| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 3 Jun 2022 15:05:15 +0000
From: Joel Fernandes <joel@...lfernandes.org>
To: Namhyung Kim <namhyung@...nel.org>
Cc: Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...nel.org>,
Arnaldo Carvalho de Melo <acme@...nel.org>,
Jiri Olsa <jolsa@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
LKML <linux-kernel@...r.kernel.org>,
Stephane Eranian <eranian@...gle.com>,
Andi Kleen <ak@...ux.intel.com>,
Ian Rogers <irogers@...gle.com>,
James Morris <jmorris@...ei.org>
Subject: Re: [PATCH] perf/core: Call LSM hook after copying perf_event_attr
On Thu, Jun 02, 2022 at 03:47:54PM -0700, Namhyung Kim wrote:
> It passes the attr struct to the security_perf_event_open() but it's
> not initialized yet.
>
> Fixes: da97e18458fb ("perf_event: Add support for LSM and SELinux checks")
> Cc: Joel Fernandes (Google) <joel@...lfernandes.org>
> Signed-off-by: Namhyung Kim <namhyung@...nel.org>
> ---
> kernel/events/core.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/kernel/events/core.c b/kernel/events/core.c
> index 7858bafffa9d..e035545f624f 100644
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -12033,12 +12033,12 @@ SYSCALL_DEFINE5(perf_event_open,
> if (flags & ~PERF_FLAG_ALL)
> return -EINVAL;
>
> - /* Do we allow access to perf_event_open(2) ? */
> - err = security_perf_event_open(&attr, PERF_SECURITY_OPEN);
> + err = perf_copy_attr(attr_uptr, &attr);
> if (err)
> return err;
>
> - err = perf_copy_attr(attr_uptr, &attr);
> + /* Do we allow access to perf_event_open(2) ? */
> + err = security_perf_event_open(&attr, PERF_SECURITY_OPEN);
Reviewed-by: Joel Fernandes (Google) <joel@...lfernandes.org>
thanks,
- Joel
> if (err)
> return err;
>
> --
> 2.36.1.255.ge46751e96f-goog
>
Powered by blists - more mailing lists