1 // SPDX-License-Identifier: GPL-2.0-only 1 // SPDX-License-Identifier: GPL-2.0-only
2 /* 2 /*
3 * kexec.c - kexec system call core code. 3 * kexec.c - kexec system call core code.
4 * Copyright (C) 2002-2004 Eric Biederman <eb 4 * Copyright (C) 2002-2004 Eric Biederman <ebiederm@xmission.com>
5 */ 5 */
6 6
7 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 7 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
8 8
9 #include <linux/btf.h> <<
10 #include <linux/capability.h> 9 #include <linux/capability.h>
11 #include <linux/mm.h> 10 #include <linux/mm.h>
12 #include <linux/file.h> 11 #include <linux/file.h>
13 #include <linux/slab.h> 12 #include <linux/slab.h>
14 #include <linux/fs.h> 13 #include <linux/fs.h>
15 #include <linux/kexec.h> 14 #include <linux/kexec.h>
16 #include <linux/mutex.h> 15 #include <linux/mutex.h>
17 #include <linux/list.h> 16 #include <linux/list.h>
18 #include <linux/highmem.h> 17 #include <linux/highmem.h>
19 #include <linux/syscalls.h> 18 #include <linux/syscalls.h>
20 #include <linux/reboot.h> 19 #include <linux/reboot.h>
21 #include <linux/ioport.h> 20 #include <linux/ioport.h>
22 #include <linux/hardirq.h> 21 #include <linux/hardirq.h>
23 #include <linux/elf.h> 22 #include <linux/elf.h>
24 #include <linux/elfcore.h> 23 #include <linux/elfcore.h>
25 #include <linux/utsname.h> 24 #include <linux/utsname.h>
26 #include <linux/numa.h> 25 #include <linux/numa.h>
27 #include <linux/suspend.h> 26 #include <linux/suspend.h>
28 #include <linux/device.h> 27 #include <linux/device.h>
29 #include <linux/freezer.h> 28 #include <linux/freezer.h>
30 #include <linux/panic_notifier.h> <<
31 #include <linux/pm.h> 29 #include <linux/pm.h>
32 #include <linux/cpu.h> 30 #include <linux/cpu.h>
33 #include <linux/uaccess.h> 31 #include <linux/uaccess.h>
34 #include <linux/io.h> 32 #include <linux/io.h>
35 #include <linux/console.h> 33 #include <linux/console.h>
36 #include <linux/vmalloc.h> 34 #include <linux/vmalloc.h>
37 #include <linux/swap.h> 35 #include <linux/swap.h>
38 #include <linux/syscore_ops.h> 36 #include <linux/syscore_ops.h>
39 #include <linux/compiler.h> 37 #include <linux/compiler.h>
40 #include <linux/hugetlb.h> 38 #include <linux/hugetlb.h>
41 #include <linux/objtool.h> !! 39 #include <linux/frame.h>
42 #include <linux/kmsg_dump.h> <<
43 40
44 #include <asm/page.h> 41 #include <asm/page.h>
45 #include <asm/sections.h> 42 #include <asm/sections.h>
46 43
47 #include <crypto/hash.h> 44 #include <crypto/hash.h>
>> 45 #include <crypto/sha.h>
48 #include "kexec_internal.h" 46 #include "kexec_internal.h"
49 47
50 atomic_t __kexec_lock = ATOMIC_INIT(0); !! 48 DEFINE_MUTEX(kexec_mutex);
>> 49
>> 50 /* Per cpu memory for storing cpu states in case of system crash. */
>> 51 note_buf_t __percpu *crash_notes;
51 52
52 /* Flag to indicate we are going to kexec a ne 53 /* Flag to indicate we are going to kexec a new kernel */
53 bool kexec_in_progress = false; 54 bool kexec_in_progress = false;
54 55
55 bool kexec_file_dbg_print; !! 56
>> 57 /* Location of the reserved area for the crash kernel */
>> 58 struct resource crashk_res = {
>> 59 .name = "Crash kernel",
>> 60 .start = 0,
>> 61 .end = 0,
>> 62 .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM,
>> 63 .desc = IORES_DESC_CRASH_KERNEL
>> 64 };
>> 65 struct resource crashk_low_res = {
>> 66 .name = "Crash kernel",
>> 67 .start = 0,
>> 68 .end = 0,
>> 69 .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM,
>> 70 .desc = IORES_DESC_CRASH_KERNEL
>> 71 };
>> 72
>> 73 int kexec_should_crash(struct task_struct *p)
>> 74 {
>> 75 /*
>> 76 * If crash_kexec_post_notifiers is enabled, don't run
>> 77 * crash_kexec() here yet, which must be run after panic
>> 78 * notifiers in panic().
>> 79 */
>> 80 if (crash_kexec_post_notifiers)
>> 81 return 0;
>> 82 /*
>> 83 * There are 4 panic() calls in do_exit() path, each of which
>> 84 * corresponds to each of these 4 conditions.
>> 85 */
>> 86 if (in_interrupt() || !p->pid || is_global_init(p) || panic_on_oops)
>> 87 return 1;
>> 88 return 0;
>> 89 }
>> 90
>> 91 int kexec_crash_loaded(void)
>> 92 {
>> 93 return !!kexec_crash_image;
>> 94 }
>> 95 EXPORT_SYMBOL_GPL(kexec_crash_loaded);
56 96
57 /* 97 /*
58 * When kexec transitions to the new kernel th 98 * When kexec transitions to the new kernel there is a one-to-one
59 * mapping between physical and virtual addres 99 * mapping between physical and virtual addresses. On processors
60 * where you can disable the MMU this is trivi 100 * where you can disable the MMU this is trivial, and easy. For
61 * others it is still a simple predictable pag 101 * others it is still a simple predictable page table to setup.
62 * 102 *
63 * In that environment kexec copies the new ke 103 * In that environment kexec copies the new kernel to its final
64 * resting place. This means I can only suppo 104 * resting place. This means I can only support memory whose
65 * physical address can fit in an unsigned lon 105 * physical address can fit in an unsigned long. In particular
66 * addresses where (pfn << PAGE_SHIFT) > ULONG 106 * addresses where (pfn << PAGE_SHIFT) > ULONG_MAX cannot be handled.
67 * If the assembly stub has more restrictive r 107 * If the assembly stub has more restrictive requirements
68 * KEXEC_SOURCE_MEMORY_LIMIT and KEXEC_DEST_ME 108 * KEXEC_SOURCE_MEMORY_LIMIT and KEXEC_DEST_MEMORY_LIMIT can be
69 * defined more restrictively in <asm/kexec.h> 109 * defined more restrictively in <asm/kexec.h>.
70 * 110 *
71 * The code for the transition from the curren 111 * The code for the transition from the current kernel to the
72 * new kernel is placed in the control_code_bu !! 112 * the new kernel is placed in the control_code_buffer, whose size
73 * is given by KEXEC_CONTROL_PAGE_SIZE. In th 113 * is given by KEXEC_CONTROL_PAGE_SIZE. In the best case only a single
74 * page of memory is necessary, but some archi 114 * page of memory is necessary, but some architectures require more.
75 * Because this memory must be identity mapped 115 * Because this memory must be identity mapped in the transition from
76 * virtual to physical addresses it must live 116 * virtual to physical addresses it must live in the range
77 * 0 - TASK_SIZE, as only the user space mappi 117 * 0 - TASK_SIZE, as only the user space mappings are arbitrarily
78 * modifiable. 118 * modifiable.
79 * 119 *
80 * The assembly stub in the control code buffe 120 * The assembly stub in the control code buffer is passed a linked list
81 * of descriptor pages detailing the source pa 121 * of descriptor pages detailing the source pages of the new kernel,
82 * and the destination addresses of those sour 122 * and the destination addresses of those source pages. As this data
83 * structure is not used in the context of the 123 * structure is not used in the context of the current OS, it must
84 * be self-contained. 124 * be self-contained.
85 * 125 *
86 * The code has been made to work with highmem 126 * The code has been made to work with highmem pages and will use a
87 * destination page in its final resting place 127 * destination page in its final resting place (if it happens
88 * to allocate it). The end product of this i 128 * to allocate it). The end product of this is that most of the
89 * physical address space, and most of RAM can 129 * physical address space, and most of RAM can be used.
90 * 130 *
91 * Future directions include: 131 * Future directions include:
92 * - allocating a page table with the control 132 * - allocating a page table with the control code buffer identity
93 * mapped, to simplify machine_kexec and ma 133 * mapped, to simplify machine_kexec and make kexec_on_panic more
94 * reliable. 134 * reliable.
95 */ 135 */
96 136
97 /* 137 /*
98 * KIMAGE_NO_DEST is an impossible destination 138 * KIMAGE_NO_DEST is an impossible destination address..., for
99 * allocating pages whose destination address 139 * allocating pages whose destination address we do not care about.
100 */ 140 */
101 #define KIMAGE_NO_DEST (-1UL) 141 #define KIMAGE_NO_DEST (-1UL)
102 #define PAGE_COUNT(x) (((x) + PAGE_SIZE - 1) > 142 #define PAGE_COUNT(x) (((x) + PAGE_SIZE - 1) >> PAGE_SHIFT)
103 143
104 static struct page *kimage_alloc_page(struct k 144 static struct page *kimage_alloc_page(struct kimage *image,
105 gfp_t g 145 gfp_t gfp_mask,
106 unsigne 146 unsigned long dest);
107 147
108 int sanity_check_segment_list(struct kimage *i 148 int sanity_check_segment_list(struct kimage *image)
109 { 149 {
110 int i; 150 int i;
111 unsigned long nr_segments = image->nr_ 151 unsigned long nr_segments = image->nr_segments;
112 unsigned long total_pages = 0; 152 unsigned long total_pages = 0;
113 unsigned long nr_pages = totalram_page 153 unsigned long nr_pages = totalram_pages();
114 154
115 /* 155 /*
116 * Verify we have good destination add 156 * Verify we have good destination addresses. The caller is
117 * responsible for making certain we d 157 * responsible for making certain we don't attempt to load
118 * the new image into invalid or reser 158 * the new image into invalid or reserved areas of RAM. This
119 * just verifies it is an address we c 159 * just verifies it is an address we can use.
120 * 160 *
121 * Since the kernel does everything in 161 * Since the kernel does everything in page size chunks ensure
122 * the destination addresses are page 162 * the destination addresses are page aligned. Too many
123 * special cases crop of when we don't 163 * special cases crop of when we don't do this. The most
124 * insidious is getting overlapping de 164 * insidious is getting overlapping destination addresses
125 * simply because addresses are change 165 * simply because addresses are changed to page size
126 * granularity. 166 * granularity.
127 */ 167 */
128 for (i = 0; i < nr_segments; i++) { 168 for (i = 0; i < nr_segments; i++) {
129 unsigned long mstart, mend; 169 unsigned long mstart, mend;
130 170
131 mstart = image->segment[i].mem 171 mstart = image->segment[i].mem;
132 mend = mstart + image->segme 172 mend = mstart + image->segment[i].memsz;
133 if (mstart > mend) 173 if (mstart > mend)
134 return -EADDRNOTAVAIL; 174 return -EADDRNOTAVAIL;
135 if ((mstart & ~PAGE_MASK) || ( 175 if ((mstart & ~PAGE_MASK) || (mend & ~PAGE_MASK))
136 return -EADDRNOTAVAIL; 176 return -EADDRNOTAVAIL;
137 if (mend >= KEXEC_DESTINATION_ 177 if (mend >= KEXEC_DESTINATION_MEMORY_LIMIT)
138 return -EADDRNOTAVAIL; 178 return -EADDRNOTAVAIL;
139 } 179 }
140 180
141 /* Verify our destination addresses do 181 /* Verify our destination addresses do not overlap.
142 * If we alloed overlapping destinatio 182 * If we alloed overlapping destination addresses
143 * through very weird things can happe 183 * through very weird things can happen with no
144 * easy explanation as one segment sto 184 * easy explanation as one segment stops on another.
145 */ 185 */
146 for (i = 0; i < nr_segments; i++) { 186 for (i = 0; i < nr_segments; i++) {
147 unsigned long mstart, mend; 187 unsigned long mstart, mend;
148 unsigned long j; 188 unsigned long j;
149 189
150 mstart = image->segment[i].mem 190 mstart = image->segment[i].mem;
151 mend = mstart + image->segme 191 mend = mstart + image->segment[i].memsz;
152 for (j = 0; j < i; j++) { 192 for (j = 0; j < i; j++) {
153 unsigned long pstart, 193 unsigned long pstart, pend;
154 194
155 pstart = image->segmen 195 pstart = image->segment[j].mem;
156 pend = pstart + imag 196 pend = pstart + image->segment[j].memsz;
157 /* Do the segments ove 197 /* Do the segments overlap ? */
158 if ((mend > pstart) && 198 if ((mend > pstart) && (mstart < pend))
159 return -EINVAL 199 return -EINVAL;
160 } 200 }
161 } 201 }
162 202
163 /* Ensure our buffer sizes are strictl 203 /* Ensure our buffer sizes are strictly less than
164 * our memory sizes. This should alwa 204 * our memory sizes. This should always be the case,
165 * and it is easier to check up front 205 * and it is easier to check up front than to be surprised
166 * later on. 206 * later on.
167 */ 207 */
168 for (i = 0; i < nr_segments; i++) { 208 for (i = 0; i < nr_segments; i++) {
169 if (image->segment[i].bufsz > 209 if (image->segment[i].bufsz > image->segment[i].memsz)
170 return -EINVAL; 210 return -EINVAL;
171 } 211 }
172 212
173 /* 213 /*
174 * Verify that no more than half of me 214 * Verify that no more than half of memory will be consumed. If the
175 * request from userspace is too large 215 * request from userspace is too large, a large amount of time will be
176 * wasted allocating pages, which can 216 * wasted allocating pages, which can cause a soft lockup.
177 */ 217 */
178 for (i = 0; i < nr_segments; i++) { 218 for (i = 0; i < nr_segments; i++) {
179 if (PAGE_COUNT(image->segment[ 219 if (PAGE_COUNT(image->segment[i].memsz) > nr_pages / 2)
180 return -EINVAL; 220 return -EINVAL;
181 221
182 total_pages += PAGE_COUNT(imag 222 total_pages += PAGE_COUNT(image->segment[i].memsz);
183 } 223 }
184 224
185 if (total_pages > nr_pages / 2) 225 if (total_pages > nr_pages / 2)
186 return -EINVAL; 226 return -EINVAL;
187 227
188 #ifdef CONFIG_CRASH_DUMP <<
189 /* 228 /*
190 * Verify we have good destination add 229 * Verify we have good destination addresses. Normally
191 * the caller is responsible for makin 230 * the caller is responsible for making certain we don't
192 * attempt to load the new image into 231 * attempt to load the new image into invalid or reserved
193 * areas of RAM. But crash kernels ar 232 * areas of RAM. But crash kernels are preloaded into a
194 * reserved area of ram. We must ensu 233 * reserved area of ram. We must ensure the addresses
195 * are in the reserved area otherwise 234 * are in the reserved area otherwise preloading the
196 * kernel could corrupt things. 235 * kernel could corrupt things.
197 */ 236 */
198 237
199 if (image->type == KEXEC_TYPE_CRASH) { 238 if (image->type == KEXEC_TYPE_CRASH) {
200 for (i = 0; i < nr_segments; i 239 for (i = 0; i < nr_segments; i++) {
201 unsigned long mstart, 240 unsigned long mstart, mend;
202 241
203 mstart = image->segmen 242 mstart = image->segment[i].mem;
204 mend = mstart + image- 243 mend = mstart + image->segment[i].memsz - 1;
205 /* Ensure we are withi 244 /* Ensure we are within the crash kernel limits */
206 if ((mstart < phys_to_ 245 if ((mstart < phys_to_boot_phys(crashk_res.start)) ||
207 (mend > phys_to_bo 246 (mend > phys_to_boot_phys(crashk_res.end)))
208 return -EADDRN 247 return -EADDRNOTAVAIL;
209 } 248 }
210 } 249 }
211 #endif <<
212 250
213 return 0; 251 return 0;
214 } 252 }
215 253
216 struct kimage *do_kimage_alloc_init(void) 254 struct kimage *do_kimage_alloc_init(void)
217 { 255 {
218 struct kimage *image; 256 struct kimage *image;
219 257
220 /* Allocate a controlling structure */ 258 /* Allocate a controlling structure */
221 image = kzalloc(sizeof(*image), GFP_KE 259 image = kzalloc(sizeof(*image), GFP_KERNEL);
222 if (!image) 260 if (!image)
223 return NULL; 261 return NULL;
224 262
225 image->head = 0; 263 image->head = 0;
226 image->entry = &image->head; 264 image->entry = &image->head;
227 image->last_entry = &image->head; 265 image->last_entry = &image->head;
228 image->control_page = ~0; /* By defaul 266 image->control_page = ~0; /* By default this does not apply */
229 image->type = KEXEC_TYPE_DEFAULT; 267 image->type = KEXEC_TYPE_DEFAULT;
230 268
231 /* Initialize the list of control page 269 /* Initialize the list of control pages */
232 INIT_LIST_HEAD(&image->control_pages); 270 INIT_LIST_HEAD(&image->control_pages);
233 271
234 /* Initialize the list of destination 272 /* Initialize the list of destination pages */
235 INIT_LIST_HEAD(&image->dest_pages); 273 INIT_LIST_HEAD(&image->dest_pages);
236 274
237 /* Initialize the list of unusable pag 275 /* Initialize the list of unusable pages */
238 INIT_LIST_HEAD(&image->unusable_pages) 276 INIT_LIST_HEAD(&image->unusable_pages);
239 277
240 #ifdef CONFIG_CRASH_HOTPLUG <<
241 image->hp_action = KEXEC_CRASH_HP_NONE <<
242 image->elfcorehdr_index = -1; <<
243 image->elfcorehdr_updated = false; <<
244 #endif <<
245 <<
246 return image; 278 return image;
247 } 279 }
248 280
249 int kimage_is_destination_range(struct kimage 281 int kimage_is_destination_range(struct kimage *image,
250 unsign 282 unsigned long start,
251 unsign 283 unsigned long end)
252 { 284 {
253 unsigned long i; 285 unsigned long i;
254 286
255 for (i = 0; i < image->nr_segments; i+ 287 for (i = 0; i < image->nr_segments; i++) {
256 unsigned long mstart, mend; 288 unsigned long mstart, mend;
257 289
258 mstart = image->segment[i].mem 290 mstart = image->segment[i].mem;
259 mend = mstart + image->segment !! 291 mend = mstart + image->segment[i].memsz;
260 if ((end >= mstart) && (start !! 292 if ((end > mstart) && (start < mend))
261 return 1; 293 return 1;
262 } 294 }
263 295
264 return 0; 296 return 0;
265 } 297 }
266 298
267 static struct page *kimage_alloc_pages(gfp_t g 299 static struct page *kimage_alloc_pages(gfp_t gfp_mask, unsigned int order)
268 { 300 {
269 struct page *pages; 301 struct page *pages;
270 302
271 if (fatal_signal_pending(current)) 303 if (fatal_signal_pending(current))
272 return NULL; 304 return NULL;
273 pages = alloc_pages(gfp_mask & ~__GFP_ 305 pages = alloc_pages(gfp_mask & ~__GFP_ZERO, order);
274 if (pages) { 306 if (pages) {
275 unsigned int count, i; 307 unsigned int count, i;
276 308
277 pages->mapping = NULL; 309 pages->mapping = NULL;
278 set_page_private(pages, order) 310 set_page_private(pages, order);
279 count = 1 << order; 311 count = 1 << order;
280 for (i = 0; i < count; i++) 312 for (i = 0; i < count; i++)
281 SetPageReserved(pages 313 SetPageReserved(pages + i);
282 314
283 arch_kexec_post_alloc_pages(pa 315 arch_kexec_post_alloc_pages(page_address(pages), count,
284 gf 316 gfp_mask);
285 317
286 if (gfp_mask & __GFP_ZERO) 318 if (gfp_mask & __GFP_ZERO)
287 for (i = 0; i < count; 319 for (i = 0; i < count; i++)
288 clear_highpage 320 clear_highpage(pages + i);
289 } 321 }
290 322
291 return pages; 323 return pages;
292 } 324 }
293 325
294 static void kimage_free_pages(struct page *pag 326 static void kimage_free_pages(struct page *page)
295 { 327 {
296 unsigned int order, count, i; 328 unsigned int order, count, i;
297 329
298 order = page_private(page); 330 order = page_private(page);
299 count = 1 << order; 331 count = 1 << order;
300 332
301 arch_kexec_pre_free_pages(page_address 333 arch_kexec_pre_free_pages(page_address(page), count);
302 334
303 for (i = 0; i < count; i++) 335 for (i = 0; i < count; i++)
304 ClearPageReserved(page + i); 336 ClearPageReserved(page + i);
305 __free_pages(page, order); 337 __free_pages(page, order);
306 } 338 }
307 339
308 void kimage_free_page_list(struct list_head *l 340 void kimage_free_page_list(struct list_head *list)
309 { 341 {
310 struct page *page, *next; 342 struct page *page, *next;
311 343
312 list_for_each_entry_safe(page, next, l 344 list_for_each_entry_safe(page, next, list, lru) {
313 list_del(&page->lru); 345 list_del(&page->lru);
314 kimage_free_pages(page); 346 kimage_free_pages(page);
315 } 347 }
316 } 348 }
317 349
318 static struct page *kimage_alloc_normal_contro 350 static struct page *kimage_alloc_normal_control_pages(struct kimage *image,
319 351 unsigned int order)
320 { 352 {
321 /* Control pages are special, they are 353 /* Control pages are special, they are the intermediaries
322 * that are needed while we copy the r 354 * that are needed while we copy the rest of the pages
323 * to their final resting place. As s 355 * to their final resting place. As such they must
324 * not conflict with either the destin 356 * not conflict with either the destination addresses
325 * or memory the kernel is already usi 357 * or memory the kernel is already using.
326 * 358 *
327 * The only case where we really need 359 * The only case where we really need more than one of
328 * these are for architectures where w 360 * these are for architectures where we cannot disable
329 * the MMU and must instead generate a 361 * the MMU and must instead generate an identity mapped
330 * page table for all of the memory. 362 * page table for all of the memory.
331 * 363 *
332 * At worst this runs in O(N) of the i 364 * At worst this runs in O(N) of the image size.
333 */ 365 */
334 struct list_head extra_pages; 366 struct list_head extra_pages;
335 struct page *pages; 367 struct page *pages;
336 unsigned int count; 368 unsigned int count;
337 369
338 count = 1 << order; 370 count = 1 << order;
339 INIT_LIST_HEAD(&extra_pages); 371 INIT_LIST_HEAD(&extra_pages);
340 372
341 /* Loop while I can allocate a page an 373 /* Loop while I can allocate a page and the page allocated
342 * is a destination page. 374 * is a destination page.
343 */ 375 */
344 do { 376 do {
345 unsigned long pfn, epfn, addr, 377 unsigned long pfn, epfn, addr, eaddr;
346 378
347 pages = kimage_alloc_pages(KEX 379 pages = kimage_alloc_pages(KEXEC_CONTROL_MEMORY_GFP, order);
348 if (!pages) 380 if (!pages)
349 break; 381 break;
350 pfn = page_to_boot_pfn(pages 382 pfn = page_to_boot_pfn(pages);
351 epfn = pfn + count; 383 epfn = pfn + count;
352 addr = pfn << PAGE_SHIFT; 384 addr = pfn << PAGE_SHIFT;
353 eaddr = (epfn << PAGE_SHIFT) - !! 385 eaddr = epfn << PAGE_SHIFT;
354 if ((epfn >= (KEXEC_CONTROL_ME 386 if ((epfn >= (KEXEC_CONTROL_MEMORY_LIMIT >> PAGE_SHIFT)) ||
355 kimage_is_destin 387 kimage_is_destination_range(image, addr, eaddr)) {
356 list_add(&pages->lru, 388 list_add(&pages->lru, &extra_pages);
357 pages = NULL; 389 pages = NULL;
358 } 390 }
359 } while (!pages); 391 } while (!pages);
360 392
361 if (pages) { 393 if (pages) {
362 /* Remember the allocated page 394 /* Remember the allocated page... */
363 list_add(&pages->lru, &image-> 395 list_add(&pages->lru, &image->control_pages);
364 396
365 /* Because the page is already 397 /* Because the page is already in it's destination
366 * location we will never allo 398 * location we will never allocate another page at
367 * that address. Therefore ki 399 * that address. Therefore kimage_alloc_pages
368 * will not return it (again) 400 * will not return it (again) and we don't need
369 * to give it an entry in imag 401 * to give it an entry in image->segment[].
370 */ 402 */
371 } 403 }
372 /* Deal with the destination pages I h 404 /* Deal with the destination pages I have inadvertently allocated.
373 * 405 *
374 * Ideally I would convert multi-page 406 * Ideally I would convert multi-page allocations into single
375 * page allocations, and add everythin 407 * page allocations, and add everything to image->dest_pages.
376 * 408 *
377 * For now it is simpler to just free 409 * For now it is simpler to just free the pages.
378 */ 410 */
379 kimage_free_page_list(&extra_pages); 411 kimage_free_page_list(&extra_pages);
380 412
381 return pages; 413 return pages;
382 } 414 }
383 415
384 #ifdef CONFIG_CRASH_DUMP <<
385 static struct page *kimage_alloc_crash_control 416 static struct page *kimage_alloc_crash_control_pages(struct kimage *image,
386 417 unsigned int order)
387 { 418 {
388 /* Control pages are special, they are 419 /* Control pages are special, they are the intermediaries
389 * that are needed while we copy the r 420 * that are needed while we copy the rest of the pages
390 * to their final resting place. As s 421 * to their final resting place. As such they must
391 * not conflict with either the destin 422 * not conflict with either the destination addresses
392 * or memory the kernel is already usi 423 * or memory the kernel is already using.
393 * 424 *
394 * Control pages are also the only pag 425 * Control pages are also the only pags we must allocate
395 * when loading a crash kernel. All o 426 * when loading a crash kernel. All of the other pages
396 * are specified by the segments and w 427 * are specified by the segments and we just memcpy
397 * into them directly. 428 * into them directly.
398 * 429 *
399 * The only case where we really need 430 * The only case where we really need more than one of
400 * these are for architectures where w 431 * these are for architectures where we cannot disable
401 * the MMU and must instead generate a 432 * the MMU and must instead generate an identity mapped
402 * page table for all of the memory. 433 * page table for all of the memory.
