| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <mafs0pl9k7dor.fsf@kernel.org>
Date: Fri, 14 Nov 2025 17:59:32 +0100
From: Pratyush Yadav <pratyush@...nel.org>
To: Pasha Tatashin <pasha.tatashin@...een.com>
Cc: akpm@...ux-foundation.org, bhe@...hat.com, rppt@...nel.org,
jasonmiu@...gle.com, arnd@...db.de, coxu@...hat.com,
dave@...ilevsky.ca, ebiggers@...gle.com, graf@...zon.com,
kees@...nel.org, linux-kernel@...r.kernel.org,
kexec@...ts.infradead.org, linux-mm@...ck.org
Subject: Re: [PATCH v1 05/13] kho: Always expose output FDT in debugfs
On Fri, Nov 14 2025, Pasha Tatashin wrote:
> Currently, the output FDT is added to debugfs only when KHO is
> finalized and removed when aborted.
>
> There is no need to hide the FDT based on the state. Always expose it
> starting from initialization. This aids the transition toward removing
> the explicit abort functionality and converting KHO to be fully
> stateless.
>
> Also, pre-zero the FDT tree so we do not expose random bits to the
> user and to the next kernel.
>
> Signed-off-by: Pasha Tatashin <pasha.tatashin@...een.com>
> ---
> kernel/liveupdate/kexec_handover.c | 10 ++++------
> 1 file changed, 4 insertions(+), 6 deletions(-)
>
> diff --git a/kernel/liveupdate/kexec_handover.c b/kernel/liveupdate/kexec_handover.c
> index 83aca3b4af15..cd8641725343 100644
> --- a/kernel/liveupdate/kexec_handover.c
> +++ b/kernel/liveupdate/kexec_handover.c
> @@ -1147,8 +1147,6 @@ int kho_abort(void)
> __kho_abort();
> kho_out.finalized = false;
>
> - kho_debugfs_fdt_remove(&kho_out.dbg, kho_out.fdt);
> -
> return 0;
> }
>
> @@ -1219,9 +1217,6 @@ int kho_finalize(void)
>
> kho_out.finalized = true;
>
> - WARN_ON_ONCE(kho_debugfs_fdt_add(&kho_out.dbg, "fdt",
> - kho_out.fdt, true));
> -
> return 0;
> }
>
> @@ -1310,7 +1305,7 @@ static __init int kho_init(void)
> if (!kho_enable)
> return 0;
>
> - fdt_page = alloc_page(GFP_KERNEL);
> + fdt_page = alloc_page(GFP_KERNEL | __GFP_ZERO);
If I read the series right, patch 9 will make this a full FDT with no
subnodes. That makes a lot more sense than a zero page. Thinking out
loud.
For this patch,
Reviewed-by: Pratyush Yadav <pratyush@...nel.org>
> if (!fdt_page) {
> err = -ENOMEM;
> goto err_free_scratch;
> @@ -1344,6 +1339,9 @@ static __init int kho_init(void)
> init_cma_reserved_pageblock(pfn_to_page(pfn));
> }
>
> + WARN_ON_ONCE(kho_debugfs_fdt_add(&kho_out.dbg, "fdt",
> + kho_out.fdt, true));
> +
> return 0;
>
> err_free_fdt:
--
Regards,
Pratyush Yadav
Powered by blists - more mailing lists