mbox series

[v3,0/3] admin-guide: extend perf-security with resource control, data categories and privileged users

Message ID 784bbe0d-56c1-bd63-1879-b7db988e40c0@linux.intel.com (mailing list archive)
Headers show
Series admin-guide: extend perf-security with resource control, data categories and privileged users | expand

Message

Alexey Budankov Feb. 11, 2019, 1:32 p.m. UTC
The patch set extends the first version of perf-security.rst documentation
file [1], [2], [3] with the following topics:

1) perf_events/Perf resource limits and control management that describes
   RLIMIT_NOFILE and perf_event_mlock_kb settings for processes conducting
   performance monitoring;

2) categories of system and performance data that can be captured by
   perf_events/Perf with explicit designation of process sensitive data;

3) possible steps to create perf_event/Perf privileged users groups for 
   the current implementations of perf_events syscall API [4] and Perf tool;

---
Alexey Budankov (4):
  perf-security: document perf_events/Perf resource control
  perf-security: document collected perf_events/Perf data categories
  perf-security: elaborate on perf_events/Perf privileged users
  perf-security: wrap paragraphs on 72 columns

 Documentation/admin-guide/perf-security.rst | 253 +++++++++++++++-----
 1 file changed, 193 insertions(+), 60 deletions(-)

---
Changes in v3:
- added two more paragraphs on open fds and memory allocation
- applied comments and corrected typos

Changes in v2:
- addressed comments for v1
- added fourth patch implementing 72 columns paragraph width

---
[1] https://marc.info/?l=linux-kernel&m=153736008310781&w=2
[2] https://lkml.org/lkml/2018/5/21/156
[3] https://lkml.org/lkml/2018/11/27/604
[4] http://man7.org/linux/man-pages/man2/perf_event_open.2.html

Comments

Jonathan Corbet Feb. 17, 2019, 11:14 p.m. UTC | #1
On Mon, 11 Feb 2019 16:32:33 +0300
Alexey Budankov <alexey.budankov@linux.intel.com> wrote:

> The patch set extends the first version of perf-security.rst documentation
> file [1], [2], [3] with the following topics:
> 
> 1) perf_events/Perf resource limits and control management that describes
>    RLIMIT_NOFILE and perf_event_mlock_kb settings for processes conducting
>    performance monitoring;
> 
> 2) categories of system and performance data that can be captured by
>    perf_events/Perf with explicit designation of process sensitive data;
> 
> 3) possible steps to create perf_event/Perf privileged users groups for 
>    the current implementations of perf_events syscall API [4] and Perf tool;

I've applied the set, thanks.

jon
Alexey Budankov Feb. 18, 2019, 8:56 a.m. UTC | #2
On 18.02.2019 2:14, Jonathan Corbet wrote:
> On Mon, 11 Feb 2019 16:32:33 +0300
> Alexey Budankov <alexey.budankov@linux.intel.com> wrote:
> 
>> The patch set extends the first version of perf-security.rst documentation
>> file [1], [2], [3] with the following topics:
>>
>> 1) perf_events/Perf resource limits and control management that describes
>>    RLIMIT_NOFILE and perf_event_mlock_kb settings for processes conducting
>>    performance monitoring;
>>
>> 2) categories of system and performance data that can be captured by
>>    perf_events/Perf with explicit designation of process sensitive data;
>>
>> 3) possible steps to create perf_event/Perf privileged users groups for 
>>    the current implementations of perf_events syscall API [4] and Perf tool;
> 
> I've applied the set, thanks.

Thanks a lot Jon!

~Alexey

> 
> jon
>