Re: [PATCH 2/2] perf/x86/intel/bts: Disallow use by unprivileged users on paranoid systems
From: Alexander Shishkin
Date: Fri Aug 28 2015 - 05:40:21 EST
Ingo Molnar <mingo@xxxxxxxxxx> writes:
> * Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx> wrote:
>> BTS leaks kernel addresses even in userspace-only mode due to imprecise IP
>> sampling, so sometimes syscall entry points or page fault handler addresses
>> end up in a userspace trace.
>> Now, intel_bts driver exports trace data zero-copy, it does not scan through
>> it to filter out the kernel addresses and it's would be a O(n) job.
>> To work around this situation, this patch forbids the use of intel_bts
>> driver by unprivileged users with paranoid setting higher than 1, which
>> forbids kernel tracing.
>> Signed-off-by: Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx>
>> arch/x86/kernel/cpu/perf_event_intel_bts.c | 10 ++++++++++
>> 1 file changed, 10 insertions(+)
>> diff --git a/arch/x86/kernel/cpu/perf_event_intel_bts.c b/arch/x86/kernel/cpu/perf_event_intel_bts.c
>> index 80df16e020..4f6daff92d 100644
>> --- a/arch/x86/kernel/cpu/perf_event_intel_bts.c
>> +++ b/arch/x86/kernel/cpu/perf_event_intel_bts.c
>> @@ -495,6 +495,16 @@ static int bts_event_init(struct perf_event *event)
>> if (x86_add_exclusive(x86_lbr_exclusive_bts))
>> return -EBUSY;
>> + /*
>> + * BTS leaks kernel addresses even when CPL0 tracing is
>> + * disabled, so disallow intel_bts driver for unprivileged
>> + * users on paranoid systems since it provides trace data
>> + * to the user in a zero-copy fashion.
>> + */
>> + if (event->attr.exclude_kernel && perf_paranoid_kernel() &&
>> + !capable(CAP_SYS_ADMIN))
>> + return -EACCES;
> I.e. it's disabled by default as well, with default paranoia settings?
Actually no, the kernel's default is 1, which allows kernel profiling
for unprivileged users. Distros might be more strict though.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/