* Vince Weaver vincent.weaver@maine.edu wrote:
On Mon, 6 Jan 2020, Vince Weaver wrote:
On Mon, 6 Jan 2020, Mark Rutland wrote:
On Thu, Jan 02, 2020 at 02:22:47PM -0500, Vince Weaver wrote:
On Thu, 2 Jan 2020, Vince Weaver wrote:
Vince, does the below (untested) patch work for you?
yes, this patch fixes things for me.
Tested-by: Vince Weaver vincent.weaver@maine.edu
is this patch going to make it upstream? It's a fairly major correctness bug with perf_event_open().
I just sent it to Linus.
In hindsight this should have been marked Cc: stable for v5.4 - we should forward it to Greg once Linus has pulled it:
da9ec3d3dd0f: ("perf: Correctly handle failed perf_get_aux_event()")
Note that in the v5.4 cherry-pick there's a conflict due to interaction with another recent commit - I've attached the ported fix against v5.4, but have only test built it.
Thanks,
Ingo
==============>
From 703595681c934d2a88a91e8a41f7f63eeb1573e0 Mon Sep 17 00:00:00 2001
From: Ingo Molnar mingo@kernel.org Date: Sat, 18 Jan 2020 19:03:55 +0100 Subject: [PATCH] perf: Correctly handle failed perf_get_aux_event()
Vince reports a worrying issue:
| so I was tracking down some odd behavior in the perf_fuzzer which turns | out to be because perf_even_open() sometimes returns 0 (indicating a file | descriptor of 0) even though as far as I can tell stdin is still open.
... and further the cause:
| error is triggered if aux_sample_size has non-zero value. | | seems to be this line in kernel/events/core.c: | | if (perf_need_aux_event(event) && !perf_get_aux_event(event, group_leader)) | goto err_locked; | | (note, err is never set)
This seems to be a thinko in commit:
ab43762ef010967e ("perf: Allow normal events to output AUX data")
... and we should probably return -EINVAL here, as this should only happen when the new event is mis-configured or does not have a compatible aux_event group leader.
Fixes: ab43762ef010967e ("perf: Allow normal events to output AUX data") Reported-by: Vince Weaver vincent.weaver@maine.edu Signed-off-by: Mark Rutland mark.rutland@arm.com Signed-off-by: Peter Zijlstra (Intel) peterz@infradead.org Signed-off-by: Ingo Molnar mingo@kernel.org Acked-by: Alexander Shishkin alexander.shishkin@linux.intel.com Tested-by: Vince Weaver vincent.weaver@maine.edu (cherry picked from commit da9ec3d3dd0f1240a48920be063448a2242dbd90) --- kernel/events/core.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/kernel/events/core.c b/kernel/events/core.c index 00a014670ed0..291fe3e2165f 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -11184,8 +11184,10 @@ SYSCALL_DEFINE5(perf_event_open, } }
- if (event->attr.aux_output && !perf_get_aux_event(event, group_leader)) + if (event->attr.aux_output && !perf_get_aux_event(event, group_leader)) { + err = -EINVAL; goto err_locked; + }
/* * Must be under the same ctx::mutex as perf_install_in_context(),