1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * linux/kernel/reboot.c 4 * 5 * Copyright (C) 2013 Linus Torvalds 6 */ 7 8 #define pr_fmt(fmt) "reboot: " fmt 9 10 #include <linux/atomic.h> 11 #include <linux/ctype.h> 12 #include <linux/export.h> 13 #include <linux/kexec.h> 14 #include <linux/kmod.h> 15 #include <linux/kmsg_dump.h> 16 #include <linux/reboot.h> 17 #include <linux/suspend.h> 18 #include <linux/syscalls.h> 19 #include <linux/syscore_ops.h> 20 #include <linux/uaccess.h> 21 22 /* 23 * this indicates whether you can reboot with ctrl-alt-del: the default is yes 24 */ 25 26 static int C_A_D = 1; 27 struct pid *cad_pid; 28 EXPORT_SYMBOL(cad_pid); 29 30 #if defined(CONFIG_ARM) 31 #define DEFAULT_REBOOT_MODE = REBOOT_HARD 32 #else 33 #define DEFAULT_REBOOT_MODE 34 #endif 35 enum reboot_mode reboot_mode DEFAULT_REBOOT_MODE; 36 EXPORT_SYMBOL_GPL(reboot_mode); 37 enum reboot_mode panic_reboot_mode = REBOOT_UNDEFINED; 38 39 /* 40 * This variable is used privately to keep track of whether or not 41 * reboot_type is still set to its default value (i.e., reboot= hasn't 42 * been set on the command line). This is needed so that we can 43 * suppress DMI scanning for reboot quirks. Without it, it's 44 * impossible to override a faulty reboot quirk without recompiling. 45 */ 46 int reboot_default = 1; 47 int reboot_cpu; 48 enum reboot_type reboot_type = BOOT_ACPI; 49 int reboot_force; 50 51 struct sys_off_handler { 52 struct notifier_block nb; 53 int (*sys_off_cb)(struct sys_off_data *data); 54 void *cb_data; 55 enum sys_off_mode mode; 56 bool blocking; 57 void *list; 58 struct device *dev; 59 }; 60 61 /* 62 * This variable is used to indicate if a halt was initiated instead of a 63 * reboot when the reboot call was invoked with LINUX_REBOOT_CMD_POWER_OFF, but 64 * the system cannot be powered off. This allowes kernel_halt() to notify users 65 * of that. 66 */ 67 static bool poweroff_fallback_to_halt; 68 69 /* 70 * Temporary stub that prevents linkage failure while we're in process 71 * of removing all uses of legacy pm_power_off() around the kernel. 72 */ 73 void __weak (*pm_power_off)(void); 74 75 /* 76 * Notifier list for kernel code which wants to be called 77 * at shutdown. This is used to stop any idling DMA operations 78 * and the like. 79 */ 80 static BLOCKING_NOTIFIER_HEAD(reboot_notifier_list); 81 82 /** 83 * emergency_restart - reboot the system 84 * 85 * Without shutting down any hardware or taking any locks 86 * reboot the system. This is called when we know we are in 87 * trouble so this is our best effort to reboot. This is 88 * safe to call in interrupt context. 89 */ 90 void emergency_restart(void) 91 { 92 kmsg_dump(KMSG_DUMP_EMERG); 93 system_state = SYSTEM_RESTART; 94 machine_emergency_restart(); 95 } 96 EXPORT_SYMBOL_GPL(emergency_restart); 97 98 void kernel_restart_prepare(char *cmd) 99 { 100 blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd); 101 system_state = SYSTEM_RESTART; 102 usermodehelper_disable(); 103 device_shutdown(); 104 } 105 106 /** 107 * register_reboot_notifier - Register function to be called at reboot time 108 * @nb: Info about notifier function to be called 109 * 110 * Registers a function with the list of functions 111 * to be called at reboot time. 112 * 113 * Currently always returns zero, as blocking_notifier_chain_register() 114 * always returns zero. 115 */ 116 int register_reboot_notifier(struct notifier_block *nb) 117 { 118 return blocking_notifier_chain_register(&reboot_notifier_list, nb); 119 } 120 EXPORT_SYMBOL(register_reboot_notifier); 121 122 /** 123 * unregister_reboot_notifier - Unregister previously registered reboot notifier 124 * @nb: Hook to be unregistered 125 * 126 * Unregisters a previously registered reboot 127 * notifier function. 128 * 129 * Returns zero on success, or %-ENOENT on failure. 130 */ 131 int unregister_reboot_notifier(struct notifier_block *nb) 132 { 133 return blocking_notifier_chain_unregister(&reboot_notifier_list, nb); 134 } 135 EXPORT_SYMBOL(unregister_reboot_notifier); 136 137 static void devm_unregister_reboot_notifier(struct device *dev, void *res) 138 { 139 WARN_ON(unregister_reboot_notifier(*(struct notifier_block **)res)); 140 } 141 142 int devm_register_reboot_notifier(struct device *dev, struct notifier_block *nb) 143 { 144 struct notifier_block **rcnb; 145 int ret; 146 147 rcnb = devres_alloc(devm_unregister_reboot_notifier, 148 sizeof(*rcnb), GFP_KERNEL); 149 if (!rcnb) 150 return -ENOMEM; 151 152 ret = register_reboot_notifier(nb); 153 if (!ret) { 154 *rcnb = nb; 155 devres_add(dev, rcnb); 156 } else { 157 devres_free(rcnb); 158 } 159 160 return ret; 161 } 162 EXPORT_SYMBOL(devm_register_reboot_notifier); 163 164 /* 165 * Notifier list for kernel code which wants to be called 166 * to restart the system. 167 */ 168 static ATOMIC_NOTIFIER_HEAD(restart_handler_list); 169 170 /** 171 * register_restart_handler - Register function to be called to reset 172 * the system 173 * @nb: Info about handler function to be called 174 * @nb->priority: Handler priority. Handlers should follow the 175 * following guidelines for setting priorities. 176 * 0: Restart handler of last resort, 177 * with limited restart capabilities 178 * 128: Default restart handler; use if no other 179 * restart handler is expected to be available, 180 * and/or if restart functionality is 181 * sufficient to restart the entire system 182 * 255: Highest priority restart handler, will 183 * preempt all other restart handlers 184 * 185 * Registers a function with code to be called to restart the 186 * system. 187 * 188 * Registered functions will be called from machine_restart as last 189 * step of the restart sequence (if the architecture specific 190 * machine_restart function calls do_kernel_restart - see below 191 * for details). 192 * Registered functions are expected to restart the system immediately. 193 * If more than one function is registered, the restart handler priority 194 * selects which function will be called first. 195 * 196 * Restart handlers are expected to be registered from non-architecture 197 * code, typically from drivers. A typical use case would be a system 198 * where restart functionality is provided through a watchdog. Multiple 199 * restart handlers may exist; for example, one restart handler might 200 * restart the entire system, while another only restarts the CPU. 201 * In such cases, the restart handler which only restarts part of the 202 * hardware is expected to register with low priority to ensure that 203 * it only runs if no other means to restart the system is available. 204 * 205 * Currently always returns zero, as atomic_notifier_chain_register() 206 * always returns zero. 207 */ 208 int register_restart_handler(struct notifier_block *nb) 209 { 210 return atomic_notifier_chain_register(&restart_handler_list, nb); 211 } 212 EXPORT_SYMBOL(register_restart_handler); 213 214 /** 215 * unregister_restart_handler - Unregister previously registered 216 * restart handler 217 * @nb: Hook to be unregistered 218 * 219 * Unregisters a previously registered restart handler function. 220 * 221 * Returns zero on success, or %-ENOENT on failure. 222 */ 223 int unregister_restart_handler(struct notifier_block *nb) 224 { 225 return atomic_notifier_chain_unregister(&restart_handler_list, nb); 226 } 227 EXPORT_SYMBOL(unregister_restart_handler); 228 229 /** 230 * do_kernel_restart - Execute kernel restart handler call chain 231 * 232 * @cmd: pointer to buffer containing command to execute for restart 233 * or %NULL 234 * 235 * Calls functions registered with register_restart_handler. 236 * 237 * Expected to be called from machine_restart as last step of the restart 238 * sequence. 239 * 240 * Restarts the system immediately if a restart handler function has been 241 * registered. Otherwise does nothing. 242 */ 243 void do_kernel_restart(char *cmd) 244 { 245 atomic_notifier_call_chain(&restart_handler_list, reboot_mode, cmd); 246 } 247 248 void migrate_to_reboot_cpu(void) 249 { 250 /* The boot cpu is always logical cpu 0 */ 251 int cpu = reboot_cpu; 252 253 cpu_hotplug_disable(); 254 255 /* Make certain the cpu I'm about to reboot on is online */ 256 if (!cpu_online(cpu)) 257 cpu = cpumask_first(cpu_online_mask); 258 259 /* Prevent races with other tasks migrating this task */ 260 current->flags |= PF_NO_SETAFFINITY; 261 262 /* Make certain I only run on the appropriate processor */ 263 set_cpus_allowed_ptr(current, cpumask_of(cpu)); 264 } 265 266 /* 267 * Notifier list for kernel code which wants to be called 268 * to prepare system for restart. 269 */ 270 static BLOCKING_NOTIFIER_HEAD(restart_prep_handler_list); 271 272 static void do_kernel_restart_prepare(void) 273 { 274 blocking_notifier_call_chain(&restart_prep_handler_list, 0, NULL); 275 } 276 277 /** 278 * kernel_restart - reboot the system 279 * @cmd: pointer to buffer containing command to execute for restart 280 * or %NULL 281 * 282 * Shutdown everything and perform a clean reboot. 283 * This is not safe to call in interrupt context. 284 */ 285 void kernel_restart(char *cmd) 286 { 287 kernel_restart_prepare(cmd); 288 do_kernel_restart_prepare(); 289 migrate_to_reboot_cpu(); 290 syscore_shutdown(); 291 if (!cmd) 292 pr_emerg("Restarting system\n"); 293 else 294 pr_emerg("Restarting system with command '%s'\n", cmd); 295 kmsg_dump(KMSG_DUMP_SHUTDOWN); 296 machine_restart(cmd); 297 } 298 EXPORT_SYMBOL_GPL(kernel_restart); 299 300 static void kernel_shutdown_prepare(enum system_states state) 301 { 302 blocking_notifier_call_chain(&reboot_notifier_list, 303 (state == SYSTEM_HALT) ? SYS_HALT : SYS_POWER_OFF, NULL); 304 system_state = state; 305 usermodehelper_disable(); 306 device_shutdown(); 307 } 308 /** 309 * kernel_halt - halt the system 310 * 311 * Shutdown everything and perform a clean system halt. 312 */ 313 void kernel_halt(void) 314 { 315 kernel_shutdown_prepare(SYSTEM_HALT); 316 migrate_to_reboot_cpu(); 317 syscore_shutdown(); 318 if (poweroff_fallback_to_halt) 319 pr_emerg("Power off not available: System halted instead\n"); 320 else 321 pr_emerg("System halted\n"); 322 kmsg_dump(KMSG_DUMP_SHUTDOWN); 323 machine_halt(); 324 } 325 EXPORT_SYMBOL_GPL(kernel_halt); 326 327 /* 328 * Notifier list for kernel code which wants to be called 329 * to prepare system for power off. 330 */ 331 static BLOCKING_NOTIFIER_HEAD(power_off_prep_handler_list); 332 333 /* 334 * Notifier list for kernel code which wants to be called 335 * to power off system. 336 */ 337 static ATOMIC_NOTIFIER_HEAD(power_off_handler_list); 338 339 static int sys_off_notify(struct notifier_block *nb, 340 unsigned long mode, void *cmd) 341 { 342 struct sys_off_handler *handler; 343 struct sys_off_data data = {}; 344 345 handler = container_of(nb, struct sys_off_handler, nb); 346 data.cb_data = handler->cb_data; 347 data.mode = mode; 348 data.cmd = cmd; 349 data.dev = handler->dev; 350 351 return handler->sys_off_cb(&data); 352 } 353 354 static struct sys_off_handler platform_sys_off_handler; 355 356 static struct sys_off_handler *alloc_sys_off_handler(int priority) 357 { 358 struct sys_off_handler *handler; 359 gfp_t flags; 360 361 /* 362 * Platforms like m68k can't allocate sys_off handler dynamically 363 * at the early boot time because memory allocator isn't available yet. 364 */ 365 if (priority == SYS_OFF_PRIO_PLATFORM) { 366 handler = &platform_sys_off_handler; 367 if (handler->cb_data) 368 return ERR_PTR(-EBUSY); 369 } else { 370 if (system_state > SYSTEM_RUNNING) 371 flags = GFP_ATOMIC; 372 else 373 flags = GFP_KERNEL; 374 375 handler = kzalloc(sizeof(*handler), flags); 376 if (!handler) 377 return ERR_PTR(-ENOMEM); 378 } 379 380 return handler; 381 } 382 383 static void free_sys_off_handler(struct sys_off_handler *handler) 384 { 385 if (handler == &platform_sys_off_handler) 386 memset(handler, 0, sizeof(*handler)); 387 else 388 kfree(handler); 389 } 390 391 /** 392 * register_sys_off_handler - Register sys-off handler 393 * @mode: Sys-off mode 394 * @priority: Handler priority 395 * @callback: Callback function 396 * @cb_data: Callback argument 397 * 398 * Registers system power-off or restart handler that will be invoked 399 * at the step corresponding to the given sys-off mode. Handler's callback 400 * should return NOTIFY_DONE to permit execution of the next handler in 401 * the call chain or NOTIFY_STOP to break the chain (in error case for 402 * example). 403 * 404 * Multiple handlers can be registered at the default priority level. 405 * 406 * Only one handler can be registered at the non-default priority level, 407 * otherwise ERR_PTR(-EBUSY) is returned. 408 * 409 * Returns a new instance of struct sys_off_handler on success, or 410 * an ERR_PTR()-encoded error code otherwise. 411 */ 412 struct sys_off_handler * 413 register_sys_off_handler(enum sys_off_mode mode, 414 int priority, 415 int (*callback)(struct sys_off_data *data), 416 void *cb_data) 417 { 418 struct sys_off_handler *handler; 419 int err; 420 421 handler = alloc_sys_off_handler(priority); 422 if (IS_ERR(handler)) 423 return handler; 424 425 switch (mode) { 426 case SYS_OFF_MODE_POWER_OFF_PREPARE: 427 handler->list = &power_off_prep_handler_list; 428 handler->blocking = true; 429 break; 430 431 case SYS_OFF_MODE_POWER_OFF: 432 handler->list = &power_off_handler_list; 433 break; 434 435 case SYS_OFF_MODE_RESTART_PREPARE: 436 handler->list = &restart_prep_handler_list; 437 handler->blocking = true; 438 break; 439 440 case SYS_OFF_MODE_RESTART: 441 handler->list = &restart_handler_list; 442 break; 443 444 default: 445 free_sys_off_handler(handler); 446 return ERR_PTR(-EINVAL); 447 } 448 449 handler->nb.notifier_call = sys_off_notify; 450 handler->nb.priority = priority; 451 handler->sys_off_cb = callback; 452 handler->cb_data = cb_data; 453 handler->mode = mode; 454 455 if (handler->blocking) { 456 if (priority == SYS_OFF_PRIO_DEFAULT) 457 err = blocking_notifier_chain_register(handler->list, 458 &handler->nb); 459 else 460 err = blocking_notifier_chain_register_unique_prio(handler->list, 461 &handler->nb); 462 } else { 463 if (priority == SYS_OFF_PRIO_DEFAULT) 464 err = atomic_notifier_chain_register(handler->list, 465 &handler->nb); 466 else 467 err = atomic_notifier_chain_register_unique_prio(handler->list, 468 &handler->nb); 469 } 470 471 if (err) { 472 free_sys_off_handler(handler); 473 return ERR_PTR(err); 474 } 475 476 return handler; 477 } 478 EXPORT_SYMBOL_GPL(register_sys_off_handler); 479 480 /** 481 * unregister_sys_off_handler - Unregister sys-off handler 482 * @handler: Sys-off handler 483 * 484 * Unregisters given sys-off handler. 485 */ 486 void unregister_sys_off_handler(struct sys_off_handler *handler) 487 { 488 int err; 489 490 if (IS_ERR_OR_NULL(handler)) 491 return; 492 493 if (handler->blocking) 494 err = blocking_notifier_chain_unregister(handler->list, 495 &handler->nb); 496 else 497 err = atomic_notifier_chain_unregister(handler->list, 498 &handler->nb); 499 500 /* sanity check, shall never happen */ 501 WARN_ON(err); 502 503 free_sys_off_handler(handler); 504 } 505 EXPORT_SYMBOL_GPL(unregister_sys_off_handler); 506 507 static void devm_unregister_sys_off_handler(void *data) 508 { 509 struct sys_off_handler *handler = data; 510 511 unregister_sys_off_handler(handler); 512 } 513 514 /** 515 * devm_register_sys_off_handler - Register sys-off handler 516 * @dev: Device that registers handler 517 * @mode: Sys-off mode 518 * @priority: Handler priority 519 * @callback: Callback function 520 * @cb_data: Callback argument 521 * 522 * Registers resource-managed sys-off handler. 523 * 524 * Returns zero on success, or error code on failure. 525 */ 526 int devm_register_sys_off_handler(struct device *dev, 527 enum sys_off_mode mode, 528 int priority, 529 int (*callback)(struct sys_off_data *data), 530 void *cb_data) 531 { 532 struct sys_off_handler *handler; 533 534 handler = register_sys_off_handler(mode, priority, callback, cb_data); 535 if (IS_ERR(handler)) 536 return PTR_ERR(handler); 537 handler->dev = dev; 538 539 return devm_add_action_or_reset(dev, devm_unregister_sys_off_handler, 540 handler); 541 } 542 EXPORT_SYMBOL_GPL(devm_register_sys_off_handler); 543 544 /** 545 * devm_register_power_off_handler - Register power-off handler 546 * @dev: Device that registers callback 547 * @callback: Callback function 548 * @cb_data: Callback's argument 549 * 550 * Registers resource-managed sys-off handler with a default priority 551 * and using power-off mode. 552 * 553 * Returns zero on success, or error code on failure. 554 */ 555 int devm_register_power_off_handler(struct device *dev, 556 int (*callback)(struct sys_off_data *data), 557 void *cb_data) 558 { 559 return devm_register_sys_off_handler(dev, 560 SYS_OFF_MODE_POWER_OFF, 561 SYS_OFF_PRIO_DEFAULT, 562 callback, cb_data); 563 } 564 EXPORT_SYMBOL_GPL(devm_register_power_off_handler); 565 566 /** 567 * devm_register_restart_handler - Register restart handler 568 * @dev: Device that registers callback 569 * @callback: Callback function 570 * @cb_data: Callback's argument 571 * 572 * Registers resource-managed sys-off handler with a default priority 573 * and using restart mode. 574 * 575 * Returns zero on success, or error code on failure. 576 */ 577 int devm_register_restart_handler(struct device *dev, 578 int (*callback)(struct sys_off_data *data), 579 void *cb_data) 580 { 581 return devm_register_sys_off_handler(dev, 582 SYS_OFF_MODE_RESTART, 583 SYS_OFF_PRIO_DEFAULT, 584 callback, cb_data); 585 } 586 EXPORT_SYMBOL_GPL(devm_register_restart_handler); 587 588 static struct sys_off_handler *platform_power_off_handler; 589 590 static int platform_power_off_notify(struct sys_off_data *data) 591 { 592 void (*platform_power_power_off_cb)(void) = data->cb_data; 593 594 platform_power_power_off_cb(); 595 596 return NOTIFY_DONE; 597 } 598 599 /** 600 * register_platform_power_off - Register platform-level power-off callback 601 * @power_off: Power-off callback 602 * 603 * Registers power-off callback that will be called as last step 604 * of the power-off sequence. This callback is expected to be invoked 605 * for the last resort. Only one platform power-off callback is allowed 606 * to be registered at a time. 607 * 608 * Returns zero on success, or error code on failure. 609 */ 610 int register_platform_power_off(void (*power_off)(void)) 611 { 612 struct sys_off_handler *handler; 613 614 handler = register_sys_off_handler(SYS_OFF_MODE_POWER_OFF, 615 SYS_OFF_PRIO_PLATFORM, 616 platform_power_off_notify, 617 power_off); 618 if (IS_ERR(handler)) 619 return PTR_ERR(handler); 620 621 platform_power_off_handler = handler; 622 623 return 0; 624 } 625 EXPORT_SYMBOL_GPL(register_platform_power_off); 626 627 /** 628 * unregister_platform_power_off - Unregister platform-level power-off callback 629 * @power_off: Power-off callback 630 * 631 * Unregisters previously registered platform power-off callback. 632 */ 633 void unregister_platform_power_off(void (*power_off)(void)) 634 { 635 if (platform_power_off_handler && 636 platform_power_off_handler->cb_data == power_off) { 637 unregister_sys_off_handler(platform_power_off_handler); 638 platform_power_off_handler = NULL; 639 } 640 } 641 EXPORT_SYMBOL_GPL(unregister_platform_power_off); 642 643 static int legacy_pm_power_off(struct sys_off_data *data) 644 { 645 if (pm_power_off) 646 pm_power_off(); 647 648 return NOTIFY_DONE; 649 } 650 651 static void do_kernel_power_off_prepare(void) 652 { 653 blocking_notifier_call_chain(&power_off_prep_handler_list, 0, NULL); 654 } 655 656 /** 657 * do_kernel_power_off - Execute kernel power-off handler call chain 658 * 659 * Expected to be called as last step of the power-off sequence. 660 * 661 * Powers off the system immediately if a power-off handler function has 662 * been registered. Otherwise does nothing. 663 */ 664 void do_kernel_power_off(void) 665 { 666 struct sys_off_handler *sys_off = NULL; 667 668 /* 669 * Register sys-off handlers for legacy PM callback. This allows 670 * legacy PM callbacks temporary co-exist with the new sys-off API. 671 * 672 * TODO: Remove legacy handlers once all legacy PM users will be 673 * switched to the sys-off based APIs. 674 */ 675 if (pm_power_off) 676 sys_off = register_sys_off_handler(SYS_OFF_MODE_POWER_OFF, 677 SYS_OFF_PRIO_DEFAULT, 678 legacy_pm_power_off, NULL); 679 680 atomic_notifier_call_chain(&power_off_handler_list, 0, NULL); 681 682 unregister_sys_off_handler(sys_off); 683 } 684 685 /** 686 * kernel_can_power_off - check whether system can be powered off 687 * 688 * Returns true if power-off handler is registered and system can be 689 * powered off, false otherwise. 690 */ 691 bool kernel_can_power_off(void) 692 { 693 return !atomic_notifier_call_chain_is_empty(&power_off_handler_list) || 694 pm_power_off; 695 } 696 EXPORT_SYMBOL_GPL(kernel_can_power_off); 697 698 /** 699 * kernel_power_off - power_off the system 700 * 701 * Shutdown everything and perform a clean system power_off. 702 */ 703 void kernel_power_off(void) 704 { 705 kernel_shutdown_prepare(SYSTEM_POWER_OFF); 706 do_kernel_power_off_prepare(); 707 migrate_to_reboot_cpu(); 708 syscore_shutdown(); 709 pr_emerg("Power down\n"); 710 kmsg_dump(KMSG_DUMP_SHUTDOWN); 711 machine_power_off(); 712 } 713 EXPORT_SYMBOL_GPL(kernel_power_off); 714 715 DEFINE_MUTEX(system_transition_mutex); 716 717 /* 718 * Reboot system call: for obvious reasons only root may call it, 719 * and even root needs to set up some magic numbers in the registers 720 * so that some mistake won't make this reboot the whole machine. 721 * You can also set the meaning of the ctrl-alt-del-key here. 722 * 723 * reboot doesn't sync: do that yourself before calling this. 724 */ 725 SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd, 726 void __user *, arg) 727 { 728 struct pid_namespace *pid_ns = task_active_pid_ns(current); 729 char buffer[256]; 730 int ret = 0; 731 732 /* We only trust the superuser with rebooting the system. */ 733 if (!ns_capable(pid_ns->user_ns, CAP_SYS_BOOT)) 734 return -EPERM; 735 736 /* For safety, we require "magic" arguments. */ 737 if (magic1 != LINUX_REBOOT_MAGIC1 || 738 (magic2 != LINUX_REBOOT_MAGIC2 && 739 magic2 != LINUX_REBOOT_MAGIC2A && 740 magic2 != LINUX_REBOOT_MAGIC2B && 741 magic2 != LINUX_REBOOT_MAGIC2C)) 742 return -EINVAL; 743 744 /* 745 * If pid namespaces are enabled and the current task is in a child 746 * pid_namespace, the command is handled by reboot_pid_ns() which will 747 * call do_exit(). 748 */ 749 ret = reboot_pid_ns(pid_ns, cmd); 750 if (ret) 751 return ret; 752 753 /* Instead of trying to make the power_off code look like 754 * halt when pm_power_off is not set do it the easy way. 755 */ 756 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !kernel_can_power_off()) { 757 poweroff_fallback_to_halt = true; 758 cmd = LINUX_REBOOT_CMD_HALT; 759 } 760 761 mutex_lock(&system_transition_mutex); 762 switch (cmd) { 763 case LINUX_REBOOT_CMD_RESTART: 764 kernel_restart(NULL); 765 break; 766 767 case LINUX_REBOOT_CMD_CAD_ON: 768 C_A_D = 1; 769 break; 770 771 case LINUX_REBOOT_CMD_CAD_OFF: 772 C_A_D = 0; 773 break; 774 775 case LINUX_REBOOT_CMD_HALT: 776 kernel_halt(); 777 do_exit(0); 778 779 case LINUX_REBOOT_CMD_POWER_OFF: 780 kernel_power_off(); 781 do_exit(0); 782 break; 783 784 case LINUX_REBOOT_CMD_RESTART2: 785 ret = strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1); 786 if (ret < 0) { 787 ret = -EFAULT; 788 break; 789 } 790 buffer[sizeof(buffer) - 1] = '\0'; 791 792 kernel_restart(buffer); 793 break; 794 795 #ifdef CONFIG_KEXEC_CORE 796 case LINUX_REBOOT_CMD_KEXEC: 797 ret = kernel_kexec(); 798 break; 799 #endif 800 801 #ifdef CONFIG_HIBERNATION 802 case LINUX_REBOOT_CMD_SW_SUSPEND: 803 ret = hibernate(); 804 break; 805 #endif 806 807 default: 808 ret = -EINVAL; 809 break; 810 } 811 mutex_unlock(&system_transition_mutex); 812 return ret; 813 } 814 815 static void deferred_cad(struct work_struct *dummy) 816 { 817 kernel_restart(NULL); 818 } 819 820 /* 821 * This function gets called by ctrl-alt-del - ie the keyboard interrupt. 822 * As it's called within an interrupt, it may NOT sync: the only choice 823 * is whether to reboot at once, or just ignore the ctrl-alt-del. 824 */ 825 void ctrl_alt_del(void) 826 { 827 static DECLARE_WORK(cad_work, deferred_cad); 828 829 if (C_A_D) 830 schedule_work(&cad_work); 831 else 832 kill_cad_pid(SIGINT, 1); 833 } 834 835 #define POWEROFF_CMD_PATH_LEN 256 836 static char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff"; 837 static const char reboot_cmd[] = "/sbin/reboot"; 838 839 static int run_cmd(const char *cmd) 840 { 841 char **argv; 842 static char *envp[] = { 843 "HOME=/", 844 "PATH=/sbin:/bin:/usr/sbin:/usr/bin", 845 NULL 846 }; 847 int ret; 848 argv = argv_split(GFP_KERNEL, cmd, NULL); 849 if (argv) { 850 ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC); 851 argv_free(argv); 852 } else { 853 ret = -ENOMEM; 854 } 855 856 return ret; 857 } 858 859 static int __orderly_reboot(void) 860 { 861 int ret; 862 863 ret = run_cmd(reboot_cmd); 864 865 if (ret) { 866 pr_warn("Failed to start orderly reboot: forcing the issue\n"); 867 emergency_sync(); 868 kernel_restart(NULL); 869 } 870 871 return ret; 872 } 873 874 static int __orderly_poweroff(bool force) 875 { 876 int ret; 877 878 ret = run_cmd(poweroff_cmd); 879 880 if (ret && force) { 881 pr_warn("Failed to start orderly shutdown: forcing the issue\n"); 882 883 /* 884 * I guess this should try to kick off some daemon to sync and 885 * poweroff asap. Or not even bother syncing if we're doing an 886 * emergency shutdown? 887 */ 888 emergency_sync(); 889 kernel_power_off(); 890 } 891 892 return ret; 893 } 894 895 static bool poweroff_force; 896 897 static void poweroff_work_func(struct work_struct *work) 898 { 899 __orderly_poweroff(poweroff_force); 900 } 901 902 static DECLARE_WORK(poweroff_work, poweroff_work_func); 903 904 /** 905 * orderly_poweroff - Trigger an orderly system poweroff 906 * @force: force poweroff if command execution fails 907 * 908 * This may be called from any context to trigger a system shutdown. 909 * If the orderly shutdown fails, it will force an immediate shutdown. 910 */ 911 void orderly_poweroff(bool force) 912 { 913 if (force) /* do not override the pending "true" */ 914 poweroff_force = true; 915 schedule_work(&poweroff_work); 916 } 917 EXPORT_SYMBOL_GPL(orderly_poweroff); 918 919 static void reboot_work_func(struct work_struct *work) 920 { 921 __orderly_reboot(); 922 } 923 924 static DECLARE_WORK(reboot_work, reboot_work_func); 925 926 /** 927 * orderly_reboot - Trigger an orderly system reboot 928 * 929 * This may be called from any context to trigger a system reboot. 930 * If the orderly reboot fails, it will force an immediate reboot. 931 */ 932 void orderly_reboot(void) 933 { 934 schedule_work(&reboot_work); 935 } 936 EXPORT_SYMBOL_GPL(orderly_reboot); 937 938 static const char *hw_protection_action_str(enum hw_protection_action action) 939 { 940 switch (action) { 941 case HWPROT_ACT_SHUTDOWN: 942 return "shutdown"; 943 case HWPROT_ACT_REBOOT: 944 return "reboot"; 945 default: 946 return "undefined"; 947 } 948 } 949 950 static enum hw_protection_action hw_failure_emergency_action; 951 952 /** 953 * hw_failure_emergency_action_func - emergency action work after a known delay 954 * @work: work_struct associated with the emergency action function 955 * 956 * This function is called in very critical situations to force 957 * a kernel poweroff or reboot after a configurable timeout value. 958 */ 959 static void hw_failure_emergency_action_func(struct work_struct *work) 960 { 961 const char *action_str = hw_protection_action_str(hw_failure_emergency_action); 962 963 pr_emerg("Hardware protection timed-out. Trying forced %s\n", 964 action_str); 965 966 /* 967 * We have reached here after the emergency action waiting period has 968 * expired. This means orderly_poweroff/reboot has not been able to 969 * shut off the system for some reason. 970 * 971 * Try to shut off the system immediately if possible 972 */ 973 974 if (hw_failure_emergency_action == HWPROT_ACT_REBOOT) 975 kernel_restart(NULL); 976 else 977 kernel_power_off(); 978 979 /* 980 * Worst of the worst case trigger emergency restart 981 */ 982 pr_emerg("Hardware protection %s failed. Trying emergency restart\n", 983 action_str); 984 emergency_restart(); 985 } 986 987 static DECLARE_DELAYED_WORK(hw_failure_emergency_action_work, 988 hw_failure_emergency_action_func); 989 990 /** 991 * hw_failure_emergency_schedule - Schedule an emergency system shutdown or reboot 992 * 993 * @action: The hardware protection action to be taken 994 * @action_delay_ms: Time in milliseconds to elapse before triggering action 995 * 996 * This may be called from any critical situation to trigger a system shutdown 997 * or reboot after a given period of time. 998 * If time is negative this is not scheduled. 