This is a note to let you know that I've just added the patch titled
eventfs: Do ctx->pos update for all iterations in eventfs_iterate()
to the 6.6-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
eventfs-do-ctx-pos-update-for-all-iterations-in-eventfs_iterate.patch
and it can be found in the queue-6.6 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From SRS0=eEWY=JP=rostedt.homelinux.com=rostedt@xxxxxxxxxx Tue Feb 6 13:10:53 2024
From: Steven Rostedt <rostedt@xxxxxxxxxxx>
Date: Tue, 06 Feb 2024 07:09:44 -0500
Subject: eventfs: Do ctx->pos update for all iterations in eventfs_iterate()
To: linux-kernel@xxxxxxxxxxxxxxx, stable@xxxxxxxxxxxxxxx
Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, Sasha Levin <sashal@xxxxxxxxxx>, Masami Hiramatsu <mhiramat@xxxxxxxxxx>, Mark Rutland <mark.rutland@xxxxxxx>, Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>, Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, Christian Brauner <brauner@xxxxxxxxxx>
Message-ID: <20240206120952.722064231@xxxxxxxxxxxxxxxxxxxxx>
From: "Steven Rostedt (Google)" <rostedt@xxxxxxxxxxx>
commit 1e4624eb5a0ecaae0d2c4e3019bece119725bb98 upstream.
The ctx->pos was only updated when it added an entry, but the "skip to
current pos" check (c--) happened for every loop regardless of if the
entry was added or not. This inconsistency caused readdir to be incorrect.
It was due to:
for (i = 0; i < ei->nr_entries; i++) {
if (c > 0) {
c--;
continue;
}
mutex_lock(&eventfs_mutex);
/* If ei->is_freed then just bail here, nothing more to do */
if (ei->is_freed) {
mutex_unlock(&eventfs_mutex);
goto out;
}
r = entry->callback(name, &mode, &cdata, &fops);
mutex_unlock(&eventfs_mutex);
[..]
ctx->pos++;
}
But this can cause the iterator to return a file that was already read.
That's because of the way the callback() works. Some events may not have
all files, and the callback can return 0 to tell eventfs to skip the file
for this directory.
for instance, we have:
# ls /sys/kernel/tracing/events/ftrace/function
format hist hist_debug id inject
and
# ls /sys/kernel/tracing/events/sched/sched_switch/
enable filter format hist hist_debug id inject trigger
Where the function directory is missing "enable", "filter" and
"trigger". That's because the callback() for events has:
static int event_callback(const char *name, umode_t *mode, void **data,
const struct file_operations **fops)
{
struct trace_event_file *file = *data;
struct trace_event_call *call = file->event_call;
[..]
/*
* Only event directories that can be enabled should have
* triggers or filters, with the exception of the "print"
* event that can have a "trigger" file.
*/
if (!(call->flags & TRACE_EVENT_FL_IGNORE_ENABLE)) {
if (call->class->reg && strcmp(name, "enable") == 0) {
*mode = TRACE_MODE_WRITE;
*fops = &ftrace_enable_fops;
return 1;
}
if (strcmp(name, "filter") == 0) {
*mode = TRACE_MODE_WRITE;
*fops = &ftrace_event_filter_fops;
return 1;
}
}
if (!(call->flags & TRACE_EVENT_FL_IGNORE_ENABLE) ||
strcmp(trace_event_name(call), "print") == 0) {
if (strcmp(name, "trigger") == 0) {
*mode = TRACE_MODE_WRITE;
*fops = &event_trigger_fops;
return 1;
}
}
[..]
return 0;
}
Where the function event has the TRACE_EVENT_FL_IGNORE_ENABLE set.
This means that the entries array elements for "enable", "filter" and
"trigger" when called on the function event will have the callback return
0 and not 1, to tell eventfs to skip these files for it.
Because the "skip to current ctx->pos" check happened for all entries, but
the ctx->pos++ only happened to entries that exist, it would confuse the
reading of a directory. Which would cause:
# ls /sys/kernel/tracing/events/ftrace/function/
format hist hist hist_debug hist_debug id inject inject
The missing "enable", "filter" and "trigger" caused ls to show "hist",
"hist_debug" and "inject" twice.
Update the ctx->pos for every iteration to keep its update and the "skip"
update consistent. This also means that on error, the ctx->pos needs to be
decremented if it was incremented without adding something.
Link: https://lore.kernel.org/all/20240104150500.38b15a62@xxxxxxxxxxxxxxxxxx/
Link: https://lore.kernel.org/linux-trace-kernel/20240104220048.172295263@xxxxxxxxxxx
Cc: Masami Hiramatsu <mhiramat@xxxxxxxxxx>
Cc: Mark Rutland <mark.rutland@xxxxxxx>
Cc: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>
Cc: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
Cc: Christian Brauner <brauner@xxxxxxxxxx>
Cc: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
Fixes: 493ec81a8fb8e ("eventfs: Stop using dcache_readdir() for getdents()")
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/tracefs/event_inode.c | 21 ++++++++++++++-------
1 file changed, 14 insertions(+), 7 deletions(-)
--- a/fs/tracefs/event_inode.c
+++ b/fs/tracefs/event_inode.c
@@ -760,6 +760,8 @@ static int eventfs_iterate(struct file *
continue;
}
+ ctx->pos++;
+
if (ei_child->is_freed)
continue;
@@ -767,13 +769,12 @@ static int eventfs_iterate(struct file *
dentry = create_dir_dentry(ei, ei_child, ei_dentry);
if (!dentry)
- goto out;
+ goto out_dec;
ino = dentry->d_inode->i_ino;
dput(dentry);
if (!dir_emit(ctx, name, strlen(name), ino, DT_DIR))
- goto out;
- ctx->pos++;
+ goto out_dec;
}
for (i = 0; i < ei->nr_entries; i++) {
@@ -784,6 +785,8 @@ static int eventfs_iterate(struct file *
continue;
}
+ ctx->pos++;
+
entry = &ei->entries[i];
name = entry->name;
@@ -791,7 +794,7 @@ static int eventfs_iterate(struct file *
/* If ei->is_freed then just bail here, nothing more to do */
if (ei->is_freed) {
mutex_unlock(&eventfs_mutex);
- goto out;
+ goto out_dec;
}
r = entry->callback(name, &mode, &cdata, &fops);
mutex_unlock(&eventfs_mutex);
@@ -800,19 +803,23 @@ static int eventfs_iterate(struct file *
dentry = create_file_dentry(ei, i, ei_dentry, name, mode, cdata, fops);
if (!dentry)
- goto out;
+ goto out_dec;
ino = dentry->d_inode->i_ino;
dput(dentry);
if (!dir_emit(ctx, name, strlen(name), ino, DT_REG))
- goto out;
- ctx->pos++;
+ goto out_dec;
}
ret = 1;
out:
srcu_read_unlock(&eventfs_srcu, idx);
return ret;
+
+ out_dec:
+ /* Incremented ctx->pos without adding something, reset it */
+ ctx->pos--;
+ goto out;
}
/**
Patches currently in stable-queue which might be from rostedt@xxxxxxxxxx are
queue-6.6/eventfs-keep-all-directory-links-at-1.patch
queue-6.6/eventfs-make-sure-that-parent-d_inode-is-locked-in-creating-files-dirs.patch
queue-6.6/eventfs-save-directory-inodes-in-the-eventfs_inode-structure.patch
queue-6.6/revert-eventfs-save-ownership-and-mode.patch
queue-6.6/tracefs-zero-out-the-tracefs_inode-when-allocating-it.patch
queue-6.6/eventfs-read-ei-entries-before-ei-children-in-eventfs_iterate.patch
queue-6.6/eventfs-do-not-invalidate-dentry-in-create_file-dir_dentry.patch
queue-6.6/eventfs-fix-file-and-directory-uid-and-gid-ownership.patch
queue-6.6/eventfs-remove-lookup-parameter-from-create_dir-file_dentry.patch
queue-6.6/eventfs-use-gfp_nofs-for-allocation-when-eventfs_mutex-is-held.patch
queue-6.6/eventfs-remove-fsnotify-functions-from-lookup.patch
queue-6.6/eventfs-use-err_cast-in-eventfs_create_events_dir.patch
queue-6.6/revert-eventfs-use-simple_recursive_removal-to-clean-up-dentries.patch
queue-6.6/eventfs-use-simple_recursive_removal-to-clean-up-dentries.patch
queue-6.6/eventfs-stop-using-dcache_readdir-for-getdents.patch
queue-6.6/eventfs-have-event-files-and-directories-default-to-parent-uid-and-gid.patch
queue-6.6/eventfs-use-eventfs_remove_events_dir.patch
queue-6.6/eventfs-delete-eventfs_inode-when-the-last-dentry-is-freed.patch
queue-6.6/tracefs-avoid-using-the-ei-dentry-pointer-unnecessarily.patch
queue-6.6/tracefs-remove-stale-update_gid-code.patch
queue-6.6/eventfs-initialize-the-tracefs-inode-properly.patch
queue-6.6/eventfs-remove-special-processing-of-dput-of-events-directory.patch
queue-6.6/eventfs-save-ownership-and-mode.patch
queue-6.6/tracefs-check-for-dentry-d_inode-exists-in-set_gid.patch
queue-6.6/eventfs-do-ctx-pos-update-for-all-iterations-in-eventfs_iterate.patch
queue-6.6/tracefs-dentry-lookup-crapectomy.patch
queue-6.6/eventfs-move-taking-of-inode_lock-into-dcache_dir_open_wrapper.patch
queue-6.6/eventfs-have-a-free_ei-that-just-frees-the-eventfs_inode.patch
queue-6.6/revert-eventfs-remove-is_freed-union-with-rcu-head.patch
queue-6.6/eventfs-have-the-inodes-all-for-files-and-directories-all-be-the-same.patch
queue-6.6/eventfs-use-kcalloc-instead-of-kzalloc.patch
queue-6.6/eventfs-test-for-ei-is_freed-when-accessing-ei-dentry.patch
queue-6.6/eventfs-fix-bitwise-fields-for-is_events.patch
queue-6.6/eventfs-fix-warn_on-in-create_file_dentry.patch
queue-6.6/eventfs-fix-events-beyond-name_max-blocking-tasks.patch
queue-6.6/eventfs-shortcut-eventfs_iterate-by-skipping-entries-already-read.patch
queue-6.6/revert-eventfs-do-not-allow-null-parent-to-eventfs_start_creating.patch
queue-6.6/eventfs-do-not-allow-null-parent-to-eventfs_start_creating.patch
queue-6.6/eventfs-do-not-create-dentries-nor-inodes-in-iterate_shared.patch
queue-6.6/eventfs-have-eventfs_iterate-stop-immediately-if-ei-is_freed-is-set.patch
queue-6.6/eventfs-fix-typo-in-eventfs_inode-union-comment.patch
queue-6.6/eventfs-remove-expectation-that-ei-is_freed-means-ei-dentry-null.patch
queue-6.6/eventfs-restructure-eventfs_inode-structure-to-be-more-condensed.patch
queue-6.6/eventfs-warn-if-an-eventfs_inode-is-freed-without-is_freed-being-set.patch
queue-6.6/eventfs-get-rid-of-dentry-pointers-without-refcounts.patch
queue-6.6/eventfs-remove-unused-d_parent-pointer-field.patch
queue-6.6/eventfs-hold-eventfs_mutex-when-calling-callback-functions.patch
queue-6.6/eventfs-remove-is_freed-union-with-rcu-head.patch
queue-6.6/tracefs-eventfs-modify-mismatched-function-name.patch
queue-6.6/eventfs-fix-kerneldoc-of-eventfs_remove_rec.patch
queue-6.6/tracefs-eventfs-use-root-and-instance-inodes-as-default-ownership.patch
queue-6.6/revert-eventfs-check-for-null-ef-in-eventfs_set_attr.patch
queue-6.6/eventfs-fix-failure-path-in-eventfs_create_events_dir.patch
queue-6.6/eventfs-clean-up-dentry-ops-and-add-revalidate-function.patch
