 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
251 IMAGE_SCN_MEM_READ | \
252 IMAGE_SCN_MEM_DISCARDABLE | \
253 IMAGE_SCN_ALIGN_1BYTES # Characteristics
254#endif
255
256 #
257 # The offset & size fields are filled in by build.c.
258 #
259 .ascii ".text"
260 .byte 0
261 .byte 0
262 .byte 0
263 .long 0
264 .long 0x0 # startup_{32,64}
265 .long 0 # Size of initialized data
266 # on disk
267 .long 0x0 # startup_{32,64}
268 .long 0 # PointerToRelocations
269 .long 0 # PointerToLineNumbers
270 .word 0 # NumberOfRelocations
271 .word 0 # NumberOfLineNumbers
272 .long IMAGE_SCN_CNT_CODE | \
273 IMAGE_SCN_MEM_READ | \
274 IMAGE_SCN_MEM_EXECUTE | \
275 IMAGE_SCN_ALIGN_16BYTES # Characteristics
276
277 .set section_count, (. - section_table) / 40
278#endif /* CONFIG_EFI_STUB */
279
280 # Kernel attributes; used by setup. This is part 1 of the
281 # header, from the old boot sector.
282
283 .section ".header", "a"
284 .globl sentinel
285sentinel: .byte 0xff, 0xff /* Used to detect broken loaders */
286
287 .globl hdr
288hdr:
289setup_sects: .byte 0 /* Filled in by build.c */
290root_flags: .word ROOT_RDONLY
291syssize: .long 0 /* Filled in by build.c */
292ram_size: .word 0 /* Obsolete */
293vid_mode: .word SVGA_MODE
294root_dev: .word 0 /* Filled in by build.c */
295boot_flag: .word 0xAA55
296
297 # offset 512, entry point
298
299 .globl _start
300_start:
301 # Explicitly enter this as bytes, or the assembler
302 # tries to generate a 3-byte jump here, which causes
303 # everything else to push off to the wrong offset.
304 .byte 0xeb # short (2-byte) jump
305 .byte start_of_setup-1f
3061:
307
308 # Part 2 of the header, from the old setup.S
309
310 .ascii "HdrS" # header signature
311 .word 0x020f # header version number (>= 0x0105)
312 # or else old loadlin-1.5 will fail)
313 .globl realmode_swtch
314realmode_swtch: .word 0, 0 # default_switch, SETUPSEG
315start_sys_seg: .word SYSSEG # obsolete and meaningless, but just
316 # in case something decided to "use" it
317 .word kernel_version-512 # pointing to kernel version string
318 # above section of header is compatible
319 # with loadlin-1.5 (header v1.5). Don't
320 # change it.
321
322type_of_loader: .byte 0 # 0 means ancient bootloader, newer
323 # bootloaders know to change this.
324 # See Documentation/x86/boot.rst for
325 # assigned ids
326
327# flags, unused bits must be zero (RFU) bit within loadflags
328loadflags:
329 .byte LOADED_HIGH # The kernel is to be loaded high
330
331setup_move_size: .word 0x8000 # size to move, when setup is not
332 # loaded at 0x90000. We will move setup
333 # to 0x90000 then just before jumping
334 # into the kernel. However, only the
335 # loader knows how much data behind
336 # us also needs to be loaded.
337
338code32_start: # here loaders can put a different
339 # start address for 32-bit code.
340 .long 0x100000 # 0x100000 = default for big kernel
341
342ramdisk_image: .long 0 # address of loaded ramdisk image
343 # Here the loader puts the 32-bit
344 # address where it loaded the image.
345 # This only will be read by the kernel.
346
347ramdisk_size: .long 0 # its size in bytes
348
349bootsect_kludge:
350 .long 0 # obsolete
351
352heap_end_ptr: .word _end+STACK_SIZE-512
353 # (Header version 0x0201 or later)
354 # space from here (exclusive) down to
355 # end of setup code can be used by setup
356 # for local heap purposes.
357
358ext_loader_ver:
359 .byte 0 # Extended boot loader version
360ext_loader_type:
361 .byte 0 # Extended boot loader type
362
363cmd_line_ptr: .long 0 # (Header version 0x0202 or later)
364 # If nonzero, a 32-bit pointer
365 # to the kernel command line.
366 # The command line should be
367 # located between the start of
368 # setup and the end of low
369 # memory (0xa0000), or it may
370 # get overwritten before it
371 # gets read. If this field is
372 # used, there is no longer
373 # anything magical about the
374 # 0x90000 segment; the setup
375 # can be located anywhere in
376 # low memory 0x10000 or higher.
