* [PATCH v8 10/13] lib/bootconfig: use size_t for strlen result in xbc_node_match_prefix()
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
lib/bootconfig.c:198:19: warning: conversion from 'size_t' to 'int'
may change value [-Wconversion]
lib/bootconfig.c:200:33: warning: conversion to '__kernel_size_t'
from 'int' may change the sign of the result [-Wsign-conversion]
strlen() returns size_t but the result was stored in an int. The value
is then passed back to strncmp() which expects size_t, causing a second
sign-conversion warning on the round-trip. Use size_t throughout to
match the API types.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index dd639046912c..3c5b6ad32a54 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -195,7 +195,7 @@ static bool __init
xbc_node_match_prefix(struct xbc_node *node, const char **prefix)
{
const char *p = xbc_node_get_data(node);
- int len = strlen(p);
+ size_t len = strlen(p);
if (strncmp(*prefix, p, len))
return false;
--
2.34.1
^ permalink raw reply related
* [PATCH v8 12/13] lib/bootconfig: use size_t for key length tracking in xbc_verify_tree()
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
lib/bootconfig.c:839:24: warning: conversion from 'size_t' to 'int'
may change value [-Wconversion]
lib/bootconfig.c:860:32: warning: conversion from 'size_t' to 'int'
may change value [-Wconversion]
lib/bootconfig.c:860:29: warning: conversion to 'size_t' from 'int'
may change the sign of the result [-Wsign-conversion]
The key length variables len and wlen accumulate strlen() results but
were declared as int, causing truncation and sign-conversion warnings.
Change both to size_t to match the strlen() return type and avoid
mixed-sign arithmetic.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index 119c3d429c1f..272d9427e879 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -803,7 +803,8 @@ static int __init xbc_close_brace(char **k, char *n)
static int __init xbc_verify_tree(void)
{
- int i, depth, len, wlen;
+ int i, depth;
+ size_t len, wlen;
struct xbc_node *n, *m;
/* Brace closing */
--
2.34.1
^ permalink raw reply related
* [PATCH v8 09/13] lib/bootconfig: fix signed comparison in xbc_node_get_data()
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
lib/bootconfig.c:188:28: warning: comparison of integer expressions
of different signedness: 'int' and 'size_t' [-Wsign-compare]
The local variable 'offset' is declared as int, but xbc_data_size is
size_t. Change the type to size_t to match and eliminate the warning.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index ecc4e8d93547..dd639046912c 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -183,7 +183,7 @@ struct xbc_node * __init xbc_node_get_next(struct xbc_node *node)
*/
const char * __init xbc_node_get_data(struct xbc_node *node)
{
- int offset = node->data & ~XBC_VALUE;
+ size_t offset = node->data & ~XBC_VALUE;
if (WARN_ON(offset >= xbc_data_size))
return NULL;
--
2.34.1
^ permalink raw reply related
* [PATCH v8 11/13] lib/bootconfig: use signed type for offset in xbc_init_node()
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
lib/bootconfig.c:415:32: warning: conversion to 'long unsigned int'
from 'long int' may change the sign of the result [-Wsign-conversion]
Pointer subtraction yields ptrdiff_t (signed), which was stored in
unsigned long. The original unsigned type implicitly caught a negative
offset (data < xbc_data) because the wrapped value would exceed
XBC_DATA_MAX. Make this intent explicit by using a signed long and
adding an offset < 0 check to the WARN_ON condition.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index 3c5b6ad32a54..119c3d429c1f 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -412,9 +412,9 @@ const char * __init xbc_node_find_next_key_value(struct xbc_node *root,
static int __init xbc_init_node(struct xbc_node *node, char *data, uint16_t flag)
{
- unsigned long offset = data - xbc_data;
+ long offset = data - xbc_data;
- if (WARN_ON(offset >= XBC_DATA_MAX))
+ if (WARN_ON(offset < 0 || offset >= XBC_DATA_MAX))
return -EINVAL;
node->data = (uint16_t)offset | flag;
--
2.34.1
^ permalink raw reply related
* [PATCH v8 08/13] lib/bootconfig: validate child node index in xbc_verify_tree()
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
xbc_verify_tree() validates that each node's next index is within
bounds, but does not check the child index. Add the same bounds
check for the child field.
Without this check, a corrupt bootconfig that passes next-index
validation could still trigger an out-of-bounds memory access via an
invalid child index when xbc_node_get_child() is called during tree
traversal at boot time.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index d7e2395b7e83..1adf592cc038 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -823,6 +823,10 @@ static int __init xbc_verify_tree(void)
return xbc_parse_error("No closing brace",
xbc_node_get_data(xbc_nodes + i));
}
+ if (xbc_nodes[i].child >= xbc_node_num) {
+ return xbc_parse_error("Broken child node",
+ xbc_node_get_data(xbc_nodes + i));
+ }
}
/* Key tree limitation check */
--
2.34.1
^ permalink raw reply related
* [PATCH v8 07/13] lib/bootconfig: replace linux/kernel.h with specific includes
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
linux/kernel.h is a legacy catch-all header. Replace it with the
specific headers actually needed: linux/cache.h for SMP_CACHE_BYTES,
linux/compiler.h for unlikely(), and linux/sprintf.h for snprintf().
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index 69486bd56fea..d7e2395b7e83 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -17,7 +17,9 @@
#include <linux/bug.h>
#include <linux/ctype.h>
#include <linux/errno.h>
-#include <linux/kernel.h>
+#include <linux/cache.h>
+#include <linux/compiler.h>
+#include <linux/sprintf.h>
#include <linux/memblock.h>
#include <linux/string.h>
--
2.34.1
^ permalink raw reply related
* [PATCH v8 02/13] lib/bootconfig: narrow flag parameter type from uint32_t to uint16_t
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
The flag parameter in the node creation helpers only ever carries
XBC_KEY (0) or XBC_VALUE (0x8000), both of which fit in uint16_t.
Using uint16_t matches the width of xbc_node.data where the flag is
ultimately stored.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index d77b6533ac00..d69ec95d6062 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -408,7 +408,7 @@ const char * __init xbc_node_find_next_key_value(struct xbc_node *root,
/* XBC parse and tree build */
-static int __init xbc_init_node(struct xbc_node *node, char *data, uint32_t flag)
+static int __init xbc_init_node(struct xbc_node *node, char *data, uint16_t flag)
{
unsigned long offset = data - xbc_data;
@@ -422,7 +422,7 @@ static int __init xbc_init_node(struct xbc_node *node, char *data, uint32_t flag
return 0;
}
-static struct xbc_node * __init xbc_add_node(char *data, uint32_t flag)
+static struct xbc_node * __init xbc_add_node(char *data, uint16_t flag)
{
struct xbc_node *node;
@@ -452,7 +452,7 @@ static inline __init struct xbc_node *xbc_last_child(struct xbc_node *node)
return node;
}
-static struct xbc_node * __init __xbc_add_sibling(char *data, uint32_t flag, bool head)
+static struct xbc_node * __init __xbc_add_sibling(char *data, uint16_t flag, bool head)
{
struct xbc_node *sib, *node = xbc_add_node(data, flag);
@@ -480,17 +480,17 @@ static struct xbc_node * __init __xbc_add_sibling(char *data, uint32_t flag, boo
return node;
}
-static inline struct xbc_node * __init xbc_add_sibling(char *data, uint32_t flag)
+static inline struct xbc_node * __init xbc_add_sibling(char *data, uint16_t flag)
{
return __xbc_add_sibling(data, flag, false);
}
-static inline struct xbc_node * __init xbc_add_head_sibling(char *data, uint32_t flag)
+static inline struct xbc_node * __init xbc_add_head_sibling(char *data, uint16_t flag)
{
return __xbc_add_sibling(data, flag, true);
}
-static inline __init struct xbc_node *xbc_add_child(char *data, uint32_t flag)
+static inline __init struct xbc_node *xbc_add_child(char *data, uint16_t flag)
{
struct xbc_node *node = xbc_add_sibling(data, flag);
--
2.34.1
^ permalink raw reply related
* [PATCH v8 03/13] lib/bootconfig: fix off-by-one in xbc_verify_tree() next node check
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
Valid node indices are 0 to xbc_node_num-1, so a next value equal to
xbc_node_num is out of bounds. Use >= instead of > to catch this.
A malformed or corrupt bootconfig could pass tree verification with
an out-of-bounds next index. On subsequent tree traversal at boot
time, xbc_node_get_next() would return a pointer past the allocated
xbc_nodes array, causing an out-of-bounds read of kernel memory.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index d69ec95d6062..ca668ead1db6 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -816,7 +816,7 @@ static int __init xbc_verify_tree(void)
}
for (i = 0; i < xbc_node_num; i++) {
- if (xbc_nodes[i].next > xbc_node_num) {
+ if (xbc_nodes[i].next >= xbc_node_num) {
return xbc_parse_error("No closing brace",
xbc_node_get_data(xbc_nodes + i));
}
--
2.34.1
^ permalink raw reply related
* [PATCH v8 06/13] bootconfig: constify xbc_calc_checksum() data parameter
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
xbc_calc_checksum() only reads the data buffer, so mark the parameter
as const void * and the internal pointer as const unsigned char *.
Signed-off-by: Josh Law <objecting@objecting.org>
---
include/linux/bootconfig.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/include/linux/bootconfig.h b/include/linux/bootconfig.h
index 25df9260d206..23a96c5edcf3 100644
--- a/include/linux/bootconfig.h
+++ b/include/linux/bootconfig.h
@@ -36,9 +36,9 @@ bool __init cmdline_has_extra_options(void);
* The checksum will be used with the BOOTCONFIG_MAGIC and the size for
* embedding the bootconfig in the initrd image.
*/
-static inline __init uint32_t xbc_calc_checksum(void *data, uint32_t size)
+static inline __init uint32_t xbc_calc_checksum(const void *data, uint32_t size)
{
- unsigned char *p = data;
+ const unsigned char *p = data;
uint32_t ret = 0;
while (size--)
--
2.34.1
^ permalink raw reply related
* [PATCH v8 04/13] lib/bootconfig: increment xbc_node_num after node init succeeds
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
Move the xbc_node_num increment to after xbc_init_node() so a failed
init does not leave a partially initialized node counted in the array.
If xbc_init_node() fails on a data offset at the boundary of a
maximum-size bootconfig, the pre-incremented count causes subsequent
tree verification and traversal to consider the uninitialized node as
valid, potentially leading to an out-of-bounds read or unpredictable
boot behavior.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index ca668ead1db6..6b899e24189c 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -429,9 +429,10 @@ static struct xbc_node * __init xbc_add_node(char *data, uint16_t flag)
if (xbc_node_num == XBC_NODE_MAX)
return NULL;
- node = &xbc_nodes[xbc_node_num++];
+ node = &xbc_nodes[xbc_node_num];
if (xbc_init_node(node, data, flag) < 0)
return NULL;
+ xbc_node_num++;
return node;
}
--
2.34.1
^ permalink raw reply related
* [PATCH v8 05/13] lib/bootconfig: drop redundant memset of xbc_nodes
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
memblock_alloc() already returns zeroed memory, so the explicit memset
in xbc_init() is redundant. Switch the userspace xbc_alloc_mem() from
malloc() to calloc() so both paths return zeroed memory, and remove
the separate memset call.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index 6b899e24189c..69486bd56fea 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -71,7 +71,7 @@ static inline void __init xbc_free_mem(void *addr, size_t size, bool early)
static inline void *xbc_alloc_mem(size_t size)
{
- return malloc(size);
+ return calloc(1, size);
}
static inline void xbc_free_mem(void *addr, size_t size, bool early)
@@ -982,7 +982,6 @@ int __init xbc_init(const char *data, size_t size, const char **emsg, int *epos)
_xbc_exit(true);
return -ENOMEM;
}
- memset(xbc_nodes, 0, sizeof(struct xbc_node) * XBC_NODE_MAX);
ret = xbc_parse_tree();
if (!ret)
--
2.34.1
^ permalink raw reply related
* [PATCH v8 00/13] bootconfig: cleanups, correctness, and modernization
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
This series addresses a collection of issues found during a review of
lib/bootconfig.c, include/linux/bootconfig.h, and tools/bootconfig,
covering off-by-one errors, coding style, signedness/type cleanup, and
API modernization.
The two patches with Fixes tags (xbc_init_node() override check and
load_xbc_file() fd leak) have been split into a separate series for
bootconfig/fixes per Masami's request.
Changes since v7:
- Split fixes from cleanups/improvements into separate series per
maintainer request, so fixes can go into bootconfig/fixes and the
rest (this series) into bootconfig/for-next.
Bug fixes:
- Fix off-by-one in xbc_verify_tree() where a next-node index equal
to xbc_node_num passes the bounds check despite being out of range;
a malformed bootconfig could cause an out-of-bounds read of kernel
memory during tree traversal at boot time (patch 3).
- Move xbc_node_num increment to after xbc_init_node() validation so
a failed init does not leave a partially initialized node counted
in the array; on a maximum-size bootconfig, the uninitialized node
could be traversed leading to unpredictable boot behavior (patch 4).
- Validate child node indices in xbc_verify_tree() alongside the
existing next-node check; without this, a corrupt bootconfig could
trigger an out-of-bounds memory access via an invalid child index
during tree traversal (patch 8).
Correctness:
- Narrow the flag parameter in node creation helpers from uint32_t to
uint16_t to match the xbc_node.data field width (patch 2).
- Constify the xbc_calc_checksum() data parameter since it only reads
the buffer (patch 6).
- Fix strict-GCC signedness and narrowing warnings by aligning local
types with strlen() APIs and the node index/data storage in
xbc_node_get_data(), xbc_node_match_prefix(), xbc_init_node(),
xbc_verify_tree(), and xbc_node_index() (patches 9-13).
Cleanups:
- Fix comment typos, missing blank line before kerneldoc, and
inconsistent if/else bracing (patch 1).
- Drop redundant memset after memblock_alloc which already returns
zeroed memory; switch the userspace path from malloc to calloc to
match (patch 5).
Modernization:
- Replace the catch-all linux/kernel.h include with the specific
headers needed: linux/cache.h, linux/compiler.h, and
linux/sprintf.h (patch 7).
Build-tested with both the in-kernel build (lib/bootconfig.o,
init/main.o) and the userspace tools/bootconfig build. All 70
tools/bootconfig test cases pass.
Josh Law (13):
lib/bootconfig: clean up comment typos and bracing
lib/bootconfig: narrow flag parameter type from uint32_t to uint16_t
lib/bootconfig: fix off-by-one in xbc_verify_tree() next node check
lib/bootconfig: increment xbc_node_num after node init succeeds
lib/bootconfig: drop redundant memset of xbc_nodes
bootconfig: constify xbc_calc_checksum() data parameter
lib/bootconfig: replace linux/kernel.h with specific includes
lib/bootconfig: validate child node index in xbc_verify_tree()
lib/bootconfig: fix signed comparison in xbc_node_get_data()
lib/bootconfig: use size_t for strlen result in
xbc_node_match_prefix()
lib/bootconfig: use signed type for offset in xbc_init_node()
lib/bootconfig: use size_t for key length tracking in
xbc_verify_tree()
lib/bootconfig: change xbc_node_index() return type to uint16_t
include/linux/bootconfig.h | 6 ++--
lib/bootconfig.c | 62 ++++++++++++++++++++++----------------
2 files changed, 39 insertions(+), 29 deletions(-)
--
2.34.1
^ permalink raw reply
* [PATCH v8 01/13] lib/bootconfig: clean up comment typos and bracing
From: Josh Law @ 2026-03-18 15:59 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155919.78168-1-objecting@objecting.org>
Fixes kerneldoc typos ("initiized" and "uder") and adds a missing blank line.
Also fixes inconsistent if/else bracing in __xbc_add_key() and elsewhere.
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index b0ef1e74e98a..d77b6533ac00 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -79,6 +79,7 @@ static inline void xbc_free_mem(void *addr, size_t size, bool early)
free(addr);
}
#endif
+
/**
* xbc_get_info() - Get the information of loaded boot config
* @node_size: A pointer to store the number of nodes.
@@ -112,7 +113,7 @@ static int __init xbc_parse_error(const char *msg, const char *p)
* xbc_root_node() - Get the root node of extended boot config
*
* Return the address of root node of extended boot config. If the
- * extended boot config is not initiized, return NULL.
+ * extended boot config is not initialized, return NULL.
*/
struct xbc_node * __init xbc_root_node(void)
{
@@ -364,7 +365,7 @@ struct xbc_node * __init xbc_node_find_next_leaf(struct xbc_node *root,
node = xbc_node_get_parent(node);
if (node == root)
return NULL;
- /* User passed a node which is not uder parent */
+ /* User passed a node which is not under parent */
if (WARN_ON(!node))
return NULL;
}
@@ -472,8 +473,9 @@ static struct xbc_node * __init __xbc_add_sibling(char *data, uint32_t flag, boo
sib->next = xbc_node_index(node);
}
}
- } else
+ } else {
xbc_parse_error("Too many nodes", data);
+ }
return node;
}
@@ -655,9 +657,9 @@ static int __init __xbc_add_key(char *k)
if (unlikely(xbc_node_num == 0))
goto add_node;
- if (!last_parent) /* the first level */
+ if (!last_parent) { /* the first level */
node = find_match_node(xbc_nodes, k);
- else {
+ } else {
child = xbc_node_get_child(last_parent);
/* Since the value node is the first child, skip it. */
if (child && xbc_node_is_value(child))
@@ -665,9 +667,9 @@ static int __init __xbc_add_key(char *k)
node = find_match_node(child, k);
}
- if (node)
+ if (node) {
last_parent = node;
- else {
+ } else {
add_node:
node = xbc_add_child(k, XBC_KEY);
if (!node)
@@ -991,8 +993,9 @@ int __init xbc_init(const char *data, size_t size, const char **emsg, int *epos)
if (emsg)
*emsg = xbc_err_msg;
_xbc_exit(true);
- } else
+ } else {
ret = xbc_node_num;
+ }
return ret;
}
--
2.34.1
^ permalink raw reply related
* [PATCH v8 2/2] tools/bootconfig: fix fd leak in load_xbc_file() on fstat failure
From: Josh Law @ 2026-03-18 15:58 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: Steven Rostedt, linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155847.78065-1-objecting@objecting.org>
If fstat() fails after open() succeeds, the function returns without
closing the file descriptor. Also preserve errno across close(), since
close() may overwrite it before the error is returned.
