xref: /linux/arch/x86/kernel/vmlinux.lds.S (revision d7bf4786b5250b0e490a937d1f8a16ee3a54adbe)
1/* SPDX-License-Identifier: GPL-2.0 */
2/*
3 * ld script for the x86 kernel
4 *
5 * Historic 32-bit version written by Martin Mares <mj@atrey.karlin.mff.cuni.cz>
6 *
7 * Modernisation, unification and other changes and fixes:
8 *   Copyright (C) 2007-2009  Sam Ravnborg <sam@ravnborg.org>
9 *
10 *
11 * Don't define absolute symbols until and unless you know that symbol
12 * value is should remain constant even if kernel image is relocated
13 * at run time. Absolute symbols are not relocated. If symbol value should
14 * change if kernel is relocated, make the symbol section relative and
15 * put it inside the section definition.
16 */
17
18#define LOAD_OFFSET __START_KERNEL_map
19
20#define RUNTIME_DISCARD_EXIT
21#define EMITS_PT_NOTE
22#define RO_EXCEPTION_TABLE_ALIGN	16
23
24#include <asm-generic/vmlinux.lds.h>
25#include <asm/asm-offsets.h>
26#include <asm/thread_info.h>
27#include <asm/page_types.h>
28#include <asm/orc_lookup.h>
29#include <asm/cache.h>
30#include <asm/boot.h>
31#include <asm/kexec.h>
32
33#undef i386     /* in case the preprocessor is a 32bit one */
34
35OUTPUT_FORMAT(CONFIG_OUTPUT_FORMAT)
36
37#ifdef CONFIG_X86_32
38OUTPUT_ARCH(i386)
39ENTRY(phys_startup_32)
40#else
41OUTPUT_ARCH(i386:x86-64)
42ENTRY(phys_startup_64)
43#endif
44
45jiffies = jiffies_64;
46const_pcpu_hot = pcpu_hot;
47
48#if defined(CONFIG_X86_64)
49/*
50 * On 64-bit, align RODATA to 2MB so we retain large page mappings for
51 * boundaries spanning kernel text, rodata and data sections.
52 *
53 * However, kernel identity mappings will have different RWX permissions
54 * to the pages mapping to text and to the pages padding (which are freed) the
55 * text section. Hence kernel identity mappings will be broken to smaller
56 * pages. For 64-bit, kernel text and kernel identity mappings are different,
57 * so we can enable protection checks as well as retain 2MB large page
58 * mappings for kernel text.
59 */
60#define X86_ALIGN_RODATA_BEGIN	. = ALIGN(HPAGE_SIZE);
61
62#define X86_ALIGN_RODATA_END					\
63		. = ALIGN(HPAGE_SIZE);				\
64		__end_rodata_hpage_align = .;			\
65		__end_rodata_aligned = .;
66
67#define ALIGN_ENTRY_TEXT_BEGIN	. = ALIGN(PMD_SIZE);
68#define ALIGN_ENTRY_TEXT_END	. = ALIGN(PMD_SIZE);
69
70/*
71 * This section contains data which will be mapped as decrypted. Memory
72 * encryption operates on a page basis. Make this section PMD-aligned
73 * to avoid splitting the pages while mapping the section early.
74 *
75 * Note: We use a separate section so that only this section gets
76 * decrypted to avoid exposing more than we wish.
77 */
78#define BSS_DECRYPTED						\
79	. = ALIGN(PMD_SIZE);					\
80	__start_bss_decrypted = .;				\
81	*(.bss..decrypted);					\
82	. = ALIGN(PAGE_SIZE);					\
83	__start_bss_decrypted_unused = .;			\
84	. = ALIGN(PMD_SIZE);					\
85	__end_bss_decrypted = .;				\
86
87#else
88
89#define X86_ALIGN_RODATA_BEGIN
90#define X86_ALIGN_RODATA_END					\
91		. = ALIGN(PAGE_SIZE);				\
92		__end_rodata_aligned = .;
93
94#define ALIGN_ENTRY_TEXT_BEGIN
95#define ALIGN_ENTRY_TEXT_END
96#define BSS_DECRYPTED
97
98#endif
99#if defined(CONFIG_X86_64) && defined(CONFIG_KEXEC_CORE)
100#define KEXEC_RELOCATE_KERNEL					\
101	. = ALIGN(0x100);					\
102	__relocate_kernel_start = .;				\
103	*(.text..relocate_kernel);				\
104	*(.data..relocate_kernel);				\
105	__relocate_kernel_end = .;
106
107ASSERT(__relocate_kernel_end - __relocate_kernel_start <= KEXEC_CONTROL_CODE_MAX_SIZE,
108	"relocate_kernel code too large!")
109#else
110#define KEXEC_RELOCATE_KERNEL
111#endif
112PHDRS {
113	text PT_LOAD FLAGS(5);          /* R_E */
114	data PT_LOAD FLAGS(6);          /* RW_ */
115#ifdef CONFIG_X86_64
116#ifdef CONFIG_SMP
117	percpu PT_LOAD FLAGS(6);        /* RW_ */
118#endif
119	init PT_LOAD FLAGS(7);          /* RWE */
120#endif
121	note PT_NOTE FLAGS(0);          /* ___ */
122}
123
124SECTIONS
125{
126	. = __START_KERNEL;
127#ifdef CONFIG_X86_32
128	phys_startup_32 = ABSOLUTE(startup_32 - LOAD_OFFSET);
129#else
130	phys_startup_64 = ABSOLUTE(startup_64 - LOAD_OFFSET);
131#endif
132
133	/* Text and read-only data */
134	.text :  AT(ADDR(.text) - LOAD_OFFSET) {
135		_text = .;
136		_stext = .;
137		ALIGN_ENTRY_TEXT_BEGIN
138		*(.text..__x86.rethunk_untrain)
139		ENTRY_TEXT
140
141#ifdef CONFIG_MITIGATION_SRSO
142		/*
143		 * See the comment above srso_alias_untrain_ret()'s
144		 * definition.
145		 */
146		. = srso_alias_untrain_ret | (1 << 2) | (1 << 8) | (1 << 14) | (1 << 20);
147		*(.text..__x86.rethunk_safe)
148#endif
149		ALIGN_ENTRY_TEXT_END
150
151		TEXT_TEXT
152		SCHED_TEXT
153		LOCK_TEXT
154		KPROBES_TEXT
155		SOFTIRQENTRY_TEXT
156#ifdef CONFIG_MITIGATION_RETPOLINE
157		*(.text..__x86.indirect_thunk)
158		*(.text..__x86.return_thunk)
159#endif
160		STATIC_CALL_TEXT
161		*(.gnu.warning)
162
163	} :text = 0xcccccccc
164
165	/* bootstrapping code */
166	.head.text : AT(ADDR(.head.text) - LOAD_OFFSET) {
167		HEAD_TEXT
168	} :text = 0xcccccccc
169
170	/* End of text section, which should occupy whole number of pages */
171	_etext = .;
172	. = ALIGN(PAGE_SIZE);
173
174	X86_ALIGN_RODATA_BEGIN
175	RO_DATA(PAGE_SIZE)
176	X86_ALIGN_RODATA_END
177
178	/* Data */
179	.data : AT(ADDR(.data) - LOAD_OFFSET) {
180		/* Start of data section */
181		_sdata = .;
182
183		/* init_task */
184		INIT_TASK_DATA(THREAD_SIZE)
185
186		/* equivalent to task_pt_regs(&init_task) */
187		__top_init_kernel_stack = __end_init_stack - TOP_OF_KERNEL_STACK_PADDING - PTREGS_SIZE;
188
189#ifdef CONFIG_X86_32
190		/* 32 bit has nosave before _edata */
191		NOSAVE_DATA
192#endif
193
194		PAGE_ALIGNED_DATA(PAGE_SIZE)
195
196		CACHELINE_ALIGNED_DATA(L1_CACHE_BYTES)
197
198		DATA_DATA
199		CONSTRUCTORS
200		KEXEC_RELOCATE_KERNEL
201
202		/* rarely changed data like cpu maps */
203		READ_MOSTLY_DATA(INTERNODE_CACHE_BYTES)
204
205		/* End of data section */
206		_edata = .;
207	} :data
208
209	BUG_TABLE
210
211	ORC_UNWIND_TABLE
212
213	/* Init code and data - will be freed after init */
214	. = ALIGN(PAGE_SIZE);
215	.init.begin : AT(ADDR(.init.begin) - LOAD_OFFSET) {
216		__init_begin = .; /* paired with __init_end */
217	}
218
219#if defined(CONFIG_X86_64) && defined(CONFIG_SMP)
220	/*
221	 * percpu offsets are zero-based on SMP.  PERCPU_VADDR() changes the
222	 * output PHDR, so the next output section - .init.text - should
223	 * start another segment - init.
