On Fri, Nov 14 2025, Pasha Tatashin wrote:
> Currently, the output FDT is added to debugfs only when KHO is
> finalized and removed when aborted.
>
> There is no need to hide the FDT based on the state. Always expose it
> starting from initialization. This aids the transition toward removing
> the explicit abort functionality and converting KHO to be fully
> stateless.
>
> Also, pre-zero the FDT tree so we do not expose random bits to the
> user and to the next kernel.
>
> Signed-off-by: Pasha Tatashin <pasha.tatashin@soleen.com>
> ---
> kernel/liveupdate/kexec_handover.c | 10 ++++------
> 1 file changed, 4 insertions(+), 6 deletions(-)
>
> diff --git a/kernel/liveupdate/kexec_handover.c b/kernel/liveupdate/kexec_handover.c
> index 83aca3b4af15..cd8641725343 100644
> --- a/kernel/liveupdate/kexec_handover.c
> +++ b/kernel/liveupdate/kexec_handover.c
> @@ -1147,8 +1147,6 @@ int kho_abort(void)
> __kho_abort();
> kho_out.finalized = false;
>
> - kho_debugfs_fdt_remove(&kho_out.dbg, kho_out.fdt);
> -
> return 0;
> }
>
> @@ -1219,9 +1217,6 @@ int kho_finalize(void)
>
> kho_out.finalized = true;
>
> - WARN_ON_ONCE(kho_debugfs_fdt_add(&kho_out.dbg, "fdt",
> - kho_out.fdt, true));
> -
> return 0;
> }
>
> @@ -1310,7 +1305,7 @@ static __init int kho_init(void)
> if (!kho_enable)
> return 0;
>
> - fdt_page = alloc_page(GFP_KERNEL);
> + fdt_page = alloc_page(GFP_KERNEL | __GFP_ZERO);
If I read the series right, patch 9 will make this a full FDT with no
subnodes. That makes a lot more sense than a zero page. Thinking out
loud.
For this patch,
Reviewed-by: Pratyush Yadav <pratyush@kernel.org>
> if (!fdt_page) {
> err = -ENOMEM;
> goto err_free_scratch;
> @@ -1344,6 +1339,9 @@ static __init int kho_init(void)
> init_cma_reserved_pageblock(pfn_to_page(pfn));
> }
>
> + WARN_ON_ONCE(kho_debugfs_fdt_add(&kho_out.dbg, "fdt",
> + kho_out.fdt, true));
> +
> return 0;
>
> err_free_fdt:
--
Regards,
Pratyush Yadav