From patchwork Mon Jan 20 11:26:04 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexey Budankov X-Patchwork-Id: 1225891 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from lists.ozlabs.org (lists.ozlabs.org [203.11.71.2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 481V4m5x2Vz9sRp for ; Mon, 20 Jan 2020 22:36:56 +1100 (AEDT) Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.intel.com Received: from lists.ozlabs.org (lists.ozlabs.org [IPv6:2401:3900:2:1::3]) by lists.ozlabs.org (Postfix) with ESMTP id 481V4m4b6KzDqZB for ; Mon, 20 Jan 2020 22:36:56 +1100 (AEDT) X-Original-To: linuxppc-dev@lists.ozlabs.org Delivered-To: linuxppc-dev@lists.ozlabs.org Authentication-Results: lists.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=linux.intel.com (client-ip=192.55.52.88; helo=mga01.intel.com; envelope-from=alexey.budankov@linux.intel.com; receiver=) Authentication-Results: lists.ozlabs.org; dmarc=none (p=none dis=none) header.from=linux.intel.com Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 481TrS6ZbjzDqbm for ; Mon, 20 Jan 2020 22:26:16 +1100 (AEDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Jan 2020 03:26:14 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.70,341,1574150400"; d="scan'208";a="227028367" Received: from linux.intel.com ([10.54.29.200]) by orsmga003.jf.intel.com with ESMTP; 20 Jan 2020 03:26:13 -0800 Received: from [10.125.252.193] (abudanko-mobl.ccr.corp.intel.com [10.125.252.193]) by linux.intel.com (Postfix) with ESMTP id 87DDE5802C1; Mon, 20 Jan 2020 03:26:05 -0800 (PST) Subject: [PATCH v5 03/10] perf/core: open access to anon probes for CAP_PERFMON privileged process From: Alexey Budankov To: Peter Zijlstra , Arnaldo Carvalho de Melo , Ingo Molnar , "jani.nikula@linux.intel.com" , "joonas.lahtinen@linux.intel.com" , "rodrigo.vivi@intel.com" , "benh@kernel.crashing.org" , Paul Mackerras , Michael Ellerman , "james.bottomley@hansenpartnership.com" , Serge Hallyn , James Morris , Will Deacon , Mark Rutland , Robert Richter , Alexei Starovoitov References: <0548c832-7f4b-dc4c-8883-3f2b6d351a08@linux.intel.com> Organization: Intel Corp. Message-ID: <750f7e60-3b7c-f2e7-fd33-bddbfea5ff57@linux.intel.com> Date: Mon, 20 Jan 2020 14:26:04 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 MIME-Version: 1.0 In-Reply-To: <0548c832-7f4b-dc4c-8883-3f2b6d351a08@linux.intel.com> Content-Language: en-US X-BeenThere: linuxppc-dev@lists.ozlabs.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Linux on PowerPC Developers Mail List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Song Liu , Andi Kleen , "linux-parisc@vger.kernel.org" , Alexander Shishkin , "linuxppc-dev@lists.ozlabs.org" , "intel-gfx@lists.freedesktop.org" , Igor Lubashev , linux-kernel , Stephane Eranian , "linux-perf-users@vger.kernel.org" , "selinux@vger.kernel.org" , "linux-security-module@vger.kernel.org" , oprofile-list@lists.sf.net, Lionel Landwerlin , Namhyung Kim , Thomas Gleixner , Jiri Olsa , linux-arm-kernel@lists.infradead.org Errors-To: linuxppc-dev-bounces+patchwork-incoming=ozlabs.org@lists.ozlabs.org Sender: "Linuxppc-dev" Open access to anon kprobes, uprobes and eBPF tracing for CAP_PERFMON privileged processes. For backward compatibility reasons access remains open for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for secure monitoring is discouraged with respect to CAP_PERFMON capability. Providing the access under CAP_PERFMON capability singly, without the rest of CAP_SYS_ADMIN credentials, excludes chances to misuse the credentials and makes operations more secure. Anon kprobes and uprobes are used by ftrace and eBPF. perf probe uses ftrace to define new kprobe events, and those events are treated as tracepoint events. eBPF defines new probes via perf_event_open syscall and then the probes are used in eBPF tracing. Signed-off-by: Alexey Budankov --- kernel/events/core.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kernel/events/core.c b/kernel/events/core.c index b1fcbbe24849..8a6c0b08451d 100644 --- a/kernel/events/core.c +++ b/kernel/events/core.c @@ -9088,7 +9088,7 @@ static int perf_kprobe_event_init(struct perf_event *event) if (event->attr.type != perf_kprobe.type) return -ENOENT; - if (!capable(CAP_SYS_ADMIN)) + if (!perfmon_capable()) return -EACCES; /* @@ -9148,7 +9148,7 @@ static int perf_uprobe_event_init(struct perf_event *event) if (event->attr.type != perf_uprobe.type) return -ENOENT; - if (!capable(CAP_SYS_ADMIN)) + if (!perfmon_capable()) return -EACCES; /*