Received: by 2002:a25:8b12:0:0:0:0:0 with SMTP id i18csp4331738ybl;
        Tue, 20 Aug 2019 10:16:28 -0700 (PDT)
X-Google-Smtp-Source: APXvYqxBPyXEwhiB/I/ZJ73yoW8V2DMAdTdO8OPi0ayC82rHq5P/D/CIStMhAmawK5wqqQgdBohC
X-Received: by 2002:a17:90a:9a90:: with SMTP id e16mr1029763pjp.71.1566321388312;
        Tue, 20 Aug 2019 10:16:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1566321388; cv=none;
        d=google.com; s=arc-20160816;
        b=WfjIxDVtTzFLnb5c87Y/6b5qAJcEqZ5vyJ2tdSgxhA9XmyeB930pK+2Jqru4LRiRnz
         dMU5nkjB5amvwazh5rJHDjqO0R/uS7XpzHWKTW/5MPFKFYnQEPkZawYaL2W1BAXpGDy8
         jRHm5mBmrNV3dQYQnDA8CSdMMJspliZR2VPvKcJOL6dscXCNJn9jGCncQIpGH/Vj9B+S
         vCr5g0htXW3x36DWQiS8KPgbq56tj7j90ju0zx0aN4n1ZtQIF6rftv0tIjBGZMHpxdvc
         Vi64ZoUqIhhoc+A51bhaqw5f+vhjcyNu1/IEeEp2wn1i6Zs2z4fsLXzmVQg2vMXIYQPJ
         n14w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:date:from:dkim-signature;
        bh=Na+6gffEb112VVVNdODoi4mMyuuWBICqePLOsVHkZO0=;
        b=MMO+IR3PGh1pjeZ/5dH1WeqxjITfoST5U4WjFzWKOOU1yQpF/zHC8TW0PeZFQSxlDT
         n3OF9V+mjUpEU1H1wwVetyfGIz/3OjqpYGAq1MFW+cnbrWaE5Qwow9isr6zXz859GLg0
         yGHa8GIyhLtSm9HGEKWOy9bk+gR9WvieXoYJThwsosv569doHtQXoCEMen1fFg9RfNZT
         aHodm6n+whn8Jes0ugKSYDP+ewYR5hJYd/UrVBCec7LPSMolbcI9vESA71s7sZU6pHZo
         EJgH6pTFz1/5O+vAD7PPUWoY5VmDMY8tCdDVUX5gFOL3GmFJujNWYist1QCMuKblIBgF
         j96g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=pqjhG9yp;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id n22si345084pjt.55.2019.08.20.10.16.12;
        Tue, 20 Aug 2019 10:16:28 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=pqjhG9yp;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730256AbfHTRNu (ORCPT <rfc822;zjuysxie86@gmail.com>
        + 99 others); Tue, 20 Aug 2019 13:13:50 -0400
Received: from mail-qk1-f194.google.com ([209.85.222.194]:41471 "EHLO
        mail-qk1-f194.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1730174AbfHTRNu (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 20 Aug 2019 13:13:50 -0400
Received: by mail-qk1-f194.google.com with SMTP id g17so5117114qkk.8
        for <linux-kernel@vger.kernel.org>; Tue, 20 Aug 2019 10:13:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:date:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=Na+6gffEb112VVVNdODoi4mMyuuWBICqePLOsVHkZO0=;
        b=pqjhG9ypHdS0uUoy/HCpHsRI3P4Rltot/YPX+KwM75jreLtmyQ5e9fqMS13TBUfkh1
         LT/MhBkXETWWL+giL03xxJ4YuUuEJ+CR5TzxFrbw/WiySyKNGmuUBVUzIt/RzdaXhElA
         etNSci7TitZxUosEiLJf5KqC3elvoLqbqWliR865AihvkGMvnmc9U3YQDThlX2gAeSdd
         596XuREpM/89wdbn+5ASGGuK+cuuENOeQYh6LjWQhPg7bSU0P1CkhR6TjB8CVl4RclxI
         da3CdIn8QH+HTd/h23fPucUrOp1idpGpz4K0XNfUQM/FsBYBrcg6zc6UtWen/JvoOiGT
         7YAg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:date:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=Na+6gffEb112VVVNdODoi4mMyuuWBICqePLOsVHkZO0=;
        b=ftLvkw2IW4tBk0SzdtbTs0L6TOIBk6wkjwGI4Nmems1tT6ycWHYNRX/7Xy4EYbVjlC
         GnNOpbCOxP+hxE7+I3SMSXqTejnhNgwUu9BdsHsKkbDFmSpM/FAoHxYOcXCWb4KSlzbN
         D0y5F+ODtn793qduJlUXolX/NfiJSFuI2K33iU+TG6ZQkY6LpP9SJf0+grhP1JePKqxE
         KKvJdAr+vsL7H/+nfFmf+ejwL7p032jcCD2VzWj/2HfWpfWcjBHUueU5eGZLov9vcKTL
         Td4gwoPI6UukWHNyzXMKEdFcbO+xx2egu4kZRjh6+O/cOeNaLW2XrwnubUyM914t53JH
         gVmg==
X-Gm-Message-State: APjAAAWGPLduo8aHogtAJnxaSBL8MlO5vNvhUiCFS6M21cQc+Sl73h2m
        k7Ltm3zi6qDMHgpibbsi6Vk=
X-Received: by 2002:a37:649:: with SMTP id 70mr26851894qkg.208.1566321229163;
        Tue, 20 Aug 2019 10:13:49 -0700 (PDT)
Received: from quaco.ghostprotocols.net ([177.195.212.43])
        by smtp.gmail.com with ESMTPSA id k74sm8958139qke.53.2019.08.20.10.13.45
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 20 Aug 2019 10:13:46 -0700 (PDT)
From:   Arnaldo Carvalho de Melo <arnaldo.melo@gmail.com>
X-Google-Original-From: Arnaldo Carvalho de Melo <acme@kernel.org>
Received: by quaco.ghostprotocols.net (Postfix, from userid 1000)
        id 3E59A40340; Tue, 20 Aug 2019 14:13:42 -0300 (-03)
Date:   Tue, 20 Aug 2019 14:13:42 -0300
To:     "Lubashev, Igor" <ilubashe@akamai.com>
Cc:     Mathieu Poirier <mathieu.poirier@linaro.org>,
        Arnaldo Carvalho de Melo <arnaldo.melo@gmail.com>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Jiri Olsa <jolsa@redhat.com>,
        Alexey Budankov <alexey.budankov@linux.intel.com>,
        Peter Zijlstra <peterz@infradead.org>,
        Ingo Molnar <mingo@redhat.com>,
        Alexander Shishkin <alexander.shishkin@linux.intel.com>,
        Namhyung Kim <namhyung@kernel.org>,
        Suzuki K Poulose <suzuki.poulose@arm.com>,
        linux-arm-kernel <linux-arm-kernel@lists.infradead.org>,
        James Morris <jmorris@namei.org>, Leo Yan <leo.yan@linaro.org>
Subject: Re: [PATCH v3 3/4] perf: Use CAP_SYSLOG with kptr_restrict checks
Message-ID: <20190820171342.GD3929@kernel.org>
References: <cover.1565188228.git.ilubashe@akamai.com>
 <291d2cda6ee75b4cd4c9ce717c177db18bf03a31.1565188228.git.ilubashe@akamai.com>
 <CANLsYkxZE0CQJKQ-bFi=zFV5vTCbL2v76+x1fmCpqNruqWiFXg@mail.gmail.com>
 <20190814184814.GM9280@kernel.org>
 <20190814185213.GN9280@kernel.org>
 <23f7b8c7616a467c93ee2c77e8ffd3cf@usma1ex-dag1mb6.msg.corp.akamai.com>
 <CANLsYkxqBcJq8QJq+aLZXQas1VBg_wGh_p5WTUuRVFCYEQWiQw@mail.gmail.com>
 <20190815214236.GA3929@kernel.org>
 <CANLsYkyPkcJWmBZzyjGj3vJRgEtuaun7HQjN1=5wcOyTPnfhmQ@mail.gmail.com>
 <3f70f6be3a464ca5b4cf563433933245@usma1ex-dag1mb6.msg.corp.akamai.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <3f70f6be3a464ca5b4cf563433933245@usma1ex-dag1mb6.msg.corp.akamai.com>
X-Url:  http://acmel.wordpress.com
User-Agent: Mutt/1.12.0 (2019-05-25)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Em Mon, Aug 19, 2019 at 10:22:07PM +0000, Lubashev, Igor escreveu:
> On Mon, August 19, 2019 at 12:51 PM Mathieu Poirier <mathieu.poirier@linaro.org> wrote:
> > On Thu, 15 Aug 2019 at 15:42, Arnaldo Carvalho de Melo <arnaldo.melo@gmail.com> wrote:
> > Things are working properly on your perf/cap branch.  I tested with on both
> > x86 and ARM.
 
