From eb4f625015c58fc935a1e8afd6d42b439e5e13ed Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 26 Nov 2013 08:06:30 -0800
Subject: [PATCH] 3.11-stable patches

added patches:
	perf-ftrace-fix-paranoid-level-for-enabling-function-tracer.patch
---
 ...d-level-for-enabling-function-tracer.patch | 46 +++++++++++++++++++
 queue-3.11/series                             |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 queue-3.11/perf-ftrace-fix-paranoid-level-for-enabling-function-tracer.patch

diff --git a/queue-3.11/perf-ftrace-fix-paranoid-level-for-enabling-function-tracer.patch b/queue-3.11/perf-ftrace-fix-paranoid-level-for-enabling-function-tracer.patch
new file mode 100644
index 00000000000..afc8b3bee85
--- /dev/null
+++ b/queue-3.11/perf-ftrace-fix-paranoid-level-for-enabling-function-tracer.patch
@@ -0,0 +1,46 @@
+From 12ae030d54ef250706da5642fc7697cc60ad0df7 Mon Sep 17 00:00:00 2001
+From: Steven Rostedt <rostedt@goodmis.org>
+Date: Tue, 5 Nov 2013 12:51:11 -0500
+Subject: perf/ftrace: Fix paranoid level for enabling function tracer
+
+From: Steven Rostedt <rostedt@goodmis.org>
+
+commit 12ae030d54ef250706da5642fc7697cc60ad0df7 upstream.
+
+The current default perf paranoid level is "1" which has
+"perf_paranoid_kernel()" return false, and giving any operations that
+use it, access to normal users. Unfortunately, this includes function
+tracing and normal users should not be allowed to enable function
+tracing by default.
+
+The proper level is defined at "-1" (full perf access), which
+"perf_paranoid_tracepoint_raw()" will only give access to. Use that
+check instead for enabling function tracing.
+
+Reported-by: Dave Jones <davej@redhat.com>
+Reported-by: Vince Weaver <vincent.weaver@maine.edu>
+Tested-by: Vince Weaver <vincent.weaver@maine.edu>
+Cc: Peter Zijlstra <peterz@infradead.org>
+Cc: Ingo Molnar <mingo@kernel.org>
+Cc: Jiri Olsa <jolsa@redhat.com>
+Cc: Frederic Weisbecker <fweisbec@gmail.com>
+CVE: CVE-2013-2930
+Fixes: ced39002f5ea ("ftrace, perf: Add support to use function tracepoint in perf")
+Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ kernel/trace/trace_event_perf.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/kernel/trace/trace_event_perf.c
++++ b/kernel/trace/trace_event_perf.c
+@@ -26,7 +26,7 @@ static int perf_trace_event_perm(struct
+ {
+ 	/* The ftrace function trace is allowed only for root. */
+ 	if (ftrace_event_is_function(tp_event) &&
+-	    perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
++	    perf_paranoid_tracepoint_raw() && !capable(CAP_SYS_ADMIN))
+ 		return -EPERM;
+ 
+ 	/* No tracing, just counting, so no obvious leak */
diff --git a/queue-3.11/series b/queue-3.11/series
index 4b781e1e3af..f04d7ab6286 100644
--- a/queue-3.11/series
+++ b/queue-3.11/series
@@ -19,3 +19,4 @@ sched-idle-fix-the-idle-polling-state-logic.patch
 pci-allow-pcie-capability-link-related-register-access-for-switches.patch
 pci-remove-pcie-capability-version-checks.patch
 pci-support-pcie-capability-slot-registers-only-for-ports-with-slots.patch
+perf-ftrace-fix-paranoid-level-for-enabling-function-tracer.patch
-- 
2.47.3