Message ID | c0a0ae47-8b6e-ff3e-416b-3cd1faaf71c0@linux.intel.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show
Return-Path: <SRS0=iVzO=5S=lists.freedesktop.org=intel-gfx-bounces@kernel.org> Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 16F1692A for <patchwork-intel-gfx@patchwork.kernel.org>; Thu, 2 Apr 2020 08:49:03 +0000 (UTC) Received: from gabe.freedesktop.org (gabe.freedesktop.org [131.252.210.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id F2F9E208FE for <patchwork-intel-gfx@patchwork.kernel.org>; Thu, 2 Apr 2020 08:49:02 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org F2F9E208FE Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=linux.intel.com Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=intel-gfx-bounces@lists.freedesktop.org Received: from gabe.freedesktop.org (localhost [127.0.0.1]) by gabe.freedesktop.org (Postfix) with ESMTP id 941836EA12; Thu, 2 Apr 2020 08:49:02 +0000 (UTC) X-Original-To: intel-gfx@lists.freedesktop.org Delivered-To: intel-gfx@lists.freedesktop.org Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by gabe.freedesktop.org (Postfix) with ESMTPS id 008066EA12 for <intel-gfx@lists.freedesktop.org>; Thu, 2 Apr 2020 08:49:01 +0000 (UTC) IronPort-SDR: ZwLYY+009I/xOtuQRDRPwHaG3Ymtqx8GnMIUuUHJkkqCOHEJ7ofgquC2Hcw+CBYGeLyQiLFw+y e3byRqOMYjAg== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 02 Apr 2020 01:49:01 -0700 IronPort-SDR: 4clKvFjPAfLVgzNHn0x2hTvGXx1liUSAeafeOQdFIRnBLl+uZAtxxeyGnJwFDTDmnB1mSWrMxd T6IRvue0134A== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,335,1580803200"; d="scan'208";a="273484844" Received: from linux.intel.com ([10.54.29.200]) by fmsmga004.fm.intel.com with ESMTP; 02 Apr 2020 01:49:00 -0700 Received: from [10.249.226.252] (abudanko-mobl.ccr.corp.intel.com [10.249.226.252]) by linux.intel.com (Postfix) with ESMTP id 12177580781; Thu, 2 Apr 2020 01:48:55 -0700 (PDT) From: Alexey Budankov <alexey.budankov@linux.intel.com> To: Peter Zijlstra <peterz@infradead.org>, Arnaldo Carvalho de Melo <acme@kernel.org>, Alexei Starovoitov <ast@kernel.org>, Ingo Molnar <mingo@redhat.com>, James Morris <jmorris@namei.org>, Namhyung Kim <namhyung@kernel.org> References: <f96f8f8a-e65c-3f36-dc85-fc3f5191e8c5@linux.intel.com> Organization: Intel Corp. Message-ID: <c0a0ae47-8b6e-ff3e-416b-3cd1faaf71c0@linux.intel.com> Date: Thu, 2 Apr 2020 11:48:54 +0300 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.6.0 MIME-Version: 1.0 In-Reply-To: <f96f8f8a-e65c-3f36-dc85-fc3f5191e8c5@linux.intel.com> Content-Language: en-US Subject: [Intel-gfx] [PATCH v8 06/12] trace/bpf_trace: open access for CAP_PERFMON privileged process X-BeenThere: intel-gfx@lists.freedesktop.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Intel graphics driver community testing & development <intel-gfx.lists.freedesktop.org> List-Unsubscribe: <https://lists.freedesktop.org/mailman/options/intel-gfx>, <mailto:intel-gfx-request@lists.freedesktop.org?subject=unsubscribe> List-Archive: <https://lists.freedesktop.org/archives/intel-gfx> List-Post: <mailto:intel-gfx@lists.freedesktop.org> List-Help: <mailto:intel-gfx-request@lists.freedesktop.org?subject=help> List-Subscribe: <https://lists.freedesktop.org/mailman/listinfo/intel-gfx>, <mailto:intel-gfx-request@lists.freedesktop.org?subject=subscribe> Cc: linux-man@vger.kernel.org, Song Liu <songliubraving@fb.com>, Andi Kleen <ak@linux.intel.com>, "linux-doc@vger.kernel.org" <linux-doc@vger.kernel.org>, "selinux@vger.kernel.org" <selinux@vger.kernel.org>, "intel-gfx@lists.freedesktop.org" <intel-gfx@lists.freedesktop.org>, Igor Lubashev <ilubashe@akamai.com>, linux-kernel <linux-kernel@vger.kernel.org>, Stephane Eranian <eranian@google.com>, "linux-security-module@vger.kernel.org" <linux-security-module@vger.kernel.org>, Thomas Gleixner <tglx@linutronix.de>, Jiri Olsa <jolsa@redhat.com>, Serge Hallyn <serge@hallyn.com> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: intel-gfx-bounces@lists.freedesktop.org Sender: "Intel-gfx" <intel-gfx-bounces@lists.freedesktop.org> |
Series |
Introduce CAP_PERFMON to secure system performance monitoring and observability
|
expand
|
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index 19e793aa441a..70e8249eebe5 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -1416,7 +1416,7 @@ int perf_event_query_prog_array(struct perf_event *event, void __user *info) u32 *ids, prog_cnt, ids_len; int ret; - if (!capable(CAP_SYS_ADMIN)) + if (!perfmon_capable()) return -EPERM; if (event->attr.type != PERF_TYPE_TRACEPOINT) return -EINVAL;