lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <BY5PR11MB4024A423BC46263285CC19B4D9579@BY5PR11MB4024.namprd11.prod.outlook.com>
Date:   Fri, 7 May 2021 11:25:51 +0000
From:   "Denys Zagorui -X (dzagorui - GLOBALLOGIC INC at Cisco)" 
        <dzagorui@...co.com>
To:     Jiri Olsa <jolsa@...hat.com>
CC:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "peterz@...radead.org" <peterz@...radead.org>,
        "mingo@...hat.com" <mingo@...hat.com>,
        "acme@...nel.org" <acme@...nel.org>,
        "mark.rutland@....com" <mark.rutland@....com>,
        "alexander.shishkin@...ux.intel.com" 
        <alexander.shishkin@...ux.intel.com>,
        "namhyung@...nel.org" <namhyung@...nel.org>
Subject: Re: [PATCH v4 2/3] perf tests: avoid storing an absolute path in perf
 binary

>>  int test__python_use(struct test *test __maybe_unused, int subtest __maybe_unused)
>>  {
>>        char *cmd;
>>        int ret;
>> +     char *exec_path;
>> +     char *pythonpath;
>> +     struct stat sb;
>> +
>> +     exec_path = perf_exe_path();
>> +     if (exec_path == NULL)
>> +             return -1;
>
> should we return TEST_SKIP in here?

I'm not sure how it differs from a case where asprintf returns -1

>> +     buf = perf_exe(buf, PATH_MAX);
>> +
>> +     for (i = strlen(buf) - 1; i != 0 && buf[i] != '/'; i--)
>> +             ;
>
> could we call dirname for this?

Yes

Thanks,
Denys

________________________________________
From: Jiri Olsa <jolsa@...hat.com>
Sent: 06 May 2021 17:40
To: Denys Zagorui -X (dzagorui - GLOBALLOGIC INC at Cisco)
Cc: linux-kernel@...r.kernel.org; peterz@...radead.org; mingo@...hat.com; acme@...nel.org; mark.rutland@....com; alexander.shishkin@...ux.intel.com; namhyung@...nel.org
Subject: Re: [PATCH v4 2/3] perf tests: avoid storing an absolute path in perf binary

On Fri, Apr 30, 2021 at 06:33:49AM -0700, Denys Zagorui wrote:
> python binding test uses PYTHONPATH definition to find python/perf.so
> library. This definition is an absolute path that makes perf binary
> unreproducible. This path can be found during runtime execution.
>
> Signed-off-by: Denys Zagorui <dzagorui@...co.com>
> ---
>  tools/perf/tests/Build        |  2 +-
>  tools/perf/tests/python-use.c | 19 ++++++++++++++++++-
>  tools/perf/util/util.c        | 21 +++++++++++++++++++++
>  tools/perf/util/util.h        |  2 ++
>  4 files changed, 42 insertions(+), 2 deletions(-)
>
> diff --git a/tools/perf/tests/Build b/tools/perf/tests/Build
> index 650aec19d490..a20098dcdbc4 100644
> --- a/tools/perf/tests/Build
> +++ b/tools/perf/tests/Build
> @@ -98,5 +98,5 @@ perf-$(CONFIG_DWARF_UNWIND) += dwarf-unwind.o
>  endif
>
>  CFLAGS_attr.o         += -DBINDIR="BUILD_STR($(bindir_SQ))" -DPYTHON="BUILD_STR($(PYTHON_WORD))"
> -CFLAGS_python-use.o   += -DPYTHONPATH="BUILD_STR($(OUTPUT)python)" -DPYTHON="BUILD_STR($(PYTHON_WORD))"
> +CFLAGS_python-use.o   += -DPYTHON="BUILD_STR($(PYTHON_WORD))"
>  CFLAGS_dwarf-unwind.o += -fno-optimize-sibling-calls
> diff --git a/tools/perf/tests/python-use.c b/tools/perf/tests/python-use.c
> index 98c6d474aa6f..c7a0c9b5366f 100644
> --- a/tools/perf/tests/python-use.c
> +++ b/tools/perf/tests/python-use.c
> @@ -8,18 +8,35 @@
>  #include <linux/compiler.h>
>  #include "tests.h"
>  #include "util/debug.h"
> +#include "util/util.h"
> +#include <sys/stat.h>
>
>  int test__python_use(struct test *test __maybe_unused, int subtest __maybe_unused)
>  {
>       char *cmd;
>       int ret;
> +     char *exec_path;
> +     char *pythonpath;
> +     struct stat sb;
> +
> +     exec_path = perf_exe_path();
> +     if (exec_path == NULL)
> +             return -1;

should we return TEST_SKIP in here?

> +
> +     if (asprintf(&pythonpath, "%spython", exec_path) < 0)
> +             return -1;

leaking exec_path

> +
> +     if (stat(pythonpath, &sb) || !S_ISDIR(sb.st_mode))
> +             pythonpath[0] = 0;
>
>       if (asprintf(&cmd, "echo \"import sys ; sys.path.append('%s'); import perf\" | %s %s",
> -                  PYTHONPATH, PYTHON, verbose > 0 ? "" : "2> /dev/null") < 0)
> +                  pythonpath, PYTHON, verbose > 0 ? "" : "2> /dev/null") < 0)
>               return -1;

leaking exec_path and pythonpath

>
>       pr_debug("python usage test: \"%s\"\n", cmd);
>       ret = system(cmd) ? -1 : 0;
>       free(cmd);
> +     free(exec_path);
> +     free(pythonpath);
>       return ret;
>  }
> diff --git a/tools/perf/util/util.c b/tools/perf/util/util.c
> index 3bba74e431ed..54e80452887c 100644
> --- a/tools/perf/util/util.c
> +++ b/tools/perf/util/util.c
> @@ -388,3 +388,24 @@ char *perf_exe(char *buf, int len)
>       }
>       return strcpy(buf, "perf");
>  }
> +
> +char *perf_exe_path(void)
> +{
> +     int i;
> +     char *buf;
> +
> +     buf = malloc(PATH_MAX);

need to check buf != NULL

> +     buf = perf_exe(buf, PATH_MAX);
> +
> +     for (i = strlen(buf) - 1; i != 0 && buf[i] != '/'; i--)
> +             ;

could we call dirname for this?

thanks,
jirka

> +
> +     if (!i) {
> +             free(buf);
> +             return NULL;
> +     }
> +
> +     buf[i + 1] = 0;
> +
> +     return buf;
> +}
> diff --git a/tools/perf/util/util.h b/tools/perf/util/util.h
> index 80b194ee6c7d..4e871e890ef8 100644
> --- a/tools/perf/util/util.h
> +++ b/tools/perf/util/util.h
> @@ -49,6 +49,8 @@ void perf_set_singlethreaded(void);
>  void perf_set_multithreaded(void);
>
>  char *perf_exe(char *buf, int len);
> +/* perf_exe_path return malloc'd string on success, caller must free it */
> +char *perf_exe_path(void);
>
>  #ifndef O_CLOEXEC
>  #ifdef __sparc__
> --
> 2.26.2.Cisco
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