It passes the attr struct to the security_perf_event_open() but it's
not initialized yet.

Fixes: da97e18458fb ("perf_event: Add support for LSM and SELinux checks")
Cc: Joel Fernandes (Google) <joel@joelfernandes.org>
Signed-off-by: Namhyung Kim <namhyung@kernel.org>
---
 kernel/events/core.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/kernel/events/core.c b/kernel/events/core.c
index 7858bafffa9d..e035545f624f 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -12033,12 +12033,12 @@ SYSCALL_DEFINE5(perf_event_open,
 	if (flags & ~PERF_FLAG_ALL)
 		return -EINVAL;
 
-	/* Do we allow access to perf_event_open(2) ? */
-	err = security_perf_event_open(&attr, PERF_SECURITY_OPEN);
+	err = perf_copy_attr(attr_uptr, &attr);
 	if (err)
 		return err;
 
-	err = perf_copy_attr(attr_uptr, &attr);
+	/* Do we allow access to perf_event_open(2) ? */
+	err = security_perf_event_open(&attr, PERF_SECURITY_OPEN);
 	if (err)
 		return err;
 
-- 
2.36.1.255.ge46751e96f-goog

On Thu, Jun 02, 2022 at 03:47:54PM -0700, Namhyung Kim wrote:
> It passes the attr struct to the security_perf_event_open() but it's
> not initialized yet.
> 
> Fixes: da97e18458fb ("perf_event: Add support for LSM and SELinux checks")
> Cc: Joel Fernandes (Google) <joel@joelfernandes.org>
> Signed-off-by: Namhyung Kim <namhyung@kernel.org>
> ---
>  kernel/events/core.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/kernel/events/core.c b/kernel/events/core.c
> index 7858bafffa9d..e035545f624f 100644
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -12033,12 +12033,12 @@ SYSCALL_DEFINE5(perf_event_open,
>  	if (flags & ~PERF_FLAG_ALL)
>  		return -EINVAL;
>  
> -	/* Do we allow access to perf_event_open(2) ? */
> -	err = security_perf_event_open(&attr, PERF_SECURITY_OPEN);
> +	err = perf_copy_attr(attr_uptr, &attr);
>  	if (err)
>  		return err;
>  
> -	err = perf_copy_attr(attr_uptr, &attr);
> +	/* Do we allow access to perf_event_open(2) ? */
> +	err = security_perf_event_open(&attr, PERF_SECURITY_OPEN);

Reviewed-by: Joel Fernandes (Google) <joel@joelfernandes.org>

thanks,

 - Joel



>  	if (err)
>  		return err;
>  
> -- 
> 2.36.1.255.ge46751e96f-goog
>

Hi Peter,

On Fri, Jun 3, 2022 at 8:05 AM Joel Fernandes <joel@joelfernandes.org> wrote:
>
> On Thu, Jun 02, 2022 at 03:47:54PM -0700, Namhyung Kim wrote:
> > It passes the attr struct to the security_perf_event_open() but it's
> > not initialized yet.
> >
> > Fixes: da97e18458fb ("perf_event: Add support for LSM and SELinux checks")
> > Cc: Joel Fernandes (Google) <joel@joelfernandes.org>
> > Signed-off-by: Namhyung Kim <namhyung@kernel.org>
> > ---
> >  kernel/events/core.c | 6 +++---
> >  1 file changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/kernel/events/core.c b/kernel/events/core.c
> > index 7858bafffa9d..e035545f624f 100644
> > --- a/kernel/events/core.c
> > +++ b/kernel/events/core.c
> > @@ -12033,12 +12033,12 @@ SYSCALL_DEFINE5(perf_event_open,
> >       if (flags & ~PERF_FLAG_ALL)
> >               return -EINVAL;
> >
> > -     /* Do we allow access to perf_event_open(2) ? */
> > -     err = security_perf_event_open(&attr, PERF_SECURITY_OPEN);
> > +     err = perf_copy_attr(attr_uptr, &attr);
> >       if (err)
> >               return err;
> >
> > -     err = perf_copy_attr(attr_uptr, &attr);
> > +     /* Do we allow access to perf_event_open(2) ? */
> > +     err = security_perf_event_open(&attr, PERF_SECURITY_OPEN);
>
> Reviewed-by: Joel Fernandes (Google) <joel@joelfernandes.org>

Any chance you can pick this up?

Thanks,
Namhyung