1 /* SPDX-License-Identifier: GPL-2.0 */
2 #ifndef LINUX_KEXEC_H
3 #define LINUX_KEXEC_H
4 
5 #define IND_DESTINATION_BIT 0
6 #define IND_INDIRECTION_BIT 1
7 #define IND_DONE_BIT        2
8 #define IND_SOURCE_BIT      3
9 
10 #define IND_DESTINATION  (1 << IND_DESTINATION_BIT)
11 #define IND_INDIRECTION  (1 << IND_INDIRECTION_BIT)
12 #define IND_DONE         (1 << IND_DONE_BIT)
13 #define IND_SOURCE       (1 << IND_SOURCE_BIT)
14 #define IND_FLAGS (IND_DESTINATION | IND_INDIRECTION | IND_DONE | IND_SOURCE)
15 
16 #if !defined(__ASSEMBLY__)
17 
18 #include <linux/vmcore_info.h>
19 #include <linux/crash_reserve.h>
20 #include <asm/io.h>
21 #include <linux/range.h>
22 
23 #include <uapi/linux/kexec.h>
24 #include <linux/verification.h>
25 
26 extern note_buf_t __percpu *crash_notes;
27 
28 #ifdef CONFIG_CRASH_DUMP
29 #include <linux/prandom.h>
30 #endif
31 
32 #ifdef CONFIG_KEXEC_CORE
33 #include <linux/list.h>
34 #include <linux/compat.h>
35 #include <linux/ioport.h>
36 #include <linux/module.h>
37 #include <linux/highmem.h>
38 #include <asm/kexec.h>
39 #include <linux/crash_core.h>
40 
41 /* Verify architecture specific macros are defined */
42 
43 #ifndef KEXEC_SOURCE_MEMORY_LIMIT
44 #error KEXEC_SOURCE_MEMORY_LIMIT not defined
45 #endif
46 
47 #ifndef KEXEC_DESTINATION_MEMORY_LIMIT
48 #error KEXEC_DESTINATION_MEMORY_LIMIT not defined
49 #endif
50 
51 #ifndef KEXEC_CONTROL_MEMORY_LIMIT
52 #error KEXEC_CONTROL_MEMORY_LIMIT not defined
53 #endif
54 
55 #ifndef KEXEC_CONTROL_MEMORY_GFP
56 #define KEXEC_CONTROL_MEMORY_GFP (GFP_KERNEL | __GFP_NORETRY)
57 #endif
58 
59 #ifndef KEXEC_CONTROL_PAGE_SIZE
60 #error KEXEC_CONTROL_PAGE_SIZE not defined
61 #endif
62 
63 #ifndef KEXEC_ARCH
64 #error KEXEC_ARCH not defined
65 #endif
66 
67 #ifndef KEXEC_CRASH_CONTROL_MEMORY_LIMIT
68 #define KEXEC_CRASH_CONTROL_MEMORY_LIMIT KEXEC_CONTROL_MEMORY_LIMIT
69 #endif
70 
71 #ifndef KEXEC_CRASH_MEM_ALIGN
72 #define KEXEC_CRASH_MEM_ALIGN PAGE_SIZE
73 #endif
74 
75 /*
76  * This structure is used to hold the arguments that are used when loading
77  * kernel binaries.
78  */
79 
80 typedef unsigned long kimage_entry_t;
81 
82 /*
83  * This is a copy of the UAPI struct kexec_segment and must be identical
84  * to it because it gets copied straight from user space into kernel
85  * memory. Do not modify this structure unless you change the way segments
86  * get ingested from user space.
87  */
88 struct kexec_segment {
89 	/*
90 	 * This pointer can point to user memory if kexec_load() system
91 	 * call is used or will point to kernel memory if
92 	 * kexec_file_load() system call is used.
93 	 *
94 	 * Use ->buf when expecting to deal with user memory and use ->kbuf
95 	 * when expecting to deal with kernel memory.
