1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * linux/kernel/reboot.c
4 *
5 * Copyright (C) 2013 Linus Torvalds
6 */
7
8 #define pr_fmt(fmt) "reboot: " fmt
9
10 #include <linux/ctype.h>
11 #include <linux/export.h>
12 #include <linux/kexec.h>
13 #include <linux/kmod.h>
14 #include <linux/kmsg_dump.h>
15 #include <linux/reboot.h>
16 #include <linux/suspend.h>
17 #include <linux/syscalls.h>
18 #include <linux/syscore_ops.h>
19 #include <linux/uaccess.h>
20
21 /*
22 * this indicates whether you can reboot with ctrl-alt-del: the default is yes
23 */
24
25 int C_A_D = 1;
26 struct pid *cad_pid;
27 EXPORT_SYMBOL(cad_pid);
28
29 #if defined(CONFIG_ARM) || defined(CONFIG_UNICORE32)
30 #define DEFAULT_REBOOT_MODE = REBOOT_HARD
31 #else
32 #define DEFAULT_REBOOT_MODE
33 #endif
34 enum reboot_mode reboot_mode DEFAULT_REBOOT_MODE;
35 EXPORT_SYMBOL_GPL(reboot_mode);
36 enum reboot_mode panic_reboot_mode = REBOOT_UNDEFINED;
37 EXPORT_SYMBOL_GPL(panic_reboot_mode);
38
39 /*
40 * This variable is used privately to keep track of whether or not
41 * reboot_type is still set to its default value (i.e., reboot= hasn't
42 * been set on the command line). This is needed so that we can
43 * suppress DMI scanning for reboot quirks. Without it, it's
44 * impossible to override a faulty reboot quirk without recompiling.
45 */
46 int reboot_default = 1;
47 int reboot_cpu;
48 enum reboot_type reboot_type = BOOT_ACPI;
49 int reboot_force;
50
51 /*
52 * If set, this is used for preparing the system to power off.
53 */
54
55 void (*pm_power_off_prepare)(void);
56 EXPORT_SYMBOL_GPL(pm_power_off_prepare);
57
58 /**
59 * emergency_restart - reboot the system
60 *
61 * Without shutting down any hardware or taking any locks
62 * reboot the system. This is called when we know we are in
63 * trouble so this is our best effort to reboot. This is
64 * safe to call in interrupt context.
65 */
emergency_restart(void)66 void emergency_restart(void)
67 {
68 kmsg_dump(KMSG_DUMP_EMERG);
69 system_state = SYSTEM_RESTART;
70 machine_emergency_restart();
71 }
72 EXPORT_SYMBOL_GPL(emergency_restart);
73
kernel_restart_prepare(char * cmd)74 void kernel_restart_prepare(char *cmd)
75 {
76 blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
77 system_state = SYSTEM_RESTART;
78 usermodehelper_disable();
79 device_shutdown();
80 }
81
82 /**
83 * register_reboot_notifier - Register function to be called at reboot time
84 * @nb: Info about notifier function to be called
85 *
86 * Registers a function with the list of functions
87 * to be called at reboot time.
88 *
89 * Currently always returns zero, as blocking_notifier_chain_register()
90 * always returns zero.
91 */
register_reboot_notifier(struct notifier_block * nb)92 int register_reboot_notifier(struct notifier_block *nb)
93 {
94 return blocking_notifier_chain_register(&reboot_notifier_list, nb);
95 }
96 EXPORT_SYMBOL(register_reboot_notifier);
97
98 /**
99 * unregister_reboot_notifier - Unregister previously registered reboot notifier
100 * @nb: Hook to be unregistered
101 *
102 * Unregisters a previously registered reboot
103 * notifier function.
104 *
105 * Returns zero on success, or %-ENOENT on failure.
