From: Pasha Tatashin <pasha.tatashin@soleen.com>
To: Pratyush Yadav <pratyush@kernel.org>
Cc: akpm@linux-foundation.org, rppt@kernel.org, graf@amazon.com,
linux-kernel@vger.kernel.org, kexec@lists.infradead.org,
linux-mm@kvack.org, ricardo.neri-calderon@linux.intel.com
Subject: Re: [PATCH v3] kho: validate preserved memory map during population
Date: Tue, 23 Dec 2025 08:39:50 -0500 [thread overview]
Message-ID: <CA+CK2bC2BQBgtgudZ3-Tpc9ctJEaiFJjx9gNuysXLU1LGpf6OA@mail.gmail.com> (raw)
In-Reply-To: <867buecxll.fsf@kernel.org>
> > Previously, kho_populate() would succeed regardless of the memory map's
> > state, reserving the incoming scratch regions in memblock. However,
> > kho_memory_init() would later fail to deserialize the empty map. By that
> > time, the scratch regions were already registered, leading to partial
> > initialization and subsequent list corruption (double-free) during
> > kho_init().
>
> Nit: I am guessing the double-free is the scratch regions being freed
> twice? Can you please write that out explicitly?
Sure.
> > + mem_map_phys = kho_get_mem_map_phys(fdt);
> > + if (!mem_map_phys) {
> > + pr_warn("setup: handover FDT (0x%llx) present but no preserved memory found\n",
> > + fdt_phys);
>
> Enabling KHO but not using it is a perfectly normal use case. This
> should not be a warning. I don't think we should print anything here
> TBH.
That is fair, I considered pr_info(), but I think you are right, lets
just remove print.
>
> > + err = -ENOENT;
> > + goto out;
> > + }
> > +
> > scratch = early_memremap(scratch_phys, scratch_len);
> > if (!scratch) {
> > pr_warn("setup: failed to memremap scratch (phys=0x%llx, len=%lld)\n",
> > @@ -1515,6 +1517,7 @@ void __init kho_populate(phys_addr_t fdt_phys, u64 fdt_len,
> >
> > kho_in.fdt_phys = fdt_phys;
> > kho_in.scratch_phys = scratch_phys;
> > + kho_in.mem_map_phys = mem_map_phys;
>
> Nit: not a fan of duplicating information. This is already contained in
> the FDT. Perhaps make kho_memory_init() also call
> kho_get_mem_map_phys()? And while at it, perhaps make it
> kho_get_mem_map() and the return type struct khoser_mem_chunk * ?
I prefer the current approach, fetch from FDT once, it is just a single address.
> No strong opinion, so fine either way, but I do think it is cleaner.
Thank you for the review.
Pasha
prev parent reply other threads:[~2025-12-23 13:40 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-19 7:12 Pasha Tatashin
2025-12-19 13:27 ` Ricardo Neri
2025-12-22 16:03 ` Pratyush Yadav
2025-12-23 13:39 ` Pasha Tatashin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CA+CK2bC2BQBgtgudZ3-Tpc9ctJEaiFJjx9gNuysXLU1LGpf6OA@mail.gmail.com \
--to=pasha.tatashin@soleen.com \
--cc=akpm@linux-foundation.org \
--cc=graf@amazon.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pratyush@kernel.org \
--cc=ricardo.neri-calderon@linux.intel.com \
--cc=rppt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox