summaryrefslogtreecommitdiff
path: root/scripts/patch-kernel
diff options
context:
space:
mode:
authorPratyush Yadav (Google) <pratyush@kernel.org>2026-05-19 15:24:26 +0300
committerMike Rapoport (Microsoft) <rppt@kernel.org>2026-06-01 09:19:38 +0300
commit507e3b479f9c6d85135eb5e1a77fb3fddb259ad8 (patch)
treea2ef1e25f6664eb51eb5d9c316cc85b72567c038 /scripts/patch-kernel
parent051a224c4933e58a0592c5528e89831099c65d6b (diff)
downloadlinux-507e3b479f9c6d85135eb5e1a77fb3fddb259ad8.tar.xz
liveupdate: validate session type before performing operation
The sessions ioctls are not applicable to all session types. PRESERVE_FD is only applicable to outgoing sessions. RETRIEVE_FD and FINISH are only valid for incoming session. Calling a incoming ioctl on an outgoing session is invalid and can cause file handlers to run into unexpected errors. For example, a user can create a (outgoing) session, preserve a memfd, and then immediately do a retrieve without doing a kexec in between. This would result in memfd's retrieve handler to run. The handlers expects to be called from a post-kexec context, and will try to do a kho_restore_vmalloc() or kho_restore_folio() to try and restore memory. KHO catches this (thanks to KHO_PAGE_MAGIC) and returns an error, but since this is considered an internal error and KHO throws out a bunch of WARN()s. Associate a type with each ioctl op and validate the type in luo_session_ioctl() before dispatching the ioctl handler to make sure the op is being called for the right session type. Fixes: 16cec0d26521 ("liveupdate: luo_session: add ioctls for file preservation") Cc: stable@vger.kernel.org Signed-off-by: Pratyush Yadav (Google) <pratyush@kernel.org> Link: https://patch.msgid.link/20260519122428.2378446-1-pratyush@kernel.org Signed-off-by: Mike Rapoport (Microsoft) <rppt@kernel.org>
Diffstat (limited to 'scripts/patch-kernel')
0 files changed, 0 insertions, 0 deletions