LCOV - code coverage report
Current view: top level - kernel - panic.c (source / functions) Hit Total Coverage
Test: landlock.info Lines: 44 220 20.0 %
Date: 2021-04-22 12:43:58 Functions: 7 24 29.2 %

          Line data    Source code
       1             : // SPDX-License-Identifier: GPL-2.0-only
       2             : /*
       3             :  *  linux/kernel/panic.c
       4             :  *
       5             :  *  Copyright (C) 1991, 1992  Linus Torvalds
       6             :  */
       7             : 
       8             : /*
       9             :  * This function is used through-out the kernel (including mm and fs)
      10             :  * to indicate a major problem.
      11             :  */
      12             : #include <linux/debug_locks.h>
      13             : #include <linux/sched/debug.h>
      14             : #include <linux/interrupt.h>
      15             : #include <linux/kgdb.h>
      16             : #include <linux/kmsg_dump.h>
      17             : #include <linux/kallsyms.h>
      18             : #include <linux/notifier.h>
      19             : #include <linux/vt_kern.h>
      20             : #include <linux/module.h>
      21             : #include <linux/random.h>
      22             : #include <linux/ftrace.h>
      23             : #include <linux/reboot.h>
      24             : #include <linux/delay.h>
      25             : #include <linux/kexec.h>
      26             : #include <linux/sched.h>
      27             : #include <linux/sysrq.h>
      28             : #include <linux/init.h>
      29             : #include <linux/nmi.h>
      30             : #include <linux/console.h>
      31             : #include <linux/bug.h>
      32             : #include <linux/ratelimit.h>
      33             : #include <linux/debugfs.h>
      34             : #include <asm/sections.h>
      35             : 
      36             : #define PANIC_TIMER_STEP 100
      37             : #define PANIC_BLINK_SPD 18
      38             : 
      39             : #ifdef CONFIG_SMP
      40             : /*
      41             :  * Should we dump all CPUs backtraces in an oops event?
      42             :  * Defaults to 0, can be changed via sysctl.
      43             :  */
      44             : unsigned int __read_mostly sysctl_oops_all_cpu_backtrace;
      45             : #endif /* CONFIG_SMP */
      46             : 
      47             : int panic_on_oops = CONFIG_PANIC_ON_OOPS_VALUE;
      48             : static unsigned long tainted_mask =
      49             :         IS_ENABLED(CONFIG_GCC_PLUGIN_RANDSTRUCT) ? (1 << TAINT_RANDSTRUCT) : 0;
      50             : static int pause_on_oops;
      51             : static int pause_on_oops_flag;
      52             : static DEFINE_SPINLOCK(pause_on_oops_lock);
      53             : bool crash_kexec_post_notifiers;
      54             : int panic_on_warn __read_mostly;
      55             : unsigned long panic_on_taint;
      56             : bool panic_on_taint_nousertaint = false;
      57             : 
      58             : int panic_timeout = CONFIG_PANIC_TIMEOUT;
      59             : EXPORT_SYMBOL_GPL(panic_timeout);
      60             : 
      61             : #define PANIC_PRINT_TASK_INFO           0x00000001
      62             : #define PANIC_PRINT_MEM_INFO            0x00000002
      63             : #define PANIC_PRINT_TIMER_INFO          0x00000004
      64             : #define PANIC_PRINT_LOCK_INFO           0x00000008
      65             : #define PANIC_PRINT_FTRACE_INFO         0x00000010
      66             : #define PANIC_PRINT_ALL_PRINTK_MSG      0x00000020
      67             : unsigned long panic_print;
      68             : 
      69             : ATOMIC_NOTIFIER_HEAD(panic_notifier_list);
      70             : 
      71             : EXPORT_SYMBOL(panic_notifier_list);
      72             : 
      73           0 : static long no_blink(int state)
      74             : {
      75           0 :         return 0;
      76             : }
      77             : 
      78             : /* Returns how long it waited in ms */
      79             : long (*panic_blink)(int state);
      80             : EXPORT_SYMBOL(panic_blink);
      81             : 
      82             : /*
      83             :  * Stop ourself in panic -- architecture code may override this
      84             :  */
      85           0 : void __weak panic_smp_self_stop(void)
      86             : {
      87           0 :         while (1)
      88           0 :                 cpu_relax();
      89             : }
      90             : 
      91             : /*
      92             :  * Stop ourselves in NMI context if another CPU has already panicked. Arch code
      93             :  * may override this to prepare for crash dumping, e.g. save regs info.
      94             :  */
      95           0 : void __weak nmi_panic_self_stop(struct pt_regs *regs)
      96             : {
      97           0 :         panic_smp_self_stop();
      98           0 : }
      99             : 
     100             : /*
     101             :  * Stop other CPUs in panic.  Architecture dependent code may override this
     102             :  * with more suitable version.  For example, if the architecture supports
     103             :  * crash dump, it should save registers of each stopped CPU and disable
     104             :  * per-CPU features such as virtualization extensions.
     105             :  */
     106           0 : void __weak crash_smp_send_stop(void)
     107             : {
     108           0 :         static int cpus_stopped;
     109             : 
     110             :         /*
     111             :          * This function can be called twice in panic path, but obviously
     112             :          * we execute this only once.
     113             :          */
     114           0 :         if (cpus_stopped)
     115             :                 return;
     116             : 
     117             :         /*
     118             :          * Note smp_send_stop is the usual smp shutdown function, which
     119             :          * unfortunately means it may not be hardened to work in a panic
     120             :          * situation.
     121             :          */
     122           0 :         smp_send_stop();
     123           0 :         cpus_stopped = 1;
     124             : }
     125             : 
     126             : atomic_t panic_cpu = ATOMIC_INIT(PANIC_CPU_INVALID);
     127             : 
     128             : /*
     129             :  * A variant of panic() called from NMI context. We return if we've already
     130             :  * panicked on this CPU. If another CPU already panicked, loop in
     131             :  * nmi_panic_self_stop() which can provide architecture dependent code such
     132             :  * as saving register state for crash dump.
     133             :  */
     134           0 : void nmi_panic(struct pt_regs *regs, const char *msg)
     135             : {
     136           0 :         int old_cpu, cpu;
     137             : 
     138           0 :         cpu = raw_smp_processor_id();
     139           0 :         old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, cpu);
     140             : 
     141           0 :         if (old_cpu == PANIC_CPU_INVALID)
     142           0 :                 panic("%s", msg);
     143           0 :         else if (old_cpu != cpu)
     144           0 :                 nmi_panic_self_stop(regs);
     145           0 : }
     146             : EXPORT_SYMBOL(nmi_panic);
     147             : 
     148           0 : static void panic_print_sys_info(void)
     149             : {
     150           0 :         if (panic_print & PANIC_PRINT_ALL_PRINTK_MSG)
     151           0 :                 console_flush_on_panic(CONSOLE_REPLAY_ALL);
     152             : 
     153           0 :         if (panic_print & PANIC_PRINT_TASK_INFO)
     154           0 :                 show_state();
     155             : 
     156           0 :         if (panic_print & PANIC_PRINT_MEM_INFO)
     157           0 :                 show_mem(0, NULL);
     158             : 
     159           0 :         if (panic_print & PANIC_PRINT_TIMER_INFO)
     160           0 :                 sysrq_timer_list_show();
     161             : 
     162           0 :         if (panic_print & PANIC_PRINT_LOCK_INFO)
     163           0 :                 debug_show_all_locks();
     164             : 
     165           0 :         if (panic_print & PANIC_PRINT_FTRACE_INFO)
     166           0 :                 ftrace_dump(DUMP_ALL);
     167           0 : }
     168             : 
     169             : /**
     170             :  *      panic - halt the system
     171             :  *      @fmt: The text string to print
     172             :  *
     173             :  *      Display a message, then perform cleanups.
     174             :  *
     175             :  *      This function never returns.
     176             :  */
     177           0 : void panic(const char *fmt, ...)
     178             : {
     179           0 :         static char buf[1024];
     180           0 :         va_list args;
     181           0 :         long i, i_next = 0, len;
     182           0 :         int state = 0;
     183           0 :         int old_cpu, this_cpu;
     184           0 :         bool _crash_kexec_post_notifiers = crash_kexec_post_notifiers;
     185             : 
     186             :         /*
     187             :          * Disable local interrupts. This will prevent panic_smp_self_stop
     188             :          * from deadlocking the first cpu that invokes the panic, since
     189             :          * there is nothing to prevent an interrupt handler (that runs
     190             :          * after setting panic_cpu) from invoking panic() again.
     191             :          */
     192           0 :         local_irq_disable();
     193           0 :         preempt_disable_notrace();
     194             : 
     195             :         /*
     196             :          * It's possible to come here directly from a panic-assertion and
     197             :          * not have preempt disabled. Some functions called from here want
     198             :          * preempt to be disabled. No point enabling it later though...
     199             :          *
     200             :          * Only one CPU is allowed to execute the panic code from here. For
     201             :          * multiple parallel invocations of panic, all other CPUs either
     202             :          * stop themself or will wait until they are stopped by the 1st CPU
     203             :          * with smp_send_stop().
     204             :          *
     205             :          * `old_cpu == PANIC_CPU_INVALID' means this is the 1st CPU which
     206             :          * comes here, so go ahead.
     207             :          * `old_cpu == this_cpu' means we came from nmi_panic() which sets
     208             :          * panic_cpu to this CPU.  In this case, this is also the 1st CPU.
     209             :          */
     210           0 :         this_cpu = raw_smp_processor_id();
     211           0 :         old_cpu  = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);
     212             : 
     213           0 :         if (old_cpu != PANIC_CPU_INVALID && old_cpu != this_cpu)
     214           0 :                 panic_smp_self_stop();
     215             : 
     216           0 :         console_verbose();
     217           0 :         bust_spinlocks(1);
     218           0 :         va_start(args, fmt);
     219           0 :         len = vscnprintf(buf, sizeof(buf), fmt, args);
     220           0 :         va_end(args);
     221             : 
     222           0 :         if (len && buf[len - 1] == '\n')
     223           0 :                 buf[len - 1] = '\0';
     224             : 
     225           0 :         pr_emerg("Kernel panic - not syncing: %s\n", buf);
     226             : #ifdef CONFIG_DEBUG_BUGVERBOSE
     227             :         /*
     228             :          * Avoid nested stack-dumping if a panic occurs during oops processing
     229             :          */
     230           0 :         if (!test_taint(TAINT_DIE) && oops_in_progress <= 1)
     231           0 :                 dump_stack();
     232             : #endif
     233             : 
     234             :         /*
     235             :          * If kgdb is enabled, give it a chance to run before we stop all
     236             :          * the other CPUs or else we won't be able to debug processes left
     237             :          * running on them.
     238             :          */
     239           0 :         kgdb_panic(buf);
     240             : 
     241             :         /*
     242             :          * If we have crashed and we have a crash kernel loaded let it handle
     243             :          * everything else.
     244             :          * If we want to run this after calling panic_notifiers, pass
     245             :          * the "crash_kexec_post_notifiers" option to the kernel.
     246             :          *
     247             :          * Bypass the panic_cpu check and call __crash_kexec directly.
     248             :          */
     249           0 :         if (!_crash_kexec_post_notifiers) {
     250           0 :                 printk_safe_flush_on_panic();
     251           0 :                 __crash_kexec(NULL);
     252             : 
     253             :                 /*
     254             :                  * Note smp_send_stop is the usual smp shutdown function, which
     255             :                  * unfortunately means it may not be hardened to work in a
     256             :                  * panic situation.
     257             :                  */
     258           0 :                 smp_send_stop();
     259             :         } else {
     260             :                 /*
     261             :                  * If we want to do crash dump after notifier calls and
     262             :                  * kmsg_dump, we will need architecture dependent extra
     263             :                  * works in addition to stopping other CPUs.
     264             :                  */
     265           0 :                 crash_smp_send_stop();
     266             :         }
     267             : 
     268             :         /*
     269             :          * Run any panic handlers, including those that might need to
     270             :          * add information to the kmsg dump output.
