On Fri, Nov 14 2025, Pasha Tatashin wrote: > Currently, the output FDT is added to debugfs only when KHO is > finalized and removed when aborted. > > There is no need to hide the FDT based on the state. Always expose it > starting from initialization. This aids the transition toward removing > the explicit abort functionality and converting KHO to be fully > stateless. > > Also, pre-zero the FDT tree so we do not expose random bits to the > user and to the next kernel. > > Signed-off-by: Pasha Tatashin <[email protected]> > --- > kernel/liveupdate/kexec_handover.c | 10 ++++------ > 1 file changed, 4 insertions(+), 6 deletions(-) > > diff --git a/kernel/liveupdate/kexec_handover.c > b/kernel/liveupdate/kexec_handover.c > index 83aca3b4af15..cd8641725343 100644 > --- a/kernel/liveupdate/kexec_handover.c > +++ b/kernel/liveupdate/kexec_handover.c > @@ -1147,8 +1147,6 @@ int kho_abort(void) > __kho_abort(); > kho_out.finalized = false; > > - kho_debugfs_fdt_remove(&kho_out.dbg, kho_out.fdt); > - > return 0; > } > > @@ -1219,9 +1217,6 @@ int kho_finalize(void) > > kho_out.finalized = true; > > - WARN_ON_ONCE(kho_debugfs_fdt_add(&kho_out.dbg, "fdt", > - kho_out.fdt, true)); > - > return 0; > } > > @@ -1310,7 +1305,7 @@ static __init int kho_init(void) > if (!kho_enable) > return 0; > > - fdt_page = alloc_page(GFP_KERNEL); > + fdt_page = alloc_page(GFP_KERNEL | __GFP_ZERO);
If I read the series right, patch 9 will make this a full FDT with no subnodes. That makes a lot more sense than a zero page. Thinking out loud. For this patch, Reviewed-by: Pratyush Yadav <[email protected]> > if (!fdt_page) { > err = -ENOMEM; > goto err_free_scratch; > @@ -1344,6 +1339,9 @@ static __init int kho_init(void) > init_cma_reserved_pageblock(pfn_to_page(pfn)); > } > > + WARN_ON_ONCE(kho_debugfs_fdt_add(&kho_out.dbg, "fdt", > + kho_out.fdt, true)); > + > return 0; > > err_free_fdt: -- Regards, Pratyush Yadav
