1 // SPDX-License-Identifier: GPL-2.0-only 1
2 /*
3 * kexec.c - kexec system call core code.
4 * Copyright (C) 2002-2004 Eric Biederman <eb
5 */
6
7 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
8
9 #include <linux/btf.h>
10 #include <linux/capability.h>
11 #include <linux/mm.h>
12 #include <linux/file.h>
13 #include <linux/slab.h>
14 #include <linux/fs.h>
15 #include <linux/kexec.h>
16 #include <linux/mutex.h>
17 #include <linux/list.h>
18 #include <linux/highmem.h>
19 #include <linux/syscalls.h>
20 #include <linux/reboot.h>
21 #include <linux/ioport.h>
22 #include <linux/hardirq.h>
23 #include <linux/elf.h>
24 #include <linux/elfcore.h>
25 #include <linux/utsname.h>
26 #include <linux/numa.h>
27 #include <linux/suspend.h>
28 #include <linux/device.h>
29 #include <linux/freezer.h>
30 #include <linux/panic_notifier.h>
31 #include <linux/pm.h>
32 #include <linux/cpu.h>
33 #include <linux/uaccess.h>
34 #include <linux/io.h>
35 #include <linux/console.h>
36 #include <linux/vmalloc.h>
37 #include <linux/swap.h>
38 #include <linux/syscore_ops.h>
39 #include <linux/compiler.h>
40 #include <linux/hugetlb.h>
41 #include <linux/objtool.h>
42 #include <linux/kmsg_dump.h>
43
44 #include <asm/page.h>
45 #include <asm/sections.h>
46
47 #include <crypto/hash.h>
48 #include "kexec_internal.h"
49
50 atomic_t __kexec_lock = ATOMIC_INIT(0);
51
52 /* Flag to indicate we are going to kexec a ne
53 bool kexec_in_progress = false;
54
55 bool kexec_file_dbg_print;
56
57 /*
58 * When kexec transitions to the new kernel th
59 * mapping between physical and virtual addres
60 * where you can disable the MMU this is trivi
61 * others it is still a simple predictable pag
62 *
63 * In that environment kexec copies the new ke
64 * resting place. This means I can only suppo
65 * physical address can fit in an unsigned lon
66 * addresses where (pfn << PAGE_SHIFT) > ULONG
67 * If the assembly stub has more restrictive r
68 * KEXEC_SOURCE_MEMORY_LIMIT and KEXEC_DEST_ME
69 * defined more restrictively in <asm/kexec.h>
70 *
71 * The code for the transition from the curren
72 * new kernel is placed in the control_code_bu
73 * is given by KEXEC_CONTROL_PAGE_SIZE. In th
74 * page of memory is necessary, but some archi
75 * Because this memory must be identity mapped
76 * virtual to physical addresses it must live
77 * 0 - TASK_SIZE, as only the user space mappi
78 * modifiable.
79 *
80 * The assembly stub in the control code buffe
81 * of descriptor pages detailing the source pa
82 * and the destination addresses of those sour
83 * structure is not used in the context of the
84 * be self-contained.
85 *
86 * The code has been made to work with highmem
87 * destination page in its final resting place
88 * to allocate it). The end product of this i
89 * physical address space, and most of RAM can
90 *
91 * Future directions include:
92 * - allocating a page table with the control
93 * mapped, to simplify machine_kexec and ma
94 * reliable.
95 */
96
97 /*
98 * KIMAGE_NO_DEST is an impossible destination
99 * allocating pages whose destination address
100 */
101 #define KIMAGE_NO_DEST (-1UL)
102 #define PAGE_COUNT(x) (((x) + PAGE_SIZE - 1) >
103
104 static struct page *kimage_alloc_page(struct k
105 gfp_t g
106 unsigne
107
108 int sanity_check_segment_list(struct kimage *i
109 {
110 int i;
111 unsigned long nr_segments = image->nr_
112 unsigned long total_pages = 0;
113 unsigned long nr_pages = totalram_page
114
115 /*
116 * Verify we have good destination add
117 * responsible for making certain we d
118 * the new image into invalid or reser
119 * just verifies it is an address we c
120 *
121 * Since the kernel does everything in
122 * the destination addresses are page
123 * special cases crop of when we don't
124 * insidious is getting overlapping de
125 * simply because addresses are change
126 * granularity.