> Mathieu, you are probably testing with euid==0.  If you were to test
> with euid!=0 but with CAP_SYSLOG and no libcap (and kptr_restrict=0,
> perf_event_paranoid=2), you would likely hit the bug that you
> identified in __perf_event__synthesize_kermel_mmap().
 
> See https://lkml.kernel.org/lkml/930a59730c0d495f8c5acf4f99048e8d@usma1ex-dag1mb6.msg.corp.akamai.com for the fix (Option 1 only or Options 1+2).
> 
> Arnaldo, once we decide what the right fix is, I am happy to post the update (options 1, 1+2) as a patch series.

I think you should get the checks for ref_reloc_sym in place so as to
make the code overall more robust, and also go on continuing to make the
checks in tools/perf/ to match what is checked on the other side of the
mirror, i.e. by the kernel, so from a quick read, please put first the
robustness patches (check ref_reloc_sym) do your other suggestions and
update the warnings, then refresh the two patches that still are not in
my perf/core branch:

[acme@quaco perf]$ git rebase perf/core
First, rewinding head to replay your work on top of it...
Applying: perf tools: Use CAP_SYS_ADMIN with perf_event_paranoid checks
Applying: perf symbols: Use CAP_SYSLOG with kptr_restrict checks
[acme@quaco perf]$ 

I've pushed out perf/cap, so you can go from there as it is rebased on
my current perf/core.

Then test all these cases: with/without libcap, with euid==0 and
different than zero, with capabilities, etc, patch by patch so that we
don't break bisection nor regress,

Thanks and keep up the good work!

- Arnaldo
 
> - Igor
> 
> 
> > > > I am not sure how this can be fixed.  I counted a total of 19
> > > > instances where kmap->ref_reloc_sym->XYZ is called, only 2 of wich
> > > > care to check if kmap->ref_reloc_sym is valid before proceeding.  As
> > > > such I must hope that in the 17 other cases, kmap->ref_reloc_sym is
> > > > guaranteed to be valid.  If I am correct then all we need is to
> > > > check for a valid pointer in _perf_event__synthesize_kernel_mmap().
> > > > Otherwise it will be a little harder.
> > > >
> > > > Mathieu
> 

-- 

- Arnaldo