TrustedFirmware Git Browser
Code Review Sign In
review.trustedfirmware.org / hafnium / third_party / linux.git / 3a0ad55d848b50499b68d7141d4eca997fce28ef / . / arch / s390 / purgatory / head.S
blob: 2e3707b12eddbb92f02a27632ced337c7a889200 [file] [log] [blame]
Andrew Scullb4b6d4a2019-01-02 15:54:55 +0000[diff] [blame]1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * Purgatory setup code
4 *
5 * Copyright IBM Corp. 2018
6 *
7 * Author(s): Philipp Rudo <prudo@linux.vnet.ibm.com>
8 */
9
10#include <linux/linkage.h>
11#include <asm/asm-offsets.h>
12#include <asm/page.h>
13#include <asm/sigp.h>
14
15/* The purgatory is the code running between two kernels. It's main purpose
16 * is to verify that the next kernel was not corrupted after load and to
17 * start it.
18 *
19 * If the next kernel is a crash kernel there are some peculiarities to
20 * consider:
21 *
22 * First the purgatory is called twice. Once only to verify the
23 * sha digest. So if the crash kernel got corrupted the old kernel can try
24 * to trigger a stand-alone dumper. And once to actually load the crash kernel.
25 *
26 * Second the purgatory also has to swap the crash memory region with its
27 * destination at address 0. As the purgatory is part of crash memory this
28 * requires some finesse. The tactic here is that the purgatory first copies
29 * itself to the end of the destination and then swaps the rest of the
30 * memory running from there.
31 */
32
33#define bufsz purgatory_end-stack
34
35.macro MEMCPY dst,src,len
36 lgr %r0,\dst
37 lgr %r1,\len
38 lgr %r2,\src
39 lgr %r3,\len
40
4120: mvcle %r0,%r2,0
42 jo 20b
43.endm
44
45.macro MEMSWAP dst,src,buf,len
4610: cghi \len,bufsz
47 jh 11f
48 lgr %r4,\len
49 j 12f
5011: lghi %r4,bufsz
51
5212: MEMCPY \buf,\dst,%r4
53 MEMCPY \dst,\src,%r4
54 MEMCPY \src,\buf,%r4
55
56 agr \dst,%r4
57 agr \src,%r4
58 sgr \len,%r4
59
60 cghi \len,0
61 jh 10b
62.endm
63
64.macro START_NEXT_KERNEL base
65 lg %r4,kernel_entry-\base(%r13)
66 lg %r5,load_psw_mask-\base(%r13)
67 ogr %r4,%r5
68 stg %r4,0(%r0)
69
70 xgr %r0,%r0
71 diag %r0,%r0,0x308
72.endm
73
74.text
75.align PAGE_SIZE
76ENTRY(purgatory_start)
77 /* The purgatory might be called after a diag308 so better set
78 * architecture and addressing mode.
79 */
80 lhi %r1,1
81 sigp %r1,%r0,SIGP_SET_ARCHITECTURE
82 sam64
83
84 larl %r5,gprregs
85 stmg %r6,%r15,0(%r5)
86
87 basr %r13,0
88.base_crash:
89
90 /* Setup stack */
91 larl %r15,purgatory_end
92 aghi %r15,-160
93
94 /* If the next kernel is KEXEC_TYPE_CRASH the purgatory is called
95 * directly with a flag passed in %r2 whether the purgatory shall do
96 * checksum verification only (%r2 = 0 -> verification only).
97 *
98 * Check now and preserve over C function call by storing in
99 * %r10 whith
100 * 1 -> checksum verification only
101 * 0 -> load new kernel
102 */
103 lghi %r10,0
104 lg %r11,kernel_type-.base_crash(%r13)
105 cghi %r11,1 /* KEXEC_TYPE_CRASH */
106 jne .do_checksum_verification
107 cghi %r2,0 /* checksum verification only */
108 jne .do_checksum_verification
109 lghi %r10,1
110
111.do_checksum_verification:
112 brasl %r14,verify_sha256_digest
113
114 cghi %r10,1 /* checksum verification only */
115 je .return_old_kernel
116 cghi %r2,0 /* checksum match */
117 jne .disabled_wait
118
119 /* If the next kernel is a crash kernel the purgatory has to swap
120 * the mem regions first.
