On Mon, Dec 7, 2020 at 1:10 AM Peter Zijlstra <pet...@infradead.org> wrote: > > > PeterZ, is there something I'm missing? > > Like this? > > > https://lkml.kernel.org/r/20200828123720.gz1362...@hirez.programming.kicks-ass.net
Yes, except I think you should remove the old ptrace_may_access() check. Because otherwise we'll just end up having KCSAN complain about the unlocked optimistic accesses or something like that. So do the perfmon_capable() check early - it doesn't need the exec_update_mutex - and then just do the ptrace_may_access() one late. I don't see any point at all in checking privileges twice, and I do see real downsides. Not just that KCSAN issue, but also lack of coverage (ie the second check will then effectively never be tested, which is bad too). Linus