projects / GitHub / LineageOS / G12 / android_kernel_amlogic_linux-4.9.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 577b785)
tracing: add protection around open use of current_tracer
authorSteven Rostedt <srostedt@redhat.com>
Fri, 27 Feb 2009 04:55:58 +0000 (23:55 -0500)
committerSteven Rostedt <srostedt@redhat.com>
Fri, 27 Feb 2009 04:55:58 +0000 (23:55 -0500)
Impact: fix to possible race conditions

There's some uses of current_tracer that is not protected by the
trace_types_lock. There is a small chance that a sysadmin changes
the tracer while the current_tracer is being referenced.

If the race is hit, it is unlikely to cause any harm since the
tracers are constant and are not freed. But some strang side
effects may occur.

Signed-off-by: Steven Rostedt <srostedt@redhat.com>
kernel/trace/trace.c patch | blob | blame | history

diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index 485c6e7f4465b6e6464642f76257644edd3ca58a..6c89ec6cbd487272486408b463f8631f975f7510 100644 (file)
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -2024,12 +2024,12 @@ static ssize_t
 tracing_trace_options_read(struct file *filp, char __user *ubuf,
                       size_t cnt, loff_t *ppos)
 {
-       int i;
+       struct tracer_opt *trace_opts;
+       u32 tracer_flags;
+       int len = 0;
        char *buf;
        int r = 0;
-       int len = 0;
-       u32 tracer_flags = current_trace->flags->val;
-       struct tracer_opt *trace_opts = current_trace->flags->opts;
+       int i;
 
 
        /* calculate max size */
@@ -2038,6 +2038,10 @@ tracing_trace_options_read(struct file *filp, char __user *ubuf,
                len += 3; /* "no" and space */
        }
 
+       mutex_lock(&trace_types_lock);
+       tracer_flags = current_trace->flags->val;
+       trace_opts = current_trace->flags->opts;
+
        /*
         * Increase the size with names of options specific
         * of the current tracer.
@@ -2049,8 +2053,10 @@ tracing_trace_options_read(struct file *filp, char __user *ubuf,
 
        /* +2 for \n and \0 */
        buf = kmalloc(len + 2, GFP_KERNEL);
-       if (!buf)
+       if (!buf) {
+               mutex_unlock(&trace_types_lock);
                return -ENOMEM;
+       }
 
        for (i = 0; trace_options[i]; i++) {
                if (trace_flags & (1 << i))
@@ -2067,6 +2073,7 @@ tracing_trace_options_read(struct file *filp, char __user *ubuf,
                        r += sprintf(buf + r, "no%s ",
                                trace_opts[i].name);
        }
+       mutex_unlock(&trace_types_lock);
 
        r += sprintf(buf + r, "\n");
        WARN_ON(r >= len + 2);
@@ -2074,7 +2081,6 @@ tracing_trace_options_read(struct file *filp, char __user *ubuf,
        r = simple_read_from_buffer(ubuf, cnt, ppos, buf, r);
 
        kfree(buf);
-
        return r;
 }
 
@@ -2149,7 +2155,9 @@ tracing_trace_options_write(struct file *filp, const char __user *ubuf,
 
        /* If no option could be set, test the specific tracer options */
        if (!trace_options[i]) {
+               mutex_lock(&trace_types_lock);
                ret = set_tracer_option(current_trace, cmp, neg);
+               mutex_unlock(&trace_types_lock);
                if (ret)
                        return ret;
        }