Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp4678652rdb;
        Tue, 12 Dec 2023 06:33:27 -0800 (PST)
X-Google-Smtp-Source: AGHT+IHaWOEEh3KKFDTF1EePMJtEIBrSaQHoWRe6if0EymSlCnqyOPrr4pyPUm4goeOAc8x8czmC
X-Received: by 2002:a05:6a20:6714:b0:190:3fd8:45b6 with SMTP id q20-20020a056a20671400b001903fd845b6mr3397694pzh.25.1702391607193;
        Tue, 12 Dec 2023 06:33:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1702391607; cv=none;
        d=google.com; s=arc-20160816;
        b=XTQdoi5KDLgNqYEassiYeprMaDBvUUS65zG31wf4baU+hH1rKhSklqcVcPQshd5+d2
         PhZazsuyEI5wOiyhBVXWQGGS28Dg+jBnV15ki+ZtGb/ZROil5gqqdbdAE7Kw5m8pTQ+B
         orR5Nlzc0HM8uc1QD0mjmOUbV3tBkOVGtM/rR0+6MPcgHva5SzrnTK9IrMA3gY8QbChU
         ICU6qMDBQyGRH6fsxwCigm5FU6wV+5dozpCpyNY1elES0u0cBlfD3jk4/mnyzl3gMNhT
         M6V3r2YIgFqVRGmnNZ2AnTB2jU9Y0jS7dg/+uOknpt3uJhBKzqhqUSASDxx5ih5HEoeK
         KfOg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:content-language:subject:user-agent:mime-version
         :date:message-id:dkim-signature;
        bh=iWspxYyuoNLxe/KhKrbpEWH6mztaO+aN39yl7ymJWUE=;
        fh=ApSZSMqk2cOXZBaXQhOniVNa7xwAQ0YLx1sKJGpf0is=;
        b=QEXrSVuD+MN8K1mIKneRhH+M/TZ/vhDILtnBD1t4Nr+ZiieHIm/Lh51s+/ZHGc4Ava
         lbIwGYshkmDSoz3E+fJct/PGClmpVmEvgfN2O8HD1OUZKvsRP+aBiCc9zw4AntlZ1NbZ
         ujvdnLtBcAbJ+rJLr7X9cWeY7g6OQCHY9Z541lh9D3mo3RV4Ujcmdjc6Xit5OUGvI0CY
         HaxJOz3bssnzEP1crEkoRnisngPATCCYuatfqM06UmNkfPuy9jAv5AywMYbomy2GLlo4
         bpx6ARZ4e2b5yMMWEODe166mY74NtdOBx8mVhEjcAVAQvSlJSt3lTc8Oy82dMwM6mlqp
         h4cA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@efficios.com header.s=smtpout1 header.b="N/XuIcIC";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=efficios.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from morse.vger.email (morse.vger.email. [2620:137:e000::3:1])
        by mx.google.com with ESMTPS id fh13-20020a056a00390d00b006cefb653cecsi5193522pfb.146.2023.12.12.06.33.26
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 12 Dec 2023 06:33:27 -0800 (PST)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) client-ip=2620:137:e000::3:1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@efficios.com header.s=smtpout1 header.b="N/XuIcIC";
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:1 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=efficios.com
Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0])
	by morse.vger.email (Postfix) with ESMTP id A7DEB802170D;
	Tue, 12 Dec 2023 06:33:24 -0800 (PST)
X-Virus-Status: Clean
X-Virus-Scanned: clamav-milter 0.103.11 at morse.vger.email
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1376810AbjLLOdI (ORCPT
        <rfc822;aditya.jainadityajain.jain@gmail.com> + 99 others);
        Tue, 12 Dec 2023 09:33:08 -0500
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60856 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1376827AbjLLOdH (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 12 Dec 2023 09:33:07 -0500
Received: from smtpout.efficios.com (smtpout.efficios.com [167.114.26.122])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0A37DFE;
        Tue, 12 Dec 2023 06:33:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=efficios.com;
        s=smtpout1; t=1702391592;
        bh=T1FTOhn+dhe2RzQli+HA9sglh+MKVmt+QGRK16ISh8c=;
        h=Date:Subject:To:Cc:References:From:In-Reply-To:From;
        b=N/XuIcIC5n/F9LxFkbso1fomRmByzGSpVdY0yHcHKFnqc56Z86rthqwwb81hDbQLl
         Uh8IPawWVo14yvd+5h+t9oL5MpUcMABxKJvJCOUA+v7c/T9VrlbCAIfi6qNQA5FZJb
         vu7eezd4Ljb+IfozTCP+OVSwNa4NL6r2Whg4e/eb64BlCws/4+xQUj6Rp/Ocs/tWGW
         NojGDRAVm+4DhQjcTjQYdvGn2xCpkYo96ByDUx8Ae+2PrsEOJroGzjnqsLCT8Vd2ap
         noaa5PMANi+SrI26YYNlQvAFJUieMCy7Wk/S/PH7FJMvjCg2AHZQ5sXGw4a8aIIVBL
         hIFDB56U5nzsw==
Received: from [172.16.0.134] (192-222-143-198.qc.cable.ebox.net [192.222.143.198])
        by smtpout.efficios.com (Postfix) with ESMTPSA id 4SqLgr0zpNzGCv;
        Tue, 12 Dec 2023 09:33:12 -0500 (EST)
Message-ID: <445ac00d-0f0c-4f6a-b85a-97209635c3f3@efficios.com>
Date:   Tue, 12 Dec 2023 09:33:11 -0500
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH v2] tracing: Allow for max buffer data size trace_marker
 writes
Content-Language: en-US
To:     Steven Rostedt <rostedt@goodmis.org>,
        LKML <linux-kernel@vger.kernel.org>,
        Linux Trace Kernel <linux-trace-kernel@vger.kernel.org>
Cc:     Masami Hiramatsu <mhiramat@kernel.org>,
        Mark Rutland <mark.rutland@arm.com>
References: <20231212090057.41b28efe@gandalf.local.home>
From:   Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
In-Reply-To: <20231212090057.41b28efe@gandalf.local.home>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,
	SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable
	autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on morse.vger.email
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (morse.vger.email [0.0.0.0]); Tue, 12 Dec 2023 06:33:24 -0800 (PST)

