lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 11 Jul 2014 13:56:17 +0200
From:	Jiri Olsa <jolsa@...nel.org>
To:	linux-kernel@...r.kernel.org
Cc:	Alexander Yarygin <yarygin@...ux.vnet.ibm.com>,
	Arnaldo Carvalho de Melo <acme@...nel.org>,
	Corey Ashford <cjashfor@...ux.vnet.ibm.com>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Ingo Molnar <mingo@...nel.org>,
	Paul Mackerras <paulus@...ba.org>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>
Subject: [PATCH 0/5] perf: Fix tracepoint events permissions check

hi,
sending fix for bug reported by Alexander Yarygin in here:
  http://marc.info/?l=linux-kernel&m=140475133707722&w=2

The main problem was, that the event_init tracepoint callback
checked permission of the 'current' task instead of the event
owner task.

While this is ok for perf_event_open syscall check, it is wrong
once event_init is called during fork to create child events.
In this case the permission of the forked task is checked instead
of the owner task of the parent event.

Changing tracepoint permission code to check event's owner task,
plus some other changes I needed for this.

thanks,
jirka


---
Jiri Olsa (5):
      perf: Make perf_init_event function static
      perf: Destroy event's children on task exit
      perf: Initialize owner before calling event_init callback
      perf: Move event owner retrieval into perf_event_get_owner
      perf: Check event's owner permission in tracepoint init callback

 include/linux/perf_event.h      |  1 +
 kernel/events/core.c            | 72 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-----------------
 kernel/trace/trace_event_perf.c | 19 +++++++++++++++++--
 3 files changed, 73 insertions(+), 19 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