lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CA+CK2bB+OQ-8CDdQfN3UFxUJR62ZjZkFB3dN43LYaXavewk_ng@mail.gmail.com>
Date: Thu, 4 Dec 2025 09:04:08 -0500
From: Pasha Tatashin <pasha.tatashin@...een.com>
To: Mike Rapoport <rppt@...nel.org>
Cc: Usama Arif <usamaarif642@...il.com>, Andrew Morton <akpm@...ux-foundation.org>, kas@...nel.org, 
	changyuanl@...gle.com, graf@...zon.com, leitao@...ian.org, thevlad@...a.com, 
	pratyush@...nel.org, dave.hansen@...ux.intel.com, linux-mm@...ck.org, 
	linux-kernel@...r.kernel.org, kernel-team@...a.com
Subject: Re: [PATCH v3 2/2] mm/memblock: only mark/clear KHO scratch memory
 when needed

On Sun, Nov 30, 2025 at 3:52 AM Mike Rapoport <rppt@...nel.org> wrote:
>
> On Fri, Nov 28, 2025 at 05:29:34PM +0000, Usama Arif wrote:
> > The scratch memory for kexec handover is used to bootstrap the
> > kexec'ed kernel. Only the 1st 1MB is used as scratch, and its a
> > hack to get around limitations with KHO. It is only needed when
> > CONFIG_KEXEC_HANDOVER is enabled and only if it is a KHO boot
> > (both checked by is_kho_boot). Add check to prevent marking a KHO
> > scratch region unless needed.
>
> I'm going to rewrite the changelog and queue this for upstream:
>
> The scratch memory for kexec handover is used to bootstrap the kexec'ed
> kernel and it is only needed when it is a KHO boot, i.e. a kexec boot with
> handover data passed from the previous kernel.
>
> Currently x86 marks the first megabyte of memory as KHO scratch even for
> non-KHO boots if CONFIG_KEXEC_HANDOVER is enabled.
>
> Add check to prevent marking a KHO scratch regions unless they are actually
> needed.
>
> > Fixes: a2daf83e10378 ("x86/e820: temporarily enable KHO scratch for memory below 1M")
> > Reported-by: Vlad Poenaru <thevlad@...a.com>
> > Signed-off-by: Usama Arif <usamaarif642@...il.com>
> > Reviewed-by: Pratyush Yadav <pratyush@...nel.org>

This patch causes panic with my tests in linux-next.

[    0.000000] Kernel panic - not syncing: Cannot allocate 17280 bytes
for node 0 data
[    0.000000] CPU: 0 UID: 0 PID: 0 Comm: swapper Not tainted
6.18.0-next-20251203 #2 PREEMPT(undef)
[    0.000000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009),
BIOS 0.1 11/11/2019
[    0.000000] Call Trace:
[    0.000000]  <TASK>
[    0.000000]  ? dump_stack_lvl+0x4e/0x70
[    0.000000]  ? vpanic+0xcf/0x2b0
[    0.000000]  ? panic+0x66/0x66
[    0.000000]  ? alloc_node_data+0x32/0x90
[    0.000000]  ? numa_register_nodes+0x82/0x100
[    0.000000]  ? numa_init+0x36/0x120
[    0.000000]  ? setup_arch+0x667/0x7f0
[    0.000000]  ? start_kernel+0x58/0x640
[    0.000000]  ? x86_64_start_reservations+0x24/0x30
[    0.000000]  ? x86_64_start_kernel+0xc5/0xd0
[    0.000000]  ? common_startup_64+0x13e/0x148
[    0.000000]  </TASK>
[    0.000000] ---[ end Kernel panic - not syncing: Cannot allocate
17280 bytes for node 0 data ]---
PANIC: early exception 0x0d IP 10:ffffffff89007a13 error 763 cr2
0xffff991090a01000


