| Message ID | 20210406191554.12012-1-julien@xen.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [v2] xen/arm: kernel: Propagate the error if we fail to decompress the kernel | expand |
On 06.04.2021 21:15, Julien Grall wrote: > From: Julien Grall <jgrall@amazon.com> > > Currently, we are ignoring any error from perform_gunzip() and replacing > the compressed kernel with the "uncompressed" kernel. > > If there is a gzip failure, then it means that the output buffer may > contain garbagge. So it can result to various sort of behavior that may > be difficult to root cause. > > In case of failure, free the output buffer and propagate the error. > We also need to adjust the return check for kernel_compress() as > perform_gunzip() may return a positive value. > > Take the opportunity to adjust the code style for the check. > > Signed-off-by: Julien Grall <jgrall@amazon.com> > > --- > Changes in v2: > - Fix build > --- Reviewed-by: Michal Orzel <michal.orzel@arm.com>
Hi Michal, On 12/04/2021 07:45, Michal Orzel wrote: > On 06.04.2021 21:15, Julien Grall wrote: >> From: Julien Grall <jgrall@amazon.com> >> >> Currently, we are ignoring any error from perform_gunzip() and replacing >> the compressed kernel with the "uncompressed" kernel. >> >> If there is a gzip failure, then it means that the output buffer may >> contain garbagge. So it can result to various sort of behavior that may >> be difficult to root cause. >> >> In case of failure, free the output buffer and propagate the error. >> We also need to adjust the return check for kernel_compress() as >> perform_gunzip() may return a positive value. >> >> Take the opportunity to adjust the code style for the check. >> >> Signed-off-by: Julien Grall <jgrall@amazon.com> >> >> --- >> Changes in v2: >> - Fix build >> --- > > Reviewed-by: Michal Orzel <michal.orzel@arm.com> Thanks! @Stefano, can I get your acked-by? Cheers,
On 18/04/2021 19:26, Julien Grall wrote: > On 12/04/2021 07:45, Michal Orzel wrote: >> On 06.04.2021 21:15, Julien Grall wrote: >>> From: Julien Grall <jgrall@amazon.com> >>> >>> Currently, we are ignoring any error from perform_gunzip() and replacing >>> the compressed kernel with the "uncompressed" kernel. >>> >>> If there is a gzip failure, then it means that the output buffer may >>> contain garbagge. So it can result to various sort of behavior that may >>> be difficult to root cause. >>> >>> In case of failure, free the output buffer and propagate the error. >>> We also need to adjust the return check for kernel_compress() as >>> perform_gunzip() may return a positive value. >>> >>> Take the opportunity to adjust the code style for the check. >>> >>> Signed-off-by: Julien Grall <jgrall@amazon.com> >>> >>> --- >>> Changes in v2: >>> - Fix build >>> --- >> >> Reviewed-by: Michal Orzel <michal.orzel@arm.com> > > Thanks! @Stefano, can I get your acked-by? Ping? I intend to commit it on Wednesday unless I hear otherwise. Cheers,
diff --git a/xen/arch/arm/kernel.c b/xen/arch/arm/kernel.c index ab78689ed2a6..8f43caa1866d 100644 --- a/xen/arch/arm/kernel.c +++ b/xen/arch/arm/kernel.c @@ -292,6 +292,12 @@ static __init int kernel_decompress(struct bootmodule *mod) iounmap(input); vunmap(output); + if ( rc ) + { + free_domheap_pages(pages, kernel_order_out); + return rc; + } + mod->start = page_to_maddr(pages); mod->size = output_size; @@ -503,7 +509,7 @@ int __init kernel_probe(struct kernel_info *info, /* if it is a gzip'ed image, 32bit or 64bit, uncompress it */ rc = kernel_decompress(mod); - if (rc < 0 && rc != -EINVAL) + if ( rc && rc != -EINVAL ) return rc; #ifdef CONFIG_ARM_64