1# SPDX-License-Identifier: GPL-2.0-only 2 3menu "Kexec and crash features" 4 5config CRASH_CORE 6 bool 7 8config KEXEC_CORE 9 select CRASH_CORE 10 bool 11 12config KEXEC_ELF 13 bool 14 15config HAVE_IMA_KEXEC 16 bool 17 18config KEXEC 19 bool "Enable kexec system call" 20 depends on ARCH_SUPPORTS_KEXEC 21 select KEXEC_CORE 22 help 23 kexec is a system call that implements the ability to shutdown your 24 current kernel, and to start another kernel. It is like a reboot 25 but it is independent of the system firmware. And like a reboot 26 you can start any kernel with it, not just Linux. 27 28 The name comes from the similarity to the exec system call. 29 30 It is an ongoing process to be certain the hardware in a machine 31 is properly shutdown, so do not be surprised if this code does not 32 initially work for you. As of this writing the exact hardware 33 interface is strongly in flux, so no good recommendation can be 34 made. 35 36config KEXEC_FILE 37 bool "Enable kexec file based system call" 38 depends on ARCH_SUPPORTS_KEXEC_FILE 39 select CRYPTO 40 select CRYPTO_SHA256 41 select KEXEC_CORE 42 help 43 This is new version of kexec system call. This system call is 44 file based and takes file descriptors as system call argument 45 for kernel and initramfs as opposed to list of segments as 46 accepted by kexec system call. 47 48config KEXEC_SIG 49 bool "Verify kernel signature during kexec_file_load() syscall" 50 depends on ARCH_SUPPORTS_KEXEC_SIG 51 depends on KEXEC_FILE 52 help 53 This option makes the kexec_file_load() syscall check for a valid 54 signature of the kernel image. The image can still be loaded without 55 a valid signature unless you also enable KEXEC_SIG_FORCE, though if 56 there's a signature that we can check, then it must be valid. 57 58 In addition to this option, you need to enable signature 59 verification for the corresponding kernel image type being 60 loaded in order for this to work. 61 62config KEXEC_SIG_FORCE 63 bool "Require a valid signature in kexec_file_load() syscall" 64 depends on ARCH_SUPPORTS_KEXEC_SIG_FORCE 65 depends on KEXEC_SIG 66 help 67 This option makes kernel signature verification mandatory for 68 the kexec_file_load() syscall. 69 70config KEXEC_IMAGE_VERIFY_SIG 71 bool "Enable Image signature verification support (ARM)" 72 default ARCH_DEFAULT_KEXEC_IMAGE_VERIFY_SIG 73 depends on ARCH_SUPPORTS_KEXEC_IMAGE_VERIFY_SIG 74 depends on KEXEC_SIG 75 depends on EFI && SIGNED_PE_FILE_VERIFICATION 76 help 77 Enable Image signature verification support. 78 79config KEXEC_BZIMAGE_VERIFY_SIG 80 bool "Enable bzImage signature verification support" 81 depends on ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG 82 depends on KEXEC_SIG 83 depends on SIGNED_PE_FILE_VERIFICATION 84 select SYSTEM_TRUSTED_KEYRING 85 help 86 Enable bzImage signature verification support. 87 88config KEXEC_JUMP 89 bool "kexec jump" 90 depends on ARCH_SUPPORTS_KEXEC_JUMP 91 depends on KEXEC && HIBERNATION 92 help 93 Jump between original kernel and kexeced kernel and invoke 94 code in physical address mode via KEXEC 95 96config CRASH_DUMP 97 bool "kernel crash dumps" 98 depends on ARCH_SUPPORTS_CRASH_DUMP 99 select CRASH_CORE 100 select KEXEC_CORE 101 help 102 Generate crash dump after being started by kexec. 103 This should be normally only set in special crash dump kernels 104 which are loaded in the main kernel with kexec-tools into 105 a specially reserved region and then later executed after 106 a crash by kdump/kexec. The crash dump kernel must be compiled 107 to a memory address not used by the main kernel or BIOS using 108 PHYSICAL_START, or it must be built as a relocatable image 109 (CONFIG_RELOCATABLE=y). 110 For more details see Documentation/admin-guide/kdump/kdump.rst 111 112 For s390, this option also enables zfcpdump. 113 See also <file:Documentation/arch/s390/zfcpdump.rst> 114 115config CRASH_HOTPLUG 116 bool "Update the crash elfcorehdr on system configuration changes" 117 default y 118 depends on CRASH_DUMP && (HOTPLUG_CPU || MEMORY_HOTPLUG) 119 depends on ARCH_SUPPORTS_CRASH_HOTPLUG 120 help 121 Enable direct update to the crash elfcorehdr (which contains 122 the list of CPUs and memory regions to be dumped upon a crash) 123 in response to hot plug/unplug or online/offline of CPUs or 124 memory. This is a much more advanced approach than userspace 125 attempting that. 126 127 If unsure, say Y. 128 129config CRASH_MAX_MEMORY_RANGES 130 int "Specify the maximum number of memory regions for the elfcorehdr" 131 default 8192 132 depends on CRASH_HOTPLUG 133 help 134 For the kexec_file_load() syscall path, specify the maximum number of 135 memory regions that the elfcorehdr buffer/segment can accommodate. 136 These regions are obtained via walk_system_ram_res(); eg. the 137 'System RAM' entries in /proc/iomem. 138 This value is combined with NR_CPUS_DEFAULT and multiplied by 139 sizeof(Elf64_Phdr) to determine the final elfcorehdr memory buffer/ 140 segment size. 141 The value 8192, for example, covers a (sparsely populated) 1TiB system 142 consisting of 128MiB memblocks, while resulting in an elfcorehdr 143 memory buffer/segment size under 1MiB. This represents a sane choice 144 to accommodate both baremetal and virtual machine configurations. 145 146 For the kexec_load() syscall path, CRASH_MAX_MEMORY_RANGES is part of 147 the computation behind the value provided through the 148 /sys/kernel/crash_elfcorehdr_size attribute. 149 150endmenu 151