lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 24 Sep 2022 19:33:46 +0800 From: Leo Yan <leo.yan@...aro.org> To: Arnaldo Carvalho de Melo <acme@...nel.org>, Namhyung Kim <namhyung@...nel.org>, Ingo Molnar <mingo@...hat.com>, Mark Rutland <mark.rutland@....com>, Alexander Shishkin <alexander.shishkin@...ux.intel.com>, Jiri Olsa <jolsa@...nel.org>, Adrian Hunter <adrian.hunter@...el.com>, linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org Cc: Leo Yan <leo.yan@...aro.org> Subject: [PATCH] perf record: Fix segmentation fault in record__read_lost_samples() Commit a49aa8a54e86 ("perf record: Read and inject LOST_SAMPLES events") causes segmentation fault when run the "perf mem record" command in unprivileged mode, the output log is: $ ./perf mem record --all-user -o perf_test.data -- ./test_program Error: Access to performance monitoring and observability operations is limited. Consider adjusting /proc/sys/kernel/perf_event_paranoid setting to open access to performance monitoring and observability operations for processes without CAP_PERFMON, CAP_SYS_PTRACE or CAP_SYS_ADMIN Linux capability. More information can be found at 'Perf events and tool security' document: https://www.kernel.org/doc/html/latest/admin-guide/perf-security.html perf_event_paranoid setting is 4: -1: Allow use of (almost) all events by all users Ignore mlock limit after perf_event_mlock_kb without CAP_IPC_LOCK >= 0: Disallow raw and ftrace function tracepoint access >= 1: Disallow CPU event access >= 2: Disallow kernel profiling To make the adjusted perf_event_paranoid setting permanent preserve it in /etc/sysctl.conf (e.g. kernel.perf_event_paranoid = <setting>) perf: Segmentation fault Obtained 16 stack frames. ./perf(dump_stack+0x31) [0x55b7aa1e8070] ./perf(sighandler_dump_stack+0x36) [0x55b7aa1e815e] ./perf(+0xc9120) [0x55b7aa0a9120] /lib/x86_64-linux-gnu/libc.so.6(+0x4251f) [0x7fd03ef8151f] ./perf(+0xccaca) [0x55b7aa0acaca] ./perf(+0xcf4ab) [0x55b7aa0af4ab] ./perf(cmd_record+0xd50) [0x55b7aa0b28df] ./perf(+0x112f77) [0x55b7aa0f2f77] ./perf(cmd_mem+0x53b) [0x55b7aa0f406c] ./perf(+0x19979c) [0x55b7aa17979c] ./perf(+0x199a37) [0x55b7aa179a37] ./perf(+0x199b95) [0x55b7aa179b95] ./perf(main+0x2c7) [0x55b7aa179fbd] /lib/x86_64-linux-gnu/libc.so.6(+0x29d8f) [0x7fd03ef68d8f] /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x7f) [0x7fd03ef68e3f] ./perf(_start+0x24) [0x55b7aa089974] Segmentation fault (core dumped) In the unprivileged mode perf fails to open PMU event, the function record__open() returns error and "session->evlist" is NULL; this leads to segmentation fault when iterates "session->evlist" in the function record__read_lost_samples(). This patch checks "session->evlist" in record__read_lost_samples(), if "session->evlist" is NULL then the function directly bails out to avoid segmentation fault. Fixes: a49aa8a54e86 ("perf record: Read and inject LOST_SAMPLES events") Signed-off-by: Leo Yan <leo.yan@...aro.org> --- tools/perf/builtin-record.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tools/perf/builtin-record.c b/tools/perf/builtin-record.c index 02e38f50a138..012b46dd4999 100644 --- a/tools/perf/builtin-record.c +++ b/tools/perf/builtin-record.c @@ -1888,6 +1888,10 @@ static void record__read_lost_samples(struct record *rec) struct perf_record_lost_samples *lost; struct evsel *evsel; + /* No any event is opened, directly bail out */ + if (!session->evlist) + return; + lost = zalloc(PERF_SAMPLE_MAX_SIZE); if (lost == NULL) { pr_debug("Memory allocation failed\n"); -- 2.34.1
Powered by blists - more mailing lists