2 * kexec.c - kexec system call core code.
3 * Copyright (C) 2002-2004 Eric Biederman <ebiederm@xmission.com>
5 * This source code is licensed under the GNU General Public License,
6 * Version 2. See the file COPYING for more details.
9 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
11 #include <linux/capability.h>
13 #include <linux/file.h>
14 #include <linux/slab.h>
16 #include <linux/kexec.h>
17 #include <linux/mutex.h>
18 #include <linux/list.h>
19 #include <linux/highmem.h>
20 #include <linux/syscalls.h>
21 #include <linux/reboot.h>
22 #include <linux/ioport.h>
23 #include <linux/hardirq.h>
24 #include <linux/elf.h>
25 #include <linux/elfcore.h>
26 #include <linux/utsname.h>
27 #include <linux/numa.h>
28 #include <linux/suspend.h>
29 #include <linux/device.h>
30 #include <linux/freezer.h>
32 #include <linux/cpu.h>
33 #include <linux/uaccess.h>
35 #include <linux/console.h>
36 #include <linux/vmalloc.h>
37 #include <linux/swap.h>
38 #include <linux/syscore_ops.h>
39 #include <linux/compiler.h>
40 #include <linux/hugetlb.h>
41 #include <linux/frame.h>
44 #include <asm/sections.h>
46 #include <crypto/hash.h>
47 #include <crypto/sha.h>
48 #include "kexec_internal.h"
50 DEFINE_MUTEX(kexec_mutex);
52 /* Per cpu memory for storing cpu states in case of system crash. */
53 note_buf_t __percpu *crash_notes;
55 /* Flag to indicate we are going to kexec a new kernel */
56 bool kexec_in_progress = false;
59 /* Location of the reserved area for the crash kernel */
60 struct resource crashk_res = {
61 .name = "Crash kernel",
64 .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM,
65 .desc = IORES_DESC_CRASH_KERNEL
67 struct resource crashk_low_res = {
68 .name = "Crash kernel",
71 .flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM,
72 .desc = IORES_DESC_CRASH_KERNEL
75 int kexec_should_crash(struct task_struct *p)
78 * If crash_kexec_post_notifiers is enabled, don't run
79 * crash_kexec() here yet, which must be run after panic
80 * notifiers in panic().
82 if (crash_kexec_post_notifiers)
85 * There are 4 panic() calls in do_exit() path, each of which
86 * corresponds to each of these 4 conditions.
88 if (in_interrupt() || !p->pid || is_global_init(p) || panic_on_oops)
93 int kexec_crash_loaded(void)
95 return !!kexec_crash_image;
97 EXPORT_SYMBOL_GPL(kexec_crash_loaded);
100 * When kexec transitions to the new kernel there is a one-to-one
101 * mapping between physical and virtual addresses. On processors
102 * where you can disable the MMU this is trivial, and easy. For
103 * others it is still a simple predictable page table to setup.
105 * In that environment kexec copies the new kernel to its final
106 * resting place. This means I can only support memory whose
107 * physical address can fit in an unsigned long. In particular
108 * addresses where (pfn << PAGE_SHIFT) > ULONG_MAX cannot be handled.
109 * If the assembly stub has more restrictive requirements
110 * KEXEC_SOURCE_MEMORY_LIMIT and KEXEC_DEST_MEMORY_LIMIT can be
111 * defined more restrictively in <asm/kexec.h>.
113 * The code for the transition from the current kernel to the
114 * the new kernel is placed in the control_code_buffer, whose size
115 * is given by KEXEC_CONTROL_PAGE_SIZE. In the best case only a single
116 * page of memory is necessary, but some architectures require more.
117 * Because this memory must be identity mapped in the transition from
118 * virtual to physical addresses it must live in the range
119 * 0 - TASK_SIZE, as only the user space mappings are arbitrarily
122 * The assembly stub in the control code buffer is passed a linked list
123 * of descriptor pages detailing the source pages of the new kernel,
124 * and the destination addresses of those source pages. As this data
125 * structure is not used in the context of the current OS, it must
128 * The code has been made to work with highmem pages and will use a
129 * destination page in its final resting place (if it happens
130 * to allocate it). The end product of this is that most of the
131 * physical address space, and most of RAM can be used.
