OvmfPkg: LoadLinuxLib: Fix kernel entry for 64-bit OVMF

We currently just jump to offset 0x200 in the kernel image, in 64-bit
mode. This is completely broken. If it's a 32-bit kernel, we'll be
jumping into the compressed data payload.

If it's a 64-bit kernel, it'll work... but the 0x200 offset is
explicitly marked as 'may change in the future', has already changed
from 0x100 to 0x200 in the past with no fanfare, and bootloaders are
instructed that they should look at the ELF header to find the offset.
So although it does actually work today, it's still broken in the
"someone needs to whipped for doing it this way" sense of the word.

In fact, the same bug exists in other bootloaders so the 0x200 offset
probably *is* now set in stone. But still it's only valid to use it if
we *know* it's a 64-bit kernel. And we don't. There *is* no ELF header
that we can look at when we're booting a bzImage, and we can't rely on
it having a PE/COFF header either.

The 32-bit entry point is always guaranteed to work, and we need to
support it anyway. So let's just *always* use it, in 32-bit mode, and
then we don't have to make up some horrible heuristics for detecting
32-bit vs. 64-bit kernels.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14045 6f19259b-4bc3-4df7-8a09-765794883524

diff --git a/OvmfPkg/Library/LoadLinuxLib/X64/JumpToKernel.S b/OvmfPkg/Library/LoadLinuxLib/X64/JumpToKernel.S
index 9ae755b0674873e7d26963e5d25f59e2c50a8ec9..d9b991b703cb4651280dac1714486b9d0fcc2ccb 100644 (file)
--- a/OvmfPkg/Library/LoadLinuxLib/X64/JumpToKernel.S
+++ b/OvmfPkg/Library/LoadLinuxLib/X64/JumpToKernel.S
@@ -23,8 +23,47 @@ ASM_GLOBAL ASM_PFX(JumpToKernel)
 #   );\r
 #------------------------------------------------------------------------------\r
 ASM_PFX(JumpToKernel):\r
+\r
+    // Set up for executing kernel. BP in %esi, entry point on the stack\r
+    // (64-bit when the 'ret' will use it as 32-bit, but we're little-endian)\r
     movq    %rdx, %rsi\r
-    addq    $0x200, %rcx\r
-    callq   %rcx\r
+    pushq   %rcx\r
+\r
+    // Jump into the compatibility mode CS\r
+    pushq   $0x10\r
+    leaq    1f, %rax\r
+    pushq   %rax\r
+    retfq\r
+\r
+1:  // Now in compatibility mode\r
+.code32\r
+    movl    $0x18, %eax\r
+    movl    %eax, %ds\r
+    movl    %eax, %es\r
+    movl    %eax, %fs\r
+    movl    %eax, %gs\r
+    movl    %eax, %ss\r
+\r
+    // Disable paging\r
+    movl    %cr0, %eax\r
+    btcl    $31, %eax\r
+    movl    %eax, %cr0\r
+\r
+    // Disable long mode in EFER\r
+    movl    $0x0c0000080, %ecx\r
+    rdmsr\r
+    btcl    $8, %eax\r
+    wrmsr\r
+\r
+    // Disable PAE\r
+    movl    %cr4, %eax\r
+    btcl    $5, %eax\r
+    movl    %eax, %cr4\r
+\r
+    // Zero registers and 'return' to kernel\r
+    xorl    %ebp, %ebp\r
+    xorl    %edi, %edi\r
+    xorl    %ebx, %ebx\r
     ret\r
+.code64\r
 \r

diff --git a/OvmfPkg/Library/LoadLinuxLib/X64/JumpToKernel.asm b/OvmfPkg/Library/LoadLinuxLib/X64/JumpToKernel.asm
index ed53321c2303661b35ec66cf02110c4c0d8a46d9..4df9c723aa3f3d534cf8191050c07277b2306d0d 100644 (file)
--- a/OvmfPkg/Library/LoadLinuxLib/X64/JumpToKernel.asm
+++ b/OvmfPkg/Library/LoadLinuxLib/X64/JumpToKernel.asm
@@ -24,10 +24,47 @@
 ;------------------------------------------------------------------------------\r
 JumpToKernel PROC\r
 \r
-    mov     rsi, rdx\r
-    add     rcx, 200h\r
-    call    rcx\r
-    ret\r
+    ; Set up for executing kernel. BP in %esi, entry point on the stack\r
+    ; (64-bit when the 'ret' will use it as 32-bit, but we're little-endian)\r
+    mov    rsi, rdx\r
+    push   rcx\r
+\r
+    ; Jump into the compatibility mode CS\r
+    push    10h\r
+    lea     rax, @F\r
+    push    rax\r
+    DB 048h, 0cbh                      ; retfq\r
+\r
+@@:\r
+    ; Now in compatibility mode.\r
+\r
+    DB 0b8h, 018h, 000h, 000h, 000h    ; movl    $0x18, %eax\r
+    DB 08eh, 0d8h                      ; movl    %eax, %ds\r
+    DB 08eh, 0c0h                      ; movl    %eax, %es\r
+    DB 08eh, 0e0h                      ; movl    %eax, %fs\r
+    DB 08eh, 0e8h                      ; movl    %eax, %gs\r
+    DB 08eh, 0d0h                      ; movl    %eax, %ss\r
+\r
+    ; Disable paging\r
+    DB 00fh, 020h, 0c0h                ; movl    %cr0, %eax\r
+    DB 00fh, 0bah, 0f8h, 01fh          ; btcl    $31, %eax\r
+    DB 00fh, 022h, 0c0h                ; movl    %eax, %cr0\r
+\r
+    ; Disable long mode in EFER\r
+    DB 0b9h, 080h, 000h, 000h, 0c0h    ; movl    $0x0c0000080, %ecx\r
+    DB 00fh, 032h                      ; rdmsr\r
+    DB 00fh, 0bah, 0f8h, 008h          ; btcl    $8, %eax\r
+    DB 00fh, 030h                      ; wrmsr\r
+\r
+    ; Disable PAE\r
+    DB 00fh, 020h, 0e0h                ; movl    %cr4, %eax\r
+    DB 00fh, 0bah, 0f8h, 005h          ; btcl    $5, %eax\r
+    DB 00fh, 022h, 0e0h                ; movl    %eax, %cr4\r
+\r
+    DB 031h, 0edh                      ; xor     %ebp, %ebp\r
+    DB 031h, 0ffh                      ; xor     %edi, %edi\r
+    DB 031h, 0dbh                      ; xor     %ebx, %ebx\r
+    DB 0c3h                            ; ret\r
 \r
 JumpToKernel ENDP\r
 \r