377
378initrd_addr_max: .long 0x7fffffff
379 # (Header version 0x0203 or later)
380 # The highest safe address for
381 # the contents of an initrd
382 # The current kernel allows up to 4 GB,
383 # but leave it at 2 GB to avoid
384 # possible bootloader bugs.
385
386kernel_alignment: .long CONFIG_PHYSICAL_ALIGN #physical addr alignment
387 #required for protected mode
388 #kernel
389#ifdef CONFIG_RELOCATABLE
390relocatable_kernel: .byte 1
391#else
392relocatable_kernel: .byte 0
393#endif
394min_alignment: .byte MIN_KERNEL_ALIGN_LG2 # minimum alignment
395
396xloadflags:
397#ifdef CONFIG_X86_64
398# define XLF0 XLF_KERNEL_64 /* 64-bit kernel */
399#else
400# define XLF0 0
401#endif
402
403#if defined(CONFIG_RELOCATABLE) && defined(CONFIG_X86_64)
404 /* kernel/boot_param/ramdisk could be loaded above 4g */
405# define XLF1 XLF_CAN_BE_LOADED_ABOVE_4G
406#else
407# define XLF1 0
408#endif
409
410#ifdef CONFIG_EFI_HANDOVER_PROTOCOL
411# ifdef CONFIG_EFI_MIXED
412# define XLF23 (XLF_EFI_HANDOVER_32|XLF_EFI_HANDOVER_64)
413# else
414# ifdef CONFIG_X86_64
415# define XLF23 XLF_EFI_HANDOVER_64 /* 64-bit EFI handover ok */
416# else
417# define XLF23 XLF_EFI_HANDOVER_32 /* 32-bit EFI handover ok */
418# endif
419# endif
420#else
421# define XLF23 0
422#endif
423
424#if defined(CONFIG_X86_64) && defined(CONFIG_EFI) && defined(CONFIG_KEXEC_CORE)
425# define XLF4 XLF_EFI_KEXEC
426#else
427# define XLF4 0
428#endif
429
430#ifdef CONFIG_X86_64
431#ifdef CONFIG_X86_5LEVEL
432#define XLF56 (XLF_5LEVEL|XLF_5LEVEL_ENABLED)
433#else
434#define XLF56 XLF_5LEVEL
435#endif
436#else
437#define XLF56 0
438#endif
439
440 .word XLF0 | XLF1 | XLF23 | XLF4 | XLF56
441
442cmdline_size: .long COMMAND_LINE_SIZE-1 #length of the command line,
443 #added with boot protocol
444 #version 2.06
445
446hardware_subarch: .long 0 # subarchitecture, added with 2.07
447 # default to 0 for normal x86 PC
448
449hardware_subarch_data: .quad 0
450
451payload_offset: .long ZO_input_data
452payload_length: .long ZO_z_input_len
453
454setup_data: .quad 0 # 64-bit physical pointer to
455 # single linked list of
456 # struct setup_data
457
458pref_address: .quad LOAD_PHYSICAL_ADDR # preferred load addr
459
460#
461# Getting to provably safe in-place decompression is hard. Worst case
462# behaviours need to be analyzed. Here let's take the decompression of
463# a gzip-compressed kernel as example, to illustrate it:
464#
465# The file layout of gzip compressed kernel is:
466#
467# magic[2]
468# method[1]
469# flags[1]
470# timestamp[4]
471# extraflags[1]
472# os[1]
473# compressed data blocks[N]
474# crc[4] orig_len[4]
475#
476# ... resulting in +18 bytes overhead of uncompressed data.
477#
478# (For more information, please refer to RFC 1951 and RFC 1952.)
479#
480# Files divided into blocks
481# 1 bit (last block flag)
482# 2 bits (block type)
483#
484# 1 block occurs every 32K -1 bytes or when there 50% compression
485# has been achieved. The smallest block type encoding is always used.
486#
487# stored:
488# 32 bits length in bytes.
489#
490# fixed:
491# magic fixed tree.
492# symbols.
493#
494# dynamic:
495# dynamic tree encoding.
496# symbols.
497#
498#
499# The buffer for decompression in place is the length of the uncompressed
500# data, plus a small amount extra to keep the algorithm safe. The
501# compressed data is placed at the end of the buffer. The output pointer
502# is placed at the start of the buffer and the input pointer is placed
503# where the compressed data starts. Problems will occur when the output
504# pointer overruns the input pointer.
505#
506# The output pointer can only overrun the input pointer if the input
507# pointer is moving faster than the output pointer. A condition only
508# triggered by data whose compressed form is larger than the uncompressed
509# form.
510#
511# The worst case at the block level is a growth of the compressed data
512# of 5 bytes per 32767 bytes.
513#
514# The worst case internal to a compressed block is very hard to figure.