Fixes: 950313ebf79c ("tools: bootconfig: Add bootconfig command")
Signed-off-by: Josh Law <objecting@objecting.org>
---
tools/bootconfig/main.c | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
diff --git a/tools/bootconfig/main.c b/tools/bootconfig/main.c
index 55d59ed507d5..643f707b8f1d 100644
--- a/tools/bootconfig/main.c
+++ b/tools/bootconfig/main.c
@@ -162,8 +162,11 @@ static int load_xbc_file(const char *path, char **buf)
if (fd < 0)
return -errno;
ret = fstat(fd, &stat);
- if (ret < 0)
- return -errno;
+ if (ret < 0) {
+ ret = -errno;
+ close(fd);
+ return ret;
+ }
ret = load_xbc_fd(fd, buf, stat.st_size);
--
2.34.1
^ permalink raw reply related
* [PATCH v8 1/2] lib/bootconfig: check xbc_init_node() return in override path
From: Josh Law @ 2026-03-18 15:58 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: Steven Rostedt, linux-kernel, linux-trace-kernel, Josh Law
In-Reply-To: <20260318155847.78065-1-objecting@objecting.org>
The ':=' override path in xbc_parse_kv() calls xbc_init_node() to
re-initialize an existing value node but does not check the return
value. If xbc_init_node() fails (data offset out of range), parsing
silently continues with stale node data.
Add the missing error check to match the xbc_add_node() call path
which already checks for failure.
In practice, a bootconfig using ':=' to override a value near the
32KB data limit could silently retain the old value, meaning a
security-relevant boot parameter override (e.g., a trace filter or
debug setting) would not take effect as intended.
Fixes: e5efaeb8a8f5 ("bootconfig: Support mixing a value and subkeys under a key")
Signed-off-by: Josh Law <objecting@objecting.org>
---
lib/bootconfig.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/lib/bootconfig.c b/lib/bootconfig.c
index 1adf592cc038..ecc4e8d93547 100644
--- a/lib/bootconfig.c
+++ b/lib/bootconfig.c
@@ -728,7 +728,8 @@ static int __init xbc_parse_kv(char **k, char *v, int op)
if (op == ':') {
unsigned short nidx = child->next;
- xbc_init_node(child, v, XBC_VALUE);
+ if (xbc_init_node(child, v, XBC_VALUE) < 0)
+ return xbc_parse_error("Failed to override value", v);
child->next = nidx; /* keep subkeys */
goto array;
}
--
2.34.1
^ permalink raw reply related
* [PATCH v8 0/2] bootconfig: targeted fixes for stable
From: Josh Law @ 2026-03-18 15:58 UTC (permalink / raw)
To: Masami Hiramatsu, Andrew Morton
Cc: Steven Rostedt, linux-kernel, linux-trace-kernel, Josh Law
Two bug fixes with Fixes tags, split out from the larger cleanup series
(v7 patches 9/15 and 10/15) per Masami's request so they can go
cleanly into bootconfig/fixes and from there into stable.
Changes since v7:
- Split fixes (this series) from cleanups/improvements into separate
series per maintainer request, so fixes can go into bootconfig/fixes
and the rest into bootconfig/for-next.
Bug fixes:
- Check xbc_init_node() return value in the ':=' override path; a
bootconfig using ':=' near the 32KB data limit could silently
retain the old value, meaning a security-relevant boot parameter
override would not take effect (patch 1).
- Fix file descriptor leak in tools/bootconfig load_xbc_file() when
fstat() fails, and preserve errno across close() on that error path
(patch 2).
Build-tested with both the in-kernel build (lib/bootconfig.o,
init/main.o) and the userspace tools/bootconfig build. All 70
tools/bootconfig test cases pass.
Josh Law (2):
lib/bootconfig: check xbc_init_node() return in override path
tools/bootconfig: fix fd leak in load_xbc_file() on fstat failure
lib/bootconfig.c | 3 ++-
tools/bootconfig/main.c | 7 +++++--
2 files changed, 7 insertions(+), 3 deletions(-)
--
2.34.1
^ permalink raw reply
* Re: [PATCH v9 2/4] ring-buffer: Flush and stop persistent ring buffer on panic
From: Mathieu Desnoyers @ 2026-03-18 15:51 UTC (permalink / raw)
To: Masami Hiramatsu (Google)
Cc: Steven Rostedt, linux-kernel, linux-trace-kernel, Ian Rogers
In-Reply-To: <20260319002918.5768a8ee053dd35373e215f2@kernel.org>
On 2026-03-18 11:29, Masami Hiramatsu (Google) wrote:
>>
>> - AFAIU, you are not trying to evince cache lines after creation
>> of a new virtual mapping (which is the documented intent of
>> flush_cache_vmap).
>
> Ah, OK. That's a good point!
> (anyway I will replace it with do { } while (0) in the next version.)
>
>>
>> - AFAIU flush_cache_vmap maps to no-code on arm64 (asm-generic), what am
>> I missing ? It makes sense to be a no-op because AFAIR arm64 does not
>> have to deal with virtually aliasing caches.
>
> Yeah, so my patch also introduces arm64 specific implementation.
Just make sure to call this something else than "flush_cache_vmap",
because you don't want to slow down vmap on arm64 which does not
require to evince and certainly not write back cache lines after
creation of a new virtual mapping.
Thanks,
Mathieu
--
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com
^ permalink raw reply
* Re: [PATCH v7 08/15] sched: Add task enqueue/dequeue trace points
From: gmonaco @ 2026-03-18 15:44 UTC (permalink / raw)
To: Peter Zijlstra, linux-trace-kernel, linux-kernel
Cc: Steven Rostedt, Nam Cao, Juri Lelli, Masami Hiramatsu,
Ingo Molnar, K Prateek Nayak, Tomas Glozar, Clark Williams,
John Kacur
In-Reply-To: <20260310105627.332044-9-gmonaco@redhat.com>
Hi Peter,
On Tue, 2026-03-10 at 11:56 +0100, Gabriele Monaco wrote:
> From: Nam Cao <namcao@linutronix.de>
>
> Add trace points into enqueue_task() and dequeue_task().
>
> Signed-off-by: Nam Cao <namcao@linutronix.de>
> Suggested-by: Peter Zijlstra <peterz@infradead.org>
> Reviewed-by: K Prateek Nayak <kprateek.nayak@amd.com>
> Co-developed-by: Gabriele Monaco <gmonaco@redhat.com>
> Signed-off-by: Gabriele Monaco <gmonaco@redhat.com>
> ---
Could I get an Ack for this?
Thanks,
Gabriele
>
> Notes:
> V7:
> * Use cpu_of(rq) helper in tracepoint calls
> V5:
> * Do not fire enqueue tracepoint for delayed enqueues
>
> include/trace/events/sched.h | 8 ++++++++
> kernel/sched/core.c | 12 +++++++++++-
> kernel/sched/sched.h | 2 ++
> 3 files changed, 21 insertions(+), 1 deletion(-)
>
> diff --git a/include/trace/events/sched.h
> b/include/trace/events/sched.h
> index 7b2645b50e78..5844147ec5fd 100644
> --- a/include/trace/events/sched.h
> +++ b/include/trace/events/sched.h
> @@ -896,6 +896,14 @@ DECLARE_TRACE(sched_set_need_resched,
> TP_PROTO(struct task_struct *tsk, int cpu, int tif),
> TP_ARGS(tsk, cpu, tif));
>
> +DECLARE_TRACE(sched_enqueue,
> + TP_PROTO(struct task_struct *tsk, int cpu),
> + TP_ARGS(tsk, cpu));
> +
> +DECLARE_TRACE(sched_dequeue,
> + TP_PROTO(struct task_struct *tsk, int cpu),
> + TP_ARGS(tsk, cpu));
> +
> #endif /* _TRACE_SCHED_H */
>
> /* This part must be outside protection */
> diff --git a/kernel/sched/core.c b/kernel/sched/core.c
> index b7f77c165a6e..c9ca1e048612 100644
> --- a/kernel/sched/core.c
> +++ b/kernel/sched/core.c
> @@ -122,6 +122,8 @@
> EXPORT_TRACEPOINT_SYMBOL_GPL(sched_compute_energy_tp);
> EXPORT_TRACEPOINT_SYMBOL_GPL(sched_entry_tp);
> EXPORT_TRACEPOINT_SYMBOL_GPL(sched_exit_tp);
> EXPORT_TRACEPOINT_SYMBOL_GPL(sched_set_need_resched_tp);
> +EXPORT_TRACEPOINT_SYMBOL_GPL(sched_enqueue_tp);
> +EXPORT_TRACEPOINT_SYMBOL_GPL(sched_dequeue_tp);
>
> DEFINE_PER_CPU_SHARED_ALIGNED(struct rq, runqueues);
> DEFINE_PER_CPU(struct rnd_state, sched_rnd_state);
> @@ -2094,6 +2096,9 @@ unsigned long get_wchan(struct task_struct *p)
>
> void enqueue_task(struct rq *rq, struct task_struct *p, int flags)
> {
> + if (trace_sched_enqueue_tp_enabled() && !(flags &
> ENQUEUE_DELAYED))
> + trace_sched_enqueue_tp(p, cpu_of(rq));
> +
> if (!(flags & ENQUEUE_NOCLOCK))
> update_rq_clock(rq);
>
> @@ -2120,6 +2125,8 @@ void enqueue_task(struct rq *rq, struct
> task_struct *p, int flags)
> */
> inline bool dequeue_task(struct rq *rq, struct task_struct *p, int
> flags)
> {
> + bool ret;
> +
> if (sched_core_enabled(rq))
> sched_core_dequeue(rq, p, flags);
>
> @@ -2136,7 +2143,10 @@ inline bool dequeue_task(struct rq *rq, struct
> task_struct *p, int flags)
> * and mark the task ->sched_delayed.
