Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp4716063rdb; Tue, 12 Dec 2023 07:29:06 -0800 (PST) X-Google-Smtp-Source: AGHT+IGRCBPbRiUPBbNTQbYBvHSLJR31Ajlr9t7fDPdNvtUI6sxtvWItYf7ADbvaQoU8OJ+5iwm+ X-Received: by 2002:a05:6a20:8410:b0:190:20b6:e4c0 with SMTP id c16-20020a056a20841000b0019020b6e4c0mr3191671pzd.107.1702394946541; Tue, 12 Dec 2023 07:29:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702394946; cv=none; d=google.com; s=arc-20160816; b=FEKkjJCx5QprO4p4eTc4I1F19uX/eY1S7TUV6TL3Iw4+GHlsSLIMEw8ipeLGM0cnma dQtqJVoumqN26kS+9U0OdblaF0Y2/Uj82yp6y/wi8d5zVY+1ps8AP8hch9DKAtA6459q Sx3UfYtpJoX9U7+3p6oq3HusfWqsnyhu37+QXPvvk561aCyyszWyUMl3sZ241IkGoM5+ Y3RkJBYe/zLonEDPluS85pSF0GCXuFZtIbExlEA4rE8QyXxo7wnyFqGfra/0lLVVCiOh 263xuD91rOwVmoZYDiIkI50YbM3FhsKagVRESaMgLXIB+AlGfwiHLppix6rZ98dcN2qS p72Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=/EEb0UZETGU1lZunm0cYnZ1JfaP32Dj2sU3vxFRpJYY=; fh=DXqSFHFMGWs8NWhSKawAW+CcN1HWregSaTKgaWTRpeY=; b=VBouB52468r3rbCZvBESBLb8nqKLCZB6msRagQqe931BdikUuZ6r1YPpClYcD/1+ev sWRO44GRpLb9MTRjNN4BiZgFxOesOkkTHEk0l20YSq/QaK/+SFEIQt+tpM+LZNYVWqqY 5+ZPJWv6wYtN8SaoUJQYJoelELRXUJYPnVeyWOa/LVFh4yABSvBkYvX/o+Y3oAeSY8SZ Uf9G6fqn03zrHBT0yWXIzb7zw9C/MGBG3QARquoq/3TRYBXB4CIF3+dBpxB3Qn+den5V +z1eK6/QMTasLVouLVYBTjFPYD6DeDS2n8mMK2sKYAgx4yqHRL/jw1EpdtpM14UaXbVt DDRA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from fry.vger.email (fry.vger.email. [23.128.96.38]) by mx.google.com with ESMTPS id bw20-20020a056a02049400b005c65d9c13f4si8625976pgb.364.2023.12.12.07.29.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 07:29:06 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) client-ip=23.128.96.38; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.38 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 0DE9780A23AB; Tue, 12 Dec 2023 07:29:04 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1376876AbjLLP2k (ORCPT + 99 others); Tue, 12 Dec 2023 10:28:40 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38330 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1376850AbjLLP2L (ORCPT ); Tue, 12 Dec 2023 10:28:11 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8A1D0D71 for ; Tue, 12 Dec 2023 07:28:10 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7FF7AC433C9; Tue, 12 Dec 2023 15:28:09 +0000 (UTC) Date: Tue, 12 Dec 2023 10:28:51 -0500 From: Steven Rostedt To: Mathieu Desnoyers Cc: LKML , Linux Trace Kernel , Masami Hiramatsu , Mark Rutland Subject: Re: [PATCH] tracing: Add size check when printing trace_marker output Message-ID: <20231212102851.5e181e33@gandalf.local.home> In-Reply-To: <148974c2-df17-4c71-a59a-6e056e10910e@efficios.com> References: <20231212084444.4619b8ce@gandalf.local.home> <148974c2-df17-4c71-a59a-6e056e10910e@efficios.com> X-Mailer: Claws Mail 3.19.1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Tue, 12 Dec 2023 07:29:04 -0800 (PST) On Tue, 12 Dec 2023 09:23:54 -0500 Mathieu Desnoyers wrote: > On 2023-12-12 08:44, Steven Rostedt wrote: > > From: "Steven Rostedt (Google)" > > > > If for some reason the trace_marker write does not have a nul byte for the > > string, it will overflow the print: > > Does this result in leaking kernel memory to userspace ? If so, it > should state "Fixes..." and CC stable. No, it was triggered because of a bug elsewhere ;-) https://lore.kernel.org/linux-trace-kernel/20231212072558.61f76493@gandalf.local.home/ Which does have a Cc stable and Fixes tag. The event truncated the trace_marker output and caused the buffer overflow here. The trace_marker always adds a '\0', but that got dropped due to the other bug. This is just hardening the kernel. Note, this can only happen with the new code that allows trace_marker to use the max size of the buffer, which is for the next kernel release. -- Steve