From: Pawel Moll <pawel.moll-5wv7dgnIgG8@public.gmane.org>
To: Ingo Molnar <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
Cc: Ingo Molnar <mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
Arnaldo Carvalho de Melo
<acme-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Richard Cochran
<richardcochran-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Steven Rostedt <rostedt-nx8X9YLhiw1AfugRpC6u6w@public.gmane.org>,
Peter Zijlstra <peterz-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
Paul Mackerras <paulus-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>,
John Stultz <john.stultz-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org>,
"linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
<linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
Subject: Re: [PATCH 2/2] perf: Userspace software event and ioctl
Date: Fri, 26 Sep 2014 11:48:07 +0100 [thread overview]
Message-ID: <1411728487.3852.9.camel@hornet> (raw)
In-Reply-To: <20140925183342.GB6854-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
On Thu, 2014-09-25 at 19:33 +0100, Ingo Molnar wrote:
> > How would we select tasks that can write to a given buffer? Maybe an
> > ioctl() on a perf fd? Something like this?
> >
> > ioctl(perf_fd, PERF_EVENT_IOC_ENABLE_UEVENT, pid);
> > ioctl(perf_fd, PERF_EVENT_IOC_DISABLE_UEVENT, pid);
>
> No, I think there's a simpler way: this should be a regular
> perf_attr flag, which defaults to '0' (tasks cannot do this), but
> which can be set to 1 if the profiler explicitly allows such
> event injection.
As in: allows *all* tasks to inject the data? Are you sure we don't want
more fine-grained control, in particular per task?
If we have two buffers, both created with the "injecting allowed" flag,
do we inject a given uevent into both of them?
> I.e. whether user-events are allowed is controlled by the
> profiling/tracing context, via the regular perf syscall. It would
> propagate into the perf context, so it would be easy to check at
> event generation time.
It would definitely be the profiling/tracing tools that would decide if
the injection is allowed, no question about that. I just feel that it
should be able to select the tasks that can do that, not just flip a big
switch saying "everyone is welcome". Other question is: should a
non-root context be able to receive events from root processes? Wouldn't
it be a security hole (for example, it could be used as a kind of covert
channel)? Maybe we should do what ptrace does? As in: if a task can
ptrace another task, it can also receive uevents from it.
Pawel
WARNING: multiple messages have this Message-ID (diff)
From: Pawel Moll <pawel.moll@arm.com>
To: Ingo Molnar <mingo@kernel.org>
Cc: Ingo Molnar <mingo@redhat.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
Richard Cochran <richardcochran@gmail.com>,
Steven Rostedt <rostedt@goodmis.org>,
Peter Zijlstra <peterz@infradead.org>,
Paul Mackerras <paulus@samba.org>,
John Stultz <john.stultz@linaro.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-api@vger.kernel.org" <linux-api@vger.kernel.org>
Subject: Re: [PATCH 2/2] perf: Userspace software event and ioctl
Date: Fri, 26 Sep 2014 11:48:07 +0100 [thread overview]
Message-ID: <1411728487.3852.9.camel@hornet> (raw)
In-Reply-To: <20140925183342.GB6854@gmail.com>
On Thu, 2014-09-25 at 19:33 +0100, Ingo Molnar wrote:
> > How would we select tasks that can write to a given buffer? Maybe an
> > ioctl() on a perf fd? Something like this?
> >
> > ioctl(perf_fd, PERF_EVENT_IOC_ENABLE_UEVENT, pid);
> > ioctl(perf_fd, PERF_EVENT_IOC_DISABLE_UEVENT, pid);
>
> No, I think there's a simpler way: this should be a regular
> perf_attr flag, which defaults to '0' (tasks cannot do this), but
> which can be set to 1 if the profiler explicitly allows such
> event injection.
As in: allows *all* tasks to inject the data? Are you sure we don't want
more fine-grained control, in particular per task?
If we have two buffers, both created with the "injecting allowed" flag,
do we inject a given uevent into both of them?
> I.e. whether user-events are allowed is controlled by the
> profiling/tracing context, via the regular perf syscall. It would
> propagate into the perf context, so it would be easy to check at
> event generation time.
