- Linux-stable-mirror - lists.linaro.org

[PATCH v4] tty: serial: qcom_geni_serial: Improve error handling for RS485 mode

by Anup Kulkarni

Fix error handling issues of `uart_get_rs485_mode()` function by reordering resources_init() to occur after uart_get_rs485_mode. Remove multiple goto paths and use dev_err_probe to simplify error paths. Fixes: 4fcc287f3c69 ("serial: qcom-geni: Enable support for half-duplex mode") Cc: stable(a)vger.kernel.org Signed-off-by: Anup Kulkarni <quic_anupkulk(a)quicinc.com> --- v3->v4 - Added Fixes and Cc tag. v2->v3 - Reordered the function resources_init. - Removed goto. - Added dev_err_probe. v1->v2 - Updated commit message. --- drivers/tty/serial/qcom_geni_serial.c | 38 ++++++++++----------------- 1 file changed, 14 insertions(+), 24 deletions(-) diff --git a/drivers/tty/serial/qcom_geni_serial.c b/drivers/tty/serial/qcom_geni_serial.c index 32ec632fd080..be998dd45968 100644 --- a/drivers/tty/serial/qcom_geni_serial.c +++ b/drivers/tty/serial/qcom_geni_serial.c @@ -1882,15 +1882,9 @@ static int qcom_geni_serial_probe(struct platform_device *pdev) port->se.dev = &pdev->dev; port->se.wrapper = dev_get_drvdata(pdev->dev.parent); - ret = port->dev_data->resources_init(uport); - if (ret) - return ret; - res = platform_get_resource(pdev, IORESOURCE_MEM, 0); - if (!res) { - ret = -EINVAL; - goto error; - } + if (!res) + return -EINVAL; uport->mapbase = res->start; @@ -1903,25 +1897,19 @@ static int qcom_geni_serial_probe(struct platform_device *pdev) if (!data->console) { port->rx_buf = devm_kzalloc(uport->dev, DMA_RX_BUF_SIZE, GFP_KERNEL); - if (!port->rx_buf) { - ret = -ENOMEM; - goto error; - } + if (!port->rx_buf) + return -ENOMEM; } port->name = devm_kasprintf(uport->dev, GFP_KERNEL, "qcom_geni_serial_%s%d", uart_console(uport) ? "console" : "uart", uport->line); - if (!port->name) { - ret = -ENOMEM; - goto error; - } + if (!port->name) + return -ENOMEM; irq = platform_get_irq(pdev, 0); - if (irq < 0) { - ret = irq; - goto error; - } + if (irq < 0) + return irq; uport->irq = irq; uport->has_sysrq = IS_ENABLED(CONFIG_SERIAL_QCOM_GENI_CONSOLE); @@ -1942,12 +1930,14 @@ static int qcom_geni_serial_probe(struct platform_device *pdev) irq_set_status_flags(uport->irq, IRQ_NOAUTOEN); ret = devm_request_irq(uport->dev, uport->irq, qcom_geni_serial_isr, IRQF_TRIGGER_HIGH, port->name, uport); - if (ret) { - dev_err(uport->dev, "Failed to get IRQ ret %d\n", ret); - goto error; - } + if (ret) + return dev_err_probe(uport->dev, ret, "Failed to get IRQ\n"); ret = uart_get_rs485_mode(uport); + if (ret) + return dev_err_probe(uport->dev, ret, "Failed to get rs485 mode\n"); + + ret = port->dev_data->resources_init(uport); if (ret) return ret; -- 2.34.1

2 months

2
2
0 0

[PATCH 6.16.y 1/2] erofs: fix build error with CONFIG_EROFS_FS_ZIP_ACCEL=y

by Gao Xiang

From: "Bo Liu (OpenAnolis)" <liubo03(a)inspur.com> commit 5e0bf36fd156b8d9b09f8481ee6daa6cdba1b064 upstream. fix build err: ld.lld: error: undefined symbol: crypto_req_done referenced by decompressor_crypto.c fs/erofs/decompressor_crypto.o:(z_erofs_crypto_decompress) in archive vmlinux.a referenced by decompressor_crypto.c fs/erofs/decompressor_crypto.o:(z_erofs_crypto_decompress) in archive vmlinux.a ld.lld: error: undefined symbol: crypto_acomp_decompress referenced by decompressor_crypto.c fs/erofs/decompressor_crypto.o:(z_erofs_crypto_decompress) in archive vmlinux.a ld.lld: error: undefined symbol: crypto_alloc_acomp referenced by decompressor_crypto.c fs/erofs/decompressor_crypto.o:(z_erofs_crypto_enable_engine) in archive vmlinux.a Reported-by: kernel test robot <lkp(a)intel.com> Closes: https://lore.kernel.org/oe-kbuild-all/202507161032.QholMPtn-lkp@intel.com/ Fixes: b4a29efc5146 ("erofs: support DEFLATE decompression by using Intel QAT") Signed-off-by: Bo Liu (OpenAnolis) <liubo03(a)inspur.com> Link: https://lore.kernel.org/r/20250718033039.3609-1-liubo03@inspur.com Reviewed-by: Gao Xiang <hsiangkao(a)linux.alibaba.com> Signed-off-by: Gao Xiang <hsiangkao(a)linux.alibaba.com> --- Also backport commit 74da24f0ac9b to address: https://lore.kernel.org/r/ca432b9e-e016-4d2d-b137-79def0aaca85@kernel.org fs/erofs/Kconfig | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/erofs/Kconfig b/fs/erofs/Kconfig index 6beeb7063871..7b26efc271ee 100644 --- a/fs/erofs/Kconfig +++ b/fs/erofs/Kconfig @@ -147,6 +147,8 @@ config EROFS_FS_ZIP_ZSTD config EROFS_FS_ZIP_ACCEL bool "EROFS hardware decompression support" depends on EROFS_FS_ZIP + select CRYPTO + select CRYPTO_DEFLATE help Saying Y here includes hardware accelerator support for reading EROFS file systems containing compressed data. It gives better -- 2.43.5

