2 * kexec.c - kexec system call
3 * Copyright (C) 2002-2004 Eric Biederman <ebiederm@xmission.com>
5 * This source code is licensed under the GNU General Public License,
6 * Version 2. See the file COPYING for more details.
9 #include <linux/capability.h>
11 #include <linux/file.h>
12 #include <linux/slab.h>
14 #include <linux/kexec.h>
15 #include <linux/mutex.h>
16 #include <linux/list.h>
17 #include <linux/highmem.h>
18 #include <linux/syscalls.h>
19 #include <linux/reboot.h>
20 #include <linux/ioport.h>
21 #include <linux/hardirq.h>
22 #include <linux/elf.h>
23 #include <linux/elfcore.h>
24 #include <generated/utsrelease.h>
25 #include <linux/utsname.h>
26 #include <linux/numa.h>
27 #include <linux/suspend.h>
28 #include <linux/device.h>
29 #include <linux/freezer.h>
31 #include <linux/cpu.h>
32 #include <linux/console.h>
33 #include <linux/vmalloc.h>
34 #include <linux/swap.h>
37 #include <asm/uaccess.h>
39 #include <asm/system.h>
40 #include <asm/sections.h>
42 /* Per cpu memory for storing cpu states in case of system crash. */
43 note_buf_t* crash_notes;
45 /* vmcoreinfo stuff */
46 static unsigned char vmcoreinfo_data[VMCOREINFO_BYTES];
47 u32 vmcoreinfo_note[VMCOREINFO_NOTE_SIZE/4];
48 size_t vmcoreinfo_size;
49 size_t vmcoreinfo_max_size = sizeof(vmcoreinfo_data);
51 /* Location of the reserved area for the crash kernel */
52 struct resource crashk_res = {
53 .name = "Crash kernel",
56 .flags = IORESOURCE_BUSY | IORESOURCE_MEM
59 int kexec_should_crash(struct task_struct *p)
61 if (in_interrupt() || !p->pid || is_global_init(p) || panic_on_oops)
67 * When kexec transitions to the new kernel there is a one-to-one
68 * mapping between physical and virtual addresses. On processors
69 * where you can disable the MMU this is trivial, and easy. For
70 * others it is still a simple predictable page table to setup.
72 * In that environment kexec copies the new kernel to its final
73 * resting place. This means I can only support memory whose
74 * physical address can fit in an unsigned long. In particular
75 * addresses where (pfn << PAGE_SHIFT) > ULONG_MAX cannot be handled.
76 * If the assembly stub has more restrictive requirements
77 * KEXEC_SOURCE_MEMORY_LIMIT and KEXEC_DEST_MEMORY_LIMIT can be
78 * defined more restrictively in <asm/kexec.h>.
80 * The code for the transition from the current kernel to the
81 * the new kernel is placed in the control_code_buffer, whose size
82 * is given by KEXEC_CONTROL_PAGE_SIZE. In the best case only a single
83 * page of memory is necessary, but some architectures require more.
84 * Because this memory must be identity mapped in the transition from
85 * virtual to physical addresses it must live in the range
86 * 0 - TASK_SIZE, as only the user space mappings are arbitrarily
89 * The assembly stub in the control code buffer is passed a linked list
90 * of descriptor pages detailing the source pages of the new kernel,
91 * and the destination addresses of those source pages. As this data
92 * structure is not used in the context of the current OS, it must
95 * The code has been made to work with highmem pages and will use a
96 * destination page in its final resting place (if it happens
97 * to allocate it). The end product of this is that most of the
98 * physical address space, and most of RAM can be used.
100 * Future directions include:
101 * - allocating a page table with the control code buffer identity
102 * mapped, to simplify machine_kexec and make kexec_on_panic more
107 * KIMAGE_NO_DEST is an impossible destination address..., for
108 * allocating pages whose destination address we do not care about.
110 #define KIMAGE_NO_DEST (-1UL)
112 static int kimage_is_destination_range(struct kimage *image,
113 unsigned long start, unsigned long end);
114 static struct page *kimage_alloc_page(struct kimage *image,
118 static int do_kimage_alloc(struct kimage **rimage, unsigned long entry,
119 unsigned long nr_segments,
120 struct kexec_segment __user *segments)
122 size_t segment_bytes;
123 struct kimage *image;
127 /* Allocate a controlling structure */
129 image = kzalloc(sizeof(*image), GFP_KERNEL);
134 image->entry = &image->head;
135 image->last_entry = &image->head;
136 image->control_page = ~0; /* By default this does not apply */
137 image->start = entry;
138 image->type = KEXEC_TYPE_DEFAULT;
140 /* Initialize the list of control pages */
141 INIT_LIST_HEAD(&image->control_pages);
143 /* Initialize the list of destination pages */
144 INIT_LIST_HEAD(&image->dest_pages);
146 /* Initialize the list of unuseable pages */
147 INIT_LIST_HEAD(&image->unuseable_pages);
149 /* Read in the segments */
150 image->nr_segments = nr_segments;
151 segment_bytes = nr_segments * sizeof(*segments);
152 result = copy_from_user(image->segment, segments, segment_bytes);
157 * Verify we have good destination addresses. The caller is
158 * responsible for making certain we don't attempt to load
159 * the new image into invalid or reserved areas of RAM. This
160 * just verifies it is an address we can use.
