1 // SPDX-License-Identifier: GPL-2.0-only 1 // SPDX-License-Identifier: GPL-2.0-only
2 /* 2 /*
3 * kexec.c - kexec system call core code. 3 * kexec.c - kexec system call core code.
4 * Copyright (C) 2002-2004 Eric Biederman <eb 4 * Copyright (C) 2002-2004 Eric Biederman <ebiederm@xmission.com>
5 */ 5 */
6 6
7 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 7 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
8 8
9 #include <linux/btf.h> <<
10 #include <linux/capability.h> 9 #include <linux/capability.h>
11 #include <linux/mm.h> 10 #include <linux/mm.h>
12 #include <linux/file.h> 11 #include <linux/file.h>
13 #include <linux/slab.h> 12 #include <linux/slab.h>
14 #include <linux/fs.h> 13 #include <linux/fs.h>
15 #include <linux/kexec.h> 14 #include <linux/kexec.h>
16 #include <linux/mutex.h> 15 #include <linux/mutex.h>
17 #include <linux/list.h> 16 #include <linux/list.h>
18 #include <linux/highmem.h> 17 #include <linux/highmem.h>
19 #include <linux/syscalls.h> 18 #include <linux/syscalls.h>
20 #include <linux/reboot.h> 19 #include <linux/reboot.h>
21 #include <linux/ioport.h> 20 #include <linux/ioport.h>
22 #include <linux/hardirq.h> 21 #include <linux/hardirq.h>
23 #include <linux/elf.h> 22 #include <linux/elf.h>
24 #include <linux/elfcore.h> 23 #include <linux/elfcore.h>
25 #include <linux/utsname.h> 24 #include <linux/utsname.h>
26 #include <linux/numa.h> 25 #include <linux/numa.h>
27 #include <linux/suspend.h> 26 #include <linux/suspend.h>
28 #include <linux/device.h> 27 #include <linux/device.h>
29 #include <linux/freezer.h> 28 #include <linux/freezer.h>
30 #include <linux/panic_notifier.h> <<
31 #include <linux/pm.h> 29 #include <linux/pm.h>
32 #include <linux/cpu.h> 30 #include <linux/cpu.h>
33 #include <linux/uaccess.h> 31 #include <linux/uaccess.h>
34 #include <linux/io.h> 32 #include <linux/io.h>
35 #include <linux/console.h> 33 #include <linux/console.h>
36 #include <linux/vmalloc.h> 34 #include <linux/vmalloc.h>
37 #include <linux/swap.h> 35 #include <linux/swap.h>
38 #include <linux/syscore_ops.h> 36 #include <linux/syscore_ops.h>
39 #include <linux/compiler.h> 37 #include <linux/compiler.h>
40 #include <linux/hugetlb.h> 38 #include <linux/hugetlb.h>
41 #include <linux/objtool.h> !! 39 #include <linux/frame.h>
42 #include <linux/kmsg_dump.h> <<
43 40
44 #include <asm/page.h> 41 #include <asm/page.h>
45 #include <asm/sections.h> 42 #include <asm/sections.h>
46 43
47 #include <crypto/hash.h> 44 #include <crypto/hash.h>
>> 45 #include <crypto/sha.h>
48 #include "kexec_internal.h" 46 #include "kexec_internal.h"
49 47
50 atomic_t __kexec_lock = ATOMIC_INIT(0); !! 48 DEFINE_MUTEX(kexec_mutex);
>> 49
>> 50 /* Per cpu memory for storing cpu states in case of system crash. */
>> 51 note_buf_t __percpu *crash_notes;
51 52
52 /* Flag to indicate we are going to kexec a ne 53 /* Flag to indicate we are going to kexec a new kernel */
53 bool kexec_in_progress = false; 54 bool kexec_in_progress = false;
54 55
55 bool kexec_file_dbg_print; !! 56
>> 57 /* Location of the reserved area for the crash kernel */
>> 58 struct resource crashk_res = {
>> 59 .name = "Crash kernel",
>> 60 .start = 0,
>> 61 .end = 0,
>> 62 .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM,
>> 63 .desc = IORES_DESC_CRASH_KERNEL
>> 64 };
>> 65 struct resource crashk_low_res = {
>> 66 .name = "Crash kernel",
>> 67 .start = 0,
>> 68 .end = 0,
>> 69 .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM,
>> 70 .desc = IORES_DESC_CRASH_KERNEL
>> 71 };
>> 72
>> 73 int kexec_should_crash(struct task_struct *p)
>> 74 {
>> 75 /*
>> 76 * If crash_kexec_post_notifiers is enabled, don't run
>> 77 * crash_kexec() here yet, which must be run after panic
>> 78 * notifiers in panic().
>> 79 */
>> 80 if (crash_kexec_post_notifiers)
>> 81 return 0;
>> 82 /*
>> 83 * There are 4 panic() calls in do_exit() path, each of which
>> 84 * corresponds to each of these 4 conditions.
>> 85 */
>> 86 if (in_interrupt() || !p->pid || is_global_init(p) || panic_on_oops)
>> 87 return 1;
>> 88 return 0;
>> 89 }
>> 90
>> 91 int kexec_crash_loaded(void)
>> 92 {
>> 93 return !!kexec_crash_image;
>> 94 }
>> 95 EXPORT_SYMBOL_GPL(kexec_crash_loaded);
56 96
57 /* 97 /*
58 * When kexec transitions to the new kernel th 98 * When kexec transitions to the new kernel there is a one-to-one
59 * mapping between physical and virtual addres 99 * mapping between physical and virtual addresses. On processors
60 * where you can disable the MMU this is trivi 100 * where you can disable the MMU this is trivial, and easy. For
61 * others it is still a simple predictable pag 101 * others it is still a simple predictable page table to setup.
62 * 102 *
63 * In that environment kexec copies the new ke 103 * In that environment kexec copies the new kernel to its final
64 * resting place. This means I can only suppo 104 * resting place. This means I can only support memory whose
65 * physical address can fit in an unsigned lon 105 * physical address can fit in an unsigned long. In particular
66 * addresses where (pfn << PAGE_SHIFT) > ULONG 106 * addresses where (pfn << PAGE_SHIFT) > ULONG_MAX cannot be handled.
67 * If the assembly stub has more restrictive r 107 * If the assembly stub has more restrictive requirements
68 * KEXEC_SOURCE_MEMORY_LIMIT and KEXEC_DEST_ME 108 * KEXEC_SOURCE_MEMORY_LIMIT and KEXEC_DEST_MEMORY_LIMIT can be
69 * defined more restrictively in <asm/kexec.h> 109 * defined more restrictively in <asm/kexec.h>.
70 * 110 *
71 * The code for the transition from the curren 111 * The code for the transition from the current kernel to the
72 * new kernel is placed in the control_code_bu !! 112 * the new kernel is placed in the control_code_buffer, whose size
73 * is given by KEXEC_CONTROL_PAGE_SIZE. In th 113 * is given by KEXEC_CONTROL_PAGE_SIZE. In the best case only a single
74 * page of memory is necessary, but some archi 114 * page of memory is necessary, but some architectures require more.
75 * Because this memory must be identity mapped 115 * Because this memory must be identity mapped in the transition from
76 * virtual to physical addresses it must live 116 * virtual to physical addresses it must live in the range
77 * 0 - TASK_SIZE, as only the user space mappi 117 * 0 - TASK_SIZE, as only the user space mappings are arbitrarily
78 * modifiable. 118 * modifiable.
79 * 119 *
80 * The assembly stub in the control code buffe 120 * The assembly stub in the control code buffer is passed a linked list
81 * of descriptor pages detailing the source pa 121 * of descriptor pages detailing the source pages of the new kernel,
82 * and the destination addresses of those sour 122 * and the destination addresses of those source pages. As this data
83 * structure is not used in the context of the 123 * structure is not used in the context of the current OS, it must
84 * be self-contained. 124 * be self-contained.
85 * 125 *
86 * The code has been made to work with highmem 126 * The code has been made to work with highmem pages and will use a
87 * destination page in its final resting place 127 * destination page in its final resting place (if it happens
88 * to allocate it). The end product of this i 128 * to allocate it). The end product of this is that most of the
89 * physical address space, and most of RAM can 129 * physical address space, and most of RAM can be used.
90 * 130 *
91 * Future directions include: 131 * Future directions include:
92 * - allocating a page table with the control 132 * - allocating a page table with the control code buffer identity
93 * mapped, to simplify machine_kexec and ma 133 * mapped, to simplify machine_kexec and make kexec_on_panic more
94 * reliable. 134 * reliable.
95 */ 135 */
96 136
97 /* 137 /*
98 * KIMAGE_NO_DEST is an impossible destination 138 * KIMAGE_NO_DEST is an impossible destination address..., for
99 * allocating pages whose destination address 139 * allocating pages whose destination address we do not care about.