515# The worst case can at least be bounded by having one bit that represents
516# 32764 bytes and then all of the rest of the bytes representing the very
517# very last byte.
518#
519# All of which is enough to compute an amount of extra data that is required
520# to be safe. To avoid problems at the block level allocating 5 extra bytes
521# per 32767 bytes of data is sufficient. To avoid problems internal to a
522# block adding an extra 32767 bytes (the worst case uncompressed block size)
523# is sufficient, to ensure that in the worst case the decompressed data for
524# block will stop the byte before the compressed data for a block begins.
525# To avoid problems with the compressed data's meta information an extra 18
526# bytes are needed. Leading to the formula:
527#
528# extra_bytes = (uncompressed_size >> 12) + 32768 + 18
529#
530# Adding 8 bytes per 32K is a bit excessive but much easier to calculate.
531# Adding 32768 instead of 32767 just makes for round numbers.
532#
533# Above analysis is for decompressing gzip compressed kernel only. Up to
534# now 6 different decompressor are supported all together. And among them
535# xz stores data in chunks and has maximum chunk of 64K. Hence safety
536# margin should be updated to cover all decompressors so that we don't
537# need to deal with each of them separately. Please check
538# the description in lib/decompressor_xxx.c for specific information.
539#
540# extra_bytes = (uncompressed_size >> 12) + 65536 + 128
541#
542# LZ4 is even worse: data that cannot be further compressed grows by 0.4%,
543# or one byte per 256 bytes. OTOH, we can safely get rid of the +128 as
544# the size-dependent part now grows so fast.
545#
546# extra_bytes = (uncompressed_size >> 8) + 65536
547#
548# ZSTD compressed data grows by at most 3 bytes per 128K, and only has a 22
549# byte fixed overhead but has a maximum block size of 128K, so it needs a
550# larger margin.
551#
552# extra_bytes = (uncompressed_size >> 8) + 131072
553
554#define ZO_z_extra_bytes ((ZO_z_output_len >> 8) + 131072)
555#if ZO_z_output_len > ZO_z_input_len
556# define ZO_z_extract_offset (ZO_z_output_len + ZO_z_extra_bytes - \
557 ZO_z_input_len)
558#else
559# define ZO_z_extract_offset ZO_z_extra_bytes
560#endif
561
562/*
563 * The extract_offset has to be bigger than ZO head section. Otherwise when
564 * the head code is running to move ZO to the end of the buffer, it will
565 * overwrite the head code itself.
566 */
567#if (ZO__ehead - ZO_startup_32) > ZO_z_extract_offset
568# define ZO_z_min_extract_offset ((ZO__ehead - ZO_startup_32 + 4095) & ~4095)
569#else
570# define ZO_z_min_extract_offset ((ZO_z_extract_offset + 4095) & ~4095)
571#endif
572
573#define ZO_INIT_SIZE (ZO__end - ZO_startup_32 + ZO_z_min_extract_offset)
574
575#define VO_INIT_SIZE (VO__end - VO__text)
576#if ZO_INIT_SIZE > VO_INIT_SIZE
577# define INIT_SIZE ZO_INIT_SIZE
578#else
579# define INIT_SIZE VO_INIT_SIZE
580#endif
581
582init_size: .long INIT_SIZE # kernel initialization size
583handover_offset: .long 0 # Filled in by build.c
584kernel_info_offset: .long 0 # Filled in by build.c
585
586# End of setup header #####################################################
587
588 .section ".entrytext", "ax"
589start_of_setup:
590# Force %es = %ds
591 movw %ds, %ax
592 movw %ax, %es
593 cld
594
595# Apparently some ancient versions of LILO invoked the kernel with %ss != %ds,
596# which happened to work by accident for the old code. Recalculate the stack
597# pointer if %ss is invalid. Otherwise leave it alone, LOADLIN sets up the
598# stack behind its own code, so we can't blindly put it directly past the heap.
599
600 movw %ss, %dx
601 cmpw %ax, %dx # %ds == %ss?
602 movw %sp, %dx
603 je 2f # -> assume %sp is reasonably set
604
605 # Invalid %ss, make up a new stack
606 movw $_end, %dx
607 testb $CAN_USE_HEAP, loadflags
608 jz 1f
609 movw heap_end_ptr, %dx
6101: addw $STACK_SIZE, %dx
611 jnc 2f
612 xorw %dx, %dx # Prevent wraparound
613
6142: # Now %dx should point to the end of our stack space
615 andw $~3, %dx # dword align (might as well...)
616 jnz 3f
617 movw $0xfffc, %dx # Make sure we're not zero
6183: movw %ax, %ss
619 movzwl %dx, %esp # Clear upper half of %esp
620 sti # Now we should have a working stack
621
622# We will have entered with %cs = %ds+0x20, normalize %cs so
623# it is on par with the other segments.
