From: Peter Zijlstra <a.p.zijlstra@chello.nl>
To: linux-tip-commits@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, paulus@samba.org, hpa@zytor.com,
mingo@redhat.com, a.p.zijlstra@chello.nl, tglx@linutronix.de,
cjashfor@linux.vnet.ibm.com, mingo@elte.hu
Subject: [tip:perfcounters/core] perf_counter: sysctl for system wide perf counters
Date: Thu, 9 Apr 2009 09:06:50 GMT [thread overview]
Message-ID: <tip-79bbb0bfff331422caf8a353be68c4764bc1e47f@git.kernel.org> (raw)
In-Reply-To: <20090409085524.514046352@chello.nl>
Commit-ID: 79bbb0bfff331422caf8a353be68c4764bc1e47f
Gitweb: http://git.kernel.org/tip/79bbb0bfff331422caf8a353be68c4764bc1e47f
Author: Peter Zijlstra <a.p.zijlstra@chello.nl>
AuthorDate: Thu, 9 Apr 2009 10:53:45 +0200
Committer: Ingo Molnar <mingo@elte.hu>
CommitDate: Thu, 9 Apr 2009 11:00:54 +0200
perf_counter: sysctl for system wide perf counters
Impact: add sysctl for paranoid/relaxed perfcounters policy
Allow the use of system wide perf counters to everybody, but provide
a sysctl to disable it for the paranoid security minded.
Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Corey Ashford <cjashfor@linux.vnet.ibm.com>
LKML-Reference: <20090409085524.514046352@chello.nl>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
---
include/linux/perf_counter.h | 2 ++
kernel/perf_counter.c | 4 +++-
kernel/sysctl.c | 11 +++++++++++
3 files changed, 16 insertions(+), 1 deletions(-)
diff --git a/include/linux/perf_counter.h b/include/linux/perf_counter.h
index c22363a..9814328 100644
--- a/include/linux/perf_counter.h
+++ b/include/linux/perf_counter.h
@@ -568,6 +568,8 @@ struct perf_callchain_entry {
extern struct perf_callchain_entry *perf_callchain(struct pt_regs *regs);
+extern int sysctl_perf_counter_priv;
+
#else
static inline void
perf_counter_task_sched_in(struct task_struct *task, int cpu) { }
diff --git a/kernel/perf_counter.c b/kernel/perf_counter.c
index af9fd89..a2fa5bc 100644
--- a/kernel/perf_counter.c
+++ b/kernel/perf_counter.c
@@ -42,6 +42,8 @@ static atomic_t nr_mmap_tracking __read_mostly;
static atomic_t nr_munmap_tracking __read_mostly;
static atomic_t nr_comm_tracking __read_mostly;
+int sysctl_perf_counter_priv __read_mostly; /* do we need to be privileged */
+
/*
* Mutex for (sysadmin-configurable) counter reservations:
*/
@@ -1132,7 +1134,7 @@ static struct perf_counter_context *find_get_context(pid_t pid, int cpu)
*/
if (cpu != -1) {
/* Must be root to operate on a CPU counter: */
- if (!capable(CAP_SYS_ADMIN))
+ if (sysctl_perf_counter_priv && !capable(CAP_SYS_ADMIN))
return ERR_PTR(-EACCES);
if (cpu < 0 || cpu > num_possible_cpus())
diff --git a/kernel/sysctl.c b/kernel/sysctl.c
index 4286b62..8ba4578 100644
--- a/kernel/sysctl.c
+++ b/kernel/sysctl.c
@@ -49,6 +49,7 @@
#include <linux/reboot.h>
#include <linux/ftrace.h>
#include <linux/slow-work.h>
+#include <linux/perf_counter.h>
#include <asm/uaccess.h>
#include <asm/processor.h>
@@ -920,6 +921,16 @@ static struct ctl_table kern_table[] = {
.child = slow_work_sysctls,
},
#endif
+#ifdef CONFIG_PERF_COUNTERS
+ {
+ .ctl_name = CTL_UNNUMBERED,
+ .procname = "perf_counter_privileged",
+ .data = &sysctl_perf_counter_priv,
+ .maxlen = sizeof(sysctl_perf_counter_priv),
+ .mode = 0644,
+ .proc_handler = &proc_dointvec,
+ },
+#endif
/*
* NOTE: do not add new entries to this table unless you have read
* Documentation/sysctl/ctl_unnumbered.txt
next prev parent reply other threads:[~2009-04-09 9:07 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-04-09 8:53 [PATCH 0/4] perf_counter: fixes and an optimization Peter Zijlstra
2009-04-09 8:53 ` [PATCH 1/4] perf_counter: fix off-by-one on the string lengths Peter Zijlstra
2009-04-09 8:53 ` [PATCH 2/4] perf_counter: optimize mmap/comm tracking Peter Zijlstra
2009-04-09 9:06 ` [tip:perfcounters/core] " Peter Zijlstra
2009-04-09 9:16 ` [PATCH 2/4] " Ingo Molnar
2009-04-09 9:28 ` Peter Zijlstra
2009-04-09 9:54 ` [tip:perfcounters/core] " Peter Zijlstra
2009-04-09 8:53 ` [PATCH 3/4] perf_counter: sysctl for system wide perf counters Peter Zijlstra
2009-04-09 9:06 ` Peter Zijlstra [this message]
2009-04-09 9:54 ` [tip:perfcounters/core] " Peter Zijlstra
2009-04-09 8:53 ` [PATCH 4/4] perf_counter: log full path names Peter Zijlstra
2009-04-09 9:07 ` [tip:perfcounters/core] " Peter Zijlstra
2009-04-09 9:54 ` Peter Zijlstra
2009-04-09 9:03 ` [PATCH 0/4] perf_counter: fixes and an optimization Ingo Molnar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=tip-79bbb0bfff331422caf8a353be68c4764bc1e47f@git.kernel.org \
--to=a.p.zijlstra@chello.nl \
--cc=cjashfor@linux.vnet.ibm.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-tip-commits@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=mingo@redhat.com \
--cc=paulus@samba.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox