| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <558CEFA5.4040502@linux.vnet.ibm.com>
Date: Fri, 26 Jun 2015 14:22:29 +0800
From: Li Zhang <zhlcindy@...ux.vnet.ibm.com>
To: Li Zhang <zhlcindy@...ux.vnet.ibm.com>
CC: acme@...nel.org, mingo@...hat.com, sukadev@...ux.vnet.ibm.com,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH v3 1/1] perf tools: Check access permission when reading
symbol files
ping ?
On 2015年06月19日 16:57, Li Zhang wrote:
> There 2 problems when reading symbols files:
>
> * It doesn't report any errors even if when users specify symbol
> files which don't exist with --kallsyms or --vmlinux. The result
> just shows the address without symbols, which is not what is expected.
> So it's better to report errors and exit the program.
>
> * When using command perf report --kallsyms=/proc/kallsyms with a
> non-root user, symbols are resolved. Then select one symbol and
> annotate it, it reports the error as the following:
> Can't annotate __clear_user: No vmlinux file with build id xxx was
> found.
>
> The problem is caused by reading /proc/kcore without access permission.
> /proc/kcore requires CAP_SYS_RAWIO capability to access, so it needs to
> change access permission to allow a specific user to read /proc/kcore or
> use root to execute the perf command.
>
> This patch is to report errors when symbol files specified by users
> don't exist. And check access permission of /proc/kcore when reading it.
>
> Signed-off-by: Li Zhang <zhlcindy@...ux.vnet.ibm.com>
> ---
>
> v3 -> v2:
> * Add checking symbol files when user specify these files.
> * Report an error to users when open fails. Suggested by Sukar
>
> v2 -> v1:
> * Report one useful message to users about the access permision,
> then go back to the tools. Suggested by Arnaldo Carvalho de Melo.
>
> tools/perf/builtin-report.c | 11 +++++++++++
> tools/perf/util/symbol.c | 5 ++++-
> 2 files changed, 15 insertions(+), 1 deletion(-)
>
> diff --git a/tools/perf/builtin-report.c b/tools/perf/builtin-report.c
> index 476cdf7..1c353b1 100644
> --- a/tools/perf/builtin-report.c
> +++ b/tools/perf/builtin-report.c
> @@ -731,6 +731,17 @@ int cmd_report(int argc, const char **argv, const char *prefix __maybe_unused)
>
> argc = parse_options(argc, argv, options, report_usage, 0);
>
> + if (symbol_conf.vmlinux_name &&
> + access(symbol_conf.vmlinux_name, R_OK)) {
> + pr_err("Invalid file: %s\n", symbol_conf.vmlinux_name);
> + return -EINVAL;
> + }
> + if (symbol_conf.kallsyms_name &&
> + access(symbol_conf.kallsyms_name, R_OK)) {
> + pr_err("Invalid file: %s\n", symbol_conf.kallsyms_name);
> + return -EINVAL;
> + }
> +
> if (report.use_stdio)
> use_browser = 0;
> else if (report.use_tui)
> diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c
> index 201f6c4c..46aa93d 100644
> --- a/tools/perf/util/symbol.c
> +++ b/tools/perf/util/symbol.c
> @@ -1126,8 +1126,11 @@ static int dso__load_kcore(struct dso *dso, struct map *map,
> INIT_LIST_HEAD(&md.maps);
>
> fd = open(kcore_filename, O_RDONLY);
> - if (fd < 0)
> + if (fd < 0) {
> + pr_err("%s requires CAP_SYS_RAWIO capability to access.\n",
> + kcore_filename);
> return -EINVAL;
> + }
>
> /* Read new maps into temporary lists */
> err = file__read_maps(fd, md.type == MAP__FUNCTION, kcore_mapfn, &md,
--
Li Zhang
IBM China Linux Technology Centre
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists