This patch reverts commit 7cc23cd:
perf/x86/intel/lbr: Demand proper privileges for PERF_SAMPLE_BRANCH_KERNEL
The check is now implemented in generic code
instead of x86 specific code. That way we
do not have to repeat the test in each arch
supporting branch sampling.
Signed-off-by: Stephane Eranian <[email protected]>
---
arch/x86/kernel/cpu/perf_event_intel_lbr.c | 13 +++----------
kernel/events/core.c | 9 ++++-----
2 files changed, 7 insertions(+), 15 deletions(-)
diff --git a/arch/x86/kernel/cpu/perf_event_intel_lbr.c b/arch/x86/kernel/cpu/perf_event_intel_lbr.c
index d978353..de341d4 100644
--- a/arch/x86/kernel/cpu/perf_event_intel_lbr.c
+++ b/arch/x86/kernel/cpu/perf_event_intel_lbr.c
@@ -310,7 +310,7 @@ void intel_pmu_lbr_read(void)
* - in case there is no HW filter
* - in case the HW filter has errata or limitations
*/
-static int intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
+static void intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
{
u64 br_type = event->attr.branch_sample_type;
int mask = 0;
@@ -318,11 +318,8 @@ static int intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
if (br_type & PERF_SAMPLE_BRANCH_USER)
mask |= X86_BR_USER;
- if (br_type & PERF_SAMPLE_BRANCH_KERNEL) {
- if (perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
- return -EACCES;
+ if (br_type & PERF_SAMPLE_BRANCH_KERNEL)
mask |= X86_BR_KERNEL;
- }
/* we ignore BRANCH_HV here */
@@ -342,8 +339,6 @@ static int intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
* be used by fixup code for some CPU
*/
event->hw.branch_reg.reg = mask;
-
- return 0;
}
/*
@@ -391,9 +386,7 @@ int intel_pmu_setup_lbr_filter(struct perf_event *event)
/*
* setup SW LBR filter
*/
- ret = intel_pmu_setup_sw_lbr_filter(event);
- if (ret)
- return ret;
+ intel_pmu_setup_sw_lbr_filter(event);
/*
* setup HW LBR filter, if any
diff --git a/kernel/events/core.c b/kernel/events/core.c
index 9dc297f..cf79c81 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -6327,11 +6327,6 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr,
if (!(mask & ~PERF_SAMPLE_BRANCH_PLM_ALL))
return -EINVAL;
- /* kernel level capture: check permissions */
- if ((mask & PERF_SAMPLE_BRANCH_PERM_PLM)
- && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
- return -EACCES;
-
/* propagate priv level, when not set for branch */
if (!(mask & PERF_SAMPLE_BRANCH_PLM_ALL)) {
@@ -6349,6 +6344,10 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr,
*/
attr->branch_sample_type = mask;
}
+ /* kernel level capture: check permissions */
+ if ((mask & PERF_SAMPLE_BRANCH_KERNEL)
+ && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
+ return -EACCES;
}
if (attr->sample_type & PERF_SAMPLE_REGS_USER) {
--
1.7.9.5
On Tue, May 21, 2013 at 12:53:37PM +0200, Stephane Eranian wrote:
>
> This patch reverts commit 7cc23cd:
> perf/x86/intel/lbr: Demand proper privileges for PERF_SAMPLE_BRANCH_KERNEL
>
> The check is now implemented in generic code
> instead of x86 specific code. That way we
> do not have to repeat the test in each arch
> supporting branch sampling.
Good point indeed.
> Signed-off-by: Stephane Eranian <[email protected]>
> ---
> arch/x86/kernel/cpu/perf_event_intel_lbr.c | 13 +++----------
> kernel/events/core.c | 9 ++++-----
> 2 files changed, 7 insertions(+), 15 deletions(-)
>
> diff --git a/kernel/events/core.c b/kernel/events/core.c
> index 9dc297f..cf79c81 100644
> --- a/kernel/events/core.c
> +++ b/kernel/events/core.c
> @@ -6327,11 +6327,6 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr,
> if (!(mask & ~PERF_SAMPLE_BRANCH_PLM_ALL))
> return -EINVAL;
>
> - /* kernel level capture: check permissions */
> - if ((mask & PERF_SAMPLE_BRANCH_PERM_PLM)
> - && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> - return -EACCES;
> -
Oh hey, there was a check..
> /* propagate priv level, when not set for branch */
> if (!(mask & PERF_SAMPLE_BRANCH_PLM_ALL)) {
>
> @@ -6349,6 +6344,10 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr,
> */
> attr->branch_sample_type = mask;
> }
> + /* kernel level capture: check permissions */
> + if ((mask & PERF_SAMPLE_BRANCH_KERNEL)
> + && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> + return -EACCES;
> }
>
> if (attr->sample_type & PERF_SAMPLE_REGS_USER) {
> --
> 1.7.9.5
>
On Tue, May 21, 2013 at 1:08 PM, Peter Zijlstra <[email protected]> wrote:
>
> On Tue, May 21, 2013 at 12:53:37PM +0200, Stephane Eranian wrote:
> >
> > This patch reverts commit 7cc23cd:
> > perf/x86/intel/lbr: Demand proper privileges for PERF_SAMPLE_BRANCH_KERNEL
> >
> > The check is now implemented in generic code
> > instead of x86 specific code. That way we
> > do not have to repeat the test in each arch
> > supporting branch sampling.
>
> Good point indeed.
>
> > Signed-off-by: Stephane Eranian <[email protected]>
> > ---
> > arch/x86/kernel/cpu/perf_event_intel_lbr.c | 13 +++----------
> > kernel/events/core.c | 9 ++++-----
> > 2 files changed, 7 insertions(+), 15 deletions(-)
> >
>
> > diff --git a/kernel/events/core.c b/kernel/events/core.c
> > index 9dc297f..cf79c81 100644
> > --- a/kernel/events/core.c
> > +++ b/kernel/events/core.c
> > @@ -6327,11 +6327,6 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr,
> > if (!(mask & ~PERF_SAMPLE_BRANCH_PLM_ALL))
> > return -EINVAL;
> >
> > - /* kernel level capture: check permissions */
> > - if ((mask & PERF_SAMPLE_BRANCH_PERM_PLM)
> > - && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> > - return -EACCES;
> > -
>
> Oh hey, there was a check..
>
There was a check. But I realized it was broken. It was checking user+kernel.
But it did not cover the case where the priv level which propagated from the
event and was not specific to the branch_sample_type.
>
> > /* propagate priv level, when not set for branch */
> > if (!(mask & PERF_SAMPLE_BRANCH_PLM_ALL)) {
> >
> > @@ -6349,6 +6344,10 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr,
> > */
> > attr->branch_sample_type = mask;
> > }
> > + /* kernel level capture: check permissions */
> > + if ((mask & PERF_SAMPLE_BRANCH_KERNEL)
> > + && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
> > + return -EACCES;
> > }
> >
> > if (attr->sample_type & PERF_SAMPLE_REGS_USER) {
> > --
> > 1.7.9.5
> >
Commit-ID: 2b923c8f5de6722393e614b096d5040b6d4eaf98
Gitweb: http://git.kernel.org/tip/2b923c8f5de6722393e614b096d5040b6d4eaf98
Author: Stephane Eranian <[email protected]>
AuthorDate: Tue, 21 May 2013 12:53:37 +0200
Committer: Ingo Molnar <[email protected]>
CommitDate: Tue, 28 May 2013 09:13:54 +0200
perf/x86: Check branch sampling priv level in generic code
This patch moves commit 7cc23cd to the generic code:
perf/x86/intel/lbr: Demand proper privileges for PERF_SAMPLE_BRANCH_KERNEL
The check is now implemented in generic code instead of x86 specific
code. That way we do not have to repeat the test in each arch
supporting branch sampling.
Signed-off-by: Stephane Eranian <[email protected]>
Signed-off-by: Peter Zijlstra <[email protected]>
Cc: Frederic Weisbecker <[email protected]>
Cc: Jiri Olsa <[email protected]>
Cc: Arnaldo Carvalho de Melo <[email protected]>
Link: http://lkml.kernel.org/r/20130521105337.GA2879@quad
Signed-off-by: Ingo Molnar <[email protected]>
---
arch/x86/kernel/cpu/perf_event_intel_lbr.c | 13 +++----------
kernel/events/core.c | 9 ++++-----
2 files changed, 7 insertions(+), 15 deletions(-)
diff --git a/arch/x86/kernel/cpu/perf_event_intel_lbr.c b/arch/x86/kernel/cpu/perf_event_intel_lbr.c
index d978353..de341d4 100644
--- a/arch/x86/kernel/cpu/perf_event_intel_lbr.c
+++ b/arch/x86/kernel/cpu/perf_event_intel_lbr.c
@@ -310,7 +310,7 @@ void intel_pmu_lbr_read(void)
* - in case there is no HW filter
* - in case the HW filter has errata or limitations
*/
-static int intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
+static void intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
{
u64 br_type = event->attr.branch_sample_type;
int mask = 0;
@@ -318,11 +318,8 @@ static int intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
if (br_type & PERF_SAMPLE_BRANCH_USER)
mask |= X86_BR_USER;
- if (br_type & PERF_SAMPLE_BRANCH_KERNEL) {
- if (perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
- return -EACCES;
+ if (br_type & PERF_SAMPLE_BRANCH_KERNEL)
mask |= X86_BR_KERNEL;
- }
/* we ignore BRANCH_HV here */
@@ -342,8 +339,6 @@ static int intel_pmu_setup_sw_lbr_filter(struct perf_event *event)
* be used by fixup code for some CPU
*/
event->hw.branch_reg.reg = mask;
-
- return 0;
}
/*
@@ -391,9 +386,7 @@ int intel_pmu_setup_lbr_filter(struct perf_event *event)
/*
* setup SW LBR filter
*/
- ret = intel_pmu_setup_sw_lbr_filter(event);
- if (ret)
- return ret;
+ intel_pmu_setup_sw_lbr_filter(event);
/*
* setup HW LBR filter, if any
diff --git a/kernel/events/core.c b/kernel/events/core.c
index 53d1b30..a0780b3 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -6481,11 +6481,6 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr,
if (!(mask & ~PERF_SAMPLE_BRANCH_PLM_ALL))
return -EINVAL;
- /* kernel level capture: check permissions */
- if ((mask & PERF_SAMPLE_BRANCH_PERM_PLM)
- && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
- return -EACCES;
-
/* propagate priv level, when not set for branch */
if (!(mask & PERF_SAMPLE_BRANCH_PLM_ALL)) {
@@ -6503,6 +6498,10 @@ static int perf_copy_attr(struct perf_event_attr __user *uattr,
*/
attr->branch_sample_type = mask;
}
+ /* kernel level capture: check permissions */
+ if ((mask & PERF_SAMPLE_BRANCH_KERNEL)
+ && perf_paranoid_kernel() && !capable(CAP_SYS_ADMIN))
+ return -EACCES;
}
if (attr->sample_type & PERF_SAMPLE_REGS_USER) {