1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * linux/kernel/reboot.c
4 *
5 * Copyright (C) 2013 Linus Torvalds
6 */
7
8 #define pr_fmt(fmt) "reboot: " fmt
9
10 #include <linux/ctype.h>
11 #include <linux/export.h>
12 #include <linux/kexec.h>
13 #include <linux/kmod.h>
14 #include <linux/kmsg_dump.h>
15 #include <linux/reboot.h>
16 #include <linux/suspend.h>
17 #include <linux/syscalls.h>
18 #include <linux/syscore_ops.h>
19 #include <linux/uaccess.h>
20
21 /*
22 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
23 */
24
25 int C_A_D = 1;
26 struct pid *cad_pid;
27 EXPORT_SYMBOL(cad_pid);
28
29 #if defined(CONFIG_ARM)
30 #define DEFAULT_REBOOT_MODE = REBOOT_HARD
31 #else
32 #define DEFAULT_REBOOT_MODE
33 #endif
34 enum reboot_mode reboot_mode DEFAULT_REBOOT_MODE;
35 enum reboot_mode panic_reboot_mode = REBOOT_UNDEFINED;
36
37 /*
38 * This variable is used privately to keep track of whether or not
39 * reboot_type is still set to its default value (i.e., reboot= hasn't
40 * been set on the command line). This is needed so that we can
41 * suppress DMI scanning for reboot quirks. Without it, it's
42 * impossible to override a faulty reboot quirk without recompiling.
43 */
44 int reboot_default = 1;
45 int reboot_cpu;
46 enum reboot_type reboot_type = BOOT_ACPI;
47 int reboot_force;
48
49 /*
50 * If set, this is used for preparing the system to power off.
51 */
52
53 void (*pm_power_off_prepare)(void);
54 EXPORT_SYMBOL_GPL(pm_power_off_prepare);
55
56 /**
57 * emergency_restart - reboot the system
58 *
59 * Without shutting down any hardware or taking any locks
60 * reboot the system. This is called when we know we are in
61 * trouble so this is our best effort to reboot. This is
62 * safe to call in interrupt context.
63 */
emergency_restart(void)64 void emergency_restart(void)
65 {
66 kmsg_dump(KMSG_DUMP_EMERG);
67 machine_emergency_restart();
68 }
69 EXPORT_SYMBOL_GPL(emergency_restart);
70
kernel_restart_prepare(char * cmd)71 void kernel_restart_prepare(char *cmd)
72 {
73 blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
74 system_state = SYSTEM_RESTART;
75 usermodehelper_disable();
76 device_shutdown();
77 }
78
79 /**
80 * register_reboot_notifier - Register function to be called at reboot time
81 * @nb: Info about notifier function to be called
82 *
83 * Registers a function with the list of functions
84 * to be called at reboot time.
85 *
86 * Currently always returns zero, as blocking_notifier_chain_register()
87 * always returns zero.
88 */
register_reboot_notifier(struct notifier_block * nb)89 int register_reboot_notifier(struct notifier_block *nb)
90 {
91 return blocking_notifier_chain_register(&reboot_notifier_list, nb);
92 }
93 EXPORT_SYMBOL(register_reboot_notifier);
94
95 /**
96 * unregister_reboot_notifier - Unregister previously registered reboot notifier
97 * @nb: Hook to be unregistered
98 *
99 * Unregisters a previously registered reboot
100 * notifier function.
101 *
102 * Returns zero on success, or %-ENOENT on failure.
103 */
unregister_reboot_notifier(struct notifier_block * nb)104 int unregister_reboot_notifier(struct notifier_block *nb)
105 {
106 return blocking_notifier_chain_unregister(&reboot_notifier_list, nb);
107 }
108 EXPORT_SYMBOL(unregister_reboot_notifier);
109
devm_unregister_reboot_notifier(struct device * dev,void * res)110 static void devm_unregister_reboot_notifier(struct device *dev, void *res)
111 {
112 WARN_ON(unregister_reboot_notifier(*(struct notifier_block **)res));
113 }
114
devm_register_reboot_notifier(struct device * dev,struct notifier_block * nb)115 int devm_register_reboot_notifier(struct device *dev, struct notifier_block *nb)
116 {
117 struct notifier_block **rcnb;
118 int ret;
119
120 rcnb = devres_alloc(devm_unregister_reboot_notifier, sizeof(*rcnb), GFP_KERNEL);
121 if (!rcnb) {
122 return -ENOMEM;
123 }
124
125 ret = register_reboot_notifier(nb);
126 if (!ret) {
127 *rcnb = nb;
128 devres_add(dev, rcnb);
129 } else {
130 devres_free(rcnb);
131 }
132
133 return ret;
134 }
135 EXPORT_SYMBOL(devm_register_reboot_notifier);
136
137 /*
138 * Notifier list for kernel code which wants to be called
139 * to restart the system.
140 */
141 static ATOMIC_NOTIFIER_HEAD(restart_handler_list);
142
143 /**
144 * register_restart_handler - Register function to be called to reset
145 * the system
146 * @nb: Info about handler function to be called
147 * @nb->priority: Handler priority. Handlers should follow the
148 * following guidelines for setting priorities.
149 * 0: Restart handler of last resort,
150 * with limited restart capabilities
151 * 128: Default restart handler; use if no other
152 * restart handler is expected to be available,
153 * and/or if restart functionality is
154 * sufficient to restart the entire system
155 * 255: Highest priority restart handler, will
156 * preempt all other restart handlers
157 *
158 * Registers a function with code to be called to restart the
159 * system.
160 *
161 * Registered functions will be called from machine_restart as last
162 * step of the restart sequence (if the architecture specific
163 * machine_restart function calls do_kernel_restart - see below
164 * for details).
165 * Registered functions are expected to restart the system immediately.
166 * If more than one function is registered, the restart handler priority
167 * selects which function will be called first.
168 *
169 * Restart handlers are expected to be registered from non-architecture
170 * code, typically from drivers. A typical use case would be a system
171 * where restart functionality is provided through a watchdog. Multiple
172 * restart handlers may exist; for example, one restart handler might
173 * restart the entire system, while another only restarts the CPU.
174 * In such cases, the restart handler which only restarts part of the
175 * hardware is expected to register with low priority to ensure that
176 * it only runs if no other means to restart the system is available.
177 *
178 * Currently always returns zero, as atomic_notifier_chain_register()
179 * always returns zero.
180 */
register_restart_handler(struct notifier_block * nb)181 int register_restart_handler(struct notifier_block *nb)
182 {
183 return atomic_notifier_chain_register(&restart_handler_list, nb);
184 }
185 EXPORT_SYMBOL(register_restart_handler);
186
187 /**
188 * unregister_restart_handler - Unregister previously registered
189 * restart handler
190 * @nb: Hook to be unregistered
191 *
192 * Unregisters a previously registered restart handler function.
193 *
194 * Returns zero on success, or %-ENOENT on failure.
195 */
unregister_restart_handler(struct notifier_block * nb)196 int unregister_restart_handler(struct notifier_block *nb)
197 {
198 return atomic_notifier_chain_unregister(&restart_handler_list, nb);
199 }
200 EXPORT_SYMBOL(unregister_restart_handler);
201
202 /**
203 * do_kernel_restart - Execute kernel restart handler call chain
204 *
205 * Calls functions registered with register_restart_handler.
206 *
207 * Expected to be called from machine_restart as last step of the restart
208 * sequence.
209 *
210 * Restarts the system immediately if a restart handler function has been
211 * registered. Otherwise does nothing.
