1. Patchew
  2. linux
  3. View series

[PATCH v2] tracing/osnoise: Replace kmalloc + copy_from_user with memdup_user

Thorsten Blum posted 1 patch 6 days, 1 hour ago 
kernel/trace/trace_osnoise.c | 10 ++++------
1 file changed, 4 insertions(+), 6 deletions(-)
[PATCH v2] tracing/osnoise: Replace kmalloc + copy_from_user with memdup_user
Posted by Thorsten Blum 6 days, 1 hour ago 
Replace kmalloc() followed by copy_from_user() with memdup_user() to
simplify and improve osnoise_cpus_write().

No functional changes intended.

Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
---
Changes in v2:
- Rebase to apply to master and linux-next
- Explicitly include linux/string.h
- Link to v1: https://lore.kernel.org/lkml/20250905192116.554018-2-thorsten.blum@linux.dev/
---
 kernel/trace/trace_osnoise.c | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/kernel/trace/trace_osnoise.c b/kernel/trace/trace_osnoise.c
index 337bc0eb5d71..ab0575a94be1 100644
--- a/kernel/trace/trace_osnoise.c
+++ b/kernel/trace/trace_osnoise.c
@@ -24,6 +24,7 @@
 #include <linux/sched/clock.h>
 #include <uapi/linux/sched/types.h>
 #include <linux/sched.h>
+#include <linux/string.h>
 #include "trace.h"
 
 #ifdef CONFIG_X86_LOCAL_APIC
@@ -2325,12 +2326,9 @@ osnoise_cpus_write(struct file *filp, const char __user *ubuf, size_t count,
 	if (count < 1)
 		return 0;
 
-	buf = kmalloc(count, GFP_KERNEL);
-	if (!buf)
-		return -ENOMEM;
-
-	if (copy_from_user(buf, ubuf, count))
-		return -EFAULT;
+	buf = memdup_user(ubuf, count);
+	if (IS_ERR(buf))
+		return PTR_ERR(buf);
 
 	if (!zalloc_cpumask_var(&osnoise_cpumask_new, GFP_KERNEL))
 		return -ENOMEM;
-- 
2.51.0
Re: [PATCH v2] tracing/osnoise: Replace kmalloc + copy_from_user with memdup_user
Posted by Steven Rostedt 1 day ago 
On Thu, 25 Sep 2025 23:17:36 +0200
Thorsten Blum <thorsten.blum@linux.dev> wrote:


>  #ifdef CONFIG_X86_LOCAL_APIC
> @@ -2325,12 +2326,9 @@ osnoise_cpus_write(struct file *filp, const char __user *ubuf, size_t count,
>  	if (count < 1)
>  		return 0;
>  
> -	buf = kmalloc(count, GFP_KERNEL);
> -	if (!buf)
> -		return -ENOMEM;
> -
> -	if (copy_from_user(buf, ubuf, count))
> -		return -EFAULT;
> +	buf = memdup_user(ubuf, count);
> +	if (IS_ERR(buf))
> +		return PTR_ERR(buf);

After adding this to my for-next branch, it failed to merge with upstream.
That's because a bug was found that if user space did not have a '\0'
terminator, reading this as a string could cause the read to go off the
allocated buffer and crash the machine.

>  
>  	if (!zalloc_cpumask_var(&osnoise_cpumask_new, GFP_KERNEL))
>  		return -ENOMEM;

The above was changed to this:

	if (count < 1)
		return 0;

	buf = kmalloc(count + 1, GFP_KERNEL);
	if (!buf)
		return -ENOMEM;

	if (copy_from_user(buf, ubuf, count))
		return -EFAULT;
	buf[count] = '\0';

Which makes your change not quite compatible.

I'm going to rebase and remove your change for now.

-- Steve
Re: [PATCH v2] tracing/osnoise: Replace kmalloc + copy_from_user with memdup_user
Posted by Thorsten Blum 23 hours ago 
On 30. Sep 2025, at 23:28, Steven Rostedt wrote:
> Which makes your change not quite compatible.
> 
> I'm going to rebase and remove your change for now.

No worries, I'll send a v3 tomorrow using memdup_user_nul() instead.

Thanks,
Thorsten
Re: [PATCH v2] tracing/osnoise: Replace kmalloc + copy_from_user with memdup_user
Posted by Steven Rostedt 23 hours ago 
On Wed, 1 Oct 2025 01:03:29 +0200
Thorsten Blum <thorsten.blum@linux.dev> wrote:

> On 30. Sep 2025, at 23:28, Steven Rostedt wrote:
> > Which makes your change not quite compatible.
> > 
> > I'm going to rebase and remove your change for now.  
> 
> No worries, I'll send a v3 tomorrow using memdup_user_nul() instead.

Thanks, you can base it off of my for-next branch.

-- Steve
Re: [PATCH v2] tracing/osnoise: Replace kmalloc + copy_from_user with memdup_user
Posted by Thorsten Blum 13 hours ago 
On 1. Oct 2025, at 01:09, Steven Rostedt wrote:
> Thanks, you can base it off of my for-next branch.

I think your for-next branch[1] doesn't include the fix a2501032de0d
("tracing/osnoise: Fix slab-out-of-bounds in _parse_integer_limit()")
yet, does it? My patch would need to be applied on top of that.

Thanks,
Thorsten

[1] https://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace.git/log/?h=for-next
Re: [PATCH v2] tracing/osnoise: Replace kmalloc + copy_from_user with memdup_user
Posted by Steven Rostedt 10 hours ago 
On Wed, 1 Oct 2025 11:11:16 +0200
Thorsten Blum <thorsten.blum@linux.dev> wrote:

> On 1. Oct 2025, at 01:09, Steven Rostedt wrote:
> > Thanks, you can base it off of my for-next branch.  
> 
> I think your for-next branch[1] doesn't include the fix a2501032de0d
> ("tracing/osnoise: Fix slab-out-of-bounds in _parse_integer_limit()")
> yet, does it? My patch would need to be applied on top of that.
> 
> Thanks,
> Thorsten
> 
> [1] https://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace.git/log/?h=for-next

Interesting, because it failed to merge when I ran my script to merge all
my "for-next" branches. :-/

Anyway, apply it on top v6.17.

Thanks,

-- Steve

Patchew 2.1-devel-b67e4c2

© 2016 - 2025 Red Hat, Inc.