Re: [PATCH] riscv: Fix a NULL pointer reference in machine_kexec_prepare

Next message: Pu Lehui: "Re: [PATCH bpf-next v2 1/3] riscv: stacktrace: Implement arch_bpf_stack_walk() for BPF"
Previous message: Liem: "[PATCH v4 2/2] i2c: imx: Cancel hrtimer before clearing slave pointer"
In reply to: Tao Liu: "Re: [PATCH] riscv: Fix a NULL pointer reference in machine_kexec_prepare"
Next in thread: Pratyush Yadav: "Re: [PATCH] riscv: Fix a NULL pointer reference in machine_kexec_prepare"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Baoquan He

Date: Sun Jun 28 2026 - 22:45:14 EST

On 06/28/26 at 10:38am, Tao Liu wrote:
......
> > > /*
> > > * Some segments (e.g. IMA) reserve space but have no buffer
> > > * loaded yet. Skip them as they cannot contain an FDT.
> > > */
> > > And is there any other place where the similar issue exists? e.g on LoongArch?
>
> I have tested in LoongArch, it doesn't have the similar issue. The
> reason is, in arch/loongarch/kernel/machine_kexec.c:machine_kexec_prepare(),
> the unchecked memcpy() only happens for none kexec file load, however
> ima_add_kexec_buffer() requires kexec file load. So the condition
> isn't met.

OK, that's good, thanks for the effort.

>
> > >
> > > Other than above concerns, this patch looks good to me:
> > >
> > > Acked-by: Baoquan He <bhe@xxxxxxxxxx>
>
> Thanks for your code review and suggestions!
>
> Thanks,
> Tao Liu
>
> > >
> > > > > if (image->file_mode)
> > > > > memcpy(&fdt, image->segment[i].buf, sizeof(fdt));
> > > > > else if (copy_from_user(&fdt, image->segment[i].buf, sizeof(fdt)))
> > > > > --
> > > > > 2.47.0
> > > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > linux-riscv mailing list
> > > > linux-riscv@xxxxxxxxxxxxxxxxxxx
> > > > http://lists.infradead.org/mailman/listinfo/linux-riscv
> > > >
> > >
>