Received: by 2002:a05:7412:85a1:b0:e2:908c:2ebd with SMTP id n33csp81807rdh; Mon, 30 Oct 2023 14:42:25 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFuLbXSeUBp5vUIlMpaBVOJddT9drVn2aQ2UHezfmtMFWKy424+hDt8/+zoRf4XNft0fk7D X-Received: by 2002:a17:90a:2a4a:b0:27d:8d42:6def with SMTP id d10-20020a17090a2a4a00b0027d8d426defmr7808291pjg.34.1698702144807; Mon, 30 Oct 2023 14:42:24 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698702144; cv=none; d=google.com; s=arc-20160816; b=mZoJ67wbHbyO5Fdr15aepU365ooRJR7RQj8PjNxYawFzh1amL5T6HGbdFy2yI/Jf49 +1e5zJx9zIjGLR8vrX21gQYerHWjYxhJ0y3eXft0UB4kDHJZV5DNr/0i37iRfT1xVy8K 47BW5iYEpI/jPEkYYFsZpIQL0vYN/FXfSQhuQsQ8le+nu10h7+ZWgXCG7EmQloBpUOwL i8MJS7UPTM5O1hNs5ABXlT/rlOwwWpEtCbuItkw/XePgtw6qW9mJYSJhCZ07huQKF22D p2dYoYQqYHS2leOfZMnvSfGlJXrg6IuNgFvb7ejVjwPdg7Pd1htQO59knnVuCyz5keDU SkGw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=SHsgRHhoqkaq8kE8+zLtQqJ+j1HxGJt5UjJB+ZsFZsk=; fh=ceEIcAA2CIXEzNWqa9rGuVzg6hDhV/enLMhUWODHRCM=; b=W2aDxK+H5UXigZdJawa2Cd/fDZtZR2NvJvSG6PfiIwsUZLI1V4FhVHRvNAaQZAmqOo zT6db5SJXPkHfc9+0nUmvpj3A6orVeoKe5PMyN65WoBzTbFnpIQkfBrPV6DkiBOgpBHQ CIRS7/1tZItHBLiU6ZF/9GmPdNFeFrH5xgiBZ+cV6vh9ooFZpZLOOLVsSq307ZBiHSp0 j3tdoK6XKFr+HgiUk7WtqHGoYmLco6tUF/aHYY/ZMgsZC2VlkZ3vQILYmNhtijPvrLh1 /hH8d0+kWkDgLtOoVhCEy94Fx18U2S94+vgjdf/fbJAbbH0lTkyHxkDFOr6dVa2qm+Dp ktNw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=la7Bwm7r; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id q15-20020a17090aa00f00b002764fc15dd3si5559250pjp.37.2023.10.30.14.41.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 30 Oct 2023 14:42:24 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=la7Bwm7r; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 8999680A2223; Mon, 30 Oct 2023 14:41:56 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231279AbjJ3Vlr (ORCPT + 99 others); Mon, 30 Oct 2023 17:41:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41046 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229598AbjJ3Vlq (ORCPT ); Mon, 30 Oct 2023 17:41:46 -0400 Received: from mail-vs1-xe34.google.com (mail-vs1-xe34.google.com [IPv6:2607:f8b0:4864:20::e34]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8D6F5F7 for ; Mon, 30 Oct 2023 14:41:43 -0700 (PDT) Received: by mail-vs1-xe34.google.com with SMTP id ada2fe7eead31-4584e93ca8bso2078050137.1 for ; Mon, 30 Oct 2023 14:41:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1698702102; x=1699306902; darn=vger.kernel.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=SHsgRHhoqkaq8kE8+zLtQqJ+j1HxGJt5UjJB+ZsFZsk=; b=la7Bwm7rkChaD8r1nAg4fHUfznKQxUPUEBtPFE/vPZUg9yeaR8hTMv41Fsxt/WIVA5 JvAOaN6KpTfLYqu/HkVWFujhLALcsHpHI05sJY78mr1QdviBOFEwC2ESc+m0eUslTA7x 662Grv5JAIKFANsnicqikkBALBimL81FzFoET+S2qwU7qPZqdggwM7Was3dSheyN7yqI Zi6qfqu0McsbepkLo1nX6+CQUsurd7VvqfoHVNx9nSaSnJxUxwYOVIBwSsZjXlPdybov neRCo+knEpfRtWLwy/dEaueW20GYoMSUQObTFTEDU6BIllK82QhC6dD7IiXBOzkyuFBx mjQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698702102; x=1699306902; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=SHsgRHhoqkaq8kE8+zLtQqJ+j1HxGJt5UjJB+ZsFZsk=; b=aM8YIZZtSHSt7oIjsFjbu8hkIUUXKzWdMU+PByPMYdl7p1cPcJb4y6bD22UoAHlEIb YUPOnmtVOu2RxlvaLYyENEdA5eJyjRmNLxdAT9Je2Zc/ntbiVocEg2anGm2zbenItuyn QKukfj1jg2FQuivbXSXBd4O0cORI1fppzqwX0Cou63hMwRyvwUh6GrYcaTXyKnyeg75S rx9aQCEBQ2kIC3wcxzyX1EPuyGo9+ZpIvJctCYpaMlpCL2w30TdUDAf4/uRiySrlBW/d wCrg4yHVwq26X3JCDTbtQyPpB9caK/oLZ+M3kWHRm8RuvUX2G4SuE9mUaHdQherXDOyi 8p4g== X-Gm-Message-State: AOJu0YwLguErPCYYhm4ECp+K8U0f7UYN5lLhbo+qPQsFcJRyV8WVFG/V utkz0rV8mHERLfUiaxYWC04CVWQPYFZTki4fFIlLtg== X-Received: by 2002:a67:cc16:0:b0:452:8423:e957 with SMTP id q22-20020a67cc16000000b004528423e957mr9523624vsl.28.1698702102537; Mon, 30 Oct 2023 14:41:42 -0700 (PDT) MIME-Version: 1.0 References: <20231030114047.759c7bdf@gandalf.local.home> In-Reply-To: <20231030114047.759c7bdf@gandalf.local.home> From: Naresh Kamboju Date: Tue, 31 Oct 2023 03:11:31 +0530 Message-ID: Subject: Re: [PATCH] eventfs: Hold eventfs_mutex when calling callback functions To: Steven Rostedt Cc: LKML , Linux Trace Kernel , Masami Hiramatsu , Mark Rutland , "Arnd Bergmann , naresh.kamboju@linaro.org, Beau Belgrave , Ajay Kaher , Andrew Morton" Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-0.8 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Mon, 30 Oct 2023 14:41:56 -0700 (PDT) On Mon, 30 Oct 2023 at 21:10, Steven Rostedt wrote: > > From: "Steven Rostedt (Google)" > > The callback function that is used to create inodes and dentries is not > protected by anything and the data that is passed to it could become > stale. After eventfs_remove_dir() is called by the tracing system, it is > free to remove the events that are associated to that directory. > Unfortunately, that means the callbacks must not be called after that. > > CPU0 CPU1 > ---- ---- > eventfs_root_lookup() { > eventfs_remove_dir() { > mutex_lock(&event_mutex); > ei->is_freed = set; > mutex_unlock(&event_mutex); > } > kfree(event_call); > > for (...) { > entry = &ei->entries[i]; > r = entry->callback() { > call = data; // call == event_call above > if (call->flags ...) > > [ USE AFTER FREE BUG ] > > The safest way to protect this is to wrap the callback with: > > mutex_lock(&eventfs_mutex); > if (!ei->is_freed) > r = entry->callback(); > else > r = -1; > mutex_unlock(&eventfs_mutex); > > This will make sure that the callback will not be called after it is > freed. But now it needs to be known that the callback is called while > holding internal eventfs locks, and that it must not call back into the > eventfs / tracefs system. There's no reason it should anyway, but document > that as well. > > Link: https://lore.kernel.org/all/CA+G9fYu9GOEbD=rR5eMR-=HJ8H6rMsbzDC2ZY5=Y50WpWAE7_Q@mail.gmail.com/ > > Reported-by: Linux Kernel Functional Testing > Reported-by: Naresh Kamboju > Signed-off-by: Steven Rostedt (Google) Tested-by: Linux Kernel Functional Testing Tested-by: Naresh Kamboju > --- > fs/tracefs/event_inode.c | 22 ++++++++++++++++++-- > include/linux/tracefs.h | 43 ++++++++++++++++++++++++++++++++++++++++ -- Linaro LKFT https://lkft.linaro.org