License cleanup: add SPDX GPL-2.0 license identifier to files with no license
Many source files in the tree are missing licensing information, which
makes it harder for compliance tools to determine the correct license.
By default all files without license information are under the default
license of the kernel, which is GPL version 2.
Update the files which contain no license information with the 'GPL-2.0'
SPDX license identifier. The SPDX identifier is a legally binding
shorthand, which can be used instead of the full boiler plate text.
This patch is based on work done by Thomas Gleixner and Kate Stewart and
Philippe Ombredanne.
How this work was done:
Patches were generated and checked against linux-4.14-rc6 for a subset of
the use cases:
- file had no licensing information it it.
- file was a */uapi/* one with no licensing information in it,
- file was a */uapi/* one with existing licensing information,
Further patches will be generated in subsequent months to fix up cases
where non-standard license headers were used, and references to license
had to be inferred by heuristics based on keywords.
The analysis to determine which SPDX License Identifier to be applied to
a file was done in a spreadsheet of side by side results from of the
output of two independent scanners (ScanCode & Windriver) producing SPDX
tag:value files created by Philippe Ombredanne. Philippe prepared the
base worksheet, and did an initial spot review of a few 1000 files.
The 4.13 kernel was the starting point of the analysis with 60,537 files
assessed. Kate Stewart did a file by file comparison of the scanner
results in the spreadsheet to determine which SPDX license identifier(s)
to be applied to the file. She confirmed any determination that was not
immediately clear with lawyers working with the Linux Foundation.
Criteria used to select files for SPDX license identifier tagging was:
- Files considered eligible had to be source code files.
- Make and config files were included as candidates if they contained >5
lines of source
- File already had some variant of a license header in it (even if <5
lines).
All documentation files were explicitly excluded.
The following heuristics were used to determine which SPDX license
identifiers to apply.
- when both scanners couldn't find any license traces, file was
considered to have no license information in it, and the top level
COPYING file license applied.
For non */uapi/* files that summary was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 11139
and resulted in the first patch in this series.
If that file was a */uapi/* path one, it was "GPL-2.0 WITH
Linux-syscall-note" otherwise it was "GPL-2.0". Results of that was:
SPDX license identifier # files
---------------------------------------------------|-------
GPL-2.0 WITH Linux-syscall-note 930
and resulted in the second patch in this series.
- if a file had some form of licensing information in it, and was one
of the */uapi/* ones, it was denoted with the Linux-syscall-note if
any GPL family license was found in the file or had no licensing in
it (per prior point). Results summary:
SPDX license identifier # files
---------------------------------------------------|------
GPL-2.0 WITH Linux-syscall-note 270
GPL-2.0+ WITH Linux-syscall-note 169
((GPL-2.0 WITH Linux-syscall-note) OR BSD-2-Clause) 21
((GPL-2.0 WITH Linux-syscall-note) OR BSD-3-Clause) 17
LGPL-2.1+ WITH Linux-syscall-note 15
GPL-1.0+ WITH Linux-syscall-note 14
((GPL-2.0+ WITH Linux-syscall-note) OR BSD-3-Clause) 5
LGPL-2.0+ WITH Linux-syscall-note 4
LGPL-2.1 WITH Linux-syscall-note 3
((GPL-2.0 WITH Linux-syscall-note) OR MIT) 3
((GPL-2.0 WITH Linux-syscall-note) AND MIT) 1
and that resulted in the third patch in this series.
- when the two scanners agreed on the detected license(s), that became
the concluded license(s).
- when there was disagreement between the two scanners (one detected a
license but the other didn't, or they both detected different
licenses) a manual inspection of the file occurred.
- In most cases a manual inspection of the information in the file
resulted in a clear resolution of the license that should apply (and
which scanner probably needed to revisit its heuristics).
- When it was not immediately clear, the license identifier was
confirmed with lawyers working with the Linux Foundation.
- If there was any question as to the appropriate license identifier,
the file was flagged for further research and to be revisited later
in time.
In total, over 70 hours of logged manual review was done on the
spreadsheet to determine the SPDX license identifiers to apply to the
source files by Kate, Philippe, Thomas and, in some cases, confirmation
by lawyers working with the Linux Foundation.
Kate also obtained a third independent scan of the 4.13 code base from
FOSSology, and compared selected files where the other two scanners
disagreed against that SPDX file, to see if there was new insights. The
Windriver scanner is based on an older version of FOSSology in part, so
they are related.
Thomas did random spot checks in about 500 files from the spreadsheets
for the uapi headers and agreed with SPDX license identifier in the
files he inspected. For the non-uapi files Thomas did random spot checks
in about 15000 files.
In initial set of patches against 4.14-rc6, 3 files were found to have
copy/paste license identifier errors, and have been fixed to reflect the
correct identifier.
Additionally Philippe spent 10 hours this week doing a detailed manual
inspection and review of the 12,461 patched files from the initial patch
version early this week with:
- a full scancode scan run, collecting the matched texts, detected
license ids and scores
- reviewing anything where there was a license detected (about 500+
files) to ensure that the applied SPDX license was correct
- reviewing anything where there was no detection but the patch license
was not GPL-2.0 WITH Linux-syscall-note to ensure that the applied
SPDX license was correct
This produced a worksheet with 20 files needing minor correction. This
worksheet was then exported into 3 different .csv files for the
different types of files to be modified.
These .csv files were then reviewed by Greg. Thomas wrote a script to
parse the csv files and add the proper SPDX tag to the file, in the
format that the file expected. This script was further refined by Greg
based on the output to detect more types of files automatically and to
distinguish between header and source .c files (which need different
comment types.) Finally Greg ran the script using the .csv files to
generate the patches.
Reviewed-by: Kate Stewart <kstewart@linuxfoundation.org>
Reviewed-by: Philippe Ombredanne <pombredanne@nexb.com>
Reviewed-by: Thomas Gleixner <tglx@linutronix.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-11-01 23:07:57 +09:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0 */
|
2012-04-20 22:45:54 +09:00
|
|
|
/*
|
|
|
|
|
* ld script to make ARM Linux kernel
|
|
|
|
|
* taken from the i386 version by Russell King
|
|
|
|
|
* Written by Martin Mares <mj@atrey.karlin.mff.cuni.cz>
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <asm-generic/vmlinux.lds.h>
|
2015-12-01 21:20:40 +09:00
|
|
|
#include <asm/cache.h>
|
2015-10-19 22:19:27 +09:00
|
|
|
#include <asm/kernel-pgtable.h>
|
2012-04-20 22:45:54 +09:00
|
|
|
#include <asm/thread_info.h>
|
|
|
|
|
#include <asm/memory.h>
|
|
|
|
|
#include <asm/page.h>
|
2015-01-22 10:36:06 +09:00
|
|
|
#include <asm/pgtable.h>
|
2012-04-20 22:45:54 +09:00
|
|
|
|
arm64: Update the Image header
Currently the kernel Image is stripped of everything past the initial
stack, and at runtime the memory is initialised and used by the kernel.
This makes the effective minimum memory footprint of the kernel larger
than the size of the loaded binary, though bootloaders have no mechanism
to identify how large this minimum memory footprint is. This makes it
difficult to choose safe locations to place both the kernel and other
binaries required at boot (DTB, initrd, etc), such that the kernel won't
clobber said binaries or other reserved memory during initialisation.
Additionally when big endian support was added the image load offset was
overlooked, and is currently of an arbitrary endianness, which makes it
difficult for bootloaders to make use of it. It seems that bootloaders
aren't respecting the image load offset at present anyway, and are
assuming that offset 0x80000 will always be correct.
This patch adds an effective image size to the kernel header which
describes the amount of memory from the start of the kernel Image binary
which the kernel expects to use before detecting memory and handling any
memory reservations. This can be used by bootloaders to choose suitable
locations to load the kernel and/or other binaries such that the kernel
will not clobber any memory unexpectedly. As before, memory reservations
are required to prevent the kernel from clobbering these locations
later.
Both the image load offset and the effective image size are forced to be
little-endian regardless of the native endianness of the kernel to
enable bootloaders to load a kernel of arbitrary endianness. Bootloaders
which wish to make use of the load offset can inspect the effective
image size field for a non-zero value to determine if the offset is of a
known endianness. To enable software to determine the endinanness of the
kernel as may be required for certain use-cases, a new flags field (also
little-endian) is added to the kernel header to export this information.
The documentation is updated to clarify these details. To discourage
future assumptions regarding the value of text_offset, the value at this
point in time is removed from the main flow of the documentation (though
kept as a compatibility note). Some minor formatting issues in the
documentation are also corrected.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Tom Rini <trini@ti.com>
Cc: Geoff Levand <geoff@infradead.org>
Cc: Kevin Hilman <kevin.hilman@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2014-06-25 00:51:36 +09:00
|
|
|
#include "image.h"
|
|
|
|
|
|
2014-11-26 00:26:13 +09:00
|
|
|
/* .exit.text needed in case of alternative patching */
|
|
|
|
|
#define ARM_EXIT_KEEP(x) x
|
|
|
|
|
#define ARM_EXIT_DISCARD(x)
|
2012-04-20 22:45:54 +09:00
|
|
|
|
|
|
|
|
OUTPUT_ARCH(aarch64)
|
2014-05-17 02:26:01 +09:00
|
|
|
ENTRY(_text)
|
2012-04-20 22:45:54 +09:00
|
|
|
|
|
|
|
|
jiffies = jiffies_64;
|
|
|
|
|
|
2012-12-08 03:40:43 +09:00
|
|
|
#define HYPERVISOR_TEXT \
|
|
|
|
|
/* \
|
ARM, arm64: kvm: get rid of the bounce page
The HYP init bounce page is a runtime construct that ensures that the
HYP init code does not cross a page boundary. However, this is something
we can do perfectly well at build time, by aligning the code appropriately.
For arm64, we just align to 4 KB, and enforce that the code size is less
than 4 KB, regardless of the chosen page size.
For ARM, the whole code is less than 256 bytes, so we tweak the linker
script to align at a power of 2 upper bound of the code size
Note that this also fixes a benign off-by-one error in the original bounce
page code, where a bounce page would be allocated unnecessarily if the code
was exactly 1 page in size.
On ARM, it also fixes an issue with very large kernels reported by Arnd
Bergmann, where stub sections with linker emitted veneers could erroneously
trigger the size/alignment ASSERT() in the linker script.
Tested-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2015-03-20 01:42:26 +09:00
|
|
|
* Align to 4 KB so that \
|
|
|
|
|
* a) the HYP vector table is at its minimum \
|
|
|
|
|
* alignment of 2048 bytes \
|
|
|
|
|
* b) the HYP init code will not cross a page \
|
|
|
|
|
* boundary if its size does not exceed \
|
|
|
|
|
* 4 KB (see related ASSERT() below) \
|
2012-12-08 03:40:43 +09:00
|
|
|
*/ \
|
ARM, arm64: kvm: get rid of the bounce page
The HYP init bounce page is a runtime construct that ensures that the
HYP init code does not cross a page boundary. However, this is something
we can do perfectly well at build time, by aligning the code appropriately.
For arm64, we just align to 4 KB, and enforce that the code size is less
than 4 KB, regardless of the chosen page size.
For ARM, the whole code is less than 256 bytes, so we tweak the linker
script to align at a power of 2 upper bound of the code size
Note that this also fixes a benign off-by-one error in the original bounce
page code, where a bounce page would be allocated unnecessarily if the code
was exactly 1 page in size.
On ARM, it also fixes an issue with very large kernels reported by Arnd
Bergmann, where stub sections with linker emitted veneers could erroneously
trigger the size/alignment ASSERT() in the linker script.
Tested-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2015-03-20 01:42:26 +09:00
|
|
|
. = ALIGN(SZ_4K); \
|
2012-12-08 03:40:43 +09:00
|
|
|
VMLINUX_SYMBOL(__hyp_idmap_text_start) = .; \
|
|
|
|
|
*(.hyp.idmap.text) \
|
|
|
|
|
VMLINUX_SYMBOL(__hyp_idmap_text_end) = .; \
|
|
|
|
|
VMLINUX_SYMBOL(__hyp_text_start) = .; \
|
|
|
|
|
*(.hyp.text) \
|
|
|
|
|
VMLINUX_SYMBOL(__hyp_text_end) = .;
|
|
|
|
|
|
2015-06-01 20:40:33 +09:00
|
|
|
#define IDMAP_TEXT \
|
|
|
|
|
. = ALIGN(SZ_4K); \
|
|
|
|
|
VMLINUX_SYMBOL(__idmap_text_start) = .; \
|
|
|
|
|
*(.idmap.text) \
|
|
|
|
|
VMLINUX_SYMBOL(__idmap_text_end) = .;
|
|
|
|
|
|
2016-04-28 01:47:12 +09:00
|
|
|
#ifdef CONFIG_HIBERNATION
|
|
|
|
|
#define HIBERNATE_TEXT \
|
|
|
|
|
. = ALIGN(SZ_4K); \
|
|
|
|
|
VMLINUX_SYMBOL(__hibernate_exit_text_start) = .;\
|
|
|
|
|
*(.hibernate_exit.text) \
|
|
|
|
|
VMLINUX_SYMBOL(__hibernate_exit_text_end) = .;
|
|
|
|
|
#else
|
|
|
|
|
#define HIBERNATE_TEXT
|
|
|
|
|
#endif
|
|
|
|
|
|
2014-10-11 01:42:55 +09:00
|
|
|
/*
|
|
|
|
|
* The size of the PE/COFF section that covers the kernel image, which
|
|
|
|
|
* runs from stext to _edata, must be a round multiple of the PE/COFF
|
|
|
|
|
* FileAlignment, which we set to its minimum value of 0x200. 'stext'
|
|
|
|
|
* itself is 4 KB aligned, so padding out _edata to a 0x200 aligned
|
|
|
|
|
* boundary should be sufficient.
|
|
|
|
|
*/
|
|
|
|
|
PECOFF_FILE_ALIGNMENT = 0x200;
|
|
|
|
|
|
|
|
|
|
#ifdef CONFIG_EFI
|
|
|
|
|
#define PECOFF_EDATA_PADDING \
|
|
|
|
|
.pecoff_edata_padding : { BYTE(0); . = ALIGN(PECOFF_FILE_ALIGNMENT); }
|
|
|
|
|
#else
|
|
|
|
|
#define PECOFF_EDATA_PADDING
|
|
|
|
|
#endif
|
|
|
|
|
|
2012-04-20 22:45:54 +09:00
|
|
|
SECTIONS
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* XXX: The linker does not define how output sections are
|
|
|
|
|
* assigned to input sections when there are multiple statements
|
|
|
|
|
* matching the same input section name. There is no documented
|
|
|
|
|
* order of matching.
|
|
|
|
|
*/
|
|
|
|
|
/DISCARD/ : {
|
|
|
|
|
ARM_EXIT_DISCARD(EXIT_TEXT)
|
|
|
|
|
ARM_EXIT_DISCARD(EXIT_DATA)
|
|
|
|
|
EXIT_CALL
|
|
|
|
|
*(.discard)
|
|
|
|
|
*(.discard.*)
|
2016-01-26 17:13:44 +09:00
|
|
|
*(.interp .dynamic)
|
arm64: relocatable: suppress R_AARCH64_ABS64 relocations in vmlinux
The linker routines that we rely on to produce a relocatable PIE binary
treat it as a shared ELF object in some ways, i.e., it emits symbol based
R_AARCH64_ABS64 relocations into the final binary since doing so would be
appropriate when linking a shared library that is subject to symbol
preemption. (This means that an executable can override certain symbols
that are exported by a shared library it is linked with, and that the
shared library *must* update all its internal references as well, and point
them to the version provided by the executable.)
Symbol preemption does not occur for OS hosted PIE executables, let alone
for vmlinux, and so we would prefer to get rid of these symbol based
relocations. This would allow us to simplify the relocation routines, and
to strip the .dynsym, .dynstr and .hash sections from the binary. (Note
that these are tiny, and are placed in the .init segment, but they clutter
up the vmlinux binary.)
Note that these R_AARCH64_ABS64 relocations are only emitted for absolute
references to symbols defined in the linker script, all other relocatable
quantities are covered by anonymous R_AARCH64_RELATIVE relocations that
simply list the offsets to all 64-bit values in the binary that need to be
fixed up based on the offset between the link time and run time addresses.
Fortunately, GNU ld has a -Bsymbolic option, which is intended for shared
libraries to allow them to ignore symbol preemption, and unconditionally
bind all internal symbol references to its own definitions. So set it for
our PIE binary as well, and get rid of the asoociated sections and the
relocation code that processes them.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
[will: fixed conflict with __dynsym_offset linker script entry]
Signed-off-by: Will Deacon <will.deacon@arm.com>
2016-07-24 21:00:13 +09:00
|
|
|
*(.dynsym .dynstr .hash)
|
2012-04-20 22:45:54 +09:00
|
|
|
}
|
|
|
|
|
|
2016-02-16 21:52:36 +09:00
|
|
|
. = KIMAGE_VADDR + TEXT_OFFSET;
|
2012-04-20 22:45:54 +09:00
|
|
|
|
|
|
|
|
.head.text : {
|
|
|
|
|
_text = .;
|
|
|
|
|
HEAD_TEXT
|
|
|
|
|
}
|
|
|
|
|
.text : { /* Real text segment */
|
|
|
|
|
_stext = .; /* Text and read-only data */
|
|
|
|
|
__exception_text_start = .;
|
|
|
|
|
*(.exception.text)
|
|
|
|
|
__exception_text_end = .;
|
|
|
|
|
IRQENTRY_TEXT
|
2016-03-26 06:22:05 +09:00
|
|
|
SOFTIRQENTRY_TEXT
|
2016-07-09 01:35:50 +09:00
|
|
|
ENTRY_TEXT
|
2012-04-20 22:45:54 +09:00
|
|
|
TEXT_TEXT
|
|
|
|
|
SCHED_TEXT
|
2016-10-08 09:02:55 +09:00
|
|
|
CPUIDLE_TEXT
|
2012-04-20 22:45:54 +09:00
|
|
|
LOCK_TEXT
|
arm64: Kprobes with single stepping support
Add support for basic kernel probes(kprobes) and jump probes
(jprobes) for ARM64.
Kprobes utilizes software breakpoint and single step debug
exceptions supported on ARM v8.
A software breakpoint is placed at the probe address to trap the
kernel execution into the kprobe handler.
ARM v8 supports enabling single stepping before the break exception
return (ERET), with next PC in exception return address (ELR_EL1). The
kprobe handler prepares an executable memory slot for out-of-line
execution with a copy of the original instruction being probed, and
enables single stepping. The PC is set to the out-of-line slot address
before the ERET. With this scheme, the instruction is executed with the
exact same register context except for the PC (and DAIF) registers.
Debug mask (PSTATE.D) is enabled only when single stepping a recursive
kprobe, e.g.: during kprobes reenter so that probed instruction can be
single stepped within the kprobe handler -exception- context.
The recursion depth of kprobe is always 2, i.e. upon probe re-entry,
any further re-entry is prevented by not calling handlers and the case
counted as a missed kprobe).
Single stepping from the x-o-l slot has a drawback for PC-relative accesses
like branching and symbolic literals access as the offset from the new PC
(slot address) may not be ensured to fit in the immediate value of
the opcode. Such instructions need simulation, so reject
probing them.
Instructions generating exceptions or cpu mode change are rejected
for probing.
Exclusive load/store instructions are rejected too. Additionally, the
code is checked to see if it is inside an exclusive load/store sequence
(code from Pratyush).
System instructions are mostly enabled for stepping, except MSR/MRS
accesses to "DAIF" flags in PSTATE, which are not safe for
probing.
This also changes arch/arm64/include/asm/ptrace.h to use
include/asm-generic/ptrace.h.
Thanks to Steve Capper and Pratyush Anand for several suggested
Changes.
Signed-off-by: Sandeepa Prabhu <sandeepa.s.prabhu@gmail.com>
Signed-off-by: David A. Long <dave.long@linaro.org>
Signed-off-by: Pratyush Anand <panand@redhat.com>
Acked-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2016-07-09 01:35:48 +09:00
|
|
|
KPROBES_TEXT
|
2012-12-08 03:40:43 +09:00
|
|
|
HYPERVISOR_TEXT
|
2015-06-01 20:40:33 +09:00
|
|
|
IDMAP_TEXT
|
2016-04-28 01:47:12 +09:00
|
|
|
HIBERNATE_TEXT
|
2012-04-20 22:45:54 +09:00
|
|
|
*(.fixup)
|
|
|
|
|
*(.gnu.warning)
|
|
|
|
|
. = ALIGN(16);
|
|
|
|
|
*(.got) /* Global offset table */
|
|
|
|
|
}
|
|
|
|
|
|
arm64: simplify kernel segment mapping granularity
The mapping of the kernel consist of four segments, each of which is mapped
with different permission attributes and/or lifetimes. To optimize the TLB
and translation table footprint, we define various opaque constants in the
linker script that resolve to different aligment values depending on the
page size and whether CONFIG_DEBUG_ALIGN_RODATA is set.
Considering that
- a 4 KB granule kernel benefits from a 64 KB segment alignment (due to
the fact that it allows the use of the contiguous bit),
- the minimum alignment of the .data segment is THREAD_SIZE already, not
PAGE_SIZE (i.e., we already have padding between _data and the start of
the .data payload in many cases),
- 2 MB is a suitable alignment value on all granule sizes, either for
mapping directly (level 2 on 4 KB), or via the contiguous bit (level 3 on
16 KB and 64 KB),
- anything beyond 2 MB exceeds the minimum alignment mandated by the boot
protocol, and can only be mapped efficiently if the physical alignment
happens to be the same,
we can simplify this by standardizing on 64 KB (or 2 MB) explicitly, i.e.,
regardless of granule size, all segments are aligned either to 64 KB, or to
2 MB if CONFIG_DEBUG_ALIGN_RODATA=y. This also means we can drop the Kconfig
dependency of CONFIG_DEBUG_ALIGN_RODATA on CONFIG_ARM64_4K_PAGES.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2016-03-31 00:43:09 +09:00
|
|
|
. = ALIGN(SEGMENT_ALIGN);
|
arm64: mm: fix location of _etext
As Kees Cook notes in the ARM counterpart of this patch [0]:
The _etext position is defined to be the end of the kernel text code,
and should not include any part of the data segments. This interferes
with things that might check memory ranges and expect executable code
up to _etext.
In particular, Kees is referring to the HARDENED_USERCOPY patch set [1],
which rejects attempts to call copy_to_user() on kernel ranges containing
executable code, but does allow access to the .rodata segment. Regardless
of whether one may or may not agree with the distinction, it makes sense
for _etext to have the same meaning across architectures.
So let's put _etext where it belongs, between .text and .rodata, and fix
up existing references to use __init_begin instead, which unlike _end_rodata
includes the exception and notes sections as well.
The _etext references in kaslr.c are left untouched, since its references
to [_stext, _etext) are meant to capture potential jump instruction targets,
and so disregarding .rodata is actually an improvement here.
