lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20130830160602.GC10875@somewhere>
Date:	Fri, 30 Aug 2013 18:06:04 +0200
From:	Frederic Weisbecker <fweisbec@...il.com>
To:	Peter Zijlstra <peterz@...radead.org>
Cc:	Steven Rostedt <rostedt@...dmis.org>,
	Dave Jones <davej@...hat.com>, paulmck@...ux.vnet.ibm.com,
	Linux Kernel <linux-kernel@...r.kernel.org>,
	Ingo Molnar <mingo@...nel.org>, Jiri Olsa <jolsa@...hat.com>
Subject: Re: suspicious RCU usage (perf)

On Fri, Aug 30, 2013 at 05:59:36PM +0200, Peter Zijlstra wrote:
> On Fri, Aug 30, 2013 at 05:52:43PM +0200, Frederic Weisbecker wrote:
> > On Tue, Aug 27, 2013 at 02:16:29PM +0200, Peter Zijlstra wrote:
> > > On Mon, Aug 26, 2013 at 03:03:04PM -0400, Steven Rostedt wrote:
> > > > > Is there some path through sys_perf_open_event that might be
> > > > > missing a capability check perhaps ?
> > > > > 
> > > > 
> > > > That's a question for Ingo, Peter or Jiri.
> > > 
> > > Its not something I've looked at recently, git blames Jiri and fweisbec
> > > for most of that code.
> > > 
> > > Permission checks appear to live in
> > > kernel/trace/trace_event_perf.c:perf_trace_event_perm().
> > 
> > Actually the following condition is weird:
> > 
> > 	 /* The ftrace function trace is allowed only for root. */
> > 	 if (ftrace_event_is_function(tp_event) &&
> > 	     perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> >      			    return -EPERM;
> > 
> 
> That says: If its its a function-event and we're paranoid but we don't
> have root, bail.

Right, I misunderstood and thought we messed up general tracepoint permissions
with function events.

> 
> > We probably intended to do:
> > 
> >    /* The ftrace function trace is allowed only for root. */
> >    if (ftrace_event_is_function(tp_event) ||
> >        perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> >        			      return -EPERM;
> > 
> > Can somebody confirm?
> 
> That would always disallow function-events, no?

Yeah, sorry, returning from holidays require more dense coffee.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