133 * Future directions include:
134 * - allocating a page table with the control code buffer identity
135 * mapped, to simplify machine_kexec and make kexec_on_panic more
140 * KIMAGE_NO_DEST is an impossible destination address..., for
141 * allocating pages whose destination address we do not care about.
143 #define KIMAGE_NO_DEST (-1UL)
144 #define PAGE_COUNT(x) (((x) + PAGE_SIZE - 1) >> PAGE_SHIFT)
146 static struct page *kimage_alloc_page(struct kimage *image,
150 int sanity_check_segment_list(struct kimage *image)
153 unsigned long nr_segments = image->nr_segments;
154 unsigned long total_pages = 0;
155 unsigned long nr_pages = totalram_pages();
158 * Verify we have good destination addresses. The caller is
159 * responsible for making certain we don't attempt to load
160 * the new image into invalid or reserved areas of RAM. This
161 * just verifies it is an address we can use.
163 * Since the kernel does everything in page size chunks ensure
164 * the destination addresses are page aligned. Too many
165 * special cases crop of when we don't do this. The most
166 * insidious is getting overlapping destination addresses
167 * simply because addresses are changed to page size
170 for (i = 0; i < nr_segments; i++) {
171 unsigned long mstart, mend;
173 mstart = image->segment[i].mem;
174 mend = mstart + image->segment[i].memsz;
176 return -EADDRNOTAVAIL;
177 if ((mstart & ~PAGE_MASK) || (mend & ~PAGE_MASK))
178 return -EADDRNOTAVAIL;
179 if (mend >= KEXEC_DESTINATION_MEMORY_LIMIT)
180 return -EADDRNOTAVAIL;
183 /* Verify our destination addresses do not overlap.
184 * If we alloed overlapping destination addresses
185 * through very weird things can happen with no
186 * easy explanation as one segment stops on another.
188 for (i = 0; i < nr_segments; i++) {
189 unsigned long mstart, mend;
192 mstart = image->segment[i].mem;
193 mend = mstart + image->segment[i].memsz;
194 for (j = 0; j < i; j++) {
195 unsigned long pstart, pend;
197 pstart = image->segment[j].mem;
198 pend = pstart + image->segment[j].memsz;
199 /* Do the segments overlap ? */
200 if ((mend > pstart) && (mstart < pend))
205 /* Ensure our buffer sizes are strictly less than
206 * our memory sizes. This should always be the case,
207 * and it is easier to check up front than to be surprised
210 for (i = 0; i < nr_segments; i++) {
211 if (image->segment[i].bufsz > image->segment[i].memsz)
216 * Verify that no more than half of memory will be consumed. If the
217 * request from userspace is too large, a large amount of time will be
218 * wasted allocating pages, which can cause a soft lockup.
220 for (i = 0; i < nr_segments; i++) {
221 if (PAGE_COUNT(image->segment[i].memsz) > nr_pages / 2)
224 total_pages += PAGE_COUNT(image->segment[i].memsz);
227 if (total_pages > nr_pages / 2)
231 * Verify we have good destination addresses. Normally
232 * the caller is responsible for making certain we don't
233 * attempt to load the new image into invalid or reserved
234 * areas of RAM. But crash kernels are preloaded into a
235 * reserved area of ram. We must ensure the addresses
236 * are in the reserved area otherwise preloading the
237 * kernel could corrupt things.
