From: Greg Kroah-Hartman Date: Thu, 9 Jan 2025 10:05:21 +0000 (+0100) Subject: 5.4-stable patches X-Git-Tag: v5.4.289~12 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=972cf7d4d40046f5dda3bc0cbd14d6bfd971187f;p=thirdparty%2Fkernel%2Fstable-queue.git 5.4-stable patches added patches: ftrace-use-preempt_enable-disable-notrace-macros-to-avoid-double-fault.patch --- diff --git a/queue-5.4/ftrace-use-preempt_enable-disable-notrace-macros-to-avoid-double-fault.patch b/queue-5.4/ftrace-use-preempt_enable-disable-notrace-macros-to-avoid-double-fault.patch new file mode 100644 index 00000000000..1820ac08875 --- /dev/null +++ b/queue-5.4/ftrace-use-preempt_enable-disable-notrace-macros-to-avoid-double-fault.patch @@ -0,0 +1,54 @@ +From koichiro.den@canonical.com Thu Jan 9 11:03:49 2025 +From: Koichiro Den +Date: Wed, 8 Jan 2025 12:17:36 +0900 +Subject: ftrace: use preempt_enable/disable notrace macros to avoid double fault +To: gregkh@linuxfoundation.org, stable@vger.kernel.org +Cc: rostedt@goodmis.org, mhiramat@kernel.org, mark.rutland@arm.com, mathieu.desnoyers@efficios.com, zhengyejian1@huawei.com, hagarhem@amazon.com, linux-kernel@vger.kernel.org +Message-ID: <20250108031736.3318120-1-koichiro.den@canonical.com> + +From: Koichiro Den + +Since the backport commit eea46baf1451 ("ftrace: Fix possible +use-after-free issue in ftrace_location()") on linux-5.4.y branch, the +old ftrace_int3_handler()->ftrace_location() path has included +rcu_read_lock(), which has mcount location inside and leads to potential +double fault. + +Replace rcu_read_lock/unlock with preempt_enable/disable notrace macros +so that the mcount location does not appear on the int3 handler path. + +This fix is specific to linux-5.4.y branch, the only branch still using +ftrace_int3_handler with commit e60b613df8b6 ("ftrace: Fix possible +use-after-free issue in ftrace_location()") backported. It also avoids +the need to backport the code conversion to text_poke() on this branch. + +Reported-by: Koichiro Den +Closes: https://lore.kernel.org/all/74gjhwxupvozwop7ndhrh7t5qeckomt7yqvkkbm5j2tlx6dkfk@rgv7sijvry2k +Fixes: eea46baf1451 ("ftrace: Fix possible use-after-free issue in ftrace_location()") # linux-5.4.y +Signed-off-by: Steven Rostedt (Google) +Signed-off-by: Koichiro Den +Signed-off-by: Greg Kroah-Hartman +--- + kernel/trace/ftrace.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/kernel/trace/ftrace.c ++++ b/kernel/trace/ftrace.c +@@ -1554,7 +1554,7 @@ unsigned long ftrace_location_range(unsi + struct dyn_ftrace key; + unsigned long ip = 0; + +- rcu_read_lock(); ++ preempt_disable_notrace(); + key.ip = start; + key.flags = end; /* overload flags, as it is unsigned long */ + +@@ -1572,7 +1572,7 @@ unsigned long ftrace_location_range(unsi + break; + } + } +- rcu_read_unlock(); ++ preempt_enable_notrace(); + return ip; + } + diff --git a/queue-5.4/series b/queue-5.4/series index 02200d2f1cb..7ee538448cb 100644 --- a/queue-5.4/series +++ b/queue-5.4/series @@ -91,3 +91,4 @@ sky2-add-device-id-11ab-4373-for-marvell-88e8075.patch net-sctp-prevent-autoclose-integer-overflow-in-sctp_association_init.patch drm-adv7511-drop-dsi-single-lane-support.patch mm-vmscan-account-for-free-pages-to-prevent-infinite-loop-in-throttle_direct_reclaim.patch +ftrace-use-preempt_enable-disable-notrace-macros-to-avoid-double-fault.patch