[0] http://article.gmane.org/gmane.linux.kernel/2245084
[1] http://thread.gmane.org/gmane.linux.kernel.hardened.devel/2502
Reported-by: Kees Cook <keescook@chromium.org>
Reviewed-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2016-06-23 22:53:17 +09:00
|
|
|
_etext = .; /* End of text section */
|
|
|
|
|
|
|
|
|
|
RO_DATA(PAGE_SIZE) /* everything from this point to */
|
|
|
|
|
EXCEPTION_TABLE(8) /* __init_begin will be marked RO NX */
|
2013-08-24 00:16:42 +09:00
|
|
|
NOTES
|
2012-04-20 22:45:54 +09:00
|
|
|
|
arm64: simplify kernel segment mapping granularity
The mapping of the kernel consist of four segments, each of which is mapped
with different permission attributes and/or lifetimes. To optimize the TLB
and translation table footprint, we define various opaque constants in the
linker script that resolve to different aligment values depending on the
page size and whether CONFIG_DEBUG_ALIGN_RODATA is set.
Considering that
- a 4 KB granule kernel benefits from a 64 KB segment alignment (due to
the fact that it allows the use of the contiguous bit),
- the minimum alignment of the .data segment is THREAD_SIZE already, not
PAGE_SIZE (i.e., we already have padding between _data and the start of
the .data payload in many cases),
- 2 MB is a suitable alignment value on all granule sizes, either for
mapping directly (level 2 on 4 KB), or via the contiguous bit (level 3 on
16 KB and 64 KB),
- anything beyond 2 MB exceeds the minimum alignment mandated by the boot
protocol, and can only be mapped efficiently if the physical alignment
happens to be the same,
we can simplify this by standardizing on 64 KB (or 2 MB) explicitly, i.e.,
regardless of granule size, all segments are aligned either to 64 KB, or to
2 MB if CONFIG_DEBUG_ALIGN_RODATA=y. This also means we can drop the Kconfig
dependency of CONFIG_DEBUG_ALIGN_RODATA on CONFIG_ARM64_4K_PAGES.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2016-03-31 00:43:09 +09:00
|
|
|
. = ALIGN(SEGMENT_ALIGN);
|
2012-04-20 22:45:54 +09:00
|
|
|
__init_begin = .;
|
2017-03-10 05:52:03 +09:00
|
|
|
__inittext_begin = .;
|
2012-04-20 22:45:54 +09:00
|
|
|
|
|
|
|
|
INIT_TEXT_SECTION(8)
|
|
|
|
|
.exit.text : {
|
|
|
|
|
ARM_EXIT_KEEP(EXIT_TEXT)
|
|
|
|
|
}
|
2015-01-22 10:36:06 +09:00
|
|
|
|
2017-03-10 05:52:03 +09:00
|
|
|
. = ALIGN(4);
|
|
|
|
|
.altinstructions : {
|
|
|
|
|
__alt_instructions = .;
|
|
|
|
|
*(.altinstructions)
|
|
|
|
|
__alt_instructions_end = .;
|
|
|
|
|
}
|
|
|
|
|
.altinstr_replacement : {
|
|
|
|
|
*(.altinstr_replacement)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
. = ALIGN(PAGE_SIZE);
|
|
|
|
|
__inittext_end = .;
|
|
|
|
|
__initdata_begin = .;
|
|
|
|
|
|
2012-04-20 22:45:54 +09:00
|
|
|
.init.data : {
|
|
|
|
|
INIT_DATA
|
|
|
|
|
INIT_SETUP(16)
|
|
|
|
|
INIT_CALLS
|
|
|
|
|
CON_INITCALL
|
|
|
|
|
SECURITY_INITCALL
|
|
|
|
|
INIT_RAM_FS
|
2016-02-17 21:35:58 +09:00
|
|
|
*(.init.rodata.* .init.bss) /* from the EFI stub */
|
2012-04-20 22:45:54 +09:00
|
|
|
}
|
|
|
|
|
.exit.data : {
|
|
|
|
|
ARM_EXIT_KEEP(EXIT_DATA)
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-01 21:20:40 +09:00
|
|
|
PERCPU_SECTION(L1_CACHE_BYTES)
|
2012-04-20 22:45:54 +09:00
|
|
|
|
2016-01-26 17:13:44 +09:00
|
|
|
.rela : ALIGN(8) {
|
|
|
|
|
*(.rela .rela*)
|
|
|
|
|
}
|
2014-11-15 00:54:08 +09:00
|
|
|
|
2016-07-28 23:15:14 +09:00
|
|
|
__rela_offset = ABSOLUTE(ADDR(.rela) - KIMAGE_VADDR);
|
2016-04-19 00:09:43 +09:00
|
|
|
__rela_size = SIZEOF(.rela);
|
|
|
|
|
|
arm64: simplify kernel segment mapping granularity
The mapping of the kernel consist of four segments, each of which is mapped
with different permission attributes and/or lifetimes. To optimize the TLB
and translation table footprint, we define various opaque constants in the
linker script that resolve to different aligment values depending on the
page size and whether CONFIG_DEBUG_ALIGN_RODATA is set.
Considering that
- a 4 KB granule kernel benefits from a 64 KB segment alignment (due to
the fact that it allows the use of the contiguous bit),
- the minimum alignment of the .data segment is THREAD_SIZE already, not
PAGE_SIZE (i.e., we already have padding between _data and the start of
the .data payload in many cases),
- 2 MB is a suitable alignment value on all granule sizes, either for
mapping directly (level 2 on 4 KB), or via the contiguous bit (level 3 on
16 KB and 64 KB),
- anything beyond 2 MB exceeds the minimum alignment mandated by the boot
protocol, and can only be mapped efficiently if the physical alignment
happens to be the same,
we can simplify this by standardizing on 64 KB (or 2 MB) explicitly, i.e.,
regardless of granule size, all segments are aligned either to 64 KB, or to
2 MB if CONFIG_DEBUG_ALIGN_RODATA=y. This also means we can drop the Kconfig
dependency of CONFIG_DEBUG_ALIGN_RODATA on CONFIG_ARM64_4K_PAGES.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2016-03-31 00:43:09 +09:00
|
|
|
. = ALIGN(SEGMENT_ALIGN);
|
2017-03-10 05:52:03 +09:00
|
|
|
__initdata_end = .;
|
2015-12-09 21:44:38 +09:00
|
|
|
__init_end = .;
|
|
|
|
|
|
2013-11-05 01:38:47 +09:00
|
|
|
_data = .;
|
|
|
|
|
_sdata = .;
|
2017-07-21 22:25:33 +09:00
|
|
|
RW_DATA_SECTION(L1_CACHE_BYTES, PAGE_SIZE, THREAD_ALIGN)
|
2016-08-25 02:27:29 +09:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Data written with the MMU off but read with the MMU on requires
|
|
|
|
|
* cache lines to be invalidated, discarding up to a Cache Writeback
|
|
|
|
|
* Granule (CWG) of data from the cache. Keep the section that
|
|
|
|
|
* requires this type of maintenance to be in its own Cache Writeback
|
|
|
|
|
* Granule (CWG) area so the cache maintenance operations don't
|
|
|
|
|
* interfere with adjacent data.
|
|
|
|
|
*/
|
|
|
|
|
.mmuoff.data.write : ALIGN(SZ_2K) {
|
|
|
|
|
__mmuoff_data_start = .;
|
|
|
|
|
*(.mmuoff.data.write)
|
|
|
|
|
}
|
|
|
|
|
. = ALIGN(SZ_2K);
|
|
|
|
|
.mmuoff.data.read : {
|
|
|
|
|
*(.mmuoff.data.read)
|
|
|
|
|
__mmuoff_data_end = .;
|
|
|
|
|
}
|
|
|
|
|
|
2014-10-11 01:42:55 +09:00
|
|
|
PECOFF_EDATA_PADDING
|
2017-03-24 04:00:51 +09:00
|
|
|
__pecoff_data_rawsize = ABSOLUTE(. - __initdata_begin);
|
2013-11-05 01:38:47 +09:00
|
|
|
_edata = .;
|
2012-04-20 22:45:54 +09:00
|
|
|
|
|
|
|
|
BSS_SECTION(0, 0, 0)
|
2014-06-25 00:51:35 +09:00
|
|
|
|
|
|
|
|
. = ALIGN(PAGE_SIZE);
|
|
|
|
|
idmap_pg_dir = .;
|
|
|
|
|
. += IDMAP_DIR_SIZE;
|
|
|
|
|
swapper_pg_dir = .;
|
|
|
|
|
. += SWAPPER_DIR_SIZE;
|
|
|
|
|
|
2016-07-02 00:53:00 +09:00
|
|
|
#ifdef CONFIG_ARM64_SW_TTBR0_PAN
|
|
|
|
|
reserved_ttbr0 = .;
|
|
|
|
|
. += RESERVED_TTBR0_SIZE;
|
|
|
|
|
#endif
|
|
|
|
|
|
2017-03-24 04:00:51 +09:00
|
|
|
__pecoff_data_size = ABSOLUTE(. - __initdata_begin);
|
2012-04-20 22:45:54 +09:00
|
|
|
_end = .;
|
|
|
|
|
|
|
|
|
|
STABS_DEBUG
|
arm64: Update the Image header
Currently the kernel Image is stripped of everything past the initial
stack, and at runtime the memory is initialised and used by the kernel.
This makes the effective minimum memory footprint of the kernel larger
than the size of the loaded binary, though bootloaders have no mechanism
to identify how large this minimum memory footprint is. This makes it
difficult to choose safe locations to place both the kernel and other
binaries required at boot (DTB, initrd, etc), such that the kernel won't
clobber said binaries or other reserved memory during initialisation.
Additionally when big endian support was added the image load offset was
overlooked, and is currently of an arbitrary endianness, which makes it
difficult for bootloaders to make use of it. It seems that bootloaders
aren't respecting the image load offset at present anyway, and are
assuming that offset 0x80000 will always be correct.
