[ 27/74] tracing: Change event_enable/disable_read() to verify i_private != NULL

From: Greg Kroah-Hartman
Date: Mon Aug 26 2013 - 21:22:12 EST

Next message: Greg Kroah-Hartman: "[ 25/74] ftrace: Add check for NULL regs if ops has SAVE_REGS set"
Previous message: Greg Kroah-Hartman: "[ 32/74] tracing: trace_remove_event_call() should fail if call/file is in use"
In reply to: Greg Kroah-Hartman: "[ 32/74] tracing: trace_remove_event_call() should fail if call/file is in use"
Next in thread: Greg Kroah-Hartman: "[ 25/74] ftrace: Add check for NULL regs if ops has SAVE_REGS set"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

3.10-stable review patch. If anyone has any objections, please let me know.

------------------

From: Oleg Nesterov <oleg@xxxxxxxxxx>

commit bc6f6b08dee5645770efb4b76186ded313f23752 upstream.

tracing_open_generic_file() is racy, ftrace_event_file can be
already freed by rmdir or trace_remove_event_call().

Change event_enable_read() and event_disable_read() to read and
verify "file = i_private" under event_mutex.

This fixes nothing, but now we can change debugfs_remove("enable")
callers to nullify ->i_private and fix the the problem.

Link: http://lkml.kernel.org/r/20130726172536.GA3612@xxxxxxxxxx

Reviewed-by: Masami Hiramatsu <masami.hiramatsu.pt@xxxxxxxxxxx>
Signed-off-by: Oleg Nesterov <oleg@xxxxxxxxxx>
Signed-off-by: Steven Rostedt <rostedt@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
kernel/trace/trace_events.c | 28 +++++++++++++++++++---------
1 file changed, 19 insertions(+), 9 deletions(-)

--- a/kernel/trace/trace_events.c
+++ b/kernel/trace/trace_events.c
@@ -682,13 +682,23 @@ static ssize_t
event_enable_read(struct file *filp, char __user *ubuf, size_t cnt,
loff_t *ppos)
{
- struct ftrace_event_file *file = filp->private_data;
+ struct ftrace_event_file *file;
+ unsigned long flags;
char *buf;

- if (file->flags & FTRACE_EVENT_FL_ENABLED) {
- if (file->flags & FTRACE_EVENT_FL_SOFT_DISABLED)
+ mutex_lock(&event_mutex);
+ file = event_file_data(filp);
+ if (likely(file))
+ flags = file->flags;
+ mutex_unlock(&event_mutex);
+
+ if (!file)
+ return -ENODEV;
+
+ if (flags & FTRACE_EVENT_FL_ENABLED) {
+ if (flags & FTRACE_EVENT_FL_SOFT_DISABLED)
buf = "0*\n";
- else if (file->flags & FTRACE_EVENT_FL_SOFT_MODE)
+ else if (flags & FTRACE_EVENT_FL_SOFT_MODE)
buf = "1*\n";
else
buf = "1\n";
@@ -702,13 +712,10 @@ static ssize_t
event_enable_write(struct file *filp, const char __user *ubuf, size_t cnt,
loff_t *ppos)
{
- struct ftrace_event_file *file = filp->private_data;
+ struct ftrace_event_file *file;
unsigned long val;
int ret;

- if (!file)
- return -EINVAL;
-
ret = kstrtoul_from_user(ubuf, cnt, 10, &val);
if (ret)
return ret;
@@ -720,8 +727,11 @@ event_enable_write(struct file *filp, co
switch (val) {
case 0:
case 1:
+ ret = -ENODEV;
mutex_lock(&event_mutex);
- ret = ftrace_event_enable_disable(file, val);
+ file = event_file_data(filp);
+ if (likely(file))
+ ret = ftrace_event_enable_disable(file, val);
mutex_unlock(&event_mutex);
break;

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg Kroah-Hartman: "[ 25/74] ftrace: Add check for NULL regs if ops has SAVE_REGS set"
Previous message: Greg Kroah-Hartman: "[ 32/74] tracing: trace_remove_event_call() should fail if call/file is in use"
In reply to: Greg Kroah-Hartman: "[ 32/74] tracing: trace_remove_event_call() should fail if call/file is in use"
Next in thread: Greg Kroah-Hartman: "[ 25/74] ftrace: Add check for NULL regs if ops has SAVE_REGS set"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]