search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'i2c/for-current-fixed' of git://git.kernel.org/pub/scm/linux/kernel...
[linux/fpc-iii.git] / kernel / kexec_file.c
blobb118735fea9da471a15ba627c87af523b891bafa
1 /*
2 * kexec: kexec_file_load system call
3 *
4 * Copyright (C) 2014 Red Hat Inc.
5 * Authors:
6 * Vivek Goyal <vgoyal@redhat.com>
7 *
8 * This source code is licensed under the GNU General Public License,
9 * Version 2. See the file COPYING for more details.
10 */
11
12 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
13
14 #include <linux/capability.h>
15 #include <linux/mm.h>
16 #include <linux/file.h>
17 #include <linux/slab.h>
18 #include <linux/kexec.h>
19 #include <linux/mutex.h>
20 #include <linux/list.h>
21 #include <linux/fs.h>
22 #include <linux/ima.h>
23 #include <crypto/hash.h>
24 #include <crypto/sha.h>
25 #include <linux/syscalls.h>
26 #include <linux/vmalloc.h>
27 #include "kexec_internal.h"
28
29 /*
30 * Declare these symbols weak so that if architecture provides a purgatory,
31 * these will be overridden.
32 */
33 char __weak kexec_purgatory[0];
34 size_t __weak kexec_purgatory_size = 0;
35
36 static int kexec_calculate_store_digests(struct kimage *image);
37
38 /* Architectures can provide this probe function */
39 int __weak arch_kexec_kernel_image_probe(struct kimage *image, void *buf,
40 unsigned long buf_len)
41 {
42 return -ENOEXEC;
43 }
44
45 void * __weak arch_kexec_kernel_image_load(struct kimage *image)
46 {
47 return ERR_PTR(-ENOEXEC);
48 }
49
50 int __weak arch_kimage_file_post_load_cleanup(struct kimage *image)
51 {
52 return -EINVAL;
53 }
54
55 #ifdef CONFIG_KEXEC_VERIFY_SIG
56 int __weak arch_kexec_kernel_verify_sig(struct kimage *image, void *buf,
57 unsigned long buf_len)
58 {
59 return -EKEYREJECTED;
60 }
61 #endif
62
63 /* Apply relocations of type RELA */
64 int __weak
65 arch_kexec_apply_relocations_add(const Elf_Ehdr *ehdr, Elf_Shdr *sechdrs,
66 unsigned int relsec)
67 {
68 pr_err("RELA relocation unsupported.\n");
69 return -ENOEXEC;
70 }
71
72 /* Apply relocations of type REL */
73 int __weak
74 arch_kexec_apply_relocations(const Elf_Ehdr *ehdr, Elf_Shdr *sechdrs,
75 unsigned int relsec)
76 {
77 pr_err("REL relocation unsupported.\n");
78 return -ENOEXEC;
79 }
80
81 /*
82 * Free up memory used by kernel, initrd, and command line. This is temporary
83 * memory allocation which is not needed any more after these buffers have
84 * been loaded into separate segments and have been copied elsewhere.
85 */
86 void kimage_file_post_load_cleanup(struct kimage *image)
87 {
88 struct purgatory_info *pi = &image->purgatory_info;
89
90 vfree(image->kernel_buf);
91 image->kernel_buf = NULL;
92
93 vfree(image->initrd_buf);
94 image->initrd_buf = NULL;
95
96 kfree(image->cmdline_buf);
97 image->cmdline_buf = NULL;
98
99 vfree(pi->purgatory_buf);
100 pi->purgatory_buf = NULL;
101
102 vfree(pi->sechdrs);
103 pi->sechdrs = NULL;
104
105 /* See if architecture has anything to cleanup post load */
106 arch_kimage_file_post_load_cleanup(image);
107
108 /*
109 * Above call should have called into bootloader to free up
110 * any data stored in kimage->image_loader_data. It should
111 * be ok now to free it up.
112 */
113 kfree(image->image_loader_data);
114 image->image_loader_data = NULL;
115 }
116
117 /*
118 * In file mode list of segments is prepared by kernel. Copy relevant
119 * data from user space, do error checking, prepare segment list
120 */
121 static int
122 kimage_file_prepare_segments(struct kimage *image, int kernel_fd, int initrd_fd,
123 const char __user *cmdline_ptr,
124 unsigned long cmdline_len, unsigned flags)
125 {
126 int ret = 0;
127 void *ldata;
128 loff_t size;
129
130 ret = kernel_read_file_from_fd(kernel_fd, &image->kernel_buf,
131 &size, INT_MAX, READING_KEXEC_IMAGE);
132 if (ret)
133 return ret;
134 image->kernel_buf_len = size;
135
136 /* IMA needs to pass the measurement list to the next kernel. */
137 ima_add_kexec_buffer(image);
138
139 /* Call arch image probe handlers */
140 ret = arch_kexec_kernel_image_probe(image, image->kernel_buf,
141 image->kernel_buf_len);
142 if (ret)
143 goto out;
144
145 #ifdef CONFIG_KEXEC_VERIFY_SIG
146 ret = arch_kexec_kernel_verify_sig(image, image->kernel_buf,
147 image->kernel_buf_len);
148 if (ret) {
149 pr_debug("kernel signature verification failed.\n");
150 goto out;
151 }
152 pr_debug("kernel signature verification successful.\n");
153 #endif
154 /* It is possible that there no initramfs is being loaded */
155 if (!(flags & KEXEC_FILE_NO_INITRAMFS)) {
156 ret = kernel_read_file_from_fd(initrd_fd, &image->initrd_buf,
157 &size, INT_MAX,
158 READING_KEXEC_INITRAMFS);
159 if (ret)
160 goto out;
161 image->initrd_buf_len = size;
162 }
163
164 if (cmdline_len) {
165 image->cmdline_buf = kzalloc(cmdline_len, GFP_KERNEL);
166 if (!image->cmdline_buf) {
167 ret = -ENOMEM;
168 goto out;
169 }
170
171 ret = copy_from_user(image->cmdline_buf, cmdline_ptr,
172 cmdline_len);
173 if (ret) {
174 ret = -EFAULT;
175 goto out;
176 }
177
178 image->cmdline_buf_len = cmdline_len;
179
180 /* command line should be a string with last byte null */
181 if (image->cmdline_buf[cmdline_len - 1] != '\0') {
182 ret = -EINVAL;
183 goto out;
184 }
185 }
186
187 /* Call arch image load handlers */
188 ldata = arch_kexec_kernel_image_load(image);
189
190 if (IS_ERR(ldata)) {
191 ret = PTR_ERR(ldata);
192 goto out;
193 }
194
195 image->image_loader_data = ldata;
196 out:
197 /* In case of error, free up all allocated memory in this function */
198 if (ret)
199 kimage_file_post_load_cleanup(image);
200 return ret;
201 }
202
203 static int
204 kimage_file_alloc_init(struct kimage **rimage, int kernel_fd,
205 int initrd_fd, const char __user *cmdline_ptr,
206 unsigned long cmdline_len, unsigned long flags)
207 {
208 int ret;
209 struct kimage *image;
210 bool kexec_on_panic = flags & KEXEC_FILE_ON_CRASH;
211
212 image = do_kimage_alloc_init();
213 if (!image)
214 return -ENOMEM;
215
216 image->file_mode = 1;
217
218 if (kexec_on_panic) {
219 /* Enable special crash kernel control page alloc policy. */
220 image->control_page = crashk_res.start;
221 image->type = KEXEC_TYPE_CRASH;
222 }
223
224 ret = kimage_file_prepare_segments(image, kernel_fd, initrd_fd,
225 cmdline_ptr, cmdline_len, flags);
226 if (ret)
227 goto out_free_image;
228
229 ret = sanity_check_segment_list(image);
230 if (ret)
231 goto out_free_post_load_bufs;
232
233 ret = -ENOMEM;
234 image->control_code_page = kimage_alloc_control_pages(image,
235 get_order(KEXEC_CONTROL_PAGE_SIZE));
236 if (!image->control_code_page) {
237 pr_err("Could not allocate control_code_buffer\n");
238 goto out_free_post_load_bufs;
239 }
240
241 if (!kexec_on_panic) {
242 image->swap_page = kimage_alloc_control_pages(image, 0);
243 if (!image->swap_page) {
244 pr_err("Could not allocate swap buffer\n");
245 goto out_free_control_pages;
246 }
247 }
248
249 *rimage = image;
250 return 0;
251 out_free_control_pages:
252 kimage_free_page_list(&image->control_pages);
253 out_free_post_load_bufs:
254 kimage_file_post_load_cleanup(image);
255 out_free_image:
256 kfree(image);
257 return ret;
258 }
259
260 SYSCALL_DEFINE5(kexec_file_load, int, kernel_fd, int, initrd_fd,
261 unsigned long, cmdline_len, const char __user *, cmdline_ptr,
262 unsigned long, flags)
263 {
264 int ret = 0, i;
265 struct kimage **dest_image, *image;
266
267 /* We only trust the superuser with rebooting the system. */
268 if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
269 return -EPERM;
270
271 /* Make sure we have a legal set of flags */
272 if (flags != (flags & KEXEC_FILE_FLAGS))
273 return -EINVAL;
274
275 image = NULL;
276
277 if (!mutex_trylock(&kexec_mutex))
278 return -EBUSY;
279
280 dest_image = &kexec_image;
281 if (flags & KEXEC_FILE_ON_CRASH) {
282 dest_image = &kexec_crash_image;
283 if (kexec_crash_image)
284 arch_kexec_unprotect_crashkres();
285 }
286
287 if (flags & KEXEC_FILE_UNLOAD)
288 goto exchange;
289
290 /*
291 * In case of crash, new kernel gets loaded in reserved region. It is
292 * same memory where old crash kernel might be loaded. Free any
293 * current crash dump kernel before we corrupt it.
