This is a note to let you know that I've just added the patch titled
bpf, trace: check event type in bpf_perf_event_read
to the 4.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
bpf-trace-check-event-type-in-bpf_perf_event_read.patch
and it can be found in the queue-4.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From ad572d174787daa59e24b8b5c83028c09cdb5ddb Mon Sep 17 00:00:00 2001
From: Alexei Starovoitov <ast@xxxxxxxxxx>
Date: Wed, 15 Jun 2016 18:25:39 -0700
Subject: bpf, trace: check event type in bpf_perf_event_read
From: Alexei Starovoitov <ast@xxxxxx>
commit ad572d174787daa59e24b8b5c83028c09cdb5ddb upstream.
similar to bpf_perf_event_output() the bpf_perf_event_read() helper
needs to check the type of the perf_event before reading the counter.
Fixes: a43eec304259 ("bpf: introduce bpf_perf_event_output() helper")
Reported-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxx>
Acked-by: Daniel Borkmann <daniel@xxxxxxxxxxxxx>
Signed-off-by: David S. Miller <davem@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
kernel/trace/bpf_trace.c | 4 ++++
1 file changed, 4 insertions(+)
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -206,6 +206,10 @@ static u64 bpf_perf_event_read(u64 r1, u
event->pmu->count)
return -EINVAL;
+ if (unlikely(event->attr.type != PERF_TYPE_HARDWARE &&
+ event->attr.type != PERF_TYPE_RAW))
+ return -EINVAL;
+
/*
* we don't know if the function is run successfully by the
* return value. It can be judged in other places, such as
Patches currently in stable-queue which might be from ast@xxxxxxxxxx are
queue-4.4/cls_bpf-reset-class-and-reuse-major-in-da.patch
queue-4.4/bpf-trace-check-event-type-in-bpf_perf_event_read.patch
queue-4.4/bpf-mips-fix-off-by-one-in-ctx-offset-allocation.patch
