From: Steven Rostedt <rostedt@goodmis.org>
To: linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org,
linux-fsdevel@vger.kernel.org
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Masami Hiramatsu <mhiramat@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
Christian Brauner <brauner@kernel.org>,
Al Viro <viro@ZenIV.linux.org.uk>,
Ajay Kaher <ajay.kaher@broadcom.com>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, kernel test robot <oliver.sang@intel.com>
Subject: [PATCH v2 1/7] tracefs: Zero out the tracefs_inode when allocating it
Date: Wed, 31 Jan 2024 13:49:19 -0500 [thread overview]
Message-ID: <20240131185512.315825944@goodmis.org> (raw)
In-Reply-To: 20240131184918.945345370@goodmis.org
From: "Steven Rostedt (Google)" <rostedt@goodmis.org>
eventfs uses the tracefs_inode and assumes that it's already initialized
to zero. That is, it doesn't set fields to zero (like ti->private) after
getting its tracefs_inode. This causes bugs due to stale values.
Just initialize the entire structure to zero on allocation so there isn't
any more surprises.
This is a partial fix to access to ti->private. The assignment still needs
to be made before the dentry is instantiated.
Cc: stable@vger.kernel.org
Fixes: 5790b1fb3d672 ("eventfs: Remove eventfs_file and just use eventfs_inode")
Reported-by: kernel test robot <oliver.sang@intel.com>
Closes: https://lore.kernel.org/oe-lkp/202401291043.e62e89dc-oliver.sang@intel.com
Suggested-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
Changes since last version: https://lore.kernel.org/all/20240130230612.377a1933@gandalf.local.home/
- Moved vfs_inode to top of tracefs_inode structure so that the rest can
be initialized with memset_after() as the vfs_inode portion is already
cleared with a memset() itself in inode_init_once().
fs/tracefs/inode.c | 6 ++++--
fs/tracefs/internal.h | 3 ++-
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/fs/tracefs/inode.c b/fs/tracefs/inode.c
index e1b172c0e091..888e42087847 100644
--- a/fs/tracefs/inode.c
+++ b/fs/tracefs/inode.c
@@ -38,8 +38,6 @@ static struct inode *tracefs_alloc_inode(struct super_block *sb)
if (!ti)
return NULL;
- ti->flags = 0;
-
return &ti->vfs_inode;
}
@@ -779,7 +777,11 @@ static void init_once(void *foo)
{
struct tracefs_inode *ti = (struct tracefs_inode *) foo;
+ /* inode_init_once() calls memset() on the vfs_inode portion */
inode_init_once(&ti->vfs_inode);
+
+ /* Zero out the rest */
+ memset_after(ti, 0, vfs_inode);
}
static int __init tracefs_init(void)
diff --git a/fs/tracefs/internal.h b/fs/tracefs/internal.h
index 91c2bf0b91d9..7d84349ade87 100644
--- a/fs/tracefs/internal.h
+++ b/fs/tracefs/internal.h
@@ -11,9 +11,10 @@ enum {
};
struct tracefs_inode {
+ struct inode vfs_inode;
+ /* The below gets initialized with memset_after(ti, 0, vfs_inode) */
unsigned long flags;
void *private;
- struct inode vfs_inode;
};
/*
--
2.43.0
next prev parent reply other threads:[~2024-01-31 18:54 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-31 18:49 [PATCH v2 0/7] eventfs: Rewrite to simplify the code (aka: crapectomy) Steven Rostedt
2024-01-31 18:49 ` Steven Rostedt [this message]
2024-01-31 18:49 ` [PATCH v2 2/7] eventfs: Initialize the tracefs inode properly Steven Rostedt
2024-01-31 18:49 ` [PATCH v2 3/7] tracefs: Avoid using the ei->dentry pointer unnecessarily Steven Rostedt
2024-01-31 18:49 ` [PATCH v2 4/7] tracefs: dentry lookup crapectomy Steven Rostedt
2024-02-01 0:27 ` Al Viro
2024-02-01 2:26 ` Steven Rostedt
2024-02-01 3:02 ` Al Viro
2024-02-01 3:21 ` Steven Rostedt
2024-02-01 4:18 ` Steven Rostedt
2024-01-31 18:49 ` [PATCH v2 5/7] eventfs: Remove unused d_parent pointer field Steven Rostedt
2024-01-31 18:49 ` [PATCH v2 6/7] eventfs: Clean up dentry ops and add revalidate function Steven Rostedt
2024-01-31 18:49 ` [PATCH v2 7/7] eventfs: Get rid of dentry pointers without refcounts Steven Rostedt
2024-01-31 19:17 ` [PATCH v2 0/7] eventfs: Rewrite to simplify the code (aka: crapectomy) Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240131185512.315825944@goodmis.org \
--to=rostedt@goodmis.org \
--cc=ajay.kaher@broadcom.com \
--cc=brauner@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=mathieu.desnoyers@efficios.com \
--cc=mhiramat@kernel.org \
--cc=oliver.sang@intel.com \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.