Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp2632095pxj; Mon, 14 Jun 2021 03:33:33 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw0+fW6Msj1+gdSl5OoMbTMcv1cGcs+ApOFgSrctVjV3hjySpK5uLjAweDMqrm0GRucM9Bp X-Received: by 2002:a17:906:ecbc:: with SMTP id qh28mr14043513ejb.406.1623666812990; Mon, 14 Jun 2021 03:33:32 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623666812; cv=none; d=google.com; s=arc-20160816; b=biZ2ZSSHYAVmXeO9zrCkoE1XqfLgoFitKnPJHKa5XCuxGG3ylW9m6MOJ+57LGKkuIC rE6BElYMJqEtxRpbWzbb8t53l4S4qZ2vH2sZtDnfAyc58dNi7Jf4FZ23cMvS3BH8fpXs Te44sfXI2v0BU8+SNiIgWvQeSjKLI2uYwu6BvAUhoGOMH9tWZyT8iAgLU2JutXhWJ/Ag eKzEdY9bZtrJNs4nixuJc5dn2dVgQi2XeWq6i3pUwQaIGVORGeahlMGyvhe5F/3O3Uja +azrRONPEjaNtCDjmDYdtHkOwrnfAvT2HXSxSc2TSVbwCrTH3ynB1ISyS5PEnzzBaQAu PXpA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=xWmOzwGzK015HvzziLALbQA26Y0q4VSYcC5jZpYNOQw=; b=nUg/bsR526oGwK69JbEFU4Fwt2Eg8ZQxepqjNjMY9nSTgUq9rMtAilcBpcdr8FjjOl FVupl5eVEDbobJfi7k8Eb7KCFqTa5BtmEP5fYrrJoUs1//A6/GdOxCwwKpu19cefsYWv jyPqb5I1mnWUtaHG5ZE5LFQsrMY6ZmhJIYnCH/L/ktjL3nLOrm8pu3xiey1G6/kNAjJP 52iRzS3AUb8XAEg1SzKJKIFeNttvqHIsmQmJZ5TrMK/6ZuILc9Or/DdzjRAUPN3vVWJ2 0kpJ9nLtQEJR1VRt1VXgryrSzR0gxv/WaZNWQjA5tGLGQ4G5x1b6VEEDdrrWpyF5ni0N Q6zw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=PAuUoVrr; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id lc28si11526393ejc.270.2021.06.14.03.33.09; Mon, 14 Jun 2021 03:33:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=PAuUoVrr; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233087AbhFNKdS (ORCPT + 99 others); Mon, 14 Jun 2021 06:33:18 -0400 Received: from mail.kernel.org ([198.145.29.99]:38348 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S232982AbhFNKb5 (ORCPT ); Mon, 14 Jun 2021 06:31:57 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id B528561206; Mon, 14 Jun 2021 10:29:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1623666578; bh=oorC/DVzdfQ70Y7BRI3uAUe33u5+TE6kQK7sH2MujVk=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=PAuUoVrrFmpSWum5fjPqD3RpozNm8GHOWUKdWXfZPEz0XtavVANbL+6z+APdU8t31 9hLg2761gY2vo9poLuyNWFy29lrzTjYi5er/bp3wEyUYDqRKtEVTqsZEC915iaO7zH thGsMdRf67nayLg6kB08zj5iqUVwytkEudJQYGEk= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Leo Yan , Adrian Hunter , Jiri Olsa , Alexander Shishkin , Kan Liang , Mark Rutland , Namhyung Kim , Peter Zijlstra , Arnaldo Carvalho de Melo , Sasha Levin Subject: [PATCH 4.4 30/34] perf session: Correct buffer copying when peeking events Date: Mon, 14 Jun 2021 12:27:21 +0200 Message-Id: <20210614102642.545748223@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210614102641.582612289@linuxfoundation.org> References: <20210614102641.582612289@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Leo Yan [ Upstream commit 197eecb6ecae0b04bd694432f640ff75597fed9c ] When peeking an event, it has a short path and a long path. The short path uses the session pointer "one_mmap_addr" to directly fetch the event; and the long path needs to read out the event header and the following event data from file and fill into the buffer pointer passed through the argument "buf". The issue is in the long path that it copies the event header and event data into the same destination address which pointer "buf", this means the event header is overwritten. We are just lucky to run into the short path in most cases, so we don't hit the issue in the long path. This patch adds the offset "hdr_sz" to the pointer "buf" when copying the event data, so that it can reserve the event header which can be used properly by its caller. Fixes: 5a52f33adf02 ("perf session: Add perf_session__peek_event()") Signed-off-by: Leo Yan Acked-by: Adrian Hunter Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: http://lore.kernel.org/lkml/20210605052957.1070720-1-leo.yan@linaro.org Signed-off-by: Arnaldo Carvalho de Melo Signed-off-by: Sasha Levin --- tools/perf/util/session.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/perf/util/session.c b/tools/perf/util/session.c index 5b392662d100..1029225ee417 100644 --- a/tools/perf/util/session.c +++ b/tools/perf/util/session.c @@ -1255,6 +1255,7 @@ int perf_session__peek_event(struct perf_session *session, off_t file_offset, if (event->header.size < hdr_sz || event->header.size > buf_sz) return -1; + buf += hdr_sz; rest = event->header.size - hdr_sz; if (readn(fd, buf, rest) != (ssize_t)rest) -- 2.30.2