From nobody Mon Jun 8 09:48:28 2026 Received: from out-184.mta0.migadu.com (out-184.mta0.migadu.com [91.218.175.184]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 65E8542314F for ; Thu, 4 Jun 2026 11:41:13 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=91.218.175.184 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780573278; cv=none; b=CI7l4bRwuTU3Z4MLwln+/lXptAFTLq1r02Qh9tn7whzhf8K8kSIoMipQA5SzMa0t3PkR76NkOq/HQ02eqeKie3qQjT8H1YoxtSn59a3QGlpsiNZ7VAfqKYQlqVxbTBVvZiSESvQDQVBo8hLhNXQpewGIU6SfnEwLzF80StJe6qg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780573278; c=relaxed/simple; bh=P79+1AHPSN96zaPwwD0aaV7LffXCJL1rEfuAD/KSQoE=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version; b=vE1Db9TgLxzrrWu1zd9c/okqvL1K+dOz0mqRPs2PNPKW0gcOo0LrtlOHJ2WFetWaq6uBOJPixqrMV/rHiZmnlcoKqwu+q0i9lXE+nTMIsiAlOdE3XtNGsDGUTBKKGOYlfaPrkjRv7K6bmevpEZLxsvthvSRteAtx6Dq7x8/2Zuw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=jekSMxMN; arc=none smtp.client-ip=91.218.175.184 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="jekSMxMN" X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1780573271; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=qk2XO2YZX9Ln1pAdVPnMLvfveYauig7cdWN65Sl46ws=; b=jekSMxMNlV3iCVVB/1ug/bBO3WGo78aS1KipNbzed843YMtOz9JLpaG8RA7QBx/6p1mvW+ Hiw/YxGZQt8IlRhdE+G7JrIhBUSRPz4/VSu0JgUQa2v2onfp/dyCM658KfDnqLxLPwuJ5C lf5SJjSbC7Xy0vF71N+Xh3i+ZZ8+pWw= From: George Guo To: chenhuacai@kernel.org Cc: maobibo@loongson.cn, loongarch@lists.linux.dev, kexec@lists.infradead.org, linux-kernel@vger.kernel.org, George Guo Subject: [PATCH v3] LoongArch: kexec: use core control page for relocation trampoline to avoid QEMU FDT conflict Date: Thu, 4 Jun 2026 19:41:06 +0800 Message-Id: <20260604114106.391502-1-dongtai.guo@linux.dev> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Migadu-Flow: FLOW_OUT Content-Type: text/plain; charset="utf-8" From: George Guo KEXEC_CONTROL_CODE was hardcoded to TO_CACHE(0x100000). QEMU places its machine FDT at physical 0x100000 when booting with '-kernel', so machine_kexec_prepare() overwrote the FDT with the relocation trampoline. The kexec'd kernel's fdt_setup() then read trampoline code instead of a valid FDT, earlycon auto-detection failed, and the second kernel booted silently with no console output. The trampoline does not need a fixed address. It is executed by the current kernel to relocate and enter the new kernel, and is dead once the new kernel starts. Drop KEXEC_CONTROL_CODE and reuse the control_code_page that the kexec core already allocates (as arm64 and riscv do). That page is excluded from the relocation copy and lives nowhere near 0x100000, so the QEMU FDT is left intact. Signed-off-by: George Guo --- Changes in v3: - Only the relocation trampoline is moved off the hardcoded address onto the core-allocated control_code_page. v2 also moved the kernel command line to a kexec control page, but as Huacai pointed out a control page only avoids being clobbered by the relocation copy in the current kernel; it is not reserved in the new kernel, which reads the command line early in boot. The command line therefore stays at the existing fixed KEXEC_CMDLINE_ADDR in the reserved first 2MB (unchanged). Changes in v2: - Instead of moving KEXEC_CONTROL_CODE to a different fixed address, reuse the kexec core's control_code_page for the trampoline. v2: https://lore.kernel.org/all/20260601033820.38805-1-dongtai.guo@linux.de= v/ v1: https://lore.kernel.org/all/20260528135828.196953-1-dongtai.guo@linux.d= ev/ arch/loongarch/kernel/machine_kexec.c | 21 ++++++++++++++++----- 1 file changed, 16 insertions(+), 5 deletions(-) diff --git a/arch/loongarch/kernel/machine_kexec.c b/arch/loongarch/kernel/= machine_kexec.c index d7fafda1d541..3527da57234d 100644 --- a/arch/loongarch/kernel/machine_kexec.c +++ b/arch/loongarch/kernel/machine_kexec.c @@ -21,8 +21,14 @@ #include #include =20 -/* 0x100000 ~ 0x200000 is safe */ -#define KEXEC_CONTROL_CODE TO_CACHE(0x100000UL) +/* + * The kexec'd kernel reads its command line from this pointer early in + * boot, so the command line must live in memory the new kernel will not + * reuse. Keep it at a fixed address in the first 2MB, which both the + * current and the kexec'd kernel always keep reserved (see + * memblock_reserve(PHYS_OFFSET, 0x200000) in arch/loongarch/kernel/mem.c). + * 0x108000 does not overlap QEMU's machine FDT at 0x100000. + */ #define KEXEC_CMDLINE_ADDR TO_CACHE(0x108000UL) =20 static unsigned long reboot_code_buffer; @@ -72,9 +78,14 @@ int machine_kexec_prepare(struct kimage *kimage) } } =20 - /* kexec/kdump need a safe page to save reboot_code_buffer */ - kimage->control_code_page =3D virt_to_page((void *)KEXEC_CONTROL_CODE); - + /* + * kexec/kdump need a safe page to save reboot_code_buffer. Reuse the + * control_code_page allocated by the kexec core (as arm64 and riscv + * do) instead of a fixed address: the trampoline is only executed by + * the current kernel before entering the new kernel, so it needs no + * fixed or reserved location. This also stops machine_kexec_prepare() + * from overwriting QEMU's machine FDT at 0x100000. + */ reboot_code_buffer =3D (unsigned long)page_address(kimage->control_code_p= age); memcpy((void *)reboot_code_buffer, relocate_new_kernel, relocate_new_kern= el_size); =20 --=20 2.25.1