| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 May 2013 10:07:37 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Borislav Petkov <bp@...en8.de>
Cc: mingo@...nel.org, a.p.zijlstra@...llo.nl, hpa@...or.com,
linux-kernel@...r.kernel.org, stable@...nel.org,
ak@...ux.intel.com, tglx@...utronix.de,
linux-tip-commits@...r.kernel.org
Subject: Re: [tip:perf/urgent] perf/x86/intel/lbr: Demand proper privileges
for PERF_SAMPLE_BRANCH_KERNEL
> > @@ -318,8 +318,11 @@ static void intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
> > if (br_type & PERF_SAMPLE_BRANCH_USER)
> > mask |= X86_BR_USER;
> >
> > - if (br_type & PERF_SAMPLE_BRANCH_KERNEL)
> > + if (br_type & PERF_SAMPLE_BRANCH_KERNEL) {
> > + if (perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> > + return -EACCES;
>
> It is probably not too late to amend this patch and remove the "-EACCES":
>
> arch/x86/kernel/cpu/perf_event_intel_lbr.c: In function ‘intel_pmu_setup_sw_lbr_filter’:
> arch/x86/kernel/cpu/perf_event_intel_lbr.c:323:4: warning: ‘return’ with a value, in function returning void [enabled by default]
Oh urgh, looks like I forgot a refresh before posting..
This one actually compiles a defconfig bzImage.
---
Subject: perf, x86, lbr: Demand proper privileges for PERF_SAMPLE_BRANCH_KERNEL
From: Peter Zijlstra <a.p.zijlstra@...llo.nl>
Date: Fri May 03 14:07:49 CEST 2013
We should always have proper privileges when requesting kernel data.
Cc: Andi Kleen <ak@...ux.intel.com>
Cc: eranian@...gle.com
Signed-off-by: Peter Zijlstra <a.p.zijlstra@...llo.nl>
Link: http://lkml.kernel.org/n/tip-deb8yrh5fq2bijn5tlmezkmd@git.kernel.org
---
arch/x86/kernel/cpu/perf_event_intel_lbr.c | 15 +++++++++++----
1 file changed, 11 insertions(+), 4 deletions(-)
--- a/arch/x86/kernel/cpu/perf_event_intel_lbr.c
+++ b/arch/x86/kernel/cpu/perf_event_intel_lbr.c
@@ -310,7 +310,7 @@ void intel_pmu_lbr_read(void)
* - in case there is no HW filter
* - in case the HW filter has errata or limitations
*/
-static void intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
+static int intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
{
u64 br_type = event->attr.branch_sample_type;
int mask = 0;
@@ -318,8 +318,11 @@ static void intel_pmu_setup_sw_lbr_filte
if (br_type & PERF_SAMPLE_BRANCH_USER)
mask |= X86_BR_USER;
- if (br_type & PERF_SAMPLE_BRANCH_KERNEL)
+ if (br_type & PERF_SAMPLE_BRANCH_KERNEL) {
+ if (perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
+ return -EACCES;
mask |= X86_BR_KERNEL;
+ }
/* we ignore BRANCH_HV here */
@@ -339,6 +342,8 @@ static void intel_pmu_setup_sw_lbr_filte
* be used by fixup code for some CPU
*/
event->hw.branch_reg.reg = mask;
+
+ return 0;
}
/*
@@ -375,7 +380,7 @@ static int intel_pmu_setup_hw_lbr_filter
int intel_pmu_setup_lbr_filter(struct perf_event *event)
{
- int ret = 0;
+ int ret;
/*
* no LBR on this PMU
@@ -386,7 +391,9 @@ int intel_pmu_setup_lbr_filter(struct pe
/*
* setup SW LBR filter
*/
- intel_pmu_setup_sw_lbr_filter(event);
+ ret = intel_pmu_setup_sw_lbr_filter(event);
+ if (ret)
+ return ret;
/*
* setup HW LBR filter, if any
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists