diff options
author | Peter Zijlstra <a.p.zijlstra@chello.nl> | 2009-08-19 05:18:26 -0400 |
---|---|---|
committer | Ingo Molnar <mingo@elte.hu> | 2009-08-19 09:25:51 -0400 |
commit | fa6963b2481beff8b11f76006fbb63fdbbf2d2d7 (patch) | |
tree | 001ec6fcaf0524ba07d950c1d983722513fff73a /tools/perf/builtin-annotate.c | |
parent | b395cd8a74b4a8d943dd4b5585e676f62f7350b3 (diff) |
perf tools: Check perf.data owner
Add an owner check to opening perf.data files and a switch to
silence it.
Because perf-report/perf-annotate are binary parsers reading
another users' perf.data file could be a security risk if the
file were explicitly engineered to trigger bugs in the parser
(we hope of course there are non such bugs, but you never
know).
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Paul Mackerras <paulus@samba.org>
LKML-Reference: <20090819092023.896648538@chello.nl>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Diffstat (limited to 'tools/perf/builtin-annotate.c')
-rw-r--r-- | tools/perf/builtin-annotate.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/tools/perf/builtin-annotate.c b/tools/perf/builtin-annotate.c index 343e7b14bf01..5e17de984dc8 100644 --- a/tools/perf/builtin-annotate.c +++ b/tools/perf/builtin-annotate.c | |||
@@ -31,6 +31,7 @@ static char *vmlinux = "vmlinux"; | |||
31 | static char default_sort_order[] = "comm,symbol"; | 31 | static char default_sort_order[] = "comm,symbol"; |
32 | static char *sort_order = default_sort_order; | 32 | static char *sort_order = default_sort_order; |
33 | 33 | ||
34 | static int force; | ||
34 | static int input; | 35 | static int input; |
35 | static int show_mask = SHOW_KERNEL | SHOW_USER | SHOW_HV; | 36 | static int show_mask = SHOW_KERNEL | SHOW_USER | SHOW_HV; |
36 | 37 | ||
@@ -1334,6 +1335,11 @@ static int __cmd_annotate(void) | |||
1334 | exit(-1); | 1335 | exit(-1); |
1335 | } | 1336 | } |
1336 | 1337 | ||
1338 | if (!force && (stat.st_uid != geteuid())) { | ||
1339 | fprintf(stderr, "file: %s not owned by current user\n", input_name); | ||
1340 | exit(-1); | ||
1341 | } | ||
1342 | |||
1337 | if (!stat.st_size) { | 1343 | if (!stat.st_size) { |
1338 | fprintf(stderr, "zero-sized file, nothing to do!\n"); | 1344 | fprintf(stderr, "zero-sized file, nothing to do!\n"); |
1339 | exit(0); | 1345 | exit(0); |
@@ -1439,6 +1445,7 @@ static const struct option options[] = { | |||
1439 | "input file name"), | 1445 | "input file name"), |
1440 | OPT_STRING('s', "symbol", &sym_hist_filter, "symbol", | 1446 | OPT_STRING('s', "symbol", &sym_hist_filter, "symbol", |
1441 | "symbol to annotate"), | 1447 | "symbol to annotate"), |
1448 | OPT_BOOLEAN('f', "force", &force, "don't complain, do it"), | ||
1442 | OPT_BOOLEAN('v', "verbose", &verbose, | 1449 | OPT_BOOLEAN('v', "verbose", &verbose, |
1443 | "be more verbose (show symbol address, etc)"), | 1450 | "be more verbose (show symbol address, etc)"), |
1444 | OPT_BOOLEAN('D', "dump-raw-trace", &dump_trace, | 1451 | OPT_BOOLEAN('D', "dump-raw-trace", &dump_trace, |