crash.c 14 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592
  1. // SPDX-License-Identifier: GPL-2.0-only
  2. /*
  3. * Architecture specific (PPC64) functions for kexec based crash dumps.
  4. *
  5. * Copyright (C) 2005, IBM Corp.
  6. *
  7. * Created by: Haren Myneni
  8. */
  9. #include <linux/kernel.h>
  10. #include <linux/smp.h>
  11. #include <linux/reboot.h>
  12. #include <linux/kexec.h>
  13. #include <linux/export.h>
  14. #include <linux/crash_dump.h>
  15. #include <linux/delay.h>
  16. #include <linux/irq.h>
  17. #include <linux/types.h>
  18. #include <linux/libfdt.h>
  19. #include <linux/memory.h>
  20. #include <asm/processor.h>
  21. #include <asm/machdep.h>
  22. #include <asm/kexec.h>
  23. #include <asm/smp.h>
  24. #include <asm/setjmp.h>
  25. #include <asm/debug.h>
  26. #include <asm/interrupt.h>
  27. #include <asm/kexec_ranges.h>
  28. /*
  29. * The primary CPU waits a while for all secondary CPUs to enter. This is to
  30. * avoid sending an IPI if the secondary CPUs are entering
  31. * crash_kexec_secondary on their own (eg via a system reset).
  32. *
  33. * The secondary timeout has to be longer than the primary. Both timeouts are
  34. * in milliseconds.
  35. */
  36. #define PRIMARY_TIMEOUT 500
  37. #define SECONDARY_TIMEOUT 1000
  38. #define IPI_TIMEOUT 10000
  39. #define REAL_MODE_TIMEOUT 10000
  40. static int time_to_dump;
  41. /*
  42. * In case of system reset, secondary CPUs enter crash_kexec_secondary with out
  43. * having to send an IPI explicitly. So, indicate if the crash is via
  44. * system reset to avoid sending another IPI.
  45. */
  46. static int is_via_system_reset;
  47. /*
  48. * crash_wake_offline should be set to 1 by platforms that intend to wake
  49. * up offline cpus prior to jumping to a kdump kernel. Currently powernv
  50. * sets it to 1, since we want to avoid things from happening when an
  51. * offline CPU wakes up due to something like an HMI (malfunction error),
  52. * which propagates to all threads.
  53. */
  54. int crash_wake_offline;
  55. #define CRASH_HANDLER_MAX 3
  56. /* List of shutdown handles */
  57. static crash_shutdown_t crash_shutdown_handles[CRASH_HANDLER_MAX];
  58. static DEFINE_SPINLOCK(crash_handlers_lock);
  59. static unsigned long crash_shutdown_buf[JMP_BUF_LEN];
  60. static int crash_shutdown_cpu = -1;
  61. static int handle_fault(struct pt_regs *regs)
  62. {
  63. if (crash_shutdown_cpu == smp_processor_id())
  64. longjmp(crash_shutdown_buf, 1);
  65. return 0;
  66. }
  67. #ifdef CONFIG_SMP
  68. static atomic_t cpus_in_crash;
  69. void crash_ipi_callback(struct pt_regs *regs)
  70. {
  71. static cpumask_t cpus_state_saved = CPU_MASK_NONE;
  72. int cpu = smp_processor_id();
  73. hard_irq_disable();
  74. if (!cpumask_test_cpu(cpu, &cpus_state_saved)) {
  75. crash_save_cpu(regs, cpu);
  76. cpumask_set_cpu(cpu, &cpus_state_saved);
  77. }
  78. atomic_inc(&cpus_in_crash);
  79. smp_mb__after_atomic();
  80. /*
  81. * Starting the kdump boot.
  82. * This barrier is needed to make sure that all CPUs are stopped.
  83. */
  84. while (!time_to_dump)
  85. cpu_relax();
  86. if (ppc_md.kexec_cpu_down)
  87. ppc_md.kexec_cpu_down(1, 1);
  88. #ifdef CONFIG_PPC64
  89. kexec_smp_wait();
  90. #else
  91. for (;;); /* FIXME */
  92. #endif
  93. /* NOTREACHED */
  94. }
  95. static void crash_kexec_prepare_cpus(void)
  96. {
  97. unsigned int msecs;
  98. volatile unsigned int ncpus = num_online_cpus() - 1;/* Excluding the panic cpu */
  99. volatile int tries = 0;
  100. int (*old_handler)(struct pt_regs *regs);
  101. printk(KERN_EMERG "Sending IPI to other CPUs\n");
  102. if (crash_wake_offline)
  103. ncpus = num_present_cpus() - 1;
  104. /*
  105. * If we came in via system reset, secondaries enter via crash_kexec_secondary().
