Bug#1118737: trixie-pu: package lttng-modules/2.13.18-1+deb13u1
Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: lttng-modules@packages.debian.org
Control: affects -1 + src:lttng-modules
User: release.debian.org@packages.debian.org
Usertags: pu
[ Reason ]
A change in the upstream Linux kernel introduced in v6.13 results in
memory corruption and a potential kernel crash when using syscall
tracing with lttng-modules. While trixie only ships a v6.12 based
kernel, users who build custom kernel packages could be affected by the
issue.
[ Impact ]
Using syscall tracing with a kernel >= v6.13 could result in a system
crash.
[ Tests ]
Tested in a trixie virtual machine using the upstream test suite.
[ Risks ]
Code change is minimal and since it's DKMS based only applies to kernels
v6.13 or greater. The patch is already present in upstream released
versions and in Debian unstable/testing.
[ Checklist ]
[*] *all* changes are documented in the d/changelog
[*] I reviewed all changes and I approve them
[*] attach debdiff against the package in (old)stable
[*] the issue is verified as fixed in unstable
[ Changes ]
Add a patch with version based ifdef that disables preemption around the
syscall probe. Prior to v6.13, preemption was disable around all probes
by the kernel.
diff -Nru lttng-modules-2.13.18/debian/changelog lttng-modules-2.13.18/debian/changelog
--- lttng-modules-2.13.18/debian/changelog 2025-04-14 18:01:05.000000000 -0400
+++ lttng-modules-2.13.18/debian/changelog 2025-10-07 13:46:28.000000000 -0400
@@ -1,3 +1,11 @@
+lttng-modules (2.13.18-1+deb13u1) trixie; urgency=medium
+
+ * Fix potential kernel crash with syscall tracing (Closes: ##1117551)
+ * [4b4342c] debian/gbp.conf: branch config for trixie
+ * [a8a56d6] Add patch to fix syscall tracing with kernels >= v6.13
+
+ -- Michael Jeanson <mjeanson@debian.org> Tue, 07 Oct 2025 13:46:28 -0400
+
lttng-modules (2.13.18-1) unstable; urgency=medium
* [25407c8] New upstream version 2.13.18
diff -Nru lttng-modules-2.13.18/debian/gbp.conf lttng-modules-2.13.18/debian/gbp.conf
--- lttng-modules-2.13.18/debian/gbp.conf 2025-04-14 18:00:10.000000000 -0400
+++ lttng-modules-2.13.18/debian/gbp.conf 2025-10-07 13:46:28.000000000 -0400
@@ -1,3 +1,3 @@
[DEFAULT]
-upstream-branch=upstream/latest
-debian-branch=debian/sid
+upstream-branch=upstream/2.13.18
+debian-branch=debian/trixie
diff -Nru lttng-modules-2.13.18/debian/patches/fix-protect-syscall-probes-with-preemption-disable.patch lttng-modules-2.13.18/debian/patches/fix-protect-syscall-probes-with-preemption-disable.patch
--- lttng-modules-2.13.18/debian/patches/fix-protect-syscall-probes-with-preemption-disable.patch 1969-12-31 19:00:00.000000000 -0500
+++ lttng-modules-2.13.18/debian/patches/fix-protect-syscall-probes-with-preemption-disable.patch 2025-10-07 13:46:28.000000000 -0400
@@ -0,0 +1,105 @@
+From df88625cf3ae0be53d4e12a7922d8a9600bcbab7 Mon Sep 17 00:00:00 2001
+From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+Date: Wed, 1 Oct 2025 16:04:55 -0400
+Subject: [PATCH] Fix: Protect syscall probes with preemption disable
+
+Since kernel v6.13, the syscall tracepoints call the probes from
+faultable context (with preemption enabled).
+
+Adapt to this change to ensure that the LTTng-modules per-cpu data
+structures that expect preemption to be disabled don't get corrupted.
+
+This has been noticed through a linked list corruption of the
+lttng-tp-mempool per-cpu allocator.
+
+This only affects preemptible kernel configurations (PREEMPT,
+PREEMPT_LAZY).
+
+Non-preemptible kernel configurations are not affected (PREEMPT_NONE,
+PREEMPT_VOLOUNTARY).
+
+Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
+Change-Id: I67211e9f8ae96dce0e05a377827d606d1e54b0f8
+---
+ src/lttng-syscalls.c | 40 ++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 40 insertions(+)
+
+diff --git a/src/lttng-syscalls.c b/src/lttng-syscalls.c
+index 2ee1ee04..0f1a205b 100644
+--- a/src/lttng-syscalls.c
++++ b/src/lttng-syscalls.c
+@@ -34,6 +34,10 @@
+ #include <lttng/utils.h>
+ #include <lttng/kernel-version.h>
+
++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,13,0))
++#include <linux/cleanup.h>
++#endif
++
+ #include "lttng-syscalls.h"
+
+ #ifndef CONFIG_COMPAT
+@@ -137,6 +141,15 @@ static void syscall_entry_event_unknown(struct hlist_head *unknown_action_list_h
+ unsigned long args[LTTNG_SYSCALL_NR_ARGS];
+ struct lttng_kernel_event_common_private *event_priv;
+
++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,13,0))
++ /*
++ * Starting with kernel v6.13, the syscall probes are called
++ * with preemption enabled, but the ring buffer and per-cpu data
++ * require preemption to be disabled.
++ */
++ guard(preempt_notrace)();
++#endif
++
+ lttng_syscall_get_arguments(current, regs, args);
+ lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
+ if (unlikely(in_compat_syscall()))
+@@ -255,6 +268,15 @@ void syscall_entry_event_probe(void *__data, struct pt_regs *regs, long id)
+ const struct trace_syscall_entry *table, *entry;
+ size_t table_len;
+
++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,13,0))
++ /*
++ * Starting with kernel v6.13, the syscall probes are called
++ * with preemption enabled, but the ring buffer and per-cpu data
++ * require preemption to be disabled.
++ */
++ guard(preempt_notrace)();
++#endif
++
+ #ifdef CONFIG_X86_X32_ABI
+ if (in_x32_syscall()) {
+ /* x32 system calls are not supported. */
+@@ -371,6 +393,15 @@ static void syscall_exit_event_unknown(struct hlist_head *unknown_action_list_he
+ unsigned long args[LTTNG_SYSCALL_NR_ARGS];
+ struct lttng_kernel_event_common_private *event_priv;
+
++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,13,0))
++ /*
++ * Starting with kernel v6.13, the syscall probes are called
++ * with preemption enabled, but the ring buffer and per-cpu data
++ * require preemption to be disabled.
++ */
++ guard(preempt_notrace)();
++#endif
++
+ lttng_syscall_get_arguments(current, regs, args);
+ lttng_hlist_for_each_entry_rcu(event_priv, unknown_action_list_head, u.syscall.node) {
+ if (unlikely(in_compat_syscall()))
+@@ -498,6 +529,15 @@ void syscall_exit_event_probe(void *__data, struct pt_regs *regs, long ret)
+ size_t table_len;
+ long id;
+
++#if (LTTNG_LINUX_VERSION_CODE >= LTTNG_KERNEL_VERSION(6,13,0))
++ /*
++ * Starting with kernel v6.13, the syscall probes are called
++ * with preemption enabled, but the ring buffer and per-cpu data
++ * require preemption to be disabled.
++ */
++ guard(preempt_notrace)();
++#endif
++
+ #ifdef CONFIG_X86_X32_ABI
+ if (in_x32_syscall()) {
+ /* x32 system calls are not supported. */
diff -Nru lttng-modules-2.13.18/debian/patches/series lttng-modules-2.13.18/debian/patches/series
--- lttng-modules-2.13.18/debian/patches/series 2025-04-14 18:00:10.000000000 -0400
+++ lttng-modules-2.13.18/debian/patches/series 2025-10-07 13:46:28.000000000 -0400
@@ -1 +1,2 @@
fix-linux-rt-4.9-sched.patch
+fix-protect-syscall-probes-with-preemption-disable.patch
Reply to: