1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Based on arch/arm/mm/init.c
4  *
5  * Copyright (C) 1995-2005 Russell King
6  * Copyright (C) 2012 ARM Ltd.
7  */
8 
9 #include <linux/kernel.h>
10 #include <linux/export.h>
11 #include <linux/errno.h>
12 #include <linux/swap.h>
13 #include <linux/init.h>
14 #include <linux/cache.h>
15 #include <linux/mman.h>
16 #include <linux/nodemask.h>
17 #include <linux/initrd.h>
18 #include <linux/gfp.h>
19 #include <linux/memblock.h>
20 #include <linux/sort.h>
21 #include <linux/of.h>
22 #include <linux/of_fdt.h>
23 #include <linux/dma-direct.h>
24 #include <linux/dma-map-ops.h>
25 #include <linux/efi.h>
26 #include <linux/swiotlb.h>
27 #include <linux/vmalloc.h>
28 #include <linux/mm.h>
29 #include <linux/kexec.h>
30 #include <linux/crash_dump.h>
31 #include <linux/hugetlb.h>
32 #include <linux/acpi_iort.h>
33 #include <linux/kmemleak.h>
34 
35 #include <asm/boot.h>
36 #include <asm/fixmap.h>
37 #include <asm/kasan.h>
38 #include <asm/kernel-pgtable.h>
39 #include <asm/kvm_host.h>
40 #include <asm/memory.h>
41 #include <asm/numa.h>
42 #include <asm/sections.h>
43 #include <asm/setup.h>
44 #include <linux/sizes.h>
45 #include <asm/tlb.h>
46 #include <asm/alternative.h>
47 #include <asm/xen/swiotlb-xen.h>
48 
49 /*
50  * We need to be able to catch inadvertent references to memstart_addr
51  * that occur (potentially in generic code) before arm64_memblock_init()
52  * executes, which assigns it its actual value. So use a default value
53  * that cannot be mistaken for a real physical address.
54  */
55 s64 memstart_addr __ro_after_init = -1;
56 EXPORT_SYMBOL(memstart_addr);
57 
58 /*
59  * If the corresponding config options are enabled, we create both ZONE_DMA
60  * and ZONE_DMA32. By default ZONE_DMA covers the 32-bit addressable memory
61  * unless restricted on specific platforms (e.g. 30-bit on Raspberry Pi 4).
62  * In such case, ZONE_DMA32 covers the rest of the 32-bit addressable memory,
63  * otherwise it is empty.
64  */
65 phys_addr_t __ro_after_init arm64_dma_phys_limit;
66 
67 /* Current arm64 boot protocol requires 2MB alignment */
68 #define CRASH_ALIGN			SZ_2M
69 
70 #define CRASH_ADDR_LOW_MAX		arm64_dma_phys_limit
71 #define CRASH_ADDR_HIGH_MAX		(PHYS_MASK + 1)
72 #define CRASH_HIGH_SEARCH_BASE		SZ_4G
73 
74 #define DEFAULT_CRASH_KERNEL_LOW_SIZE	(128UL << 20)
75 
76 /*
77  * To make optimal use of block mappings when laying out the linear
78  * mapping, round down the base of physical memory to a size that can
79  * be mapped efficiently, i.e., either PUD_SIZE (4k granule) or PMD_SIZE
80  * (64k granule), or a multiple that can be mapped using contiguous bits
81  * in the page tables: 32 * PMD_SIZE (16k granule)
82  */
83 #if defined(CONFIG_ARM64_4K_PAGES)
84 #define ARM64_MEMSTART_SHIFT		PUD_SHIFT
85 #elif defined(CONFIG_ARM64_16K_PAGES)
86 #define ARM64_MEMSTART_SHIFT		CONT_PMD_SHIFT
87 #else
88 #define ARM64_MEMSTART_SHIFT		PMD_SHIFT
89 #endif
90 
91 /*
92  * sparsemem vmemmap imposes an additional requirement on the alignment of
93  * memstart_addr, due to the fact that the base of the vmemmap region
94  * has a direct correspondence, and needs to appear sufficiently aligned
95  * in the virtual address space.
