lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 7 Jul 2014 21:46:35 +0200
From:	Peter Zijlstra <peterz@...radead.org>
To:	Jiri Olsa <jolsa@...hat.com>
Cc:	Alexander Yarygin <yarygin@...ux.vnet.ibm.com>,
	Arnaldo Carvalho de Melo <acme@...nel.com>,
	Paul Mackerras <paulus@...ba.org>,
	Ingo Molnar <mingo@...nel.org>,
	Christian Borntraeger <borntraeger@...ibm.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [BUG] perf stat: events inheritance can break task targets

On Mon, Jul 07, 2014 at 07:00:40PM +0200, Jiri Olsa wrote:
> diff --git a/kernel/trace/trace_event_perf.c b/kernel/trace/trace_event_perf.c
> index 5d12bb4..b44184b 100644
> --- a/kernel/trace/trace_event_perf.c
> +++ b/kernel/trace/trace_event_perf.c
> @@ -24,6 +24,9 @@ static int	total_ref_count;
>  static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
>  				 struct perf_event *p_event)
>  {
> +	struct task_struct owner = p_event->parent ? p_event->parent->owner :
> +						     p_event->owner;
> +
>  	if (tp_event->perf_perm) {
>  		int ret = tp_event->perf_perm(tp_event, p_event);
>  		if (ret)
> @@ -32,7 +35,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
>  
>  	/* The ftrace function trace is allowed only for root. */
>  	if (ftrace_event_is_function(tp_event)) {
> -		if (perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
> +		if (perf_paranoid_tracepoint_raw() && !has_capability(owner, CAP_SYS_ADMIN))
>  			return -EPERM;
>  
>  		/*
> @@ -65,7 +68,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
>  	 * ...otherwise raw tracepoint data can be a severe data leak,
>  	 * only allow root to have these.
>  	 */
> -	if (perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
> +	if (perf_paranoid_tracepoint_raw() && !has_capability(owner, CAP_SYS_ADMIN))
>  		return -EPERM;
>  
>  	return 0;

You need to either hold rcu_read_lock() or otherwise ensure the owner is
still valid.

Content of type "application/pgp-signature" skipped

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