github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 23:23:53 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
db5ae6596a
linux/include/trace/events
History
David Howells 8d9c4a9b86 rxrpc: Fix trace-after-put looking at the put peer record 
commit 55f6c98e36 upstream.

rxrpc_put_peer() calls trace_rxrpc_peer() after it has done the decrement
of the refcount - which looks at the debug_id in the peer record.  But
unless the refcount was reduced to zero, we no longer have the right to
look in the record and, indeed, it may be deleted by some other thread.

Fix this by getting the debug_id out before decrementing the refcount and
then passing that into the tracepoint.

This can cause the following symptoms:

    BUG: KASAN: use-after-free in __rxrpc_put_peer net/rxrpc/peer_object.c:411
    [inline]
    BUG: KASAN: use-after-free in rxrpc_put_peer+0x685/0x6a0
    net/rxrpc/peer_object.c:435
    Read of size 8 at addr ffff888097ec0058 by task syz-executor823/24216

Fixes: 1159d4b496 ("rxrpc: Add a tracepoint to track rxrpc_peer refcounting")
Reported-by: syzbot+b9be979c55f2bea8ed30@syzkaller.appspotmail.com
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-11-06 13:06:24 +01:00
..
9p.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
afs.h afs: Add a tracepoint to record callbacks from unlisted servers 2018-05-14 15:15:18 +01:00
alarmtimer.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
asoc.h ASoC: trace: remove snd_soc_codec 2018-04-16 11:53:35 +01:00
bcache.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
block.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
bridge.h net: bridge: use rhashtable for fdbs 2017-12-13 15:10:01 -05:00
btrfs.h btrfs: tracepoints: Fix bad entry members of qgroup events 2019-10-29 09:20:07 +01:00
cachefiles.h fscache: Add tracepoints 2018-04-04 13:41:27 +01:00
cgroup.h cgroup/tracing: Move taking of spin lock out of trace event handlers 2018-07-11 10:48:47 -07:00
clk.h clk: add duty cycle support 2018-06-19 10:06:29 -07:00
cma.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
compaction.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
context_tracking.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
cpuhp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
devlink.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dma_fence.h Tracing updates for 4.15: 2017-11-17 14:58:01 -08:00
ext4.h ext4: force inode writes when nfsd calls commit_metadata() 2019-01-09 17:38:43 +01:00
f2fs.h treewide: remove large struct-pass-by-value from tracepoint arguments 2018-03-28 22:55:18 +02:00
fib.h net: Change the layout of structure trace_event_raw_fib_table_lookup 2018-08-13 09:21:05 -07:00
fib6.h net/ipv6: Udate fib6_table_lookup tracepoint 2018-05-24 23:01:15 -04:00
filelock.h locks: add tracepoint in flock codepath 2018-08-06 13:15:16 -04:00
filemap.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fs_dax.h libnvdimm for 4.15 2017-11-17 09:51:57 -08:00
fscache.h fscache: Maintain a catalogue of allocated cookies 2018-04-06 14:05:14 +01:00
fsi_master_ast_cf.h fsi: master-ast-cf: Add new FSI master using Aspeed ColdFire 2018-07-23 15:22:52 +10:00
fsi_master_gpio.h fsi: master-gpio: Add more tracepoints 2018-07-12 12:02:31 +10:00
fsi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
gpio.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
host1x.h gpu: host1x: Remove wait check support 2018-05-18 21:50:04 +02:00
hswadsp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
huge_memory.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
i2c.h i2c: break out smbus support into separate file 2017-05-31 21:01:03 +02:00
initcall.h tracing: initcall: Ordered comparison of function pointers 2018-04-26 15:02:46 -04:00
intel_ish.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
intel-sst.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
iommu.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ipi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
irq_matrix.h genirq/matrix: Add tracepoints 2017-09-25 20:38:26 +02:00
irq.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
jbd2.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
kmem.h mm: remove cold parameter from free_hot_cold_page* 2017-11-15 18:21:06 -08:00
kvm.h KVM: Fix stack-out-of-bounds read in write_mmio 2017-12-18 12:57:01 +01:00
libata.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
lock.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mce.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mdio.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
