On Thu, Feb 6, 2025 at 7:30 AM Mike Rapoport <rppt@xxxxxxxxxx> wrote:
>
> From: Alexander Graf <graf@xxxxxxxxxx>
>
> Linux has recently gained support for "reserve_mem": A mechanism to
> allocate a region of memory early enough in boot that we can cross our
> fingers and hope it stays at the same location during most boots, so we
> can store for example ftrace buffers into it.
>
> Thanks to KASLR, we can never be really sure that "reserve_mem"
> allocations are static across kexec. Let's teach it KHO awareness so
> that it serializes its reservations on kexec exit and deserializes them
> again on boot, preserving the exact same mapping across kexec.
>
> This is an example user for KHO in the KHO patch set to ensure we have
> at least one (not very controversial) user in the tree before extending
> KHO's use to more subsystems.
>
> Signed-off-by: Alexander Graf <graf@xxxxxxxxxx>
> Co-developed-by: Mike Rapoport (Microsoft) <rppt@xxxxxxxxxx>
> Signed-off-by: Mike Rapoport (Microsoft) <rppt@xxxxxxxxxx>
> ---
> mm/memblock.c | 131 ++++++++++++++++++++++++++++++++++++++++++++++++++
> 1 file changed, 131 insertions(+)
>
> diff --git a/mm/memblock.c b/mm/memblock.c
> index 84df96efca62..fdb08b60efc1 100644
> --- a/mm/memblock.c
> +++ b/mm/memblock.c
> @@ -16,6 +16,9 @@
> #include <linux/kmemleak.h>
> #include <linux/seq_file.h>
> #include <linux/memblock.h>
> +#include <linux/kexec_handover.h>
> +#include <linux/kexec.h>
> +#include <linux/libfdt.h>
>
> #include <asm/sections.h>
> #include <linux/io.h>
> @@ -2423,6 +2426,70 @@ int reserve_mem_find_by_name(const char *name, phys_addr_t *start, phys_addr_t *
> }
> EXPORT_SYMBOL_GPL(reserve_mem_find_by_name);
>
> +static bool __init reserve_mem_kho_revive(const char *name, phys_addr_t size,
> + phys_addr_t align)
> +{
> + const void *fdt = kho_get_fdt();
> + const char *path = "/reserve_mem";
> + int node, child, err;
> +
> + if (!IS_ENABLED(CONFIG_KEXEC_HANDOVER))
> + return false;
> +
> + if (!fdt)
> + return false;
> +
> + node = fdt_path_offset(fdt, "/reserve_mem");
> + if (node < 0)
> + return false;
> +
> + err = fdt_node_check_compatible(fdt, node, "reserve_mem-v1");
> + if (err) {
> + pr_warn("Node '%s' has unknown compatible", path);
> + return false;
> + }
> +
> + fdt_for_each_subnode(child, fdt, node) {
> + const struct kho_mem *mem;
> + const char *child_name;
> + int len;
> +
> + /* Search for old kernel's reserved_mem with the same name */
> + child_name = fdt_get_name(fdt, child, NULL);
> + if (strcmp(name, child_name))
> + continue;
> +
> + err = fdt_node_check_compatible(fdt, child, "reserve_mem_map-v1");
It really seems you all are trying to have things both ways. It's not
Devicetree, just the FDT file format, but then here you use
"compatible" which *is* Devicetree. At best, it's all just confusing
for folks. At worst, you're just picking and choosing what you want to
use.
I'm not saying don't use "compatible" just for the sake of looking
less like DT, but perhaps your versioning should be done differently.
You are reading the 'mem' property straight into a struct. Maybe the
struct should have a version. Or the size of the struct is the version
much like the userspace ABI is handled for structs.
> + if (err) {
> + pr_warn("Node '%s/%s' has unknown compatible", path, name);
> + continue;
> + }
> +
> + mem = fdt_getprop(fdt, child, "mem", &len);
> + if (!mem || len != sizeof(*mem))
> + continue;
> +
> + if (mem->addr & (align - 1)) {
It's stated somewhere in this that the FDT data is LE, but here you
are assuming the FDT is the same endianness as the CPU not that it's
LE. Arm64 can do BE. PowerPC does both. I'm not sure if kexec from one
endianness to another is possible. I would guess in theory it is and
in practice it's broken already (because kexec is always an
afterthought). Either you need to guarantee that native endianness
will never be an issue for any arch or you need to make the endianness
fixed.
Rob
