Hello,
On 02.10.2018 9:40, Thomas Gleixner wrote: <SNIP> > > Not only the user group, it really should do the full security checks which > are done on open(). I expect it is already implemented by some internal kernel API so that it could be reused. > >> b) then traditional checks against perf_event_pranoid content are applied; > > Hmm, not sure about that because that might be conflicting. Well, possible contradictions could be converged to some reasonable point during technical review stage. Current perf_event_paranoid semantics is still required for PMUs that are governed by global setting at /proc/sys/kernel/perf_event_paranoid. <SNIP> >> 4. Documentation/admin-guide/perf-security.rst file is introduced that: > > 0) Better documentation of /proc/sys/kernel/perf_even_paranoid Exactly. perf_event_open man7 [1] requires update as well, however this is not a part of kernel source tree so these docs changes are to be mailed TO: mtk.manpa...@gmail.com and CC: linux-...@vger.kernel.org. Thanks, Alexey [1] http://man7.org/linux/man-pages/man2/perf_event_open.2.html
