Running perf in namespaces and questions on its isolation

Running perf in namespaces and questions on its isolation

[Hendrik Brueckner]

Hi Arnaldo, et al.,

I have just played around with running perf within a namespace. Beside an
issue with namespace copying for which I have already posted a patch, I
have a more general issue:

I created a (PID) namespace has been created by using:
"unshare --fork --pid --mount-proc /bin/bash".

Within the created PID namespace, a "perf record -a -e cpu-clock" session is
started.  While it runs, perform some commands outside of this namespace,
for example, df, find, cat.

Then, perf record is stopped and its report reads:

perf report --stdio --sort comm,pid
# To display the perf.data header info, please use --header/--header-only options.
#
#
# Total Lost Samples: 0
#
# Samples: 158K of event 'cpu-clock'
# Event count (approx.): 39529250000
#
# Overhead  Command      Pid:Command
# ........  .......  ...............
# 
    32.93%  df             0:df
    29.45%  find           0:find
    25.09%  swapper        0:swapper
    12.48%  cat            0:cat
     0.05%  perf          67:perf


According to this output, perf record receives PERF_RECORD_COMM events
of processes from outside its namespace.  The is also indicated by the
PID 0. (Processes that do not exist in a PID namespace (where perf record
ran) are translated to zero.  See also perf_event_pid() in
kernel/events/core.c).

I wonder whether this is the intended behavior or should better be fixed to
provide isolation among different namespace.  Further, with user stack
sampling, an namespace could also access stack information from processes
running in a different namespace.  That might result in an security issue.

So it would be great to know and understand what the correct behavior of
running perf within a namespace would be.

Thanks.

Kind regards,
  Hendrik