Re: [PATCH v2 1/1] perf tools: Check access permission when reading /proc/kcore file.

From: Li Zhang
Date: Wed Jun 17 2015 - 23:32:22 EST


On 2015å06æ17æ 14:09, Sukadev Bhattiprolu wrote:
Li Zhang [zhlcindy@xxxxxxxxxxxxxxxxxx] wrote:
| When using command perf report --kallsyms=/proc/kallsyms with a non-root
| user, symbols are resolved. Then select one symbol and annotate it, it
| reports the error as the following:
| Can't annotate __clear_user: No vmlinux file with build id xxx was
| found.
|
| The problem is caused by reading /proc/kcore without access permission.
| It needs to change access permission to allow a specific user to read
| /proc/kcore or use root to execute the perf command.
|
| This patch is to check access permission when reading kcore file.
|
| Signed-off-by: Li Zhang <zhlcindy@xxxxxxxxxxxxxxxxxx>
| ---
| v2 -> v1:
| * Report one useful message to users about the access permision,
| then go back to the tools. Suggested by Arnaldo Carvalho de Melo.
|
| tools/perf/util/symbol.c | 4 ++++
| 1 file changed, 4 insertions(+)
|
| diff --git a/tools/perf/util/symbol.c b/tools/perf/util/symbol.c
| index 201f6c4c..1bcd8dc 100644
| --- a/tools/perf/util/symbol.c
| +++ b/tools/perf/util/symbol.c
| @@ -1125,6 +1125,10 @@ static int dso__load_kcore(struct dso *dso, struct map *map,
| md.type = map->type;
| INIT_LIST_HEAD(&md.maps);
|
| + if (access(kcore_filename, R_OK))
| + ui__warning("Insufficient permission to access %s.\n",
| + kcore_filename);
| +

Couple of comments.

For consistency with rest of the file, use pr_warning() or pr_err().

ui_warning can report the message to users directly when this program is running.
But if we considered the consistency, pr_warning or pr_err should be better.
And users can get this message by trying another time.


Also, we could drop the access() call and report the error when open()
fails below?

I think we can drop this access. But /proc/kcore also require the process with CAP_SYS_RAWIO
capability. Even if chown this file, access report right result, but open still fails.


| fd = open(kcore_filename, O_RDONLY);
| if (fd < 0)
| return -EINVAL;

Further, if user specifies the file with --kallsyms and we are not
able to read it, we should treat it as a fatal error and exit - this
would be easer when parsing command line args.
I have another patch which checks this files. I will merge it to this patch.


If user did not specify the option and we are proactively trying to
use /proc/kcore, we should not treat errors as fatal? i.e report
a warning message and continue without symbols?

In the current program, even if open fails, the program still continue to run.
Is it helpful for users to get the address without symbols?


| --
| 2.1.0

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



--

Li Zhang
IBM China Linux Technology Centre

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/