perf symbols: Check '/tmp/perf-' symbol file ownership
Pekka Enberg [Tue, 9 Aug 2011 19:54:18 +0000 (22:54 +0300)]
The external symbol files are generated by JIT compilers, for example, but we
need to make sure they're ours before injecting them to 'perf report'.

Requested-by: Ingo Molnar <mingo@elte.hu>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Link: http://lkml.kernel.org/r/1312919658-17158-1-git-send-email-penberg@kernel.org
Signed-off-by: Pekka Enberg <penberg@kernel.org>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>

tools/perf/util/symbol.c

index eec1963..a8b5371 100644 (file)
@@ -1504,6 +1504,17 @@ int dso__load(struct dso *dso, struct map *map, symbol_filter_t filter)
        dso->adjust_symbols = 0;
 
        if (strncmp(dso->name, "/tmp/perf-", 10) == 0) {
+               struct stat st;
+
+               if (stat(dso->name, &st) < 0)
+                       return -1;
+
+               if (st.st_uid && (st.st_uid != geteuid())) {
+                       pr_warning("File %s not owned by current user or root, "
+                               "ignoring it.\n", dso->name);
+                       return -1;
+               }
+
                ret = dso__load_perf_map(dso, map, filter);
                dso->symtab_type = ret > 0 ? SYMTAB__JAVA_JIT :
                                              SYMTAB__NOT_FOUND;