162 * Since the kernel does everything in page size chunks ensure
163 * the destination addreses are page aligned. Too many
164 * special cases crop of when we don't do this. The most
165 * insidious is getting overlapping destination addresses
166 * simply because addresses are changed to page size
169 result = -EADDRNOTAVAIL;
170 for (i = 0; i < nr_segments; i++) {
171 unsigned long mstart, mend;
173 mstart = image->segment[i].mem;
174 mend = mstart + image->segment[i].memsz;
175 if ((mstart & ~PAGE_MASK) || (mend & ~PAGE_MASK))
177 if (mend >= KEXEC_DESTINATION_MEMORY_LIMIT)
181 /* Verify our destination addresses do not overlap.
182 * If we alloed overlapping destination addresses
183 * through very weird things can happen with no
184 * easy explanation as one segment stops on another.
187 for (i = 0; i < nr_segments; i++) {
188 unsigned long mstart, mend;
191 mstart = image->segment[i].mem;
192 mend = mstart + image->segment[i].memsz;
193 for (j = 0; j < i; j++) {
194 unsigned long pstart, pend;
195 pstart = image->segment[j].mem;
196 pend = pstart + image->segment[j].memsz;
197 /* Do the segments overlap ? */
198 if ((mend > pstart) && (mstart < pend))
203 /* Ensure our buffer sizes are strictly less than
204 * our memory sizes. This should always be the case,
205 * and it is easier to check up front than to be surprised
209 for (i = 0; i < nr_segments; i++) {
210 if (image->segment[i].bufsz > image->segment[i].memsz)
225 static int kimage_normal_alloc(struct kimage **rimage, unsigned long entry,
226 unsigned long nr_segments,
227 struct kexec_segment __user *segments)
230 struct kimage *image;
232 /* Allocate and initialize a controlling structure */
234 result = do_kimage_alloc(&image, entry, nr_segments, segments);
241 * Find a location for the control code buffer, and add it
242 * the vector of segments so that it's pages will also be
243 * counted as destination pages.
246 image->control_code_page = kimage_alloc_control_pages(image,
247 get_order(KEXEC_CONTROL_PAGE_SIZE));
248 if (!image->control_code_page) {
249 printk(KERN_ERR "Could not allocate control_code_buffer\n");
253 image->swap_page = kimage_alloc_control_pages(image, 0);
254 if (!image->swap_page) {
255 printk(KERN_ERR "Could not allocate swap buffer\n");
269 static int kimage_crash_alloc(struct kimage **rimage, unsigned long entry,
270 unsigned long nr_segments,
271 struct kexec_segment __user *segments)
274 struct kimage *image;
278 /* Verify we have a valid entry point */
279 if ((entry < crashk_res.start) || (entry > crashk_res.end)) {
280 result = -EADDRNOTAVAIL;
284 /* Allocate and initialize a controlling structure */
285 result = do_kimage_alloc(&image, entry, nr_segments, segments);
289 /* Enable the special crash kernel control page
292 image->control_page = crashk_res.start;
293 image->type = KEXEC_TYPE_CRASH;
296 * Verify we have good destination addresses. Normally
297 * the caller is responsible for making certain we don't
298 * attempt to load the new image into invalid or reserved
299 * areas of RAM. But crash kernels are preloaded into a
300 * reserved area of ram. We must ensure the addresses
301 * are in the reserved area otherwise preloading the
302 * kernel could corrupt things.
304 result = -EADDRNOTAVAIL;
305 for (i = 0; i < nr_segments; i++) {
306 unsigned long mstart, mend;
308 mstart = image->segment[i].mem;
309 mend = mstart + image->segment[i].memsz - 1;
310 /* Ensure we are within the crash kernel limits */
311 if ((mstart < crashk_res.start) || (mend > crashk_res.end))
316 * Find a location for the control code buffer, and add
317 * the vector of segments so that it's pages will also be
318 * counted as destination pages.
321 image->control_code_page = kimage_alloc_control_pages(image,
322 get_order(KEXEC_CONTROL_PAGE_SIZE));
323 if (!image->control_code_page) {
324 printk(KERN_ERR "Could not allocate control_code_buffer\n");
338 static int kimage_is_destination_range(struct kimage *image,
344 for (i = 0; i < image->nr_segments; i++) {
345 unsigned long mstart, mend;
347 mstart = image->segment[i].mem;
348 mend = mstart + image->segment[i].memsz;
349 if ((end > mstart) && (start < mend))
356 static struct page *kimage_alloc_pages(gfp_t gfp_mask, unsigned int order)
360 pages = alloc_pages(gfp_mask, order);
362 unsigned int count, i;
363 pages->mapping = NULL;
364 set_page_private(pages, order);
366 for (i = 0; i < count; i++)
367 SetPageReserved(pages + i);
373 static void kimage_free_pages(struct page *page)
375 unsigned int order, count, i;
377 order = page_private(page);
379 for (i = 0; i < count; i++)
380 ClearPageReserved(page + i);
381 __free_pages(page, order);
384 static void kimage_free_page_list(struct list_head *list)
386 struct list_head *pos, *next;
388 list_for_each_safe(pos, next, list) {
391 page = list_entry(pos, struct page, lru);
392 list_del(&page->lru);
393 kimage_free_pages(page);
397 static struct page *kimage_alloc_normal_control_pages(struct kimage *image,
400 /* Control pages are special, they are the intermediaries
401 * that are needed while we copy the rest of the pages
402 * to their final resting place. As such they must
403 * not conflict with either the destination addresses
404 * or memory the kernel is already using.
406 * The only case where we really need more than one of
407 * these are for architectures where we cannot disable
408 * the MMU and must instead generate an identity mapped
409 * page table for all of the memory.
411 * At worst this runs in O(N) of the image size.
413 struct list_head extra_pages;
418 INIT_LIST_HEAD(&extra_pages);
420 /* Loop while I can allocate a page and the page allocated
421 * is a destination page.
424 unsigned long pfn, epfn, addr, eaddr;
426 pages = kimage_alloc_pages(GFP_KERNEL, order);
429 pfn = page_to_pfn(pages);
431 addr = pfn << PAGE_SHIFT;
432 eaddr = epfn << PAGE_SHIFT;
433 if ((epfn >= (KEXEC_CONTROL_MEMORY_LIMIT >> PAGE_SHIFT)) ||
434 kimage_is_destination_range(image, addr, eaddr)) {
435 list_add(&pages->lru, &extra_pages);
441 /* Remember the allocated page... */
442 list_add(&pages->lru, &image->control_pages);
444 /* Because the page is already in it's destination
445 * location we will never allocate another page at
446 * that address. Therefore kimage_alloc_pages
447 * will not return it (again) and we don't need
448 * to give it an entry in image->segment[].
451 /* Deal with the destination pages I have inadvertently allocated.
453 * Ideally I would convert multi-page allocations into single
454 * page allocations, and add everyting to image->dest_pages.
456 * For now it is simpler to just free the pages.
458 kimage_free_page_list(&extra_pages);
463 static struct page *kimage_alloc_crash_control_pages(struct kimage *image,
466 /* Control pages are special, they are the intermediaries
467 * that are needed while we copy the rest of the pages
468 * to their final resting place. As such they must
469 * not conflict with either the destination addresses
470 * or memory the kernel is already using.
472 * Control pages are also the only pags we must allocate
473 * when loading a crash kernel. All of the other pages
474 * are specified by the segments and we just memcpy
475 * into them directly.
477 * The only case where we really need more than one of
478 * these are for architectures where we cannot disable
479 * the MMU and must instead generate an identity mapped
480 * page table for all of the memory.
482 * Given the low demand this implements a very simple
483 * allocator that finds the first hole of the appropriate
484 * size in the reserved memory region, and allocates all
485 * of the memory up to and including the hole.
487 unsigned long hole_start, hole_end, size;
491 size = (1 << order) << PAGE_SHIFT;
492 hole_start = (image->control_page + (size - 1)) & ~(size - 1);
493 hole_end = hole_start + size - 1;
494 while (hole_end <= crashk_res.end) {
497 if (hole_end > KEXEC_CONTROL_MEMORY_LIMIT)
499 if (hole_end > crashk_res.end)
501 /* See if I overlap any of the segments */
502 for (i = 0; i < image->nr_segments; i++) {
503 unsigned long mstart, mend;
505 mstart = image->segment[i].mem;
506 mend = mstart + image->segment[i].memsz - 1;
507 if ((hole_end >= mstart) && (hole_start <= mend)) {
508 /* Advance the hole to the end of the segment */
509 hole_start = (mend + (size - 1)) & ~(size - 1);
510 hole_end = hole_start + size - 1;
514 /* If I don't overlap any segments I have found my hole! */
515 if (i == image->nr_segments) {
516 pages = pfn_to_page(hole_start >> PAGE_SHIFT);
521 image->control_page = hole_end;
527 struct page *kimage_alloc_control_pages(struct kimage *image,
530 struct page *pages = NULL;
532 switch (image->type) {
533 case KEXEC_TYPE_DEFAULT:
534 pages = kimage_alloc_normal_control_pages(image, order);
536 case KEXEC_TYPE_CRASH:
537 pages = kimage_alloc_crash_control_pages(image, order);
544 static int kimage_add_entry(struct kimage *image, kimage_entry_t entry)
546 if (*image->entry != 0)
549 if (image->entry == image->last_entry) {
550 kimage_entry_t *ind_page;
553 page = kimage_alloc_page(image, GFP_KERNEL, KIMAGE_NO_DEST);
557 ind_page = page_address(page);
558 *image->entry = virt_to_phys(ind_page) | IND_INDIRECTION;
559 image->entry = ind_page;
560 image->last_entry = ind_page +
561 ((PAGE_SIZE/sizeof(kimage_entry_t)) - 1);
563 *image->entry = entry;
570 static int kimage_set_destination(struct kimage *image,
571 unsigned long destination)
