On Thu, 17 Aug 2023 13:57:59 -0400, Rik van Riel wrote:
> The code calling ima_free_kexec_buffer runs long after the memblock
> allocator has already been torn down, potentially resulting in a use
> after free in memblock_isolate_range.
>
> With KASAN or KFENCE, this use after free will result in a BUG
> from the idle task, and a subsequent kernel panic.
>
> Switch ima_free_kexec_buffer over to memblock_free_late to avoid
> that issue.
>
> Fixes: fee3ff99bc67 ("powerpc: Move arch independent ima kexec functions to
> drivers/of/kexec.c")
> Cc: stable@xxxxxxxxxx
> Signed-off-by: Rik van Riel <riel@xxxxxxxxxxx>
> Suggested-by: Mike Rappoport <rppt@xxxxxxxxxx>
> ---
> drivers/of/kexec.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
Applied, thanks!
