lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20160712142753.GT30909@twins.programming.kicks-ass.net>
Date:	Tue, 12 Jul 2016 16:27:53 +0200
From:	Peter Zijlstra <peterz@...radead.org>
To:	"Eric W. Biederman" <ebiederm@...ssion.com>
Cc:	Nikolay Borisov <kernel@...p.com>,
	Aravinda Prasad <aravinda@...ux.vnet.ibm.com>,
	linux-kernel@...r.kernel.org, rostedt@...dmis.org,
	mingo@...hat.com, paulus@...ba.org, acme@...nel.org,
	hbathini@...ux.vnet.ibm.com, ananth@...ibm.com
Subject: Re: [RFC PATCH 2/2] perf: Filter events based on perf-namespace

On Tue, Jul 12, 2016 at 08:55:17AM -0500, Eric W. Biederman wrote:

> I completely misread the description of this, or I would have something
> earlier.  For some reason I thought he was talking about the perf
> controller.
> 
> As I recall the tricky part of this was to have tracing that was safe
> and usable inside of a container.  If you can align a per cgroup with
> your container that is probably sufficient for the select of processes.
> 
> At the same time there is a real desire to have identifiers like pids
> translated into the appropriate form for inside of the container.
> Without that translation they are meaningless inside a container.
> Further it is necessary to be certain the trancing that is used is is
> safe for unprivileged users.
> 
> I don't think I ever suggested or approved of the concept of a perf
> namespace and that sounds a bit dubious to me.

So perf uses the pid-namespace of the event-creator to report PID/TID
numbers in.

So sys_perf_event_open() -> perf_event_alloc() does
get_pid_ns(task_active_pid_ns(current)) to set event->ns and then we do:
task_{tgid,pid}_nr_ns(p, event->ns) to report the PID/TID resp., see
perf_event_{pid,tid}().

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