From patchwork Tue Feb 20 14:51:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steven Rostedt X-Patchwork-Id: 13564106 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 83F4A4C60; Tue, 20 Feb 2024 14:49:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708440568; cv=none; b=ckPovDbskSujhNS5+rKWj60UQgh3XzcWQDZxCRRRP/H1umk1Ovf0OewxmCWwSvd2DG7odNG2d9wVr2R0r8SQQZ4THtEofpj0NNjRvfN47NLMCJ5gizBGfy8ZtNJg/dsPtlblSnFs9QcbsRWLdgTdRGOIoZxTGBeAFq5QfB/nEQ0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1708440568; c=relaxed/simple; bh=a8t1iPdBa56JOkXzwJ9TrVm3w5eJG4iLEzNgpIdy/e8=; h=Date:From:To:Cc:Subject:Message-ID:MIME-Version:Content-Type; b=TeXwDnhb0yW9GdUXCtHxxS6ZQD+hEyD9shNBiggy6R2JnaSdmz1JQmefJBQLH8gC8NrAaJJsymmOdwXf+059q/5Snyl/t8QNDLofY3XI2l7qM+TatWemGjEk4FPfl1kbGANlTGfwxV0JSHEJxlW1JdrxgWORbVK+T2UD/+DD1NE= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 Received: by smtp.kernel.org (Postfix) with ESMTPSA id 733EAC433C7; Tue, 20 Feb 2024 14:49:27 +0000 (UTC) Date: Tue, 20 Feb 2024 09:51:12 -0500 From: Steven Rostedt To: LKML , Linux Trace Kernel Cc: Masami Hiramatsu , Mathieu Desnoyers Subject: [PATCH] ring-buffer: Do not let subbuf be bigger than write mask Message-ID: <20240220095112.77e9cb81@gandalf.local.home> X-Mailer: Claws Mail 3.19.1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) Precedence: bulk X-Mailing-List: linux-trace-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: "Steven Rostedt (Google)" The data on the subbuffer is measured by a write variable that also contains status flags. The counter is just 20 bits in length. If the subbuffer is bigger than then counter, it will fail. Make sure that the subbuffer can not be set to greater than the counter that keeps track of the data on the subbuffer. Fixes: 2808e31ec12e5 ("ring-buffer: Add interface for configuring trace sub buffer size") Signed-off-by: Steven Rostedt (Google) --- kernel/trace/ring_buffer.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c index aa54266f5e1f..3852f3b001cc 100644 --- a/kernel/trace/ring_buffer.c +++ b/kernel/trace/ring_buffer.c @@ -5878,6 +5878,10 @@ int ring_buffer_subbuf_order_set(struct trace_buffer *buffer, int order) if (psize <= BUF_PAGE_HDR_SIZE) return -EINVAL; + /* Size of a subbuf cannot be greater than the write counter */ + if (psize > RB_WRITE_MASK + 1) + return -EINVAL; + old_order = buffer->subbuf_order; old_size = buffer->subbuf_size;