| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 12 Jul 2016 16:27:53 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: "Eric W. Biederman" <ebiederm@...ssion.com>
Cc: Nikolay Borisov <kernel@...p.com>,
Aravinda Prasad <aravinda@...ux.vnet.ibm.com>,
linux-kernel@...r.kernel.org, rostedt@...dmis.org,
mingo@...hat.com, paulus@...ba.org, acme@...nel.org,
hbathini@...ux.vnet.ibm.com, ananth@...ibm.com
Subject: Re: [RFC PATCH 2/2] perf: Filter events based on perf-namespace
On Tue, Jul 12, 2016 at 08:55:17AM -0500, Eric W. Biederman wrote:
> I completely misread the description of this, or I would have something
> earlier. For some reason I thought he was talking about the perf
> controller.
>
> As I recall the tricky part of this was to have tracing that was safe
> and usable inside of a container. If you can align a per cgroup with
> your container that is probably sufficient for the select of processes.
>
> At the same time there is a real desire to have identifiers like pids
> translated into the appropriate form for inside of the container.
> Without that translation they are meaningless inside a container.
> Further it is necessary to be certain the trancing that is used is is
> safe for unprivileged users.
>
> I don't think I ever suggested or approved of the concept of a perf
> namespace and that sounds a bit dubious to me.
So perf uses the pid-namespace of the event-creator to report PID/TID
numbers in.
So sys_perf_event_open() -> perf_event_alloc() does
get_pid_ns(task_active_pid_ns(current)) to set event->ns and then we do:
task_{tgid,pid}_nr_ns(p, event->ns) to report the PID/TID resp., see
perf_event_{pid,tid}().
Powered by blists - more mailing lists