240 if (image->type == KEXEC_TYPE_CRASH) {
241 for (i = 0; i < nr_segments; i++) {
242 unsigned long mstart, mend;
244 mstart = image->segment[i].mem;
245 mend = mstart + image->segment[i].memsz - 1;
246 /* Ensure we are within the crash kernel limits */
247 if ((mstart < phys_to_boot_phys(crashk_res.start)) ||
248 (mend > phys_to_boot_phys(crashk_res.end)))
249 return -EADDRNOTAVAIL;
256 struct kimage *do_kimage_alloc_init(void)
258 struct kimage *image;
260 /* Allocate a controlling structure */
261 image = kzalloc(sizeof(*image), GFP_KERNEL);
266 image->entry = &image->head;
267 image->last_entry = &image->head;
268 image->control_page = ~0; /* By default this does not apply */
269 image->type = KEXEC_TYPE_DEFAULT;
271 /* Initialize the list of control pages */
272 INIT_LIST_HEAD(&image->control_pages);
274 /* Initialize the list of destination pages */
275 INIT_LIST_HEAD(&image->dest_pages);
277 /* Initialize the list of unusable pages */
278 INIT_LIST_HEAD(&image->unusable_pages);
283 int kimage_is_destination_range(struct kimage *image,
289 for (i = 0; i < image->nr_segments; i++) {
290 unsigned long mstart, mend;
292 mstart = image->segment[i].mem;
293 mend = mstart + image->segment[i].memsz;
294 if ((end > mstart) && (start < mend))
301 static struct page *kimage_alloc_pages(gfp_t gfp_mask, unsigned int order)
305 pages = alloc_pages(gfp_mask & ~__GFP_ZERO, order);
307 unsigned int count, i;
309 pages->mapping = NULL;
310 set_page_private(pages, order);
312 for (i = 0; i < count; i++)
313 SetPageReserved(pages + i);
315 arch_kexec_post_alloc_pages(page_address(pages), count,
318 if (gfp_mask & __GFP_ZERO)
319 for (i = 0; i < count; i++)
320 clear_highpage(pages + i);
326 static void kimage_free_pages(struct page *page)
328 unsigned int order, count, i;
330 order = page_private(page);
333 arch_kexec_pre_free_pages(page_address(page), count);
335 for (i = 0; i < count; i++)
336 ClearPageReserved(page + i);
337 __free_pages(page, order);
340 void kimage_free_page_list(struct list_head *list)
342 struct page *page, *next;
344 list_for_each_entry_safe(page, next, list, lru) {
345 list_del(&page->lru);
346 kimage_free_pages(page);
350 static struct page *kimage_alloc_normal_control_pages(struct kimage *image,
353 /* Control pages are special, they are the intermediaries
354 * that are needed while we copy the rest of the pages
355 * to their final resting place. As such they must
356 * not conflict with either the destination addresses
357 * or memory the kernel is already using.
359 * The only case where we really need more than one of
360 * these are for architectures where we cannot disable
361 * the MMU and must instead generate an identity mapped
362 * page table for all of the memory.
364 * At worst this runs in O(N) of the image size.
366 struct list_head extra_pages;
371 INIT_LIST_HEAD(&extra_pages);
373 /* Loop while I can allocate a page and the page allocated
374 * is a destination page.
377 unsigned long pfn, epfn, addr, eaddr;
379 pages = kimage_alloc_pages(KEXEC_CONTROL_MEMORY_GFP, order);
382 pfn = page_to_boot_pfn(pages);
384 addr = pfn << PAGE_SHIFT;
385 eaddr = epfn << PAGE_SHIFT;
386 if ((epfn >= (KEXEC_CONTROL_MEMORY_LIMIT >> PAGE_SHIFT)) ||
387 kimage_is_destination_range(image, addr, eaddr)) {
388 list_add(&pages->lru, &extra_pages);
394 /* Remember the allocated page... */
395 list_add(&pages->lru, &image->control_pages);
397 /* Because the page is already in it's destination
398 * location we will never allocate another page at
399 * that address. Therefore kimage_alloc_pages
400 * will not return it (again) and we don't need
401 * to give it an entry in image->segment[].
404 /* Deal with the destination pages I have inadvertently allocated.
406 * Ideally I would convert multi-page allocations into single
407 * page allocations, and add everything to image->dest_pages.
409 * For now it is simpler to just free the pages.
411 kimage_free_page_list(&extra_pages);
416 static struct page *kimage_alloc_crash_control_pages(struct kimage *image,
419 /* Control pages are special, they are the intermediaries
420 * that are needed while we copy the rest of the pages
421 * to their final resting place. As such they must
422 * not conflict with either the destination addresses
423 * or memory the kernel is already using.
425 * Control pages are also the only pags we must allocate
426 * when loading a crash kernel. All of the other pages
427 * are specified by the segments and we just memcpy
428 * into them directly.
430 * The only case where we really need more than one of
431 * these are for architectures where we cannot disable
432 * the MMU and must instead generate an identity mapped
433 * page table for all of the memory.
435 * Given the low demand this implements a very simple
436 * allocator that finds the first hole of the appropriate
437 * size in the reserved memory region, and allocates all
438 * of the memory up to and including the hole.
440 unsigned long hole_start, hole_end, size;
444 size = (1 << order) << PAGE_SHIFT;
445 hole_start = (image->control_page + (size - 1)) & ~(size - 1);
446 hole_end = hole_start + size - 1;
447 while (hole_end <= crashk_res.end) {
452 if (hole_end > KEXEC_CRASH_CONTROL_MEMORY_LIMIT)
454 /* See if I overlap any of the segments */
455 for (i = 0; i < image->nr_segments; i++) {
456 unsigned long mstart, mend;
458 mstart = image->segment[i].mem;
459 mend = mstart + image->segment[i].memsz - 1;
460 if ((hole_end >= mstart) && (hole_start <= mend)) {
461 /* Advance the hole to the end of the segment */
462 hole_start = (mend + (size - 1)) & ~(size - 1);
463 hole_end = hole_start + size - 1;
467 /* If I don't overlap any segments I have found my hole! */
468 if (i == image->nr_segments) {
469 pages = pfn_to_page(hole_start >> PAGE_SHIFT);
470 image->control_page = hole_end;
475 /* Ensure that these pages are decrypted if SME is enabled. */
477 arch_kexec_post_alloc_pages(page_address(pages), 1 << order, 0);
483 struct page *kimage_alloc_control_pages(struct kimage *image,
486 struct page *pages = NULL;
488 switch (image->type) {
489 case KEXEC_TYPE_DEFAULT:
490 pages = kimage_alloc_normal_control_pages(image, order);
492 case KEXEC_TYPE_CRASH:
493 pages = kimage_alloc_crash_control_pages(image, order);
500 int kimage_crash_copy_vmcoreinfo(struct kimage *image)
502 struct page *vmcoreinfo_page;
505 if (image->type != KEXEC_TYPE_CRASH)
509 * For kdump, allocate one vmcoreinfo safe copy from the
510 * crash memory. as we have arch_kexec_protect_crashkres()
511 * after kexec syscall, we naturally protect it from write
512 * (even read) access under kernel direct mapping. But on
513 * the other hand, we still need to operate it when crash
514 * happens to generate vmcoreinfo note, hereby we rely on
515 * vmap for this purpose.
517 vmcoreinfo_page = kimage_alloc_control_pages(image, 0);
518 if (!vmcoreinfo_page) {
519 pr_warn("Could not allocate vmcoreinfo buffer\n");
522 safecopy = vmap(&vmcoreinfo_page, 1, VM_MAP, PAGE_KERNEL);
524 pr_warn("Could not vmap vmcoreinfo buffer\n");
528 image->vmcoreinfo_data_copy = safecopy;
529 crash_update_vmcoreinfo_safecopy(safecopy);
534 static int kimage_add_entry(struct kimage *image, kimage_entry_t entry)
536 if (*image->entry != 0)
539 if (image->entry == image->last_entry) {
540 kimage_entry_t *ind_page;
543 page = kimage_alloc_page(image, GFP_KERNEL, KIMAGE_NO_DEST);
547 ind_page = page_address(page);
548 *image->entry = virt_to_boot_phys(ind_page) | IND_INDIRECTION;
549 image->entry = ind_page;
550 image->last_entry = ind_page +
551 ((PAGE_SIZE/sizeof(kimage_entry_t)) - 1);
553 *image->entry = entry;
560 static int kimage_set_destination(struct kimage *image,
561 unsigned long destination)
565 destination &= PAGE_MASK;
566 result = kimage_add_entry(image, destination | IND_DESTINATION);
572 static int kimage_add_page(struct kimage *image, unsigned long page)
577 result = kimage_add_entry(image, page | IND_SOURCE);
