From: Joel Fernandes <joel@joelfernandes.org>
To: Peter Zijlstra <peterz@infradead.org>
Cc: linux-kernel@vger.kernel.org, rostedt@goodmis.org,
primiano@google.com, rsavitski@google.com, jeffv@google.com,
kernel-team@android.com, Alexei Starovoitov <ast@kernel.org>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
bpf@vger.kernel.org, Daniel Borkmann <daniel@iogearbox.net>,
Ingo Molnar <mingo@redhat.com>, James Morris <jmorris@namei.org>,
Jiri Olsa <jolsa@redhat.com>, Kees Cook <keescook@chromium.org>,
linux-security-module@vger.kernel.org,
Matthew Garrett <matthewgarrett@google.com>,
Namhyung Kim <namhyung@kernel.org>,
selinux@vger.kernel.org, Song Liu <songliubraving@fb.com>,
"maintainer:X86 ARCHITECTURE (32-BIT AND 64-BIT)"
<x86@kernel.org>, Yonghong Song <yhs@fb.com>
Subject: Re: [PATCH] perf_event: Add support for LSM and SELinux checks
Date: Mon, 14 Oct 2019 12:54:38 -0400 [thread overview]
Message-ID: <20191014165438.GB105106@google.com> (raw)
In-Reply-To: <20191014093544.GB2328@hirez.programming.kicks-ass.net>
On Mon, Oct 14, 2019 at 11:35:44AM +0200, Peter Zijlstra wrote:
> On Fri, Oct 11, 2019 at 12:03:30PM -0400, Joel Fernandes (Google) wrote:
>
> > @@ -4761,6 +4762,7 @@ int perf_event_release_kernel(struct perf_event *event)
> > }
> >
> > no_ctx:
> > + security_perf_event_free(event);
> > put_event(event); /* Must be the 'last' reference */
> > return 0;
> > }
>
> > @@ -10553,11 +10568,16 @@ perf_event_alloc(struct perf_event_attr *attr, int cpu,
> > }
> > }
> >
> > + err = security_perf_event_alloc(event);
> > + if (err)
> > + goto err_security;
> > +
> > /* symmetric to unaccount_event() in _free_event() */
> > account_event(event);
> >
> > return event;
> >
> > +err_security:
> > err_addr_filters:
> > kfree(event->addr_filter_ranges);
> >
>
> There's a bunch of problems here I think:
>
> - err_security is named wrong; the naming scheme is to name the label
> after the last thing that succeeded / first thing that needs to be
> undone.
>
> - per that, you're forgetting to undo 'get_callchain_buffers()'
Yes, you're right. Tested your fix below. Sorry to miss this.
> - perf_event_release_kernel() is not a full match to
> perf_event_alloc(), inherited events get created by
> perf_event_alloc() but never pass through
> perf_event_release_kernel().
Oh, through inherit_event(). Thanks for pointing this semantic out, did not
know that.
> I'm thinking the below patch on top should ammend these issues; please
> verify.
Yes, applied your diff below and verified that the events are getting freed
as they were in my initial set of tests. The diff also looks good to me.
I squashed your diff below and will resend as v3. Since you modified this
patch a lot, I will add your Co-developed-by tag as well.
thanks, Peter!
- Joel
> ---
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -4540,6 +4540,8 @@ static void _free_event(struct perf_even
>
> unaccount_event(event);
>
> + security_perf_event_free(event);
> +
> if (event->rb) {
> /*
> * Can happen when we close an event with re-directed output.
> @@ -4774,7 +4776,6 @@ int perf_event_release_kernel(struct per
> }
>
> no_ctx:
> - security_perf_event_free(event);
> put_event(event); /* Must be the 'last' reference */
> return 0;
> }
> @@ -10595,14 +10596,18 @@ perf_event_alloc(struct perf_event_attr
>
> err = security_perf_event_alloc(event);
> if (err)
> - goto err_security;
> + goto err_callchain_buffer;
>
> /* symmetric to unaccount_event() in _free_event() */
> account_event(event);
>
> return event;
>
> -err_security:
> +err_callchain_buffer:
> + if (!event->parent) {
> + if (event->attr.sample_type & PERF_SAMPLE_CALLCHAIN)
> + put_callchain_buffers();
> + }
> err_addr_filters:
> kfree(event->addr_filter_ranges);
>
prev parent reply other threads:[~2019-10-14 16:54 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-11 16:03 [PATCH] perf_event: Add support for LSM and SELinux checks Joel Fernandes (Google)
2019-10-11 16:35 ` James Morris
2019-10-14 9:35 ` Peter Zijlstra
2019-10-14 16:54 ` Joel Fernandes [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191014165438.GB105106@google.com \
--to=joel@joelfernandes.org \
--cc=acme@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jeffv@google.com \
--cc=jmorris@namei.org \
--cc=jolsa@redhat.com \
--cc=keescook@chromium.org \
--cc=kernel-team@android.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=matthewgarrett@google.com \
--cc=mingo@redhat.com \
--cc=namhyung@kernel.org \
--cc=peterz@infradead.org \
--cc=primiano@google.com \
--cc=rostedt@goodmis.org \
--cc=rsavitski@google.com \
--cc=selinux@vger.kernel.org \
--cc=songliubraving@fb.com \
--cc=x86@kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).