lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <871qqn84q2.wl-tiwai@suse.de>
Date:   Tue, 01 Nov 2022 09:21:41 +0100
From:   Takashi Iwai <tiwai@...e.de>
To:     Steven Rostedt <rostedt@...dmis.org>
Cc:     Takashi Iwai <tiwai@...e.de>, regressions@...ts.linux.dev,
        linux-kernel@...r.kernel.org, postix@...teo.eu
Subject: Re: [REGRESSION 6.0.x / 6.1.x] NULL dereferencing at tracing

On Mon, 31 Oct 2022 19:48:50 +0100,
Steven Rostedt wrote:
> 
> On Mon, 31 Oct 2022 08:11:28 +0100
> Takashi Iwai <tiwai@...e.de> wrote:
> 
> > Hi Steven,
> > 
> > we've got a bug report indicating the NULL dereference at the recent
> > tracing changes, showing at the start of KDE.  The details including
> > the dmesg are found at:
> >   https://bugzilla.opensuse.org/show_bug.cgi?id=1204705
> > 
> > It was reported at first for 6.0.3, and confirmed that the problem
> > persists with 6.1-rc, too.
> > 
> > The culprit seems to be the commit
> > f3ddb74ad0790030c9592229fb14d8c451f4e9a8
> >     tracing: Wake up ring buffer waiters on closing of the file
> > and reverting it seems fixing the problem.
> > 
> > Could you take a look?
> > 
> >
> 
> Can you apply this to see if it fixes it?
> 
> I'm guessing there's a path to the release of the file descriptor where
> the ring buffer isn't allocated (and this expected it to be).
> 
> I'll investigate further to see if I can find that path.

For avoiding confusion: the follow up post in this thread
  https://lore.kernel.org/71829e56-a13f-0462-37a7-a4d64c16f561@posteo.de
is from Alex, who is the original bug reporter on openSUSE Bugzilla.

The test result looks negative, unfortunately.


Takashi

> 
> -- Steve
> 
> diff --git a/kernel/trace/ring_buffer.c b/kernel/trace/ring_buffer.c
> index 199759c73519..c1c7ce4c6ddb 100644
> --- a/kernel/trace/ring_buffer.c
> +++ b/kernel/trace/ring_buffer.c
> @@ -937,6 +937,9 @@ void ring_buffer_wake_waiters(struct trace_buffer *buffer, int cpu)
>  	struct ring_buffer_per_cpu *cpu_buffer;
>  	struct rb_irq_work *rbwork;
>  
> +	if (!buffer)
> +		return;
> +
>  	if (cpu == RING_BUFFER_ALL_CPUS) {
>  
>  		/* Wake up individual ones too. One level recursion */
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