96 	 */
97 	union {
98 		void __user *buf;
99 		void *kbuf;
100 	};
101 	size_t bufsz;
102 	unsigned long mem;
103 	size_t memsz;
104 };
105 
106 #ifdef CONFIG_COMPAT
107 struct compat_kexec_segment {
108 	compat_uptr_t buf;
109 	compat_size_t bufsz;
110 	compat_ulong_t mem;	/* User space sees this as a (void *) ... */
111 	compat_size_t memsz;
112 };
113 #endif
114 
115 #ifdef CONFIG_KEXEC_FILE
116 struct purgatory_info {
117 	/*
118 	 * Pointer to elf header at the beginning of kexec_purgatory.
119 	 * Note: kexec_purgatory is read only
120 	 */
121 	const Elf_Ehdr *ehdr;
122 	/*
123 	 * Temporary, modifiable buffer for sechdrs used for relocation.
124 	 * This memory can be freed post image load.
125 	 */
126 	Elf_Shdr *sechdrs;
127 	/*
128 	 * Temporary, modifiable buffer for stripped purgatory used for
129 	 * relocation. This memory can be freed post image load.
130 	 */
131 	void *purgatory_buf;
132 };
133 
134 struct kimage;
135 
136 typedef int (kexec_probe_t)(const char *kernel_buf, unsigned long kernel_size);
137 typedef void *(kexec_load_t)(struct kimage *image, char *kernel_buf,
138 			     unsigned long kernel_len, char *initrd,
139 			     unsigned long initrd_len, char *cmdline,
140 			     unsigned long cmdline_len);
141 typedef int (kexec_cleanup_t)(void *loader_data);
142 
143 #ifdef CONFIG_KEXEC_SIG
144 typedef int (kexec_verify_sig_t)(const char *kernel_buf,
145 				 unsigned long kernel_len);
146 #endif
147 
148 struct kexec_file_ops {
149 	kexec_probe_t *probe;
150 	kexec_load_t *load;
151 	kexec_cleanup_t *cleanup;
152 #ifdef CONFIG_KEXEC_SIG
153 	kexec_verify_sig_t *verify_sig;
154 #endif
155 };
156 
157 extern const struct kexec_file_ops * const kexec_file_loaders[];
158 
159 int kexec_image_probe_default(struct kimage *image, void *buf,
160 			      unsigned long buf_len);
161 int kexec_image_post_load_cleanup_default(struct kimage *image);
162 
163 /*
164  * If kexec_buf.mem is set to this value, kexec_locate_mem_hole()
165  * will try to allocate free memory. Arch may overwrite it.
166  */
167 #ifndef KEXEC_BUF_MEM_UNKNOWN
168 #define KEXEC_BUF_MEM_UNKNOWN 0
169 #endif
170 
171 /**
172  * struct kexec_buf - parameters for finding a place for a buffer in memory
173  * @image:	kexec image in which memory to search.
174  * @buffer:	Contents which will be copied to the allocated memory.
175  * @bufsz:	Size of @buffer.
176  * @mem:	On return will have address of the buffer in memory.
177  * @memsz:	Size for the buffer in memory.
178  * @buf_align:	Minimum alignment needed.
179  * @buf_min:	The buffer can't be placed below this address.
180  * @buf_max:	The buffer can't be placed above this address.
181  * @cma:	CMA page if the buffer is backed by CMA.
182  * @top_down:	Allocate from top of memory.
183  * @random:	Place the buffer at a random position.
184  */
185 struct kexec_buf {
186 	struct kimage *image;
187 	void *buffer;
188 	unsigned long bufsz;
189 	unsigned long mem;
190 	unsigned long memsz;
191 	unsigned long buf_align;
192 	unsigned long buf_min;
193 	unsigned long buf_max;
194 	struct page *cma;
195 	bool top_down;
196 #ifdef CONFIG_CRASH_DUMP
197 	bool random;
198 #endif
199 };
200 
201 
202 #ifdef CONFIG_CRASH_DUMP
kexec_random_range_start(unsigned long start,unsigned long end,struct kexec_buf * kbuf,unsigned long * temp_start)203 static inline void kexec_random_range_start(unsigned long start,
204 					    unsigned long end,
205 					    struct kexec_buf *kbuf,
206 					    unsigned long *temp_start)
207 {
208 	unsigned short i;
209 
210 	if (kbuf->random) {
211 		get_random_bytes(&i, sizeof(unsigned short));
212 		*temp_start = start + (end - start) / USHRT_MAX * i;
213 	}
214 }
215 #else
kexec_random_range_start(unsigned long start,unsigned long end,struct kexec_buf * kbuf,unsigned long * temp_start)216 static inline void kexec_random_range_start(unsigned long start,
217 					    unsigned long end,
218 					    struct kexec_buf *kbuf,
219 					    unsigned long *temp_start)
220 {}
221 #endif
222 
223 int kexec_load_purgatory(struct kimage *image, struct kexec_buf *kbuf);
224 int kexec_purgatory_get_set_symbol(struct kimage *image, const char *name,
225 				   void *buf, unsigned int size,
226 				   bool get_value);
227 void *kexec_purgatory_get_symbol_addr(struct kimage *image, const char *name);
228 
229 #ifndef arch_kexec_kernel_image_probe
230 static inline int
arch_kexec_kernel_image_probe(struct kimage * image,void * buf,unsigned long buf_len)231 arch_kexec_kernel_image_probe(struct kimage *image, void *buf, unsigned long buf_len)
232 {
233 	return kexec_image_probe_default(image, buf, buf_len);
234 }
235 #endif
236 
237 #ifndef arch_kimage_file_post_load_cleanup
arch_kimage_file_post_load_cleanup(struct kimage * image)238 static inline int arch_kimage_file_post_load_cleanup(struct kimage *image)
239 {
240 	return kexec_image_post_load_cleanup_default(image);
241 }
242 #endif
243 
244 #ifndef arch_check_excluded_range
arch_check_excluded_range(struct kimage * image,unsigned long start,unsigned long end)245 static inline int arch_check_excluded_range(struct kimage *image,
246 					    unsigned long start,
247 					    unsigned long end)
248 {
249 	return 0;
250 }
251 #endif
252 
253 #ifdef CONFIG_KEXEC_SIG
254 #ifdef CONFIG_SIGNED_PE_FILE_VERIFICATION
255 int kexec_kernel_verify_pe_sig(const char *kernel, unsigned long kernel_len);
256 #endif
257 #endif
258 
259 extern int kexec_add_buffer(struct kexec_buf *kbuf);
260 int kexec_locate_mem_hole(struct kexec_buf *kbuf);
261 
262 #ifndef arch_kexec_locate_mem_hole
263 /**
264  * arch_kexec_locate_mem_hole - Find free memory to place the segments.
265  * @kbuf:                       Parameters for the memory search.
266  *
267  * On success, kbuf->mem will have the start address of the memory region found.
268  *
269  * Return: 0 on success, negative errno on error.
270  */
arch_kexec_locate_mem_hole(struct kexec_buf * kbuf)271 static inline int arch_kexec_locate_mem_hole(struct kexec_buf *kbuf)
272 {
273 	return kexec_locate_mem_hole(kbuf);
274 }
275 #endif
276 
277 #ifndef arch_kexec_apply_relocations_add
278 /*
279  * arch_kexec_apply_relocations_add - apply relocations of type RELA
280  * @pi:		Purgatory to be relocated.
281  * @section:	Section relocations applying to.
282  * @relsec:	Section containing RELAs.
283  * @symtab:	Corresponding symtab.
284  *
285  * Return: 0 on success, negative errno on error.
286  */
287 static inline int
arch_kexec_apply_relocations_add(struct purgatory_info * pi,Elf_Shdr * section,const Elf_Shdr * relsec,const Elf_Shdr * symtab)288 arch_kexec_apply_relocations_add(struct purgatory_info *pi, Elf_Shdr *section,
289 				 const Elf_Shdr *relsec, const Elf_Shdr *symtab)
290 {
291 	pr_err("RELA relocation unsupported.\n");
292 	return -ENOEXEC;
293 }
294 #endif
295 
296 #ifndef arch_kexec_apply_relocations
297 /*
298  * arch_kexec_apply_relocations - apply relocations of type REL
299  * @pi:		Purgatory to be relocated.
300  * @section:	Section relocations applying to.
301  * @relsec:	Section containing RELs.
302  * @symtab:	Corresponding symtab.
303  *
304  * Return: 0 on success, negative errno on error.
305  */
306 static inline int
arch_kexec_apply_relocations(struct purgatory_info * pi,Elf_Shdr * section,const Elf_Shdr * relsec,const Elf_Shdr * symtab)307 arch_kexec_apply_relocations(struct purgatory_info *pi, Elf_Shdr *section,
308 			     const Elf_Shdr *relsec, const Elf_Shdr *symtab)
309 {
310 	pr_err("REL relocation unsupported.\n");
311 	return -ENOEXEC;
312 }
313 #endif
314 #endif /* CONFIG_KEXEC_FILE */
315 
316 #ifdef CONFIG_KEXEC_ELF
317 struct kexec_elf_info {
318 	/*
319 	 * Where the ELF binary contents are kept.
320 	 * Memory managed by the user of the struct.
321 	 */
322 	const char *buffer;
323 
324 	const struct elfhdr *ehdr;
325 	const struct elf_phdr *proghdrs;
326 };
327 
328 int kexec_build_elf_info(const char *buf, size_t len, struct elfhdr *ehdr,
329 			       struct kexec_elf_info *elf_info);
330 
331 int kexec_elf_load(struct kimage *image, struct elfhdr *ehdr,
332 			 struct kexec_elf_info *elf_info,
333 			 struct kexec_buf *kbuf,
334 			 unsigned long *lowest_load_addr);
335 
336 void kexec_free_elf_info(struct kexec_elf_info *elf_info);
337 int kexec_elf_probe(const char *buf, unsigned long len);
338 #endif
339 struct kimage {
340 	kimage_entry_t head;
341 	kimage_entry_t *entry;
342 	kimage_entry_t *last_entry;
343 
344 	unsigned long start;
345 	struct page *control_code_page;
346 	struct page *swap_page;
347 	void *vmcoreinfo_data_copy; /* locates in the crash memory */
348 
349 	unsigned long nr_segments;
350 	struct kexec_segment segment[KEXEC_SEGMENT_MAX];
351 	struct page *segment_cma[KEXEC_SEGMENT_MAX];
352 
353 	struct list_head control_pages;
354 	struct list_head dest_pages;
355 	struct list_head unusable_pages;
356 
357 	/* Address of next control page to allocate for crash kernels. */
358 	unsigned long control_page;
359 
360 	/* Flags to indicate special processing */
361 	unsigned int type : 1;
362 #define KEXEC_TYPE_DEFAULT 0
363 #define KEXEC_TYPE_CRASH   1
364 	unsigned int preserve_context : 1;
365 	/* If set, we are using file mode kexec syscall */
366 	unsigned int file_mode:1;
367 #ifdef CONFIG_CRASH_HOTPLUG
368 	/* If set, it is safe to update kexec segments that are
369 	 * excluded from SHA calculation.
