From: Paul Floyd Date: Sun, 31 Aug 2025 08:44:49 +0000 (+0200) Subject: Bug 507867 - perf_event_open group_fd isn't checked X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=d9ed6b6f29d217ce9b2c4ccebcc255574d4d55b5;p=thirdparty%2Fvalgrind.git Bug 507867 - perf_event_open group_fd isn't checked --- diff --git a/NEWS b/NEWS index d9ac8bdcb..8b7f688f3 100644 --- a/NEWS +++ b/NEWS @@ -77,6 +77,7 @@ are not entered into bugzilla tend to get forgotten about or ignored. 507721 Wire up illumos and Solaris mallinfo 507853 faccessat and faccessat2 should handle AT_FDCWD and absolute paths 507866 fanotify_mark dirfd isn't checked +507867 perf_event_open group_fd isn't checked 507868 futimesat doesn't handle AT_FDCWD 507869 Various at syscalls don't check dirfd argument 507873 Make fchmodat and fchmodat2 syscall wrappers accept AT_FDCWD diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index a511ccfe2..fef23763f 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -4155,6 +4155,8 @@ PRE(sys_stime) PRE(sys_perf_event_open) { + // int syscall(SYS_perf_event_open, struct perf_event_attr *attr, + // pid_t pid, int cpu, int group_fd, unsigned long flags); struct vki_perf_event_attr *attr; PRINT("sys_perf_event_open ( %#" FMT_REGWORD "x, %ld, %ld, %ld, %#" FMT_REGWORD "x )", ARG1, SARG2, SARG3, SARG4, ARG5); @@ -4167,6 +4169,13 @@ PRE(sys_perf_event_open) (Addr)&attr->size, sizeof(attr->size) ); PRE_MEM_READ( "perf_event_open(attr)", (Addr)attr, attr->size ); + if ((ARG5 & VKI_PERF_FLAG_FD_NO_GROUP) != VKI_PERF_FLAG_FD_NO_GROUP) { + if ((Int)SARG4 != -1) { + if (!ML_(fd_allowed)(SARG4, "perf_event_open", tid, False)) { + SET_STATUS_Failure(VKI_EBADF); + } + } + } } POST(sys_perf_event_open) diff --git a/include/vki/vki-linux.h b/include/vki/vki-linux.h index c31035cbb..1e04bdd48 100644 --- a/include/vki/vki-linux.h +++ b/include/vki/vki-linux.h @@ -3223,6 +3223,8 @@ struct vki_perf_event_attr { #define VKI_PERF_EVENT_IOC_ID _VKI_IOR('$', 7, __vki_u64 *) #define VKI_PERF_EVENT_IOC_SET_BPF _VKI_IOW('$', 8, __vki_u32) +#define VKI_PERF_FLAG_FD_NO_GROUP (1UL << 0) + /*--------------------------------------------------------------------*/ // From linux-2.6.32.4/include/linux/getcpu.h /*--------------------------------------------------------------------*/