1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * kexec_handover.c - kexec handover metadata processing 4 * Copyright (C) 2023 Alexander Graf <graf@amazon.com> 5 * Copyright (C) 2025 Microsoft Corporation, Mike Rapoport <rppt@kernel.org> 6 * Copyright (C) 2025 Google LLC, Changyuan Lyu <changyuanl@google.com> 7 */ 8 9 #define pr_fmt(fmt) "KHO: " fmt 10 11 #include <linux/cleanup.h> 12 #include <linux/cma.h> 13 #include <linux/count_zeros.h> 14 #include <linux/debugfs.h> 15 #include <linux/kexec.h> 16 #include <linux/kexec_handover.h> 17 #include <linux/libfdt.h> 18 #include <linux/list.h> 19 #include <linux/memblock.h> 20 #include <linux/notifier.h> 21 #include <linux/page-isolation.h> 22 #include <linux/vmalloc.h> 23 24 #include <asm/early_ioremap.h> 25 26 #include "kexec_handover_internal.h" 27 /* 28 * KHO is tightly coupled with mm init and needs access to some of mm 29 * internal APIs. 30 */ 31 #include "../mm/internal.h" 32 #include "kexec_internal.h" 33 34 #define KHO_FDT_COMPATIBLE "kho-v1" 35 #define PROP_PRESERVED_MEMORY_MAP "preserved-memory-map" 36 #define PROP_SUB_FDT "fdt" 37 38 #define KHO_PAGE_MAGIC 0x4b484f50U /* ASCII for 'KHOP' */ 39 40 /* 41 * KHO uses page->private, which is an unsigned long, to store page metadata. 42 * Use it to store both the magic and the order. 43 */ 44 union kho_page_info { 45 unsigned long page_private; 46 struct { 47 unsigned int order; 48 unsigned int magic; 49 }; 50 }; 51 52 static_assert(sizeof(union kho_page_info) == sizeof(((struct page *)0)->private)); 53 54 static bool kho_enable __ro_after_init; 55 56 bool kho_is_enabled(void) 57 { 58 return kho_enable; 59 } 60 EXPORT_SYMBOL_GPL(kho_is_enabled); 61 62 static int __init kho_parse_enable(char *p) 63 { 64 return kstrtobool(p, &kho_enable); 65 } 66 early_param("kho", kho_parse_enable); 67 68 /* 69 * Keep track of memory that is to be preserved across KHO. 70 * 71 * The serializing side uses two levels of xarrays to manage chunks of per-order 72 * PAGE_SIZE byte bitmaps. For instance if PAGE_SIZE = 4096, the entire 1G order 73 * of a 8TB system would fit inside a single 4096 byte bitmap. For order 0 74 * allocations each bitmap will cover 128M of address space. Thus, for 16G of 75 * memory at most 512K of bitmap memory will be needed for order 0. 76 * 77 * This approach is fully incremental, as the serialization progresses folios 78 * can continue be aggregated to the tracker. The final step, immediately prior 79 * to kexec would serialize the xarray information into a linked list for the 80 * successor kernel to parse. 81 */ 82 83 #define PRESERVE_BITS (PAGE_SIZE * 8) 84 85 struct kho_mem_phys_bits { 86 DECLARE_BITMAP(preserve, PRESERVE_BITS); 87 }; 88 89 static_assert(sizeof(struct kho_mem_phys_bits) == PAGE_SIZE); 90 91 struct kho_mem_phys { 92 /* 93 * Points to kho_mem_phys_bits, a sparse bitmap array. Each bit is sized 94 * to order. 95 */ 96 struct xarray phys_bits; 97 }; 98 99 struct kho_mem_track { 100 /* Points to kho_mem_phys, each order gets its own bitmap tree */ 101 struct xarray orders; 102 }; 103 104 struct khoser_mem_chunk; 105 106 struct kho_serialization { 107 struct page *fdt; 108 struct list_head fdt_list; 109 struct dentry *sub_fdt_dir; 110 struct kho_mem_track track; 111 /* First chunk of serialized preserved memory map */ 112 struct khoser_mem_chunk *preserved_mem_map; 113 }; 114 115 struct kho_out { 116 struct blocking_notifier_head chain_head; 117 118 struct dentry *dir; 119 120 struct mutex lock; /* protects KHO FDT finalization */ 121 122 struct kho_serialization ser; 123 bool finalized; 124 }; 125 126 static struct kho_out kho_out = { 127 .chain_head = BLOCKING_NOTIFIER_INIT(kho_out.chain_head), 128 .lock = __MUTEX_INITIALIZER(kho_out.lock), 129 .ser = { 130 .fdt_list = LIST_HEAD_INIT(kho_out.ser.fdt_list), 131 .track = { 132 .orders = XARRAY_INIT(kho_out.ser.track.orders, 0), 133 }, 134 }, 135 .finalized = false, 136 }; 137 138 static void *xa_load_or_alloc(struct xarray *xa, unsigned long index) 139 { 140 void *res = xa_load(xa, index); 141 142 if (res) 143 return res; 144 145 void *elm __free(free_page) = (void *)get_zeroed_page(GFP_KERNEL); 146 147 if (!elm) 148 return ERR_PTR(-ENOMEM); 149 150 if (WARN_ON(kho_scratch_overlap(virt_to_phys(elm), PAGE_SIZE))) 151 return ERR_PTR(-EINVAL); 152 153 res = xa_cmpxchg(xa, index, NULL, elm, GFP_KERNEL); 154 if (xa_is_err(res)) 155 return ERR_PTR(xa_err(res)); 156 else if (res) 157 return res; 158 159 return no_free_ptr(elm); 160 } 161 162 static void __kho_unpreserve(struct kho_mem_track *track, unsigned long pfn, 163 unsigned long end_pfn) 164 { 165 struct kho_mem_phys_bits *bits; 166 struct kho_mem_phys *physxa; 167 168 while (pfn < end_pfn) { 169 const unsigned int order = 170 min(count_trailing_zeros(pfn), ilog2(end_pfn - pfn)); 171 const unsigned long pfn_high = pfn >> order; 172 173 physxa = xa_load(&track->orders, order); 174 if (WARN_ON_ONCE(!physxa)) 175 return; 176 177 bits = xa_load(&physxa->phys_bits, pfn_high / PRESERVE_BITS); 178 if (WARN_ON_ONCE(!bits)) 179 return; 180 181 clear_bit(pfn_high % PRESERVE_BITS, bits->preserve); 182 183 pfn += 1 << order; 184 } 185 } 186 187 static int __kho_preserve_order(struct kho_mem_track *track, unsigned long pfn, 188 unsigned int order) 189 { 190 struct kho_mem_phys_bits *bits; 191 struct kho_mem_phys *physxa, *new_physxa; 192 const unsigned long pfn_high = pfn >> order; 193 194 might_sleep(); 195 196 if (kho_out.finalized) 197 return -EBUSY; 198 199 physxa = xa_load(&track->orders, order); 200 if (!physxa) { 201 int err; 202 203 new_physxa = kzalloc(sizeof(*physxa), GFP_KERNEL); 204 if (!new_physxa) 205 return -ENOMEM; 206 207 