| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 30 Jun 2017 10:44:17 -0700
From: Kyle Huey <me@...ehuey.com>
To: Mark Rutland <mark.rutland@....com>
Cc: Vince Weaver <vincent.weaver@...ne.edu>,
"Jin, Yao" <yao.jin@...ux.intel.com>,
Ingo Molnar <mingo@...nel.org>,
"Peter Zijlstra (Intel)" <peterz@...radead.org>,
stable@...r.kernel.org,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Arnaldo Carvalho de Melo <acme@...hat.com>,
Jiri Olsa <jolsa@...hat.com>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Namhyung Kim <namhyung@...nel.org>,
Stephane Eranian <eranian@...gle.com>,
Thomas Gleixner <tglx@...utronix.de>, acme@...nel.org,
jolsa@...nel.org, kan.liang@...el.com,
Will Deacon <will.deacon@....com>, gregkh@...uxfoundation.org,
"Robert O'Callahan" <robert@...llahan.org>,
open list <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] perf/core: generate overflow signal when samples are
dropped (WAS: Re: [REGRESSION] perf/core: PMU interrupts dropped if we
entered the kernel in the "skid" region)
On Wed, Jun 28, 2017 at 3:55 PM, Kyle Huey <me@...ehuey.com> wrote:
> On Wed, Jun 28, 2017 at 10:49 AM, Mark Rutland <mark.rutland@....com> wrote:
>> On Wed, Jun 28, 2017 at 09:48:27AM -0700, Kyle Huey wrote:
>>> On Wed, Jun 28, 2017 at 3:56 AM, Mark Rutland <mark.rutland@....com> wrote:
>>> > @@ -6101,6 +6116,12 @@ void perf_prepare_sample(struct perf_event_header *header,
>>> > struct perf_output_handle handle;
>>> > struct perf_event_header header;
>>> >
>>> > + /*
>>> > + * For security, drop the skid kernel samples if necessary.
>>> > + */
>>> > + if (!sample_is_allowed(event, regs))
>>> > + return ret;
>>>
>>> Just a bare return here.
>>
>> Ugh, yes. Sorry about that. I'll fix that up.
>>
>> [...]
>>
>>> I can confirm that with that fixed to compile, this patch fixes rr.
>>
>> Thanks for giving this a go.
>>
>> Having thought about this some more, I think Vince does make a good
>> point that throwing away samples is liable to break stuff, e.g. that
>> which only relies on (non-sensitive) samples.
>>
>> It still seems wrong to make up data, though.
>>
>> Maybe for exclude_kernel && !exclude_user events we can always generate
>> samples from the user regs, rather than the exception regs. That's going
>> to be closer to what the user wants, regardless. I'll take a look
>> tomorrow.
>
> I'm not very familiar with the kernel internals, but the reason I
> didn't suggest this originally is it seems like it will be difficult
> to determine what the "correct" userspace registers are. For example,
> what happens if a performance counter is fixed to a given tid, the
> interrupt fires during a context switch from that task to another that
> is not being monitored, and the kernel is far enough along in the
> context switch that the current task struct has been switched out?
> Reporting the new task's registers seems as bad as reporting the
> kernel's registers. But maybe this is easier than I imagine for
> whatever reason.
>
> Something to think about.
>
> - Kyle
We've noticed that the regressing changeset made it into stable
branches that distros are shipping now[0], and we're starting to
receive bug reports from our users. We would really like to get this
patch or something similar into 4.12 and the next stable releases if
at all possible.
Thanks!
- Kyle
[0] Full list in https://mail.mozilla.org/pipermail/rr-dev/2017-June/000500.html
Powered by blists - more mailing lists