perf: Fix software event overflow, CVE-2011-2918

[linux-flexiantxendom0-natty.git] / kernel / perf_event.c

diff --git a/kernel/perf_event.c b/kernel/perf_event.c
index ad02fea..478ec5d 100644 (file)
--- a/kernel/perf_event.c
+++ b/kernel/perf_event.c
@@ -62,7 +62,8 @@ static struct srcu_struct pmus_srcu;
  */
 int sysctl_perf_event_paranoid __read_mostly = 1;
 
-int sysctl_perf_event_mlock __read_mostly = 512; /* 'free' kb per user */
+/* Minimum for 512 kiB + 1 user control page */
+int sysctl_perf_event_mlock __read_mostly = 512 + (PAGE_SIZE / 1024); /* 'free' kiB per user */
 
 /*
  * max perf event sample rate
@@ -4446,11 +4447,8 @@ static int __perf_event_overflow(struct perf_event *event, int nmi,
        if (events && atomic_dec_and_test(&event->event_limit)) {
                ret = 1;
                event->pending_kill = POLL_HUP;
-               if (nmi) {
-                       event->pending_disable = 1;
-                       irq_work_queue(&event->pending);
-               } else
-                       perf_event_disable(event);
+               event->pending_disable = 1;
+               irq_work_queue(&event->pending);
        }
 
        if (event->overflow_handler)
@@ -5916,6 +5914,11 @@ SYSCALL_DEFINE5(perf_event_open,
                goto err_alloc;
        }
 
+       if (task) {
+               put_task_struct(task);
+               task = NULL;
+       }
+
        /*
         * Look up the group leader (we will attach this event to it):
         */