lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <YJP/wDx/cIKLkpLk@krava>
Date:   Thu, 6 May 2021 16:40:00 +0200
From:   Jiri Olsa <jolsa@...hat.com>
To:     Denys Zagorui <dzagorui@...co.com>
Cc:     linux-kernel@...r.kernel.org, peterz@...radead.org,
        mingo@...hat.com, acme@...nel.org, mark.rutland@....com,
        alexander.shishkin@...ux.intel.com, namhyung@...nel.org
Subject: Re: [PATCH v4 2/3] perf tests: avoid storing an absolute path in
 perf binary

On Fri, Apr 30, 2021 at 06:33:49AM -0700, Denys Zagorui wrote:
> python binding test uses PYTHONPATH definition to find python/perf.so
> library. This definition is an absolute path that makes perf binary
> unreproducible. This path can be found during runtime execution.
> 
> Signed-off-by: Denys Zagorui <dzagorui@...co.com>
> ---
>  tools/perf/tests/Build        |  2 +-
>  tools/perf/tests/python-use.c | 19 ++++++++++++++++++-
>  tools/perf/util/util.c        | 21 +++++++++++++++++++++
>  tools/perf/util/util.h        |  2 ++
>  4 files changed, 42 insertions(+), 2 deletions(-)
> 
> diff --git a/tools/perf/tests/Build b/tools/perf/tests/Build
> index 650aec19d490..a20098dcdbc4 100644
> --- a/tools/perf/tests/Build
> +++ b/tools/perf/tests/Build
> @@ -98,5 +98,5 @@ perf-$(CONFIG_DWARF_UNWIND) += dwarf-unwind.o
>  endif
>  
>  CFLAGS_attr.o         += -DBINDIR="BUILD_STR($(bindir_SQ))" -DPYTHON="BUILD_STR($(PYTHON_WORD))"
> -CFLAGS_python-use.o   += -DPYTHONPATH="BUILD_STR($(OUTPUT)python)" -DPYTHON="BUILD_STR($(PYTHON_WORD))"
> +CFLAGS_python-use.o   += -DPYTHON="BUILD_STR($(PYTHON_WORD))"
>  CFLAGS_dwarf-unwind.o += -fno-optimize-sibling-calls
> diff --git a/tools/perf/tests/python-use.c b/tools/perf/tests/python-use.c
> index 98c6d474aa6f..c7a0c9b5366f 100644
> --- a/tools/perf/tests/python-use.c
> +++ b/tools/perf/tests/python-use.c
> @@ -8,18 +8,35 @@
>  #include <linux/compiler.h>
>  #include "tests.h"
>  #include "util/debug.h"
> +#include "util/util.h"
> +#include <sys/stat.h>
>  
>  int test__python_use(struct test *test __maybe_unused, int subtest __maybe_unused)
>  {
>  	char *cmd;
>  	int ret;
> +	char *exec_path;
> +	char *pythonpath;
> +	struct stat sb;
> +
> +	exec_path = perf_exe_path();
> +	if (exec_path == NULL)
> +		return -1;

should we return TEST_SKIP in here?

> +
> +	if (asprintf(&pythonpath, "%spython", exec_path) < 0)
> +		return -1;

leaking exec_path

> +
> +	if (stat(pythonpath, &sb) || !S_ISDIR(sb.st_mode))
> +		pythonpath[0] = 0;
>  
>  	if (asprintf(&cmd, "echo \"import sys ; sys.path.append('%s'); import perf\" | %s %s",
> -		     PYTHONPATH, PYTHON, verbose > 0 ? "" : "2> /dev/null") < 0)
> +		     pythonpath, PYTHON, verbose > 0 ? "" : "2> /dev/null") < 0)
>  		return -1;

leaking exec_path and pythonpath

>  
>  	pr_debug("python usage test: \"%s\"\n", cmd);
>  	ret = system(cmd) ? -1 : 0;
>  	free(cmd);
> +	free(exec_path);
> +	free(pythonpath);
>  	return ret;
>  }
> diff --git a/tools/perf/util/util.c b/tools/perf/util/util.c
> index 3bba74e431ed..54e80452887c 100644
> --- a/tools/perf/util/util.c
> +++ b/tools/perf/util/util.c
> @@ -388,3 +388,24 @@ char *perf_exe(char *buf, int len)
>  	}
>  	return strcpy(buf, "perf");
>  }
> +
> +char *perf_exe_path(void)
> +{
> +	int i;
> +	char *buf;
> +
> +	buf = malloc(PATH_MAX);

need to check buf != NULL

> +	buf = perf_exe(buf, PATH_MAX);
> +
> +	for (i = strlen(buf) - 1; i != 0 && buf[i] != '/'; i--)
> +		;

could we call dirname for this?

thanks,
jirka

> +
> +	if (!i) {
> +		free(buf);
> +		return NULL;
> +	}
> +
> +	buf[i + 1] = 0;
> +
> +	return buf;
> +}
> diff --git a/tools/perf/util/util.h b/tools/perf/util/util.h
> index 80b194ee6c7d..4e871e890ef8 100644
> --- a/tools/perf/util/util.h
> +++ b/tools/perf/util/util.h
> @@ -49,6 +49,8 @@ void perf_set_singlethreaded(void);
>  void perf_set_multithreaded(void);
>  
>  char *perf_exe(char *buf, int len);
> +/* perf_exe_path return malloc'd string on success, caller must free it */
> +char *perf_exe_path(void);
>  
>  #ifndef O_CLOEXEC
>  #ifdef __sparc__
> -- 
> 2.26.2.Cisco
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