Message ID | 1487730866-19447-2-git-send-email-yamada.masahiro@socionext.com |
---|---|
State | New |
Headers | show |
Series | [1/2] arm64: booti: update "res1" field to "flags" | expand |
On Wed, Feb 22, 2017 at 11:34:26AM +0900, Masahiro Yamada wrote: > At first, the ARM64 Linux booting requirement recommended that the > kernel image be placed text_offset bytes from 2MB aligned base near > the start of usable system RAM because memory below that base address > was unusable at that time. > > This requirement was relaxed by Linux commit a7f8de168ace ("arm64: > allow kernel Image to be loaded anywhere in physical memory"). > Since then, the bit 3 of the flags field indicates the tolerance > of the kernel physical placement. If this bit is set, the 2MB > aligned base may be anywhere in physical memory. For details, see > Documentation/arm64/booting.txt of Linux. > > The booti command should be also relaxed to not expect the kernel > image at the start of the system RAM. Even when booting older > kernel versions, it still makes sense to have some space below the > kernel. For example, some firmware may sit at the start of the > system RAM. > > After all, the most flexible way for booting the kernel is to respect > the original images->ep instead of gd->bd->bi_dram[0].start. If > image->ep (which is the address given to the booti command) already > meets the address requirement, just use it. If not, relocate the > kernel to the next 2MB aligned address. > > Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> > --- > > cmd/booti.c | 6 +++++- > 1 file changed, 5 insertions(+), 1 deletion(-) > > diff --git a/cmd/booti.c b/cmd/booti.c > index f65f0e7..9408c34 100644 > --- a/cmd/booti.c > +++ b/cmd/booti.c > @@ -11,6 +11,8 @@ > #include <image.h> > #include <lmb.h> > #include <mapmem.h> > +#include <linux/kernel.h> > +#include <linux/sizes.h> > > DECLARE_GLOBAL_DATA_PTR; > > @@ -54,7 +56,9 @@ static int booti_setup(bootm_headers_t *images) > * If we are not at the correct run-time location, set the new > * correct location and then move the image there. > */ > - dst = gd->bd->bi_dram[0].start + le64_to_cpu(ih->text_offset); > + dst = images->ep - ih->text_offset; > + dst = ALIGN(dst, SZ_2M); > + dst += ih->text_offset; I think the code will be slightly more complex here but I would rather see us check for the presence of the flag which allows for us to relocate things rather than assume that we can always use the address provided, or round it up. The 'contract' wwith the kernel previously said it must be from start of memory and I'd rather not change that. -- Tom _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Hi Tom, 2017-02-23 1:19 GMT+09:00 Tom Rini <trini@konsulko.com>: > On Wed, Feb 22, 2017 at 11:34:26AM +0900, Masahiro Yamada wrote: > >> At first, the ARM64 Linux booting requirement recommended that the >> kernel image be placed text_offset bytes from 2MB aligned base near >> the start of usable system RAM because memory below that base address >> was unusable at that time. >> >> This requirement was relaxed by Linux commit a7f8de168ace ("arm64: >> allow kernel Image to be loaded anywhere in physical memory"). >> Since then, the bit 3 of the flags field indicates the tolerance >> of the kernel physical placement. If this bit is set, the 2MB >> aligned base may be anywhere in physical memory. For details, see >> Documentation/arm64/booting.txt of Linux. >> >> The booti command should be also relaxed to not expect the kernel >> image at the start of the system RAM. Even when booting older >> kernel versions, it still makes sense to have some space below the >> kernel. For example, some firmware may sit at the start of the >> system RAM. >> >> After all, the most flexible way for booting the kernel is to respect >> the original images->ep instead of gd->bd->bi_dram[0].start. If >> image->ep (which is the address given to the booti command) already >> meets the address requirement, just use it. If not, relocate the >> kernel to the next 2MB aligned address. >> >> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> >> --- >> >> cmd/booti.c | 6 +++++- >> 1 file changed, 5 insertions(+), 1 deletion(-) >> >> diff --git a/cmd/booti.c b/cmd/booti.c >> index f65f0e7..9408c34 100644 >> --- a/cmd/booti.c >> +++ b/cmd/booti.c >> @@ -11,6 +11,8 @@ >> #include <image.h> >> #include <lmb.h> >> #include <mapmem.h> >> +#include <linux/kernel.h> >> +#include <linux/sizes.h> >> >> DECLARE_GLOBAL_DATA_PTR; >> >> @@ -54,7 +56,9 @@ static int booti_setup(bootm_headers_t *images) >> * If we are not at the correct run-time location, set the new >> * correct location and then move the image there. >> */ >> - dst = gd->bd->bi_dram[0].start + le64_to_cpu(ih->text_offset); >> + dst = images->ep - ih->text_offset; >> + dst = ALIGN(dst, SZ_2M); >> + dst += ih->text_offset; > > I think the code will be slightly more complex here but I would rather > see us check for the presence of the flag which allows for us to > relocate things rather than assume that we can always use the address > provided, or round it up. The 'contract' wwith the kernel previously > said it must be from start of memory and I'd rather not change that. At first, I tried this approach. The problem (at least for me) is commit a7f8de168ace is quite new; this is only included in Linux 4.5 and later. Linux 4.4 LTS will be used on Socionext's products for a while. However, I need to avoid the relocation of the kernel image. The gd->bd->bi_dram[0].start points to the start of the DRAM. Here, some firmware is sitting at the start of the DRAM. To hide the head of the memory from Linux, the memory node in the device tree is carved out. If CONFIG_ARCH_FIXUP_FDT_MEMORY is not set, U-Boot passes the memory node as-is to Linux. As a result, the Image is placed out of the available memory region specified by DT, then Linux fails to boot. Somehow I want to achieve, "Even when booting older kernel versions, it still makes sense to have some space below the kernel. For example, some firmware may sit at the start of the system RAM." Perhaps, can we introduce a CONFIG to enable/disable the relocation? Or, any other good idea? -- Best Regards Masahiro Yamada _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
On Thu, Feb 23, 2017 at 06:17:38PM +0900, Masahiro Yamada wrote: > Hi Tom, > > > 2017-02-23 1:19 GMT+09:00 Tom Rini <trini@konsulko.com>: > > On Wed, Feb 22, 2017 at 11:34:26AM +0900, Masahiro Yamada wrote: > > > >> At first, the ARM64 Linux booting requirement recommended that the > >> kernel image be placed text_offset bytes from 2MB aligned base near > >> the start of usable system RAM because memory below that base address > >> was unusable at that time. > >> > >> This requirement was relaxed by Linux commit a7f8de168ace ("arm64: > >> allow kernel Image to be loaded anywhere in physical memory"). > >> Since then, the bit 3 of the flags field indicates the tolerance > >> of the kernel physical placement. If this bit is set, the 2MB > >> aligned base may be anywhere in physical memory. For details, see > >> Documentation/arm64/booting.txt of Linux. > >> > >> The booti command should be also relaxed to not expect the kernel > >> image at the start of the system RAM. Even when booting older > >> kernel versions, it still makes sense to have some space below the > >> kernel. For example, some firmware may sit at the start of the > >> system RAM. > >> > >> After all, the most flexible way for booting the kernel is to respect > >> the original images->ep instead of gd->bd->bi_dram[0].start. If > >> image->ep (which is the address given to the booti command) already > >> meets the address requirement, just use it. If not, relocate the > >> kernel to the next 2MB aligned address. > >> > >> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> > >> --- > >> > >> cmd/booti.c | 6 +++++- > >> 1 file changed, 5 insertions(+), 1 deletion(-) > >> > >> diff --git a/cmd/booti.c b/cmd/booti.c > >> index f65f0e7..9408c34 100644 > >> --- a/cmd/booti.c > >> +++ b/cmd/booti.c > >> @@ -11,6 +11,8 @@ > >> #include <image.h> > >> #include <lmb.h> > >> #include <mapmem.h> > >> +#include <linux/kernel.h> > >> +#include <linux/sizes.h> > >> > >> DECLARE_GLOBAL_DATA_PTR; > >> > >> @@ -54,7 +56,9 @@ static int booti_setup(bootm_headers_t *images) > >> * If we are not at the correct run-time location, set the new > >> * correct location and then move the image there. > >> */ > >> - dst = gd->bd->bi_dram[0].start + le64_to_cpu(ih->text_offset); > >> + dst = images->ep - ih->text_offset; > >> + dst = ALIGN(dst, SZ_2M); > >> + dst += ih->text_offset; > > > > I think the code will be slightly more complex here but I would rather > > see us check for the presence of the flag which allows for us to > > relocate things rather than assume that we can always use the address > > provided, or round it up. The 'contract' wwith the kernel previously > > said it must be from start of memory and I'd rather not change that. > > > At first, I tried this approach. > > The problem (at least for me) is > commit a7f8de168ace is quite new; this is only included in Linux 4.5 and later. > Linux 4.4 LTS will be used on Socionext's products for a while. > However, I need to avoid the relocation of the kernel image. > > The gd->bd->bi_dram[0].start points to the start of the DRAM. > Here, some firmware is sitting at the start of the DRAM. > To hide the head of the memory from Linux, > the memory node in the device tree is carved out. > > If CONFIG_ARCH_FIXUP_FDT_MEMORY is not set, > U-Boot passes the memory node as-is to Linux. > As a result, the Image is placed out of the available memory region > specified by DT, > then Linux fails to boot. > > > Somehow I want to achieve, > "Even when booting older kernel versions, it still makes sense to have > some space below the > kernel. For example, some firmware may sit at the start of the system RAM." > > > Perhaps, can we introduce a CONFIG > to enable/disable the relocation? > Or, any other good idea? I guess the answer is that I need to find some time to re-read the history on Documentation/arm64/booting.txt to see when various restrictions changed / were introduced. I'm also willing to say that perhaps my initial implementation (or the follow up when text_offset was introduced) was incorrectly too strict. -- Tom _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
On Thu, Feb 23, 2017 at 10:31:17AM -0500, Tom Rini wrote: > On Thu, Feb 23, 2017 at 06:17:38PM +0900, Masahiro Yamada wrote: > > Hi Tom, > > > > > > 2017-02-23 1:19 GMT+09:00 Tom Rini <trini@konsulko.com>: > > > On Wed, Feb 22, 2017 at 11:34:26AM +0900, Masahiro Yamada wrote: > > > > > >> At first, the ARM64 Linux booting requirement recommended that the > > >> kernel image be placed text_offset bytes from 2MB aligned base near > > >> the start of usable system RAM because memory below that base address > > >> was unusable at that time. > > >> > > >> This requirement was relaxed by Linux commit a7f8de168ace ("arm64: > > >> allow kernel Image to be loaded anywhere in physical memory"). > > >> Since then, the bit 3 of the flags field indicates the tolerance > > >> of the kernel physical placement. If this bit is set, the 2MB > > >> aligned base may be anywhere in physical memory. For details, see > > >> Documentation/arm64/booting.txt of Linux. > > >> > > >> The booti command should be also relaxed to not expect the kernel > > >> image at the start of the system RAM. Even when booting older > > >> kernel versions, it still makes sense to have some space below the > > >> kernel. For example, some firmware may sit at the start of the > > >> system RAM. > > >> > > >> After all, the most flexible way for booting the kernel is to respect > > >> the original images->ep instead of gd->bd->bi_dram[0].start. If > > >> image->ep (which is the address given to the booti command) already > > >> meets the address requirement, just use it. If not, relocate the > > >> kernel to the next 2MB aligned address. > > >> > > >> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> > > >> --- > > >> > > >> cmd/booti.c | 6 +++++- > > >> 1 file changed, 5 insertions(+), 1 deletion(-) > > >> > > >> diff --git a/cmd/booti.c b/cmd/booti.c > > >> index f65f0e7..9408c34 100644 > > >> --- a/cmd/booti.c > > >> +++ b/cmd/booti.c > > >> @@ -11,6 +11,8 @@ > > >> #include <image.h> > > >> #include <lmb.h> > > >> #include <mapmem.h> > > >> +#include <linux/kernel.h> > > >> +#include <linux/sizes.h> > > >> > > >> DECLARE_GLOBAL_DATA_PTR; > > >> > > >> @@ -54,7 +56,9 @@ static int booti_setup(bootm_headers_t *images) > > >> * If we are not at the correct run-time location, set the new > > >> * correct location and then move the image there. > > >> */ > > >> - dst = gd->bd->bi_dram[0].start + le64_to_cpu(ih->text_offset); > > >> + dst = images->ep - ih->text_offset; > > >> + dst = ALIGN(dst, SZ_2M); > > >> + dst += ih->text_offset; > > > > > > I think the code will be slightly more complex here but I would rather > > > see us check for the presence of the flag which allows for us to > > > relocate things rather than assume that we can always use the address > > > provided, or round it up. The 'contract' wwith the kernel previously > > > said it must be from start of memory and I'd rather not change that. > > > > > > At first, I tried this approach. > > > > The problem (at least for me) is > > commit a7f8de168ace is quite new; this is only included in Linux 4.5 and later. > > Linux 4.4 LTS will be used on Socionext's products for a while. > > However, I need to avoid the relocation of the kernel image. > > > > The gd->bd->bi_dram[0].start points to the start of the DRAM. > > Here, some firmware is sitting at the start of the DRAM. > > To hide the head of the memory from Linux, > > the memory node in the device tree is carved out. > > > > If CONFIG_ARCH_FIXUP_FDT_MEMORY is not set, > > U-Boot passes the memory node as-is to Linux. > > As a result, the Image is placed out of the available memory region > > specified by DT, > > then Linux fails to boot. > > > > > > Somehow I want to achieve, > > "Even when booting older kernel versions, it still makes sense to have > > some space below the > > kernel. For example, some firmware may sit at the start of the system RAM." > > > > > > Perhaps, can we introduce a CONFIG > > to enable/disable the relocation? > > Or, any other good idea? > > I guess the answer is that I need to find some time to re-read the > history on Documentation/arm64/booting.txt to see when various > restrictions changed / were introduced. I'm also willing to say that > perhaps my initial implementation (or the follow up when text_offset was > introduced) was incorrectly too strict. So, I re-read what the changes to the document were, before and after. Prior to the change, the kernel will not be able to use any memory below the 2MiB aligned address. After the change, the memory must be excluded using normal mechanisms (and is outside of this problem here). So, conceptually, I'm OK with changing our logic here a bit, what I did at first wrt text_offset was too literal. But: a) We need to re-work the comment in question now to explain a little better what is going on. b) we should continue to use le64_to_cpu() on text_offset (for consistency). c) I'm not convinced your math above is correct. images->ep is where we were put in memory. This is what we should make sure is 2MiB aligned, and then add to it the text_offset. And some quick testing with CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET enabled Images :) -- Tom _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
Hi Tom, 2017-02-27 7:41 GMT+09:00 Tom Rini <trini@konsulko.com>: > On Thu, Feb 23, 2017 at 10:31:17AM -0500, Tom Rini wrote: >> On Thu, Feb 23, 2017 at 06:17:38PM +0900, Masahiro Yamada wrote: >> > Hi Tom, >> > >> > >> > 2017-02-23 1:19 GMT+09:00 Tom Rini <trini@konsulko.com>: >> > > On Wed, Feb 22, 2017 at 11:34:26AM +0900, Masahiro Yamada wrote: >> > > >> > >> At first, the ARM64 Linux booting requirement recommended that the >> > >> kernel image be placed text_offset bytes from 2MB aligned base near >> > >> the start of usable system RAM because memory below that base address >> > >> was unusable at that time. >> > >> >> > >> This requirement was relaxed by Linux commit a7f8de168ace ("arm64: >> > >> allow kernel Image to be loaded anywhere in physical memory"). >> > >> Since then, the bit 3 of the flags field indicates the tolerance >> > >> of the kernel physical placement. If this bit is set, the 2MB >> > >> aligned base may be anywhere in physical memory. For details, see >> > >> Documentation/arm64/booting.txt of Linux. >> > >> >> > >> The booti command should be also relaxed to not expect the kernel >> > >> image at the start of the system RAM. Even when booting older >> > >> kernel versions, it still makes sense to have some space below the >> > >> kernel. For example, some firmware may sit at the start of the >> > >> system RAM. >> > >> >> > >> After all, the most flexible way for booting the kernel is to respect >> > >> the original images->ep instead of gd->bd->bi_dram[0].start. If >> > >> image->ep (which is the address given to the booti command) already >> > >> meets the address requirement, just use it. If not, relocate the >> > >> kernel to the next 2MB aligned address. >> > >> >> > >> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> >> > >> --- >> > >> >> > >> cmd/booti.c | 6 +++++- >> > >> 1 file changed, 5 insertions(+), 1 deletion(-) >> > >> >> > >> diff --git a/cmd/booti.c b/cmd/booti.c >> > >> index f65f0e7..9408c34 100644 >> > >> --- a/cmd/booti.c >> > >> +++ b/cmd/booti.c >> > >> @@ -11,6 +11,8 @@ >> > >> #include <image.h> >> > >> #include <lmb.h> >> > >> #include <mapmem.h> >> > >> +#include <linux/kernel.h> >> > >> +#include <linux/sizes.h> >> > >> >> > >> DECLARE_GLOBAL_DATA_PTR; >> > >> >> > >> @@ -54,7 +56,9 @@ static int booti_setup(bootm_headers_t *images) >> > >> * If we are not at the correct run-time location, set the new >> > >> * correct location and then move the image there. >> > >> */ >> > >> - dst = gd->bd->bi_dram[0].start + le64_to_cpu(ih->text_offset); >> > >> + dst = images->ep - ih->text_offset; >> > >> + dst = ALIGN(dst, SZ_2M); >> > >> + dst += ih->text_offset; >> > > >> > > I think the code will be slightly more complex here but I would rather >> > > see us check for the presence of the flag which allows for us to >> > > relocate things rather than assume that we can always use the address >> > > provided, or round it up. The 'contract' wwith the kernel previously >> > > said it must be from start of memory and I'd rather not change that. >> > >> > >> > At first, I tried this approach. >> > >> > The problem (at least for me) is >> > commit a7f8de168ace is quite new; this is only included in Linux 4.5 and later. >> > Linux 4.4 LTS will be used on Socionext's products for a while. >> > However, I need to avoid the relocation of the kernel image. >> > >> > The gd->bd->bi_dram[0].start points to the start of the DRAM. >> > Here, some firmware is sitting at the start of the DRAM. >> > To hide the head of the memory from Linux, >> > the memory node in the device tree is carved out. >> > >> > If CONFIG_ARCH_FIXUP_FDT_MEMORY is not set, >> > U-Boot passes the memory node as-is to Linux. >> > As a result, the Image is placed out of the available memory region >> > specified by DT, >> > then Linux fails to boot. >> > >> > >> > Somehow I want to achieve, >> > "Even when booting older kernel versions, it still makes sense to have >> > some space below the >> > kernel. For example, some firmware may sit at the start of the system RAM." >> > >> > >> > Perhaps, can we introduce a CONFIG >> > to enable/disable the relocation? >> > Or, any other good idea? >> >> I guess the answer is that I need to find some time to re-read the >> history on Documentation/arm64/booting.txt to see when various >> restrictions changed / were introduced. I'm also willing to say that >> perhaps my initial implementation (or the follow up when text_offset was >> introduced) was incorrectly too strict. > > So, I re-read what the changes to the document were, before and after. > Prior to the change, the kernel will not be able to use any memory below > the 2MiB aligned address. After the change, the memory must be excluded > using normal mechanisms (and is outside of this problem here). So, > conceptually, I'm OK with changing our logic here a bit, what I did at > first wrt text_offset was too literal. But: > a) We need to re-work the comment in question now to explain a little > better what is going on. Yes. > b) we should continue to use le64_to_cpu() on text_offset (for > consistency). I had accidentally dropped it. Will fix. > c) I'm not convinced your math above is correct. images->ep is where we > were put in memory. This is what we should make sure is 2MiB aligned, > and then add to it the text_offset. And some quick testing with > CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET enabled Images :) My intention is images->ep = (2MiB aligned base) + text_offset If this equation is met, the image is already placed at the bootable position. We can skip the relocation. Theoretically, we can not know the value of text_offset in advance (especially for CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET). However, in practice, we know text_offset is 0x80000. If we put the image at 2MiB aligned base, the relocation would always happen.
On Wed, Mar 01, 2017 at 02:03:58AM +0900, Masahiro Yamada wrote: > Hi Tom, > > 2017-02-27 7:41 GMT+09:00 Tom Rini <trini@konsulko.com>: > > On Thu, Feb 23, 2017 at 10:31:17AM -0500, Tom Rini wrote: > >> On Thu, Feb 23, 2017 at 06:17:38PM +0900, Masahiro Yamada wrote: > >> > Hi Tom, > >> > > >> > > >> > 2017-02-23 1:19 GMT+09:00 Tom Rini <trini@konsulko.com>: > >> > > On Wed, Feb 22, 2017 at 11:34:26AM +0900, Masahiro Yamada wrote: > >> > > > >> > >> At first, the ARM64 Linux booting requirement recommended that the > >> > >> kernel image be placed text_offset bytes from 2MB aligned base near > >> > >> the start of usable system RAM because memory below that base address > >> > >> was unusable at that time. > >> > >> > >> > >> This requirement was relaxed by Linux commit a7f8de168ace ("arm64: > >> > >> allow kernel Image to be loaded anywhere in physical memory"). > >> > >> Since then, the bit 3 of the flags field indicates the tolerance > >> > >> of the kernel physical placement. If this bit is set, the 2MB > >> > >> aligned base may be anywhere in physical memory. For details, see > >> > >> Documentation/arm64/booting.txt of Linux. > >> > >> > >> > >> The booti command should be also relaxed to not expect the kernel > >> > >> image at the start of the system RAM. Even when booting older > >> > >> kernel versions, it still makes sense to have some space below the > >> > >> kernel. For example, some firmware may sit at the start of the > >> > >> system RAM. > >> > >> > >> > >> After all, the most flexible way for booting the kernel is to respect > >> > >> the original images->ep instead of gd->bd->bi_dram[0].start. If > >> > >> image->ep (which is the address given to the booti command) already > >> > >> meets the address requirement, just use it. If not, relocate the > >> > >> kernel to the next 2MB aligned address. > >> > >> > >> > >> Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> > >> > >> --- > >> > >> > >> > >> cmd/booti.c | 6 +++++- > >> > >> 1 file changed, 5 insertions(+), 1 deletion(-) > >> > >> > >> > >> diff --git a/cmd/booti.c b/cmd/booti.c > >> > >> index f65f0e7..9408c34 100644 > >> > >> --- a/cmd/booti.c > >> > >> +++ b/cmd/booti.c > >> > >> @@ -11,6 +11,8 @@ > >> > >> #include <image.h> > >> > >> #include <lmb.h> > >> > >> #include <mapmem.h> > >> > >> +#include <linux/kernel.h> > >> > >> +#include <linux/sizes.h> > >> > >> > >> > >> DECLARE_GLOBAL_DATA_PTR; > >> > >> > >> > >> @@ -54,7 +56,9 @@ static int booti_setup(bootm_headers_t *images) > >> > >> * If we are not at the correct run-time location, set the new > >> > >> * correct location and then move the image there. > >> > >> */ > >> > >> - dst = gd->bd->bi_dram[0].start + le64_to_cpu(ih->text_offset); > >> > >> + dst = images->ep - ih->text_offset; > >> > >> + dst = ALIGN(dst, SZ_2M); > >> > >> + dst += ih->text_offset; > >> > > > >> > > I think the code will be slightly more complex here but I would rather > >> > > see us check for the presence of the flag which allows for us to > >> > > relocate things rather than assume that we can always use the address > >> > > provided, or round it up. The 'contract' wwith the kernel previously > >> > > said it must be from start of memory and I'd rather not change that. > >> > > >> > > >> > At first, I tried this approach. > >> > > >> > The problem (at least for me) is > >> > commit a7f8de168ace is quite new; this is only included in Linux 4.5 and later. > >> > Linux 4.4 LTS will be used on Socionext's products for a while. > >> > However, I need to avoid the relocation of the kernel image. > >> > > >> > The gd->bd->bi_dram[0].start points to the start of the DRAM. > >> > Here, some firmware is sitting at the start of the DRAM. > >> > To hide the head of the memory from Linux, > >> > the memory node in the device tree is carved out. > >> > > >> > If CONFIG_ARCH_FIXUP_FDT_MEMORY is not set, > >> > U-Boot passes the memory node as-is to Linux. > >> > As a result, the Image is placed out of the available memory region > >> > specified by DT, > >> > then Linux fails to boot. > >> > > >> > > >> > Somehow I want to achieve, > >> > "Even when booting older kernel versions, it still makes sense to have > >> > some space below the > >> > kernel. For example, some firmware may sit at the start of the system RAM." > >> > > >> > > >> > Perhaps, can we introduce a CONFIG > >> > to enable/disable the relocation? > >> > Or, any other good idea? > >> > >> I guess the answer is that I need to find some time to re-read the > >> history on Documentation/arm64/booting.txt to see when various > >> restrictions changed / were introduced. I'm also willing to say that > >> perhaps my initial implementation (or the follow up when text_offset was > >> introduced) was incorrectly too strict. > > > > So, I re-read what the changes to the document were, before and after. > > Prior to the change, the kernel will not be able to use any memory below > > the 2MiB aligned address. After the change, the memory must be excluded > > using normal mechanisms (and is outside of this problem here). So, > > conceptually, I'm OK with changing our logic here a bit, what I did at > > first wrt text_offset was too literal. But: > > a) We need to re-work the comment in question now to explain a little > > better what is going on. > > Yes. > > > b) we should continue to use le64_to_cpu() on text_offset (for > > consistency). > > I had accidentally dropped it. > Will fix. > > > c) I'm not convinced your math above is correct. images->ep is where we > > were put in memory. This is what we should make sure is 2MiB aligned, > > and then add to it the text_offset. And some quick testing with > > CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET enabled Images :) > > > My intention is > > images->ep = (2MiB aligned base) + text_offset > > > If this equation is met, the image is already placed at the bootable position. > We can skip the relocation. > > > Theoretically, we can not know the value of text_offset in advance > (especially for CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET). > However, in practice, we know text_offset is 0x80000. > > > If we put the image at 2MiB aligned base, the relocation would always happen. Correct. But I honestly don't know if non-randomized text offset is the common case people will optimize for or randomized for added security will be the more common case. I suppose the important thing is that yes, if loaded at 2MiB aligned + text_offset we should be correct, and that's what counts. If you test it both ways and it's good and behaving correctly, that's what matters. -- Tom
On Tue, Feb 28, 2017 at 12:15:09PM -0500, Tom Rini wrote: > On Wed, Mar 01, 2017 at 02:03:58AM +0900, Masahiro Yamada wrote: > > 2017-02-27 7:41 GMT+09:00 Tom Rini <trini@konsulko.com>: > > > On Thu, Feb 23, 2017 at 10:31:17AM -0500, Tom Rini wrote: > > > c) I'm not convinced your math above is correct. images->ep is where we > > > were put in memory. This is what we should make sure is 2MiB aligned, > > > and then add to it the text_offset. And some quick testing with > > > CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET enabled Images :) > > > > My intention is > > > > images->ep = (2MiB aligned base) + text_offset > > > > If this equation is met, the image is already placed at the bootable position. > > We can skip the relocation. > > > > Theoretically, we can not know the value of text_offset in advance > > (especially for CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET). > > However, in practice, we know text_offset is 0x80000. Per the arm64 Image header, no particular value of text_offset should be assumed. Please do not assume a particular value It has always been the intent that bootloaders should read this, though this evidently wasn't very clear (and the bootwrapper set a bad example). I tried to clear this up with documentation updates (and the addition of ARM64_RANDOMIZE_TEXT_OFFSET). > > If we put the image at 2MiB aligned base, the relocation would > > always happen. > > Correct. But I honestly don't know if non-randomized text offset is the > common case people will optimize for or randomized for added security will be > the more common case. FWIW, the randomized text_offset is a bootloader debugging/testing feature, and there's no security aspect to it. It was added [1] as an additional to hint to bootloader authors that they must respect the text_offset field. Thanks, Mark. [1] https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=da57a369d3bc5cd61db90f7e9555840381db9b09
On Tue, Mar 07, 2017 at 11:43:52AM +0000, Mark Rutland wrote: > On Tue, Feb 28, 2017 at 12:15:09PM -0500, Tom Rini wrote: > > On Wed, Mar 01, 2017 at 02:03:58AM +0900, Masahiro Yamada wrote: > > > 2017-02-27 7:41 GMT+09:00 Tom Rini <trini@konsulko.com>: > > > > On Thu, Feb 23, 2017 at 10:31:17AM -0500, Tom Rini wrote: > > > > > c) I'm not convinced your math above is correct. images->ep is where we > > > > were put in memory. This is what we should make sure is 2MiB aligned, > > > > and then add to it the text_offset. And some quick testing with > > > > CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET enabled Images :) > > > > > > My intention is > > > > > > images->ep = (2MiB aligned base) + text_offset > > > > > > If this equation is met, the image is already placed at the bootable position. > > > We can skip the relocation. > > > > > > Theoretically, we can not know the value of text_offset in advance > > > (especially for CONFIG_ARM64_RANDOMIZE_TEXT_OFFSET). > > > However, in practice, we know text_offset is 0x80000. > > Per the arm64 Image header, no particular value of text_offset should > be assumed. Please do not assume a particular value > > It has always been the intent that bootloaders should read this, though > this evidently wasn't very clear (and the bootwrapper set a bad > example). I tried to clear this up with documentation updates (and the > addition of ARM64_RANDOMIZE_TEXT_OFFSET). > > > > If we put the image at 2MiB aligned base, the relocation would > > > always happen. > > > > Correct. But I honestly don't know if non-randomized text offset is the > > common case people will optimize for or randomized for added security will be > > the more common case. > > FWIW, the randomized text_offset is a bootloader debugging/testing > feature, and there's no security aspect to it. > > It was added [1] as an additional to hint to bootloader authors that > they must respect the text_offset field. Right, and we do this today. But since this doubles as a kind of cheap KASLR I would also expect to see it used, even if not intended, in this way. -- Tom
On Tue, Mar 07, 2017 at 07:16:56AM -0500, Tom Rini wrote: > On Tue, Mar 07, 2017 at 11:43:52AM +0000, Mark Rutland wrote: > > On Tue, Feb 28, 2017 at 12:15:09PM -0500, Tom Rini wrote: > > > On Wed, Mar 01, 2017 at 02:03:58AM +0900, Masahiro Yamada wrote: > > > > 2017-02-27 7:41 GMT+09:00 Tom Rini <trini@konsulko.com>: > > > > If we put the image at 2MiB aligned base, the relocation would > > > > always happen. > > > > > > Correct. But I honestly don't know if non-randomized text offset is the > > > common case people will optimize for or randomized for added security will be > > > the more common case. > > > > FWIW, the randomized text_offset is a bootloader debugging/testing > > feature, and there's no security aspect to it. > > > > It was added [1] as an additional to hint to bootloader authors that > > they must respect the text_offset field. > > Right, and we do this today. But since this doubles as a kind of cheap > KASLR I would also expect to see it used, even if not intended, in this > way. I can certainly imagine people loading the kernel at a random physical base address (i.e. a random 2M base + text_offset), and doing that's perfectly fine for kernels happy to be loaded at arbitrary bases. That may help to frustrate some DMA attacks. I take it that's what you meant? Given text_offset itself is fixed at compile time, randomizing it provides absolutely no security benefit, and we should be careful not to give the impression that it does. Thanks, Mark.
On Tue, Mar 07, 2017 at 01:54:43PM +0000, Mark Rutland wrote: > On Tue, Mar 07, 2017 at 07:16:56AM -0500, Tom Rini wrote: > > On Tue, Mar 07, 2017 at 11:43:52AM +0000, Mark Rutland wrote: > > > On Tue, Feb 28, 2017 at 12:15:09PM -0500, Tom Rini wrote: > > > > On Wed, Mar 01, 2017 at 02:03:58AM +0900, Masahiro Yamada wrote: > > > > > 2017-02-27 7:41 GMT+09:00 Tom Rini <trini@konsulko.com>: > > > > > If we put the image at 2MiB aligned base, the relocation would > > > > > always happen. > > > > > > > > Correct. But I honestly don't know if non-randomized text offset is the > > > > common case people will optimize for or randomized for added security will be > > > > the more common case. > > > > > > FWIW, the randomized text_offset is a bootloader debugging/testing > > > feature, and there's no security aspect to it. > > > > > > It was added [1] as an additional to hint to bootloader authors that > > > they must respect the text_offset field. > > > > Right, and we do this today. But since this doubles as a kind of cheap > > KASLR I would also expect to see it used, even if not intended, in this > > way. > > I can certainly imagine people loading the kernel at a random physical > base address (i.e. a random 2M base + text_offset), and doing that's > perfectly fine for kernels happy to be loaded at arbitrary bases. That > may help to frustrate some DMA attacks. > > I take it that's what you meant? > > Given text_offset itself is fixed at compile time, randomizing it > provides absolutely no security benefit, and we should be careful not to > give the impression that it does. I was thinking that since it's randomized per compile and the likely number of instances not running some stock kernel, that would further add to frustrating some DMA attacks. But, no, that's not really correct. Thanks! -- Tom
diff --git a/cmd/booti.c b/cmd/booti.c index f65f0e7..9408c34 100644 --- a/cmd/booti.c +++ b/cmd/booti.c @@ -11,6 +11,8 @@ #include <image.h> #include <lmb.h> #include <mapmem.h> +#include <linux/kernel.h> +#include <linux/sizes.h> DECLARE_GLOBAL_DATA_PTR; @@ -54,7 +56,9 @@ static int booti_setup(bootm_headers_t *images) * If we are not at the correct run-time location, set the new * correct location and then move the image there. */ - dst = gd->bd->bi_dram[0].start + le64_to_cpu(ih->text_offset); + dst = images->ep - ih->text_offset; + dst = ALIGN(dst, SZ_2M); + dst += ih->text_offset; unmap_sysmem(ih);
At first, the ARM64 Linux booting requirement recommended that the kernel image be placed text_offset bytes from 2MB aligned base near the start of usable system RAM because memory below that base address was unusable at that time. This requirement was relaxed by Linux commit a7f8de168ace ("arm64: allow kernel Image to be loaded anywhere in physical memory"). Since then, the bit 3 of the flags field indicates the tolerance of the kernel physical placement. If this bit is set, the 2MB aligned base may be anywhere in physical memory. For details, see Documentation/arm64/booting.txt of Linux. The booti command should be also relaxed to not expect the kernel image at the start of the system RAM. Even when booting older kernel versions, it still makes sense to have some space below the kernel. For example, some firmware may sit at the start of the system RAM. After all, the most flexible way for booting the kernel is to respect the original images->ep instead of gd->bd->bi_dram[0].start. If image->ep (which is the address given to the booti command) already meets the address requirement, just use it. If not, relocate the kernel to the next 2MB aligned address. Signed-off-by: Masahiro Yamada <yamada.masahiro@socionext.com> --- cmd/booti.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) -- 1.9.1 _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot