xref: /openbmc/linux/kernel/reboot.c (revision 972ee83df88a7fd84c228a31b4f9611299898984) 
115d94b82SRobin Holt /*
215d94b82SRobin Holt  *  linux/kernel/reboot.c
315d94b82SRobin Holt  *
415d94b82SRobin Holt  *  Copyright (C) 2013  Linus Torvalds
515d94b82SRobin Holt  */
615d94b82SRobin Holt 
7*972ee83dSRobin Holt #define pr_fmt(fmt)	"reboot: " fmt
8*972ee83dSRobin Holt 
915d94b82SRobin Holt #include <linux/export.h>
1015d94b82SRobin Holt #include <linux/kexec.h>
1115d94b82SRobin Holt #include <linux/kmod.h>
1215d94b82SRobin Holt #include <linux/kmsg_dump.h>
1315d94b82SRobin Holt #include <linux/reboot.h>
1415d94b82SRobin Holt #include <linux/suspend.h>
1515d94b82SRobin Holt #include <linux/syscalls.h>
1615d94b82SRobin Holt #include <linux/syscore_ops.h>
1715d94b82SRobin Holt #include <linux/uaccess.h>
1815d94b82SRobin Holt 
1915d94b82SRobin Holt /*
2015d94b82SRobin Holt  * this indicates whether you can reboot with ctrl-alt-del: the default is yes
2115d94b82SRobin Holt  */
2215d94b82SRobin Holt 
2315d94b82SRobin Holt int C_A_D = 1;
2415d94b82SRobin Holt struct pid *cad_pid;
2515d94b82SRobin Holt EXPORT_SYMBOL(cad_pid);
2615d94b82SRobin Holt 
2715d94b82SRobin Holt /*
2815d94b82SRobin Holt  * If set, this is used for preparing the system to power off.
2915d94b82SRobin Holt  */
3015d94b82SRobin Holt 
3115d94b82SRobin Holt void (*pm_power_off_prepare)(void);
3215d94b82SRobin Holt 
3315d94b82SRobin Holt /**
3415d94b82SRobin Holt  *	emergency_restart - reboot the system
3515d94b82SRobin Holt  *
3615d94b82SRobin Holt  *	Without shutting down any hardware or taking any locks
3715d94b82SRobin Holt  *	reboot the system.  This is called when we know we are in
3815d94b82SRobin Holt  *	trouble so this is our best effort to reboot.  This is
3915d94b82SRobin Holt  *	safe to call in interrupt context.
4015d94b82SRobin Holt  */
4115d94b82SRobin Holt void emergency_restart(void)
4215d94b82SRobin Holt {
4315d94b82SRobin Holt 	kmsg_dump(KMSG_DUMP_EMERG);
4415d94b82SRobin Holt 	machine_emergency_restart();
4515d94b82SRobin Holt }
4615d94b82SRobin Holt EXPORT_SYMBOL_GPL(emergency_restart);
4715d94b82SRobin Holt 
4815d94b82SRobin Holt void kernel_restart_prepare(char *cmd)
4915d94b82SRobin Holt {
5015d94b82SRobin Holt 	blocking_notifier_call_chain(&reboot_notifier_list, SYS_RESTART, cmd);
5115d94b82SRobin Holt 	system_state = SYSTEM_RESTART;
5215d94b82SRobin Holt 	usermodehelper_disable();
5315d94b82SRobin Holt 	device_shutdown();
5415d94b82SRobin Holt }
5515d94b82SRobin Holt 
5615d94b82SRobin Holt /**
5715d94b82SRobin Holt  *	register_reboot_notifier - Register function to be called at reboot time
5815d94b82SRobin Holt  *	@nb: Info about notifier function to be called
5915d94b82SRobin Holt  *
6015d94b82SRobin Holt  *	Registers a function with the list of functions
6115d94b82SRobin Holt  *	to be called at reboot time.
6215d94b82SRobin Holt  *
6315d94b82SRobin Holt  *	Currently always returns zero, as blocking_notifier_chain_register()
6415d94b82SRobin Holt  *	always returns zero.
6515d94b82SRobin Holt  */
6615d94b82SRobin Holt int register_reboot_notifier(struct notifier_block *nb)
6715d94b82SRobin Holt {
6815d94b82SRobin Holt 	return blocking_notifier_chain_register(&reboot_notifier_list, nb);
6915d94b82SRobin Holt }
7015d94b82SRobin Holt EXPORT_SYMBOL(register_reboot_notifier);
7115d94b82SRobin Holt 
7215d94b82SRobin Holt /**
7315d94b82SRobin Holt  *	unregister_reboot_notifier - Unregister previously registered reboot notifier
7415d94b82SRobin Holt  *	@nb: Hook to be unregistered
7515d94b82SRobin Holt  *
7615d94b82SRobin Holt  *	Unregisters a previously registered reboot
7715d94b82SRobin Holt  *	notifier function.
7815d94b82SRobin Holt  *
7915d94b82SRobin Holt  *	Returns zero on success, or %-ENOENT on failure.
8015d94b82SRobin Holt  */
8115d94b82SRobin Holt int unregister_reboot_notifier(struct notifier_block *nb)
8215d94b82SRobin Holt {
8315d94b82SRobin Holt 	return blocking_notifier_chain_unregister(&reboot_notifier_list, nb);
8415d94b82SRobin Holt }
8515d94b82SRobin Holt EXPORT_SYMBOL(unregister_reboot_notifier);
8615d94b82SRobin Holt 
8715d94b82SRobin Holt static void migrate_to_reboot_cpu(void)
8815d94b82SRobin Holt {
8915d94b82SRobin Holt 	/* The boot cpu is always logical cpu 0 */
9015d94b82SRobin Holt 	int cpu = 0;
9115d94b82SRobin Holt 
9215d94b82SRobin Holt 	cpu_hotplug_disable();
9315d94b82SRobin Holt 
9415d94b82SRobin Holt 	/* Make certain the cpu I'm about to reboot on is online */
9515d94b82SRobin Holt 	if (!cpu_online(cpu))
9615d94b82SRobin Holt 		cpu = cpumask_first(cpu_online_mask);
9715d94b82SRobin Holt 
9815d94b82SRobin Holt 	/* Prevent races with other tasks migrating this task */
9915d94b82SRobin Holt 	current->flags |= PF_NO_SETAFFINITY;
10015d94b82SRobin Holt 
10115d94b82SRobin Holt 	/* Make certain I only run on the appropriate processor */
10215d94b82SRobin Holt 	set_cpus_allowed_ptr(current, cpumask_of(cpu));
10315d94b82SRobin Holt }
10415d94b82SRobin Holt 
10515d94b82SRobin Holt /**
10615d94b82SRobin Holt  *	kernel_restart - reboot the system
10715d94b82SRobin Holt  *	@cmd: pointer to buffer containing command to execute for restart
10815d94b82SRobin Holt  *		or %NULL
10915d94b82SRobin Holt  *
11015d94b82SRobin Holt  *	Shutdown everything and perform a clean reboot.
11115d94b82SRobin Holt  *	This is not safe to call in interrupt context.
11215d94b82SRobin Holt  */
11315d94b82SRobin Holt void kernel_restart(char *cmd)
11415d94b82SRobin Holt {
11515d94b82SRobin Holt 	kernel_restart_prepare(cmd);
11615d94b82SRobin Holt 	migrate_to_reboot_cpu();
11715d94b82SRobin Holt 	syscore_shutdown();
11815d94b82SRobin Holt 	if (!cmd)
119*972ee83dSRobin Holt 		pr_emerg("Restarting system\n");
12015d94b82SRobin Holt 	else
121*972ee83dSRobin Holt 		pr_emerg("Restarting system with command '%s'\n", cmd);
12215d94b82SRobin Holt 	kmsg_dump(KMSG_DUMP_RESTART);
12315d94b82SRobin Holt 	machine_restart(cmd);
12415d94b82SRobin Holt }
12515d94b82SRobin Holt EXPORT_SYMBOL_GPL(kernel_restart);
12615d94b82SRobin Holt 
12715d94b82SRobin Holt static void kernel_shutdown_prepare(enum system_states state)
12815d94b82SRobin Holt {
12915d94b82SRobin Holt 	blocking_notifier_call_chain(&reboot_notifier_list,
13015d94b82SRobin Holt 		(state == SYSTEM_HALT) ? SYS_HALT : SYS_POWER_OFF, NULL);
13115d94b82SRobin Holt 	system_state = state;
13215d94b82SRobin Holt 	usermodehelper_disable();
13315d94b82SRobin Holt 	device_shutdown();
13415d94b82SRobin Holt }
13515d94b82SRobin Holt /**
13615d94b82SRobin Holt  *	kernel_halt - halt the system
13715d94b82SRobin Holt  *
13815d94b82SRobin Holt  *	Shutdown everything and perform a clean system halt.
13915d94b82SRobin Holt  */
14015d94b82SRobin Holt void kernel_halt(void)
14115d94b82SRobin Holt {
14215d94b82SRobin Holt 	kernel_shutdown_prepare(SYSTEM_HALT);
14315d94b82SRobin Holt 	migrate_to_reboot_cpu();
14415d94b82SRobin Holt 	syscore_shutdown();
145*972ee83dSRobin Holt 	pr_emerg("System halted\n");
14615d94b82SRobin Holt 	kmsg_dump(KMSG_DUMP_HALT);
14715d94b82SRobin Holt 	machine_halt();
14815d94b82SRobin Holt }
14915d94b82SRobin Holt EXPORT_SYMBOL_GPL(kernel_halt);
15015d94b82SRobin Holt 
15115d94b82SRobin Holt /**
15215d94b82SRobin Holt  *	kernel_power_off - power_off the system
15315d94b82SRobin Holt  *
15415d94b82SRobin Holt  *	Shutdown everything and perform a clean system power_off.
15515d94b82SRobin Holt  */
15615d94b82SRobin Holt void kernel_power_off(void)
15715d94b82SRobin Holt {
15815d94b82SRobin Holt 	kernel_shutdown_prepare(SYSTEM_POWER_OFF);
15915d94b82SRobin Holt 	if (pm_power_off_prepare)
16015d94b82SRobin Holt 		pm_power_off_prepare();
16115d94b82SRobin Holt 	migrate_to_reboot_cpu();
16215d94b82SRobin Holt 	syscore_shutdown();
163*972ee83dSRobin Holt 	pr_emerg("Power down\n");
16415d94b82SRobin Holt 	kmsg_dump(KMSG_DUMP_POWEROFF);
16515d94b82SRobin Holt 	machine_power_off();
16615d94b82SRobin Holt }
16715d94b82SRobin Holt EXPORT_SYMBOL_GPL(kernel_power_off);
16815d94b82SRobin Holt 
16915d94b82SRobin Holt static DEFINE_MUTEX(reboot_mutex);
17015d94b82SRobin Holt 
17115d94b82SRobin Holt /*
17215d94b82SRobin Holt  * Reboot system call: for obvious reasons only root may call it,
17315d94b82SRobin Holt  * and even root needs to set up some magic numbers in the registers
17415d94b82SRobin Holt  * so that some mistake won't make this reboot the whole machine.
17515d94b82SRobin Holt  * You can also set the meaning of the ctrl-alt-del-key here.
17615d94b82SRobin Holt  *
17715d94b82SRobin Holt  * reboot doesn't sync: do that yourself before calling this.
17815d94b82SRobin Holt  */
17915d94b82SRobin Holt SYSCALL_DEFINE4(reboot, int, magic1, int, magic2, unsigned int, cmd,
18015d94b82SRobin Holt 		void __user *, arg)
18115d94b82SRobin Holt {
18215d94b82SRobin Holt 	struct pid_namespace *pid_ns = task_active_pid_ns(current);
18315d94b82SRobin Holt 	char buffer[256];
18415d94b82SRobin Holt 	int ret = 0;
18515d94b82SRobin Holt 
18615d94b82SRobin Holt 	/* We only trust the superuser with rebooting the system. */
18715d94b82SRobin Holt 	if (!ns_capable(pid_ns->user_ns, CAP_SYS_BOOT))
18815d94b82SRobin Holt 		return -EPERM;
18915d94b82SRobin Holt 
19015d94b82SRobin Holt 	/* For safety, we require "magic" arguments. */
19115d94b82SRobin Holt 	if (magic1 != LINUX_REBOOT_MAGIC1 ||
19215d94b82SRobin Holt 			(magic2 != LINUX_REBOOT_MAGIC2 &&
19315d94b82SRobin Holt 			magic2 != LINUX_REBOOT_MAGIC2A &&
19415d94b82SRobin Holt 			magic2 != LINUX_REBOOT_MAGIC2B &&
19515d94b82SRobin Holt 			magic2 != LINUX_REBOOT_MAGIC2C))
19615d94b82SRobin Holt 		return -EINVAL;
19715d94b82SRobin Holt 
19815d94b82SRobin Holt 	/*
19915d94b82SRobin Holt 	 * If pid namespaces are enabled and the current task is in a child
20015d94b82SRobin Holt 	 * pid_namespace, the command is handled by reboot_pid_ns() which will
20115d94b82SRobin Holt 	 * call do_exit().
20215d94b82SRobin Holt 	 */
20315d94b82SRobin Holt 	ret = reboot_pid_ns(pid_ns, cmd);
20415d94b82SRobin Holt 	if (ret)
20515d94b82SRobin Holt 		return ret;
20615d94b82SRobin Holt 
20715d94b82SRobin Holt 	/* Instead of trying to make the power_off code look like
20815d94b82SRobin Holt 	 * halt when pm_power_off is not set do it the easy way.
20915d94b82SRobin Holt 	 */
21015d94b82SRobin Holt 	if ((cmd == LINUX_REBOOT_CMD_POWER_OFF) && !pm_power_off)
21115d94b82SRobin Holt 		cmd = LINUX_REBOOT_CMD_HALT;
21215d94b82SRobin Holt 
21315d94b82SRobin Holt 	mutex_lock(&reboot_mutex);
21415d94b82SRobin Holt 	switch (cmd) {
21515d94b82SRobin Holt 	case LINUX_REBOOT_CMD_RESTART:
21615d94b82SRobin Holt 		kernel_restart(NULL);
21715d94b82SRobin Holt 		break;
21815d94b82SRobin Holt 
21915d94b82SRobin Holt 	case LINUX_REBOOT_CMD_CAD_ON:
22015d94b82SRobin Holt 		C_A_D = 1;
22115d94b82SRobin Holt 		break;
22215d94b82SRobin Holt 
22315d94b82SRobin Holt 	case LINUX_REBOOT_CMD_CAD_OFF:
22415d94b82SRobin Holt 		C_A_D = 0;
22515d94b82SRobin Holt 		break;
22615d94b82SRobin Holt 
22715d94b82SRobin Holt 	case LINUX_REBOOT_CMD_HALT:
22815d94b82SRobin Holt 		kernel_halt();
22915d94b82SRobin Holt 		do_exit(0);
23015d94b82SRobin Holt 		panic("cannot halt");
23115d94b82SRobin Holt 
23215d94b82SRobin Holt 	case LINUX_REBOOT_CMD_POWER_OFF:
23315d94b82SRobin Holt 		kernel_power_off();
23415d94b82SRobin Holt 		do_exit(0);
23515d94b82SRobin Holt 		break;
23615d94b82SRobin Holt 
23715d94b82SRobin Holt 	case LINUX_REBOOT_CMD_RESTART2:
238*972ee83dSRobin Holt 		ret = strncpy_from_user(&buffer[0], arg, sizeof(buffer) - 1);
239*972ee83dSRobin Holt 		if (ret < 0) {
24015d94b82SRobin Holt 			ret = -EFAULT;
24115d94b82SRobin Holt 			break;
24215d94b82SRobin Holt 		}
24315d94b82SRobin Holt 		buffer[sizeof(buffer) - 1] = '\0';
24415d94b82SRobin Holt 
24515d94b82SRobin Holt 		kernel_restart(buffer);
24615d94b82SRobin Holt 		break;
24715d94b82SRobin Holt 
24815d94b82SRobin Holt #ifdef CONFIG_KEXEC
24915d94b82SRobin Holt 	case LINUX_REBOOT_CMD_KEXEC:
25015d94b82SRobin Holt 		ret = kernel_kexec();
25115d94b82SRobin Holt 		break;
25215d94b82SRobin Holt #endif
25315d94b82SRobin Holt 
25415d94b82SRobin Holt #ifdef CONFIG_HIBERNATION
25515d94b82SRobin Holt 	case LINUX_REBOOT_CMD_SW_SUSPEND:
25615d94b82SRobin Holt 		ret = hibernate();
25715d94b82SRobin Holt 		break;
25815d94b82SRobin Holt #endif
25915d94b82SRobin Holt 
26015d94b82SRobin Holt 	default:
26115d94b82SRobin Holt 		ret = -EINVAL;
26215d94b82SRobin Holt 		break;
26315d94b82SRobin Holt 	}
26415d94b82SRobin Holt 	mutex_unlock(&reboot_mutex);
26515d94b82SRobin Holt 	return ret;
26615d94b82SRobin Holt }
26715d94b82SRobin Holt 
26815d94b82SRobin Holt static void deferred_cad(struct work_struct *dummy)
26915d94b82SRobin Holt {
27015d94b82SRobin Holt 	kernel_restart(NULL);
27115d94b82SRobin Holt }
27215d94b82SRobin Holt 
27315d94b82SRobin Holt /*
27415d94b82SRobin Holt  * This function gets called by ctrl-alt-del - ie the keyboard interrupt.
27515d94b82SRobin Holt  * As it's called within an interrupt, it may NOT sync: the only choice
27615d94b82SRobin Holt  * is whether to reboot at once, or just ignore the ctrl-alt-del.
27715d94b82SRobin Holt  */
27815d94b82SRobin Holt void ctrl_alt_del(void)
27915d94b82SRobin Holt {
28015d94b82SRobin Holt 	static DECLARE_WORK(cad_work, deferred_cad);
28115d94b82SRobin Holt 
28215d94b82SRobin Holt 	if (C_A_D)
28315d94b82SRobin Holt 		schedule_work(&cad_work);
28415d94b82SRobin Holt 	else
28515d94b82SRobin Holt 		kill_cad_pid(SIGINT, 1);
28615d94b82SRobin Holt }
28715d94b82SRobin Holt 
28815d94b82SRobin Holt char poweroff_cmd[POWEROFF_CMD_PATH_LEN] = "/sbin/poweroff";
28915d94b82SRobin Holt 
29015d94b82SRobin Holt static int __orderly_poweroff(bool force)
29115d94b82SRobin Holt {
29215d94b82SRobin Holt 	char **argv;
29315d94b82SRobin Holt 	static char *envp[] = {
29415d94b82SRobin Holt 		"HOME=/",
29515d94b82SRobin Holt 		"PATH=/sbin:/bin:/usr/sbin:/usr/bin",
29615d94b82SRobin Holt 		NULL
29715d94b82SRobin Holt 	};
29815d94b82SRobin Holt 	int ret;
29915d94b82SRobin Holt 
30015d94b82SRobin Holt 	argv = argv_split(GFP_KERNEL, poweroff_cmd, NULL);
30115d94b82SRobin Holt 	if (argv) {
30215d94b82SRobin Holt 		ret = call_usermodehelper(argv[0], argv, envp, UMH_WAIT_EXEC);
30315d94b82SRobin Holt 		argv_free(argv);
30415d94b82SRobin Holt 	} else {
30515d94b82SRobin Holt 		ret = -ENOMEM;
30615d94b82SRobin Holt 	}
30715d94b82SRobin Holt 
30815d94b82SRobin Holt 	if (ret && force) {
309*972ee83dSRobin Holt 		pr_warn("Failed to start orderly shutdown: forcing the issue\n");
31015d94b82SRobin Holt 		/*
31115d94b82SRobin Holt 		 * I guess this should try to kick off some daemon to sync and
31215d94b82SRobin Holt 		 * poweroff asap.  Or not even bother syncing if we're doing an
31315d94b82SRobin Holt 		 * emergency shutdown?
31415d94b82SRobin Holt 		 */
31515d94b82SRobin Holt 		emergency_sync();
31615d94b82SRobin Holt 		kernel_power_off();
31715d94b82SRobin Holt 	}
31815d94b82SRobin Holt 
31915d94b82SRobin Holt 	return ret;
32015d94b82SRobin Holt }
32115d94b82SRobin Holt 
32215d94b82SRobin Holt static bool poweroff_force;
32315d94b82SRobin Holt 
32415d94b82SRobin Holt static void poweroff_work_func(struct work_struct *work)
32515d94b82SRobin Holt {
32615d94b82SRobin Holt 	__orderly_poweroff(poweroff_force);
32715d94b82SRobin Holt }
32815d94b82SRobin Holt 
32915d94b82SRobin Holt static DECLARE_WORK(poweroff_work, poweroff_work_func);
33015d94b82SRobin Holt 
33115d94b82SRobin Holt /**
33215d94b82SRobin Holt  * orderly_poweroff - Trigger an orderly system poweroff
33315d94b82SRobin Holt  * @force: force poweroff if command execution fails
33415d94b82SRobin Holt  *
33515d94b82SRobin Holt  * This may be called from any context to trigger a system shutdown.
33615d94b82SRobin Holt  * If the orderly shutdown fails, it will force an immediate shutdown.
33715d94b82SRobin Holt  */
33815d94b82SRobin Holt int orderly_poweroff(bool force)
33915d94b82SRobin Holt {
34015d94b82SRobin Holt 	if (force) /* do not override the pending "true" */
34115d94b82SRobin Holt 		poweroff_force = true;
34215d94b82SRobin Holt 	schedule_work(&poweroff_work);
34315d94b82SRobin Holt 	return 0;
34415d94b82SRobin Holt }
34515d94b82SRobin Holt EXPORT_SYMBOL_GPL(orderly_poweroff);
346