shutdown: Add Xen kexec support

In the Xen case, it's the hypervisor which manages kexec. We thus
have to ask it whether a kernel is loaded, instead of relying on
/sys/kernel/kexec_loaded.

.github/workflows/build_test.sh

@@ -42,6 +42,7 @@ PACKAGES=(
     libqrencode-dev
     libssl-dev
     libtss2-dev
+    libxen-dev
     libxkbcommon-dev
     libxtables-dev
     libzstd-dev

meson.build

@@ -1273,6 +1273,18 @@ else
 endif
 conf.set10('HAVE_KMOD', have)
 
+want_xenctrl = get_option('xenctrl')
+if want_xenctrl != 'false' and not skip_deps
+        libxenctrl = dependency('xencontrol',
+                                version : '>= 4.9',
+                                required : want_xenctrl == 'true')
+        have = libxenctrl.found()
+else
+        have = false
+        libxenctrl = []
+endif
+conf.set10('HAVE_XENCTRL', have)
+
 want_pam = get_option('pam')
 if want_pam != 'false' and not skip_deps
         libpam = cc.find_library('pam', required : want_pam == 'true')
@@ -4398,6 +4410,7 @@ foreach tuple : [
         ['nscd'],
         ['legacy-pkla',            install_polkit_pkla],
         ['kmod'],
+        ['xenctrl'],
         ['dbus'],
         ['glib'],
         ['tpm'],

meson_options.txt

@@ -371,6 +371,8 @@ option('fdisk', type : 'combo', choices : ['auto', 'true', 'false'],
        description : 'libfdisk support')
 option('kmod', type : 'combo', choices : ['auto', 'true', 'false'],
        description : 'support for loadable modules')
+option('xenctrl', type : 'combo', choices : ['auto', 'true', 'false'],
+       description : 'support for Xen kexec')
 option('pam', type : 'combo', choices : ['auto', 'true', 'false'],
        description : 'PAM support')
 option('pwquality', type : 'combo', choices : ['auto', 'true', 'false'],

mkosi.default.d/debian/10-mkosi.debian

@@ -61,6 +61,7 @@ BuildPackages=
         libseccomp-dev
         libsmartcols-dev
         libssl-dev
+        libxen-dev
         libxkbcommon-dev
         libzstd-dev
         pahole

mkosi.default.d/fedora/10-mkosi.fedora

@@ -67,6 +67,7 @@ BuildPackages=
         pkgconfig(tss2-mu)
         pkgconfig(tss2-rc)
         pkgconfig(valgrind)
+        pkgconfig(xencontrol)
         pkgconfig(xkbcommon)
         python3dist(jinja2)
         python3dist(lxml)

mkosi.default.d/opensuse/10-mkosi.opensuse

@@ -80,4 +80,5 @@ BuildPackages=
         systemd-sysvinit
         timezone
         tpm2-0-tss-devel
+        xen-devel
         zlib-devel

mkosi.default.d/ubuntu/10-mkosi.ubuntu

@@ -62,6 +62,7 @@ BuildPackages=
         libseccomp-dev
         libsmartcols-dev
         libssl-dev
+        libxen-dev
         libxkbcommon-dev
         libzstd-dev
         pahole

src/basic/util.c

@@ -23,15 +23,6 @@ int saved_argc = 0;
 char **saved_argv = NULL;
 static int saved_in_initrd = -1;
 
-bool kexec_loaded(void) {
-       _cleanup_free_ char *s = NULL;
-
-       if (read_one_line_file("/sys/kernel/kexec_loaded", &s) < 0)
-               return false;
-
-       return s[0] == '1';
-}
-
 int prot_from_flags(int flags) {
 
         switch (flags & O_ACCMODE) {

src/basic/util.h

@@ -19,8 +19,6 @@ static inline void save_argc_argv(int argc, char **argv) {
         saved_argv = argv;
 }
 
-bool kexec_loaded(void);
-
 int prot_from_flags(int flags) _const_;
 
 bool in_initrd(void);

src/initctl/initctl.c

@@ -24,6 +24,7 @@
 #include "main-func.h"
 #include "memory-util.h"
 #include "process-util.h"
+#include "reboot-util.h"
 #include "special.h"
 
 #define SERVER_FD_MAX 16

src/shared/meson.build

@@ -465,7 +465,8 @@ libshared_deps = [threads,
                   libseccomp,
                   libselinux,
                   libzstd,
-                  libxz]
+                  libxz,
+                  libxenctrl]
 
 libshared_sym_path = '@0@/libshared.sym'.format(meson.current_source_dir())
 

src/shared/reboot-util.c

@@ -1,11 +1,28 @@
 /* SPDX-License-Identifier: LGPL-2.1-or-later */
 
 #include <errno.h>
+#include <error.h>
+#include <fcntl.h>
+#include <stdint.h>
+#include <stdio.h>
+#include <string.h>
+#include <sys/ioctl.h>
+#include <sys/mman.h>
 #include <unistd.h>
 
+#if HAVE_XENCTRL
+#define __XEN_INTERFACE_VERSION__ 0x00040900
+#include <xen/xen.h>
+#include <xen/kexec.h>
+#include <xen/sys/privcmd.h>
+#endif
+
 #include "alloc-util.h"
+#include "errno-util.h"
+#include "fd-util.h"
 #include "fileio.h"
 #include "log.h"
+#include "memory-util.h"
 #include "proc-cmdline.h"
 #include "raw-reboot.h"
 #include "reboot-util.h"
@@ -107,3 +124,74 @@ int shall_restore_state(void) {
 
         return r > 0 ? ret : true;
 }
+
+static int xen_kexec_loaded(void) {
+#if HAVE_XENCTRL
+        size_t size;
+        _cleanup_close_ int privcmd_fd = -1, buf_fd = -1;
+        void *buffer;
+        int r;
+
+        if (access("/proc/xen", F_OK) < 0) {
+                if (errno == ENOENT)
+                        return -EOPNOTSUPP;
+                return log_debug_errno(errno, "Unable to test whether /proc/xen exists: %m");
+        }
+
+        size = page_size();
+        if (sizeof(xen_kexec_status_t) > size)
+                return log_debug_errno(SYNTHETIC_ERRNO(EINVAL), "page_size is too small for hypercall");
+
+        privcmd_fd = open("/dev/xen/privcmd", O_RDWR|O_CLOEXEC);
+        if (privcmd_fd < 0)
+                return log_debug_errno(errno, "Cannot access /dev/xen/privcmd: %m");
+
+        buf_fd = open("/dev/xen/hypercall", O_RDWR|O_CLOEXEC);
+        if (buf_fd < 0)
+                return log_debug_errno(errno, "Cannot access /dev/xen/hypercall: %m");
+
+        buffer = mmap(NULL, size, PROT_READ|PROT_WRITE, MAP_SHARED, buf_fd, 0);
+        if (buffer == MAP_FAILED)
+                return log_debug_errno(errno, "Cannot allocate buffer for hypercall: %m");
+
+        *(xen_kexec_status_t*) buffer = (xen_kexec_status_t) {
+                .type = KEXEC_TYPE_DEFAULT,
+        };
+
+        privcmd_hypercall_t call = {
+                .op = __HYPERVISOR_kexec_op,
+                .arg = {
+                        KEXEC_CMD_kexec_status,
+                        PTR_TO_UINT64(buffer),
+                },
+        };
+
+        r = RET_NERRNO(ioctl(privcmd_fd, IOCTL_PRIVCMD_HYPERCALL, &call));
+        if (r < 0)
+                log_debug_errno(r, "kexec_status failed: %m");
+
+        munmap(buffer, size);
+
+        return r;
+#else
+        return -EOPNOTSUPP;
+#endif
+}
+
+bool kexec_loaded(void) {
+       _cleanup_free_ char *s = NULL;
+       int r;
+
+       r = xen_kexec_loaded();
+       if (r >= 0)
+               return r;
+
+       r = read_one_line_file("/sys/kernel/kexec_loaded", &s);
+       if (r < 0) {
+               if (r != -ENOENT)
+                       log_debug_errno(r, "Unable to read /sys/kernel/kexec_loaded, ignoring: %m");
+               return false;
+       }
+
+       return s[0] == '1';
+}

src/shared/reboot-util.h

@@ -13,3 +13,5 @@ int read_reboot_parameter(char **parameter);
 int reboot_with_parameter(RebootFlags flags);
 
 int shall_restore_state(void);
+
+bool kexec_loaded(void);

src/systemctl/systemctl-compat-shutdown.c

@@ -4,6 +4,7 @@
 
 #include "alloc-util.h"
 #include "pretty-print.h"
+#include "reboot-util.h"
 #include "systemctl-compat-shutdown.h"
 #include "systemctl-sysv-compat.h"
 #include "systemctl.h"

src/systemctl/systemctl.c

@@ -17,6 +17,7 @@
 #include "path-util.h"
 #include "pretty-print.h"
 #include "process-util.h"
+#include "reboot-util.h"
 #include "rlimit-util.h"
 #include "sigbus.h"
 #include "signal-util.h"