On Monday 05 March 2018 11:46 AM, Balbir Singh wrote:
On Sun, Mar 4, 2018 at 10:55 PM, Madhavan Srinivasan
<ma...@linux.vnet.ibm.com> wrote:
The current Branch History Rolling Buffer (BHRB) code does
not check for any privilege levels before updating the data
from BHRB. This leaks kernel addresses to userspace even when
profiling only with userspace privileges. Add proper checks
to prevent it.

Signed-off-by: Madhavan Srinivasan <ma...@linux.vnet.ibm.com>
  arch/powerpc/perf/core-book3s.c | 4 ++++
  1 file changed, 4 insertions(+)

diff --git a/arch/powerpc/perf/core-book3s.c b/arch/powerpc/perf/core-book3s.c
index f89bbd54ecec..337db5831749 100644
--- a/arch/powerpc/perf/core-book3s.c
+++ b/arch/powerpc/perf/core-book3s.c
@@ -457,6 +457,10 @@ static void power_pmu_bhrb_read(struct cpu_hw_events 
                                 /* invalid entry */

+                       if (perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN) &&
+                               is_kernel_addr(addr))
+                               continue;

Looks good to me. The scope of the leaks concern is KASLR related or
something else (figuring out what's in the cache?)

I did not look at it closely. But will get the information.

Thanks for the review

Acked-by: Balbir Singh <bsinghar...@gmail.com>

Balbir Singh.

Reply via email to