575 destination &= PAGE_MASK;
576 result = kimage_add_entry(image, destination | IND_DESTINATION);
578 image->destination = destination;
584 static int kimage_add_page(struct kimage *image, unsigned long page)
589 result = kimage_add_entry(image, page | IND_SOURCE);
591 image->destination += PAGE_SIZE;
597 static void kimage_free_extra_pages(struct kimage *image)
599 /* Walk through and free any extra destination pages I may have */
600 kimage_free_page_list(&image->dest_pages);
602 /* Walk through and free any unuseable pages I have cached */
603 kimage_free_page_list(&image->unuseable_pages);
606 static void kimage_terminate(struct kimage *image)
608 if (*image->entry != 0)
611 *image->entry = IND_DONE;
614 #define for_each_kimage_entry(image, ptr, entry) \
615 for (ptr = &image->head; (entry = *ptr) && !(entry & IND_DONE); \
616 ptr = (entry & IND_INDIRECTION)? \
617 phys_to_virt((entry & PAGE_MASK)): ptr +1)
619 static void kimage_free_entry(kimage_entry_t entry)
623 page = pfn_to_page(entry >> PAGE_SHIFT);
624 kimage_free_pages(page);
627 static void kimage_free(struct kimage *image)
629 kimage_entry_t *ptr, entry;
630 kimage_entry_t ind = 0;
635 kimage_free_extra_pages(image);
636 for_each_kimage_entry(image, ptr, entry) {
637 if (entry & IND_INDIRECTION) {
638 /* Free the previous indirection page */
639 if (ind & IND_INDIRECTION)
640 kimage_free_entry(ind);
641 /* Save this indirection page until we are
646 else if (entry & IND_SOURCE)
647 kimage_free_entry(entry);
649 /* Free the final indirection page */
650 if (ind & IND_INDIRECTION)
651 kimage_free_entry(ind);
653 /* Handle any machine specific cleanup */
654 machine_kexec_cleanup(image);
656 /* Free the kexec control pages... */
657 kimage_free_page_list(&image->control_pages);
661 static kimage_entry_t *kimage_dst_used(struct kimage *image,
664 kimage_entry_t *ptr, entry;
665 unsigned long destination = 0;
667 for_each_kimage_entry(image, ptr, entry) {
668 if (entry & IND_DESTINATION)
669 destination = entry & PAGE_MASK;
670 else if (entry & IND_SOURCE) {
671 if (page == destination)
673 destination += PAGE_SIZE;
680 static struct page *kimage_alloc_page(struct kimage *image,
682 unsigned long destination)
685 * Here we implement safeguards to ensure that a source page
686 * is not copied to its destination page before the data on
687 * the destination page is no longer useful.
689 * To do this we maintain the invariant that a source page is
690 * either its own destination page, or it is not a
691 * destination page at all.
693 * That is slightly stronger than required, but the proof
694 * that no problems will not occur is trivial, and the
695 * implementation is simply to verify.
697 * When allocating all pages normally this algorithm will run
698 * in O(N) time, but in the worst case it will run in O(N^2)
699 * time. If the runtime is a problem the data structures can
706 * Walk through the list of destination pages, and see if I
709 list_for_each_entry(page, &image->dest_pages, lru) {
710 addr = page_to_pfn(page) << PAGE_SHIFT;
711 if (addr == destination) {
712 list_del(&page->lru);
720 /* Allocate a page, if we run out of memory give up */
721 page = kimage_alloc_pages(gfp_mask, 0);
724 /* If the page cannot be used file it away */
725 if (page_to_pfn(page) >
726 (KEXEC_SOURCE_MEMORY_LIMIT >> PAGE_SHIFT)) {
727 list_add(&page->lru, &image->unuseable_pages);
730 addr = page_to_pfn(page) << PAGE_SHIFT;
732 /* If it is the destination page we want use it */
733 if (addr == destination)
736 /* If the page is not a destination page use it */
737 if (!kimage_is_destination_range(image, addr,
742 * I know that the page is someones destination page.
743 * See if there is already a source page for this
744 * destination page. And if so swap the source pages.
746 old = kimage_dst_used(image, addr);
749 unsigned long old_addr;
750 struct page *old_page;
752 old_addr = *old & PAGE_MASK;
753 old_page = pfn_to_page(old_addr >> PAGE_SHIFT);
754 copy_highpage(page, old_page);
755 *old = addr | (*old & ~PAGE_MASK);
757 /* The old page I have found cannot be a
758 * destination page, so return it if it's
759 * gfp_flags honor the ones passed in.
