Re: [PATCH v5 5/7] blktrace: fix debugfs use after free

From: Luis Chamberlain
Date: Fri Jun 05 2020 - 18:33:25 EST


On Thu, Jun 04, 2020 at 09:48:43PM -0700, Bart Van Assche wrote:
> On 2020-06-01 10:05, Luis Chamberlain wrote:
> > diff --git a/kernel/trace/blktrace.c b/kernel/trace/blktrace.c
> > index a55cbfd060f5..5b0310f38e11 100644
> > --- a/kernel/trace/blktrace.c
> > +++ b/kernel/trace/blktrace.c
> > @@ -511,6 +511,11 @@ static int do_blk_trace_setup(struct request_queue *q, char *name, dev_t dev,
> > */
> > if (bdev && bdev != bdev->bd_contains) {
> > dir = bdev->bd_part->debugfs_dir;
> > + } else if (q->sg_debugfs_dir &&
> > + strlen(buts->name) == strlen(q->sg_debugfs_dir->d_name.name)
> > + && strcmp(buts->name, q->sg_debugfs_dir->d_name.name) == 0) {
> > + /* scsi-generic requires use of its own directory */
> > + dir = q->sg_debugfs_dir;
> > } else {
> > /*
> > * For queues that do not have a gendisk attached to them, that
> >
>
> Please Cc Martin Petersen for patches that modify SCSI code.

Sure thing.
> The string comparison check looks fragile to me. Is the purpose of that

> check perhaps to verify whether tracing is being activated through the
> SCSI generic interface?

Yes.

> If so, how about changing that test into
> something like the following?
>
> MAJOR(dev) == SCSI_GENERIC_MAJOR

Sure.

Luis