294 */
295 if (flags & KEXEC_FILE_ON_CRASH)
296 kimage_free(xchg(&kexec_crash_image, NULL));
297
298 ret = kimage_file_alloc_init(&image, kernel_fd, initrd_fd, cmdline_ptr,
299 cmdline_len, flags);
300 if (ret)
301 goto out;
302
303 ret = machine_kexec_prepare(image);
304 if (ret)
305 goto out;
306
307 ret = kexec_calculate_store_digests(image);
308 if (ret)
309 goto out;
310
311 for (i = 0; i < image->nr_segments; i++) {
312 struct kexec_segment *ksegment;
313
314 ksegment = &image->segment[i];
315 pr_debug("Loading segment %d: buf=0x%p bufsz=0x%zx mem=0x%lx memsz=0x%zx\n",
316 i, ksegment->buf, ksegment->bufsz, ksegment->mem,
317 ksegment->memsz);
318
319 ret = kimage_load_segment(image, &image->segment[i]);
320 if (ret)
321 goto out;
322 }
323
324 kimage_terminate(image);
325
326 /*
327 * Free up any temporary buffers allocated which are not needed
328 * after image has been loaded
329 */
330 kimage_file_post_load_cleanup(image);
331 exchange:
332 image = xchg(dest_image, image);
333 out:
334 if ((flags & KEXEC_FILE_ON_CRASH) && kexec_crash_image)
335 arch_kexec_protect_crashkres();
336
337 mutex_unlock(&kexec_mutex);
338 kimage_free(image);
339 return ret;
340 }
341
342 static int locate_mem_hole_top_down(unsigned long start, unsigned long end,
343 struct kexec_buf *kbuf)
344 {
345 struct kimage *image = kbuf->image;
346 unsigned long temp_start, temp_end;
347
348 temp_end = min(end, kbuf->buf_max);
349 temp_start = temp_end - kbuf->memsz;
350
351 do {
352 /* align down start */
353 temp_start = temp_start & (~(kbuf->buf_align - 1));
354
355 if (temp_start < start || temp_start < kbuf->buf_min)
356 return 0;
357
358 temp_end = temp_start + kbuf->memsz - 1;
359
360 /*
361 * Make sure this does not conflict with any of existing
362 * segments
363 */
364 if (kimage_is_destination_range(image, temp_start, temp_end)) {
365 temp_start = temp_start - PAGE_SIZE;
366 continue;
367 }
368
369 /* We found a suitable memory range */
370 break;
371 } while (1);
372
373 /* If we are here, we found a suitable memory range */
374 kbuf->mem = temp_start;
375
376 /* Success, stop navigating through remaining System RAM ranges */
377 return 1;
378 }
379
380 static int locate_mem_hole_bottom_up(unsigned long start, unsigned long end,
381 struct kexec_buf *kbuf)
382 {
383 struct kimage *image = kbuf->image;
384 unsigned long temp_start, temp_end;
385
386 temp_start = max(start, kbuf->buf_min);
387
388 do {
389 temp_start = ALIGN(temp_start, kbuf->buf_align);
390 temp_end = temp_start + kbuf->memsz - 1;
391
392 if (temp_end > end || temp_end > kbuf->buf_max)
393 return 0;
394 /*
395 * Make sure this does not conflict with any of existing
396 * segments
397 */
398 if (kimage_is_destination_range(image, temp_start, temp_end)) {
399 temp_start = temp_start + PAGE_SIZE;
400 continue;
401 }
402
403 /* We found a suitable memory range */
404 break;
405 } while (1);
406
407 /* If we are here, we found a suitable memory range */
408 kbuf->mem = temp_start;
409
410 /* Success, stop navigating through remaining System RAM ranges */
411 return 1;
412 }
413
414 static int locate_mem_hole_callback(u64 start, u64 end, void *arg)
415 {
416 struct kexec_buf *kbuf = (struct kexec_buf *)arg;
417 unsigned long sz = end - start + 1;
418
419 /* Returning 0 will take to next memory range */
420 if (sz < kbuf->memsz)
421 return 0;
422
423 if (end < kbuf->buf_min || start > kbuf->buf_max)
424 return 0;
425
426 /*
427 * Allocate memory top down with-in ram range. Otherwise bottom up
428 * allocation.
429 */
430 if (kbuf->top_down)
431 return locate_mem_hole_top_down(start, end, kbuf);
432 return locate_mem_hole_bottom_up(start, end, kbuf);
433 }
434
435 /**
436 * arch_kexec_walk_mem - call func(data) on free memory regions
437 * @kbuf: Context info for the search. Also passed to @func.
438 * @func: Function to call for each memory region.
439 *
440 * Return: The memory walk will stop when func returns a non-zero value
441 * and that value will be returned. If all free regions are visited without
442 * func returning non-zero, then zero will be returned.
443 */
444 int __weak arch_kexec_walk_mem(struct kexec_buf *kbuf,
445 int (*func)(u64, u64, void *))
446 {
447 if (kbuf->image->type == KEXEC_TYPE_CRASH)
448 return walk_iomem_res_desc(crashk_res.desc,
449 IORESOURCE_SYSTEM_RAM | IORESOURCE_BUSY,
450 crashk_res.start, crashk_res.end,
451 kbuf, func);
452 else
453 return walk_system_ram_res(0, ULONG_MAX, kbuf, func);
454 }
455
456 /**
457 * kexec_locate_mem_hole - find free memory for the purgatory or the next kernel
458 * @kbuf: Parameters for the memory search.
459 *
460 * On success, kbuf->mem will have the start address of the memory region found.
461 *
462 * Return: 0 on success, negative errno on error.
463 */
464 int kexec_locate_mem_hole(struct kexec_buf *kbuf)
465 {
466 int ret;
467
468 ret = arch_kexec_walk_mem(kbuf, locate_mem_hole_callback);
469
470 return ret == 1 ? 0 : -EADDRNOTAVAIL;
471 }
472
473 /**
474 * kexec_add_buffer - place a buffer in a kexec segment
475 * @kbuf: Buffer contents and memory parameters.
476 *
477 * This function assumes that kexec_mutex is held.
478 * On successful return, @kbuf->mem will have the physical address of
479 * the buffer in memory.
480 *
481 * Return: 0 on success, negative errno on error.
482 */
483 int kexec_add_buffer(struct kexec_buf *kbuf)
484 {
485
486 struct kexec_segment *ksegment;
487 int ret;
488
489 /* Currently adding segment this way is allowed only in file mode */
490 if (!kbuf->image->file_mode)
491 return -EINVAL;
492
493 if (kbuf->image->nr_segments >= KEXEC_SEGMENT_MAX)
494 return -EINVAL;
495
496 /*
497 * Make sure we are not trying to add buffer after allocating
498 * control pages. All segments need to be placed first before
499 * any control pages are allocated. As control page allocation
500 * logic goes through list of segments to make sure there are
501 * no destination overlaps.