> > ---
> >  mm/memblock.c | 14 +++++++++-----
> >  1 file changed, 9 insertions(+), 5 deletions(-)
> >
> > diff --git a/mm/memblock.c b/mm/memblock.c
> > index 8b13d5c28922a..913cf322eb89a 100644
> > --- a/mm/memblock.c
> > +++ b/mm/memblock.c
> > @@ -20,8 +20,8 @@
> >
> >  #ifdef CONFIG_KEXEC_HANDOVER
> >  #include <linux/libfdt.h>
> > -#include <linux/kexec_handover.h>
> >  #endif /* CONFIG_KEXEC_HANDOVER */
> > +#include <linux/kexec_handover.h>
> >
> >  #include <asm/sections.h>
> >  #include <linux/io.h>
> > @@ -1126,8 +1126,10 @@ int __init_memblock memblock_reserved_mark_noinit(phys_addr_t base, phys_addr_t
> >   */
> >  __init int memblock_mark_kho_scratch(phys_addr_t base, phys_addr_t size)
> >  {
> > -     return memblock_setclr_flag(&memblock.memory, base, size, 1,
> > -                                 MEMBLOCK_KHO_SCRATCH);
> > +     if (is_kho_boot())

Looks like memblock_mark_kho_scratch() is called before is_kho_boot()
is working:

[    0.000000] memblock_mark_kho_scratch: is_kho_boot: 0
[    0.000000] memblock_mark_kho_scratch: is_kho_boot: 0
[    0.000000] memblock_mark_kho_scratch: is_kho_boot: 0
[    0.000000] KHO: kho_populate: is_kho_boot: 1
[    0.000000] memblock_mark_kho_scratch: is_kho_boot: 1
[    0.000000] memblock_clear_kho_scratch: is_kho_boot: 1
...

--- a/kernel/liveupdate/kexec_handover.c
+++ b/kernel/liveupdate/kexec_handover.c
@@ -1514,6 +1514,7 @@ void __init kho_populate(phys_addr_t fdt_phys,
u64 fdt_len,
        memblock_set_kho_scratch_only();

        kho_in.fdt_phys = fdt_phys;
+       pr_err("%s: is_kho_boot: %d\n", __func__, is_kho_boot());
        kho_in.scratch_phys = scratch_phys;
        kho_scratch_cnt = scratch_cnt;
        pr_info("found kexec handover data.\n");
diff --git a/mm/memblock.c b/mm/memblock.c
index 87e7495a68c1..f55b5cdba5dd 100644
--- a/mm/memblock.c
+++ b/mm/memblock.c
@@ -1126,6 +1126,7 @@ int __init_memblock
memblock_reserved_mark_noinit(phys_addr_t base, phys_addr_t
  */
 __init int memblock_mark_kho_scratch(phys_addr_t base, phys_addr_t size)
 {
+       pr_err("%s: is_kho_boot: %d\n", __func__, is_kho_boot());
        if (is_kho_boot())
                return memblock_setclr_flag(&memblock.memory, base, size, 1,
                                            MEMBLOCK_KHO_SCRATCH);
@@ -1142,6 +1143,7 @@ __init int memblock_mark_kho_scratch(phys_addr_t
base, phys_addr_t size)
  */
 __init int memblock_clear_kho_scratch(phys_addr_t base, phys_addr_t size)
 {
+       pr_err("%s: is_kho_boot: %d\n", __func__, is_kho_boot());
        if (is_kho_boot())
                return memblock_setclr_flag(&memblock.memory, base, size, 0,
                                            MEMBLOCK_KHO_SCRATCH);

> > +             return memblock_setclr_flag(&memblock.memory, base, size, 1,
> > +                                         MEMBLOCK_KHO_SCRATCH);
> > +     return 0;
> >  }
> >
> >  /**
> > @@ -1140,8 +1142,10 @@ __init int memblock_mark_kho_scratch(phys_addr_t base, phys_addr_t size)
> >   */
> >  __init int memblock_clear_kho_scratch(phys_addr_t base, phys_addr_t size)
> >  {
> > -     return memblock_setclr_flag(&memblock.memory, base, size, 0,
> > -                                 MEMBLOCK_KHO_SCRATCH);
> > +     if (is_kho_boot())
> > +             return memblock_setclr_flag(&memblock.memory, base, size, 0,
> > +                                         MEMBLOCK_KHO_SCRATCH);
> > +     return 0;
> >  }
> >
> >  static bool should_skip_region(struct memblock_type *type,
> > --
> > 2.47.3
> >
>
> --
> Sincerely yours,
> Mike.
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