> */
> uclamp_rq_dec(rq, p);
> - return p->sched_class->dequeue_task(rq, p, flags);
> + ret = p->sched_class->dequeue_task(rq, p, flags);
> + if (trace_sched_dequeue_tp_enabled() && !(flags &
> DEQUEUE_SLEEP))
> + trace_sched_dequeue_tp(p, cpu_of(rq));
> + return ret;
> }
>
> void activate_task(struct rq *rq, struct task_struct *p, int flags)
> diff --git a/kernel/sched/sched.h b/kernel/sched/sched.h
> index 43bbf0693cca..d7ab0aa58a70 100644
> --- a/kernel/sched/sched.h
> +++ b/kernel/sched/sched.h
> @@ -2955,6 +2955,8 @@ static inline void sub_nr_running(struct rq
> *rq, unsigned count)
>
> static inline void __block_task(struct rq *rq, struct task_struct
> *p)
> {
> + trace_sched_dequeue_tp(p, cpu_of(rq));
> +
> if (p->sched_contributes_to_load)
> rq->nr_uninterruptible++;
>
^ permalink raw reply
* Re: [PATCH v7 00/15] bootconfig: fixes, cleanups, and modernization
From: Masami Hiramatsu @ 2026-03-18 15:34 UTC (permalink / raw)
To: Josh Law; +Cc: Andrew Morton, Steven Rostedt, linux-kernel, linux-trace-kernel
In-Reply-To: <20260317160916.33576-1-objecting@objecting.org>
Hi Josh,
It is mostly OK, but can you reorder this series as the fixes (which
has "Fixes" tag, [9/15] and [10/15]) first and others second, so that
I can cleanly merge it to bootconfig/fixes and bootconfig/for-next?
The patches which has Fixes tag should go into stable tree, but other
improvements/cleanups should go to next merge window.
Thank you,
On Tue, 17 Mar 2026 16:09:01 +0000
Josh Law <objecting@objecting.org> wrote:
> This series addresses a collection of issues found during a review of
> lib/bootconfig.c, include/linux/bootconfig.h, and tools/bootconfig,
> ranging from off-by-one errors and unchecked return values to coding
> style, signedness/type cleanup, and API modernization.
>
> Changes since v6:
> - Dropped "add missing __init annotations to static helpers"
> (v6 patch 1).
> - Dropped "fix sign-compare in xbc_node_compose_key_after()"
> (v6 patch 16).
> - Updated "fix fd leak in load_xbc_file() on fstat failure" to save
> errno before close(), since close() may overwrite it before the
> error is returned (patch 10).
> - Updated "fix signed comparison in xbc_node_get_data()" to use
> size_t for the local offset variable, matching the warning and
> xbc_data_size (patch 11).
> - Updated "use signed type for offset in xbc_init_node()" to use a
> signed long and explicitly check offset < 0 in WARN_ON(), making
> the pre-base pointer case explicit instead of relying on unsigned
> wraparound (patch 13).
>
> Changes since v5:
> - Folded typo fixes, kerneldoc blank line, and inconsistent bracing
> patches (v5 02-05, 07) into a single patch (patch 1).
> - Dropped "use __packed macro for struct xbc_node" (v5 11) and
> "add __packed definition to tools/bootconfig shim header" (v5 14)
> per review feedback.
> - Added Fixes: tag to "check xbc_init_node() return in override
> path" (patch 9).
> - Added Fixes: tag to "fix fd leak in load_xbc_file() on fstat
> failure" (patch 10).
>
> Changes since v4:
> - Added six follow-up patches found via static analysis with strict
> GCC warnings (patches 11-15, plus the now-dropped v6 patch 16).
> - Added "fix signed comparison in xbc_node_get_data()" to match the
> local offset type to xbc_data_size and eliminate the sign-compare
> warning (patch 11).
> - Added "use size_t for strlen result in xbc_node_match_prefix()"
> and "use size_t for key length tracking in xbc_verify_tree()" to
> match strlen() return types (patches 12, 14).
> - Added "use signed type for offset in xbc_init_node()" to make the
> offset bounds check explicit and avoid sign-conversion warnings
> from pointer subtraction (patch 13).
> - Added "change xbc_node_index() return type to uint16_t" to match
> the 16-bit storage fields and XBC_NODE_MAX bounds (patch 15).
>
> Changes since v3:
> - Added commit descriptions to all patches that were missing them.
> - Added real-world impact statements to all bug-fix patches.
>
> Changes since v2:
> - Added "validate child node index in xbc_verify_tree()" (patch 8).
> - Added "check xbc_init_node() return in override path" (patch 9).
> - Added "fix fd leak in load_xbc_file() on fstat failure" (patch 10).
>
> Changes since v1:
> - Dropped "return empty string instead of NULL from
> xbc_node_get_data()" -- returning "" causes false matches in
> xbc_node_match_prefix() because strncmp(..., "", 0) always
> returns 0.
>
> Bug fixes:
> - Fix off-by-one in xbc_verify_tree() where a next-node index equal
> to xbc_node_num passes the bounds check despite being out of range;
> a malformed bootconfig could cause an out-of-bounds read of kernel
> memory during tree traversal at boot time (patch 3).
> - Move xbc_node_num increment to after xbc_init_node() validation so
> a failed init does not leave a partially initialized node counted
> in the array; on a maximum-size bootconfig, the uninitialized node
> could be traversed leading to unpredictable boot behavior (patch 4).
> - Validate child node indices in xbc_verify_tree() alongside the
> existing next-node check; without this, a corrupt bootconfig could
> trigger an out-of-bounds memory access via an invalid child index
> during tree traversal (patch 8).
> - Check xbc_init_node() return value in the ':=' override path; a
> bootconfig using ':=' near the 32KB data limit could silently
> retain the old value, meaning a security-relevant boot parameter
> override would not take effect (patch 9).
> - Fix file descriptor leak in tools/bootconfig load_xbc_file() when
> fstat() fails, and preserve errno across close() on that error path
> (patch 10).
>
> Correctness:
> - Narrow the flag parameter in node creation helpers from uint32_t to
> uint16_t to match the xbc_node.data field width (patch 2).
> - Constify the xbc_calc_checksum() data parameter since it only reads
> the buffer (patch 6).
> - Fix strict-GCC signedness and narrowing warnings by aligning local
> types with strlen() APIs and the node index/data storage in
> xbc_node_get_data(), xbc_node_match_prefix(), xbc_init_node(),
> xbc_verify_tree(), and xbc_node_index() (patches 11-15).
>
> Cleanups:
> - Fix comment typos, missing blank line before kerneldoc, and
> inconsistent if/else bracing (patch 1).
> - Drop redundant memset after memblock_alloc which already returns
> zeroed memory; switch the userspace path from malloc to calloc to
> match (patch 5).
>
> Modernization:
> - Replace the catch-all linux/kernel.h include with the specific
> headers needed: linux/cache.h, linux/compiler.h, and
> linux/sprintf.h (patch 7).
>
> Build-tested with both the in-kernel build (lib/bootconfig.o,
> init/main.o) and the userspace tools/bootconfig build. All 70
> tools/bootconfig test cases pass.
>
> Josh Law (15):
> lib/bootconfig: clean up comment typos and bracing
> lib/bootconfig: narrow flag parameter type from uint32_t to uint16_t
> lib/bootconfig: fix off-by-one in xbc_verify_tree() next node check
> lib/bootconfig: increment xbc_node_num after node init succeeds
> lib/bootconfig: drop redundant memset of xbc_nodes
> bootconfig: constify xbc_calc_checksum() data parameter
> lib/bootconfig: replace linux/kernel.h with specific includes
> lib/bootconfig: validate child node index in xbc_verify_tree()
> lib/bootconfig: check xbc_init_node() return in override path
> tools/bootconfig: fix fd leak in load_xbc_file() on fstat failure
> lib/bootconfig: fix signed comparison in xbc_node_get_data()
> lib/bootconfig: use size_t for strlen result in
> xbc_node_match_prefix()
> lib/bootconfig: use signed type for offset in xbc_init_node()
> lib/bootconfig: use size_t for key length tracking in
> xbc_verify_tree()
> lib/bootconfig: change xbc_node_index() return type to uint16_t
>
> include/linux/bootconfig.h | 6 ++--
> lib/bootconfig.c | 65 ++++++++++++++++++++++----------------
> tools/bootconfig/main.c | 7 ++--
> 3 files changed, 46 insertions(+), 32 deletions(-)
>
> --
> 2.34.1
--
Masami Hiramatsu (Google) <mhiramat@kernel.org>
^ permalink raw reply
* Re: [PATCH v9 2/4] ring-buffer: Flush and stop persistent ring buffer on panic
From: Masami Hiramatsu @ 2026-03-18 15:29 UTC (permalink / raw)
To: Mathieu Desnoyers
Cc: Steven Rostedt, linux-kernel, linux-trace-kernel, Ian Rogers
In-Reply-To: <c91f37bf-97e9-4752-99a9-3d534ce9d2f0@efficios.com>
On Wed, 18 Mar 2026 10:53:26 -0400
Mathieu Desnoyers <mathieu.desnoyers@efficios.com> wrote:
> On 2026-03-18 10:19, Masami Hiramatsu (Google) wrote:
> > On Wed, 11 Mar 2026 10:32:29 +0900
> > "Masami Hiramatsu (Google)" <mhiramat@kernel.org> wrote:
> >
> >> From: Masami Hiramatsu (Google) <mhiramat@kernel.org>
> >>
> >> On real hardware, panic and machine reboot may not flush hardware cache
> >> to memory. This means the persistent ring buffer, which relies on a
> >> coherent state of memory, may not have its events written to the buffer
> >> and they may be lost. Moreover, there may be inconsistency with the
> >> counters which are used for validation of the integrity of the
> >> persistent ring buffer which may cause all data to be discarded.
