Hi Andrew,
Would you like me to resend the series with the "+ depends on KEXEC_HANDOVER" fix from Mike, or would you apply it into your tree directly?
Thank you, Pasha
On Wed, Oct 29, 2025 at 4:48 AM Mike Rapoport rppt@kernel.org wrote:
Hi Pasha,
On Mon, Oct 20, 2025 at 08:08:50PM -0400, Pasha Tatashin wrote:
It is invalid for KHO metadata or preserved memory regions to be located within the KHO scratch area, as this area is overwritten when the next kernel is loaded, and used early in boot by the next kernel. This can lead to memory corruption.
Adds checks to kho_preserve_* and KHO's internal metadata allocators (xa_load_or_alloc, new_chunk) to verify that the physical address of the memory does not overlap with any defined scratch region. If an overlap is detected, the operation will fail and a WARN_ON is triggered. To avoid performance overhead in production kernels, these checks are enabled only when CONFIG_KEXEC_HANDOVER_DEBUG is selected.
Signed-off-by: Pasha Tatashin pasha.tatashin@soleen.com
kernel/Kconfig.kexec | 9 ++++++ kernel/Makefile | 1 + kernel/kexec_handover.c | 53 ++++++++++++++++++++++---------- kernel/kexec_handover_debug.c | 25 +++++++++++++++ kernel/kexec_handover_internal.h | 16 ++++++++++ 5 files changed, 87 insertions(+), 17 deletions(-) create mode 100644 kernel/kexec_handover_debug.c create mode 100644 kernel/kexec_handover_internal.h
diff --git a/kernel/Kconfig.kexec b/kernel/Kconfig.kexec index 422270d64820..c94d36b5fcd9 100644 --- a/kernel/Kconfig.kexec +++ b/kernel/Kconfig.kexec @@ -109,6 +109,15 @@ config KEXEC_HANDOVER to keep data or state alive across the kexec. For this to work, both source and target kernels need to have this option enabled.
+config KEXEC_HANDOVER_DEBUG
bool "Enable Kexec Handover debug checks"depends on KEXEC_HANDOVER_DEBUGFSI missed that in the earlier review, should be "depends on KEXEC_HANDOVER"
@Andrew, can you please fold this into what's now commit 0e0faeffd144 ("kho: warn and fail on metadata or preserved memory in scratch area")
diff --git a/kernel/Kconfig.kexec b/kernel/Kconfig.kexec index c94d36b5fcd9..54e581072617 100644 --- a/kernel/Kconfig.kexec +++ b/kernel/Kconfig.kexec @@ -111,7 +111,7 @@ config KEXEC_HANDOVER
config KEXEC_HANDOVER_DEBUG bool "Enable Kexec Handover debug checks"
depends on KEXEC_HANDOVER_DEBUGFS
depends on KEXEC_HANDOVER help This option enables extra sanity checks for the Kexec Handover subsystem. Since, KHO performance is crucial in live update
helpThis option enables extra sanity checks for the Kexec Handoversubsystem. Since, KHO performance is crucial in live updatescenarios and the extra code might be adding overhead it isonly optionally enabled.config CRASH_DUMP bool "kernel crash dumps" default ARCH_DEFAULT_CRASH_DUMP
-- Sincerely yours, Mike.