Commit 34df6c47 authored by Ran Xiaokai's avatar Ran Xiaokai Committed by Andrew Morton
Browse files

kho: fix missing early_memunmap() call in kho_populate() 

Patch series "two fixes in kho_populate()", v3.


This patch (of 2):

kho_populate() returns without calling early_memunmap() on success path,
this will cause early ioremap virtual address space leak.

Link: https://lkml.kernel.org/r/20260212111146.210086-1-ranxiaokai627@163.com
Link: https://lkml.kernel.org/r/20260212111146.210086-2-ranxiaokai627@163.com


Fixes: b50634c5 ("kho: cleanup error handling in kho_populate()")
Signed-off-by: default avatarRan Xiaokai <ran.xiaokai@zte.com.cn>
Reviewed-by: default avatarPratyush Yadav <pratyush@kernel.org>
Cc: Alexander Graf <graf@amazon.com>
Cc: Mike Rapoport <rppt@kernel.org>
Cc: Pasha Tatashin <pasha.tatashin@soleen.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
parent 55f8b451

kernel/liveupdate/kexec_handover.c

+14 −12
Original line number Diff line number Diff line
@@ -1463,36 +1463,37 @@ void __init kho_populate(phys_addr_t fdt_phys, u64 fdt_len, 
	struct kho_scratch *scratch = NULL;

	phys_addr_t mem_map_phys;

	void *fdt = NULL;

	bool populated = false;

	int err;



	/* Validate the input FDT */

	fdt = early_memremap(fdt_phys, fdt_len);

	if (!fdt) {

		pr_warn("setup: failed to memremap FDT (0x%llx)\n", fdt_phys);

		goto err_report;

		goto report;

	}

	err = fdt_check_header(fdt);

	if (err) {

		pr_warn("setup: handover FDT (0x%llx) is invalid: %d\n",

			fdt_phys, err);

		goto err_unmap_fdt;

		goto unmap_fdt;

	}

	err = fdt_node_check_compatible(fdt, 0, KHO_FDT_COMPATIBLE);

	if (err) {

		pr_warn("setup: handover FDT (0x%llx) is incompatible with '%s': %d\n",

			fdt_phys, KHO_FDT_COMPATIBLE, err);

		goto err_unmap_fdt;

		goto unmap_fdt;

	}



	mem_map_phys = kho_get_mem_map_phys(fdt);

	if (!mem_map_phys)

		goto err_unmap_fdt;

		goto unmap_fdt;



	scratch = early_memremap(scratch_phys, scratch_len);

	if (!scratch) {

		pr_warn("setup: failed to memremap scratch (phys=0x%llx, len=%lld)\n",

			scratch_phys, scratch_len);

		goto err_unmap_fdt;

		goto unmap_fdt;

	}



	/*
@@ -1509,7 +1510,7 @@ void __init kho_populate(phys_addr_t fdt_phys, u64 fdt_len, 
		if (WARN_ON(err)) {

			pr_warn("failed to mark the scratch region 0x%pa+0x%pa: %pe",

				&area->addr, &size, ERR_PTR(err));

			goto err_unmap_scratch;

			goto unmap_scratch;

		}

		pr_debug("Marked 0x%pa+0x%pa as scratch", &area->addr, &size);

	}
@@ -1529,15 +1530,16 @@ void __init kho_populate(phys_addr_t fdt_phys, u64 fdt_len, 
	kho_in.scratch_phys = scratch_phys;

	kho_in.mem_map_phys = mem_map_phys;

	kho_scratch_cnt = scratch_cnt;

	pr_info("found kexec handover data.\n");



	return;

	populated = true;

	pr_info("found kexec handover data.\n");



err_unmap_scratch:

unmap_scratch:

	early_memunmap(scratch, scratch_len);

err_unmap_fdt:

unmap_fdt:

	early_memunmap(fdt, fdt_len);

err_report:

report:

	if (!populated)

		pr_warn("disabling KHO revival\n");

}