[PATCH 3/5] tracing: add protection around open use of current_tracer

From: Steven Rostedt
Date: Fri Feb 27 2009 - 00:36:42 EST

Next message: Herbert Xu: "Re: Bug of dm-crypt?"
Previous message: Steven Rostedt: "[PATCH 4/5] tracing: use pointer error returns for __tracing_open"
In reply to: Steven Rostedt: "[PATCH 4/5] tracing: use pointer error returns for __tracing_open"
Next in thread: Ingo Molnar: "Re: [PATCH 0/5] [git pull] for tip/tracing/ftrace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Steven Rostedt <srostedt@xxxxxxxxxx>

Impact: fix to possible race conditions

There's some uses of current_tracer that is not protected by the
trace_types_lock. There is a small chance that a sysadmin changes
the tracer while the current_tracer is being referenced.

If the race is hit, it is unlikely to cause any harm since the
tracers are constant and are not freed. But some strang side
effects may occur.

Signed-off-by: Steven Rostedt <srostedt@xxxxxxxxxx>
---
kernel/trace/trace.c | 20 ++++++++++++++------
1 files changed, 14 insertions(+), 6 deletions(-)

diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index 485c6e7..6c89ec6 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -2024,12 +2024,12 @@ static ssize_t
tracing_trace_options_read(struct file *filp, char __user *ubuf,
size_t cnt, loff_t *ppos)
{
- int i;
+ struct tracer_opt *trace_opts;
+ u32 tracer_flags;
+ int len = 0;
char *buf;
int r = 0;
- int len = 0;
- u32 tracer_flags = current_trace->flags->val;
- struct tracer_opt *trace_opts = current_trace->flags->opts;
+ int i;

/* calculate max size */
@@ -2038,6 +2038,10 @@ tracing_trace_options_read(struct file *filp, char __user *ubuf,
len += 3; /* "no" and space */
}

+ mutex_lock(&trace_types_lock);
+ tracer_flags = current_trace->flags->val;
+ trace_opts = current_trace->flags->opts;
+
/*
* Increase the size with names of options specific
* of the current tracer.
@@ -2049,8 +2053,10 @@ tracing_trace_options_read(struct file *filp, char __user *ubuf,

/* +2 for \n and \0 */
buf = kmalloc(len + 2, GFP_KERNEL);
- if (!buf)
+ if (!buf) {
+ mutex_unlock(&trace_types_lock);
return -ENOMEM;
+ }

for (i = 0; trace_options[i]; i++) {
if (trace_flags & (1 << i))
@@ -2067,6 +2073,7 @@ tracing_trace_options_read(struct file *filp, char __user *ubuf,
r += sprintf(buf + r, "no%s ",
trace_opts[i].name);
}
+ mutex_unlock(&trace_types_lock);

r += sprintf(buf + r, "\n");
WARN_ON(r >= len + 2);
@@ -2074,7 +2081,6 @@ tracing_trace_options_read(struct file *filp, char __user *ubuf,
r = simple_read_from_buffer(ubuf, cnt, ppos, buf, r);

kfree(buf);
-
return r;
}

@@ -2149,7 +2155,9 @@ tracing_trace_options_write(struct file *filp, const char __user *ubuf,

/* If no option could be set, test the specific tracer options */
if (!trace_options[i]) {
+ mutex_lock(&trace_types_lock);
ret = set_tracer_option(current_trace, cmp, neg);
+ mutex_unlock(&trace_types_lock);
if (ret)
return ret;
}
--
1.5.6.5

--
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Herbert Xu: "Re: Bug of dm-crypt?"
Previous message: Steven Rostedt: "[PATCH 4/5] tracing: use pointer error returns for __tracing_open"
In reply to: Steven Rostedt: "[PATCH 4/5] tracing: use pointer error returns for __tracing_open"
Next in thread: Ingo Molnar: "Re: [PATCH 0/5] [git pull] for tip/tracing/ftrace"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]