simpleperf: Remove kernel ip addresses when not running as root
It is to avoid leaking KASLR info on user devices.
Bug: 390626125
Test: run simpleperf_unit_test
Change-Id: Id67e1cbcafcd0f6706774904a6339679f4a888e9
diff --git a/simpleperf/cmd_record.cpp b/simpleperf/cmd_record.cpp
index de4b857..3c46a98 100644
--- a/simpleperf/cmd_record.cpp
+++ b/simpleperf/cmd_record.cpp
@@ -592,6 +592,12 @@
// 3. Process options before opening perf event files.
exclude_kernel_callchain_ = event_selection_set_.ExcludeKernel();
+#if defined(__ANDROID__)
+ // Enforce removing kernel IP addresses to prevent KASLR disclosure.
+ if (!IsRoot()) {
+ exclude_kernel_callchain_ = true;
+ }
+#endif // defined(__ANDROID__)
if (trace_offcpu_ && !TraceOffCpu()) {
return false;
}
diff --git a/simpleperf/cmd_record_test.cpp b/simpleperf/cmd_record_test.cpp
index 924bbcf..062c868 100644
--- a/simpleperf/cmd_record_test.cpp
+++ b/simpleperf/cmd_record_test.cpp
@@ -732,7 +732,7 @@
// kernels. If it fails, please cherry pick below kernel patch:
// 02e184476eff8 perf/core: Force USER_DS when recording user stack data
OMIT_TEST_ON_NON_NATIVE_ABIS();
- TEST_REQUIRE_HOST_ROOT();
+ TEST_REQUIRE_ROOT();
TEST_REQUIRE_TRACEPOINT_EVENTS();
std::vector<std::unique_ptr<Workload>> workloads;
CreateProcesses(1, &workloads);
@@ -859,6 +859,18 @@
it = meta_info.find("app_type");
ASSERT_NE(it, meta_info.end());
ASSERT_EQ(it->second, app_type);
+
+ // Check that we are not leaking kernel ip addresses.
+ auto process_record = [](std::unique_ptr<Record> r) {
+ if (r->type() == PERF_RECORD_SAMPLE) {
+ const SampleRecord* sr = static_cast<const SampleRecord*>(r.get());
+ if (sr->InKernel()) {
+ return false;
+ }
+ }
+ return true;
+ };
+ ASSERT_TRUE(reader->ReadDataSection(process_record));
reader.reset(nullptr);
// Check that simpleperf can't execute child command in app uid.
diff --git a/simpleperf/record.cpp b/simpleperf/record.cpp
index 2685f37..5c704be 100644
--- a/simpleperf/record.cpp
+++ b/simpleperf/record.cpp
@@ -734,7 +734,7 @@
bool SampleRecord::ExcludeKernelCallChain() {
if (!(sample_type & PERF_SAMPLE_CALLCHAIN)) {
- return true;
+ return false;
}
size_t i;
for (i = 0; i < callchain_data.ip_nr; ++i) {
diff --git a/simpleperf/record_test.cpp b/simpleperf/record_test.cpp
index 9624dfd..e391cab 100644
--- a/simpleperf/record_test.cpp
+++ b/simpleperf/record_test.cpp
@@ -66,7 +66,7 @@
// @CddTest = 6.1/C-0-2
TEST_F(RecordTest, SampleRecord_exclude_kernel_callchain) {
SampleRecord r(event_attr, 0, 1, 0, 0, 0, 0, 0, {}, {}, {}, 0);
- ASSERT_TRUE(r.ExcludeKernelCallChain());
+ ASSERT_FALSE(r.ExcludeKernelCallChain());
event_attr.sample_type |= PERF_SAMPLE_CALLCHAIN;
SampleRecord r1(event_attr, 0, 1, 0, 0, 0, 0, 0, {}, {PERF_CONTEXT_USER, 2}, {}, 0);
