lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 26 May 2021 15:20:58 +0530
From:   Ravi Bangoria <ravi.bangoria@...ux.ibm.com>
To:     Masami Hiramatsu <mhiramat@...nel.org>
Cc:     Jiri Olsa <jolsa@...nel.org>, jolsa@...hat.com,
        linux-kernel@...r.kernel.org,
        "Aneesh Kumar K . V" <aneesh.kumar@...ux.ibm.com>,
        Arnaldo Carvalho de Melo <acme@...hat.com>,
        acme@...nel.org, Ravi Bangoria <ravi.bangoria@...ux.ibm.com>
Subject: Re: [PATCH] tools/perf: doc: Add permission and sysctl notice



On 5/26/21 2:31 PM, Masami Hiramatsu wrote:
> Add a section to notify the permission and sysctl setting
> for perf probe. And fix some indentations.

Yes, it makes sense to have this detail in man page.

Few minor points below ...

>   
> +PERMISSIONS AND SYSCTL
> +----------------------
> +Since perf probe depends on ftrace (tracefs) and kallsyms (/proc/kallsyms), you have to care about the permission and some sysctl knobs.
> +
> + - Since tracefs and kallsyms requires root or privileged user to access it, the following perf probe commands also require it; --add, --del, --list (except for --cache option)
> +
> + - /proc/sys/kernel/kptr_restrict = 2 (restrict all users) also prevents perf probe to retrieve the important information from kallsyms. You also need to set to 1 (restrict non CAP_SYSLOG users) for the above commands.
> +
> + - Since the perf probe commands read the vmlinux and/or the debuginfo file, you need to ensure that you can read those files.

1) Last two points are applicable to kprobes only, not uprobes. Would
    it make sense to clarify that?
2) For 3rd point, simple perf probe on function entry will work without
    vmlinux/debuginfo (by using kallsyms). Should we mention that?

In any case,

Acked-by: Ravi Bangoria <ravi.bangoria@...ux.ibm.com>

Ravi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