The file_ops struct for the "trace" special file defined llseek as seq_lseek().
However, if the file was opened for writing only, seq_open() was not called,
and the seek would dereference a null pointer, file->private_data.
This patch introduces a new wrapper for seq_lseek() which checks if the file
descriptor is opened for reading first. If not, it does nothing.
This patch is for Linux 2.6.36.1.
Signed-Off-By: Slava Pestov <[email protected]>
---
Change-Id: Iaabc50d84fb541c04e3efabd4788cebadbadbb4c
---
kernel/trace/trace.c | 10 +++++++++-
1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index 9ec59f5..7702f5a 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -2320,11 +2320,19 @@ tracing_write_stub(struct file *filp, const char __user *ubuf,
return count;
}
+static loff_t tracing_seek(struct file *file, loff_t offset, int origin)
+{
+ if (file->f_mode & FMODE_READ)
+ return seq_lseek(file, offset, origin);
+ else
+ return 0;
+}
+
static const struct file_operations tracing_fops = {
.open = tracing_open,
.read = seq_read,
.write = tracing_write_stub,
- .llseek = seq_lseek,
+ .llseek = tracing_seek,
.release = tracing_release,
};
--
1.7.3.1
On Wed, Nov 24, 2010 at 3:13 PM, Slava Pestov <[email protected]> wrote:
> The file_ops struct for the "trace" special file defined llseek as seq_lseek().
> However, if the file was opened for writing only, seq_open() was not called,
> and the seek would dereference a null pointer, file->private_data.
>
> This patch introduces a new wrapper for seq_lseek() which checks if the file
> descriptor is opened for reading first. If not, it does nothing.
>
> This patch is for Linux 2.6.36.1.
>
> Signed-Off-By: Slava Pestov <[email protected]>
Cc: Steven Rostedt <[email protected]>
> ---
>
> Change-Id: Iaabc50d84fb541c04e3efabd4788cebadbadbb4c
> ---
> kernel/trace/trace.c | 10 +++++++++-
> 1 files changed, 9 insertions(+), 1 deletions(-)
>
> diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
> index 9ec59f5..7702f5a 100644
> --- a/kernel/trace/trace.c
> +++ b/kernel/trace/trace.c
> @@ -2320,11 +2320,19 @@ tracing_write_stub(struct file *filp, const char __user *ubuf,
> return count;
> }
>
> +static loff_t tracing_seek(struct file *file, loff_t offset, int origin)
> +{
> + if (file->f_mode & FMODE_READ)
> + return seq_lseek(file, offset, origin);
> + else
> + return 0;
> +}
> +
> static const struct file_operations tracing_fops = {
> .open = tracing_open,
> .read = seq_read,
> .write = tracing_write_stub,
> - .llseek = seq_lseek,
> + .llseek = tracing_seek,
> .release = tracing_release,
> };
>
> --
> 1.7.3.1
>
>
Commit-ID: 364829b1263b44aa60383824e4c1289d83d78ca7
Gitweb: http://git.kernel.org/tip/364829b1263b44aa60383824e4c1289d83d78ca7
Author: Slava Pestov <[email protected]>
AuthorDate: Wed, 24 Nov 2010 15:13:16 -0800
Committer: Steven Rostedt <[email protected]>
CommitDate: Tue, 30 Nov 2010 12:18:17 -0500
tracing: Fix panic when lseek() called on "trace" opened for writing
The file_ops struct for the "trace" special file defined llseek as seq_lseek().
However, if the file was opened for writing only, seq_open() was not called,
and the seek would dereference a null pointer, file->private_data.
This patch introduces a new wrapper for seq_lseek() which checks if the file
descriptor is opened for reading first. If not, it does nothing.
Cc: <[email protected]>
Signed-off-by: Slava Pestov <[email protected]>
LKML-Reference: <[email protected]>
Signed-off-by: Steven Rostedt <[email protected]>
---
kernel/trace/trace.c | 10 +++++++++-
1 files changed, 9 insertions(+), 1 deletions(-)
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index ee6a733..21db0de 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -2339,11 +2339,19 @@ tracing_write_stub(struct file *filp, const char __user *ubuf,
return count;
}
+static loff_t tracing_seek(struct file *file, loff_t offset, int origin)
+{
+ if (file->f_mode & FMODE_READ)
+ return seq_lseek(file, offset, origin);
+ else
+ return 0;
+}
+
static const struct file_operations tracing_fops = {
.open = tracing_open,
.read = seq_read,
.write = tracing_write_stub,
- .llseek = seq_lseek,
+ .llseek = tracing_seek,
.release = tracing_release,
};