583 static void kimage_free_extra_pages(struct kimage *image)
585 /* Walk through and free any extra destination pages I may have */
586 kimage_free_page_list(&image->dest_pages);
588 /* Walk through and free any unusable pages I have cached */
589 kimage_free_page_list(&image->unusable_pages);
592 void kimage_terminate(struct kimage *image)
594 if (*image->entry != 0)
597 *image->entry = IND_DONE;
600 #define for_each_kimage_entry(image, ptr, entry) \
601 for (ptr = &image->head; (entry = *ptr) && !(entry & IND_DONE); \
602 ptr = (entry & IND_INDIRECTION) ? \
603 boot_phys_to_virt((entry & PAGE_MASK)) : ptr + 1)
605 static void kimage_free_entry(kimage_entry_t entry)
609 page = boot_pfn_to_page(entry >> PAGE_SHIFT);
610 kimage_free_pages(page);
613 void kimage_free(struct kimage *image)
615 kimage_entry_t *ptr, entry;
616 kimage_entry_t ind = 0;
621 if (image->vmcoreinfo_data_copy) {
622 crash_update_vmcoreinfo_safecopy(NULL);
623 vunmap(image->vmcoreinfo_data_copy);
626 kimage_free_extra_pages(image);
627 for_each_kimage_entry(image, ptr, entry) {
628 if (entry & IND_INDIRECTION) {
629 /* Free the previous indirection page */
630 if (ind & IND_INDIRECTION)
631 kimage_free_entry(ind);
632 /* Save this indirection page until we are
636 } else if (entry & IND_SOURCE)
637 kimage_free_entry(entry);
639 /* Free the final indirection page */
640 if (ind & IND_INDIRECTION)
641 kimage_free_entry(ind);
643 /* Handle any machine specific cleanup */
644 machine_kexec_cleanup(image);
646 /* Free the kexec control pages... */
647 kimage_free_page_list(&image->control_pages);
650 * Free up any temporary buffers allocated. This might hit if
651 * error occurred much later after buffer allocation.
653 if (image->file_mode)
654 kimage_file_post_load_cleanup(image);
659 static kimage_entry_t *kimage_dst_used(struct kimage *image,
662 kimage_entry_t *ptr, entry;
663 unsigned long destination = 0;
665 for_each_kimage_entry(image, ptr, entry) {
666 if (entry & IND_DESTINATION)
667 destination = entry & PAGE_MASK;
668 else if (entry & IND_SOURCE) {
669 if (page == destination)
671 destination += PAGE_SIZE;
678 static struct page *kimage_alloc_page(struct kimage *image,
680 unsigned long destination)
683 * Here we implement safeguards to ensure that a source page
684 * is not copied to its destination page before the data on
685 * the destination page is no longer useful.
687 * To do this we maintain the invariant that a source page is
688 * either its own destination page, or it is not a
689 * destination page at all.
691 * That is slightly stronger than required, but the proof
692 * that no problems will not occur is trivial, and the
693 * implementation is simply to verify.
695 * When allocating all pages normally this algorithm will run
696 * in O(N) time, but in the worst case it will run in O(N^2)
697 * time. If the runtime is a problem the data structures can
704 * Walk through the list of destination pages, and see if I
707 list_for_each_entry(page, &image->dest_pages, lru) {
708 addr = page_to_boot_pfn(page) << PAGE_SHIFT;
709 if (addr == destination) {
710 list_del(&page->lru);
718 /* Allocate a page, if we run out of memory give up */
719 page = kimage_alloc_pages(gfp_mask, 0);
722 /* If the page cannot be used file it away */
723 if (page_to_boot_pfn(page) >
724 (KEXEC_SOURCE_MEMORY_LIMIT >> PAGE_SHIFT)) {
725 list_add(&page->lru, &image->unusable_pages);
728 addr = page_to_boot_pfn(page) << PAGE_SHIFT;
730 /* If it is the destination page we want use it */
731 if (addr == destination)
734 /* If the page is not a destination page use it */
735 if (!kimage_is_destination_range(image, addr,
740 * I know that the page is someones destination page.
741 * See if there is already a source page for this
742 * destination page. And if so swap the source pages.
744 old = kimage_dst_used(image, addr);
747 unsigned long old_addr;
748 struct page *old_page;
750 old_addr = *old & PAGE_MASK;
751 old_page = boot_pfn_to_page(old_addr >> PAGE_SHIFT);
752 copy_highpage(page, old_page);
753 *old = addr | (*old & ~PAGE_MASK);
755 /* The old page I have found cannot be a
756 * destination page, so return it if it's
757 * gfp_flags honor the ones passed in.
759 if (!(gfp_mask & __GFP_HIGHMEM) &&
760 PageHighMem(old_page)) {
761 kimage_free_pages(old_page);
768 /* Place the page on the destination list, to be used later */
769 list_add(&page->lru, &image->dest_pages);
775 static int kimage_load_normal_segment(struct kimage *image,
776 struct kexec_segment *segment)
779 size_t ubytes, mbytes;
781 unsigned char __user *buf = NULL;
782 unsigned char *kbuf = NULL;
785 if (image->file_mode)
786 kbuf = segment->kbuf;
789 ubytes = segment->bufsz;
790 mbytes = segment->memsz;
791 maddr = segment->mem;
793 result = kimage_set_destination(image, maddr);
800 size_t uchunk, mchunk;
802 page = kimage_alloc_page(image, GFP_HIGHUSER, maddr);
807 result = kimage_add_page(image, page_to_boot_pfn(page)
813 /* Start with a clear page */
815 ptr += maddr & ~PAGE_MASK;
816 mchunk = min_t(size_t, mbytes,
817 PAGE_SIZE - (maddr & ~PAGE_MASK));
818 uchunk = min(ubytes, mchunk);
820 /* For file based kexec, source pages are in kernel memory */
821 if (image->file_mode)
822 memcpy(ptr, kbuf, uchunk);
824 result = copy_from_user(ptr, buf, uchunk);
832 if (image->file_mode)
844 static int kimage_load_crash_segment(struct kimage *image,
845 struct kexec_segment *segment)
847 /* For crash dumps kernels we simply copy the data from
848 * user space to it's destination.
849 * We do things a page at a time for the sake of kmap.
852 size_t ubytes, mbytes;
854 unsigned char __user *buf = NULL;
855 unsigned char *kbuf = NULL;
858 if (image->file_mode)
859 kbuf = segment->kbuf;
862 ubytes = segment->bufsz;
863 mbytes = segment->memsz;
864 maddr = segment->mem;
868 size_t uchunk, mchunk;
870 page = boot_pfn_to_page(maddr >> PAGE_SHIFT);
875 arch_kexec_post_alloc_pages(page_address(page), 1, 0);
877 ptr += maddr & ~PAGE_MASK;
878 mchunk = min_t(size_t, mbytes,
879 PAGE_SIZE - (maddr & ~PAGE_MASK));
880 uchunk = min(ubytes, mchunk);
881 if (mchunk > uchunk) {
882 /* Zero the trailing part of the page */
883 memset(ptr + uchunk, 0, mchunk - uchunk);
886 /* For file based kexec, source pages are in kernel memory */
887 if (image->file_mode)
888 memcpy(ptr, kbuf, uchunk);
890 result = copy_from_user(ptr, buf, uchunk);
891 kexec_flush_icache_page(page);
893 arch_kexec_pre_free_pages(page_address(page), 1);
900 if (image->file_mode)
912 int kimage_load_segment(struct kimage *image,
913 struct kexec_segment *segment)
915 int result = -ENOMEM;
917 switch (image->type) {
918 case KEXEC_TYPE_DEFAULT:
919 result = kimage_load_normal_segment(image, segment);
921 case KEXEC_TYPE_CRASH:
922 result = kimage_load_crash_segment(image, segment);
929 struct kimage *kexec_image;
930 struct kimage *kexec_crash_image;
931 int kexec_load_disabled;
934 * No panic_cpu check version of crash_kexec(). This function is called
935 * only when panic_cpu holds the current CPU number; this is the only CPU
936 * which processes crash_kexec routines.
