From: "Petr Špaček" <pspacek@isc.org>
To: linux-perf-users@vger.kernel.org
Subject: [bug] nsinfo__mountns_enter failure can cause perf to operate on wrong file
Date: Fri, 27 Oct 2023 17:58:20 +0200 [thread overview]
Message-ID: <3ea2cefb-7417-4cac-98fd-46325c5108e0@isc.org> (raw)
Hello,
I've noticed that sometimes "perf record" confuses paths between two
different namespaces and inadvertently operates on a wrong file (on the
same path - but wrong mount namespace).
Version: 6.5, commit 750b95887e567848ac2c851dae47922cac6db946 from
Linus's tree
Reproducer using Podman container:
All commands executed as non-privileged user, except the sysctl tweak.
$ sudo sysctl -w 'kernel.perf_event_paranoid = -1'
# binary in the container needs to have the same path as on host
# but different content
$ podman run -ti docker.io/library/ubuntu:23.10 /usr/bin/yes > /dev/null
# leave this running and get PID of the process inside the container
$ docker inspect $(docker ps --latest -q) | jq '.[0].State.Pid'
# ! record as an unprivileged user !
# record and use debuginfod from official Ubuntu servers
$ perf record --debuginfod='https://debuginfod.ubuntu.com/' --all-user
-F 99 --pid 637217
# check if we got symbols ... we should have because debuginfod has been
configured
$ perf script # notice "unknown" all over the place
# check build-ids in the recording
$ perf buildid-list
f53cbc885777b8cfc9e54a8015318a71e6845bc3 /usr/bin/yes
# check build-id in the container
$ docker exec -ti $(docker ps --latest -q) bash -c 'apt update; apt
install -yyy file; file `which yes`'
... BuildID[sha1]=7c895824831420bd30a372431d2b241bb6ff5554 ...
Values in perf output and in the containerized binary do not match. Huh?
Where the "perf" value came from, anyway?
Turns out the buildid-list shows value from the _host_:
$ file /usr/bin/yes
... BuildID[sha1]=f53cbc885777b8cfc9e54a8015318a71e6845bc3 ...
My guess is that this can happen when the user executing "perf record"
does not have privileges to nsenter() the target namespace, but this
failure is not checked.
I could not follow "perf record" code, but "perf buildid-cache --add"
calls nsinfo__mountns_enter() which has void return type, and hilarity
ensues if that call fails.
It works as expected if I add "sudo" in front of each "perf" command.
I'm happy to assist with debugging and testing.
--
Petr Špaček
Internet Systems Consortium
next reply other threads:[~2023-10-27 15:58 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-27 15:58 Petr Špaček [this message]
2023-11-06 4:32 ` [bug] nsinfo__mountns_enter failure can cause perf to operate on wrong file Namhyung Kim
2023-11-20 9:28 ` Petr Špaček
-- strict thread matches above, loose matches on Subject: below --
2023-10-30 16:42 Petr Špaček
2023-10-30 19:40 ` Petr Špaček
2023-10-27 15:27 Petr Špaček
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3ea2cefb-7417-4cac-98fd-46325c5108e0@isc.org \
--to=pspacek@isc.org \
--cc=linux-perf-users@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).