370 	 */
371 	unsigned int hotplug_support:1;
372 #endif
373 	unsigned int no_cma:1;
374 
375 #ifdef ARCH_HAS_KIMAGE_ARCH
376 	struct kimage_arch arch;
377 #endif
378 
379 #ifdef CONFIG_KEXEC_FILE
380 	/* Additional fields for file based kexec syscall */
381 	void *kernel_buf;
382 	unsigned long kernel_buf_len;
383 
384 	void *initrd_buf;
385 	unsigned long initrd_buf_len;
386 
387 	char *cmdline_buf;
388 	unsigned long cmdline_buf_len;
389 
390 	/* File operations provided by image loader */
391 	const struct kexec_file_ops *fops;
392 
393 	/* Image loader handling the kernel can store a pointer here */
394 	void *image_loader_data;
395 
396 	/* Information for loading purgatory */
397 	struct purgatory_info purgatory_info;
398 
399 	/* Force carrying over the DTB from the current boot */
400 	bool force_dtb;
401 #endif
402 
403 #ifdef CONFIG_CRASH_HOTPLUG
404 	int hp_action;
405 	int elfcorehdr_index;
406 	bool elfcorehdr_updated;
407 #endif
408 
409 #ifdef CONFIG_IMA_KEXEC
410 	/* Virtual address of IMA measurement buffer for kexec syscall */
411 	void *ima_buffer;
412 
413 	phys_addr_t ima_buffer_addr;
414 	size_t ima_buffer_size;
415 
416 	unsigned long ima_segment_index;
417 	bool is_ima_segment_index_set;
418 #endif
419 
420 	struct {
421 		struct kexec_segment *scratch;
422 		phys_addr_t fdt;
423 	} kho;
424 
425 	/* Core ELF header buffer */
426 	void *elf_headers;
427 	unsigned long elf_headers_sz;
428 	unsigned long elf_load_addr;
429 
430 	/* dm crypt keys buffer */
431 	unsigned long dm_crypt_keys_addr;
432 	unsigned long dm_crypt_keys_sz;
433 };
434 
435 /* kexec interface functions */
436 extern void machine_kexec(struct kimage *image);
437 extern int machine_kexec_prepare(struct kimage *image);
438 extern void machine_kexec_cleanup(struct kimage *image);
439 extern int kernel_kexec(void);
440 extern struct page *kimage_alloc_control_pages(struct kimage *image,
441 						unsigned int order);
442 
443 #ifndef machine_kexec_post_load
machine_kexec_post_load(struct kimage * image)444 static inline int machine_kexec_post_load(struct kimage *image) { return 0; }
445 #endif
446 
447 extern struct kimage *kexec_image;
448 extern struct kimage *kexec_crash_image;
449 
450 bool kexec_load_permitted(int kexec_image_type);
451 
452 #ifndef kexec_flush_icache_page
453 #define kexec_flush_icache_page(page)
454 #endif
455 
456 /* List of defined/legal kexec flags */
457 #ifndef CONFIG_KEXEC_JUMP
458 #define KEXEC_FLAGS    (KEXEC_ON_CRASH | KEXEC_UPDATE_ELFCOREHDR | KEXEC_CRASH_HOTPLUG_SUPPORT)
459 #else
460 #define KEXEC_FLAGS    (KEXEC_ON_CRASH | KEXEC_PRESERVE_CONTEXT | KEXEC_UPDATE_ELFCOREHDR | \
461 			KEXEC_CRASH_HOTPLUG_SUPPORT)
462 #endif
463 
464 /* List of defined/legal kexec file flags */
465 #define KEXEC_FILE_FLAGS	(KEXEC_FILE_UNLOAD | KEXEC_FILE_ON_CRASH | \
466 				 KEXEC_FILE_NO_INITRAMFS | KEXEC_FILE_DEBUG | \
467 				 KEXEC_FILE_NO_CMA | KEXEC_FILE_FORCE_DTB)
468 
469 /* flag to track if kexec reboot is in progress */
470 extern bool kexec_in_progress;
471 
472 #ifndef page_to_boot_pfn
page_to_boot_pfn(struct page * page)473 static inline unsigned long page_to_boot_pfn(struct page *page)
474 {
475 	return page_to_pfn(page);
476 }
477 #endif
478 
479 #ifndef boot_pfn_to_page
boot_pfn_to_page(unsigned long boot_pfn)480 static inline struct page *boot_pfn_to_page(unsigned long boot_pfn)
481 {
482 	return pfn_to_page(boot_pfn);
483 }
484 #endif
485 
486 #ifndef phys_to_boot_phys
phys_to_boot_phys(phys_addr_t phys)487 static inline unsigned long phys_to_boot_phys(phys_addr_t phys)
488 {
489 	return phys;
490 }
491 #endif
492 
493 #ifndef boot_phys_to_phys
boot_phys_to_phys(unsigned long boot_phys)494 static inline phys_addr_t boot_phys_to_phys(unsigned long boot_phys)
495 {
496 	return boot_phys;
497 }
498 #endif
499 
500 #ifndef crash_free_reserved_phys_range
crash_free_reserved_phys_range(unsigned long begin,unsigned long end)501 static inline void crash_free_reserved_phys_range(unsigned long begin, unsigned long end)
502 {
503 	unsigned long addr;
504 
505 	for (addr = begin; addr < end; addr += PAGE_SIZE)
506 		free_reserved_page(boot_pfn_to_page(addr >> PAGE_SHIFT));
507 }
508 #endif
509 
virt_to_boot_phys(void * addr)510 static inline unsigned long virt_to_boot_phys(void *addr)
511 {
512 	return phys_to_boot_phys(__pa((unsigned long)addr));
513 }
514 
boot_phys_to_virt(unsigned long entry)515 static inline void *boot_phys_to_virt(unsigned long entry)
516 {
517 	return phys_to_virt(boot_phys_to_phys(entry));
518 }
519 
520 #ifndef arch_kexec_post_alloc_pages
arch_kexec_post_alloc_pages(void * vaddr,unsigned int pages,gfp_t gfp)521 static inline int arch_kexec_post_alloc_pages(void *vaddr, unsigned int pages, gfp_t gfp) { return 0; }
522 #endif
523 
524 #ifndef arch_kexec_pre_free_pages
arch_kexec_pre_free_pages(void * vaddr,unsigned int pages)525 static inline void arch_kexec_pre_free_pages(void *vaddr, unsigned int pages) { }
526 #endif
527 
528 extern bool kexec_file_dbg_print;
529 
530 #define kexec_dprintk(fmt, arg...) \
531         do { if (kexec_file_dbg_print) pr_info(fmt, ##arg); } while (0)
532 
533 extern void *kimage_map_segment(struct kimage *image, unsigned long addr, unsigned long size);
534 extern void kimage_unmap_segment(void *buffer);
535 #else /* !CONFIG_KEXEC_CORE */
536 struct pt_regs;
537 struct task_struct;
538 struct kimage;
__crash_kexec(struct pt_regs * regs)539 static inline void __crash_kexec(struct pt_regs *regs) { }
crash_kexec(struct pt_regs * regs)540 static inline void crash_kexec(struct pt_regs *regs) { }
kexec_should_crash(struct task_struct * p)541 static inline int kexec_should_crash(struct task_struct *p) { return 0; }
kexec_crash_loaded(void)542 static inline int kexec_crash_loaded(void) { return 0; }
kimage_map_segment(struct kimage * image,unsigned long addr,unsigned long size)543 static inline void *kimage_map_segment(struct kimage *image, unsigned long addr, unsigned long size)
544 { return NULL; }
kimage_unmap_segment(void * buffer)545 static inline void kimage_unmap_segment(void *buffer) { }
546 #define kexec_in_progress false
547 #endif /* CONFIG_KEXEC_CORE */
548 
549 #ifdef CONFIG_KEXEC_SIG
550 void set_kexec_sig_enforced(void);
551 #else
set_kexec_sig_enforced(void)552 static inline void set_kexec_sig_enforced(void) {}
553 #endif
554 
555 #endif /* !defined(__ASSEBMLY__) */
556 
557 #endif /* LINUX_KEXEC_H */
558