xref: /linux/kernel/Kconfig.kexec (revision b58b13f156c00c2457035b7071eaaac105fe6836)
1# SPDX-License-Identifier: GPL-2.0-only
2
3menu "Kexec and crash features"
4
5config CRASH_CORE
6	bool
7
8config KEXEC_CORE
9	select CRASH_CORE
10	bool
11
12config KEXEC_ELF
13	bool
14
15config HAVE_IMA_KEXEC
16	bool
17
18config KEXEC
19	bool "Enable kexec system call"
20	depends on ARCH_SUPPORTS_KEXEC
21	select KEXEC_CORE
22	help
23	  kexec is a system call that implements the ability to shutdown your
24	  current kernel, and to start another kernel. It is like a reboot
25	  but it is independent of the system firmware. And like a reboot
26	  you can start any kernel with it, not just Linux.
27
28	  The name comes from the similarity to the exec system call.
29
30	  It is an ongoing process to be certain the hardware in a machine
31	  is properly shutdown, so do not be surprised if this code does not
32	  initially work for you. As of this writing the exact hardware
33	  interface is strongly in flux, so no good recommendation can be
34	  made.
35
36config KEXEC_FILE
37	bool "Enable kexec file based system call"
38	depends on ARCH_SUPPORTS_KEXEC_FILE
39	select CRYPTO
40	select CRYPTO_SHA256
41	select KEXEC_CORE
42	help
43	  This is new version of kexec system call. This system call is
44	  file based and takes file descriptors as system call argument
45	  for kernel and initramfs as opposed to list of segments as
46	  accepted by kexec system call.
47
48config KEXEC_SIG
49	bool "Verify kernel signature during kexec_file_load() syscall"
50	depends on ARCH_SUPPORTS_KEXEC_SIG
51	depends on KEXEC_FILE
52	help
53	  This option makes the kexec_file_load() syscall check for a valid
54	  signature of the kernel image. The image can still be loaded without
55	  a valid signature unless you also enable KEXEC_SIG_FORCE, though if
56	  there's a signature that we can check, then it must be valid.
57
58	  In addition to this option, you need to enable signature
59	  verification for the corresponding kernel image type being
60	  loaded in order for this to work.
61
62config KEXEC_SIG_FORCE
63	bool "Require a valid signature in kexec_file_load() syscall"
64	depends on ARCH_SUPPORTS_KEXEC_SIG_FORCE
65	depends on KEXEC_SIG
66	help
67	  This option makes kernel signature verification mandatory for
68	  the kexec_file_load() syscall.
69
70config KEXEC_IMAGE_VERIFY_SIG
71	bool "Enable Image signature verification support (ARM)"
72	default ARCH_DEFAULT_KEXEC_IMAGE_VERIFY_SIG
73	depends on ARCH_SUPPORTS_KEXEC_IMAGE_VERIFY_SIG
74	depends on KEXEC_SIG
75	depends on EFI && SIGNED_PE_FILE_VERIFICATION
76	help
77	  Enable Image signature verification support.
78
79config KEXEC_BZIMAGE_VERIFY_SIG
80	bool "Enable bzImage signature verification support"
81	depends on ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG
82	depends on KEXEC_SIG
83	depends on SIGNED_PE_FILE_VERIFICATION
84	select SYSTEM_TRUSTED_KEYRING
85	help
86	  Enable bzImage signature verification support.
87
88config KEXEC_JUMP
89	bool "kexec jump"
90	depends on ARCH_SUPPORTS_KEXEC_JUMP
91	depends on KEXEC && HIBERNATION
92	help
93	  Jump between original kernel and kexeced kernel and invoke
94	  code in physical address mode via KEXEC
95
96config CRASH_DUMP
97	bool "kernel crash dumps"
98	depends on ARCH_SUPPORTS_CRASH_DUMP
99	select CRASH_CORE
100	select KEXEC_CORE
101	help
102	  Generate crash dump after being started by kexec.
103	  This should be normally only set in special crash dump kernels
104	  which are loaded in the main kernel with kexec-tools into
105	  a specially reserved region and then later executed after
106	  a crash by kdump/kexec. The crash dump kernel must be compiled
107	  to a memory address not used by the main kernel or BIOS using
108	  PHYSICAL_START, or it must be built as a relocatable image
109	  (CONFIG_RELOCATABLE=y).
110	  For more details see Documentation/admin-guide/kdump/kdump.rst
111
112	  For s390, this option also enables zfcpdump.
113	  See also <file:Documentation/arch/s390/zfcpdump.rst>
114
115config CRASH_HOTPLUG
116	bool "Update the crash elfcorehdr on system configuration changes"
117	default y
118	depends on CRASH_DUMP && (HOTPLUG_CPU || MEMORY_HOTPLUG)
119	depends on ARCH_SUPPORTS_CRASH_HOTPLUG
120	help
121	  Enable direct update to the crash elfcorehdr (which contains
122	  the list of CPUs and memory regions to be dumped upon a crash)
123	  in response to hot plug/unplug or online/offline of CPUs or
124	  memory. This is a much more advanced approach than userspace
125	  attempting that.
126
127	  If unsure, say Y.
128
129config CRASH_MAX_MEMORY_RANGES
130	int "Specify the maximum number of memory regions for the elfcorehdr"
131	default 8192
132	depends on CRASH_HOTPLUG
133	help
134	  For the kexec_file_load() syscall path, specify the maximum number of
135	  memory regions that the elfcorehdr buffer/segment can accommodate.
136	  These regions are obtained via walk_system_ram_res(); eg. the
137	  'System RAM' entries in /proc/iomem.
138	  This value is combined with NR_CPUS_DEFAULT and multiplied by
139	  sizeof(Elf64_Phdr) to determine the final elfcorehdr memory buffer/
140	  segment size.
141	  The value 8192, for example, covers a (sparsely populated) 1TiB system
142	  consisting of 128MiB memblocks, while resulting in an elfcorehdr
143	  memory buffer/segment size under 1MiB. This represents a sane choice
144	  to accommodate both baremetal and virtual machine configurations.
145
146	  For the kexec_load() syscall path, CRASH_MAX_MEMORY_RANGES is part of
147	  the computation behind the value provided through the
148	  /sys/kernel/crash_elfcorehdr_size attribute.
149
150endmenu
151