git: d506ab946dea - stable/14 - LinuxKPI/lindebugfs: stop panicing in lindebugfs, fix simple_read_from_buffer
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 28 Sep 2024 10:38:14 UTC
The branch stable/14 has been updated by bz:
URL: https://cgit.FreeBSD.org/src/commit/?id=d506ab946dea5f9692b9f3da5d7a20e9fd59b9ba
commit d506ab946dea5f9692b9f3da5d7a20e9fd59b9ba
Author: Bjoern A. Zeeb <bz@FreeBSD.org>
AuthorDate: 2024-06-27 12:19:38 +0000
Commit: Bjoern A. Zeeb <bz@FreeBSD.org>
CommitDate: 2024-09-28 10:35:12 +0000
LinuxKPI/lindebugfs: stop panicing in lindebugfs, fix simple_read_from_buffer
Trying to use lindebugfs for debugging wirless drivers two issues
became apparent:
(a) a panic in lindebugfs calling a hard coded release function if the
caller had not provided one. This seems to be based on assumptions
that no longer hold up. Remove the hard coded release function to
prevent panics.
(b) In LinuxKPI simple_read_from_buffer() would call copy_to_user() but
buffers weren't setup for this (lindebugfs copies data from its
own buffer) and then pseudofs will do another copyout to the user
on this; remove the copy_to_user() and simply copy the data over
to the provided buffer; this works for as long as the only consumers
remain debugfs callers (which currently seems to be the case).
[the only out-of-tree consumers I am aware off are two drm-kmod
drivers/gpu/drm/amd/pm/* debugfs functions I cannot test].
Sponsored by: The FreeBSD Foundation
Tested by: jfree
Differential Revision: https://reviews.freebsd.org/D45755
(cherry picked from commit 5668c22a13c6befa9b8486387d38457c40ce7af4)
---
sys/compat/lindebugfs/lindebugfs.c | 2 --
sys/compat/linuxkpi/common/include/linux/fs.h | 22 +++++++++++++---------
2 files changed, 13 insertions(+), 11 deletions(-)
diff --git a/sys/compat/lindebugfs/lindebugfs.c b/sys/compat/lindebugfs/lindebugfs.c
index c1678c0f3421..eab89d9d13a5 100644
--- a/sys/compat/lindebugfs/lindebugfs.c
+++ b/sys/compat/lindebugfs/lindebugfs.c
@@ -154,8 +154,6 @@ debugfs_fill(PFS_FILL_ARGS)
if (d->dm_fops->release)
d->dm_fops->release(&vn, &lf);
- else
- single_release(&vn, &lf);
if (rc < 0) {
#ifdef INVARIANTS
diff --git a/sys/compat/linuxkpi/common/include/linux/fs.h b/sys/compat/linuxkpi/common/include/linux/fs.h
index 74288f9cd461..3e7e71a0713c 100644
--- a/sys/compat/linuxkpi/common/include/linux/fs.h
+++ b/sys/compat/linuxkpi/common/include/linux/fs.h
@@ -354,9 +354,8 @@ static inline ssize_t
simple_read_from_buffer(void __user *dest, size_t read_size, loff_t *ppos,
void *orig, size_t buf_size)
{
- void *read_pos = ((char *) orig) + *ppos;
+ void *p, *read_pos = ((char *) orig) + *ppos;
size_t buf_remain = buf_size - *ppos;
- ssize_t num_read;
if (buf_remain < 0 || buf_remain > buf_size)
return -EINVAL;
@@ -364,13 +363,18 @@ simple_read_from_buffer(void __user *dest, size_t read_size, loff_t *ppos,
if (read_size > buf_remain)
read_size = buf_remain;
- /* copy_to_user returns number of bytes NOT read */
- num_read = read_size - copy_to_user(dest, read_pos, read_size);
- if (num_read == 0)
- return -EFAULT;
- *ppos += num_read;
-
- return (num_read);
+ /*
+ * XXX At time of commit only debugfs consumers could be
+ * identified. If others will use this function we may
+ * have to revise this: normally we would call copy_to_user()
+ * here but lindebugfs will return the result and the
+ * copyout is done elsewhere for us.
+ */
+ p = memcpy(dest, read_pos, read_size);
+ if (p != NULL)
+ *ppos += read_size;
+
+ return (read_size);
}
MALLOC_DECLARE(M_LSATTR);