linux-uconsole

History

Prateek Sood 5ce7528c4d tracing: Fix race in perf_trace_buf initialization commit `6b1340cc00` upstream. A race condition exists while initialiazing perf_trace_buf from perf_trace_init() and perf_kprobe_init(). CPU0 CPU1 perf_trace_init() mutex_lock(&event_mutex) perf_trace_event_init() perf_trace_event_reg() total_ref_count == 0 buf = alloc_percpu() perf_trace_buf[i] = buf tp_event->class->reg() //fails perf_kprobe_init() goto fail perf_trace_event_init() perf_trace_event_reg() fail: total_ref_count == 0 total_ref_count == 0 buf = alloc_percpu() perf_trace_buf[i] = buf tp_event->class->reg() total_ref_count++ free_percpu(perf_trace_buf[i]) perf_trace_buf[i] = NULL Any subsequent call to perf_trace_event_reg() will observe total_ref_count > 0, causing the perf_trace_buf to be always NULL. This can result in perf_trace_buf getting accessed from perf_trace_buf_alloc() without being initialized. Acquiring event_mutex in perf_kprobe_init() before calling perf_trace_event_init() should fix this race. The race caused the following bug: Unable to handle kernel paging request at virtual address 0000003106f2003c Mem abort info: ESR = 0x96000045 Exception class = DABT (current EL), IL = 32 bits SET = 0, FnV = 0 EA = 0, S1PTW = 0 Data abort info: ISV = 0, ISS = 0x00000045 CM = 0, WnR = 1 user pgtable: 4k pages, 39-bit VAs, pgdp = ffffffc034b9b000 [0000003106f2003c] pgd=0000000000000000, pud=0000000000000000 Internal error: Oops: 96000045 [#1] PREEMPT SMP Process syz-executor (pid: 18393, stack limit = 0xffffffc093190000) pstate: 80400005 (Nzcv daif +PAN -UAO) pc : __memset+0x20/0x1ac lr : memset+0x3c/0x50 sp : ffffffc09319fc50 __memset+0x20/0x1ac perf_trace_buf_alloc+0x140/0x1a0 perf_trace_sys_enter+0x158/0x310 syscall_trace_enter+0x348/0x7c0 el0_svc_common+0x11c/0x368 el0_svc_handler+0x12c/0x198 el0_svc+0x8/0xc Ramdumps showed the following: total_ref_count = 3 perf_trace_buf = ( 0x0 -> NULL, 0x0 -> NULL, 0x0 -> NULL, 0x0 -> NULL) Link: http://lkml.kernel.org/r/1571120245-4186-1-git-send-email-prsood@codeaurora.org Cc: stable@vger.kernel.org Fixes: `e12f03d703` ("perf/core: Implement the 'perf_kprobe' PMU") Acked-by: Song Liu <songliubraving@fb.com> Signed-off-by: Prateek Sood <prsood@codeaurora.org> Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>		2019-10-29 09:20:03 +01:00
..
blktrace.c	for-4.19/post-20180822	2018-08-22 13:38:05 -07:00
bpf_trace.c	bpf: fix nested bpf tracepoints with per-cpu data	2019-07-03 13:14:48 +02:00
ftrace.c	ftrace: Get a reference counter for the trace_array on filter files	2019-10-17 13:45:40 -07:00
Kconfig	Masami found an off by one bug in the code that keeps "notrace" functions	2018-08-23 13:07:00 -07:00
Makefile	tracing: Allow gcov profiling on only ftrace subsystem	2018-08-21 09:11:49 -04:00
power-traces.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
preemptirq_delay_test.c	tracing: Use trace_clock_local() for looping in preemptirq_delay_test.c	2018-10-17 15:35:33 -04:00
ring_buffer.c	trace: Fix preempt_enable_no_resched() abuse	2019-05-02 09:58:54 +02:00
ring_buffer_benchmark.c	tracing: Add SPDX License format tags to tracing files	2018-08-16 19:08:06 -04:00
rpm-traces.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
trace.c	tracing: Get trace_array reference for available_tracers files	2019-10-17 13:45:41 -07:00
trace.h	tracing: Silence GCC 9 array bounds warning	2019-06-25 11:35:52 +08:00
trace_benchmark.c	rcu: Rename cond_resched_rcu_qs() to cond_resched_tasks_rcu_qs()	2018-05-15 10:27:29 -07:00
trace_benchmark.h	tracing: Fix SPDX format headers to use C++ style comments	2018-08-16 19:08:06 -04:00
trace_branch.c	Revert "x86/uaccess, ftrace: Fix ftrace_likely_update() vs. SMAP"	2019-07-03 13:14:41 +02:00
trace_clock.c	tracing: Add SPDX License format tags to tracing files	2018-08-16 19:08:06 -04:00
trace_entries.h	tracing: Fix SPDX format headers to use C++ style comments	2018-08-16 19:08:06 -04:00
trace_event_perf.c	tracing: Fix race in perf_trace_buf initialization	2019-10-29 09:20:03 +01:00
trace_events.c	tracing: Fix partial reading of trace event's id file	2019-05-25 18:23:32 +02:00
trace_events_filter.c	tracing: Avoid memory leak in predicate_parse()	2019-06-09 09:17:14 +02:00
trace_events_filter_test.h	tracing: Fix SPDX format headers to use C++ style comments	2018-08-16 19:08:06 -04:00
trace_events_hist.c	tracing: Make sure variable reference alias has correct var_ref_idx	2019-10-11 18:20:57 +02:00
trace_events_trigger.c	tracing: Fix memory leak in set_trigger_filter()	2018-12-19 19:19:52 +01:00
trace_export.c	tracing: Add trigger file for trace_markers tracefs/ftrace/print	2018-05-29 08:28:53 -04:00
trace_functions.c	tracing: Update stack trace skipping for ORC unwinder	2018-01-23 15:57:00 -05:00
trace_functions_graph.c	tracing/fgraph: Fix set_graph_function from showing interrupts	2018-12-08 12:59:07 +01:00
trace_hwlat.c	tracing/hwlat: Don't ignore outer-loop duration when calculating max_latency	2019-10-17 13:45:39 -07:00
trace_irqsoff.c	tracing/fgraph: Fix set_graph_function from showing interrupts	2018-12-08 12:59:07 +01:00
trace_kdb.c	tracing: Silence GCC 9 array bounds warning	2019-06-25 11:35:52 +08:00
trace_kprobe.c	tracing/kprobes: Check the probe on unloaded module correctly	2018-11-21 09:19:09 +01:00
trace_kprobe_selftest.c	selftest/ftrace: Move kprobe selftest function to separate compile unit	2018-07-30 18:41:04 -04:00
trace_kprobe_selftest.h	tracing: Fix SPDX format headers to use C++ style comments	2018-08-16 19:08:06 -04:00
trace_mmiotrace.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
trace_nop.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
trace_output.c	tracing: Add SPDX License format tags to tracing files	2018-08-16 19:08:06 -04:00
trace_output.h	tracing: Fix SPDX format headers to use C++ style comments	2018-08-16 19:08:06 -04:00
trace_preemptirq.c	tracing: More reverting of "tracing: Centralize preemptirq tracepoints and unify their usage"	2018-08-10 15:12:00 -04:00
trace_printk.c	tracing: Add SPDX License format tags to tracing files	2018-08-16 19:08:06 -04:00
trace_probe.c	tracing: Add SPDX License format tags to tracing files	2018-08-16 19:08:06 -04:00
trace_probe.h	tracing: Add SPDX License format tags to tracing files	2018-08-16 19:08:06 -04:00
trace_sched_switch.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
trace_sched_wakeup.c	tracing/fgraph: Fix set_graph_function from showing interrupts	2018-12-08 12:59:07 +01:00
trace_selftest.c	Tracing updates for 4.15:	2017-11-17 14:58:01 -08:00
trace_selftest_dynamic.c	ftrace: Mark function tracer test functions noinline/noclone	2018-01-23 15:57:29 -05:00
trace_seq.c	tracing: Add SPDX License format tags to tracing files	2018-08-16 19:08:06 -04:00
trace_stack.c	tracing: Fix the file mode of stack tracer	2018-05-03 11:58:05 -04:00
trace_stat.c	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
trace_stat.h	tracing: Fix SPDX format headers to use C++ style comments	2018-08-16 19:08:06 -04:00
trace_syscalls.c	Tracing updates for 4.15:	2017-11-17 14:58:01 -08:00
trace_uprobe.c	tracing/uprobes: Fix output for multiple string arguments	2019-02-20 10:25:48 +01:00
tracing_map.c	tracing: Add SPDX License format tags to tracing files	2018-08-16 19:08:06 -04:00
tracing_map.h	tracing: Fix SPDX format headers to use C++ style comments	2018-08-16 19:08:06 -04:00