tracing: Change tracing_stats_fops to rely on tracing_get_cpu()
authorOleg Nesterov <oleg@redhat.com>
Tue, 23 Jul 2013 15:26:03 +0000 (17:26 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 29 Aug 2013 16:47:32 +0000 (09:47 -0700)
commit 4d3435b8a4c3357695e09c5e7a3bf73a19fca5b0 upstream.

tracing_open_generic_tc() is racy, the memory inode->i_private
points to can be already freed.

1. Change one of its users, tracing_stats_fops, to use
   tracing_*_generic_tr() instead.

2. Change trace_create_cpu_file("stats", data) to pass "data = tr".

3. Change tracing_stats_read() to use tracing_get_cpu().

Link: http://lkml.kernel.org/r/20130723152603.GA23727@redhat.com
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
kernel/trace/trace.c

index 7dcd67332f57925c74cb3cc55827ff357b647803..801d72b84a2a1927b966d6ed555d9d0c1acecde6 100644 (file)
@@ -2973,7 +2973,6 @@ int tracing_open_generic_tr(struct inode *inode, struct file *filp)
        filp->private_data = inode->i_private;
 
        return 0;
-
 }
 
 int tracing_open_generic_tc(struct inode *inode, struct file *filp)
@@ -5277,14 +5276,14 @@ static ssize_t
 tracing_stats_read(struct file *filp, char __user *ubuf,
                   size_t count, loff_t *ppos)
 {
-       struct trace_cpu *tc = filp->private_data;
-       struct trace_array *tr = tc->tr;
+       struct inode *inode = file_inode(filp);
+       struct trace_array *tr = inode->i_private;
        struct trace_buffer *trace_buf = &tr->trace_buffer;
+       int cpu = tracing_get_cpu(inode);
        struct trace_seq *s;
        unsigned long cnt;
        unsigned long long t;
        unsigned long usec_rem;
-       int cpu = tc->cpu;
 
        s = kmalloc(sizeof(*s), GFP_KERNEL);
        if (!s)
@@ -5337,10 +5336,10 @@ tracing_stats_read(struct file *filp, char __user *ubuf,
 }
 
 static const struct file_operations tracing_stats_fops = {
-       .open           = tracing_open_generic_tc,
+       .open           = tracing_open_generic_tr,
        .read           = tracing_stats_read,
        .llseek         = generic_file_llseek,
-       .release        = tracing_release_generic_tc,
+       .release        = tracing_release_generic_tr,
 };
 
 #ifdef CONFIG_DYNAMIC_FTRACE
@@ -5570,7 +5569,7 @@ tracing_init_debugfs_percpu(struct trace_array *tr, long cpu)
                                tr, cpu, &tracing_buffers_fops);
 
        trace_create_cpu_file("stats", 0444, d_cpu,
-                               &data->trace_cpu, cpu, &tracing_stats_fops);
+                               tr, cpu, &tracing_stats_fops);
 
        trace_create_cpu_file("buffer_size_kb", 0444, d_cpu,
                                &data->trace_cpu, cpu, &tracing_entries_fops);