999 */ 1000 static void hw_failure_emergency_schedule(enum hw_protection_action action, 1001 int action_delay_ms) 1002 { 1003 if (action_delay_ms <= 0) 1004 return; 1005 hw_failure_emergency_action = action; 1006 schedule_delayed_work(&hw_failure_emergency_action_work, 1007 msecs_to_jiffies(action_delay_ms)); 1008 } 1009 1010 /** 1011 * __hw_protection_trigger - Trigger an emergency system shutdown or reboot 1012 * 1013 * @reason: Reason of emergency shutdown or reboot to be printed. 1014 * @ms_until_forced: Time to wait for orderly shutdown or reboot before 1015 * triggering it. Negative value disables the forced 1016 * shutdown or reboot. 1017 * @action: The hardware protection action to be taken. 1018 * 1019 * Initiate an emergency system shutdown or reboot in order to protect 1020 * hardware from further damage. Usage examples include a thermal protection. 1021 * NOTE: The request is ignored if protection shutdown or reboot is already 1022 * pending even if the previous request has given a large timeout for forced 1023 * shutdown/reboot. 1024 */ 1025 void __hw_protection_trigger(const char *reason, int ms_until_forced, 1026 enum hw_protection_action action) 1027 { 1028 static atomic_t allow_proceed = ATOMIC_INIT(1); 1029 1030 pr_emerg("HARDWARE PROTECTION %s (%s)\n", 1031 hw_protection_action_str(action), reason); 1032 1033 /* Shutdown should be initiated only once. */ 1034 if (!atomic_dec_and_test(&allow_proceed)) 1035 return; 1036 1037 /* 1038 * Queue a backup emergency shutdown in the event of 1039 * orderly_poweroff failure 1040 */ 1041 hw_failure_emergency_schedule(action, ms_until_forced); 1042 if (action == HWPROT_ACT_REBOOT) 1043 orderly_reboot(); 1044 else 1045 orderly_poweroff(true); 1046 } 1047 EXPORT_SYMBOL_GPL(__hw_protection_trigger); 1048 1049 static int __init reboot_setup(char *str) 1050 { 1051 for (;;) { 1052 enum reboot_mode *mode; 1053 1054 /* 1055 * Having anything passed on the command line via 1056 * reboot= will cause us to disable DMI checking 1057 * below. 1058 */ 1059 reboot_default = 0; 1060 1061 if (!strncmp(str, "panic_", 6)) { 1062 mode = &panic_reboot_mode; 1063 str += 6; 1064 } else { 1065 mode = &reboot_mode; 1066 } 1067 1068 switch (*str) { 1069 case 'w': 1070 *mode = REBOOT_WARM; 1071 break; 1072 1073 case 'c': 1074 *mode = REBOOT_COLD; 1075 break; 1076 1077 case 'h': 1078 *mode = REBOOT_HARD; 1079 break; 1080 1081 case 's': 1082 /* 1083 * reboot_cpu is s[mp]#### with #### being the processor 1084 * to be used for rebooting. Skip 's' or 'smp' prefix. 1085 */ 1086 str += str[1] == 'm' && str[2] == 'p' ? 3 : 1; 1087 1088 if (isdigit(str[0])) { 1089 int cpu = simple_strtoul(str, NULL, 0); 1090 1091 if (cpu >= num_possible_cpus()) { 1092 pr_err("Ignoring the CPU number in reboot= option. " 1093 "CPU %d exceeds possible cpu number %d\n", 1094 cpu, num_possible_cpus()); 1095 break; 1096 } 1097 reboot_cpu = cpu; 1098 } else 1099 *mode = REBOOT_SOFT; 1100 break; 1101 1102 case 'g': 1103 *mode = REBOOT_GPIO; 1104 break; 1105 1106 case 'b': 1107 case 'a': 1108 case 'k': 1109 case 't': 1110 case 'e': 1111 case 'p': 1112 reboot_type = *str; 1113 break; 1114 1115 case 'f': 1116 reboot_force = 1; 1117 break; 1118 } 1119 1120 str = strchr(str, ','); 1121 if (str) 1122 str++; 1123 else 1124 break; 1125 } 1126 return 1; 1127 } 1128 __setup("reboot=", reboot_setup); 1129 1130 #ifdef CONFIG_SYSFS 1131 1132 #define REBOOT_COLD_STR "cold" 1133 #define REBOOT_WARM_STR "warm" 1134 #define REBOOT_HARD_STR "hard" 1135 #define REBOOT_SOFT_STR "soft" 1136 #define REBOOT_GPIO_STR "gpio" 1137 #define REBOOT_UNDEFINED_STR "undefined" 1138 1139 #define BOOT_TRIPLE_STR "triple" 1140 #define BOOT_KBD_STR "kbd" 1141 #define BOOT_BIOS_STR "bios" 1142 #define BOOT_ACPI_STR "acpi" 1143 #define BOOT_EFI_STR "efi" 1144 #define BOOT_PCI_STR "pci" 1145 1146 static ssize_t mode_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) 1147 { 1148 const char *val; 1149 1150 switch (reboot_mode) { 1151 case REBOOT_COLD: 1152 val = REBOOT_COLD_STR; 1153 break; 1154 case REBOOT_WARM: 1155 val = REBOOT_WARM_STR; 1156 break; 1157 case REBOOT_HARD: 1158 val = REBOOT_HARD_STR; 1159 break; 1160 case REBOOT_SOFT: 1161 val = REBOOT_SOFT_STR; 1162 break; 1163 case REBOOT_GPIO: 1164 val = REBOOT_GPIO_STR; 1165 break; 1166 default: 1167 val = REBOOT_UNDEFINED_STR; 1168 } 1169 1170 return sysfs_emit(buf, "%s\n", val); 1171 } 1172 static ssize_t mode_store(struct kobject *kobj, struct kobj_attribute *attr, 1173 const char *buf, size_t count) 1174 { 1175 if (!capable(CAP_SYS_BOOT)) 1176 return -EPERM; 1177 1178 if (!strncmp(buf, REBOOT_COLD_STR, strlen(REBOOT_COLD_STR))) 1179 reboot_mode = REBOOT_COLD; 1180 else if (!strncmp(buf, REBOOT_WARM_STR, strlen(REBOOT_WARM_STR))) 1181 reboot_mode = REBOOT_WARM; 1182 else if (!strncmp(buf, REBOOT_HARD_STR, strlen(REBOOT_HARD_STR))) 1183 reboot_mode = REBOOT_HARD; 1184 else if (!strncmp(buf, REBOOT_SOFT_STR, strlen(REBOOT_SOFT_STR))) 1185 reboot_mode = REBOOT_SOFT; 1186 else if (!strncmp(buf, REBOOT_GPIO_STR, strlen(REBOOT_GPIO_STR))) 1187 reboot_mode = REBOOT_GPIO; 1188 else 1189 return -EINVAL; 1190 1191 reboot_default = 0; 1192 1193 return count; 1194 } 1195 static struct kobj_attribute reboot_mode_attr = __ATTR_RW(mode); 1196 1197 #ifdef CONFIG_X86 1198 static ssize_t force_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) 1199 { 1200 return sysfs_emit(buf, "%d\n", reboot_force); 1201 } 1202 static ssize_t force_store(struct kobject *kobj, struct kobj_attribute *attr, 1203 const char *buf, size_t count) 1204 { 1205 bool res; 1206 1207 if (!capable(CAP_SYS_BOOT)) 1208 return -EPERM; 1209 1210 if (kstrtobool(buf, &res)) 1211 return -EINVAL; 1212 1213 reboot_default = 0; 1214 reboot_force = res; 1215 1216 return count; 1217 } 1218 static struct kobj_attribute reboot_force_attr = __ATTR_RW(force); 1219 1220 static ssize_t type_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) 1221 { 1222 const char *val; 1223 1224 switch (reboot_type) { 1225 case BOOT_TRIPLE: 1226 val = BOOT_TRIPLE_STR; 1227 break; 1228 case BOOT_KBD: 1229 val = BOOT_KBD_STR; 1230 break; 1231 case BOOT_BIOS: 1232 val = BOOT_BIOS_STR; 1233 break; 1234 case BOOT_ACPI: 1235 val = BOOT_ACPI_STR; 1236 break; 1237 case BOOT_EFI: 1238 val = BOOT_EFI_STR; 1239 break; 1240 case BOOT_CF9_FORCE: 1241 val = BOOT_PCI_STR; 1242 break; 1243 default: 1244 val = REBOOT_UNDEFINED_STR; 1245 } 1246 1247 return sysfs_emit(buf, "%s\n", val); 1248 } 1249 static ssize_t type_store(struct kobject *kobj, struct kobj_attribute *attr, 1250 const char *buf, size_t count) 1251 { 1252 if (!capable(CAP_SYS_BOOT)) 1253 return -EPERM; 1254 1255 if (!strncmp(buf, BOOT_TRIPLE_STR, strlen(BOOT_TRIPLE_STR))) 1256 reboot_type = BOOT_TRIPLE; 1257 else if (!strncmp(buf, BOOT_KBD_STR, strlen(BOOT_KBD_STR))) 1258 reboot_type = BOOT_KBD; 1259 else if (!strncmp(buf, BOOT_BIOS_STR, strlen(BOOT_BIOS_STR))) 1260 reboot_type = BOOT_BIOS; 1261 else if (!strncmp(buf, BOOT_ACPI_STR, strlen(BOOT_ACPI_STR))) 1262 reboot_type = BOOT_ACPI; 1263 else if (!strncmp(buf, BOOT_EFI_STR, strlen(BOOT_EFI_STR))) 1264 reboot_type = BOOT_EFI; 1265 else if (!strncmp(buf, BOOT_PCI_STR, strlen(BOOT_PCI_STR))) 1266 reboot_type = BOOT_CF9_FORCE; 1267 else 1268 return -EINVAL; 1269 1270 reboot_default = 0; 1271 1272 return count; 1273 } 1274 static struct kobj_attribute reboot_type_attr = __ATTR_RW(type); 1275 #endif 1276 1277 #ifdef CONFIG_SMP 1278 static ssize_t cpu_show(struct kobject *kobj, struct kobj_attribute *attr, char *buf) 1279 { 1280 return sysfs_emit(buf, "%d\n", reboot_cpu); 1281 } 1282 static ssize_t cpu_store(struct kobject *kobj, struct kobj_attribute *attr, 1283 const char *buf, size_t count) 1284 { 1285 unsigned int cpunum; 1286 int rc; 1287 1288 if (!capable(CAP_SYS_BOOT)) 1289 return -EPERM; 1290 1291 rc = kstrtouint(buf, 0, &cpunum); 1292 1293 if (rc) 1294 return rc; 1295 1296 if (cpunum >= num_possible_cpus()) 1297 return -ERANGE; 1298 1299 reboot_default = 0; 1300 reboot_cpu = cpunum; 1301 1302 return count; 1303 } 1304 static struct kobj_attribute reboot_cpu_attr = __ATTR_RW(cpu); 1305 #endif 1306 1307 static struct attribute *reboot_attrs[] = { 1308 &reboot_mode_attr.attr, 1309 #ifdef CONFIG_X86 1310 &reboot_force_attr.attr, 1311 &reboot_type_attr.attr, 1312 #endif 1313 #ifdef CONFIG_SMP 1314 &reboot_cpu_attr.attr, 1315 #endif 1316 NULL, 1317 }; 1318 1319 #ifdef CONFIG_SYSCTL 1320 static const struct ctl_table kern_reboot_table[] = { 1321 { 1322 .procname = "poweroff_cmd", 1323 .data = &poweroff_cmd, 1324 .maxlen = POWEROFF_CMD_PATH_LEN, 1325 .mode = 0644, 1326 .proc_handler = proc_dostring, 1327 }, 1328 { 1329 .procname = "ctrl-alt-del", 1330 .data = &C_A_D, 1331 .maxlen = sizeof(int), 1332 .mode = 0644, 1333 .proc_handler = proc_dointvec, 1334 }, 1335 }; 1336 1337 static void __init kernel_reboot_sysctls_init(void) 1338 { 1339 register_sysctl_init("kernel", kern_reboot_table); 1340 } 1341 #else 1342 #define kernel_reboot_sysctls_init() do { } while (0) 1343 #endif /* CONFIG_SYSCTL */ 1344 1345 static const struct attribute_group reboot_attr_group = { 1346 .attrs = reboot_attrs, 1347 }; 1348 1349 static int __init reboot_ksysfs_init(void) 1350 { 1351 struct kobject *reboot_kobj; 1352 int ret; 1353 1354 reboot_kobj = kobject_create_and_add("reboot", kernel_kobj); 1355 if (!reboot_kobj) 1356 return -ENOMEM; 1357 1358 ret = sysfs_create_group(reboot_kobj, &reboot_attr_group); 1359 if (ret) { 1360 kobject_put(reboot_kobj); 1361 return ret; 1362 } 1363 1364 kernel_reboot_sysctls_init(); 1365 1366 return 0; 1367 } 1368 late_initcall(reboot_ksysfs_init); 1369 1370 #endif 1371