xref: /optee_os/core/arch/arm/kernel/kern.ld.S (revision 2cd578baae174c61b35a48d9016facbcc0fffbfe) 
1/* SPDX-License-Identifier: (BSD-2-Clause AND MIT) */
2/*
3 * Copyright (c) 2014, Linaro Limited
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright notice,
13 * this list of conditions and the following disclaimer in the documentation
14 * and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29/*
30 * Copyright (c) 2008-2010 Travis Geiselbrecht
31 *
32 * Permission is hereby granted, free of charge, to any person obtaining
33 * a copy of this software and associated documentation files
34 * (the "Software"), to deal in the Software without restriction,
35 * including without limitation the rights to use, copy, modify, merge,
36 * publish, distribute, sublicense, and/or sell copies of the Software,
37 * and to permit persons to whom the Software is furnished to do so,
38 * subject to the following conditions:
39 *
40 * The above copyright notice and this permission notice shall be
41 * included in all copies or substantial portions of the Software.
42 *
43 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
44 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
45 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
46 * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
47 * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
48 * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
49 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
50 */
51
52#include <mm/core_mmu.h>
53#include <platform_config.h>
54#include <util.h>
55
56/*
57 * Note:
58 * Clang 11 (ld.lld) generates non-relocatable reference when using ROUNDDOWN()
59 * from <util.h>, which does not work with ASLR.
60 */
61#define LD_ROUNDDOWN(x, y) ((x) - ((x) % (y)))
62
63OUTPUT_FORMAT(CFG_KERN_LINKER_FORMAT)
64OUTPUT_ARCH(CFG_KERN_LINKER_ARCH)
65
66ENTRY(_start)
67SECTIONS
68{
69	. = TEE_LOAD_ADDR;
70	ASSERT(!(TEE_LOAD_ADDR & (SMALL_PAGE_SIZE - 1)),
71	       "text start should be page aligned")
72	__text_start = .;
73
74	/*
75	 * Memory between TEE_LOAD_ADDR and page aligned rounded down
76	 * value will be mapped with unpaged "text" section attributes:
77	 * likely to be read-only/executable.
78	 */
79	__flatmap_unpg_rx_start = LD_ROUNDDOWN(__text_start, SMALL_PAGE_SIZE);
80
81	.text : {
82		KEEP(*(.text._start))
83		__identity_map_init_start = .;
84		__text_data_start = .;
85		*(.identity_map.data)
86		__text_data_end = .;
87		*(.identity_map .identity_map.* \
88			/*
89			 * The one below is needed because it's a weak
90			 * symbol that may be overridden by platform
91			 * specific code.
92			 */
93		  .text.get_core_pos_mpidr)
94		__identity_map_init_end = .;
95		KEEP(*(.text.init .text.plat_cpu_reset_early \
96		       .text.reset .text.reset_primary .text.unhandled_cpu \
97		       .text.__assert_flat_mapped_range))
98
99#ifdef CFG_WITH_PAGER
100		*(.text)
101/* Include list of sections needed for paging */
102#include <text_unpaged.ld.S>
103#else
104		*(.text .text.*)
105#endif
106		*(.sram.text.glue_7* .gnu.linkonce.t.*)
107		. = ALIGN(8);
108	}
109	__text_end = .;
110
111#ifdef CFG_CORE_RODATA_NOEXEC
112	. = ALIGN(SMALL_PAGE_SIZE);
113#endif
114	__flatmap_unpg_rx_size = . - __flatmap_unpg_rx_start;
115	__flatmap_unpg_ro_start = .;
116
117	.rodata : ALIGN(8) {
118		__rodata_start = .;