224	 */
225	PERCPU_VADDR(INTERNODE_CACHE_BYTES, 0, :percpu)
226	ASSERT(SIZEOF(.data..percpu) < CONFIG_PHYSICAL_START,
227	       "per-CPU data too large - increase CONFIG_PHYSICAL_START")
228#endif
229
230	INIT_TEXT_SECTION(PAGE_SIZE)
231#ifdef CONFIG_X86_64
232	:init
233#endif
234
235	/*
236	 * Section for code used exclusively before alternatives are run. All
237	 * references to such code must be patched out by alternatives, normally
238	 * by using X86_FEATURE_ALWAYS CPU feature bit.
239	 *
240	 * See static_cpu_has() for an example.
241	 */
242	.altinstr_aux : AT(ADDR(.altinstr_aux) - LOAD_OFFSET) {
243		*(.altinstr_aux)
244	}
245
246	INIT_DATA_SECTION(16)
247
248	.x86_cpu_dev.init : AT(ADDR(.x86_cpu_dev.init) - LOAD_OFFSET) {
249		__x86_cpu_dev_start = .;
250		*(.x86_cpu_dev.init)
251		__x86_cpu_dev_end = .;
252	}
253
254#ifdef CONFIG_X86_INTEL_MID
255	.x86_intel_mid_dev.init : AT(ADDR(.x86_intel_mid_dev.init) - \
256								LOAD_OFFSET) {
257		__x86_intel_mid_dev_start = .;
258		*(.x86_intel_mid_dev.init)
259		__x86_intel_mid_dev_end = .;
260	}
261#endif
262
263#ifdef CONFIG_MITIGATION_RETPOLINE
264	/*
265	 * List of instructions that call/jmp/jcc to retpoline thunks
266	 * __x86_indirect_thunk_*(). These instructions can be patched along
267	 * with alternatives, after which the section can be freed.
268	 */
269	. = ALIGN(8);
270	.retpoline_sites : AT(ADDR(.retpoline_sites) - LOAD_OFFSET) {
271		__retpoline_sites = .;
272		*(.retpoline_sites)
273		__retpoline_sites_end = .;
274	}
275
276	. = ALIGN(8);
277	.return_sites : AT(ADDR(.return_sites) - LOAD_OFFSET) {
278		__return_sites = .;
279		*(.return_sites)
280		__return_sites_end = .;
281	}
282
283	. = ALIGN(8);
284	.call_sites : AT(ADDR(.call_sites) - LOAD_OFFSET) {
285		__call_sites = .;
286		*(.call_sites)
287		__call_sites_end = .;
288	}
289#endif
290
291#ifdef CONFIG_X86_KERNEL_IBT
292	. = ALIGN(8);
293	.ibt_endbr_seal : AT(ADDR(.ibt_endbr_seal) - LOAD_OFFSET) {
294		__ibt_endbr_seal = .;
295		*(.ibt_endbr_seal)
296		__ibt_endbr_seal_end = .;
297	}
298#endif
299
300#ifdef CONFIG_FINEIBT
301	. = ALIGN(8);
302	.cfi_sites : AT(ADDR(.cfi_sites) - LOAD_OFFSET) {
303		__cfi_sites = .;
304		*(.cfi_sites)
305		__cfi_sites_end = .;
306	}
307#endif
308
309	/*
310	 * struct alt_inst entries. From the header (alternative.h):
311	 * "Alternative instructions for different CPU types or capabilities"
312	 * Think locking instructions on spinlocks.
313	 */
314	. = ALIGN(8);
315	.altinstructions : AT(ADDR(.altinstructions) - LOAD_OFFSET) {
316		__alt_instructions = .;
317		*(.altinstructions)
318		__alt_instructions_end = .;
319	}
320
321	/*
322	 * And here are the replacement instructions. The linker sticks
323	 * them as binary blobs. The .altinstructions has enough data to
324	 * get the address and the length of them to patch the kernel safely.
