| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260204211721.74e501f0@robin>
Date: Wed, 4 Feb 2026 21:17:21 -0500
From: Steven Rostedt <rostedt@...dmis.org>
To: "Masami Hiramatsu (Google)" <mhiramat@...nel.org>
Cc: Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
linux-kernel@...r.kernel.org, linux-trace-kernel@...r.kernel.org
Subject: Re: [PATCH v6 2/4] tracing: Make the backup instance non-reusable
On Sun, 1 Feb 2026 12:29:15 +0900
"Masami Hiramatsu (Google)" <mhiramat@...nel.org> wrote:
> From: Masami Hiramatsu (Google) <mhiramat@...nel.org>
>
> Since there is no reason to reuse the backup instance, make it
> readonly (but erasable).
> Note that only backup instances are readonly, because
> other trace instances will be empty unless it is writable.
> Only backup instances have copy entries from the original.
>
> With this change, most of the trace control files are removed
> from the backup instance, including eventfs enable/filter etc.
>
> # find /sys/kernel/tracing/instances/backup/events/ | wc -l
> 4093
> # find /sys/kernel/tracing/instances/boot_map/events/ | wc -l
> 9573
>
> Signed-off-by: Masami Hiramatsu (Google) <mhiramat@...nel.org>
> ---
> Changes in v6:
> - Remove tracing_on file from readonly instances.
> - Remove unused writable_mode from tracing_init_tracefs_percpu().
> - Cleanup init_tracer_tracefs() and create_event_toplevel_files().
> - Remove TRACE_MODE_WRITE_MASK.
> - Add TRACE_ARRAY_FL_RDONLY.
> Changes in v5:
> - Rebased on the latest for-next (and hide show_event_filters/triggers
> if the instance is readonly.
> Changes in v4:
> - Make trace data erasable. (not reusable)
> Changes in v3:
> - Resuse the beginning part of event_entries for readonly files.
> - Remove readonly file_operations and checking readonly flag in
> each write operation.
> Changes in v2:
> - Use readonly file_operations to prohibit writing instead of
> checking flags in write() callbacks.
> - Remove writable files from eventfs.
> ---
> kernel/trace/trace.c | 94 +++++++++++++++++++++++++++++--------------
> kernel/trace/trace.h | 7 +++
> kernel/trace/trace_boot.c | 5 +-
> kernel/trace/trace_events.c | 76 ++++++++++++++++++++---------------
> 4 files changed, 117 insertions(+), 65 deletions(-)
>
> diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
> index 5c3e4a554143..b0efcf1e0809 100644
> --- a/kernel/trace/trace.c
> +++ b/kernel/trace/trace.c
> @@ -5052,6 +5052,11 @@ static ssize_t
> tracing_write_stub(struct file *filp, const char __user *ubuf,
> size_t count, loff_t *ppos)
> {
> + struct trace_array *tr = file_inode(filp)->i_private;
> +
> + if (trace_array_is_readonly(tr))
> + return -EPERM;
> +
> return count;
> }
>
> @@ -5152,6 +5157,9 @@ tracing_cpumask_write(struct file *filp, const char __user *ubuf,
> cpumask_var_t tracing_cpumask_new;
> int err;
>
> + if (trace_array_is_readonly(tr))
> + return -EPERM;
> +
Shouldn't these checks be done in the open function? Doing it now is
too late, as -EPERM on a write is confusing when the open for write
succeeds.
-- Steve
> if (count == 0 || count > KMALLOC_MAX_SIZE)
> return -EINVAL;
>
Powered by blists - more mailing lists