96  */
97 #if ARM64_MEMSTART_SHIFT < SECTION_SIZE_BITS
98 #define ARM64_MEMSTART_ALIGN	(1UL << SECTION_SIZE_BITS)
99 #else
100 #define ARM64_MEMSTART_ALIGN	(1UL << ARM64_MEMSTART_SHIFT)
101 #endif
102 
reserve_crashkernel_low(unsigned long long low_size)103 static int __init reserve_crashkernel_low(unsigned long long low_size)
104 {
105 	unsigned long long low_base;
106 
107 	low_base = memblock_phys_alloc_range(low_size, CRASH_ALIGN, 0, CRASH_ADDR_LOW_MAX);
108 	if (!low_base) {
109 		pr_err("cannot allocate crashkernel low memory (size:0x%llx).\n", low_size);
110 		return -ENOMEM;
111 	}
112 
113 	pr_info("crashkernel low memory reserved: 0x%08llx - 0x%08llx (%lld MB)\n",
114 		low_base, low_base + low_size, low_size >> 20);
115 
116 	crashk_low_res.start = low_base;
117 	crashk_low_res.end   = low_base + low_size - 1;
118 	insert_resource(&iomem_resource, &crashk_low_res);
119 
120 	return 0;
121 }
122 
123 /*
124  * reserve_crashkernel() - reserves memory for crash kernel
125  *
126  * This function reserves memory area given in "crashkernel=" kernel command
127  * line parameter. The memory reserved is used by dump capture kernel when
128  * primary kernel is crashing.
129  */
reserve_crashkernel(void)130 static void __init reserve_crashkernel(void)
131 {
132 	unsigned long long crash_low_size = 0, search_base = 0;
133 	unsigned long long crash_max = CRASH_ADDR_LOW_MAX;
134 	unsigned long long crash_base, crash_size;
135 	char *cmdline = boot_command_line;
136 	bool fixed_base = false;
137 	bool high = false;
138 	int ret;
139 
140 	if (!IS_ENABLED(CONFIG_KEXEC_CORE))
141 		return;
142 
143 	/* crashkernel=X[@offset] */
144 	ret = parse_crashkernel(cmdline, memblock_phys_mem_size(),
145 				&crash_size, &crash_base);
146 	if (ret == -ENOENT) {
147 		ret = parse_crashkernel_high(cmdline, 0, &crash_size, &crash_base);
148 		if (ret || !crash_size)
149 			return;
150 
151 		/*
152 		 * crashkernel=Y,low can be specified or not, but invalid value
153 		 * is not allowed.
154 		 */
155 		ret = parse_crashkernel_low(cmdline, 0, &crash_low_size, &crash_base);
156 		if (ret == -ENOENT)
157 			crash_low_size = DEFAULT_CRASH_KERNEL_LOW_SIZE;
158 		else if (ret)
159 			return;
160 
161 		search_base = CRASH_HIGH_SEARCH_BASE;
162 		crash_max = CRASH_ADDR_HIGH_MAX;
163 		high = true;
164 	} else if (ret || !crash_size) {
165 		/* The specified value is invalid */
166 		return;
167 	}
168 
169 	crash_size = PAGE_ALIGN(crash_size);
170 
171 	/* User specifies base address explicitly. */
172 	if (crash_base) {
173 		fixed_base = true;
174 		search_base = crash_base;
175 		crash_max = crash_base + crash_size;
176 	}
177 
178 retry:
179 	crash_base = memblock_phys_alloc_range(crash_size, CRASH_ALIGN,
180 					       search_base, crash_max);
181 	if (!crash_base) {
182 		/*
183 		 * For crashkernel=size[KMG]@offset[KMG], print out failure
184 		 * message if can't reserve the specified region.
185 		 */
186 		if (fixed_base) {
187 			pr_warn("crashkernel reservation failed - memory is in use.\n");
188 			return;
189 		}
190 
191 		/*
192 		 * For crashkernel=size[KMG], if the first attempt was for
193 		 * low memory, fall back to high memory, the minimum required
194 		 * low memory will be reserved later.
195 		 */
196 		if (!high && crash_max == CRASH_ADDR_LOW_MAX) {
197 			crash_max = CRASH_ADDR_HIGH_MAX;
198 			search_base = CRASH_ADDR_LOW_MAX;
199 			crash_low_size = DEFAULT_CRASH_KERNEL_LOW_SIZE;
200 			goto retry;
201 		}
202 
203 		/*
204 		 * For crashkernel=size[KMG],high, if the first attempt was
205 		 * for high memory, fall back to low memory.
206 		 */
207 		if (high && crash_max == CRASH_ADDR_HIGH_MAX) {
208 			crash_max = CRASH_ADDR_LOW_MAX;
209 			search_base = 0;
210 			goto retry;
211 		}
212 		pr_warn("cannot allocate crashkernel (size:0x%llx)\n",
213 			crash_size);
214 		return;
215 	}
216 
217 	if ((crash_base >= CRASH_ADDR_LOW_MAX) && crash_low_size &&
218 	     reserve_crashkernel_low(crash_low_size)) {
219 		memblock_phys_free(crash_base, crash_size);
220 		return;
221 	}
222 
223 	pr_info("crashkernel reserved: 0x%016llx - 0x%016llx (%lld MB)\n",
224 		crash_base, crash_base + crash_size, crash_size >> 20);
225 
226 	/*
227 	 * The crashkernel memory will be removed from the kernel linear
228 	 * map. Inform kmemleak so that it won't try to access it.
229 	 */
230 	kmemleak_ignore_phys(crash_base);
231 	if (crashk_low_res.end)
232 		kmemleak_ignore_phys(crashk_low_res.start);
233 
234 	crashk_res.start = crash_base;
235 	crashk_res.end = crash_base + crash_size - 1;
236 	insert_resource(&iomem_resource, &crashk_res);
237 }
238 
239 /*
240  * Return the maximum physical address for a zone accessible by the given bits
241  * limit. If DRAM starts above 32-bit, expand the zone to the maximum
242  * available memory, otherwise cap it at 32-bit.
243  */
max_zone_phys(unsigned int zone_bits)244 static phys_addr_t __init max_zone_phys(unsigned int zone_bits)
245 {
246 	phys_addr_t zone_mask = DMA_BIT_MASK(zone_bits);
247 	phys_addr_t phys_start = memblock_start_of_DRAM();
248 
249 	if (phys_start > U32_MAX)
250 		zone_mask = PHYS_ADDR_MAX;
251 	else if (phys_start > zone_mask)
252 		zone_mask = U32_MAX;
253 
254 	return min(zone_mask, memblock_end_of_DRAM() - 1) + 1;
255 }
256 
zone_sizes_init(void)257 static void __init zone_sizes_init(void)
258 {
259 	unsigned long max_zone_pfns[MAX_NR_ZONES]  = {0};
260 	unsigned int __maybe_unused acpi_zone_dma_bits;
261 	unsigned int __maybe_unused dt_zone_dma_bits;
262 	phys_addr_t __maybe_unused dma32_phys_limit = max_zone_phys(32);
263 
264 #ifdef CONFIG_ZONE_DMA
265 	acpi_zone_dma_bits = fls64(acpi_iort_dma_get_max_cpu_address());
266 	dt_zone_dma_bits = fls64(of_dma_get_max_cpu_address(NULL));
267 	zone_dma_bits = min3(32U, dt_zone_dma_bits, acpi_zone_dma_bits);
268 	arm64_dma_phys_limit = max_zone_phys(zone_dma_bits);
269 	max_zone_pfns[ZONE_DMA] = PFN_DOWN(arm64_dma_phys_limit);
270 #endif
271 #ifdef CONFIG_ZONE_DMA32
272 	max_zone_pfns[ZONE_DMA32] = PFN_DOWN(dma32_phys_limit);
273 	if (!arm64_dma_phys_limit)
274 		arm64_dma_phys_limit = dma32_phys_limit;
275 #endif
276 	if (!arm64_dma_phys_limit)
277 		arm64_dma_phys_limit = PHYS_MASK + 1;
278 	max_zone_pfns[ZONE_NORMAL] = max_pfn;
279 
280 	free_area_init(max_zone_pfns);
281 }
282 
pfn_is_map_memory(unsigned long pfn)283 int pfn_is_map_memory(unsigned long pfn)
284 {
285 	phys_addr_t addr = PFN_PHYS(pfn);
286 
287 	/* avoid false positives for bogus PFNs, see comment in pfn_valid() */
288 	if (PHYS_PFN(addr) != pfn)
289 		return 0;
290 
291 	return memblock_is_map_memory(addr);
292 }
293 EXPORT_SYMBOL(pfn_is_map_memory);
294 
295 static phys_addr_t memory_limit __ro_after_init = PHYS_ADDR_MAX;
296 
297 /*
298  * Limit the memory size that was specified via FDT.
299  */
early_mem(char * p)300 static int __init early_mem(char *p)
301 {
302 	if (!p)
303 		return 1;
304 
305 	memory_limit = memparse(p, &p) & PAGE_MASK;
306 	pr_notice("Memory limited to %lldMB\n", memory_limit >> 20);
307 
308 	return 0;
309 }
310 early_param("mem", early_mem);
311 
arm64_memblock_init(void)312 void __init arm64_memblock_init(void)
313 {
314 	s64 linear_region_size = PAGE_END - _PAGE_OFFSET(vabits_actual);
315 
316 	/*
317 	 * Corner case: 52-bit VA capable systems running KVM in nVHE mode may
318 	 * be limited in their ability to support a linear map that exceeds 51
319 	 * bits of VA space, depending on the placement of the ID map. Given
320 	 * that the placement of the ID map may be randomized, let's simply
321 	 * limit the kernel's linear map to 51 bits as well if we detect this
322 	 * configuration.
323 	 */
324 	if (IS_ENABLED(CONFIG_KVM) && vabits_actual == 52 &&
325 	    is_hyp_mode_available() && !is_kernel_in_hyp_mode()) {
326 		pr_info("Capping linear region to 51 bits for KVM in nVHE mode on LVA capable hardware.\n");
327 		linear_region_size = min_t(u64, linear_region_size, BIT(51));
328 	}
329 
330 	/* Remove memory above our supported physical address size */
331 	memblock_remove(1ULL << PHYS_MASK_SHIFT, ULLONG_MAX);
332 
333 	/*
334 	 * Select a suitable value for the base of physical memory.
335 	 */
336 	memstart_addr = round_down(memblock_start_of_DRAM(),
337 				   ARM64_MEMSTART_ALIGN);
338 
339 	if ((memblock_end_of_DRAM() - memstart_addr) > linear_region_size)
340 		pr_warn("Memory doesn't fit in the linear mapping, VA_BITS too small\n");
341 
342 	/*
343 	 * Remove the memory that we will not be able to cover with the
344 	 * linear mapping. Take care not to clip the kernel which may be
345 	 * high in memory.
346 	 */
347 	memblock_remove(max_t(u64, memstart_addr + linear_region_size,
348 			__pa_symbol(_end)), ULLONG_MAX);
349 	if (memstart_addr + linear_region_size < memblock_end_of_DRAM()) {
350 		/* ensure that memstart_addr remains sufficiently aligned */
351 		memstart_addr = round_up(memblock_end_of_DRAM() - linear_region_size,
352 					 ARM64_MEMSTART_ALIGN);
353 		memblock_remove(0, memstart_addr);
354 	}
355 
356 	/*
357 	 * If we are running with a 52-bit kernel VA config on a system that
358 	 * does not support it, we have to place the available physical
359 	 * memory in the 48-bit addressable part of the linear region, i.e.,
360 	 * we have to move it upward. Since memstart_addr represents the
361 	 * physical address of PAGE_OFFSET, we have to *subtract* from it.