> >>
> >> To avoid this issue, stop recording of the ring buffer on panic and
> >> flush the cache of the ring buffer's memory.
> >
> > Hmm, on some architectures, flush_cache_vmap() is implemented using
> > on_each_cpu() which waits IPI. But that does not safe in panic notifier
> > because it is called after smp_send_stop().
> >
> > Since this cache flush issue is currently only confirmed on arm64,
> > I would like to make it doing nothing (do { } while (0)) by default.
>
> FWIW, I've sent a related series a while ago about flushing pmem
> areas to memory on panic:
>
> https://lore.kernel.org/lkml/20240618154157.334602-3-mathieu.desnoyers@efficios.com/
>
Ah, nice!
> When reading your patch, I feel like I'm missing something, so please bear with
> me for a few questions:
>
> - What exactly are you trying to flush ? By "flush" do you mean
> evince cache lines or write back cache lines ? (I expect you aim
> at the second option)
Yes, I need to write back cache lines, at least it can be
read after hot reboot. (not evict cache)
>
> - AFAIU, you are not trying to evince cache lines after creation
> of a new virtual mapping (which is the documented intent of
> flush_cache_vmap).
Ah, OK. That's a good point!
(anyway I will replace it with do { } while (0) in the next version.)
>
> - AFAIU flush_cache_vmap maps to no-code on arm64 (asm-generic), what am
> I missing ? It makes sense to be a no-op because AFAIR arm64 does not
> have to deal with virtually aliasing caches.
Yeah, so my patch also introduces arm64 specific implementation.
>
> see commit 8690bbcf3b7 ("Introduce cpu_dcache_is_aliasing() across all architectures")
OK, let me check.
>
> The arch_wb_cache_pmem is specific to pmem, which is not exactly what you want
> to use, but on arm64 it's implemented as:
>
> /* Ensure order against any prior non-cacheable writes */
> dmb(osh);
> dcache_clean_pop((unsigned long)addr, (unsigned long)addr + size);
>
> Which I think has the writeback semantic you are looking for, and AFAIU should no
> require IPIs (at least on arm64) to flush cache lines across the entire system.
Yes, that's what I need.
Thank you!
>
> Cheers,
>
> Mathieu
>
> --
> Mathieu Desnoyers
> EfficiOS Inc.
> https://www.efficios.com
--
Masami Hiramatsu (Google) <mhiramat@kernel.org>
^ permalink raw reply
* Re: [PATCH v9 2/4] ring-buffer: Flush and stop persistent ring buffer on panic
From: Mathieu Desnoyers @ 2026-03-18 14:53 UTC (permalink / raw)
To: Masami Hiramatsu (Google)
Cc: Steven Rostedt, linux-kernel, linux-trace-kernel, Ian Rogers
In-Reply-To: <20260318231959.717f07ec491a731941aee1d9@kernel.org>
On 2026-03-18 10:19, Masami Hiramatsu (Google) wrote:
> On Wed, 11 Mar 2026 10:32:29 +0900
> "Masami Hiramatsu (Google)" <mhiramat@kernel.org> wrote:
>
>> From: Masami Hiramatsu (Google) <mhiramat@kernel.org>
>>
>> On real hardware, panic and machine reboot may not flush hardware cache
>> to memory. This means the persistent ring buffer, which relies on a
>> coherent state of memory, may not have its events written to the buffer
>> and they may be lost. Moreover, there may be inconsistency with the
>> counters which are used for validation of the integrity of the
>> persistent ring buffer which may cause all data to be discarded.
>>
>> To avoid this issue, stop recording of the ring buffer on panic and
>> flush the cache of the ring buffer's memory.
>
> Hmm, on some architectures, flush_cache_vmap() is implemented using
> on_each_cpu() which waits IPI. But that does not safe in panic notifier
> because it is called after smp_send_stop().
>
> Since this cache flush issue is currently only confirmed on arm64,
> I would like to make it doing nothing (do { } while (0)) by default.
FWIW, I've sent a related series a while ago about flushing pmem
areas to memory on panic:
https://lore.kernel.org/lkml/20240618154157.334602-3-mathieu.desnoyers@efficios.com/
When reading your patch, I feel like I'm missing something, so please bear with
me for a few questions:
- What exactly are you trying to flush ? By "flush" do you mean
evince cache lines or write back cache lines ? (I expect you aim
at the second option)
- AFAIU, you are not trying to evince cache lines after creation
of a new virtual mapping (which is the documented intent of
flush_cache_vmap).
- AFAIU flush_cache_vmap maps to no-code on arm64 (asm-generic), what am
I missing ? It makes sense to be a no-op because AFAIR arm64 does not
have to deal with virtually aliasing caches.
see commit 8690bbcf3b7 ("Introduce cpu_dcache_is_aliasing() across all architectures")
The arch_wb_cache_pmem is specific to pmem, which is not exactly what you want
to use, but on arm64 it's implemented as:
/* Ensure order against any prior non-cacheable writes */
dmb(osh);
dcache_clean_pop((unsigned long)addr, (unsigned long)addr + size);
Which I think has the writeback semantic you are looking for, and AFAIU should no
require IPIs (at least on arm64) to flush cache lines across the entire system.
Cheers,
Mathieu
--
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com
^ permalink raw reply
* Re: [PATCH 03/15] io_uring: Use trace_invoke_##name() at guarded tracepoint call sites
From: Vineeth Remanan Pillai @ 2026-03-18 14:51 UTC (permalink / raw)
To: Steven Rostedt
Cc: Keith Busch, Peter Zijlstra, Jens Axboe, io-uring, linux-kernel,
linux-trace-kernel
In-Reply-To: <20260312113816.01de2b53@gandalf.local.home>
On Thu, Mar 12, 2026 at 11:38 AM Steven Rostedt <rostedt@goodmis.org> wrote:
>
> On Thu, 12 Mar 2026 09:24:21 -0600
> Keith Busch <kbusch@kernel.org> wrote:
>
> > On Thu, Mar 12, 2026 at 11:04:58AM -0400, Vineeth Pillai (Google) wrote:
> > > if (trace_io_uring_complete_enabled())
> > > - trace_io_uring_complete(req->ctx, req, cqe);
> > > + trace_invoke_io_uring_complete(req->ctx, req, cqe);
> >
> > Curious, this one doesn't follow that pattern of "if (enabed && cond)"
> > that this cover letter said it was addressing, so why doesn't this call
> > just drop the 'if' check and go straight to trace_io_uring_complete()? I
> > followed this usage to commit a0730c738309a06, which says that the
>
> You mean 'a0727c738309a06'? As I could not find the above 'a0730c738309a06'
>
> > compiler was generating code to move args before checking if the trace
> > was enabled. That commit was a while ago though, and suggests to remove
>
> It was only 2023.
>
> > the check if that problem is solved. Is it still a problem?
>
> We should check.
I shall leave this patch as is for now.
> Which reminds me. There's other places that have that tracepoint_enabled()
> in header files that do the above. The C wrapper functions should also
> convert the callback to the trace_invoke_<event>() call.
>
Thanks for pointing this out. I just had a look and its not too much.
But I feel it would be better to take it up as a new series. What do
you think?
Thanks,
Vineeth
> -- Steve
^ permalink raw reply
* Re: [PATCH v9 2/4] ring-buffer: Flush and stop persistent ring buffer on panic
From: Masami Hiramatsu @ 2026-03-18 14:19 UTC (permalink / raw)
To: Masami Hiramatsu (Google)
Cc: Steven Rostedt, Mathieu Desnoyers, linux-kernel,
linux-trace-kernel, Ian Rogers
In-Reply-To: <177319274904.130641.3303707869402603363.stgit@mhiramat.tok.corp.google.com>
On Wed, 11 Mar 2026 10:32:29 +0900
"Masami Hiramatsu (Google)" <mhiramat@kernel.org> wrote:
> From: Masami Hiramatsu (Google) <mhiramat@kernel.org>
>
> On real hardware, panic and machine reboot may not flush hardware cache
> to memory. This means the persistent ring buffer, which relies on a
> coherent state of memory, may not have its events written to the buffer
> and they may be lost. Moreover, there may be inconsistency with the
> counters which are used for validation of the integrity of the
> persistent ring buffer which may cause all data to be discarded.
>
> To avoid this issue, stop recording of the ring buffer on panic and
> flush the cache of the ring buffer's memory.
Hmm, on some architectures, flush_cache_vmap() is implemented using
on_each_cpu() which waits IPI. But that does not safe in panic notifier
because it is called after smp_send_stop().
Since this cache flush issue is currently only confirmed on arm64,
I would like to make it doing nothing (do { } while (0)) by default.
Thanks,
>
> Fixes: e645535a954a ("tracing: Add option to use memmapped memory for trace boot instance")
> Cc: stable@vger.kernel.org
> Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
> ---
> Changes in v9:
> - Fix typo of & to &&.
> - Fix typo of "Generic"
> Changes in v6:
> - Introduce asm/ring_buffer.h for arch_ring_buffer_flush_range().
