Opened 8 years ago

Closed 7 years ago

#3488 closed defect (fixed)

lzma expansion code in kernel init/initramfs has fragility.

Reported by: jim@… Owned by: florian
Priority: low Milestone:
Component: kernel Version:
Keywords: Cc:


This probably doesn't affect the openwrt builds yet, but it could as kernels grow over time.

The LZMA expander uses kmalloc() to allocate a huge temporary buffer to hold the uncompressed kernel. kmalloc() allocates contiguous physical pages and fails if it can't. There is no requirement for contiguous pages, it would be better to use vmalloc() which does not have this requirement. (See attached patch, don't forget the corresponding kfree()s)

I don't know the size where this fails precisely, but I crossed it while experimenting with initramfs contents. Somewhere around a 2G trx size for a 32M Ram wrtsl54gs.

Even better, the expander could be made to operate a chunk at a time like the gunzip method so it doesn't require double kernel memory, but it would be an odd machine where someone didn't have double kernel memory available at load time.

And a more nebulous issue that might ring a bell with whoever feels inspired to fix this...
The LZMA loader code used at the front of the trx probably has a bug. It fails somewhere beyond 2G as well. Omitting it and just passing a gzipped kernel image continues to work up until the CFE limit. I looked at that code and am unable to offer a suggestion other than it will be a pain to diagnose since there is no output at that time.

Attachments (1)

patch-initramfs-vmalloc.diff (1.1 KB) - added by jim@… 8 years ago.
Change some kmallocs to vmallocs.

Download all attachments as: .zip

Change History (3)

Changed 8 years ago by jim@…

Change some kmallocs to vmallocs.

comment:1 Changed 7 years ago by florian

  • Owner changed from developers to florian
  • Status changed from new to assigned

comment:2 Changed 7 years ago by florian

  • Resolution set to fixed
  • Status changed from assigned to closed

Applied in [15534], thanks ! I also had this problem on a Cavium Octeon with the brcm47xx patch using kmalloc.

Add Comment

Modify Ticket

as closed .
The resolution will be deleted. Next status will be 'reopened'.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.