summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMadhavan Srinivasan <maddy@linux.vnet.ibm.com>2018-03-21 17:10:26 +0530
committerMichael Ellerman <mpe@ellerman.id.au>2018-03-27 19:25:09 +1100
commitcd1231d7035fea894118d5155ff984cdaf1ac1a2 (patch)
treeb69f07fd0c77915b86ac3e641b4611a1a546c6e5
parentbb19af816025d495376bd76bf6fbcf4244f9a06d (diff)
downloadlinux-stable-cd1231d7035fea894118d5155ff984cdaf1ac1a2.tar.gz
linux-stable-cd1231d7035fea894118d5155ff984cdaf1ac1a2.tar.bz2
linux-stable-cd1231d7035fea894118d5155ff984cdaf1ac1a2.zip
powerpc/perf: Prevent kernel address leak via perf_get_data_addr()
Sampled Data Address Register (SDAR) is a 64-bit register that contains the effective address of the storage operand of an instruction that was being executed, possibly out-of-order, at or around the time that the Performance Monitor alert occurred. In certain scenario SDAR happen to contain the kernel address even for userspace only sampling. Add checks to prevent it. Signed-off-by: Madhavan Srinivasan <maddy@linux.vnet.ibm.com> Signed-off-by: Michael Ellerman <mpe@ellerman.id.au>
-rw-r--r--arch/powerpc/perf/core-book3s.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/arch/powerpc/perf/core-book3s.c b/arch/powerpc/perf/core-book3s.c
index 1e55ae2f2afd..a00b364fb9d7 100644
--- a/arch/powerpc/perf/core-book3s.c
+++ b/arch/powerpc/perf/core-book3s.c
@@ -198,6 +198,10 @@ static inline void perf_get_data_addr(struct pt_regs *regs, u64 *addrp)
if (!(mmcra & MMCRA_SAMPLE_ENABLE) || sdar_valid)
*addrp = mfspr(SPRN_SDAR);
+
+ if (perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN) &&
+ is_kernel_addr(mfspr(SPRN_SDAR)))
+ *addrp = 0;
}
static bool regs_sihv(struct pt_regs *regs)