On Fri, Aug 30, 2013 at 05:52:43PM +0200, Frederic Weisbecker wrote: > On Tue, Aug 27, 2013 at 02:16:29PM +0200, Peter Zijlstra wrote: > > On Mon, Aug 26, 2013 at 03:03:04PM -0400, Steven Rostedt wrote: > > > > Is there some path through sys_perf_open_event that might be > > > > missing a capability check perhaps ? > > > > > > > > > > That's a question for Ingo, Peter or Jiri. > > > > Its not something I've looked at recently, git blames Jiri and fweisbec > > for most of that code. > > > > Permission checks appear to live in > > kernel/trace/trace_event_perf.c:perf_trace_event_perm(). > > Actually the following condition is weird: > > /* The ftrace function trace is allowed only for root. */ > if (ftrace_event_is_function(tp_event) && > perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN)) > return -EPERM; >
That says: If its its a function-event and we're paranoid but we don't have root, bail. > We probably intended to do: > > /* The ftrace function trace is allowed only for root. */ > if (ftrace_event_is_function(tp_event) || > perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN)) > return -EPERM; > > Can somebody confirm? That would always disallow function-events, no? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
