From: Pasha Tatashin <pasha.tatashin@soleen.com>
To: Cris Jacob Maamor <crisjacobmaamor@gmail.com>
Cc: Mike Rapoport <rppt@kernel.org>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
Pratyush Yadav <pratyush@kernel.org>,
Alexander Graf <graf@amazon.com>,
Andrew Morton <akpm@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
kexec@lists.infradead.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2 0/5] liveupdate: validate restored LUO metadata
Date: Fri, 1 May 2026 19:34:25 +0000 [thread overview]
Message-ID: <afT_xHDuFwAUSR0X@plex> (raw)
In-Reply-To: <20260501173053.73116-1-crisjacobmaamor@gmail.com>
On 05-02 01:30, Cris Jacob Maamor wrote:
> LUO restores metadata from KHO/FDT during liveupdate. The restored
> metadata contains physical addresses and count fields used to access and
> walk preserved session, file set, and FLB arrays.
>
> This series adds a non-consuming KHO preserved-range check and uses it
> before phys_to_virt() on restored metadata addresses. It also rejects
> restored counts above LUO_SESSION_MAX, LUO_FILE_MAX, and LUO_FLB_MAX
> before traversal.
>
> As far as I can tell, this is root/admin-only; I do not have evidence
> that a normal unprivileged user can trigger it directly.
>
> Changes since v1:
> - Dropped RFC marking.
> - Added changelog text to each patch.
> - No code changes.
>
> Cris Jacob Maamor (5):
> kexec: handover: add helper to check preserved page ranges
> liveupdate: validate LUO FDT physical address before mapping
> liveupdate: validate restored LUO session metadata
> liveupdate: validate restored LUO file set metadata
> liveupdate: validate restored LUO FLB metadata
I have replied separately in the security report to clarify that this is
not a bug. The behavior follows the ABI specification exactly: we use
the PA addresses and ranges provided by the KHO FDT tree.
NAK
>
> include/linux/kexec_handover.h | 6 +++++
> kernel/liveupdate/kexec_handover.c | 35 ++++++++++++++++++++++++++++++
> kernel/liveupdate/luo_core.c | 10 ++++++++-
> kernel/liveupdate/luo_file.c | 14 ++++++++++--
> kernel/liveupdate/luo_flb.c | 23 +++++++++++++++++++-
> kernel/liveupdate/luo_session.c | 22 +++++++++++++++++--
> 6 files changed, 104 insertions(+), 6 deletions(-)
>
> --
> 2.53.0
>
next prev parent reply other threads:[~2026-05-01 19:34 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-05-01 9:46 [PATCH RFC 0/5] liveupdate: validate restored LUO metadata Cris Jacob Maamor
2026-05-01 9:46 ` [PATCH RFC 1/5] kexec: handover: add helper to check preserved page ranges Cris Jacob Maamor
2026-05-01 10:11 ` Greg Kroah-Hartman
2026-05-01 9:46 ` [PATCH RFC 2/5] liveupdate: validate restored LUO FDT before use Cris Jacob Maamor
2026-05-01 9:46 ` [PATCH RFC 3/5] liveupdate: validate restored LUO session metadata Cris Jacob Maamor
2026-05-01 9:46 ` [PATCH RFC 4/5] liveupdate: validate restored LUO file-set metadata Cris Jacob Maamor
2026-05-01 9:46 ` [PATCH RFC 5/5] liveupdate: validate restored LUO FLB metadata Cris Jacob Maamor
2026-05-01 17:30 ` [PATCH v2 0/5] liveupdate: validate restored LUO metadata Cris Jacob Maamor
2026-05-01 17:30 ` [PATCH v2 1/5] kexec: handover: add helper to check preserved page ranges Cris Jacob Maamor
2026-05-01 17:30 ` [PATCH v2 2/5] liveupdate: validate LUO FDT physical address before mapping Cris Jacob Maamor
2026-05-01 17:30 ` [PATCH v2 3/5] liveupdate: validate restored LUO session metadata Cris Jacob Maamor
2026-05-01 17:30 ` [PATCH v2 4/5] liveupdate: validate restored LUO file set metadata Cris Jacob Maamor
2026-05-01 17:30 ` [PATCH v2 5/5] liveupdate: validate restored LUO FLB metadata Cris Jacob Maamor
2026-05-01 19:34 ` Pasha Tatashin [this message]
2026-05-06 9:02 ` [PATCH v2 0/5] liveupdate: validate restored LUO metadata Pratyush Yadav
2026-05-06 15:05 ` Pasha Tatashin
2026-05-06 16:15 ` Pratyush Yadav
2026-05-06 16:34 ` Pasha Tatashin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afT_xHDuFwAUSR0X@plex \
--to=pasha.tatashin@soleen.com \
--cc=akpm@linux-foundation.org \
--cc=crisjacobmaamor@gmail.com \
--cc=graf@amazon.com \
--cc=gregkh@linuxfoundation.org \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pratyush@kernel.org \
--cc=rppt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.