1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * linux/kernel/reboot.c 4 * 5 * Copyright (C) 2013 Linus Torvalds 6 */ 7 8 #define pr_fmt(fmt) "reboot: " fmt 9 10 #include <linux/atomic.h> 11 #include <linux/ctype.h> 12 #include <linux/export.h> 13 #include <linux/kexec.h> 14 #include <linux/kmod.h> 15 #include <linux/kmsg_dump.h> 16 #include <linux/reboot.h> 17 #include <linux/suspend.h> 18 #include <linux/syscalls.h> 19 #include <linux/syscore_ops.h> 20 #include <linux/uaccess.h> 21 22 /* 23 * this indicates whether you can reboot with ctrl-alt-del: the default is yes 24 */ 25 26 static int C_A_D = 1; 27 struct pid *cad_pid; 28 EXPORT_SYMBOL(cad_pid); 29 30 #if defined(CONFIG_ARM) 31 #define DEFAULT_REBOOT_MODE = REBOOT_HARD 32 #else 33 #define DEFAULT_REBOOT_MODE 34 #endif 35 enum reboot_mode reboot_mode DEFAULT_REBOOT_MODE; 36 EXPORT_SYMBOL_GPL(reboot_mode); 37 enum reboot_mode panic_reboot_mode = REBOOT_UNDEFINED; 38 39 /* 40 * This variable is used privately to keep track of whether or not 41 * reboot_type is still set to its default value (i.e., reboot= hasn't 42 * been set on the command line). This is needed so that we can 43 * suppress DMI scanning for reboot quirks. Without it, it's 44 * impossible to override a faulty reboot quirk without recompiling. 45 */ 46 int reboot_default = 1; 47 int reboot_cpu; 48 enum reboot_type reboot_type = BOOT_ACPI; 49 int reboot_force; 50 51 struct sys_off_handler { 52 struct notifier_block nb; 53 int (*sys_off_cb)(struct sys_off_data *data); 54 void *cb_data; 55 enum sys_off_mode mode; 56 bool blocking; 57 void *list; 58 struct device *dev; 59 }; 60 61 /* 62 * This variable is used to indicate if a halt was initiated instead of a 63 * reboot when the reboot call was invoked with LINUX_REBOOT_CMD_POWER_OFF, but 64 * the system cannot be powered off. This allowes kernel_halt() to notify users 65 * of that. 66 */ 67 static bool poweroff_fallback_to_halt; 68 69 /* 70 * Temporary stub that prevents linkage failure while we're in process 71 * of removing all uses of legacy pm_power_off() around the kernel. 72 */ 73 void __weak (*pm_power_off)(void); 74 75 /* 76 * Notifier list for kernel code which wants to be called 77 * at shutdown. This is used to stop any idling DMA operations 78 * and the like. 79 */ 80 static BLOCKING_NOTIFIER_HEAD(reboot_notifier_list); 81 82 /** 83 * emergency_restart - reboot the system 84 * 85 * Without shutting down any hardware or taking any locks 86 * reboot the system. This is called when we know we are in 87 * trouble so this is our best effort to reboot. This is 88 * safe to call in interrupt context. 89 */ 90 void emergency_restart(void) 91 { 92 kmsg_dump(KMSG_DUMP_EMERG); 93 system_state = SYSTEM_RESTART; 94 machine_emergency_restart(); 95 } 96 EXPORT_SYMBOL_GPL(emergency_restart); 97 98 void kernel_restart_prepare(char *cmd) 99 { 100 blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd); 101 system_state = SYSTEM_RESTART; 102 usermodehelper_disable(); 103 device_shutdown(); 104 } 105 106 /** 107 * register_reboot_notifier - Register function to be called at reboot time 108 * @nb: Info about notifier function to be called 109 * 110 * Registers a function with the list of functions 111 * to be called at reboot time. 112 * 113 * Currently always returns zero, as blocking_notifier_chain_register() 114 * always returns zero. 115 */ 116 int register_reboot_notifier(struct notifier_block *nb) 117 { 118 return blocking_notifier_chain_register(&reboot_notifier_list, nb); 119 } 120 EXPORT_SYMBOL(register_reboot_notifier); 121 122 /** 123 * unregister_reboot_notifier - Unregister previously registered reboot notifier 124 * @nb: Hook to be unregistered 125 * 126 * Unregisters a previously registered reboot 127 * notifier function. 128 * 129 * Returns zero on success, or %-ENOENT on failure. 130 */ 131 int unregister_reboot_notifier(struct notifier_block *nb) 132 { 133 return blocking_notifier_chain_unregister(&reboot_notifier_list, nb); 134 } 135 EXPORT_SYMBOL(unregister_reboot_notifier); 136 137 static void devm_unregister_reboot_notifier(struct device *dev, void *res) 138 { 139 WARN_ON(unregister_reboot_notifier(*(struct notifier_block **)res)); 140 } 141 142 int devm_register_reboot_notifier(struct device *dev, struct notifier_block *nb) 143 { 144 struct notifier_block **rcnb; 145 int ret; 146 147 rcnb = devres_alloc(devm_unregister_reboot_notifier, 148 sizeof(*rcnb), GFP_KERNEL); 149 if (!rcnb) 150 return -ENOMEM; 151 152 ret = register_reboot_notifier(nb); 153 if (!ret) { 154 *rcnb = nb; 155 devres_add(dev, rcnb); 156 } else { 157 devres_free(rcnb); 158 } 159 160 return ret; 161 } 162 EXPORT_SYMBOL(devm_register_reboot_notifier); 163 164 /* 165 * Notifier list for kernel code which wants to be called 166 * to restart the system. 167 */ 168 static ATOMIC_NOTIFIER_HEAD(restart_handler_list); 169 170 /** 171 * register_restart_handler - Register function to be called to reset 172 * the system 173 * @nb: Info about handler function to be called 174 * @nb->priority: Handler priority. Handlers should follow the 175 * following guidelines for setting priorities. 176 * 0: Restart handler of last resort, 177 * with limited restart capabilities 178 * 128: Default restart handler; use if no other 179 * restart handler is expected to be available, 180 * and/or if restart functionality is 181 * sufficient to restart the entire system 182 * 255: Highest priority restart handler, will 183 * preempt all other restart handlers 184 * 185 * Registers a function with code to be called to restart the 186 * system. 187 * 188 * Registered functions will be called from machine_restart as last 189 * step of the restart sequence (if the architecture specific 190 * machine_restart function calls do_kernel_restart - see below 191 * for details). 192 * Registered functions are expected to restart the system immediately. 193 * If more than one function is registered, the restart handler priority 194 * selects which function will be called first. 195 * 196 * Restart handlers are expected to be registered from non-architecture 197 * code, typically from drivers. A typical use case would be a system 198 * where restart functionality is provided through a watchdog. Multiple 199 * restart handlers may exist; for example, one restart handler might 200 * restart the entire system, while another only restarts the CPU. 201 * In such cases, the restart handler which only restarts part of the 202 * hardware is expected to register with low priority to ensure that 203 * it only runs if no other means to restart the system is available. 204 * 205 * Currently always returns zero, as atomic_notifier_chain_register() 206 * always returns zero. 207 */ 208 int register_restart_handler(struct notifier_block *nb) 209 { 210 return atomic_notifier_chain_register(&restart_handler_list, nb); 211 } 212 EXPORT_SYMBOL(register_restart_handler); 213 214 /** 215 * unregister_restart_handler - Unregister previously registered 216 * restart handler 217 * @nb: Hook to be unregistered 218 * 219 * Unregisters a previously registered restart handler function. 220 * 221 * Returns zero on success, or %-ENOENT on failure. 222 */ 223 int unregister_restart_handler(struct notifier_block *nb) 224 { 225 return atomic_notifier_chain_unregister(&restart_handler_list, nb); 226 } 227 EXPORT_SYMBOL(unregister_restart_handler); 228 229 /** 230 * do_kernel_restart - Execute kernel restart handler call chain 231 * 232 * Calls functions registered with register_restart_handler. 233 * 234 * Expected to be called from machine_restart as last step of the restart 235 * sequence. 236 * 237 * Restarts the system immediately if a restart handler function has been 238 * registered. Otherwise does nothing. 239 */ 240 void do_kernel_restart(char *cmd) 241 { 242 atomic_notifier_call_chain(&restart_handler_list, reboot_mode, cmd); 243 } 244 245 void migrate_to_reboot_cpu(void) 246 { 247 /* The boot cpu is always logical cpu 0 */ 248 int cpu = reboot_cpu; 249 250 cpu_hotplug_disable(); 251 252 /* Make certain the cpu I'm about to reboot on is online */ 253 if (!cpu_online(cpu)) 254 cpu = cpumask_first(cpu_online_mask); 255 256 /* Prevent races with other tasks migrating this task */ 257 current->flags |= PF_NO_SETAFFINITY; 258 259 /* Make certain I only run on the appropriate processor */ 260 set_cpus_allowed_ptr(current, cpumask_of(cpu)); 261 } 262 263 /* 264 * Notifier list for kernel code which wants to be called 265 * to prepare system for restart. 266 */ 267 static BLOCKING_NOTIFIER_HEAD(restart_prep_handler_list); 268 269 static void do_kernel_restart_prepare(void) 270 { 271 blocking_notifier_call_chain(&restart_prep_handler_list, 0, NULL); 272 } 273 274 /** 275 * kernel_restart - reboot the system 276 * @cmd: pointer to buffer containing command to execute for restart 277 * or %NULL 278 * 279 * Shutdown everything and perform a clean reboot. 280 * This is not safe to call in interrupt context. 281 */ 282 void kernel_restart(char *cmd) 283 { 284 kernel_restart_prepare(cmd); 285 do_kernel_restart_prepare(); 286 migrate_to_reboot_cpu(); 287 syscore_shutdown(); 288 if (!cmd) 289 pr_emerg("Restarting system\n"); 290 else 291 pr_emerg("Restarting system with command '%s'\n", cmd); 292 kmsg_dump(KMSG_DUMP_SHUTDOWN); 293 machine_restart(cmd); 294 } 295 EXPORT_SYMBOL_GPL(kernel_restart); 296 297 static void kernel_shutdown_prepare(enum system_states state) 298 { 299 blocking_notifier_call_chain(&reboot_notifier_list, 300 (state == SYSTEM_HALT) ? SYS_HALT : SYS_POWER_OFF, NULL); 301 system_state = state; 302 usermodehelper_disable(); 303 device_shutdown(); 304 } 305 /** 306 * kernel_halt - halt the system 307 * 308 * Shutdown everything and perform a clean system halt. 309 */ 310 void kernel_halt(void) 311 { 312 kernel_shutdown_prepare(SYSTEM_HALT); 313 migrate_to_reboot_cpu(); 314 syscore_shutdown(); 315 if (poweroff_fallback_to_halt) 316 pr_emerg("Power off not available: System halted instead\n"); 317 else 318 pr_emerg("System halted\n"); 319 kmsg_dump(KMSG_DUMP_SHUTDOWN); 320 machine_halt(); 321 } 322 EXPORT_SYMBOL_GPL(kernel_halt); 323 324 /* 325 * Notifier list for kernel code which wants to be called 326 * to prepare system for power off. 327 */ 328 static BLOCKING_NOTIFIER_HEAD(power_off_prep_handler_list); 329 330 /* 331 * Notifier list for kernel code which wants to be called 332 * to power off system. 333 */ 334 static ATOMIC_NOTIFIER_HEAD(power_off_handler_list); 335 336 static int sys_off_notify(struct notifier_block *nb, 337 unsigned long mode, void *cmd) 338 { 339 struct sys_off_handler *handler; 340 struct sys_off_data data = {}; 341 342 handler = container_of(nb, struct sys_off_handler, nb); 343 data.cb_data = handler->cb_data; 344 data.mode = mode; 345 data.cmd = cmd; 346 data.dev = handler->dev; 347 348 return handler->sys_off_cb(&data); 349 } 350 351 static struct sys_off_handler platform_sys_off_handler; 352 353 static struct sys_off_handler *alloc_sys_off_handler(int priority) 354 { 355 struct sys_off_handler *handler; 356 gfp_t flags; 357 358 /* 359 * Platforms like m68k can't allocate sys_off handler dynamically 360 * at the early boot time because memory allocator isn't available yet. 361 */ 362 if (priority == SYS_OFF_PRIO_PLATFORM) { 363 handler = &platform_sys_off_handler; 364 if (handler->cb_data) 365 return ERR_PTR(-EBUSY); 366 } else { 367 if (system_state > SYSTEM_RUNNING) 368 flags = GFP_ATOMIC; 369 else 370 flags = GFP_KERNEL; 371 372 handler = kzalloc(sizeof(*handler), flags); 373 if (!handler) 374 return ERR_PTR(-ENOMEM); 375 } 376 377 return handler; 378 } 379 380 static void free_sys_off_handler(struct sys_off_handler *handler) 381 { 382 if (handler == &platform_sys_off_handler) 383 memset(handler, 0, sizeof(*handler)); 384 else 385 kfree(handler); 386 } 387 388 /** 389 * register_sys_off_handler - Register sys-off handler 390 * @mode: Sys-off mode 391 * @priority: Handler priority 392 * @callback: Callback function 393 * @cb_data: Callback argument 394 * 395 * Registers system power-off or restart handler that will be invoked 396 * at the step corresponding to the given sys-off mode. Handler's callback 397 * should return NOTIFY_DONE to permit execution of the next handler in 398 * the call chain or NOTIFY_STOP to break the chain (in error case for 399 * example). 400 * 401 * Multiple handlers can be registered at the default priority level. 402 * 403 * Only one handler can be registered at the non-default priority level, 404 * otherwise ERR_PTR(-EBUSY) is returned. 405 * 406 * Returns a new instance of struct sys_off_handler on success, or 407 * an ERR_PTR()-encoded error code otherwise. 408 */ 409 struct sys_off_handler * 410 register_sys_off_handler(enum sys_off_mode mode, 411 int priority, 412 int (*callback)(struct sys_off_data *data), 413 void *cb_data) 414 { 415 struct sys_off_handler *handler; 416 int err; 417 418 handler = alloc_sys_off_handler(priority); 419 if (IS_ERR(handler)) 420 return handler; 421 422 switch (mode) { 423 case SYS_OFF_MODE_POWER_OFF_PREPARE: 424 handler->list = &power_off_prep_handler_list; 425 handler->blocking = true; 426 break; 427 428 case SYS_OFF_MODE_POWER_OFF: 429 handler->list = &power_off_handler_list; 430 break; 431 432 case SYS_OFF_MODE_RESTART_PREPARE: 433 handler->list = &restart_prep_handler_list; 434 handler->blocking = true; 435 break; 436 437 case SYS_OFF_MODE_RESTART: 438 handler->list = &restart_handler_list; 439 break; 440 441 default: 442 free_sys_off_handler(handler); 443 return ERR_PTR(-EINVAL); 444 } 445 446 handler->nb.notifier_call = sys_off_notify; 447 handler->nb.priority = priority; 448 handler->sys_off_cb = callback; 449 handler->cb_data = cb_data; 450 handler->mode = mode; 451 452 if (handler->blocking) { 453 if (priority == SYS_OFF_PRIO_DEFAULT) 454 err = blocking_notifier_chain_register(handler->list, 455 &handler->nb); 456 else 457 err = blocking_notifier_chain_register_unique_prio(handler->list, 458 &handler->nb); 459 } else { 460 if (priority == SYS_OFF_PRIO_DEFAULT) 461 err = atomic_notifier_chain_register(handler->list, 462 &handler->nb); 463 else 464 err = atomic_notifier_chain_register_unique_prio(handler->list, 465 &handler->nb); 466 } 467 468 if (err) { 469 free_sys_off_handler(handler); 470 return ERR_PTR(err); 471 } 472 473 return handler; 474 } 475 EXPORT_SYMBOL_GPL(register_sys_off_handler); 476 477 /** 478 * unregister_sys_off_handler - Unregister sys-off handler 479 * @handler: Sys-off handler 480 * 481 * Unregisters given sys-off handler. 