tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge tag 'perf_urgent_for_v6.11_rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip

Pull perf fixes from Borislav Petkov:

- Fix perf's AUX buffer serialization

- Prevent uninitialized struct members in perf's uprobes handling

* tag 'perf_urgent_for_v6.11_rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip:
perf/aux: Fix AUX buffer serialization
uprobes: Use kzalloc to allocate xol area

Linus Torvalds e2039887 5dadc1be

+16 -8
+12 -6
kernel/events/core.c
··· 1255 1255 * perf_event_context::mutex 1256 1256 * perf_event::child_mutex; 1257 1257 * perf_event_context::lock 1258 - * perf_event::mmap_mutex 1259 1258 * mmap_lock 1259 + * perf_event::mmap_mutex 1260 + * perf_buffer::aux_mutex 1260 1261 * perf_addr_filters_head::lock 1261 1262 * 1262 1263 * cpu_hotplug_lock ··· 6374 6373 event->pmu->event_unmapped(event, vma->vm_mm); 6375 6374 6376 6375 /* 6377 - * rb->aux_mmap_count will always drop before rb->mmap_count and 6378 - * event->mmap_count, so it is ok to use event->mmap_mutex to 6379 - * serialize with perf_mmap here. 6376 + * The AUX buffer is strictly a sub-buffer, serialize using aux_mutex 6377 + * to avoid complications. 6380 6378 */ 6381 6379 if (rb_has_aux(rb) && vma->vm_pgoff == rb->aux_pgoff && 6382 - atomic_dec_and_mutex_lock(&rb->aux_mmap_count, &event->mmap_mutex)) { 6380 + atomic_dec_and_mutex_lock(&rb->aux_mmap_count, &rb->aux_mutex)) { 6383 6381 /* 6384 6382 * Stop all AUX events that are writing to this buffer, 6385 6383 * so that we can free its AUX pages and corresponding PMU ··· 6395 6395 rb_free_aux(rb); 6396 6396 WARN_ON_ONCE(refcount_read(&rb->aux_refcount)); 6397 6397 6398 - mutex_unlock(&event->mmap_mutex); 6398 + mutex_unlock(&rb->aux_mutex); 6399 6399 } 6400 6400 6401 6401 if (atomic_dec_and_test(&rb->mmap_count)) ··· 6483 6483 struct perf_event *event = file->private_data; 6484 6484 unsigned long user_locked, user_lock_limit; 6485 6485 struct user_struct *user = current_user(); 6486 + struct mutex *aux_mutex = NULL; 6486 6487 struct perf_buffer *rb = NULL; 6487 6488 unsigned long locked, lock_limit; 6488 6489 unsigned long vma_size; ··· 6531 6530 rb = event->rb; 6532 6531 if (!rb) 6533 6532 goto aux_unlock; 6533 + 6534 + aux_mutex = &rb->aux_mutex; 6535 + mutex_lock(aux_mutex); 6534 6536 6535 6537 aux_offset = READ_ONCE(rb->user_page->aux_offset); 6536 6538 aux_size = READ_ONCE(rb->user_page->aux_size); ··· 6685 6681 atomic_dec(&rb->mmap_count); 6686 6682 } 6687 6683 aux_unlock: 6684 + if (aux_mutex) 6685 + mutex_unlock(aux_mutex); 6688 6686 mutex_unlock(&event->mmap_mutex); 6689 6687 6690 6688 /*
+1
kernel/events/internal.h
··· 40 40 struct user_struct *mmap_user; 41 41 42 42 /* AUX area */ 43 + struct mutex aux_mutex; 43 44 long aux_head; 44 45 unsigned int aux_nest; 45 46 long aux_wakeup; /* last aux_watermark boundary crossed by aux_head */
+2
kernel/events/ring_buffer.c
··· 337 337 */ 338 338 if (!rb->nr_pages) 339 339 rb->paused = 1; 340 + 341 + mutex_init(&rb->aux_mutex); 340 342 } 341 343 342 344 void perf_aux_output_flag(struct perf_output_handle *handle, u64 flags)
+1 -2
kernel/events/uprobes.c
··· 1489 1489 struct xol_area *area; 1490 1490 void *insns; 1491 1491 1492 - area = kmalloc(sizeof(*area), GFP_KERNEL); 1492 + area = kzalloc(sizeof(*area), GFP_KERNEL); 1493 1493 if (unlikely(!area)) 1494 1494 goto out; 1495 1495 ··· 1499 1499 goto free_area; 1500 1500 1501 1501 area->xol_mapping.name = "[uprobes]"; 1502 - area->xol_mapping.fault = NULL; 1503 1502 area->xol_mapping.pages = area->pages; 1504 1503 area->pages[0] = alloc_page(GFP_HIGHUSER); 1505 1504 if (!area->pages[0])