Line data Source code
1 : // SPDX-License-Identifier: GPL-2.0-only
2 : /*
3 : * linux/kernel/panic.c
4 : *
5 : * Copyright (C) 1991, 1992 Linus Torvalds
6 : */
7 :
8 : /*
9 : * This function is used through-out the kernel (including mm and fs)
10 : * to indicate a major problem.
11 : */
12 : #include <linux/debug_locks.h>
13 : #include <linux/sched/debug.h>
14 : #include <linux/interrupt.h>
15 : #include <linux/kgdb.h>
16 : #include <linux/kmsg_dump.h>
17 : #include <linux/kallsyms.h>
18 : #include <linux/notifier.h>
19 : #include <linux/vt_kern.h>
20 : #include <linux/module.h>
21 : #include <linux/random.h>
22 : #include <linux/ftrace.h>
23 : #include <linux/reboot.h>
24 : #include <linux/delay.h>
25 : #include <linux/kexec.h>
26 : #include <linux/panic_notifier.h>
27 : #include <linux/sched.h>
28 : #include <linux/string_helpers.h>
29 : #include <linux/sysrq.h>
30 : #include <linux/init.h>
31 : #include <linux/nmi.h>
32 : #include <linux/console.h>
33 : #include <linux/bug.h>
34 : #include <linux/ratelimit.h>
35 : #include <linux/debugfs.h>
36 : #include <linux/sysfs.h>
37 : #include <linux/context_tracking.h>
38 : #include <trace/events/error_report.h>
39 : #include <asm/sections.h>
40 :
41 : #define PANIC_TIMER_STEP 100
42 : #define PANIC_BLINK_SPD 18
43 :
44 : #ifdef CONFIG_SMP
45 : /*
46 : * Should we dump all CPUs backtraces in an oops event?
47 : * Defaults to 0, can be changed via sysctl.
48 : */
49 : static unsigned int __read_mostly sysctl_oops_all_cpu_backtrace;
50 : #else
51 : #define sysctl_oops_all_cpu_backtrace 0
52 : #endif /* CONFIG_SMP */
53 :
54 : int panic_on_oops = CONFIG_PANIC_ON_OOPS_VALUE;
55 : static unsigned long tainted_mask =
56 : IS_ENABLED(CONFIG_RANDSTRUCT) ? (1 << TAINT_RANDSTRUCT) : 0;
57 : static int pause_on_oops;
58 : static int pause_on_oops_flag;
59 : static DEFINE_SPINLOCK(pause_on_oops_lock);
60 : bool crash_kexec_post_notifiers;
61 : int panic_on_warn __read_mostly;
62 : unsigned long panic_on_taint;
63 : bool panic_on_taint_nousertaint = false;
64 : static unsigned int warn_limit __read_mostly;
65 :
66 : int panic_timeout = CONFIG_PANIC_TIMEOUT;
67 : EXPORT_SYMBOL_GPL(panic_timeout);
68 :
69 : #define PANIC_PRINT_TASK_INFO 0x00000001
70 : #define PANIC_PRINT_MEM_INFO 0x00000002
71 : #define PANIC_PRINT_TIMER_INFO 0x00000004
72 : #define PANIC_PRINT_LOCK_INFO 0x00000008
73 : #define PANIC_PRINT_FTRACE_INFO 0x00000010
74 : #define PANIC_PRINT_ALL_PRINTK_MSG 0x00000020
75 : #define PANIC_PRINT_ALL_CPU_BT 0x00000040
76 : unsigned long panic_print;
77 :
78 : ATOMIC_NOTIFIER_HEAD(panic_notifier_list);
79 :
80 : EXPORT_SYMBOL(panic_notifier_list);
81 :
82 : #ifdef CONFIG_SYSCTL
83 : static struct ctl_table kern_panic_table[] = {
84 : #ifdef CONFIG_SMP
85 : {
86 : .procname = "oops_all_cpu_backtrace",
87 : .data = &sysctl_oops_all_cpu_backtrace,
88 : .maxlen = sizeof(int),
89 : .mode = 0644,
90 : .proc_handler = proc_dointvec_minmax,
91 : .extra1 = SYSCTL_ZERO,
