From patchwork Tue Apr 11 21:17:06 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Beau Belgrave <beaub@linux.microsoft.com>
X-Patchwork-Id: 8042
Return-Path: <linux-kernel-owner@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a59:b0ea:0:b0:3b6:4342:cba0 with SMTP id b10csp2868999vqo;
        Tue, 11 Apr 2023 14:34:50 -0700 (PDT)
X-Google-Smtp-Source: 
 AKy350aiG5aZl6lDlJuUhSaDlZJrGClfulaKBarG+qwXy6pamQ9NyncRi6qBAvmwiA7ta2GmPHCc
X-Received: by 2002:a05:6a20:8c9d:b0:d7:8ad3:bc66 with SMTP id
 k29-20020a056a208c9d00b000d78ad3bc66mr15540308pzh.11.1681248890417;
        Tue, 11 Apr 2023 14:34:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1681248890; cv=none;
        d=google.com; s=arc-20160816;
        b=JAQhdMc9UHU2gUquimd26RmerePDTMApYdRc7hYVoglsonlHyWuO0PNl/xmV3Fdm5Q
         sqjqvqk00QQ135ANNaa4dQxdfCEzEvsX4eSAaDqPgxWFM2iZMzuMjk8LAxxh1v59N7hU
         +ejMNcRZH6AsPugJpaZuxNEQCYfFPNMUmqi8G/S8AW81d+3fT0RjqM3KyZWAmERNe8Rk
         jc+sfT2OMstxmFC911xljkFtOOmdkZT/q7wNOA9VUzvqqjj+3YiKPl+QcfjGro0OSEVc
         c2KuLKtelR61wUFOe3TSUrCTYPiSJaqujgggjEIE2X2Wy8nx7SCaWAKfHMzuzlQlwj4A
         SYow==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:mime-version
         :message-id:date:subject:cc:to:from:dkim-signature:dkim-filter;
        bh=oBm7UAgWYx2ikyJKWEAABOUG7UTL+PiB3Yh06pGj3g4=;
        b=mYJnQCdIzxG8YyYqUVYKoeXYZkyfiq+nklpXWZcg3fEouQlTHRanSf18kvsnbwqynp
         lHmkUIRy2YBMSwcUEztQa9eBkZUJInwkThLC2AtO+L1Aa8ffNAlPOumYxZYFKrQD//dD
         fDbQqkqChjryuxugQwh6KSIgmBaKKX4SfPGZYdR+TEoXnoG5RsmCHLvDs1lTUtl9cuQI
         +/Kwd+5Pn5Yi4ww+RQ7Qa2fU1GpEB9piQcyPaiuxiVq+Ke7Z4GWvbV6zui8WN9JkxnrB
         zxWeSphgodCOKIG5jAmxOD9NWX38Pxw+mO3MbgOUc42T/8px3WEBhQZJuOLqTE2PE9+w
         TgmA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linux.microsoft.com header.s=default
 header.b=Z1at4qah;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id
 63-20020a621842000000b00633d39d7b09si9321627pfy.390.2023.04.11.14.34.38;
        Tue, 11 Apr 2023 14:34:50 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux.microsoft.com header.s=default
 header.b=Z1at4qah;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org
 designates 2620:137:e000::1:20 as permitted sender)
 smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.microsoft.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S229788AbjDKVRU (ORCPT <rfc822;leviz.kernel.dev@gmail.com>
        + 99 others); Tue, 11 Apr 2023 17:17:20 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:38728 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229736AbjDKVRQ (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 11 Apr 2023 17:17:16 -0400
Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
        by lindbergh.monkeyblade.net (Postfix) with ESMTP id 91CFF3594;
        Tue, 11 Apr 2023 14:17:15 -0700 (PDT)
Received: from W11-BEAU-MD.localdomain (unknown [76.135.27.212])
        by linux.microsoft.com (Postfix) with ESMTPSA id C741921779A1;
        Tue, 11 Apr 2023 14:17:14 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com C741921779A1
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com;
        s=default; t=1681247834;
        bh=oBm7UAgWYx2ikyJKWEAABOUG7UTL+PiB3Yh06pGj3g4=;
        h=From:To:Cc:Subject:Date:From;
        b=Z1at4qah8WLFhkDhgppqXLfGtmJesTfcpCqNdRs5uL5vtv/r8RSyI0GKqfIvr2IM+
         RZiEH9lth5WwyGRJaJ5ISnlyjQw5e8CTtosRcPVUqH8MIPC/g0V9CpadyRFfnvEke+
         TLuscezLrkws+N7xej1QA+SxPkUXprULy2b1C0zk=
From: Beau Belgrave <beaub@linux.microsoft.com>
To: rostedt@goodmis.org, mhiramat@kernel.org,
        mathieu.desnoyers@efficios.com, dcook@linux.microsoft.com,
        alanau@linux.microsoft.com
Cc: linux-kernel@vger.kernel.org, linux-trace-kernel@vger.kernel.org
Subject: [PATCH 0/3] tracing/user_events: Fixes and improvements for 6.4
Date: Tue, 11 Apr 2023 14:17:06 -0700
Message-Id: <20230411211709.15018-1-beaub@linux.microsoft.com>
X-Mailer: git-send-email 2.25.1
MIME-Version: 1.0
X-Spam-Status: No, score=-19.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
        DKIM_VALID,DKIM_VALID_AU,ENV_AND_HDR_SPF_MATCH,RCVD_IN_DNSWL_MED,
        SPF_HELO_PASS,SPF_PASS,USER_IN_DEF_DKIM_WL,USER_IN_DEF_SPF_WL
        autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1762917236734136615?=
X-GMAIL-MSGID: =?utf-8?q?1762917236734136615?=

Now that user_events is in for-next we broadened our integration of
user_events. During this integration we found a few things that can
help prevent the debugging of issues for user_events when user
processes use the ABI directly.

The most important thing found is an out of bounds fix with the
write index. If it is negative, an out of bounds access is attempted.
This bug was introduced on one of the very first user_events patches
and remained unseen for a long time. Apologies for not catching that
sooner.

We think users will expect the kernel to always clear the registered
bit when events are unregistered, even if the event is still enabled
in a kernel tracer. The user process could do this after unregistering,
but it seems appropriate for the kernel side to attempt this. We also
discussed if it makes sense for the kernel to allow user processes
to tie multiple events to the same value and bit. While this doesn't
cause any issues on the kernel side, it leads to very undefined
behavior for the user process. Depending on which event gets enabled
when, the bit will vary.

Beau Belgrave (3):
  tracing/user_events: Ensure write index cannot be negative
  tracing/user_events: Ensure bit is cleared on unregister
  tracing/user_events: Prevent same address and bit per process

 kernel/trace/trace_events_user.c              | 77 +++++++++++++++++++
 .../testing/selftests/user_events/abi_test.c  |  9 ++-
 .../selftests/user_events/ftrace_test.c       | 14 +++-
 3 files changed, 96 insertions(+), 4 deletions(-)


base-commit: 88fe1ec75fcb296579e05eaf3807da3ee83137e4