From nobody Tue Apr 7 15:29:56 2026 Received: from mail-yw1-f179.google.com (mail-yw1-f179.google.com [209.85.128.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 711D634AB19 for ; Wed, 25 Feb 2026 22:39:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772059146; cv=none; b=n2bxs7vohg8skQ/2GGrsmR/inLRcWXKZHu0jENYqh/ksV6OhbdklOqX9SM/vav/tKIZkZ1++AB4B9jTVGX2KMpyIWDI7UANMVELFvCyIbsKsMtCj32THjHTpN1DjcP4GqtXxql4ANzAUMwcZ5HXOjcGH2DZzxlXI9rL9CRyS7Fc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1772059146; c=relaxed/simple; bh=GCO3i+78Gkw0f+bRbML0l2AacW2Vnpc1ZCbFBjuKDxo=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=MrHexSVdApBEL7nplZNYiD8/qTXbNQL1SCBNu+HDyM7O2bQn3xoj7MGXSjjTMEEXGU0S7vb5HCPXMdSp93Rv1d07WbnaKy6Y4rpxuVvm+JWrJBG+Vmu3N3UCaH23itqwCRJmo7XYc40OVb2Dgydlb0boCq6+Qqcp5cE7VWpHZEA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=soleen.com; spf=pass smtp.mailfrom=soleen.com; dkim=pass (2048-bit key) header.d=soleen.com header.i=@soleen.com header.b=PVRgAYqP; arc=none smtp.client-ip=209.85.128.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=soleen.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=soleen.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=soleen.com header.i=@soleen.com header.b="PVRgAYqP" Received: by mail-yw1-f179.google.com with SMTP id 00721157ae682-79827d28feaso1507797b3.3 for ; Wed, 25 Feb 2026 14:39:05 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=soleen.com; s=google; t=1772059144; x=1772663944; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=4lZvVwm+F04xN8ZkK9KLgYq8/GMMqb6l7a/In49g+nU=; b=PVRgAYqPwZsOjpvxIdZy6AomTxNQUSiNsa4+N38C4slm2irAZYleyCZhrsFhfUPK6Q VB17zr2O4jCH3iHHvPJvtwhJ5xS+ozSRbk+CDkXrtQTnDjcpOQXxsMkG8MIzOQQDZrk0 qj3V2ai2TBd5bN/Af+yuWc2UgUrT8zprn2Yq7it8QSvQu3RaqWNxg/bPJ1w7bh/g7nQ2 m0ySE5/tdzjcLmf/f++a2qVJcBjQ7O6uAYjwPaCkjS+Fy8RpJhBmDS+BeWkAeiNQjx3O GZUBEgAOEI4Z4cPOKbTbVDK1IYz4V19wYV2YB5UpvJF9N0sctkOFm0u/3dLCr9lQPSKi ygWw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1772059144; x=1772663944; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-gg:x-gm-message-state:from:to :cc:subject:date:message-id:reply-to; bh=4lZvVwm+F04xN8ZkK9KLgYq8/GMMqb6l7a/In49g+nU=; b=rqLavVKw/zgPCgG7N2FwduZKS74AEW2ApvsbJvAM+/7bv3j+tD9B0PFulzUcnt1Q5X 1+slIQBh3EW0bHMaB510iGRB9b/rTiluHHN8UHUzHFnyebrYT6thuJ+2mhTKZPyuY/tf Sj+IGUHo7Gs7GRVdRlSnrGWh7SWmPrv/cteiIx+796BtRzYCipe3MYD5SocFmnicg/2c bFJRG+n0+xVqlZvxouN1fDT9FAhZE119hvjZCFdeQGNncjgs/B25b4bLzHM5KZ14NjLU jJIHEelUI6E+uNmAmUVCvza8ldpzaHQ+SfiCR32vEwlVRmVEGmSGUEuztdRzmvnyvNOR 4xWQ== X-Forwarded-Encrypted: i=1; AJvYcCVW4dkawuK529bH4ZjpGsOSDht6o7VHiYxW08OSMImWPc790HGnuKop89cw2t72fGALDZC7U3xpfUzX3b0=@vger.kernel.org X-Gm-Message-State: AOJu0Yyg4R6ZI2TNfuAgGIh/vP1v4LdfJMhn8kiuzl9AptPYvqZRy2kn rBMtdQ4D0Q5B7Qo9QXyUiZRsGZ52fzMjnStJszwXKOE9+KhQgjWquX33u76s0QrD9HU= X-Gm-Gg: ATEYQzygHGeuaJo1nzRqO/21QLsBs1PTn/8JuCO1wl5d5I8U/dF8gcFN3/gnU8mKVvE VvPRJ+FmTbrOreUV3X/cw4XSESd6v2pYFQIdwcF0weiSbQC810CEJyyx7/5vCFVRTJclNi5EDTg iAEeQVqZGkpnLD8iQeTs2wvL0rabgZI/0MwN24VPAi/KJ68ae6mQa/qmIRg4Z7+qaFaoqX3ZWev +ZPmQz3Mf87FeyKcanO11NixelHaDtzjZ9Btqy0dMHE3Hf8NZvUBEvUfQHCboHk5zSpdt7majvC QFfRz2GyX2HlkyP6ELcKnU+9xGKjKeMwUhffSYlySwZe77IDTHau+sWkZzPO1VRjmqr28yMQhho qBEpHeWNEEXEkSjakotlsgLnHBxWgZtWXzqZWaB9Cmfh27PXC2lUSVSVIqf2jqJN73NobwClNn8 +Jal9LFngR40+DLlNr4TxpotzueBeFFQshBrGms6J740+eR6mmylnSaBAjo+AHvzym/QhkQEpYi 4LETLp/57ktiwKBjdvvhFRnW/CI2modfOvUYoqFFgJhXIZwfw== X-Received: by 2002:a05:690c:3513:b0:797:ef49:a487 with SMTP id 00721157ae682-79876e3fc70mr1675837b3.62.1772059144413; Wed, 25 Feb 2026 14:39:04 -0800 (PST) Received: from soleen.c.googlers.com.com (57.233.150.34.bc.googleusercontent.com. [34.150.233.57]) by smtp.gmail.com with ESMTPSA id 00721157ae682-79876c992b9sm918297b3.50.2026.02.25.14.39.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 25 Feb 2026 14:39:04 -0800 (PST) From: Pasha Tatashin To: pratyush@kernel.org, akpm@linux-foundation.org, david@redhat.com, lorenzo.stoakes@oracle.com, Liam.Howlett@oracle.com, vbabka@kernel.org, rppt@kernel.org, graf@amazon.com, pasha.tatashin@soleen.com, linux-mm@kvack.org, linux-kernel@vger.kernel.org, surenb@google.com, mhocko@suse.com, urezki@gmail.com Subject: [PATCH v1 2/2] kho: fix KASAN support for restored vmalloc regions Date: Wed, 25 Feb 2026 17:38:57 -0500 Message-ID: <20260225223857.1714801-3-pasha.tatashin@soleen.com> X-Mailer: git-send-email 2.53.0.414.gf7e9f6c205-goog In-Reply-To: <20260225223857.1714801-1-pasha.tatashin@soleen.com> References: <20260225223857.1714801-1-pasha.tatashin@soleen.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Restored vmalloc regions are currently not properly marked for KASAN, causing KASAN to treat accesses to these regions as out-of-bounds. Fix this by properly unpoisoning the restored vmalloc area using kasan_unpoison_vmalloc(). This requires setting the VM_UNINITIALIZED flag during the initial area allocation and clearing it after the pages have been mapped and unpoisoned, using the clear_vm_uninitialized_flag() helper. Reported-by: Pratyush Yadav Fixes: a667300bd53f ("kho: add support for preserving vmalloc allocations") Signed-off-by: Pasha Tatashin Reviewed-by: Pratyush Yadav (Google) Tested-by: Pratyush Yadav (Google) --- kernel/liveupdate/kexec_handover.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/kernel/liveupdate/kexec_handover.c b/kernel/liveupdate/kexec_h= andover.c index 410098bae0bf..747a35107c84 100644 --- a/kernel/liveupdate/kexec_handover.c +++ b/kernel/liveupdate/kexec_handover.c @@ -14,6 +14,7 @@ #include #include #include +#include #include #include #include @@ -1077,6 +1078,7 @@ EXPORT_SYMBOL_GPL(kho_unpreserve_vmalloc); void *kho_restore_vmalloc(const struct kho_vmalloc *preservation) { struct kho_vmalloc_chunk *chunk =3D KHOSER_LOAD_PTR(preservation->first); + kasan_vmalloc_flags_t kasan_flags =3D KASAN_VMALLOC_PROT_NORMAL; unsigned int align, order, shift, vm_flags; unsigned long total_pages, contig_pages; unsigned long addr, size; @@ -1128,7 +1130,8 @@ void *kho_restore_vmalloc(const struct kho_vmalloc *p= reservation) goto err_free_pages_array; =20 area =3D __get_vm_area_node(total_pages * PAGE_SIZE, align, shift, - vm_flags, VMALLOC_START, VMALLOC_END, + vm_flags | VM_UNINITIALIZED, + VMALLOC_START, VMALLOC_END, NUMA_NO_NODE, GFP_KERNEL, __builtin_return_address(0)); if (!area) @@ -1143,6 +1146,13 @@ void *kho_restore_vmalloc(const struct kho_vmalloc *= preservation) area->nr_pages =3D total_pages; area->pages =3D pages; =20 + if (vm_flags & VM_ALLOC) + kasan_flags |=3D KASAN_VMALLOC_VM_ALLOC; + + area->addr =3D kasan_unpoison_vmalloc(area->addr, total_pages * PAGE_SIZE, + kasan_flags); + clear_vm_uninitialized_flag(area); + return area->addr; =20 err_free_vm_area: --=20 2.53.0.414.gf7e9f6c205-goog