> - Use flush_cache_vmap() instead of flush_cache_all().
> Changes in v5:
> - Use ring_buffer_record_off() instead of ring_buffer_record_disable().
> - Use flush_cache_all() to ensure flush all cache.
> Changes in v3:
> - update patch description.
> ---
> arch/alpha/include/asm/Kbuild | 1 +
> arch/arc/include/asm/Kbuild | 1 +
> arch/arm/include/asm/Kbuild | 1 +
> arch/arm64/include/asm/ring_buffer.h | 10 ++++++++++
> arch/csky/include/asm/Kbuild | 1 +
> arch/hexagon/include/asm/Kbuild | 1 +
> arch/loongarch/include/asm/Kbuild | 1 +
> arch/m68k/include/asm/Kbuild | 1 +
> arch/microblaze/include/asm/Kbuild | 1 +
> arch/mips/include/asm/Kbuild | 1 +
> arch/nios2/include/asm/Kbuild | 1 +
> arch/openrisc/include/asm/Kbuild | 1 +
> arch/parisc/include/asm/Kbuild | 1 +
> arch/powerpc/include/asm/Kbuild | 1 +
> arch/riscv/include/asm/Kbuild | 1 +
> arch/s390/include/asm/Kbuild | 1 +
> arch/sh/include/asm/Kbuild | 1 +
> arch/sparc/include/asm/Kbuild | 1 +
> arch/um/include/asm/Kbuild | 1 +
> arch/x86/include/asm/Kbuild | 1 +
> arch/xtensa/include/asm/Kbuild | 1 +
> include/asm-generic/ring_buffer.h | 13 +++++++++++++
> kernel/trace/ring_buffer.c | 22 ++++++++++++++++++++++
> 23 files changed, 65 insertions(+)
> create mode 100644 arch/arm64/include/asm/ring_buffer.h
> create mode 100644 include/asm-generic/ring_buffer.h
>
> diff --git a/arch/alpha/include/asm/Kbuild b/arch/alpha/include/asm/Kbuild
> index 483965c5a4de..b154b4e3dfa8 100644
> --- a/arch/alpha/include/asm/Kbuild
> +++ b/arch/alpha/include/asm/Kbuild
> @@ -5,4 +5,5 @@ generic-y += agp.h
> generic-y += asm-offsets.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> +generic-y += ring_buffer.h
> generic-y += text-patching.h
> diff --git a/arch/arc/include/asm/Kbuild b/arch/arc/include/asm/Kbuild
> index 4c69522e0328..483caacc6988 100644
> --- a/arch/arc/include/asm/Kbuild
> +++ b/arch/arc/include/asm/Kbuild
> @@ -5,5 +5,6 @@ generic-y += extable.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> generic-y += parport.h
> +generic-y += ring_buffer.h
> generic-y += user.h
> generic-y += text-patching.h
> diff --git a/arch/arm/include/asm/Kbuild b/arch/arm/include/asm/Kbuild
> index 03657ff8fbe3..decad5f2c826 100644
> --- a/arch/arm/include/asm/Kbuild
> +++ b/arch/arm/include/asm/Kbuild
> @@ -3,6 +3,7 @@ generic-y += early_ioremap.h
> generic-y += extable.h
> generic-y += flat.h
> generic-y += parport.h
> +generic-y += ring_buffer.h
>
> generated-y += mach-types.h
> generated-y += unistd-nr.h
> diff --git a/arch/arm64/include/asm/ring_buffer.h b/arch/arm64/include/asm/ring_buffer.h
> new file mode 100644
> index 000000000000..62316c406888
> --- /dev/null
> +++ b/arch/arm64/include/asm/ring_buffer.h
> @@ -0,0 +1,10 @@
> +/* SPDX-License-Identifier: GPL-2.0-only */
> +#ifndef _ASM_ARM64_RING_BUFFER_H
> +#define _ASM_ARM64_RING_BUFFER_H
> +
> +#include <asm/cacheflush.h>
> +
> +/* Flush D-cache on persistent ring buffer */
> +#define arch_ring_buffer_flush_range(start, end) dcache_clean_pop(start, end)
> +
> +#endif /* _ASM_ARM64_RING_BUFFER_H */
> diff --git a/arch/csky/include/asm/Kbuild b/arch/csky/include/asm/Kbuild
> index 3a5c7f6e5aac..7dca0c6cdc84 100644
> --- a/arch/csky/include/asm/Kbuild
> +++ b/arch/csky/include/asm/Kbuild
> @@ -9,6 +9,7 @@ generic-y += qrwlock.h
> generic-y += qrwlock_types.h
> generic-y += qspinlock.h
> generic-y += parport.h
> +generic-y += ring_buffer.h
> generic-y += user.h
> generic-y += vmlinux.lds.h
> generic-y += text-patching.h
> diff --git a/arch/hexagon/include/asm/Kbuild b/arch/hexagon/include/asm/Kbuild
> index 1efa1e993d4b..0f887d4238ed 100644
> --- a/arch/hexagon/include/asm/Kbuild
> +++ b/arch/hexagon/include/asm/Kbuild
> @@ -5,4 +5,5 @@ generic-y += extable.h
> generic-y += iomap.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> +generic-y += ring_buffer.h
> generic-y += text-patching.h
> diff --git a/arch/loongarch/include/asm/Kbuild b/arch/loongarch/include/asm/Kbuild
> index 9034b583a88a..7e92957baf6a 100644
> --- a/arch/loongarch/include/asm/Kbuild
> +++ b/arch/loongarch/include/asm/Kbuild
> @@ -10,5 +10,6 @@ generic-y += qrwlock.h
> generic-y += user.h
> generic-y += ioctl.h
> generic-y += mmzone.h
> +generic-y += ring_buffer.h
> generic-y += statfs.h
> generic-y += text-patching.h
> diff --git a/arch/m68k/include/asm/Kbuild b/arch/m68k/include/asm/Kbuild
> index b282e0dd8dc1..62543bf305ff 100644
> --- a/arch/m68k/include/asm/Kbuild
> +++ b/arch/m68k/include/asm/Kbuild
> @@ -3,5 +3,6 @@ generated-y += syscall_table.h
> generic-y += extable.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> +generic-y += ring_buffer.h
> generic-y += spinlock.h
> generic-y += text-patching.h
> diff --git a/arch/microblaze/include/asm/Kbuild b/arch/microblaze/include/asm/Kbuild
> index 7178f990e8b3..0030309b47ad 100644
> --- a/arch/microblaze/include/asm/Kbuild
> +++ b/arch/microblaze/include/asm/Kbuild
> @@ -5,6 +5,7 @@ generic-y += extable.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> generic-y += parport.h
> +generic-y += ring_buffer.h
> generic-y += syscalls.h
> generic-y += tlb.h
> generic-y += user.h
> diff --git a/arch/mips/include/asm/Kbuild b/arch/mips/include/asm/Kbuild
> index 684569b2ecd6..9771c3d85074 100644
> --- a/arch/mips/include/asm/Kbuild
> +++ b/arch/mips/include/asm/Kbuild
> @@ -12,5 +12,6 @@ generic-y += mcs_spinlock.h
> generic-y += parport.h
> generic-y += qrwlock.h
> generic-y += qspinlock.h
> +generic-y += ring_buffer.h
> generic-y += user.h
> generic-y += text-patching.h
> diff --git a/arch/nios2/include/asm/Kbuild b/arch/nios2/include/asm/Kbuild
> index 28004301c236..0a2530964413 100644
> --- a/arch/nios2/include/asm/Kbuild
> +++ b/arch/nios2/include/asm/Kbuild
> @@ -5,6 +5,7 @@ generic-y += cmpxchg.h
> generic-y += extable.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> +generic-y += ring_buffer.h
> generic-y += spinlock.h
> generic-y += user.h
> generic-y += text-patching.h
> diff --git a/arch/openrisc/include/asm/Kbuild b/arch/openrisc/include/asm/Kbuild
> index cef49d60d74c..8aa34621702d 100644
> --- a/arch/openrisc/include/asm/Kbuild
> +++ b/arch/openrisc/include/asm/Kbuild
> @@ -8,4 +8,5 @@ generic-y += spinlock_types.h
> generic-y += spinlock.h
> generic-y += qrwlock_types.h
> generic-y += qrwlock.h
> +generic-y += ring_buffer.h
> generic-y += user.h
> diff --git a/arch/parisc/include/asm/Kbuild b/arch/parisc/include/asm/Kbuild
> index 4fb596d94c89..d48d158f7241 100644
> --- a/arch/parisc/include/asm/Kbuild
> +++ b/arch/parisc/include/asm/Kbuild
> @@ -4,4 +4,5 @@ generated-y += syscall_table_64.h
> generic-y += agp.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> +generic-y += ring_buffer.h
> generic-y += user.h
> diff --git a/arch/powerpc/include/asm/Kbuild b/arch/powerpc/include/asm/Kbuild
> index 2e23533b67e3..805b5aeebb6f 100644
> --- a/arch/powerpc/include/asm/Kbuild
> +++ b/arch/powerpc/include/asm/Kbuild
> @@ -5,4 +5,5 @@ generated-y += syscall_table_spu.h
> generic-y += agp.h
> generic-y += mcs_spinlock.h
