xref: /optee_os/core/arch/arm/kernel/kern.ld.S (revision c0af48e60848a9873f145d65ccdc0ad36bc43afb) 
1/* SPDX-License-Identifier: (BSD-2-Clause AND MIT) */
2/*
3 * Copyright (c) 2014, Linaro Limited
4 * All rights reserved.
5 *
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions are met:
8 *
9 * 1. Redistributions of source code must retain the above copyright notice,
10 * this list of conditions and the following disclaimer.
11 *
12 * 2. Redistributions in binary form must reproduce the above copyright notice,
13 * this list of conditions and the following disclaimer in the documentation
14 * and/or other materials provided with the distribution.
15 *
16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26 * POSSIBILITY OF SUCH DAMAGE.
27 */
28
29/*
30 * Copyright (c) 2008-2010 Travis Geiselbrecht
31 *
32 * Permission is hereby granted, free of charge, to any person obtaining
33 * a copy of this software and associated documentation files
34 * (the "Software"), to deal in the Software without restriction,
35 * including without limitation the rights to use, copy, modify, merge,
36 * publish, distribute, sublicense, and/or sell copies of the Software,
37 * and to permit persons to whom the Software is furnished to do so,
38 * subject to the following conditions:
39 *
40 * The above copyright notice and this permission notice shall be
41 * included in all copies or substantial portions of the Software.
42 *
43 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
44 * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
45 * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
46 * IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
47 * CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
48 * TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
49 * SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
50 */
51
52#include <mm/core_mmu.h>
53#include <platform_config.h>
54#include <util.h>
55
56/*
57 * TEE_RAM_VA_START:            The start virtual address of the TEE RAM
58 * TEE_TEXT_VA_START:           The start virtual address of the OP-TEE text
59 */
60#define TEE_RAM_VA_START        TEE_RAM_START
61#define TEE_TEXT_VA_START       (TEE_RAM_VA_START + \
62					(TEE_LOAD_ADDR - TEE_RAM_START))
63
64/*
65 * Note:
66 * Clang 11 (ld.lld) generates non-relocatable reference when using ROUNDDOWN()
67 * from <util.h>, which does not work with ASLR.
68 */
69#define LD_ROUNDDOWN(x, y) ((x) - ((x) % (y)))
70
71OUTPUT_FORMAT(CFG_KERN_LINKER_FORMAT)
72OUTPUT_ARCH(CFG_KERN_LINKER_ARCH)
73
74ENTRY(_start)
75SECTIONS
76{
77	. = TEE_TEXT_VA_START;
78#ifdef ARM32
79	ASSERT(!(TEE_TEXT_VA_START & 31), "text start should align to 32bytes")
80#endif
81#ifdef ARM64
82	ASSERT(!(TEE_TEXT_VA_START & 127), "text start should align to 128bytes")
83#endif
84	__text_start = .;
85
86	/*
87	 * Memory between TEE_TEXT_VA_START and page aligned rounded down
88	 * value will be mapped with unpaged "text" section attributes:
89	 * likely to be read-only/executable.
90	 */
91	__flatmap_unpg_rx_start = LD_ROUNDDOWN(__text_start, SMALL_PAGE_SIZE);
92
93	.text : {
94		KEEP(*(.text._start))
95		__identity_map_init_start = .;
96		__text_data_start = .;
97		*(.identity_map.data)
98		__text_data_end = .;
99		*(.identity_map .identity_map.* \
100			/*
101			 * The one below is needed because it's a weak
102			 * symbol that may be overridden by platform
103			 * specific code.