127 */
128 for (i = 0; i < nr_segments; i++) {
129 unsigned long mstart, mend;
130
131 mstart = image->segment[i].mem
132 mend = mstart + image->segme
133 if (mstart > mend)
134 return -EADDRNOTAVAIL;
135 if ((mstart & ~PAGE_MASK) || (
136 return -EADDRNOTAVAIL;
137 if (mend >= KEXEC_DESTINATION_
138 return -EADDRNOTAVAIL;
139 }
140
141 /* Verify our destination addresses do
142 * If we alloed overlapping destinatio
143 * through very weird things can happe
144 * easy explanation as one segment sto
145 */
146 for (i = 0; i < nr_segments; i++) {
147 unsigned long mstart, mend;
148 unsigned long j;
149
150 mstart = image->segment[i].mem
151 mend = mstart + image->segme
152 for (j = 0; j < i; j++) {
153 unsigned long pstart,
154
155 pstart = image->segmen
156 pend = pstart + imag
157 /* Do the segments ove
158 if ((mend > pstart) &&
159 return -EINVAL
160 }
161 }
162
163 /* Ensure our buffer sizes are strictl
164 * our memory sizes. This should alwa
165 * and it is easier to check up front
166 * later on.
167 */
168 for (i = 0; i < nr_segments; i++) {
169 if (image->segment[i].bufsz >
170 return -EINVAL;
171 }
172
173 /*
174 * Verify that no more than half of me
175 * request from userspace is too large
176 * wasted allocating pages, which can
177 */
178 for (i = 0; i < nr_segments; i++) {
179 if (PAGE_COUNT(image->segment[
180 return -EINVAL;
181
182 total_pages += PAGE_COUNT(imag
183 }
184
185 if (total_pages > nr_pages / 2)
186 return -EINVAL;
187
188 #ifdef CONFIG_CRASH_DUMP
189 /*
190 * Verify we have good destination add
191 * the caller is responsible for makin
192 * attempt to load the new image into
193 * areas of RAM. But crash kernels ar
194 * reserved area of ram. We must ensu
195 * are in the reserved area otherwise
196 * kernel could corrupt things.
197 */
198
199 if (image->type == KEXEC_TYPE_CRASH) {
200 for (i = 0; i < nr_segments; i
201 unsigned long mstart,
202
203 mstart = image->segmen
204 mend = mstart + image-
205 /* Ensure we are withi
206 if ((mstart < phys_to_
207 (mend > phys_to_bo
208 return -EADDRN
209 }
210 }
211 #endif
212
213 return 0;
214 }
215
216 struct kimage *do_kimage_alloc_init(void)
217 {
218 struct kimage *image;
219
220 /* Allocate a controlling structure */
221 image = kzalloc(sizeof(*image), GFP_KE
222 if (!image)
223 return NULL;
224
225 image->head = 0;
226 image->entry = &image->head;
227 image->last_entry = &image->head;
228 image->control_page = ~0; /* By defaul
229 image->type = KEXEC_TYPE_DEFAULT;
230
231 /* Initialize the list of control page
232 INIT_LIST_HEAD(&image->control_pages);
233
234 /* Initialize the list of destination
235 INIT_LIST_HEAD(&image->dest_pages);
236
237 /* Initialize the list of unusable pag
238 INIT_LIST_HEAD(&image->unusable_pages)
239
240 #ifdef CONFIG_CRASH_HOTPLUG
241 image->hp_action = KEXEC_CRASH_HP_NONE
242 image->elfcorehdr_index = -1;
243 image->elfcorehdr_updated = false;
244 #endif
245
246 return image;
247 }
248
249 int kimage_is_destination_range(struct kimage
250 unsign
251 unsign
252 {
253 unsigned long i;
254
255 for (i = 0; i < image->nr_segments; i+
256 unsigned long mstart, mend;
257
258 mstart = image->segment[i].mem
259 mend = mstart + image->segment
260 if ((end >= mstart) && (start
261 return 1;
262 }
263
264 return 0;
265 }
266
267 static struct page *kimage_alloc_pages(gfp_t g
268 {
269 struct page *pages;
270
271 if (fatal_signal_pending(current))
272 return NULL;
273 pages = alloc_pages(gfp_mask & ~__GFP_
274 if (pages) {
275 unsigned int count, i;
276
277 pages->mapping = NULL;
278 set_page_private(pages, order)
279 count = 1 << order;
280 for (i = 0; i < count; i++)
281 SetPageReserved(pages
282
283 arch_kexec_post_alloc_pages(pa
284 gf
285
286 if (gfp_mask & __GFP_ZERO)
287 for (i = 0; i < count;
288 clear_highpage
289 }
290
291 return pages;
292 }
293
294 static void kimage_free_pages(struct page *pag
295 {
296 unsigned int order, count, i;
297
298 order = page_private(page);
299 count = 1 << order;
300
301 arch_kexec_pre_free_pages(page_address
302
303 for (i = 0; i < count; i++)
304 ClearPageReserved(page + i);
305 __free_pages(page, order);
306 }
307
308 void kimage_free_page_list(struct list_head *l
309 {
310 struct page *page, *next;
311
312 list_for_each_entry_safe(page, next, l
313 list_del(&page->lru);
314 kimage_free_pages(page);
315 }
316 }
317
318 static struct page *kimage_alloc_normal_contro
319
320 {
321 /* Control pages are special, they are
322 * that are needed while we copy the r
323 * to their final resting place. As s
324 * not conflict with either the destin
325 * or memory the kernel is already usi
326 *
327 * The only case where we really need
328 * these are for architectures where w
329 * the MMU and must instead generate a
330 * page table for all of the memory.
331 *
332 * At worst this runs in O(N) of the i
333 */
334 struct list_head extra_pages;
335 struct page *pages;
336 unsigned int count;
337
338 count = 1 << order;
339 INIT_LIST_HEAD(&extra_pages);
340
341 /* Loop while I can allocate a page an
342 * is a destination page.
343 */
344 do {
345 unsigned long pfn, epfn, addr,
346
347 pages = kimage_alloc_pages(KEX
348 if (!pages)
349 break;
350 pfn = page_to_boot_pfn(pages
351 epfn = pfn + count;
352 addr = pfn << PAGE_SHIFT;
353 eaddr = (epfn << PAGE_SHIFT) -
354 if ((epfn >= (KEXEC_CONTROL_ME
355 kimage_is_destin
356 list_add(&pages->lru,
357 pages = NULL;
358 }
359 } while (!pages);
360
361 if (pages) {
362 /* Remember the allocated page
363 list_add(&pages->lru, &image->
364
365 /* Because the page is already
366 * location we will never allo
367 * that address. Therefore ki
368 * will not return it (again)
369 * to give it an entry in imag
370 */
371 }
372 /* Deal with the destination pages I h
373 *
374 * Ideally I would convert multi-page
375 * page allocations, and add everythin
376 *
377 * For now it is simpler to just free
378 */
379 kimage_free_page_list(&extra_pages);
380
381 return pages;
382 }
383
384 #ifdef CONFIG_CRASH_DUMP
385 static struct page *kimage_alloc_crash_control
386
387 {
388 /* Control pages are special, they are
389 * that are needed while we copy the r
390 * to their final resting place. As s
391 * not conflict with either the destin
392 * or memory the kernel is already usi
393 *
394 * Control pages are also the only pag
395 * when loading a crash kernel. All o
396 * are specified by the segments and w
397 * into them directly.
398 *
399 * The only case where we really need
400 * these are for architectures where w
401 * the MMU and must instead generate a
402 * page table for all of the memory.
