lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20140708065901.GA12661@krava.redhat.com>
Date:	Tue, 8 Jul 2014 08:59:01 +0200
From:	Jiri Olsa <jolsa@...hat.com>
To:	Peter Zijlstra <peterz@...radead.org>
Cc:	Alexander Yarygin <yarygin@...ux.vnet.ibm.com>,
	Arnaldo Carvalho de Melo <acme@...nel.com>,
	Paul Mackerras <paulus@...ba.org>,
	Ingo Molnar <mingo@...nel.org>,
	Christian Borntraeger <borntraeger@...ibm.com>,
	linux-kernel@...r.kernel.org
Subject: Re: [BUG] perf stat: events inheritance can break task targets

On Mon, Jul 07, 2014 at 09:46:35PM +0200, Peter Zijlstra wrote:
> On Mon, Jul 07, 2014 at 07:00:40PM +0200, Jiri Olsa wrote:
> > diff --git a/kernel/trace/trace_event_perf.c b/kernel/trace/trace_event_perf.c
> > index 5d12bb4..b44184b 100644
> > --- a/kernel/trace/trace_event_perf.c
> > +++ b/kernel/trace/trace_event_perf.c
> > @@ -24,6 +24,9 @@ static int	total_ref_count;
> >  static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
> >  				 struct perf_event *p_event)
> >  {
> > +	struct task_struct owner = p_event->parent ? p_event->parent->owner :
> > +						     p_event->owner;
> > +
> >  	if (tp_event->perf_perm) {
> >  		int ret = tp_event->perf_perm(tp_event, p_event);
> >  		if (ret)
> > @@ -32,7 +35,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
> >  
> >  	/* The ftrace function trace is allowed only for root. */
> >  	if (ftrace_event_is_function(tp_event)) {
> > -		if (perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
> > +		if (perf_paranoid_tracepoint_raw() && !has_capability(owner, CAP_SYS_ADMIN))
> >  			return -EPERM;
> >  
> >  		/*
> > @@ -65,7 +68,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
> >  	 * ...otherwise raw tracepoint data can be a severe data leak,
> >  	 * only allow root to have these.
> >  	 */
> > -	if (perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
> > +	if (perf_paranoid_tracepoint_raw() && !has_capability(owner, CAP_SYS_ADMIN))
> >  		return -EPERM;
> >  
> >  	return 0;
> 
> You need to either hold rcu_read_lock() or otherwise ensure the owner is
> still valid.

ok, I'll resend

thanks,
jirka
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