diff options
| author | Ian Rogers <irogers@google.com> | 2025-09-02 11:17:11 -0700 | 
|---|---|---|
| committer | Namhyung Kim <namhyung@kernel.org> | 2025-09-02 14:55:05 -0700 | 
| commit | d7b67dd6f9db7bd2c49b415e901849b182ff0735 (patch) | |
| tree | 0436a8a2a456c16aed8da5c0b5929831b54aad81 /scripts/lib/kdoc/kdoc_re.py | |
| parent | 2c369d91d0933aaff96b6b807b22363e6a38a625 (diff) | |
perf bpf-event: Fix use-after-free in synthesis
Calls to perf_env__insert_bpf_prog_info may fail as a sideband thread
may already have inserted the bpf_prog_info. Such failures may yield
info_linear being freed which then causes use-after-free issues with
the internal bpf_prog_info info struct. Make it so that
perf_env__insert_bpf_prog_info trigger early non-error paths and fix
the use-after-free in perf_event__synthesize_one_bpf_prog. Add proper
return error handling to perf_env__add_bpf_info (that calls
perf_env__insert_bpf_prog_info) and propagate the return value in its
callers.
Closes: https://lore.kernel.org/lkml/CAP-5=fWJQcmUOP7MuCA2ihKnDAHUCOBLkQFEkQES-1ZZTrgf8Q@mail.gmail.com/
Fixes: 03edb7020bb9 ("perf bpf: Fix two memory leakages when calling perf_env__insert_bpf_prog_info()")
Reviewed-by: Namhyung Kim <namhyung@kernel.org>
Signed-off-by: Ian Rogers <irogers@google.com>
Link: https://lore.kernel.org/r/20250902181713.309797-2-irogers@google.com
Signed-off-by: Namhyung Kim <namhyung@kernel.org>
Diffstat (limited to 'scripts/lib/kdoc/kdoc_re.py')
0 files changed, 0 insertions, 0 deletions