106 */
unregister_reboot_notifier(struct notifier_block * nb)107 int unregister_reboot_notifier(struct notifier_block *nb)
108 {
109 return blocking_notifier_chain_unregister(&reboot_notifier_list, nb);
110 }
111 EXPORT_SYMBOL(unregister_reboot_notifier);
112
devm_unregister_reboot_notifier(struct device * dev,void * res)113 static void devm_unregister_reboot_notifier(struct device *dev, void *res)
114 {
115 WARN_ON(unregister_reboot_notifier(*(struct notifier_block **)res));
116 }
117
devm_register_reboot_notifier(struct device * dev,struct notifier_block * nb)118 int devm_register_reboot_notifier(struct device *dev, struct notifier_block *nb)
119 {
120 struct notifier_block **rcnb;
121 int ret;
122
123 rcnb = devres_alloc(devm_unregister_reboot_notifier,
124 sizeof(*rcnb), GFP_KERNEL);
125 if (!rcnb)
126 return -ENOMEM;
127
128 ret = register_reboot_notifier(nb);
129 if (!ret) {
130 *rcnb = nb;
131 devres_add(dev, rcnb);
132 } else {
133 devres_free(rcnb);
134 }
135
136 return ret;
137 }
138 EXPORT_SYMBOL(devm_register_reboot_notifier);
139
140 /*
141 * Notifier list for kernel code which wants to be called
142 * to restart the system.
143 */
144 static ATOMIC_NOTIFIER_HEAD(restart_handler_list);
145
146 /**
147 * register_restart_handler - Register function to be called to reset
148 * the system
149 * @nb: Info about handler function to be called
150 * @nb->priority: Handler priority. Handlers should follow the
151 * following guidelines for setting priorities.
152 * 0: Restart handler of last resort,
153 * with limited restart capabilities
154 * 128: Default restart handler; use if no other
155 * restart handler is expected to be available,
156 * and/or if restart functionality is
157 * sufficient to restart the entire system
158 * 255: Highest priority restart handler, will
159 * preempt all other restart handlers
160 *
161 * Registers a function with code to be called to restart the
162 * system.
163 *
164 * Registered functions will be called from machine_restart as last
165 * step of the restart sequence (if the architecture specific
166 * machine_restart function calls do_kernel_restart - see below
167 * for details).
168 * Registered functions are expected to restart the system immediately.
169 * If more than one function is registered, the restart handler priority
170 * selects which function will be called first.
171 *
172 * Restart handlers are expected to be registered from non-architecture
173 * code, typically from drivers. A typical use case would be a system
174 * where restart functionality is provided through a watchdog. Multiple
175 * restart handlers may exist; for example, one restart handler might
176 * restart the entire system, while another only restarts the CPU.
177 * In such cases, the restart handler which only restarts part of the
178 * hardware is expected to register with low priority to ensure that
179 * it only runs if no other means to restart the system is available.
180 *
181 * Currently always returns zero, as atomic_notifier_chain_register()
182 * always returns zero.
183 */
register_restart_handler(struct notifier_block * nb)184 int register_restart_handler(struct notifier_block *nb)
185 {
186 return atomic_notifier_chain_register(&restart_handler_list, nb);
187 }
188 EXPORT_SYMBOL(register_restart_handler);
189
190 /**
191 * unregister_restart_handler - Unregister previously registered
192 * restart handler
193 * @nb: Hook to be unregistered
194 *
195 * Unregisters a previously registered restart handler function.
196 *
197 * Returns zero on success, or %-ENOENT on failure.
198 */
unregister_restart_handler(struct notifier_block * nb)199 int unregister_restart_handler(struct notifier_block *nb)
200 {
201 return atomic_notifier_chain_unregister(&restart_handler_list, nb);
202 }
203 EXPORT_SYMBOL(unregister_restart_handler);
204
205 /**
206 * do_kernel_restart - Execute kernel restart handler call chain
207 *
208 * Calls functions registered with register_restart_handler.
209 *
210 * Expected to be called from machine_restart as last step of the restart
211 * sequence.
212 *
213 * Restarts the system immediately if a restart handler function has been
214 * registered. Otherwise does nothing.
215 */
do_kernel_restart(char * cmd)216 void do_kernel_restart(char *cmd)
217 {
218 atomic_notifier_call_chain(&restart_handler_list, reboot_mode, cmd);
219 }
220
migrate_to_reboot_cpu(void)221 void migrate_to_reboot_cpu(void)
222 {
223 /* The boot cpu is always logical cpu 0 */
224 int cpu = reboot_cpu;
225
226 cpu_hotplug_disable();
227
228 /* Make certain the cpu I'm about to reboot on is online */
229 if (!cpu_online(cpu))
230 cpu = cpumask_first(cpu_online_mask);
231
232 /* Prevent races with other tasks migrating this task */
233 current->flags |= PF_NO_SETAFFINITY;
234
235 /* Make certain I only run on the appropriate processor */
236 set_cpus_allowed_ptr(current, cpumask_of(cpu));
237 }
238
239 /**
240 * kernel_restart - reboot the system
241 * @cmd: pointer to buffer containing command to execute for restart
242 * or %NULL
243 *
244 * Shutdown everything and perform a clean reboot.
245 * This is not safe to call in interrupt context.
246 */
kernel_restart(char * cmd)247 void kernel_restart(char *cmd)
248 {
249 kernel_restart_prepare(cmd);
250 migrate_to_reboot_cpu();
251 syscore_shutdown();
252 if (!cmd)
253 pr_emerg("Restarting system\n");
254 else
255 pr_emerg("Restarting system with command '%s'\n", cmd);
256 kmsg_dump(KMSG_DUMP_RESTART);
257 machine_restart(cmd);
258 }
259 EXPORT_SYMBOL_GPL(kernel_restart);
260
kernel_shutdown_prepare(enum system_states state)261 static void kernel_shutdown_prepare(enum system_states state)
262 {
263 blocking_notifier_call_chain(&reboot_notifier_list,
264 (state == SYSTEM_HALT) ? SYS_HALT : SYS_POWER_OFF, NULL);
265 system_state = state;
266 usermodehelper_disable();
267 device_shutdown();
268 }
269 /**
270 * kernel_halt - halt the system
271 *
272 * Shutdown everything and perform a clean system halt.
273 */
kernel_halt(void)274 void kernel_halt(void)
275 {
276 kernel_shutdown_prepare(SYSTEM_HALT);
277 migrate_to_reboot_cpu();
278 syscore_shutdown();
279 pr_emerg("System halted\n");
280 kmsg_dump(KMSG_DUMP_HALT);
281 machine_halt();
282 }
283 EXPORT_SYMBOL_GPL(kernel_halt);
284
285 /**
286 * kernel_power_off - power_off the system
287 *
288 * Shutdown everything and perform a clean system power_off.
289 */
kernel_power_off(void)290 void kernel_power_off(void)
291 {
292 kernel_shutdown_prepare(SYSTEM_POWER_OFF);
293 if (pm_power_off_prepare)
294 pm_power_off_prepare();
295 migrate_to_reboot_cpu();
296 syscore_shutdown();
297 pr_emerg("Power down\n");
298 kmsg_dump(KMSG_DUMP_POWEROFF);
299 machine_power_off();
300 }
301 EXPORT_SYMBOL_GPL(kernel_power_off);
302
303 DEFINE_MUTEX(system_transition_mutex);
304
305 /*
306 * Reboot system call: for obvious reasons only root may call it,
307 * and even root needs to set up some magic numbers in the registers
308 * so that some mistake won't make this reboot the whole machine.
309 * You can also set the meaning of the ctrl-alt-del-key here.
310 *
311 * reboot doesn't sync: do that yourself before calling this.
312 */
SYSCALL_DEFINE4(reboot,int,magic1,int,magic2,unsigned int,cmd,void __user *,arg)313 SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd,
314 void __user *, arg)
315 {
316 struct pid_namespace *pid_ns = task_active_pid_ns(current);
317 char buffer[256];
318 int ret = 0;
319
320 /* We only trust the superuser with rebooting the system. */
321 if (!ns_capable(pid_ns->user_ns, CAP_SYS_BOOT))
322 return -EPERM;
323
324 /* For safety, we require "magic" arguments. */
325 if (magic1 != LINUX_REBOOT_MAGIC1 ||
326 (magic2 != LINUX_REBOOT_MAGIC2 &&
327 magic2 != LINUX_REBOOT_MAGIC2A &&
328 magic2 != LINUX_REBOOT_MAGIC2B &&
329 magic2 != LINUX_REBOOT_MAGIC2C))
330 return -EINVAL;
331
332 /*
333 * If pid namespaces are enabled and the current task is in a child
334 * pid_namespace, the command is handled by reboot_pid_ns() which will
335 * call do_exit().
336 */
337 ret = reboot_pid_ns(pid_ns, cmd);
338 if (ret)
339 return ret;
340
341 /* Instead of trying to make the power_off code look like
342 * halt when pm_power_off is not set do it the easy way.
343 */
344 if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
345 cmd = LINUX_REBOOT_CMD_HALT;
346
347 mutex_lock(&system_transition_mutex);
348 switch (cmd) {
349 case LINUX_REBOOT_CMD_RESTART:
350 kernel_restart(NULL);
351 break;
352
353 case LINUX_REBOOT_CMD_CAD_ON:
354 C_A_D = 1;
355 break;
356
357 case LINUX_REBOOT_CMD_CAD_OFF:
358 C_A_D = 0;
359 break;
360
361 case LINUX_REBOOT_CMD_HALT:
362 kernel_halt();
363 do_exit(0);
364 panic("cannot halt");
365
366 case LINUX_REBOOT_CMD_POWER_OFF:
367 kernel_power_off();
368 do_exit(0);
369 break;
370
371 case LINUX_REBOOT_CMD_RESTART2:
372 ret = strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1);
373 if (ret < 0) {
374 ret = -EFAULT;
375 break;
376 }
377 buffer[sizeof(buffer) - 1] = '\0';
378
379 kernel_restart(buffer);
380 break;
381
382 #ifdef CONFIG_KEXEC_CORE
383 case LINUX_REBOOT_CMD_KEXEC:
384 ret = kernel_kexec();
385 break;
386 #endif
387
388 #ifdef CONFIG_HIBERNATION
389 case LINUX_REBOOT_CMD_SW_SUSPEND:
390 ret = hibernate();
391 break;
392 #endif
393
394 default:
395 ret = -EINVAL;
396 break;
397 }
398 mutex_unlock(&system_transition_mutex);
399 return ret;
400 }
401
deferred_cad(struct work_struct * dummy)402 static void deferred_cad(struct work_struct *dummy)
403 {
404 kernel_restart(NULL);
405 }
406
407 /*
408 * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
409 * As it's called within an interrupt, it may NOT sync: the only choice
410 * is whether to reboot at once, or just ignore the ctrl-alt-del.
411 */
ctrl_alt_del(void)412 void ctrl_alt_del(void)
413 {
414 static DECLARE_WORK(cad_work, deferred_cad);
415
416 if (C_A_D)
417 schedule_work(&cad_work);
418 else
419 kill_cad_pid(SIGINT, 1);
420 }
421
422 char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff";
423 static const char reboot_cmd[] = "/sbin/reboot";
424
run_cmd(const char * cmd)425 static int run_cmd(const char *cmd)
426 {
427 char **argv;
428 static char *envp[] = {
429 "HOME=/",
430 "PATH=/sbin:/bin:/usr/sbin:/usr/bin",
431 NULL
432 };
433 int ret;
434 argv = argv_split(GFP_KERNEL, cmd, NULL);
435 if (argv) {
436 ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);
437 argv_free(argv);
438 } else {
439 ret = -ENOMEM;
440 }
441
442 return ret;
443 }
444
__orderly_reboot(void)445 static int __orderly_reboot(void)
446 {
447 int ret;
448
449 ret = run_cmd(reboot_cmd);
450
451 if (ret) {
452 pr_warn("Failed to start orderly reboot: forcing the issue\n");
453 emergency_sync();
454 kernel_restart(NULL);
455 }
456
457 return ret;
458 }
459
__orderly_poweroff(bool force)460 static int __orderly_poweroff(bool force)
461 {
462 int ret;
463
464 ret = run_cmd(poweroff_cmd);
465
466 if (ret && force) {
467 pr_warn("Failed to start orderly shutdown: forcing the issue\n");
468
469 /*
470 * I guess this should try to kick off some daemon to sync and
471 * poweroff asap. Or not even bother syncing if we're doing an
472 * emergency shutdown?