104			 */
105		  .text.get_core_pos_mpidr)
106		__identity_map_init_end = .;
107		KEEP(*(.text.init .text.plat_cpu_reset_early \
108		       .text.reset .text.reset_primary .text.unhandled_cpu \
109		       .text.__assert_flat_mapped_range))
110
111#ifdef CFG_WITH_PAGER
112		*(.text)
113/* Include list of sections needed for paging */
114#include <text_unpaged.ld.S>
115#else
116		*(.text .text.*)
117#endif
118		*(.sram.text.glue_7* .gnu.linkonce.t.*)
119		. = ALIGN(8);
120	}
121	__text_end = .;
122
123#ifdef CFG_CORE_RODATA_NOEXEC
124	. = ALIGN(SMALL_PAGE_SIZE);
125#endif
126	__flatmap_unpg_rx_size = . - __flatmap_unpg_rx_start;
127	__flatmap_unpg_ro_start = .;
128
129	.rodata : ALIGN(8) {
130		__rodata_start = .;
131		*(.gnu.linkonce.r.*)
132#ifdef CFG_WITH_PAGER
133		*(.rodata .rodata.__unpaged .rodata.__unpaged.*)
134#include <rodata_unpaged.ld.S>
135#else
136		*(.rodata .rodata.*)
137#ifndef CFG_CORE_ASLR
138		. = ALIGN(8);
139		KEEP(*(SORT(.scattered_array*)));
140#endif
141#endif
142		. = ALIGN(8);
143		__rodata_end = .;
144	}
145
146#if !defined(CFG_WITH_PAGER) && defined(CFG_CORE_ASLR)
147	.data.rel.ro : ALIGN(8) {
148		KEEP(*(SORT(.scattered_array*)));
149	}
150#endif
151
152	.got : { *(.got.plt) *(.got) }
153	.note.gnu.property : { *(.note.gnu.property) }
154	.plt : { *(.plt) }
155
156	.ctors : ALIGN(8) {
157		__ctor_list = .;
158		KEEP(*(.ctors .ctors.* .init_array .init_array.*))
159		__ctor_end = .;
160	}
161	.dtors : ALIGN(8) {
162		__dtor_list = .;
163		KEEP(*(.dtors .dtors.* .fini_array .fini_array.*))
164		__dtor_end = .;
165	}
166
167	/* .ARM.exidx is sorted, so has to go in its own output section.  */
168	.ARM.exidx : {
169		__exidx_start = .;
170		*(.ARM.exidx* .gnu.linkonce.armexidx.*)
171		__exidx_end = .;
172	}
173
174	.ARM.extab : {
175		__extab_start = .;
176		*(.ARM.extab*)
177		__extab_end = .;
178	}
179
180	/* Start page aligned read-write memory */
181#ifdef CFG_CORE_RWDATA_NOEXEC
182	. = ALIGN(SMALL_PAGE_SIZE);
183#endif
184	__flatmap_unpg_ro_size = . - __flatmap_unpg_ro_start;
185
186#ifdef CFG_VIRTUALIZATION
187	__flatmap_nex_rw_start = . ;
188	.nex_data : ALIGN(8) {
189		*(.nex_data .nex_data.*)
190	}
191
192	.nex_bss : ALIGN(8) {
193		__nex_bss_start = .;
194		*(.nex_bss .nex_bss.*)
195		__nex_bss_end = .;
196	}
197
198	/*
199	 * We want to keep all nexus memory in one place, because
200	 * it should be always mapped and it is easier to map one
201	 * memory region than two.