761 if (!(gfp_mask & __GFP_HIGHMEM) &&
762 PageHighMem(old_page)) {
763 kimage_free_pages(old_page);
771 /* Place the page on the destination list I
774 list_add(&page->lru, &image->dest_pages);
781 static int kimage_load_normal_segment(struct kimage *image,
782 struct kexec_segment *segment)
785 unsigned long ubytes, mbytes;
787 unsigned char __user *buf;
791 ubytes = segment->bufsz;
792 mbytes = segment->memsz;
793 maddr = segment->mem;
795 result = kimage_set_destination(image, maddr);
802 size_t uchunk, mchunk;
804 page = kimage_alloc_page(image, GFP_HIGHUSER, maddr);
809 result = kimage_add_page(image, page_to_pfn(page)
815 /* Start with a clear page */
816 memset(ptr, 0, PAGE_SIZE);
817 ptr += maddr & ~PAGE_MASK;
818 mchunk = PAGE_SIZE - (maddr & ~PAGE_MASK);
826 result = copy_from_user(ptr, buf, uchunk);
829 result = (result < 0) ? result : -EIO;
841 static int kimage_load_crash_segment(struct kimage *image,
842 struct kexec_segment *segment)
844 /* For crash dumps kernels we simply copy the data from
845 * user space to it's destination.
846 * We do things a page at a time for the sake of kmap.
849 unsigned long ubytes, mbytes;
851 unsigned char __user *buf;
855 ubytes = segment->bufsz;
856 mbytes = segment->memsz;
857 maddr = segment->mem;
861 size_t uchunk, mchunk;
863 page = pfn_to_page(maddr >> PAGE_SHIFT);
869 ptr += maddr & ~PAGE_MASK;
870 mchunk = PAGE_SIZE - (maddr & ~PAGE_MASK);
875 if (uchunk > ubytes) {
877 /* Zero the trailing part of the page */
878 memset(ptr + uchunk, 0, mchunk - uchunk);
880 result = copy_from_user(ptr, buf, uchunk);
881 kexec_flush_icache_page(page);
884 result = (result < 0) ? result : -EIO;
896 static int kimage_load_segment(struct kimage *image,
897 struct kexec_segment *segment)
899 int result = -ENOMEM;
901 switch (image->type) {
902 case KEXEC_TYPE_DEFAULT:
903 result = kimage_load_normal_segment(image, segment);
905 case KEXEC_TYPE_CRASH:
906 result = kimage_load_crash_segment(image, segment);
914 * Exec Kernel system call: for obvious reasons only root may call it.
916 * This call breaks up into three pieces.
917 * - A generic part which loads the new kernel from the current
918 * address space, and very carefully places the data in the
921 * - A generic part that interacts with the kernel and tells all of
922 * the devices to shut down. Preventing on-going dmas, and placing
923 * the devices in a consistent state so a later kernel can
926 * - A machine specific part that includes the syscall number
927 * and the copies the image to it's final destination. And
928 * jumps into the image at entry.
930 * kexec does not sync, or unmount filesystems so if you need
931 * that to happen you need to do that yourself.
933 struct kimage *kexec_image;
934 struct kimage *kexec_crash_image;
936 static DEFINE_MUTEX(kexec_mutex);
938 SYSCALL_DEFINE4(kexec_load, unsigned long, entry, unsigned long, nr_segments,
939 struct kexec_segment __user *, segments, unsigned long, flags)
941 struct kimage **dest_image, *image;
944 /* We only trust the superuser with rebooting the system. */
945 if (!capable(CAP_SYS_BOOT))
949 * Verify we have a legal set of flags
950 * This leaves us room for future extensions.
952 if ((flags & KEXEC_FLAGS) != (flags & ~KEXEC_ARCH_MASK))
955 /* Verify we are on the appropriate architecture */
956 if (((flags & KEXEC_ARCH_MASK) != KEXEC_ARCH) &&
957 ((flags & KEXEC_ARCH_MASK) != KEXEC_ARCH_DEFAULT))
960 /* Put an artificial cap on the number
961 * of segments passed to kexec_load.
963 if (nr_segments > KEXEC_SEGMENT_MAX)
969 /* Because we write directly to the reserved memory
970 * region when loading crash kernels we need a mutex here to
971 * prevent multiple crash kernels from attempting to load
972 * simultaneously, and to prevent a crash kernel from loading
973 * over the top of a in use crash kernel.
975 * KISS: always take the mutex.
977 if (!mutex_trylock(&kexec_mutex))
980 dest_image = &kexec_image;
981 if (flags & KEXEC_ON_CRASH)
982 dest_image = &kexec_crash_image;
983 if (nr_segments > 0) {
986 /* Loading another kernel to reboot into */
987 if ((flags & KEXEC_ON_CRASH) == 0)
988 result = kimage_normal_alloc(&image, entry,
989 nr_segments, segments);
990 /* Loading another kernel to switch to if this one crashes */
991 else if (flags & KEXEC_ON_CRASH) {
992 /* Free any current crash dump kernel before
995 kimage_free(xchg(&kexec_crash_image, NULL));
996 result = kimage_crash_alloc(&image, entry,
997 nr_segments, segments);
1002 if (flags & KEXEC_PRESERVE_CONTEXT)
1003 image->preserve_context = 1;
1004 result = machine_kexec_prepare(image);
1008 for (i = 0; i < nr_segments; i++) {
1009 result = kimage_load_segment(image, &image->segment[i]);
1013 kimage_terminate(image);
1015 /* Install the new kernel, and Uninstall the old */
1016 image = xchg(dest_image, image);
1019 mutex_unlock(&kexec_mutex);
1025 #ifdef CONFIG_COMPAT
1026 asmlinkage long compat_sys_kexec_load(unsigned long entry,
1027 unsigned long nr_segments,
1028 struct compat_kexec_segment __user *segments,
1029 unsigned long flags)
1031 struct compat_kexec_segment in;
1032 struct kexec_segment out, __user *ksegments;
1033 unsigned long i, result;
1035 /* Don't allow clients that don't understand the native
1036 * architecture to do anything.
