From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932614AbdJXMvx (ORCPT ); Tue, 24 Oct 2017 08:51:53 -0400 Received: from terminus.zytor.com ([65.50.211.136]:43949 "EHLO terminus.zytor.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932267AbdJXMvt (ORCPT ); Tue, 24 Oct 2017 08:51:49 -0400 Date: Tue, 24 Oct 2017 05:48:14 -0700 From: tip-bot for Alexander Shishkin Message-ID: Cc: hpa@zytor.com, torvalds@linux-foundation.org, peterz@infradead.org, tglx@linutronix.de, alexander.shishkin@linux.intel.com, mingo@kernel.org, linux-kernel@vger.kernel.org, a.p.zijlstra@chello.nl Reply-To: a.p.zijlstra@chello.nl, linux-kernel@vger.kernel.org, mingo@kernel.org, alexander.shishkin@linux.intel.com, tglx@linutronix.de, torvalds@linux-foundation.org, peterz@infradead.org, hpa@zytor.com In-Reply-To: <20171023123533.16973-1-alexander.shishkin@linux.intel.com> References: <20171023123533.16973-1-alexander.shishkin@linux.intel.com> To: linux-tip-commits@vger.kernel.org Subject: [tip:perf/urgent] perf/x86/intel/bts: Fix exclusive event reference leak Git-Commit-ID: 2eece390bf68ec8f733d7e4a3ba8a5ea350082ae X-Mailer: tip-git-log-daemon Robot-ID: Robot-Unsubscribe: Contact to get blacklisted from these emails MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Content-Disposition: inline Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Commit-ID: 2eece390bf68ec8f733d7e4a3ba8a5ea350082ae Gitweb: https://git.kernel.org/tip/2eece390bf68ec8f733d7e4a3ba8a5ea350082ae Author: Alexander Shishkin AuthorDate: Mon, 23 Oct 2017 15:35:33 +0300 Committer: Ingo Molnar CommitDate: Tue, 24 Oct 2017 13:19:27 +0200 perf/x86/intel/bts: Fix exclusive event reference leak Commit: d2878d642a4ed ("perf/x86/intel/bts: Disallow use by unprivileged users on paranoid systems") ... adds a privilege check in the exactly wrong place in the event init path: after the 'LBR exclusive' reference has been taken, and doesn't release it in the case of insufficient privileges. After this, nobody in the system gets to use PT or LBR afterwards. This patch moves the privilege check to where it should have been in the first place. Signed-off-by: Alexander Shishkin Cc: Linus Torvalds Cc: Peter Zijlstra Cc: Peter Zijlstra Cc: Thomas Gleixner Fixes: d2878d642a4ed ("perf/x86/intel/bts: Disallow use by unprivileged users on paranoid systems") Link: http://lkml.kernel.org/r/20171023123533.16973-1-alexander.shishkin@linux.intel.com Signed-off-by: Ingo Molnar --- arch/x86/events/intel/bts.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/events/intel/bts.c b/arch/x86/events/intel/bts.c index 16076eb..141e07b 100644 --- a/arch/x86/events/intel/bts.c +++ b/arch/x86/events/intel/bts.c @@ -546,9 +546,6 @@ static int bts_event_init(struct perf_event *event) if (event->attr.type != bts_pmu.type) return -ENOENT; - if (x86_add_exclusive(x86_lbr_exclusive_bts)) - return -EBUSY; - /* * BTS leaks kernel addresses even when CPL0 tracing is * disabled, so disallow intel_bts driver for unprivileged @@ -562,6 +559,9 @@ static int bts_event_init(struct perf_event *event) !capable(CAP_SYS_ADMIN)) return -EACCES; + if (x86_add_exclusive(x86_lbr_exclusive_bts)) + return -EBUSY; + ret = x86_reserve_hardware(); if (ret) { x86_del_exclusive(x86_lbr_exclusive_bts);