blob: bd30a973fe946b03916a1eeb873928adfe1b32b0
1 | /* |
2 | * linux/kernel/reboot.c |
3 | * |
4 | * Copyright (C) 2013 Linus Torvalds |
5 | */ |
6 | |
7 | #define pr_fmt(fmt) "reboot: " fmt |
8 | |
9 | #include <linux/ctype.h> |
10 | #include <linux/export.h> |
11 | #include <linux/kexec.h> |
12 | #include <linux/kmod.h> |
13 | #include <linux/kmsg_dump.h> |
14 | #include <linux/reboot.h> |
15 | #include <linux/suspend.h> |
16 | #include <linux/syscalls.h> |
17 | #include <linux/syscore_ops.h> |
18 | #include <linux/uaccess.h> |
19 | |
20 | /* |
21 | * this indicates whether you can reboot with ctrl-alt-del: the default is yes |
22 | */ |
23 | |
24 | int C_A_D = 1; |
25 | struct pid *cad_pid; |
26 | EXPORT_SYMBOL(cad_pid); |
27 | |
28 | #if defined(CONFIG_ARM) || defined(CONFIG_UNICORE32) |
29 | #define DEFAULT_REBOOT_MODE = REBOOT_HARD |
30 | #else |
31 | #define DEFAULT_REBOOT_MODE |
32 | #endif |
33 | enum reboot_mode reboot_mode DEFAULT_REBOOT_MODE; |
34 | |
35 | /* |
36 | * This variable is used privately to keep track of whether or not |
37 | * reboot_type is still set to its default value (i.e., reboot= hasn't |
38 | * been set on the command line). This is needed so that we can |
39 | * suppress DMI scanning for reboot quirks. Without it, it's |
40 | * impossible to override a faulty reboot quirk without recompiling. |
41 | */ |
42 | int reboot_default = 1; |
43 | int reboot_cpu; |
44 | enum reboot_type reboot_type = BOOT_ACPI; |
45 | int reboot_force; |
46 | |
47 | /* |
48 | * If set, this is used for preparing the system to power off. |
49 | */ |
50 | |
51 | void (*pm_power_off_prepare)(void); |
52 | |
53 | /** |
54 | * emergency_restart - reboot the system |
55 | * |
56 | * Without shutting down any hardware or taking any locks |
57 | * reboot the system. This is called when we know we are in |
58 | * trouble so this is our best effort to reboot. This is |
59 | * safe to call in interrupt context. |
60 | */ |
61 | void emergency_restart(void) |
62 | { |
63 | kmsg_dump(KMSG_DUMP_EMERG); |
64 | machine_emergency_restart(); |
65 | } |
66 | EXPORT_SYMBOL_GPL(emergency_restart); |
67 | |
68 | void kernel_restart_prepare(char *cmd) |
69 | { |
70 | blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd); |
71 | system_state = SYSTEM_RESTART; |
72 | usermodehelper_disable(); |
73 | device_shutdown(); |
74 | } |
75 | |
76 | /** |
77 | * register_reboot_notifier - Register function to be called at reboot time |
78 | * @nb: Info about notifier function to be called |
79 | * |
80 | * Registers a function with the list of functions |
81 | * to be called at reboot time. |
82 | * |
83 | * Currently always returns zero, as blocking_notifier_chain_register() |
84 | * always returns zero. |
85 | */ |
86 | int register_reboot_notifier(struct notifier_block *nb) |
87 | { |
88 | return blocking_notifier_chain_register(&reboot_notifier_list, nb); |
89 | } |
90 | EXPORT_SYMBOL(register_reboot_notifier); |
91 | |
92 | /** |
93 | * unregister_reboot_notifier - Unregister previously registered reboot notifier |
94 | * @nb: Hook to be unregistered |
95 | * |
96 | * Unregisters a previously registered reboot |
97 | * notifier function. |
98 | * |
99 | * Returns zero on success, or %-ENOENT on failure. |
100 | */ |
101 | int unregister_reboot_notifier(struct notifier_block *nb) |
102 | { |
103 | return blocking_notifier_chain_unregister(&reboot_notifier_list, nb); |
104 | } |
105 | EXPORT_SYMBOL(unregister_reboot_notifier); |
106 | |
107 | /* |
108 | * Notifier list for kernel code which wants to be called |
109 | * to restart the system. |
110 | */ |
111 | static ATOMIC_NOTIFIER_HEAD(restart_handler_list); |
112 | |
113 | /** |
114 | * register_restart_handler - Register function to be called to reset |
115 | * the system |
116 | * @nb: Info about handler function to be called |
117 | * @nb->priority: Handler priority. Handlers should follow the |
118 | * following guidelines for setting priorities. |
119 | * 0: Restart handler of last resort, |
120 | * with limited restart capabilities |
121 | * 128: Default restart handler; use if no other |
122 | * restart handler is expected to be available, |
123 | * and/or if restart functionality is |
124 | * sufficient to restart the entire system |
125 | * 255: Highest priority restart handler, will |
126 | * preempt all other restart handlers |
127 | * |
128 | * Registers a function with code to be called to restart the |
129 | * system. |
130 | * |
131 | * Registered functions will be called from machine_restart as last |
132 | * step of the restart sequence (if the architecture specific |
133 | * machine_restart function calls do_kernel_restart - see below |
134 | * for details). |
135 | * Registered functions are expected to restart the system immediately. |
136 | * If more than one function is registered, the restart handler priority |
137 | * selects which function will be called first. |
138 | * |
139 | * Restart handlers are expected to be registered from non-architecture |
140 | * code, typically from drivers. A typical use case would be a system |
141 | * where restart functionality is provided through a watchdog. Multiple |
142 | * restart handlers may exist; for example, one restart handler might |
143 | * restart the entire system, while another only restarts the CPU. |
144 | * In such cases, the restart handler which only restarts part of the |
145 | * hardware is expected to register with low priority to ensure that |
146 | * it only runs if no other means to restart the system is available. |
147 | * |
148 | * Currently always returns zero, as atomic_notifier_chain_register() |
149 | * always returns zero. |
150 | */ |
151 | int register_restart_handler(struct notifier_block *nb) |
152 | { |
153 | return atomic_notifier_chain_register(&restart_handler_list, nb); |
154 | } |
155 | EXPORT_SYMBOL(register_restart_handler); |
156 | |
157 | /** |
158 | * unregister_restart_handler - Unregister previously registered |
159 | * restart handler |
160 | * @nb: Hook to be unregistered |
161 | * |
162 | * Unregisters a previously registered restart handler function. |
163 | * |
164 | * Returns zero on success, or %-ENOENT on failure. |
165 | */ |
166 | int unregister_restart_handler(struct notifier_block *nb) |
167 | { |
168 | return atomic_notifier_chain_unregister(&restart_handler_list, nb); |
169 | } |
170 | EXPORT_SYMBOL(unregister_restart_handler); |
171 | |
172 | /** |
173 | * do_kernel_restart - Execute kernel restart handler call chain |
174 | * |
175 | * Calls functions registered with register_restart_handler. |
176 | * |
177 | * Expected to be called from machine_restart as last step of the restart |
178 | * sequence. |
179 | * |
180 | * Restarts the system immediately if a restart handler function has been |
181 | * registered. Otherwise does nothing. |
182 | */ |
183 | void do_kernel_restart(char *cmd) |
184 | { |
185 | atomic_notifier_call_chain(&restart_handler_list, reboot_mode, cmd); |
186 | } |
187 | |
188 | void migrate_to_reboot_cpu(void) |
189 | { |
190 | /* The boot cpu is always logical cpu 0 */ |
191 | int cpu = reboot_cpu; |
192 | |
193 | cpu_hotplug_disable(); |
194 | |
195 | /* Make certain the cpu I'm about to reboot on is online */ |
196 | if (!cpu_online(cpu)) |
197 | cpu = cpumask_first(cpu_online_mask); |
198 | |
199 | /* Prevent races with other tasks migrating this task */ |
200 | current->flags |= PF_NO_SETAFFINITY; |
201 | |
202 | /* Make certain I only run on the appropriate processor */ |
203 | set_cpus_allowed_ptr(current, cpumask_of(cpu)); |
204 | } |
205 | |
206 | /** |
207 | * kernel_restart - reboot the system |
208 | * @cmd: pointer to buffer containing command to execute for restart |
209 | * or %NULL |
210 | * |
211 | * Shutdown everything and perform a clean reboot. |
212 | * This is not safe to call in interrupt context. |
213 | */ |
214 | void kernel_restart(char *cmd) |
215 | { |
216 | kernel_restart_prepare(cmd); |
217 | migrate_to_reboot_cpu(); |
218 | syscore_shutdown(); |
219 | if (!cmd) |
220 | pr_emerg("Restarting system\n"); |
221 | else |
222 | pr_emerg("Restarting system with command '%s'\n", cmd); |
223 | kmsg_dump(KMSG_DUMP_RESTART); |
224 | machine_restart(cmd); |
225 | } |
226 | EXPORT_SYMBOL_GPL(kernel_restart); |
227 | |
228 | static void kernel_shutdown_prepare(enum system_states state) |
229 | { |
230 | blocking_notifier_call_chain(&reboot_notifier_list, |
231 | (state == SYSTEM_HALT) ? SYS_HALT : SYS_POWER_OFF, NULL); |
232 | system_state = state; |
233 | usermodehelper_disable(); |
234 | device_shutdown(); |
235 | } |
236 | /** |
237 | * kernel_halt - halt the system |
238 | * |
239 | * Shutdown everything and perform a clean system halt. |
240 | */ |
241 | void kernel_halt(void) |
242 | { |
243 | kernel_shutdown_prepare(SYSTEM_HALT); |
244 | migrate_to_reboot_cpu(); |
245 | syscore_shutdown(); |
246 | pr_emerg("System halted\n"); |
247 | kmsg_dump(KMSG_DUMP_HALT); |
248 | machine_halt(); |
249 | } |
250 | EXPORT_SYMBOL_GPL(kernel_halt); |
251 | |
252 | /** |
253 | * kernel_power_off - power_off the system |
254 | * |
255 | * Shutdown everything and perform a clean system power_off. |
256 | */ |
257 | void kernel_power_off(void) |
258 | { |
259 | kernel_shutdown_prepare(SYSTEM_POWER_OFF); |
260 | if (pm_power_off_prepare) |
261 | pm_power_off_prepare(); |
262 | migrate_to_reboot_cpu(); |
263 | syscore_shutdown(); |
264 | pr_emerg("Power down\n"); |
265 | kmsg_dump(KMSG_DUMP_POWEROFF); |
266 | machine_power_off(); |
267 | } |
268 | EXPORT_SYMBOL_GPL(kernel_power_off); |
269 | |
270 | static DEFINE_MUTEX(reboot_mutex); |
271 | |
272 | /* |
273 | * Reboot system call: for obvious reasons only root may call it, |
274 | * and even root needs to set up some magic numbers in the registers |
275 | * so that some mistake won't make this reboot the whole machine. |
276 | * You can also set the meaning of the ctrl-alt-del-key here. |
277 | * |
278 | * reboot doesn't sync: do that yourself before calling this. |
279 | */ |
280 | SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd, |
281 | void __user *, arg) |
282 | { |
283 | struct pid_namespace *pid_ns = task_active_pid_ns(current); |
284 | char buffer[256]; |
285 | int ret = 0; |
286 | |
287 | /* We only trust the superuser with rebooting the system. */ |
288 | if (!ns_capable(pid_ns->user_ns, CAP_SYS_BOOT)) |
289 | return -EPERM; |
290 | |
291 | /* For safety, we require "magic" arguments. */ |
292 | if (magic1 != LINUX_REBOOT_MAGIC1 || |
293 | (magic2 != LINUX_REBOOT_MAGIC2 && |
294 | magic2 != LINUX_REBOOT_MAGIC2A && |
295 | magic2 != LINUX_REBOOT_MAGIC2B && |
296 | magic2 != LINUX_REBOOT_MAGIC2C)) |
297 | return -EINVAL; |
298 | |
299 | /* |
300 | * If pid namespaces are enabled and the current task is in a child |
301 | * pid_namespace, the command is handled by reboot_pid_ns() which will |
302 | * call do_exit(). |
303 | */ |
304 | ret = reboot_pid_ns(pid_ns, cmd); |
305 | if (ret) |
306 | return ret; |
307 | |
308 | /* Instead of trying to make the power_off code look like |
309 | * halt when pm_power_off is not set do it the easy way. |
310 | */ |
311 | if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off) |
312 | cmd = LINUX_REBOOT_CMD_HALT; |
313 | |
314 | mutex_lock(&reboot_mutex); |
315 | switch (cmd) { |
316 | case LINUX_REBOOT_CMD_RESTART: |
317 | kernel_restart(NULL); |
318 | break; |
319 | |
320 | case LINUX_REBOOT_CMD_CAD_ON: |
321 | C_A_D = 1; |
322 | break; |
323 | |
324 | case LINUX_REBOOT_CMD_CAD_OFF: |
325 | C_A_D = 0; |
326 | break; |
327 | |
328 | case LINUX_REBOOT_CMD_HALT: |
329 | kernel_halt(); |
330 | do_exit(0); |
331 | panic("cannot halt"); |
332 | |
333 | case LINUX_REBOOT_CMD_POWER_OFF: |
334 | kernel_power_off(); |
335 | do_exit(0); |
336 | break; |
337 | |
338 | case LINUX_REBOOT_CMD_RESTART2: |
339 | ret = strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1); |
340 | if (ret < 0) { |
341 | ret = -EFAULT; |
342 | break; |
343 | } |
344 | buffer[sizeof(buffer) - 1] = '\0'; |
345 | |
346 | kernel_restart(buffer); |
347 | break; |
348 | |
349 | #ifdef CONFIG_KEXEC_CORE |
350 | case LINUX_REBOOT_CMD_KEXEC: |
351 | ret = kernel_kexec(); |
352 | break; |
353 | #endif |
354 | |
355 | #ifdef CONFIG_HIBERNATION |
356 | case LINUX_REBOOT_CMD_SW_SUSPEND: |
357 | ret = hibernate(); |
358 | break; |
359 | #endif |
360 | |
361 | default: |
362 | ret = -EINVAL; |
363 | break; |
364 | } |
365 | mutex_unlock(&reboot_mutex); |
366 | return ret; |
367 | } |
368 | |
369 | static void deferred_cad(struct work_struct *dummy) |
370 | { |
371 | kernel_restart(NULL); |
372 | } |
373 | |
374 | /* |
375 | * This function gets called by ctrl-alt-del - ie the keyboard interrupt. |
376 | * As it's called within an interrupt, it may NOT sync: the only choice |
377 | * is whether to reboot at once, or just ignore the ctrl-alt-del. |
378 | */ |
379 | void ctrl_alt_del(void) |
380 | { |
381 | static DECLARE_WORK(cad_work, deferred_cad); |
382 | |
383 | if (C_A_D) |
384 | schedule_work(&cad_work); |
385 | else |
386 | kill_cad_pid(SIGINT, 1); |
387 | } |
388 | |
389 | char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff"; |
390 | static const char reboot_cmd[] = "/sbin/reboot"; |
391 | |
392 | static int run_cmd(const char *cmd) |
393 | { |
394 | char **argv; |
395 | static char *envp[] = { |
396 | "HOME=/", |
397 | "PATH=/sbin:/bin:/usr/sbin:/usr/bin", |
398 | NULL |
399 | }; |
400 | int ret; |
401 | argv = argv_split(GFP_KERNEL, cmd, NULL); |
402 | if (argv) { |
403 | ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC); |
404 | argv_free(argv); |
405 | } else { |
406 | ret = -ENOMEM; |
407 | } |
408 | |
409 | return ret; |
410 | } |
411 | |
412 | static int __orderly_reboot(void) |
413 | { |
414 | int ret; |
415 | |
416 | ret = run_cmd(reboot_cmd); |
417 | |
418 | if (ret) { |
419 | pr_warn("Failed to start orderly reboot: forcing the issue\n"); |
420 | emergency_sync(); |
421 | kernel_restart(NULL); |
422 | } |
423 | |
424 | return ret; |
425 | } |
426 | |
427 | static int __orderly_poweroff(bool force) |
428 | { |
429 | int ret; |
430 | |
431 | ret = run_cmd(poweroff_cmd); |
432 | |
433 | if (ret && force) { |
434 | pr_warn("Failed to start orderly shutdown: forcing the issue\n"); |
435 | |
436 | /* |
437 | * I guess this should try to kick off some daemon to sync and |
438 | * poweroff asap. Or not even bother syncing if we're doing an |
439 | * emergency shutdown? |
440 | */ |
441 | emergency_sync(); |
442 | kernel_power_off(); |
443 | } |
444 | |
445 | return ret; |
446 | } |
447 | |
448 | static bool poweroff_force; |
449 | |
450 | static void poweroff_work_func(struct work_struct *work) |
451 | { |
452 | __orderly_poweroff(poweroff_force); |
453 | } |
454 | |
455 | static DECLARE_WORK(poweroff_work, poweroff_work_func); |
456 | |
457 | /** |
458 | * orderly_poweroff - Trigger an orderly system poweroff |
459 | * @force: force poweroff if command execution fails |
460 | * |
461 | * This may be called from any context to trigger a system shutdown. |
462 | * If the orderly shutdown fails, it will force an immediate shutdown. |
463 | */ |
464 | void orderly_poweroff(bool force) |
465 | { |
466 | if (force) /* do not override the pending "true" */ |
467 | poweroff_force = true; |
468 | schedule_work(&poweroff_work); |
469 | } |
470 | EXPORT_SYMBOL_GPL(orderly_poweroff); |
471 | |
472 | static void reboot_work_func(struct work_struct *work) |
473 | { |
474 | __orderly_reboot(); |
475 | } |
476 | |
477 | static DECLARE_WORK(reboot_work, reboot_work_func); |
478 | |
479 | /** |
480 | * orderly_reboot - Trigger an orderly system reboot |
481 | * |
482 | * This may be called from any context to trigger a system reboot. |
483 | * If the orderly reboot fails, it will force an immediate reboot. |
484 | */ |
485 | void orderly_reboot(void) |
486 | { |
487 | schedule_work(&reboot_work); |
488 | } |
489 | EXPORT_SYMBOL_GPL(orderly_reboot); |
490 | |
491 | static int __init reboot_setup(char *str) |
492 | { |
493 | for (;;) { |
494 | /* |
495 | * Having anything passed on the command line via |
496 | * reboot= will cause us to disable DMI checking |
497 | * below. |
498 | */ |
499 | reboot_default = 0; |
500 | |
501 | switch (*str) { |
502 | case 'w': |
503 | reboot_mode = REBOOT_WARM; |
504 | break; |
505 | |
506 | case 'c': |
507 | reboot_mode = REBOOT_COLD; |
508 | break; |
509 | |
510 | case 'h': |
511 | reboot_mode = REBOOT_HARD; |
512 | break; |
513 | |
514 | case 's': |
515 | { |
516 | int rc; |
517 | |
518 | if (isdigit(*(str+1))) { |
519 | rc = kstrtoint(str+1, 0, &reboot_cpu); |
520 | if (rc) |
521 | return rc; |
522 | } else if (str[1] == 'm' && str[2] == 'p' && |
523 | isdigit(*(str+3))) { |
524 | rc = kstrtoint(str+3, 0, &reboot_cpu); |
525 | if (rc) |
526 | return rc; |
527 | } else |
528 | reboot_mode = REBOOT_SOFT; |
529 | break; |
530 | } |
531 | case 'g': |
532 | reboot_mode = REBOOT_GPIO; |
533 | break; |
534 | |
535 | case 'b': |
536 | case 'a': |
537 | case 'k': |
538 | case 't': |
539 | case 'e': |
540 | case 'p': |
541 | reboot_type = *str; |
542 | break; |
543 | |
544 | case 'f': |
545 | reboot_force = 1; |
546 | break; |
547 | } |
548 | |
549 | str = strchr(str, ','); |
550 | if (str) |
551 | str++; |
552 | else |
553 | break; |
554 | } |
555 | return 1; |
556 | } |
557 | __setup("reboot=", reboot_setup); |
558 |