1038 if ((flags & KEXEC_ARCH_MASK) == KEXEC_ARCH_DEFAULT)
1041 if (nr_segments > KEXEC_SEGMENT_MAX)
1044 ksegments = compat_alloc_user_space(nr_segments * sizeof(out));
1045 for (i=0; i < nr_segments; i++) {
1046 result = copy_from_user(&in, &segments[i], sizeof(in));
1050 out.buf = compat_ptr(in.buf);
1051 out.bufsz = in.bufsz;
1053 out.memsz = in.memsz;
1055 result = copy_to_user(&ksegments[i], &out, sizeof(out));
1060 return sys_kexec_load(entry, nr_segments, ksegments, flags);
1064 void crash_kexec(struct pt_regs *regs)
1066 /* Take the kexec_mutex here to prevent sys_kexec_load
1067 * running on one cpu from replacing the crash kernel
1068 * we are using after a panic on a different cpu.
1070 * If the crash kernel was not located in a fixed area
1071 * of memory the xchg(&kexec_crash_image) would be
1072 * sufficient. But since I reuse the memory...
1074 if (mutex_trylock(&kexec_mutex)) {
1075 if (kexec_crash_image) {
1076 struct pt_regs fixed_regs;
1077 crash_setup_regs(&fixed_regs, regs);
1078 crash_save_vmcoreinfo();
1079 machine_crash_shutdown(&fixed_regs);
1080 machine_kexec(kexec_crash_image);
1082 mutex_unlock(&kexec_mutex);
1086 size_t crash_get_memory_size(void)
1089 mutex_lock(&kexec_mutex);
1090 size = crashk_res.end - crashk_res.start + 1;
1091 mutex_unlock(&kexec_mutex);
1095 static void free_reserved_phys_range(unsigned long begin, unsigned long end)
1099 for (addr = begin; addr < end; addr += PAGE_SIZE) {
1100 ClearPageReserved(pfn_to_page(addr >> PAGE_SHIFT));
1101 init_page_count(pfn_to_page(addr >> PAGE_SHIFT));
1102 free_page((unsigned long)__va(addr));
1107 int crash_shrink_memory(unsigned long new_size)
1110 unsigned long start, end;
1112 mutex_lock(&kexec_mutex);
1114 if (kexec_crash_image) {
1118 start = crashk_res.start;
1119 end = crashk_res.end;
1121 if (new_size >= end - start + 1) {
1123 if (new_size == end - start + 1)
1128 start = roundup(start, PAGE_SIZE);
1129 end = roundup(start + new_size, PAGE_SIZE);
1131 free_reserved_phys_range(end, crashk_res.end);
1134 crashk_res.end = end;
1135 release_resource(&crashk_res);
1137 crashk_res.end = end - 1;
1140 mutex_unlock(&kexec_mutex);
1144 static u32 *append_elf_note(u32 *buf, char *name, unsigned type, void *data,
1147 struct elf_note note;
1149 note.n_namesz = strlen(name) + 1;
1150 note.n_descsz = data_len;
1152 memcpy(buf, ¬e, sizeof(note));
1153 buf += (sizeof(note) + 3)/4;
1154 memcpy(buf, name, note.n_namesz);
1155 buf += (note.n_namesz + 3)/4;
1156 memcpy(buf, data, note.n_descsz);
1157 buf += (note.n_descsz + 3)/4;
1162 static void final_note(u32 *buf)
1164 struct elf_note note;
1169 memcpy(buf, ¬e, sizeof(note));
1172 void crash_save_cpu(struct pt_regs *regs, int cpu)
1174 struct elf_prstatus prstatus;
1177 if ((cpu < 0) || (cpu >= nr_cpu_ids))
1180 /* Using ELF notes here is opportunistic.
1181 * I need a well defined structure format
1182 * for the data I pass, and I need tags
1183 * on the data to indicate what information I have
1184 * squirrelled away. ELF notes happen to provide
1185 * all of that, so there is no need to invent something new.
1187 buf = (u32*)per_cpu_ptr(crash_notes, cpu);
1190 memset(&prstatus, 0, sizeof(prstatus));
1191 prstatus.pr_pid = current->pid;
1192 elf_core_copy_kernel_regs(&prstatus.pr_reg, regs);
1193 buf = append_elf_note(buf, KEXEC_CORE_NOTE_NAME, NT_PRSTATUS,
1194 &prstatus, sizeof(prstatus));
1198 static int __init crash_notes_memory_init(void)
1200 /* Allocate memory for saving cpu registers. */
1201 crash_notes = alloc_percpu(note_buf_t);
1203 printk("Kexec: Memory allocation for saving cpu register"
1204 " states failed\n");
1209 module_init(crash_notes_memory_init)
1213 * parsing the "crashkernel" commandline
1215 * this code is intended to be called from architecture specific code
1220 * This function parses command lines in the format
1222 * crashkernel=ramsize-range:size[,...][@offset]
1224 * The function returns 0 on success and -EINVAL on failure.
1226 static int __init parse_crashkernel_mem(char *cmdline,
1227 unsigned long long system_ram,
1228 unsigned long long *crash_size,
1229 unsigned long long *crash_base)
1231 char *cur = cmdline, *tmp;
1233 /* for each entry of the comma-separated list */
1235 unsigned long long start, end = ULLONG_MAX, size;
1237 /* get the start of the range */
1238 start = memparse(cur, &tmp);
1240 pr_warning("crashkernel: Memory value expected\n");
1245 pr_warning("crashkernel: '-' expected\n");
1250 /* if no ':' is here, than we read the end */
1252 end = memparse(cur, &tmp);
1254 pr_warning("crashkernel: Memory "
1255 "value expected\n");
1260 pr_warning("crashkernel: end <= start\n");
1266 pr_warning("crashkernel: ':' expected\n");
1271 size = memparse(cur, &tmp);
1273 pr_warning("Memory value expected\n");
1277 if (size >= system_ram) {
1278 pr_warning("crashkernel: invalid size\n");
1283 if (system_ram >= start && system_ram < end) {
1287 } while (*cur++ == ',');
1289 if (*crash_size > 0) {
1290 while (*cur && *cur != ' ' && *cur != '@')
1294 *crash_base = memparse(cur, &tmp);
1296 pr_warning("Memory value expected "
1307 * That function parses "simple" (old) crashkernel command lines like
1309 * crashkernel=size[@offset]
1311 * It returns 0 on success and -EINVAL on failure.
1313 static int __init parse_crashkernel_simple(char *cmdline,
1314 unsigned long long *crash_size,
1315 unsigned long long *crash_base)
1317 char *cur = cmdline;
1319 *crash_size = memparse(cmdline, &cur);
1320 if (cmdline == cur) {
1321 pr_warning("crashkernel: memory value expected\n");
1326 *crash_base = memparse(cur+1, &cur);
1332 * That function is the entry point for command line parsing and should be
1333 * called from the arch-specific code.
1335 int __init parse_crashkernel(char *cmdline,
1336 unsigned long long system_ram,
1337 unsigned long long *crash_size,
1338 unsigned long long *crash_base)
1340 char *p = cmdline, *ck_cmdline = NULL;
1341 char *first_colon, *first_space;
1343 BUG_ON(!crash_size || !crash_base);
1347 /* find crashkernel and use the last one if there are more */
1348 p = strstr(p, "crashkernel=");
1351 p = strstr(p+1, "crashkernel=");
1357 ck_cmdline += 12; /* strlen("crashkernel=") */
1360 * if the commandline contains a ':', then that's the extended
1361 * syntax -- if not, it must be the classic syntax
1363 first_colon = strchr(ck_cmdline, ':');
1364 first_space = strchr(ck_cmdline, ' ');
1365 if (first_colon && (!first_space || first_colon < first_space))
1366 return parse_crashkernel_mem(ck_cmdline, system_ram,
1367 crash_size, crash_base);
1369 return parse_crashkernel_simple(ck_cmdline, crash_size,
1377 void crash_save_vmcoreinfo(void)
1381 if (!vmcoreinfo_size)
1384 vmcoreinfo_append_str("CRASHTIME=%ld", get_seconds());
1386 buf = (u32 *)vmcoreinfo_note;
1388 buf = append_elf_note(buf, VMCOREINFO_NOTE_NAME, 0, vmcoreinfo_data,
1394 void vmcoreinfo_append_str(const char *fmt, ...)
