Em Fri, Nov 16, 2018 at 10:31:43AM -0800, Arnaldo Carvalho de Melo escreveu:
> Em Thu, Nov 01, 2018 at 06:00:01PM +0100, Jiri Olsa escreveu:
> > When reporting on 'record' server we try to retrieve/use
> > the mnt namespace of the profiled tasks. We use following
> > API with cookie to hold the return namespace, roughly:
> >
> > nsinfo__mountns_enter(struct nsinfo *nsi, struct nscookie *nc)
> > setns(newns, 0);
> > ...
> > new ns related open..
> > ...
> > nsinfo__mountns_exit(struct nscookie *nc)
> > setns(nc->oldns)
> >
> > Once finished we setns to old namespace, which also sets the
> > current working directory (cwd) to "/", trashing the cwd we had.
> >
> > This is mostly fine, because we use absolute paths almost everywhere,
> > but it screws up perf diff:
> >
> > # perf diff
> > failed to open perf.data: No such file or directory (try 'perf record'
> > first)
> > ...
> >
> > Adding the current working directory to be part of the cookie
> > and restoring it in the nsinfo__mountns_exit call.
>
> > Cc: Krister Johansen <[email protected]>
> > Fixes: 843ff37bb59e ("perf symbols: Find symbols in different mount
> > namespace")
> > Link: http://lkml.kernel.org/n/[email protected]
> > Signed-off-by: Jiri Olsa <[email protected]>
> > ---
> > tools/perf/util/namespaces.c | 18 ++++++++++++++++--
> > tools/perf/util/namespaces.h | 1 +
> > 2 files changed, 17 insertions(+), 2 deletions(-)
> >
> > diff --git a/tools/perf/util/namespaces.c b/tools/perf/util/namespaces.c
> > index cf8bd123cf73..fb0458b7e6aa 100644
> > --- a/tools/perf/util/namespaces.c
> > +++ b/tools/perf/util/namespaces.c
> > @@ -18,6 +18,7 @@
> > #include <stdio.h>
> > #include <string.h>
> > #include <unistd.h>
> > +#include <asm/bug.h>
> >
> > struct namespaces *namespaces__new(struct namespaces_event *event)
> > {
> > @@ -186,6 +187,7 @@ void nsinfo__mountns_enter(struct nsinfo *nsi,
> > char curpath[PATH_MAX];
> > int oldns = -1;
> > int newns = -1;
> > + char *oldcwd = NULL;
> >
> > if (nc == NULL)
> > return;
> > @@ -199,9 +201,13 @@ void nsinfo__mountns_enter(struct nsinfo *nsi,
> > if (snprintf(curpath, PATH_MAX, "/proc/self/ns/mnt") >= PATH_MAX)
> > return;
> >
> > + oldcwd = get_current_dir_name();
> > + if (!oldcwd)
> > + return;
> > +
> > oldns = open(curpath, O_RDONLY);
> > if (oldns < 0)
> > - return;
> > + goto errout;
> >
> > newns = open(nsi->mntns_path, O_RDONLY);
> > if (newns < 0)
> > @@ -210,11 +216,14 @@ void nsinfo__mountns_enter(struct nsinfo *nsi,
> > if (setns(newns, CLONE_NEWNS) < 0)
> > goto errout;
> >
> > + nc->oldcwd = oldcwd;
> > nc->oldns = oldns;
> > nc->newns = newns;
> > return;
> >
> > errout:
> > + if (oldcwd)
> > + free(oldcwd);
>
> Applied, and while at it I removed the needless if in the above two
> lines.
>
> > if (oldns > -1)
> > close(oldns);
> > if (newns > -1)
> > @@ -223,11 +232,16 @@ void nsinfo__mountns_enter(struct nsinfo *nsi,
> >
> > void nsinfo__mountns_exit(struct nscookie *nc)
> > {
> > - if (nc == NULL || nc->oldns == -1 || nc->newns == -1)
> > + if (nc == NULL || nc->oldns == -1 || nc->newns == -1 || !nc->oldcwd)
> > return;
> >
> > setns(nc->oldns, CLONE_NEWNS);
> >
> > + if (nc->oldcwd) {
> > + WARN_ON_ONCE(chdir(nc->oldcwd));
> > + free(nc->oldcwd);
> > + }
> > +
Also changed the above to zfree(&nc->oldcwd) as this is in a struct
member, that is not freed by the freeing caller
(nsinfo__mountns_exit()), to avoid later possible use-after-free (I
haven't checked if it _actually_ happens with the current codebase, but
it could) also to match the following block, where the resource is
released and then the handler is invalidated.
- Arnaldo
> > if (nc->oldns > -1) {
> > close(nc->oldns);
> > nc->oldns = -1;
