| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 12 Dec 2021 21:47:21 +0800
From: Leo Yan <leo.yan@...aro.org>
To: Arnaldo Carvalho de Melo <acme@...nel.org>,
Jiri Olsa <jolsa@...hat.com>,
Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...hat.com>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Namhyung Kim <namhyung@...nel.org>,
Alexei Starovoitov <ast@...nel.org>,
Daniel Borkmann <daniel@...earbox.net>,
Andrii Nakryiko <andrii@...nel.org>,
Martin KaFai Lau <kafai@...com>,
Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>,
John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>,
Jin Yao <yao.jin@...ux.intel.com>,
John Garry <john.garry@...wei.com>,
Yonatan Goldschmidt <yonatan.goldschmidt@...nulate.io>,
linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org,
netdev@...r.kernel.org, bpf@...r.kernel.org
Cc: Leo Yan <leo.yan@...aro.org>
Subject: [PATCH v1 2/2] perf evlist: Don't run perf in non-root PID namespace when launch workload
In function evlist__prepare_workload(), after perf forks a child process
and launches a workload in the created process, it needs to retrieve
process and namespace related info via '/proc/$PID/' node.
The process folders under 'proc' file system use the PID number from the
root PID namespace, when perf tool runs in non-root PID namespace and
creates new process for profiled program, this leads to the perf tool
wrongly gather process info since it uses PID from non-root namespace to
access nodes under '/proc'.
Let's see an example:
unshare --fork --pid perf record -e cs_etm//u -a -- test_program
This command runs perf tool and the profiled program 'test_program' in
the non-root PID namespace. When perf tool launches 'test_program',
e.g. the forked PID number is 2, perf tool retrieves process info for
'test_program' from the folder '/proc/2'. But '/proc/2' is actually for
a kernel thread so perf tool wrongly gather info for 'test_program'.
To fix this issue, we don't allow perf tool runs in non-root PID
namespace when it launches workload and reports error in this
case. This can notify users to run the perf tool in root PID namespace
to gather correct info for profiled program.
Signed-off-by: Leo Yan <leo.yan@...aro.org>
---
tools/perf/util/evlist.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/tools/perf/util/evlist.c b/tools/perf/util/evlist.c
index 5f92319ce258..bdf79a97db66 100644
--- a/tools/perf/util/evlist.c
+++ b/tools/perf/util/evlist.c
@@ -11,6 +11,7 @@
#include <poll.h>
#include "cpumap.h"
#include "util/mmap.h"
+#include "util/namespaces.h"
#include "thread_map.h"
#include "target.h"
#include "evlist.h"
@@ -1364,6 +1365,12 @@ int evlist__prepare_workload(struct evlist *evlist, struct target *target, const
int child_ready_pipe[2], go_pipe[2];
char bf;
+ if (!nsinfo__is_in_root_namespace()) {
+ pr_err("Perf runs in non-root PID namespace; please run perf tool ");
+ pr_err("in the root PID namespace for gathering process info.\n");
+ return -EPERM;
+ }
+
if (pipe(child_ready_pipe) < 0) {
perror("failed to create 'ready' pipe");
return -1;
--
2.25.1
Powered by blists - more mailing lists