1400 va_start(args, fmt);
1401 r = vsnprintf(buf, sizeof(buf), fmt, args);
1404 if (r + vmcoreinfo_size > vmcoreinfo_max_size)
1405 r = vmcoreinfo_max_size - vmcoreinfo_size;
1407 memcpy(&vmcoreinfo_data[vmcoreinfo_size], buf, r);
1409 vmcoreinfo_size += r;
1413 * provide an empty default implementation here -- architecture
1414 * code may override this
1416 void __attribute__ ((weak)) arch_crash_save_vmcoreinfo(void)
1419 unsigned long __attribute__ ((weak)) paddr_vmcoreinfo_note(void)
1421 return __pa((unsigned long)(char *)&vmcoreinfo_note);
1424 static int __init crash_save_vmcoreinfo_init(void)
1426 VMCOREINFO_OSRELEASE(init_uts_ns.name.release);
1427 VMCOREINFO_PAGESIZE(PAGE_SIZE);
1429 VMCOREINFO_SYMBOL(init_uts_ns);
1430 VMCOREINFO_SYMBOL(node_online_map);
1431 VMCOREINFO_SYMBOL(swapper_pg_dir);
1432 VMCOREINFO_SYMBOL(_stext);
1433 VMCOREINFO_SYMBOL(vmlist);
1435 #ifndef CONFIG_NEED_MULTIPLE_NODES
1436 VMCOREINFO_SYMBOL(mem_map);
1437 VMCOREINFO_SYMBOL(contig_page_data);
1439 #ifdef CONFIG_SPARSEMEM
1440 VMCOREINFO_SYMBOL(mem_section);
1441 VMCOREINFO_LENGTH(mem_section, NR_SECTION_ROOTS);
1442 VMCOREINFO_STRUCT_SIZE(mem_section);
1443 VMCOREINFO_OFFSET(mem_section, section_mem_map);
1445 VMCOREINFO_STRUCT_SIZE(page);
1446 VMCOREINFO_STRUCT_SIZE(pglist_data);
1447 VMCOREINFO_STRUCT_SIZE(zone);
1448 VMCOREINFO_STRUCT_SIZE(free_area);
1449 VMCOREINFO_STRUCT_SIZE(list_head);
1450 VMCOREINFO_SIZE(nodemask_t);
1451 VMCOREINFO_OFFSET(page, flags);
1452 VMCOREINFO_OFFSET(page, _count);
1453 VMCOREINFO_OFFSET(page, mapping);
1454 VMCOREINFO_OFFSET(page, lru);
1455 VMCOREINFO_OFFSET(pglist_data, node_zones);
1456 VMCOREINFO_OFFSET(pglist_data, nr_zones);
1457 #ifdef CONFIG_FLAT_NODE_MEM_MAP
1458 VMCOREINFO_OFFSET(pglist_data, node_mem_map);
1460 VMCOREINFO_OFFSET(pglist_data, node_start_pfn);
1461 VMCOREINFO_OFFSET(pglist_data, node_spanned_pages);
1462 VMCOREINFO_OFFSET(pglist_data, node_id);
1463 VMCOREINFO_OFFSET(zone, free_area);
1464 VMCOREINFO_OFFSET(zone, vm_stat);
1465 VMCOREINFO_OFFSET(zone, spanned_pages);
1466 VMCOREINFO_OFFSET(free_area, free_list);
1467 VMCOREINFO_OFFSET(list_head, next);
1468 VMCOREINFO_OFFSET(list_head, prev);
1469 VMCOREINFO_OFFSET(vm_struct, addr);
1470 VMCOREINFO_LENGTH(zone.free_area, MAX_ORDER);
1471 log_buf_kexec_setup();
1472 VMCOREINFO_LENGTH(free_area.free_list, MIGRATE_TYPES);
1473 VMCOREINFO_NUMBER(NR_FREE_PAGES);
1474 VMCOREINFO_NUMBER(PG_lru);
1475 VMCOREINFO_NUMBER(PG_private);
1476 VMCOREINFO_NUMBER(PG_swapcache);
1478 arch_crash_save_vmcoreinfo();
1483 module_init(crash_save_vmcoreinfo_init)
1486 * Move into place and start executing a preloaded standalone
1487 * executable. If nothing was preloaded return an error.
1489 int kernel_kexec(void)
1493 if (!mutex_trylock(&kexec_mutex))
1500 #ifdef CONFIG_KEXEC_JUMP
1501 if (kexec_image->preserve_context) {
1502 mutex_lock(&pm_mutex);
1503 pm_prepare_console();
1504 error = freeze_processes();
1507 goto Restore_console;
1510 error = dpm_suspend_start(PMSG_FREEZE);
1512 goto Resume_console;
1513 /* At this point, dpm_suspend_start() has been called,
1514 * but *not* dpm_suspend_noirq(). We *must* call
1515 * dpm_suspend_noirq() now. Otherwise, drivers for
1516 * some devices (e.g. interrupt controllers) become
1517 * desynchronized with the actual state of the
1518 * hardware at resume time, and evil weirdness ensues.
1520 error = dpm_suspend_noirq(PMSG_FREEZE);
1522 goto Resume_devices;
1523 error = disable_nonboot_cpus();
1526 local_irq_disable();
1527 /* Suspend system devices */
1528 error = sysdev_suspend(PMSG_FREEZE);
1534 kernel_restart_prepare(NULL);
1535 printk(KERN_EMERG "Starting new kernel\n");
1539 machine_kexec(kexec_image);
1541 #ifdef CONFIG_KEXEC_JUMP
1542 if (kexec_image->preserve_context) {
1547 enable_nonboot_cpus();
1548 dpm_resume_noirq(PMSG_RESTORE);
1550 dpm_resume_end(PMSG_RESTORE);
1555 pm_restore_console();
1556 mutex_unlock(&pm_mutex);
1561 mutex_unlock(&kexec_mutex);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob