| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Oct 2019 11:35:44 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: "Joel Fernandes (Google)" <joel@...lfernandes.org>
Cc: linux-kernel@...r.kernel.org, rostedt@...dmis.org,
primiano@...gle.com, rsavitski@...gle.com, jeffv@...gle.com,
kernel-team@...roid.com, Alexei Starovoitov <ast@...nel.org>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
bpf@...r.kernel.org, Daniel Borkmann <daniel@...earbox.net>,
Ingo Molnar <mingo@...hat.com>,
James Morris <jmorris@...ei.org>, Jiri Olsa <jolsa@...hat.com>,
Kees Cook <keescook@...omium.org>,
linux-security-module@...r.kernel.org,
Matthew Garrett <matthewgarrett@...gle.com>,
Namhyung Kim <namhyung@...nel.org>, selinux@...r.kernel.org,
Song Liu <songliubraving@...com>,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)" <x86@...nel.org>,
Yonghong Song <yhs@...com>
Subject: Re: [PATCH] perf_event: Add support for LSM and SELinux checks
On Fri, Oct 11, 2019 at 12:03:30PM -0400, Joel Fernandes (Google) wrote:
> @@ -4761,6 +4762,7 @@ int perf_event_release_kernel(struct perf_event *event)
> }
>
> no_ctx:
> + security_perf_event_free(event);
> put_event(event); /* Must be the 'last' reference */
> return 0;
> }
> @@ -10553,11 +10568,16 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu,
> }
> }
>
> + err = security_perf_event_alloc(event);
> + if (err)
> + goto err_security;
> +
> /* symmetric to unaccount_event() in _free_event() */
> account_event(event);
>
> return event;
>
> +err_security:
> err_addr_filters:
> kfree(event->addr_filter_ranges);
>
There's a bunch of problems here I think:
- err_security is named wrong; the naming scheme is to name the label
after the last thing that succeeded / first thing that needs to be
undone.
- per that, you're forgetting to undo 'get_callchain_buffers()'
- perf_event_release_kernel() is not a full match to
perf_event_alloc(), inherited events get created by
perf_event_alloc() but never pass through
perf_event_release_kernel().
I'm thinking the below patch on top should ammend these issues; please
verify.
---
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -4540,6 +4540,8 @@ static void _free_event(struct perf_even
unaccount_event(event);
+ security_perf_event_free(event);
+
if (event->rb) {
/*
* Can happen when we close an event with re-directed output.
@@ -4774,7 +4776,6 @@ int perf_event_release_kernel(struct per
}
no_ctx:
- security_perf_event_free(event);
put_event(event); /* Must be the 'last' reference */
return 0;
}
@@ -10595,14 +10596,18 @@ perf_event_alloc(struct perf_event_attr
err = security_perf_event_alloc(event);
if (err)
- goto err_security;
+ goto err_callchain_buffer;
/* symmetric to unaccount_event() in _free_event() */
account_event(event);
return event;
-err_security:
+err_callchain_buffer:
+ if (!event->parent) {
+ if (event->attr.sample_type & PERF_SAMPLE_CALLCHAIN)
+ put_callchain_buffers();
+ }
err_addr_filters:
kfree(event->addr_filter_ranges);
Powered by blists - more mailing lists