     271             :          */
     272           0 :         atomic_notifier_call_chain(&panic_notifier_list, 0, buf);
     273             : 
     274             :         /* Call flush even twice. It tries harder with a single online CPU */
     275           0 :         printk_safe_flush_on_panic();
     276           0 :         kmsg_dump(KMSG_DUMP_PANIC);
     277             : 
     278             :         /*
     279             :          * If you doubt kdump always works fine in any situation,
     280             :          * "crash_kexec_post_notifiers" offers you a chance to run
     281             :          * panic_notifiers and dumping kmsg before kdump.
     282             :          * Note: since some panic_notifiers can make crashed kernel
     283             :          * more unstable, it can increase risks of the kdump failure too.
     284             :          *
     285             :          * Bypass the panic_cpu check and call __crash_kexec directly.
     286             :          */
     287           0 :         if (_crash_kexec_post_notifiers)
     288           0 :                 __crash_kexec(NULL);
     289             : 
     290             : #ifdef CONFIG_VT
     291           0 :         unblank_screen();
     292             : #endif
     293           0 :         console_unblank();
     294             : 
     295             :         /*
     296             :          * We may have ended up stopping the CPU holding the lock (in
     297             :          * smp_send_stop()) while still having some valuable data in the console
     298             :          * buffer.  Try to acquire the lock then release it regardless of the
     299             :          * result.  The release will also print the buffers out.  Locks debug
     300             :          * should be disabled to avoid reporting bad unlock balance when
     301             :          * panic() is not being callled from OOPS.
     302             :          */
     303           0 :         debug_locks_off();
     304           0 :         console_flush_on_panic(CONSOLE_FLUSH_PENDING);
     305             : 
     306           0 :         panic_print_sys_info();
     307             : 
     308           0 :         if (!panic_blink)
     309           0 :                 panic_blink = no_blink;
     310             : 
     311           0 :         if (panic_timeout > 0) {
     312             :                 /*
     313             :                  * Delay timeout seconds before rebooting the machine.
     314             :                  * We can't use the "normal" timers since we just panicked.
     315             :                  */
     316           0 :                 pr_emerg("Rebooting in %d seconds..\n", panic_timeout);
     317             : 
     318           0 :                 for (i = 0; i < panic_timeout * 1000; i += PANIC_TIMER_STEP) {
     319           0 :                         touch_nmi_watchdog();
     320           0 :                         if (i >= i_next) {
     321           0 :                                 i += panic_blink(state ^= 1);
     322           0 :                                 i_next = i + 3600 / PANIC_BLINK_SPD;
     323             :                         }
     324           0 :                         mdelay(PANIC_TIMER_STEP);
     325             :                 }
     326             :         }
     327           0 :         if (panic_timeout != 0) {
     328             :                 /*
     329             :                  * This will not be a clean reboot, with everything
     330             :                  * shutting down.  But if there is a chance of
     331             :                  * rebooting the system it will be rebooted.
     332             :                  */
     333           0 :                 if (panic_reboot_mode != REBOOT_UNDEFINED)
     334           0 :                         reboot_mode = panic_reboot_mode;
     335           0 :                 emergency_restart();
     336             :         }
     337             : #ifdef __sparc__
     338             :         {
     339             :                 extern int stop_a_enabled;
     340             :                 /* Make sure the user can actually press Stop-A (L1-A) */
     341             :                 stop_a_enabled = 1;
     342             :                 pr_emerg("Press Stop-A (L1-A) from sun keyboard or send break\n"
     343             :                          "twice on console to return to the boot prom\n");
     344             :         }
     345             : #endif
     346             : #if defined(CONFIG_S390)
     347             :         disabled_wait();
     348             : #endif
     349           0 :         pr_emerg("---[ end Kernel panic - not syncing: %s ]---\n", buf);
     350             : 
     351             :         /* Do not scroll important messages printed above */
     352           0 :         suppress_printk = 1;
     353           0 :         local_irq_enable();
     354           0 :         for (i = 0; ; i += PANIC_TIMER_STEP) {
     355           0 :                 touch_softlockup_watchdog();
     356           0 :                 if (i >= i_next) {
     357           0 :                         i += panic_blink(state ^= 1);
     358           0 :                         i_next = i + 3600 / PANIC_BLINK_SPD;
     359             :                 }
     360           0 :                 mdelay(PANIC_TIMER_STEP);
     361             :         }
     362             : }
     363             : 
     364             : EXPORT_SYMBOL(panic);
     365             : 
     366             : /*
     367             :  * TAINT_FORCED_RMMOD could be a per-module flag but the module
     368             :  * is being removed anyway.