362 	 */
363 	if (IS_ENABLED(CONFIG_ARM64_VA_BITS_52) && (vabits_actual != 52))
364 		memstart_addr -= _PAGE_OFFSET(48) - _PAGE_OFFSET(52);
365 
366 	/*
367 	 * Apply the memory limit if it was set. Since the kernel may be loaded
368 	 * high up in memory, add back the kernel region that must be accessible
369 	 * via the linear mapping.
370 	 */
371 	if (memory_limit != PHYS_ADDR_MAX) {
372 		memblock_mem_limit_remove_map(memory_limit);
373 		memblock_add(__pa_symbol(_text), (u64)(_end - _text));
374 	}
375 
376 	if (IS_ENABLED(CONFIG_BLK_DEV_INITRD) && phys_initrd_size) {
377 		/*
378 		 * Add back the memory we just removed if it results in the
379 		 * initrd to become inaccessible via the linear mapping.
380 		 * Otherwise, this is a no-op
381 		 */
382 		u64 base = phys_initrd_start & PAGE_MASK;
383 		u64 size = PAGE_ALIGN(phys_initrd_start + phys_initrd_size) - base;
384 
385 		/*
386 		 * We can only add back the initrd memory if we don't end up
387 		 * with more memory than we can address via the linear mapping.
388 		 * It is up to the bootloader to position the kernel and the
389 		 * initrd reasonably close to each other (i.e., within 32 GB of
390 		 * each other) so that all granule/#levels combinations can
391 		 * always access both.
392 		 */
393 		if (WARN(base < memblock_start_of_DRAM() ||
394 			 base + size > memblock_start_of_DRAM() +
395 				       linear_region_size,
396 			"initrd not fully accessible via the linear mapping -- please check your bootloader ...\n")) {
397 			phys_initrd_size = 0;
398 		} else {
399 			memblock_add(base, size);
400 			memblock_clear_nomap(base, size);
401 			memblock_reserve(base, size);
402 		}
403 	}
404 
405 	if (IS_ENABLED(CONFIG_RANDOMIZE_BASE)) {
406 		extern u16 memstart_offset_seed;
407 		u64 mmfr0 = read_cpuid(ID_AA64MMFR0_EL1);
408 		int parange = cpuid_feature_extract_unsigned_field(
409 					mmfr0, ID_AA64MMFR0_EL1_PARANGE_SHIFT);
410 		s64 range = linear_region_size -
411 			    BIT(id_aa64mmfr0_parange_to_phys_shift(parange));
412 
413 		/*
414 		 * If the size of the linear region exceeds, by a sufficient
415 		 * margin, the size of the region that the physical memory can
416 		 * span, randomize the linear region as well.
417 		 */
418 		if (memstart_offset_seed > 0 && range >= (s64)ARM64_MEMSTART_ALIGN) {
419 			range /= ARM64_MEMSTART_ALIGN;
420 			memstart_addr -= ARM64_MEMSTART_ALIGN *
421 					 ((range * memstart_offset_seed) >> 16);
422 		}
423 	}
424 
425 	/*
426 	 * Register the kernel text, kernel data, initrd, and initial
427 	 * pagetables with memblock.
428 	 */
429 	memblock_reserve(__pa_symbol(_stext), _end - _stext);
430 	if (IS_ENABLED(CONFIG_BLK_DEV_INITRD) && phys_initrd_size) {
431 		/* the generic initrd code expects virtual addresses */
432 		initrd_start = __phys_to_virt(phys_initrd_start);
433 		initrd_end = initrd_start + phys_initrd_size;
434 	}
435 
436 	early_init_fdt_scan_reserved_mem();
437 
438 	high_memory = __va(memblock_end_of_DRAM() - 1) + 1;
439 }
440 
bootmem_init(void)441 void __init bootmem_init(void)
442 {
443 	unsigned long min, max;
444 
445 	min = PFN_UP(memblock_start_of_DRAM());
446 	max = PFN_DOWN(memblock_end_of_DRAM());
447 
448 	early_memtest(min << PAGE_SHIFT, max << PAGE_SHIFT);
449 
450 	max_pfn = max_low_pfn = max;
451 	min_low_pfn = min;
452 
453 	arch_numa_init();
454 
455 	/*
456 	 * must be done after arch_numa_init() which calls numa_init() to
457 	 * initialize node_online_map that gets used in hugetlb_cma_reserve()
458 	 * while allocating required CMA size across online nodes.
