189cde455SEric DeVolder# SPDX-License-Identifier: GPL-2.0-only 289cde455SEric DeVolder 389cde455SEric DeVoldermenu "Kexec and crash features" 489cde455SEric DeVolder 589cde455SEric DeVolderconfig CRASH_CORE 689cde455SEric DeVolder bool 789cde455SEric DeVolder 889cde455SEric DeVolderconfig KEXEC_CORE 989cde455SEric DeVolder select CRASH_CORE 1089cde455SEric DeVolder bool 1189cde455SEric DeVolder 1289cde455SEric DeVolderconfig KEXEC_ELF 1389cde455SEric DeVolder bool 1489cde455SEric DeVolder 1589cde455SEric DeVolderconfig HAVE_IMA_KEXEC 1689cde455SEric DeVolder bool 1789cde455SEric DeVolder 1889cde455SEric DeVolderconfig KEXEC 1989cde455SEric DeVolder bool "Enable kexec system call" 2089cde455SEric DeVolder depends on ARCH_SUPPORTS_KEXEC 2189cde455SEric DeVolder select KEXEC_CORE 2289cde455SEric DeVolder help 2389cde455SEric DeVolder kexec is a system call that implements the ability to shutdown your 2489cde455SEric DeVolder current kernel, and to start another kernel. It is like a reboot 2589cde455SEric DeVolder but it is independent of the system firmware. And like a reboot 2689cde455SEric DeVolder you can start any kernel with it, not just Linux. 2789cde455SEric DeVolder 2889cde455SEric DeVolder The name comes from the similarity to the exec system call. 2989cde455SEric DeVolder 3089cde455SEric DeVolder It is an ongoing process to be certain the hardware in a machine 3189cde455SEric DeVolder is properly shutdown, so do not be surprised if this code does not 3289cde455SEric DeVolder initially work for you. As of this writing the exact hardware 3389cde455SEric DeVolder interface is strongly in flux, so no good recommendation can be 3489cde455SEric DeVolder made. 3589cde455SEric DeVolder 3689cde455SEric DeVolderconfig KEXEC_FILE 3789cde455SEric DeVolder bool "Enable kexec file based system call" 3889cde455SEric DeVolder depends on ARCH_SUPPORTS_KEXEC_FILE 39*7844d7d8SArnd Bergmann select CRYPTO 40*7844d7d8SArnd Bergmann select CRYPTO_SHA256 4189cde455SEric DeVolder select KEXEC_CORE 4289cde455SEric DeVolder help 4389cde455SEric DeVolder This is new version of kexec system call. This system call is 4489cde455SEric DeVolder file based and takes file descriptors as system call argument 4589cde455SEric DeVolder for kernel and initramfs as opposed to list of segments as 4689cde455SEric DeVolder accepted by kexec system call. 4789cde455SEric DeVolder 4889cde455SEric DeVolderconfig KEXEC_SIG 4989cde455SEric DeVolder bool "Verify kernel signature during kexec_file_load() syscall" 5089cde455SEric DeVolder depends on ARCH_SUPPORTS_KEXEC_SIG 5189cde455SEric DeVolder depends on KEXEC_FILE 5289cde455SEric DeVolder help 5389cde455SEric DeVolder This option makes the kexec_file_load() syscall check for a valid 5489cde455SEric DeVolder signature of the kernel image. The image can still be loaded without 5589cde455SEric DeVolder a valid signature unless you also enable KEXEC_SIG_FORCE, though if 5689cde455SEric DeVolder there's a signature that we can check, then it must be valid. 5789cde455SEric DeVolder 5889cde455SEric DeVolder In addition to this option, you need to enable signature 5989cde455SEric DeVolder verification for the corresponding kernel image type being 6089cde455SEric DeVolder loaded in order for this to work. 6189cde455SEric DeVolder 6289cde455SEric DeVolderconfig KEXEC_SIG_FORCE 6389cde455SEric DeVolder bool "Require a valid signature in kexec_file_load() syscall" 6489cde455SEric DeVolder depends on ARCH_SUPPORTS_KEXEC_SIG_FORCE 6589cde455SEric DeVolder depends on KEXEC_SIG 6689cde455SEric DeVolder help 6789cde455SEric DeVolder This option makes kernel signature verification mandatory for 6889cde455SEric DeVolder the kexec_file_load() syscall. 6989cde455SEric DeVolder 7089cde455SEric DeVolderconfig KEXEC_IMAGE_VERIFY_SIG 7189cde455SEric DeVolder bool "Enable Image signature verification support (ARM)" 7289cde455SEric DeVolder default ARCH_DEFAULT_KEXEC_IMAGE_VERIFY_SIG 7389cde455SEric DeVolder depends on ARCH_SUPPORTS_KEXEC_IMAGE_VERIFY_SIG 7489cde455SEric DeVolder depends on KEXEC_SIG 7589cde455SEric DeVolder depends on EFI && SIGNED_PE_FILE_VERIFICATION 7689cde455SEric DeVolder help 7789cde455SEric DeVolder Enable Image signature verification support. 7889cde455SEric DeVolder 7989cde455SEric DeVolderconfig KEXEC_BZIMAGE_VERIFY_SIG 8089cde455SEric DeVolder bool "Enable bzImage signature verification support" 8189cde455SEric DeVolder depends on ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG 8289cde455SEric DeVolder depends on KEXEC_SIG 8389cde455SEric DeVolder depends on SIGNED_PE_FILE_VERIFICATION 8489cde455SEric DeVolder select SYSTEM_TRUSTED_KEYRING 8589cde455SEric DeVolder help 8689cde455SEric DeVolder Enable bzImage signature verification support. 8789cde455SEric DeVolder 8889cde455SEric DeVolderconfig KEXEC_JUMP 8989cde455SEric DeVolder bool "kexec jump" 9089cde455SEric DeVolder depends on ARCH_SUPPORTS_KEXEC_JUMP 9189cde455SEric DeVolder depends on KEXEC && HIBERNATION 9289cde455SEric DeVolder help 9389cde455SEric DeVolder Jump between original kernel and kexeced kernel and invoke 9489cde455SEric DeVolder code in physical address mode via KEXEC 9589cde455SEric DeVolder 9689cde455SEric DeVolderconfig CRASH_DUMP 9789cde455SEric DeVolder bool "kernel crash dumps" 9889cde455SEric DeVolder depends on ARCH_SUPPORTS_CRASH_DUMP 9989cde455SEric DeVolder select CRASH_CORE 10089cde455SEric DeVolder select KEXEC_CORE 10189cde455SEric DeVolder help 10289cde455SEric DeVolder Generate crash dump after being started by kexec. 10389cde455SEric DeVolder This should be normally only set in special crash dump kernels 10489cde455SEric DeVolder which are loaded in the main kernel with kexec-tools into 10589cde455SEric DeVolder a specially reserved region and then later executed after 10689cde455SEric DeVolder a crash by kdump/kexec. The crash dump kernel must be compiled 10789cde455SEric DeVolder to a memory address not used by the main kernel or BIOS using 10889cde455SEric DeVolder PHYSICAL_START, or it must be built as a relocatable image 10989cde455SEric DeVolder (CONFIG_RELOCATABLE=y). 11089cde455SEric DeVolder For more details see Documentation/admin-guide/kdump/kdump.rst 11189cde455SEric DeVolder 11289cde455SEric DeVolder For s390, this option also enables zfcpdump. 11389cde455SEric DeVolder See also <file:Documentation/s390/zfcpdump.rst> 11489cde455SEric DeVolder 11524726275SEric DeVolderconfig CRASH_HOTPLUG 11624726275SEric DeVolder bool "Update the crash elfcorehdr on system configuration changes" 11724726275SEric DeVolder default y 11824726275SEric DeVolder depends on CRASH_DUMP && (HOTPLUG_CPU || MEMORY_HOTPLUG) 11924726275SEric DeVolder depends on ARCH_SUPPORTS_CRASH_HOTPLUG 12024726275SEric DeVolder help 12124726275SEric DeVolder Enable direct update to the crash elfcorehdr (which contains 12224726275SEric DeVolder the list of CPUs and memory regions to be dumped upon a crash) 12324726275SEric DeVolder in response to hot plug/unplug or online/offline of CPUs or 12424726275SEric DeVolder memory. This is a much more advanced approach than userspace 12524726275SEric DeVolder attempting that. 12624726275SEric DeVolder 12724726275SEric DeVolder If unsure, say Y. 12824726275SEric DeVolder 12924726275SEric DeVolderconfig CRASH_MAX_MEMORY_RANGES 13024726275SEric DeVolder int "Specify the maximum number of memory regions for the elfcorehdr" 13124726275SEric DeVolder default 8192 13224726275SEric DeVolder depends on CRASH_HOTPLUG 13324726275SEric DeVolder help 13424726275SEric DeVolder For the kexec_file_load() syscall path, specify the maximum number of 13524726275SEric DeVolder memory regions that the elfcorehdr buffer/segment can accommodate. 13624726275SEric DeVolder These regions are obtained via walk_system_ram_res(); eg. the 13724726275SEric DeVolder 'System RAM' entries in /proc/iomem. 13824726275SEric DeVolder This value is combined with NR_CPUS_DEFAULT and multiplied by 13924726275SEric DeVolder sizeof(Elf64_Phdr) to determine the final elfcorehdr memory buffer/ 14024726275SEric DeVolder segment size. 14124726275SEric DeVolder The value 8192, for example, covers a (sparsely populated) 1TiB system 14224726275SEric DeVolder consisting of 128MiB memblocks, while resulting in an elfcorehdr 14324726275SEric DeVolder memory buffer/segment size under 1MiB. This represents a sane choice 14424726275SEric DeVolder to accommodate both baremetal and virtual machine configurations. 14524726275SEric DeVolder 146a72bbec7SEric DeVolder For the kexec_load() syscall path, CRASH_MAX_MEMORY_RANGES is part of 147a72bbec7SEric DeVolder the computation behind the value provided through the 148a72bbec7SEric DeVolder /sys/kernel/crash_elfcorehdr_size attribute. 149a72bbec7SEric DeVolder 15089cde455SEric DeVolderendmenu 151