xa_init(&new_physxa->phys_bits); 208 physxa = xa_cmpxchg(&track->orders, order, NULL, new_physxa, 209 GFP_KERNEL); 210 211 err = xa_err(physxa); 212 if (err || physxa) { 213 xa_destroy(&new_physxa->phys_bits); 214 kfree(new_physxa); 215 216 if (err) 217 return err; 218 } else { 219 physxa = new_physxa; 220 } 221 } 222 223 bits = xa_load_or_alloc(&physxa->phys_bits, pfn_high / PRESERVE_BITS); 224 if (IS_ERR(bits)) 225 return PTR_ERR(bits); 226 227 set_bit(pfn_high % PRESERVE_BITS, bits->preserve); 228 229 return 0; 230 } 231 232 static struct page *kho_restore_page(phys_addr_t phys) 233 { 234 struct page *page = pfn_to_online_page(PHYS_PFN(phys)); 235 union kho_page_info info; 236 unsigned int nr_pages; 237 238 if (!page) 239 return NULL; 240 241 info.page_private = page->private; 242 /* 243 * deserialize_bitmap() only sets the magic on the head page. This magic 244 * check also implicitly makes sure phys is order-aligned since for 245 * non-order-aligned phys addresses, magic will never be set. 246 */ 247 if (WARN_ON_ONCE(info.magic != KHO_PAGE_MAGIC || info.order > MAX_PAGE_ORDER)) 248 return NULL; 249 nr_pages = (1 << info.order); 250 251 /* Clear private to make sure later restores on this page error out. */ 252 page->private = 0; 253 /* Head page gets refcount of 1. */ 254 set_page_count(page, 1); 255 256 /* For higher order folios, tail pages get a page count of zero. */ 257 for (unsigned int i = 1; i < nr_pages; i++) 258 set_page_count(page + i, 0); 259 260 if (info.order > 0) 261 prep_compound_page(page, info.order); 262 263 adjust_managed_page_count(page, nr_pages); 264 return page; 265 } 266 267 /** 268 * kho_restore_folio - recreates the folio from the preserved memory. 269 * @phys: physical address of the folio. 270 * 271 * Return: pointer to the struct folio on success, NULL on failure. 272 */ 273 struct folio *kho_restore_folio(phys_addr_t phys) 274 { 275 struct page *page = kho_restore_page(phys); 276 277 return page ? page_folio(page) : NULL; 278 } 279 EXPORT_SYMBOL_GPL(kho_restore_folio); 280 281 /** 282 * kho_restore_pages - restore list of contiguous order 0 pages. 283 * @phys: physical address of the first page. 284 * @nr_pages: number of pages. 285 * 286 * Restore a contiguous list of order 0 pages that was preserved with 287 * kho_preserve_pages(). 288 * 289 * Return: 0 on success, error code on failure 290 */ 291 struct page *kho_restore_pages(phys_addr_t phys, unsigned int nr_pages) 292 { 293 const unsigned long start_pfn = PHYS_PFN(phys); 294 const unsigned long end_pfn = start_pfn + nr_pages; 295 unsigned long pfn = start_pfn; 296 297 while (pfn < end_pfn) { 298 const unsigned int order = 299 min(count_trailing_zeros(pfn), ilog2(end_pfn - pfn)); 300 struct page *page = kho_restore_page(PFN_PHYS(pfn)); 301 302 if (!page) 303 return NULL; 304 split_page(page, order); 305 pfn += 1 << order; 306 } 307 308 return pfn_to_page(start_pfn); 309 } 310 EXPORT_SYMBOL_GPL(kho_restore_pages); 311 312 /* Serialize and deserialize struct kho_mem_phys across kexec 313 * 314 * Record all the bitmaps in a linked list of pages for the next kernel to 315 * process. Each chunk holds bitmaps of the same order and each block of bitmaps 316 * starts at a given physical address. This allows the bitmaps to be sparse. The 317 * xarray is used to store them in a tree while building up the data structure, 318 * but the KHO successor kernel only needs to process them once in order. 319 * 320 * All of this memory is normal kmalloc() memory and is not marked for 321 * preservation. The successor kernel will remain isolated to the scratch space 322 * until it completes processing this list. Once processed all the memory 323 * storing these ranges will be marked as free. 324 */ 325 326 struct khoser_mem_bitmap_ptr { 327 phys_addr_t phys_start; 328 DECLARE_KHOSER_PTR(bitmap, struct kho_mem_phys_bits *); 329 }; 330 331 struct khoser_mem_chunk_hdr { 332 DECLARE_KHOSER_PTR(next, struct khoser_mem_chunk *); 333 unsigned int order; 334 unsigned int num_elms; 335 }; 336 337 #define KHOSER_BITMAP_SIZE \ 338 ((PAGE_SIZE - sizeof(struct khoser_mem_chunk_hdr)) / \ 339 sizeof(struct khoser_mem_bitmap_ptr)) 340 341 struct khoser_mem_chunk { 342 struct khoser_mem_chunk_hdr hdr; 343 struct khoser_mem_bitmap_ptr bitmaps[KHOSER_BITMAP_SIZE]; 344 }; 345 346 static_assert(sizeof(struct khoser_mem_chunk) == PAGE_SIZE); 347 348 static struct khoser_mem_chunk *new_chunk(struct khoser_mem_chunk *cur_chunk, 349 unsigned long order) 350 { 351 struct khoser_mem_chunk *chunk __free(free_page) = NULL; 352 353 chunk = (void *)get_zeroed_page(GFP_KERNEL); 354 if (!chunk) 355 return ERR_PTR(-ENOMEM); 356 357 if (WARN_ON(kho_scratch_overlap(virt_to_phys(chunk), PAGE_SIZE))) 358 return ERR_PTR(-EINVAL); 359 360 chunk->hdr.order = order; 361 if (cur_chunk) 362 KHOSER_STORE_PTR(cur_chunk->hdr.next, chunk); 363 return no_free_ptr(chunk); 364 } 365 366 static void kho_mem_ser_free(struct khoser_mem_chunk *first_chunk) 367 { 368 struct khoser_mem_chunk *chunk = first_chunk; 369 370 while (chunk) { 371 struct khoser_mem_chunk *tmp = chunk; 372 373 chunk = KHOSER_LOAD_PTR(chunk->hdr.next); 374 kfree(tmp); 375 } 376 } 377 378 static int kho_mem_serialize(struct kho_serialization *ser) 379 { 380 struct khoser_mem_chunk *first_chunk = NULL; 381 struct khoser_mem_chunk *chunk = NULL; 382 struct kho_mem_phys *physxa; 383 unsigned long order; 384 int err = -ENOMEM; 385 386 xa_for_each(&ser->track.orders, order, physxa) { 387 struct kho_mem_phys_bits *bits; 388 unsigned long phys; 389 390 chunk = new_chunk(chunk, order); 391 if (IS_ERR(chunk)) { 392 err = PTR_ERR(chunk); 393 goto err_free; 394 } 395 396 if (!first_chunk) 397 first_chunk = chunk; 398 399 xa_for_each(&physxa->phys_bits, phys, bits) { 400 struct khoser_mem_bitmap_ptr *elm; 401 402 if (chunk->hdr.num_elms == ARRAY_SIZE(chunk->bitmaps)) { 403 chunk = new_chunk(chunk, order); 404 if (IS_ERR(chunk)) { 405 err = PTR_ERR(chunk); 406 goto err_free; 407 } 408 } 409 410 elm = &chunk->bitmaps[chunk->hdr.num_elms]; 411 chunk->hdr.num_elms++; 412 elm->phys_start = (phys * PRESERVE_BITS) 413 << (order + PAGE_SHIFT); 414 KHOSER_STORE_PTR(elm->bitmap, bits); 415 } 416 } 417 418 ser->preserved_mem_map = first_chunk; 419 420 return 0; 421 422 err_free: 423 kho_mem_ser_free(first_chunk); 424 return err; 425 } 426 427 static void __init deserialize_bitmap(unsigned int order, 428 struct khoser_mem_bitmap_ptr *elm) 429 { 430 struct kho_mem_phys_bits *bitmap = KHOSER_LOAD_PTR(elm->bitmap); 431 unsigned long bit; 432 433 for_each_set_bit(bit, bitmap->preserve, PRESERVE_BITS) { 434 int sz = 1 << (order + PAGE_SHIFT); 435 phys_addr_t phys = 436 elm->phys_start + (bit << (order + PAGE_SHIFT)); 437 struct page *page = phys_to_page(phys); 438 union kho_page_info info; 439 440 memblock_reserve(phys, sz); 441 memblock_reserved_mark_noinit(phys, sz); 442 info.magic = KHO_PAGE_MAGIC; 443 info.order = order; 444 page->private = info.page_private; 445 } 446 } 447 448 static void __init kho_mem_deserialize(const void *fdt) 449 { 450 struct khoser_mem_chunk *chunk; 451 const phys_addr_t *mem; 452 int len; 453 454 mem = fdt_getprop(fdt, 0, PROP_PRESERVED_MEMORY_MAP, &len); 455 456 if (!mem || len != sizeof(*mem)) { 457 pr_err("failed to get preserved memory bitmaps\n"); 458 return; 459 } 460 461 chunk = *mem ? phys_to_virt(*mem) : NULL; 462 while (chunk) { 463 unsigned int i; 464 465 for (i = 0; i != chunk->hdr.num_elms; i++) 466 deserialize_bitmap(chunk->hdr.order, 467 &chunk->bitmaps[i]); 468 chunk = KHOSER_LOAD_PTR(chunk->hdr.next); 469 } 470 } 471 472 /* 473 * With KHO enabled, memory can become fragmented because KHO regions may 474 * be anywhere in physical address space. The scratch regions give us a 475 * safe zones that we will never see KHO allocations from. This is where we 476 * can later safely load our new kexec images into and then use the scratch 477 * area for early allocations that happen before page allocator is 478 * initialized. 479 */ 480 struct kho_scratch *kho_scratch; 481 unsigned int kho_scratch_cnt; 482 483 /* 484 * The scratch areas are scaled by default as percent of memory allocated from 485 * memblock. A user can override the scale with command line parameter: 486 * 487 * kho_scratch=N% 488 * 489 * It is also possible to explicitly define size for a lowmem, a global and 490 * per-node scratch areas: 491 * 492 * kho_scratch=l[KMG],n[KMG],m[KMG] 493 * 494 * The explicit size definition takes precedence over scale definition. 495 */ 496 static unsigned int scratch_scale __initdata = 200; 497 static phys_addr_t scratch_size_global __initdata; 498 static phys_addr_t scratch_size_pernode __initdata; 499 static phys_addr_t scratch_size_lowmem __initdata; 500 501 static int __init kho_parse_scratch_size(char *p) 502 { 503 size_t len; 504 unsigned long sizes[3]; 505 size_t total_size = 0; 506 int i; 507 508 if (!p) 509 return -EINVAL; 510 511 len = strlen(p); 512 if (!len) 513 return -EINVAL; 514 515 /* parse nn% */ 516 if (p[len - 1] == '%') { 517 /* unsigned int max is 4,294,967,295, 10 chars */ 518 char s_scale[11] = {}; 519 int ret = 0; 520 521 if (len > ARRAY_SIZE(s_scale)) 522 return -EINVAL; 523 524 memcpy(s_scale, p, len - 1); 525 ret = kstrtouint(s_scale, 10, &scratch_scale); 526 if (!ret) 527 pr_notice("scratch scale is %d%%\n", scratch_scale); 528 return ret; 529 } 530 531 /* parse ll[KMG],mm[KMG],nn[KMG] */ 532 for (i = 0; i < ARRAY_SIZE(sizes); i++) { 533 char *endp = p; 534 535 if (i > 0) { 536 if (*p != ',') 537 return -EINVAL; 538 p += 1; 539 } 540 541 sizes[i] = memparse(p, &endp); 542 if (endp == p) 543 return -EINVAL; 544 p = endp; 545 total_size += sizes[i]; 546 } 547 548 if (!total_size) 549 return -EINVAL; 550 551 /* The string should be fully consumed by now. */ 552 if (*p) 553 return -EINVAL; 554 555 scratch_size_lowmem = sizes[0]; 556 scratch_size_global = sizes[1]; 557 scratch_size_pernode = sizes[2]; 558 scratch_scale = 0; 559 560 pr_notice("scratch areas: lowmem: %lluMiB global: %lluMiB pernode: %lldMiB\n", 561 (u64)(scratch_size_lowmem >> 20), 562 (u64)(scratch_size_global >> 20), 563 (u64)(scratch_size_pernode >> 20)); 564 565 return 0; 566 } 567 early_param("kho_scratch", kho_parse_scratch_size); 568 569 static void __init scratch_size_update(void) 570 { 571 phys_addr_t size; 572 573 if (!scratch_scale) 574 return; 575 576 size = memblock_reserved_kern_size(ARCH_LOW_ADDRESS_LIMIT, 577 NUMA_NO_NODE); 578 size = size * scratch_scale / 100; 579 scratch_size_lowmem = round_up(size, CMA_MIN_ALIGNMENT_BYTES); 580 581 size = memblock_reserved_kern_size(MEMBLOCK_ALLOC_ANYWHERE, 582 NUMA_NO_NODE); 583 size = size * scratch_scale / 100 - scratch_size_lowmem; 584 scratch_size_global = round_up(size, CMA_MIN_ALIGNMENT_BYTES); 585 } 586 587 static phys_addr_t __init scratch_size_node(int nid) 588 { 589 phys_addr_t size; 590 591 if (scratch_scale) { 592 size = memblock_reserved_kern_size(MEMBLOCK_ALLOC_ANYWHERE, 593 nid); 594 size = size * scratch_scale / 100; 595 } else { 596 size = scratch_size_pernode; 597 } 598 599 return round_up(size, CMA_MIN_ALIGNMENT_BYTES); 600 } 601 602 /** 603 * kho_reserve_scratch - Reserve a contiguous chunk of memory for kexec 604 * 605 * With KHO we can preserve arbitrary pages in the system. To ensure we still 606 * have a large contiguous region of memory when we search the physical address 607 * space for target memory, let's make sure we always have a large CMA region 608 * active. This CMA region will only be used for movable pages which are not a 609 * problem for us during KHO because we can just move them somewhere else. 610 */ 611 static void __init kho_reserve_scratch(void) 612 { 613 phys_addr_t addr, size; 614 int nid, i = 0; 615 616 if (!kho_enable) 617 return; 618 619 scratch_size_update(); 620 621 /* FIXME: deal with node hot-plug/remove */ 622 kho_scratch_cnt = num_online_nodes() + 2; 623 size = kho_scratch_cnt * sizeof(*kho_scratch); 624 kho_scratch = memblock_alloc(size, PAGE_SIZE); 625 if (!kho_scratch) 626 goto err_disable_kho; 627 628 /* 629 * reserve scratch area in low memory for lowmem allocations in the 630 * next kernel 631 */ 632 size = scratch_size_lowmem; 633 addr = memblock_phys_alloc_range(size, CMA_MIN_ALIGNMENT_BYTES, 0, 634 ARCH_LOW_ADDRESS_LIMIT); 635 if (!addr) 636 goto err_free_scratch_desc; 637 638 kho_scratch[i].addr = addr; 639 kho_scratch[i].size = size; 640 i++; 641 642 /* reserve large contiguous area for allocations without nid */ 643 size = scratch_size_global; 644 addr = memblock_phys_alloc(size, CMA_MIN_ALIGNMENT_BYTES); 645 if (!addr) 646 goto err_free_scratch_areas; 647 648 kho_scratch[i].addr = addr; 649 kho_scratch[i].size = size; 650 i++; 651 652 for_each_online_node(nid) { 653 size = scratch_size_node(nid); 654 addr = memblock_alloc_range_nid(size, CMA_MIN_ALIGNMENT_BYTES, 655 0, MEMBLOCK_ALLOC_ACCESSIBLE, 656 nid, true); 657 if (!addr) 658 goto err_free_scratch_areas; 659 660 kho_scratch[i].addr = addr; 661 kho_scratch[i].size = size; 662 i++; 663 } 664 665 return; 666 667 err_free_scratch_areas: 668 for (i--; i >= 0; i--) 669 memblock_phys_free(kho_scratch[i].addr, kho_scratch[i].size); 670 err_free_scratch_desc: 671 memblock_free(kho_scratch, kho_scratch_cnt * sizeof(*kho_scratch)); 672 err_disable_kho: 673 pr_warn("Failed to reserve scratch area, disabling kexec handover\n"); 674 kho_enable = false; 675 } 676 677 struct fdt_debugfs { 678 struct list_head list; 679 struct debugfs_blob_wrapper wrapper; 680 struct dentry *file; 681 }; 682 683 static int kho_debugfs_fdt_add(struct list_head *list, struct dentry *dir, 684 const char *name, const void *fdt) 685 { 686 struct fdt_debugfs *f; 687 struct dentry *file; 688 689 f = kmalloc(sizeof(*f), GFP_KERNEL); 690 if (!f) 691 return -ENOMEM; 692 693 f->wrapper.data = (void *)fdt; 694 f->wrapper.size = fdt_totalsize(fdt); 695 696 file = debugfs_create_blob(name, 0400, dir, &f->wrapper); 697 if (IS_ERR(file)) { 698 kfree(f); 699 return PTR_ERR(file); 700 } 701 702 f->file = file; 703 list_add(&f->list, list); 704 705 return 0; 706 } 707 708 /** 709 * kho_add_subtree - record the physical address of a sub FDT in KHO root tree. 710 * @ser: serialization control object passed by KHO notifiers. 711 * @name: name of the sub tree. 712 * @fdt: the sub tree blob. 713 * 714 * Creates a new child node named @name in KHO root FDT and records 715 * the physical address of @fdt. The pages of @fdt must also be preserved 716 * by KHO for the new kernel to retrieve it after kexec. 717 * 718 * A debugfs blob entry is also created at 719 * ``/sys/kernel/debug/kho/out/sub_fdts/@name``. 720 * 721 * Return: 0 on success, error code on failure 722 */ 723 int kho_add_subtree(struct kho_serialization *ser, const char *name, void *fdt) 724 { 725 int err = 0; 726 u64 phys = (u64)virt_to_phys(fdt); 727 void *root = page_to_virt(ser->fdt); 728 729 err |= fdt_begin_node(root, name); 730 err |= fdt_property(root, PROP_SUB_FDT, &phys, sizeof(phys)); 731 err |= fdt_end_node(root); 732 733 if (err) 734 return err; 735 736 return kho_debugfs_fdt_add(&ser->fdt_list, ser->sub_fdt_dir, name, fdt); 737 } 738 EXPORT_SYMBOL_GPL(kho_add_subtree); 739 740 int register_kho_notifier(struct notifier_block *nb) 741 { 742 return blocking_notifier_chain_register(&kho_out.chain_head, nb); 743 } 744 EXPORT_SYMBOL_GPL(register_kho_notifier); 745 746 int unregister_kho_notifier(struct notifier_block *nb) 747 { 748 return blocking_notifier_chain_unregister(&kho_out.chain_head, nb); 749 } 750 EXPORT_SYMBOL_GPL(unregister_kho_notifier); 751 752 /** 753 * kho_preserve_folio - preserve a folio across kexec. 754 * @folio: folio to preserve. 755 * 756 * Instructs KHO to preserve the whole folio across kexec. The order 757 * will be preserved as well. 758 * 759 * Return: 0 on success, error code on failure 760 */ 761 int kho_preserve_folio(struct folio *folio) 762 { 763 const unsigned long pfn = folio_pfn(folio); 764 const unsigned int order = folio_order(folio); 765 struct kho_mem_track *track = &kho_out.ser.track; 766 767 if (WARN_ON(kho_scratch_overlap(pfn << PAGE_SHIFT, PAGE_SIZE << order))) 768 return -EINVAL; 769 770 return __kho_preserve_order(track, pfn, order); 771 } 772 EXPORT_SYMBOL_GPL(kho_preserve_folio); 773 774 /** 775 * kho_preserve_pages - preserve contiguous pages across kexec 776 * @page: first page in the list. 777 * @nr_pages: number of pages. 778 * 779 * Preserve a contiguous list of order 0 pages. Must be restored using 780 * kho_restore_pages() to ensure the pages are restored properly as order 0. 