212 */
do_kernel_restart(char * cmd)213 void do_kernel_restart(char *cmd)
214 {
215 atomic_notifier_call_chain(&restart_handler_list, reboot_mode, cmd);
216 }
217
218 #ifdef CONFIG_NO_GKI
219 static ATOMIC_NOTIFIER_HEAD(pre_restart_handler_list);
220
register_pre_restart_handler(struct notifier_block * nb)221 int register_pre_restart_handler(struct notifier_block *nb)
222 {
223 return atomic_notifier_chain_register(&pre_restart_handler_list, nb);
224 }
225 EXPORT_SYMBOL(register_pre_restart_handler);
226
unregister_pre_restart_handler(struct notifier_block * nb)227 int unregister_pre_restart_handler(struct notifier_block *nb)
228 {
229 return atomic_notifier_chain_unregister(&pre_restart_handler_list, nb);
230 }
231 EXPORT_SYMBOL(unregister_pre_restart_handler);
232
do_kernel_pre_restart(char * cmd)233 void do_kernel_pre_restart(char *cmd)
234 {
235 atomic_notifier_call_chain(&pre_restart_handler_list, reboot_mode, cmd);
236 }
237 #endif
238
migrate_to_reboot_cpu(void)239 void migrate_to_reboot_cpu(void)
240 {
241 /* The boot cpu is always logical cpu 0 */
242 int cpu = reboot_cpu;
243
244 cpu_hotplug_disable();
245
246 /* Make certain the cpu I'm about to reboot on is online */
247 if (!cpu_online(cpu)) {
248 cpu = cpumask_first(cpu_online_mask);
249 }
250
251 /* Prevent races with other tasks migrating this task */
252 current->flags |= PF_NO_SETAFFINITY;
253
254 /* Make certain I only run on the appropriate processor */
255 set_cpus_allowed_ptr(current, cpumask_of(cpu));
256 }
257
258 /**
259 * kernel_restart - reboot the system
260 * @cmd: pointer to buffer containing command to execute for restart
261 * or %NULL
262 *
263 * Shutdown everything and perform a clean reboot.
264 * This is not safe to call in interrupt context.
265 */
kernel_restart(char * cmd)266 void kernel_restart(char *cmd)
267 {
268 kernel_restart_prepare(cmd);
269 migrate_to_reboot_cpu();
270 syscore_shutdown();
271 if (!cmd) {
272 pr_emerg("Restarting system\n");
273 } else {
274 pr_emerg("Restarting system with command '%s'\n", cmd);
275 }
276 kmsg_dump(KMSG_DUMP_SHUTDOWN);
277 machine_restart(cmd);
278 }
279 EXPORT_SYMBOL_GPL(kernel_restart);
280
kernel_shutdown_prepare(enum system_states state)281 static void kernel_shutdown_prepare(enum system_states state)
282 {
283 blocking_notifier_call_chain(&reboot_notifier_list, (state == SYSTEM_HALT) ? SYS_HALT : SYS_POWER_OFF, NULL);
284 system_state = state;
285 usermodehelper_disable();
286 device_shutdown();
287 }
288 /**
289 * kernel_halt - halt the system
290 *
291 * Shutdown everything and perform a clean system halt.
292 */
kernel_halt(void)293 void kernel_halt(void)
294 {
295 kernel_shutdown_prepare(SYSTEM_HALT);
296 migrate_to_reboot_cpu();
297 syscore_shutdown();
298 pr_emerg("System halted\n");
299 kmsg_dump(KMSG_DUMP_SHUTDOWN);
300 machine_halt();
301 }
302 EXPORT_SYMBOL_GPL(kernel_halt);
303
304 /**
305 * kernel_power_off - power_off the system
306 *
307 * Shutdown everything and perform a clean system power_off.
308 */
kernel_power_off(void)309 void kernel_power_off(void)
310 {
311 kernel_shutdown_prepare(SYSTEM_POWER_OFF);
312 if (pm_power_off_prepare) {
313 pm_power_off_prepare();
314 }
315 migrate_to_reboot_cpu();
316 syscore_shutdown();
317 pr_emerg("Power down\n");
318 kmsg_dump(KMSG_DUMP_SHUTDOWN);
319 machine_power_off();
320 }
321 EXPORT_SYMBOL_GPL(kernel_power_off);
322
323 DEFINE_MUTEX(system_transition_mutex);
324
325 /*
326 * Reboot system call: for obvious reasons only root may call it,
327 * and even root needs to set up some magic numbers in the registers
328 * so that some mistake won't make this reboot the whole machine.
329 * You can also set the meaning of the ctrl-alt-del-key here.
330 *
331 * reboot doesn't sync: do that yourself before calling this.
