lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aT/LzbCZ2io2YBBX@MiWiFi-R3L-srv>
Date: Mon, 15 Dec 2025 16:50:21 +0800
From: Baoquan He <bhe@...hat.com>
To: Qiang Ma <maqianga@...ontech.com>
Cc: akpm@...ux-foundation.org, kexec@...ts.infradead.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] kexec: Fix uninitialized struct kimage *image pointer

On 12/15/25 at 12:41pm, Qiang Ma wrote:
> 
> 在 2025/12/15 09:18, Baoquan He 写道:
> > On 12/14/25 at 07:35pm, Qiang Ma wrote:
> > > 在 2025/12/12 18:53, Baoquan He 写道:
> > > > On 12/12/25 at 03:16pm, Qiang Ma wrote:
> > > > > The image is initialized to NULL. Then, after calling kimage_alloc_init,
> > > > > we can directly goto 'out' because at this time, the kimage_free will
> > > > > determine whether image is a NULL pointer.
> > > > Rechecked the code flow, in kimage_alloc_init(), if anything wrong, the
> > > > allocated memory are all freed via out_free_control_pages and
> > > > out_free_image accordingly, any place missed? If no, I think the current
> > > > code is correctly handled.
> > > I rechecked the code and found no omissions.
> > Hmm, my bad, I didn't say my question clearly. I checked code, didn't
> > find anything wrong in the current code. In kimage_alloc_init(), the
> > allocated memory are all freed on failure, no memory leaked. Means you
> > are fixing correct code.
> Oh, I see. I recalled that this fix was in preparation for patch
> "kexec: add kexec flag to control debug printing" for kexec_dbg_print
> to be reset to false in kimage_free.
> 
> In that case, I don't think this patch should be posted separately.

If it's prepared for later patch, it should not be saying it's fixing
issue. People may be confused and try to add it to stable kernel.

> > 
> > > > > Signed-off-by: Qiang Ma <maqianga@...ontech.com>
> > > > > ---
> > > > >    kernel/kexec.c | 4 +++-
> > > > >    1 file changed, 3 insertions(+), 1 deletion(-)
> > > > Acked-by: Baoquan He <bhe@...hat.com>
> > > > 
> > > > > diff --git a/kernel/kexec.c b/kernel/kexec.c
> > > > > index 28008e3d462e..9bb1f2b6b268 100644
> > > > > --- a/kernel/kexec.c
> > > > > +++ b/kernel/kexec.c
> > > > > @@ -95,6 +95,8 @@ static int do_kexec_load(unsigned long entry, unsigned long nr_segments,
> > > > >    	unsigned long i;
> > > > >    	int ret;
> > > > > +	image = NULL;
> > > > > +
> > > > >    	/*
> > > > >    	 * Because we write directly to the reserved memory region when loading
> > > > >    	 * crash kernels we need a serialization here to prevent multiple crash
> > > > > @@ -129,7 +131,7 @@ static int do_kexec_load(unsigned long entry, unsigned long nr_segments,
> > > > >    	ret = kimage_alloc_init(&image, entry, nr_segments, segments, flags);
> > > > >    	if (ret)
> > > > > -		goto out_unlock;
> > > > > +		goto out;
> > > > >    	if (flags & KEXEC_PRESERVE_CONTEXT)
> > > > >    		image->preserve_context = 1;
> > > > > -- 
> > > > > 2.20.1
> > > > > 
> > 
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