From: Pu Lehui <pule...@huawei.com> When trace_get_user in trace_pid_write parses an only space, the !trace_parser_loaded branch will break with no errno, causing tr->filtered_pids to still be assigned with pid_list, which may trigger potential problems.
This patch will also silence the fault injection syzkaller warning in tracepoint_add_func [0]. We can reproduce the warning by following the steps below: 1. echo 8 >> set_event_notrace_pid. Let tr->filtered_pids owns one pid and register sched_switch tracepoint. 2. echo ' ' >> set_event_pid, and perform fault injection during chunk allocation of trace_pid_list_alloc. Let pid_list with no pid and assign to tr->filtered_pids. 3. echo ' ' >> set_event_pid. Let pid_list is NULL and assign to tr->filtered_pids. 4. echo 9 >> set_event_pid, will trigger the double register sched_switch tracepoint warning. Link: https://lore.kernel.org/all/67cb890e.050a0220.d8275.022e....@google.com [0] Fixes: b27f266f74fb ("tracing: Fix return value of trace_pid_write()") Signed-off-by: Pu Lehui <pule...@huawei.com> --- kernel/trace/trace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 8d8935ed416d..feeb7eb71318 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -853,10 +853,10 @@ int trace_pid_write(struct trace_pid_list *filtered_pids, ubuf += ret; cnt -= ret; + ret = -EINVAL; if (!trace_parser_loaded(&parser)) break; - ret = -EINVAL; if (kstrtoul(parser.buffer, 0, &val)) break; -- 2.34.1