403 * 434 *
404 * Given the low demand this implement 435 * Given the low demand this implements a very simple
405 * allocator that finds the first hole 436 * allocator that finds the first hole of the appropriate
406 * size in the reserved memory region, 437 * size in the reserved memory region, and allocates all
407 * of the memory up to and including t 438 * of the memory up to and including the hole.
408 */ 439 */
409 unsigned long hole_start, hole_end, si 440 unsigned long hole_start, hole_end, size;
410 struct page *pages; 441 struct page *pages;
411 442
412 pages = NULL; 443 pages = NULL;
413 size = (1 << order) << PAGE_SHIFT; 444 size = (1 << order) << PAGE_SHIFT;
414 hole_start = ALIGN(image->control_page !! 445 hole_start = (image->control_page + (size - 1)) & ~(size - 1);
415 hole_end = hole_start + size - 1; 446 hole_end = hole_start + size - 1;
416 while (hole_end <= crashk_res.end) { 447 while (hole_end <= crashk_res.end) {
417 unsigned long i; 448 unsigned long i;
418 449
419 cond_resched(); 450 cond_resched();
420 451
421 if (hole_end > KEXEC_CRASH_CON 452 if (hole_end > KEXEC_CRASH_CONTROL_MEMORY_LIMIT)
422 break; 453 break;
423 /* See if I overlap any of the 454 /* See if I overlap any of the segments */
424 for (i = 0; i < image->nr_segm 455 for (i = 0; i < image->nr_segments; i++) {
425 unsigned long mstart, 456 unsigned long mstart, mend;
426 457
427 mstart = image->segmen 458 mstart = image->segment[i].mem;
428 mend = mstart + imag 459 mend = mstart + image->segment[i].memsz - 1;
429 if ((hole_end >= mstar 460 if ((hole_end >= mstart) && (hole_start <= mend)) {
430 /* Advance the 461 /* Advance the hole to the end of the segment */
431 hole_start = A !! 462 hole_start = (mend + (size - 1)) & ~(size - 1);
432 hole_end = h 463 hole_end = hole_start + size - 1;
433 break; 464 break;
434 } 465 }
435 } 466 }
436 /* If I don't overlap any segm 467 /* If I don't overlap any segments I have found my hole! */
437 if (i == image->nr_segments) { 468 if (i == image->nr_segments) {
438 pages = pfn_to_page(ho 469 pages = pfn_to_page(hole_start >> PAGE_SHIFT);
439 image->control_page = !! 470 image->control_page = hole_end;
440 break; 471 break;
441 } 472 }
442 } 473 }
443 474
444 /* Ensure that these pages are decrypt 475 /* Ensure that these pages are decrypted if SME is enabled. */
445 if (pages) 476 if (pages)
446 arch_kexec_post_alloc_pages(pa 477 arch_kexec_post_alloc_pages(page_address(pages), 1 << order, 0);
447 478
448 return pages; 479 return pages;
449 } 480 }
450 #endif <<
451 481
452 482
453 struct page *kimage_alloc_control_pages(struct 483 struct page *kimage_alloc_control_pages(struct kimage *image,
454 unsig 484 unsigned int order)
455 { 485 {
456 struct page *pages = NULL; 486 struct page *pages = NULL;
457 487
458 switch (image->type) { 488 switch (image->type) {
459 case KEXEC_TYPE_DEFAULT: 489 case KEXEC_TYPE_DEFAULT:
460 pages = kimage_alloc_normal_co 490 pages = kimage_alloc_normal_control_pages(image, order);
461 break; 491 break;
462 #ifdef CONFIG_CRASH_DUMP <<
463 case KEXEC_TYPE_CRASH: 492 case KEXEC_TYPE_CRASH:
464 pages = kimage_alloc_crash_con 493 pages = kimage_alloc_crash_control_pages(image, order);
465 break; 494 break;
466 #endif <<
467 } 495 }
468 496
469 return pages; 497 return pages;
470 } 498 }
471 499
>> 500 int kimage_crash_copy_vmcoreinfo(struct kimage *image)
>> 501 {
>> 502 struct page *vmcoreinfo_page;
>> 503 void *safecopy;
>> 504
>> 505 if (image->type != KEXEC_TYPE_CRASH)
>> 506 return 0;
>> 507
>> 508 /*
>> 509 * For kdump, allocate one vmcoreinfo safe copy from the
>> 510 * crash memory. as we have arch_kexec_protect_crashkres()
>> 511 * after kexec syscall, we naturally protect it from write
>> 512 * (even read) access under kernel direct mapping. But on
>> 513 * the other hand, we still need to operate it when crash
>> 514 * happens to generate vmcoreinfo note, hereby we rely on
>> 515 * vmap for this purpose.
>> 516 */
>> 517 vmcoreinfo_page = kimage_alloc_control_pages(image, 0);
>> 518 if (!vmcoreinfo_page) {
>> 519 pr_warn("Could not allocate vmcoreinfo buffer\n");
>> 520 return -ENOMEM;
>> 521 }
>> 522 safecopy = vmap(&vmcoreinfo_page, 1, VM_MAP, PAGE_KERNEL);
>> 523 if (!safecopy) {
>> 524 pr_warn("Could not vmap vmcoreinfo buffer\n");
>> 525 return -ENOMEM;
>> 526 }
>> 527
>> 528 image->vmcoreinfo_data_copy = safecopy;
>> 529 crash_update_vmcoreinfo_safecopy(safecopy);
>> 530
>> 531 return 0;
>> 532 }
>> 533
472 static int kimage_add_entry(struct kimage *ima 534 static int kimage_add_entry(struct kimage *image, kimage_entry_t entry)
473 { 535 {
474 if (*image->entry != 0) 536 if (*image->entry != 0)
475 image->entry++; 537 image->entry++;
476 538
477 if (image->entry == image->last_entry) 539 if (image->entry == image->last_entry) {
478 kimage_entry_t *ind_page; 540 kimage_entry_t *ind_page;
479 struct page *page; 541 struct page *page;
480 542
481 page = kimage_alloc_page(image 543 page = kimage_alloc_page(image, GFP_KERNEL, KIMAGE_NO_DEST);
482 if (!page) 544 if (!page)
483 return -ENOMEM; 545 return -ENOMEM;
484 546
485 ind_page = page_address(page); 547 ind_page = page_address(page);
486 *image->entry = virt_to_boot_p 548 *image->entry = virt_to_boot_phys(ind_page) | IND_INDIRECTION;
487 image->entry = ind_page; 549 image->entry = ind_page;
488 image->last_entry = ind_page + 550 image->last_entry = ind_page +
489 ((PAGE_S 551 ((PAGE_SIZE/sizeof(kimage_entry_t)) - 1);
490 } 552 }
491 *image->entry = entry; 553 *image->entry = entry;
492 image->entry++; 554 image->entry++;
493 *image->entry = 0; 555 *image->entry = 0;
494 556
495 return 0; 557 return 0;
496 } 558 }
497 559
498 static int kimage_set_destination(struct kimag 560 static int kimage_set_destination(struct kimage *image,
499 unsigned lo 561 unsigned long destination)
500 { 562 {
>> 563 int result;
>> 564
501 destination &= PAGE_MASK; 565 destination &= PAGE_MASK;
>> 566 result = kimage_add_entry(image, destination | IND_DESTINATION);
502 567
503 return kimage_add_entry(image, destina !! 568 return result;
504 } 569 }
505 570
506 571
507 static int kimage_add_page(struct kimage *imag 572 static int kimage_add_page(struct kimage *image, unsigned long page)
508 { 573 {
>> 574 int result;
>> 575
509 page &= PAGE_MASK; 576 page &= PAGE_MASK;
>> 577 result = kimage_add_entry(image, page | IND_SOURCE);
510 578
511 return kimage_add_entry(image, page | !! 579 return result;
512 } 580 }
513 581
514 582
515 static void kimage_free_extra_pages(struct kim 583 static void kimage_free_extra_pages(struct kimage *image)
516 { 584 {
517 /* Walk through and free any extra des 585 /* Walk through and free any extra destination pages I may have */
518 kimage_free_page_list(&image->dest_pag 586 kimage_free_page_list(&image->dest_pages);
519 587
520 /* Walk through and free any unusable 588 /* Walk through and free any unusable pages I have cached */
521 kimage_free_page_list(&image->unusable 589 kimage_free_page_list(&image->unusable_pages);
522 590
523 } 591 }
524 <<
525 void kimage_terminate(struct kimage *image) 592 void kimage_terminate(struct kimage *image)
526 { 593 {
527 if (*image->entry != 0) 594 if (*image->entry != 0)
528 image->entry++; 595 image->entry++;
529 596
530 *image->entry = IND_DONE; 597 *image->entry = IND_DONE;
531 } 598 }
532 599
533 #define for_each_kimage_entry(image, ptr, entr 600 #define for_each_kimage_entry(image, ptr, entry) \
534 for (ptr = &image->head; (entry = *ptr 601 for (ptr = &image->head; (entry = *ptr) && !(entry & IND_DONE); \
535 ptr = (entry & IND_INDIRECTION 602 ptr = (entry & IND_INDIRECTION) ? \
536 boot_phys_to_virt((ent 603 boot_phys_to_virt((entry & PAGE_MASK)) : ptr + 1)
537 604
538 static void kimage_free_entry(kimage_entry_t e 605 static void kimage_free_entry(kimage_entry_t entry)
539 { 606 {
540 struct page *page; 607 struct page *page;
541 608
542 page = boot_pfn_to_page(entry >> PAGE_ 609 page = boot_pfn_to_page(entry >> PAGE_SHIFT);
543 kimage_free_pages(page); 610 kimage_free_pages(page);
544 } 611 }
545 612
546 void kimage_free(struct kimage *image) 613 void kimage_free(struct kimage *image)
547 { 614 {
548 kimage_entry_t *ptr, entry; 615 kimage_entry_t *ptr, entry;
549 kimage_entry_t ind = 0; 616 kimage_entry_t ind = 0;
550 617
551 if (!image) 618 if (!image)
552 return; 619 return;
553 620
554 #ifdef CONFIG_CRASH_DUMP <<
555 if (image->vmcoreinfo_data_copy) { 621 if (image->vmcoreinfo_data_copy) {
556 crash_update_vmcoreinfo_safeco 622 crash_update_vmcoreinfo_safecopy(NULL);
557 vunmap(image->vmcoreinfo_data_ 623 vunmap(image->vmcoreinfo_data_copy);
558 } 624 }
559 #endif <<
560 625
561 kimage_free_extra_pages(image); 626 kimage_free_extra_pages(image);
562 for_each_kimage_entry(image, ptr, entr 627 for_each_kimage_entry(image, ptr, entry) {
563 if (entry & IND_INDIRECTION) { 628 if (entry & IND_INDIRECTION) {
564 /* Free the previous i 629 /* Free the previous indirection page */
565 if (ind & IND_INDIRECT 630 if (ind & IND_INDIRECTION)
566 kimage_free_en 631 kimage_free_entry(ind);
567 /* Save this indirecti 632 /* Save this indirection page until we are
568 * done with it. 633 * done with it.
569 */ 634 */
570 ind = entry; 635 ind = entry;
571 } else if (entry & IND_SOURCE) 636 } else if (entry & IND_SOURCE)
572 kimage_free_entry(entr 637 kimage_free_entry(entry);
573 } 638 }
574 /* Free the final indirection page */ 639 /* Free the final indirection page */
575 if (ind & IND_INDIRECTION) 640 if (ind & IND_INDIRECTION)
576 kimage_free_entry(ind); 641 kimage_free_entry(ind);
577 642
578 /* Handle any machine specific cleanup 643 /* Handle any machine specific cleanup */
579 machine_kexec_cleanup(image); 644 machine_kexec_cleanup(image);
580 645
581 /* Free the kexec control pages... */ 646 /* Free the kexec control pages... */
582 kimage_free_page_list(&image->control_ 647 kimage_free_page_list(&image->control_pages);
583 648
584 /* 649 /*
585 * Free up any temporary buffers alloc 650 * Free up any temporary buffers allocated. This might hit if
586 * error occurred much later after buf 651 * error occurred much later after buffer allocation.
587 */ 652 */
588 if (image->file_mode) 653 if (image->file_mode)
589 kimage_file_post_load_cleanup( 654 kimage_file_post_load_cleanup(image);
590 655
591 kfree(image); 656 kfree(image);
592 } 657 }
593 658
594 static kimage_entry_t *kimage_dst_used(struct 659 static kimage_entry_t *kimage_dst_used(struct kimage *image,
595 unsign 660 unsigned long page)
596 { 661 {
597 kimage_entry_t *ptr, entry; 662 kimage_entry_t *ptr, entry;
598 unsigned long destination = 0; 663 unsigned long destination = 0;
599 664
600 for_each_kimage_entry(image, ptr, entr 665 for_each_kimage_entry(image, ptr, entry) {
601 if (entry & IND_DESTINATION) 666 if (entry & IND_DESTINATION)
602 destination = entry & 667 destination = entry & PAGE_MASK;
603 else if (entry & IND_SOURCE) { 668 else if (entry & IND_SOURCE) {
604 if (page == destinatio 669 if (page == destination)
605 return ptr; 670 return ptr;
606 destination += PAGE_SI 671 destination += PAGE_SIZE;
607 } 672 }
608 } 673 }
609 674
610 return NULL; 675 return NULL;
611 } 676 }
612 677
613 static struct page *kimage_alloc_page(struct k 678 static struct page *kimage_alloc_page(struct kimage *image,
614 gfp_t 679 gfp_t gfp_mask,
615 unsign 680 unsigned long destination)
616 { 681 {
617 /* 682 /*
618 * Here we implement safeguards to ens 683 * Here we implement safeguards to ensure that a source page
619 * is not copied to its destination pa 684 * is not copied to its destination page before the data on
620 * the destination page is no longer u 685 * the destination page is no longer useful.
621 * 686 *
622 * To do this we maintain the invarian 687 * To do this we maintain the invariant that a source page is
623 * either its own destination page, or 688 * either its own destination page, or it is not a
624 * destination page at all. 689 * destination page at all.
625 * 690 *
626 * That is slightly stronger than requ 691 * That is slightly stronger than required, but the proof
627 * that no problems will not occur is 692 * that no problems will not occur is trivial, and the
628 * implementation is simply to verify. 693 * implementation is simply to verify.
629 * 694 *
630 * When allocating all pages normally 695 * When allocating all pages normally this algorithm will run
631 * in O(N) time, but in the worst case 696 * in O(N) time, but in the worst case it will run in O(N^2)
632 * time. If the runtime is a problem 697 * time. If the runtime is a problem the data structures can
633 * be fixed. 698 * be fixed.
634 */ 699 */
635 struct page *page; 700 struct page *page;
636 unsigned long addr; 701 unsigned long addr;
637 702
638 /* 703 /*
639 * Walk through the list of destinatio 704 * Walk through the list of destination pages, and see if I
640 * have a match. 705 * have a match.
641 */ 706 */
642 list_for_each_entry(page, &image->dest 707 list_for_each_entry(page, &image->dest_pages, lru) {
643 addr = page_to_boot_pfn(page) 708 addr = page_to_boot_pfn(page) << PAGE_SHIFT;
644 if (addr == destination) { 709 if (addr == destination) {
645 list_del(&page->lru); 710 list_del(&page->lru);
646 return page; 711 return page;
647 } 712 }
648 } 713 }
649 page = NULL; 714 page = NULL;
650 while (1) { 715 while (1) {
651 kimage_entry_t *old; 716 kimage_entry_t *old;
652 717
653 /* Allocate a page, if we run 718 /* Allocate a page, if we run out of memory give up */
654 page = kimage_alloc_pages(gfp_ 719 page = kimage_alloc_pages(gfp_mask, 0);
655 if (!page) 720 if (!page)
656 return NULL; 721 return NULL;
657 /* If the page cannot be used 722 /* If the page cannot be used file it away */
658 if (page_to_boot_pfn(page) > 723 if (page_to_boot_pfn(page) >
659 (KEXEC_SOURCE_ 724 (KEXEC_SOURCE_MEMORY_LIMIT >> PAGE_SHIFT)) {
660 list_add(&page->lru, & 725 list_add(&page->lru, &image->unusable_pages);
661 continue; 726 continue;
662 } 727 }
663 addr = page_to_boot_pfn(page) 728 addr = page_to_boot_pfn(page) << PAGE_SHIFT;
664 729
665 /* If it is the destination pa 730 /* If it is the destination page we want use it */
666 if (addr == destination) 731 if (addr == destination)
667 break; 732 break;
668 733
669 /* If the page is not a destin 734 /* If the page is not a destination page use it */
670 if (!kimage_is_destination_ran 735 if (!kimage_is_destination_range(image, addr,
671 !! 736 addr + PAGE_SIZE))
672 break; 737 break;
673 738
674 /* 739 /*
675 * I know that the page is som 740 * I know that the page is someones destination page.
676 * See if there is already a s 741 * See if there is already a source page for this
677 * destination page. And if s 742 * destination page. And if so swap the source pages.
678 */ 743 */
679 old = kimage_dst_used(image, a 744 old = kimage_dst_used(image, addr);
680 if (old) { 745 if (old) {
681 /* If so move it */ 746 /* If so move it */
682 unsigned long old_addr 747 unsigned long old_addr;
683 struct page *old_page; 748 struct page *old_page;
684 749
685 old_addr = *old & PAGE 750 old_addr = *old & PAGE_MASK;
686 old_page = boot_pfn_to 751 old_page = boot_pfn_to_page(old_addr >> PAGE_SHIFT);
687 copy_highpage(page, ol 752 copy_highpage(page, old_page);
688 *old = addr | (*old & 753 *old = addr | (*old & ~PAGE_MASK);
689 754
690 /* The old page I have 755 /* The old page I have found cannot be a
691 * destination page, s 756 * destination page, so return it if it's
692 * gfp_flags honor the 757 * gfp_flags honor the ones passed in.
693 */ 758 */
694 if (!(gfp_mask & __GFP 759 if (!(gfp_mask & __GFP_HIGHMEM) &&
695 PageHighMem(old_pa 760 PageHighMem(old_page)) {
696 kimage_free_pa 761 kimage_free_pages(old_page);
697 continue; 762 continue;
698 } 763 }
>> 764 addr = old_addr;
699 page = old_page; 765 page = old_page;
700 break; 766 break;
701 } 767 }
702 /* Place the page on the desti 768 /* Place the page on the destination list, to be used later */
703 list_add(&page->lru, &image->d 769 list_add(&page->lru, &image->dest_pages);
704 } 770 }
705 771
706 return page; 772 return page;
707 } 773 }
708 774
709 static int kimage_load_normal_segment(struct k 775 static int kimage_load_normal_segment(struct kimage *image,
710 struc 776 struct kexec_segment *segment)
711 { 777 {
712 unsigned long maddr; 778 unsigned long maddr;
713 size_t ubytes, mbytes; 779 size_t ubytes, mbytes;
714 int result; 780 int result;
715 unsigned char __user *buf = NULL; 781 unsigned char __user *buf = NULL;
716 unsigned char *kbuf = NULL; 782 unsigned char *kbuf = NULL;
717 783
>> 784 result = 0;
718 if (image->file_mode) 785 if (image->file_mode)
719 kbuf = segment->kbuf; 786 kbuf = segment->kbuf;
720 else 787 else
721 buf = segment->buf; 788 buf = segment->buf;
722 ubytes = segment->bufsz; 789 ubytes = segment->bufsz;
723 mbytes = segment->memsz; 790 mbytes = segment->memsz;
724 maddr = segment->mem; 791 maddr = segment->mem;
725 792
726 result = kimage_set_destination(image, 793 result = kimage_set_destination(image, maddr);
727 if (result < 0) 794 if (result < 0)
728 goto out; 795 goto out;
729 796
730 while (mbytes) { 797 while (mbytes) {
731 struct page *page; 798 struct page *page;
732 char *ptr; 799 char *ptr;
733 size_t uchunk, mchunk; 800 size_t uchunk, mchunk;
734 801
735 page = kimage_alloc_page(image 802 page = kimage_alloc_page(image, GFP_HIGHUSER, maddr);
736 if (!page) { 803 if (!page) {
737 result = -ENOMEM; 804 result = -ENOMEM;
738 goto out; 805 goto out;
739 } 806 }
740 result = kimage_add_page(image 807 result = kimage_add_page(image, page_to_boot_pfn(page)
741 808 << PAGE_SHIFT);
742 if (result < 0) 809 if (result < 0)
743 goto out; 810 goto out;
744 811
745 ptr = kmap_local_page(page); !! 812 ptr = kmap(page);
746 /* Start with a clear page */ 813 /* Start with a clear page */
747 clear_page(ptr); 814 clear_page(ptr);
748 ptr += maddr & ~PAGE_MASK; 815 ptr += maddr & ~PAGE_MASK;
749 mchunk = min_t(size_t, mbytes, 816 mchunk = min_t(size_t, mbytes,
750 PAGE_SIZE - (m 817 PAGE_SIZE - (maddr & ~PAGE_MASK));
751 uchunk = min(ubytes, mchunk); 818 uchunk = min(ubytes, mchunk);
752 819
753 if (uchunk) { !! 820 /* For file based kexec, source pages are in kernel memory */
754 /* For file based kexe !! 821 if (image->file_mode)
755 if (image->file_mode) !! 822 memcpy(ptr, kbuf, uchunk);
756 memcpy(ptr, kb !! 823 else
757 else !! 824 result = copy_from_user(ptr, buf, uchunk);
758 result = copy_ !! 825 kunmap(page);
759 ubytes -= uchunk; <<
760 if (image->file_mode) <<
761 kbuf += uchunk <<
762 else <<
763 buf += uchunk; <<
764 } <<
765 kunmap_local(ptr); <<
766 if (result) { 826 if (result) {
767 result = -EFAULT; 827 result = -EFAULT;
768 goto out; 828 goto out;
769 } 829 }
>> 830 ubytes -= uchunk;
770 maddr += mchunk; 831 maddr += mchunk;
>> 832 if (image->file_mode)
>> 833 kbuf += mchunk;
>> 834 else
>> 835 buf += mchunk;
771 mbytes -= mchunk; 836 mbytes -= mchunk;
772 837
773 cond_resched(); 838 cond_resched();
774 } 839 }
775 out: 840 out:
776 return result; 841 return result;
777 } 842 }
778 843
779 #ifdef CONFIG_CRASH_DUMP <<
780 static int kimage_load_crash_segment(struct ki 844 static int kimage_load_crash_segment(struct kimage *image,
781 struct 845 struct kexec_segment *segment)
782 { 846 {
783 /* For crash dumps kernels we simply c 847 /* For crash dumps kernels we simply copy the data from
784 * user space to it's destination. 848 * user space to it's destination.
785 * We do things a page at a time for t 849 * We do things a page at a time for the sake of kmap.
786 */ 850 */
787 unsigned long maddr; 851 unsigned long maddr;
788 size_t ubytes, mbytes; 852 size_t ubytes, mbytes;
789 int result; 853 int result;
790 unsigned char __user *buf = NULL; 854 unsigned char __user *buf = NULL;
791 unsigned char *kbuf = NULL; 855 unsigned char *kbuf = NULL;
792 856
793 result = 0; 857 result = 0;
794 if (image->file_mode) 858 if (image->file_mode)
795 kbuf = segment->kbuf; 859 kbuf = segment->kbuf;
796 else 860 else
797 buf = segment->buf; 861 buf = segment->buf;
798 ubytes = segment->bufsz; 862 ubytes = segment->bufsz;
799 mbytes = segment->memsz; 863 mbytes = segment->memsz;
800 maddr = segment->mem; 864 maddr = segment->mem;
801 while (mbytes) { 865 while (mbytes) {
802 struct page *page; 866 struct page *page;
803 char *ptr; 867 char *ptr;
804 size_t uchunk, mchunk; 868 size_t uchunk, mchunk;
805 869
806 page = boot_pfn_to_page(maddr 870 page = boot_pfn_to_page(maddr >> PAGE_SHIFT);
807 if (!page) { 871 if (!page) {
808 result = -ENOMEM; 872 result = -ENOMEM;
809 goto out; 873 goto out;
810 } 874 }
811 arch_kexec_post_alloc_pages(pa 875 arch_kexec_post_alloc_pages(page_address(page), 1, 0);
812 ptr = kmap_local_page(page); !! 876 ptr = kmap(page);
813 ptr += maddr & ~PAGE_MASK; 877 ptr += maddr & ~PAGE_MASK;
814 mchunk = min_t(size_t, mbytes, 878 mchunk = min_t(size_t, mbytes,
815 PAGE_SIZE - (m 879 PAGE_SIZE - (maddr & ~PAGE_MASK));
816 uchunk = min(ubytes, mchunk); 880 uchunk = min(ubytes, mchunk);
817 if (mchunk > uchunk) { 881 if (mchunk > uchunk) {
818 /* Zero the trailing p 882 /* Zero the trailing part of the page */
819 memset(ptr + uchunk, 0 883 memset(ptr + uchunk, 0, mchunk - uchunk);
820 } 884 }
821 885
822 if (uchunk) { !! 886 /* For file based kexec, source pages are in kernel memory */
823 /* For file based kexe !! 887 if (image->file_mode)
824 if (image->file_mode) !! 888 memcpy(ptr, kbuf, uchunk);
825 memcpy(ptr, kb !! 889 else
826 else !! 890 result = copy_from_user(ptr, buf, uchunk);
827 result = copy_ <<
828 ubytes -= uchunk; <<
829 if (image->file_mode) <<
830 kbuf += uchunk <<
831 else <<
832 buf += uchunk; <<
833 } <<
834 kexec_flush_icache_page(page); 891 kexec_flush_icache_page(page);
835 kunmap_local(ptr); !! 892 kunmap(page);
836 arch_kexec_pre_free_pages(page 893 arch_kexec_pre_free_pages(page_address(page), 1);
837 if (result) { 894 if (result) {
838 result = -EFAULT; 895 result = -EFAULT;
839 goto out; 896 goto out;
840 } 897 }
>> 898 ubytes -= uchunk;
841 maddr += mchunk; 899 maddr += mchunk;
>> 900 if (image->file_mode)
>> 901 kbuf += mchunk;
>> 902 else
>> 903 buf += mchunk;
842 mbytes -= mchunk; 904 mbytes -= mchunk;
843 905
844 cond_resched(); 906 cond_resched();
845 } 907 }
846 out: 908 out:
847 return result; 909 return result;
848 } 910 }
849 #endif <<
850 911
851 int kimage_load_segment(struct kimage *image, 912 int kimage_load_segment(struct kimage *image,
852 struct kexec_s 913 struct kexec_segment *segment)
853 { 914 {
854 int result = -ENOMEM; 915 int result = -ENOMEM;
855 916
856 switch (image->type) { 917 switch (image->type) {
857 case KEXEC_TYPE_DEFAULT: 918 case KEXEC_TYPE_DEFAULT:
858 result = kimage_load_normal_se 919 result = kimage_load_normal_segment(image, segment);
859 break; 920 break;
860 #ifdef CONFIG_CRASH_DUMP <<
861 case KEXEC_TYPE_CRASH: 921 case KEXEC_TYPE_CRASH:
862 result = kimage_load_crash_seg 922 result = kimage_load_crash_segment(image, segment);
863 break; 923 break;
864 #endif <<
865 } 924 }
866 925
867 return result; 926 return result;
868 } 927 }
869 928
870 struct kexec_load_limit { <<
871 /* Mutex protects the limit count. */ <<
872 struct mutex mutex; <<
873 int limit; <<
874 }; <<
875 <<
876 static struct kexec_load_limit load_limit_rebo <<
877 .mutex = __MUTEX_INITIALIZER(load_limi <<
878 .limit = -1, <<
879 }; <<
880 <<
881 static struct kexec_load_limit load_limit_pani <<
882 .mutex = __MUTEX_INITIALIZER(load_limi <<
883 .limit = -1, <<
884 }; <<
885 <<
886 struct kimage *kexec_image; 929 struct kimage *kexec_image;
887 struct kimage *kexec_crash_image; 930 struct kimage *kexec_crash_image;
888 static int kexec_load_disabled; !! 931 int kexec_load_disabled;
889 932
890 #ifdef CONFIG_SYSCTL !! 933 /*
891 static int kexec_limit_handler(const struct ct !! 934 * No panic_cpu check version of crash_kexec(). This function is called
892 void *buffer, s !! 935 * only when panic_cpu holds the current CPU number; this is the only CPU
893 { !! 936 * which processes crash_kexec routines.
894 struct kexec_load_limit *limit = table !! 937 */
895 int val; !! 938 void __noclone __crash_kexec(struct pt_regs *regs)
896 struct ctl_table tmp = { !! 939 {
897 .data = &val, !! 940 /* Take the kexec_mutex here to prevent sys_kexec_load
898 .maxlen = sizeof(val), !! 941 * running on one cpu from replacing the crash kernel
899 .mode = table->mode, !! 942 * we are using after a panic on a different cpu.
900 }; !! 943 *
901 int ret; !! 944 * If the crash kernel was not located in a fixed area
902 !! 945 * of memory the xchg(&kexec_crash_image) would be
903 if (write) { !! 946 * sufficient. But since I reuse the memory...
904 ret = proc_dointvec(&tmp, writ !! 947 */
905 if (ret) !! 948 if (mutex_trylock(&kexec_mutex)) {
906 return ret; !! 949 if (kexec_crash_image) {
>> 950 struct pt_regs fixed_regs;
>> 951
>> 952 crash_setup_regs(&fixed_regs, regs);
>> 953 crash_save_vmcoreinfo();
>> 954 machine_crash_shutdown(&fixed_regs);
>> 955 machine_kexec(kexec_crash_image);
>> 956 }
>> 957 mutex_unlock(&kexec_mutex);
>> 958 }
>> 959 }
>> 960 STACK_FRAME_NON_STANDARD(__crash_kexec);
907 961
908 if (val < 0) !! 962 void crash_kexec(struct pt_regs *regs)
909 return -EINVAL; !! 963 {
>> 964 int old_cpu, this_cpu;
910 965
911 mutex_lock(&limit->mutex); !! 966 /*
912 if (limit->limit != -1 && val !! 967 * Only one CPU is allowed to execute the crash_kexec() code as with
913 ret = -EINVAL; !! 968 * panic(). Otherwise parallel calls of panic() and crash_kexec()
914 else !! 969 * may stop each other. To exclude them, we use panic_cpu here too.
915 limit->limit = val; !! 970 */
916 mutex_unlock(&limit->mutex); !! 971 this_cpu = raw_smp_processor_id();
>> 972 old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);
>> 973 if (old_cpu == PANIC_CPU_INVALID) {
>> 974 /* This is the 1st CPU which comes here, so go ahead. */
>> 975 printk_safe_flush_on_panic();
>> 976 __crash_kexec(regs);
917 977
918 return ret; !! 978 /*
>> 979 * Reset panic_cpu to allow another panic()/crash_kexec()
>> 980 * call.
>> 981 */
>> 982 atomic_set(&panic_cpu, PANIC_CPU_INVALID);
919 } 983 }
>> 984 }
920 985
921 mutex_lock(&limit->mutex); !! 986 size_t crash_get_memory_size(void)
922 val = limit->limit; !! 987 {
923 mutex_unlock(&limit->mutex); !! 988 size_t size = 0;
924 989
925 return proc_dointvec(&tmp, write, buff !! 990 mutex_lock(&kexec_mutex);
>> 991 if (crashk_res.end != crashk_res.start)
>> 992 size = resource_size(&crashk_res);
>> 993 mutex_unlock(&kexec_mutex);
>> 994 return size;
926 } 995 }
927 996
928 static struct ctl_table kexec_core_sysctls[] = !! 997 void __weak crash_free_reserved_phys_range(unsigned long begin,
929 { !! 998 unsigned long end)
930 .procname = "kexec_load_ !! 999 {
931 .data = &kexec_load_ !! 1000 unsigned long addr;
932 .maxlen = sizeof(int), <<
933 .mode = 0644, <<
934 /* only handle a transition fr <<
935 .proc_handler = proc_dointve <<
936 .extra1 = SYSCTL_ONE, <<
937 .extra2 = SYSCTL_ONE, <<
938 }, <<
939 { <<
940 .procname = "kexec_load_ <<
941 .data = &load_limit_ <<
942 .mode = 0644, <<
943 .proc_handler = kexec_limit_ <<
944 }, <<
945 { <<
946 .procname = "kexec_load_ <<
947 .data = &load_limit_ <<
948 .mode = 0644, <<
949 .proc_handler = kexec_limit_ <<
950 }, <<
951 }; <<
952 1001
953 static int __init kexec_core_sysctl_init(void) !! 1002 for (addr = begin; addr < end; addr += PAGE_SIZE)
>> 1003 free_reserved_page(boot_pfn_to_page(addr >> PAGE_SHIFT));
>> 1004 }
>> 1005
>> 1006 int crash_shrink_memory(unsigned long new_size)
954 { 1007 {
955 register_sysctl_init("kernel", kexec_c !! 1008 int ret = 0;
956 return 0; !! 1009 unsigned long start, end;
>> 1010 unsigned long old_size;
>> 1011 struct resource *ram_res;
>> 1012
>> 1013 mutex_lock(&kexec_mutex);
>> 1014
>> 1015 if (kexec_crash_image) {
>> 1016 ret = -ENOENT;
>> 1017 goto unlock;
>> 1018 }
>> 1019 start = crashk_res.start;
>> 1020 end = crashk_res.end;
>> 1021 old_size = (end == 0) ? 0 : end - start + 1;
>> 1022 if (new_size >= old_size) {
>> 1023 ret = (new_size == old_size) ? 0 : -EINVAL;
>> 1024 goto unlock;
>> 1025 }
>> 1026
>> 1027 ram_res = kzalloc(sizeof(*ram_res), GFP_KERNEL);
>> 1028 if (!ram_res) {
>> 1029 ret = -ENOMEM;
>> 1030 goto unlock;
>> 1031 }
>> 1032
>> 1033 start = roundup(start, KEXEC_CRASH_MEM_ALIGN);
>> 1034 end = roundup(start + new_size, KEXEC_CRASH_MEM_ALIGN);
>> 1035
>> 1036 crash_free_reserved_phys_range(end, crashk_res.end);
>> 1037
>> 1038 if ((start == end) && (crashk_res.parent != NULL))
>> 1039 release_resource(&crashk_res);
>> 1040
>> 1041 ram_res->start = end;
>> 1042 ram_res->end = crashk_res.end;
>> 1043 ram_res->flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM;
>> 1044 ram_res->name = "System RAM";
>> 1045
>> 1046 crashk_res.end = end - 1;
>> 1047
>> 1048 insert_resource(&iomem_resource, ram_res);
>> 1049
>> 1050 unlock:
>> 1051 mutex_unlock(&kexec_mutex);
>> 1052 return ret;
957 } 1053 }
958 late_initcall(kexec_core_sysctl_init); <<
959 #endif <<
960 1054
961 bool kexec_load_permitted(int kexec_image_type !! 1055 void crash_save_cpu(struct pt_regs *regs, int cpu)
>> 1056 {
>> 1057 struct elf_prstatus prstatus;
>> 1058 u32 *buf;
>> 1059
>> 1060 if ((cpu < 0) || (cpu >= nr_cpu_ids))
>> 1061 return;
>> 1062
>> 1063 /* Using ELF notes here is opportunistic.
>> 1064 * I need a well defined structure format
>> 1065 * for the data I pass, and I need tags
>> 1066 * on the data to indicate what information I have
>> 1067 * squirrelled away. ELF notes happen to provide
>> 1068 * all of that, so there is no need to invent something new.
>> 1069 */
>> 1070 buf = (u32 *)per_cpu_ptr(crash_notes, cpu);
>> 1071 if (!buf)
>> 1072 return;
>> 1073 memset(&prstatus, 0, sizeof(prstatus));
>> 1074 prstatus.pr_pid = current->pid;
>> 1075 elf_core_copy_kernel_regs(&prstatus.pr_reg, regs);
>> 1076 buf = append_elf_note(buf, KEXEC_CORE_NOTE_NAME, NT_PRSTATUS,
>> 1077 &prstatus, sizeof(prstatus));
>> 1078 final_note(buf);
>> 1079 }
>> 1080
>> 1081 static int __init crash_notes_memory_init(void)
962 { 1082 {
963 struct kexec_load_limit *limit; !! 1083 /* Allocate memory for saving cpu registers. */
>> 1084 size_t size, align;
964 1085
965 /* 1086 /*
966 * Only the superuser can use the kexe !! 1087 * crash_notes could be allocated across 2 vmalloc pages when percpu
967 * been disabled. !! 1088 * is vmalloc based . vmalloc doesn't guarantee 2 continuous vmalloc
>> 1089 * pages are also on 2 continuous physical pages. In this case the
>> 1090 * 2nd part of crash_notes in 2nd page could be lost since only the
>> 1091 * starting address and size of crash_notes are exported through sysfs.
>> 1092 * Here round up the size of crash_notes to the nearest power of two
>> 1093 * and pass it to __alloc_percpu as align value. This can make sure
>> 1094 * crash_notes is allocated inside one physical page.
968 */ 1095 */
969 if (!capable(CAP_SYS_BOOT) || kexec_lo !! 1096 size = sizeof(note_buf_t);
970 return false; !! 1097 align = min(roundup_pow_of_two(sizeof(note_buf_t)), PAGE_SIZE);
971 1098
972 /* Check limit counter and decrease it !! 1099 /*
973 limit = (kexec_image_type == KEXEC_TYP !! 1100 * Break compile if size is bigger than PAGE_SIZE since crash_notes
974 &load_limit_panic : &load_limi !! 1101 * definitely will be in 2 pages with that.
975 mutex_lock(&limit->mutex); !! 1102 */
976 if (!limit->limit) { !! 1103 BUILD_BUG_ON(size > PAGE_SIZE);
977 mutex_unlock(&limit->mutex); <<
978 return false; <<
979 } <<
980 if (limit->limit != -1) <<
981 limit->limit--; <<
982 mutex_unlock(&limit->mutex); <<
983 1104
984 return true; !! 1105 crash_notes = __alloc_percpu(size, align);
>> 1106 if (!crash_notes) {
>> 1107 pr_warn("Memory allocation for saving cpu register states failed\n");
>> 1108 return -ENOMEM;
>> 1109 }
>> 1110 return 0;
985 } 1111 }
>> 1112 subsys_initcall(crash_notes_memory_init);
>> 1113
986 1114
987 /* 1115 /*
988 * Move into place and start executing a prelo 1116 * Move into place and start executing a preloaded standalone
989 * executable. If nothing was preloaded retur 1117 * executable. If nothing was preloaded return an error.
990 */ 1118 */
991 int kernel_kexec(void) 1119 int kernel_kexec(void)
992 { 1120 {
993 int error = 0; 1121 int error = 0;
994 1122
995 if (!kexec_trylock()) !! 1123 if (!mutex_trylock(&kexec_mutex))
996 return -EBUSY; 1124 return -EBUSY;
997 if (!kexec_image) { 1125 if (!kexec_image) {
998 error = -EINVAL; 1126 error = -EINVAL;
999 goto Unlock; 1127 goto Unlock;
1000 } 1128 }
1001 1129
1002 #ifdef CONFIG_KEXEC_JUMP 1130 #ifdef CONFIG_KEXEC_JUMP
1003 if (kexec_image->preserve_context) { 1131 if (kexec_image->preserve_context) {
>> 1132 lock_system_sleep();
1004 pm_prepare_console(); 1133 pm_prepare_console();
1005 error = freeze_processes(); 1134 error = freeze_processes();
1006 if (error) { 1135 if (error) {
1007 error = -EBUSY; 1136 error = -EBUSY;
1008 goto Restore_console; 1137 goto Restore_console;
1009 } 1138 }
1010 suspend_console(); 1139 suspend_console();
1011 error = dpm_suspend_start(PMS 1140 error = dpm_suspend_start(PMSG_FREEZE);
1012 if (error) 1141 if (error)
1013 goto Resume_console; 1142 goto Resume_console;
1014 /* At this point, dpm_suspend 1143 /* At this point, dpm_suspend_start() has been called,
1015 * but *not* dpm_suspend_end( 1144 * but *not* dpm_suspend_end(). We *must* call
1016 * dpm_suspend_end() now. Ot 1145 * dpm_suspend_end() now. Otherwise, drivers for
1017 * some devices (e.g. interru 1146 * some devices (e.g. interrupt controllers) become
1018 * desynchronized with the ac 1147 * desynchronized with the actual state of the
1019 * hardware at resume time, a 1148 * hardware at resume time, and evil weirdness ensues.
1020 */ 1149 */
1021 error = dpm_suspend_end(PMSG_ 1150 error = dpm_suspend_end(PMSG_FREEZE);
1022 if (error) 1151 if (error)
1023 goto Resume_devices; 1152 goto Resume_devices;
1024 error = suspend_disable_secon 1153 error = suspend_disable_secondary_cpus();
1025 if (error) 1154 if (error)
1026 goto Enable_cpus; 1155 goto Enable_cpus;
1027 local_irq_disable(); 1156 local_irq_disable();
1028 error = syscore_suspend(); 1157 error = syscore_suspend();
1029 if (error) 1158 if (error)
1030 goto Enable_irqs; 1159 goto Enable_irqs;
1031 } else 1160 } else
1032 #endif 1161 #endif
1033 { 1162 {
1034 kexec_in_progress = true; 1163 kexec_in_progress = true;
1035 kernel_restart_prepare("kexec !! 1164 kernel_restart_prepare(NULL);
1036 migrate_to_reboot_cpu(); 1165 migrate_to_reboot_cpu();
1037 syscore_shutdown(); <<
1038 1166
1039 /* 1167 /*
1040 * migrate_to_reboot_cpu() di 1168 * migrate_to_reboot_cpu() disables CPU hotplug assuming that
1041 * no further code needs to u 1169 * no further code needs to use CPU hotplug (which is true in
1042 * the reboot case). However, 1170 * the reboot case). However, the kexec path depends on using
1043 * CPU hotplug again; so re-e 1171 * CPU hotplug again; so re-enable it here.
1044 */ 1172 */
1045 cpu_hotplug_enable(); 1173 cpu_hotplug_enable();
1046 pr_notice("Starting new kerne !! 1174 pr_emerg("Starting new kernel\n");
1047 machine_shutdown(); 1175 machine_shutdown();
1048 } 1176 }
1049 1177
1050 kmsg_dump(KMSG_DUMP_SHUTDOWN); <<
1051 machine_kexec(kexec_image); 1178 machine_kexec(kexec_image);
1052 1179
1053 #ifdef CONFIG_KEXEC_JUMP 1180 #ifdef CONFIG_KEXEC_JUMP
1054 if (kexec_image->preserve_context) { 1181 if (kexec_image->preserve_context) {
1055 syscore_resume(); 1182 syscore_resume();
1056 Enable_irqs: 1183 Enable_irqs:
1057 local_irq_enable(); 1184 local_irq_enable();
1058 Enable_cpus: 1185 Enable_cpus:
1059 suspend_enable_secondary_cpus 1186 suspend_enable_secondary_cpus();
1060 dpm_resume_start(PMSG_RESTORE 1187 dpm_resume_start(PMSG_RESTORE);
1061 Resume_devices: 1188 Resume_devices:
1062 dpm_resume_end(PMSG_RESTORE); 1189 dpm_resume_end(PMSG_RESTORE);
1063 Resume_console: 1190 Resume_console:
1064 resume_console(); 1191 resume_console();
1065 thaw_processes(); 1192 thaw_processes();
1066 Restore_console: 1193 Restore_console:
1067 pm_restore_console(); 1194 pm_restore_console();
>> 1195 unlock_system_sleep();
1068 } 1196 }
1069 #endif 1197 #endif
1070 1198
1071 Unlock: 1199 Unlock:
1072 kexec_unlock(); !! 1200 mutex_unlock(&kexec_mutex);
1073 return error; 1201 return error;
1074 } 1202 }
>> 1203
>> 1204 /*
>> 1205 * Protection mechanism for crashkernel reserved memory after
>> 1206 * the kdump kernel is loaded.
>> 1207 *
>> 1208 * Provide an empty default implementation here -- architecture
>> 1209 * code may override this
>> 1210 */
>> 1211 void __weak arch_kexec_protect_crashkres(void)
>> 1212 {}
>> 1213
>> 1214 void __weak arch_kexec_unprotect_crashkres(void)
>> 1215 {}
1075 1216
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.