92 : .extra2 = SYSCTL_ONE,
93 : },
94 : #endif
95 : {
96 : .procname = "warn_limit",
97 : .data = &warn_limit,
98 : .maxlen = sizeof(warn_limit),
99 : .mode = 0644,
100 : .proc_handler = proc_douintvec,
101 : },
102 : { }
103 : };
104 :
105 1 : static __init int kernel_panic_sysctls_init(void)
106 : {
107 1 : register_sysctl_init("kernel", kern_panic_table);
108 1 : return 0;
109 : }
110 : late_initcall(kernel_panic_sysctls_init);
111 : #endif
112 :
113 : static atomic_t warn_count = ATOMIC_INIT(0);
114 :
115 : #ifdef CONFIG_SYSFS
116 0 : static ssize_t warn_count_show(struct kobject *kobj, struct kobj_attribute *attr,
117 : char *page)
118 : {
119 0 : return sysfs_emit(page, "%d\n", atomic_read(&warn_count));
120 : }
121 :
122 : static struct kobj_attribute warn_count_attr = __ATTR_RO(warn_count);
123 :
124 1 : static __init int kernel_panic_sysfs_init(void)
125 : {
126 1 : sysfs_add_file_to_group(kernel_kobj, &warn_count_attr.attr, NULL);
127 1 : return 0;
128 : }
129 : late_initcall(kernel_panic_sysfs_init);
130 : #endif
131 :
132 0 : static long no_blink(int state)
133 : {
134 0 : return 0;
135 : }
136 :
137 : /* Returns how long it waited in ms */
138 : long (*panic_blink)(int state);
139 : EXPORT_SYMBOL(panic_blink);
140 :
141 : /*
142 : * Stop ourself in panic -- architecture code may override this
143 : */
144 0 : void __weak __noreturn panic_smp_self_stop(void)
145 : {
146 : while (1)
147 : cpu_relax();
148 : }
149 :
150 : /*
151 : * Stop ourselves in NMI context if another CPU has already panicked. Arch code
152 : * may override this to prepare for crash dumping, e.g. save regs info.
153 : */
154 0 : void __weak __noreturn nmi_panic_self_stop(struct pt_regs *regs)
155 : {
156 0 : panic_smp_self_stop();
157 : }
158 :
159 : /*
160 : * Stop other CPUs in panic. Architecture dependent code may override this
161 : * with more suitable version. For example, if the architecture supports
162 : * crash dump, it should save registers of each stopped CPU and disable
163 : * per-CPU features such as virtualization extensions.
164 : */
165 0 : void __weak crash_smp_send_stop(void)
166 : {
167 : static int cpus_stopped;
168 :
169 : /*
170 : * This function can be called twice in panic path, but obviously
171 : * we execute this only once.
172 : */
173 0 : if (cpus_stopped)
174 : return;
175 :
176 : /*
177 : * Note smp_send_stop is the usual smp shutdown function, which
178 : * unfortunately means it may not be hardened to work in a panic
179 : * situation.
180 : */
181 : smp_send_stop();
182 0 : cpus_stopped = 1;
183 : }
184 :
185 : atomic_t panic_cpu = ATOMIC_INIT(PANIC_CPU_INVALID);
186 :
187 : /*
188 : * A variant of panic() called from NMI context. We return if we've already
189 : * panicked on this CPU. If another CPU already panicked, loop in
190 : * nmi_panic_self_stop() which can provide architecture dependent code such
191 : * as saving register state for crash dump.
