diff options
| author | Zilin Guan <zilin@seu.edu.cn> | 2024-12-31 11:37:31 +0000 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2025-01-09 13:33:52 +0100 |
| commit | b68b2a3fbacc7be720ef589d489bcacdd05c6d38 (patch) | |
| tree | 4f1b73e916c175351a0d9705175061c663ca297a /tools | |
| parent | 19d8a4424168ef0a1d3be50c00632b03b33e97fd (diff) | |
| download | linux-b68b2a3fbacc7be720ef589d489bcacdd05c6d38.tar.gz linux-b68b2a3fbacc7be720ef589d489bcacdd05c6d38.tar.bz2 linux-b68b2a3fbacc7be720ef589d489bcacdd05c6d38.zip | |
fgraph: Add READ_ONCE() when accessing fgraph_array[]
commit d65474033740ded0a4fe9a097fce72328655b41d upstream.
In __ftrace_return_to_handler(), a loop iterates over the fgraph_array[]
elements, which are fgraph_ops. The loop checks if an element is a
fgraph_stub to prevent using a fgraph_stub afterward.
However, if the compiler reloads fgraph_array[] after this check, it might
race with an update to fgraph_array[] that introduces a fgraph_stub. This
could result in the stub being processed, but the stub contains a null
"func_hash" field, leading to a NULL pointer dereference.
To ensure that the gops compared against the fgraph_stub matches the gops
processed later, add a READ_ONCE(). A similar patch appears in commit
63a8dfb ("function_graph: Add READ_ONCE() when accessing fgraph_array[]").
Cc: stable@vger.kernel.org
Fixes: 37238abe3cb47 ("ftrace/function_graph: Pass fgraph_ops to function graph callbacks")
Link: https://lore.kernel.org/20241231113731.277668-1-zilin@seu.edu.cn
Signed-off-by: Zilin Guan <zilin@seu.edu.cn>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'tools')
0 files changed, 0 insertions, 0 deletions