781 * 782 * Return: 0 on success, error code on failure 783 */ 784 int kho_preserve_pages(struct page *page, unsigned int nr_pages) 785 { 786 struct kho_mem_track *track = &kho_out.ser.track; 787 const unsigned long start_pfn = page_to_pfn(page); 788 const unsigned long end_pfn = start_pfn + nr_pages; 789 unsigned long pfn = start_pfn; 790 unsigned long failed_pfn = 0; 791 int err = 0; 792 793 if (WARN_ON(kho_scratch_overlap(start_pfn << PAGE_SHIFT, 794 nr_pages << PAGE_SHIFT))) { 795 return -EINVAL; 796 } 797 798 while (pfn < end_pfn) { 799 const unsigned int order = 800 min(count_trailing_zeros(pfn), ilog2(end_pfn - pfn)); 801 802 err = __kho_preserve_order(track, pfn, order); 803 if (err) { 804 failed_pfn = pfn; 805 break; 806 } 807 808 pfn += 1 << order; 809 } 810 811 if (err) 812 __kho_unpreserve(track, start_pfn, failed_pfn); 813 814 return err; 815 } 816 EXPORT_SYMBOL_GPL(kho_preserve_pages); 817 818 struct kho_vmalloc_hdr { 819 DECLARE_KHOSER_PTR(next, struct kho_vmalloc_chunk *); 820 }; 821 822 #define KHO_VMALLOC_SIZE \ 823 ((PAGE_SIZE - sizeof(struct kho_vmalloc_hdr)) / \ 824 sizeof(phys_addr_t)) 825 826 struct kho_vmalloc_chunk { 827 struct kho_vmalloc_hdr hdr; 828 phys_addr_t phys[KHO_VMALLOC_SIZE]; 829 }; 830 831 static_assert(sizeof(struct kho_vmalloc_chunk) == PAGE_SIZE); 832 833 /* vmalloc flags KHO supports */ 834 #define KHO_VMALLOC_SUPPORTED_FLAGS (VM_ALLOC | VM_ALLOW_HUGE_VMAP) 835 836 /* KHO internal flags for vmalloc preservations */ 837 #define KHO_VMALLOC_ALLOC 0x0001 838 #define KHO_VMALLOC_HUGE_VMAP 0x0002 839 840 static unsigned short vmalloc_flags_to_kho(unsigned int vm_flags) 841 { 842 unsigned short kho_flags = 0; 843 844 if (vm_flags & VM_ALLOC) 845 kho_flags |= KHO_VMALLOC_ALLOC; 846 if (vm_flags & VM_ALLOW_HUGE_VMAP) 847 kho_flags |= KHO_VMALLOC_HUGE_VMAP; 848 849 return kho_flags; 850 } 851 852 static unsigned int kho_flags_to_vmalloc(unsigned short kho_flags) 853 { 854 unsigned int vm_flags = 0; 855 856 if (kho_flags & KHO_VMALLOC_ALLOC) 857 vm_flags |= VM_ALLOC; 858 if (kho_flags & KHO_VMALLOC_HUGE_VMAP) 859 vm_flags |= VM_ALLOW_HUGE_VMAP; 860 861 return vm_flags; 862 } 863 864 static struct kho_vmalloc_chunk *new_vmalloc_chunk(struct kho_vmalloc_chunk *cur) 865 { 866 struct kho_vmalloc_chunk *chunk; 867 int err; 868 869 chunk = (struct kho_vmalloc_chunk *)get_zeroed_page(GFP_KERNEL); 870 if (!chunk) 871 return NULL; 872 873 err = kho_preserve_pages(virt_to_page(chunk), 1); 874 if (err) 875 goto err_free; 876 if (cur) 877 KHOSER_STORE_PTR(cur->hdr.next, chunk); 878 return chunk; 879 880 err_free: 881 free_page((unsigned long)chunk); 882 return NULL; 883 } 884 885 static void kho_vmalloc_unpreserve_chunk(struct kho_vmalloc_chunk *chunk, 886 unsigned short order) 887 { 888 struct kho_mem_track *track = &kho_out.ser.track; 889 unsigned long pfn = PHYS_PFN(virt_to_phys(chunk)); 890 891 __kho_unpreserve(track, pfn, pfn + 1); 892 893 for (int i = 0; i < ARRAY_SIZE(chunk->phys) && chunk->phys[i]; i++) { 894 pfn = PHYS_PFN(chunk->phys[i]); 895 __kho_unpreserve(track, pfn, pfn + (1 << order)); 896 } 897 } 898 899 static void kho_vmalloc_free_chunks(struct kho_vmalloc *kho_vmalloc) 900 { 901 struct kho_vmalloc_chunk *chunk = KHOSER_LOAD_PTR(kho_vmalloc->first); 902 903 while (chunk) { 904 struct kho_vmalloc_chunk *tmp = chunk; 905 906 kho_vmalloc_unpreserve_chunk(chunk, kho_vmalloc->order); 907 908 chunk = KHOSER_LOAD_PTR(chunk->hdr.next); 909 free_page((unsigned long)tmp); 910 } 911 } 912 913 /** 914 * kho_preserve_vmalloc - preserve memory allocated with vmalloc() across kexec 915 * @ptr: pointer to the area in vmalloc address space 916 * @preservation: placeholder for preservation metadata 917 * 918 * Instructs KHO to preserve the area in vmalloc address space at @ptr. The 919 * physical pages mapped at @ptr will be preserved and on successful return 920 * @preservation will hold the physical address of a structure that describes 921 * the preservation. 922 * 923 * NOTE: The memory allocated with vmalloc_node() variants cannot be reliably 924 * restored on the same node 925 * 926 * Return: 0 on success, error code on failure 927 */ 928 int kho_preserve_vmalloc(void *ptr, struct kho_vmalloc *preservation) 929 { 930 struct kho_vmalloc_chunk *chunk; 931 struct vm_struct *vm = find_vm_area(ptr); 932 unsigned int order, flags, nr_contig_pages; 933 unsigned int idx = 0; 934 int err; 935 936 if (!vm) 937 return -EINVAL; 938 939 if (vm->flags & ~KHO_VMALLOC_SUPPORTED_FLAGS) 940 return -EOPNOTSUPP; 941 942 flags = vmalloc_flags_to_kho(vm->flags); 943 order = get_vm_area_page_order(vm); 944 945 chunk = new_vmalloc_chunk(NULL); 946 if (!chunk) 947 return -ENOMEM; 948 KHOSER_STORE_PTR(preservation->first, chunk); 949 950 nr_contig_pages = (1 << order); 951 for (int i = 0; i < vm->nr_pages; i += nr_contig_pages) { 952 phys_addr_t phys = page_to_phys(vm->pages[i]); 953 954 err = kho_preserve_pages(vm->pages[i], nr_contig_pages); 955 if (err) 956 goto err_free; 957 958 chunk->phys[idx++] = phys; 959 if (idx == ARRAY_SIZE(chunk->phys)) { 960 chunk = new_vmalloc_chunk(chunk); 961 if (!chunk) 962 goto err_free; 963 idx = 0; 964 } 965 } 966 967 preservation->total_pages = vm->nr_pages; 968 preservation->flags = flags; 969 preservation->order = order; 970 971 return 0; 972 973 err_free: 974 kho_vmalloc_free_chunks(preservation); 975 return err; 976 } 977 EXPORT_SYMBOL_GPL(kho_preserve_vmalloc); 978 979 /** 980 * kho_restore_vmalloc - recreates and populates an area in vmalloc address 981 * space from the preserved memory. 982 * @preservation: preservation metadata. 983 * 984 * Recreates an area in vmalloc address space and populates it with memory that 985 * was preserved using kho_preserve_vmalloc(). 986 * 987 * Return: pointer to the area in the vmalloc address space, NULL on failure. 