| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20221114022946.66255-1-yangjihong1@huawei.com>
Date: Mon, 14 Nov 2022 10:29:46 +0800
From: Yang Jihong <yangjihong1@...wei.com>
To: <rostedt@...dmis.org>, <mhiramat@...nel.org>,
<linux-kernel@...r.kernel.org>
CC: <yangjihong1@...wei.com>
Subject: [PATCH] tracing: Fix infinite loop in tracing_read_pipe on overflowed print_trace_line
print_trace_line may overflow seq_file buffer. If the event is not
consumed, the while loop keeps peeking this event, causing a infinite loop.
Signed-off-by: Yang Jihong <yangjihong1@...wei.com>
---
kernel/trace/trace.c | 13 +++++++++++++
1 file changed, 13 insertions(+)
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index 47a44b055a1d..2a8d5c68c29b 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -6788,6 +6788,19 @@ tracing_read_pipe(struct file *filp, char __user *ubuf,
if (ret == TRACE_TYPE_PARTIAL_LINE) {
/* don't print partial lines */
iter->seq.seq.len = save_len;
+
+ /*
+ * If one trace_line of the tracer overflows seq_file
+ * buffer, trace_seq_to_user returns -EBUSY because
+ * nothing in the sequence (iter->seq.seq.len = \
+ * iter->seq.seq.readpos = 0).
+ * In this case, we need to consume, otherwise,
+ * "while" will peek this event next time, resulting
+ * in an infinite loop.
+ */
+ if (trace_seq_has_overflowed(&iter->seq))
+ trace_consume(iter);
+
break;
}
if (ret != TRACE_TYPE_NO_CONSUME)
--
2.30.GIT
Powered by blists - more mailing lists