482 */ 483 void unregister_sys_off_handler(struct sys_off_handler *handler) 484 { 485 int err; 486 487 if (IS_ERR_OR_NULL(handler)) 488 return; 489 490 if (handler->blocking) 491 err = blocking_notifier_chain_unregister(handler->list, 492 &handler->nb); 493 else 494 err = atomic_notifier_chain_unregister(handler->list, 495 &handler->nb); 496 497 /* sanity check, shall never happen */ 498 WARN_ON(err); 499 500 free_sys_off_handler(handler); 501 } 502 EXPORT_SYMBOL_GPL(unregister_sys_off_handler); 503 504 static void devm_unregister_sys_off_handler(void *data) 505 { 506 struct sys_off_handler *handler = data; 507 508 unregister_sys_off_handler(handler); 509 } 510 511 /** 512 * devm_register_sys_off_handler - Register sys-off handler 513 * @dev: Device that registers handler 514 * @mode: Sys-off mode 515 * @priority: Handler priority 516 * @callback: Callback function 517 * @cb_data: Callback argument 518 * 519 * Registers resource-managed sys-off handler. 520 * 521 * Returns zero on success, or error code on failure. 522 */ 523 int devm_register_sys_off_handler(struct device *dev, 524 enum sys_off_mode mode, 525 int priority, 526 int (*callback)(struct sys_off_data *data), 527 void *cb_data) 528 { 529 struct sys_off_handler *handler; 530 531 handler = register_sys_off_handler(mode, priority, callback, cb_data); 532 if (IS_ERR(handler)) 533 return PTR_ERR(handler); 534 handler->dev = dev; 535 536 return devm_add_action_or_reset(dev, devm_unregister_sys_off_handler, 537 handler); 538 } 539 EXPORT_SYMBOL_GPL(devm_register_sys_off_handler); 540 541 /** 542 * devm_register_power_off_handler - Register power-off handler 543 * @dev: Device that registers callback 544 * @callback: Callback function 545 * @cb_data: Callback's argument 546 * 547 * Registers resource-managed sys-off handler with a default priority 548 * and using power-off mode. 549 * 550 * Returns zero on success, or error code on failure. 551 */ 552 int devm_register_power_off_handler(struct device *dev, 553 int (*callback)(struct sys_off_data *data), 554 void *cb_data) 555 { 556 return devm_register_sys_off_handler(dev, 557 SYS_OFF_MODE_POWER_OFF, 558 SYS_OFF_PRIO_DEFAULT, 559 callback, cb_data); 560 } 561 EXPORT_SYMBOL_GPL(devm_register_power_off_handler); 562 563 /** 564 * devm_register_restart_handler - Register restart handler 565 * @dev: Device that registers callback 566 * @callback: Callback function 567 * @cb_data: Callback's argument 568 * 569 * Registers resource-managed sys-off handler with a default priority 570 * and using restart mode. 571 * 572 * Returns zero on success, or error code on failure. 573 */ 574 int devm_register_restart_handler(struct device *dev, 575 int (*callback)(struct sys_off_data *data), 576 void *cb_data) 577 { 578 return devm_register_sys_off_handler(dev, 579 SYS_OFF_MODE_RESTART, 580 SYS_OFF_PRIO_DEFAULT, 581 callback, cb_data); 582 } 583 EXPORT_SYMBOL_GPL(devm_register_restart_handler); 584 585 static struct sys_off_handler *platform_power_off_handler; 586 587 static int platform_power_off_notify(struct sys_off_data *data) 588 { 589 void (*platform_power_power_off_cb)(void) = data->cb_data; 590 591 platform_power_power_off_cb(); 592 593 return NOTIFY_DONE; 594 } 595 596 /** 597 * register_platform_power_off - Register platform-level power-off callback 598 * @power_off: Power-off callback 599 * 600 * Registers power-off callback that will be called as last step 601 * of the power-off sequence. This callback is expected to be invoked 602 * for the last resort. Only one platform power-off callback is allowed 603 * to be registered at a time. 604 * 605 * Returns zero on success, or error code on failure. 606 */ 607 int register_platform_power_off(void (*power_off)(void)) 608 { 609 struct sys_off_handler *handler; 610 611 handler = register_sys_off_handler(SYS_OFF_MODE_POWER_OFF, 612 SYS_OFF_PRIO_PLATFORM, 613 platform_power_off_notify, 614 power_off); 615 if (IS_ERR(handler)) 616 return PTR_ERR(handler); 617 618 platform_power_off_handler = handler; 619 620 return 0; 621 } 622 EXPORT_SYMBOL_GPL(register_platform_power_off); 623 624 /** 625 * unregister_platform_power_off - Unregister platform-level power-off callback 626 * @power_off: Power-off callback 627 * 628 * Unregisters previously registered platform power-off callback. 629 */ 630 void unregister_platform_power_off(void (*power_off)(void)) 631 { 632 if (platform_power_off_handler && 633 platform_power_off_handler->cb_data == power_off) { 634 unregister_sys_off_handler(platform_power_off_handler); 635 platform_power_off_handler = NULL; 636 } 637 } 638 EXPORT_SYMBOL_GPL(unregister_platform_power_off); 639 640 static int legacy_pm_power_off(struct sys_off_data *data) 641 { 642 if (pm_power_off) 643 pm_power_off(); 644 645 return NOTIFY_DONE; 646 } 647 648 static void do_kernel_power_off_prepare(void) 649 { 650 blocking_notifier_call_chain(&power_off_prep_handler_list, 0, NULL); 651 } 652 653 /** 654 * do_kernel_power_off - Execute kernel power-off handler call chain 655 * 656 * Expected to be called as last step of the power-off sequence. 657 * 658 * Powers off the system immediately if a power-off handler function has 659 * been registered. Otherwise does nothing. 660 */ 661 void do_kernel_power_off(void) 662 { 663 struct sys_off_handler *sys_off = NULL; 664 665 /* 666 * Register sys-off handlers for legacy PM callback. This allows 667 * legacy PM callbacks temporary co-exist with the new sys-off API. 668 * 669 * TODO: Remove legacy handlers once all legacy PM users will be 670 * switched to the sys-off based APIs. 671 */ 672 if (pm_power_off) 673 sys_off = register_sys_off_handler(SYS_OFF_MODE_POWER_OFF, 674 SYS_OFF_PRIO_DEFAULT, 675 legacy_pm_power_off, NULL); 676 677 atomic_notifier_call_chain(&power_off_handler_list, 0, NULL); 678 679 unregister_sys_off_handler(sys_off); 680 } 681 682 /** 683 * kernel_can_power_off - check whether system can be powered off 684 * 685 * Returns true if power-off handler is registered and system can be 686 * powered off, false otherwise. 687 */ 688 bool kernel_can_power_off(void) 689 { 690 return !atomic_notifier_call_chain_is_empty(&power_off_handler_list) || 691 pm_power_off; 692 } 693 EXPORT_SYMBOL_GPL(kernel_can_power_off); 694 695 /** 696 * kernel_power_off - power_off the system 697 * 698 * Shutdown everything and perform a clean system power_off. 699 */ 700 void kernel_power_off(void) 701 { 702 kernel_shutdown_prepare(SYSTEM_POWER_OFF); 703 do_kernel_power_off_prepare(); 704 migrate_to_reboot_cpu(); 705 syscore_shutdown(); 706 pr_emerg("Power down\n"); 707 kmsg_dump(KMSG_DUMP_SHUTDOWN); 708 machine_power_off(); 709 } 710 EXPORT_SYMBOL_GPL(kernel_power_off); 711 712 DEFINE_MUTEX(system_transition_mutex); 713 714 /* 715 * Reboot system call: for obvious reasons only root may call it, 716 * and even root needs to set up some magic numbers in the registers 717 * so that some mistake won't make this reboot the whole machine. 718 * You can also set the meaning of the ctrl-alt-del-key here. 719 * 720 * reboot doesn't sync: do that yourself before calling this. 721 */ 722 SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd, 723 void __user *, arg) 724 { 725 struct pid_namespace *pid_ns = task_active_pid_ns(current); 726 char buffer[256]; 727 int ret = 0; 728 729 /* We only trust the superuser with rebooting the system. */ 730 if (!ns_capable(pid_ns->user_ns, CAP_SYS_BOOT)) 731 return -EPERM; 732 733 /* For safety, we require "magic" arguments. */ 734 if (magic1 != LINUX_REBOOT_MAGIC1 || 735 (magic2 != LINUX_REBOOT_MAGIC2 && 736 magic2 != LINUX_REBOOT_MAGIC2A && 737 magic2 != LINUX_REBOOT_MAGIC2B && 738 magic2 != LINUX_REBOOT_MAGIC2C)) 739 return -EINVAL; 740 741 /* 742 * If pid namespaces are enabled and the current task is in a child 743 * pid_namespace, the command is handled by reboot_pid_ns() which will 744 * call do_exit(). 745 */ 746 ret = reboot_pid_ns(pid_ns, cmd); 747 if (ret) 748 return ret; 749 750 /* Instead of trying to make the power_off code look like 751 * halt when pm_power_off is not set do it the easy way. 752 */ 753 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !kernel_can_power_off()) { 754 poweroff_fallback_to_halt = true; 755 cmd = LINUX_REBOOT_CMD_HALT; 756 } 757 758 mutex_lock(&system_transition_mutex); 759 switch (cmd) { 760 case LINUX_REBOOT_CMD_RESTART: 761 kernel_restart(NULL); 762 break; 763 764 case LINUX_REBOOT_CMD_CAD_ON: 765 C_A_D = 1; 766 break; 767 768 case LINUX_REBOOT_CMD_CAD_OFF: 769 C_A_D = 0; 770 break; 771 772 case LINUX_REBOOT_CMD_HALT: 773 kernel_halt(); 774 do_exit(0); 775 776 case LINUX_REBOOT_CMD_POWER_OFF: 777 kernel_power_off(); 778 do_exit(0); 779 break; 780 781 case LINUX_REBOOT_CMD_RESTART2: 782 ret = strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1); 783 if (ret < 0) { 784 ret = -EFAULT; 785 break; 786 } 787 buffer[sizeof(buffer) - 1] = '\0'; 788 789 kernel_restart(buffer); 790 break; 791 792 #ifdef CONFIG_KEXEC_CORE 793 case LINUX_REBOOT_CMD_KEXEC: 794 ret = kernel_kexec(); 795 break; 796 #endif 797 798 #ifdef CONFIG_HIBERNATION 799 case LINUX_REBOOT_CMD_SW_SUSPEND: 800 ret = hibernate(); 801 break; 802 #endif 803 804 default: 805 ret = -EINVAL; 806 break; 807 } 808 mutex_unlock(&system_transition_mutex); 809 return ret; 810 } 811 812 static void deferred_cad(struct work_struct *dummy) 813 { 814 kernel_restart(NULL); 815 } 816 817 /* 818 * This function gets called by ctrl-alt-del - ie the keyboard interrupt. 