From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id AE6E3336897 for ; Thu, 14 May 2026 19:25:56 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778786756; cv=none; b=o9/kqYz2mOCtrdd3YtGs3dBagcQYvxn3AjyOEQPVLjV1sjFv76IgmsbfYt68JltfnhU+OsBrSyx3bBs0C0pEWXSl+PW+/wHJIU5glekG31GK1Q9YnSTjxlobFMrFjbMfatTYAqXcLX4DX+GF3+GBVHUhR7kjBE0LciVjScTfhoQ= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1778786756; c=relaxed/simple; bh=2G+Vqyw4oxghE7pnHIg+cKn/MgZLF+X4PYv/6qAS0R0=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=QrSQRLDphHCmTOcw+jrrPY51EJKRYQpbbdIh14pJ58mCsQmGyCvK4T/jSY0DCeiciV37VHu8Uyi9mzTDQv1/ZEJ7qyktj16gCj9dPbLlvBJVdITLisO6p79wuUZjUtjEBGATRN7c9jH4o0nBlnnGASxUBrDpItFAA+YXhcFQ3Mg= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=G40jEvkT; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="G40jEvkT" Received: by smtp.kernel.org (Postfix) with ESMTPSA id ABEDEC2BCB3; Thu, 14 May 2026 19:25:55 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1778786756; bh=2G+Vqyw4oxghE7pnHIg+cKn/MgZLF+X4PYv/6qAS0R0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=G40jEvkTgCILcqney2jlMHyJ+38mnqve1XEGt0ARwpCZOyRhK5es3EWYJlssfc4Le 0uqxIL33Buw+gQXyLHGpl5BHQIWXJY6IgWwJtSA0GX8Supxb/1RYJ9eDTS7X96fCFh MKPWY9gd8zJpH8YuF6vhIgtiEvWrKwwYHJb7uf3OD2BapojVuaOTLvK5Ue4YVuKtUS JNFp9MgweCeK3uGLK5BtsRG5yFvzBGt98bFIsxGtMD/y/inbUdedW/ogMLNSSLQ/Ma 5FDOjLfv6Tx+BbAqsMutp5GeCtv2J6agXgEEr37COfGygMFm1uyNDnstJg+xQiNW4V ednnrR5W6ucNg== From: Sasha Levin To: stable@vger.kernel.org Cc: Breno Leitao , Pratyush Yadav , "Mike Rapoport (Microsoft)" , Alexander Graf , Pasha Tatashin , Andrew Morton , Sasha Levin Subject: [PATCH 7.0.y] kho: fix error handling in kho_add_subtree() Date: Thu, 14 May 2026 15:25:53 -0400 Message-ID: <20260514192553.1255751-1-sashal@kernel.org> X-Mailer: git-send-email 2.53.0 In-Reply-To: <2026051212-boil-trivial-8d5e@gregkh> References: <2026051212-boil-trivial-8d5e@gregkh> Precedence: bulk X-Mailing-List: stable@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Breno Leitao [ Upstream commit 9ec95329894864170a1a7685b9a11b739393131a ] Fix two error handling issues in kho_add_subtree(), where it doesn't handle the error path correctly. 1. If fdt_setprop() fails after the subnode has been created, the subnode is not removed. This leaves an incomplete node in the FDT (missing "preserved-data" or "blob-size" properties). 2. The fdt_setprop() return value (an FDT error code) is stored directly in err and returned to the caller, which expects -errno. Fix both by storing fdt_setprop() results in fdt_err, jumping to a new out_del_node label that removes the subnode on failure, and only setting err = 0 on the success path, otherwise returning -ENOMEM (instead of FDT_ERR_ errors that would come from fdt_setprop). No user-visible changes. This patch fixes error handling in the KHO (Kexec HandOver) subsystem, which is used to preserve data across kexec reboots. The fix only affects a rare failure path during kexec preparation — specifically when the kernel runs out of space in the Flattened Device Tree buffer while registering preserved memory regions. In the unlikely event that this error path was triggered, the old code would leave a malformed node in the device tree and return an incorrect error code to the calling subsystem, which could lead to confusing log messages or incorrect recovery decisions. With this fix, the incomplete node is properly cleaned up and the appropriate errno value is propagated, this error code is not returned to the user. Link: https://lore.kernel.org/20260410-kho_fix_send-v2-1-1b4debf7ee08@debian.org Fixes: 3dc92c311498 ("kexec: add Kexec HandOver (KHO) generation helpers") Signed-off-by: Breno Leitao Suggested-by: Pratyush Yadav Reviewed-by: Mike Rapoport (Microsoft) Reviewed-by: Pratyush Yadav Cc: Alexander Graf Cc: Breno Leitao Cc: Pasha Tatashin Cc: Signed-off-by: Andrew Morton Signed-off-by: Sasha Levin --- kernel/liveupdate/kexec_handover.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/kernel/liveupdate/kexec_handover.c b/kernel/liveupdate/kexec_handover.c index cc68a3692905d..479c42e08b74a 100644 --- a/kernel/liveupdate/kexec_handover.c +++ b/kernel/liveupdate/kexec_handover.c @@ -757,13 +757,18 @@ int kho_add_subtree(const char *name, void *fdt) goto out_pack; } - err = fdt_setprop(root_fdt, off, KHO_FDT_SUB_TREE_PROP_NAME, - &phys, sizeof(phys)); - if (err < 0) - goto out_pack; + fdt_err = fdt_setprop(root_fdt, off, KHO_FDT_SUB_TREE_PROP_NAME, + &phys, sizeof(phys)); + if (fdt_err < 0) + goto out_del_node; WARN_ON_ONCE(kho_debugfs_fdt_add(&kho_out.dbg, name, fdt, false)); + err = 0; + goto out_pack; + +out_del_node: + fdt_del_node(root_fdt, off); out_pack: fdt_pack(root_fdt); -- 2.53.0