473 */
474 emergency_sync();
475 kernel_power_off();
476 }
477
478 return ret;
479 }
480
481 static bool poweroff_force;
482
poweroff_work_func(struct work_struct * work)483 static void poweroff_work_func(struct work_struct *work)
484 {
485 __orderly_poweroff(poweroff_force);
486 }
487
488 static DECLARE_WORK(poweroff_work, poweroff_work_func);
489
490 /**
491 * orderly_poweroff - Trigger an orderly system poweroff
492 * @force: force poweroff if command execution fails
493 *
494 * This may be called from any context to trigger a system shutdown.
495 * If the orderly shutdown fails, it will force an immediate shutdown.
496 */
orderly_poweroff(bool force)497 void orderly_poweroff(bool force)
498 {
499 if (force) /* do not override the pending "true" */
500 poweroff_force = true;
501 schedule_work(&poweroff_work);
502 }
503 EXPORT_SYMBOL_GPL(orderly_poweroff);
504
reboot_work_func(struct work_struct * work)505 static void reboot_work_func(struct work_struct *work)
506 {
507 __orderly_reboot();
508 }
509
510 static DECLARE_WORK(reboot_work, reboot_work_func);
511
512 /**
513 * orderly_reboot - Trigger an orderly system reboot
514 *
515 * This may be called from any context to trigger a system reboot.
516 * If the orderly reboot fails, it will force an immediate reboot.
517 */
orderly_reboot(void)518 void orderly_reboot(void)
519 {
520 schedule_work(&reboot_work);
521 }
522 EXPORT_SYMBOL_GPL(orderly_reboot);
523
reboot_setup(char * str)524 static int __init reboot_setup(char *str)
525 {
526 for (;;) {
527 enum reboot_mode *mode;
528
529 /*
530 * Having anything passed on the command line via
531 * reboot= will cause us to disable DMI checking
532 * below.
533 */
534 reboot_default = 0;
535
536 if (!strncmp(str, "panic_", 6)) {
537 mode = &panic_reboot_mode;
538 str += 6;
539 } else {
540 mode = &reboot_mode;
541 }
542
543 switch (*str) {
544 case 'w':
545 *mode = REBOOT_WARM;
546 break;
547
548 case 'c':
549 *mode = REBOOT_COLD;
550 break;
551
552 case 'h':
553 *mode = REBOOT_HARD;
554 break;
555
556 case 's':
557 if (isdigit(*(str+1)))
558 reboot_cpu = simple_strtoul(str+1, NULL, 0);
559 else if (str[1] == 'm' && str[2] == 'p' &&
560 isdigit(*(str+3)))
561 reboot_cpu = simple_strtoul(str+3, NULL, 0);
562 else
563 *mode = REBOOT_SOFT;
564 if (reboot_cpu >= num_possible_cpus()) {
565 pr_err("Ignoring the CPU number in reboot= option. "
566 "CPU %d exceeds possible cpu number %d\n",
567 reboot_cpu, num_possible_cpus());
568 reboot_cpu = 0;
569 break;
570 }
571 break;
572
573 case 'g':
574 *mode = REBOOT_GPIO;
575 break;
576
577 case 'b':
578 case 'a':
579 case 'k':
580 case 't':
581 case 'e':
582 case 'p':
583 reboot_type = *str;
584 break;
585
586 case 'f':
587 reboot_force = 1;
588 break;
589 }
590
591 str = strchr(str, ',');
592 if (str)
593 str++;
594 else
595 break;
596 }
597 return 1;
598 }
599 __setup("reboot=", reboot_setup);
600