[PATCH 6/6] tracing: Have event inject files inc the trace array ref count
From: Steven Rostedt
Date: Wed Sep 06 2023 - 22:48:03 EST
From: "Steven Rostedt (Google)" <rostedt@xxxxxxxxxxx>
The event inject files add events for a specific trace array. For an
instance, if the file is opened and the instance is deleted, reading or
writing to the file will cause a use after free.
Up the ref count of the trace_array when a event inject file is opened.
Link: https://lore.kernel.org/all/1cb3aee2-19af-c472-e265-05176fe9bd84@xxxxxxxxxx/
Cc: stable@xxxxxxxxxxxxxxx
Fixes: 6c3edaf9fd6a ("tracing: Introduce trace event injection")
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
---
kernel/trace/trace_events_inject.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/kernel/trace/trace_events_inject.c b/kernel/trace/trace_events_inject.c
index abe805d471eb..8650562bdaa9 100644
--- a/kernel/trace/trace_events_inject.c
+++ b/kernel/trace/trace_events_inject.c
@@ -328,7 +328,8 @@ event_inject_read(struct file *file, char __user *buf, size_t size,
}
const struct file_operations event_inject_fops = {
- .open = tracing_open_generic,
+ .open = tracing_open_file_tr,
.read = event_inject_read,
.write = event_inject_write,
+ .release = tracing_release_file_tr,
};
--
2.40.1