| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200806153205.GA1448395@tassilo.jf.intel.com>
Date: Thu, 6 Aug 2020 08:32:05 -0700
From: Andi Kleen <ak@...ux.intel.com>
To: peterz@...radead.org
Cc: Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Arnaldo Carvalho de Melo <acme@...hat.com>,
Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org,
Jiri Olsa <jolsa@...nel.org>, alexey.budankov@...ux.intel.com,
adrian.hunter@...el.com
Subject: Re: [PATCH 1/2] perf: Add closing sibling events' file descriptors
> > This adds an opt-in flag to the perf_event_open() syscall to retain
> > sibling events after their file descriptors are closed. In this case, the
> > actual events will be closed with the group leader.
>
> So having the 1:1 relation with filedesc imposes a resource limit on
> userspace.
>
> This patch breaks that and enables a user to basically DoS the system by
> creating unbound events.
The idea was to account the events in the locked memory allocation too.
Not sure that made it into the patch though.
It has a minor issue that it might break some existing setups that rely
on the mmap fitting exactly into the mmap allocation, but that could
be solved by allowing a little slack, since the existing setups
likely don't have that many events.
There's also a secondary issue of DoS the kernel by creating very long
lists to iterate, but I suppose this is already quite possible, so probably
not a new issue.
-Andi
Powered by blists - more mailing lists