Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[PATCH v1] perf report: Fix owner error when reading perf.data
337 views
Skip to first unread message
Taeung Song
Oct 1, 2015, 5:10:08 AM10/1/15
to
If perf.data file is owned by some user,
it can't be read even if current user is root.
A 'st_uid' from fstat() is user ID of the file owner.
Therefore use getuid() instead of st_uid to check if
user of the calling 'perf' process is root or not.
Signed-off-by: Taeung Song <treeze...@gmail.com>
---
tools/perf/util/data.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/util/data.c b/tools/perf/util/data.c
index 1921942..91ebe4e 100644
--- a/tools/perf/util/data.c
+++ b/tools/perf/util/data.c
@@ -67,7 +67,7 @@ static int open_file_read(struct perf_data_file *file)
if (fstat(fd, &st) < 0)
goto out_close;
- if (!file->force && st.st_uid && (st.st_uid != geteuid())) {
+ if (!file->force && getuid() && (st.st_uid != geteuid())) {
pr_err("File %s not owned by current user or root (use -f to override)\n",
file->path);
goto out_close;
--
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
it can't be read even if current user is root.
A 'st_uid' from fstat() is user ID of the file owner.
Therefore use getuid() instead of st_uid to check if
user of the calling 'perf' process is root or not.
Signed-off-by: Taeung Song <treeze...@gmail.com>
---
tools/perf/util/data.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/util/data.c b/tools/perf/util/data.c
index 1921942..91ebe4e 100644
--- a/tools/perf/util/data.c
+++ b/tools/perf/util/data.c
@@ -67,7 +67,7 @@ static int open_file_read(struct perf_data_file *file)
if (fstat(fd, &st) < 0)
goto out_close;
- if (!file->force && st.st_uid && (st.st_uid != geteuid())) {
+ if (!file->force && getuid() && (st.st_uid != geteuid())) {
pr_err("File %s not owned by current user or root (use -f to override)\n",
file->path);
goto out_close;
--
1.9.1
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majo...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Ingo Molnar
Oct 1, 2015, 5:20:07 AM10/1/15
to
* Taeung Song <treeze...@gmail.com> wrote:
> If perf.data file is owned by some user,
> it can't be read even if current user is root.
root who does 'perf report' accidentally or in the wrong directory.
root can copy or chown it to himself - or we could add some --really-force flag
for that.
Thanks,
Ingo
Taeung Song
Oct 1, 2015, 8:30:10 AM10/1/15
to
> On Oct 1, 2015, at 6:10 PM, Ingo Molnar <mi...@kernel.org> wrote:
>
>
> * Taeung Song <treeze...@gmail.com> wrote:
>
>> If perf.data file is owned by some user,
>> it can't be read even if current user is root.
>
> That's intentional: to keep a malicious local user from passing a perf.data to
> root who does 'perf report' accidentally or in the wrong directory.
>
> root can copy or chown it to himself - or we could add some --really-force flag
> for that.
I didn’t know its intention.
Thanks,
Taeung
Arnaldo Carvalho de Melo
Oct 1, 2015, 9:00:07 AM10/1/15
to
Em Thu, Oct 01, 2015 at 09:26:26PM +0900, Taeung Song escreveu:
> > On Oct 1, 2015, at 6:10 PM, Ingo Molnar <mi...@kernel.org> wrote:
> > * Taeung Song <treeze...@gmail.com> wrote:
> >> If perf.data file is owned by some user,
> >> it can't be read even if current user is root.
> > That's intentional: to keep a malicious local user from passing a perf.data to
> > root who does 'perf report' accidentally or in the wrong directory.
> > root can copy or chown it to himself - or we could add some --really-force flag
> > for that.
> I got it.
> I didn’t know its intention.
Feel free to transform Ingo's comment in a C source code comment right
> > On Oct 1, 2015, at 6:10 PM, Ingo Molnar <mi...@kernel.org> wrote:
> > * Taeung Song <treeze...@gmail.com> wrote:
> >> If perf.data file is owned by some user,
> >> it can't be read even if current user is root.
> > That's intentional: to keep a malicious local user from passing a perf.data to
> > root who does 'perf report' accidentally or in the wrong directory.
> > root can copy or chown it to himself - or we could add some --really-force flag
> > for that.
> I got it.
> I didn’t know its intention.
besides the code doing that check, this way when someone else thinks
this is wrong, like you did, the comment will clarify things.
- Arnaldo
0 new messages