     369             :  */
     370             : const struct taint_flag taint_flags[TAINT_FLAGS_COUNT] = {
     371             :         [ TAINT_PROPRIETARY_MODULE ]    = { 'P', 'G', true },
     372             :         [ TAINT_FORCED_MODULE ]         = { 'F', ' ', true },
     373             :         [ TAINT_CPU_OUT_OF_SPEC ]       = { 'S', ' ', false },
     374             :         [ TAINT_FORCED_RMMOD ]          = { 'R', ' ', false },
     375             :         [ TAINT_MACHINE_CHECK ]         = { 'M', ' ', false },
     376             :         [ TAINT_BAD_PAGE ]              = { 'B', ' ', false },
     377             :         [ TAINT_USER ]                  = { 'U', ' ', false },
     378             :         [ TAINT_DIE ]                   = { 'D', ' ', false },
     379             :         [ TAINT_OVERRIDDEN_ACPI_TABLE ] = { 'A', ' ', false },
     380             :         [ TAINT_WARN ]                  = { 'W', ' ', false },
     381             :         [ TAINT_CRAP ]                  = { 'C', ' ', true },
     382             :         [ TAINT_FIRMWARE_WORKAROUND ]   = { 'I', ' ', false },
     383             :         [ TAINT_OOT_MODULE ]            = { 'O', ' ', true },
     384             :         [ TAINT_UNSIGNED_MODULE ]       = { 'E', ' ', true },
     385             :         [ TAINT_SOFTLOCKUP ]            = { 'L', ' ', false },
     386             :         [ TAINT_LIVEPATCH ]             = { 'K', ' ', true },
     387             :         [ TAINT_AUX ]                   = { 'X', ' ', true },
     388             :         [ TAINT_RANDSTRUCT ]            = { 'T', ' ', true },
     389             : };
     390             : 
     391             : /**
     392             :  * print_tainted - return a string to represent the kernel taint state.
     393             :  *
     394             :  * For individual taint flag meanings, see Documentation/admin-guide/sysctl/kernel.rst
     395             :  *
     396             :  * The string is overwritten by the next call to print_tainted(),
     397             :  * but is always NULL terminated.
     398             :  */
     399           1 : const char *print_tainted(void)
     400             : {
     401           1 :         static char buf[TAINT_FLAGS_COUNT + sizeof("Tainted: ")];
     402             : 
     403           1 :         BUILD_BUG_ON(ARRAY_SIZE(taint_flags) != TAINT_FLAGS_COUNT);
     404             : 
     405           1 :         if (tainted_mask) {
     406           0 :                 char *s;
     407           0 :                 int i;
     408             : 
     409           0 :                 s = buf + sprintf(buf, "Tainted: ");
     410           0 :                 for (i = 0; i < TAINT_FLAGS_COUNT; i++) {
     411           0 :                         const struct taint_flag *t = &taint_flags[i];
     412           0 :                         *s++ = test_bit(i, &tainted_mask) ?
     413             :                                         t->c_true : t->c_false;
     414             :                 }
     415           0 :                 *s = 0;
     416             :         } else
     417           1 :                 snprintf(buf, sizeof(buf), "Not tainted");
     418             : 
     419           1 :         return buf;
     420             : }
     421             : 
     422           0 : int test_taint(unsigned flag)
     423             : {
     424           0 :         return test_bit(flag, &tainted_mask);
     425             : }
     426             : EXPORT_SYMBOL(test_taint);
     427             : 
     428           0 : unsigned long get_taint(void)
     429             : {
     430           0 :         return tainted_mask;
     431             : }
     432             : 
     433             : /**
     434             :  * add_taint: add a taint flag if not already set.
