This is a note to let you know that I've just added the patch titled tracing/hist: Fix wrong return value in parse_action_params() to the 6.0-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: tracing-hist-fix-wrong-return-value-in-parse_action_params.patch and it can be found in the queue-6.0 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From 2cc6a528882d0e0ccbc1bca5f95b8c963cedac54 Mon Sep 17 00:00:00 2001 From: Zheng Yejian <zhengyejian1@xxxxxxxxxx> Date: Wed, 7 Dec 2022 11:46:35 +0800 Subject: tracing/hist: Fix wrong return value in parse_action_params() From: Zheng Yejian <zhengyejian1@xxxxxxxxxx> commit 2cc6a528882d0e0ccbc1bca5f95b8c963cedac54 upstream. When number of synth fields is more than SYNTH_FIELDS_MAX, parse_action_params() should return -EINVAL. Link: https://lore.kernel.org/linux-trace-kernel/20221207034635.2253990-1-zhengyejian1@xxxxxxxxxx Cc: <mhiramat@xxxxxxxxxx> Cc: <zanussi@xxxxxxxxxx> Cc: stable@xxxxxxxxxxxxxxx Fixes: c282a386a397 ("tracing: Add 'onmatch' hist trigger action support") Signed-off-by: Zheng Yejian <zhengyejian1@xxxxxxxxxx> Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- kernel/trace/trace_events_hist.c | 1 + 1 file changed, 1 insertion(+) --- a/kernel/trace/trace_events_hist.c +++ b/kernel/trace/trace_events_hist.c @@ -3564,6 +3564,7 @@ static int parse_action_params(struct tr while (params) { if (data->n_params >= SYNTH_FIELDS_MAX) { hist_err(tr, HIST_ERR_TOO_MANY_PARAMS, 0); + ret = -EINVAL; goto out; } Patches currently in stable-queue which might be from zhengyejian1@xxxxxxxxxx are queue-6.0/tracing-fix-issue-of-missing-one-synthetic-field.patch queue-6.0/tracing-hist-fix-wrong-return-value-in-parse_action_params.patch queue-6.0/tracing-hist-fix-out-of-bound-write-on-action_data.var_ref_idx.patch