[RFC PATCH v2 04/14] kcov: reject enable on multiple dataflow fds simultaneously

Next message: Bobby Eshleman: "[PATCH net-next v2 1/4] net: devmem: allow rx-buf-size &gt; PAGE_SIZE per dmabuf binding"
Previous message: Chuyi Zhou: "Re: [PATCH v7 11/14] x86/mm: Cap flush_tlb_info alignment at 64 bytes"
In reply to: Yunseong Kim: "[RFC PATCH v2 00/14] kcov: add per-task dataflow tracking for function arguments/return values"
Next in thread: Alexander Potapenko: "Re: [RFC PATCH v2 04/14] kcov: reject enable on multiple dataflow fds simultaneously"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Yunseong Kim

Date: Thu Jun 11 2026 - 12:24:48 EST

A task could enable tracing on multiple kcov_dataflow file descriptors,
corrupting the internal tracking state when one is subsequently closed.

Check current->kcov_df_enabled before allowing KCOV_DF_ENABLE and
return -EBUSY if already active. This matches kcov's check of
t->kcov != NULL in the KCOV_ENABLE path.

Reported-by: sashiko-bot <sashiko-bot@xxxxxxxxxx>
Closes: https://sashiko.dev/#/patchset/20260603-kcov-dataflow-next-20260603-v2-0-fee0939de2c4%40est.tech
Signed-off-by: Yunseong Kim <yunseong.kim@xxxxxxxx>
---
kernel/kcov_dataflow.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/kcov_dataflow.c b/kernel/kcov_dataflow.c
index 5248293280d5..27587b8ceeab 100644
--- a/kernel/kcov_dataflow.c
+++ b/kernel/kcov_dataflow.c
@@ -287,8 +287,8 @@ static long kcov_df_ioctl(struct file *filep, unsigned int cmd, unsigned long ar
break;

case KCOV_DF_ENABLE:
- if (!df->area || df->t) {
- res = -EINVAL;
+ if (!df->area || df->t || current->kcov_df_enabled) {
+ res = -EBUSY;
break;
}
df->t = current;

--
2.43.0