xref: /openbmc/linux/kernel/Kconfig.kexec (revision 54d8c1d3) 
1# SPDX-License-Identifier: GPL-2.0-only
2
3menu "Kexec and crash features"
4
5config CRASH_CORE
6	bool
7
8config KEXEC_CORE
9	select CRASH_CORE
10	bool
11
12config KEXEC_ELF
13	bool
14
15config HAVE_IMA_KEXEC
16	bool
17
18config KEXEC
19	bool "Enable kexec system call"
20	depends on ARCH_SUPPORTS_KEXEC
21	select KEXEC_CORE
22	help
23	  kexec is a system call that implements the ability to shutdown your
24	  current kernel, and to start another kernel. It is like a reboot
25	  but it is independent of the system firmware. And like a reboot
26	  you can start any kernel with it, not just Linux.
27
28	  The name comes from the similarity to the exec system call.
29
30	  It is an ongoing process to be certain the hardware in a machine
31	  is properly shutdown, so do not be surprised if this code does not
32	  initially work for you. As of this writing the exact hardware
33	  interface is strongly in flux, so no good recommendation can be
34	  made.
35
36config KEXEC_FILE
37	bool "Enable kexec file based system call"
38	depends on ARCH_SUPPORTS_KEXEC_FILE
39	select KEXEC_CORE
40	help
41	  This is new version of kexec system call. This system call is
42	  file based and takes file descriptors as system call argument
43	  for kernel and initramfs as opposed to list of segments as
44	  accepted by kexec system call.
45
46config KEXEC_SIG
47	bool "Verify kernel signature during kexec_file_load() syscall"
48	depends on ARCH_SUPPORTS_KEXEC_SIG
49	depends on KEXEC_FILE
50	help
51	  This option makes the kexec_file_load() syscall check for a valid
52	  signature of the kernel image. The image can still be loaded without
53	  a valid signature unless you also enable KEXEC_SIG_FORCE, though if
54	  there's a signature that we can check, then it must be valid.
55
56	  In addition to this option, you need to enable signature
57	  verification for the corresponding kernel image type being
58	  loaded in order for this to work.
59
60config KEXEC_SIG_FORCE
61	bool "Require a valid signature in kexec_file_load() syscall"
62	depends on ARCH_SUPPORTS_KEXEC_SIG_FORCE
63	depends on KEXEC_SIG
64	help
65	  This option makes kernel signature verification mandatory for
66	  the kexec_file_load() syscall.
67
68config KEXEC_IMAGE_VERIFY_SIG
69	bool "Enable Image signature verification support (ARM)"
70	default ARCH_DEFAULT_KEXEC_IMAGE_VERIFY_SIG
71	depends on ARCH_SUPPORTS_KEXEC_IMAGE_VERIFY_SIG
72	depends on KEXEC_SIG
73	depends on EFI && SIGNED_PE_FILE_VERIFICATION
74	help
75	  Enable Image signature verification support.
76
77config KEXEC_BZIMAGE_VERIFY_SIG
78	bool "Enable bzImage signature verification support"
79	depends on ARCH_SUPPORTS_KEXEC_BZIMAGE_VERIFY_SIG
80	depends on KEXEC_SIG
81	depends on SIGNED_PE_FILE_VERIFICATION
82	select SYSTEM_TRUSTED_KEYRING
83	help
84	  Enable bzImage signature verification support.
85
86config KEXEC_JUMP
87	bool "kexec jump"
88	depends on ARCH_SUPPORTS_KEXEC_JUMP
89	depends on KEXEC && HIBERNATION
90	help
91	  Jump between original kernel and kexeced kernel and invoke
92	  code in physical address mode via KEXEC
93
94config CRASH_DUMP
95	bool "kernel crash dumps"
96	depends on ARCH_SUPPORTS_CRASH_DUMP
97	depends on ARCH_SUPPORTS_KEXEC
98	select CRASH_CORE
99	select KEXEC_CORE
100	help
101	  Generate crash dump after being started by kexec.
102	  This should be normally only set in special crash dump kernels
103	  which are loaded in the main kernel with kexec-tools into
104	  a specially reserved region and then later executed after
105	  a crash by kdump/kexec. The crash dump kernel must be compiled
106	  to a memory address not used by the main kernel or BIOS using
107	  PHYSICAL_START, or it must be built as a relocatable image
108	  (CONFIG_RELOCATABLE=y).
109	  For more details see Documentation/admin-guide/kdump/kdump.rst
110
111	  For s390, this option also enables zfcpdump.
112	  See also <file:Documentation/s390/zfcpdump.rst>
113
114config CRASH_HOTPLUG
115	bool "Update the crash elfcorehdr on system configuration changes"
116	default y
117	depends on CRASH_DUMP && (HOTPLUG_CPU || MEMORY_HOTPLUG)
118	depends on ARCH_SUPPORTS_CRASH_HOTPLUG
119	help
120	  Enable direct update to the crash elfcorehdr (which contains
121	  the list of CPUs and memory regions to be dumped upon a crash)
122	  in response to hot plug/unplug or online/offline of CPUs or
123	  memory. This is a much more advanced approach than userspace
124	  attempting that.
125
126	  If unsure, say Y.
127
128config CRASH_MAX_MEMORY_RANGES
129	int "Specify the maximum number of memory regions for the elfcorehdr"
130	default 8192
131	depends on CRASH_HOTPLUG
132	help
133	  For the kexec_file_load() syscall path, specify the maximum number of
134	  memory regions that the elfcorehdr buffer/segment can accommodate.
135	  These regions are obtained via walk_system_ram_res(); eg. the
136	  'System RAM' entries in /proc/iomem.
137	  This value is combined with NR_CPUS_DEFAULT and multiplied by
138	  sizeof(Elf64_Phdr) to determine the final elfcorehdr memory buffer/
139	  segment size.
140	  The value 8192, for example, covers a (sparsely populated) 1TiB system
141	  consisting of 128MiB memblocks, while resulting in an elfcorehdr
142	  memory buffer/segment size under 1MiB. This represents a sane choice
143	  to accommodate both baremetal and virtual machine configurations.
144
145	  For the kexec_load() syscall path, CRASH_MAX_MEMORY_RANGES is part of
146	  the computation behind the value provided through the
147	  /sys/kernel/crash_elfcorehdr_size attribute.
148
149endmenu
150