On Fri, 8 Dec 2023 18:36:01 +0000 Beau Belgrave <be...@linux.microsoft.com> wrote:
> While developing some unrelated features I happened to create a > trace_event that was more than NAME_MAX (255) characters. When this > happened the creation worked, but tracefs would hang any task that tried > to list the directory of the trace_event or remove it. > > I followed the code down to the reason being eventfs would call > simple_lookup(), and if it failed, it would still try to create the > dentry. In this case DCACHE_PAR_LOOKUP would get set and never cleared. > This caused d_wait_lookup() to loop forever, since that flag is used in > d_in_lookup(). > > Both tracefs and eventfs use simple_lookup() and it fails for > dentries that exceed NAME_MAX. Should we even allow trace_events to > be created that exceed this limit? Or should tracefs/eventfs allow > this but somehow represent these differently? Yeah I think it's easiest to just prevent dentries from exceeding NAME_MAX, and yes the patch below should be added. Care to send a real patch? Thanks, -- Steve > > I have a fix that appears to work for myself, but unsure if there are > other locations (attached at the end of this mail). > > Thanks, > -Beau > > diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c > index f8a594a50ae6..d2c06ba26db4 100644 > --- a/fs/tracefs/event_inode.c > +++ b/fs/tracefs/event_inode.c > @@ -561,6 +561,8 @@ static struct dentry *eventfs_root_lookup(struct inode > *dir, > if (strcmp(ei_child->name, name) != 0) > continue; > ret = simple_lookup(dir, dentry, flags); > + if (IS_ERR(ret)) > + goto out; > create_dir_dentry(ei, ei_child, ei_dentry, true); > created = true; > break; > @@ -583,6 +585,8 @@ static struct dentry *eventfs_root_lookup(struct inode > *dir, > if (r <= 0) > continue; > ret = simple_lookup(dir, dentry, flags); > + if (IS_ERR(ret)) > + goto out; > create_file_dentry(ei, i, ei_dentry, name, mode, > cdata, > fops, true); > break;
