lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <51E64F7C.4040307@intel.com>
Date:	Wed, 17 Jul 2013 11:02:04 +0300
From:	Adrian Hunter <adrian.hunter@...el.com>
To:	Jiri Olsa <jolsa@...hat.com>
CC:	Arnaldo Carvalho de Melo <acme@...stprotocols.net>,
	linux-kernel@...r.kernel.org, David Ahern <dsahern@...il.com>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Mike Galbraith <efault@....de>,
	Namhyung Kim <namhyung@...il.com>,
	Paul Mackerras <paulus@...ba.org>,
	Peter Zijlstra <peterz@...radead.org>,
	Stephane Eranian <eranian@...gle.com>,
	Ingo Molnar <mingo@...nel.org>
Subject: Re: [PATCH V6 06/12] perf tools: remove unnecessary callchain validation

On 16/07/13 15:05, Jiri Olsa wrote:
> On Tue, Jul 16, 2013 at 09:38:12AM +0300, Adrian Hunter wrote:
> 
> SNIP
> 
>>  	}
>>  }
>>  
>> -static int perf_session__preprocess_sample(struct perf_session *session,
>> -					   union perf_event *event, struct perf_sample *sample)
>> -{
>> -	if (event->header.type != PERF_RECORD_SAMPLE ||
>> -	    !sample->callchain)
>> -		return 0;
>> -
>> -	if (!ip_callchain__valid(sample->callchain, event)) {
>> -		pr_debug("call-chain problem with event, skipping it.\n");
>> -		++session->stats.nr_invalid_chains;
>> -		session->stats.total_invalid_chains += sample->period;
> 
> How about the '*invalid_chains' stats here? I dont see
> it incremented in the parsing routine.
> 
> Also the current behaviour is to increments stats for invalid
> callchains, but dont fail. With your changes we fail during the
> parsing.

It would fail during parsing sometimes anyway.  The code was:

	if (type & PERF_SAMPLE_CALLCHAIN) {
		if (sample_overlap(event, array, sizeof(data->callchain->nr)))
			return -EFAULT;

		data->callchain = (struct ip_callchain *)array;

		if (sample_overlap(event, array, data->callchain->nr))
			return -EFAULT;

		array += 1 + data->callchain->nr;
	}

But sample overlap did not handle size being effectively negative
i.e. 'offset + size' overflows

static bool sample_overlap(const union perf_event *event,
			   const void *offset, u64 size)
{
	const void *base = event;

	if (offset + size > base + event->header.size)
		return true;

	return false;
}


> 
> On the other hand.. maybe we should fail ;-) I think that
> invalid callchain data is serious enough to be overlooked
> by not seeing the nr_invalid_chains got incremented.
> 
> let's see other comments and then silently push it :-)
> 
> jirka
> 
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