oss-sec mailing list archives
Re: CVE Request: More perf security fixes
From: Peter Zijlstra <peterz () infradead org>
Date: Wed, 5 Jun 2013 14:15:59 +0200
On Wed, Jun 05, 2013 at 02:10:54PM +0200, Petr Matousek wrote:
Hello, Peter. On Tue, Jun 04, 2013 at 05:53:16PM +0200, Marcus Meissner wrote:1. Info leak (?) via PERF_SAMPLE_BRANCH_KERNEL https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7cc23cd6c0c7d7f4bee057607e7ce01568925717 commit 7cc23cd6c0c7d7f4bee057607e7ce01568925717 Author: Peter Zijlstra <a.p.zijlstra () chello nl> Date: Fri May 3 14:11:25 2013 +0200 perf/x86/intel/lbr: Demand proper privileges for PERF_SAMPLE_BRANCH_KERNEL We should always have proper privileges when requesting kernel data. Signed-off-by: Peter Zijlstra <a.p.zijlstra () chello nl> Cc: <stable () kernel org> Cc: Andi Kleen <ak () linux intel com> Cc: eranian () google com Link: http://lkml.kernel.org/r/20130503121256.230745028 () chello nl [ Fix build error reported by fengguang.wu () intel com, propagate error code back. ] Signed-off-by: Ingo Molnar <mingo () kernel org> Link: http://lkml.kernel.org/n/tip-v0x9ky3ahzr6nm3c6ilwrili () git kernel orgThere is similar check in perf_copy_attr() which is called from perf_event_open syscall -- /* kernel level capture: check permissions */ if ((mask & PERF_SAMPLE_BRANCH_PERM_PLM) && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN)) return -EACCES; It seems to me that it covers PERF_SAMPLE_BRANCH_KERNEL as well. Am I missing something?
I overlooked it, also its slightly broken. See the discussion at: https://lkml.org/lkml/2013/5/21/166
Current thread:
- CVE Request: More perf security fixes Marcus Meissner (Jun 04)
- Re: CVE Request: More perf security fixes Andi Kleen (Jun 04)
- Re: CVE Request: More perf security fixes Peter Zijlstra (Jun 05)
- Re: Re: CVE Request: More perf security fixes Petr Matousek (Jun 05)
- Re: CVE Request: More perf security fixes Andi Kleen (Jun 05)
- Re: Re: CVE Request: More perf security fixes Petr Matousek (Jun 05)
- Re: CVE Request: More perf security fixes Peter Zijlstra (Jun 05)
- Re: CVE Request: More perf security fixes Petr Matousek (Jun 05)
- Re: CVE Request: More perf security fixes Peter Zijlstra (Jun 05)
- Re: CVE Request: More perf security fixes Petr Matousek (Jun 05)
- Re: CVE Request: More perf security fixes Peter Zijlstra (Jun 05)
- Re: CVE Request: More perf security fixes Petr Matousek (Jun 05)
- Re: CVE Request: More perf security fixes Stephane Eranian (Jun 05)
- Re: CVE Request: More perf security fixes Petr Matousek (Jun 05)
- Re: CVE Request: More perf security fixes Stephane Eranian (Jun 06)
- Re: CVE Request: More perf security fixes Petr Matousek (Jun 06)
- Re: CVE Request: More perf security fixes Stephane Eranian (Jun 06)
- Re: CVE Request: More perf security fixes Peter Zijlstra (Jun 05)
- Re: CVE Request: More perf security fixes Andi Kleen (Jun 04)
- Re: CVE Request: More perf security fixes Stephane Eranian (Jun 05)
- Re: CVE Request: More perf security fixes Petr Matousek (Jun 05)