Doug / smarc-fsl-linux-kernel

Download as
Browse Code ยป

Commit fdb6a8f4db813b4e50f4e975efe6be12ba5bf460

Authored by Robert Richter
Committed by Ingo Molnar
1 parent c903ff8379
Exists in master and in 7 other branches imx_3.0.35_4.1.0, imx_3.10.17_1.0.1_ga, imx_3.10.53_1.1.0_ga, imx_3.14.28_1.0.0_ga, smarc-imx_3.10.53_1.1.0_ga, smarc-imx_3.14.28_1.0.0_ga, smarc-l5.0.0_1.0.0-ga

oprofile: fix uninitialized use of struct op_entry 

Impact: fix crash

In case of losing samples struct op_entry could have been used
uninitialized causing e.g. a wrong preemption count or NULL pointer
access. This patch fixes this.

Signed-off-by: Robert Richter <robert.richter@amd.com>
Signed-off-by: Ingo Molnar <mingo@elte.hu>

Showing 2 changed files with 12 additions and 0 deletions Side-by-side Diff

drivers/oprofile/cpu_buffer.c
Diff comments   View file @ fdb6a8f
... ... @@ -393,16 +393,21 @@
393 393 return;
394 394  
395 395 fail:
  396 + entry->event = NULL;
396 397 cpu_buf->sample_lost_overflow++;
397 398 }
398 399  
399 400 int oprofile_add_data(struct op_entry *entry, unsigned long val)
400 401 {
  402 + if (!entry->event)
  403 + return 0;
401 404 return op_cpu_buffer_add_data(entry, val);
402 405 }
403 406  
404 407 int oprofile_write_commit(struct op_entry *entry)
405 408 {
  409 + if (!entry->event)
  410 + return -EINVAL;
406 411 return op_cpu_buffer_write_commit(entry);
407 412 }
408 413  
drivers/oprofile/cpu_buffer.h
Diff comments   View file @ fdb6a8f
... ... @@ -66,6 +66,13 @@
66 66 cpu_buf->last_task = NULL;
67 67 }
68 68  
  69 +/*
  70 + * op_cpu_buffer_add_data() and op_cpu_buffer_write_commit() may be
  71 + * called only if op_cpu_buffer_write_reserve() did not return NULL or
  72 + * entry->event != NULL, otherwise entry->size or entry->event will be
  73 + * used uninitialized.
  74 + */
  75 +
69 76 struct op_sample
70 77 *op_cpu_buffer_write_reserve(struct op_entry *entry, unsigned long size);
71 78 int op_cpu_buffer_write_commit(struct op_entry *entry);