• Steven Rostedt's avatar
    perf/ftrace: Fix paranoid level for enabling function tracer · 12ae030d
    Steven Rostedt authored
    The current default perf paranoid level is "1" which has
    "perf_paranoid_kernel()" return false, and giving any operations that
    use it, access to normal users. Unfortunately, this includes function
    tracing and normal users should not be allowed to enable function
    tracing by default.
    
    The proper level is defined at "-1" (full perf access), which
    "perf_paranoid_tracepoint_raw()" will only give access to. Use that
    check instead for enabling function tracing.
    Reported-by: default avatarDave Jones <davej@redhat.com>
    Reported-by: default avatarVince Weaver <vincent.weaver@maine.edu>
    Tested-by: default avatarVince Weaver <vincent.weaver@maine.edu>
    Cc: Peter Zijlstra <peterz@infradead.org>
    Cc: Ingo Molnar <mingo@kernel.org>
    Cc: Jiri Olsa <jolsa@redhat.com>
    Cc: Frederic Weisbecker <fweisbec@gmail.com>
    Cc: stable@vger.kernel.org # 3.4+
    CVE: CVE-2013-2930
    Fixes: ced39002 ("ftrace, perf: Add support to use function tracepoint in perf")
    Signed-off-by: default avatarSteven Rostedt <rostedt@goodmis.org>
    12ae030d
trace_event_perf.c 7.97 KB