Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 1f9b3546 authored by Steven Rostedt (VMware)'s avatar Steven Rostedt (VMware)
Browse files

tracing: Have traceprobe_probes_write() not access userspace unnecessarily 

The code in traceprobe_probes_write() reads up to 4096 bytes from userpace
for each line. If userspace passes in several lines to execute, the code
will do a large read for each line, even though, it is highly likely that
the first read from userspace received all of the lines at once.

I changed the logic to do a single read from userspace, and to only read
from userspace again if not all of the read from userspace made it in.

I tested this by adding printk()s and writing files that would test -1, ==,
and +1 the buffer size, to make sure that there's no overflows and that if a
single line is written with +1 the buffer size, that it fails properly.

Link: http://lkml.kernel.org/r/20170209180458.5c829ab2@gandalf.local.home



Acked-by: default avatarMasami Hiramatsu <mhiramat@kernel.org>
Acked-by: default avatarNamhyung Kim <namhyung@kernel.org>
Signed-off-by: default avatarSteven Rostedt (VMware) <rostedt@goodmis.org>
parent 4c738413

kernel/trace/trace_probe.c

+29 −19
Original line number Diff line number Diff line
@@ -647,7 +647,7 @@ ssize_t traceprobe_probes_write(struct file *file, const char __user *buffer, 
				size_t count, loff_t *ppos,

				int (*createfn)(int, char **))

{

	char *kbuf, *tmp;

	char *kbuf, *buf, *tmp;

	int ret = 0;

	size_t done = 0;

	size_t size;
@@ -667,27 +667,37 @@ ssize_t traceprobe_probes_write(struct file *file, const char __user *buffer, 
			goto out;

		}

		kbuf[size] = '\0';

		tmp = strchr(kbuf, '\n');



		buf = kbuf;

		do {

			tmp = strchr(buf, '\n');

			if (tmp) {

				*tmp = '\0';

			size = tmp - kbuf + 1;

		} else if (done + size < count) {

				size = tmp - buf + 1;

			} else {

				size = strlen(buf);

				if (done + size < count) {

					if (buf != kbuf)

						break;

					pr_warn("Line length is too long: Should be less than %d\n",

						WRITE_BUFSIZE);

					ret = -EINVAL;

					goto out;

				}

			}

			done += size;



			/* Remove comments */

		tmp = strchr(kbuf, '#');

			tmp = strchr(buf, '#');



			if (tmp)

				*tmp = '\0';



		ret = traceprobe_command(kbuf, createfn);

			ret = traceprobe_command(buf, createfn);

			if (ret)

				goto out;

			buf += size;



		} while (done < count);

	}

	ret = done;