From nobody Wed Feb 11 11:51:18 2026 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9F27AC6FD1D for ; Tue, 14 Mar 2023 22:13:13 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231361AbjCNWNM (ORCPT ); Tue, 14 Mar 2023 18:13:12 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38930 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229778AbjCNWMx (ORCPT ); Tue, 14 Mar 2023 18:12:53 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3AFB538EB5 for ; Tue, 14 Mar 2023 15:11:21 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 072BB61A30 for ; Tue, 14 Mar 2023 22:10:15 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 9B8FBC433EF; Tue, 14 Mar 2023 22:10:13 +0000 (UTC) Date: Tue, 14 Mar 2023 18:10:12 -0400 From: Steven Rostedt To: Linus Torvalds Cc: LKML , Masami Hiramatsu , Mark Rutland , Arnd Bergmann , Chen Zhongjin , Tom Zanussi Subject: [GIT PULL] tracing: Fixes for 6.3 Message-ID: <20230314181012.05baf5c7@gandalf.local.home> X-Mailer: Claws Mail 3.17.8 (GTK+ 2.24.33; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Type: text/plain; charset="utf-8" Linus, Tracing fixes for v6.3 - Do not allow histogram values to have modifies. Can cause a NULL pointer dereference if they do. - Warn if hist_field_name() is passed a NULL. Prevent the NULL pointer dereference mentioned above. - Fix invalid address look up race in lookup_rec() - Define ftrace_stub_graph conditionally to prevent linker errors - Always check if RCU is watching at all tracepoint locations Please pull the latest trace-v6.3-rc1 tree, which can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace.git trace-v6.3-rc1 Tag SHA1: e07d2c69309d86ea31c30de7148fb6ec57786857 Head SHA1: c2679254b9c9980d9045f0f722cf093a2b1f7590 Arnd Bergmann (1): ftrace,kcfi: Define ftrace_stub_graph conditionally Chen Zhongjin (1): ftrace: Fix invalid address access in lookup_rec() when index is 0 Steven Rostedt (Google) (3): tracing: Do not let histogram values have some modifiers tracing: Check field value in hist_field_name() tracing: Make tracepoint lockdep check actually test something ---- arch/x86/kernel/ftrace_64.S | 2 ++ include/linux/tracepoint.h | 15 ++++++--------- kernel/trace/ftrace.c | 3 ++- kernel/trace/trace_events_hist.c | 12 ++++++++++++ 4 files changed, 22 insertions(+), 10 deletions(-) --------------------------- diff --git a/arch/x86/kernel/ftrace_64.S b/arch/x86/kernel/ftrace_64.S index 1265ad519249..fb4f1e01b64a 100644 --- a/arch/x86/kernel/ftrace_64.S +++ b/arch/x86/kernel/ftrace_64.S @@ -136,10 +136,12 @@ SYM_TYPED_FUNC_START(ftrace_stub) RET SYM_FUNC_END(ftrace_stub) =20 +#ifdef CONFIG_FUNCTION_GRAPH_TRACER SYM_TYPED_FUNC_START(ftrace_stub_graph) CALL_DEPTH_ACCOUNT RET SYM_FUNC_END(ftrace_stub_graph) +#endif =20 #ifdef CONFIG_DYNAMIC_FTRACE =20 diff --git a/include/linux/tracepoint.h b/include/linux/tracepoint.h index fa1004fcf810..2083f2d2f05b 100644 --- a/include/linux/tracepoint.h +++ b/include/linux/tracepoint.h @@ -231,12 +231,11 @@ static inline struct tracepoint *tracepoint_ptr_deref= (tracepoint_ptr_t *p) * not add unwanted padding between the beginning of the section and the * structure. Force alignment to the same alignment as the section start. * - * When lockdep is enabled, we make sure to always do the RCU portions of - * the tracepoint code, regardless of whether tracing is on. However, - * don't check if the condition is false, due to interaction with idle - * instrumentation. This lets us find RCU issues triggered with tracepoints - * even when this tracepoint is off. This code has no purpose other than - * poking RCU a bit. + * When lockdep is enabled, we make sure to always test if RCU is + * "watching" regardless if the tracepoint is enabled or not. Tracepoints + * require RCU to be active, and it should always warn at the tracepoint + * site if it is not watching, as it will need to be active when the + * tracepoint is enabled. */ #define __DECLARE_TRACE(name, proto, args, cond, data_proto) \ extern int __traceiter_##name(data_proto); \ @@ -249,9 +248,7 @@ static inline struct tracepoint *tracepoint_ptr_deref(t= racepoint_ptr_t *p) TP_ARGS(args), \ TP_CONDITION(cond), 0); \ if (IS_ENABLED(CONFIG_LOCKDEP) && (cond)) { \ - rcu_read_lock_sched_notrace(); \ - rcu_dereference_sched(__tracepoint_##name.funcs);\ - rcu_read_unlock_sched_notrace(); \ + WARN_ON_ONCE(!rcu_is_watching()); \ } \ } \ __DECLARE_TRACE_RCU(name, PARAMS(proto), PARAMS(args), \ diff --git a/kernel/trace/ftrace.c b/kernel/trace/ftrace.c index 750aa3f08b25..a47f7d93e32d 100644 --- a/kernel/trace/ftrace.c +++ b/kernel/trace/ftrace.c @@ -1537,7 +1537,8 @@ static struct dyn_ftrace *lookup_rec(unsigned long st= art, unsigned long end) key.flags =3D end; /* overload flags, as it is unsigned long */ =20 for (pg =3D ftrace_pages_start; pg; pg =3D pg->next) { - if (end < pg->records[0].ip || + if (pg->index =3D=3D 0 || + end < pg->records[0].ip || start >=3D (pg->records[pg->index - 1].ip + MCOUNT_INSN_SIZE)) continue; rec =3D bsearch(&key, pg->records, pg->index, diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_h= ist.c index 89877a18f933..486cca3c2b75 100644 --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -1331,6 +1331,9 @@ static const char *hist_field_name(struct hist_field = *field, { const char *field_name =3D ""; =20 + if (WARN_ON_ONCE(!field)) + return field_name; + if (level > 1) return field_name; =20 @@ -4235,6 +4238,15 @@ static int __create_val_field(struct hist_trigger_da= ta *hist_data, goto out; } =20 + /* Some types cannot be a value */ + if (hist_field->flags & (HIST_FIELD_FL_GRAPH | HIST_FIELD_FL_PERCENT | + HIST_FIELD_FL_BUCKET | HIST_FIELD_FL_LOG2 | + HIST_FIELD_FL_SYM | HIST_FIELD_FL_SYM_OFFSET | + HIST_FIELD_FL_SYSCALL | HIST_FIELD_FL_STACKTRACE)) { + hist_err(file->tr, HIST_ERR_BAD_FIELD_MODIFIER, errpos(field_str)); + ret =3D -EINVAL; + } + hist_data->fields[val_idx] =3D hist_field; =20 ++hist_data->n_vals;