     435             :  * @flag: one of the TAINT_* constants.
     436             :  * @lockdep_ok: whether lock debugging is still OK.
     437             :  *
     438             :  * If something bad has gone wrong, you'll want @lockdebug_ok = false, but for
     439             :  * some notewortht-but-not-corrupting cases, it can be set to true.
     440             :  */
     441           1 : void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
     442             : {
     443           1 :         if (lockdep_ok == LOCKDEP_NOW_UNRELIABLE && __debug_locks_off())
     444           0 :                 pr_warn("Disabling lock debugging due to kernel taint\n");
     445             : 
     446           1 :         set_bit(flag, &tainted_mask);
     447             : 
     448           1 :         if (tainted_mask & panic_on_taint) {
     449           0 :                 panic_on_taint = 0;
     450           0 :                 panic("panic_on_taint set ...");
     451             :         }
     452           1 : }
     453             : EXPORT_SYMBOL(add_taint);
     454             : 
     455           0 : static void spin_msec(int msecs)
     456             : {
     457           0 :         int i;
     458             : 
     459           0 :         for (i = 0; i < msecs; i++) {
     460           0 :                 touch_nmi_watchdog();
     461           0 :                 mdelay(1);
     462             :         }
     463             : }
     464             : 
     465             : /*
     466             :  * It just happens that oops_enter() and oops_exit() are identically
     467             :  * implemented...
     468             :  */
     469           0 : static void do_oops_enter_exit(void)
     470             : {
     471           0 :         unsigned long flags;
     472           0 :         static int spin_counter;
     473             : 
     474           0 :         if (!pause_on_oops)
     475             :                 return;
     476             : 
     477           0 :         spin_lock_irqsave(&pause_on_oops_lock, flags);
     478           0 :         if (pause_on_oops_flag == 0) {
     479             :                 /* This CPU may now print the oops message */
     480           0 :                 pause_on_oops_flag = 1;
     481             :         } else {
     482             :                 /* We need to stall this CPU */
     483           0 :                 if (!spin_counter) {
     484             :                         /* This CPU gets to do the counting */
     485           0 :                         spin_counter = pause_on_oops;
     486           0 :                         do {
     487           0 :                                 spin_unlock(&pause_on_oops_lock);
     488           0 :                                 spin_msec(MSEC_PER_SEC);
     489           0 :                                 spin_lock(&pause_on_oops_lock);
     490           0 :                         } while (--spin_counter);
     491           0 :                         pause_on_oops_flag = 0;
     492             :                 } else {
     493             :                         /* This CPU waits for a different one */
     494           0 :                         while (spin_counter) {
     495           0 :                                 spin_unlock(&pause_on_oops_lock);
     496           0 :                                 spin_msec(1);
     497           0 :                                 spin_lock(&pause_on_oops_lock);
     498             :                         }
     499             :                 }
     500             :         }
     501           0 :         spin_unlock_irqrestore(&pause_on_oops_lock, flags);
     502             : }
     503             : 
     504             : /*
     505             :  * Return true if the calling CPU is allowed to print oops-related info.
     506             :  * This is a bit racy..
     507             :  */
     508           0 : bool oops_may_print(void)
     509             : {
     510           0 :         return pause_on_oops_flag == 0;
     511             : }
     512             : 
     513             : /*
     514             :  * Called when the architecture enters its oops handler, before it prints
     515             :  * anything.  If this is the first CPU to oops, and it's oopsing the first
     516             :  * time then let it proceed.
     517             :  *
     518             :  * This is all enabled by the pause_on_oops kernel boot option.  We do all
     519             :  * this to ensure that oopses don't scroll off the screen.  It has the
     520             :  * side-effect of preventing later-oopsing CPUs from mucking up the display,
     521             :  * too.
     522             :  *
     523             :  * It turns out that the CPU which is allowed to print ends up pausing for
     524             :  * the right duration, whereas all the other CPUs pause for twice as long:
     525             :  * once in oops_enter(), once in oops_exit().
     526             :  */
     527           0 : void oops_enter(void)
     528             : {
     529           0 :         tracing_off();
     530             :         /* can't trust the integrity of the kernel anymore: */
     531           0 :         debug_locks_off();
     532           0 :         do_oops_enter_exit();
     533             : 
     534           0 :         if (sysctl_oops_all_cpu_backtrace)
     535           0 :                 trigger_all_cpu_backtrace();
     536           0 : }
     537             : 
     538             : /*
     539             :  * 64-bit random ID for oopses:
     540             :  */
     541             : static u64 oops_id;
     542             : 
     543           2 : static int init_oops_id(void)
     544             : {
     545           2 :         if (!oops_id)
     546           1 :                 get_random_bytes(&oops_id, sizeof(oops_id));
     547             :         else
     548           1 :                 oops_id++;
     549             : 
     550           2 :         return 0;
     551             : }
     552             : late_initcall(init_oops_id);
     553             : 
     554           1 : static void print_oops_end_marker(void)
     555             : {
     556           1 :         init_oops_id();
     557           1 :         pr_warn("---[ end trace %016llx ]---\n", (unsigned long long)oops_id);
     558           1 : }
     559             : 
     560             : /*
     561             :  * Called when the architecture exits its oops handler, after printing
     562             :  * everything.
     563             :  */
     564           0 : void oops_exit(void)
     565             : {
     566           0 :         do_oops_enter_exit();
     567           0 :         print_oops_end_marker();
     568           0 :         kmsg_dump(KMSG_DUMP_OOPS);
     569           0 : }
     570             : 
     571             : struct warn_args {
     572             :         const char *fmt;
     573             :         va_list args;
     574             : };
     575             : 
     576           1 : void __warn(const char *file, int line, void *caller, unsigned taint,
     577             :             struct pt_regs *regs, struct warn_args *args)
     578             : {
     579           1 :         disable_trace_on_warning();
     580             : 
     581           1 :         if (file)
     582           1 :                 pr_warn("WARNING: CPU: %d PID: %d at %s:%d %pS\n",
     583             :                         raw_smp_processor_id(), current->pid, file, line,
     584             :                         caller);
     585             :         else
     586           0 :                 pr_warn("WARNING: CPU: %d PID: %d at %pS\n",
     587             :                         raw_smp_processor_id(), current->pid, caller);
     588             : 
     589           1 :         if (args)
     590           0 :                 vprintk(args->fmt, args->args);
     591             : 
     592           1 :         print_modules();
     593             : 
     594           1 :         if (regs)
     595           1 :                 show_regs(regs);
     596             : 
     597           1 :         if (panic_on_warn) {
     598             :                 /*
     599             :                  * This thread may hit another WARN() in the panic path.
     600             :                  * Resetting this prevents additional WARN() from panicking the
     601             :                  * system on this thread.  Other threads are blocked by the
     602             :                  * panic_mutex in panic().
     603             :                  */
     604           0 :                 panic_on_warn = 0;
     605           0 :                 panic("panic_on_warn set ...\n");
     606             :         }
     607             : 
     608           1 :         if (!regs)
     609           0 :                 dump_stack();
     610             : 
     611           1 :         print_irqtrace_events(current);
     612             : 
     613           1 :         print_oops_end_marker();
     614             : 
     615             :         /* Just a warning, don't kill lockdep. */
     616           1 :         add_taint(taint, LOCKDEP_STILL_OK);
     617           1 : }
     618             : 
     619             : #ifndef __WARN_FLAGS
     620             : void warn_slowpath_fmt(const char *file, int line, unsigned taint,
     621             :                        const char *fmt, ...)
     622             : {
     623             :         struct warn_args args;
     624             : 
     625             :         pr_warn(CUT_HERE);
     626             : 
     627             :         if (!fmt) {
     628             :                 __warn(file, line, __builtin_return_address(0), taint,
     629             :                        NULL, NULL);
     630             :                 return;
     631             :         }
     632             : 
     633             :         args.fmt = fmt;
     634             :         va_start(args.args, fmt);
     635             :         __warn(file, line, __builtin_return_address(0), taint, NULL, &args);
     636             :         va_end(args.args);
     637             : }
     638             : EXPORT_SYMBOL(warn_slowpath_fmt);
     639             : #else
     640           1 : void __warn_printk(const char *fmt, ...)
     641             : {
     642           1 :         va_list args;
     643             : 
     644           1 :         pr_warn(CUT_HERE);
     645             : 
     646           1 :         va_start(args, fmt);
     647           1 :         vprintk(fmt, args);
     648           1 :         va_end(args);
     649           1 : }
     650             : EXPORT_SYMBOL(__warn_printk);
     651             : #endif
     652             : 
     653             : #ifdef CONFIG_BUG
     654             : 
     655             : /* Support resetting WARN*_ONCE state */
     656             : 
     657           0 : static int clear_warn_once_set(void *data, u64 val)
     658             : {
     659           0 :         generic_bug_clear_once();
     660           0 :         memset(__start_once, 0, __end_once - __start_once);
     661           0 :         return 0;
     662             : }
     663             : 
     664           0 : DEFINE_DEBUGFS_ATTRIBUTE(clear_warn_once_fops, NULL, clear_warn_once_set,
     665             :                          "%lld\n");
     666             : 
     667           1 : static __init int register_warn_debugfs(void)
     668             : {
     669             :         /* Don't care about failure */
     670           1 :         debugfs_create_file_unsafe("clear_warn_once", 0200, NULL, NULL,
     671             :                                    &clear_warn_once_fops);
     672           1 :         return 0;
     673             : }
     674             : 
     675             : device_initcall(register_warn_debugfs);
     676             : #endif
     677             : 
     678             : #ifdef CONFIG_STACKPROTECTOR
     679             : 
     680             : /*
     681             :  * Called when gcc's -fstack-protector feature is used, and
     682             :  * gcc detects corruption of the on-stack canary value
     683             :  */
     684             : __visible noinstr void __stack_chk_fail(void)
     685             : {
     686             :         instrumentation_begin();
     687             :         panic("stack-protector: Kernel stack is corrupted in: %pB",
     688             :                 __builtin_return_address(0));
     689             :         instrumentation_end();
     690             : }
     691             : EXPORT_SYMBOL(__stack_chk_fail);
     692             : 
     693             : #endif
     694             : 
     695             : core_param(panic, panic_timeout, int, 0644);
     696             : core_param(panic_print, panic_print, ulong, 0644);
     697             : core_param(pause_on_oops, pause_on_oops, int, 0644);
     698             : core_param(panic_on_warn, panic_on_warn, int, 0644);
     699             : core_param(crash_kexec_post_notifiers, crash_kexec_post_notifiers, bool, 0644);
     700             : 
     701           0 : static int __init oops_setup(char *s)
     702             : {
     703           0 :         if (!s)
     704             :                 return -EINVAL;
     705           0 :         if (!strcmp(s, "panic"))
     706           0 :                 panic_on_oops = 1;
     707             :         return 0;
     708             : }
     709             : early_param("oops", oops_setup);
     710             : 
     711           0 : static int __init panic_on_taint_setup(char *s)
     712             : {
     713           0 :         char *taint_str;
     714             : 
     715           0 :         if (!s)
     716             :                 return -EINVAL;
     717             : 
     718           0 :         taint_str = strsep(&s, ",");
     719           0 :         if (kstrtoul(taint_str, 16, &panic_on_taint))
     720             :                 return -EINVAL;
     721             : 
     722             :         /* make sure panic_on_taint doesn't hold out-of-range TAINT flags */
     723           0 :         panic_on_taint &= TAINT_FLAGS_MAX;
     724             : 
     725           0 :         if (!panic_on_taint)
     726             :                 return -EINVAL;
     727             : 
     728           0 :         if (s && !strcmp(s, "nousertaint"))
     729           0 :                 panic_on_taint_nousertaint = true;
     730             : 
     731           0 :         pr_info("panic_on_taint: bitmask=0x%lx nousertaint_mode=%sabled\n",
     732             :                 panic_on_taint, panic_on_taint_nousertaint ? "en" : "dis");
     733             : 
     734           0 :         return 0;
     735             : }
     736             : early_param("panic_on_taint", panic_on_taint_setup);

Generated by: LCOV version 1.14