summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2013-11-08 08:54:53 +0900
committerLinus Torvalds <torvalds@linux-foundation.org>2013-11-08 08:54:53 +0900
commit6c86ae2928f9e4cbf0d5844f5fcfd549e3450b8c (patch)
tree47963d4a27f4dd318474de096ba2aca7e90f7150
parent3ae423fe4734af3b2f7ac718c6e64e72bfe443b3 (diff)
parent12ae030d54ef250706da5642fc7697cc60ad0df7 (diff)
Merge tag 'ftrace-urgent-3.12-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
Pull perf/ftrace fix from Steven Rostedt: "Dave Jones's trinity program was able to enable the function tracer from a normal user account via the perf syscall "perf_event_open()". When I was able to reproduce it with trinity, I was able to track down exactly how it happened. I discovered that the check for whether the function tracepoint should be activated or not was using the "perf_paranoid_kernel()" check which by default, lets the user continue. The user should not by default be able to enable function tracing. The fix is to use "perf_paranoid_tracepoint_raw()" which will not let the user enable function tracing. This is a security fix as normal users should never be allowed to enable the function tracer" * tag 'ftrace-urgent-3.12-v2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace: perf/ftrace: Fix paranoid level for enabling function tracer
-rw-r--r--kernel/trace/trace_event_perf.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/trace/trace_event_perf.c b/kernel/trace/trace_event_perf.c
index 80c36bcf66e..78e27e3b52a 100644
--- a/kernel/trace/trace_event_perf.c
+++ b/kernel/trace/trace_event_perf.c
@@ -26,7 +26,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event,
{
/* The ftrace function trace is allowed only for root. */
if (ftrace_event_is_function(tp_event) &&
- perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
+ perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
return -EPERM;
/* No tracing, just counting, so no obvious leak */