100 */ 140 */
101 #define KIMAGE_NO_DEST (-1UL) 141 #define KIMAGE_NO_DEST (-1UL)
102 #define PAGE_COUNT(x) (((x) + PAGE_SIZE - 1) > 142 #define PAGE_COUNT(x) (((x) + PAGE_SIZE - 1) >> PAGE_SHIFT)
103 143
104 static struct page *kimage_alloc_page(struct k 144 static struct page *kimage_alloc_page(struct kimage *image,
105 gfp_t g 145 gfp_t gfp_mask,
106 unsigne 146 unsigned long dest);
107 147
108 int sanity_check_segment_list(struct kimage *i 148 int sanity_check_segment_list(struct kimage *image)
109 { 149 {
110 int i; 150 int i;
111 unsigned long nr_segments = image->nr_ 151 unsigned long nr_segments = image->nr_segments;
112 unsigned long total_pages = 0; 152 unsigned long total_pages = 0;
113 unsigned long nr_pages = totalram_page 153 unsigned long nr_pages = totalram_pages();
114 154
115 /* 155 /*
116 * Verify we have good destination add 156 * Verify we have good destination addresses. The caller is
117 * responsible for making certain we d 157 * responsible for making certain we don't attempt to load
118 * the new image into invalid or reser 158 * the new image into invalid or reserved areas of RAM. This
119 * just verifies it is an address we c 159 * just verifies it is an address we can use.
120 * 160 *
121 * Since the kernel does everything in 161 * Since the kernel does everything in page size chunks ensure
122 * the destination addresses are page 162 * the destination addresses are page aligned. Too many
123 * special cases crop of when we don't 163 * special cases crop of when we don't do this. The most
124 * insidious is getting overlapping de 164 * insidious is getting overlapping destination addresses
125 * simply because addresses are change 165 * simply because addresses are changed to page size
126 * granularity. 166 * granularity.
127 */ 167 */
128 for (i = 0; i < nr_segments; i++) { 168 for (i = 0; i < nr_segments; i++) {
129 unsigned long mstart, mend; 169 unsigned long mstart, mend;
130 170
131 mstart = image->segment[i].mem 171 mstart = image->segment[i].mem;
132 mend = mstart + image->segme 172 mend = mstart + image->segment[i].memsz;
133 if (mstart > mend) 173 if (mstart > mend)
134 return -EADDRNOTAVAIL; 174 return -EADDRNOTAVAIL;
135 if ((mstart & ~PAGE_MASK) || ( 175 if ((mstart & ~PAGE_MASK) || (mend & ~PAGE_MASK))
136 return -EADDRNOTAVAIL; 176 return -EADDRNOTAVAIL;
137 if (mend >= KEXEC_DESTINATION_ 177 if (mend >= KEXEC_DESTINATION_MEMORY_LIMIT)
138 return -EADDRNOTAVAIL; 178 return -EADDRNOTAVAIL;
139 } 179 }
140 180
141 /* Verify our destination addresses do 181 /* Verify our destination addresses do not overlap.
142 * If we alloed overlapping destinatio 182 * If we alloed overlapping destination addresses
143 * through very weird things can happe 183 * through very weird things can happen with no
144 * easy explanation as one segment sto 184 * easy explanation as one segment stops on another.
145 */ 185 */
146 for (i = 0; i < nr_segments; i++) { 186 for (i = 0; i < nr_segments; i++) {
147 unsigned long mstart, mend; 187 unsigned long mstart, mend;
148 unsigned long j; 188 unsigned long j;
149 189
150 mstart = image->segment[i].mem 190 mstart = image->segment[i].mem;
151 mend = mstart + image->segme 191 mend = mstart + image->segment[i].memsz;
152 for (j = 0; j < i; j++) { 192 for (j = 0; j < i; j++) {
153 unsigned long pstart, 193 unsigned long pstart, pend;
154 194
155 pstart = image->segmen 195 pstart = image->segment[j].mem;
156 pend = pstart + imag 196 pend = pstart + image->segment[j].memsz;
157 /* Do the segments ove 197 /* Do the segments overlap ? */
158 if ((mend > pstart) && 198 if ((mend > pstart) && (mstart < pend))
159 return -EINVAL 199 return -EINVAL;
160 } 200 }
161 } 201 }
162 202
163 /* Ensure our buffer sizes are strictl 203 /* Ensure our buffer sizes are strictly less than
164 * our memory sizes. This should alwa 204 * our memory sizes. This should always be the case,
165 * and it is easier to check up front 205 * and it is easier to check up front than to be surprised
166 * later on. 206 * later on.
167 */ 207 */
168 for (i = 0; i < nr_segments; i++) { 208 for (i = 0; i < nr_segments; i++) {
169 if (image->segment[i].bufsz > 209 if (image->segment[i].bufsz > image->segment[i].memsz)
170 return -EINVAL; 210 return -EINVAL;
171 } 211 }
172 212
173 /* 213 /*
174 * Verify that no more than half of me 214 * Verify that no more than half of memory will be consumed. If the
175 * request from userspace is too large 215 * request from userspace is too large, a large amount of time will be
176 * wasted allocating pages, which can 216 * wasted allocating pages, which can cause a soft lockup.
177 */ 217 */
178 for (i = 0; i < nr_segments; i++) { 218 for (i = 0; i < nr_segments; i++) {
179 if (PAGE_COUNT(image->segment[ 219 if (PAGE_COUNT(image->segment[i].memsz) > nr_pages / 2)
180 return -EINVAL; 220 return -EINVAL;
181 221
182 total_pages += PAGE_COUNT(imag 222 total_pages += PAGE_COUNT(image->segment[i].memsz);
183 } 223 }
184 224
185 if (total_pages > nr_pages / 2) 225 if (total_pages > nr_pages / 2)
186 return -EINVAL; 226 return -EINVAL;
187 227
188 #ifdef CONFIG_CRASH_DUMP <<
189 /* 228 /*
190 * Verify we have good destination add 229 * Verify we have good destination addresses. Normally
191 * the caller is responsible for makin 230 * the caller is responsible for making certain we don't
192 * attempt to load the new image into 231 * attempt to load the new image into invalid or reserved
193 * areas of RAM. But crash kernels ar 232 * areas of RAM. But crash kernels are preloaded into a
194 * reserved area of ram. We must ensu 233 * reserved area of ram. We must ensure the addresses
195 * are in the reserved area otherwise 234 * are in the reserved area otherwise preloading the
196 * kernel could corrupt things. 235 * kernel could corrupt things.
197 */ 236 */
198 237
199 if (image->type == KEXEC_TYPE_CRASH) { 238 if (image->type == KEXEC_TYPE_CRASH) {
200 for (i = 0; i < nr_segments; i 239 for (i = 0; i < nr_segments; i++) {
201 unsigned long mstart, 240 unsigned long mstart, mend;
202 241
203 mstart = image->segmen 242 mstart = image->segment[i].mem;
204 mend = mstart + image- 243 mend = mstart + image->segment[i].memsz - 1;
205 /* Ensure we are withi 244 /* Ensure we are within the crash kernel limits */
206 if ((mstart < phys_to_ 245 if ((mstart < phys_to_boot_phys(crashk_res.start)) ||
207 (mend > phys_to_bo 246 (mend > phys_to_boot_phys(crashk_res.end)))
208 return -EADDRN 247 return -EADDRNOTAVAIL;
209 } 248 }
210 } 249 }
211 #endif <<
212 250
213 return 0; 251 return 0;
214 } 252 }
215 253
216 struct kimage *do_kimage_alloc_init(void) 254 struct kimage *do_kimage_alloc_init(void)
217 { 255 {
218 struct kimage *image; 256 struct kimage *image;
219 257
220 /* Allocate a controlling structure */ 258 /* Allocate a controlling structure */
221 image = kzalloc(sizeof(*image), GFP_KE 259 image = kzalloc(sizeof(*image), GFP_KERNEL);
222 if (!image) 260 if (!image)
223 return NULL; 261 return NULL;
224 262
225 image->head = 0; 263 image->head = 0;
226 image->entry = &image->head; 264 image->entry = &image->head;
227 image->last_entry = &image->head; 265 image->last_entry = &image->head;
228 image->control_page = ~0; /* By defaul 266 image->control_page = ~0; /* By default this does not apply */
229 image->type = KEXEC_TYPE_DEFAULT; 267 image->type = KEXEC_TYPE_DEFAULT;
230 268
231 /* Initialize the list of control page 269 /* Initialize the list of control pages */
232 INIT_LIST_HEAD(&image->control_pages); 270 INIT_LIST_HEAD(&image->control_pages);
233 271
234 /* Initialize the list of destination 272 /* Initialize the list of destination pages */
235 INIT_LIST_HEAD(&image->dest_pages); 273 INIT_LIST_HEAD(&image->dest_pages);
236 274
237 /* Initialize the list of unusable pag 275 /* Initialize the list of unusable pages */
238 INIT_LIST_HEAD(&image->unusable_pages) 276 INIT_LIST_HEAD(&image->unusable_pages);
239 277
240 #ifdef CONFIG_CRASH_HOTPLUG <<
241 image->hp_action = KEXEC_CRASH_HP_NONE <<
242 image->elfcorehdr_index = -1; <<
243 image->elfcorehdr_updated = false; <<
244 #endif <<
245 <<
246 return image; 278 return image;
247 } 279 }
248 280
249 int kimage_is_destination_range(struct kimage 281 int kimage_is_destination_range(struct kimage *image,
250 unsign 282 unsigned long start,
251 unsign 283 unsigned long end)
252 { 284 {