624 pushw %ds
625 pushw $6f
626 lretw
6276:
628
629# Check signature at end of setup
630 cmpl $0x5a5aaa55, setup_sig
631 jne setup_bad
632
633# Zero the bss
634 movw $__bss_start, %di
635 movw $_end+3, %cx
636 xorl %eax, %eax
637 subw %di, %cx
638 shrw $2, %cx
639 rep; stosl
640
641# Jump to C code (should not return)
642 calll main
643
644# Setup corrupt somehow...
645setup_bad:
646 movl $setup_corrupt, %eax
647 calll puts
648 # Fall through...
649
650 .globl die
651 .type die, @function
652die:
653 hlt
654 jmp die
655
656 .size die, .-die
657
658 .section ".initdata", "a"
659setup_corrupt:
660 .byte 7
661 .string "No setup signature found...\n"
1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * header.S
4 *
5 * Copyright (C) 1991, 1992 Linus Torvalds
6 *
7 * Based on bootsect.S and setup.S
8 * modified by more people than can be counted
9 *
10 * Rewritten as a common file by H. Peter Anvin (Apr 2007)
11 *
12 * BIG FAT NOTE: We're in real mode using 64k segments. Therefore segment
13 * addresses must be multiplied by 16 to obtain their respective linear
14 * addresses. To avoid confusion, linear addresses are written using leading
15 * hex while segment addresses are written as segment:offset.
16 *
17 */
18#include <linux/pe.h>
19#include <asm/segment.h>
20#include <asm/boot.h>
21#include <asm/page_types.h>
22#include <asm/setup.h>
23#include <asm/bootparam.h>
24#include "boot.h"
25#include "voffset.h"
26#include "zoffset.h"
27
28BOOTSEG = 0x07C0 /* original address of boot-sector */
29SYSSEG = 0x1000 /* historical load address >> 4 */
30
31#ifndef SVGA_MODE
32#define SVGA_MODE ASK_VGA
33#endif
34
35#ifndef ROOT_RDONLY
36#define ROOT_RDONLY 1
37#endif
38
39 .set salign, 0x1000
40 .set falign, 0x200
41
42 .code16
43 .section ".bstext", "ax"
44#ifdef CONFIG_EFI_STUB
45 # "MZ", MS-DOS header
46 .word MZ_MAGIC
47 .org 0x38
48 #
49 # Offset to the PE header.
50 #
51 .long LINUX_PE_MAGIC
52 .long pe_header
53pe_header:
54 .long PE_MAGIC
55
56coff_header:
57#ifdef CONFIG_X86_32
58 .set image_file_add_flags, IMAGE_FILE_32BIT_MACHINE
59 .set pe_opt_magic, PE_OPT_MAGIC_PE32
60 .word IMAGE_FILE_MACHINE_I386
61#else
62 .set image_file_add_flags, 0
63 .set pe_opt_magic, PE_OPT_MAGIC_PE32PLUS
64 .word IMAGE_FILE_MACHINE_AMD64
65#endif
66 .word section_count # nr_sections
67 .long 0 # TimeDateStamp
68 .long 0 # PointerToSymbolTable
69 .long 1 # NumberOfSymbols
70 .word section_table - optional_header # SizeOfOptionalHeader
71 .word IMAGE_FILE_EXECUTABLE_IMAGE | \
72 image_file_add_flags | \
73 IMAGE_FILE_DEBUG_STRIPPED | \
74 IMAGE_FILE_LINE_NUMS_STRIPPED # Characteristics
75
76optional_header:
77 .word pe_opt_magic
78 .byte 0x02 # MajorLinkerVersion
79 .byte 0x14 # MinorLinkerVersion
80
81 .long ZO__data # SizeOfCode
82
83 .long ZO__end - ZO__data # SizeOfInitializedData
84 .long 0 # SizeOfUninitializedData
85
86 .long setup_size + ZO_efi_pe_entry # AddressOfEntryPoint
87
88 .long setup_size # BaseOfCode
89#ifdef CONFIG_X86_32
90 .long 0 # data
91#endif
92
93extra_header_fields:
94#ifdef CONFIG_X86_32
95 .long 0 # ImageBase
96#else
97 .quad 0 # ImageBase
98#endif
99 .long salign # SectionAlignment
100 .long falign # FileAlignment
101 .word 0 # MajorOperatingSystemVersion
102 .word 0 # MinorOperatingSystemVersion
103 .word LINUX_EFISTUB_MAJOR_VERSION # MajorImageVersion