This patch adds an effective image size to the kernel header which
describes the amount of memory from the start of the kernel Image binary
which the kernel expects to use before detecting memory and handling any
memory reservations. This can be used by bootloaders to choose suitable
locations to load the kernel and/or other binaries such that the kernel
will not clobber any memory unexpectedly. As before, memory reservations
are required to prevent the kernel from clobbering these locations
later.
Both the image load offset and the effective image size are forced to be
little-endian regardless of the native endianness of the kernel to
enable bootloaders to load a kernel of arbitrary endianness. Bootloaders
which wish to make use of the load offset can inspect the effective
image size field for a non-zero value to determine if the offset is of a
known endianness. To enable software to determine the endinanness of the
kernel as may be required for certain use-cases, a new flags field (also
little-endian) is added to the kernel header to export this information.
The documentation is updated to clarify these details. To discourage
future assumptions regarding the value of text_offset, the value at this
point in time is removed from the main flow of the documentation (though
kept as a compatibility note). Some minor formatting issues in the
documentation are also corrected.
Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Acked-by: Tom Rini <trini@ti.com>
Cc: Geoff Levand <geoff@infradead.org>
Cc: Kevin Hilman <kevin.hilman@linaro.org>
Acked-by: Will Deacon <will.deacon@arm.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>
2014-06-25 00:51:36 +09:00
|
|
|
|
|
|
|
|
HEAD_SYMBOLS
|
2012-04-20 22:45:54 +09:00
|
|
|
}
|
2012-12-08 03:40:43 +09:00
|
|
|
|
|
|
|
|
/*
|
2015-06-01 20:40:33 +09:00
|
|
|
* The HYP init code and ID map text can't be longer than a page each,
|
ARM, arm64: kvm: get rid of the bounce page
The HYP init bounce page is a runtime construct that ensures that the
HYP init code does not cross a page boundary. However, this is something
we can do perfectly well at build time, by aligning the code appropriately.
For arm64, we just align to 4 KB, and enforce that the code size is less
than 4 KB, regardless of the chosen page size.
For ARM, the whole code is less than 256 bytes, so we tweak the linker
script to align at a power of 2 upper bound of the code size
Note that this also fixes a benign off-by-one error in the original bounce
page code, where a bounce page would be allocated unnecessarily if the code
was exactly 1 page in size.
On ARM, it also fixes an issue with very large kernels reported by Arnd
Bergmann, where stub sections with linker emitted veneers could erroneously
trigger the size/alignment ASSERT() in the linker script.
Tested-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2015-03-20 01:42:26 +09:00
|
|
|
* and should not cross a page boundary.
|
2012-12-08 03:40:43 +09:00
|
|
|
*/
|
ARM, arm64: kvm: get rid of the bounce page
The HYP init bounce page is a runtime construct that ensures that the
HYP init code does not cross a page boundary. However, this is something
we can do perfectly well at build time, by aligning the code appropriately.
For arm64, we just align to 4 KB, and enforce that the code size is less
than 4 KB, regardless of the chosen page size.
For ARM, the whole code is less than 256 bytes, so we tweak the linker
script to align at a power of 2 upper bound of the code size
Note that this also fixes a benign off-by-one error in the original bounce
page code, where a bounce page would be allocated unnecessarily if the code
was exactly 1 page in size.
On ARM, it also fixes an issue with very large kernels reported by Arnd
Bergmann, where stub sections with linker emitted veneers could erroneously
trigger the size/alignment ASSERT() in the linker script.
Tested-by: Marc Zyngier <marc.zyngier@arm.com>
Reviewed-by: Marc Zyngier <marc.zyngier@arm.com>
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Signed-off-by: Will Deacon <will.deacon@arm.com>
2015-03-20 01:42:26 +09:00
|
|
|
ASSERT(__hyp_idmap_text_end - (__hyp_idmap_text_start & ~(SZ_4K - 1)) <= SZ_4K,
|
|
|
|
|
"HYP init code too big or misaligned")
|
2015-06-01 20:40:33 +09:00
|
|
|
ASSERT(__idmap_text_end - (__idmap_text_start & ~(SZ_4K - 1)) <= SZ_4K,
|
|
|
|
|
"ID map text too big or misaligned")
|
2016-04-28 01:47:12 +09:00
|
|
|
#ifdef CONFIG_HIBERNATION
|
|
|
|
|
ASSERT(__hibernate_exit_text_end - (__hibernate_exit_text_start & ~(SZ_4K - 1))
|
|
|
|
|
<= SZ_4K, "Hibernate exit text too big or misaligned")
|
|
|
|
|
#endif
|
2014-06-25 00:51:37 +09:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If padding is applied before .head.text, virt<->phys conversions will fail.
|
|
|
|
|
*/
|
2016-02-16 21:52:36 +09:00
|
|
|
ASSERT(_text == (KIMAGE_VADDR + TEXT_OFFSET), "HEAD is misaligned")
|