From 5c8a43258cffd1e6b25a08420446521eb509140f Mon Sep 17 00:00:00 2001 From: Ben Hutchings Date: Thu, 21 Nov 2013 01:15:50 +0000 Subject: [PATCH] perf/ftrace: Fix paranoid level for enabling function tracer (CVE-2013-2930) svn path=/dists/trunk/linux/; revision=20800 --- debian/changelog | 2 + ...paranoid-level-for-enabling-function.patch | 42 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 45 insertions(+) create mode 100644 debian/patches/bugfix/all/perf-ftrace-Fix-paranoid-level-for-enabling-function.patch diff --git a/debian/changelog b/debian/changelog index 3f014337a..68e7148b5 100644 --- a/debian/changelog +++ b/debian/changelog @@ -12,6 +12,8 @@ linux (3.12-1~exp1) UNRELEASED; urgency=low size * [arm,x86,s390,s390x] Introduce linux-compiler meta-packages to allow use of foreign linux-headers packages with a native multilib compiler + * perf/ftrace: Fix paranoid level for enabling function tracer + (CVE-2013-2930) [ Thorsten Glaser ] * Update m68k config (Closes: #728392): diff --git a/debian/patches/bugfix/all/perf-ftrace-Fix-paranoid-level-for-enabling-function.patch b/debian/patches/bugfix/all/perf-ftrace-Fix-paranoid-level-for-enabling-function.patch new file mode 100644 index 000000000..c9a3c58cc --- /dev/null +++ b/debian/patches/bugfix/all/perf-ftrace-Fix-paranoid-level-for-enabling-function.patch @@ -0,0 +1,42 @@ +From: Steven Rostedt +Date: Tue, 5 Nov 2013 12:51:11 -0500 +Subject: perf/ftrace: Fix paranoid level for enabling function tracer +Origin: https://git.kernel.org/cgit/linux/kernel/git/rostedt/linux-trace.git/commit?id=d1356abac98cce8e7765186f8093da1442d74d1d + +The current default perf paranoid level is "1" which has +"perf_paranoid_kernel()" return false, and giving any operations that +use it, access to normal users. Unfortunately, this includes function +tracing and normal users should not be allowed to enable function +tracing by default. + +The proper level is defined at "-1" (full perf access), which +"perf_paranoid_tracepoint_raw()" will only give access to. Use that +check instead for enabling function tracing. + +Reported-by: Dave Jones +Reported-by: Vince Weaver +Cc: Peter Zijlstra +Cc: Ingo Molnar +Cc: Jiri Olsa +Cc: Frederic Weisbecker +Cc: stable@vger.kernel.org # 3.4+ +CVE: CVE-2013-2930 +Fixes: ced39002f5ea ("ftrace, perf: Add support to use function tracepoint in perf") +Signed-off-by: Steven Rostedt +--- + kernel/trace/trace_event_perf.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/kernel/trace/trace_event_perf.c b/kernel/trace/trace_event_perf.c +index 80c36bc..78e27e3 100644 +--- a/kernel/trace/trace_event_perf.c ++++ b/kernel/trace/trace_event_perf.c +@@ -26,7 +26,7 @@ static int perf_trace_event_perm(struct ftrace_event_call *tp_event, + { + /* The ftrace function trace is allowed only for root. */ + if (ftrace_event_is_function(tp_event) && +- perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN)) ++ perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN)) + return -EPERM; + + /* No tracing, just counting, so no obvious leak */ diff --git a/debian/patches/series b/debian/patches/series index 318614409..593e67c08 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -76,3 +76,4 @@ bugfix/all/kbuild-use-nostdinc-in-compile-tests.patch debian/add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch bugfix/all/UAPI-include-asm-byteorder.h-in-linux-raid-md_p.h.patch bugfix/all/CVE-2013-4348.patch +bugfix/all/perf-ftrace-Fix-paranoid-level-for-enabling-function.patch