332 */
SYSCALL_DEFINE4(reboot,int,magic1,int,magic2,unsigned int,cmd,void __user *,arg)333 SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd, void __user *, arg)
334 {
335 struct pid_namespace *pid_ns = task_active_pid_ns(current);
336 char buffer[256];
337 int ret = 0;
338
339 /* We only trust the superuser with rebooting the system. */
340 if (!ns_capable(pid_ns->user_ns, CAP_SYS_BOOT)) {
341 return -EPERM;
342 }
343
344 /* For safety, we require "magic" arguments. */
345 if (magic1 != LINUX_REBOOT_MAGIC1 || (magic2 != LINUX_REBOOT_MAGIC2 && magic2 != LINUX_REBOOT_MAGIC2A &&
346 magic2 != LINUX_REBOOT_MAGIC2B && magic2 != LINUX_REBOOT_MAGIC2C)) {
347 return -EINVAL;
348 }
349
350 /*
351 * If pid namespaces are enabled and the current task is in a child
352 * pid_namespace, the command is handled by reboot_pid_ns() which will
353 * call do_exit().
354 */
355 ret = reboot_pid_ns(pid_ns, cmd);
356 if (ret) {
357 return ret;
358 }
359
360 /* Instead of trying to make the power_off code look like
361 * halt when pm_power_off is not set do it the easy way.
362 */
363 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off) {
364 cmd = LINUX_REBOOT_CMD_HALT;
365 }
366
367 mutex_lock(&system_transition_mutex);
368 switch (cmd) {
369 case LINUX_REBOOT_CMD_RESTART:
370 kernel_restart(NULL);
371 break;
372
373 case LINUX_REBOOT_CMD_CAD_ON:
374 C_A_D = 1;
375 break;
376
377 case LINUX_REBOOT_CMD_CAD_OFF:
378 C_A_D = 0;
379 break;
380
381 case LINUX_REBOOT_CMD_HALT:
382 kernel_halt();
383 do_exit(0);
384 panic("cannot halt");
385
386 case LINUX_REBOOT_CMD_POWER_OFF:
387 kernel_power_off();
388 do_exit(0);
389 break;
390
391 case LINUX_REBOOT_CMD_RESTART2:
392 ret = strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1);
393 if (ret < 0) {
394 ret = -EFAULT;
395 break;
396 }
397 buffer[sizeof(buffer) - 1] = '\0';
398
399 kernel_restart(buffer);
400 break;
401
402 #ifdef CONFIG_KEXEC_CORE
403 case LINUX_REBOOT_CMD_KEXEC:
404 ret = kernel_kexec();
405 break;
406 #endif
407
408 #ifdef CONFIG_HIBERNATION
409 case LINUX_REBOOT_CMD_SW_SUSPEND:
410 ret = hibernate();
411 break;
412 #endif
413
414 default:
415 ret = -EINVAL;
416 break;
417 }
418 mutex_unlock(&system_transition_mutex);
419 return ret;
420 }
421
deferred_cad(struct work_struct * dummy)422 static void deferred_cad(struct work_struct *dummy)
423 {
424 kernel_restart(NULL);
425 }
426
427 /*
428 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
429 * As it's called within an interrupt, it may NOT sync: the only choice
430 * is whether to reboot at once, or just ignore the ctrl-alt-del.
431 */
ctrl_alt_del(void)432 void ctrl_alt_del(void)
433 {
434 static DECLARE_WORK(cad_work, deferred_cad);
435
436 if (C_A_D) {
437 schedule_work(&cad_work);
438 } else {
439 kill_cad_pid(SIGINT, 1);
440 }
441 }
442
443 char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff";
444 static const char reboot_cmd[] = "/sbin/reboot";
445
run_cmd(const char * cmd)446 static int run_cmd(const char *cmd)
447 {
448 char **argv;
449 static char *envp[] = {"HOME=/", "PATH=/sbin:/bin:/usr/sbin:/usr/bin", NULL};
450 int ret;
451 argv = argv_split(GFP_KERNEL, cmd, NULL);
452 if (argv) {
453 ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);
454 argv_free(argv);
455 } else {
456 ret = -ENOMEM;
457 }
458
459 return ret;
460 }
461
__orderly_reboot(void)462 static int __orderly_reboot(void)
463 {
464 int ret;
465
466 ret = run_cmd(reboot_cmd);
467 if (ret) {
468 pr_warn("Failed to start orderly reboot: forcing the issue\n");
469 emergency_sync();
470 kernel_restart(NULL);
471 }
472
473 return ret;
474 }
475
__orderly_poweroff(bool force)476 static int __orderly_poweroff(bool force)
477 {
478 int ret;
479
480 ret = run_cmd(poweroff_cmd);
481 if (ret && force) {
482 pr_warn("Failed to start orderly shutdown: forcing the issue\n");
483
484 /*
485 * I guess this should try to kick off some daemon to sync and
486 * poweroff asap. Or not even bother syncing if we're doing an
487 * emergency shutdown?
488 */
489 emergency_sync();
490 kernel_power_off();
491 }
492
493 return ret;
494 }
495
496 static bool poweroff_force;
497
poweroff_work_func(struct work_struct * work)498 static void poweroff_work_func(struct work_struct *work)
499 {
500 __orderly_poweroff(poweroff_force);
501 }
502
503 static DECLARE_WORK(poweroff_work, poweroff_work_func);
504
505 /**
506 * orderly_poweroff - Trigger an orderly system poweroff
507 * @force: force poweroff if command execution fails
508 *
509 * This may be called from any context to trigger a system shutdown.
510 * If the orderly shutdown fails, it will force an immediate shutdown.
511 */
orderly_poweroff(bool force)512 void orderly_poweroff(bool force)
513 {
514 if (force) { /* do not override the pending "true" */
515 poweroff_force = true;
516 }
517 schedule_work(&poweroff_work);
518 }
519 EXPORT_SYMBOL_GPL(orderly_poweroff);
520
reboot_work_func(struct work_struct * work)521 static void reboot_work_func(struct work_struct *work)
522 {
523 __orderly_reboot();
524 }
525
526 static DECLARE_WORK(reboot_work, reboot_work_func);
527
528 /**
529 * orderly_reboot - Trigger an orderly system reboot
530 *
531 * This may be called from any context to trigger a system reboot.
532 * If the orderly reboot fails, it will force an immediate reboot.
533 */
orderly_reboot(void)534 void orderly_reboot(void)
535 {
536 schedule_work(&reboot_work);
537 }
538 EXPORT_SYMBOL_GPL(orderly_reboot);
539
reboot_setup(char * str)540 static int __init reboot_setup(char *str)
541 {
542 for (;;) {
543 enum reboot_mode *mode;
544
545 /*
546 * Having anything passed on the command line via
547 * reboot= will cause us to disable DMI checking
548 * below.
549 */
550 reboot_default = 0;
551
552 if (!strncmp(str, "panic_", 6)) {
553 mode = &panic_reboot_mode;
554 str += 6;
555 } else {
556 mode = &reboot_mode;
557 }
558
559 switch (*str) {
560 case 'w':
561 *mode = REBOOT_WARM;
562 break;
563
564 case 'c':
565 *mode = REBOOT_COLD;
566 break;
567
568 case 'h':
569 *mode = REBOOT_HARD;
570 break;
571
572 case 's':
573 if (isdigit(*(str + 1))) {
574 reboot_cpu = simple_strtoul(str + 1, NULL, 0);
575 } else if (str[1] == 'm' && str[2] == 'p' && isdigit(*(str + 3))) {
576 reboot_cpu = simple_strtoul(str + 3, NULL, 0);
577 } else {
578 *mode = REBOOT_SOFT;
579 }
580 if (reboot_cpu >= num_possible_cpus()) {
581 pr_err("Ignoring the CPU number in reboot= option. "
582 "CPU %d exceeds possible cpu number %d\n",
583 reboot_cpu, num_possible_cpus());
584 reboot_cpu = 0;
585 break;
586 }
587 break;
588
589 case 'g':
590 *mode = REBOOT_GPIO;
591 break;
592
593 case 'b':
594 case 'a':
595 case 'k':
596 case 't':
597 case 'e':
598 case 'p':
599 reboot_type = *str;
600 break;
601
602 case 'f':
603 reboot_force = 1;
604 break;
605 }
606
607 str = strchr(str, ',');
608 if (str) {
609 str++;
610 } else {
611 break;
612 }
613 }
614 return 1;
615 }
616 __setup("reboot=", reboot_setup);
617