lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 18 Jul 2016 14:23:50 +0300
From:	Alexander Shishkin <alexander.shishkin@...ux.intel.com>
To:	Mathieu Poirier <mathieu.poirier@...aro.org>
Cc:	peterz@...radead.org, mingo@...hat.com,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC 2/3] perf/core: update filter only on executable mmap

Mathieu Poirier <mathieu.poirier@...aro.org> writes:

> Function perf_event_mmap() is called by the MM subsystem each time
> part of a binary is loaded in memory.  There can be several mapping
> for a binary, many times unrelated to the code section.
>
> Each time a section of a binary is mapped address filters are
> updated, event when the map doesn't pertain to the code section.
> The end result is that filters are configured based on the last map
> event that was received rather than the last mapping of the code
> segment.

Good catch! I'd like to fix it in 4.7-stable as well; I think it's too
late for 4.7 already.

> Signed-off-by: Mathieu Poirier <mathieu.poirier@...aro.org>
> ---
>  kernel/events/core.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/kernel/events/core.c b/kernel/events/core.c
> index df21611585d7..b9aa8f0ff070 100644
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -6604,7 +6604,8 @@ void perf_event_mmap(struct vm_area_struct *vma)
>  		/* .flags (attr_mmap2 only) */
>  	};
>  
> -	perf_addr_filters_adjust(vma);
> +	if ((vma->vm_flags & VM_EXEC) && (vma->vm_pgoff == 0))
> +		perf_addr_filters_adjust(vma);

You shouldn't need the vm_pgoff check; the range comparison logic in
__perf_addr_filters_adjust() should already take it into account.

Also, I'd put the check to perf_addr_filters_adjust() instead, with a
comment that we don't do data-based filters yet or something along those
lines.

Thanks,
--
Alex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