summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWang Nan <wangnan0@huawei.com>2016-05-23 07:13:39 +0000
committerArnaldo Carvalho de Melo <acme@redhat.com>2016-05-23 18:22:46 -0300
commit2d11c65071d489e20b3a811167507939dd8c2eac (patch)
tree48068295866612fb8c24d4adedf3fe1d284bd493
parent65aea2338765da1a58cc26eeb84d72308492ecb5 (diff)
downloadlinux-2d11c65071d489e20b3a811167507939dd8c2eac.tar.gz
linux-2d11c65071d489e20b3a811167507939dd8c2eac.tar.bz2
linux-2d11c65071d489e20b3a811167507939dd8c2eac.zip
perf record: Prevent reading invalid data in record__mmap_read
When record__mmap_read() requires data more than the size of ring buffer, drop those data to avoid accessing invalid memory. This can happen when reading from overwritable ring buffer, which should be avoided. However, check this for robustness. Signed-off-by: Wang Nan <wangnan0@huawei.com> Cc: Jiri Olsa <jolsa@kernel.org> Cc: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com> Cc: Namhyung Kim <namhyung@kernel.org> Cc: Zefan Li <lizefan@huawei.com> Cc: pi3orama@163.com Link: http://lkml.kernel.org/r/1463987628-163563-3-git-send-email-wangnan0@huawei.com Signed-off-by: He Kuang <hekuang@huawei.com> Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
-rw-r--r--tools/perf/builtin-record.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/tools/perf/builtin-record.c b/tools/perf/builtin-record.c
index f3679c44d3f3..f302cc937ca5 100644
--- a/tools/perf/builtin-record.c
+++ b/tools/perf/builtin-record.c
@@ -40,6 +40,7 @@
#include <unistd.h>
#include <sched.h>
#include <sys/mman.h>
+#include <asm/bug.h>
struct record {
@@ -98,6 +99,13 @@ static int record__mmap_read(struct record *rec, int idx)
rec->samples++;
size = head - old;
+ if (size > (unsigned long)(md->mask) + 1) {
+ WARN_ONCE(1, "failed to keep up with mmap data. (warn only once)\n");
+
+ md->prev = head;
+ perf_evlist__mmap_consume(rec->evlist, idx);
+ return 0;
+ }
if ((old & md->mask) + size != (head & md->mask)) {
buf = &data[old & md->mask];