| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 Oct 2014 09:49:28 -0700 From: Andy Lutomirski <luto@...capital.net> To: Peter Zijlstra <peterz@...radead.org> Cc: Erik Bosman <ebn310@....vu.nl>, Ingo Molnar <mingo@...hat.com>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Paul Mackerras <paulus@...ba.org>, Kees Cook <keescook@...omium.org>, Arnaldo Carvalho de Melo <acme@...nel.org>, Andrea Arcangeli <aarcange@...hat.com>, Valdis Kletnieks <Valdis.Kletnieks@...edu> Subject: Re: [RFC 5/5] x86,perf: Only allow rdpmc if a perf_event is mapped On Mon, Oct 20, 2014 at 1:33 AM, Peter Zijlstra <peterz@...radead.org> wrote: > On Sun, Oct 19, 2014 at 03:57:54PM -0700, Andy Lutomirski wrote: >> > Maybe, but at that point we commit to yet another ABI... I'd rather just >> > put a 'sane' implementation in a library or so. >> >> This cuts both ways, though. For vdso timekeeping, the underlying >> data structure has changed repeatedly, sometimes to add features, and >> sometimes for performance, and the vdso has done a good job insulating >> userspace from it. (In fact, until 3.16, even the same exact kernel >> version couldn't be relied on to have the same data structure with >> different configs, and even now, no one really wants to teach user >> libraries how to parse the pvclock data structures.) > > Fair enough, but as it stands we've already committed to the data > structure exposed to userspace. True. OTOH, if a vdso function gets added, a few releases go by, and all the userspace tools get updated, then the old data structure could be dropped if needed by clearing cap_user_rdpmc. Anyway, this is so far out of scope for the current project that I'm going to ignore it. >> FWIW, something should probably specify exactly when it's safe to try >> a userspace rdpmc. I think that the answer is that, for a perf event >> watching a pid, only that pid can do it (in particular, other threads >> must not try). For a perf event monitoring a whole cpu, the answer is >> less clear to me. > > This all was really only meant to be used for self-monitoring, so where > an event is attached to the very same task, anything else and I'm find > disabling it. Actually implementing this might be a touch awkward. I can check whether an event has a task context that matches the creating task, but that's not necessarily the same thing as the task that mmaps it. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists