From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753317AbcE1PPc (ORCPT ); Sat, 28 May 2016 11:15:32 -0400 Received: from mail.kernel.org ([198.145.29.136]:47059 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753224AbcE1PPT (ORCPT ); Sat, 28 May 2016 11:15:19 -0400 From: Masami Hiramatsu To: Arnaldo Carvalho de Melo Cc: Masami Hiramatsu , linux-kernel@vger.kernel.org, Namhyung Kim , Peter Zijlstra , Ingo Molnar , Hemant Kumar , Ananth N Mavinakayanahalli , Brendan Gregg Subject: [PATCH perf/core v9 01/16] perf-symbol: Introduce filename__readable to check readability Date: Sun, 29 May 2016 00:15:13 +0900 Message-Id: <20160528151513.16098.97576.stgit@devbox> X-Mailer: git-send-email 2.1.0 In-Reply-To: <20160528151456.16098.90001.stgit@devbox> References: <20160528151456.16098.90001.stgit@devbox> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Introduce filename__readable to check readability by opening the file directly. Since the access(R_OK) just checks the readability based on real UID/GID, it is ignored that the effective UID/GID and capabilities for some special file (e.g. /proc/kcore). filename__readable() directly opens given file with O_RDONLY so that the kernel checks it by effective UID/GID and capabilities. --- tools/perf/util/symbol.c | 32 ++++++++++++++++++++++---------- 1 file changed, 22 insertions(+), 10 deletions(-) diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c index 54c4ff2..a469346 100644 --- a/tools/perf/util/symbol.c +++ b/tools/perf/util/symbol.c @@ -1641,6 +1641,20 @@ static int find_matching_kcore(struct map *map, char *dir, size_t dir_sz) return ret; } +/* + * Use open(O_RDONLY) to check readability directly instead of access(R_OK) + * since access(R_OK) only checks with real UID/GID but open() use effective + * UID/GID and actual capabilities (e.g. /proc/kcore requires CAP_SYS_RAWIO). + */ +static bool filename__readable(const char *file) +{ + int fd = open(file, O_RDONLY); + if (fd < 0) + return false; + close(fd); + return true; +} + static char *dso__find_kallsyms(struct dso *dso, struct map *map) { u8 host_build_id[BUILD_ID_SIZE]; @@ -1668,7 +1682,6 @@ static char *dso__find_kallsyms(struct dso *dso, struct map *map) /* Use /proc/kallsyms if possible */ if (is_host) { DIR *d; - int fd; /* If no cached kcore go with /proc/kallsyms */ d = opendir(path); @@ -1677,16 +1690,15 @@ static char *dso__find_kallsyms(struct dso *dso, struct map *map) closedir(d); /* - * Do not check the build-id cache, until we know we cannot use - * /proc/kcore. + * Do not check the build-id cache, unless we know we cannot use + * /proc/kcore or module maps don't match to /proc/kallsyms. + * To check readability of /proc/kcore, do not use access(R_OK) + * since /proc/kcore requires CAP_SYS_RAWIO to read and access + * can't check it. */ - fd = open("/proc/kcore", O_RDONLY); - if (fd != -1) { - close(fd); - /* If module maps match go with /proc/kallsyms */ - if (!validate_kcore_addresses("/proc/kallsyms", map)) - goto proc_kallsyms; - } + if (filename__readable("/proc/kcore") && + !validate_kcore_addresses("/proc/kallsyms", map)) + goto proc_kallsyms; /* Find kallsyms in build-id cache with kcore */ if (!find_matching_kcore(map, path, sizeof(path)))