Re: [PATCH v1] trace: Fix race in trace_open and buffer resize call
From: Steven Rostedt
Date: Thu Jan 21 2021 - 14:12:52 EST
On Thu, 21 Jan 2021 17:30:40 +0300
Denis Efremov <efremov@xxxxxxxxx> wrote:
> Hi,
>
> This patch (CVE-2020-27825) was tagged with
> Fixes: b23d7a5f4a07a ("ring-buffer: speed up buffer resets by avoiding synchronize_rcu for each CPU")
>
> I'm not an expert here but it seems like b23d7a5f4a07a only refactored
> ring_buffer_reset_cpu() by introducing reset_disabled_cpu_buffer() without
> significant changes. Hence, mutex_lock(&buffer->mutex)/mutex_unlock(&buffer->mutex)
> can be backported further than b23d7a5f4a07a~ and to all LTS kernels. Is
> b23d7a5f4a07a the actual cause of the bug?
>
Ug, that looks to be a mistake. Looking back at the thread about this:
https://lore.kernel.org/linux-arm-msm/20200915141304.41fa7c30@xxxxxxxxxxxxxxxxxx/
That should have been:
Depends-on: b23d7a5f4a07 ("ring-buffer: speed up buffer resets by avoiding synchronize_rcu for each CPU")
-- Steve