819 * As it's called within an interrupt, it may NOT sync: the only choice 820 * is whether to reboot at once, or just ignore the ctrl-alt-del. 821 */ 822 void ctrl_alt_del(void) 823 { 824 static DECLARE_WORK(cad_work, deferred_cad); 825 826 if (C_A_D) 827 schedule_work(&cad_work); 828 else 829 kill_cad_pid(SIGINT, 1); 830 } 831 832 #define POWEROFF_CMD_PATH_LEN 256 833 static char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff"; 834 static const char reboot_cmd[] = "/sbin/reboot"; 835 836 static int run_cmd(const char *cmd) 837 { 838 char **argv; 839 static char *envp[] = { 840 "HOME=/", 841 "PATH=/sbin:/bin:/usr/sbin:/usr/bin", 842 NULL 843 }; 844 int ret; 845 argv = argv_split(GFP_KERNEL, cmd, NULL); 846 if (argv) { 847 ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC); 848 argv_free(argv); 849 } else { 850 ret = -ENOMEM; 851 } 852 853 return ret; 854 } 855 856 static int __orderly_reboot(void) 857 { 858 int ret; 859 860 ret = run_cmd(reboot_cmd); 861 862 if (ret) { 863 pr_warn("Failed to start orderly reboot: forcing the issue\n"); 864 emergency_sync(); 865 kernel_restart(NULL); 866 } 867 868 return ret; 869 } 870 871 static int __orderly_poweroff(bool force) 872 { 873 int ret; 874 875 ret = run_cmd(poweroff_cmd); 876 877 if (ret && force) { 878 pr_warn("Failed to start orderly shutdown: forcing the issue\n"); 879 880 /* 881 * I guess this should try to kick off some daemon to sync and 882 * poweroff asap. Or not even bother syncing if we're doing an 883 * emergency shutdown? 884 */ 885 emergency_sync(); 886 kernel_power_off(); 887 } 888 889 return ret; 890 } 891 892 static bool poweroff_force; 893 894 static void poweroff_work_func(struct work_struct *work) 895 { 896 __orderly_poweroff(poweroff_force); 897 } 898 899 static DECLARE_WORK(poweroff_work, poweroff_work_func); 900 901 /** 902 * orderly_poweroff - Trigger an orderly system poweroff 903 * @force: force poweroff if command execution fails 904 * 905 * This may be called from any context to trigger a system shutdown. 906 * If the orderly shutdown fails, it will force an immediate shutdown. 907 */ 908 void orderly_poweroff(bool force) 909 { 910 if (force) /* do not override the pending "true" */ 911 poweroff_force = true; 912 schedule_work(&poweroff_work); 913 } 914 EXPORT_SYMBOL_GPL(orderly_poweroff); 915 916 static void reboot_work_func(struct work_struct *work) 917 { 918 __orderly_reboot(); 919 } 920 921 static DECLARE_WORK(reboot_work, reboot_work_func); 922 923 /** 924 * orderly_reboot - Trigger an orderly system reboot 925 * 926 * This may be called from any context to trigger a system reboot. 927 * If the orderly reboot fails, it will force an immediate reboot. 928 */ 929 void orderly_reboot(void) 930 { 931 schedule_work(&reboot_work); 932 } 933 EXPORT_SYMBOL_GPL(orderly_reboot); 934 935 /** 936 * hw_failure_emergency_poweroff_func - emergency poweroff work after a known delay 937 * @work: work_struct associated with the emergency poweroff function 938 * 939 * This function is called in very critical situations to force 940 * a kernel poweroff after a configurable timeout value. 941 */ 942 static void hw_failure_emergency_poweroff_func(struct work_struct *work) 943 { 944 /* 945 * We have reached here after the emergency shutdown waiting period has 946 * expired. This means orderly_poweroff has not been able to shut off 947 * the system for some reason. 948 * 949 * Try to shut down the system immediately using kernel_power_off 950 * if populated 951 */ 952 pr_emerg("Hardware protection timed-out. Trying forced poweroff\n"); 953 kernel_power_off(); 954 955 /* 956 * Worst of the worst case trigger emergency restart 957 */ 958 pr_emerg("Hardware protection shutdown failed. Trying emergency restart\n"); 959 emergency_restart(); 960 } 961 962 static DECLARE_DELAYED_WORK(hw_failure_emergency_poweroff_work, 963 hw_failure_emergency_poweroff_func); 964 965 /** 966 * hw_failure_emergency_poweroff - Trigger an emergency system poweroff 967 * 968 * This may be called from any critical situation to trigger a system shutdown 969 * after a given period of time. If time is negative this is not scheduled. 970 */ 971 static void hw_failure_emergency_poweroff(int poweroff_delay_ms) 972 { 973 if (poweroff_delay_ms <= 0) 974 return; 975 schedule_delayed_work(&hw_failure_emergency_poweroff_work, 976 msecs_to_jiffies(poweroff_delay_ms)); 977 } 978 979 /** 980 * __hw_protection_shutdown - Trigger an emergency system shutdown or reboot 981 * 982 * @reason: Reason of emergency shutdown or reboot to be printed. 983 * @ms_until_forced: Time to wait for orderly shutdown or reboot before 984 * triggering it. Negative value disables the forced 985 * shutdown or reboot. 986 * @shutdown: If true, indicates that a shutdown will happen 987 * after the critical tempeature is reached. 988 * If false, indicates that a reboot will happen 989 * after the critical tempeature is reached. 990 * 991 * Initiate an emergency system shutdown or reboot in order to protect 992 * hardware from further damage. Usage examples include a thermal protection. 993 * NOTE: The request is ignored if protection shutdown or reboot is already 994 * pending even if the previous request has given a large timeout for forced 995 * shutdown/reboot. 996 */ 997 void __hw_protection_shutdown(const char *reason, int ms_until_forced, bool shutdown) 998 { 999 static atomic_t allow_proceed = ATOMIC_INIT(1); 1000 1001 pr_emerg("HARDWARE PROTECTION shutdown (%s)\n", reason); 1002 1003 /* Shutdown should be initiated only once. */ 1004 if (!atomic_dec_and_test(&allow_proceed)) 1005 return; 1006 1007 /* 1008 * Queue a backup emergency shutdown in the event of 1009 * orderly_poweroff failure 1010 */ 1011 hw_failure_emergency_poweroff(ms_until_forced); 1012 if (shutdown) 1013 orderly_poweroff(true); 1014 else 1015 orderly_reboot(); 1016 } 1017 EXPORT_SYMBOL_GPL(__hw_protection_shutdown); 1018 1019 static int __init reboot_setup(char *str) 1020 { 1021 for (;;) { 1022 enum reboot_mode *mode; 1023 1024 /* 1025 * Having anything passed on the command line via 1026 * reboot= will cause us to disable DMI checking 1027 * below. 1028 */ 1029 reboot_default = 0; 1030 1031 if (!strncmp(str, "panic_", 6)) { 1032 mode = &panic_reboot_mode; 1033 str += 6; 1034 } else { 1035 mode = &reboot_mode; 1036 } 1037 1038 switch (*str) { 1039 case 'w': 1040 *mode = REBOOT_WARM; 1041 break; 1042 1043 case 'c': 1044 *mode = REBOOT_COLD; 1045 break; 1046 1047 case 'h': 1048 *mode = REBOOT_HARD; 1049 break; 1050 1051 case 's': 1052 /* 1053 * reboot_cpu is s[mp]#### with #### being the processor 1054 * to be used for rebooting. Skip 's' or 'smp' prefix. 1055 */ 1056 str += str[1] == 'm' && str[2] == 'p' ? 3 : 1; 1057 1058 if (isdigit(str[0])) { 1059 int cpu = simple_strtoul(str, NULL, 0); 1060 1061 if (cpu >= num_possible_cpus()) { 1062 pr_err("Ignoring the CPU number in reboot= option. " 1063 "CPU %d exceeds possible cpu number %d\n", 1064 cpu, num_possible_cpus()); 1065 break; 1066 } 1067 reboot_cpu = cpu; 1068 } else 1069 *mode = REBOOT_SOFT; 1070 break; 1071 1072 case 'g': 1073 *mode = REBOOT_GPIO; 1074 break; 1075 1076 case 'b': 1077 case 'a': 1078 case 'k': 1079 case 't': 1080 case 'e': 1081 case 'p': 1082 reboot_type = *str; 1083 break; 1084 1085 case 'f': 1086 reboot_force = 1; 1087 break; 1088 } 1089 1090 str = strchr(str, ','); 1091 if (str) 1092 str++; 1093 else 1094 break; 1095 } 1096 return 1; 1097 } 1098 __setup("reboot=", reboot_setup); 1099 1100 #ifdef CONFIG_SYSFS 1101 1102 #define REBOOT_COLD_STR "cold" 1103 #define REBOOT_WARM_STR "warm" 1104 #define REBOOT_HARD_STR "hard" 1105 #define REBOOT_SOFT_STR "soft" 1106 #define REBOOT_GPIO_STR "gpio" 1107 #define REBOOT_UNDEFINED_STR "undefined" 1108 1109 #define BOOT_TRIPLE_STR "triple" 1110 #define BOOT_KBD_STR "kbd" 1111 #define BOOT_BIOS_STR "bios" 1112 #define BOOT_ACPI_STR "acpi" 1113 #define BOOT_EFI_STR "efi" 1114 #define BOOT_PCI_STR "pci" 1115 1116 static ssize_t mode_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) 1117 { 1118 const char *val; 1119 1120 switch (reboot_mode) { 1121 case REBOOT_COLD: 1122 val = REBOOT_COLD_STR; 1123 break; 1124 case REBOOT_WARM: 1125 val = REBOOT_WARM_STR; 1126 break; 1127 case REBOOT_HARD: 1128 val = REBOOT_HARD_STR; 1129 break; 1130 case REBOOT_SOFT: 1131 val = REBOOT_SOFT_STR; 1132 break; 1133 case REBOOT_GPIO: 1134 val = REBOOT_GPIO_STR; 1135 break; 1136 default: 1137 val = REBOOT_UNDEFINED_STR; 1138 } 1139 1140 return sprintf(buf, "%s\n", val); 1141 } 1142 static ssize_t mode_store(struct kobject *kobj, struct kobj_attribute *attr, 1143 const char *buf, size_t count) 1144 { 1145 if (!capable(CAP_SYS_BOOT)) 1146 return -EPERM; 1147 1148 if (!strncmp(buf, REBOOT_COLD_STR, strlen(REBOOT_COLD_STR))) 1149 reboot_mode = REBOOT_COLD; 1150 else if (!strncmp(buf, REBOOT_WARM_STR, strlen(REBOOT_WARM_STR))) 1151 reboot_mode = REBOOT_WARM; 1152 else if (!strncmp(buf, REBOOT_HARD_STR, strlen(REBOOT_HARD_STR))) 1153 reboot_mode = REBOOT_HARD; 1154 else if (!strncmp(buf, REBOOT_SOFT_STR, strlen(REBOOT_SOFT_STR))) 1155 reboot_mode = REBOOT_SOFT; 1156 else if (!strncmp(buf, REBOOT_GPIO_STR, strlen(REBOOT_GPIO_STR))) 1157 reboot_mode = REBOOT_GPIO; 1158 else 1159 return -EINVAL; 1160 1161 reboot_default = 0; 1162 1163 return count; 1164 } 1165 static struct kobj_attribute reboot_mode_attr = __ATTR_RW(mode); 1166 1167 #ifdef CONFIG_X86 1168 static ssize_t force_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) 1169 { 1170 return sprintf(buf, "%d\n", reboot_force); 1171 } 1172 static ssize_t force_store(struct kobject *kobj, struct kobj_attribute *attr, 1173 const char *buf, size_t count) 1174 { 1175 bool res; 1176 1177 if (!capable(CAP_SYS_BOOT)) 1178 return -EPERM; 1179 1180 if (kstrtobool(buf, &res)) 1181 return -EINVAL; 1182 1183 reboot_default = 0; 1184 reboot_force = res; 1185 1186 return count; 1187 } 1188 static struct kobj_attribute reboot_force_attr = __ATTR_RW(force); 1189 1190 static ssize_t type_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) 1191 { 1192 const char *val; 1193 1194 switch (reboot_type) { 1195 case BOOT_TRIPLE: 1196 val = BOOT_TRIPLE_STR; 1197 break; 1198 case BOOT_KBD: 1199 val = BOOT_KBD_STR; 1200 break; 1201 case BOOT_BIOS: 1202 val = BOOT_BIOS_STR; 1203 break; 1204 case BOOT_ACPI: 1205 val = BOOT_ACPI_STR; 1206 break; 1207 case BOOT_EFI: 1208 val = BOOT_EFI_STR; 1209 break; 1210 case BOOT_CF9_FORCE: 1211 val = BOOT_PCI_STR; 1212 break; 1213 default: 1214 val = REBOOT_UNDEFINED_STR; 1215 } 1216 1217 return sprintf(buf, "%s\n", val); 1218 } 1219 static ssize_t type_store(struct kobject *kobj, struct kobj_attribute *attr, 1220 const char *buf, size_t count) 1221 { 1222 if (!capable(CAP_SYS_BOOT)) 1223 return -EPERM; 1224 1225 if (!strncmp(buf, BOOT_TRIPLE_STR, strlen(BOOT_TRIPLE_STR))) 1226 reboot_type = BOOT_TRIPLE; 1227 else if (!strncmp(buf, BOOT_KBD_STR, strlen(BOOT_KBD_STR))) 1228 reboot_type = BOOT_KBD; 1229 else if (!strncmp(buf, BOOT_BIOS_STR, strlen(BOOT_BIOS_STR))) 1230 reboot_type = BOOT_BIOS; 1231 else if (!strncmp(buf, BOOT_ACPI_STR, strlen(BOOT_ACPI_STR))) 1232 reboot_type = BOOT_ACPI; 1233 else if (!strncmp(buf, BOOT_EFI_STR, strlen(BOOT_EFI_STR))) 1234 reboot_type = BOOT_EFI; 1235 else if (!strncmp(buf, BOOT_PCI_STR, strlen(BOOT_PCI_STR))) 1236 reboot_type = BOOT_CF9_FORCE; 1237 else 1238 return -EINVAL; 1239 1240 reboot_default = 0; 1241 1242 return count; 1243 } 1244 static struct kobj_attribute reboot_type_attr = __ATTR_RW(type); 1245 #endif 1246 1247 #ifdef CONFIG_SMP 1248 static ssize_t cpu_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) 1249 { 1250 return sprintf(buf, "%d\n", reboot_cpu); 1251 } 1252 static ssize_t cpu_store(struct kobject *kobj, struct kobj_attribute *attr, 1253 const char *buf, size_t count) 1254 { 1255 unsigned int cpunum; 1256 int rc; 1257 1258 if (!capable(CAP_SYS_BOOT)) 1259 return -EPERM; 1260 1261 rc = kstrtouint(buf, 0, &cpunum); 1262 1263 if (rc) 1264 return rc; 1265 1266 if (cpunum >= num_possible_cpus()) 1267 return -ERANGE; 1268 1269 reboot_default = 0; 1270 reboot_cpu = cpunum; 1271 1272 return count; 1273 } 1274 static struct kobj_attribute reboot_cpu_attr = __ATTR_RW(cpu); 1275 #endif 1276 1277 static struct attribute *reboot_attrs[] = { 1278 &reboot_mode_attr.attr, 1279 #ifdef CONFIG_X86 1280 &reboot_force_attr.attr, 1281 &reboot_type_attr.attr, 1282 #endif 1283 #ifdef CONFIG_SMP 1284 &reboot_cpu_attr.attr, 1285 #endif 1286 NULL, 1287 }; 1288 1289 #ifdef CONFIG_SYSCTL 1290 static struct ctl_table kern_reboot_table[] = { 1291 { 1292 .procname = "poweroff_cmd", 1293 .data = &poweroff_cmd, 1294 .maxlen = POWEROFF_CMD_PATH_LEN, 1295 .mode = 0644, 1296 .proc_handler = proc_dostring, 1297 }, 1298 { 1299 .procname = "ctrl-alt-del", 1300 .data = &C_A_D, 1301 .maxlen = sizeof(int), 1302 .mode = 0644, 1303 .proc_handler = proc_dointvec, 1304 }, 1305 }; 1306 1307 static void __init kernel_reboot_sysctls_init(void) 1308 { 1309 register_sysctl_init("kernel", kern_reboot_table); 1310 } 1311 #else 1312 #define kernel_reboot_sysctls_init() do { } while (0) 1313 #endif /* CONFIG_SYSCTL */ 1314 1315 static const struct attribute_group reboot_attr_group = { 1316 .attrs = reboot_attrs, 1317 }; 1318 1319 static int __init reboot_ksysfs_init(void) 1320 { 1321 struct kobject *reboot_kobj; 1322 int ret; 1323 1324 reboot_kobj = kobject_create_and_add("reboot", kernel_kobj); 1325 if (!reboot_kobj) 1326 return -ENOMEM; 1327 1328 ret = sysfs_create_group(reboot_kobj, &reboot_attr_group); 1329 if (ret) { 1330 kobject_put(reboot_kobj); 1331 return ret; 1332 } 1333 1334 kernel_reboot_sysctls_init(); 1335 1336 return 0; 1337 } 1338 late_initcall(reboot_ksysfs_init); 1339 1340 #endif 1341