Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753840Ab0G0Mka (ORCPT ); Tue, 27 Jul 2010 08:40:30 -0400 Received: from ozlabs.org ([203.10.76.45]:60563 "EHLO ozlabs.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752367Ab0G0Mk3 (ORCPT ); Tue, 27 Jul 2010 08:40:29 -0400 Date: Tue, 27 Jul 2010 22:40:19 +1000 From: Paul Mackerras To: Linus Torvalds Cc: Peter Zijlstra , Ingo Molnar , Benjamin Herrenschmidt , Kumar Gala , linux-kernel@vger.kernel.org, linuxppc-dev@ozlabs.org Subject: Please pull my perf.git urgent branch Message-ID: <20100727124019.GB14947@brick.ozlabs.ibm.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.20 (2009-06-14) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2462 Lines: 65 Linus, Please do a pull from git://git.kernel.org/pub/scm/linux/kernel/git/paulus/perf.git urgent to get one commit that fixes a problem where, on some Freescale embedded PowerPC machines, unprivileged userspace could oops the kernel using the perf_event subsystem. I know it's late, but it is a potential security hole (but only on Freescale embedded systems), the fix is small (3 lines) and only affects Freescale embedded processors, and I was on vacation for the past two weeks. :) Thanks, Paul. Peter Zijlstra (1): perf, powerpc: Use perf_sample_data_init() for the FSL code arch/powerpc/kernel/perf_event_fsl_emb.c | 6 +++--- 1 files changed, 3 insertions(+), 3 deletions(-) commit 6b95ed345b9faa4ab3598a82991968f2e9f851bb Author: Peter Zijlstra Date: Fri Jul 9 10:21:21 2010 +0200 perf, powerpc: Use perf_sample_data_init() for the FSL code We should use perf_sample_data_init() to initialize struct perf_sample_data. As explained in the description of commit dc1d628a ("perf: Provide generic perf_sample_data initialization"), it is possible for userspace to get the kernel to dereference data.raw, so if it is not initialized, that means that unprivileged userspace can possibly oops the kernel. Using perf_sample_data_init makes sure it gets initialized to NULL. This conversion should have been included in commit dc1d628a, but it got missed. Signed-off-by: Peter Zijlstra Acked-by: Kumar Gala Signed-off-by: Paul Mackerras diff --git a/arch/powerpc/kernel/perf_event_fsl_emb.c b/arch/powerpc/kernel/perf_event_fsl_emb.c index 369872f..babccee 100644 --- a/arch/powerpc/kernel/perf_event_fsl_emb.c +++ b/arch/powerpc/kernel/perf_event_fsl_emb.c @@ -566,9 +566,9 @@ static void record_and_restart(struct perf_event *event, unsigned long val, * Finally record data if requested. */ if (record) { - struct perf_sample_data data = { - .period = event->hw.last_period, - }; + struct perf_sample_data data; + + perf_sample_data_init(&data, 0); if (perf_event_overflow(event, nmi, &data, regs)) { /* -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/