121 */
122 cghi %r11,1 /* KEXEC_TYPE_CRASH */
123 je .start_crash_kernel
124
125 /* start normal kernel */
126 START_NEXT_KERNEL .base_crash
127
128.return_old_kernel:
129 lmg %r6,%r15,gprregs-.base_crash(%r13)
130 br %r14
131
132.disabled_wait:
133 lpswe disabled_wait_psw-.base_crash(%r13)
134
135.start_crash_kernel:
136 /* Location of purgatory_start in crash memory */
137 lgr %r8,%r13
138 aghi %r8,-(.base_crash-purgatory_start)
139
140 /* Destination for this code i.e. end of memory to be swapped. */
141 lg %r9,crash_size-.base_crash(%r13)
142 aghi %r9,-(purgatory_end-purgatory_start)
143
144 /* Destination in crash memory, i.e. same as r9 but in crash memory. */
145 lg %r10,crash_start-.base_crash(%r13)
146 agr %r10,%r9
147
148 /* Buffer location (in crash memory) and size. As the purgatory is
149 * behind the point of no return it can re-use the stack as buffer.
150 */
151 lghi %r11,bufsz
152 larl %r12,stack
153
154 MEMCPY %r12,%r9,%r11 /* dst -> (crash) buf */
155 MEMCPY %r9,%r8,%r11 /* self -> dst */
156
157 /* Jump to new location. */
158 lgr %r7,%r9
159 aghi %r7,.jump_to_dst-purgatory_start
160 br %r7
161
162.jump_to_dst:
163 basr %r13,0
164.base_dst:
165
166 /* clear buffer */
167 MEMCPY %r12,%r10,%r11 /* (crash) buf -> (crash) dst */
168
169 /* Load new buffer location after jump */
170 larl %r7,stack
171 aghi %r10,stack-purgatory_start
172 MEMCPY %r10,%r7,%r11 /* (new) buf -> (crash) buf */
173
174 /* Now the code is set up to run from its designated location. Start
175 * swapping the rest of crash memory now.
176 *
177 * The registers will be used as follow:
178 *
179 * %r0-%r4 reserved for macros defined above
180 * %r5-%r6 tmp registers
181 * %r7 pointer to current struct sha region
182 * %r8 index to iterate over all sha regions
183 * %r9 pointer in crash memory
184 * %r10 pointer in old kernel
185 * %r11 total size (still) to be moved
186 * %r12 pointer to buffer
187 */
188 lgr %r12,%r7
189 lgr %r11,%r9
190 lghi %r10,0
191 lg %r9,crash_start-.base_dst(%r13)
192 lghi %r8,16 /* KEXEC_SEGMENTS_MAX */
193 larl %r7,purgatory_sha_regions
194
195 j .loop_first
196
197 /* Loop over all purgatory_sha_regions. */
198.loop_next:
199 aghi %r8,-1
200 cghi %r8,0
201 je .loop_out
202
203 aghi %r7,__KEXEC_SHA_REGION_SIZE
204
205.loop_first:
206 lg %r5,__KEXEC_SHA_REGION_START(%r7)
207 cghi %r5,0
208 je .loop_next
209
210 /* Copy [end last sha region, start current sha region) */
211 /* Note: kexec_sha_region->start points in crash memory */
212 sgr %r5,%r9
213 MEMCPY %r9,%r10,%r5
214
215 agr %r9,%r5
216 agr %r10,%r5
217 sgr %r11,%r5
218
219 /* Swap sha region */
220 lg %r6,__KEXEC_SHA_REGION_LEN(%r7)
221 MEMSWAP %r9,%r10,%r12,%r6
222 sg %r11,__KEXEC_SHA_REGION_LEN(%r7)
223 j .loop_next
224
225.loop_out:
226 /* Copy rest of crash memory */
227 MEMCPY %r9,%r10,%r11
228
229 /* start crash kernel */
230 START_NEXT_KERNEL .base_dst
231
232
233load_psw_mask:
234 .long 0x00080000,0x80000000
235
236 .align 8
237disabled_wait_psw:
238 .quad 0x0002000180000000
239 .quad 0x0000000000000000 + .do_checksum_verification
240
241gprregs:
242 .rept 10
243 .quad 0
244 .endr
245
246/* Macro to define a global variable with name and size (in bytes) to be
247 * shared with C code.
248 *
249 * Add the .size and .type attribute to satisfy checks on the Elf_Sym during
250 * purgatory load.
251 */
252.macro GLOBAL_VARIABLE name,size
253\name:
254 .global \name
255 .size \name,\size
256 .type \name,object
257 .skip \size,0
258.endm
259
260GLOBAL_VARIABLE purgatory_sha256_digest,32
261GLOBAL_VARIABLE purgatory_sha_regions,16*__KEXEC_SHA_REGION_SIZE
262GLOBAL_VARIABLE kernel_entry,8
263GLOBAL_VARIABLE kernel_type,8
264GLOBAL_VARIABLE crash_start,8
265GLOBAL_VARIABLE crash_size,8
266
267 .align PAGE_SIZE
268stack:
269 /* The buffer to move this code must be as big as the code. */
270 .skip stack-purgatory_start
271 .align PAGE_SIZE
272purgatory_end: