From: Pratyush Yadav <pratyush@kernel.org>
To: Pasha Tatashin <pasha.tatashin@soleen.com>
Cc: Pratyush Yadav <pratyush@kernel.org>,
Mike Rapoport <rppt@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
linux-kernel@vger.kernel.org, kexec@lists.infradead.org,
stable@vger.kernel.org
Subject: Re: [PATCH] liveupdate: validate session type before performing operation
Date: Tue, 19 May 2026 16:29:48 +0200 [thread overview]
Message-ID: <2vxzfr3n8obn.fsf@kernel.org> (raw)
In-Reply-To: <agxuNavjtB8T_xRO@plex> (Pasha Tatashin's message of "Tue, 19 May 2026 14:11:26 +0000")
On Tue, May 19 2026, Pasha Tatashin wrote:
> On 05-19 14:24, Pratyush Yadav wrote:
>> From: "Pratyush Yadav (Google)" <pratyush@kernel.org>
>>
>> The sessions ioctls are not applicable to all session types. PRESERVE_FD
>> is only applicable to outgoing sessions. RETRIEVE_FD and FINISH are only
>> valid for incoming session. Calling a incoming ioctl on an outgoing
>> session is invalid and can cause file handlers to run into unexpected
>> errors.
>>
>> For example, a user can create a (outgoing) session, preserve a memfd,
>> and then immediately do a retrieve without doing a kexec in between.
>
> Please add a self-test tools/testing/selftests/liveupdate/liveupdate.c
> to verify that outgoing sessions do not accept retrieve_fd ioctl.
> Option, you could also add to luo_multi_session.c a test to verifying
> that incoming does not accept preserve_fd
Right, forgot about that. Will do.
>
>> This would result in memfd's retrieve handler to run. The handlers
>> expects to be called from a post-kexec context, and will try to do a
>> kho_restore_vmalloc() or kho_restore_folio() to try and restore memory.
>>
>> KHO catches this (thanks to KHO_PAGE_MAGIC) and returns an error, but
>> since this is considered an internal error and KHO throws out a bunch of
>> WARN()s.
>>
>> Associate a type with each ioctl op and validate the type in
>> luo_session_ioctl() before dispatching the ioctl handler to make sure
>> the op is being called for the right session type.
>>
>> Fixes: 16cec0d26521 ("liveupdate: luo_session: add ioctls for file preservation")
>> Cc: stable@vger.kernel.org
>> Signed-off-by: Pratyush Yadav (Google) <pratyush@kernel.org>
--
Regards,
Pratyush Yadav
next prev parent reply other threads:[~2026-05-19 14:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-19 12:24 [PATCH] liveupdate: validate session type before performing operation Pratyush Yadav
2026-05-19 14:11 ` Pasha Tatashin
2026-05-19 14:29 ` Pratyush Yadav [this message]
2026-05-26 8:09 ` Mike Rapoport
2026-05-26 8:13 ` Pratyush Yadav
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2vxzfr3n8obn.fsf@kernel.org \
--to=pratyush@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pasha.tatashin@soleen.com \
--cc=rppt@kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.