  106. * So, wait a while for the secondary CPUs to enter for that case.
  107. * Else, send IPI to all other CPUs.
  108. */
  109. if (is_via_system_reset)
  110. mdelay(PRIMARY_TIMEOUT);
  111. else
  112. crash_send_ipi(crash_ipi_callback);
  113. smp_wmb();
  114. again:
  115. /*
  116. * FIXME: Until we will have the way to stop other CPUs reliably,
  117. * the crash CPU will send an IPI and wait for other CPUs to
  118. * respond.
  119. */
  120. msecs = IPI_TIMEOUT;
  121. while ((atomic_read(&cpus_in_crash) < ncpus) && (--msecs > 0))
  122. mdelay(1);
  123. /* Would it be better to replace the trap vector here? */
  124. if (atomic_read(&cpus_in_crash) >= ncpus) {
  125. printk(KERN_EMERG "IPI complete\n");
  126. return;
  127. }
  128. printk(KERN_EMERG "ERROR: %d cpu(s) not responding\n",
  129. ncpus - atomic_read(&cpus_in_crash));
  130. /*
  131. * If we have a panic timeout set then we can't wait indefinitely
  132. * for someone to activate system reset. We also give up on the
  133. * second time through if system reset fail to work.
  134. */
  135. if ((panic_timeout > 0) || (tries > 0))
  136. return;
  137. /*
  138. * A system reset will cause all CPUs to take an 0x100 exception.
  139. * The primary CPU returns here via setjmp, and the secondary
  140. * CPUs reexecute the crash_kexec_secondary path.
  141. */
  142. old_handler = __debugger;
  143. __debugger = handle_fault;
  144. crash_shutdown_cpu = smp_processor_id();
  145. if (setjmp(crash_shutdown_buf) == 0) {
  146. printk(KERN_EMERG "Activate system reset (dumprestart) "
  147. "to stop other cpu(s)\n");
  148. /*
  149. * A system reset will force all CPUs to execute the
  150. * crash code again. We need to reset cpus_in_crash so we
  151. * wait for everyone to do this.
  152. */
  153. atomic_set(&cpus_in_crash, 0);
  154. smp_mb();
  155. while (atomic_read(&cpus_in_crash) < ncpus)
  156. cpu_relax();
  157. }
  158. crash_shutdown_cpu = -1;
  159. __debugger = old_handler;
  160. tries++;
  161. goto again;
  162. }
  163. /*
  164. * This function will be called by secondary cpus.
  165. */
  166. void crash_kexec_secondary(struct pt_regs *regs)
  167. {
  168. unsigned long flags;
  169. int msecs = SECONDARY_TIMEOUT;
  170. local_irq_save(flags);
  171. /* Wait for the primary crash CPU to signal its progress */
  172. while (crashing_cpu < 0) {
  173. if (--msecs < 0) {
  174. /* No response, kdump image may not have been loaded */
  175. local_irq_restore(flags);
  176. return;
  177. }
  178. mdelay(1);
  179. }
  180. crash_ipi_callback(regs);
  181. }
  182. #else /* ! CONFIG_SMP */
  183. static void crash_kexec_prepare_cpus(void)
  184. {
  185. /*
  186. * move the secondaries to us so that we can copy
  187. * the new kernel 0-0x100 safely
  188. *
  189. * do this if kexec in setup.c ?
  190. */
  191. #ifdef CONFIG_PPC64
  192. smp_release_cpus();
  193. #else
  194. /* FIXME */
  195. #endif
  196. }
  197. void crash_kexec_secondary(struct pt_regs *regs)
  198. {
  199. }
  200. #endif /* CONFIG_SMP */
  201. /* wait for all the CPUs to hit real mode but timeout if they don't come in */
  202. #if defined(CONFIG_SMP) && defined(CONFIG_PPC64)
  203. noinstr static void __maybe_unused crash_kexec_wait_realmode(int cpu)
  204. {
  205. unsigned int msecs;
  206. int i;
  207. msecs = REAL_MODE_TIMEOUT;
  208. for (i=0; i < nr_cpu_ids && msecs > 0; i++) {
  209. if (i == cpu)
  210. continue;
  211. while (paca_ptrs[i]->kexec_state < KEXEC_STATE_REAL_MODE) {
  212. barrier();
  213. if (!cpu_possible(i) || !cpu_online(i) || (msecs <= 0))
  214. break;
  215. msecs--;
  216. mdelay(1);
  217. }
  218. }
  219. mb();
  220. }
  221. #else
  222. static inline void crash_kexec_wait_realmode(int cpu) {}
  223. #endif /* CONFIG_SMP && CONFIG_PPC64 */
  224. void crash_kexec_prepare(void)
  225. {
  226. /* Avoid hardlocking with irresponsive CPU holding logbuf_lock */
  227. printk_deferred_enter();
  228. /*
  229. * This function is only called after the system
  230. * has panicked or is otherwise in a critical state.
  231. * The minimum amount of code to allow a kexec'd kernel
  232. * to run successfully needs to happen here.
  233. *
  234. * In practice this means stopping other cpus in
  235. * an SMP system.
  236. * The kernel is broken so disable interrupts.
  237. */
  238. hard_irq_disable();
  239. /*
  240. * Make a note of crashing cpu. Will be used in machine_kexec
  241. * such that another IPI will not be sent.
  242. */
  243. crashing_cpu = smp_processor_id();
  244. crash_kexec_prepare_cpus();
  245. }
  246. /*
  247. * Register a function to be called on shutdown. Only use this if you
  248. * can't reset your device in the second kernel.
  249. */
  250. int crash_shutdown_register(crash_shutdown_t handler)
  251. {
  252. unsigned int i, rc;
  253. spin_lock(&crash_handlers_lock);
  254. for (i = 0 ; i < CRASH_HANDLER_MAX; i++)
  255. if (!crash_shutdown_handles[i]) {
  256. /* Insert handle at first empty entry */
  257. crash_shutdown_handles[i] = handler;
  258. rc = 0;
  259. break;
  260. }
  261. if (i == CRASH_HANDLER_MAX) {
  262. printk(KERN_ERR "Crash shutdown handles full, "
  263. "not registered.\n");
  264. rc = 1;
  265. }
  266. spin_unlock(&crash_handlers_lock);
  267. return rc;
  268. }
  269. EXPORT_SYMBOL(crash_shutdown_register);
  270. int crash_shutdown_unregister(crash_shutdown_t handler)
  271. {
  272. unsigned int i, rc;
  273. spin_lock(&crash_handlers_lock);
  274. for (i = 0 ; i < CRASH_HANDLER_MAX; i++)
  275. if (crash_shutdown_handles[i] == handler)
  276. break;
  277. if (i == CRASH_HANDLER_MAX) {
  278. printk(KERN_ERR "Crash shutdown handle not found\n");
  279. rc = 1;
  280. } else {
  281. /* Shift handles down */
  282. for (; i < (CRASH_HANDLER_MAX - 1); i++)
  283. crash_shutdown_handles[i] =
  284. crash_shutdown_handles[i+1];
  285. /*
  286. * Reset last entry to NULL now that it has been shifted down,
  287. * this will allow new handles to be added here.
  288. */
  289. crash_shutdown_handles[i] = NULL;
  290. rc = 0;
  291. }
  292. spin_unlock(&crash_handlers_lock);
  293. return rc;
  294. }
  295. EXPORT_SYMBOL(crash_shutdown_unregister);
  296. void default_machine_crash_shutdown(struct pt_regs *regs)
  297. {
  298. volatile unsigned int i;
  299. int (*old_handler)(struct pt_regs *regs);
  300. if (TRAP(regs) == INTERRUPT_SYSTEM_RESET)
  301. is_via_system_reset = 1;
  302. if (IS_ENABLED(CONFIG_SMP))
  303. crash_smp_send_stop();
  304. else
  305. crash_kexec_prepare();
  306. crash_save_cpu(regs, crashing_cpu);
  307. time_to_dump = 1;
  308. crash_kexec_wait_realmode(crashing_cpu);
  309. machine_kexec_mask_interrupts();
  310. /*
  311. * Call registered shutdown routines safely. Swap out
  312. * __debugger_fault_handler, and replace on exit.
  313. */
  314. old_handler = __debugger_fault_handler;
  315. __debugger_fault_handler = handle_fault;
  316. crash_shutdown_cpu = smp_processor_id();
  317. for (i = 0; i < CRASH_HANDLER_MAX && crash_shutdown_handles[i]; i++) {
  318. if (setjmp(crash_shutdown_buf) == 0) {
  319. /*
  320. * Insert syncs and delay to ensure
  321. * instructions in the dangerous region don't
  322. * leak away from this protected region.
  323. */
  324. asm volatile("sync; isync");
  325. /* dangerous region */
  326. crash_shutdown_handles[i]();
  327. asm volatile("sync; isync");
  328. }
  329. }
  330. crash_shutdown_cpu = -1;
  331. __debugger_fault_handler = old_handler;
  332. if (ppc_md.kexec_cpu_down)
  333. ppc_md.kexec_cpu_down(1, 0);
  334. }
  335. #ifdef CONFIG_CRASH_HOTPLUG
  336. #undef pr_fmt
  337. #define pr_fmt(fmt) "crash hp: " fmt
  338. /*
  339. * Advertise preferred elfcorehdr size to userspace via
  340. * /sys/kernel/crash_elfcorehdr_size sysfs interface.
  341. */
  342. unsigned int arch_crash_get_elfcorehdr_size(void)
  343. {
  344. unsigned long phdr_cnt;
  345. /* A program header for possible CPUs + vmcoreinfo */
  346. phdr_cnt = num_possible_cpus() + 1;
  347. if (IS_ENABLED(CONFIG_MEMORY_HOTPLUG))
  348. phdr_cnt += CONFIG_CRASH_MAX_MEMORY_RANGES;
  349. return sizeof(struct elfhdr) + (phdr_cnt * sizeof(Elf64_Phdr));
  350. }
  351. /**
  352. * update_crash_elfcorehdr() - Recreate the elfcorehdr and replace it with old
  353. * elfcorehdr in the kexec segment array.
  354. * @image: the active struct kimage
  355. * @mn: struct memory_notify data handler
  356. */
  357. static void update_crash_elfcorehdr(struct kimage *image, struct memory_notify *mn)
  358. {
  359. int ret;
  360. struct crash_mem *cmem = NULL;
  361. struct kexec_segment *ksegment;
  362. void *ptr, *mem, *elfbuf = NULL;
  363. unsigned long elfsz, memsz, base_addr, size;
  364. ksegment = &image->segment[image->elfcorehdr_index];
  365. mem = (void *) ksegment->mem;
  366. memsz = ksegment->memsz;
  367. ret = get_crash_memory_ranges(&cmem);
  368. if (ret) {
  369. pr_err("Failed to get crash mem range\n");
  370. return;
  371. }
  372. /*
  373. * The hot unplugged memory is part of crash memory ranges,
  374. * remove it here.
  375. */
  376. if (image->hp_action == KEXEC_CRASH_HP_REMOVE_MEMORY) {
  377. base_addr = PFN_PHYS(mn->start_pfn);
  378. size = mn->nr_pages * PAGE_SIZE;
  379. ret = remove_mem_range(&cmem, base_addr, size);
  380. if (ret) {
  381. pr_err("Failed to remove hot-unplugged memory from crash memory ranges\n");
  382. goto out;
  383. }
  384. }
  385. ret = crash_prepare_elf64_headers(cmem, false, &elfbuf, &elfsz);
  386. if (ret) {
  387. pr_err("Failed to prepare elf header\n");
  388. goto out;
  389. }
  390. /*
  391. * It is unlikely that kernel hit this because elfcorehdr kexec
  392. * segment (memsz) is built with addition space to accommodate growing
  393. * number of crash memory ranges while loading the kdump kernel. It is
  394. * Just to avoid any unforeseen case.
  395. */
  396. if (elfsz > memsz) {
  397. pr_err("Updated crash elfcorehdr elfsz %lu > memsz %lu", elfsz, memsz);
  398. goto out;
  399. }
  400. ptr = __va(mem);
  401. if (ptr) {
  402. /* Temporarily invalidate the crash image while it is replaced */
  403. xchg(&kexec_crash_image, NULL);
  404. /* Replace the old elfcorehdr with newly prepared elfcorehdr */
  405. memcpy((void *)ptr, elfbuf, elfsz);
  406. /* The crash image is now valid once again */
  407. xchg(&kexec_crash_image, image);
  408. }
  409. out:
  410. kvfree(cmem);
  411. kvfree(elfbuf);
  412. }
  413. /**
  414. * get_fdt_index - Loop through the kexec segment array and find
  415. * the index of the FDT segment.
  416. * @image: a pointer to kexec_crash_image
  417. *
  418. * Returns the index of FDT segment in the kexec segment array
  419. * if found; otherwise -1.
  420. */
  421. static int get_fdt_index(struct kimage *image)
  422. {
  423. void *ptr;
  424. unsigned long mem;
  425. int i, fdt_index = -1;
  426. /* Find the FDT segment index in kexec segment array. */
  427. for (i = 0; i < image->nr_segments; i++) {
  428. mem = image->segment[i].mem;
  429. ptr = __va(mem);
  430. if (ptr && fdt_magic(ptr) == FDT_MAGIC) {
  431. fdt_index = i;
  432. break;
  433. }
  434. }
  435. return fdt_index;
  436. }
  437. /**
  438. * update_crash_fdt - updates the cpus node of the crash FDT.
  439. *
  440. * @image: a pointer to kexec_crash_image
  441. */
  442. static void update_crash_fdt(struct kimage *image)
  443. {
  444. void *fdt;
  445. int fdt_index;
  446. fdt_index = get_fdt_index(image);
  447. if (fdt_index < 0) {
  448. pr_err("Unable to locate FDT segment.\n");
  449. return;
  450. }
  451. fdt = __va((void *)image->segment[fdt_index].mem);
  452. /* Temporarily invalidate the crash image while it is replaced */
  453. xchg(&kexec_crash_image, NULL);
  454. /* update FDT to reflect changes in CPU resources */
  455. if (update_cpus_node(fdt))
  456. pr_err("Failed to update crash FDT");
  457. /* The crash image is now valid once again */
  458. xchg(&kexec_crash_image, image);
  459. }
  460. int arch_crash_hotplug_support(struct kimage *image, unsigned long kexec_flags)
  461. {
  462. #ifdef CONFIG_KEXEC_FILE
  463. if (image->file_mode)
  464. return 1;
  465. #endif
  466. return kexec_flags & KEXEC_CRASH_HOTPLUG_SUPPORT;
  467. }
  468. /**
  469. * arch_crash_handle_hotplug_event - Handle crash CPU/Memory hotplug events to update the
  470. * necessary kexec segments based on the hotplug event.
  471. * @image: a pointer to kexec_crash_image
  472. * @arg: struct memory_notify handler for memory hotplug case and NULL for CPU hotplug case.
  473. *
  474. * Update the kdump image based on the type of hotplug event, represented by image->hp_action.
  475. * CPU add: Update the FDT segment to include the newly added CPU.
  476. * CPU remove: No action is needed, with the assumption that it's okay to have offline CPUs
  477. * part of the FDT.
  478. * Memory add/remove: No action is taken as this is not yet supported.
  479. */
  480. void arch_crash_handle_hotplug_event(struct kimage *image, void *arg)
  481. {
  482. struct memory_notify *mn;
  483. switch (image->hp_action) {
  484. case KEXEC_CRASH_HP_REMOVE_CPU:
  485. return;
  486. case KEXEC_CRASH_HP_ADD_CPU:
  487. update_crash_fdt(image);
  488. break;
  489. case KEXEC_CRASH_HP_REMOVE_MEMORY:
  490. case KEXEC_CRASH_HP_ADD_MEMORY:
  491. mn = (struct memory_notify *)arg;
  492. update_crash_elfcorehdr(image, mn);
  493. return;
  494. default:
  495. pr_warn_once("Unknown hotplug action\n");
  496. }
  497. }
  498. #endif /* CONFIG_CRASH_HOTPLUG */