Received: by 2002:a25:8b91:0:0:0:0:0 with SMTP id j17csp2462760ybl;
        Mon, 20 Jan 2020 03:27:57 -0800 (PST)
X-Google-Smtp-Source: APXvYqyNLc+H1Zee7iFsq5hjfN71w7JJAjJe/qSlkHvlhUPexGEMdV4BnZcjao8/qJvBLZfv+rLn
X-Received: by 2002:a9d:7410:: with SMTP id n16mr16025486otk.23.1579519676970;
        Mon, 20 Jan 2020 03:27:56 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1579519676; cv=none;
        d=google.com; s=arc-20160816;
        b=xwk9DYnjV3TCIWT9660maxPHCzCCC5RWKW6NneMcSBE53LP0Ou/JTB511Df7IK4O9S
         FfuZmRUy/ZeGUxPxyWVWPCfrbSZAB7f+WB+PObxTuw9LAhfc/AWSm1jcs+1L8ja3C7n5
         CSNTcGZzi39EQ9Y0Mz+9qu+2/+5uw27y6u2cMS0lmKwCr6vGqve/ef2dxeO1QQ4UM+2w
         257jChZof84E6UCfk0a93FMMS/A0LZGsrUgjxRTUU8pg+UlmXtJ952Ppi0+TUCa3VkWH
         LxnPRRI8I6e1QWmgRDOKBXY5Y2YCHUJH/80zfKztVSKmodICU53AFjkvokKnQiD5fAWj
         4MIQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:organization:references:cc:to:from:subject;
        bh=HaaroC92zcIBmX3UVQJHho1ONdfiDV8WIzMROOh61FY=;
        b=NDch+QEWaFKXKycBuZbOw1eQYWwVzx+aGqIJaRI914vgomciN5ByRYw6XTz6oFcdPV
         aeaB2wuOs6Vs1ItzPv/YTqia8s3w3cDMUaNRINgJy6wLpSFNgdmfUc8+rIhch0h89H6a
         FqyCUqcWLpOFYwlDWhttr18F3zTNNNXqfMlAhM0kFZxqmr2bJ6rogrEst+soyLcb46LH
         sOfoxEM7v4wln0AfH8j6vXXIa3uG7XcynKb+UgNan79GhgVTM3xN4TTXNaTuTXHVwF59
         XY5wq3/R2nGqsNqN08LB2qYk6O0zT9a5r2oZfZHRftNCswbQyYKHRHKCGH2BG9N3NU9L
         mshg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b2si17741622oic.205.2020.01.20.03.27.45;
        Mon, 20 Jan 2020 03:27:56 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726897AbgATL0Q (ORCPT <rfc822;xc.haze2010@gmail.com>
        + 99 others); Mon, 20 Jan 2020 06:26:16 -0500
Received: from mga11.intel.com ([192.55.52.93]:1969 "EHLO mga11.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1726752AbgATL0P (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 20 Jan 2020 06:26:15 -0500
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga003.jf.intel.com ([10.7.209.27])
  by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Jan 2020 03:26:14 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.70,341,1574150400"; 
   d="scan'208";a="227028367"
Received: from linux.intel.com ([10.54.29.200])
  by orsmga003.jf.intel.com with ESMTP; 20 Jan 2020 03:26:13 -0800
Received: from [10.125.252.193] (abudanko-mobl.ccr.corp.intel.com [10.125.252.193])
        by linux.intel.com (Postfix) with ESMTP id 87DDE5802C1;
        Mon, 20 Jan 2020 03:26:05 -0800 (PST)
Subject: [PATCH v5 03/10] perf/core: open access to anon probes for
 CAP_PERFMON privileged process
From:   Alexey Budankov <alexey.budankov@linux.intel.com>
To:     Peter Zijlstra <peterz@infradead.org>,
        Arnaldo Carvalho de Melo <acme@kernel.org>,
        Ingo Molnar <mingo@redhat.com>,
        "jani.nikula@linux.intel.com" <jani.nikula@linux.intel.com>,
        "joonas.lahtinen@linux.intel.com" <joonas.lahtinen@linux.intel.com>,
        "rodrigo.vivi@intel.com" <rodrigo.vivi@intel.com>,
        "benh@kernel.crashing.org" <benh@kernel.crashing.org>,
        Paul Mackerras <paulus@samba.org>,
        Michael Ellerman <mpe@ellerman.id.au>,
        "james.bottomley@hansenpartnership.com" 
        <james.bottomley@hansenpartnership.com>,
        Serge Hallyn <serge@hallyn.com>,
        James Morris <jmorris@namei.org>,
        Will Deacon <will.deacon@arm.com>,
        Mark Rutland <mark.rutland@arm.com>,
        Robert Richter <rric@kernel.org>,
        Alexei Starovoitov <ast@kernel.org>
Cc:     Jiri Olsa <jolsa@redhat.com>, Andi Kleen <ak@linux.intel.com>,
        Stephane Eranian <eranian@google.com>,
        Igor Lubashev <ilubashe@akamai.com>,
        Alexander Shishkin <alexander.shishkin@linux.intel.com>,
        Namhyung Kim <namhyung@kernel.org>,
        Song Liu <songliubraving@fb.com>,
        Lionel Landwerlin <lionel.g.landwerlin@intel.com>,
        Thomas Gleixner <tglx@linutronix.de>,
        linux-kernel <linux-kernel@vger.kernel.org>,
        "linux-security-module@vger.kernel.org" 
        <linux-security-module@vger.kernel.org>,
        "selinux@vger.kernel.org" <selinux@vger.kernel.org>,
        "intel-gfx@lists.freedesktop.org" <intel-gfx@lists.freedesktop.org>,
        "linux-parisc@vger.kernel.org" <linux-parisc@vger.kernel.org>,
        "linuxppc-dev@lists.ozlabs.org" <linuxppc-dev@lists.ozlabs.org>,
        linux-arm-kernel@lists.infradead.org,
        "linux-perf-users@vger.kernel.org" <linux-perf-users@vger.kernel.org>,
        oprofile-list@lists.sf.net
References: <0548c832-7f4b-dc4c-8883-3f2b6d351a08@linux.intel.com>
Organization: Intel Corp.
Message-ID: <750f7e60-3b7c-f2e7-fd33-bddbfea5ff57@linux.intel.com>
Date:   Mon, 20 Jan 2020 14:26:04 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101
 Thunderbird/68.4.1
MIME-Version: 1.0
In-Reply-To: <0548c832-7f4b-dc4c-8883-3f2b6d351a08@linux.intel.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org