459 	 */
460 #if defined(CONFIG_HUGETLB_PAGE) && defined(CONFIG_CMA)
461 	arm64_hugetlb_cma_reserve();
462 #endif
463 
464 	kvm_hyp_reserve();
465 
466 	/*
467 	 * sparse_init() tries to allocate memory from memblock, so must be
468 	 * done after the fixed reservations
469 	 */
470 	sparse_init();
471 	zone_sizes_init();
472 
473 	/*
474 	 * Reserve the CMA area after arm64_dma_phys_limit was initialised.
475 	 */
476 	dma_contiguous_reserve(arm64_dma_phys_limit);
477 
478 	/*
479 	 * request_standard_resources() depends on crashkernel's memory being
480 	 * reserved, so do it here.
481 	 */
482 	reserve_crashkernel();
483 
484 	memblock_dump_all();
485 }
486 
487 /*
488  * mem_init() marks the free areas in the mem_map and tells us how much memory
489  * is free.  This is done after various parts of the system have claimed their
490  * memory after the kernel image.
491  */
mem_init(void)492 void __init mem_init(void)
493 {
494 	bool swiotlb = max_pfn > PFN_DOWN(arm64_dma_phys_limit);
495 
496 	if (IS_ENABLED(CONFIG_DMA_BOUNCE_UNALIGNED_KMALLOC))
497 		swiotlb = true;
498 
499 	swiotlb_init(swiotlb, SWIOTLB_VERBOSE);
500 
501 	/* this will put all unused low memory onto the freelists */
502 	memblock_free_all();
503 
504 	/*
505 	 * Check boundaries twice: Some fundamental inconsistencies can be
506 	 * detected at build time already.
507 	 */
508 #ifdef CONFIG_COMPAT
509 	BUILD_BUG_ON(TASK_SIZE_32 > DEFAULT_MAP_WINDOW_64);
510 #endif
511 
512 	/*
513 	 * Selected page table levels should match when derived from
514 	 * scratch using the virtual address range and page size.
515 	 */
516 	BUILD_BUG_ON(ARM64_HW_PGTABLE_LEVELS(CONFIG_ARM64_VA_BITS) !=
517 		     CONFIG_PGTABLE_LEVELS);
518 
519 	if (PAGE_SIZE >= 16384 && get_num_physpages() <= 128) {
520 		extern int sysctl_overcommit_memory;
521 		/*
522 		 * On a machine this small we won't get anywhere without
523 		 * overcommit, so turn it on by default.
524 		 */
525 		sysctl_overcommit_memory = OVERCOMMIT_ALWAYS;
526 	}
527 }
528 
free_initmem(void)529 void free_initmem(void)
530 {
531 	free_reserved_area(lm_alias(__init_begin),
532 			   lm_alias(__init_end),
533 			   POISON_FREE_INITMEM, "unused kernel");
534 	/*
535 	 * Unmap the __init region but leave the VM area in place. This
536 	 * prevents the region from being reused for kernel modules, which
537 	 * is not supported by kallsyms.
538 	 */
539 	vunmap_range((u64)__init_begin, (u64)__init_end);
540 }
541 
dump_mem_limit(void)542 void dump_mem_limit(void)
543 {
544 	if (memory_limit != PHYS_ADDR_MAX) {
545 		pr_emerg("Memory Limit: %llu MB\n", memory_limit >> 20);
546 	} else {
547 		pr_emerg("Memory Limit: none\n");
548 	}
549 }
550