Received: by 2002:a6b:fb09:0:0:0:0:0 with SMTP id h9csp665790iog; Fri, 24 Jun 2022 11:15:58 -0700 (PDT) X-Google-Smtp-Source: AGRyM1shNmGIWpbAhuMliRnYu8aE0W0rZ6FGWyNx3JHihB1ms8dy0+myE6c/68elugFz9xsuJQzt X-Received: by 2002:a05:6a00:2312:b0:525:392a:73c3 with SMTP id h18-20020a056a00231200b00525392a73c3mr232273pfh.67.1656094558164; Fri, 24 Jun 2022 11:15:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1656094558; cv=none; d=google.com; s=arc-20160816; b=F4olHVuKjj34o0Q8jo0MHFnRmyWN29DhLwwe1ZbgLxof94gf0uGEdyNBwzDuKWVHcj MxmN1XkunvQbW5YiE7PCNcZv36ykrgmTkr2sKbE2ymgPjv/fXxNsEfidy7BLijba7y8G dsyo7Qsz4d/OW3POFRBM8eJTmLsqu9MJ8aOx6+iUShJyCGftZd5E/aSJiurxi8mCsFcs XwF3SFnWe7AbXN7H6/159W7DfmtZJ2qM7Ogm7Ka5Oh8vaMp+YbaGVUZ6QVU2GIan7pHK J3p966jLacxsBRVhBjiXvpKs29qds9kBuKKt+GGdxMA9ethMN9/ZCYmsEc4DpdIlF1QN tg8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version; bh=CynFqUJ9uA3lR6FKHcs/aiiOSzQMnn/sAq5ba4a97jU=; b=bmTvD1vKWCpB7w/WS3gIv6LQiDn4OnvScDpxrBi6Dj+3KhZdyf6Lbcu1GYrNUfWqad DNbxeoSGRbPsKWvg/6HYFG2njPnkKrLU+nLY9HamBqu0KkgWbkZnH8KFVhA+hoofmEdI ydwJ72vu5O5FUJ1HZgpKrHsKPwoLNkP2OVV6s3dPUVGzBk9Jx5Fl742HYtsSqiGouUqE NWuy/kkB11Xn0TGevUBsI1+WYQOneNNQ2BpvMLC5S6x78NJrBw7CSYYlV4O7dxSPW9Zx RgRFlSCbxarNRZ5cpRmw5HptsTgRrovU4lmclGWINNSyKDHHBD9xWg6J81lmQVekbaHj eYTQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id g14-20020a056a001a0e00b0051b9d2bc523si3347107pfv.253.2022.06.24.11.15.46; Fri, 24 Jun 2022 11:15:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229981AbiFXRbL (ORCPT + 99 others); Fri, 24 Jun 2022 13:31:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59392 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229669AbiFXRbK (ORCPT ); Fri, 24 Jun 2022 13:31:10 -0400 Received: from mail-oi1-f169.google.com (mail-oi1-f169.google.com [209.85.167.169]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A0D322F64D for ; Fri, 24 Jun 2022 10:31:09 -0700 (PDT) Received: by mail-oi1-f169.google.com with SMTP id e131so4375974oif.13 for ; Fri, 24 Jun 2022 10:31:09 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=CynFqUJ9uA3lR6FKHcs/aiiOSzQMnn/sAq5ba4a97jU=; b=WE+eW38w19GpJvs2IK4vwi36dCn7Jei7mgLTjTYbxeXoi5/0+IrcMTmYwwO/gPAjdp v3TYJzLbZF62cX2C424lZeDTlmIHps3UizILlBz616lqGYvHZKp5RTwDJbhOoiqUFqnz 8Xa4emdo9aMHKS/yG6Tv4P6y/fynjoQ0TxVEsjnOsK6DFIboYE1L67g+kv2PwCdu4KAw pqhTO53N1bOOpCAp6nw+vyo50u+XPbXipMYAQFKIv0hA2odySdde/qwblSuXK5Vo0l8+ ++Bwf33hLTJNui2i9feS196SS7liAKprLGKybo9WmGcqBytscjCGxWjHEG+pmgzYsaiZ /uCA== X-Gm-Message-State: AJIora8T3Kj4Nvuf2Q18VNj9BiRkuqkCvOzSCej5jguhGaRiDW2HfGwx iu1feWsamut2CwLu/VZVDcGbBUjtq6h+K42SB4eR2POoncQ= X-Received: by 2002:aca:bb56:0:b0:32f:2160:bfd8 with SMTP id l83-20020acabb56000000b0032f2160bfd8mr123209oif.92.1656091868834; Fri, 24 Jun 2022 10:31:08 -0700 (PDT) MIME-Version: 1.0 References: <20220602224754.602074-1-namhyung@kernel.org> In-Reply-To: From: Namhyung Kim Date: Fri, 24 Jun 2022 10:30:57 -0700 Message-ID: Subject: Re: [PATCH] perf/core: Call LSM hook after copying perf_event_attr To: Joel Fernandes , Peter Zijlstra Cc: Ingo Molnar , Arnaldo Carvalho de Melo , Jiri Olsa , Mark Rutland , Alexander Shishkin , LKML , Stephane Eranian , Andi Kleen , Ian Rogers , James Morris Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Peter, On Fri, Jun 3, 2022 at 8:05 AM Joel Fernandes wrote: > > On Thu, Jun 02, 2022 at 03:47:54PM -0700, Namhyung Kim wrote: > > It passes the attr struct to the security_perf_event_open() but it's > > not initialized yet. > > > > Fixes: da97e18458fb ("perf_event: Add support for LSM and SELinux checks") > > Cc: Joel Fernandes (Google) > > Signed-off-by: Namhyung Kim > > --- > > kernel/events/core.c | 6 +++--- > > 1 file changed, 3 insertions(+), 3 deletions(-) > > > > diff --git a/kernel/events/core.c b/kernel/events/core.c > > index 7858bafffa9d..e035545f624f 100644 > > --- a/kernel/events/core.c > > +++ b/kernel/events/core.c > > @@ -12033,12 +12033,12 @@ SYSCALL_DEFINE5(perf_event_open, > > if (flags & ~PERF_FLAG_ALL) > > return -EINVAL; > > > > - /* Do we allow access to perf_event_open(2) ? */ > > - err = security_perf_event_open(&attr, PERF_SECURITY_OPEN); > > + err = perf_copy_attr(attr_uptr, &attr); > > if (err) > > return err; > > > > - err = perf_copy_attr(attr_uptr, &attr); > > + /* Do we allow access to perf_event_open(2) ? */ > > + err = security_perf_event_open(&attr, PERF_SECURITY_OPEN); > > Reviewed-by: Joel Fernandes (Google) Any chance you can pick this up? Thanks, Namhyung