From: Divya Indi divya.indi@oracle.com
[ Upstream commit e585e6469d6f476b82aa148dc44aaf7ae269a4e2 ]
A trace array can be destroyed from userspace or kernel. Verify if the trace array exists before proceeding to destroy/remove it.
Link: http://lkml.kernel.org/r/1565805327-579-3-git-send-email-divya.indi@oracle.c...
Reviewed-by: Aruna Ramakrishna aruna.ramakrishna@oracle.com Signed-off-by: Divya Indi divya.indi@oracle.com [ Removed unneeded braces ] Signed-off-by: Steven Rostedt (VMware) rostedt@goodmis.org Signed-off-by: Sasha Levin sashal@kernel.org --- kernel/module.c | 6 +++++- kernel/trace/trace.c | 15 ++++++++++++--- 2 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/kernel/module.c b/kernel/module.c index 819c5d3b4c295..0e3743dd3a568 100644 --- a/kernel/module.c +++ b/kernel/module.c @@ -3753,7 +3753,6 @@ static int complete_formation(struct module *mod, struct load_info *info)
module_enable_ro(mod, false); module_enable_nx(mod); - module_enable_x(mod);
/* Mark state as coming so strong_try_module_get() ignores us, * but kallsyms etc. can see us. */ @@ -3776,6 +3775,11 @@ static int prepare_coming_module(struct module *mod) if (err) return err;
+ /* Make module executable after ftrace is enabled */ + mutex_lock(&module_mutex); + module_enable_x(mod); + mutex_unlock(&module_mutex); + blocking_notifier_call_chain(&module_notify_list, MODULE_STATE_COMING, mod); return 0; diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index f9c2bdbbd8936..cd3d91554aff1 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -8502,17 +8502,26 @@ static int __remove_instance(struct trace_array *tr) return 0; }
-int trace_array_destroy(struct trace_array *tr) +int trace_array_destroy(struct trace_array *this_tr) { + struct trace_array *tr; int ret;
- if (!tr) + if (!this_tr) return -EINVAL;
mutex_lock(&event_mutex); mutex_lock(&trace_types_lock);
- ret = __remove_instance(tr); + ret = -ENODEV; + + /* Making sure trace array exists before destroying it. */ + list_for_each_entry(tr, &ftrace_trace_arrays, list) { + if (tr == this_tr) { + ret = __remove_instance(tr); + break; + } + }
mutex_unlock(&trace_types_lock); mutex_unlock(&event_mutex);