On 2023-12-12 09:00, Steven Rostedt wrote:
[...]
> --- a/kernel/trace/trace.c
> +++ b/kernel/trace/trace.c
> @@ -7272,6 +7272,7 @@ tracing_mark_write(struct file *filp, const char __user *ubuf,
>   	enum event_trigger_type tt = ETT_NONE;
>   	struct trace_buffer *buffer;
>   	struct print_entry *entry;
> +	int meta_size;
>   	ssize_t written;
>   	int size;
>   	int len;
> @@ -7286,12 +7287,9 @@ tracing_mark_write(struct file *filp, const char __user *ubuf,
>   	if (!(tr->trace_flags & TRACE_ITER_MARKERS))
>   		return -EINVAL;
>   
> -	if (cnt > TRACE_BUF_SIZE)
> -		cnt = TRACE_BUF_SIZE;

You're removing an early bound check for a size_t userspace input...

> -
> -	BUILD_BUG_ON(TRACE_BUF_SIZE >= PAGE_SIZE);
> -
> -	size = sizeof(*entry) + cnt + 2; /* add '\0' and possible '\n' */
> +	meta_size = sizeof(*entry) + 2;  /* add '\0' and possible '\n' */
> + again:
> +	size = cnt + meta_size;

... and then implicitly casting it into a "int" size variable, which
can therefore become a negative value.

Just for the sake of not having to rely on ring_buffer_lock_reserve
catching (length > BUF_MAX_DATA_SIZE), I would recommend to add an
early check for negative here.

>   
>   	/* If less than "<faulted>", then make sure we can still add that */
>   	if (cnt < FAULTED_SIZE)
> @@ -7300,9 +7298,25 @@ tracing_mark_write(struct file *filp, const char __user *ubuf,
>   	buffer = tr->array_buffer.buffer;
>   	event = __trace_buffer_lock_reserve(buffer, TRACE_PRINT, size,
>   					    tracing_gen_ctx());
> -	if (unlikely(!event))
> +	if (unlikely(!event)) {
> +		/*
> +		 * If the size was greated than what was allowed, then

greater ?

Thanks,

Mathieu

-- 
Mathieu Desnoyers
EfficiOS Inc.
https://www.efficios.com