| From: Breno Leitao <leitao@debian.org> |
| Subject: riscv: kexec: initialize kexec_buf struct |
| Date: Wed, 27 Aug 2025 03:42:22 -0700 |
| |
| The kexec_buf structure was previously declared without initialization. |
| commit bf454ec31add ("kexec_file: allow to place kexec_buf randomly") |
| added a field that is always read but not consistently populated by all |
| architectures. This un-initialized field will contain garbage. |
| |
| This is also triggering a UBSAN warning when the uninitialized data was |
| accessed: |
| |
| ------------[ cut here ]------------ |
| UBSAN: invalid-load in ./include/linux/kexec.h:210:10 |
| load of value 252 is not a valid value for type '_Bool' |
| |
| Zero-initializing kexec_buf at declaration ensures all fields are |
| cleanly set, preventing future instances of uninitialized memory being |
| used. |
| |
| Link: https://lkml.kernel.org/r/20250827-kbuf_all-v1-2-1df9882bb01a@debian.org |
| Fixes: bf454ec31add ("kexec_file: allow to place kexec_buf randomly") |
| Signed-off-by: Breno Leitao <leitao@debian.org> |
| Cc: Albert Ou <aou@eecs.berkeley.edu> |
| Cc: Alexander Gordeev <agordeev@linux.ibm.com> |
| Cc: Alexandre Ghiti <alex@ghiti.fr> |
| Cc: Baoquan He <bhe@redhat.com> |
| Cc: Catalin Marinas <catalin.marinas@arm.com> |
| Cc: Christian Borntraeger <borntraeger@linux.ibm.com> |
| Cc: Coiby Xu <coxu@redhat.com> |
| Cc: Heiko Carstens <hca@linux.ibm.com> |
| Cc: Palmer Dabbelt <palmer@dabbelt.com> |
| Cc: Paul Walmsley <paul.walmsley@sifive.com> |
| Cc: Sven Schnelle <svens@linux.ibm.com> |
| Cc: Vasily Gorbik <gor@linux.ibm.com> |
| Cc: Will Deacon <will@kernel.org> |
| Cc: <stable@vger.kernel.org> |
| Signed-off-by: Andrew Morton <akpm@linux-foundation.org> |
| --- |
| |
| arch/riscv/kernel/kexec_elf.c | 4 ++-- |
| arch/riscv/kernel/kexec_image.c | 2 +- |
| arch/riscv/kernel/machine_kexec_file.c | 2 +- |
| 3 files changed, 4 insertions(+), 4 deletions(-) |
| |
| --- a/arch/riscv/kernel/kexec_elf.c~riscv-kexec-initialize-kexec_buf-struct |
| +++ a/arch/riscv/kernel/kexec_elf.c |
| @@ -28,7 +28,7 @@ static int riscv_kexec_elf_load(struct k |
| int i; |
| int ret = 0; |
| size_t size; |
| - struct kexec_buf kbuf; |
| + struct kexec_buf kbuf = {}; |
| const struct elf_phdr *phdr; |
| |
| kbuf.image = image; |
| @@ -66,7 +66,7 @@ static int elf_find_pbase(struct kimage |
| { |
| int i; |
| int ret; |
| - struct kexec_buf kbuf; |
| + struct kexec_buf kbuf = {}; |
| const struct elf_phdr *phdr; |
| unsigned long lowest_paddr = ULONG_MAX; |
| unsigned long lowest_vaddr = ULONG_MAX; |
| --- a/arch/riscv/kernel/kexec_image.c~riscv-kexec-initialize-kexec_buf-struct |
| +++ a/arch/riscv/kernel/kexec_image.c |
| @@ -41,7 +41,7 @@ static void *image_load(struct kimage *i |
| struct riscv_image_header *h; |
| u64 flags; |
| bool be_image, be_kernel; |
| - struct kexec_buf kbuf; |
| + struct kexec_buf kbuf = {}; |
| int ret; |
| |
| /* Check Image header */ |
| --- a/arch/riscv/kernel/machine_kexec_file.c~riscv-kexec-initialize-kexec_buf-struct |
| +++ a/arch/riscv/kernel/machine_kexec_file.c |
| @@ -261,7 +261,7 @@ int load_extra_segments(struct kimage *i |
| int ret; |
| void *fdt; |
| unsigned long initrd_pbase = 0UL; |
| - struct kexec_buf kbuf; |
| + struct kexec_buf kbuf = {}; |
| char *modified_cmdline = NULL; |
| |
| kbuf.image = image; |
| _ |
