[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20170905133026.13689-16-alexander.shishkin@linux.intel.com>
Date: Tue, 5 Sep 2017 16:30:24 +0300
From: Alexander Shishkin <alexander.shishkin@...ux.intel.com>
To: Peter Zijlstra <a.p.zijlstra@...llo.nl>
Cc: Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org,
acme@...hat.com, kirill.shutemov@...ux.intel.com,
Borislav Petkov <bp@...en8.de>, rric@...nel.org,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>
Subject: [RFC PATCH 15/17] perf: Allow controlled non-root access to detached events
The user who created the event should also be able to open its
corresponding file in tracefs and/or remove it.
Signed-off-by: Alexander Shishkin <alexander.shishkin@...ux.intel.com>
---
kernel/events/core.c | 25 ++++++++++++++++++++++---
1 file changed, 22 insertions(+), 3 deletions(-)
diff --git a/kernel/events/core.c b/kernel/events/core.c
index fbee221d19..802c0862a9 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -5579,7 +5579,7 @@ static int perf_fasync(int fd, struct file *filp, int on)
static int perf_open(struct inode *inode, struct file *file)
{
struct perf_event *event = inode->i_private;
- int ret;
+ int ret = 0;
if (WARN_ON_ONCE(!event))
return -EINVAL;
@@ -5587,7 +5587,13 @@ static int perf_open(struct inode *inode, struct file *file)
if (!atomic_long_inc_not_zero(&event->refcount))
return -ENOENT;
- ret = simple_open(inode, file);
+ /* event's user is stable while we're holding the reference */
+ if (event->rb->mmap_user != current_user() &&
+ !capable(CAP_SYS_ADMIN))
+ ret = -EACCES;
+
+ if (!ret)
+ ret = simple_open(inode, file);
if (ret)
put_event(event);
@@ -9593,7 +9599,7 @@ perf_event_detach(struct perf_event *event, struct perf_event *parent_event,
if (!filename)
return -ENOMEM;
- event->dent = tracefs_create_file(filename, 0600,
+ event->dent = tracefs_create_file(filename, 0666,
perf_tracefs_dir,
event, &perf_fops);
kfree(filename);
@@ -11521,6 +11527,7 @@ static int perf_instance_unlink(const char *name)
{
struct perf_event *event;
struct dentry *dent;
+ int ret = 0;
dent = lookup_one_len_unlocked(name, perf_tracefs_dir, strlen(name));
if (!dent)
@@ -11530,6 +11537,18 @@ static int perf_instance_unlink(const char *name)
if (!event)
return -EINVAL;
+ if (!atomic_long_inc_not_zero(&event->refcount))
+ return 0;
+
+ /* event's user is stable while we're holding the reference */
+ if (event->rb->mmap_user != current_user() &&
+ !capable(CAP_SYS_ADMIN))
+ ret = -EACCES;
+ put_event(event);
+
+ if (ret)
+ return ret;
+
if (!(event->attach_state & PERF_ATTACH_CONTEXT))
return -EBUSY;
--
2.14.1
Powered by blists - more mailing lists