It would definitely be the profiling/tracing tools that would decide if
the injection is allowed, no question about that. I just feel that it
should be able to select the tasks that can do that, not just flip a big
switch saying "everyone is welcome". Other question is: should a
non-root context be able to receive events from root processes? Wouldn't
it be a security hole (for example, it could be used as a kind of covert
channel)? Maybe we should do what ptrace does? As in: if a task can
ptrace another task, it can also receive uevents from it.
Pawel
next prev parent reply other threads:[~2014-09-26 10:48 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-18 14:34 [PATCH 0/2] perf: User/kernel time correlation and event generation Pawel Moll
2014-09-18 14:34 ` [PATCH 1/2] perf: Add sampling of the raw monotonic clock Pawel Moll
[not found] ` <1411050873-9310-2-git-send-email-pawel.moll-5wv7dgnIgG8@public.gmane.org>
2014-09-29 15:28 ` Peter Zijlstra
2014-09-29 15:28 ` Peter Zijlstra
[not found] ` <20140929152832.GL4140-IIpfhp3q70z/8w/KjCw3T+5/BudmfyzbbVWyRVo5IupeoWH0uzbU5w@public.gmane.org>
2014-09-29 15:45 ` Pawel Moll
2014-09-29 15:45 ` Pawel Moll
2014-09-18 14:34 ` [PATCH 2/2] perf: Userspace software event and ioctl Pawel Moll
2014-09-23 17:02 ` Pawel Moll
2014-09-24 7:49 ` Ingo Molnar
2014-09-24 7:49 ` Ingo Molnar
[not found] ` <20140924074942.GB3797-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2014-09-25 17:20 ` Pawel Moll
2014-09-25 17:20 ` Pawel Moll
2014-09-25 18:33 ` Ingo Molnar
[not found] ` <20140925183342.GB6854-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2014-09-26 10:48 ` Pawel Moll [this message]
2014-09-26 10:48 ` Pawel Moll
2014-09-26 11:23 ` Ingo Molnar
2014-09-26 11:23 ` Ingo Molnar
[not found] ` <20140926112312.GB9870-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2014-09-26 11:26 ` Pawel Moll
2014-09-26 11:26 ` Pawel Moll
2014-09-26 11:31 ` Ingo Molnar
2014-09-26 11:31 ` Ingo Molnar
2014-09-27 17:14 ` Frederic Weisbecker
[not found] ` <CAFTL4hy1d8twv2tGxc4EhCeDm7ApnH7SuK26W1yaekKhCrPMZA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2014-09-29 14:52 ` Pawel Moll
2014-09-29 14:52 ` Pawel Moll
2014-09-29 15:32 ` Peter Zijlstra
[not found] ` <20140929153257.GM4140-IIpfhp3q70z/8w/KjCw3T+5/BudmfyzbbVWyRVo5IupeoWH0uzbU5w@public.gmane.org>
2014-09-29 15:53 ` Pawel Moll
2014-09-29 15:53 ` Pawel Moll
2014-11-03 14:48 ` Tomeu Vizoso
2014-11-03 15:04 ` Pawel Moll
[not found] ` <1411050873-9310-1-git-send-email-pawel.moll-5wv7dgnIgG8@public.gmane.org>
2014-09-18 15:02 ` [PATCH 0/2] perf: User/kernel time correlation and event generation Christopher Covington
2014-09-18 15:02 ` Christopher Covington
[not found] ` <541AF40B.7070604-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
2014-09-18 15:07 ` Pawel Moll
2014-09-18 15:07 ` Pawel Moll
2014-09-18 15:48 ` Christopher Covington
2014-09-18 15:48 ` Christopher Covington
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1411728487.3852.9.camel@hornet \
--to=pawel.moll-5wv7dgnigg8@public.gmane.org \
--cc=acme-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=john.stultz-QSEj5FYQhm4dnm+yROfE0A@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org \
--cc=mingo-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=paulus-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org \
--cc=peterz-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
--cc=richardcochran-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=rostedt-nx8X9YLhiw1AfugRpC6u6w@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.