938 void __noclone __crash_kexec(struct pt_regs *regs)
940 /* Take the kexec_mutex here to prevent sys_kexec_load
941 * running on one cpu from replacing the crash kernel
942 * we are using after a panic on a different cpu.
944 * If the crash kernel was not located in a fixed area
945 * of memory the xchg(&kexec_crash_image) would be
946 * sufficient. But since I reuse the memory...
948 if (mutex_trylock(&kexec_mutex)) {
949 if (kexec_crash_image) {
950 struct pt_regs fixed_regs;
952 crash_setup_regs(&fixed_regs, regs);
953 crash_save_vmcoreinfo();
954 machine_crash_shutdown(&fixed_regs);
955 machine_kexec(kexec_crash_image);
957 mutex_unlock(&kexec_mutex);
960 STACK_FRAME_NON_STANDARD(__crash_kexec);
962 void crash_kexec(struct pt_regs *regs)
964 int old_cpu, this_cpu;
967 * Only one CPU is allowed to execute the crash_kexec() code as with
968 * panic(). Otherwise parallel calls of panic() and crash_kexec()
969 * may stop each other. To exclude them, we use panic_cpu here too.
971 this_cpu = raw_smp_processor_id();
972 old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);
973 if (old_cpu == PANIC_CPU_INVALID) {
974 /* This is the 1st CPU which comes here, so go ahead. */
975 printk_safe_flush_on_panic();
979 * Reset panic_cpu to allow another panic()/crash_kexec()
982 atomic_set(&panic_cpu, PANIC_CPU_INVALID);
986 size_t crash_get_memory_size(void)
990 mutex_lock(&kexec_mutex);
991 if (crashk_res.end != crashk_res.start)
992 size = resource_size(&crashk_res);
993 mutex_unlock(&kexec_mutex);
997 void __weak crash_free_reserved_phys_range(unsigned long begin,
1002 for (addr = begin; addr < end; addr += PAGE_SIZE)
1003 free_reserved_page(boot_pfn_to_page(addr >> PAGE_SHIFT));
1006 int crash_shrink_memory(unsigned long new_size)
1009 unsigned long start, end;
1010 unsigned long old_size;
1011 struct resource *ram_res;
1013 mutex_lock(&kexec_mutex);
1015 if (kexec_crash_image) {
1019 start = crashk_res.start;
1020 end = crashk_res.end;
1021 old_size = (end == 0) ? 0 : end - start + 1;
1022 if (new_size >= old_size) {
1023 ret = (new_size == old_size) ? 0 : -EINVAL;
1027 ram_res = kzalloc(sizeof(*ram_res), GFP_KERNEL);
1033 start = roundup(start, KEXEC_CRASH_MEM_ALIGN);
1034 end = roundup(start + new_size, KEXEC_CRASH_MEM_ALIGN);
1036 crash_free_reserved_phys_range(end, crashk_res.end);
1038 if ((start == end) && (crashk_res.parent != NULL))
1039 release_resource(&crashk_res);
1041 ram_res->start = end;
1042 ram_res->end = crashk_res.end;
1043 ram_res->flags = IORESOURCE_BUSY | IORESOURCE_SYSTEM_RAM;
1044 ram_res->name = "System RAM";
1046 crashk_res.end = end - 1;
1048 insert_resource(&iomem_resource, ram_res);
1051 mutex_unlock(&kexec_mutex);
1055 void crash_save_cpu(struct pt_regs *regs, int cpu)
1057 struct elf_prstatus prstatus;
1060 if ((cpu < 0) || (cpu >= nr_cpu_ids))
1063 /* Using ELF notes here is opportunistic.
1064 * I need a well defined structure format
1065 * for the data I pass, and I need tags
1066 * on the data to indicate what information I have
1067 * squirrelled away. ELF notes happen to provide
1068 * all of that, so there is no need to invent something new.
