diff options
| author | Peter Zijlstra <[email protected]> | 2016-04-26 11:36:53 +0200 |
|---|---|---|
| committer | Ingo Molnar <[email protected]> | 2016-04-28 10:32:41 +0200 |
| commit | 79c9ce57eb2d5f1497546a3946b4ae21b6fdc438 (patch) | |
| tree | cdbdbbf5fb4887df3623feeb1b7d4f29e4b49d31 /drivers/gpu/drm/amd/amdgpu/amdgpu_device.c | |
| parent | 0a25556f84d5f79e68e9502bb1f32a43377ab2bf (diff) | |
perf/core: Fix perf_event_open() vs. execve() race
Jann reported that the ptrace_may_access() check in
find_lively_task_by_vpid() is racy against exec().
Specifically:
perf_event_open() execve()
ptrace_may_access()
commit_creds()
... if (get_dumpable() != SUID_DUMP_USER)
perf_event_exit_task();
perf_install_in_context()
would result in installing a counter across the creds boundary.
Fix this by wrapping lots of perf_event_open() in cred_guard_mutex.
This should be fine as perf_event_exit_task() is already called with
cred_guard_mutex held, so all perf locks already nest inside it.
Reported-by: Jann Horn <[email protected]>
Signed-off-by: Peter Zijlstra (Intel) <[email protected]>
Cc: Alexander Shishkin <[email protected]>
Cc: Arnaldo Carvalho de Melo <[email protected]>
Cc: Jiri Olsa <[email protected]>
Cc: Peter Zijlstra <[email protected]>
Cc: Stephane Eranian <[email protected]>
Cc: Thomas Gleixner <[email protected]>
Cc: Vince Weaver <[email protected]>
Signed-off-by: Ingo Molnar <[email protected]>
Diffstat (limited to 'drivers/gpu/drm/amd/amdgpu/amdgpu_device.c')
0 files changed, 0 insertions, 0 deletions