| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20251114190002.3311679-5-pasha.tatashin@soleen.com>
Date: Fri, 14 Nov 2025 13:59:53 -0500
From: Pasha Tatashin <pasha.tatashin@...een.com>
To: akpm@...ux-foundation.org,
bhe@...hat.com,
pasha.tatashin@...een.com,
rppt@...nel.org,
jasonmiu@...gle.com,
arnd@...db.de,
coxu@...hat.com,
dave@...ilevsky.ca,
ebiggers@...gle.com,
graf@...zon.com,
kees@...nel.org,
linux-kernel@...r.kernel.org,
kexec@...ts.infradead.org,
linux-mm@...ck.org
Subject: [PATCH v2 04/13] kho: Preserve FDT folio only once during initialization
Currently, the FDT folio is preserved inside __kho_finalize(). If the
user performs multiple finalize/abort cycles, kho_preserve_folio() is
called repeatedly for the same FDT folio.
Since the FDT folio is allocated once during kho_init(), it should be
marked for preservation at the same time. Move the preservation call to
kho_init() to align the preservation state with the object's lifecycle
and simplify the finalize path.
Also, pre-zero the FDT tree so we do not expose random bits to the
user and to the next kernel by using the new kho_alloc_preserve() api.
Signed-off-by: Pasha Tatashin <pasha.tatashin@...een.com>
Reviewed-by: Mike Rapoport (Microsoft) <rppt@...nel.org>
Reviewed-by: Pratyush Yadav <pratyush@...nel.org>
---
kernel/liveupdate/kexec_handover.c | 18 ++++++------------
1 file changed, 6 insertions(+), 12 deletions(-)
diff --git a/kernel/liveupdate/kexec_handover.c b/kernel/liveupdate/kexec_handover.c
index 5c5c9c46fe92..704e91418214 100644
--- a/kernel/liveupdate/kexec_handover.c
+++ b/kernel/liveupdate/kexec_handover.c
@@ -1251,10 +1251,6 @@ static int __kho_finalize(void)
if (err)
goto abort;
- err = kho_preserve_folio(virt_to_folio(kho_out.fdt));
- if (err)
- goto abort;
-
err = kho_mem_serialize(&kho_out);
if (err)
goto abort;
@@ -1384,19 +1380,17 @@ EXPORT_SYMBOL_GPL(kho_retrieve_subtree);
static __init int kho_init(void)
{
- int err = 0;
const void *fdt = kho_get_fdt();
- struct page *fdt_page;
+ int err = 0;
if (!kho_enable)
return 0;
- fdt_page = alloc_page(GFP_KERNEL);
- if (!fdt_page) {
- err = -ENOMEM;
+ kho_out.fdt = kho_alloc_preserve(PAGE_SIZE);
+ if (IS_ERR(kho_out.fdt)) {
+ err = PTR_ERR(kho_out.fdt);
goto err_free_scratch;
}
- kho_out.fdt = page_to_virt(fdt_page);
err = kho_debugfs_init();
if (err)
@@ -1424,9 +1418,9 @@ static __init int kho_init(void)
return 0;
err_free_fdt:
- put_page(fdt_page);
- kho_out.fdt = NULL;
+ kho_unpreserve_free(kho_out.fdt);
err_free_scratch:
+ kho_out.fdt = NULL;
for (int i = 0; i < kho_scratch_cnt; i++) {
void *start = __va(kho_scratch[i].addr);
void *end = start + kho_scratch[i].size;
--
2.52.0.rc1.455.g30608eb744-goog
Powered by blists - more mailing lists