Open access to anon kprobes, uprobes and eBPF tracing for CAP_PERFMON
privileged processes. For backward compatibility reasons access remains
open for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for
secure monitoring is discouraged with respect to CAP_PERFMON capability.
Providing the access under CAP_PERFMON capability singly, without the
rest of CAP_SYS_ADMIN credentials, excludes chances to misuse the
credentials and makes operations more secure.

Anon kprobes and uprobes are used by ftrace and eBPF. perf probe uses
ftrace to define new kprobe events, and those events are treated as
tracepoint events. eBPF defines new probes via perf_event_open syscall
and then the probes are used in eBPF tracing.

Signed-off-by: Alexey Budankov <alexey.budankov@linux.intel.com>
---
 kernel/events/core.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/events/core.c b/kernel/events/core.c
index b1fcbbe24849..8a6c0b08451d 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -9088,7 +9088,7 @@ static int perf_kprobe_event_init(struct perf_event *event)
 	if (event->attr.type != perf_kprobe.type)
 		return -ENOENT;
 
-	if (!capable(CAP_SYS_ADMIN))
+	if (!perfmon_capable())
 		return -EACCES;
 
 	/*
@@ -9148,7 +9148,7 @@ static int perf_uprobe_event_init(struct perf_event *event)
 	if (event->attr.type != perf_uprobe.type)
 		return -ENOENT;
 
-	if (!capable(CAP_SYS_ADMIN))
+	if (!perfmon_capable())
 		return -EACCES;
 
 	/*
-- 
2.20.1