diff options
| author | Peter Zijlstra <peterz@infradead.org> | 2016-04-26 11:36:53 +0200 |
|---|---|---|
| committer | Ingo Molnar <mingo@kernel.org> | 2016-04-28 10:32:41 +0200 |
| commit | 79c9ce57eb2d5f1497546a3946b4ae21b6fdc438 (patch) | |
| tree | cdbdbbf5fb4887df3623feeb1b7d4f29e4b49d31 /arch/x86 | |
| parent | 0a25556f84d5f79e68e9502bb1f32a43377ab2bf (diff) | |
perf/core: Fix perf_event_open() vs. execve() race
Jann reported that the ptrace_may_access() check in
find_lively_task_by_vpid() is racy against exec().
Specifically:
perf_event_open() execve()
ptrace_may_access()
commit_creds()
... if (get_dumpable() != SUID_DUMP_USER)
perf_event_exit_task();
perf_install_in_context()
would result in installing a counter across the creds boundary.
Fix this by wrapping lots of perf_event_open() in cred_guard_mutex.
This should be fine as perf_event_exit_task() is already called with
cred_guard_mutex held, so all perf locks already nest inside it.
Reported-by: Jann Horn <jannh@google.com>
Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Diffstat (limited to 'arch/x86')
0 files changed, 0 insertions, 0 deletions