This is a note to let you know that I've just added the patch titled
Subject:[PATCH v2 13/23] tracefs: Zero out the tracefs_inode when allocating it
to the 6.7-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
tracefs-zero-out-the-tracefs_inode-when-allocating-it.patch
and it can be found in the queue-6.7 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From SRS0=eEWY=JP=rostedt.homelinux.com=rostedt@xxxxxxxxxx Tue Feb 6 12:35:17 2024
From: Steven Rostedt <rostedt@xxxxxxxxxxx>
Date: Tue, 06 Feb 2024 06:32:11 -0500
Subject:[PATCH v2 13/23] tracefs: Zero out the tracefs_inode when allocating it
To: linux-kernel@xxxxxxxxxxxxxxx, stable@xxxxxxxxxxxxxxx
Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, Sasha Levin <sashal@xxxxxxxxxx>, Masami Hiramatsu <mhiramat@xxxxxxxxxx>, Mark Rutland <mark.rutland@xxxxxxx>, Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>, Christian Brauner <brauner@xxxxxxxxxx>, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, Ajay Kaher <ajay.kaher@xxxxxxxxxxxx>, kernel test robot <oliver.sang@xxxxxxxxx>
Message-ID: <20240206113400.202745776@xxxxxxxxxxxxxxxxxxxxx>
From: Steven Rostedt <rostedt@xxxxxxxxxxx>
From: "Steven Rostedt (Google)" <rostedt@xxxxxxxxxxx>
eventfs uses the tracefs_inode and assumes that it's already initialized
to zero. That is, it doesn't set fields to zero (like ti->private) after
getting its tracefs_inode. This causes bugs due to stale values.
Just initialize the entire structure to zero on allocation so there isn't
any more surprises.
This is a partial fix to access to ti->private. The assignment still needs
to be made before the dentry is instantiated.
Link: https://lore.kernel.org/linux-trace-kernel/20240131185512.315825944@xxxxxxxxxxx
Cc: stable@xxxxxxxxxxxxxxx
Cc: Masami Hiramatsu <mhiramat@xxxxxxxxxx>
Cc: Mark Rutland <mark.rutland@xxxxxxx>
Cc: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>
Cc: Christian Brauner <brauner@xxxxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: Ajay Kaher <ajay.kaher@xxxxxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Fixes: 5790b1fb3d672 ("eventfs: Remove eventfs_file and just use eventfs_inode")
Reported-by: kernel test robot <oliver.sang@xxxxxxxxx>
Closes: https://lore.kernel.org/oe-lkp/202401291043.e62e89dc-oliver.sang@xxxxxxxxx
Suggested-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
(cherry picked from commit d81786f53aec14fd4d56263145a0635afbc64617)
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/tracefs/inode.c | 6 ++++--
fs/tracefs/internal.h | 3 ++-
2 files changed, 6 insertions(+), 3 deletions(-)
--- a/fs/tracefs/inode.c
+++ b/fs/tracefs/inode.c
@@ -38,8 +38,6 @@ static struct inode *tracefs_alloc_inode
if (!ti)
return NULL;
- ti->flags = 0;
-
return &ti->vfs_inode;
}
@@ -779,7 +777,11 @@ static void init_once(void *foo)
{
struct tracefs_inode *ti = (struct tracefs_inode *) foo;
+ /* inode_init_once() calls memset() on the vfs_inode portion */
inode_init_once(&ti->vfs_inode);
+
+ /* Zero out the rest */
+ memset_after(ti, 0, vfs_inode);
}
static int __init tracefs_init(void)
--- a/fs/tracefs/internal.h
+++ b/fs/tracefs/internal.h
@@ -11,9 +11,10 @@ enum {
};
struct tracefs_inode {
+ struct inode vfs_inode;
+ /* The below gets initialized with memset_after(ti, 0, vfs_inode) */
unsigned long flags;
void *private;
- struct inode vfs_inode;
};
/*
Patches currently in stable-queue which might be from rostedt@xxxxxxxxxx are
queue-6.7/eventfs-keep-all-directory-links-at-1.patch
queue-6.7/eventfs-save-directory-inodes-in-the-eventfs_inode-structure.patch
queue-6.7/tracefs-zero-out-the-tracefs_inode-when-allocating-it.patch
queue-6.7/eventfs-read-ei-entries-before-ei-children-in-eventfs_iterate.patch
queue-6.7/eventfs-remove-lookup-parameter-from-create_dir-file_dentry.patch
queue-6.7/eventfs-remove-fsnotify-functions-from-lookup.patch
queue-6.7/eventfs-stop-using-dcache_readdir-for-getdents.patch
queue-6.7/tracefs-avoid-using-the-ei-dentry-pointer-unnecessarily.patch
queue-6.7/eventfs-initialize-the-tracefs-inode-properly.patch
queue-6.7/eventfs-do-ctx-pos-update-for-all-iterations-in-eventfs_iterate.patch
queue-6.7/tracefs-dentry-lookup-crapectomy.patch
queue-6.7/eventfs-have-the-inodes-all-for-files-and-directories-all-be-the-same.patch
queue-6.7/eventfs-use-kcalloc-instead-of-kzalloc.patch
queue-6.7/eventfs-shortcut-eventfs_iterate-by-skipping-entries-already-read.patch
queue-6.7/eventfs-do-not-create-dentries-nor-inodes-in-iterate_shared.patch
queue-6.7/eventfs-have-eventfs_iterate-stop-immediately-if-ei-is_freed-is-set.patch
queue-6.7/eventfs-restructure-eventfs_inode-structure-to-be-more-condensed.patch
queue-6.7/eventfs-warn-if-an-eventfs_inode-is-freed-without-is_freed-being-set.patch
queue-6.7/eventfs-get-rid-of-dentry-pointers-without-refcounts.patch
queue-6.7/eventfs-remove-unused-d_parent-pointer-field.patch
queue-6.7/eventfs-clean-up-dentry-ops-and-add-revalidate-function.patch
