From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756836Ab3H3QGL (ORCPT ); Fri, 30 Aug 2013 12:06:11 -0400 Received: from mail-wi0-f182.google.com ([209.85.212.182]:48691 "EHLO mail-wi0-f182.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756309Ab3H3QGK (ORCPT ); Fri, 30 Aug 2013 12:06:10 -0400 Date: Fri, 30 Aug 2013 18:06:04 +0200 From: Frederic Weisbecker To: Peter Zijlstra Cc: Steven Rostedt , Dave Jones , paulmck@linux.vnet.ibm.com, Linux Kernel , Ingo Molnar , Jiri Olsa Subject: Re: suspicious RCU usage (perf) Message-ID: <20130830160602.GC10875@somewhere> References: <20130826145838.GA8377@redhat.com> <20130826162928.GQ3871@linux.vnet.ibm.com> <20130826133041.3d750b1b@gandalf.local.home> <20130826175012.GA25202@redhat.com> <20130826141814.54dcaa89@gandalf.local.home> <20130826182907.GB25202@redhat.com> <20130826150304.090a1025@gandalf.local.home> <20130827121629.GE10002@twins.programming.kicks-ass.net> <20130830155242.GB10875@somewhere> <20130830155936.GT31370@twins.programming.kicks-ass.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20130830155936.GT31370@twins.programming.kicks-ass.net> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Aug 30, 2013 at 05:59:36PM +0200, Peter Zijlstra wrote: > On Fri, Aug 30, 2013 at 05:52:43PM +0200, Frederic Weisbecker wrote: > > On Tue, Aug 27, 2013 at 02:16:29PM +0200, Peter Zijlstra wrote: > > > On Mon, Aug 26, 2013 at 03:03:04PM -0400, Steven Rostedt wrote: > > > > > Is there some path through sys_perf_open_event that might be > > > > > missing a capability check perhaps ? > > > > > > > > > > > > > That's a question for Ingo, Peter or Jiri. > > > > > > Its not something I've looked at recently, git blames Jiri and fweisbec > > > for most of that code. > > > > > > Permission checks appear to live in > > > kernel/trace/trace_event_perf.c:perf_trace_event_perm(). > > > > Actually the following condition is weird: > > > > /* The ftrace function trace is allowed only for root. */ > > if (ftrace_event_is_function(tp_event) && > > perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN)) > > return -EPERM; > > > > That says: If its its a function-event and we're paranoid but we don't > have root, bail. Right, I misunderstood and thought we messed up general tracepoint permissions with function events. > > > We probably intended to do: > > > > /* The ftrace function trace is allowed only for root. */ > > if (ftrace_event_is_function(tp_event) || > > perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN)) > > return -EPERM; > > > > Can somebody confirm? > > That would always disallow function-events, no? Yeah, sorry, returning from holidays require more dense coffee.