1 // SPDX-License-Identifier: GPL-2.0-only
2 #include <linux/kdebug.h>
3 #include <linux/kprobes.h>
4 #include <linux/export.h>
5 #include <linux/notifier.h>
6 #include <linux/rcupdate.h>
7 #include <linux/vmalloc.h>
8 #include <linux/reboot.h>
9 
10 /*
11  *	Notifier list for kernel code which wants to be called
12  *	at shutdown. This is used to stop any idling DMA operations
13  *	and the like.
14  */
15 BLOCKING_NOTIFIER_HEAD(reboot_notifier_list);
16 
17 /*
18  *	Notifier chain core routines.  The exported routines below
19  *	are layered on top of these, with appropriate locking added.
20  */
21 
notifier_chain_register(struct notifier_block ** nl,struct notifier_block * n)22 static int notifier_chain_register(struct notifier_block **nl,
23 		struct notifier_block *n)
24 {
25 	while ((*nl) != NULL) {
26 		WARN_ONCE(((*nl) == n), "double register detected");
27 		if (n->priority > (*nl)->priority)
28 			break;
29 		nl = &((*nl)->next);
30 	}
31 	n->next = *nl;
32 	rcu_assign_pointer(*nl, n);
33 	return 0;
34 }
35 
notifier_chain_cond_register(struct notifier_block ** nl,struct notifier_block * n)36 static int notifier_chain_cond_register(struct notifier_block **nl,
37 		struct notifier_block *n)
38 {
39 	while ((*nl) != NULL) {
40 		if ((*nl) == n)
41 			return 0;
42 		if (n->priority > (*nl)->priority)
43 			break;
44 		nl = &((*nl)->next);
45 	}
46 	n->next = *nl;
47 	rcu_assign_pointer(*nl, n);
48 	return 0;
49 }
50 
notifier_chain_unregister(struct notifier_block ** nl,struct notifier_block * n)51 static int notifier_chain_unregister(struct notifier_block **nl,
52 		struct notifier_block *n)
53 {
54 	while ((*nl) != NULL) {
55 		if ((*nl) == n) {
56 			rcu_assign_pointer(*nl, n->next);
57 			return 0;
58 		}
59 		nl = &((*nl)->next);
60 	}
61 	return -ENOENT;
62 }
63 
64 /**
65  * notifier_call_chain - Informs the registered notifiers about an event.
66  *	@nl:		Pointer to head of the blocking notifier chain
67  *	@val:		Value passed unmodified to notifier function
68  *	@v:		Pointer passed unmodified to notifier function
69  *	@nr_to_call:	Number of notifier functions to be called. Don't care
70  *			value of this parameter is -1.
71  *	@nr_calls:	Records the number of notifications sent. Don't care
72  *			value of this field is NULL.
73  *	@returns:	notifier_call_chain returns the value returned by the
74  *			last notifier function called.
75  */
notifier_call_chain(struct notifier_block ** nl,unsigned long val,void * v,int nr_to_call,int * nr_calls)76 static int notifier_call_chain(struct notifier_block **nl,
77 			       unsigned long val, void *v,
78 			       int nr_to_call, int *nr_calls)
79 {
80 	int ret = NOTIFY_DONE;
81 	struct notifier_block *nb, *next_nb;
82 
83 	nb = rcu_dereference_raw(*nl);
84 
85 	while (nb && nr_to_call) {
86 		next_nb = rcu_dereference_raw(nb->next);
87 
88 #ifdef CONFIG_DEBUG_NOTIFIERS
89 		if (unlikely(!func_ptr_is_kernel_text(nb->notifier_call))) {
90 			WARN(1, "Invalid notifier called!");
91 			nb = next_nb;
92 			continue;
93 		}
94 #endif
95 		ret = nb->notifier_call(nb, val, v);
96 
97 		if (nr_calls)
98 			(*nr_calls)++;
99 
100 		if (ret & NOTIFY_STOP_MASK)
101 			break;
102 		nb = next_nb;
103 		nr_to_call--;
104 	}
105 	return ret;
106 }
107 NOKPROBE_SYMBOL(notifier_call_chain);
108 
109 /*
110  *	Atomic notifier chain routines.  Registration and unregistration
111  *	use a spinlock, and call_chain is synchronized by RCU (no locks).
112  */
113 
114 /**
115  *	atomic_notifier_chain_register - Add notifier to an atomic notifier chain
116  *	@nh: Pointer to head of the atomic notifier chain
117  *	@n: New entry in notifier chain
118  *
119  *	Adds a notifier to an atomic notifier chain.
120  *
121  *	Currently always returns zero.
122  */
atomic_notifier_chain_register(struct atomic_notifier_head * nh,struct notifier_block * n)123 int atomic_notifier_chain_register(struct atomic_notifier_head *nh,
124 		struct notifier_block *n)
125 {
126 	unsigned long flags;
127 	int ret;
128 
129 	spin_lock_irqsave(&nh->lock, flags);
130 	ret = notifier_chain_register(&nh->head, n);
131 	spin_unlock_irqrestore(&nh->lock, flags);
132 	return ret;
133 }
134 EXPORT_SYMBOL_GPL(atomic_notifier_chain_register);
135 
136 /**
137  *	atomic_notifier_chain_unregister - Remove notifier from an atomic notifier chain
138  *	@nh: Pointer to head of the atomic notifier chain
139  *	@n: Entry to remove from notifier chain
140  *
141  *	Removes a notifier from an atomic notifier chain.
142  *
143  *	Returns zero on success or %-ENOENT on failure.
144  */
atomic_notifier_chain_unregister(struct atomic_notifier_head * nh,struct notifier_block * n)145 int atomic_notifier_chain_unregister(struct atomic_notifier_head *nh,
146 		struct notifier_block *n)
147 {
148 	unsigned long flags;
149 	int ret;
150 
151 	spin_lock_irqsave(&nh->lock, flags);
152 	ret = notifier_chain_unregister(&nh->head, n);
153 	spin_unlock_irqrestore(&nh->lock, flags);
154 	synchronize_rcu();
155 	return ret;
156 }
157 EXPORT_SYMBOL_GPL(atomic_notifier_chain_unregister);
158 
159 /**
160  *	__atomic_notifier_call_chain - Call functions in an atomic notifier chain
161  *	@nh: Pointer to head of the atomic notifier chain
162  *	@val: Value passed unmodified to notifier function
163  *	@v: Pointer passed unmodified to notifier function
164  *	@nr_to_call: See the comment for notifier_call_chain.
165  *	@nr_calls: See the comment for notifier_call_chain.
166  *
167  *	Calls each function in a notifier chain in turn.  The functions
168  *	run in an atomic context, so they must not block.
169  *	This routine uses RCU to synchronize with changes to the chain.
170  *
171  *	If the return value of the notifier can be and'ed
172  *	with %NOTIFY_STOP_MASK then atomic_notifier_call_chain()
173  *	will return immediately, with the return value of
174  *	the notifier function which halted execution.
175  *	Otherwise the return value is the return value
176  *	of the last notifier function called.
177  */
__atomic_notifier_call_chain(struct atomic_notifier_head * nh,unsigned long val,void * v,int nr_to_call,int * nr_calls)178 int __atomic_notifier_call_chain(struct atomic_notifier_head *nh,
179 				 unsigned long val, void *v,
180 				 int nr_to_call, int *nr_calls)
181 {
182 	int ret;
183 
184 	rcu_read_lock();
185 	ret = notifier_call_chain(&nh->head, val, v, nr_to_call, nr_calls);
186 	rcu_read_unlock();
187 	return ret;
188 }
189 EXPORT_SYMBOL_GPL(__atomic_notifier_call_chain);
190 NOKPROBE_SYMBOL(__atomic_notifier_call_chain);
191 
atomic_notifier_call_chain(struct atomic_notifier_head * nh,unsigned long val,void * v)192 int atomic_notifier_call_chain(struct atomic_notifier_head *nh,
193 			       unsigned long val, void *v)
194 {
195 	return __atomic_notifier_call_chain(nh, val, v, -1, NULL);
196 }
197 EXPORT_SYMBOL_GPL(atomic_notifier_call_chain);
198 NOKPROBE_SYMBOL(atomic_notifier_call_chain);
199 
200 /*
201  *	Blocking notifier chain routines.  All access to the chain is
202  *	synchronized by an rwsem.
203  */
204 
205 /**
206  *	blocking_notifier_chain_register - Add notifier to a blocking notifier chain
207  *	@nh: Pointer to head of the blocking notifier chain
208  *	@n: New entry in notifier chain
209  *
210  *	Adds a notifier to a blocking notifier chain.
211  *	Must be called in process context.
212  *
213  *	Currently always returns zero.
214  */
blocking_notifier_chain_register(struct blocking_notifier_head * nh,struct notifier_block * n)215 int blocking_notifier_chain_register(struct blocking_notifier_head *nh,
216 		struct notifier_block *n)
217 {
218 	int ret;
219 
220 	/*
221 	 * This code gets used during boot-up, when task switching is
222 	 * not yet working and interrupts must remain disabled.  At
223 	 * such times we must not call down_write().
224 	 */
225 	if (unlikely(system_state == SYSTEM_BOOTING))
226 		return notifier_chain_register(&nh->head, n);
227 
228 	down_write(&nh->rwsem);
229 	ret = notifier_chain_register(&nh->head, n);
230 	up_write(&nh->rwsem);
231 	return ret;
232 }
233 EXPORT_SYMBOL_GPL(blocking_notifier_chain_register);
234 
235 /**
236  *	blocking_notifier_chain_cond_register - Cond add notifier to a blocking notifier chain
237  *	@nh: Pointer to head of the blocking notifier chain
238  *	@n: New entry in notifier chain
239  *
240  *	Adds a notifier to a blocking notifier chain, only if not already
241  *	present in the chain.
242  *	Must be called in process context.
243  *
244  *	Currently always returns zero.
245  */
blocking_notifier_chain_cond_register(struct blocking_notifier_head * nh,struct notifier_block * n)246 int blocking_notifier_chain_cond_register(struct blocking_notifier_head *nh,
247 		struct notifier_block *n)
248 {
249 	int ret;
250 
251 	down_write(&nh->rwsem);
252 	ret = notifier_chain_cond_register(&nh->head, n);
253 	up_write(&nh->rwsem);
254 	return ret;
255 }
256 EXPORT_SYMBOL_GPL(blocking_notifier_chain_cond_register);
257 
258 /**
259  *	blocking_notifier_chain_unregister - Remove notifier from a blocking notifier chain
260  *	@nh: Pointer to head of the blocking notifier chain
261  *	@n: Entry to remove from notifier chain
262  *
263  *	Removes a notifier from a blocking notifier chain.
264  *	Must be called from process context.
265  *
266  *	Returns zero on success or %-ENOENT on failure.
267  */
blocking_notifier_chain_unregister(struct blocking_notifier_head * nh,struct notifier_block * n)268 int blocking_notifier_chain_unregister(struct blocking_notifier_head *nh,
269 		struct notifier_block *n)
270 {
271 	int ret;
272 
273 	/*
274 	 * This code gets used during boot-up, when task switching is
275 	 * not yet working and interrupts must remain disabled.  At
276 	 * such times we must not call down_write().
277 	 */
278 	if (unlikely(system_state == SYSTEM_BOOTING))
279 		return notifier_chain_unregister(&nh->head, n);
280 
281 	down_write(&nh->rwsem);
282 	ret = notifier_chain_unregister(&nh->head, n);
283 	up_write(&nh->rwsem);
284 	return ret;
285 }
286 EXPORT_SYMBOL_GPL(blocking_notifier_chain_unregister);
287 
288 /**
289  *	__blocking_notifier_call_chain - Call functions in a blocking notifier chain
290  *	@nh: Pointer to head of the blocking notifier chain
291  *	@val: Value passed unmodified to notifier function
292  *	@v: Pointer passed unmodified to notifier function
293  *	@nr_to_call: See comment for notifier_call_chain.
294  *	@nr_calls: See comment for notifier_call_chain.
295  *
296  *	Calls each function in a notifier chain in turn.  The functions
297  *	run in a process context, so they are allowed to block.
298  *
299  *	If the return value of the notifier can be and'ed
300  *	with %NOTIFY_STOP_MASK then blocking_notifier_call_chain()
301  *	will return immediately, with the return value of
302  *	the notifier function which halted execution.
303  *	Otherwise the return value is the return value
304  *	of the last notifier function called.
305  */
__blocking_notifier_call_chain(struct blocking_notifier_head * nh,unsigned long val,void * v,int nr_to_call,int * nr_calls)306 int __blocking_notifier_call_chain(struct blocking_notifier_head *nh,
307 				   unsigned long val, void *v,
308 				   int nr_to_call, int *nr_calls)
309 {
310 	int ret = NOTIFY_DONE;
311 
312 	/*
313 	 * We check the head outside the lock, but if this access is
314 	 * racy then it does not matter what the result of the test
315 	 * is, we re-check the list after having taken the lock anyway:
316 	 */
317 	if (rcu_access_pointer(nh->head)) {
318 		down_read(&nh->rwsem);
319 		ret = notifier_call_chain(&nh->head, val, v, nr_to_call,
320 					nr_calls);
321 		up_read(&nh->rwsem);
322 	}
323 	return ret;
324 }
325 EXPORT_SYMBOL_GPL(__blocking_notifier_call_chain);
326 
blocking_notifier_call_chain(struct blocking_notifier_head * nh,unsigned long val,void * v)327 int blocking_notifier_call_chain(struct blocking_notifier_head *nh,
328 		unsigned long val, void *v)
329 {
330 	return __blocking_notifier_call_chain(nh, val, v, -1, NULL);
331 }
332 EXPORT_SYMBOL_GPL(blocking_notifier_call_chain);
333 
334 /*
335  *	Raw notifier chain routines.  There is no protection;
336  *	the caller must provide it.  Use at your own risk!
337  */
338 
339 /**
340  *	raw_notifier_chain_register - Add notifier to a raw notifier chain
341  *	@nh: Pointer to head of the raw notifier chain
342  *	@n: New entry in notifier chain
343  *
344  *	Adds a notifier to a raw notifier chain.
345  *	All locking must be provided by the caller.
346  *
347  *	Currently always returns zero.
348  */
raw_notifier_chain_register(struct raw_notifier_head * nh,struct notifier_block * n)349 int raw_notifier_chain_register(struct raw_notifier_head *nh,
350 		struct notifier_block *n)
351 {
352 	return notifier_chain_register(&nh->head, n);
353 }
354 EXPORT_SYMBOL_GPL(raw_notifier_chain_register);
355 
356 /**
357  *	raw_notifier_chain_unregister - Remove notifier from a raw notifier chain
358  *	@nh: Pointer to head of the raw notifier chain
359  *	@n: Entry to remove from notifier chain
360  *
361  *	Removes a notifier from a raw notifier chain.
362  *	All locking must be provided by the caller.
363  *
364  *	Returns zero on success or %-ENOENT on failure.
365  */
raw_notifier_chain_unregister(struct raw_notifier_head * nh,struct notifier_block * n)366 int raw_notifier_chain_unregister(struct raw_notifier_head *nh,
367 		struct notifier_block *n)
368 {
369 	return notifier_chain_unregister(&nh->head, n);
370 }
371 EXPORT_SYMBOL_GPL(raw_notifier_chain_unregister);
372 
373 /**
374  *	__raw_notifier_call_chain - Call functions in a raw notifier chain
375  *	@nh: Pointer to head of the raw notifier chain
376  *	@val: Value passed unmodified to notifier function
377  *	@v: Pointer passed unmodified to notifier function
378  *	@nr_to_call: See comment for notifier_call_chain.
379  *	@nr_calls: See comment for notifier_call_chain
380  *
381  *	Calls each function in a notifier chain in turn.  The functions
382  *	run in an undefined context.
383  *	All locking must be provided by the caller.
384  *
385  *	If the return value of the notifier can be and'ed
386  *	with %NOTIFY_STOP_MASK then raw_notifier_call_chain()
387  *	will return immediately, with the return value of
388  *	the notifier function which halted execution.
389  *	Otherwise the return value is the return value
390  *	of the last notifier function called.
391  */
__raw_notifier_call_chain(struct raw_notifier_head * nh,unsigned long val,void * v,int nr_to_call,int * nr_calls)392 int __raw_notifier_call_chain(struct raw_notifier_head *nh,
393 			      unsigned long val, void *v,
394 			      int nr_to_call, int *nr_calls)
395 {
396 	return notifier_call_chain(&nh->head, val, v, nr_to_call, nr_calls);
397 }
398 EXPORT_SYMBOL_GPL(__raw_notifier_call_chain);
399 
raw_notifier_call_chain(struct raw_notifier_head * nh,unsigned long val,void * v)400 int raw_notifier_call_chain(struct raw_notifier_head *nh,
401 		unsigned long val, void *v)
402 {
403 	return __raw_notifier_call_chain(nh, val, v, -1, NULL);
404 }
405 EXPORT_SYMBOL_GPL(raw_notifier_call_chain);
406 
407 #ifdef CONFIG_SRCU
408 /*
409  *	SRCU notifier chain routines.    Registration and unregistration
410  *	use a mutex, and call_chain is synchronized by SRCU (no locks).
411  */
412 
413 /**
414  *	srcu_notifier_chain_register - Add notifier to an SRCU notifier chain
415  *	@nh: Pointer to head of the SRCU notifier chain
416  *	@n: New entry in notifier chain
417  *
418  *	Adds a notifier to an SRCU notifier chain.
419  *	Must be called in process context.
420  *
421  *	Currently always returns zero.
422  */
srcu_notifier_chain_register(struct srcu_notifier_head * nh,struct notifier_block * n)423 int srcu_notifier_chain_register(struct srcu_notifier_head *nh,
424 		struct notifier_block *n)
425 {
426 	int ret;
427 
428 	/*
429 	 * This code gets used during boot-up, when task switching is
430 	 * not yet working and interrupts must remain disabled.  At
431 	 * such times we must not call mutex_lock().
432 	 */
433 	if (unlikely(system_state == SYSTEM_BOOTING))
434 		return notifier_chain_register(&nh->head, n);
435 
436 	mutex_lock(&nh->mutex);
437 	ret = notifier_chain_register(&nh->head, n);
438 	mutex_unlock(&nh->mutex);
439 	return ret;
440 }
441 EXPORT_SYMBOL_GPL(srcu_notifier_chain_register);
442 
443 /**
444  *	srcu_notifier_chain_unregister - Remove notifier from an SRCU notifier chain
445  *	@nh: Pointer to head of the SRCU notifier chain
446  *	@n: Entry to remove from notifier chain
447  *
448  *	Removes a notifier from an SRCU notifier chain.
449  *	Must be called from process context.
450  *
451  *	Returns zero on success or %-ENOENT on failure.
452  */
srcu_notifier_chain_unregister(struct srcu_notifier_head * nh,struct notifier_block * n)453 int srcu_notifier_chain_unregister(struct srcu_notifier_head *nh,
454 		struct notifier_block *n)
455 {
456 	int ret;
457 
458 	/*
459 	 * This code gets used during boot-up, when task switching is
460 	 * not yet working and interrupts must remain disabled.  At
461 	 * such times we must not call mutex_lock().
462 	 */
463 	if (unlikely(system_state == SYSTEM_BOOTING))
464 		return notifier_chain_unregister(&nh->head, n);
465 
466 	mutex_lock(&nh->mutex);
467 	ret = notifier_chain_unregister(&nh->head, n);
468 	mutex_unlock(&nh->mutex);
469 	synchronize_srcu(&nh->srcu);
470 	return ret;
471 }
472 EXPORT_SYMBOL_GPL(srcu_notifier_chain_unregister);
473 
474 /**
475  *	__srcu_notifier_call_chain - Call functions in an SRCU notifier chain
476  *	@nh: Pointer to head of the SRCU notifier chain
477  *	@val: Value passed unmodified to notifier function
478  *	@v: Pointer passed unmodified to notifier function
479  *	@nr_to_call: See comment for notifier_call_chain.
480  *	@nr_calls: See comment for notifier_call_chain
481  *
482  *	Calls each function in a notifier chain in turn.  The functions
483  *	run in a process context, so they are allowed to block.
484  *
485  *	If the return value of the notifier can be and'ed
486  *	with %NOTIFY_STOP_MASK then srcu_notifier_call_chain()
487  *	will return immediately, with the return value of
488  *	the notifier function which halted execution.
489  *	Otherwise the return value is the return value
490  *	of the last notifier function called.
491  */
__srcu_notifier_call_chain(struct srcu_notifier_head * nh,unsigned long val,void * v,int nr_to_call,int * nr_calls)492 int __srcu_notifier_call_chain(struct srcu_notifier_head *nh,
493 			       unsigned long val, void *v,
494 			       int nr_to_call, int *nr_calls)
495 {
496 	int ret;
497 	int idx;
498 
499 	idx = srcu_read_lock(&nh->srcu);
500 	ret = notifier_call_chain(&nh->head, val, v, nr_to_call, nr_calls);
501 	srcu_read_unlock(&nh->srcu, idx);
502 	return ret;
503 }
504 EXPORT_SYMBOL_GPL(__srcu_notifier_call_chain);
505 
srcu_notifier_call_chain(struct srcu_notifier_head * nh,unsigned long val,void * v)506 int srcu_notifier_call_chain(struct srcu_notifier_head *nh,
507 		unsigned long val, void *v)
508 {
509 	return __srcu_notifier_call_chain(nh, val, v, -1, NULL);
510 }
511 EXPORT_SYMBOL_GPL(srcu_notifier_call_chain);
512 
513 /**
514  *	srcu_init_notifier_head - Initialize an SRCU notifier head
515  *	@nh: Pointer to head of the srcu notifier chain
516  *
517  *	Unlike other sorts of notifier heads, SRCU notifier heads require
518  *	dynamic initialization.  Be sure to call this routine before
519  *	calling any of the other SRCU notifier routines for this head.
520  *
521  *	If an SRCU notifier head is deallocated, it must first be cleaned
522  *	up by calling srcu_cleanup_notifier_head().  Otherwise the head's
523  *	per-cpu data (used by the SRCU mechanism) will leak.
524  */
srcu_init_notifier_head(struct srcu_notifier_head * nh)525 void srcu_init_notifier_head(struct srcu_notifier_head *nh)
526 {
527 	mutex_init(&nh->mutex);
528 	if (init_srcu_struct(&nh->srcu) < 0)
529 		BUG();
530 	nh->head = NULL;
531 }
532 EXPORT_SYMBOL_GPL(srcu_init_notifier_head);
533 
534 #endif /* CONFIG_SRCU */
535 
536 static ATOMIC_NOTIFIER_HEAD(die_chain);
537 
notify_die(enum die_val val,const char * str,struct pt_regs * regs,long err,int trap,int sig)538 int notrace notify_die(enum die_val val, const char *str,
539 	       struct pt_regs *regs, long err, int trap, int sig)
540 {
541 	struct die_args args = {
542 		.regs	= regs,
543 		.str	= str,
544 		.err	= err,
545 		.trapnr	= trap,
546 		.signr	= sig,
547 
548 	};
549 	RCU_LOCKDEP_WARN(!rcu_is_watching(),
550 			   "notify_die called but RCU thinks we're quiescent");
551 	return atomic_notifier_call_chain(&die_chain, val, &args);
552 }
553 NOKPROBE_SYMBOL(notify_die);
554 
register_die_notifier(struct notifier_block * nb)555 int register_die_notifier(struct notifier_block *nb)
556 {
557 	vmalloc_sync_all();
558 	return atomic_notifier_chain_register(&die_chain, nb);
559 }
560 EXPORT_SYMBOL_GPL(register_die_notifier);
561 
unregister_die_notifier(struct notifier_block * nb)562 int unregister_die_notifier(struct notifier_block *nb)
563 {
564 	return atomic_notifier_chain_unregister(&die_chain, nb);
565 }
566 EXPORT_SYMBOL_GPL(unregister_die_notifier);
567