lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <18739.13487.859058.857227@cargo.ozlabs.ibm.com>
Date:	Mon, 1 Dec 2008 11:49:51 +1100
From:	Paul Mackerras <paulus@...ba.org>
To:	eranian@...il.com
Cc:	"Ingo Molnar" <mingo@...e.hu>, linux-kernel@...r.kernel.org,
	akpm@...ux-foundation.org, x86@...nel.org, andi@...stfloor.org,
	sfr@...b.auug.org.au, "Roland McGrath" <roland@...hat.com>,
	"Oleg Nesterov" <oleg@...hat.com>
Subject: Re: [patch 20/24] perfmon: system calls interface

stephane eranian writes:

> Perfmon requires ptrace ONLY to stop the thread you want to operate
> on. For instance, to read the counters in a thread via pfm_read(), you
> need to have that thread stopped, so perfmon can extract the machine
> state safely.

What would happen if the thread wasn't stopped?  Is it just that the
numbers would be inaccurate, or is there some kind of security
exposure?

If it's just that the numbers would be inaccurate, then I don't think
the kernel needs to enforce it.  The monitoring program *should*
ensure that the thread is stopped or blocked, one way or another, but
it could do that simply by sending a SIGSTOP to the thread.  I don't
see that it would necessarily have to use ptrace.

Paul.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