perf/x86: Check data address for IBS software filter (65a99264) · Commits · CodeLinaro / aic / kernel · GitLab

Snippets Groups Projects

Commit 65a99264 authored 4 weeks ago by Namhyung Kim Committed by Ingo Molnar 4 weeks ago

perf/x86: Check data address for IBS software filter


The IBS software filter is filtering kernel samples for regular users in
the PMI handler.  It checks the instruction address in the IBS register to
determine if it was in kernel mode or not.

But it turns out that it's possible to report a kernel data address even
if the instruction address belongs to user-space.  Matteo Rizzo
found that when an instruction raises an exception, IBS can report some
kernel data addresses like IDT while holding the faulting instruction's
RIP.  To prevent an information leak, it should double check if the data
address in PERF_SAMPLE_DATA is in the kernel space as well.

[ mingo: Clarified the changelog ]

Suggested-by: Matteo Rizzo <matteorizzo@google.com>
Signed-off-by: Namhyung Kim <namhyung@kernel.org>
Signed-off-by: Ingo Molnar <mingo@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Link: https://lore.kernel.org/r/20250317163755.1842589-1-namhyung@kernel.org

parent 4701f33a

No related branches found

No related tags found

No related merge requests found

Hide whitespace changes

Inline Side-by-side

Showing with 6 additions and 4 deletions

CodeLinaro @codelinaro
mentioned in commit clo/filesystems/fs/external/ext4@50a53b60
· 2 days ago

mentioned in commit clo/filesystems/fs/external/ext4@50a53b60

mentioned in commit clo/filesystems/fs/external/ext4@50a53b60e141d7e31368a87e222e4dd5597bd4ae

Toggle commit list

Please register or to comment