2 months

1
1
0 0

[PATCH RESEND v2] proc: fix missing pde_set_flags() for net proc files

by wangzijie

To avoid potential UAF issues during module removal races, we use pde_set_flags() to save proc_ops flags in PDE itself before proc_register(), and then use pde_has_proc_*() helpers instead of directly dereferencing pde->proc_ops->*. However, the pde_set_flags() call was missing when creating net related proc files. This omission caused incorrect behavior which FMODE_LSEEK was being cleared inappropriately in proc_reg_open() for net proc files. Lars reported it in this link[1]. Fix this by ensuring pde_set_flags() is called when register proc entry, and add NULL check for proc_ops in pde_set_flags(). [1]: https://lore.kernel.org/all/20250815195616.64497967@chagall.paradoxon.rec/ Fixes: ff7ec8dc1b64 ("proc: use the same treatment to check proc_lseek as ones for proc_read_iter et.al) Cc: stable(a)vger.kernel.org Reported-by: Lars Wendler <polynomial-c(a)gmx.de> Signed-off-by: wangzijie <wangzijie1(a)honor.com> --- v2: - followed by Jiri's suggestion to refractor code and reformat commit message --- fs/proc/generic.c | 36 +++++++++++++++++++----------------- 1 file changed, 19 insertions(+), 17 deletions(-) diff --git a/fs/proc/generic.c b/fs/proc/generic.c index 76e800e38..003031839 100644 --- a/fs/proc/generic.c +++ b/fs/proc/generic.c @@ -367,6 +367,23 @@ static const struct inode_operations proc_dir_inode_operations = { .setattr = proc_notify_change, }; +static void pde_set_flags(struct proc_dir_entry *pde) +{ + if (!pde->proc_ops) + return; + + if (pde->proc_ops->proc_flags & PROC_ENTRY_PERMANENT) + pde->flags |= PROC_ENTRY_PERMANENT; + if (pde->proc_ops->proc_read_iter) + pde->flags |= PROC_ENTRY_proc_read_iter; +#ifdef CONFIG_COMPAT + if (pde->proc_ops->proc_compat_ioctl) + pde->flags |= PROC_ENTRY_proc_compat_ioctl; +#endif + if (pde->proc_ops->proc_lseek) + pde->flags |= PROC_ENTRY_proc_lseek; +} + /* returns the registered entry, or frees dp and returns NULL on failure */ struct proc_dir_entry *proc_register(struct proc_dir_entry *dir, struct proc_dir_entry *dp) @@ -374,6 +391,8 @@ struct proc_dir_entry *proc_register(struct proc_dir_entry *dir, if (proc_alloc_inum(&dp->low_ino)) goto out_free_entry; + pde_set_flags(dp); + write_lock(&proc_subdir_lock); dp->parent = dir; if (pde_subdir_insert(dir, dp) == false) { @@ -561,20 +580,6 @@ struct proc_dir_entry *proc_create_reg(const char *name, umode_t mode, return p; } -static void pde_set_flags(struct proc_dir_entry *pde) -{ - if (pde->proc_ops->proc_flags & PROC_ENTRY_PERMANENT) - pde->flags |= PROC_ENTRY_PERMANENT; - if (pde->proc_ops->proc_read_iter) - pde->flags |= PROC_ENTRY_proc_read_iter; -#ifdef CONFIG_COMPAT - if (pde->proc_ops->proc_compat_ioctl) - pde->flags |= PROC_ENTRY_proc_compat_ioctl; -#endif - if (pde->proc_ops->proc_lseek) - pde->flags |= PROC_ENTRY_proc_lseek; -} - struct proc_dir_entry *proc_create_data(const char *name, umode_t mode, struct proc_dir_entry *parent, const struct proc_ops *proc_ops, void *data) @@ -585,7 +590,6 @@ struct proc_dir_entry *proc_create_data(const char *name, umode_t mode, if (!p) return NULL; p->proc_ops = proc_ops; - pde_set_flags(p); return proc_register(parent, p); } EXPORT_SYMBOL(proc_create_data); @@ -636,7 +640,6 @@ struct proc_dir_entry *proc_create_seq_private(const char *name, umode_t mode, p->proc_ops = &proc_seq_ops; p->seq_ops = ops; p->state_size = state_size; - pde_set_flags(p); return proc_register(parent, p); } EXPORT_SYMBOL(proc_create_seq_private); @@ -667,7 +670,6 @@ struct proc_dir_entry *proc_create_single_data(const char *name, umode_t mode, return NULL; p->proc_ops = &proc_single_ops; p->single_show = show; - pde_set_flags(p); return proc_register(parent, p); } EXPORT_SYMBOL(proc_create_single_data); -- 2.25.1

