[PATCH v3] coresight: ETR: Fix ETR buffer use-after-free issue
Mike Leach
mike.leach at linaro.org
Thu Nov 6 06:14:03 PST 2025
Hi,
Is this fixing the correct problem? If we prevent the buffer size from
being changed while the sink is active - which is probably what we
should do anyway as no real good can come from allowing this - then
the problem disappears.
Changing the buffer size while the sink is active should return -EBUSY;
Mike
On Wed, 5 Nov 2025 at 16:13, Suzuki K Poulose <suzuki.poulose at arm.com> wrote:
>
>
> On Tue, 21 Oct 2025 16:45:25 +0800, Xiaoqi Zhuang wrote:
> > When ETR is enabled as CS_MODE_SYSFS, if the buffer size is changed
> > and enabled again, currently sysfs_buf will point to the newly
> > allocated memory(buf_new) and free the old memory(buf_old). But the
> > etr_buf that is being used by the ETR remains pointed to buf_old, not
> > updated to buf_new. In this case, it will result in a memory
> > use-after-free issue.
> >
> > [...]
>
> Applied, thanks!
>
> [1/1] coresight: ETR: Fix ETR buffer use-after-free issue
> https://git.kernel.org/coresight/c/35501ac3c7d4
>
> Best regards,
> --
> Suzuki K Poulose <suzuki.poulose at arm.com>
--
Mike Leach
Principal Engineer, ARM Ltd.
Manchester Design Centre. UK
More information about the linux-arm-kernel
mailing list