253 unsigned long i; 285 unsigned long i;
254 286
255 for (i = 0; i < image->nr_segments; i+ 287 for (i = 0; i < image->nr_segments; i++) {
256 unsigned long mstart, mend; 288 unsigned long mstart, mend;
257 289
258 mstart = image->segment[i].mem 290 mstart = image->segment[i].mem;
259 mend = mstart + image->segment !! 291 mend = mstart + image->segment[i].memsz;
260 if ((end >= mstart) && (start !! 292 if ((end > mstart) && (start < mend))
261 return 1; 293 return 1;
262 } 294 }
263 295
264 return 0; 296 return 0;
265 } 297 }
266 298
267 static struct page *kimage_alloc_pages(gfp_t g 299 static struct page *kimage_alloc_pages(gfp_t gfp_mask, unsigned int order)
268 { 300 {
269 struct page *pages; 301 struct page *pages;
270 302
271 if (fatal_signal_pending(current)) 303 if (fatal_signal_pending(current))
272 return NULL; 304 return NULL;
273 pages = alloc_pages(gfp_mask & ~__GFP_ 305 pages = alloc_pages(gfp_mask & ~__GFP_ZERO, order);
274 if (pages) { 306 if (pages) {
275 unsigned int count, i; 307 unsigned int count, i;
276 308
277 pages->mapping = NULL; 309 pages->mapping = NULL;
278 set_page_private(pages, order) 310 set_page_private(pages, order);
279 count = 1 << order; 311 count = 1 << order;
280 for (i = 0; i < count; i++) 312 for (i = 0; i < count; i++)
281 SetPageReserved(pages 313 SetPageReserved(pages + i);
282 314
283 arch_kexec_post_alloc_pages(pa 315 arch_kexec_post_alloc_pages(page_address(pages), count,
284 gf 316 gfp_mask);
285 317
286 if (gfp_mask & __GFP_ZERO) 318 if (gfp_mask & __GFP_ZERO)
287 for (i = 0; i < count; 319 for (i = 0; i < count; i++)
288 clear_highpage 320 clear_highpage(pages + i);
289 } 321 }
290 322
291 return pages; 323 return pages;
292 } 324 }
293 325
294 static void kimage_free_pages(struct page *pag 326 static void kimage_free_pages(struct page *page)
295 { 327 {
296 unsigned int order, count, i; 328 unsigned int order, count, i;
297 329
298 order = page_private(page); 330 order = page_private(page);
299 count = 1 << order; 331 count = 1 << order;
300 332
301 arch_kexec_pre_free_pages(page_address 333 arch_kexec_pre_free_pages(page_address(page), count);
302 334
303 for (i = 0; i < count; i++) 335 for (i = 0; i < count; i++)
304 ClearPageReserved(page + i); 336 ClearPageReserved(page + i);
305 __free_pages(page, order); 337 __free_pages(page, order);
306 } 338 }
307 339
308 void kimage_free_page_list(struct list_head *l 340 void kimage_free_page_list(struct list_head *list)
309 { 341 {
310 struct page *page, *next; 342 struct page *page, *next;
311 343
312 list_for_each_entry_safe(page, next, l 344 list_for_each_entry_safe(page, next, list, lru) {
313 list_del(&page->lru); 345 list_del(&page->lru);
314 kimage_free_pages(page); 346 kimage_free_pages(page);
315 } 347 }
316 } 348 }
317 349
318 static struct page *kimage_alloc_normal_contro 350 static struct page *kimage_alloc_normal_control_pages(struct kimage *image,
319 351 unsigned int order)
320 { 352 {
321 /* Control pages are special, they are 353 /* Control pages are special, they are the intermediaries
322 * that are needed while we copy the r 354 * that are needed while we copy the rest of the pages
323 * to their final resting place. As s 355 * to their final resting place. As such they must
324 * not conflict with either the destin 356 * not conflict with either the destination addresses
325 * or memory the kernel is already usi 357 * or memory the kernel is already using.
326 * 358 *
327 * The only case where we really need 359 * The only case where we really need more than one of
328 * these are for architectures where w 360 * these are for architectures where we cannot disable
329 * the MMU and must instead generate a 361 * the MMU and must instead generate an identity mapped
330 * page table for all of the memory. 362 * page table for all of the memory.
331 * 363 *
332 * At worst this runs in O(N) of the i 364 * At worst this runs in O(N) of the image size.
333 */ 365 */
334 struct list_head extra_pages; 366 struct list_head extra_pages;
335 struct page *pages; 367 struct page *pages;
336 unsigned int count; 368 unsigned int count;
337 369
338 count = 1 << order; 370 count = 1 << order;
339 INIT_LIST_HEAD(&extra_pages); 371 INIT_LIST_HEAD(&extra_pages);
340 372
341 /* Loop while I can allocate a page an 373 /* Loop while I can allocate a page and the page allocated
342 * is a destination page. 374 * is a destination page.
343 */ 375 */
344 do { 376 do {
345 unsigned long pfn, epfn, addr, 377 unsigned long pfn, epfn, addr, eaddr;
346 378
347 pages = kimage_alloc_pages(KEX 379 pages = kimage_alloc_pages(KEXEC_CONTROL_MEMORY_GFP, order);
348 if (!pages) 380 if (!pages)
349 break; 381 break;
350 pfn = page_to_boot_pfn(pages 382 pfn = page_to_boot_pfn(pages);
351 epfn = pfn + count; 383 epfn = pfn + count;
352 addr = pfn << PAGE_SHIFT; 384 addr = pfn << PAGE_SHIFT;
353 eaddr = (epfn << PAGE_SHIFT) - !! 385 eaddr = epfn << PAGE_SHIFT;
354 if ((epfn >= (KEXEC_CONTROL_ME 386 if ((epfn >= (KEXEC_CONTROL_MEMORY_LIMIT >> PAGE_SHIFT)) ||
355 kimage_is_destin 387 kimage_is_destination_range(image, addr, eaddr)) {
356 list_add(&pages->lru, 388 list_add(&pages->lru, &extra_pages);
357 pages = NULL; 389 pages = NULL;
358 } 390 }
359 } while (!pages); 391 } while (!pages);
360 392
361 if (pages) { 393 if (pages) {
362 /* Remember the allocated page 394 /* Remember the allocated page... */
363 list_add(&pages->lru, &image-> 395 list_add(&pages->lru, &image->control_pages);
364 396
365 /* Because the page is already 397 /* Because the page is already in it's destination
366 * location we will never allo 398 * location we will never allocate another page at
367 * that address. Therefore ki 399 * that address. Therefore kimage_alloc_pages
368 * will not return it (again) 400 * will not return it (again) and we don't need
369 * to give it an entry in imag 401 * to give it an entry in image->segment[].
370 */ 402 */
371 } 403 }
372 /* Deal with the destination pages I h 404 /* Deal with the destination pages I have inadvertently allocated.
373 * 405 *
374 * Ideally I would convert multi-page 406 * Ideally I would convert multi-page allocations into single
375 * page allocations, and add everythin 407 * page allocations, and add everything to image->dest_pages.
376 * 408 *
377 * For now it is simpler to just free 409 * For now it is simpler to just free the pages.
378 */ 410 */
379 kimage_free_page_list(&extra_pages); 411 kimage_free_page_list(&extra_pages);
380 412
381 return pages; 413 return pages;
382 } 414 }
383 415
384 #ifdef CONFIG_CRASH_DUMP <<
385 static struct page *kimage_alloc_crash_control 416 static struct page *kimage_alloc_crash_control_pages(struct kimage *image,
386 417 unsigned int order)
387 { 418 {
388 /* Control pages are special, they are 419 /* Control pages are special, they are the intermediaries
389 * that are needed while we copy the r 420 * that are needed while we copy the rest of the pages
390 * to their final resting place. As s 421 * to their final resting place. As such they must
391 * not conflict with either the destin 422 * not conflict with either the destination addresses
392 * or memory the kernel is already usi 423 * or memory the kernel is already using.
393 * 424 *
394 * Control pages are also the only pag 425 * Control pages are also the only pags we must allocate
395 * when loading a crash kernel. All o 426 * when loading a crash kernel. All of the other pages
396 * are specified by the segments and w 427 * are specified by the segments and we just memcpy
397 * into them directly. 428 * into them directly.
398 * 429 *
399 * The only case where we really need 430 * The only case where we really need more than one of
400 * these are for architectures where w 431 * these are for architectures where we cannot disable
401 * the MMU and must instead generate a 432 * the MMU and must instead generate an identity mapped
402 * page table for all of the memory. 433 * page table for all of the memory.
403 * 434 *
404 * Given the low demand this implement 435 * Given the low demand this implements a very simple
405 * allocator that finds the first hole 436 * allocator that finds the first hole of the appropriate
406 * size in the reserved memory region, 437 * size in the reserved memory region, and allocates all
407 * of the memory up to and including t 438 * of the memory up to and including the hole.
408 */ 439 */
409 unsigned long hole_start, hole_end, si 440 unsigned long hole_start, hole_end, size;
410 struct page *pages; 441 struct page *pages;
411 442
412 pages = NULL; 443 pages = NULL;
413 size = (1 << order) << PAGE_SHIFT; 444 size = (1 << order) << PAGE_SHIFT;
414 hole_start = ALIGN(image->control_page !! 445 hole_start = (image->control_page + (size - 1)) & ~(size - 1);
415 hole_end = hole_start + size - 1; 446 hole_end = hole_start + size - 1;
416 while (hole_end <= crashk_res.end) { 447 while (hole_end <= crashk_res.end) {
417 unsigned long i; 448 unsigned long i;
418 449
419 cond_resched(); 450 cond_resched();
420 451
421 if (hole_end > KEXEC_CRASH_CON 452 if (hole_end > KEXEC_CRASH_CONTROL_MEMORY_LIMIT)
422 break; 453 break;
423 /* See if I overlap any of the 454 /* See if I overlap any of the segments */
424 for (i = 0; i < image->nr_segm 455 for (i = 0; i < image->nr_segments; i++) {
425 unsigned long mstart, 456 unsigned long mstart, mend;
426 457
427 mstart = image->segmen 458 mstart = image->segment[i].mem;
428 mend = mstart + imag 459 mend = mstart + image->segment[i].memsz - 1;
429 if ((hole_end >= mstar 460 if ((hole_end >= mstart) && (hole_start <= mend)) {
430 /* Advance the 461 /* Advance the hole to the end of the segment */
431 hole_start = A !! 462 hole_start = (mend + (size - 1)) & ~(size - 1);
432 hole_end = h 463 hole_end = hole_start + size - 1;
433 break; 464 break;
434 } 465 }
435 } 466 }
436 /* If I don't overlap any segm 467 /* If I don't overlap any segments I have found my hole! */
437 if (i == image->nr_segments) { 468 if (i == image->nr_segments) {
438 pages = pfn_to_page(ho 469 pages = pfn_to_page(hole_start >> PAGE_SHIFT);
439 image->control_page = !! 470 image->control_page = hole_end;
440 break; 471 break;
441 } 472 }
442 } 473 }
443 474
444 /* Ensure that these pages are decrypt 475 /* Ensure that these pages are decrypted if SME is enabled. */
445 if (pages) 476 if (pages)
446 arch_kexec_post_alloc_pages(pa 477 arch_kexec_post_alloc_pages(page_address(pages), 1 << order, 0);
447 478
448 return pages; 479 return pages;
449 } 480 }
450 #endif <<
451 481
452 482
453 struct page *kimage_alloc_control_pages(struct 483 struct page *kimage_alloc_control_pages(struct kimage *image,
454 unsig 484 unsigned int order)
455 { 485 {
456 struct page *pages = NULL; 486 struct page *pages = NULL;
457 487
458 switch (image->type) { 488 switch (image->type) {
459 case KEXEC_TYPE_DEFAULT: 489 case KEXEC_TYPE_DEFAULT:
460 pages = kimage_alloc_normal_co 490 pages = kimage_alloc_normal_control_pages(image, order);
461 break; 491 break;
462 #ifdef CONFIG_CRASH_DUMP <<
463 case KEXEC_TYPE_CRASH: 492 case KEXEC_TYPE_CRASH:
464 pages = kimage_alloc_crash_con 493 pages = kimage_alloc_crash_control_pages(image, order);
465 break; 494 break;
466 #endif <<
467 } 495 }
468 496
469 return pages; 497 return pages;
470 } 498 }
471 499
>> 500 int kimage_crash_copy_vmcoreinfo(struct kimage *image)
>> 501 {
>> 502 struct page *vmcoreinfo_page;
>> 503 void *safecopy;
>> 504
>> 505 if (image->type != KEXEC_TYPE_CRASH)
>> 506 return 0;
>> 507
>> 508 /*
>> 509 * For kdump, allocate one vmcoreinfo safe copy from the
>> 510 * crash memory. as we have arch_kexec_protect_crashkres()
>> 511 * after kexec syscall, we naturally protect it from write
>> 512 * (even read) access under kernel direct mapping. But on
>> 513 * the other hand, we still need to operate it when crash
>> 514 * happens to generate vmcoreinfo note, hereby we rely on
>> 515 * vmap for this purpose.
>> 516 */
>> 517 vmcoreinfo_page = kimage_alloc_control_pages(image, 0);
>> 518 if (!vmcoreinfo_page) {
>> 519 pr_warn("Could not allocate vmcoreinfo buffer\n");
>> 520 return -ENOMEM;
>> 521 }
>> 522 safecopy = vmap(&vmcoreinfo_page, 1, VM_MAP, PAGE_KERNEL);
>> 523 if (!safecopy) {
>> 524 pr_warn("Could not vmap vmcoreinfo buffer\n");
>> 525 return -ENOMEM;
>> 526 }
>> 527
>> 528 image->vmcoreinfo_data_copy = safecopy;
>> 529 crash_update_vmcoreinfo_safecopy(safecopy);
>> 530
>> 531 return 0;
>> 532 }
>> 533
472 static int kimage_add_entry(struct kimage *ima 534 static int kimage_add_entry(struct kimage *image, kimage_entry_t entry)
473 { 535 {
474 if (*image->entry != 0) 536 if (*image->entry != 0)
475 image->entry++; 537 image->entry++;
476 538
477 if (image->entry == image->last_entry) 539 if (image->entry == image->last_entry) {
478 kimage_entry_t *ind_page; 540 kimage_entry_t *ind_page;
479 struct page *page; 541 struct page *page;
480 542
481 page = kimage_alloc_page(image 543 page = kimage_alloc_page(image, GFP_KERNEL, KIMAGE_NO_DEST);
482 if (!page) 544 if (!page)
483 return -ENOMEM; 545 return -ENOMEM;
484 546
485 ind_page = page_address(page); 547 ind_page = page_address(page);
486 *image->entry = virt_to_boot_p 548 *image->entry = virt_to_boot_phys(ind_page) | IND_INDIRECTION;
487 image->entry = ind_page; 549 image->entry = ind_page;
488 image->last_entry = ind_page + 550 image->last_entry = ind_page +
489 ((PAGE_S 551 ((PAGE_SIZE/sizeof(kimage_entry_t)) - 1);
490 } 552 }
491 *image->entry = entry; 553 *image->entry = entry;
492 image->entry++; 554 image->entry++;
493 *image->entry = 0; 555 *image->entry = 0;
494 556
495 return 0; 557 return 0;
496 } 558 }
497 559
498 static int kimage_set_destination(struct kimag 560 static int kimage_set_destination(struct kimage *image,
499 unsigned lo 561 unsigned long destination)
500 { 562 {
>> 563 int result;
>> 564
501 destination &= PAGE_MASK; 565 destination &= PAGE_MASK;
>> 566 result = kimage_add_entry(image, destination | IND_DESTINATION);
502 567
503 return kimage_add_entry(image, destina !! 568 return result;
504 } 569 }
505 570
506 571
507 static int kimage_add_page(struct kimage *imag 572 static int kimage_add_page(struct kimage *image, unsigned long page)
508 { 573 {
>> 574 int result;
>> 575
509 page &= PAGE_MASK; 576 page &= PAGE_MASK;
>> 577 result = kimage_add_entry(image, page | IND_SOURCE);
510 578
511 return kimage_add_entry(image, page | !! 579 return result;
512 } 580 }
513 581
514 582
515 static void kimage_free_extra_pages(struct kim 583 static void kimage_free_extra_pages(struct kimage *image)
516 { 584 {
517 /* Walk through and free any extra des 585 /* Walk through and free any extra destination pages I may have */
518 kimage_free_page_list(&image->dest_pag 586 kimage_free_page_list(&image->dest_pages);
519 587
520 /* Walk through and free any unusable 588 /* Walk through and free any unusable pages I have cached */
521 kimage_free_page_list(&image->unusable 589 kimage_free_page_list(&image->unusable_pages);
522 590
523 } 591 }
524 592
>> 593 int __weak machine_kexec_post_load(struct kimage *image)
>> 594 {
>> 595 return 0;
>> 596 }
>> 597
525 void kimage_terminate(struct kimage *image) 598 void kimage_terminate(struct kimage *image)
526 { 599 {
527 if (*image->entry != 0) 600 if (*image->entry != 0)
528 image->entry++; 601 image->entry++;
529 602
530 *image->entry = IND_DONE; 603 *image->entry = IND_DONE;
531 } 604 }
532 605
533 #define for_each_kimage_entry(image, ptr, entr 606 #define for_each_kimage_entry(image, ptr, entry) \
534 for (ptr = &image->head; (entry = *ptr 607 for (ptr = &image->head; (entry = *ptr) && !(entry & IND_DONE); \
535 ptr = (entry & IND_INDIRECTION 608 ptr = (entry & IND_INDIRECTION) ? \
536 boot_phys_to_virt((ent 609 boot_phys_to_virt((entry & PAGE_MASK)) : ptr + 1)
537 610
538 static void kimage_free_entry(kimage_entry_t e 611 static void kimage_free_entry(kimage_entry_t entry)
539 { 612 {
540 struct page *page; 613 struct page *page;
541 614
542 page = boot_pfn_to_page(entry >> PAGE_ 615 page = boot_pfn_to_page(entry >> PAGE_SHIFT);
543 kimage_free_pages(page); 616 kimage_free_pages(page);
544 } 617 }
545 618
546 void kimage_free(struct kimage *image) 619 void kimage_free(struct kimage *image)
547 { 620 {
548 kimage_entry_t *ptr, entry; 621 kimage_entry_t *ptr, entry;
549 kimage_entry_t ind = 0; 622 kimage_entry_t ind = 0;
550 623
551 if (!image) 624 if (!image)
552 return; 625 return;
553 626
554 #ifdef CONFIG_CRASH_DUMP <<
555 if (image->vmcoreinfo_data_copy) { 627 if (image->vmcoreinfo_data_copy) {
556 crash_update_vmcoreinfo_safeco 628 crash_update_vmcoreinfo_safecopy(NULL);
557 vunmap(image->vmcoreinfo_data_ 629 vunmap(image->vmcoreinfo_data_copy);
558 } 630 }
559 #endif <<
560 631
561 kimage_free_extra_pages(image); 632 kimage_free_extra_pages(image);
562 for_each_kimage_entry(image, ptr, entr 633 for_each_kimage_entry(image, ptr, entry) {
563 if (entry & IND_INDIRECTION) { 634 if (entry & IND_INDIRECTION) {
564 /* Free the previous i 635 /* Free the previous indirection page */
565 if (ind & IND_INDIRECT 636 if (ind & IND_INDIRECTION)
566 kimage_free_en 637 kimage_free_entry(ind);
567 /* Save this indirecti 638 /* Save this indirection page until we are
568 * done with it. 639 * done with it.
569 */ 640 */
570 ind = entry; 641 ind = entry;
571 } else if (entry & IND_SOURCE) 642 } else if (entry & IND_SOURCE)
572 kimage_free_entry(entr 643 kimage_free_entry(entry);
573 } 644 }
574 /* Free the final indirection page */ 645 /* Free the final indirection page */
575 if (ind & IND_INDIRECTION) 646 if (ind & IND_INDIRECTION)
576 kimage_free_entry(ind); 647 kimage_free_entry(ind);
577 648
578 /* Handle any machine specific cleanup 649 /* Handle any machine specific cleanup */
579 machine_kexec_cleanup(image); 650 machine_kexec_cleanup(image);
580 651
581 /* Free the kexec control pages... */ 652 /* Free the kexec control pages... */
582 kimage_free_page_list(&image->control_ 653 kimage_free_page_list(&image->control_pages);
583 654
584 /* 655 /*
585 * Free up any temporary buffers alloc 656 * Free up any temporary buffers allocated. This might hit if
586 * error occurred much later after buf 657 * error occurred much later after buffer allocation.
587 */ 658 */
588 if (image->file_mode) 659 if (image->file_mode)
589 kimage_file_post_load_cleanup( 660 kimage_file_post_load_cleanup(image);
590 661
591 kfree(image); 662 kfree(image);
592 } 663 }
593 664
594 static kimage_entry_t *kimage_dst_used(struct 665 static kimage_entry_t *kimage_dst_used(struct kimage *image,
595 unsign 666 unsigned long page)
596 { 667 {
597 kimage_entry_t *ptr, entry; 668 kimage_entry_t *ptr, entry;
598 unsigned long destination = 0; 669 unsigned long destination = 0;
599 670
600 for_each_kimage_entry(image, ptr, entr 671 for_each_kimage_entry(image, ptr, entry) {
601 if (entry & IND_DESTINATION) 672 if (entry & IND_DESTINATION)
602 destination = entry & 673 destination = entry & PAGE_MASK;
603 else if (entry & IND_SOURCE) { 674 else if (entry & IND_SOURCE) {
604 if (page == destinatio 675 if (page == destination)
605 return ptr; 676 return ptr;
606 destination += PAGE_SI 677 destination += PAGE_SIZE;
607 } 678 }
608 } 679 }
609 680
610 return NULL; 681 return NULL;
611 } 682 }
612 683
613 static struct page *kimage_alloc_page(struct k 684 static struct page *kimage_alloc_page(struct kimage *image,
614 gfp_t 685 gfp_t gfp_mask,
615 unsign 686 unsigned long destination)
616 { 687 {
617 /* 688 /*
618 * Here we implement safeguards to ens 689 * Here we implement safeguards to ensure that a source page
619 * is not copied to its destination pa 690 * is not copied to its destination page before the data on
620 * the destination page is no longer u 691 * the destination page is no longer useful.
621 * 692 *
622 * To do this we maintain the invarian 693 * To do this we maintain the invariant that a source page is
623 * either its own destination page, or 694 * either its own destination page, or it is not a
624 * destination page at all. 695 * destination page at all.
625 * 696 *
626 * That is slightly stronger than requ 697 * That is slightly stronger than required, but the proof
627 * that no problems will not occur is 698 * that no problems will not occur is trivial, and the
628 * implementation is simply to verify. 699 * implementation is simply to verify.
629 * 700 *
630 * When allocating all pages normally 701 * When allocating all pages normally this algorithm will run
631 * in O(N) time, but in the worst case 702 * in O(N) time, but in the worst case it will run in O(N^2)
632 * time. If the runtime is a problem 703 * time. If the runtime is a problem the data structures can
633 * be fixed. 704 * be fixed.
634 */ 705 */
635 struct page *page; 706 struct page *page;
636 unsigned long addr; 707 unsigned long addr;
637 708
638 /* 709 /*
639 * Walk through the list of destinatio 710 * Walk through the list of destination pages, and see if I
640 * have a match. 711 * have a match.
641 */ 712 */
642 list_for_each_entry(page, &image->dest 713 list_for_each_entry(page, &image->dest_pages, lru) {
643 addr = page_to_boot_pfn(page) 714 addr = page_to_boot_pfn(page) << PAGE_SHIFT;
644 if (addr == destination) { 715 if (addr == destination) {
645 list_del(&page->lru); 716 list_del(&page->lru);
646 return page; 717 return page;
647 } 718 }
648 } 719 }
649 page = NULL; 720 page = NULL;
650 while (1) { 721 while (1) {
651 kimage_entry_t *old; 722 kimage_entry_t *old;
652 723
653 /* Allocate a page, if we run 724 /* Allocate a page, if we run out of memory give up */
654 page = kimage_alloc_pages(gfp_ 725 page = kimage_alloc_pages(gfp_mask, 0);
655 if (!page) 726 if (!page)
656 return NULL; 727 return NULL;
657 /* If the page cannot be used 728 /* If the page cannot be used file it away */
658 if (page_to_boot_pfn(page) > 729 if (page_to_boot_pfn(page) >
659 (KEXEC_SOURCE_ 730 (KEXEC_SOURCE_MEMORY_LIMIT >> PAGE_SHIFT)) {
660 list_add(&page->lru, & 731 list_add(&page->lru, &image->unusable_pages);
661 continue; 732 continue;
662 } 733 }
663 addr = page_to_boot_pfn(page) 734 addr = page_to_boot_pfn(page) << PAGE_SHIFT;
664 735
665 /* If it is the destination pa 736 /* If it is the destination page we want use it */
666 if (addr == destination) 737 if (addr == destination)
667 break; 738 break;
668 739
669 /* If the page is not a destin 740 /* If the page is not a destination page use it */
670 if (!kimage_is_destination_ran 741 if (!kimage_is_destination_range(image, addr,
671 !! 742 addr + PAGE_SIZE))
672 break; 743 break;
673 744
674 /* 745 /*
675 * I know that the page is som 746 * I know that the page is someones destination page.
676 * See if there is already a s 747 * See if there is already a source page for this
677 * destination page. And if s 748 * destination page. And if so swap the source pages.
678 */ 749 */
679 old = kimage_dst_used(image, a 750 old = kimage_dst_used(image, addr);
680 if (old) { 751 if (old) {
681 /* If so move it */ 752 /* If so move it */
682 unsigned long old_addr 753 unsigned long old_addr;
683 struct page *old_page; 754 struct page *old_page;
684 755
685 old_addr = *old & PAGE 756 old_addr = *old & PAGE_MASK;
686 old_page = boot_pfn_to 757 old_page = boot_pfn_to_page(old_addr >> PAGE_SHIFT);
687 copy_highpage(page, ol 758 copy_highpage(page, old_page);
688 *old = addr | (*old & 759 *old = addr | (*old & ~PAGE_MASK);
689 760
690 /* The old page I have 761 /* The old page I have found cannot be a
691 * destination page, s 762 * destination page, so return it if it's
692 * gfp_flags honor the 763 * gfp_flags honor the ones passed in.
693 */ 764 */
694 if (!(gfp_mask & __GFP 765 if (!(gfp_mask & __GFP_HIGHMEM) &&
695 PageHighMem(old_pa 766 PageHighMem(old_page)) {
696 kimage_free_pa 767 kimage_free_pages(old_page);
697 continue; 768 continue;
698 } 769 }
>> 770 addr = old_addr;
699 page = old_page; 771 page = old_page;
700 break; 772 break;
701 } 773 }
702 /* Place the page on the desti 774 /* Place the page on the destination list, to be used later */
703 list_add(&page->lru, &image->d 775 list_add(&page->lru, &image->dest_pages);
704 } 776 }
705 777
706 return page; 778 return page;
707 } 779 }
708 780
709 static int kimage_load_normal_segment(struct k 781 static int kimage_load_normal_segment(struct kimage *image,
710 struc 782 struct kexec_segment *segment)
711 { 783 {
712 unsigned long maddr; 784 unsigned long maddr;
713 size_t ubytes, mbytes; 785 size_t ubytes, mbytes;
714 int result; 786 int result;
715 unsigned char __user *buf = NULL; 787 unsigned char __user *buf = NULL;
716 unsigned char *kbuf = NULL; 788 unsigned char *kbuf = NULL;
717 789
>> 790 result = 0;
718 if (image->file_mode) 791 if (image->file_mode)
719 kbuf = segment->kbuf; 792 kbuf = segment->kbuf;
720 else 793 else
721 buf = segment->buf; 794 buf = segment->buf;
722 ubytes = segment->bufsz; 795 ubytes = segment->bufsz;
723 mbytes = segment->memsz; 796 mbytes = segment->memsz;
724 maddr = segment->mem; 797 maddr = segment->mem;
725 798
726 result = kimage_set_destination(image, 799 result = kimage_set_destination(image, maddr);
727 if (result < 0) 800 if (result < 0)
728 goto out; 801 goto out;
729 802
730 while (mbytes) { 803 while (mbytes) {
731 struct page *page; 804 struct page *page;
732 char *ptr; 805 char *ptr;
733 size_t uchunk, mchunk; 806 size_t uchunk, mchunk;
734 807
735 page = kimage_alloc_page(image 808 page = kimage_alloc_page(image, GFP_HIGHUSER, maddr);
736 if (!page) { 809 if (!page) {
737 result = -ENOMEM; 810 result = -ENOMEM;
738 goto out; 811 goto out;
739 } 812 }
740 result = kimage_add_page(image 813 result = kimage_add_page(image, page_to_boot_pfn(page)
741 814 << PAGE_SHIFT);
742 if (result < 0) 815 if (result < 0)
743 goto out; 816 goto out;
744 817
745 ptr = kmap_local_page(page); !! 818 ptr = kmap(page);
746 /* Start with a clear page */ 819 /* Start with a clear page */
747 clear_page(ptr); 820 clear_page(ptr);
748 ptr += maddr & ~PAGE_MASK; 821 ptr += maddr & ~PAGE_MASK;
749 mchunk = min_t(size_t, mbytes, 822 mchunk = min_t(size_t, mbytes,
750 PAGE_SIZE - (m 823 PAGE_SIZE - (maddr & ~PAGE_MASK));
751 uchunk = min(ubytes, mchunk); 824 uchunk = min(ubytes, mchunk);
752 825
753 if (uchunk) { !! 826 /* For file based kexec, source pages are in kernel memory */
754 /* For file based kexe !! 827 if (image->file_mode)
755 if (image->file_mode) !! 828 memcpy(ptr, kbuf, uchunk);
756 memcpy(ptr, kb !! 829 else
757 else !! 830 result = copy_from_user(ptr, buf, uchunk);
758 result = copy_ !! 831 kunmap(page);
759 ubytes -= uchunk; <<
760 if (image->file_mode) <<
761 kbuf += uchunk <<
762 else <<
763 buf += uchunk; <<
764 } <<
765 kunmap_local(ptr); <<
766 if (result) { 832 if (result) {
767 result = -EFAULT; 833 result = -EFAULT;
768 goto out; 834 goto out;
769 } 835 }
>> 836 ubytes -= uchunk;
770 maddr += mchunk; 837 maddr += mchunk;
>> 838 if (image->file_mode)
>> 839 kbuf += mchunk;
>> 840 else
>> 841 buf += mchunk;
771 mbytes -= mchunk; 842 mbytes -= mchunk;
772 843
773 cond_resched(); 844 cond_resched();
774 } 845 }
775 out: 846 out:
776 return result; 847 return result;
777 } 848 }
778 849
779 #ifdef CONFIG_CRASH_DUMP <<
780 static int kimage_load_crash_segment(struct ki 850 static int kimage_load_crash_segment(struct kimage *image,
781 struct 851 struct kexec_segment *segment)
782 { 852 {
783 /* For crash dumps kernels we simply c 853 /* For crash dumps kernels we simply copy the data from
784 * user space to it's destination. 854 * user space to it's destination.
785 * We do things a page at a time for t 855 * We do things a page at a time for the sake of kmap.
786 */ 856 */
787 unsigned long maddr; 857 unsigned long maddr;
788 size_t ubytes, mbytes; 858 size_t ubytes, mbytes;
789 int result; 859 int result;
790 unsigned char __user *buf = NULL; 860 unsigned char __user *buf = NULL;
791 unsigned char *kbuf = NULL; 861 unsigned char *kbuf = NULL;
792 862
793 result = 0; 863 result = 0;
794 if (image->file_mode) 864 if (image->file_mode)
795 kbuf = segment->kbuf; 865 kbuf = segment->kbuf;
796 else 866 else
797 buf = segment->buf; 867 buf = segment->buf;
798 ubytes = segment->bufsz; 868 ubytes = segment->bufsz;
799 mbytes = segment->memsz; 869 mbytes = segment->memsz;
800 maddr = segment->mem; 870 maddr = segment->mem;
801 while (mbytes) { 871 while (mbytes) {
802 struct page *page; 872 struct page *page;
803 char *ptr; 873 char *ptr;
804 size_t uchunk, mchunk; 874 size_t uchunk, mchunk;
805 875
806 page = boot_pfn_to_page(maddr 876 page = boot_pfn_to_page(maddr >> PAGE_SHIFT);
807 if (!page) { 877 if (!page) {
808 result = -ENOMEM; 878 result = -ENOMEM;
809 goto out; 879 goto out;
810 } 880 }
811 arch_kexec_post_alloc_pages(pa 881 arch_kexec_post_alloc_pages(page_address(page), 1, 0);
812 ptr = kmap_local_page(page); !! 882 ptr = kmap(page);
813 ptr += maddr & ~PAGE_MASK; 883 ptr += maddr & ~PAGE_MASK;
814 mchunk = min_t(size_t, mbytes, 884 mchunk = min_t(size_t, mbytes,
815 PAGE_SIZE - (m 885 PAGE_SIZE - (maddr & ~PAGE_MASK));
816 uchunk = min(ubytes, mchunk); 886 uchunk = min(ubytes, mchunk);
817 if (mchunk > uchunk) { 887 if (mchunk > uchunk) {
818 /* Zero the trailing p 888 /* Zero the trailing part of the page */
819 memset(ptr + uchunk, 0 889 memset(ptr + uchunk, 0, mchunk - uchunk);
820 } 890 }
821 891
822 if (uchunk) { !! 892 /* For file based kexec, source pages are in kernel memory */
823 /* For file based kexe !! 893 if (image->file_mode)
824 if (image->file_mode) !! 894 memcpy(ptr, kbuf, uchunk);
825 memcpy(ptr, kb !! 895 else
826 else !! 896 result = copy_from_user(ptr, buf, uchunk);
827 result = copy_ <<
828 ubytes -= uchunk; <<
829 if (image->file_mode) <<
830 kbuf += uchunk <<
831 else <<
832 buf += uchunk; <<
833 } <<
834 kexec_flush_icache_page(page); 897 kexec_flush_icache_page(page);
835 kunmap_local(ptr); !! 898 kunmap(page);
836 arch_kexec_pre_free_pages(page 899 arch_kexec_pre_free_pages(page_address(page), 1);
837 if (result) { 900 if (result) {
838 result = -EFAULT; 901 result = -EFAULT;
839 goto out; 902 goto out;
840 } 903 }
>> 904 ubytes -= uchunk;
841 maddr += mchunk; 905 maddr += mchunk;
>> 906 if (image->file_mode)
>> 907 kbuf += mchunk;
>> 908 else
>> 909 buf += mchunk;
842 mbytes -= mchunk; 910 mbytes -= mchunk;
843 911
844 cond_resched(); 912 cond_resched();
845 } 913 }
846 out: 914 out:
847 return result; 915 return result;
848 } 916 }
849 #endif <<
850 917
851 int kimage_load_segment(struct kimage *image, 918 int kimage_load_segment(struct kimage *image,
852 struct kexec_s 919 struct kexec_segment *segment)
853 { 920 {
854 int result = -ENOMEM; 921 int result = -ENOMEM;
855 922
856 switch (image->type) { 923 switch (image->type) {
857 case KEXEC_TYPE_DEFAULT: 924 case KEXEC_TYPE_DEFAULT:
858 result = kimage_load_normal_se 925 result = kimage_load_normal_segment(image, segment);
859 break; 926 break;
860 #ifdef CONFIG_CRASH_DUMP <<
861 case KEXEC_TYPE_CRASH: 927 case KEXEC_TYPE_CRASH:
862 result = kimage_load_crash_seg 928 result = kimage_load_crash_segment(image, segment);
863 break; 929 break;
864 #endif <<
865 } 930 }
866 931
867 return result; 932 return result;
868 } 933 }
869 934
870 struct kexec_load_limit { <<
871 /* Mutex protects the limit count. */ <<
872 struct mutex mutex; <<
873 int limit; <<
874 }; <<
875 <<
876 static struct kexec_load_limit load_limit_rebo <<
877 .mutex = __MUTEX_INITIALIZER(load_limi <<
878 .limit = -1, <<
879 }; <<
880 <<
881 static struct kexec_load_limit load_limit_pani <<
882 .mutex = __MUTEX_INITIALIZER(load_limi <<
883 .limit = -1, <<
884 }; <<
885 <<
886 struct kimage *kexec_image; 935 struct kimage *kexec_image;
887 struct kimage *kexec_crash_image; 936 struct kimage *kexec_crash_image;
888 static int kexec_load_disabled; !! 937 int kexec_load_disabled;
889 938
890 #ifdef CONFIG_SYSCTL !! 939 /*
891 static int kexec_limit_handler(const struct ct !! 940 * No panic_cpu check version of crash_kexec(). This function is called
892 void *buffer, s !! 941 * only when panic_cpu holds the current CPU number; this is the only CPU
893 { !! 942 * which processes crash_kexec routines.
894 struct kexec_load_limit *limit = table !! 943 */
895 int val; !! 944 void __noclone __crash_kexec(struct pt_regs *regs)
896 struct ctl_table tmp = { !! 945 {
897 .data = &val, !! 946 /* Take the kexec_mutex here to prevent sys_kexec_load
898 .maxlen = sizeof(val), !! 947 * running on one cpu from replacing the crash kernel
899 .mode = table->mode, !! 948 * we are using after a panic on a different cpu.
900 }; !! 949 *
901 int ret; !! 950 * If the crash kernel was not located in a fixed area
902 !! 951 * of memory the xchg(&kexec_crash_image) would be
903 if (write) { !! 952 * sufficient. But since I reuse the memory...
904 ret = proc_dointvec(&tmp, writ !! 953 */
905 if (ret) !! 954 if (mutex_trylock(&kexec_mutex)) {
906 return ret; !! 955 if (kexec_crash_image) {
>> 956 struct pt_regs fixed_regs;
>> 957
>> 958 crash_setup_regs(&fixed_regs, regs);
>> 959 crash_save_vmcoreinfo();
>> 960 machine_crash_shutdown(&fixed_regs);
>> 961 machine_kexec(kexec_crash_image);
>> 962 }
>> 963 mutex_unlock(&kexec_mutex);
>> 964 }
>> 965 }
>> 966 STACK_FRAME_NON_STANDARD(__crash_kexec);
907 967
908 if (val < 0) !! 968 void crash_kexec(struct pt_regs *regs)
909 return -EINVAL; !! 969 {
>> 970 int old_cpu, this_cpu;
910 971
911 mutex_lock(&limit->mutex); !! 972 /*
912 if (limit->limit != -1 && val !! 973 * Only one CPU is allowed to execute the crash_kexec() code as with
913 ret = -EINVAL; !! 974 * panic(). Otherwise parallel calls of panic() and crash_kexec()
914 else !! 975 * may stop each other. To exclude them, we use panic_cpu here too.
915 limit->limit = val; !! 976 */
916 mutex_unlock(&limit->mutex); !! 977 this_cpu = raw_smp_processor_id();
>> 978 old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);
>> 979 if (old_cpu == PANIC_CPU_INVALID) {
>> 980 /* This is the 1st CPU which comes here, so go ahead. */
>> 981 printk_safe_flush_on_panic();
>> 982 __crash_kexec(regs);
917 983
918 return ret; !! 984 /*
>> 985 * Reset panic_cpu to allow another panic()/crash_kexec()
>> 986 * call.
>> 987 */
>> 988 atomic_set(&panic_cpu, PANIC_CPU_INVALID);
919 } 989 }
>> 990 }
920 991
921 mutex_lock(&limit->mutex); !! 992 size_t crash_get_memory_size(void)
922 val = limit->limit; !! 993 {
923 mutex_unlock(&limit->mutex); !! 994 size_t size = 0;
924 995
925 return proc_dointvec(&tmp, write, buff !! 996 mutex_lock(&kexec_mutex);
>> 997 if (crashk_res.end != crashk_res.start)
>> 998 size = resource_size(&crashk_res);
>> 999 mutex_unlock(&kexec_mutex);
>> 1000 return size;
926 } 1001 }
927 1002
928 static struct ctl_table kexec_core_sysctls[] = !! 1003 void __weak crash_free_reserved_phys_range(unsigned long begin,
929 { !! 1004 unsigned long end)
930 .procname = "kexec_load_ !! 1005 {
931 .data = &kexec_load_ !! 1006 unsigned long addr;
932 .maxlen = sizeof(int), <<
933 .mode = 0644, <<
934 /* only handle a transition fr <<
935 .proc_handler = proc_dointve <<
936 .extra1 = SYSCTL_ONE, <<
937 .extra2 = SYSCTL_ONE, <<
938 }, <<
939 { <<
940 .procname = "kexec_load_ <<
941 .data = &load_limit_ <<
942 .mode = 0644, <<
943 .proc_handler = kexec_limit_ <<
944 }, <<
945 { <<
946 .procname = "kexec_load_ <<
947 .data = &load_limit_ <<
948 .mode = 0644, <<
949 .proc_handler = kexec_limit_ <<
950 }, <<
951 }; <<
952 1007
953 static int __init kexec_core_sysctl_init(void) !! 1008 for (addr = begin; addr < end; addr += PAGE_SIZE)
>> 1009 free_reserved_page(boot_pfn_to_page(addr >> PAGE_SHIFT));
>> 1010 }
>> 1011
>> 1012 int crash_shrink_memory(unsigned long new_size)
954 { 1013 {
955 register_sysctl_init("kernel", kexec_c !! 1014 int ret = 0;
956 return 0; !! 1015 unsigned long start, end;
>> 1016 unsigned long old_size;
>> 1017 struct resource *ram_res;
>> 1018
>> 1019 mutex_lock(&kexec_mutex);
>> 1020
>> 1021 if (kexec_crash_image) {
>> 1022 ret = -ENOENT;
>> 1023 goto unlock;
>> 1024 }
>> 1025 start = crashk_res.start;
>> 1026 end = crashk_res.end;
>> 1027 old_size = (end == 0) ? 0 : end - start + 1;
>> 1028 if (new_size >= old_size) {
>> 1029 ret = (new_size == old_size) ? 0 : -EINVAL;
>> 1030 goto unlock;
>> 1031 }
>> 1032
>> 1033 ram_res = kzalloc(sizeof(*ram_res), GFP_KERNEL);
>> 1034 if (!ram_res) {
>> 1035 ret = -ENOMEM;
>> 1036 goto unlock;
>> 1037 }
>> 1038
>> 1039 start = roundup(start, KEXEC_CRASH_MEM_ALIGN);
>> 1040 end = roundup(start + new_size, KEXEC_CRASH_MEM_ALIGN);
>> 1041
>> 1042 crash_free_reserved_phys_range(end, crashk_res.end);
>> 1043
>> 1044 if ((start == end) && (crashk_res.parent != NULL))
>> 1045 release_resource(&crashk_res);
>> 1046
>> 1047 ram_res->start = end;
>> 1048 ram_res->end = crashk_res.end;
>> 1049 ram_res->flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM;
>> 1050 ram_res->name = "System RAM";
>> 1051
>> 1052 crashk_res.end = end - 1;
>> 1053
>> 1054 insert_resource(&iomem_resource, ram_res);
>> 1055
>> 1056 unlock:
>> 1057 mutex_unlock(&kexec_mutex);
>> 1058 return ret;
957 } 1059 }
958 late_initcall(kexec_core_sysctl_init); <<
959 #endif <<
960 1060
961 bool kexec_load_permitted(int kexec_image_type !! 1061 void crash_save_cpu(struct pt_regs *regs, int cpu)
>> 1062 {
>> 1063 struct elf_prstatus prstatus;
>> 1064 u32 *buf;
>> 1065
>> 1066 if ((cpu < 0) || (cpu >= nr_cpu_ids))
>> 1067 return;
>> 1068
>> 1069 /* Using ELF notes here is opportunistic.
>> 1070 * I need a well defined structure format
>> 1071 * for the data I pass, and I need tags
>> 1072 * on the data to indicate what information I have
>> 1073 * squirrelled away. ELF notes happen to provide
>> 1074 * all of that, so there is no need to invent something new.
>> 1075 */
>> 1076 buf = (u32 *)per_cpu_ptr(crash_notes, cpu);
>> 1077 if (!buf)
>> 1078 return;
>> 1079 memset(&prstatus, 0, sizeof(prstatus));
>> 1080 prstatus.pr_pid = current->pid;
>> 1081 elf_core_copy_kernel_regs(&prstatus.pr_reg, regs);
>> 1082 buf = append_elf_note(buf, KEXEC_CORE_NOTE_NAME, NT_PRSTATUS,
>> 1083 &prstatus, sizeof(prstatus));
>> 1084 final_note(buf);
>> 1085 }
>> 1086
>> 1087 static int __init crash_notes_memory_init(void)
962 { 1088 {
963 struct kexec_load_limit *limit; !! 1089 /* Allocate memory for saving cpu registers. */
>> 1090 size_t size, align;
964 1091
965 /* 1092 /*
966 * Only the superuser can use the kexe !! 1093 * crash_notes could be allocated across 2 vmalloc pages when percpu
967 * been disabled. !! 1094 * is vmalloc based . vmalloc doesn't guarantee 2 continuous vmalloc
>> 1095 * pages are also on 2 continuous physical pages. In this case the
>> 1096 * 2nd part of crash_notes in 2nd page could be lost since only the
>> 1097 * starting address and size of crash_notes are exported through sysfs.
>> 1098 * Here round up the size of crash_notes to the nearest power of two
>> 1099 * and pass it to __alloc_percpu as align value. This can make sure
>> 1100 * crash_notes is allocated inside one physical page.
968 */ 1101 */
969 if (!capable(CAP_SYS_BOOT) || kexec_lo !! 1102 size = sizeof(note_buf_t);
970 return false; !! 1103 align = min(roundup_pow_of_two(sizeof(note_buf_t)), PAGE_SIZE);
971 1104
972 /* Check limit counter and decrease it !! 1105 /*
973 limit = (kexec_image_type == KEXEC_TYP !! 1106 * Break compile if size is bigger than PAGE_SIZE since crash_notes
974 &load_limit_panic : &load_limi !! 1107 * definitely will be in 2 pages with that.
975 mutex_lock(&limit->mutex); !! 1108 */
976 if (!limit->limit) { !! 1109 BUILD_BUG_ON(size > PAGE_SIZE);
977 mutex_unlock(&limit->mutex); <<
978 return false; <<
979 } <<
980 if (limit->limit != -1) <<
981 limit->limit--; <<
982 mutex_unlock(&limit->mutex); <<
983 1110
984 return true; !! 1111 crash_notes = __alloc_percpu(size, align);
>> 1112 if (!crash_notes) {
>> 1113 pr_warn("Memory allocation for saving cpu register states failed\n");
>> 1114 return -ENOMEM;
>> 1115 }
>> 1116 return 0;
985 } 1117 }
>> 1118 subsys_initcall(crash_notes_memory_init);
>> 1119
986 1120
987 /* 1121 /*
988 * Move into place and start executing a prelo 1122 * Move into place and start executing a preloaded standalone
989 * executable. If nothing was preloaded retur 1123 * executable. If nothing was preloaded return an error.
990 */ 1124 */
991 int kernel_kexec(void) 1125 int kernel_kexec(void)
992 { 1126 {
993 int error = 0; 1127 int error = 0;
994 1128
995 if (!kexec_trylock()) !! 1129 if (!mutex_trylock(&kexec_mutex))
996 return -EBUSY; 1130 return -EBUSY;
997 if (!kexec_image) { 1131 if (!kexec_image) {
998 error = -EINVAL; 1132 error = -EINVAL;
999 goto Unlock; 1133 goto Unlock;
1000 } 1134 }
1001 1135
1002 #ifdef CONFIG_KEXEC_JUMP 1136 #ifdef CONFIG_KEXEC_JUMP
1003 if (kexec_image->preserve_context) { 1137 if (kexec_image->preserve_context) {
>> 1138 lock_system_sleep();
1004 pm_prepare_console(); 1139 pm_prepare_console();
1005 error = freeze_processes(); 1140 error = freeze_processes();
1006 if (error) { 1141 if (error) {
1007 error = -EBUSY; 1142 error = -EBUSY;
1008 goto Restore_console; 1143 goto Restore_console;
1009 } 1144 }
1010 suspend_console(); 1145 suspend_console();
1011 error = dpm_suspend_start(PMS 1146 error = dpm_suspend_start(PMSG_FREEZE);
1012 if (error) 1147 if (error)
1013 goto Resume_console; 1148 goto Resume_console;
1014 /* At this point, dpm_suspend 1149 /* At this point, dpm_suspend_start() has been called,
1015 * but *not* dpm_suspend_end( 1150 * but *not* dpm_suspend_end(). We *must* call
1016 * dpm_suspend_end() now. Ot 1151 * dpm_suspend_end() now. Otherwise, drivers for
1017 * some devices (e.g. interru 1152 * some devices (e.g. interrupt controllers) become
1018 * desynchronized with the ac 1153 * desynchronized with the actual state of the
1019 * hardware at resume time, a 1154 * hardware at resume time, and evil weirdness ensues.
1020 */ 1155 */
1021 error = dpm_suspend_end(PMSG_ 1156 error = dpm_suspend_end(PMSG_FREEZE);
1022 if (error) 1157 if (error)
1023 goto Resume_devices; 1158 goto Resume_devices;
1024 error = suspend_disable_secon 1159 error = suspend_disable_secondary_cpus();
1025 if (error) 1160 if (error)
1026 goto Enable_cpus; 1161 goto Enable_cpus;
1027 local_irq_disable(); 1162 local_irq_disable();
1028 error = syscore_suspend(); 1163 error = syscore_suspend();
1029 if (error) 1164 if (error)
1030 goto Enable_irqs; 1165 goto Enable_irqs;
1031 } else 1166 } else
1032 #endif 1167 #endif
1033 { 1168 {
1034 kexec_in_progress = true; 1169 kexec_in_progress = true;
1035 kernel_restart_prepare("kexec !! 1170 kernel_restart_prepare(NULL);
1036 migrate_to_reboot_cpu(); 1171 migrate_to_reboot_cpu();
1037 syscore_shutdown(); <<
1038 1172
1039 /* 1173 /*
1040 * migrate_to_reboot_cpu() di 1174 * migrate_to_reboot_cpu() disables CPU hotplug assuming that
1041 * no further code needs to u 1175 * no further code needs to use CPU hotplug (which is true in
1042 * the reboot case). However, 1176 * the reboot case). However, the kexec path depends on using
1043 * CPU hotplug again; so re-e 1177 * CPU hotplug again; so re-enable it here.
1044 */ 1178 */
1045 cpu_hotplug_enable(); 1179 cpu_hotplug_enable();
1046 pr_notice("Starting new kerne 1180 pr_notice("Starting new kernel\n");
1047 machine_shutdown(); 1181 machine_shutdown();
1048 } 1182 }
1049 1183
1050 kmsg_dump(KMSG_DUMP_SHUTDOWN); <<
1051 machine_kexec(kexec_image); 1184 machine_kexec(kexec_image);
1052 1185
1053 #ifdef CONFIG_KEXEC_JUMP 1186 #ifdef CONFIG_KEXEC_JUMP
1054 if (kexec_image->preserve_context) { 1187 if (kexec_image->preserve_context) {
1055 syscore_resume(); 1188 syscore_resume();
1056 Enable_irqs: 1189 Enable_irqs:
1057 local_irq_enable(); 1190 local_irq_enable();
1058 Enable_cpus: 1191 Enable_cpus:
1059 suspend_enable_secondary_cpus 1192 suspend_enable_secondary_cpus();
1060 dpm_resume_start(PMSG_RESTORE 1193 dpm_resume_start(PMSG_RESTORE);
1061 Resume_devices: 1194 Resume_devices:
1062 dpm_resume_end(PMSG_RESTORE); 1195 dpm_resume_end(PMSG_RESTORE);
1063 Resume_console: 1196 Resume_console:
1064 resume_console(); 1197 resume_console();
1065 thaw_processes(); 1198 thaw_processes();
1066 Restore_console: 1199 Restore_console:
1067 pm_restore_console(); 1200 pm_restore_console();
>> 1201 unlock_system_sleep();
1068 } 1202 }
1069 #endif 1203 #endif
1070 1204
1071 Unlock: 1205 Unlock:
1072 kexec_unlock(); !! 1206 mutex_unlock(&kexec_mutex);
1073 return error; 1207 return error;
1074 } 1208 }
>> 1209
>> 1210 /*
>> 1211 * Protection mechanism for crashkernel reserved memory after
>> 1212 * the kdump kernel is loaded.
>> 1213 *
>> 1214 * Provide an empty default implementation here -- architecture
>> 1215 * code may override this
>> 1216 */
>> 1217 void __weak arch_kexec_protect_crashkres(void)
>> 1218 {}
>> 1219
>> 1220 void __weak arch_kexec_unprotect_crashkres(void)
>> 1221 {}
1075 1222
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.