2 months

3
3
0 0

[PATCH v2 0/2] Fixes for maxim tcpc contaminant detection logic

by Amit Sunil Dhamne via B4 Relay

Add fixes to the CC contaminant/connection detection logic to improve reliability and stability of the maxim tcpc driver. This patchset has been tested on a PD Tester. --- Changes in v2: - Fix improperly formatted patch for stable inclusion. Tagged every patch in patchset for stable. - Link to v1: https://lore.kernel.org/r/20250814-fix-upstream-contaminant-v1-0-801ce80890… --- Amit Sunil Dhamne (2): usb: typec: maxim_contaminant: disable low power mode when reading comparator values usb: typec: maxim_contaminant: re-enable cc toggle if cc is open and port is clean drivers/usb/typec/tcpm/maxim_contaminant.c | 58 ++++++++++++++++++++++++++++++ drivers/usb/typec/tcpm/tcpci_maxim.h | 1 + 2 files changed, 59 insertions(+) --- base-commit: 89be9a83ccf1f88522317ce02f854f30d6115c41 change-id: 20250802-fix-upstream-contaminant-16910e2762ca Best regards, -- Amit Sunil Dhamne <amitsd(a)google.com>

2 months

2
5
0 0

[PATCH stable 5.10] usb: dwc3: Remove DWC3 locking during gadget suspend/resume

by Selvarasu Ganesan

Dear stable team, Patch : usb: dwc3: Remove DWC3 locking during gadget suspend/resume Commit id:5265397f94424eaea596026fd34dc7acf474dcec This patch fixes a critical bug in the dwc3 driver that was introduced by commit (https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/dri… <https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/dri…>) in the 5.10 kernel series. The bug causes the below kernel crash (Added usleep in atomic context as part of above patch) under dwc3 suspend/resume scenarios. 35.829644] [6: kworker/6:1: 68] BUG: scheduling while atomic: kworker/6:1/68/0x00000002 [ 35.829946] [6: kworker/6:1: 68] CPU: 6 PID: 68 Comm: kworker/6:1 Tainted: G C E 5.10.236-android13-4 #1 [ 35.830010] [6: kworker/6:1: 68] Call trace: [ 35.830024] [6: kworker/6:1: 68] dump_backtrace.cfi_jt+0x0/0x8 [ 35.830034] [6: kworker/6:1: 68] show_stack+0x1c/0x2c [ 35.830044] [6: kworker/6:1: 68] dump_stack_lvl+0xd8/0x134 [ 35.830053] [6: kworker/6:1: 68] __schedule_bug+0x80/0xbc [ 35.830062] [6: kworker/6:1: 68] __schedule+0x55c/0x7e8 [ 35.830068] [6: kworker/6:1: 68] schedule+0x80/0x100 [ 35.830077] [6: kworker/6:1: 68] schedule_hrtimeout_range_clock+0xa8/0x11c [ 35.830083] [6: kworker/6:1: 68] usleep_range+0x68/0xa4 [ 35.830093] [6: kworker/6:1: 68] dwc3_gadget_run_stop+0x170/0x448 [ 35.830099] [6: kworker/6:1: 68] dwc3_gadget_resume+0x4c/0xdc [ 35.830108] [6: kworker/6:1: 68] dwc3_resume_common+0x6c/0x23c [ 35.830115] [6: kworker/6:1: 68] dwc3_runtime_resume+0x40/0xcc [ 35.830123] [6: kworker/6:1: 68] pm_generic_runtime_resume+0x48/0x88 [ 35.830131] [6: kworker/6:1: 68] __rpm_callback+0x94/0x420 The patch(5265397f9442) for this fix was originally merged in the below commit: https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/… <https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/…> Please apply this patch to the stable 5.10 kernel to prevent this BUG. Additionally the below patch also required to avoid dead lock that introduced by the abovepatch (5265397f9442) in 5.10 stable kernel. Patch:usb: dwc3: core: remove lock of otg mode during gadget suspend/resume to avoid deadlock Commit id:7838de15bb700c2898a7d741db9b1f3cbc86c136 https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/… <https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git/commit/…> Thanks, Selva

2 months

2
2
0 0

[to-be-updated] mm-damon-core-set-quota-charged_from-to-jiffies-at-first-charge-window.patch removed from -mm tree

by Andrew Morton

The quilt patch titled Subject: mm/damon/core: set quota->charged_from to jiffies at first charge window has been removed from the -mm tree. Its filename was mm-damon-core-set-quota-charged_from-to-jiffies-at-first-charge-window.patch This patch was dropped because an updated version will be issued ------------------------------------------------------ From: Sang-Heon Jeon <ekffu200098(a)gmail.com> Subject: mm/damon/core: set quota->charged_from to jiffies at first charge window Date: Wed, 20 Aug 2025 00:01:23 +0900 Kernel initializes "jiffies" timer as 5 minutes below zero, as shown in include/linux/jiffies.h /* * Have the 32 bit jiffies value wrap 5 minutes after boot * so jiffies wrap bugs show up earlier. */ #define INITIAL_JIFFIES ((unsigned long)(unsigned int) (-300*HZ)) And they cast unsigned value to signed to cover wraparound #define time_after_eq(a,b) \ (typecheck(unsigned long, a) && \ typecheck(unsigned long, b) && \ ((long)((a) - (b)) >= 0)) In 64bit systems, these might not be a problem because wrapround occurs 300 million years after the boot, assuming HZ value is 1000. With same assuming, In 32bit system, wraparound occurs 5 minutues after the initial boot and every 49 days after the first wraparound. And about 25 days after first wraparound, it continues quota charging window up to next 25 days. Example 1: initial boot jiffies=0xFFFB6C20, charged_from+interval=0x000003E8 time_after_eq(jiffies, charged_from+interval)=(long)0xFFFB6838; In signed values, it is considered negative so it is false. Example 2: after about 25 days first wraparound jiffies=0x800004E8, charged_from+interval=0x000003E8 time_after_eq(jiffies, charged_from+interval)=(long)0x80000100; In signed values, it is considered negative so it is false So, change quota->charged_from to jiffies at damos_adjust_quota() when it is consider first charge window. In theory; but almost impossible; quota->total_charged_sz and qutoa->charged_from should be both zero even if it is not in first charge window. But It will only delay one reset_interval, So it is not big problem. Link: https://lkml.kernel.org/r/20250819150123.1532458-1-ekffu200098@gmail.com Fixes: 2b8a248d5873 ("mm/damon/schemes: implement size quota for schemes application speed control") [5.16] Signed-off-by: Sang-Heon Jeon <ekffu200098(a)gmail.com> Reviewed-by: SeongJae Park <sj(a)kernel.org> Cc: <stable(a)vger.kernel.org> Signed-off-by: Andrew Morton <akpm(a)linux-foundation.org> --- mm/damon/core.c | 4 ++++ 1 file changed, 4 insertions(+) --- a/mm/damon/core.c~mm-damon-core-set-quota-charged_from-to-jiffies-at-first-charge-window +++ a/mm/damon/core.c @@ -2111,6 +2111,10 @@ static void damos_adjust_quota(struct da if (!quota->ms && !quota->sz && list_empty(&quota->goals)) return; + /* First charge window */ + if (!quota->total_charged_sz && !quota->charged_from) + quota->charged_from = jiffies; + /* New charge window starts */ if (time_after_eq(jiffies, quota->charged_from + msecs_to_jiffies(quota->reset_interval))) { _ Patches currently in -mm which might be from ekffu200098(a)gmail.com are mm-damon-update-expired-description-of-damos_action.patch docs-mm-damon-design-fix-typo-s-sz_trtied-sz_tried.patch selftests-damon-test-no-op-commit-broke-damon-status.patch selftests-damon-test-no-op-commit-broke-damon-status-fix.patch mm-damon-tests-core-kunit-add-damos_commit_filter-test.patch

2 months

1
0
0 0

[PATCH net v2] ipv6: sr: Fix MAC comparison to be constant-time

by Eric Biggers

To prevent timing attacks, MACs need to be compared in constant time. Use the appropriate helper function for this. Fixes: bf355b8d2c30 ("ipv6: sr: add core files for SR HMAC support") Cc: stable(a)vger.kernel.org Signed-off-by: Eric Biggers <ebiggers(a)kernel.org> --- v2: sent as standalone patch targeting net instead of net-next. net/ipv6/seg6_hmac.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/net/ipv6/seg6_hmac.c b/net/ipv6/seg6_hmac.c index f78ecb6ad8383..5dae892bbc73b 100644 --- a/net/ipv6/seg6_hmac.c +++ b/net/ipv6/seg6_hmac.c @@ -33,10 +33,11 @@ #include <net/ip6_route.h> #include <net/addrconf.h> #include <net/xfrm.h> #include <crypto/hash.h> +#include <crypto/utils.h> #include <net/seg6.h> #include <net/genetlink.h> #include <net/seg6_hmac.h> #include <linux/random.h> @@ -278,11 +279,11 @@ bool seg6_hmac_validate_skb(struct sk_buff *skb) return false; if (seg6_hmac_compute(hinfo, srh, &ipv6_hdr(skb)->saddr, hmac_output)) return false; - if (memcmp(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN) != 0) + if (crypto_memneq(hmac_output, tlv->hmac, SEG6_HMAC_FIELD_LEN)) return false; return true; } EXPORT_SYMBOL(seg6_hmac_validate_skb); base-commit: 715c7a36d59f54162a26fac1d1ed8dc087a24cf1 -- 2.50.1

2 months

3
2
0 0

[STATUS] stable/linux-6.12.y - 9becd7c25c61ae7e5b6fbfc3c226b1f23af7638c

by KernelCI bot

Hello, Status summary for stable/linux-6.12.y Dashboard: https://d.kernelci.org/c/stable/linux-6.12.y/9becd7c25c61ae7e5b6fbfc3c226b1… giturl: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git branch: linux-6.12.y commit hash: 9becd7c25c61ae7e5b6fbfc3c226b1f23af7638c origin: maestro test start time: 2025-08-20 17:11:31.947000+00:00 Builds: 44 ✅ 1 ❌ 0 ⚠️ Boots: 155 ✅ 0 ❌ 47 ⚠️ Tests: 9449 ✅ 4714 ❌ 2785 ⚠️ ### POSSIBLE REGRESSIONS Hardware: imx6q-udoo - kselftest.alsa.alsa_mixer-test_name_fslimx6qudooac9_22 (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a62a9b233e484a3fa3644a history: > ✅ > ❌ - kselftest.alsa.alsa_mixer-test_name_fslimx6qudooac9_9 (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a62a9b233e484a3fa363ef history: > ✅ > ❌ Hardware: sun50i-a64-pine64-plus - kselftest.kvm.kvm_memslot_perf_test (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a6103e233e484a3fa3221d history: > ✅ > ❌ Hardware: sun50i-h5-libretech-all-h3-cc - kselftest.uevent (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60df0233e484a3fa31411 history: > ✅ > ❌ - kselftest.uevent.uevent_uevent_filtering (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60f02233e484a3fa31730 history: > ✅ > ❌ - kselftest.uevent.uevent_uevent_filtering_global_uevent_filtering (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60f02233e484a3fa31731 history: > ✅ > ❌ ### FIXED REGRESSIONS Hardware: imx6q-udoo - kselftest.alsa.alsa_mixer-test_name_fslimx6qudooac9_10 (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a62a9b233e484a3fa363f6 history: > ❌ > ✅ Hardware: imx8mp-evk - kselftest.kvm.kvm_memslot_perf_test (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a649db233e484a3fa3d412 history: > ❌ > ✅ Hardware: k3-am625-verdin-wifi-mallow - kselftest.kvm.kvm_memslot_perf_test (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60fbb233e484a3fa319f0 history: > ❌ > ✅ ### UNSTABLE TESTS Hardware: acer-cb317-1h-c3z6-dedede - kernelci_wifi_basic (x86_64_defconfig+lab-setup+x86-board+kselftest) last run: https://d.kernelci.org/test/maestro:68a60ea1233e484a3fa3168c history: > ⚠️ > ❌ > ⚠️ - kselftest.iommu (x86_64_defconfig+lab-setup+x86-board+kselftest) last run: https://d.kernelci.org/test/maestro:68a60e92233e484a3fa3160d history: > ❌ > ⚠️ Hardware: acer-chromebox-cxi4-puff - tast (cros://chromeos-6.6/x86_64/chromeos-intel-pineview.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60d3b233e484a3fa31218 history: > ⚠️ > ⚠️ > ⚠️ > ⚠️ > ⚠️ Hardware: acer-chromebox-cxi5-brask - boot (x86_64_defconfig+lab-setup+x86-board+kselftest) last run: https://d.kernelci.org/test/maestro:68a60e6a233e484a3fa314bd history: > ✅ > ⚠️ Hardware: acer-cp514-2h-1160g7-volteer - boot (defconfig+kcidebug+x86-board) last run: https://d.kernelci.org/test/maestro:68a61133233e484a3fa32a5a history: > ⚠️ > ⚠️ Hardware: acer-R721T-grunt - kselftest.cpufreq.suspend (x86_64_defconfig+lab-setup+x86-board+kselftest) last run: https://d.kernelci.org/test/maestro:68a60e80233e484a3fa3156e history: > ✅ > ✅ > ⚠️ Hardware: at91sam9g20ek - ltp (multi_v5_defconfig) last run: https://d.kernelci.org/test/maestro:68a60958233e484a3fa306a5 history: > ⚠️ > ⚠️ Hardware: bcm2711-rpi-4-b - boot (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61238233e484a3fa33008 history: > ✅ > ⚠️ > ✅ > ⚠️ > ⚠️ - kselftest.acct (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61239233e484a3fa33010 history: > ❌ > ⚠️ - kselftest.alsa (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61239233e484a3fa33013 history: > ❌ > ⚠️ - kselftest.arm64 (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6123d233e484a3fa33031 history: > ✅ > ⚠️ - kselftest.breakpoints (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61244233e484a3fa3305f history: > ⚠️ > ⚠️ - kselftest.device_error_logs (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61248233e484a3fa33077 history: > ✅ > ⚠️ - kselftest.dt (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6125c233e484a3fa330ed history: > ❌ > ❌ > ⚠️ > ❌ - kselftest.timers (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61262233e484a3fa3310e history: > ❌ > ⚠️ - kselftest.ftrace (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de2233e484a3fa313b6 history: > ✅ > ⚠️ - kselftest.kvm (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de3233e484a3fa313c2 history: > ❌ > ⚠️ - kselftest.landlock (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de8233e484a3fa313e0 history: > ❌ > ⚠️ - kselftest.lsm (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de8233e484a3fa313e3 history: > ✅ > ⚠️ - kselftest.perf_events (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60dea233e484a3fa313f0 history: > ⚠️ > ⚠️ - kselftest.zram (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60df1233e484a3fa31417 history: > ✅ > ⚠️ Hardware: beaglebone-black - boot (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60735233e484a3fa2ffff history: > ✅ > ⚠️ - kselftest.acct (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a6073f233e484a3fa30016 history: > ❌ > ⚠️ - kselftest.alsa (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60740233e484a3fa30019 history: > ❌ > ⚠️ - kselftest.breakpoints (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60745233e484a3fa30026 history: > ❌ > ⚠️ - kselftest.capabilities (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60746233e484a3fa30029 history: > ✅ > ⚠️ - kselftest.clone3 (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60747233e484a3fa3002c history: > ❌ > ⚠️ - kselftest.coredump (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60748233e484a3fa3002f history: > ❌ > ⚠️ - kselftest.device_error_logs (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60749233e484a3fa30032 history: > ❌ > ⚠️ - kselftest.dt (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60753233e484a3fa30051 history: > ❌ > ❌ > ⚠️ > ⚠️ - kselftest.fchmodat2 (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60758233e484a3fa30061 history: > ❌ > ⚠️ - kselftest.futex (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60759233e484a3fa30064 history: > ❌ > ⚠️ - kselftest.kcmp (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a6075a233e484a3fa30067 history: > ✅ > ⚠️ - kselftest.mqueue (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a6075b233e484a3fa3006a history: > ❌ > ⚠️ - kselftest.proc (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a6075e233e484a3fa30070 history: > ❌ > ⚠️ - kselftest.ptrace (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a6075c233e484a3fa3006d history: > ❌ > ⚠️ - kselftest.signal (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60762233e484a3fa30079 history: > ❌ > ⚠️ - kselftest.timers (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a6075f233e484a3fa30073 history: > ❌ > ⚠️ - kselftest.tmpfs (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60760233e484a3fa30076 history: > ✅ > ⚠️ - kselftest.vdso (multi_v7_defconfig) last run: https://d.kernelci.org/test/maestro:68a60763233e484a3fa3007c history: > ✅ > ⚠️ - kselftest.gpio (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60ca0233e484a3fa30ccd history: > ❌ > ⚠️ - kselftest.ipc (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60ca2233e484a3fa30cd0 history: > ❌ > ⚠️ - kselftest.landlock (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60ca3233e484a3fa30cd3 history: > ❌ > ⚠️ - kselftest.lsm (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60ca5233e484a3fa30cd6 history: > ❌ > ⚠️ - kselftest.memfd (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60ca7233e484a3fa30cd9 history: > ❌ > ⚠️ - kselftest.perf_events (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cab233e484a3fa30cdf history: > ❌ > ⚠️ - kselftest.ring-buffer (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cad233e484a3fa30ce9 history: > ❌ > ⚠️ - kselftest.rlimits (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60caf233e484a3fa30cfb history: > ❌ > ⚠️ - kselftest.seccomp (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cb7233e484a3fa30d13 history: > ❌ > ⚠️ - kselftest.splce (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cb1233e484a3fa30cfe history: > ❌ > ⚠️ - kselftest.sync (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cb3233e484a3fa30d09 history: > ✅ > ⚠️ - kselftest.timens (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cb5233e484a3fa30d10 history: > ✅ > ⚠️ - kselftest.ublk (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cba233e484a3fa30d16 history: > ❌ > ⚠️ - kselftest.uevent (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cbb233e484a3fa30d1f history: > ❌ > ⚠️ - kselftest.user_events (multi_v7_defconfig+kselftest) last run: https://d.kernelci.org/test/maestro:68a60cbd233e484a3fa30d22 history: > ✅ > ⚠️ Hardware: cd8180-orion-o6 - boot (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61231233e484a3fa32fdd history: > ✅ > ⚠️ - kselftest.arm64 (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6123f233e484a3fa3303b history: > ⚠️ > ⚠️ - kselftest.breakpoints (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61245233e484a3fa33065 history: > ⚠️ > ⚠️ - kselftest.device_error_logs (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6124a233e484a3fa33087 history: > ⚠️ > ⚠️ - kselftest.dt (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61255233e484a3fa330c2 history: > ⚠️ > ⚠️ - kselftest.futex (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6125f233e484a3fa330ff history: > ⚠️ > ⚠️ - kselftest.signal (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61265233e484a3fa33120 history: > ⚠️ > ⚠️ - kselftest.timers (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61263233e484a3fa33115 history: > ⚠️ > ⚠️ - kselftest.efivars (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de1233e484a3fa313b3 history: > ⚠️ > ⚠️ - kselftest.ftrace (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de2233e484a3fa313b9 history: > ⚠️ > ⚠️ - kselftest.mm (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de9233e484a3fa313e9 history: > ⚠️ > ⚠️ - kselftest.perf_events (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60deb233e484a3fa313f3 history: > ⚠️ > ⚠️ Hardware: dell-latitude-3445-7520c-skyrim - boot (cros://chromeos-6.6/x86_64/chromeos-amd-stoneyridge.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a606eb233e484a3fa2ff10 history: > ⚠️ > ⚠️ > ⚠️ > ⚠️ Hardware: dell-latitude-5400-8665U-sarien - tast (cros://chromeos-6.6/x86_64/chromeos-intel-pineview.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60d3e233e484a3fa31230 history: > ⚠️ > ⚠️ > ⚠️ > ⚠️ > ❌ - boot (defconfig+kcidebug+x86-board) last run: https://d.kernelci.org/test/maestro:68a61135233e484a3fa32a6c history: > ❌ > ⚠️ Hardware: hp-14b-na0052xx-zork - kselftest.cpufreq.suspend (x86_64_defconfig+lab-setup+x86-board+kselftest) last run: https://d.kernelci.org/test/maestro:68a60e82233e484a3fa31580 history: > ✅ > ⚠️ Hardware: hp-14-db0003na-grunt - kselftest.cpufreq.suspend (x86_64_defconfig+lab-setup+x86-board+kselftest) last run: https://d.kernelci.org/test/maestro:68a60e81233e484a3fa3157a history: > ⚠️ > ✅ Hardware: imx8mp-evk - kselftest.alsa (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6123a233e484a3fa33019 history: > ⚠️ > ❌ Hardware: imx8mp-verdin-nonwifi-dahlia - boot (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61232233e484a3fa32fe3 history: > ✅ > ⚠️ - kselftest.alsa (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6123a233e484a3fa3301c history: > ❌ > ⚠️ - kselftest.arm64 (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61240233e484a3fa33041 history: > ✅ > ⚠️ - kselftest.device_error_logs (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6124b233e484a3fa3308d history: > ❌ > ⚠️ - kselftest.dt (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61256233e484a3fa330cf history: > ❌ > ⚠️ - kselftest.kvm (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de4233e484a3fa313cb history: > ❌ > ⚠️ - kselftest.pkvm (defconfig+arm64-chromebook+kselftest) last run: https://d.kernelci.org/test/maestro:68a60de7233e484a3fa313da history: > ❌ > ⚠️ Hardware: lenovo-TPad-C13-Yoga-zork - tast (cros://chromeos-6.6/x86_64/chromeos-amd-stoneyridge.flavour.config+lab-setup+x86-board+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60703233e484a3fa2ffec history: > ⚠️ > ⚠️ > ⚠️ > ⚠️ > ⚠️ Hardware: meson-g12b-a311d-libretech-cc - boot (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61233233e484a3fa32fed history: > ✅ > ⚠️ Hardware: meson-sm1-s905d3-libretech-cc - boot (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61234233e484a3fa32ff5 history: > ✅ > ⚠️ - kselftest.device_error_logs (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6124f233e484a3fa3309f history: > ❌ > ⚠️ - kselftest.dt (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61259233e484a3fa330e1 history: > ⚠️ > ❌ Hardware: mt8183-kukui-jacuzzi-juniper-sku16 - boot.nfs (defconfig+lab-setup+arm64-chromebook+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60b88233e484a3fa3089d history: > ✅ > ⚠️ - kernelci_watchdog_reset (defconfig+lab-setup+arm64-chromebook+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60c18233e484a3fa30965 history: > ⚠️ > ✅ - kselftest.cpufreq.hibernate (defconfig+lab-setup+arm64-chromebook+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60bc9233e484a3fa30905 history: > ⚠️ > ✅ - kselftest.devices-probe (defconfig+lab-setup+arm64-chromebook+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60bab233e484a3fa308d8 history: > ⚠️ > ✅ - kselftest.exec (defconfig+lab-setup+arm64-chromebook+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60bfa233e484a3fa3093b history: > ⚠️ > ✅ Hardware: mt8395-genio-1200-evk - kselftest.dt (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6125d233e484a3fa330f4 history: > ❌ > ⚠️ Hardware: rk3399-roc-pc - boot (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61234233e484a3fa32ff8 history: > ⚠️ > ✅ - kselftest.arm64 (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a61243233e484a3fa33056 history: > ⚠️ > ⚠️ - kselftest.dt (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6125a233e484a3fa330e4 history: > ⚠️ > ⚠️ Hardware: sc7180-trogdor-kingoftown - kselftest.cpufreq.suspend (defconfig+lab-setup+arm64-chromebook+CONFIG_MODULE_COMPRESS=n+CONFIG_MODULE_COMPRESS_NONE=y) last run: https://d.kernelci.org/test/maestro:68a60bd3233e484a3fa30911 history: > ✅ > ⚠️ Hardware: sun50i-h5-libretech-all-h3-cc - kselftest.alsa (defconfig+lab-setup+kselftest) last run: https://d.kernelci.org/test/maestro:68a6123d233e484a3fa3302c history: > ❌ > ⚠️ Sent every day if there were changes in the past 24 hours. Legend: ✅ PASS ❌ FAIL ⚠️ INCONCLUSIVE -- This is an experimental report format. Please send feedback in! Talk to us at kernelci(a)lists.linux.dev Made with love by the KernelCI team - https://kernelci.org

2 months

1
0
0 0

[for-linus][PATCH 6/6] ftrace: Also allocate and copy hash for reading of filter files

by Steven Rostedt

From: Steven Rostedt <rostedt(a)goodmis.org> Currently the reader of set_ftrace_filter and set_ftrace_notrace just adds the pointer to the global tracer hash to its iterator. Unlike the writer that allocates a copy of the hash, the reader keeps the pointer to the filter hashes. This is problematic because this pointer is static across function calls that release the locks that can update the global tracer hashes. This can cause UAF and similar bugs. Allocate and copy the hash for reading the filter files like it is done for the writers. This not only fixes UAF bugs, but also makes the code a bit simpler as it doesn't have to differentiate when to free the iterator's hash between writers and readers. Cc: stable(a)vger.kernel.org Cc: Masami Hiramatsu <mhiramat(a)kernel.org> Cc: Mathieu Desnoyers <mathieu.desnoyers(a)efficios.com> Link: https://lore.kernel.org/20250820091913.146b77ea@gandalf.local.home Fixes: c20489dad156 ("ftrace: Assign iter->hash to filter or notrace hashes on seq read") Closes: https://lore.kernel.org/all/20250813023044.2121943-1-wutengda@huaweicloud.c… Reported-by: Tengda Wu <wutengda(a)huaweicloud.com> Tested-by: Tengda Wu <wutengda(a)huaweicloud.com> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/ftrace.c | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 00b76d450a89..f992a5eb878e 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -4661,13 +4661,14 @@ ftrace_regex_open(struct ftrace_ops *ops, int flag, } else { iter->hash = alloc_and_copy_ftrace_hash(size_bits, hash); } + } else { + iter->hash = alloc_and_copy_ftrace_hash(hash->size_bits, hash); + } - if (!iter->hash) { - trace_parser_put(&iter->parser); - goto out_unlock; - } - } else - iter->hash = hash; + if (!iter->hash) { + trace_parser_put(&iter->parser); + goto out_unlock; + } ret = 0; @@ -6543,9 +6544,6 @@ int ftrace_regex_release(struct inode *inode, struct file *file) ftrace_hash_move_and_update_ops(iter->ops, orig_hash, iter->hash, filter_hash); mutex_unlock(&ftrace_lock); - } else { - /* For read only, the hash is the ops hash */ - iter->hash = NULL; } mutex_unlock(&iter->ops->func_hash->regex_lock); -- 2.50.1

2 months

1
0
0 0

[for-linus][PATCH 3/6] tracing: Limit access to parser->buffer when trace_get_user failed

by Steven Rostedt

From: Pu Lehui <pulehui(a)huawei.com> When the length of the string written to set_ftrace_filter exceeds FTRACE_BUFF_MAX, the following KASAN alarm will be triggered: BUG: KASAN: slab-out-of-bounds in strsep+0x18c/0x1b0 Read of size 1 at addr ffff0000d00bd5ba by task ash/165 CPU: 1 UID: 0 PID: 165 Comm: ash Not tainted 6.16.0-g6bcdbd62bd56-dirty Hardware name: linux,dummy-virt (DT) Call trace: show_stack+0x34/0x50 (C) dump_stack_lvl+0xa0/0x158 print_address_description.constprop.0+0x88/0x398 print_report+0xb0/0x280 kasan_report+0xa4/0xf0 __asan_report_load1_noabort+0x20/0x30 strsep+0x18c/0x1b0 ftrace_process_regex.isra.0+0x100/0x2d8 ftrace_regex_release+0x484/0x618 __fput+0x364/0xa58 ____fput+0x28/0x40 task_work_run+0x154/0x278 do_notify_resume+0x1f0/0x220 el0_svc+0xec/0xf0 el0t_64_sync_handler+0xa0/0xe8 el0t_64_sync+0x1ac/0x1b0 The reason is that trace_get_user will fail when processing a string longer than FTRACE_BUFF_MAX, but not set the end of parser->buffer to 0. Then an OOB access will be triggered in ftrace_regex_release-> ftrace_process_regex->strsep->strpbrk. We can solve this problem by limiting access to parser->buffer when trace_get_user failed. Cc: stable(a)vger.kernel.org Link: https://lore.kernel.org/20250813040232.1344527-1-pulehui@huaweicloud.com Fixes: 8c9af478c06b ("ftrace: Handle commands when closing set_ftrace_filter file") Signed-off-by: Pu Lehui <pulehui(a)huawei.com> Signed-off-by: Steven Rostedt (Google) <rostedt(a)goodmis.org> --- kernel/trace/trace.c | 18 ++++++++++++------ kernel/trace/trace.h | 8 +++++++- 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 4283ed4e8f59..8d8935ed416d 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -1816,7 +1816,7 @@ int trace_get_user(struct trace_parser *parser, const char __user *ubuf, ret = get_user(ch, ubuf++); if (ret) - return ret; + goto fail; read++; cnt--; @@ -1830,7 +1830,7 @@ int trace_get_user(struct trace_parser *parser, const char __user *ubuf, while (cnt && isspace(ch)) { ret = get_user(ch, ubuf++); if (ret) - return ret; + goto fail; read++; cnt--; } @@ -1848,12 +1848,14 @@ int trace_get_user(struct trace_parser *parser, const char __user *ubuf, while (cnt && !isspace(ch) && ch) { if (parser->idx < parser->size - 1) parser->buffer[parser->idx++] = ch; - else - return -EINVAL; + else { + ret = -EINVAL; + goto fail; + } ret = get_user(ch, ubuf++); if (ret) - return ret; + goto fail; read++; cnt--; } @@ -1868,11 +1870,15 @@ int trace_get_user(struct trace_parser *parser, const char __user *ubuf, /* Make sure the parsed string always terminates with '\0'. */ parser->buffer[parser->idx] = 0; } else { - return -EINVAL; + ret = -EINVAL; + goto fail; } *ppos += read; return read; +fail: + trace_parser_fail(parser); + return ret; } /* TODO add a seq_buf_to_buffer() */ diff --git a/kernel/trace/trace.h b/kernel/trace/trace.h index 1dbf1d3cf2f1..be6654899cae 100644 --- a/kernel/trace/trace.h +++ b/kernel/trace/trace.h @@ -1292,6 +1292,7 @@ bool ftrace_event_is_function(struct trace_event_call *call); */ struct trace_parser { bool cont; + bool fail; char *buffer; unsigned idx; unsigned size; @@ -1299,7 +1300,7 @@ struct trace_parser { static inline bool trace_parser_loaded(struct trace_parser *parser) { - return (parser->idx != 0); + return !parser->fail && parser->idx != 0; } static inline bool trace_parser_cont(struct trace_parser *parser) @@ -1313,6 +1314,11 @@ static inline void trace_parser_clear(struct trace_parser *parser) parser->idx = 0; } +static inline void trace_parser_fail(struct trace_parser *parser) +{ + parser->fail = true; +} + extern int trace_parser_get_init(struct trace_parser *parser, int size); extern void trace_parser_put(struct trace_parser *parser); extern int trace_get_user(struct trace_parser *parser, const char __user *ubuf, -- 2.50.1

2 months

1
0
0 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

Linux-stable-mirror