On Tue, Sep 16 2025, Mike Rapoport wrote: > On Wed, Sep 10, 2025 at 05:34:40PM +0200, Pratyush Yadav wrote: >> When restoring a folio using kho_restore_folio(), no sanity checks are >> done to make sure the folio actually came from a kexec handover. The >> caller is trusted to pass in the right address. If the caller has a bug >> and passes in a wrong address, an in-use folio might be "restored" and >> returned, causing all sorts of memory corruption. >> >> Harden the folio restore logic by stashing in a magic number in >> page->private along with the folio order. If the magic number does not >> match, the folio won't be touched. page->private is an unsigned long. >> The union kho_page_info splits it into two parts, with one holding the >> order and the other holding the magic number. > > I think the sanity checks belongs to the core kho_restore_page() function > and kho_restore_folio() should be a thin wrapper for that, at least until > we'd need to allocate struct folio there.
Hmm, okay. I can do that for the next version. -- Regards, Pratyush Yadav
