From: Joel Fernandes <joel@joelfernandes.org>
To: Peter Zijlstra <peterz@infradead.org>
Cc: linux-kernel@vger.kernel.org, rostedt@goodmis.org,
primiano@google.com, rsavitski@google.com, jeffv@google.com,
kernel-team@android.com, Alexei Starovoitov <ast@kernel.org>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
bpf@vger.kernel.org, Daniel Borkmann <daniel@iogearbox.net>,
Ingo Molnar <mingo@redhat.com>, James Morris <jmorris@namei.org>,
Jiri Olsa <jolsa@redhat.com>, Kees Cook <keescook@chromium.org>,
linux-security-module@vger.kernel.org,
Matthew Garrett <matthewgarrett@google.com>,
Namhyung Kim <namhyung@kernel.org>,
selinux@vger.kernel.org, Song Liu <songliubraving@fb.com>,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)"
<x86@kernel.org>, Yonghong Song <yhs@fb.com>
Subject: Re: [PATCH] perf_event: Add support for LSM and SELinux checks
Date: Mon, 14 Oct 2019 12:54:38 -0400 [thread overview]
Message-ID: <20191014165438.GB105106@google.com> (raw)
In-Reply-To: <20191014093544.GB2328@hirez.programming.kicks-ass.net>
On Mon, Oct 14, 2019 at 11:35:44AM +0200, Peter Zijlstra wrote:
> On Fri, Oct 11, 2019 at 12:03:30PM -0400, Joel Fernandes (Google) wrote:
>
> > @@ -4761,6 +4762,7 @@ int perf_event_release_kernel(struct perf_event *event)
> > }
> >
> > no_ctx:
> > + security_perf_event_free(event);
> > put_event(event); /* Must be the 'last' reference */
> > return 0;
> > }
>
> > @@ -10553,11 +10568,16 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu,
> > }
> > }
> >
> > + err = security_perf_event_alloc(event);
> > + if (err)
> > + goto err_security;
> > +
> > /* symmetric to unaccount_event() in _free_event() */
> > account_event(event);
> >
> > return event;
> >
> > +err_security:
> > err_addr_filters:
> > kfree(event->addr_filter_ranges);
> >
>
> There's a bunch of problems here I think:
>
> - err_security is named wrong; the naming scheme is to name the label
> after the last thing that succeeded / first thing that needs to be
> undone.
>
> - per that, you're forgetting to undo 'get_callchain_buffers()'
Yes, you're right. Tested your fix below. Sorry to miss this.
> - perf_event_release_kernel() is not a full match to
> perf_event_alloc(), inherited events get created by
> perf_event_alloc() but never pass through
> perf_event_release_kernel().
Oh, through inherit_event(). Thanks for pointing this semantic out, did not
know that.
> I'm thinking the below patch on top should ammend these issues; please
> verify.
Yes, applied your diff below and verified that the events are getting freed
as they were in my initial set of tests. The diff also looks good to me.
I squashed your diff below and will resend as v3. Since you modified this
patch a lot, I will add your Co-developed-by tag as well.
thanks, Peter!
- Joel
> ---
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -4540,6 +4540,8 @@ static void _free_event(struct perf_even
>
> unaccount_event(event);
>
> + security_perf_event_free(event);
> +
> if (event->rb) {
> /*
> * Can happen when we close an event with re-directed output.
> @@ -4774,7 +4776,6 @@ int perf_event_release_kernel(struct per
> }
>
> no_ctx:
> - security_perf_event_free(event);
> put_event(event); /* Must be the 'last' reference */
> return 0;
> }
> @@ -10595,14 +10596,18 @@ perf_event_alloc(struct perf_event_attr
>
> err = security_perf_event_alloc(event);
> if (err)
> - goto err_security;
> + goto err_callchain_buffer;
>
> /* symmetric to unaccount_event() in _free_event() */
> account_event(event);
>
> return event;
>
> -err_security:
> +err_callchain_buffer:
> + if (!event->parent) {
> + if (event->attr.sample_type & PERF_SAMPLE_CALLCHAIN)
> + put_callchain_buffers();
> + }
> err_addr_filters:
> kfree(event->addr_filter_ranges);
>
prev parent reply other threads:[~2019-10-14 16:54 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-11 16:03 [PATCH] perf_event: Add support for LSM and SELinux checks Joel Fernandes (Google)
2019-10-11 16:35 ` James Morris
2019-10-14 9:35 ` Peter Zijlstra
2019-10-14 16:54 ` Joel Fernandes [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191014165438.GB105106@google.com \
--to=joel@joelfernandes.org \
--cc=acme@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jeffv@google.com \
--cc=jmorris@namei.org \
--cc=jolsa@redhat.com \
--cc=keescook@chromium.org \
--cc=kernel-team@android.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthewgarrett@google.com \
--cc=mingo@redhat.com \
--cc=namhyung@kernel.org \
--cc=peterz@infradead.org \
--cc=primiano@google.com \
--cc=rostedt@goodmis.org \
--cc=rsavitski@google.com \
--cc=selinux@vger.kernel.org \
--cc=songliubraving@fb.com \
--cc=x86@kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.