988 */ 989 void *kho_restore_vmalloc(const struct kho_vmalloc *preservation) 990 { 991 struct kho_vmalloc_chunk *chunk = KHOSER_LOAD_PTR(preservation->first); 992 unsigned int align, order, shift, vm_flags; 993 unsigned long total_pages, contig_pages; 994 unsigned long addr, size; 995 struct vm_struct *area; 996 struct page **pages; 997 unsigned int idx = 0; 998 int err; 999 1000 vm_flags = kho_flags_to_vmalloc(preservation->flags); 1001 if (vm_flags & ~KHO_VMALLOC_SUPPORTED_FLAGS) 1002 return NULL; 1003 1004 total_pages = preservation->total_pages; 1005 pages = kvmalloc_array(total_pages, sizeof(*pages), GFP_KERNEL); 1006 if (!pages) 1007 return NULL; 1008 order = preservation->order; 1009 contig_pages = (1 << order); 1010 shift = PAGE_SHIFT + order; 1011 align = 1 << shift; 1012 1013 while (chunk) { 1014 struct page *page; 1015 1016 for (int i = 0; i < ARRAY_SIZE(chunk->phys) && chunk->phys[i]; i++) { 1017 phys_addr_t phys = chunk->phys[i]; 1018 1019 if (idx + contig_pages > total_pages) 1020 goto err_free_pages_array; 1021 1022 page = kho_restore_pages(phys, contig_pages); 1023 if (!page) 1024 goto err_free_pages_array; 1025 1026 for (int j = 0; j < contig_pages; j++) 1027 pages[idx++] = page; 1028 1029 phys += contig_pages * PAGE_SIZE; 1030 } 1031 1032 page = kho_restore_pages(virt_to_phys(chunk), 1); 1033 if (!page) 1034 goto err_free_pages_array; 1035 chunk = KHOSER_LOAD_PTR(chunk->hdr.next); 1036 __free_page(page); 1037 } 1038 1039 if (idx != total_pages) 1040 goto err_free_pages_array; 1041 1042 area = __get_vm_area_node(total_pages * PAGE_SIZE, align, shift, 1043 vm_flags, VMALLOC_START, VMALLOC_END, 1044 NUMA_NO_NODE, GFP_KERNEL, 1045 __builtin_return_address(0)); 1046 if (!area) 1047 goto err_free_pages_array; 1048 1049 addr = (unsigned long)area->addr; 1050 size = get_vm_area_size(area); 1051 err = vmap_pages_range(addr, addr + size, PAGE_KERNEL, pages, shift); 1052 if (err) 1053 goto err_free_vm_area; 1054 1055 area->nr_pages = total_pages; 1056 area->pages = pages; 1057 1058 return area->addr; 1059 1060 err_free_vm_area: 1061 free_vm_area(area); 1062 err_free_pages_array: 1063 kvfree(pages); 1064 return NULL; 1065 } 1066 EXPORT_SYMBOL_GPL(kho_restore_vmalloc); 1067 1068 /* Handling for debug/kho/out */ 1069 1070 static struct dentry *debugfs_root; 1071 1072 static int kho_out_update_debugfs_fdt(void) 1073 { 1074 int err = 0; 1075 struct fdt_debugfs *ff, *tmp; 1076 1077 if (kho_out.finalized) { 1078 err = kho_debugfs_fdt_add(&kho_out.ser.fdt_list, kho_out.dir, 1079 "fdt", page_to_virt(kho_out.ser.fdt)); 1080 } else { 1081 list_for_each_entry_safe(ff, tmp, &kho_out.ser.fdt_list, list) { 1082 debugfs_remove(ff->file); 1083 list_del(&ff->list); 1084 kfree(ff); 1085 } 1086 } 1087 1088 return err; 1089 } 1090 1091 static int kho_abort(void) 1092 { 1093 int err; 1094 unsigned long order; 1095 struct kho_mem_phys *physxa; 1096 1097 xa_for_each(&kho_out.ser.track.orders, order, physxa) { 1098 struct kho_mem_phys_bits *bits; 1099 unsigned long phys; 1100 1101 xa_for_each(&physxa->phys_bits, phys, bits) 1102 kfree(bits); 1103 1104 xa_destroy(&physxa->phys_bits); 1105 kfree(physxa); 1106 } 1107 xa_destroy(&kho_out.ser.track.orders); 1108 1109 if (kho_out.ser.preserved_mem_map) { 1110 kho_mem_ser_free(kho_out.ser.preserved_mem_map); 1111 kho_out.ser.preserved_mem_map = NULL; 1112 } 1113 1114 err = blocking_notifier_call_chain(&kho_out.chain_head, KEXEC_KHO_ABORT, 1115 NULL); 1116 err = notifier_to_errno(err); 1117 1118 if (err) 1119 pr_err("Failed to abort KHO finalization: %d\n", err); 1120 1121 return err; 1122 } 1123 1124 static int kho_finalize(void) 1125 { 1126 int err = 0; 1127 u64 *preserved_mem_map; 1128 void *fdt = page_to_virt(kho_out.ser.fdt); 1129 1130 err |= fdt_create(fdt, PAGE_SIZE); 1131 err |= fdt_finish_reservemap(fdt); 1132 err |= fdt_begin_node(fdt, ""); 1133 err |= fdt_property_string(fdt, "compatible", KHO_FDT_COMPATIBLE); 1134 /** 1135 * Reserve the preserved-memory-map property in the root FDT, so 1136 * that all property definitions will precede subnodes created by 1137 * KHO callers. 1138 */ 1139 err |= fdt_property_placeholder(fdt, PROP_PRESERVED_MEMORY_MAP, 1140 sizeof(*preserved_mem_map), 1141 (void **)&preserved_mem_map); 1142 if (err) 1143 goto abort; 1144 1145 err = kho_preserve_folio(page_folio(kho_out.ser.fdt)); 1146 if (err) 1147 goto abort; 1148 1149 err = blocking_notifier_call_chain(&kho_out.chain_head, 1150 KEXEC_KHO_FINALIZE, &kho_out.ser); 1151 err = notifier_to_errno(err); 1152 if (err) 1153 goto abort; 1154 1155 err = kho_mem_serialize(&kho_out.ser); 1156 if (err) 1157 goto abort; 1158 1159 *preserved_mem_map = (u64)virt_to_phys(kho_out.ser.preserved_mem_map); 1160 1161 err |= fdt_end_node(fdt); 1162 err |= fdt_finish(fdt); 1163 1164 abort: 1165 if (err) { 1166 pr_err("Failed to convert KHO state tree: %d\n", err); 1167 kho_abort(); 1168 } 1169 1170 return err; 1171 } 1172 1173 static int kho_out_finalize_get(void *data, u64 *val) 1174 { 1175 mutex_lock(&kho_out.lock); 1176 *val = kho_out.finalized; 1177 mutex_unlock(&kho_out.lock); 1178 1179 return 0; 1180 } 1181 1182 static int kho_out_finalize_set(void *data, u64 _val) 1183 { 1184 int ret = 0; 1185 bool val = !!_val; 1186 1187 mutex_lock(&kho_out.lock); 1188 1189 if (val == kho_out.finalized) { 1190 if (kho_out.finalized) 1191 ret = -EEXIST; 1192 else 1193 ret = -ENOENT; 1194 goto unlock; 1195 } 1196 1197 if (val) 1198 ret = kho_finalize(); 1199 else 1200 ret = kho_abort(); 1201 1202 if (ret) 1203 goto unlock; 1204 1205 kho_out.finalized = val; 1206 ret = kho_out_update_debugfs_fdt(); 1207 1208 unlock: 1209 mutex_unlock(&kho_out.lock); 1210 return ret; 1211 } 1212 1213 DEFINE_DEBUGFS_ATTRIBUTE(fops_kho_out_finalize, kho_out_finalize_get, 1214 kho_out_finalize_set, "%llu\n"); 1215 1216 static int scratch_phys_show(struct seq_file *m, void *v) 1217 { 1218 for (int i = 0; i < kho_scratch_cnt; i++) 1219 seq_printf(m, "0x%llx\n", kho_scratch[i].addr); 1220 1221 return 0; 1222 } 1223 DEFINE_SHOW_ATTRIBUTE(scratch_phys); 1224 1225 static int scratch_len_show(struct seq_file *m, void *v) 1226 { 1227 for (int i = 0; i < kho_scratch_cnt; i++) 1228 seq_printf(m, "0x%llx\n", kho_scratch[i].size); 1229 1230 return 0; 1231 } 1232 DEFINE_SHOW_ATTRIBUTE(scratch_len); 1233 1234 static __init int kho_out_debugfs_init(void) 1235 { 1236 struct dentry *dir, *f, *sub_fdt_dir; 1237 1238 dir = debugfs_create_dir("out", debugfs_root); 1239 if (IS_ERR(dir)) 1240 return -ENOMEM; 1241 1242 sub_fdt_dir = debugfs_create_dir("sub_fdts", dir); 1243 if (IS_ERR(sub_fdt_dir)) 1244 goto err_rmdir; 1245 1246 f = debugfs_create_file("scratch_phys", 0400, dir, NULL, 1247 &scratch_phys_fops); 1248 if (IS_ERR(f)) 1249 goto err_rmdir; 1250 1251 f = debugfs_create_file("scratch_len", 0400, dir, NULL, 1252 &scratch_len_fops); 1253 if (IS_ERR(f)) 1254 goto err_rmdir; 1255 1256 f = debugfs_create_file("finalize", 0600, dir, NULL, 1257 &fops_kho_out_finalize); 1258 if (IS_ERR(f)) 1259 goto err_rmdir; 1260 1261 kho_out.dir = dir; 1262 kho_out.ser.sub_fdt_dir = sub_fdt_dir; 1263 return 0; 1264 1265 err_rmdir: 1266 debugfs_remove_recursive(dir); 1267 return -ENOENT; 1268 } 1269 1270 struct kho_in { 1271 struct dentry *dir; 1272 phys_addr_t fdt_phys; 1273 phys_addr_t scratch_phys; 1274 struct list_head fdt_list; 1275 }; 1276 1277 static struct kho_in kho_in = { 1278 .fdt_list = LIST_HEAD_INIT(kho_in.fdt_list), 1279 }; 1280 1281 static const void *kho_get_fdt(void) 1282 { 1283 return kho_in.fdt_phys ? phys_to_virt(kho_in.fdt_phys) : NULL; 1284 } 1285 1286 /** 1287 * is_kho_boot - check if current kernel was booted via KHO-enabled 1288 * kexec 1289 * 1290 * This function checks if the current kernel was loaded through a kexec 1291 * operation with KHO enabled, by verifying that a valid KHO FDT 1292 * was passed. 1293 * 1294 * Note: This function returns reliable results only after 1295 * kho_populate() has been called during early boot. Before that, 1296 * it may return false even if KHO data is present. 1297 * 1298 * Return: true if booted via KHO-enabled kexec, false otherwise 1299 */ 1300 bool is_kho_boot(void) 1301 { 1302 return !!kho_get_fdt(); 1303 } 1304 EXPORT_SYMBOL_GPL(is_kho_boot); 1305 1306 /** 1307 * kho_retrieve_subtree - retrieve a preserved sub FDT by its name. 1308 * @name: the name of the sub FDT passed to kho_add_subtree(). 1309 * @phys: if found, the physical address of the sub FDT is stored in @phys. 1310 * 1311 * Retrieve a preserved sub FDT named @name and store its physical 1312 * address in @phys. 1313 * 1314 * Return: 0 on success, error code on failure 1315 */ 1316 int kho_retrieve_subtree(const char *name, phys_addr_t *phys) 1317 { 1318 const void *fdt = kho_get_fdt(); 1319 const u64 *val; 1320 int offset, len; 1321 1322 if (!fdt) 1323 return -ENOENT; 1324 1325 if (!phys) 1326 return -EINVAL; 1327 1328 offset = fdt_subnode_offset(fdt, 0, name); 1329 if (offset < 0) 1330 return -ENOENT; 1331 1332 val = fdt_getprop(fdt, offset, PROP_SUB_FDT, &len); 1333 if (!val || len != sizeof(*val)) 1334 return -EINVAL; 1335 1336 *phys = (phys_addr_t)*val; 1337 1338 return 0; 1339 } 1340 EXPORT_SYMBOL_GPL(kho_retrieve_subtree); 1341 1342 /* Handling for debugfs/kho/in */ 1343 1344 static __init int kho_in_debugfs_init(const void *fdt) 1345 { 1346 struct dentry *sub_fdt_dir; 1347 int err, child; 1348 1349 kho_in.dir = debugfs_create_dir("in", debugfs_root); 1350 if (IS_ERR(kho_in.dir)) 1351 return PTR_ERR(kho_in.dir); 1352 1353 sub_fdt_dir = debugfs_create_dir("sub_fdts", kho_in.dir); 1354 if (IS_ERR(sub_fdt_dir)) { 1355 err = PTR_ERR(sub_fdt_dir); 1356 goto err_rmdir; 1357 } 1358 1359 err = kho_debugfs_fdt_add(&kho_in.fdt_list, kho_in.dir, "fdt", fdt); 1360 if (err) 1361 goto err_rmdir; 1362 1363 fdt_for_each_subnode(child, fdt, 0) { 1364 int len = 0; 1365 const char *name = fdt_get_name(fdt, child, NULL); 1366 const u64 *fdt_phys; 1367 1368 fdt_phys = fdt_getprop(fdt, child, "fdt", &len); 1369 if (!fdt_phys) 1370 continue; 1371 if (len != sizeof(*fdt_phys)) { 1372 pr_warn("node `%s`'s prop `fdt` has invalid length: %d\n", 1373 name, len); 1374 continue; 1375 } 1376 err = kho_debugfs_fdt_add(&kho_in.fdt_list, sub_fdt_dir, name, 1377 phys_to_virt(*fdt_phys)); 1378 if (err) { 1379 pr_warn("failed to add fdt `%s` to debugfs: %d\n", name, 1380 err); 1381 continue; 1382 } 1383 } 1384 1385 return 0; 1386 1387 err_rmdir: 1388 debugfs_remove_recursive(kho_in.dir); 1389 return err; 1390 } 1391 1392 static __init int kho_init(void) 1393 { 1394 int err = 0; 1395 const void *fdt = kho_get_fdt(); 1396 1397 if (!kho_enable) 1398 return 0; 1399 1400 kho_out.ser.fdt = alloc_page(GFP_KERNEL); 1401 if (!kho_out.ser.fdt) { 1402 err = -ENOMEM; 1403 goto err_free_scratch; 1404 } 1405 1406 debugfs_root = debugfs_create_dir("kho", NULL); 1407 if (IS_ERR(debugfs_root)) { 1408 err = -ENOENT; 1409 goto err_free_fdt; 1410 } 1411 1412 err = kho_out_debugfs_init(); 1413 if (err) 1414 goto err_free_fdt; 1415 1416 if (fdt) { 1417 err = kho_in_debugfs_init(fdt); 1418 /* 1419 * Failure to create /sys/kernel/debug/kho/in does not prevent 1420 * reviving state from KHO and setting up KHO for the next 1421 * kexec. 1422 */ 1423 if (err) 1424 pr_err("failed exposing handover FDT in debugfs: %d\n", 1425 err); 1426 1427 return 0; 1428 } 1429 1430 for (int i = 0; i < kho_scratch_cnt; i++) { 1431 unsigned long base_pfn = PHYS_PFN(kho_scratch[i].addr); 1432 unsigned long count = kho_scratch[i].size >> PAGE_SHIFT; 1433 unsigned long pfn; 1434 1435 for (pfn = base_pfn; pfn < base_pfn + count; 1436 pfn += pageblock_nr_pages) 1437 init_cma_reserved_pageblock(pfn_to_page(pfn)); 1438 } 1439 1440 return 0; 1441 1442 err_free_fdt: 1443 put_page(kho_out.ser.fdt); 1444 kho_out.ser.fdt = NULL; 1445 err_free_scratch: 1446 for (int i = 0; i < kho_scratch_cnt; i++) { 1447 void *start = __va(kho_scratch[i].addr); 1448 void *end = start + kho_scratch[i].size; 1449 1450 free_reserved_area(start, end, -1, ""); 1451 } 1452 kho_enable = false; 1453 return err; 1454 } 1455 late_initcall(kho_init); 1456 1457 static void __init kho_release_scratch(void) 1458 { 1459 phys_addr_t start, end; 1460 u64 i; 1461 1462 memmap_init_kho_scratch_pages(); 1463 1464 /* 1465 * Mark scratch mem as CMA before we return it. That way we 1466 * ensure that no kernel allocations happen on it. That means 1467 * we can reuse it as scratch memory again later. 1468 */ 1469 __for_each_mem_range(i, &memblock.memory, NULL, NUMA_NO_NODE, 1470 MEMBLOCK_KHO_SCRATCH, &start, &end, NULL) { 1471 ulong start_pfn = pageblock_start_pfn(PFN_DOWN(start)); 1472 ulong end_pfn = pageblock_align(PFN_UP(end)); 1473 ulong pfn; 1474 1475 for (pfn = start_pfn; pfn < end_pfn; pfn += pageblock_nr_pages) 1476 init_pageblock_migratetype(pfn_to_page(pfn), 1477 MIGRATE_CMA, false); 1478 } 1479 } 1480 1481 void __init kho_memory_init(void) 1482 { 1483 struct folio *folio; 1484 1485 if (kho_in.scratch_phys) { 1486 kho_scratch = phys_to_virt(kho_in.scratch_phys); 1487 kho_release_scratch(); 1488 1489 kho_mem_deserialize(kho_get_fdt()); 1490 folio = kho_restore_folio(kho_in.fdt_phys); 1491 if (!folio) 1492 pr_warn("failed to restore folio for KHO fdt\n"); 1493 } else { 1494 kho_reserve_scratch(); 1495 } 1496 } 1497 1498 void __init kho_populate(phys_addr_t fdt_phys, u64 fdt_len, 1499 phys_addr_t scratch_phys, u64 scratch_len) 1500 { 1501 void *fdt = NULL; 1502 struct kho_scratch *scratch = NULL; 1503 int err = 0; 1504 unsigned int scratch_cnt = scratch_len / sizeof(*kho_scratch); 1505 1506 /* Validate the input FDT */ 1507 fdt = early_memremap(fdt_phys, fdt_len); 1508 if (!fdt) { 1509 pr_warn("setup: failed to memremap FDT (0x%llx)\n", fdt_phys); 1510 err = -EFAULT; 1511 goto out; 1512 } 1513 err = fdt_check_header(fdt); 1514 if (err) { 1515 pr_warn("setup: handover FDT (0x%llx) is invalid: %d\n", 1516 fdt_phys, err); 1517 err = -EINVAL; 1518 goto out; 1519 } 1520 err = fdt_node_check_compatible(fdt, 0, KHO_FDT_COMPATIBLE); 1521 if (err) { 1522 pr_warn("setup: handover FDT (0x%llx) is incompatible with '%s': %d\n", 1523 fdt_phys, KHO_FDT_COMPATIBLE, err); 1524 err = -EINVAL; 1525 goto out; 1526 } 1527 1528 scratch = early_memremap(scratch_phys, scratch_len); 1529 if (!scratch) { 1530 pr_warn("setup: failed to memremap scratch (phys=0x%llx, len=%lld)\n", 1531 scratch_phys, scratch_len); 1532 err = -EFAULT; 1533 goto out; 1534 } 1535 1536 /* 1537 * We pass a safe contiguous blocks of memory to use for early boot 1538 * purporses from the previous kernel so that we can resize the 1539 * memblock array as needed. 1540 */ 1541 for (int i = 0; i < scratch_cnt; i++) { 1542 struct kho_scratch *area = &scratch[i]; 1543 u64 size = area->size; 1544 1545 memblock_add(area->addr, size); 1546 err = memblock_mark_kho_scratch(area->addr, size); 1547 if (WARN_ON(err)) { 1548 pr_warn("failed to mark the scratch region 0x%pa+0x%pa: %d", 1549 &area->addr, &size, err); 1550 goto out; 1551 } 1552 pr_debug("Marked 0x%pa+0x%pa as scratch", &area->addr, &size); 1553 } 1554 1555 memblock_reserve(scratch_phys, scratch_len); 1556 1557 /* 1558 * Now that we have a viable region of scratch memory, let's tell 1559 * the memblocks allocator to only use that for any allocations. 1560 * That way we ensure that nothing scribbles over in use data while 1561 * we initialize the page tables which we will need to ingest all 1562 * memory reservations from the previous kernel. 1563 */ 1564 memblock_set_kho_scratch_only(); 1565 1566 kho_in.fdt_phys = fdt_phys; 1567 kho_in.scratch_phys = scratch_phys; 1568 kho_scratch_cnt = scratch_cnt; 1569 pr_info("found kexec handover data. Will skip init for some devices\n"); 1570 1571 out: 1572 if (fdt) 1573 early_memunmap(fdt, fdt_len); 1574 if (scratch) 1575 early_memunmap(scratch, scratch_len); 1576 if (err) 1577 pr_warn("disabling KHO revival: %d\n", err); 1578 } 1579 1580 /* Helper functions for kexec_file_load */ 1581 1582 int kho_fill_kimage(struct kimage *image) 1583 { 1584 ssize_t scratch_size; 1585 int err = 0; 1586 struct kexec_buf scratch; 1587 1588 if (!kho_out.finalized) 1589 return 0; 1590 1591 image->kho.fdt = page_to_phys(kho_out.ser.fdt); 1592 1593 scratch_size = sizeof(*kho_scratch) * kho_scratch_cnt; 1594 scratch = (struct kexec_buf){ 1595 .image = image, 1596 .buffer = kho_scratch, 1597 .bufsz = scratch_size, 1598 .mem = KEXEC_BUF_MEM_UNKNOWN, 1599 .memsz = scratch_size, 1600 .buf_align = SZ_64K, /* Makes it easier to map */ 1601 .buf_max = ULONG_MAX, 1602 .top_down = true, 1603 }; 1604 err = kexec_add_buffer(&scratch); 1605 if (err) 1606 return err; 1607 image->kho.scratch = &image->segment[image->nr_segments - 1]; 1608 1609 return 0; 1610 } 1611 1612 static int kho_walk_scratch(struct kexec_buf *kbuf, 1613 int (*func)(struct resource *, void *)) 1614 { 1615 int ret = 0; 1616 int i; 1617 1618 for (i = 0; i < kho_scratch_cnt; i++) { 1619 struct resource res = { 1620 .start = kho_scratch[i].addr, 1621 .end = kho_scratch[i].addr + kho_scratch[i].size - 1, 1622 }; 1623 1624 /* Try to fit the kimage into our KHO scratch region */ 1625 ret = func(&res, kbuf); 1626 if (ret) 1627 break; 1628 } 1629 1630 return ret; 1631 } 1632 1633 int kho_locate_mem_hole(struct kexec_buf *kbuf, 1634 int (*func)(struct resource *, void *)) 1635 { 1636 int ret; 1637 1638 if (!kho_enable || kbuf->image->type == KEXEC_TYPE_CRASH) 1639 return 1; 1640 1641 ret = kho_walk_scratch(kbuf, func); 1642 1643 return ret == 1 ? 0 : -EADDRNOTAVAIL; 1644 } 1645