Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp1165671ybl;
        Wed, 14 Aug 2019 11:50:28 -0700 (PDT)
X-Google-Smtp-Source: APXvYqzsp1MDBeoomzE1anErPyIqVc66ygNQvGH+SDXpPMtaz1E6GUMyNXNjfCO6W4v+Rd6G8Na7
X-Received: by 2002:a63:6fcf:: with SMTP id k198mr509998pgc.276.1565808628042;
        Wed, 14 Aug 2019 11:50:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1565808628; cv=none;
        d=google.com; s=arc-20160816;
        b=Z5X7aVxsA8u9s1K0NhwBv5/wxJSNxjex2ZXv3InjTbVNZtoMosvIP1ILCS3YvDIT14
         0KnY1pIALFBpOUtuZ32FVXTgdq99pfctDbYIXfz0y+6Tc6gPeZT8QQcciZeB5b/rq0i1
         lWV5XLZU2yefwbTOgR/2GpdA+56AzpMKPhuzlhhP24yFrZNgr6fgLpootxPsVj85Ooao
         9y6lErlRJqURxF+wXWCFpE/o/zgUso0kGqOg3cumFRWCd6bgkudY6t9dMRJQudkgNqZ9
         +PyCCFYEDX/9KRMeRN7wFAP+rQeWYPb0YD4Q4Qe3IzYBGjYPcV+ahoBJ1T3yoqenqw3o
         hR1w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:date:from:dkim-signature;
        bh=+sR6B4cibYHHnwu3bpvdAPRMk/urhyGa01jZXxbES1Q=;
        b=HbSEFGUbMY9Pz2q6ZfFm5I4zHeMGm6L72X2zbl4mRlM7sh8plEEnrd/7Mrj2gVvFFm
         JVGDsQPQDaTUliJXGd8l+rL/Je+Zo1DFkq0OxskD8BzPdhVrWys8WGI+ssfhNLCPsQqR
         WA8JG5ACK62caJ/dpNVY2El8btTDVmE1o6n+wfqsj7G5AUBcNf4z/ahKY9UNVtx2LRxF
         uPSBpogwT4NiGk/7TG7QZOIIsEtPCfNNroC14OPFctemvI00+o8SOuQkPLXQgYmOGkXF
         ALdXme+zK4RGDZ9X6uPWr2OZ/e2K2TOS8cAWL6L2ajZ0RAetQmCcSod6XxRSx0yDFSOx
         A/iA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=oA7C+rGe;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id f15si263359pfn.41.2019.08.14.11.50.12;
        Wed, 14 Aug 2019 11:50:28 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=oA7C+rGe;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1729729AbfHNSsx (ORCPT <rfc822;atom.tux.beastie@gmail.com>
        + 99 others); Wed, 14 Aug 2019 14:48:53 -0400
Received: from mail-qk1-f193.google.com ([209.85.222.193]:37494 "EHLO
        mail-qk1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1729103AbfHNSsv (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 14 Aug 2019 14:48:51 -0400
Received: by mail-qk1-f193.google.com with SMTP id s14so12984774qkm.4
        for <linux-kernel@vger.kernel.org>; Wed, 14 Aug 2019 11:48:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:date:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=+sR6B4cibYHHnwu3bpvdAPRMk/urhyGa01jZXxbES1Q=;
        b=oA7C+rGeWO+kai4F3ga/FeOri9pLYQdfPJV5xq2YcO2RXXCUonn/3Hc76IpdWEqePw
         CttxZrCTuMhAmfsTM8k38lY0DZICnt7imjxuWevt/GKhIFiplYs1xERZaVCHbu75WHmQ
         f3wPKrGSiDUceJBtU7Ggeb6kX8laV44lmleMkmKrIdA+wKFBhwjyCyhadmQTX9xPpFNR
         LJxXPtFJbTVLY7qcbW2hBqd9r/+3ZMz4csGfW7n9kJTwaC4V/EF9Dnxhn/NmGLWBU+a4
         CrsBDaENLHwHiFH5V3ieghKsjDGC9B3dBrD9RbHFZ85vMTPIIclViLdzpGVf4g24mbtE
         xb3w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:date:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=+sR6B4cibYHHnwu3bpvdAPRMk/urhyGa01jZXxbES1Q=;
        b=curU6MAZCmHhzL6HutKSZ7AQ/ccGAflbQLTVOd7kPdLfO6DbO8TW5rosz4vqb1mujA
         rPW2Cmm2GfC70a0H76OzP3+L0iD982Lx/EKde0dkxhajd6Sn81ycka+JxcgH8cOr0ffW
         7enxGVA3bcRqkphNdncdarElhMOd5tmO5gNQUokI68Gl0OycFwEEH0yhQCzfM3DKpUGP
         9auyrAzvSOm6+7PizL8KcVoGjVPQalTCM4iEKwCNXQ+H/J04rDJcxuupk2BCoN1dNfgu
         sNbK2QAKanowOCjqjaEM2h9tPjqeXXDREs1b1Cutu6iAkMJfSEdVGGP0mB93fwSkMlBp
         k3fg==
X-Gm-Message-State: APjAAAXQoWqad/+1yoKQCbtT90Bz+oqfcElz5xh1HogxMrilA27KXSVJ
        Gmq4TM6QcJAFowKritNtwG4=
X-Received: by 2002:a05:620a:693:: with SMTP id f19mr855962qkh.189.1565808530358;
        Wed, 14 Aug 2019 11:48:50 -0700 (PDT)
Received: from quaco.ghostprotocols.net ([177.195.212.110])
        by smtp.gmail.com with ESMTPSA id d12sm304687qkk.39.2019.08.14.11.48.49
        (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256);
        Wed, 14 Aug 2019 11:48:50 -0700 (PDT)
From:   Arnaldo Carvalho de Melo <arnaldo.melo@gmail.com>
X-Google-Original-From: Arnaldo Carvalho de Melo <acme@kernel.org>
Received: by quaco.ghostprotocols.net (Postfix, from userid 1000)
        id 6029B40857; Wed, 14 Aug 2019 15:48:14 -0300 (-03)
Date:   Wed, 14 Aug 2019 15:48:14 -0300
To:     Mathieu Poirier <mathieu.poirier@linaro.org>
Cc:     Igor Lubashev <ilubashe@akamai.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Jiri Olsa <jolsa@redhat.com>,
        Alexey Budankov <alexey.budankov@linux.intel.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Ingo Molnar <mingo@redhat.com>,
        Alexander Shishkin <alexander.shishkin@linux.intel.com>,
        Namhyung Kim <namhyung@kernel.org>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
        James Morris <jmorris@namei.org>
Subject: Re: [PATCH v3 3/4] perf: Use CAP_SYSLOG with kptr_restrict checks
Message-ID: <20190814184814.GM9280@kernel.org>
References: <cover.1565188228.git.ilubashe@akamai.com>
 <291d2cda6ee75b4cd4c9ce717c177db18bf03a31.1565188228.git.ilubashe@akamai.com>
 <CANLsYkxZE0CQJKQ-bFi=zFV5vTCbL2v76+x1fmCpqNruqWiFXg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CANLsYkxZE0CQJKQ-bFi=zFV5vTCbL2v76+x1fmCpqNruqWiFXg@mail.gmail.com>
X-Url:  http://acmel.wordpress.com
User-Agent: Mutt/1.12.0 (2019-05-25)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Em Wed, Aug 14, 2019 at 12:04:33PM -0600, Mathieu Poirier escreveu:
> On Wed, 7 Aug 2019 at 08:44, Igor Lubashev <ilubashe@akamai.com> wrote:
> >
> > Kernel is using CAP_SYSLOG capability instead of uid==0 and euid==0 when
> > checking kptr_restrict. Make perf do the same.
> >
> > Also, the kernel is a more restrictive than "no restrictions" in case of
> > kptr_restrict==0, so add the same logic to perf.
> >
> > Signed-off-by: Igor Lubashev <ilubashe@akamai.com>
> > ---
> >  tools/perf/util/symbol.c | 15 +++++++++++----
> >  1 file changed, 11 insertions(+), 4 deletions(-)
> >
> > diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c
> > index 173f3378aaa0..046271103499 100644
> > --- a/tools/perf/util/symbol.c
> > +++ b/tools/perf/util/symbol.c
> > @@ -4,6 +4,7 @@
> >  #include <stdlib.h>
> >  #include <stdio.h>
> >  #include <string.h>
> > +#include <linux/capability.h>
> >  #include <linux/kernel.h>
> >  #include <linux/mman.h>
> >  #include <linux/time64.h>
> > @@ -15,8 +16,10 @@
> >  #include <inttypes.h>
> >  #include "annotate.h"
> >  #include "build-id.h"
> > +#include "cap.h"
> >  #include "util.h"
> >  #include "debug.h"
> > +#include "event.h"
> >  #include "machine.h"
> >  #include "map.h"
> >  #include "symbol.h"
> > @@ -890,7 +893,11 @@ bool symbol__restricted_filename(const char *filename,
> >  {
> >         bool restricted = false;
> >
> > -       if (symbol_conf.kptr_restrict) {
> > +       /* Per kernel/kallsyms.c:
> > +        * we also restrict when perf_event_paranoid > 1 w/o CAP_SYSLOG
> > +        */
> > +       if (symbol_conf.kptr_restrict ||
> > +           (perf_event_paranoid() > 1 && !perf_cap__capable(CAP_SYSLOG))) {
> >                 char *r = realpath(filename, NULL);
> >
> 
> # echo 0 > /proc/sys/kernel/kptr_restrict
> # ./tools/perf/perf record -e instructions:k uname
> perf: Segmentation fault
> Obtained 10 stack frames.
> ./tools/perf/perf(sighandler_dump_stack+0x44) [0x55af9e5da5d4]
> /lib/x86_64-linux-gnu/libc.so.6(+0x3ef20) [0x7fd31efb6f20]
> ./tools/perf/perf(perf_event__synthesize_kernel_mmap+0xa7) [0x55af9e590337]
> ./tools/perf/perf(+0x1cf5be) [0x55af9e50c5be]
> ./tools/perf/perf(cmd_record+0x1022) [0x55af9e50dff2]
> ./tools/perf/perf(+0x23f98d) [0x55af9e57c98d]
> ./tools/perf/perf(+0x23fc9e) [0x55af9e57cc9e]
> ./tools/perf/perf(main+0x369) [0x55af9e4f6bc9]
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xe7) [0x7fd31ef99b97]
> ./tools/perf/perf(_start+0x2a) [0x55af9e4f704a]
> Segmentation fault
> 
> I can reproduce this on both x86 and ARM64.

I don't see this with these two csets removed:

7ff5b5911144 perf symbols: Use CAP_SYSLOG with kptr_restrict checks
d7604b66102e perf tools: Use CAP_SYS_ADMIN with perf_event_paranoid checks

Which were the ones I guessed were related to the problem you reported,
so they are out of my ongoing perf/core pull request to Ingo/Thomas, now
trying with these applied and your instructions...

- Arnaldo