• Steven Rostedt (Red Hat)'s avatar
    tracing: Add trace_array_get/put() to event handling · fc82a11a
    Steven Rostedt (Red Hat) authored
    commit 8e2e2fa4 upstream.
    
    Commit a695cb58 "tracing: Prevent deleting instances when they are being read"
    tried to fix a race between deleting a trace instance and reading contents
    of a trace file. But it wasn't good enough. The following could crash the kernel:
    
     # cd /sys/kernel/debug/tracing/instances
     # ( while :; do mkdir foo; rmdir foo; done ) &
     # ( while :; do echo 1 > foo/events/sched/sched_switch 2> /dev/null; done ) &
    
    Luckily this can only be done by root user, but it should be fixed regardless.
    
    The problem is that a delete of the file can happen after the write to the event
    is opened, but before the enabling happens.
    
    The solution is to make sure the trace_array is available before succeeding in
    opening for write, and incerment the ref counter while opened.
    
    Now the instance can be deleted when the events are writing to the buffer,
    but the deletion of the instance will disable all events before the instance
    is actually deleted.
    Reported-by: default avatarAlexander Lam <azl@google.com>
    Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    fc82a11a
trace_events.c 61.7 KB