xref: /linux/kernel/Kconfig.kexec (revision 443cbaf9e2fdbef7d7cae457434a6cb8a679441b) 
1# SPDX-License-Identifier: GPL-2.0-only
2
3menu "Kexec and crash features"
4
5config CRASH_RESERVE
6	bool
7
8config VMCORE_INFO
9	bool
10
11config KEXEC_CORE
12	select VMCORE_INFO
13	select CRASH_RESERVE
14	bool
15
16config KEXEC_ELF
17	bool
18
19config HAVE_IMA_KEXEC
20	bool
21
22config KEXEC
23	bool "Enable kexec system call"
24	depends on ARCH_SUPPORTS_KEXEC
25	select KEXEC_CORE
26	help
27	  kexec is a system call that implements the ability to shutdown your
28	  current kernel, and to start another kernel. It is like a reboot
29	  but it is independent of the system firmware. And like a reboot
30	  you can start any kernel with it, not just Linux.
31
32	  The name comes from the similarity to the exec system call.
33
34	  It is an ongoing process to be certain the hardware in a machine
35	  is properly shutdown, so do not be surprised if this code does not
36	  initially work for you. As of this writing the exact hardware
37	  interface is strongly in flux, so no good recommendation can be
38	  made.
39
40config KEXEC_FILE
41	bool "Enable kexec file based system call"
42	depends on ARCH_SUPPORTS_KEXEC_FILE
43	select CRYPTO
44	select CRYPTO_SHA256
45	select KEXEC_CORE
46	help
47	  This is new version of kexec system call. This system call is
48	  file based and takes file descriptors as system call argument
49	  for kernel and initramfs as opposed to list of segments as
50	  accepted by kexec system call.
51
52config KEXEC_SIG
53	bool "Verify kernel signature during kexec_file_load() syscall"
54	depends on ARCH_SUPPORTS_KEXEC_SIG
55	depends on KEXEC_FILE
56	help
57	  This option makes the kexec_file_load() syscall check for a valid
58	  signature of the kernel image. The image can still be loaded without
59	  a valid signature unless you also enable KEXEC_SIG_FORCE, though if
60	  there's a signature that we can check, then it must be valid.
61
62	  In addition to this option, you need to enable signature
63	  verification for the corresponding kernel image type being
64	  loaded in order for this to work.
65
66config KEXEC_SIG_FORCE
67	bool "Require a valid signature in kexec_file_load() syscall"
68	depends on ARCH_SUPPORTS_KEXEC_SIG_FORCE
69	depends on KEXEC_SIG
70	help
71	  This option makes kernel signature verification mandatory for
72	  the kexec_file_load() syscall.
73
74config KEXEC_IMAGE_VERIFY_SIG
75	bool "Enable Image signature verification support (ARM)"
76	default ARCH_DEFAULT_KEXEC_IMAGE_VERIFY_SIG
77	depends on ARCH_SUPPORTS_KEXEC_IMAGE_VERIFY_SIG
78	depends on KEXEC_SIG
79	depends on EFI && SIGNED_PE_FILE_VERIFICATION
80	help
81	  Enable Image signature verification support.
82
83config KEXEC_BZIMAGE_VERIFY_SIG
84	bool "Enable bzImage signature verification support"
85	depends on ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG
86	depends on KEXEC_SIG
87	depends on SIGNED_PE_FILE_VERIFICATION
88	select SYSTEM_TRUSTED_KEYRING
89	help
90	  Enable bzImage signature verification support.
91
92config KEXEC_JUMP
93	bool "kexec jump"
94	depends on ARCH_SUPPORTS_KEXEC_JUMP
95	depends on KEXEC && HIBERNATION
96	help
97	  Jump between original kernel and kexeced kernel and invoke
98	  code in physical address mode via KEXEC
99
100config CRASH_DUMP
101	bool "kernel crash dumps"
102	depends on ARCH_SUPPORTS_CRASH_DUMP
103	select KEXEC_CORE
104	help
105	  Generate crash dump after being started by kexec.
106	  This should be normally only set in special crash dump kernels
107	  which are loaded in the main kernel with kexec-tools into
108	  a specially reserved region and then later executed after
109	  a crash by kdump/kexec. The crash dump kernel must be compiled
110	  to a memory address not used by the main kernel or BIOS using
111	  PHYSICAL_START, or it must be built as a relocatable image
112	  (CONFIG_RELOCATABLE=y).
113	  For more details see Documentation/admin-guide/kdump/kdump.rst
114
115	  For s390, this option also enables zfcpdump.
116	  See also <file:Documentation/arch/s390/zfcpdump.rst>
117
118config CRASH_HOTPLUG
119	bool "Update the crash elfcorehdr on system configuration changes"
120	default y
121	depends on CRASH_DUMP && (HOTPLUG_CPU || MEMORY_HOTPLUG)
122	depends on ARCH_SUPPORTS_CRASH_HOTPLUG
123	help
124	  Enable direct update to the crash elfcorehdr (which contains
125	  the list of CPUs and memory regions to be dumped upon a crash)
126	  in response to hot plug/unplug or online/offline of CPUs or
127	  memory. This is a much more advanced approach than userspace
128	  attempting that.
129
130	  If unsure, say Y.
131
132config CRASH_MAX_MEMORY_RANGES
133	int "Specify the maximum number of memory regions for the elfcorehdr"
134	default 8192
135	depends on CRASH_HOTPLUG
136	help
137	  For the kexec_file_load() syscall path, specify the maximum number of
138	  memory regions that the elfcorehdr buffer/segment can accommodate.
139	  These regions are obtained via walk_system_ram_res(); eg. the
140	  'System RAM' entries in /proc/iomem.
141	  This value is combined with NR_CPUS_DEFAULT and multiplied by
142	  sizeof(Elf64_Phdr) to determine the final elfcorehdr memory buffer/
143	  segment size.
144	  The value 8192, for example, covers a (sparsely populated) 1TiB system
145	  consisting of 128MiB memblocks, while resulting in an elfcorehdr
146	  memory buffer/segment size under 1MiB. This represents a sane choice
147	  to accommodate both baremetal and virtual machine configurations.
148
149	  For the kexec_load() syscall path, CRASH_MAX_MEMORY_RANGES is part of
150	  the computation behind the value provided through the
151	  /sys/kernel/crash_elfcorehdr_size attribute.
152
153endmenu
154