202	 * Next section are NOLOAD ones, but they are followed
203	 * by sections with data. Thus, this NOLOAD section will
204	 * be included in the resulting binary, filled with zeroes
205	 */
206	.nex_stack (NOLOAD) : {
207		__nozi_stack_start = .;
208		KEEP(*(.nozi_stack.stack_tmp .nozi_stack.stack_abt))
209		. = ALIGN(8);
210		__nozi_stack_end = .;
211	}
212
213	.nex_heap (NOLOAD) : {
214		__nex_heap_start = .;
215		. += CFG_CORE_NEX_HEAP_SIZE;
216		. = ALIGN(16 * 1024);
217		__nex_heap_end = .;
218	}
219	.nex_nozi (NOLOAD) : {
220		ASSERT(!(ABSOLUTE(.) & (16 * 1024 - 1)), "align nozi to 16kB");
221		KEEP(*(.nozi.mmu.base_table .nozi.mmu.l2))
222	}
223
224	. = ALIGN(SMALL_PAGE_SIZE);
225
226	__flatmap_nex_rw_size = . - __flatmap_nex_rw_start;
227	__flatmap_nex_rw_end = .;
228#endif
229
230	__flatmap_unpg_rw_start = .;
231
232	.data : ALIGN(8) {
233		/* writable data  */
234		__data_start_rom = .;
235		/* in one segment binaries, the rom data address is on top
236		   of the ram data address */
237		__data_start = .;
238		*(.data .data.* .gnu.linkonce.d.*)
239		. = ALIGN(8);
240	}
241
242	/* unintialized data */
243	.bss : {
244		__data_end = .;
245		__bss_start = .;
246		*(.bss .bss.*)
247		*(.gnu.linkonce.b.*)
248		*(COMMON)
249		. = ALIGN(8);
250		__bss_end = .;
251	}
252
253	.heap1 (NOLOAD) : {
254		/*
255		 * We're keeping track of the padding added before the
256		 * .nozi section so we can do something useful with
257		 * this otherwise wasted memory.
258		 */
259		__heap1_start = .;
260#ifndef CFG_WITH_PAGER
261		. += CFG_CORE_HEAP_SIZE;
262#endif
263#ifdef CFG_WITH_LPAE
264		. = ALIGN(4 * 1024);
265#else
266		. = ALIGN(16 * 1024);
267#endif
268		__heap1_end = .;
269	}
270	/*
271	 * Uninitialized data that shouldn't be zero initialized at
272	 * runtime.
273	 *
274	 * L1 mmu table requires 16 KiB alignment
275	 */
276	.nozi (NOLOAD) : {
277		__nozi_start = .;
278		KEEP(*(.nozi .nozi.*))
279		. = ALIGN(16);
280		__nozi_end = .;
281		/*
282		 * If virtualization is enabled, abt and tmp stacks will placed
283		 * at above .nex_stack section and thread stacks will go there
284		 */
285		__nozi_stack_start = .;
286		KEEP(*(.nozi_stack .nozi_stack.*))
287		. = ALIGN(8);
288		__nozi_stack_end = .;
289	}
290
291#ifdef CFG_WITH_PAGER
292	.heap2 (NOLOAD) : {
293		__heap2_start = .;
294		/*
295		 * Reserve additional memory for heap, the total should be
296		 * at least CFG_CORE_HEAP_SIZE, but count what has already
297		 * been reserved in .heap1
298		 */
299		. += CFG_CORE_HEAP_SIZE - (__heap1_end - __heap1_start);
300		. = ALIGN(SMALL_PAGE_SIZE);
301		__heap2_end = .;
302	}
303
304	/* Start page aligned read-only memory */
305	__flatmap_unpg_rw_size = . - __flatmap_unpg_rw_start;
306
307	__init_start = .;
308	__flatmap_init_rx_start = .;
309
310	ASSERT(!(__flatmap_init_rx_start & (SMALL_PAGE_SIZE - 1)),
311		"read-write memory is not paged aligned")
312
313	.text_init : {
314/*
315 * Include list of sections needed for boot initialization, this list
316 * overlaps with unpaged.ld.S but since unpaged.ld.S is first all those
317 * sections will go into the unpaged area.
318 */
319#include <text_init.ld.S>
320		KEEP(*(.text.startup.*));
321		/* Make sure constructor functions are available during init */
322		KEEP(*(.text._GLOBAL__sub_*));
323		. = ALIGN(8);
324	}
325
326#ifdef CFG_CORE_RODATA_NOEXEC
327	. = ALIGN(SMALL_PAGE_SIZE);
328#endif
329	__flatmap_init_rx_size = . - __flatmap_init_rx_start;
330	__flatmap_init_ro_start = .;
331
332	.rodata_init : {
333#include <rodata_init.ld.S>
334#ifndef CFG_CORE_ASLR
335		. = ALIGN(8);
336		KEEP(*(SORT(.scattered_array*)));
337#endif
338	}
339#ifdef CFG_CORE_ASLR
340	.data.rel.ro_init : ALIGN(8) {
341		KEEP(*(SORT(.scattered_array*)));
342	}
343#endif
344	. = ALIGN(8);
345	__ro_and_relro_data_init_end = .;
346
347	__init_end = ALIGN(__ro_and_relro_data_init_end, SMALL_PAGE_SIZE);
348	__get_tee_init_end = __init_end;
349	__init_size = __init_end - __init_start;
350
351	/* vcore flat map stops here. No need to page align, rodata follows. */
352	__flatmap_init_ro_size = __init_end - __flatmap_init_ro_start;
353
354	.rodata_pageable : ALIGN(8) {
355		*(.rodata*)
356	}
357
358#ifdef CFG_CORE_RODATA_NOEXEC
359	. = ALIGN(SMALL_PAGE_SIZE);
360#endif
361
362	.text_pageable : ALIGN(8) {
363		*(.text*)
364		. = ALIGN(SMALL_PAGE_SIZE);
365	}
366
367	__pageable_part_end = .;
368	__pageable_part_start = __init_end;
369	__pageable_start = __init_start;
370	__pageable_end = __pageable_part_end;
371
372	ASSERT(TEE_LOAD_ADDR >= TEE_RAM_START,
373		"Load address before start of physical memory")
374	ASSERT(TEE_LOAD_ADDR < (TEE_RAM_START + TEE_RAM_PH_SIZE),
375		"Load address after end of physical memory")
376	ASSERT((TEE_RAM_VA_START + TEE_RAM_PH_SIZE - __init_end) >
377		SMALL_PAGE_SIZE, "Too few free pages to initialize paging")
378
379
380#endif /*CFG_WITH_PAGER*/
381
382#ifdef CFG_CORE_SANITIZE_KADDRESS
383	. = TEE_RAM_VA_START + (TEE_RAM_VA_SIZE * 8) / 9 - 8;
384	. = ALIGN(8);
385	.asan_shadow : {
386		__asan_shadow_start = .;
387		. += TEE_RAM_VA_SIZE / 9;
388		__asan_shadow_end = .;
389		__asan_shadow_size = __asan_shadow_end - __asan_shadow_start;
390	}
391#endif /*CFG_CORE_SANITIZE_KADDRESS*/
392
393	__end = .;
394
395#ifndef CFG_WITH_PAGER
396	__init_size = __data_end - TEE_TEXT_VA_START;
397#endif
398	/*
399	 * Guard against moving the location counter backwards in the assignment
400	 * below.
401	 */
402	ASSERT(. <= (TEE_RAM_VA_START + TEE_RAM_VA_SIZE),
403		"TEE_RAM_VA_SIZE is too small")
404	. = TEE_RAM_VA_START + TEE_RAM_VA_SIZE;
405
406	_end_of_ram = .;
407
408#ifndef CFG_WITH_PAGER
409	__flatmap_unpg_rw_size = _end_of_ram - __flatmap_unpg_rw_start;
410	__get_tee_init_end = .;
411#endif
412
413	/*
414	 * These regions will not become a normal part of the dumped
415	 * binary, instead some are interpreted by the dump script and
416	 * converted into suitable format for OP-TEE itself to use.
417	 */
418	.dynamic : { *(.dynamic) }
419	.hash : { *(.hash) }
420	.dynsym : { *(.dynsym) }
421	.dynstr : { *(.dynstr) }
422
423	.rel : {
424		*(.rel.*)
425	}
426	.rela : {
427		*(.rela.*)
428	}
429#ifndef CFG_CORE_ASLR
430	ASSERT(SIZEOF(.rel) == 0, "Relocation entries not expected")
431	ASSERT(SIZEOF(.rela) == 0, "Relocation entries not expected")
432#endif
433
434	/DISCARD/ : {
435		/* Strip unnecessary stuff */
436		*(.comment .note .eh_frame .interp)
437		/* Strip meta variables */
438		*(__keep_meta_vars*)
439	}
440
441}
442
443/* Unpaged read-only memories */
444__vcore_unpg_rx_start = __flatmap_unpg_rx_start;
445__vcore_unpg_ro_start = __flatmap_unpg_ro_start;
446#ifdef CFG_CORE_RODATA_NOEXEC
447__vcore_unpg_rx_size = __flatmap_unpg_rx_size;
448__vcore_unpg_ro_size = __flatmap_unpg_ro_size;
449#else
450__vcore_unpg_rx_size = __flatmap_unpg_rx_size + __flatmap_unpg_ro_size;
451__vcore_unpg_ro_size = 0;
452#endif
453__vcore_unpg_rx_end = __vcore_unpg_rx_start + __vcore_unpg_rx_size;
454__vcore_unpg_ro_end = __vcore_unpg_ro_start + __vcore_unpg_ro_size;
455
456/* Unpaged read-write memory */
457__vcore_unpg_rw_start = __flatmap_unpg_rw_start;
458__vcore_unpg_rw_size = __flatmap_unpg_rw_size;
459__vcore_unpg_rw_end = __vcore_unpg_rw_start + __vcore_unpg_rw_size;
460
461#ifdef CFG_VIRTUALIZATION
462/* Nexus read-write memory */
463__vcore_nex_rw_start = __flatmap_nex_rw_start;
464__vcore_nex_rw_size = __flatmap_nex_rw_size;
465__vcore_nex_rw_end = __vcore_nex_rw_start + __vcore_nex_rw_size;
466#endif
467
468#ifdef CFG_WITH_PAGER
469/*
470 * Core init mapping shall cover up to end of the physical RAM.
471 * This is required since the hash table is appended to the
472 * binary data after the firmware build sequence.
473 */
474#define __FLATMAP_PAGER_TRAILING_SPACE	\
475	(TEE_RAM_START + TEE_RAM_PH_SIZE - \
476		(__flatmap_init_ro_start + __flatmap_init_ro_size))
477
478/* Paged/init read-only memories */
479__vcore_init_rx_start = __flatmap_init_rx_start;
480__vcore_init_ro_start = __flatmap_init_ro_start;
481#ifdef CFG_CORE_RODATA_NOEXEC
482__vcore_init_rx_size = __flatmap_init_rx_size;
483__vcore_init_ro_size = __flatmap_init_ro_size + __FLATMAP_PAGER_TRAILING_SPACE;
484#else
485__vcore_init_rx_size = __flatmap_init_rx_size + __flatmap_init_ro_size +
486		       __FLATMAP_PAGER_TRAILING_SPACE;
487__vcore_init_ro_size = 0;
488#endif /* CFG_CORE_RODATA_NOEXEC */
489__vcore_init_rx_end = __vcore_init_rx_start + __vcore_init_rx_size;
490__vcore_init_ro_end = __vcore_init_ro_start + __vcore_init_ro_size;
491#endif /* CFG_WITH_PAGER */
492
493#ifdef CFG_CORE_SANITIZE_KADDRESS
494__asan_map_start = (__asan_shadow_start / SMALL_PAGE_SIZE) *
495		   SMALL_PAGE_SIZE;
496__asan_map_end = ((__asan_shadow_end - 1) / SMALL_PAGE_SIZE) *
497		 SMALL_PAGE_SIZE + SMALL_PAGE_SIZE;
498__asan_map_size = __asan_map_end - __asan_map_start;
499#endif /*CFG_CORE_SANITIZE_KADDRESS*/
500