From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5B1A831D375 for ; Fri, 3 Apr 2026 11:37:50 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775216270; cv=none; b=KFfXJFQvhyQlTRjRqlO4hAFO2Ox6Eae3s9DrEZ51NPl5NV1wlwyQVrlNoDbG53qqD0ID+C/nq1QX7yUD3M77b9CC3A2jpreY4RGZqpiMd0eTrGSSmkIJrCfQ7sSodrjPefWOO5oosU2XI9VreI8VHEjiJPqKPyuKXtpj7nOf9+s= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1775216270; c=relaxed/simple; bh=vMKZ7un5FtqzmkKApMQD7+RG0CoGlZexiI3kSh6AhSw=; h=From:To:Cc:Subject:In-Reply-To:References:Date:Message-ID: MIME-Version:Content-Type; b=eSL0WCTxvJkg2lRvJqmuzjN+bqr64ZivmrfNgWL4ZLx8mi7BriMBavFPwG1tTIyvWSAO1KL7P4YRC5VWwVK5s0g5HeHHv+rSL883VsWt9VlNzs3NOEoo3Z4gW9waFVpACrt4m7S4RmJelMTsL7NRysd3bKwC4yvd2a40ux9L+W4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=EF4VvpD3; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="EF4VvpD3" Received: by smtp.kernel.org (Postfix) with ESMTPSA id EE964C4CEF7; Fri, 3 Apr 2026 11:37:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1775216270; bh=vMKZ7un5FtqzmkKApMQD7+RG0CoGlZexiI3kSh6AhSw=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=EF4VvpD3Kmcyx1KhggtAUGhgjtIw5v6tzk2xv79niXA5bmlH3LYJ3kaGdNHsQZ1Uh jB6YxwxWbPghSDe+IRCLThjS8klKx5YLsuz/eiIuWzqDVsxj3fmWPjT25jTKv/CgpJ BdqCh8N8na0fwP66eFQexPrB7QLIVN9YCaPAAipiZmxCUHm4onD5OQiyqLsN57AnxU ZonVZemsLWRkZUUhgZQXQUDdHs+AaOFBhUpZZR4AonfiVrOc5nlbDxmYVyuxHt5sns LvnnBsk6PY84Xn/SqUmukQe6kCcEYc52FYTMg1w7jp+LIapurVe7ssuL4+L0nIv/ar j2h7Ya9bAE0Ug== From: Pratyush Yadav To: Breno Leitao Cc: Pratyush Yadav , Alexander Graf , Mike Rapoport , Pasha Tatashin , linux-kernel@vger.kernel.org, kexec@lists.infradead.org, linux-mm@kvack.org, usamaarif642@gmail.com, SeongJae Park , kernel-team@meta.com Subject: Re: [PATCH v8 3/6] kho: persist blob size in KHO FDT In-Reply-To: (Breno Leitao's message of "Mon, 16 Mar 2026 04:09:43 -0700") References: <20260309-kho-v8-0-c3abcf4ac750@debian.org> <20260309-kho-v8-3-c3abcf4ac750@debian.org> <2vxzbjgsgk41.fsf@kernel.org> Date: Fri, 03 Apr 2026 11:37:46 +0000 Message-ID: <2vxza4vkcm0l.fsf@kernel.org> User-Agent: Gnus/5.13 (Gnus v5.13) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain On Mon, Mar 16 2026, Breno Leitao wrote: > On Fri, Mar 13, 2026 at 09:21:50AM +0000, Pratyush Yadav wrote: >> On Mon, Mar 09 2026, Breno Leitao wrote: [...] >> I noticed that the error handling here is a bit broken. We open the >> subnode for the subtree, but then if we fail to add the "preserved-data" >> property, we don't remove the subnode. So the next kernel gets an >> invalid FDT (per KHO ABI) and might as well refuse to parse it. >> >> Similarly here, the FDT might also be missing the size and then the next >> kernel might reject the FDT. >> >> Also, we directly return the FDT error code to the caller, which >> wouldn't make sense since it probably expects -errno. >> >> Not something this patchset has to fix, but I am pointing this out in >> case someone (possibly also future me) is interested in fixing this up. > > That is a good point, do you mean a fix like the following? > > commit 633d0cb01ed959676b60de8b1851dad1757d8fe5 > Author: Breno Leitao > Date: Mon Mar 16 04:03:51 2026 -0700 > > kho: fix error handling in kho_add_subtree() > > Fix two error handling issues in kho_add_subtree(): > > 1. If fdt_setprop() fails after the subnode has been created, the > subnode is not removed. This leaves an incomplete node in the FDT > (missing "preserved-data" or "blob-size" properties), which violates > the KHO ABI and may cause the next kernel to reject the FDT. > > 2. The fdt_setprop() return value (an FDT error code) is stored > directly in err and returned to the caller, which expects -errno. > > Fix both by storing fdt_setprop() results in fdt_err, jumping to a new > out_del_node label that removes the subnode on failure, and only setting > err = 0 on the success path. > > Signed-off-by: Breno Leitao > Suggested-by: Pratyush Yadav > > diff --git a/kernel/liveupdate/kexec_handover.c b/kernel/liveupdate/kexec_handover.c > index 62b1b8a9aa337..8d2d30119f6d4 100644 > --- a/kernel/liveupdate/kexec_handover.c > +++ b/kernel/liveupdate/kexec_handover.c > @@ -787,19 +787,24 @@ int kho_add_subtree(const char *name, void *blob, size_t size) > goto out_pack; > } > > - err = fdt_setprop(root_fdt, off, KHO_SUB_TREE_PROP_NAME, > - &phys, sizeof(phys)); > - if (err < 0) > - goto out_pack; > + fdt_err = fdt_setprop(root_fdt, off, KHO_SUB_TREE_PROP_NAME, > + &phys, sizeof(phys)); > + if (fdt_err < 0) > + goto out_del_node; > > - err = fdt_setprop(root_fdt, off, KHO_SUB_TREE_SIZE_PROP_NAME, > - &size_u64, sizeof(size_u64)); > - if (err < 0) > - goto out_pack; > + fdt_err = fdt_setprop(root_fdt, off, KHO_SUB_TREE_SIZE_PROP_NAME, > + &size_u64, sizeof(size_u64)); > + if (fdt_err < 0) > + goto out_del_node; > > WARN_ON_ONCE(kho_debugfs_blob_add(&kho_out.dbg, name, blob, > size, false)); > > + err = 0; > + goto out_pack; > + > +out_del_node: > + fdt_del_node(root_fdt, off); > out_pack: > fdt_pack(root_fdt); > > > Given this is not strictly related to this patchset, I am planning to > send this fix separately. Yep, looks good. Please send it out as an independent patch. [...] -- Regards, Pratyush Yadav