1070 buf = (u32 *)per_cpu_ptr(crash_notes, cpu);
1073 memset(&prstatus, 0, sizeof(prstatus));
1074 prstatus.pr_pid = current->pid;
1075 elf_core_copy_kernel_regs(&prstatus.pr_reg, regs);
1076 buf = append_elf_note(buf, KEXEC_CORE_NOTE_NAME, NT_PRSTATUS,
1077 &prstatus, sizeof(prstatus));
1081 static int __init crash_notes_memory_init(void)
1083 /* Allocate memory for saving cpu registers. */
1087 * crash_notes could be allocated across 2 vmalloc pages when percpu
1088 * is vmalloc based . vmalloc doesn't guarantee 2 continuous vmalloc
1089 * pages are also on 2 continuous physical pages. In this case the
1090 * 2nd part of crash_notes in 2nd page could be lost since only the
1091 * starting address and size of crash_notes are exported through sysfs.
1092 * Here round up the size of crash_notes to the nearest power of two
1093 * and pass it to __alloc_percpu as align value. This can make sure
1094 * crash_notes is allocated inside one physical page.
1096 size = sizeof(note_buf_t);
1097 align = min(roundup_pow_of_two(sizeof(note_buf_t)), PAGE_SIZE);
1100 * Break compile if size is bigger than PAGE_SIZE since crash_notes
1101 * definitely will be in 2 pages with that.
1103 BUILD_BUG_ON(size > PAGE_SIZE);
1105 crash_notes = __alloc_percpu(size, align);
1107 pr_warn("Memory allocation for saving cpu register states failed\n");
1112 subsys_initcall(crash_notes_memory_init);
1116 * Move into place and start executing a preloaded standalone
1117 * executable. If nothing was preloaded return an error.
1119 int kernel_kexec(void)
1123 if (!mutex_trylock(&kexec_mutex))
1130 #ifdef CONFIG_KEXEC_JUMP
1131 if (kexec_image->preserve_context) {
1132 lock_system_sleep();
1133 pm_prepare_console();
1134 error = freeze_processes();
1137 goto Restore_console;
1140 error = dpm_suspend_start(PMSG_FREEZE);
1142 goto Resume_console;
1143 /* At this point, dpm_suspend_start() has been called,
1144 * but *not* dpm_suspend_end(). We *must* call
1145 * dpm_suspend_end() now. Otherwise, drivers for
1146 * some devices (e.g. interrupt controllers) become
1147 * desynchronized with the actual state of the
1148 * hardware at resume time, and evil weirdness ensues.
1150 error = dpm_suspend_end(PMSG_FREEZE);
1152 goto Resume_devices;
1153 error = suspend_disable_secondary_cpus();
1156 local_irq_disable();
1157 error = syscore_suspend();
1163 kexec_in_progress = true;
1164 kernel_restart_prepare(NULL);
1165 migrate_to_reboot_cpu();
1168 * migrate_to_reboot_cpu() disables CPU hotplug assuming that
1169 * no further code needs to use CPU hotplug (which is true in
1170 * the reboot case). However, the kexec path depends on using
1171 * CPU hotplug again; so re-enable it here.
1173 cpu_hotplug_enable();
1174 pr_emerg("Starting new kernel\n");
1178 machine_kexec(kexec_image);
1180 #ifdef CONFIG_KEXEC_JUMP
1181 if (kexec_image->preserve_context) {
1186 suspend_enable_secondary_cpus();
1187 dpm_resume_start(PMSG_RESTORE);
1189 dpm_resume_end(PMSG_RESTORE);
1194 pm_restore_console();
1195 unlock_system_sleep();
1200 mutex_unlock(&kexec_mutex);
1205 * Protection mechanism for crashkernel reserved memory after
1206 * the kdump kernel is loaded.
1208 * Provide an empty default implementation here -- architecture
1209 * code may override this
1211 void __weak arch_kexec_protect_crashkres(void)
1214 void __weak arch_kexec_unprotect_crashkres(void)
git.samba.org / sfrench / cifs-2.6.git / blob