Merge tag 'mm-nonmm-stable-2023-02-20-15-29' of git://git.kernel.org/pub/scm/linux...

[thirdparty/linux.git] / kernel / kexec_core.c
diff --git a/kernel/kexec_core.c b/kernel/kexec_core.c

index b1cf259854ca1ede3bab5ea04238d939b5f20028..3d578c6fefee385527a4fded25d50826f322dbdb 100644 (file)
--- a/kernel/kexec_core.c
+++ b/kernel/kexec_core.c
@@ -921,10 +921,64 @@ int kimage_load_segment(struct kimage *image,
         return result;
  }
  
+struct kexec_load_limit {
+       /* Mutex protects the limit count. */
+       struct mutex mutex;
+       int limit;
+};
+
+static struct kexec_load_limit load_limit_reboot = {
+       .mutex = __MUTEX_INITIALIZER(load_limit_reboot.mutex),
+       .limit = -1,
+};
+
+static struct kexec_load_limit load_limit_panic = {
+       .mutex = __MUTEX_INITIALIZER(load_limit_panic.mutex),
+       .limit = -1,
+};
+
  struct kimage *kexec_image;
  struct kimage *kexec_crash_image;
-int kexec_load_disabled;
+static int kexec_load_disabled;
+
  #ifdef CONFIG_SYSCTL
+static int kexec_limit_handler(struct ctl_table *table, int write,
+                              void *buffer, size_t *lenp, loff_t *ppos)
+{
+       struct kexec_load_limit *limit = table->data;
+       int val;
+       struct ctl_table tmp = {
+               .data = &val,
+               .maxlen = sizeof(val),
+               .mode = table->mode,
+       };
+       int ret;
+
+       if (write) {
+               ret = proc_dointvec(&tmp, write, buffer, lenp, ppos);
+               if (ret)
+                       return ret;
+
+               if (val < 0)
+                       return -EINVAL;
+
+               mutex_lock(&limit->mutex);
+               if (limit->limit != -1 && val >= limit->limit)
+                       ret = -EINVAL;
+               else
+                       limit->limit = val;
+               mutex_unlock(&limit->mutex);
+
+               return ret;
+       }
+
+       mutex_lock(&limit->mutex);
+       val = limit->limit;
+       mutex_unlock(&limit->mutex);
+
+       return proc_dointvec(&tmp, write, buffer, lenp, ppos);
+}
+
  static struct ctl_table kexec_core_sysctls[] = {
         {
                 .procname       = "kexec_load_disabled",
@@ -936,6 +990,18 @@ static struct ctl_table kexec_core_sysctls[] = {
                 .extra1         = SYSCTL_ONE,
                 .extra2         = SYSCTL_ONE,
         },
+       {
+               .procname       = "kexec_load_limit_panic",
+               .data           = &load_limit_panic,
+               .mode           = 0644,
+               .proc_handler   = kexec_limit_handler,
+       },
+       {
+               .procname       = "kexec_load_limit_reboot",
+               .data           = &load_limit_reboot,
+               .mode           = 0644,
+               .proc_handler   = kexec_limit_handler,
+       },
         { }
  };
  
@@ -947,6 +1013,32 @@ static int __init kexec_core_sysctl_init(void)
  late_initcall(kexec_core_sysctl_init);
  #endif
  
+bool kexec_load_permitted(int kexec_image_type)
+{
+       struct kexec_load_limit *limit;
+
+       /*
+        * Only the superuser can use the kexec syscall and if it has not
+        * been disabled.
+        */
+       if (!capable(CAP_SYS_BOOT) || kexec_load_disabled)
+               return false;
+
+       /* Check limit counter and decrease it.*/
+       limit = (kexec_image_type == KEXEC_TYPE_CRASH) ?
+               &load_limit_panic : &load_limit_reboot;
+       mutex_lock(&limit->mutex);
+       if (!limit->limit) {
+               mutex_unlock(&limit->mutex);
+               return false;
+       }
+       if (limit->limit != -1)
+               limit->limit--;
+       mutex_unlock(&limit->mutex);
+
+       return true;
+}
+
  /*
   * No panic_cpu check version of crash_kexec().  This function is called
   * only when panic_cpu holds the current CPU number; this is the only CPU