192 : */
193 0 : void nmi_panic(struct pt_regs *regs, const char *msg)
194 : {
195 : int old_cpu, cpu;
196 :
197 0 : cpu = raw_smp_processor_id();
198 0 : old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, cpu);
199 :
200 0 : if (old_cpu == PANIC_CPU_INVALID)
201 0 : panic("%s", msg);
202 0 : else if (old_cpu != cpu)
203 0 : nmi_panic_self_stop(regs);
204 0 : }
205 : EXPORT_SYMBOL(nmi_panic);
206 :
207 0 : static void panic_print_sys_info(bool console_flush)
208 : {
209 0 : if (console_flush) {
210 0 : if (panic_print & PANIC_PRINT_ALL_PRINTK_MSG)
211 0 : console_flush_on_panic(CONSOLE_REPLAY_ALL);
212 : return;
213 : }
214 :
215 0 : if (panic_print & PANIC_PRINT_TASK_INFO)
216 : show_state();
217 :
218 0 : if (panic_print & PANIC_PRINT_MEM_INFO)
219 : show_mem(0, NULL);
220 :
221 0 : if (panic_print & PANIC_PRINT_TIMER_INFO)
222 0 : sysrq_timer_list_show();
223 :
224 : if (panic_print & PANIC_PRINT_LOCK_INFO)
225 : debug_show_all_locks();
226 :
227 : if (panic_print & PANIC_PRINT_FTRACE_INFO)
228 : ftrace_dump(DUMP_ALL);
229 : }
230 :
231 1 : void check_panic_on_warn(const char *origin)
232 : {
233 : unsigned int limit;
234 :
235 1 : if (panic_on_warn)
236 0 : panic("%s: panic_on_warn set ...\n", origin);
237 :
238 1 : limit = READ_ONCE(warn_limit);
239 1 : if (atomic_inc_return(&warn_count) >= limit && limit)
240 0 : panic("%s: system warned too often (kernel.warn_limit is %d)",
241 : origin, limit);
242 1 : }
243 :
244 : /*
245 : * Helper that triggers the NMI backtrace (if set in panic_print)
246 : * and then performs the secondary CPUs shutdown - we cannot have
247 : * the NMI backtrace after the CPUs are off!
248 : */
249 : static void panic_other_cpus_shutdown(bool crash_kexec)
250 : {
251 : if (panic_print & PANIC_PRINT_ALL_CPU_BT)
252 : trigger_all_cpu_backtrace();
253 :
254 : /*
255 : * Note that smp_send_stop() is the usual SMP shutdown function,
256 : * which unfortunately may not be hardened to work in a panic
257 : * situation. If we want to do crash dump after notifier calls
258 : * and kmsg_dump, we will need architecture dependent extra
259 : * bits in addition to stopping other CPUs, hence we rely on
260 : * crash_smp_send_stop() for that.
261 : */
262 0 : if (!crash_kexec)
263 : smp_send_stop();
264 : else
265 0 : crash_smp_send_stop();
266 : }
267 :
268 : /**
269 : * panic - halt the system
270 : * @fmt: The text string to print
271 : *
272 : * Display a message, then perform cleanups.
273 : *
274 : * This function never returns.
275 : */
276 0 : void panic(const char *fmt, ...)
277 : {
278 : static char buf[1024];
279 : va_list args;
280 0 : long i, i_next = 0, len;
281 0 : int state = 0;
282 : int old_cpu, this_cpu;
283 0 : bool _crash_kexec_post_notifiers = crash_kexec_post_notifiers;
284 :
285 0 : if (panic_on_warn) {
286 : /*
287 : * This thread may hit another WARN() in the panic path.
288 : * Resetting this prevents additional WARN() from panicking the
289 : * system on this thread. Other threads are blocked by the
290 : * panic_mutex in panic().
291 : */
292 0 : panic_on_warn = 0;
293 : }
294 :
295 : /*
296 : * Disable local interrupts. This will prevent panic_smp_self_stop
297 : * from deadlocking the first cpu that invokes the panic, since
298 : * there is nothing to prevent an interrupt handler (that runs
299 : * after setting panic_cpu) from invoking panic() again.
300 : */
301 : local_irq_disable();
302 0 : preempt_disable_notrace();
303 :
304 : /*
305 : * It's possible to come here directly from a panic-assertion and
306 : * not have preempt disabled. Some functions called from here want
307 : * preempt to be disabled. No point enabling it later though...
308 : *
309 : * Only one CPU is allowed to execute the panic code from here. For
310 : * multiple parallel invocations of panic, all other CPUs either
311 : * stop themself or will wait until they are stopped by the 1st CPU
312 : * with smp_send_stop().
313 : *
314 : * `old_cpu == PANIC_CPU_INVALID' means this is the 1st CPU which
315 : * comes here, so go ahead.
316 : * `old_cpu == this_cpu' means we came from nmi_panic() which sets
317 : * panic_cpu to this CPU. In this case, this is also the 1st CPU.
318 : */
319 0 : this_cpu = raw_smp_processor_id();
320 0 : old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);
321 :
322 0 : if (old_cpu != PANIC_CPU_INVALID && old_cpu != this_cpu)
323 0 : panic_smp_self_stop();
324 :
325 0 : console_verbose();
326 0 : bust_spinlocks(1);
327 0 : va_start(args, fmt);
328 0 : len = vscnprintf(buf, sizeof(buf), fmt, args);
329 0 : va_end(args);
330 :
331 0 : if (len && buf[len - 1] == '\n')
332 0 : buf[len - 1] = '\0';
333 :
334 0 : pr_emerg("Kernel panic - not syncing: %s\n", buf);
335 : #ifdef CONFIG_DEBUG_BUGVERBOSE
336 : /*
337 : * Avoid nested stack-dumping if a panic occurs during oops processing
338 : */
339 0 : if (!test_taint(TAINT_DIE) && oops_in_progress <= 1)
340 0 : dump_stack();
341 : #endif
342 :
343 : /*
344 : * If kgdb is enabled, give it a chance to run before we stop all
345 : * the other CPUs or else we won't be able to debug processes left
346 : * running on them.
347 : */
348 0 : kgdb_panic(buf);
349 :
350 : /*
351 : * If we have crashed and we have a crash kernel loaded let it handle
352 : * everything else.
353 : * If we want to run this after calling panic_notifiers, pass
354 : * the "crash_kexec_post_notifiers" option to the kernel.
355 : *
356 : * Bypass the panic_cpu check and call __crash_kexec directly.
357 : */
358 : if (!_crash_kexec_post_notifiers)
359 : __crash_kexec(NULL);
360 :
361 0 : panic_other_cpus_shutdown(_crash_kexec_post_notifiers);
362 :
363 : /*
364 : * Run any panic handlers, including those that might need to
365 : * add information to the kmsg dump output.
366 : */
367 0 : atomic_notifier_call_chain(&panic_notifier_list, 0, buf);
368 :
369 0 : panic_print_sys_info(false);
370 :
371 0 : kmsg_dump(KMSG_DUMP_PANIC);
372 :
373 : /*
374 : * If you doubt kdump always works fine in any situation,
375 : * "crash_kexec_post_notifiers" offers you a chance to run
376 : * panic_notifiers and dumping kmsg before kdump.
377 : * Note: since some panic_notifiers can make crashed kernel
378 : * more unstable, it can increase risks of the kdump failure too.
379 : *
380 : * Bypass the panic_cpu check and call __crash_kexec directly.
381 : */
382 : if (_crash_kexec_post_notifiers)
383 : __crash_kexec(NULL);
384 :
385 0 : console_unblank();
386 :
387 : /*
388 : * We may have ended up stopping the CPU holding the lock (in
389 : * smp_send_stop()) while still having some valuable data in the console
390 : * buffer. Try to acquire the lock then release it regardless of the
391 : * result. The release will also print the buffers out. Locks debug
392 : * should be disabled to avoid reporting bad unlock balance when
393 : * panic() is not being callled from OOPS.
394 : */
395 0 : debug_locks_off();
396 0 : console_flush_on_panic(CONSOLE_FLUSH_PENDING);
397 :
398 0 : panic_print_sys_info(true);
399 :
400 0 : if (!panic_blink)
401 0 : panic_blink = no_blink;
402 :
403 0 : if (panic_timeout > 0) {
404 : /*
405 : * Delay timeout seconds before rebooting the machine.
406 : * We can't use the "normal" timers since we just panicked.
407 : */
408 0 : pr_emerg("Rebooting in %d seconds..\n", panic_timeout);
409 :
410 0 : for (i = 0; i < panic_timeout * 1000; i += PANIC_TIMER_STEP) {
411 : touch_nmi_watchdog();
412 0 : if (i >= i_next) {
413 0 : i += panic_blink(state ^= 1);
414 0 : i_next = i + 3600 / PANIC_BLINK_SPD;
415 : }
416 0 : mdelay(PANIC_TIMER_STEP);
417 : }
418 : }
419 0 : if (panic_timeout != 0) {
420 : /*
421 : * This will not be a clean reboot, with everything
422 : * shutting down. But if there is a chance of
423 : * rebooting the system it will be rebooted.
424 : */
425 0 : if (panic_reboot_mode != REBOOT_UNDEFINED)
426 0 : reboot_mode = panic_reboot_mode;
427 0 : emergency_restart();
428 : }
429 : #ifdef __sparc__
430 : {
431 : extern int stop_a_enabled;
432 : /* Make sure the user can actually press Stop-A (L1-A) */
433 : stop_a_enabled = 1;
434 : pr_emerg("Press Stop-A (L1-A) from sun keyboard or send break\n"
435 : "twice on console to return to the boot prom\n");
436 : }
437 : #endif
438 : #if defined(CONFIG_S390)
439 : disabled_wait();
440 : #endif
441 0 : pr_emerg("---[ end Kernel panic - not syncing: %s ]---\n", buf);
442 :
443 : /* Do not scroll important messages printed above */
444 0 : suppress_printk = 1;
445 : local_irq_enable();
446 0 : for (i = 0; ; i += PANIC_TIMER_STEP) {
447 0 : touch_softlockup_watchdog();
448 0 : if (i >= i_next) {
449 0 : i += panic_blink(state ^= 1);
450 0 : i_next = i + 3600 / PANIC_BLINK_SPD;
451 : }
452 0 : mdelay(PANIC_TIMER_STEP);
453 : }
454 : }
455 :
456 : EXPORT_SYMBOL(panic);
457 :
458 : /*
459 : * TAINT_FORCED_RMMOD could be a per-module flag but the module
460 : * is being removed anyway.
461 : */
462 : const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
463 : [ TAINT_PROPRIETARY_MODULE ] = { 'P', 'G', true },
464 : [ TAINT_FORCED_MODULE ] = { 'F', ' ', true },
465 : [ TAINT_CPU_OUT_OF_SPEC ] = { 'S', ' ', false },
466 : [ TAINT_FORCED_RMMOD ] = { 'R', ' ', false },
467 : [ TAINT_MACHINE_CHECK ] = { 'M', ' ', false },
468 : [ TAINT_BAD_PAGE ] = { 'B', ' ', false },
469 : [ TAINT_USER ] = { 'U', ' ', false },
470 : [ TAINT_DIE ] = { 'D', ' ', false },
471 : [ TAINT_OVERRIDDEN_ACPI_TABLE ] = { 'A', ' ', false },
472 : [ TAINT_WARN ] = { 'W', ' ', false },
473 : [ TAINT_CRAP ] = { 'C', ' ', true },
474 : [ TAINT_FIRMWARE_WORKAROUND ] = { 'I', ' ', false },
475 : [ TAINT_OOT_MODULE ] = { 'O', ' ', true },
476 : [ TAINT_UNSIGNED_MODULE ] = { 'E', ' ', true },
477 : [ TAINT_SOFTLOCKUP ] = { 'L', ' ', false },
478 : [ TAINT_LIVEPATCH ] = { 'K', ' ', true },
479 : [ TAINT_AUX ] = { 'X', ' ', true },
480 : [ TAINT_RANDSTRUCT ] = { 'T', ' ', true },
481 : [ TAINT_TEST ] = { 'N', ' ', true },
482 : };
483 :
484 : /**
485 : * print_tainted - return a string to represent the kernel taint state.
486 : *
487 : * For individual taint flag meanings, see Documentation/admin-guide/sysctl/kernel.rst
488 : *
489 : * The string is overwritten by the next call to print_tainted(),
490 : * but is always NULL terminated.
491 : */
492 1 : const char *print_tainted(void)
493 : {
494 : static char buf[TAINT_FLAGS_COUNT + sizeof("Tainted: ")];
495 :
496 : BUILD_BUG_ON(ARRAY_SIZE(taint_flags) != TAINT_FLAGS_COUNT);
497 :
498 1 : if (tainted_mask) {
499 : char *s;
500 : int i;
501 :
502 0 : s = buf + sprintf(buf, "Tainted: ");
503 0 : for (i = 0; i < TAINT_FLAGS_COUNT; i++) {
504 0 : const struct taint_flag *t = &taint_flags[i];
505 0 : *s++ = test_bit(i, &tainted_mask) ?
506 : t->c_true : t->c_false;
507 : }
508 0 : *s = 0;
509 : } else
510 1 : snprintf(buf, sizeof(buf), "Not tainted");
511 :
512 1 : return buf;
513 : }
514 :
515 0 : int test_taint(unsigned flag)
516 : {
517 0 : return test_bit(flag, &tainted_mask);
518 : }
519 : EXPORT_SYMBOL(test_taint);
520 :
521 0 : unsigned long get_taint(void)
522 : {
523 0 : return tainted_mask;
524 : }
525 :
526 : /**
527 : * add_taint: add a taint flag if not already set.
528 : * @flag: one of the TAINT_* constants.
529 : * @lockdep_ok: whether lock debugging is still OK.
530 : *
531 : * If something bad has gone wrong, you'll want @lockdebug_ok = false, but for
532 : * some notewortht-but-not-corrupting cases, it can be set to true.
533 : */
534 2 : void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
535 : {
536 2 : if (lockdep_ok == LOCKDEP_NOW_UNRELIABLE && __debug_locks_off())
537 0 : pr_warn("Disabling lock debugging due to kernel taint\n");
538 :
539 4 : set_bit(flag, &tainted_mask);
540 :
541 2 : if (tainted_mask & panic_on_taint) {
542 0 : panic_on_taint = 0;
543 0 : panic("panic_on_taint set ...");
544 : }
545 2 : }
546 : EXPORT_SYMBOL(add_taint);
547 :
548 : static void spin_msec(int msecs)
549 : {
550 : int i;
551 :
552 0 : for (i = 0; i < msecs; i++) {
553 0 : touch_nmi_watchdog();
554 0 : mdelay(1);
555 : }
556 : }
557 :
558 : /*
559 : * It just happens that oops_enter() and oops_exit() are identically
560 : * implemented...
561 : */
562 0 : static void do_oops_enter_exit(void)
563 : {
564 : unsigned long flags;
565 : static int spin_counter;
566 :
567 0 : if (!pause_on_oops)
568 : return;
569 :
570 0 : spin_lock_irqsave(&pause_on_oops_lock, flags);
571 0 : if (pause_on_oops_flag == 0) {
572 : /* This CPU may now print the oops message */
573 0 : pause_on_oops_flag = 1;
574 : } else {
575 : /* We need to stall this CPU */
576 0 : if (!spin_counter) {
577 : /* This CPU gets to do the counting */
578 0 : spin_counter = pause_on_oops;
579 : do {
580 : spin_unlock(&pause_on_oops_lock);
581 0 : spin_msec(MSEC_PER_SEC);
582 0 : spin_lock(&pause_on_oops_lock);
583 0 : } while (--spin_counter);
584 0 : pause_on_oops_flag = 0;
585 : } else {
586 : /* This CPU waits for a different one */
587 0 : while (spin_counter) {
588 0 : spin_unlock(&pause_on_oops_lock);
589 0 : spin_msec(1);
590 : spin_lock(&pause_on_oops_lock);
591 : }
592 : }
593 : }
594 : spin_unlock_irqrestore(&pause_on_oops_lock, flags);
595 : }
596 :
597 : /*
598 : * Return true if the calling CPU is allowed to print oops-related info.
599 : * This is a bit racy..
600 : */
601 0 : bool oops_may_print(void)
602 : {
603 0 : return pause_on_oops_flag == 0;
604 : }
605 :
606 : /*
607 : * Called when the architecture enters its oops handler, before it prints
608 : * anything. If this is the first CPU to oops, and it's oopsing the first
609 : * time then let it proceed.
610 : *
611 : * This is all enabled by the pause_on_oops kernel boot option. We do all
612 : * this to ensure that oopses don't scroll off the screen. It has the
613 : * side-effect of preventing later-oopsing CPUs from mucking up the display,
614 : * too.
615 : *
616 : * It turns out that the CPU which is allowed to print ends up pausing for
617 : * the right duration, whereas all the other CPUs pause for twice as long:
618 : * once in oops_enter(), once in oops_exit().
619 : */
620 0 : void oops_enter(void)
621 : {
622 : tracing_off();
623 : /* can't trust the integrity of the kernel anymore: */
624 0 : debug_locks_off();
625 0 : do_oops_enter_exit();
626 :
627 : if (sysctl_oops_all_cpu_backtrace)
628 : trigger_all_cpu_backtrace();
629 0 : }
630 :
631 : static void print_oops_end_marker(void)
632 : {
633 1 : pr_warn("---[ end trace %016llx ]---\n", 0ULL);
634 : }
635 :
636 : /*
637 : * Called when the architecture exits its oops handler, after printing
638 : * everything.
639 : */
640 0 : void oops_exit(void)
641 : {
642 0 : do_oops_enter_exit();
643 : print_oops_end_marker();
644 0 : kmsg_dump(KMSG_DUMP_OOPS);
645 0 : }
646 :
647 : struct warn_args {
648 : const char *fmt;
649 : va_list args;
650 : };
651 :
652 1 : void __warn(const char *file, int line, void *caller, unsigned taint,
653 : struct pt_regs *regs, struct warn_args *args)
654 : {
655 : disable_trace_on_warning();
656 :
657 1 : if (file)
658 1 : pr_warn("WARNING: CPU: %d PID: %d at %s:%d %pS\n",
659 : raw_smp_processor_id(), current->pid, file, line,
660 : caller);
661 : else
662 0 : pr_warn("WARNING: CPU: %d PID: %d at %pS\n",
663 : raw_smp_processor_id(), current->pid, caller);
664 :
665 1 : if (args)
666 1 : vprintk(args->fmt, args->args);
667 :
668 : print_modules();
669 :
670 1 : if (regs)
671 0 : show_regs(regs);
672 :
673 1 : check_panic_on_warn("kernel");
674 :
675 1 : if (!regs)
676 1 : dump_stack();
677 :
678 1 : print_irqtrace_events(current);
679 :
680 : print_oops_end_marker();
681 1 : trace_error_report_end(ERROR_DETECTOR_WARN, (unsigned long)caller);
682 :
683 : /* Just a warning, don't kill lockdep. */
684 1 : add_taint(taint, LOCKDEP_STILL_OK);
685 1 : }
686 :
687 : #ifdef CONFIG_BUG
688 : #ifndef __WARN_FLAGS
689 1 : void warn_slowpath_fmt(const char *file, int line, unsigned taint,
690 : const char *fmt, ...)
691 : {
692 1 : bool rcu = warn_rcu_enter();
693 : struct warn_args args;
694 :
695 1 : pr_warn(CUT_HERE);
696 :
697 1 : if (!fmt) {
698 0 : __warn(file, line, __builtin_return_address(0), taint,
699 : NULL, NULL);
700 0 : return;
701 : }
702 :
703 1 : args.fmt = fmt;
704 1 : va_start(args.args, fmt);
705 1 : __warn(file, line, __builtin_return_address(0), taint, NULL, &args);
706 1 : va_end(args.args);
707 1 : warn_rcu_exit(rcu);
708 : }
709 : EXPORT_SYMBOL(warn_slowpath_fmt);
710 : #else
711 : void __warn_printk(const char *fmt, ...)
712 : {
713 : bool rcu = warn_rcu_enter();
714 : va_list args;
715 :
716 : pr_warn(CUT_HERE);
717 :
718 : va_start(args, fmt);
719 : vprintk(fmt, args);
720 : va_end(args);
721 : warn_rcu_exit(rcu);
722 : }
723 : EXPORT_SYMBOL(__warn_printk);
724 : #endif
725 :
726 : /* Support resetting WARN*_ONCE state */
727 :
728 : static int clear_warn_once_set(void *data, u64 val)
729 : {
730 : generic_bug_clear_once();
731 : memset(__start_once, 0, __end_once - __start_once);
732 : return 0;
733 : }
734 :
735 : DEFINE_DEBUGFS_ATTRIBUTE(clear_warn_once_fops, NULL, clear_warn_once_set,
736 : "%lld\n");
737 :
738 1 : static __init int register_warn_debugfs(void)
739 : {
740 : /* Don't care about failure */
741 1 : debugfs_create_file_unsafe("clear_warn_once", 0200, NULL, NULL,
742 : &clear_warn_once_fops);
743 1 : return 0;
744 : }
745 :
746 : device_initcall(register_warn_debugfs);
747 : #endif
748 :
749 : #ifdef CONFIG_STACKPROTECTOR
750 :
751 : /*
752 : * Called when gcc's -fstack-protector feature is used, and
753 : * gcc detects corruption of the on-stack canary value
754 : */
755 : __visible noinstr void __stack_chk_fail(void)
756 : {
757 : instrumentation_begin();
758 : panic("stack-protector: Kernel stack is corrupted in: %pB",
759 : __builtin_return_address(0));
760 : instrumentation_end();
761 : }
762 : EXPORT_SYMBOL(__stack_chk_fail);
763 :
764 : #endif
765 :
766 : core_param(panic, panic_timeout, int, 0644);
767 : core_param(panic_print, panic_print, ulong, 0644);
768 : core_param(pause_on_oops, pause_on_oops, int, 0644);
769 : core_param(panic_on_warn, panic_on_warn, int, 0644);
770 : core_param(crash_kexec_post_notifiers, crash_kexec_post_notifiers, bool, 0644);
771 :
772 0 : static int __init oops_setup(char *s)
773 : {
774 0 : if (!s)
775 : return -EINVAL;
776 0 : if (!strcmp(s, "panic"))
777 0 : panic_on_oops = 1;
778 : return 0;
779 : }
780 : early_param("oops", oops_setup);
781 :
782 0 : static int __init panic_on_taint_setup(char *s)
783 : {
784 : char *taint_str;
785 :
786 0 : if (!s)
787 : return -EINVAL;
788 :
789 0 : taint_str = strsep(&s, ",");
790 0 : if (kstrtoul(taint_str, 16, &panic_on_taint))
791 : return -EINVAL;
792 :
793 : /* make sure panic_on_taint doesn't hold out-of-range TAINT flags */
794 0 : panic_on_taint &= TAINT_FLAGS_MAX;
795 :
796 0 : if (!panic_on_taint)
797 : return -EINVAL;
798 :
799 0 : if (s && !strcmp(s, "nousertaint"))
800 0 : panic_on_taint_nousertaint = true;
801 :
802 0 : pr_info("panic_on_taint: bitmask=0x%lx nousertaint_mode=%s\n",
803 : panic_on_taint, str_enabled_disabled(panic_on_taint_nousertaint));
804 :
805 0 : return 0;
806 : }
807 : early_param("panic_on_taint", panic_on_taint_setup);
|