104 .word LINUX_EFISTUB_MINOR_VERSION # MinorImageVersion
105 .word 0 # MajorSubsystemVersion
106 .word 0 # MinorSubsystemVersion
107 .long 0 # Win32VersionValue
108
109 .long setup_size + ZO__end # SizeOfImage
110
111 .long salign # SizeOfHeaders
112 .long 0 # CheckSum
113 .word IMAGE_SUBSYSTEM_EFI_APPLICATION # Subsystem (EFI application)
114#ifdef CONFIG_EFI_DXE_MEM_ATTRIBUTES
115 .word IMAGE_DLL_CHARACTERISTICS_NX_COMPAT # DllCharacteristics
116#else
117 .word 0 # DllCharacteristics
118#endif
119#ifdef CONFIG_X86_32
120 .long 0 # SizeOfStackReserve
121 .long 0 # SizeOfStackCommit
122 .long 0 # SizeOfHeapReserve
123 .long 0 # SizeOfHeapCommit
124#else
125 .quad 0 # SizeOfStackReserve
126 .quad 0 # SizeOfStackCommit
127 .quad 0 # SizeOfHeapReserve
128 .quad 0 # SizeOfHeapCommit
129#endif
130 .long 0 # LoaderFlags
131 .long (section_table - .) / 8 # NumberOfRvaAndSizes
132
133 .quad 0 # ExportTable
134 .quad 0 # ImportTable
135 .quad 0 # ResourceTable
136 .quad 0 # ExceptionTable
137 .quad 0 # CertificationTable
138 .quad 0 # BaseRelocationTable
139
140 # Section table
141section_table:
142 .ascii ".setup"
143 .byte 0
144 .byte 0
145 .long pecompat_fstart - salign # VirtualSize
146 .long salign # VirtualAddress
147 .long pecompat_fstart - salign # SizeOfRawData
148 .long salign # PointerToRawData
149
150 .long 0, 0, 0
151 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
152 IMAGE_SCN_MEM_READ | \
153 IMAGE_SCN_MEM_DISCARDABLE # Characteristics
154
155#ifdef CONFIG_EFI_MIXED
156 .asciz ".compat"
157
158 .long pecompat_fsize # VirtualSize
159 .long pecompat_fstart # VirtualAddress
160 .long pecompat_fsize # SizeOfRawData
161 .long pecompat_fstart # PointerToRawData
162
163 .long 0, 0, 0
164 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
165 IMAGE_SCN_MEM_READ | \
166 IMAGE_SCN_MEM_DISCARDABLE # Characteristics
167
168 /*
169 * Put the IA-32 machine type and the associated entry point address in
170 * the .compat section, so loaders can figure out which other execution
171 * modes this image supports.
172 */
173 .pushsection ".pecompat", "a", @progbits
174 .balign salign
175 .globl pecompat_fstart
176pecompat_fstart:
177 .byte 0x1 # Version
178 .byte 8 # Size
179 .word IMAGE_FILE_MACHINE_I386 # PE machine type
180 .long setup_size + ZO_efi32_pe_entry # Entrypoint
181 .byte 0x0 # Sentinel
182 .popsection
183#else
184 .set pecompat_fstart, setup_size
185#endif
186 .ascii ".text"
187 .byte 0
188 .byte 0
189 .byte 0
190 .long ZO__data
191 .long setup_size
192 .long ZO__data # Size of initialized data
193 # on disk
194 .long setup_size
195 .long 0 # PointerToRelocations
196 .long 0 # PointerToLineNumbers
197 .word 0 # NumberOfRelocations
198 .word 0 # NumberOfLineNumbers
199 .long IMAGE_SCN_CNT_CODE | \
200 IMAGE_SCN_MEM_READ | \
201 IMAGE_SCN_MEM_EXECUTE # Characteristics
202
203 .ascii ".data\0\0\0"
204 .long ZO__end - ZO__data # VirtualSize
205 .long setup_size + ZO__data # VirtualAddress
206 .long ZO__edata - ZO__data # SizeOfRawData
207 .long setup_size + ZO__data # PointerToRawData
208
209 .long 0, 0, 0
210 .long IMAGE_SCN_CNT_INITIALIZED_DATA | \
211 IMAGE_SCN_MEM_READ | \
212 IMAGE_SCN_MEM_WRITE # Characteristics
213
214 .set section_count, (. - section_table) / 40
215#endif /* CONFIG_EFI_STUB */
216
217 # Kernel attributes; used by setup. This is part 1 of the
218 # header, from the old boot sector.
219
220 .section ".header", "a"
221 .globl sentinel
222sentinel: .byte 0xff, 0xff /* Used to detect broken loaders */
223
224 .globl hdr
225hdr:
226 .byte setup_sects - 1
227root_flags: .word ROOT_RDONLY
228syssize: .long ZO__edata / 16
229ram_size: .word 0 /* Obsolete */
230vid_mode: .word SVGA_MODE
231root_dev: .word 0 /* Default to major/minor 0/0 */
232boot_flag: .word 0xAA55
233
234 # offset 512, entry point
235
236 .globl _start
237_start:
238 # Explicitly enter this as bytes, or the assembler
239 # tries to generate a 3-byte jump here, which causes
240 # everything else to push off to the wrong offset.
241 .byte 0xeb # short (2-byte) jump
242 .byte start_of_setup-1f
2431:
244
245 # Part 2 of the header, from the old setup.S
246
247 .ascii "HdrS" # header signature
248 .word 0x020f # header version number (>= 0x0105)
249 # or else old loadlin-1.5 will fail)
250 .globl realmode_swtch
251realmode_swtch: .word 0, 0 # default_switch, SETUPSEG
252start_sys_seg: .word SYSSEG # obsolete and meaningless, but just
253 # in case something decided to "use" it
254 .word kernel_version-512 # pointing to kernel version string
255 # above section of header is compatible
256 # with loadlin-1.5 (header v1.5). Don't
257 # change it.
258
259type_of_loader: .byte 0 # 0 means ancient bootloader, newer
260 # bootloaders know to change this.
261 # See Documentation/arch/x86/boot.rst for
262 # assigned ids
263
264# flags, unused bits must be zero (RFU) bit within loadflags
265loadflags:
266 .byte LOADED_HIGH # The kernel is to be loaded high
267
268setup_move_size: .word 0x8000 # size to move, when setup is not
269 # loaded at 0x90000. We will move setup
270 # to 0x90000 then just before jumping
271 # into the kernel. However, only the
272 # loader knows how much data behind
273 # us also needs to be loaded.
274
275code32_start: # here loaders can put a different
276 # start address for 32-bit code.
277 .long 0x100000 # 0x100000 = default for big kernel
278
279ramdisk_image: .long 0 # address of loaded ramdisk image
280 # Here the loader puts the 32-bit
281 # address where it loaded the image.
282 # This only will be read by the kernel.
283
284ramdisk_size: .long 0 # its size in bytes
285
286bootsect_kludge:
287 .long 0 # obsolete
288
289heap_end_ptr: .word _end+STACK_SIZE-512
290 # (Header version 0x0201 or later)
291 # space from here (exclusive) down to
292 # end of setup code can be used by setup
293 # for local heap purposes.
294
295ext_loader_ver:
296 .byte 0 # Extended boot loader version
297ext_loader_type:
298 .byte 0 # Extended boot loader type
299
300cmd_line_ptr: .long 0 # (Header version 0x0202 or later)
301 # If nonzero, a 32-bit pointer
302 # to the kernel command line.
303 # The command line should be
304 # located between the start of
305 # setup and the end of low
306 # memory (0xa0000), or it may
307 # get overwritten before it
308 # gets read. If this field is
309 # used, there is no longer
310 # anything magical about the
311 # 0x90000 segment; the setup
312 # can be located anywhere in
313 # low memory 0x10000 or higher.
314
315initrd_addr_max: .long 0x7fffffff
316 # (Header version 0x0203 or later)
317 # The highest safe address for
318 # the contents of an initrd
319 # The current kernel allows up to 4 GB,
320 # but leave it at 2 GB to avoid
321 # possible bootloader bugs.