403 *
404 * Given the low demand this implement
405 * allocator that finds the first hole
406 * size in the reserved memory region,
407 * of the memory up to and including t
408 */
409 unsigned long hole_start, hole_end, si
410 struct page *pages;
411
412 pages = NULL;
413 size = (1 << order) << PAGE_SHIFT;
414 hole_start = ALIGN(image->control_page
415 hole_end = hole_start + size - 1;
416 while (hole_end <= crashk_res.end) {
417 unsigned long i;
418
419 cond_resched();
420
421 if (hole_end > KEXEC_CRASH_CON
422 break;
423 /* See if I overlap any of the
424 for (i = 0; i < image->nr_segm
425 unsigned long mstart,
426
427 mstart = image->segmen
428 mend = mstart + imag
429 if ((hole_end >= mstar
430 /* Advance the
431 hole_start = A
432 hole_end = h
433 break;
434 }
435 }
436 /* If I don't overlap any segm
437 if (i == image->nr_segments) {
438 pages = pfn_to_page(ho
439 image->control_page =
440 break;
441 }
442 }
443
444 /* Ensure that these pages are decrypt
445 if (pages)
446 arch_kexec_post_alloc_pages(pa
447
448 return pages;
449 }
450 #endif
451
452
453 struct page *kimage_alloc_control_pages(struct
454 unsig
455 {
456 struct page *pages = NULL;
457
458 switch (image->type) {
459 case KEXEC_TYPE_DEFAULT:
460 pages = kimage_alloc_normal_co
461 break;
462 #ifdef CONFIG_CRASH_DUMP
463 case KEXEC_TYPE_CRASH:
464 pages = kimage_alloc_crash_con
465 break;
466 #endif
467 }
468
469 return pages;
470 }
471
472 static int kimage_add_entry(struct kimage *ima
473 {
474 if (*image->entry != 0)
475 image->entry++;
476
477 if (image->entry == image->last_entry)
478 kimage_entry_t *ind_page;
479 struct page *page;
480
481 page = kimage_alloc_page(image
482 if (!page)
483 return -ENOMEM;
484
485 ind_page = page_address(page);
486 *image->entry = virt_to_boot_p
487 image->entry = ind_page;
488 image->last_entry = ind_page +
489 ((PAGE_S
490 }
491 *image->entry = entry;
492 image->entry++;
493 *image->entry = 0;
494
495 return 0;
496 }
497
498 static int kimage_set_destination(struct kimag
499 unsigned lo
500 {
501 destination &= PAGE_MASK;
502
503 return kimage_add_entry(image, destina
504 }
505
506
507 static int kimage_add_page(struct kimage *imag
508 {
509 page &= PAGE_MASK;
510
511 return kimage_add_entry(image, page |
512 }
513
514
515 static void kimage_free_extra_pages(struct kim
516 {
517 /* Walk through and free any extra des
518 kimage_free_page_list(&image->dest_pag
519
520 /* Walk through and free any unusable
521 kimage_free_page_list(&image->unusable
522
523 }
524
525 void kimage_terminate(struct kimage *image)
526 {
527 if (*image->entry != 0)
528 image->entry++;
529
530 *image->entry = IND_DONE;
531 }
532
533 #define for_each_kimage_entry(image, ptr, entr
534 for (ptr = &image->head; (entry = *ptr
535 ptr = (entry & IND_INDIRECTION
536 boot_phys_to_virt((ent
537
538 static void kimage_free_entry(kimage_entry_t e
539 {
540 struct page *page;
541
542 page = boot_pfn_to_page(entry >> PAGE_
543 kimage_free_pages(page);
544 }
545
546 void kimage_free(struct kimage *image)
547 {
548 kimage_entry_t *ptr, entry;
549 kimage_entry_t ind = 0;
550
551 if (!image)
552 return;
553
554 #ifdef CONFIG_CRASH_DUMP
555 if (image->vmcoreinfo_data_copy) {
556 crash_update_vmcoreinfo_safeco
557 vunmap(image->vmcoreinfo_data_
558 }
559 #endif
560
561 kimage_free_extra_pages(image);
562 for_each_kimage_entry(image, ptr, entr
563 if (entry & IND_INDIRECTION) {
564 /* Free the previous i
565 if (ind & IND_INDIRECT
566 kimage_free_en
567 /* Save this indirecti
568 * done with it.
569 */
570 ind = entry;
571 } else if (entry & IND_SOURCE)
572 kimage_free_entry(entr
573 }
574 /* Free the final indirection page */
575 if (ind & IND_INDIRECTION)
576 kimage_free_entry(ind);
577
578 /* Handle any machine specific cleanup
579 machine_kexec_cleanup(image);
580
581 /* Free the kexec control pages... */
582 kimage_free_page_list(&image->control_
583
584 /*
585 * Free up any temporary buffers alloc
586 * error occurred much later after buf
587 */
588 if (image->file_mode)
589 kimage_file_post_load_cleanup(
590
591 kfree(image);
592 }
593
594 static kimage_entry_t *kimage_dst_used(struct
595 unsign
596 {
597 kimage_entry_t *ptr, entry;
598 unsigned long destination = 0;
599
600 for_each_kimage_entry(image, ptr, entr
601 if (entry & IND_DESTINATION)
602 destination = entry &
603 else if (entry & IND_SOURCE) {
604 if (page == destinatio
605 return ptr;
606 destination += PAGE_SI
607 }
608 }
609
610 return NULL;
611 }
612
613 static struct page *kimage_alloc_page(struct k
614 gfp_t
615 unsign
616 {
617 /*
618 * Here we implement safeguards to ens
619 * is not copied to its destination pa
620 * the destination page is no longer u
621 *
622 * To do this we maintain the invarian
623 * either its own destination page, or
624 * destination page at all.
625 *
626 * That is slightly stronger than requ
627 * that no problems will not occur is
628 * implementation is simply to verify.
629 *
630 * When allocating all pages normally
631 * in O(N) time, but in the worst case
632 * time. If the runtime is a problem
633 * be fixed.
634 */
635 struct page *page;
636 unsigned long addr;
637
638 /*
639 * Walk through the list of destinatio
640 * have a match.
641 */
642 list_for_each_entry(page, &image->dest
643 addr = page_to_boot_pfn(page)
644 if (addr == destination) {
645 list_del(&page->lru);
646 return page;
647 }
648 }
649 page = NULL;
650 while (1) {
651 kimage_entry_t *old;
652
653 /* Allocate a page, if we run
654 page = kimage_alloc_pages(gfp_
655 if (!page)
656 return NULL;
657 /* If the page cannot be used
658 if (page_to_boot_pfn(page) >
659 (KEXEC_SOURCE_
660 list_add(&page->lru, &
661 continue;
662 }
663 addr = page_to_boot_pfn(page)
664
665 /* If it is the destination pa
666 if (addr == destination)
667 break;
668
669 /* If the page is not a destin
670 if (!kimage_is_destination_ran
671
672 break;
673
674 /*
675 * I know that the page is som
676 * See if there is already a s
677 * destination page. And if s
678 */
679 old = kimage_dst_used(image, a
680 if (old) {
681 /* If so move it */
682 unsigned long old_addr
683 struct page *old_page;
684
685 old_addr = *old & PAGE
686 old_page = boot_pfn_to
687 copy_highpage(page, ol
688 *old = addr | (*old &
689
690 /* The old page I have
691 * destination page, s
692 * gfp_flags honor the
693 */
694 if (!(gfp_mask & __GFP
695 PageHighMem(old_pa
696 kimage_free_pa
697 continue;
698 }
699 page = old_page;
700 break;
701 }
702 /* Place the page on the desti
703 list_add(&page->lru, &image->d
704 }
705
706 return page;
707 }
708
709 static int kimage_load_normal_segment(struct k
710 struc
711 {
712 unsigned long maddr;
713 size_t ubytes, mbytes;
714 int result;
715 unsigned char __user *buf = NULL;
716 unsigned char *kbuf = NULL;
717
718 if (image->file_mode)
719 kbuf = segment->kbuf;
720 else
721 buf = segment->buf;
722 ubytes = segment->bufsz;
723 mbytes = segment->memsz;
724 maddr = segment->mem;
725
726 result = kimage_set_destination(image,
727 if (result < 0)
728 goto out;
729
730 while (mbytes) {
731 struct page *page;
732 char *ptr;
733 size_t uchunk, mchunk;
734
735 page = kimage_alloc_page(image
736 if (!page) {
737 result = -ENOMEM;
738 goto out;
739 }
740 result = kimage_add_page(image
741
742 if (result < 0)
743 goto out;
744
745 ptr = kmap_local_page(page);
746 /* Start with a clear page */
747 clear_page(ptr);
748 ptr += maddr & ~PAGE_MASK;
749 mchunk = min_t(size_t, mbytes,
750 PAGE_SIZE - (m
751 uchunk = min(ubytes, mchunk);
752
753 if (uchunk) {
754 /* For file based kexe
755 if (image->file_mode)
756 memcpy(ptr, kb
757 else
758 result = copy_
759 ubytes -= uchunk;
760 if (image->file_mode)
761 kbuf += uchunk
762 else
763 buf += uchunk;
764 }
765 kunmap_local(ptr);
766 if (result) {
767 result = -EFAULT;
768 goto out;
769 }
770 maddr += mchunk;
771 mbytes -= mchunk;
772
773 cond_resched();
774 }
775 out:
776 return result;
777 }
778
779 #ifdef CONFIG_CRASH_DUMP
780 static int kimage_load_crash_segment(struct ki
781 struct
782 {
783 /* For crash dumps kernels we simply c
784 * user space to it's destination.
785 * We do things a page at a time for t
786 */
787 unsigned long maddr;
788 size_t ubytes, mbytes;
789 int result;
790 unsigned char __user *buf = NULL;
791 unsigned char *kbuf = NULL;
792
793 result = 0;
794 if (image->file_mode)
795 kbuf = segment->kbuf;
796 else
797 buf = segment->buf;
798 ubytes = segment->bufsz;
799 mbytes = segment->memsz;
800 maddr = segment->mem;
801 while (mbytes) {
802 struct page *page;
803 char *ptr;
804 size_t uchunk, mchunk;
805
806 page = boot_pfn_to_page(maddr
807 if (!page) {
808 result = -ENOMEM;
809 goto out;
810 }
811 arch_kexec_post_alloc_pages(pa
812 ptr = kmap_local_page(page);
813 ptr += maddr & ~PAGE_MASK;
814 mchunk = min_t(size_t, mbytes,
815 PAGE_SIZE - (m
816 uchunk = min(ubytes, mchunk);
817 if (mchunk > uchunk) {
818 /* Zero the trailing p
819 memset(ptr + uchunk, 0
820 }
821
822 if (uchunk) {
823 /* For file based kexe
824 if (image->file_mode)
825 memcpy(ptr, kb
826 else
827 result = copy_
828 ubytes -= uchunk;
829 if (image->file_mode)
830 kbuf += uchunk
831 else
832 buf += uchunk;
833 }
834 kexec_flush_icache_page(page);
835 kunmap_local(ptr);
836 arch_kexec_pre_free_pages(page
837 if (result) {
838 result = -EFAULT;
839 goto out;
840 }
841 maddr += mchunk;
842 mbytes -= mchunk;
843
844 cond_resched();
845 }
846 out:
847 return result;
848 }
849 #endif
850
851 int kimage_load_segment(struct kimage *image,
852 struct kexec_s
853 {
854 int result = -ENOMEM;
855
856 switch (image->type) {
857 case KEXEC_TYPE_DEFAULT:
858 result = kimage_load_normal_se
859 break;
860 #ifdef CONFIG_CRASH_DUMP
861 case KEXEC_TYPE_CRASH:
862 result = kimage_load_crash_seg
863 break;
864 #endif
865 }
866
867 return result;
868 }
869
870 struct kexec_load_limit {
871 /* Mutex protects the limit count. */
872 struct mutex mutex;
873 int limit;
874 };
875
876 static struct kexec_load_limit load_limit_rebo
877 .mutex = __MUTEX_INITIALIZER(load_limi
878 .limit = -1,
879 };
880
881 static struct kexec_load_limit load_limit_pani
882 .mutex = __MUTEX_INITIALIZER(load_limi
883 .limit = -1,
884 };
885
886 struct kimage *kexec_image;
887 struct kimage *kexec_crash_image;
888 static int kexec_load_disabled;
889
890 #ifdef CONFIG_SYSCTL
891 static int kexec_limit_handler(const struct ct
892 void *buffer, s
893 {
894 struct kexec_load_limit *limit = table
895 int val;
896 struct ctl_table tmp = {
897 .data = &val,
898 .maxlen = sizeof(val),
899 .mode = table->mode,
900 };
901 int ret;
902
903 if (write) {
904 ret = proc_dointvec(&tmp, writ
905 if (ret)
906 return ret;
907
908 if (val < 0)
909 return -EINVAL;
910
911 mutex_lock(&limit->mutex);
912 if (limit->limit != -1 && val
913 ret = -EINVAL;
914 else
915 limit->limit = val;
916 mutex_unlock(&limit->mutex);
917
918 return ret;
919 }
920
921 mutex_lock(&limit->mutex);
922 val = limit->limit;
923 mutex_unlock(&limit->mutex);
924
925 return proc_dointvec(&tmp, write, buff
926 }
927
928 static struct ctl_table kexec_core_sysctls[] =
929 {
930 .procname = "kexec_load_
931 .data = &kexec_load_
932 .maxlen = sizeof(int),
933 .mode = 0644,
934 /* only handle a transition fr
935 .proc_handler = proc_dointve
936 .extra1 = SYSCTL_ONE,
937 .extra2 = SYSCTL_ONE,
938 },
939 {
940 .procname = "kexec_load_
941 .data = &load_limit_
942 .mode = 0644,
943 .proc_handler = kexec_limit_
944 },
945 {
946 .procname = "kexec_load_
947 .data = &load_limit_
948 .mode = 0644,
949 .proc_handler = kexec_limit_
950 },
951 };
952
953 static int __init kexec_core_sysctl_init(void)
954 {
955 register_sysctl_init("kernel", kexec_c
956 return 0;
957 }
958 late_initcall(kexec_core_sysctl_init);
959 #endif
960
961 bool kexec_load_permitted(int kexec_image_type
962 {
963 struct kexec_load_limit *limit;
964
965 /*
966 * Only the superuser can use the kexe
967 * been disabled.
968 */
969 if (!capable(CAP_SYS_BOOT) || kexec_lo
970 return false;
971
972 /* Check limit counter and decrease it
973 limit = (kexec_image_type == KEXEC_TYP
974 &load_limit_panic : &load_limi
975 mutex_lock(&limit->mutex);
976 if (!limit->limit) {
977 mutex_unlock(&limit->mutex);
978 return false;
979 }
980 if (limit->limit != -1)
981 limit->limit--;
982 mutex_unlock(&limit->mutex);
983
984 return true;
985 }
986
987 /*
988 * Move into place and start executing a prelo
989 * executable. If nothing was preloaded retur
990 */
991 int kernel_kexec(void)
992 {
993 int error = 0;
994
995 if (!kexec_trylock())
996 return -EBUSY;
997 if (!kexec_image) {
998 error = -EINVAL;
999 goto Unlock;
1000 }
1001
1002 #ifdef CONFIG_KEXEC_JUMP
1003 if (kexec_image->preserve_context) {
1004 pm_prepare_console();
1005 error = freeze_processes();
1006 if (error) {
1007 error = -EBUSY;
1008 goto Restore_console;
1009 }
1010 suspend_console();
1011 error = dpm_suspend_start(PMS
1012 if (error)
1013 goto Resume_console;
1014 /* At this point, dpm_suspend
1015 * but *not* dpm_suspend_end(
1016 * dpm_suspend_end() now. Ot
1017 * some devices (e.g. interru
1018 * desynchronized with the ac
1019 * hardware at resume time, a
1020 */
1021 error = dpm_suspend_end(PMSG_
1022 if (error)
1023 goto Resume_devices;
1024 error = suspend_disable_secon
1025 if (error)
1026 goto Enable_cpus;
1027 local_irq_disable();
1028 error = syscore_suspend();
1029 if (error)
1030 goto Enable_irqs;
1031 } else
1032 #endif
1033 {
1034 kexec_in_progress = true;
1035 kernel_restart_prepare("kexec
1036 migrate_to_reboot_cpu();
1037 syscore_shutdown();
1038
1039 /*
1040 * migrate_to_reboot_cpu() di
1041 * no further code needs to u
1042 * the reboot case). However,
1043 * CPU hotplug again; so re-e
1044 */
1045 cpu_hotplug_enable();
1046 pr_notice("Starting new kerne
1047 machine_shutdown();
1048 }
1049
1050 kmsg_dump(KMSG_DUMP_SHUTDOWN);
1051 machine_kexec(kexec_image);
1052
1053 #ifdef CONFIG_KEXEC_JUMP
1054 if (kexec_image->preserve_context) {
1055 syscore_resume();
1056 Enable_irqs:
1057 local_irq_enable();
1058 Enable_cpus:
1059 suspend_enable_secondary_cpus
1060 dpm_resume_start(PMSG_RESTORE
1061 Resume_devices:
1062 dpm_resume_end(PMSG_RESTORE);
1063 Resume_console:
1064 resume_console();
1065 thaw_processes();
1066 Restore_console:
1067 pm_restore_console();
1068 }
1069 #endif
1070
1071 Unlock:
1072 kexec_unlock();
1073 return error;
1074 }
1075
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.