]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8703940)
tracing: dynevent: Add a missing lockdown check on dynevent
authorMasami Hiramatsu (Google) <mhiramat@kernel.org>
Fri, 19 Sep 2025 01:15:56 +0000 (10:15 +0900)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Thu, 2 Oct 2025 11:42:53 +0000 (13:42 +0200)
commit 456c32e3c4316654f95f9d49c12cbecfb77d5660 upstream.

Since dynamic_events interface on tracefs is compatible with
kprobe_events and uprobe_events, it should also check the lockdown
status and reject if it is set.

Link: https://lore.kernel.org/all/175824455687.45175.3734166065458520748.stgit@devnote2/
Fixes: 17911ff38aa5 ("tracing: Add locked_down checks to the open calls of files created for tracefs")
Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
kernel/trace/trace_dynevent.c patch | blob | blame | history

diff --git a/kernel/trace/trace_dynevent.c b/kernel/trace/trace_dynevent.c
index c9b0533407edeb098f6ce829de5c4aee647b28ac..76737492e750e318c31090ffb3bae9fb5e918cf6 100644 (file)
--- a/kernel/trace/trace_dynevent.c
+++ b/kernel/trace/trace_dynevent.c
@@ -239,6 +239,10 @@ static int dyn_event_open(struct inode *inode, struct file *file)
 {
        int ret;
 
+       ret = security_locked_down(LOCKDOWN_TRACEFS);
+       if (ret)
+               return ret;
+
        ret = tracing_check_open_get_tr(NULL);
        if (ret)
                return ret;
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git