Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp2640298pxj; Mon, 14 Jun 2021 03:46:55 -0700 (PDT) X-Google-Smtp-Source: ABdhPJx8xp+o+YKuCQ4ieLypPGJIda+hlBpWOwUGQL42SGR0B6shlLVu/BVciKGDab9vW/fTvqpU X-Received: by 2002:a17:907:6ef:: with SMTP id yh15mr14462929ejb.151.1623667614674; Mon, 14 Jun 2021 03:46:54 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623667614; cv=none; d=google.com; s=arc-20160816; b=KJMMDbKxOdsU3zcMx2Vd3jnXn14C1W1b7pjJvzaCHa6yco6txo9JhnB7C2bRQGdQS8 VRYXfgJpPxw7AFhsI1fDd4amPYszfKc0Y0ZqJZTVwFQG5+B6HHuKyHrZjzy4BIwCbzjr hP0fTfOjA3X4kN9gsc6yyXqKGEb3D244MI5ckfsgcSuu56lvGDd8GRgI691Q66hW7Rm6 3S4m58SIhcoxrEaDZZ77r3bI2KOaAumgnKnjTRsTH3u/kHsKUqnv5eNbSLH8CXRF1GL4 9TfJ0GpCTxfgEdlLyifUqhvCMzv8UecvfSX+N9mhDVRH/ObE1wPAaiWu/zF086ooxMsT 1ZMw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=V6H/lkkBHnD12ygMv9pbLxzzgEiwTsGYJXLgOkg0HwU=; b=tvqD1TvFvaCoqKj6ispnfS1ACndVuPbH4geU/o7t3trMq5RzPfqKuQe5eUqh5J8R4k 64dt0dSgvyXtkMXVt1DjVOvjoNXyOEN7DIL9CMqDmvuvWLdBQLWYEA7JOa2pEOOGdTGh 44BIznx/ex2aXQw6a6dxPDhAevSB621QSOwqYkAk6QxxsENkr5VpNjMEse3RBYUN9pYF r2+hBvYQbsQB2I6AIEFvao5K0gQ5Kh12yaDCramNGLwMPRdbfCx1Dr8WW+tJMtY66Pc/ 7QYjQkEHW9DYJhqO/6KcMH2FcAk6irhLKDmdeBBMKMFtG0xTUfOktB9+UkZ4JZUOhT47 rsuw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=Z19v4tmS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id co3si10715349edb.121.2021.06.14.03.46.28; Mon, 14 Jun 2021 03:46:54 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linuxfoundation.org header.s=korg header.b=Z19v4tmS; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234150AbhFNKoN (ORCPT + 99 others); Mon, 14 Jun 2021 06:44:13 -0400 Received: from mail.kernel.org ([198.145.29.99]:40062 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233777AbhFNKhx (ORCPT ); Mon, 14 Jun 2021 06:37:53 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id E7BA3611BE; Mon, 14 Jun 2021 10:33:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1623666819; bh=Yg31k1HocdswqpPwLQx+peZ9oi2gE5TsZ/v3v/9vvYo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=Z19v4tmSd4++RQHuBIbXsA7g20Qpr97lagJQMODUOfwrviMl7AItv8ZnRjyozwhDh 6pOthfsHjwVM06cjNYCJmW/srspQ0irVqqT9L3vLthRZgIN2KUVlJRZmG96kYwlqKn 9/576tidILBVdgdymPyhOLSc26xcNp184lqv0K2w= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Leo Yan , Adrian Hunter , Jiri Olsa , Alexander Shishkin , Kan Liang , Mark Rutland , Namhyung Kim , Peter Zijlstra , Arnaldo Carvalho de Melo , Sasha Levin Subject: [PATCH 4.14 41/49] perf session: Correct buffer copying when peeking events Date: Mon, 14 Jun 2021 12:27:34 +0200 Message-Id: <20210614102643.207576453@linuxfoundation.org> X-Mailer: git-send-email 2.32.0 In-Reply-To: <20210614102641.857724541@linuxfoundation.org> References: <20210614102641.857724541@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Leo Yan [ Upstream commit 197eecb6ecae0b04bd694432f640ff75597fed9c ] When peeking an event, it has a short path and a long path. The short path uses the session pointer "one_mmap_addr" to directly fetch the event; and the long path needs to read out the event header and the following event data from file and fill into the buffer pointer passed through the argument "buf". The issue is in the long path that it copies the event header and event data into the same destination address which pointer "buf", this means the event header is overwritten. We are just lucky to run into the short path in most cases, so we don't hit the issue in the long path. This patch adds the offset "hdr_sz" to the pointer "buf" when copying the event data, so that it can reserve the event header which can be used properly by its caller. Fixes: 5a52f33adf02 ("perf session: Add perf_session__peek_event()") Signed-off-by: Leo Yan Acked-by: Adrian Hunter Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Kan Liang Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Link: http://lore.kernel.org/lkml/20210605052957.1070720-1-leo.yan@linaro.org Signed-off-by: Arnaldo Carvalho de Melo Signed-off-by: Sasha Levin --- tools/perf/util/session.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/perf/util/session.c b/tools/perf/util/session.c index decd5d147e81..735dc862c7f8 100644 --- a/tools/perf/util/session.c +++ b/tools/perf/util/session.c @@ -1475,6 +1475,7 @@ int perf_session__peek_event(struct perf_session *session, off_t file_offset, if (event->header.size < hdr_sz || event->header.size > buf_sz) return -1; + buf += hdr_sz; rest = event->header.size - hdr_sz; if (readn(fd, buf, rest) != (ssize_t)rest) -- 2.30.2