* [PATCH] perf core: apply calculated padding to PERF_SAMPLE_RAW output @ 2020-05-19 13:26 Timo Beckers 2023-03-14 19:27 ` Peter Zijlstra 0 siblings, 1 reply; 3+ messages in thread From: Timo Beckers @ 2020-05-19 13:26 UTC (permalink / raw) Cc: timo, Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo, Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim, open list:PERFORMANCE EVENTS SUBSYSTEM Zero the amount of padding bytes determined in perf_prepare_sample(). This prevents garbage being read from the ring buffer after it has wrapped the page boundary at least once. Signed-off-by: Timo Beckers <timo@incline.eu> --- kernel/events/core.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/kernel/events/core.c b/kernel/events/core.c index 80cf996a7f19..d4e0b003ece0 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -6807,8 +6807,16 @@ void perf_output_sample(struct perf_output_handle *handle, break; frag = frag->next; } while (1); - if (frag->pad) - __output_skip(handle, NULL, frag->pad); + /* + * The padding value is determined in + * perf_prepare_sample() and is not + * expected to exceed u64. + */ + if (frag->pad) { + u64 zero = 0; + + __output_copy(handle, &zero, frag->pad); + } } else { struct { u32 size; -- 2.26.2 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] perf core: apply calculated padding to PERF_SAMPLE_RAW output 2020-05-19 13:26 [PATCH] perf core: apply calculated padding to PERF_SAMPLE_RAW output Timo Beckers @ 2023-03-14 19:27 ` Peter Zijlstra 2023-03-16 16:32 ` Timo Beckers 0 siblings, 1 reply; 3+ messages in thread From: Peter Zijlstra @ 2023-03-14 19:27 UTC (permalink / raw) To: Timo Beckers Cc: Ingo Molnar, Arnaldo Carvalho de Melo, Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim, open list:PERFORMANCE EVENTS SUBSYSTEM On Tue, May 19, 2020 at 03:26:16PM +0200, Timo Beckers wrote: > Zero the amount of padding bytes determined in perf_prepare_sample(). > This prevents garbage being read from the ring buffer after it has wrapped > the page boundary at least once. But it's user garbage, right? And they should be unconsumed anyway. > Signed-off-by: Timo Beckers <timo@incline.eu> > --- > kernel/events/core.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) > > diff --git a/kernel/events/core.c b/kernel/events/core.c > index 80cf996a7f19..d4e0b003ece0 100644 > --- a/kernel/events/core.c > +++ b/kernel/events/core.c > @@ -6807,8 +6807,16 @@ void perf_output_sample(struct perf_output_handle *handle, > break; > frag = frag->next; > } while (1); > - if (frag->pad) > - __output_skip(handle, NULL, frag->pad); > + /* > + * The padding value is determined in > + * perf_prepare_sample() and is not > + * expected to exceed u64. > + */ > + if (frag->pad) { > + u64 zero = 0; > + > + __output_copy(handle, &zero, frag->pad); > + } > } else { > struct { > u32 size; > -- > 2.26.2 > ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] perf core: apply calculated padding to PERF_SAMPLE_RAW output 2023-03-14 19:27 ` Peter Zijlstra @ 2023-03-16 16:32 ` Timo Beckers 0 siblings, 0 replies; 3+ messages in thread From: Timo Beckers @ 2023-03-16 16:32 UTC (permalink / raw) To: Peter Zijlstra Cc: Ingo Molnar, Arnaldo Carvalho de Melo, Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim, open list:PERFORMANCE EVENTS SUBSYSTEM On Tue, 14 Mar 2023 at 20:27, Peter Zijlstra <peterz@infradead.org> wrote: > > On Tue, May 19, 2020 at 03:26:16PM +0200, Timo Beckers wrote: > > Zero the amount of padding bytes determined in perf_prepare_sample(). > > This prevents garbage being read from the ring buffer after it has wrapped > > the page boundary at least once. > > But it's user garbage, right? Hey Peter, correct. Not a security issue, but rather a usability one. (IMO) It would be nice if the receiver could verify if the trailing bytes are all zeroes after interpreting the payload. (I deal with Go interop; C<->Go struct alignment behaviour differs subtly, so this helps debugging) I know the ship has sailed and it's been like this for a long time, but getting it fixed in a non-invasive way would be neat if the performance penalty is not too steep. I think Jiri was playing around with some benchmarks. > And they should be unconsumed anyway. Well, not quite. perf_event_sample.size contains the size of .data including padding, so the reader always needs to copy out the full event, which potentially includes garbage. .data is completely opaque from a generic perf reader POV, so it can't automatically trim it or choose not to read it. Haven't looked at the kernel side in a while, but maybe setting .size to the length of the input on the bpf side would be a better solution? Then no zeroing needs to be done. I assume there's no strong need to increase .size in 8-byte aligned steps, as I currently see values like 4, 12, 20, 28, etc. Please correct me if I'm wrong. Thanks, Timo > > > Signed-off-by: Timo Beckers <timo@incline.eu> > > --- > > kernel/events/core.c | 12 ++++++++++-- > > 1 file changed, 10 insertions(+), 2 deletions(-) > > > > diff --git a/kernel/events/core.c b/kernel/events/core.c > > index 80cf996a7f19..d4e0b003ece0 100644 > > --- a/kernel/events/core.c > > +++ b/kernel/events/core.c > > @@ -6807,8 +6807,16 @@ void perf_output_sample(struct perf_output_handle *handle, > > break; > > frag = frag->next; > > } while (1); > > - if (frag->pad) > > - __output_skip(handle, NULL, frag->pad); > > + /* > > + * The padding value is determined in > > + * perf_prepare_sample() and is not > > + * expected to exceed u64. > > + */ > > + if (frag->pad) { > > + u64 zero = 0; > > + > > + __output_copy(handle, &zero, frag->pad); > > + } > > } else { > > struct { > > u32 size; > > -- > > 2.26.2 > > ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-03-16 16:34 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2020-05-19 13:26 [PATCH] perf core: apply calculated padding to PERF_SAMPLE_RAW output Timo Beckers 2023-03-14 19:27 ` Peter Zijlstra 2023-03-16 16:32 ` Timo Beckers
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.