325	 */
326	.altinstr_replacement : AT(ADDR(.altinstr_replacement) - LOAD_OFFSET) {
327		*(.altinstr_replacement)
328	}
329
330	. = ALIGN(8);
331	.apicdrivers : AT(ADDR(.apicdrivers) - LOAD_OFFSET) {
332		__apicdrivers = .;
333		*(.apicdrivers);
334		__apicdrivers_end = .;
335	}
336
337	. = ALIGN(8);
338	/*
339	 * .exit.text is discarded at runtime, not link time, to deal with
340	 *  references from .altinstructions
341	 */
342	.exit.text : AT(ADDR(.exit.text) - LOAD_OFFSET) {
343		EXIT_TEXT
344	}
345
346	.exit.data : AT(ADDR(.exit.data) - LOAD_OFFSET) {
347		EXIT_DATA
348	}
349
350#if !defined(CONFIG_X86_64) || !defined(CONFIG_SMP)
351	PERCPU_SECTION(INTERNODE_CACHE_BYTES)
352#endif
353
354	RUNTIME_CONST_VARIABLES
355	RUNTIME_CONST(ptr, USER_PTR_MAX)
356
357	. = ALIGN(PAGE_SIZE);
358
359	/* freed after init ends here */
360	.init.end : AT(ADDR(.init.end) - LOAD_OFFSET) {
361		__init_end = .;
362	}
363
364	/*
365	 * smp_locks might be freed after init
366	 * start/end must be page aligned
367	 */
368	. = ALIGN(PAGE_SIZE);
369	.smp_locks : AT(ADDR(.smp_locks) - LOAD_OFFSET) {
370		__smp_locks = .;
371		*(.smp_locks)
372		. = ALIGN(PAGE_SIZE);
373		__smp_locks_end = .;
374	}
375
376#ifdef CONFIG_X86_64
377	.data_nosave : AT(ADDR(.data_nosave) - LOAD_OFFSET) {
378		NOSAVE_DATA
379	}
380#endif
381
382	/* BSS */
383	. = ALIGN(PAGE_SIZE);
384	.bss : AT(ADDR(.bss) - LOAD_OFFSET) {
385		__bss_start = .;
386		*(.bss..page_aligned)
387		. = ALIGN(PAGE_SIZE);
388		*(BSS_MAIN)
389		BSS_DECRYPTED
390		. = ALIGN(PAGE_SIZE);
391		__bss_stop = .;
392	}
393
394	/*
395	 * The memory occupied from _text to here, __end_of_kernel_reserve, is
396	 * automatically reserved in setup_arch(). Anything after here must be
397	 * explicitly reserved using memblock_reserve() or it will be discarded
398	 * and treated as available memory.
399	 */
400	__end_of_kernel_reserve = .;
401
402	. = ALIGN(PAGE_SIZE);
403	.brk : AT(ADDR(.brk) - LOAD_OFFSET) {
404		__brk_base = .;
405		. += 64 * 1024;		/* 64k alignment slop space */
406		*(.bss..brk)		/* areas brk users have reserved */
407		__brk_limit = .;
408	}
409
410	. = ALIGN(PAGE_SIZE);		/* keep VO_INIT_SIZE page aligned */
411	_end = .;
412
413#ifdef CONFIG_AMD_MEM_ENCRYPT
414	/*
415	 * Early scratch/workarea section: Lives outside of the kernel proper
416	 * (_text - _end).
417	 *
418	 * Resides after _end because even though the .brk section is after
419	 * __end_of_kernel_reserve, the .brk section is later reserved as a
420	 * part of the kernel. Since it is located after __end_of_kernel_reserve
421	 * it will be discarded and become part of the available memory. As
422	 * such, it can only be used by very early boot code and must not be
423	 * needed afterwards.
424	 *
425	 * Currently used by SME for performing in-place encryption of the
426	 * kernel during boot. Resides on a 2MB boundary to simplify the
427	 * pagetable setup used for SME in-place encryption.
428	 */
429	. = ALIGN(HPAGE_SIZE);
430	.init.scratch : AT(ADDR(.init.scratch) - LOAD_OFFSET) {
431		__init_scratch_begin = .;
432		*(.init.scratch)
433		. = ALIGN(HPAGE_SIZE);
434		__init_scratch_end = .;
435	}
436#endif
437
438	STABS_DEBUG
439	DWARF_DEBUG
440#ifdef CONFIG_PROPELLER_CLANG
441	.llvm_bb_addr_map : { *(.llvm_bb_addr_map) }
442#endif
443
444	ELF_DETAILS
445
446	DISCARDS
447
448	/*
449	 * Make sure that the .got.plt is either completely empty or it
450	 * contains only the lazy dispatch entries.
451	 */
452	.got.plt (INFO) : { *(.got.plt) }
453	ASSERT(SIZEOF(.got.plt) == 0 ||
454#ifdef CONFIG_X86_64
455	       SIZEOF(.got.plt) == 0x18,
456#else
457	       SIZEOF(.got.plt) == 0xc,
458#endif
459	       "Unexpected GOT/PLT entries detected!")
460
461	/*
462	 * Sections that should stay zero sized, which is safer to
463	 * explicitly check instead of blindly discarding.
464	 */
465	.got : {
466		*(.got) *(.igot.*)
467	}
468	ASSERT(SIZEOF(.got) == 0, "Unexpected GOT entries detected!")
469
470	.plt : {
471		*(.plt) *(.plt.*) *(.iplt)
472	}
473	ASSERT(SIZEOF(.plt) == 0, "Unexpected run-time procedure linkages detected!")
474
475	.rel.dyn : {
476		*(.rel.*) *(.rel_*)
477	}
478	ASSERT(SIZEOF(.rel.dyn) == 0, "Unexpected run-time relocations (.rel) detected!")
479
480	.rela.dyn : {
481		*(.rela.*) *(.rela_*)
482	}
483	ASSERT(SIZEOF(.rela.dyn) == 0, "Unexpected run-time relocations (.rela) detected!")
484}
485
486/*
487 * The ASSERT() sink to . is intentional, for binutils 2.14 compatibility:
488 */
489. = ASSERT((_end - LOAD_OFFSET <= KERNEL_IMAGE_SIZE),
490	   "kernel image bigger than KERNEL_IMAGE_SIZE");
491
492/* needed for Clang - see arch/x86/entry/entry.S */
493PROVIDE(__ref_stack_chk_guard = __stack_chk_guard);
494
495#ifdef CONFIG_X86_64
496/*
497 * Per-cpu symbols which need to be offset from __per_cpu_load
498 * for the boot processor.
499 */
500#define INIT_PER_CPU(x) init_per_cpu__##x = ABSOLUTE(x) + __per_cpu_load
501INIT_PER_CPU(gdt_page);
502INIT_PER_CPU(fixed_percpu_data);
503INIT_PER_CPU(irq_stack_backing_store);
504
505#ifdef CONFIG_SMP
506. = ASSERT((fixed_percpu_data == 0),
507           "fixed_percpu_data is not at start of per-cpu area");
508#endif
509
510#ifdef CONFIG_MITIGATION_UNRET_ENTRY
511. = ASSERT((retbleed_return_thunk & 0x3f) == 0, "retbleed_return_thunk not cacheline-aligned");
512#endif
513
514#ifdef CONFIG_MITIGATION_SRSO
515. = ASSERT((srso_safe_ret & 0x3f) == 0, "srso_safe_ret not cacheline-aligned");
516/*
517 * GNU ld cannot do XOR until 2.41.
518 * https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=f6f78318fca803c4907fb8d7f6ded8295f1947b1
519 *
520 * LLVM lld cannot do XOR until lld-17.
521 * https://github.com/llvm/llvm-project/commit/fae96104d4378166cbe5c875ef8ed808a356f3fb
522 *
523 * Instead do: (A | B) - (A & B) in order to compute the XOR
524 * of the two function addresses:
525 */
526. = ASSERT(((ABSOLUTE(srso_alias_untrain_ret) | srso_alias_safe_ret) -
527		(ABSOLUTE(srso_alias_untrain_ret) & srso_alias_safe_ret)) == ((1 << 2) | (1 << 8) | (1 << 14) | (1 << 20)),
528		"SRSO function pair won't alias");
529#endif
530
531#endif /* CONFIG_X86_64 */
532
533/*
534 * The symbols below are referenced using relative relocations in the
535 * respective ELF notes. This produces build time constants that the
536 * linker will never mark as relocatable. (Using just ABSOLUTE() is not
537 * sufficient for that).
538 */
539#ifdef CONFIG_XEN_PV
540xen_elfnote_entry_value =
541	ABSOLUTE(xen_elfnote_entry) + ABSOLUTE(startup_xen);
542#endif
543#ifdef CONFIG_PVH
544xen_elfnote_phys32_entry_value =
545	ABSOLUTE(xen_elfnote_phys32_entry) + ABSOLUTE(pvh_start_xen - LOAD_OFFSET);
546#endif
547