1. 25 Jul, 2018 2 commits
    • Mathieu Poirier's avatar
      perf/core: Fix crash when using HW tracing kernel filters · 7f635ff1
      Mathieu Poirier authored
      In function perf_event_parse_addr_filter(), the path::dentry of each struct
      perf_addr_filter is left unassigned (as it should be) when the pattern
      being parsed is related to kernel space.  But in function
      perf_addr_filter_match() the same dentries are given to d_inode() where
      the value is not expected to be NULL, resulting in the following splat:
      
        Unable to handle kernel NULL pointer dereference at virtual address 0000000000000058
        pc : perf_event_mmap+0x2fc/0x5a0
        lr : perf_event_mmap+0x2c8/0x5a0
        Process uname (pid: 2860, stack limit = 0x000000001cbcca37)
        Call trace:
         perf_event_mmap+0x2fc/0x5a0
         mmap_region+0x124/0x570
         do_mmap+0x344/0x4f8
         vm_mmap_pgoff+0xe4/0x110
         vm_mmap+0x2c/0x40
         elf_map+0x60/0x108
         load_elf_binary+0x450/0x12c4
         search_binary_handler+0x90/0x290
         __do_execve_file.isra.13+0x6e4/0x858
         sys_execve+0x3c/0x50
         el0_svc_naked+0x30/0x34
      
      This patch is fixing the problem by introducing a new check in function
      perf_addr_filter_match() to see if the filter's dentry is NULL.
      Signed-off-by: default avatarMathieu Poirier <mathieu.poirier@linaro.org>
      Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Acked-by: default avatarAlexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stephane Eranian <eranian@google.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Vince Weaver <vincent.weaver@maine.edu>
      Cc: acme@kernel.org
      Cc: miklos@szeredi.hu
      Cc: namhyung@kernel.org
      Cc: songliubraving@fb.com
      Fixes: 9511bce9 ("perf/core: Fix bad use of igrab()")
      Link: http://lkml.kernel.org/r/1531782831-1186-1-git-send-email-mathieu.poirier@linaro.orgSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      7f635ff1
    • Peter Zijlstra's avatar
      perf/x86/intel: Fix unwind errors from PEBS entries (mk-II) · 6cbc304f
      Peter Zijlstra authored
      Vince reported the perf_fuzzer giving various unwinder warnings and
      Josh reported:
      
      > Deja vu.  Most of these are related to perf PEBS, similar to the
      > following issue:
      >
      >   b8000586 ("perf/x86/intel: Cure bogus unwind from PEBS entries")
      >
      > This is basically the ORC version of that.  setup_pebs_sample_data() is
      > assembling a franken-pt_regs which ORC isn't happy about.  RIP is
      > inconsistent with some of the other registers (like RSP and RBP).
      
      And where the previous unwinder only needed BP,SP ORC also requires
      IP. But we cannot spoof IP because then the sample will get displaced,
      entirely negating the point of PEBS.
      
      So cure the whole thing differently by doing the unwind early; this
      does however require a means to communicate we did the unwind early.
      We (ab)use an unused sample_type bit for this, which we set on events
      that fill out the data->callchain before the normal
      perf_prepare_sample().
      Debugged-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Reported-by: default avatarVince Weaver <vincent.weaver@maine.edu>
      Tested-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
      Tested-by: default avatarPrashant Bhole <bhole_prashant_q7@lab.ntt.co.jp>
      Signed-off-by: default avatarPeter Zijlstra (Intel) <peterz@infradead.org>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Andy Lutomirski <luto@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stephane Eranian <eranian@google.com>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
      6cbc304f
  2. 24 Jul, 2018 2 commits
    • Ananth N Mavinakayanahalli's avatar
      MAINTAINERS: Add Naveen N. Rao as kprobes co-maintainer · 4799f685
      Ananth N Mavinakayanahalli authored
      Naveen has been contributing consistently reviewing and hardening
      kprobes for some time now. I have not been able to do the same due
      to other commitments.
      Signed-off-by: default avatarAnanth N Mavinakayanahalli <ananth@linux.vnet.ibm.com>
      Cc: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Thomas Gleixner <tglx@linutronix.de>
      Cc: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
      Cc: "David S. Miller" <davem@davemloft.net>
      Cc: Masami Hiramatsu <mhiramat@kernel.org>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Namhyung Kim <namhyung@kernel.org>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: akpm@linux-foundation.org
      Cc: mhiramat@kernel.org
      Link: http://lkml.kernel.org/r/153180735790.1914.15547706781664285286.stgit@thinktuxSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      4799f685
    • Thomas Gleixner's avatar
      perf/x86/amd/ibs: Don't access non-started event · d2753e6b
      Thomas Gleixner authored
      Paul Menzel reported the following bug:
      
      > Enabling the undefined behavior sanitizer and building GNU/Linux 4.18-rc5+
      > (with some unrelated commits) with GCC 8.1.0 from Debian Sid/unstable, the
      > warning below is shown.
      >
      > > [    2.111913]
      > > ================================================================================
      > > [    2.111917] UBSAN: Undefined behaviour in arch/x86/events/amd/ibs.c:582:24
      > > [    2.111919] member access within null pointer of type 'struct perf_event'
      > > [    2.111926] CPU: 0 PID: 144 Comm: udevadm Not tainted 4.18.0-rc5-00316-g4864b68cedf2 #104
      > > [    2.111928] Hardware name: ASROCK E350M1/E350M1, BIOS TIMELESS 01/01/1970
      > > [    2.111930] Call Trace:
      > > [    2.111943]  dump_stack+0x55/0x89
      > > [    2.111949]  ubsan_epilogue+0xb/0x33
      > > [    2.111953]  handle_null_ptr_deref+0x7f/0x90
      > > [    2.111958]  __ubsan_handle_type_mismatch_v1+0x55/0x60
      > > [    2.111964]  perf_ibs_handle_irq+0x596/0x620
      
      The code dereferences event before checking the STARTED bit. Patch
      below should cure the issue.
      
      The warning should not trigger, if I analyzed the thing correctly.
      (And Paul's testing confirms this.)
      Reported-by: default avatarPaul Menzel <pmenzel@molgen.mpg.de>
      Tested-by: default avatarPaul Menzel <pmenzel@molgen.mpg.de>
      Signed-off-by: default avatarThomas Gleixner <tglx@linutronix.de>
      Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
      Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
      Cc: Borislav Petkov <bp@alien8.de>
      Cc: Jiri Olsa <jolsa@redhat.com>
      Cc: Linus Torvalds <torvalds@linux-foundation.org>
      Cc: Paul Menzel <pmenzel+linux-x86@molgen.mpg.de>
      Cc: Peter Zijlstra <peterz@infradead.org>
      Cc: Stephane Eranian <eranian@google.com>
      Cc: Vince Weaver <vincent.weaver@maine.edu>
      Link: http://lkml.kernel.org/r/alpine.DEB.2.21.1807200958390.1580@nanos.tec.linutronix.deSigned-off-by: default avatarIngo Molnar <mingo@kernel.org>
      d2753e6b
  3. 22 Jul, 2018 8 commits
  4. 21 Jul, 2018 12 commits
  5. 20 Jul, 2018 16 commits