lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <158755785264.28353.15436360627491965116.tip-bot2@tip-bot2>
Date:   Wed, 22 Apr 2020 12:17:32 -0000
From:   "tip-bot2 for Alexey Budankov" <tip-bot2@...utronix.de>
To:     linux-tip-commits@...r.kernel.org
Cc:     Alexey Budankov <alexey.budankov@...ux.intel.com>,
        James Morris <jamorris@...ux.microsoft.com>,
        Alexei Starovoitov <ast@...nel.org>,
        Andi Kleen <ak@...ux.intel.com>,
        Igor Lubashev <ilubashe@...mai.com>,
        Jiri Olsa <jolsa@...hat.com>,
        Namhyung Kim <namhyung@...nel.org>,
        Peter Zijlstra <peterz@...radead.org>,
        Serge Hallyn <serge@...lyn.com>,
        Song Liu <songliubraving@...com>,
        Stephane Eranian <eranian@...gle.com>,
        Thomas Gleixner <tglx@...utronix.de>,
        intel-gfx@...ts.freedesktop.org, linux-doc@...r.kernel.org,
        linux-man@...r.kernel.org, linux-security-module@...r.kernel.org,
        selinux@...r.kernel.org,
        Arnaldo Carvalho de Melo <acme@...hat.com>,
        x86 <x86@...nel.org>, LKML <linux-kernel@...r.kernel.org>
Subject: [tip: perf/core] drivers/oprofile: Open access for CAP_PERFMON
 privileged process

The following commit has been merged into the perf/core branch of tip:

Commit-ID:     ab76878bb720cbd35a05ae868387f4373a58c949
Gitweb:        https://git.kernel.org/tip/ab76878bb720cbd35a05ae868387f4373a58c949
Author:        Alexey Budankov <alexey.budankov@...ux.intel.com>
AuthorDate:    Thu, 02 Apr 2020 11:53:07 +03:00
Committer:     Arnaldo Carvalho de Melo <acme@...hat.com>
CommitterDate: Thu, 16 Apr 2020 12:19:09 -03:00

drivers/oprofile: Open access for CAP_PERFMON privileged process

Open access to monitoring for CAP_PERFMON privileged process.  Providing
the access under CAP_PERFMON capability singly, without the rest of
CAP_SYS_ADMIN credentials, excludes chances to misuse the credentials
and makes operation more secure.

CAP_PERFMON implements the principle of least privilege for performance
monitoring and observability operations (POSIX IEEE 1003.1e 2.2.2.39
principle of least privilege: A security design principle that states
that a process or program be granted only those privileges (e.g.,
capabilities) necessary to accomplish its legitimate function, and only
for the time that such privileges are actually required)

For backward compatibility reasons access to the monitoring remains open
for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for
secure monitoring is discouraged with respect to CAP_PERFMON capability.

Signed-off-by: Alexey Budankov <alexey.budankov@...ux.intel.com>
Acked-by: James Morris <jamorris@...ux.microsoft.com>
Cc: Alexei Starovoitov <ast@...nel.org>
Cc: Andi Kleen <ak@...ux.intel.com>
Cc: Igor Lubashev <ilubashe@...mai.com>
Cc: Jiri Olsa <jolsa@...hat.com>
Cc: Namhyung Kim <namhyung@...nel.org>
Cc: Peter Zijlstra <peterz@...radead.org>
Cc: Serge Hallyn <serge@...lyn.com>
Cc: Song Liu <songliubraving@...com>
Cc: Stephane Eranian <eranian@...gle.com>
Cc: Thomas Gleixner <tglx@...utronix.de>
Cc: intel-gfx@...ts.freedesktop.org
Cc: linux-doc@...r.kernel.org
Cc: linux-man@...r.kernel.org
Cc: linux-security-module@...r.kernel.org
Cc: selinux@...r.kernel.org
Link: http://lore.kernel.org/lkml/691f1096-b15f-9b12-50a0-c2b93918149e@linux.intel.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@...hat.com>
---
 drivers/oprofile/event_buffer.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/oprofile/event_buffer.c b/drivers/oprofile/event_buffer.c
index 12ea4a4..6c9edc8 100644
--- a/drivers/oprofile/event_buffer.c
+++ b/drivers/oprofile/event_buffer.c
@@ -113,7 +113,7 @@ static int event_buffer_open(struct inode *inode, struct file *file)
 {
 	int err = -EPERM;
 
-	if (!capable(CAP_SYS_ADMIN))
+	if (!perfmon_capable())
 		return -EPERM;
 
 	if (test_and_set_bit_lock(0, &buffer_opened))

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