tracing/histogram: Do not copy the fixed-size char array field over the field size

[ Upstream commit 63f84ae6b82bb4dff672f76f30c6fd7b9d3766bc ]

Do not copy the fixed-size char array field of the events over
the field size. The histogram treats char array as a string and
there are 2 types of char array in the event, fixed-size and
dynamic string. The dynamic string (__data_loc) field must be
null terminated, but the fixed-size char array field may not
be null terminated (not a string, but just a data).
In that case, histogram can copy the data after the field.
This uses the original field size for fixed-size char array
field to restrict the histogram not to access over the original
field size.

Link: https://lkml.kernel.org/r/163673292822.195747.3696966210526410250.stgit@devnote2
Fixes: 02205a6752f2 (tracing: Add support for 'field variables')
Signed-off-by: Masami Hiramatsu <mhiramat@kernel.org>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

diff --git a/kernel/trace/trace_events_hist.c b/kernel/trace/trace_events_hist.c
index 1b7f90e00eb052992ffe95ea9e73eabd85df4ddd..642e4645f6406c6009e024b2121cfb1d505b06f1 100644 (file)
--- a/kernel/trace/trace_events_hist.c
+++ b/kernel/trace/trace_events_hist.c
@@ -1684,9 +1684,10 @@ static struct hist_field *create_hist_field(struct hist_trigger_data *hist_data,
                if (!hist_field->type)
                        goto free;
 
-               if (field->filter_type == FILTER_STATIC_STRING)
+               if (field->filter_type == FILTER_STATIC_STRING) {
                        hist_field->fn = hist_field_string;
-               else if (field->filter_type == FILTER_DYN_STRING)
+                       hist_field->size = field->size;
+               } else if (field->filter_type == FILTER_DYN_STRING)
                        hist_field->fn = hist_field_dynstring;
                else
                        hist_field->fn = hist_field_pstring;
@@ -2624,7 +2625,7 @@ static inline void __update_field_vars(struct tracing_map_elt *elt,
                        char *str = elt_data->field_var_str[j++];
                        char *val_str = (char *)(uintptr_t)var_val;
 
-                       strscpy(str, val_str, STR_VAR_LEN_MAX);
+                       strscpy(str, val_str, val->size);
                        var_val = (u64)(uintptr_t)str;
                }
                tracing_map_set_var(elt, var_idx, var_val);
@@ -4472,7 +4473,7 @@ static void hist_trigger_elt_update(struct hist_trigger_data *hist_data,
 
                                str = elt_data->field_var_str[idx];
                                val_str = (char *)(uintptr_t)hist_val;
-                               strscpy(str, val_str, STR_VAR_LEN_MAX);
+                               strscpy(str, val_str, hist_field->size);
 
                                hist_val = (u64)(uintptr_t)str;
                        }