502 */
503 if (!list_empty(&kbuf->image->control_pages)) {
504 WARN_ON(1);
505 return -EINVAL;
506 }
507
508 /* Ensure minimum alignment needed for segments. */
509 kbuf->memsz = ALIGN(kbuf->memsz, PAGE_SIZE);
510 kbuf->buf_align = max(kbuf->buf_align, PAGE_SIZE);
511
512 /* Walk the RAM ranges and allocate a suitable range for the buffer */
513 ret = kexec_locate_mem_hole(kbuf);
514 if (ret)
515 return ret;
516
517 /* Found a suitable memory range */
518 ksegment = &kbuf->image->segment[kbuf->image->nr_segments];
519 ksegment->kbuf = kbuf->buffer;
520 ksegment->bufsz = kbuf->bufsz;
521 ksegment->mem = kbuf->mem;
522 ksegment->memsz = kbuf->memsz;
523 kbuf->image->nr_segments++;
524 return 0;
525 }
526
527 /* Calculate and store the digest of segments */
528 static int kexec_calculate_store_digests(struct kimage *image)
529 {
530 struct crypto_shash *tfm;
531 struct shash_desc *desc;
532 int ret = 0, i, j, zero_buf_sz, sha_region_sz;
533 size_t desc_size, nullsz;
534 char *digest;
535 void *zero_buf;
536 struct kexec_sha_region *sha_regions;
537 struct purgatory_info *pi = &image->purgatory_info;
538
539 zero_buf = __va(page_to_pfn(ZERO_PAGE(0)) << PAGE_SHIFT);
540 zero_buf_sz = PAGE_SIZE;
541
542 tfm = crypto_alloc_shash("sha256", 0, 0);
543 if (IS_ERR(tfm)) {
544 ret = PTR_ERR(tfm);
545 goto out;
546 }
547
548 desc_size = crypto_shash_descsize(tfm) + sizeof(*desc);
549 desc = kzalloc(desc_size, GFP_KERNEL);
550 if (!desc) {
551 ret = -ENOMEM;
552 goto out_free_tfm;
553 }
554
555 sha_region_sz = KEXEC_SEGMENT_MAX * sizeof(struct kexec_sha_region);
556 sha_regions = vzalloc(sha_region_sz);
557 if (!sha_regions)
558 goto out_free_desc;
559
560 desc->tfm = tfm;
561 desc->flags = 0;
562
563 ret = crypto_shash_init(desc);
564 if (ret < 0)
565 goto out_free_sha_regions;
566
567 digest = kzalloc(SHA256_DIGEST_SIZE, GFP_KERNEL);
568 if (!digest) {
569 ret = -ENOMEM;
570 goto out_free_sha_regions;
571 }
572
573 for (j = i = 0; i < image->nr_segments; i++) {
574 struct kexec_segment *ksegment;
575
576 ksegment = &image->segment[i];
577 /*
578 * Skip purgatory as it will be modified once we put digest
579 * info in purgatory.
580 */
581 if (ksegment->kbuf == pi->purgatory_buf)
582 continue;
583
584 ret = crypto_shash_update(desc, ksegment->kbuf,
585 ksegment->bufsz);
586 if (ret)
587 break;
588
589 /*
590 * Assume rest of the buffer is filled with zero and
591 * update digest accordingly.
592 */
593 nullsz = ksegment->memsz - ksegment->bufsz;
594 while (nullsz) {
595 unsigned long bytes = nullsz;
596
597 if (bytes > zero_buf_sz)
598 bytes = zero_buf_sz;
599 ret = crypto_shash_update(desc, zero_buf, bytes);
600 if (ret)
601 break;
602 nullsz -= bytes;
603 }
604
605 if (ret)
606 break;
607
608 sha_regions[j].start = ksegment->mem;
609 sha_regions[j].len = ksegment->memsz;
610 j++;
611 }
612
613 if (!ret) {
614 ret = crypto_shash_final(desc, digest);
615 if (ret)
616 goto out_free_digest;
617 ret = kexec_purgatory_get_set_symbol(image, "purgatory_sha_regions",
618 sha_regions, sha_region_sz, 0);
619 if (ret)
620 goto out_free_digest;
621
622 ret = kexec_purgatory_get_set_symbol(image, "purgatory_sha256_digest",
623 digest, SHA256_DIGEST_SIZE, 0);
624 if (ret)
625 goto out_free_digest;
626 }
627
628 out_free_digest:
629 kfree(digest);
630 out_free_sha_regions:
631 vfree(sha_regions);
632 out_free_desc:
633 kfree(desc);
634 out_free_tfm:
635 kfree(tfm);
636 out:
637 return ret;
638 }
639
640 /* Actually load purgatory. Lot of code taken from kexec-tools */
641 static int __kexec_load_purgatory(struct kimage *image, unsigned long min,
642 unsigned long max, int top_down)
643 {
644 struct purgatory_info *pi = &image->purgatory_info;
645 unsigned long align, bss_align, bss_sz, bss_pad;
646 unsigned long entry, load_addr, curr_load_addr, bss_addr, offset;
647 unsigned char *buf_addr, *src;
648 int i, ret = 0, entry_sidx = -1;
649 const Elf_Shdr *sechdrs_c;
650 Elf_Shdr *sechdrs = NULL;
651 struct kexec_buf kbuf = { .image = image, .bufsz = 0, .buf_align = 1,
652 .buf_min = min, .buf_max = max,
653 .top_down = top_down };
654
655 /*
656 * sechdrs_c points to section headers in purgatory and are read
657 * only. No modifications allowed.
658 */
659 sechdrs_c = (void *)pi->ehdr + pi->ehdr->e_shoff;
660
661 /*
662 * We can not modify sechdrs_c[] and its fields. It is read only.
663 * Copy it over to a local copy where one can store some temporary
664 * data and free it at the end. We need to modify ->sh_addr and
665 * ->sh_offset fields to keep track of permanent and temporary
666 * locations of sections.
667 */
668 sechdrs = vzalloc(pi->ehdr->e_shnum * sizeof(Elf_Shdr));
669 if (!sechdrs)
670 return -ENOMEM;
671
672 memcpy(sechdrs, sechdrs_c, pi->ehdr->e_shnum * sizeof(Elf_Shdr));
673
674 /*
675 * We seem to have multiple copies of sections. First copy is which
676 * is embedded in kernel in read only section. Some of these sections
677 * will be copied to a temporary buffer and relocated. And these
678 * sections will finally be copied to their final destination at
679 * segment load time.
680 *
681 * Use ->sh_offset to reflect section address in memory. It will
682 * point to original read only copy if section is not allocatable.
683 * Otherwise it will point to temporary copy which will be relocated.
684 *
685 * Use ->sh_addr to contain final address of the section where it
686 * will go during execution time.
687 */
688 for (i = 0; i < pi->ehdr->e_shnum; i++) {
689 if (sechdrs[i].sh_type == SHT_NOBITS)
690 continue;
691
692 sechdrs[i].sh_offset = (unsigned long)pi->ehdr +
693 sechdrs[i].sh_offset;
694 }
695
696 /*
697 * Identify entry point section and make entry relative to section
698 * start.
699 */
700 entry = pi->ehdr->e_entry;
701 for (i = 0; i < pi->ehdr->e_shnum; i++) {
702 if (!(sechdrs[i].sh_flags & SHF_ALLOC))
703 continue;
704
705 if (!(sechdrs[i].sh_flags & SHF_EXECINSTR))
706 continue;
707
708 /* Make entry section relative */
709 if (sechdrs[i].sh_addr <= pi->ehdr->e_entry &&
710 ((sechdrs[i].sh_addr + sechdrs[i].sh_size) >
711 pi->ehdr->e_entry)) {
712 entry_sidx = i;
713 entry -= sechdrs[i].sh_addr;
714 break;
715 }
716 }
717
718 /* Determine how much memory is needed to load relocatable object. */
719 bss_align = 1;
720 bss_sz = 0;
721
722 for (i = 0; i < pi->ehdr->e_shnum; i++) {
723 if (!(sechdrs[i].sh_flags & SHF_ALLOC))
724 continue;
725
726 align = sechdrs[i].sh_addralign;
727 if (sechdrs[i].sh_type != SHT_NOBITS) {
728 if (kbuf.buf_align < align)
729 kbuf.buf_align = align;
730 kbuf.bufsz = ALIGN(kbuf.bufsz, align);
731 kbuf.bufsz += sechdrs[i].sh_size;
732 } else {
733 /* bss section */
734 if (bss_align < align)
735 bss_align = align;
736 bss_sz = ALIGN(bss_sz, align);
737 bss_sz += sechdrs[i].sh_size;
738 }
739 }
740
741 /* Determine the bss padding required to align bss properly */
742 bss_pad = 0;
743 if (kbuf.bufsz & (bss_align - 1))
744 bss_pad = bss_align - (kbuf.bufsz & (bss_align - 1));
745
746 kbuf.memsz = kbuf.bufsz + bss_pad + bss_sz;
747
748 /* Allocate buffer for purgatory */
749 kbuf.buffer = vzalloc(kbuf.bufsz);
750 if (!kbuf.buffer) {
751 ret = -ENOMEM;
752 goto out;
753 }
754
755 if (kbuf.buf_align < bss_align)
756 kbuf.buf_align = bss_align;
757
758 /* Add buffer to segment list */
759 ret = kexec_add_buffer(&kbuf);
760 if (ret)
761 goto out;
762 pi->purgatory_load_addr = kbuf.mem;
763
764 /* Load SHF_ALLOC sections */
765 buf_addr = kbuf.buffer;
766 load_addr = curr_load_addr = pi->purgatory_load_addr;
767 bss_addr = load_addr + kbuf.bufsz + bss_pad;
768
769 for (i = 0; i < pi->ehdr->e_shnum; i++) {
770 if (!(sechdrs[i].sh_flags & SHF_ALLOC))
771 continue;
772
773 align = sechdrs[i].sh_addralign;
774 if (sechdrs[i].sh_type != SHT_NOBITS) {
775 curr_load_addr = ALIGN(curr_load_addr, align);
776 offset = curr_load_addr - load_addr;
777 /* We already modifed ->sh_offset to keep src addr */
778 src = (char *) sechdrs[i].sh_offset;
779 memcpy(buf_addr + offset, src, sechdrs[i].sh_size);
780
781 /* Store load address and source address of section */
782 sechdrs[i].sh_addr = curr_load_addr;
783
784 /*
785 * This section got copied to temporary buffer. Update
786 * ->sh_offset accordingly.
787 */
788 sechdrs[i].sh_offset = (unsigned long)(buf_addr + offset);
789
790 /* Advance to the next address */
791 curr_load_addr += sechdrs[i].sh_size;
792 } else {
793 bss_addr = ALIGN(bss_addr, align);
794 sechdrs[i].sh_addr = bss_addr;
795 bss_addr += sechdrs[i].sh_size;
796 }
797 }
798
799 /* Update entry point based on load address of text section */
800 if (entry_sidx >= 0)
801 entry += sechdrs[entry_sidx].sh_addr;
802
803 /* Make kernel jump to purgatory after shutdown */
804 image->start = entry;
805
806 /* Used later to get/set symbol values */
807 pi->sechdrs = sechdrs;
808
809 /*
810 * Used later to identify which section is purgatory and skip it
811 * from checksumming.
812 */
813 pi->purgatory_buf = kbuf.buffer;
814 return ret;
815 out:
816 vfree(sechdrs);
817 vfree(kbuf.buffer);
818 return ret;
819 }
820
821 static int kexec_apply_relocations(struct kimage *image)
822 {
823 int i, ret;
824 struct purgatory_info *pi = &image->purgatory_info;
825 Elf_Shdr *sechdrs = pi->sechdrs;
826
827 /* Apply relocations */
828 for (i = 0; i < pi->ehdr->e_shnum; i++) {
829 Elf_Shdr *section, *symtab;
830
831 if (sechdrs[i].sh_type != SHT_RELA &&
832 sechdrs[i].sh_type != SHT_REL)
833 continue;
834
835 /*
836 * For section of type SHT_RELA/SHT_REL,
837 * ->sh_link contains section header index of associated
838 * symbol table. And ->sh_info contains section header
839 * index of section to which relocations apply.
840 */
841 if (sechdrs[i].sh_info >= pi->ehdr->e_shnum ||
842 sechdrs[i].sh_link >= pi->ehdr->e_shnum)
843 return -ENOEXEC;
844
845 section = &sechdrs[sechdrs[i].sh_info];
846 symtab = &sechdrs[sechdrs[i].sh_link];
847
848 if (!(section->sh_flags & SHF_ALLOC))
849 continue;
850
851 /*
852 * symtab->sh_link contain section header index of associated
853 * string table.
854 */
855 if (symtab->sh_link >= pi->ehdr->e_shnum)
856 /* Invalid section number? */
857 continue;
858
859 /*
860 * Respective architecture needs to provide support for applying
861 * relocations of type SHT_RELA/SHT_REL.
862 */
863 if (sechdrs[i].sh_type == SHT_RELA)
864 ret = arch_kexec_apply_relocations_add(pi->ehdr,
865 sechdrs, i);
866 else if (sechdrs[i].sh_type == SHT_REL)
867 ret = arch_kexec_apply_relocations(pi->ehdr,
868 sechdrs, i);
869 if (ret)
870 return ret;
871 }
872
873 return 0;
874 }
875
876 /* Load relocatable purgatory object and relocate it appropriately */
877 int kexec_load_purgatory(struct kimage *image, unsigned long min,
878 unsigned long max, int top_down,
879 unsigned long *load_addr)
880 {
881 struct purgatory_info *pi = &image->purgatory_info;
882 int ret;
883
884 if (kexec_purgatory_size <= 0)
885 return -EINVAL;
886
887 if (kexec_purgatory_size < sizeof(Elf_Ehdr))
888 return -ENOEXEC;
889
890 pi->ehdr = (Elf_Ehdr *)kexec_purgatory;
891
892 if (memcmp(pi->ehdr->e_ident, ELFMAG, SELFMAG) != 0
893 || pi->ehdr->e_type != ET_REL
894 || !elf_check_arch(pi->ehdr)
895 || pi->ehdr->e_shentsize != sizeof(Elf_Shdr))
896 return -ENOEXEC;
897
898 if (pi->ehdr->e_shoff >= kexec_purgatory_size
899 || (pi->ehdr->e_shnum * sizeof(Elf_Shdr) >
900 kexec_purgatory_size - pi->ehdr->e_shoff))
901 return -ENOEXEC;
902
903 ret = __kexec_load_purgatory(image, min, max, top_down);
904 if (ret)
905 return ret;
906
907 ret = kexec_apply_relocations(image);
908 if (ret)
909 goto out;
910
911 *load_addr = pi->purgatory_load_addr;
912 return 0;
913 out:
914 vfree(pi->sechdrs);
915 pi->sechdrs = NULL;
916
917 vfree(pi->purgatory_buf);
918 pi->purgatory_buf = NULL;
919 return ret;
920 }
921
922 static Elf_Sym *kexec_purgatory_find_symbol(struct purgatory_info *pi,
923 const char *name)
924 {
925 Elf_Sym *syms;
926 Elf_Shdr *sechdrs;
927 Elf_Ehdr *ehdr;
928 int i, k;
929 const char *strtab;
930
931 if (!pi->sechdrs || !pi->ehdr)
932 return NULL;
933
934 sechdrs = pi->sechdrs;
935 ehdr = pi->ehdr;
936
937 for (i = 0; i < ehdr->e_shnum; i++) {
938 if (sechdrs[i].sh_type != SHT_SYMTAB)
939 continue;
940
941 if (sechdrs[i].sh_link >= ehdr->e_shnum)
942 /* Invalid strtab section number */
943 continue;
944 strtab = (char *)sechdrs[sechdrs[i].sh_link].sh_offset;
945 syms = (Elf_Sym *)sechdrs[i].sh_offset;
946
947 /* Go through symbols for a match */
948 for (k = 0; k < sechdrs[i].sh_size/sizeof(Elf_Sym); k++) {
949 if (ELF_ST_BIND(syms[k].st_info) != STB_GLOBAL)
950 continue;
951
952 if (strcmp(strtab + syms[k].st_name, name) != 0)
953 continue;
954
955 if (syms[k].st_shndx == SHN_UNDEF ||
956 syms[k].st_shndx >= ehdr->e_shnum) {
957 pr_debug("Symbol: %s has bad section index %d.\n",
958 name, syms[k].st_shndx);
959 return NULL;
960 }
961
962 /* Found the symbol we are looking for */
963 return &syms[k];
964 }
965 }
966
967 return NULL;
968 }
969
970 void *kexec_purgatory_get_symbol_addr(struct kimage *image, const char *name)
971 {
972 struct purgatory_info *pi = &image->purgatory_info;
973 Elf_Sym *sym;
974 Elf_Shdr *sechdr;
975
976 sym = kexec_purgatory_find_symbol(pi, name);
977 if (!sym)
978 return ERR_PTR(-EINVAL);
979
980 sechdr = &pi->sechdrs[sym->st_shndx];
981
982 /*
983 * Returns the address where symbol will finally be loaded after
984 * kexec_load_segment()
985 */
986 return (void *)(sechdr->sh_addr + sym->st_value);
987 }
988
989 /*
990 * Get or set value of a symbol. If "get_value" is true, symbol value is
991 * returned in buf otherwise symbol value is set based on value in buf.
992 */
993 int kexec_purgatory_get_set_symbol(struct kimage *image, const char *name,
994 void *buf, unsigned int size, bool get_value)
995 {
996 Elf_Sym *sym;
997 Elf_Shdr *sechdrs;
998 struct purgatory_info *pi = &image->purgatory_info;
999 char *sym_buf;
1000
1001 sym = kexec_purgatory_find_symbol(pi, name);
1002 if (!sym)
1003 return -EINVAL;
1004
1005 if (sym->st_size != size) {
1006 pr_err("symbol %s size mismatch: expected %lu actual %u\n",
1007 name, (unsigned long)sym->st_size, size);
1008 return -EINVAL;
1009 }
1010
1011 sechdrs = pi->sechdrs;
1012
1013 if (sechdrs[sym->st_shndx].sh_type == SHT_NOBITS) {
1014 pr_err("symbol %s is in a bss section. Cannot %s\n", name,
1015 get_value ? "get" : "set");
1016 return -EINVAL;
1017 }
1018
1019 sym_buf = (unsigned char *)sechdrs[sym->st_shndx].sh_offset +
1020 sym->st_value;
1021
1022 if (get_value)
1023 memcpy((void *)buf, sym_buf, size);
1024 else
1025 memcpy((void *)sym_buf, buf, size);
1026
1027 return 0;
1028 }
Linux with added FPC-III support