322
323kernel_alignment: .long CONFIG_PHYSICAL_ALIGN #physical addr alignment
324 #required for protected mode
325 #kernel
326#ifdef CONFIG_RELOCATABLE
327relocatable_kernel: .byte 1
328#else
329relocatable_kernel: .byte 0
330#endif
331min_alignment: .byte MIN_KERNEL_ALIGN_LG2 # minimum alignment
332
333xloadflags:
334#ifdef CONFIG_X86_64
335# define XLF0 XLF_KERNEL_64 /* 64-bit kernel */
336#else
337# define XLF0 0
338#endif
339
340#if defined(CONFIG_RELOCATABLE) && defined(CONFIG_X86_64)
341 /* kernel/boot_param/ramdisk could be loaded above 4g */
342# define XLF1 XLF_CAN_BE_LOADED_ABOVE_4G
343#else
344# define XLF1 0
345#endif
346
347#ifdef CONFIG_EFI_HANDOVER_PROTOCOL
348# ifdef CONFIG_EFI_MIXED
349# define XLF23 (XLF_EFI_HANDOVER_32|XLF_EFI_HANDOVER_64)
350# else
351# ifdef CONFIG_X86_64
352# define XLF23 XLF_EFI_HANDOVER_64 /* 64-bit EFI handover ok */
353# else
354# define XLF23 XLF_EFI_HANDOVER_32 /* 32-bit EFI handover ok */
355# endif
356# endif
357#else
358# define XLF23 0
359#endif
360
361#if defined(CONFIG_X86_64) && defined(CONFIG_EFI) && defined(CONFIG_KEXEC_CORE)
362# define XLF4 XLF_EFI_KEXEC
363#else
364# define XLF4 0
365#endif
366
367#ifdef CONFIG_X86_64
368#ifdef CONFIG_X86_5LEVEL
369#define XLF56 (XLF_5LEVEL|XLF_5LEVEL_ENABLED)
370#else
371#define XLF56 XLF_5LEVEL
372#endif
373#else
374#define XLF56 0
375#endif
376
377 .word XLF0 | XLF1 | XLF23 | XLF4 | XLF56
378
379cmdline_size: .long COMMAND_LINE_SIZE-1 #length of the command line,
380 #added with boot protocol
381 #version 2.06
382
383hardware_subarch: .long 0 # subarchitecture, added with 2.07
384 # default to 0 for normal x86 PC
385
386hardware_subarch_data: .quad 0
387
388payload_offset: .long ZO_input_data
389payload_length: .long ZO_z_input_len
390
391setup_data: .quad 0 # 64-bit physical pointer to
392 # single linked list of
393 # struct setup_data
394
395pref_address: .quad LOAD_PHYSICAL_ADDR # preferred load addr
396
397#
398# Getting to provably safe in-place decompression is hard. Worst case
399# behaviours need to be analyzed. Here let's take the decompression of
400# a gzip-compressed kernel as example, to illustrate it:
401#
402# The file layout of gzip compressed kernel is:
403#
404# magic[2]
405# method[1]
406# flags[1]
407# timestamp[4]
408# extraflags[1]
409# os[1]
410# compressed data blocks[N]
411# crc[4] orig_len[4]
412#
413# ... resulting in +18 bytes overhead of uncompressed data.
414#
415# (For more information, please refer to RFC 1951 and RFC 1952.)
416#
417# Files divided into blocks
418# 1 bit (last block flag)
419# 2 bits (block type)
420#
421# 1 block occurs every 32K -1 bytes or when there 50% compression
422# has been achieved. The smallest block type encoding is always used.
423#
424# stored:
425# 32 bits length in bytes.
426#
427# fixed:
428# magic fixed tree.
429# symbols.
430#
431# dynamic:
432# dynamic tree encoding.
433# symbols.
434#
435#
436# The buffer for decompression in place is the length of the uncompressed
437# data, plus a small amount extra to keep the algorithm safe. The
438# compressed data is placed at the end of the buffer. The output pointer
439# is placed at the start of the buffer and the input pointer is placed
440# where the compressed data starts. Problems will occur when the output
441# pointer overruns the input pointer.
442#
443# The output pointer can only overrun the input pointer if the input
444# pointer is moving faster than the output pointer. A condition only
445# triggered by data whose compressed form is larger than the uncompressed
446# form.
447#
448# The worst case at the block level is a growth of the compressed data
449# of 5 bytes per 32767 bytes.
450#
451# The worst case internal to a compressed block is very hard to figure.
452# The worst case can at least be bounded by having one bit that represents
453# 32764 bytes and then all of the rest of the bytes representing the very
454# very last byte.
455#
456# All of which is enough to compute an amount of extra data that is required
457# to be safe. To avoid problems at the block level allocating 5 extra bytes
458# per 32767 bytes of data is sufficient. To avoid problems internal to a
459# block adding an extra 32767 bytes (the worst case uncompressed block size)
460# is sufficient, to ensure that in the worst case the decompressed data for
461# block will stop the byte before the compressed data for a block begins.
462# To avoid problems with the compressed data's meta information an extra 18
463# bytes are needed. Leading to the formula:
464#
465# extra_bytes = (uncompressed_size >> 12) + 32768 + 18
466#
467# Adding 8 bytes per 32K is a bit excessive but much easier to calculate.
468# Adding 32768 instead of 32767 just makes for round numbers.
469#
470# Above analysis is for decompressing gzip compressed kernel only. Up to
471# now 6 different decompressor are supported all together. And among them
472# xz stores data in chunks and has maximum chunk of 64K. Hence safety
473# margin should be updated to cover all decompressors so that we don't
474# need to deal with each of them separately. Please check
475# the description in lib/decompressor_xxx.c for specific information.
476#
477# extra_bytes = (uncompressed_size >> 12) + 65536 + 128
478#
479# LZ4 is even worse: data that cannot be further compressed grows by 0.4%,
480# or one byte per 256 bytes. OTOH, we can safely get rid of the +128 as
481# the size-dependent part now grows so fast.
482#
483# extra_bytes = (uncompressed_size >> 8) + 65536
484#
485# ZSTD compressed data grows by at most 3 bytes per 128K, and only has a 22
486# byte fixed overhead but has a maximum block size of 128K, so it needs a
487# larger margin.
488#
489# extra_bytes = (uncompressed_size >> 8) + 131072
490
491#define ZO_z_extra_bytes ((ZO_z_output_len >> 8) + 131072)
492#if ZO_z_output_len > ZO_z_input_len
493# define ZO_z_extract_offset (ZO_z_output_len + ZO_z_extra_bytes - \
494 ZO_z_input_len)
495#else
496# define ZO_z_extract_offset ZO_z_extra_bytes
497#endif
498
499/*
500 * The extract_offset has to be bigger than ZO head section. Otherwise when
501 * the head code is running to move ZO to the end of the buffer, it will
502 * overwrite the head code itself.
503 */
504#if (ZO__ehead - ZO_startup_32) > ZO_z_extract_offset
505# define ZO_z_min_extract_offset ((ZO__ehead - ZO_startup_32 + 4095) & ~4095)
506#else
507# define ZO_z_min_extract_offset ((ZO_z_extract_offset + 4095) & ~4095)
508#endif
509
510#define ZO_INIT_SIZE (ZO__end - ZO_startup_32 + ZO_z_min_extract_offset)
511
512#define VO_INIT_SIZE (VO__end - VO__text)
513#if ZO_INIT_SIZE > VO_INIT_SIZE
514# define INIT_SIZE ZO_INIT_SIZE
515#else
516# define INIT_SIZE VO_INIT_SIZE
517#endif
518
519 .macro __handover_offset
520#ifndef CONFIG_EFI_HANDOVER_PROTOCOL
521 .long 0
522#elif !defined(CONFIG_X86_64)
523 .long ZO_efi32_stub_entry
524#else
525 /* Yes, this is really how we defined it :( */
526 .long ZO_efi64_stub_entry - 0x200
527#ifdef CONFIG_EFI_MIXED
528 .if ZO_efi32_stub_entry != ZO_efi64_stub_entry - 0x200
529 .error "32-bit and 64-bit EFI entry points do not match"
530 .endif
531#endif
532#endif
533 .endm
534
535init_size: .long INIT_SIZE # kernel initialization size
536handover_offset: __handover_offset
537kernel_info_offset: .long ZO_kernel_info
538
539# End of setup header #####################################################
540
541 .section ".entrytext", "ax"
542start_of_setup:
543# Force %es = %ds
544 movw %ds, %ax
545 movw %ax, %es
546 cld
547
548# Apparently some ancient versions of LILO invoked the kernel with %ss != %ds,
549# which happened to work by accident for the old code. Recalculate the stack
550# pointer if %ss is invalid. Otherwise leave it alone, LOADLIN sets up the
551# stack behind its own code, so we can't blindly put it directly past the heap.
552
553 movw %ss, %dx
554 cmpw %ax, %dx # %ds == %ss?
555 movw %sp, %dx
556 je 2f # -> assume %sp is reasonably set
557
558 # Invalid %ss, make up a new stack
559 movw $_end, %dx
560 testb $CAN_USE_HEAP, loadflags
561 jz 1f
562 movw heap_end_ptr, %dx
5631: addw $STACK_SIZE, %dx
564 jnc 2f
565 xorw %dx, %dx # Prevent wraparound
566
5672: # Now %dx should point to the end of our stack space
568 andw $~3, %dx # dword align (might as well...)
569 jnz 3f
570 movw $0xfffc, %dx # Make sure we're not zero
5713: movw %ax, %ss
572 movzwl %dx, %esp # Clear upper half of %esp
573 sti # Now we should have a working stack
574
575# We will have entered with %cs = %ds+0x20, normalize %cs so
576# it is on par with the other segments.
577 pushw %ds
578 pushw $6f
579 lretw
5806:
581
582# Check signature at end of setup
583 cmpl $0x5a5aaa55, setup_sig
584 jne setup_bad
585
586# Zero the bss
587 movw $__bss_start, %di
588 movw $_end+3, %cx
589 xorl %eax, %eax
590 subw %di, %cx
591 shrw $2, %cx
592 rep; stosl
593
594# Jump to C code (should not return)
595 calll main
596
597# Setup corrupt somehow...
598setup_bad:
599 movl $setup_corrupt, %eax
600 calll puts
601 # Fall through...
602
603 .globl die
604 .type die, @function
605die:
606 hlt
607 jmp die
608
609 .size die, .-die
610
611 .section ".initdata", "a"
612setup_corrupt:
613 .byte 7
614 .string "No setup signature found...\n"