migrate.h mm, sched/numa: Remove rate-limiting of automatic NUMA balancing migration 2018-10-02 11:31:14 +02:00
mmc.h mmc: core: Fix tracepoint print of blk_addr and blksz 2018-03-15 11:15:22 +01:00
mmflags.h Drop a bunch of metag references 2018-02-23 14:29:59 +00:00
module.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
napi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
net_probe_common.h net: dccp: Add DCCP sendmsg trace event 2018-01-02 14:27:30 -05:00
net.h net: core: unwrap skb list receive slightly further 2018-07-04 14:06:19 +09:00
nilfs2.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
nmi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
oom.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
page_isolation.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
page_ref.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
pagemap.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
percpu.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
power_cpu_migrate.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
power.h cpufreq: trace frequency limits change 2018-07-26 10:17:47 +02:00
preemptirq.h tracing: Centralize preemptirq tracepoints and unify their usage 2018-07-31 11:32:27 -04:00
printk.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
qdisc.h qdisc: add tracepoint qdisc:qdisc_dequeue for dequeued SKBs 2017-08-16 14:10:10 -07:00
random.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rcu.h rcu: Remove CPU-hotplug failsafe from force-quiescent-state code path 2018-07-12 15:39:07 -07:00
rdma.h rdma/ib: Add trace point macros to display human-readable values 2018-01-23 09:44:14 -05:00
regulator.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rpcrdma.h NFS client updates for Linux 4.18 2018-06-12 10:09:03 -07:00
rpm.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
rseq.h rseq: Introduce restartable sequences system call 2018-06-06 11:58:31 +02:00
rtc.h rtc: Add tracepoints for RTC system 2018-02-13 21:30:22 +01:00
rxrpc.h rxrpc: Fix trace-after-put looking at the put peer record 2019-11-06 13:06:24 +01:00
sched.h sched, trace: Fix prev_state output in sched_switch tracepoint 2018-12-08 12:59:06 +01:00
scsi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sctp.h net: sctp: Add SCTP ACK tracking trace event 2018-01-02 14:27:29 -05:00
signal.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
siox.h siox: add support for tracing 2017-12-19 10:56:24 +01:00
skb.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
smbus.h i2c: break out smbus support into separate file 2017-05-31 21:01:03 +02:00
sock.h net: expose sk wmem in sock_exceed_buf_limit tracepoint 2018-07-02 22:40:56 +09:00
spi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
spmi.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sunrpc.h sunrpc: use-after-free in svc_process_common() 2019-01-16 22:04:37 +01:00
sunvnet.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
swiotlb.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
syscalls.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
target.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
task.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
tcp.h tcp: minor optimization around tcp_hdr() usage in receive path 2018-05-31 13:20:47 -04:00
thermal_power_allocator.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
thermal.h cpu_cooling: Drop static-power related stuff 2017-12-07 22:52:01 +01:00
thp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
timer.h hrtimer: Add clock bases and hrtimer mode for softirq context 2018-01-16 03:00:50 +01:00
tlb.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
udp.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ufs.h scsi: ufs: add trace event for ufs upiu 2018-04-18 23:37:39 -04:00
v4l2.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vb2.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
vmscan.h mm, vmscan, tracing: use pointer to reclaim_stat struct in trace event 2018-04-11 10:28:30 -07:00
vsock_virtio_transport_common.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
wbt.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
workqueue.h tracing: Add missing forward declaration 2018-04-19 11:05:48 -04:00
writeback.h Merge branch 'for-4.15/block' of git://git.kernel.dk/linux-block 2017-11-14 15:32:19 -08:00
xdp.h bpf: fix redirect to map under tail calls 2018-08-17 15:56:23 -07:00
xen.h tracing/x86/xen: Remove zero data size trace events trace_xen_mmu_flush_tlb{_all} 2018-05-14 17:02:30 -04:00