root/arch/s390/purgatory/head.S

   1 /* SPDX-License-Identifier: GPL-2.0 */
   2 /*
   3  * Purgatory setup code
   4  *
   5  * Copyright IBM Corp. 2018
   6  *
   7  * Author(s): Philipp Rudo <prudo@linux.vnet.ibm.com>
   8  */
   9 
  10 #include <linux/linkage.h>
  11 #include <asm/asm-offsets.h>
  12 #include <asm/page.h>
  13 #include <asm/sigp.h>
  14 #include <asm/ptrace.h>
  15 
  16 /* The purgatory is the code running between two kernels. It's main purpose
  17  * is to verify that the next kernel was not corrupted after load and to
  18  * start it.
  19  *
  20  * If the next kernel is a crash kernel there are some peculiarities to
  21  * consider:
  22  *
  23  * First the purgatory is called twice. Once only to verify the
  24  * sha digest. So if the crash kernel got corrupted the old kernel can try
  25  * to trigger a stand-alone dumper. And once to actually load the crash kernel.
  26  *
  27  * Second the purgatory also has to swap the crash memory region with its
  28  * destination at address 0. As the purgatory is part of crash memory this
  29  * requires some finesse. The tactic here is that the purgatory first copies
  30  * itself to the end of the destination and then swaps the rest of the
  31  * memory running from there.
  32  */
  33 
  34 #define bufsz purgatory_end-stack
  35 
  36 .macro MEMCPY dst,src,len
  37         lgr     %r0,\dst
  38         lgr     %r1,\len
  39         lgr     %r2,\src
  40         lgr     %r3,\len
  41 
  42 20:     mvcle   %r0,%r2,0
  43         jo      20b
  44 .endm
  45 
  46 .macro MEMSWAP dst,src,buf,len
  47 10:     cghi    \len,bufsz
  48         jh      11f
  49         lgr     %r4,\len
  50         j       12f
  51 11:     lghi    %r4,bufsz
  52 
  53 12:     MEMCPY  \buf,\dst,%r4
  54         MEMCPY  \dst,\src,%r4
  55         MEMCPY  \src,\buf,%r4
  56 
  57         agr     \dst,%r4
  58         agr     \src,%r4
  59         sgr     \len,%r4
  60 
  61         cghi    \len,0
  62         jh      10b
  63 .endm
  64 
  65 .macro START_NEXT_KERNEL base
  66         lg      %r4,kernel_entry-\base(%r13)
  67         lg      %r5,load_psw_mask-\base(%r13)
  68         ogr     %r4,%r5
  69         stg     %r4,0(%r0)
  70 
  71         xgr     %r0,%r0
  72         diag    %r0,%r0,0x308
  73 .endm
  74 
  75 .text
  76 .align PAGE_SIZE
  77 ENTRY(purgatory_start)
  78         /* The purgatory might be called after a diag308 so better set
  79          * architecture and addressing mode.
  80          */
  81         lhi     %r1,1
  82         sigp    %r1,%r0,SIGP_SET_ARCHITECTURE
  83         sam64
  84 
  85         larl    %r5,gprregs
  86         stmg    %r6,%r15,0(%r5)
  87 
  88         basr    %r13,0
  89 .base_crash:
  90 
  91         /* Setup stack */
  92         larl    %r15,purgatory_end-STACK_FRAME_OVERHEAD
  93 
  94         /* If the next kernel is KEXEC_TYPE_CRASH the purgatory is called
  95          * directly with a flag passed in %r2 whether the purgatory shall do
  96          * checksum verification only (%r2 = 0 -> verification only).
  97          *
  98          * Check now and preserve over C function call by storing in
  99          * %r10 whith
 100          *      1 -> checksum verification only
 101          *      0 -> load new kernel
 102          */
 103         lghi    %r10,0
 104         lg      %r11,kernel_type-.base_crash(%r13)
 105         cghi    %r11,1          /* KEXEC_TYPE_CRASH */
 106         jne     .do_checksum_verification
 107         cghi    %r2,0           /* checksum verification only */
 108         jne     .do_checksum_verification
 109         lghi    %r10,1
 110 
 111 .do_checksum_verification:
 112         brasl   %r14,verify_sha256_digest
 113 
 114         cghi    %r10,1          /* checksum verification only */
 115         je      .return_old_kernel
 116         cghi    %r2,0           /* checksum match */
 117         jne     .disabled_wait
 118 
 119         /* If the next kernel is a crash kernel the purgatory has to swap
 120          * the mem regions first.
 121          */
 122         cghi    %r11,1 /* KEXEC_TYPE_CRASH */
 123         je      .start_crash_kernel
 124 
 125         /* start normal kernel */
 126         START_NEXT_KERNEL .base_crash
 127 
 128 .return_old_kernel:
 129         lmg     %r6,%r15,gprregs-.base_crash(%r13)
 130         br      %r14
 131 
 132 .disabled_wait:
 133         lpswe   disabled_wait_psw-.base_crash(%r13)
 134 
 135 .start_crash_kernel:
 136         /* Location of purgatory_start in crash memory */
 137         lgr     %r8,%r13
 138         aghi    %r8,-(.base_crash-purgatory_start)
 139 
 140         /* Destination for this code i.e. end of memory to be swapped. */
 141         lg      %r9,crash_size-.base_crash(%r13)
 142         aghi    %r9,-(purgatory_end-purgatory_start)
 143 
 144         /* Destination in crash memory, i.e. same as r9 but in crash memory. */
 145         lg      %r10,crash_start-.base_crash(%r13)
 146         agr     %r10,%r9
 147 
 148         /* Buffer location (in crash memory) and size. As the purgatory is
 149          * behind the point of no return it can re-use the stack as buffer.
 150          */
 151         lghi    %r11,bufsz
 152         larl    %r12,stack
 153 
 154         MEMCPY  %r12,%r9,%r11   /* dst  -> (crash) buf */
 155         MEMCPY  %r9,%r8,%r11    /* self -> dst */
 156 
 157         /* Jump to new location. */
 158         lgr     %r7,%r9
 159         aghi    %r7,.jump_to_dst-purgatory_start
 160         br      %r7
 161 
 162 .jump_to_dst:
 163         basr    %r13,0
 164 .base_dst:
 165 
 166         /* clear buffer */
 167         MEMCPY  %r12,%r10,%r11  /* (crash) buf -> (crash) dst */
 168 
 169         /* Load new buffer location after jump */
 170         larl    %r7,stack
 171         aghi    %r10,stack-purgatory_start
 172         MEMCPY  %r10,%r7,%r11   /* (new) buf -> (crash) buf */
 173 
 174         /* Now the code is set up to run from its designated location. Start
 175          * swapping the rest of crash memory now.
 176          *
 177          * The registers will be used as follow:
 178          *
 179          *      %r0-%r4 reserved for macros defined above
 180          *      %r5-%r6 tmp registers
 181          *      %r7     pointer to current struct sha region
 182          *      %r8     index to iterate over all sha regions
 183          *      %r9     pointer in crash memory
 184          *      %r10    pointer in old kernel
 185          *      %r11    total size (still) to be moved
 186          *      %r12    pointer to buffer
 187          */
 188         lgr     %r12,%r7
 189         lgr     %r11,%r9
 190         lghi    %r10,0
 191         lg      %r9,crash_start-.base_dst(%r13)
 192         lghi    %r8,16  /* KEXEC_SEGMENTS_MAX */
 193         larl    %r7,purgatory_sha_regions
 194 
 195         j .loop_first
 196 
 197         /* Loop over all purgatory_sha_regions. */
 198 .loop_next:
 199         aghi    %r8,-1
 200         cghi    %r8,0
 201         je      .loop_out
 202 
 203         aghi    %r7,__KEXEC_SHA_REGION_SIZE
 204 
 205 .loop_first:
 206         lg      %r5,__KEXEC_SHA_REGION_START(%r7)
 207         cghi    %r5,0
 208         je      .loop_next
 209 
 210         /* Copy [end last sha region, start current sha region) */
 211         /* Note: kexec_sha_region->start points in crash memory */
 212         sgr     %r5,%r9
 213         MEMCPY  %r9,%r10,%r5
 214 
 215         agr     %r9,%r5
 216         agr     %r10,%r5
 217         sgr     %r11,%r5
 218 
 219         /* Swap sha region */
 220         lg      %r6,__KEXEC_SHA_REGION_LEN(%r7)
 221         MEMSWAP %r9,%r10,%r12,%r6
 222         sg      %r11,__KEXEC_SHA_REGION_LEN(%r7)
 223         j       .loop_next
 224 
 225 .loop_out:
 226         /* Copy rest of crash memory */
 227         MEMCPY  %r9,%r10,%r11
 228 
 229         /* start crash kernel */
 230         START_NEXT_KERNEL .base_dst
 231 
 232 
 233 load_psw_mask:
 234         .long   0x00080000,0x80000000
 235 
 236         .align  8
 237 disabled_wait_psw:
 238         .quad   0x0002000180000000
 239         .quad   0x0000000000000000 + .do_checksum_verification
 240 
 241 gprregs:
 242         .rept   10
 243         .quad   0
 244         .endr
 245 
 246 /* Macro to define a global variable with name and size (in bytes) to be
 247  * shared with C code.
 248  *
 249  * Add the .size and .type attribute to satisfy checks on the Elf_Sym during
 250  * purgatory load.
 251  */
 252 .macro GLOBAL_VARIABLE name,size
 253 \name:
 254         .global \name
 255         .size   \name,\size
 256         .type   \name,object
 257         .skip   \size,0
 258 .endm
 259 
 260 GLOBAL_VARIABLE purgatory_sha256_digest,32
 261 GLOBAL_VARIABLE purgatory_sha_regions,16*__KEXEC_SHA_REGION_SIZE
 262 GLOBAL_VARIABLE kernel_entry,8
 263 GLOBAL_VARIABLE kernel_type,8
 264 GLOBAL_VARIABLE crash_start,8
 265 GLOBAL_VARIABLE crash_size,8
 266 
 267         .align  PAGE_SIZE
 268 stack:
 269         /* The buffer to move this code must be as big as the code. */
 270         .skip   stack-purgatory_start
 271         .align  PAGE_SIZE
 272 purgatory_end: