[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200416155033.GD2650@kernel.org>
Date: Thu, 16 Apr 2020 12:50:33 -0300
From: Arnaldo Carvalho de Melo <arnaldo.melo@...il.com>
To: Ian Rogers <irogers@...gle.com>
Cc: Peter Zijlstra <peterz@...radead.org>,
Ingo Molnar <mingo@...hat.com>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jiri Olsa <jolsa@...hat.com>,
Namhyung Kim <namhyung@...nel.org>,
linux-kernel@...r.kernel.org, Stephane Eranian <eranian@...gle.com>
Subject: Re: [PATCH v2] perf stat: force error in fallback on :k events
Em Tue, Apr 14, 2020 at 09:15:50AM -0700, Ian Rogers escreveu:
> From: Stephane Eranian <eranian@...gle.com>
>
> When it is not possible for a non-privilege perf command
> to monitor at the kernel level (:k), the fallback code forces
> a :u. That works if the event was previously monitoring both levels.
> But if the event was already constrained to kernel only, then it does
> not make sense to restrict it to user only.
> Given the code works by exclusion, a kernel only event would have:
> attr->exclude_user = 1
> The fallback code would add:
> attr->exclude_kernel = 1;
>
> In the end the end would not monitor in either the user level or kernel
> level. In other words, it would count nothing.
>
> An event programmed to monitor kernel only cannot be switched to user only
> without seriously warning the user.
>
> This patch forces an error in this case to make it clear the request
> cannot really be satisfied.
>
> Behavior with paranoid 1:
> $ sudo bash -c "echo 1 > /proc/sys/kernel/perf_event_paranoid"
> $ perf stat -e cycles:k sleep 1
>
> Performance counter stats for 'sleep 1':
>
> 1,520,413 cycles:k
>
> 1.002361664 seconds time elapsed
>
> 0.002480000 seconds user
> 0.000000000 seconds sys
>
> Old behavior with paranoid 2:
> $ sudo bash -c "echo 2 > /proc/sys/kernel/perf_event_paranoid"
> $ perf stat -e cycles:k sleep 1
> Performance counter stats for 'sleep 1':
>
> 0 cycles:ku
>
> 1.002358127 seconds time elapsed
>
> 0.002384000 seconds user
> 0.000000000 seconds sys
>
> New behavior with paranoid 2:
> $ sudo bash -c "echo 2 > /proc/sys/kernel/perf_event_paranoid"
> $ perf stat -e cycles:k sleep 1
> Error:
> You may not have permission to collect stats.
>
> Consider tweaking /proc/sys/kernel/perf_event_paranoid,
> which controls use of the performance events system by
> unprivileged users (without CAP_PERFMON or CAP_SYS_ADMIN).
>
> The current value is 2:
>
> -1: Allow use of (almost) all events by all users
> Ignore mlock limit after perf_event_mlock_kb without CAP_IPC_LOCK
> >= 0: Disallow ftrace function tracepoint by users without CAP_PERFMON or CAP_SYS_ADMIN
> Disallow raw tracepoint access by users without CAP_SYS_PERFMON or CAP_SYS_ADMIN
> >= 1: Disallow CPU event access by users without CAP_PERFMON or CAP_SYS_ADMIN
> >= 2: Disallow kernel profiling by users without CAP_PERFMON or CAP_SYS_ADMIN
>
> To make this setting permanent, edit /etc/sysctl.conf too, e.g.:
>
> kernel.perf_event_paranoid = -1
>
> v2 of this patch addresses the review feedback from jolsa@...hat.com.
Hey, thanks _a lot_ for providing the before/after output, this allows
me to review the code and then just go mechanically follow your steps to
reproduce the results, awesome, keep doing it that way.
And Jiri is right, one-liners are fantastic, this one came close enough
:-)
I did some reflowing of the commit text, check if you're curious when
this goes upstream, no original content changed, just added some spaces,
separator blank lines and moved the examples two spaces to the right.
Thanks,
- Arnaldo
> Signed-off-by: Stephane Eranian <eranian@...gle.com>
> Reviewed-by: Ian Rogers <irogers@...gle.com>
> ---
> tools/perf/util/evsel.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/tools/perf/util/evsel.c b/tools/perf/util/evsel.c
> index d23db6755f51..b4e8bcb5ab05 100644
> --- a/tools/perf/util/evsel.c
> +++ b/tools/perf/util/evsel.c
> @@ -2446,6 +2446,10 @@ bool perf_evsel__fallback(struct evsel *evsel, int err,
> char *new_name;
> const char *sep = ":";
>
> + /* If event has exclude user then don't exclude kernel. */
> + if (evsel->core.attr.exclude_user)
> + return false;
> +
> /* Is there already the separator in the name. */
> if (strchr(name, '/') ||
> strchr(name, ':'))
> --
> 2.26.0.110.g2183baf09c-goog
>
--
- Arnaldo
Powered by blists - more mailing lists