2 * Copyright (C) 2007 Michael Brown <mbrown@fensystems.co.uk>.
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
20 FILE_LICENCE ( GPL2_OR_LATER );
25 * Linux bzImage image format
37 #include <ipxe/uaccess.h>
38 #include <ipxe/image.h>
39 #include <ipxe/segment.h>
40 #include <ipxe/init.h>
41 #include <ipxe/cpio.h>
42 #include <ipxe/features.h>
44 FEATURE ( FEATURE_IMAGE, "bzImage", DHCP_EB_FEATURE_BZIMAGE, 1 );
49 struct bzimage_context {
50 /** Boot protocol version */
52 /** Real-mode kernel portion load segment address */
53 unsigned int rm_kernel_seg;
54 /** Real-mode kernel portion load address */
56 /** Real-mode kernel portion file size */
58 /** Real-mode heap top (offset from rm_kernel) */
60 /** Command line (offset from rm_kernel) */
62 /** Command line maximum length */
64 /** Real-mode kernel portion total memory size */
66 /** Non-real-mode kernel portion load address */
68 /** Non-real-mode kernel portion file and memory size */
71 unsigned int vid_mode;
75 physaddr_t ramdisk_image;
77 physaddr_t ramdisk_size;
79 /** Command line magic block */
80 struct bzimage_cmdline cmdline_magic;
82 struct bzimage_header bzhdr;
86 * Parse bzImage header
88 * @v image bzImage file
89 * @v bzimg bzImage context
90 * @v src bzImage to parse
91 * @ret rc Return status code
93 static int bzimage_parse_header ( struct image *image,
94 struct bzimage_context *bzimg,
100 if ( image->len < ( BZI_HDR_OFFSET + sizeof ( bzimg->bzhdr ) ) ) {
101 DBGC ( image, "bzImage %p too short for kernel header\n",
106 /* Read in header structures */
107 memset ( bzimg, 0, sizeof ( *bzimg ) );
108 copy_from_user ( &bzimg->cmdline_magic, src, BZI_CMDLINE_OFFSET,
109 sizeof ( bzimg->cmdline_magic ) );
110 copy_from_user ( &bzimg->bzhdr, src, BZI_HDR_OFFSET,
111 sizeof ( bzimg->bzhdr ) );
113 /* Calculate size of real-mode portion */
114 bzimg->rm_filesz = ( ( ( bzimg->bzhdr.setup_sects ?
115 bzimg->bzhdr.setup_sects : 4 ) + 1 ) << 9 );
116 if ( bzimg->rm_filesz > image->len ) {
117 DBGC ( image, "bzImage %p too short for %zd byte of setup\n",
118 image, bzimg->rm_filesz );
121 bzimg->rm_memsz = BZI_ASSUMED_RM_SIZE;
123 /* Calculate size of protected-mode portion */
124 bzimg->pm_sz = ( image->len - bzimg->rm_filesz );
125 syssize = ( ( bzimg->pm_sz + 15 ) / 16 );
127 /* Check for signatures and determine version */
128 if ( bzimg->bzhdr.boot_flag != BZI_BOOT_FLAG ) {
129 DBGC ( image, "bzImage %p missing 55AA signature\n", image );
132 if ( bzimg->bzhdr.header == BZI_SIGNATURE ) {
134 bzimg->version = bzimg->bzhdr.version;
136 /* Pre-2.00. Check that the syssize field is correct,
137 * as a guard against accepting arbitrary binary data,
138 * since the 55AA check is pretty lax. Note that the
139 * syssize field is unreliable for protocols between
140 * 2.00 and 2.03 inclusive, so we should not always
143 bzimg->version = 0x0100;
144 if ( bzimg->bzhdr.syssize != syssize ) {
145 DBGC ( image, "bzImage %p bad syssize %x (expected "
146 "%x)\n", image, bzimg->bzhdr.syssize, syssize );
151 /* Determine image type */
152 is_bzimage = ( ( bzimg->version >= 0x0200 ) ?
153 ( bzimg->bzhdr.loadflags & BZI_LOAD_HIGH ) : 0 );
155 /* Calculate load address of real-mode portion */
156 bzimg->rm_kernel_seg = ( is_bzimage ? 0x1000 : 0x9000 );
157 bzimg->rm_kernel = real_to_user ( bzimg->rm_kernel_seg, 0 );
159 /* Allow space for the stack and heap */
160 bzimg->rm_memsz += BZI_STACK_SIZE;
161 bzimg->rm_heap = bzimg->rm_memsz;
163 /* Allow space for the command line */
164 bzimg->rm_cmdline = bzimg->rm_memsz;
165 bzimg->rm_memsz += BZI_CMDLINE_SIZE;
167 /* Calculate load address of protected-mode portion */
168 bzimg->pm_kernel = phys_to_user ( is_bzimage ? BZI_LOAD_HIGH_ADDR
169 : BZI_LOAD_LOW_ADDR );
171 /* Extract video mode */
172 bzimg->vid_mode = bzimg->bzhdr.vid_mode;
174 /* Extract memory limit */
175 bzimg->mem_limit = ( ( bzimg->version >= 0x0203 ) ?
176 bzimg->bzhdr.initrd_addr_max : BZI_INITRD_MAX );
178 /* Extract command line size */
179 bzimg->cmdline_size = ( ( bzimg->version >= 0x0206 ) ?
180 bzimg->bzhdr.cmdline_size : BZI_CMDLINE_SIZE );
182 DBGC ( image, "bzImage %p version %04x RM %#lx+%#zx PM %#lx+%#zx "
183 "cmdlen %zd\n", image, bzimg->version,
184 user_to_phys ( bzimg->rm_kernel, 0 ), bzimg->rm_filesz,
185 user_to_phys ( bzimg->pm_kernel, 0 ), bzimg->pm_sz,
186 bzimg->cmdline_size );
192 * Update bzImage header in loaded kernel
194 * @v image bzImage file
195 * @v bzimg bzImage context
196 * @v dst bzImage to update
198 static void bzimage_update_header ( struct image *image,
199 struct bzimage_context *bzimg,
202 /* Set loader type */
203 if ( bzimg->version >= 0x0200 )
204 bzimg->bzhdr.type_of_loader = BZI_LOADER_TYPE_IPXE;
206 /* Set heap end pointer */
207 if ( bzimg->version >= 0x0201 ) {
208 bzimg->bzhdr.heap_end_ptr = ( bzimg->rm_heap - 0x200 );
209 bzimg->bzhdr.loadflags |= BZI_CAN_USE_HEAP;
212 /* Set command line */
213 if ( bzimg->version >= 0x0202 ) {
214 bzimg->bzhdr.cmd_line_ptr = user_to_phys ( bzimg->rm_kernel,
217 bzimg->cmdline_magic.magic = BZI_CMDLINE_MAGIC;
218 bzimg->cmdline_magic.offset = bzimg->rm_cmdline;
219 if ( bzimg->version >= 0x0200 )
220 bzimg->bzhdr.setup_move_size = bzimg->rm_memsz;
224 bzimg->bzhdr.vid_mode = bzimg->vid_mode;
226 /* Set initrd address */
227 if ( bzimg->version >= 0x0200 ) {
228 bzimg->bzhdr.ramdisk_image = bzimg->ramdisk_image;
229 bzimg->bzhdr.ramdisk_size = bzimg->ramdisk_size;
232 /* Write out header structures */
233 copy_to_user ( dst, BZI_CMDLINE_OFFSET, &bzimg->cmdline_magic,
234 sizeof ( bzimg->cmdline_magic ) );
235 copy_to_user ( dst, BZI_HDR_OFFSET, &bzimg->bzhdr,
236 sizeof ( bzimg->bzhdr ) );
238 DBGC ( image, "bzImage %p vidmode %d\n", image, bzimg->vid_mode );
242 * Parse kernel command line for bootloader parameters
244 * @v image bzImage file
245 * @v bzimg bzImage context
246 * @v cmdline Kernel command line
247 * @ret rc Return status code
249 static int bzimage_parse_cmdline ( struct image *image,
250 struct bzimage_context *bzimg,
251 const char *cmdline ) {
255 /* Look for "vga=" */
256 if ( ( vga = strstr ( cmdline, "vga=" ) ) ) {
258 if ( strcmp ( vga, "normal" ) == 0 ) {
259 bzimg->vid_mode = BZI_VID_MODE_NORMAL;
260 } else if ( strcmp ( vga, "ext" ) == 0 ) {
261 bzimg->vid_mode = BZI_VID_MODE_EXT;
262 } else if ( strcmp ( vga, "ask" ) == 0 ) {
263 bzimg->vid_mode = BZI_VID_MODE_ASK;
265 bzimg->vid_mode = strtoul ( vga, &vga, 0 );
266 if ( *vga && ( *vga != ' ' ) ) {
267 DBGC ( image, "bzImage %p strange \"vga=\""
268 "terminator '%c'\n", image, *vga );
273 /* Look for "mem=" */
274 if ( ( mem = strstr ( cmdline, "mem=" ) ) ) {
276 bzimg->mem_limit = strtoul ( mem, &mem, 0 );
280 bzimg->mem_limit <<= 10;
283 bzimg->mem_limit <<= 10;
286 bzimg->mem_limit <<= 10;
292 DBGC ( image, "bzImage %p strange \"mem=\" "
293 "terminator '%c'\n", image, *mem );
296 bzimg->mem_limit -= 1;
305 * @v image bzImage image
306 * @v bzimg bzImage context
307 * @v cmdline Kernel command line
309 static void bzimage_set_cmdline ( struct image *image,
310 struct bzimage_context *bzimg,
311 const char *cmdline ) {
314 /* Copy command line down to real-mode portion */
315 cmdline_len = ( strlen ( cmdline ) + 1 );
316 if ( cmdline_len > bzimg->cmdline_size )
317 cmdline_len = bzimg->cmdline_size;
318 copy_to_user ( bzimg->rm_kernel, bzimg->rm_cmdline,
319 cmdline, cmdline_len );
320 DBGC ( image, "bzImage %p command line \"%s\"\n", image, cmdline );
324 * Parse standalone image command line for cpio parameters
326 * @v image bzImage file
327 * @v cpio CPIO header
328 * @v cmdline Command line
330 static void bzimage_parse_cpio_cmdline ( struct image *image,
331 struct cpio_header *cpio,
332 const char *cmdline ) {
337 /* Look for "mode=" */
338 if ( ( arg = strstr ( cmdline, "mode=" ) ) ) {
340 mode = strtoul ( arg, &end, 8 /* Octal for file mode */ );
341 if ( *end && ( *end != ' ' ) ) {
342 DBGC ( image, "bzImage %p strange \"mode=\""
343 "terminator '%c'\n", image, *end );
345 cpio_set_field ( cpio->c_mode, ( 0100000 | mode ) );
350 * Align initrd length
353 * @ret len Length rounded up to INITRD_ALIGN
355 static inline size_t bzimage_align ( size_t len ) {
357 return ( ( len + INITRD_ALIGN - 1 ) & ~( INITRD_ALIGN - 1 ) );
363 * @v image bzImage image
364 * @v initrd initrd image
365 * @v address Address at which to load, or UNULL
366 * @ret len Length of loaded image, excluding zero-padding
368 static size_t bzimage_load_initrd ( struct image *image,
369 struct image *initrd,
370 userptr_t address ) {
371 char *filename = initrd->cmdline;
373 struct cpio_header cpio;
378 /* Do not include kernel image itself as an initrd */
379 if ( initrd == image )
382 /* Create cpio header for non-prebuilt images */
383 if ( filename && filename[0] ) {
384 cmdline = strchr ( filename, ' ' );
385 name_len = ( ( cmdline ? ( ( size_t ) ( cmdline - filename ) )
386 : strlen ( filename ) ) + 1 /* NUL */ );
387 memset ( &cpio, '0', sizeof ( cpio ) );
388 memcpy ( cpio.c_magic, CPIO_MAGIC, sizeof ( cpio.c_magic ) );
389 cpio_set_field ( cpio.c_mode, 0100644 );
390 cpio_set_field ( cpio.c_nlink, 1 );
391 cpio_set_field ( cpio.c_filesize, initrd->len );
392 cpio_set_field ( cpio.c_namesize, name_len );
394 bzimage_parse_cpio_cmdline ( image, &cpio,
395 ( cmdline + 1 /* ' ' */ ));
397 offset = ( ( sizeof ( cpio ) + name_len + 0x03 ) & ~0x03 );
403 /* Copy in initrd image body (and cpio header if applicable) */
405 memmove_user ( address, offset, initrd->data, 0, initrd->len );
407 memset_user ( address, 0, 0, offset );
408 copy_to_user ( address, 0, &cpio, sizeof ( cpio ) );
409 copy_to_user ( address, sizeof ( cpio ), filename,
410 ( name_len - 1 /* NUL (or space) */ ) );
412 DBGC ( image, "bzImage %p initrd %p [%#08lx,%#08lx,%#08lx)"
413 "%s%s\n", image, initrd, user_to_phys ( address, 0 ),
414 user_to_phys ( address, offset ),
415 user_to_phys ( address, ( offset + initrd->len ) ),
416 ( filename ? " " : "" ), ( filename ? filename : "" ) );
417 DBGC2_MD5A ( image, user_to_phys ( address, offset ),
418 user_to_virt ( address, offset ), initrd->len );
420 offset += initrd->len;
422 /* Zero-pad to next INITRD_ALIGN boundary */
423 pad_len = ( ( -offset ) & ( INITRD_ALIGN - 1 ) );
425 memset_user ( address, offset, 0, pad_len );
431 * Check that initrds can be loaded
433 * @v image bzImage image
434 * @v bzimg bzImage context
435 * @ret rc Return status code
437 static int bzimage_check_initrds ( struct image *image,
438 struct bzimage_context *bzimg ) {
439 struct image *initrd;
444 /* Calculate total loaded length of initrds */
445 for_each_image ( initrd ) {
448 if ( initrd == image )
451 /* Calculate length */
452 len += bzimage_load_initrd ( image, initrd, UNULL );
453 len = bzimage_align ( len );
455 DBGC ( image, "bzImage %p initrd %p from [%#08lx,%#08lx)%s%s\n",
456 image, initrd, user_to_phys ( initrd->data, 0 ),
457 user_to_phys ( initrd->data, initrd->len ),
458 ( initrd->cmdline ? " " : "" ),
459 ( initrd->cmdline ? initrd->cmdline : "" ) );
460 DBGC2_MD5A ( image, user_to_phys ( initrd->data, 0 ),
461 user_to_virt ( initrd->data, 0 ), initrd->len );
464 /* Calculate lowest usable address */
465 bottom = userptr_add ( bzimg->pm_kernel, bzimg->pm_sz );
467 /* Check that total length fits within space available for
468 * reshuffling. This is a conservative check, since CPIO
469 * headers are not present during reshuffling, but this
470 * doesn't hurt and keeps the code simple.
472 if ( ( rc = initrd_reshuffle_check ( len, bottom ) ) != 0 ) {
473 DBGC ( image, "bzImage %p failed reshuffle check: %s\n",
474 image, strerror ( rc ) );
478 /* Check that total length fits within kernel's memory limit */
479 if ( user_to_phys ( bottom, len ) > bzimg->mem_limit ) {
480 DBGC ( image, "bzImage %p not enough space for initrds\n",
489 * Load initrds, if any
491 * @v image bzImage image
492 * @v bzimg bzImage context
494 static void bzimage_load_initrds ( struct image *image,
495 struct bzimage_context *bzimg ) {
496 struct image *initrd;
497 struct image *highest = NULL;
504 /* Reshuffle initrds into desired order */
505 initrd_reshuffle ( userptr_add ( bzimg->pm_kernel, bzimg->pm_sz ) );
507 /* Find highest initrd */
508 for_each_image ( initrd ) {
509 if ( ( highest == NULL ) ||
510 ( userptr_sub ( initrd->data, highest->data ) > 0 ) ) {
515 /* Do nothing if there are no initrds */
519 /* Find highest usable address */
520 top = userptr_add ( highest->data, bzimage_align ( highest->len ) );
521 if ( user_to_phys ( top, 0 ) > bzimg->mem_limit )
522 top = phys_to_user ( bzimg->mem_limit );
523 DBGC ( image, "bzImage %p loading initrds from %#08lx downwards\n",
524 image, user_to_phys ( top, 0 ) );
526 /* Load initrds in order */
527 for_each_image ( initrd ) {
529 /* Calculate cumulative length of following
530 * initrds (including padding).
