From: German Gomez <german.gomez@arm.com>
To: linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, will@kernel.org,
mark.rutland@arm.com, james.clark@arm.com, leo.yan@linaro.org
Subject: Re: [RFC PATCH 2/2] perf: arm_spe: Enable CONTEXT packets in SPE traces if the profiler runs in CPU mode.
Date: Mon, 17 Jan 2022 14:04:22 +0000 [thread overview]
Message-ID: <949a8209-4efa-5c4f-8953-ddc53938706d@arm.com> (raw)
In-Reply-To: <20220117124432.3119132-3-german.gomez@arm.com>
On 17/01/2022 12:44, German Gomez wrote:
> Enable CONTEXT packets in SPE traces if the profiler runs in CPU mode.
> This is no less permissive than the existing behavior for the following
> reason:
>
> If perf_event_paranoid <= 0, then non perfmon_capable() users can open
> a per-CPU event. With a per-CPU event, unpriviledged users are allowed
> to profile _all_ processes, even ones owned by root.
>
> Without this change, users could see kernel addresses, root processes,
> etc, but not gather the PIDs of those processes. The PID is probably the
> least sensitive of all the information.
>
> It would be more idiomatic to check the perf_event_paranoid level with
> perf_allow_cpu(), but this function is not exported so cannot be used
> from a module. Looking for cpu != -1 is the indirect way of checking
> the same thing as it could never get to arm_spe_pmu_event_init() without
Reconsidering this bit (comment below)
> perf_event_paranoid <= 0.
>
> Co-authored-by: James Clark <james.clark@arm.com>
> Signed-off-by: German Gomez <german.gomez@arm.com>
> ---
> drivers/perf/arm_spe_pmu.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/perf/arm_spe_pmu.c b/drivers/perf/arm_spe_pmu.c
> index 8515bf85c..7d9a7fa4f 100644
> --- a/drivers/perf/arm_spe_pmu.c
> +++ b/drivers/perf/arm_spe_pmu.c
> @@ -711,7 +711,7 @@ static int arm_spe_pmu_event_init(struct perf_event *event)
> !(spe_pmu->features & SPE_PMU_FEAT_FILT_LAT))
> return -EOPNOTSUPP;
>
> - spe_pmu->pmscr_cx = perfmon_capable();
> + spe_pmu->pmscr_cx = perfmon_capable() || (event->cpu != -1);
The perf_event_open(2) manpage states:
pid == -1 and cpu >= 0
This measures all processes/threads on the specified CPU.
This requires CAP_PERFMON (since Linux 5.8) or
CAP_SYS_ADMIN capability or a
/proc/sys/kernel/perf_event_paranoid value of less than 1.
So perhaps it's more accurate to (still implicitly) check the paranoid level with "pid == -1 && event->cpu > 0" ?
If so, I think I have to dig deeper into perf_event. I don't immediately see the pid argument. Any hints?
Thanks,
German
> reg = arm_spe_event_to_pmscr(event);
> if (!perfmon_capable() &&
> (reg & (BIT(SYS_PMSCR_EL1_PA_SHIFT) |
next prev parent reply other threads:[~2022-01-17 14:04 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-01-17 12:44 [RFC PATCH 0/2] perf: arm_spe: Fix consistency of CONTEXT packets in SPE driver German Gomez
2022-01-17 12:44 ` [RFC PATCH 1/2] perf: arm_spe: Fix consistency of PMSCR register bit CX German Gomez
2022-01-18 10:07 ` Will Deacon
2022-01-18 14:04 ` German Gomez
2022-01-19 11:27 ` German Gomez
2022-01-18 16:28 ` James Clark
2022-02-05 15:39 ` Leo Yan
2022-02-07 12:06 ` German Gomez
2022-02-08 13:00 ` Leo Yan
2022-02-10 17:23 ` German Gomez
2022-02-11 10:45 ` Leo Yan
2022-02-15 14:29 ` German Gomez
2022-02-16 13:22 ` Leo Yan
2022-02-16 15:16 ` German Gomez
2022-01-17 12:44 ` [RFC PATCH 2/2] perf: arm_spe: Enable CONTEXT packets in SPE traces if the profiler runs in CPU mode German Gomez
2022-01-17 14:04 ` German Gomez [this message]
2022-01-18 9:52 ` Will Deacon
2022-01-18 14:13 ` German Gomez
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=949a8209-4efa-5c4f-8953-ddc53938706d@arm.com \
--to=german.gomez@arm.com \
--cc=james.clark@arm.com \
--cc=leo.yan@linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).