119		*(.gnu.linkonce.r.*)
120#ifdef CFG_WITH_PAGER
121		*(.rodata .rodata.__unpaged .rodata.__unpaged.*)
122#include <rodata_unpaged.ld.S>
123#else
124		*(.rodata .rodata.*)
125#ifndef CFG_CORE_ASLR
126		. = ALIGN(8);
127		KEEP(*(SORT(.scattered_array*)));
128#endif
129#endif
130		. = ALIGN(8);
131		__rodata_end = .;
132	}
133
134#if defined(CFG_CORE_ASLR)
135	.data.rel.ro : {
136#if !defined(CFG_WITH_PAGER)
137		. = ALIGN(8);
138		KEEP(*(SORT(.scattered_array*)));
139#endif
140		*(.data.rel.ro.__unpaged .data.rel.ro.__unpaged.*)
141	}
142#endif
143
144	.got : { *(.got.plt) *(.got) }
145	.note.gnu.property : { *(.note.gnu.property) }
146	.plt : { *(.plt) }
147
148	.ctors : ALIGN(8) {
149		__ctor_list = .;
150		KEEP(*(.ctors .ctors.* .init_array .init_array.*))
151		__ctor_end = .;
152	}
153	.dtors : ALIGN(8) {
154		__dtor_list = .;
155		KEEP(*(.dtors .dtors.* .fini_array .fini_array.*))
156		__dtor_end = .;
157	}
158
159	/* .ARM.exidx is sorted, so has to go in its own output section.  */
160	.ARM.exidx : ALIGN(8) {
161		__exidx_start = .;
162		*(.ARM.exidx* .gnu.linkonce.armexidx.*)
163		__exidx_end = .;
164	}
165
166	.ARM.extab : ALIGN(8) {
167		__extab_start = .;
168		*(.ARM.extab*)
169		__extab_end = .;
170	}
171
172	/* Start page aligned read-write memory */
173#ifdef CFG_CORE_RWDATA_NOEXEC
174	. = ALIGN(SMALL_PAGE_SIZE);
175#endif
176	__flatmap_unpg_ro_size = . - __flatmap_unpg_ro_start;
177
178#ifdef CFG_NS_VIRTUALIZATION
179	__flatmap_nex_rw_start = . ;
180	.nex_data : ALIGN(8) {
181		*(.nex_data .nex_data.*)
182	}
183
184	.nex_bss : ALIGN(8) {
185		__nex_bss_start = .;
186		*(.nex_bss .nex_bss.*)
187		__nex_bss_end = .;
188	}
189
190	/*
191	 * We want to keep all nexus memory in one place, because
192	 * it should be always mapped and it is easier to map one
193	 * memory region than two.
194	 * Next section are NOLOAD ones, but they are followed
195	 * by sections with data. Thus, this NOLOAD section will
196	 * be included in the resulting binary, filled with zeroes
197	 */
198	.nex_stack (NOLOAD) : {
199		__nozi_stack_start = .;
200		KEEP(*(.nozi_stack.stack_tmp .nozi_stack.stack_abt))
201		. = ALIGN(8);
202		__nozi_stack_end = .;
203	}
204
205	.nex_heap (NOLOAD) : {
206		__nex_heap_start = .;
207		. += CFG_CORE_NEX_HEAP_SIZE;
208		. = ALIGN(16 * 1024);
209		__nex_heap_end = .;
210	}
211	.nex_nozi (NOLOAD) : {
212		ASSERT(!(ABSOLUTE(.) & (16 * 1024 - 1)), "align nozi to 16kB");
213		KEEP(*(.nozi.mmu.base_table .nozi.mmu.l2))
214	}
215
216	. = ALIGN(SMALL_PAGE_SIZE);
217
218	__flatmap_nex_rw_size = . - __flatmap_nex_rw_start;
219	__flatmap_nex_rw_end = .;
220#endif
221
222	__flatmap_unpg_rw_start = .;
223
224	.data : ALIGN(8) {
225		/* writable data  */
226		__data_start_rom = .;
227		/* in one segment binaries, the rom data address is on top
228		   of the ram data address */
229		__data_start = .;
230		*(.data .data.* .gnu.linkonce.d.*)
231		. = ALIGN(8);
232	}
233
234	/* unintialized data */
235	.bss : {
236		__data_end = .;
237		__bss_start = .;
238		*(.bss .bss.*)
239		*(.gnu.linkonce.b.*)
240		*(COMMON)
241		. = ALIGN(8);
242		__bss_end = .;
243	}
244
245	.heap1 (NOLOAD) : {
246		/*
247		 * We're keeping track of the padding added before the
248		 * .nozi section so we can do something useful with
249		 * this otherwise wasted memory.
250		 */
251		__heap1_start = .;
252#ifndef CFG_WITH_PAGER
253		. += CFG_CORE_HEAP_SIZE;
254#endif
255#ifdef CFG_WITH_LPAE
256		. = ALIGN(4 * 1024);
257#else
258		. = ALIGN(16 * 1024);
259#endif
260		__heap1_end = .;
261	}
262	/*
263	 * Uninitialized data that shouldn't be zero initialized at
264	 * runtime.
265	 *
266	 * L1 mmu table requires 16 KiB alignment
267	 */
268	.nozi (NOLOAD) : {
269		__nozi_start = .;
270		KEEP(*(.nozi .nozi.*))
271		. = ALIGN(16);
272		__nozi_end = .;
273		/*
274		 * If virtualization is enabled, abt and tmp stacks will placed
275		 * at above .nex_stack section and thread stacks will go there
276		 */
277		__nozi_stack_start = .;
278		KEEP(*(.nozi_stack .nozi_stack.*))
279		. = ALIGN(8);
280		__nozi_stack_end = .;
281	}
282#ifndef CFG_WITH_PAGER
283	. = ALIGN(SMALL_PAGE_SIZE);
284	__flatmap_free_start = .;
285	__flatmap_unpg_rw_size = __flatmap_free_start - __flatmap_unpg_rw_start;
286#else
287	.heap2 (NOLOAD) : {
288		__heap2_start = .;
289		/*
290		 * Reserve additional memory for heap, the total should be
291		 * at least CFG_CORE_HEAP_SIZE, but count what has already
292		 * been reserved in .heap1
293		 */
294		. += CFG_CORE_HEAP_SIZE - (__heap1_end - __heap1_start);
295		. = ALIGN(SMALL_PAGE_SIZE);
296		__heap2_end = .;
297	}
298
299	/* Start page aligned read-only memory */
300	__flatmap_unpg_rw_size = . - __flatmap_unpg_rw_start;
301
302	__init_start = .;
303	__flatmap_init_rx_start = .;
304
305	ASSERT(!(__flatmap_init_rx_start & (SMALL_PAGE_SIZE - 1)),
306		"read-write memory is not paged aligned")
307
308	.text_init : {
309		__text_init_start = .;
310/*
311 * Include list of sections needed for boot initialization, this list
312 * overlaps with unpaged.ld.S but since unpaged.ld.S is first all those
313 * sections will go into the unpaged area.
314 */
315#include <text_init.ld.S>
316		KEEP(*(.text.startup.*));
317		/* Make sure constructor functions are available during init */
318		KEEP(*(.text._GLOBAL__sub_*));
319		. = ALIGN(8);
320		__text_init_end = .;
321	}
322
323#ifdef CFG_CORE_RODATA_NOEXEC
324	. = ALIGN(SMALL_PAGE_SIZE);
325#endif
326	__flatmap_init_rx_size = . - __flatmap_init_rx_start;
327	__flatmap_init_ro_start = .;
328
329	.rodata_init : {
330		__rodata_init_start = .;
331#include <rodata_init.ld.S>
332#ifndef CFG_CORE_ASLR
333		. = ALIGN(8);
334		KEEP(*(SORT(.scattered_array*)));
335#endif
336		__rodata_init_end = .;
337	}
338#ifdef CFG_CORE_ASLR
339	.data.rel.ro_init : ALIGN(8) {
340		KEEP(*(SORT(.scattered_array*)));
341	}
342#endif
343	. = ALIGN(8);
344	__ro_and_relro_data_init_end = .;
345
346	__init_end = ALIGN(__ro_and_relro_data_init_end, SMALL_PAGE_SIZE);
347	__get_tee_init_end = __init_end;
348	__init_size = __init_end - __init_start;
349
350	/* vcore flat map stops here. No need to page align, rodata follows. */
351	__flatmap_init_ro_size = __init_end - __flatmap_init_ro_start;
352
353	.rodata_pageable : ALIGN(8) {
354		__rodata_pageable_start = .;
355		*(.rodata*)
356		__rodata_pageable_end = .;
357	}
358
359#ifdef CFG_CORE_RODATA_NOEXEC
360	. = ALIGN(SMALL_PAGE_SIZE);
361#endif
362
363	.text_pageable : ALIGN(8) {
364		__text_pageable_start = .;
365		*(.text*)
366		. = ALIGN(SMALL_PAGE_SIZE);
367		__text_pageable_end = .;
368	}
369
370	__pageable_part_end = .;
371	__pageable_part_start = __init_end;
372	__pageable_start = __init_start;
373	__pageable_end = __pageable_part_end;
374
375	ASSERT(TEE_LOAD_ADDR >= TEE_RAM_START,
376		"Load address before start of physical memory")
377	ASSERT(TEE_LOAD_ADDR < (TEE_RAM_START + TEE_RAM_PH_SIZE),
378		"Load address after end of physical memory")
379	ASSERT((TEE_RAM_START + TEE_RAM_PH_SIZE - __init_end) >
380		SMALL_PAGE_SIZE * 2 +
381		(__pageable_end - __pageable_start) / 4096 * 32 +
382		SIZEOF(.rel) / 2 + SIZEOF(.rela) / 3 ,
383		"Too few free pages to initialize paging")
384
385
386#endif /*CFG_WITH_PAGER*/
387
388#ifdef CFG_CORE_SANITIZE_KADDRESS
389	/*
390	 * Guard against moving the location counter backwards in the assignment
391	 * below.
392	 */
393	ASSERT(. <= (TEE_RAM_START + (TEE_RAM_VA_SIZE * 8) / 9 - 8),
394		"TEE_RAM_VA_SIZE is too small")
395	. = TEE_RAM_START + (TEE_RAM_VA_SIZE * 8) / 9 - 8;
396	. = ALIGN(8);
397#ifndef CFG_WITH_PAGER
398	__flatmap_free_size = LD_ROUNDDOWN(. - __flatmap_free_start,
399					   SMALL_PAGE_SIZE);
400#endif
401	.asan_shadow : {
402		__asan_shadow_start = .;
403		. += TEE_RAM_VA_SIZE / 9;
404		__asan_shadow_end = .;
405		__asan_shadow_size = __asan_shadow_end - __asan_shadow_start;
406	}
407#endif /*CFG_CORE_SANITIZE_KADDRESS*/
408
409	__end = .;
410
411#ifndef CFG_WITH_PAGER
412	__init_size = __data_end - TEE_LOAD_ADDR;
413#endif
414	/*
415	 * Guard against moving the location counter backwards in the assignment
416	 * below.
417	 */
418	ASSERT(. <= (TEE_RAM_START + TEE_RAM_VA_SIZE),
419		"TEE_RAM_VA_SIZE is too small")
420	. = TEE_RAM_START + TEE_RAM_VA_SIZE;
421
422	_end_of_ram = .;
423
424#ifndef CFG_WITH_PAGER
425	__get_tee_init_end = .;
426#ifndef CFG_CORE_SANITIZE_KADDRESS
427	__flatmap_free_size = _end_of_ram - __flatmap_free_start;
428#endif
429#endif
430
431	/*
432	 * These regions will not become a normal part of the dumped
433	 * binary, instead some are interpreted by the dump script and
434	 * converted into suitable format for OP-TEE itself to use.
435	 */
436	.dynamic : { *(.dynamic) }
437	.hash : { *(.hash) }
438	.dynsym : { *(.dynsym) }
439	.dynstr : { *(.dynstr) }
440
441	.rel : {
442		*(.rel.*)
443	}
444	.rela : {
445		*(.rela.*)
446	}
447#if !defined(CFG_CORE_ASLR) && !defined(CFG_CORE_PHYS_RELOCATABLE)
448	ASSERT(SIZEOF(.rel) == 0, "Relocation entries not expected")
449	ASSERT(SIZEOF(.rela) == 0, "Relocation entries not expected")
450#endif
451
452	/DISCARD/ : {
453		/* Strip unnecessary stuff */
454		*(.comment .note .eh_frame .interp)
455		/* Strip meta variables */
456		*(__keep_meta_vars*)
457	}
458
459}
460
461/* Unpaged read-only memories */
462__vcore_unpg_rx_start = __flatmap_unpg_rx_start;
463__vcore_unpg_ro_start = __flatmap_unpg_ro_start;
464#ifdef CFG_CORE_RODATA_NOEXEC
465__vcore_unpg_rx_size = __flatmap_unpg_rx_size;
466__vcore_unpg_ro_size = __flatmap_unpg_ro_size;
467#else
468__vcore_unpg_rx_size = __flatmap_unpg_rx_size + __flatmap_unpg_ro_size;
469__vcore_unpg_ro_size = 0;
470#endif
471__vcore_unpg_rx_end = __vcore_unpg_rx_start + __vcore_unpg_rx_size;
472__vcore_unpg_ro_end = __vcore_unpg_ro_start + __vcore_unpg_ro_size;
473
474/* Unpaged read-write memory */
475__vcore_unpg_rw_start = __flatmap_unpg_rw_start;
476__vcore_unpg_rw_size = __flatmap_unpg_rw_size;
477__vcore_unpg_rw_end = __vcore_unpg_rw_start + __vcore_unpg_rw_size;
478
479#ifndef CFG_WITH_PAGER
480__vcore_free_start = __flatmap_free_start;
481__vcore_free_size = __flatmap_free_size;
482__vcore_free_end = __flatmap_free_start + __flatmap_free_size;
483#endif
484
485#ifdef CFG_NS_VIRTUALIZATION
486/* Nexus read-write memory */
487__vcore_nex_rw_start = __flatmap_nex_rw_start;
488__vcore_nex_rw_size = __flatmap_nex_rw_size;
489__vcore_nex_rw_end = __vcore_nex_rw_start + __vcore_nex_rw_size;
490#endif
491
492#ifdef CFG_WITH_PAGER
493/* Paged/init read-only memories */
494__vcore_init_rx_start = __flatmap_init_rx_start;
495#ifdef CFG_CORE_RODATA_NOEXEC
496__vcore_init_rx_size = __flatmap_init_rx_size;
497__vcore_init_ro_start = __flatmap_init_ro_start;
498__vcore_init_ro_size = __flatmap_init_ro_size;
499#else
500__vcore_init_rx_size = __flatmap_init_rx_size + __flatmap_init_ro_size;
501__vcore_init_ro_start = __vcore_init_rx_end;
502__vcore_init_ro_size = 0;
503#endif /* CFG_CORE_RODATA_NOEXEC */
504__vcore_init_rx_end = __vcore_init_rx_start + __vcore_init_rx_size;
505__vcore_init_ro_end = __vcore_init_ro_start + __vcore_init_ro_size;
506ASSERT(__vcore_init_ro_start == __vcore_init_rx_end,
507       "__vcore_init_ro_start should follow __vcore_init_rx_end")
508#endif /* CFG_WITH_PAGER */
509
510#ifdef CFG_CORE_SANITIZE_KADDRESS
511__asan_map_start = (__asan_shadow_start / SMALL_PAGE_SIZE) *
512		   SMALL_PAGE_SIZE;
513__asan_map_end = ((__asan_shadow_end - 1) / SMALL_PAGE_SIZE) *
514		 SMALL_PAGE_SIZE + SMALL_PAGE_SIZE;
515__asan_map_size = __asan_map_end - __asan_map_start;
516#endif /*CFG_CORE_SANITIZE_KADDRESS*/
517