> generic-y += qrwlock.h
> +generic-y += ring_buffer.h
> generic-y += early_ioremap.h
> diff --git a/arch/riscv/include/asm/Kbuild b/arch/riscv/include/asm/Kbuild
> index bd5fc9403295..7721b63642f4 100644
> --- a/arch/riscv/include/asm/Kbuild
> +++ b/arch/riscv/include/asm/Kbuild
> @@ -14,5 +14,6 @@ generic-y += ticket_spinlock.h
> generic-y += qrwlock.h
> generic-y += qrwlock_types.h
> generic-y += qspinlock.h
> +generic-y += ring_buffer.h
> generic-y += user.h
> generic-y += vmlinux.lds.h
> diff --git a/arch/s390/include/asm/Kbuild b/arch/s390/include/asm/Kbuild
> index 80bad7de7a04..0c1fc47c3ba0 100644
> --- a/arch/s390/include/asm/Kbuild
> +++ b/arch/s390/include/asm/Kbuild
> @@ -7,3 +7,4 @@ generated-y += unistd_nr.h
> generic-y += asm-offsets.h
> generic-y += mcs_spinlock.h
> generic-y += mmzone.h
> +generic-y += ring_buffer.h
> diff --git a/arch/sh/include/asm/Kbuild b/arch/sh/include/asm/Kbuild
> index 4d3f10ed8275..f0403d3ee8ab 100644
> --- a/arch/sh/include/asm/Kbuild
> +++ b/arch/sh/include/asm/Kbuild
> @@ -3,4 +3,5 @@ generated-y += syscall_table.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> generic-y += parport.h
> +generic-y += ring_buffer.h
> generic-y += text-patching.h
> diff --git a/arch/sparc/include/asm/Kbuild b/arch/sparc/include/asm/Kbuild
> index 17ee8a273aa6..49c6bb326b75 100644
> --- a/arch/sparc/include/asm/Kbuild
> +++ b/arch/sparc/include/asm/Kbuild
> @@ -4,4 +4,5 @@ generated-y += syscall_table_64.h
> generic-y += agp.h
> generic-y += kvm_para.h
> generic-y += mcs_spinlock.h
> +generic-y += ring_buffer.h
> generic-y += text-patching.h
> diff --git a/arch/um/include/asm/Kbuild b/arch/um/include/asm/Kbuild
> index 1b9b82bbe322..2a1629ba8140 100644
> --- a/arch/um/include/asm/Kbuild
> +++ b/arch/um/include/asm/Kbuild
> @@ -17,6 +17,7 @@ generic-y += module.lds.h
> generic-y += parport.h
> generic-y += percpu.h
> generic-y += preempt.h
> +generic-y += ring_buffer.h
> generic-y += runtime-const.h
> generic-y += softirq_stack.h
> generic-y += switch_to.h
> diff --git a/arch/x86/include/asm/Kbuild b/arch/x86/include/asm/Kbuild
> index 4566000e15c4..078fd2c0d69d 100644
> --- a/arch/x86/include/asm/Kbuild
> +++ b/arch/x86/include/asm/Kbuild
> @@ -14,3 +14,4 @@ generic-y += early_ioremap.h
> generic-y += fprobe.h
> generic-y += mcs_spinlock.h
> generic-y += mmzone.h
> +generic-y += ring_buffer.h
> diff --git a/arch/xtensa/include/asm/Kbuild b/arch/xtensa/include/asm/Kbuild
> index 13fe45dea296..e57af619263a 100644
> --- a/arch/xtensa/include/asm/Kbuild
> +++ b/arch/xtensa/include/asm/Kbuild
> @@ -6,5 +6,6 @@ generic-y += mcs_spinlock.h
> generic-y += parport.h
> generic-y += qrwlock.h
> generic-y += qspinlock.h
> +generic-y += ring_buffer.h
> generic-y += user.h
> generic-y += text-patching.h
> diff --git a/include/asm-generic/ring_buffer.h b/include/asm-generic/ring_buffer.h
> new file mode 100644
> index 000000000000..930d96571f23
> --- /dev/null
> +++ b/include/asm-generic/ring_buffer.h
> @@ -0,0 +1,13 @@
> +/* SPDX-License-Identifier: GPL-2.0-only */
> +/*
> + * Generic arch dependent ring_buffer macros.
> + */
> +#ifndef __ASM_GENERIC_RING_BUFFER_H__
> +#define __ASM_GENERIC_RING_BUFFER_H__
> +
> +#include <linux/cacheflush.h>
> +
> +/* Flush cache on ring buffer range if needed */
> +#define arch_ring_buffer_flush_range(start, end) flush_cache_vmap(start, end)
> +
> +#endif /* __ASM_GENERIC_RING_BUFFER_H__ */
> diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c
> index 353a5aa1b612..9f4ee9e3803d 100644
> --- a/kernel/trace/ring_buffer.c
> +++ b/kernel/trace/ring_buffer.c
> @@ -6,6 +6,7 @@
> */
> #include <linux/sched/isolation.h>
> #include <linux/trace_recursion.h>
> +#include <linux/panic_notifier.h>
> #include <linux/trace_events.h>
> #include <linux/ring_buffer.h>
> #include <linux/trace_clock.h>
> @@ -30,6 +31,7 @@
> #include <linux/oom.h>
> #include <linux/mm.h>
>
> +#include <asm/ring_buffer.h>
> #include <asm/local64.h>
> #include <asm/local.h>
> #include <asm/setup.h>
> @@ -589,6 +591,7 @@ struct trace_buffer {
>
> unsigned long range_addr_start;
> unsigned long range_addr_end;
> + struct notifier_block flush_nb;
>
> struct ring_buffer_meta *meta;
>
> @@ -2471,6 +2474,16 @@ static void rb_free_cpu_buffer(struct ring_buffer_per_cpu *cpu_buffer)
> kfree(cpu_buffer);
> }
>
> +/* Stop recording on a persistent buffer and flush cache if needed. */
> +static int rb_flush_buffer_cb(struct notifier_block *nb, unsigned long event, void *data)
> +{
> + struct trace_buffer *buffer = container_of(nb, struct trace_buffer, flush_nb);
> +
> + ring_buffer_record_off(buffer);
> + arch_ring_buffer_flush_range(buffer->range_addr_start, buffer->range_addr_end);
> + return NOTIFY_DONE;
> +}
> +
> static struct trace_buffer *alloc_buffer(unsigned long size, unsigned flags,
> int order, unsigned long start,
> unsigned long end,
> @@ -2590,6 +2603,12 @@ static struct trace_buffer *alloc_buffer(unsigned long size, unsigned flags,
>
> mutex_init(&buffer->mutex);
>
> + /* Persistent ring buffer needs to flush cache before reboot. */
> + if (start && end) {
> + buffer->flush_nb.notifier_call = rb_flush_buffer_cb;
> + atomic_notifier_chain_register(&panic_notifier_list, &buffer->flush_nb);
> + }
> +
> return_ptr(buffer);
>
> fail_free_buffers:
> @@ -2677,6 +2696,9 @@ ring_buffer_free(struct trace_buffer *buffer)
> {
> int cpu;
>
> + if (buffer->range_addr_start && buffer->range_addr_end)
> + atomic_notifier_chain_unregister(&panic_notifier_list, &buffer->flush_nb);
> +
> cpuhp_state_remove_instance(CPUHP_TRACE_RB_PREPARE, &buffer->node);
>
> irq_work_sync(&buffer->irq_work.work);
>
--
Masami Hiramatsu (Google) <mhiramat@kernel.org>
^ permalink raw reply
* Re: [PATCH 3/8] mm: move free_reserved_area() to mm/memblock.c
From: Vlastimil Babka @ 2026-03-18 14:16 UTC (permalink / raw)
To: Mike Rapoport, Andrew Morton
Cc: Alexander Potapenko, Alexander Viro, Andreas Larsson,
Ard Biesheuvel, Borislav Petkov, Brendan Jackman,
Christophe Leroy (CS GROUP), Catalin Marinas, Christian Brauner,
David S. Miller, Dave Hansen, David Hildenbrand, Dmitry Vyukov,
Ilias Apalodimas, Ingo Molnar, Jan Kara, Johannes Weiner,
Liam R. Howlett, Lorenzo Stoakes, Madhavan Srinivasan,
Marco Elver, Marek Szyprowski, Masami Hiramatsu, Michael Ellerman,
Michal Hocko, Nicholas Piggin, H. Peter Anvin, Rob Herring,
Robin Murphy, Saravana Kannan, Suren Baghdasaryan,
Thomas Gleixner, Will Deacon, Zi Yan, devicetree, iommu,
kasan-dev, linux-arm-kernel, linux-efi, linux-fsdevel,
linux-kernel, linux-mm, linux-trace-kernel, linuxppc-dev,
sparclinux, x86
In-Reply-To: <20260318105827.1358927-4-rppt@kernel.org>
On 3/18/26 11:58, Mike Rapoport wrote:
> From: "Mike Rapoport (Microsoft)" <rppt@kernel.org>
>
> free_reserved_area() is related to memblock as it frees reserved memory
> back to the buddy allocator, similar to what memblock_free_late() does.
>
> Move free_reserved_area() to mm/memblock.c to prepare for further
> consolidation of the functions that free reserved memory.
>
> No functional changes.
>
> Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org>
Acked-by: Vlastimil Babka (SUSE) <vbabka@kernel.org>
> ---
> mm/memblock.c | 37 ++++++++++++++++++++++++++++++++++++-
> mm/page_alloc.c | 36 ------------------------------------
> 2 files changed, 36 insertions(+), 37 deletions(-)
>
> diff --git a/mm/memblock.c b/mm/memblock.c
> index b3ddfdec7a80..8f3010dddc58 100644
> --- a/mm/memblock.c
> +++ b/mm/memblock.c
> @@ -893,6 +893,42 @@ int __init_memblock memblock_remove(phys_addr_t base, phys_addr_t size)
> return memblock_remove_range(&memblock.memory, base, size);
> }
>
> +unsigned long free_reserved_area(void *start, void *end, int poison, const char *s)
> +{
> + void *pos;
> + unsigned long pages = 0;
> +
> + start = (void *)PAGE_ALIGN((unsigned long)start);
> + end = (void *)((unsigned long)end & PAGE_MASK);
> + for (pos = start; pos < end; pos += PAGE_SIZE, pages++) {
> + struct page *page = virt_to_page(pos);
> + void *direct_map_addr;
> +
> + /*
> + * 'direct_map_addr' might be different from 'pos'
> + * because some architectures' virt_to_page()
> + * work with aliases. Getting the direct map
> + * address ensures that we get a _writeable_
> + * alias for the memset().
> + */
> + direct_map_addr = page_address(page);
> + /*
> + * Perform a kasan-unchecked memset() since this memory
> + * has not been initialized.
> + */
> + direct_map_addr = kasan_reset_tag(direct_map_addr);
> + if ((unsigned int)poison <= 0xFF)
> + memset(direct_map_addr, poison, PAGE_SIZE);
> +
> + free_reserved_page(page);
> + }
> +
> + if (pages && s)
> + pr_info("Freeing %s memory: %ldK\n", s, K(pages));
> +
> + return pages;
> +}
> +
> /**
> * memblock_free - free boot memory allocation
> * @ptr: starting address of the boot memory allocation
> @@ -1776,7 +1812,6 @@ void __init memblock_free_late(phys_addr_t base, phys_addr_t size)
> totalram_pages_inc();
> }
> }
> -
> /*
> * Remaining API functions
> */
> diff --git a/mm/page_alloc.c b/mm/page_alloc.c
> index 2d4b6f1a554e..df3d61253001 100644
> --- a/mm/page_alloc.c
> +++ b/mm/page_alloc.c
> @@ -6234,42 +6234,6 @@ void adjust_managed_page_count(struct page *page, long count)
> }
> EXPORT_SYMBOL(adjust_managed_page_count);
>
> -unsigned long free_reserved_area(void *start, void *end, int poison, const char *s)
> -{
> - void *pos;
> - unsigned long pages = 0;
> -
> - start = (void *)PAGE_ALIGN((unsigned long)start);
> - end = (void *)((unsigned long)end & PAGE_MASK);
> - for (pos = start; pos < end; pos += PAGE_SIZE, pages++) {
> - struct page *page = virt_to_page(pos);
> - void *direct_map_addr;
> -
> - /*
> - * 'direct_map_addr' might be different from 'pos'
> - * because some architectures' virt_to_page()
> - * work with aliases. Getting the direct map
> - * address ensures that we get a _writeable_
> - * alias for the memset().
> - */
> - direct_map_addr = page_address(page);
> - /*
> - * Perform a kasan-unchecked memset() since this memory
> - * has not been initialized.
> - */
> - direct_map_addr = kasan_reset_tag(direct_map_addr);
> - if ((unsigned int)poison <= 0xFF)
> - memset(direct_map_addr, poison, PAGE_SIZE);
> -
> - free_reserved_page(page);
> - }
> -
> - if (pages && s)
> - pr_info("Freeing %s memory: %ldK\n", s, K(pages));
> -
> - return pages;
> -}
> -
> void free_reserved_page(struct page *page)
> {
> clear_page_tag_ref(page);
^ permalink raw reply
* Re: [PATCH 04/15] net: Use trace_invoke_##name() at guarded tracepoint call sites
From: Vineeth Remanan Pillai @ 2026-03-18 14:13 UTC (permalink / raw)
To: Aaron Conole
Cc: Steven Rostedt, Peter Zijlstra, David S. Miller, Eric Dumazet,
Jakub Kicinski, Paolo Abeni, Simon Horman, Alexei Starovoitov,
Daniel Borkmann, Jesper Dangaard Brouer, John Fastabend,
Stanislav Fomichev, Eelco Chaudron, Ilya Maximets,
Marcelo Ricardo Leitner, Xin Long, Jon Maloy, Kuniyuki Iwashima,
Samiullah Khawaja, Hangbin Liu, netdev, linux-kernel, bpf, dev,
linux-sctp, tipc-discussion, linux-trace-kernel
In-Reply-To: <CAO7JXPhfpUb1VM_=mwSUqHPQrLvBW=wurz_apWQkMXssPAQPJA@mail.gmail.com>
On Wed, Mar 18, 2026 at 9:40 AM Vineeth Remanan Pillai
<vineeth@bitbyteword.org> wrote:
>
> On Thu, Mar 12, 2026 at 11:31 AM Aaron Conole <aconole@redhat.com> wrote:
> >
> > "Vineeth Pillai (Google)" <vineeth@bitbyteword.org> writes:
> >
> > > Replace trace_foo() with the new trace_invoke_foo() at sites already
> > > guarded by trace_foo_enabled(), avoiding a redundant
> > > static_branch_unlikely() re-evaluation inside the tracepoint.
> > > trace_invoke_foo() calls the tracepoint callbacks directly without
> > > utilizing the static branch again.
> > >
> > > Suggested-by: Steven Rostedt <rostedt@goodmis.org>
> > > Suggested-by: Peter Zijlstra <peterz@infradead.org>
> > > Signed-off-by: Vineeth Pillai (Google) <vineeth@bitbyteword.org>
> > > Assisted-by: Claude:claude-sonnet-4-6
> > > ---
> > > net/core/dev.c | 2 +-
> > > net/core/xdp.c | 2 +-
> > > net/openvswitch/actions.c | 2 +-
> > > net/openvswitch/datapath.c | 2 +-
> > > net/sctp/outqueue.c | 2 +-
> > > net/tipc/node.c | 2 +-
> > > 6 files changed, 6 insertions(+), 6 deletions(-)
> > >
> > > diff --git a/net/core/dev.c b/net/core/dev.c
> > > index 14a83f2035b93..a48fae2bbf57e 100644
> > > --- a/net/core/dev.c
> > > +++ b/net/core/dev.c
> > > @@ -6444,7 +6444,7 @@ void netif_receive_skb_list(struct list_head *head)
> > > return;
> > > if (trace_netif_receive_skb_list_entry_enabled()) {
> > > list_for_each_entry(skb, head, list)
> > > - trace_netif_receive_skb_list_entry(skb);
> > > + trace_invoke_netif_receive_skb_list_entry(skb);
> > > }
> > > netif_receive_skb_list_internal(head);
> > > trace_netif_receive_skb_list_exit(0);
> > > diff --git a/net/core/xdp.c b/net/core/xdp.c
> > > index 9890a30584ba7..53acc887c3434 100644
> > > --- a/net/core/xdp.c
> > > +++ b/net/core/xdp.c
> > > @@ -362,7 +362,7 @@ int xdp_rxq_info_reg_mem_model(struct xdp_rxq_info *xdp_rxq,
> > > xsk_pool_set_rxq_info(allocator, xdp_rxq);
> > >
> > > if (trace_mem_connect_enabled() && xdp_alloc)
> > > - trace_mem_connect(xdp_alloc, xdp_rxq);
> > > + trace_invoke_mem_connect(xdp_alloc, xdp_rxq);
> > > return 0;
> > > }
> > >
> > > diff --git a/net/openvswitch/actions.c b/net/openvswitch/actions.c
> > > index 792ca44a461da..420eb19322e85 100644
> > > --- a/net/openvswitch/actions.c
> > > +++ b/net/openvswitch/actions.c
> > > @@ -1259,7 +1259,7 @@ static int do_execute_actions(struct datapath *dp, struct sk_buff *skb,
> > > int err = 0;
> > >
> > > if (trace_ovs_do_execute_action_enabled())
> > > - trace_ovs_do_execute_action(dp, skb, key, a, rem);
> > > + trace_invoke_ovs_do_execute_action(dp, skb, key, a, rem);
> >
> > Maybe we should just remove the guard here instead of calling the
> > invoke. That seems better to me. It wouldn't need to belong to this
> > series.
> >
> > > /* Actions that rightfully have to consume the skb should do it
> > > * and return directly.
> > > diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c
> > > index e209099218b41..02451629e888e 100644
> > > --- a/net/openvswitch/datapath.c
> > > +++ b/net/openvswitch/datapath.c
> > > @@ -335,7 +335,7 @@ int ovs_dp_upcall(struct datapath *dp, struct sk_buff *skb,
> > > int err;
> > >
> > > if (trace_ovs_dp_upcall_enabled())
> > > - trace_ovs_dp_upcall(dp, skb, key, upcall_info);
> > > + trace_invoke_ovs_dp_upcall(dp, skb, key, upcall_info);
> >
> > Same as above. Seems OVS tracepoints are the only ones that include
> > the guard without any real reason.
> >
>
> Makes sense. Its simple enough that I think I will include it as a
> separate patch in v2 and remove these changes from this patch. Thanks
> for pointing it out.
>
On a second look, I'm not sure if this was for performance reasons.
The discussion in the io_uring patch in this series points out that
the check made there was deliberate and for performance reasons to
avoid 6 mov instruction in the hot path. Just wanted to double check
if that was the case here, before I remove the check?
Thanks,
Vineeth
^ permalink raw reply
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox