tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

tracing: Handle NULL formats in hold_module_trace_bprintk_format()

If a task uses a non constant string for the format parameter in
trace_printk(), then the trace_printk_fmt variable is set to NULL. This
variable is then saved in the __trace_printk_fmt section.

The function hold_module_trace_bprintk_format() checks to see if duplicate
formats are used by modules, and reuses them if so (saves them to the list
if it is new). But this function calls lookup_format() that does a strcmp()
to the value (which is now NULL) and can cause a kernel oops.

This wasn't an issue till 3debb0a9ddb ("tracing: Fix trace_printk() to print
when not using bprintk()") which added "__used" to the trace_printk_fmt
variable, and before that, the kernel simply optimized it out (no NULL value
was saved).

The fix is simply to handle the NULL pointer in lookup_format() and have the
caller ignore the value if it was NULL.

Link: http://lkml.kernel.org/r/1464769870-18344-1-git-send-email-zhengjun.xing@intel.com

Reported-by: xingzhen <zhengjun.xing@intel.com>
Acked-by: Namhyung Kim <namhyung@kernel.org>
Fixes: 3debb0a9ddb ("tracing: Fix trace_printk() to print when not using bprintk()")
Cc: stable@vger.kernel.org # v3.5+
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>

Steven Rostedt (Red Hat) 70c8217a 5edb5649

+6 -1
+6 -1
kernel/trace/trace_printk.c
··· 36 36 static inline struct trace_bprintk_fmt *lookup_format(const char *fmt) 37 37 { 38 38 struct trace_bprintk_fmt *pos; 39 + 40 + if (!fmt) 41 + return ERR_PTR(-EINVAL); 42 + 39 43 list_for_each_entry(pos, &trace_bprintk_fmt_list, list) { 40 44 if (!strcmp(pos->fmt, fmt)) 41 45 return pos; ··· 61 57 for (iter = start; iter < end; iter++) { 62 58 struct trace_bprintk_fmt *tb_fmt = lookup_format(*iter); 63 59 if (tb_fmt) { 64 - *iter = tb_fmt->fmt; 60 + if (!IS_ERR(tb_fmt)) 61 + *iter = tb_fmt->fmt; 65 62 continue; 66 63 } 67 64