@@ -67,6 +67,7 @@ struct user_event_group {
DECLARE_BITMAP(page_bitmap, MAX_EVENTS);
refcount_t refcnt;
int id;
+ int reg_limit;
};
static DEFINE_HASHTABLE(group_table, 8);
@@ -234,6 +235,9 @@ static struct user_event_group *user_event_group_create(const char *name,
goto error;
}
+ /* Register limit is 1 under max for bitmap logic */
+ group->reg_limit = MAX_EVENTS - 1;
+
group->pages = alloc_pages(GFP_KERNEL | __GFP_ZERO, MAX_PAGE_ORDER);
if (!group->pages)
@@ -1258,8 +1262,7 @@ static int user_event_parse(struct user_event_group *group, char *name,
char *args, char *flags,
struct user_event **newuser)
{
- int ret;
- int index;
+ int ret, index, limit;
u32 key;
struct user_event *user;
@@ -1278,9 +1281,18 @@ static int user_event_parse(struct user_event_group *group, char *name,
return 0;
}
- index = find_first_zero_bit(group->page_bitmap, MAX_EVENTS);
+ /*
+ * Bitmap returns actual max when too big:
+ * We need to add 1 to this limit to ensure proper logic
+ */
+ limit = group->reg_limit + 1;
+
+ if (limit > MAX_EVENTS)
+ return -E2BIG;
+
+ index = find_first_zero_bit(group->page_bitmap, limit);
- if (index == MAX_EVENTS)
+ if (index == limit)
return -EMFILE;
user = kzalloc(sizeof(*user), GFP_KERNEL);
@@ -1813,6 +1825,7 @@ static int user_seq_show(struct seq_file *m, void *p)
seq_printf(m, "Active: %d\n", active);
seq_printf(m, "Busy: %d\n", busy);
seq_printf(m, "Max: %ld\n", MAX_EVENTS);
+ seq_printf(m, "Limit: %d\n", group->reg_limit);
return 0;
}
@@ -1992,13 +2005,44 @@ static int user_event_ns_remove(struct trace_namespace *ns)
return ret;
}
+#define NS_EVENT_LIMIT_PREFIX "user_events_limit="
+
static int user_event_ns_parse(struct trace_namespace *ns, const char *command)
{
- return 0;
+ struct user_event_group *group = user_event_group_find(ns->id);
+ int len, value, ret = -ECANCELED;
+
+ if (!group)
+ return -ECANCELED;
+
+ len = str_has_prefix(command, NS_EVENT_LIMIT_PREFIX);
+ if (len && !kstrtouint(command + len, 0, &value)) {
+ if (value <= 0 || value > MAX_EVENTS) {
+ ret = -EINVAL;
+ goto out;
+ }
+
+ group->reg_limit = value;
+ ret = 0;
+ goto out;
+ }
+out:
+ user_event_group_release(group);
+
+ return ret;
}
static int user_event_ns_show(struct trace_namespace *ns, struct seq_file *m)
{
+ struct user_event_group *group = user_event_group_find(ns->id);
+
+ if (!group)
+ return 0;
+
+ seq_printf(m, "%s%d\n", NS_EVENT_LIMIT_PREFIX, group->reg_limit);
+
+ user_event_group_release(group);
+
return 0;
}
When granting non-admin users the ability to register and write data to user events they should have a limit imposed. Using the namespace options file, operators can change the limit of the events that are allowed to be created. There is also a new line in the user_events_status file to let users know the current limit (and to ask the operator for more if required). For example, to limit the namespace to only 256 events: echo user_events_limit=256 > options From within the namespace root: cat user_events_status ... Limit: 256 Signed-off-by: Beau Belgrave <beaub@linux.microsoft.com> --- kernel/trace/trace_events_user.c | 54 +++++++++++++++++++++++++++++--- 1 file changed, 49 insertions(+), 5 deletions(-)