Bug 507867 - perf_event_open group_fd isn't checked

author Paul Floyd <pjfloyd@wanadoo.fr>

Sun, 31 Aug 2025 08:44:49 +0000 (10:44 +0200)

committer Paul Floyd <pjfloyd@wanadoo.fr>

Sun, 31 Aug 2025 08:44:49 +0000 (10:44 +0200)
author Paul Floyd <pjfloyd@wanadoo.fr>
Sun, 31 Aug 2025 08:44:49 +0000 (10:44 +0200)
committer Paul Floyd <pjfloyd@wanadoo.fr>
Sun, 31 Aug 2025 08:44:49 +0000 (10:44 +0200)
diff --git a/NEWS b/NEWS

index d9ac8bdcb87eeefdce42e5ef41c1fb5ef782d84a..8b7f688f3237c54cff4cd451f69d601bfb9c5a8c 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -77,6 +77,7 @@ are not entered into bugzilla tend to get forgotten about or ignored.
  507721  Wire up illumos and Solaris mallinfo
  507853  faccessat and faccessat2 should handle AT_FDCWD and absolute paths
  507866  fanotify_mark dirfd isn't checked
+507867  perf_event_open group_fd isn't checked
  507868  futimesat doesn't handle AT_FDCWD
  507869  Various at syscalls don't check dirfd argument
  507873  Make fchmodat and fchmodat2 syscall wrappers accept AT_FDCWD
diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c

index a511ccfe21dd3fc4fbca98e49322f2f455fedcf2..fef23763f33daf3d4aa1b55c52d1a9cbf803eb4a 100644 (file)
--- a/coregrind/m_syswrap/syswrap-linux.c
+++ b/coregrind/m_syswrap/syswrap-linux.c
@@ -4155,6 +4155,8 @@ PRE(sys_stime)
  
  PRE(sys_perf_event_open)
  {
+   // int syscall(SYS_perf_event_open, struct perf_event_attr *attr,
+   //             pid_t pid, int cpu, int group_fd, unsigned long flags);
     struct vki_perf_event_attr *attr;
     PRINT("sys_perf_event_open ( %#" FMT_REGWORD "x, %ld, %ld, %ld, %#"
           FMT_REGWORD "x )", ARG1, SARG2, SARG3, SARG4, ARG5);
@@ -4167,6 +4169,13 @@ PRE(sys_perf_event_open)
                   (Addr)&attr->size, sizeof(attr->size) );
     PRE_MEM_READ( "perf_event_open(attr)",
                   (Addr)attr, attr->size );
+   if ((ARG5 & VKI_PERF_FLAG_FD_NO_GROUP) != VKI_PERF_FLAG_FD_NO_GROUP) {
+       if ((Int)SARG4 != -1) {
+          if (!ML_(fd_allowed)(SARG4, "perf_event_open", tid, False)) {
+             SET_STATUS_Failure(VKI_EBADF);
+          }
+       }
+   }
  }
  
  POST(sys_perf_event_open)
diff --git a/include/vki/vki-linux.h b/include/vki/vki-linux.h

index c31035cbbe2504cca7b79fa9ced1835b15d935bf..1e04bdd4887352fd0a9ef776c1bf2590bcd4e72f 100644 (file)
--- a/include/vki/vki-linux.h
+++ b/include/vki/vki-linux.h
@@ -3223,6 +3223,8 @@ struct vki_perf_event_attr {
  #define VKI_PERF_EVENT_IOC_ID           _VKI_IOR('$', 7, __vki_u64 *)
  #define VKI_PERF_EVENT_IOC_SET_BPF      _VKI_IOW('$', 8, __vki_u32)
  
+#define VKI_PERF_FLAG_FD_NO_GROUP       (1UL << 0)
+
  /*--------------------------------------------------------------------*/
  // From linux-2.6.32.4/include/linux/getcpu.h
  /*--------------------------------------------------------------------*/
author	Paul Floyd <pjfloyd@wanadoo.fr>
	Sun, 31 Aug 2025 08:44:49 +0000 (10:44 +0200)
committer	Paul Floyd <pjfloyd@wanadoo.fr>
	Sun, 31 Aug 2025 08:44:49 +0000 (10:44 +0200)
NEWS		patch \| blob \| blame \| history
coregrind/m_syswrap/syswrap-linux.c		patch \| blob \| blame \| history
include/vki/vki-linux.h		patch \| blob \| blame \| history