superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror-linux/include/trace/events
History
David Howells 2c28769a51 rxrpc: Fix recvmsg() unconditional requeue 
If rxrpc_recvmsg() fails because MSG_DONTWAIT was specified but the call at
the front of the recvmsg queue already has its mutex locked, it requeues
the call - whether or not the call is already queued.  The call may be on
the queue because MSG_PEEK was also passed and so the call was not dequeued
or because the I/O thread requeued it.

The unconditional requeue may then corrupt the recvmsg queue, leading to
things like UAFs or refcount underruns.

Fix this by only requeuing the call if it isn't already on the queue - and
moving it to the front if it is already queued.  If we don't queue it, we
have to put the ref we obtained by dequeuing it.

Also, MSG_PEEK doesn't dequeue the call so shouldn't call
rxrpc_notify_socket() for the call if we didn't use up all the data on the
queue, so fix that also.

Fixes: 540b1c48c3 ("rxrpc: Fix deadlock between call creation and sendmsg/recvmsg")
Reported-by: Faith <faith@zellic.io>
Reported-by: Pumpkin Chang <pumpkin@devco.re>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Marc Dionne <marc.dionne@auristor.com>
cc: Nir Ohfeld <niro@wiz.io>
cc: Willy Tarreau <w@1wt.eu>
cc: Simon Horman <horms@kernel.org>
cc: linux-afs@lists.infradead.org
cc: stable@kernel.org
Link: https://patch.msgid.link/95163.1768428203@warthog.procyon.org.uk
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
 		2026-01-19 10:07:06 -08:00
..
9p.h 9p: prevent read overrun in protocol dump tracepoint 2023-12-05 21:18:44 +09:00
afs.h afs: Add support for RENAME_NOREPLACE and RENAME_EXCHANGE 2025-09-25 09:19:07 +02:00
alarmtimer.h alarmtimer: Hide alarmtimer_suspend event when RTC_CLASS is not configured 2025-07-21 16:40:56 -04:00
amdxdna.h accel/amdxdna: Add command execution 2024-11-22 11:43:27 -07:00
asoc.h ASoC: asoc.h: convert to snd_soc_dapm_xxx() 2025-11-17 00:14:25 +00:00
avc.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
bcache.h
block.h block: fix blk_zone_append_update_request_bio() kernel-doc 2025-07-16 10:02:18 -06:00
bpf_test_run.h bpf: add bpf_modify_return_test_tp() kfunc triggering tracepoint 2024-03-28 18:31:40 -07:00
bridge.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
btrfs.h btrfs: fix NULL dereference on root when tracing inode eviction 2025-12-16 22:53:14 +01:00
cachefiles.h cachefiles: Add auxiliary data trace 2024-12-20 22:34:05 +01:00
capability.h security: add trace event for cap_capable 2024-12-04 20:59:21 -06:00
ceph.h ceph: add trace points to the MDS client 2025-12-10 11:50:54 +01:00
cgroup.h cgroup: remove per-cpu per-subsystem locks 2025-06-17 10:01:18 -10:00
clk.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
cma.h mm/cma: add 'available count' and 'total count' to trace_cma_alloc_start 2025-09-13 16:55:15 -07:00
compaction.h mm: compaction: update the cc->nr_migratepages when allocating or freeing the freepages 2024-02-22 10:24:50 -08:00
context_tracking.h
cpuhp.h
csd.h
damon.h mm/damon: add trace event for effective size quota 2025-07-13 16:38:33 -07:00
devfreq.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
devlink.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
dlm.h dlm: remove lkb from callback tracepoints 2024-04-01 13:31:12 -05:00
dma.h dma-mapping: fix direction in dma_alloc direction traces 2025-10-03 08:45:09 +02:00
dma_fence.h dma-fence: Add safe access helpers and document the rules 2025-06-13 08:26:49 +01:00
erofs.h erofs: remove unused trace event erofs_destroy_inode 2025-06-18 13:41:16 +08:00
error_report.h
exceptions.h x86/tracing, x86/mm: Move page fault tracepoints to generic 2025-05-16 10:13:59 +02:00
ext4.h ext4: rename EXT4_GET_BLOCKS_PRE_IO 2025-11-26 17:13:33 -05:00
f2fs.h f2fs: optimize trace_f2fs_write_checkpoint with enums 2025-12-04 02:00:06 +00:00
fib.h ipv4: Convert ->flowi4_tos to dscp_t. 2025-08-26 17:34:31 -07:00
fib6.h tracing: ipv6: Add flow label to fib6_table_lookup tracepoint 2024-12-19 16:02:22 +01:00
filelock.h vfs-6.18-rc1.inode 2025-09-29 09:42:30 -07:00
filemap.h filemap: add trace events for get_pages, map_pages, and fault 2024-09-01 20:26:10 -07:00
firewire.h firewire: core: rename cause flag of tracepoints event 2024-09-12 22:30:38 +09:00
firewire_ohci.h firewire: ohci: add tracepoints event for data of Self-ID DMA 2024-07-04 09:07:14 +09:00
fs_dax.h mm: update core kernel code to use vm_flags_t consistently 2025-07-09 22:42:13 -07:00
fscache.h cachefiles: fix slab-use-after-free in fscache_withdraw_volume() 2024-07-03 10:36:14 +02:00
fsi.h
fsi_master_aspeed.h
fsi_master_ast_cf.h
fsi_master_gpio.h
fsi_master_i2cr.h
gpio.h
gpu_mem.h
habanalabs.h accel/habanalabs: fix typo in trace output (cms -> cmd) 2025-09-25 09:09:28 +03:00
handshake.h
host1x.h
huge_memory.h mm/khugepaged: unify SCAN_PMD_NONE and SCAN_PMD_NULL into SCAN_NO_PTE_TABLE 2025-11-24 15:08:52 -08:00
hugetlbfs.h hugetlb: fix NULL pointer dereference in trace_hugetlbfs_alloc_inode 2025-01-12 19:03:36 -08:00
hw_pressure.h sched/cpufreq: Rename arch_update_thermal_pressure() => arch_update_hw_pressure() 2024-04-24 12:08:01 +02:00
hwmon.h hwmon: Introduce 64-bit energy attribute support 2025-09-07 16:33:48 -07:00
i2c.h
i2c_slave.h
ib_mad.h
ib_umad.h
icmp.h net/ipv4: add tracepoint for icmp_send 2024-05-08 10:39:26 +01:00
initcall.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
intel-sst.h
intel_ifs.h trace: platform/x86/intel/ifs: Add SBAF trace support 2024-08-12 16:36:11 +02:00
intel_ish.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
io_uring.h io_uring/trace: rename io_uring_queue_async_work event "rw" field 2025-12-04 07:18:02 -07:00
iocost.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
iommu.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
ipi.h tracing: arm: arm64: Hide trace events ipi_raise, ipi_entry and ipi_exit 2025-07-23 14:58:55 -04:00
irq.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
irq_matrix.h genirq/matrix: Remove unused irq_matrix_alloc_reserved tracepoint 2025-06-02 13:12:26 -04:00
iscsi.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
jbd2.h
kmem.h kmem/tracing: add kmem name to kmem_cache_alloc tracepoint 2025-09-13 16:55:18 -07:00
ksm.h mm/ksm: add tracepoint for ksm advisor 2023-12-29 11:58:27 -08:00
kvm.h LoongArch: KVM: Move kvm_iocsr tracepoint out of generic code 2025-09-23 23:37:26 +08:00
kyber.h
libata.h
lock.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
maple_tree.h
mce.h x86/MCE/AMD: Add support for new MCA_SYND{1,2} registers 2024-10-31 10:36:07 +01:00
mctp.h
mdio.h trace: events: cleanup deprecated strncpy uses 2024-04-05 22:10:25 -07:00
memcg.h memcg: add flush tracepoint 2024-11-11 00:26:46 -08:00
memory-failure.h mm/memory-failure: remove the selection of RAS 2025-11-24 15:08:55 -08:00
migrate.h mm/migrate: add MR_DAMON to migrate_reason 2024-07-03 19:30:12 -07:00
mlxsw.h
mmap.h mm: remove unused mmap tracepoints 2025-07-09 22:41:55 -07:00
mmap_lock.h mm: mmap_lock: optimize mmap_lock tracepoints 2025-01-13 22:40:34 -08:00
mmc.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
mmflags.h mm: introduce VM_MAYBE_GUARD and make visible in /proc/$pid/smaps 2025-11-20 13:43:58 -08:00
module.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
mptcp.h mptcp: sched: check both directions for backup 2024-07-30 10:27:29 +02:00
napi.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
nbd.h nbd: Use NULL to represent a pointer 2024-05-14 07:22:35 -06:00
neigh.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
net.h net: add net cookie for net device trace events 2025-11-04 09:59:19 +01:00
net_probe_common.h trace: adjust TP_STORE_ADDR_PORTS_SKB() parameters 2024-04-03 19:26:14 -07:00
netfs.h netfs: Fix race between cache write completion and ALL_QUEUED being set 2025-07-14 11:05:02 +02:00
netlink.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
nilfs2.h nilfs2: use __field_struct() for a bitwise field 2024-05-11 15:51:43 -07:00
nmi.h
notifier.h
objagg.h
oom.h mm: improve code consistency with zonelist_* helper functions 2024-09-01 20:25:55 -07:00
osnoise.h trace/osnoise: Add trace events for samples 2025-02-26 19:44:30 -05:00
page_isolation.h
page_pool.h page_pool: devmem support 2024-09-11 20:44:31 -07:00
page_ref.h mm: introduce memdesc_flags_t 2025-09-13 16:55:07 -07:00
pagemap.h
percpu.h
power.h PM: Introduce new PMSG_POWEROFF event 2025-11-14 17:05:53 +01:00
power_cpu_migrate.h
preemptirq.h tracing: Remove definition of trace_*_rcuidle() 2024-10-08 21:17:39 -04:00
printk.h
pwc.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
pwm.h pwm: Add tracing for waveform callbacks 2024-09-28 15:13:56 +02:00
qdisc.h tracing/net_sched: NULL pointer dereference in perf_trace_qdisc_reset() 2024-06-27 11:06:30 +02:00
qla.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
qrtr.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
rcu.h RCU pull request for v6.15 2025-03-24 19:41:37 -07:00
rdma_core.h
readahead.h readahead: add trace points 2025-09-21 14:22:28 -07:00
regulator.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
rpcgss.h sunrpc: implement rfc2203 rpcsec_gss seqnum cache 2025-05-19 10:14:29 -04:00
rpcrdma.h svcrdma: Handle device removal outside of the CM event handler 2024-09-20 19:31:03 -04:00
rpm.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
rseq.h rseq: Cache CPU ID and MM CID values 2025-11-04 08:32:14 +01:00
rtc.h
rust_sample.h rust: samples: add tracepoint to Rust sample 2024-11-04 16:21:44 -05:00
rwmmio.h
rxrpc.h rxrpc: Fix recvmsg() unconditional requeue 2026-01-19 10:07:06 -08:00
sched.h tracing changes for 6.17 2025-08-01 10:29:36 -07:00
sched_ext.h sched_ext: Implement load balancer for bypass mode 2025-11-12 06:43:44 -10:00
scmi.h include: trace: Add tracepoint support for inflight xfer count 2025-07-03 16:18:09 +01:00
scsi.h scsi: trace: Show rtn in string for scsi_dispatch_cmd_error() 2025-06-09 21:59:07 -04:00
sctp.h
signal.h
siox.h
skb.h net: add rx_sk to trace_kfree_skb 2024-06-19 12:44:22 +01:00
smbus.h
sock.h net: Retire DCCP socket. 2025-04-11 18:58:10 -07:00
sof.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
sof_intel.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
spi-mem.h spi: spi-mem: Trace exec_op 2025-10-27 11:10:50 +00:00
spi.h
spmi.h
sunrpc.h sunrpc: remove SVC_SYSERR 2025-07-14 12:46:48 -04:00
sunvnet.h
swiotlb.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
syscalls.h tracing: Declare system call tracepoints with TRACE_EVENT_SYSCALL 2024-10-09 17:05:54 -04:00
target.h scsi: usb: Rename the RESERVE and RELEASE constants 2025-02-12 22:20:55 -05:00
task.h copy_process: pass clone_flags as u64 across calltree 2025-09-01 15:31:34 +02:00
tcp.h trace: tcp: add three metrics to trace_tcp_rcvbuf_grow() 2025-10-29 17:30:18 -07:00
tegra_apb_dma.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
thp.h powerpc/thp: tracing: Hide hugepage events under CONFIG_PPC_BOOK3S_64 2025-07-25 08:58:07 -04:00
timer.h tracing/timers: Rename the hrtimer_init event to hrtimer_setup 2025-04-05 10:30:17 +02:00
timer_migration.h timers/migration: Rename 'online' bit to 'available' 2025-11-20 20:17:31 +01:00
timestamp.h fs: tracepoints around multigrain timestamp events 2024-10-10 10:20:52 +02:00
tlb.h x86/mm/tlb/trace: Export the TLB_REMOTE_WRONG_CPU enum in <trace/events/tlb.h> 2025-12-13 11:01:16 +01:00
tsm_mr.h tsm-mr: Add TVM Measurement Register support 2025-05-08 19:17:33 -07:00
udp.h trace: adjust TP_STORE_ADDR_PORTS_SKB() parameters 2024-04-03 19:26:14 -07:00
v4l2.h
vb2.h
vmalloc.h
vmscan.h vmscan: add a vmscan event for reclaim_pages 2024-11-06 20:11:13 -08:00
vsock_virtio_transport_common.h
watchdog.h
wbt.h
workqueue.h tracing/treewide: Remove second parameter of __assign_str() 2024-05-22 20:14:47 -04:00
writeback.h Manual conversion to use ->i_state accessors of all places not covered by coccinelle 2025-10-20 20:22:26 +02:00
xdp.h xdp: tracing: Hide some xdp events under CONFIG_BPF_SYSCALL 2025-06-12 19:36:53 -07:00
xen.h