533 for_each_image ( other ) {
534 if ( other == initrd )
536 offset += bzimage_load_initrd ( image, other, UNULL );
537 offset = bzimage_align ( offset );
540 /* Load initrd at this address */
541 dest = userptr_add ( top, -offset );
542 len = bzimage_load_initrd ( image, initrd, dest );
544 /* Record initrd location */
545 if ( ! bzimg->ramdisk_image )
546 bzimg->ramdisk_image = user_to_phys ( dest, 0 );
547 bzimg->ramdisk_size = ( user_to_phys ( dest, len ) -
548 bzimg->ramdisk_image );
550 DBGC ( image, "bzImage %p initrds at [%#08lx,%#08lx)\n",
551 image, bzimg->ramdisk_image,
552 ( bzimg->ramdisk_image + bzimg->ramdisk_size ) );
556 * Execute bzImage image
558 * @v image bzImage image
559 * @ret rc Return status code
561 static int bzimage_exec ( struct image *image ) {
562 struct bzimage_context bzimg;
563 const char *cmdline = ( image->cmdline ? image->cmdline : "" );
566 /* Read and parse header from image */
567 if ( ( rc = bzimage_parse_header ( image, &bzimg,
568 image->data ) ) != 0 )
571 /* Prepare segments */
572 if ( ( rc = prep_segment ( bzimg.rm_kernel, bzimg.rm_filesz,
573 bzimg.rm_memsz ) ) != 0 ) {
574 DBGC ( image, "bzImage %p could not prepare RM segment: %s\n",
575 image, strerror ( rc ) );
578 if ( ( rc = prep_segment ( bzimg.pm_kernel, bzimg.pm_sz,
579 bzimg.pm_sz ) ) != 0 ) {
580 DBGC ( image, "bzImage %p could not prepare PM segment: %s\n",
581 image, strerror ( rc ) );
585 /* Parse command line for bootloader parameters */
586 if ( ( rc = bzimage_parse_cmdline ( image, &bzimg, cmdline ) ) != 0)
589 /* Check that initrds can be loaded */
590 if ( ( rc = bzimage_check_initrds ( image, &bzimg ) ) != 0 )
593 /* Remove kernel from image list (without invalidating image pointer) */
594 unregister_image ( image_get ( image ) );
597 memcpy_user ( bzimg.rm_kernel, 0, image->data,
598 0, bzimg.rm_filesz );
599 memcpy_user ( bzimg.pm_kernel, 0, image->data,
600 bzimg.rm_filesz, bzimg.pm_sz );
602 /* Store command line */
603 bzimage_set_cmdline ( image, &bzimg, cmdline );
605 /* Prepare for exiting. Must do this before loading initrds,
606 * since loading the initrds will corrupt the external heap.
610 /* Load any initrds */
611 bzimage_load_initrds ( image, &bzimg );
613 /* Update kernel header */
614 bzimage_update_header ( image, &bzimg, bzimg.rm_kernel );
616 DBGC ( image, "bzImage %p jumping to RM kernel at %04x:0000 "
617 "(stack %04x:%04zx)\n", image, ( bzimg.rm_kernel_seg + 0x20 ),
618 bzimg.rm_kernel_seg, bzimg.rm_heap );
620 /* Jump to the kernel */
621 __asm__ __volatile__ ( REAL_CODE ( "movw %w0, %%ds\n\t"
630 : : "r" ( bzimg.rm_kernel_seg ),
631 "r" ( bzimg.rm_heap ),
632 "r" ( bzimg.rm_kernel_seg + 0x20 ) );
634 /* There is no way for the image to return, since we provide
639 return -ECANCELED; /* -EIMPOSSIBLE */
643 * Probe bzImage image
645 * @v image bzImage file
646 * @ret rc Return status code
648 int bzimage_probe ( struct image *image ) {
649 struct bzimage_context bzimg;
652 /* Read and parse header from image */
653 if ( ( rc = bzimage_parse_header ( image, &bzimg,
654 image->data ) ) != 0 )
660 /** Linux bzImage image type */
661 struct image_type bzimage_image_type __image_type ( PROBE_NORMAL ) = {
663 .probe = bzimage_probe,
664 .exec = bzimage_exec,