| Message ID | 1d46cc07-ced7-9a29-a9a3-3cba6ef2df21@linux.intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | Introduce CAP_SYS_PERFMON to secure system performance monitoring and observability | expand |
> On Dec 18, 2019, at 1:28 AM, Alexey Budankov <alexey.budankov@linux.intel.com> wrote: > > > Open access to bpf_trace monitoring for CAP_SYS_PERFMON privileged > processes. For backward compatibility reasons access to bpf_trace > monitoring remains open for CAP_SYS_ADMIN privileged processes but > CAP_SYS_ADMIN usage for secure bpf_trace monitoring is discouraged > with respect to CAP_SYS_PERFMON capability. > > Signed-off-by: Alexey Budankov <alexey.budankov@linux.intel.com> Acked-by: Song Liu <songliubraving@fb.com> > --- > kernel/trace/bpf_trace.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > index 44bd08f2443b..bafe21ac6d92 100644 > --- a/kernel/trace/bpf_trace.c > +++ b/kernel/trace/bpf_trace.c > @@ -1272,7 +1272,7 @@ int perf_event_query_prog_array(struct perf_event *event, void __user *info) > u32 *ids, prog_cnt, ids_len; > int ret; > > - if (!capable(CAP_SYS_ADMIN)) > + if (!perfmon_capable()) > return -EPERM; > if (event->attr.type != PERF_TYPE_TRACEPOINT) > return -EINVAL; I guess we need to fix this check for kprobe/uprobe created with perf_event_open()... Thanks, Song
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index 44bd08f2443b..bafe21ac6d92 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -1272,7 +1272,7 @@ int perf_event_query_prog_array(struct perf_event *event, void __user *info) u32 *ids, prog_cnt, ids_len; int ret; - if (!capable(CAP_SYS_ADMIN)) + if (!perfmon_capable()) return -EPERM; if (event->attr.type != PERF_TYPE_TRACEPOINT) return -EINVAL;
Open access to bpf_trace monitoring for CAP_SYS_PERFMON privileged processes. For backward compatibility reasons access to bpf_trace monitoring remains open for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for secure bpf_trace monitoring is discouraged with respect to CAP_SYS_PERFMON capability. Signed-off-by: Alexey Budankov <alexey.budankov@linux.intel.com> --- kernel/trace/bpf_trace.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)