tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'trace-probes-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace

Pull tracing/probes fixes from Steven Rostedt:

- Fix possible NULL pointer dereference on trace_event_file in
kprobe_event_gen_test_exit()

- Fix NULL pointer dereference for trace_array in
kprobe_event_gen_test_exit()

- Fix memory leak of filter string for eprobes

- Fix a possible memory leak in rethook_alloc()

- Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case which
can cause a possible use-after-free

- Fix warning in eprobe filter creation

- Fix eprobe filter creation as it picked the wrong event for the
fields

* tag 'trace-probes-v6.1' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace:
tracing/eprobe: Fix eprobe filter to make a filter correctly
tracing/eprobe: Fix warning in filter creation
kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case
rethook: fix a potential memleak in rethook_alloc()
tracing/eprobe: Fix memory leak of filter string
tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit()
tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit()

Linus Torvalds c6c67bf9 5239ddeb

+45 -20
+7 -1
kernel/kprobes.c
··· 1766 1766 if ((list_p != p) && (list_p->post_handler)) 1767 1767 goto noclean; 1768 1768 } 1769 - ap->post_handler = NULL; 1769 + /* 1770 + * For the kprobe-on-ftrace case, we keep the 1771 + * post_handler setting to identify this aggrprobe 1772 + * armed with kprobe_ipmodify_ops. 1773 + */ 1774 + if (!kprobe_ftrace(ap)) 1775 + ap->post_handler = NULL; 1770 1776 } 1771 1777 noclean: 1772 1778 /*
+32 -16
kernel/trace/kprobe_event_gen_test.c
··· 73 73 #define KPROBE_GEN_TEST_ARG3 NULL 74 74 #endif 75 75 76 + static bool trace_event_file_is_valid(struct trace_event_file *input) 77 + { 78 + return input && !IS_ERR(input); 79 + } 76 80 77 81 /* 78 82 * Test to make sure we can create a kprobe event, then add more ··· 143 139 kfree(buf); 144 140 return ret; 145 141 delete: 142 + if (trace_event_file_is_valid(gen_kprobe_test)) 143 + gen_kprobe_test = NULL; 146 144 /* We got an error after creating the event, delete it */ 147 145 ret = kprobe_event_delete("gen_kprobe_test"); 148 146 goto out; ··· 208 202 kfree(buf); 209 203 return ret; 210 204 delete: 205 + if (trace_event_file_is_valid(gen_kretprobe_test)) 206 + gen_kretprobe_test = NULL; 211 207 /* We got an error after creating the event, delete it */ 212 208 ret = kprobe_event_delete("gen_kretprobe_test"); 213 209 goto out; ··· 225 217 226 218 ret = test_gen_kretprobe_cmd(); 227 219 if (ret) { 228 - WARN_ON(trace_array_set_clr_event(gen_kretprobe_test->tr, 229 - "kprobes", 230 - "gen_kretprobe_test", false)); 231 - trace_put_event_file(gen_kretprobe_test); 220 + if (trace_event_file_is_valid(gen_kretprobe_test)) { 221 + WARN_ON(trace_array_set_clr_event(gen_kretprobe_test->tr, 222 + "kprobes", 223 + "gen_kretprobe_test", false)); 224 + trace_put_event_file(gen_kretprobe_test); 225 + } 232 226 WARN_ON(kprobe_event_delete("gen_kretprobe_test")); 233 227 } 234 228 ··· 239 229 240 230 static void __exit kprobe_event_gen_test_exit(void) 241 231 { 242 - /* Disable the event or you can't remove it */ 243 - WARN_ON(trace_array_set_clr_event(gen_kprobe_test->tr, 244 - "kprobes", 245 - "gen_kprobe_test", false)); 232 + if (trace_event_file_is_valid(gen_kprobe_test)) { 233 + /* Disable the event or you can't remove it */ 234 + WARN_ON(trace_array_set_clr_event(gen_kprobe_test->tr, 235 + "kprobes", 236 + "gen_kprobe_test", false)); 246 237 247 - /* Now give the file and instance back */ 248 - trace_put_event_file(gen_kprobe_test); 238 + /* Now give the file and instance back */ 239 + trace_put_event_file(gen_kprobe_test); 240 + } 241 + 249 242 250 243 /* Now unregister and free the event */ 251 244 WARN_ON(kprobe_event_delete("gen_kprobe_test")); 252 245 253 - /* Disable the event or you can't remove it */ 254 - WARN_ON(trace_array_set_clr_event(gen_kretprobe_test->tr, 255 - "kprobes", 256 - "gen_kretprobe_test", false)); 246 + if (trace_event_file_is_valid(gen_kretprobe_test)) { 247 + /* Disable the event or you can't remove it */ 248 + WARN_ON(trace_array_set_clr_event(gen_kretprobe_test->tr, 249 + "kprobes", 250 + "gen_kretprobe_test", false)); 257 251 258 - /* Now give the file and instance back */ 259 - trace_put_event_file(gen_kretprobe_test); 252 + /* Now give the file and instance back */ 253 + trace_put_event_file(gen_kretprobe_test); 254 + } 255 + 260 256 261 257 /* Now unregister and free the event */ 262 258 WARN_ON(kprobe_event_delete("gen_kretprobe_test"));
+3 -1
kernel/trace/rethook.c
··· 83 83 { 84 84 struct rethook *rh = kzalloc(sizeof(struct rethook), GFP_KERNEL); 85 85 86 - if (!rh || !handler) 86 + if (!rh || !handler) { 87 + kfree(rh); 87 88 return NULL; 89 + } 88 90 89 91 rh->data = data; 90 92 rh->handler = handler;
+3 -2
kernel/trace/trace_eprobe.c
··· 52 52 kfree(ep->event_system); 53 53 if (ep->event) 54 54 trace_event_put_ref(ep->event); 55 + kfree(ep->filter_str); 55 56 kfree(ep); 56 57 } 57 58 ··· 646 645 INIT_LIST_HEAD(&trigger->list); 647 646 648 647 if (ep->filter_str) { 649 - ret = create_event_filter(file->tr, file->event_call, 648 + ret = create_event_filter(file->tr, ep->event, 650 649 ep->filter_str, false, &filter); 651 650 if (ret) 652 651 goto error; ··· 904 903 905 904 static int trace_eprobe_parse_filter(struct trace_eprobe *ep, int argc, const char *argv[]) 906 905 { 907 - struct event_filter *dummy; 906 + struct event_filter *dummy = NULL; 908 907 int i, ret, len = 0; 909 908 char *p; 910 909