diff options
| author | Peter Zijlstra <a.p.zijlstra@chello.nl> | 2009-08-19 05:18:26 -0400 |
|---|---|---|
| committer | Ingo Molnar <mingo@elte.hu> | 2009-08-19 09:25:51 -0400 |
| commit | fa6963b2481beff8b11f76006fbb63fdbbf2d2d7 (patch) | |
| tree | 001ec6fcaf0524ba07d950c1d983722513fff73a /tools/perf/builtin-report.c | |
| parent | b395cd8a74b4a8d943dd4b5585e676f62f7350b3 (diff) | |
perf tools: Check perf.data owner
Add an owner check to opening perf.data files and a switch to
silence it.
Because perf-report/perf-annotate are binary parsers reading
another users' perf.data file could be a security risk if the
file were explicitly engineered to trigger bugs in the parser
(we hope of course there are non such bugs, but you never
know).
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Mike Galbraith <efault@gmx.de>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Paul Mackerras <paulus@samba.org>
LKML-Reference: <20090819092023.896648538@chello.nl>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
Diffstat (limited to 'tools/perf/builtin-report.c')
| -rw-r--r-- | tools/perf/builtin-report.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/tools/perf/builtin-report.c b/tools/perf/builtin-report.c index b53a60fc12de..8b2ec882e6e0 100644 --- a/tools/perf/builtin-report.c +++ b/tools/perf/builtin-report.c | |||
| @@ -38,6 +38,7 @@ static char *dso_list_str, *comm_list_str, *sym_list_str, | |||
| 38 | static struct strlist *dso_list, *comm_list, *sym_list; | 38 | static struct strlist *dso_list, *comm_list, *sym_list; |
| 39 | static char *field_sep; | 39 | static char *field_sep; |
| 40 | 40 | ||
| 41 | static int force; | ||
| 41 | static int input; | 42 | static int input; |
| 42 | static int show_mask = SHOW_KERNEL | SHOW_USER | SHOW_HV; | 43 | static int show_mask = SHOW_KERNEL | SHOW_USER | SHOW_HV; |
| 43 | 44 | ||
| @@ -1856,6 +1857,11 @@ static int __cmd_report(void) | |||
| 1856 | exit(-1); | 1857 | exit(-1); |
| 1857 | } | 1858 | } |
| 1858 | 1859 | ||
| 1860 | if (!force && (stat.st_uid != geteuid())) { | ||
| 1861 | fprintf(stderr, "file: %s not owned by current user\n", input_name); | ||
| 1862 | exit(-1); | ||
| 1863 | } | ||
| 1864 | |||
| 1859 | if (!stat.st_size) { | 1865 | if (!stat.st_size) { |
| 1860 | fprintf(stderr, "zero-sized file, nothing to do!\n"); | 1866 | fprintf(stderr, "zero-sized file, nothing to do!\n"); |
| 1861 | exit(0); | 1867 | exit(0); |
| @@ -2064,6 +2070,7 @@ static const struct option options[] = { | |||
| 2064 | OPT_BOOLEAN('D', "dump-raw-trace", &dump_trace, | 2070 | OPT_BOOLEAN('D', "dump-raw-trace", &dump_trace, |
| 2065 | "dump raw trace in ASCII"), | 2071 | "dump raw trace in ASCII"), |
| 2066 | OPT_STRING('k', "vmlinux", &vmlinux, "file", "vmlinux pathname"), | 2072 | OPT_STRING('k', "vmlinux", &vmlinux, "file", "vmlinux pathname"), |
| 2073 | OPT_BOOLEAN('f', "force", &force, "don't complain, do it"), | ||
| 2067 | OPT_BOOLEAN('m', "modules", &modules, | 2074 | OPT_BOOLEAN('m', "modules", &modules, |
| 2068 | "load module symbols - WARNING: use only with -k and LIVE kernel"), | 2075 | "load module symbols - WARNING: use only with -k and LIVE kernel"), |
| 2069 | OPT_BOOLEAN('n', "show-nr-samples", &show_nr_samples, | 2076 | OPT_BOOLEAN('n', "show-nr-samples", &show_nr_samples, |