| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <YLdxL9QVh5n6xGeP@kernel.org>
Date: Wed, 2 Jun 2021 08:53:19 -0300
From: Arnaldo Carvalho de Melo <acme@...nel.org>
To: Masami Hiramatsu <mhiramat@...nel.org>
Cc: Arnaldo Carvalho de Melo <acme@...hat.com>,
Ravi Bangoria <ravi.bangoria@...ux.ibm.com>,
Jiri Olsa <jolsa@...nel.org>, jolsa@...hat.com,
linux-kernel@...r.kernel.org,
"Aneesh Kumar K . V" <aneesh.kumar@...ux.ibm.com>
Subject: Re: [PATCH v2] tools/perf: doc: Add permission and sysctl notice
Em Wed, May 26, 2021 at 11:51:29PM +0900, Masami Hiramatsu escreveu:
> Add a section to notify the permission and sysctl setting
> for perf probe. And fix some indentations.
>
> Reported-by: Ravi Bangoria <ravi.bangoria@...ux.ibm.com>
Ravi, can I have your Reviewed-by?
- Arnaldo
> Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org>
> ---
> Changes in v2:
> - Add tracefs remount option for --list command.
> - Mention uprobe case for kptr_restrict and vmlinux/debuginfo permission.
> ---
> tools/perf/Documentation/perf-probe.txt | 19 ++++++++++++++++---
> 1 file changed, 16 insertions(+), 3 deletions(-)
>
> diff --git a/tools/perf/Documentation/perf-probe.txt b/tools/perf/Documentation/perf-probe.txt
> index ed3ecfa422e1..080981d38d7b 100644
> --- a/tools/perf/Documentation/perf-probe.txt
> +++ b/tools/perf/Documentation/perf-probe.txt
> @@ -226,7 +226,7 @@ So, "source.c:100-120" shows lines between 100th to l20th in source.c file. And
>
> LAZY MATCHING
> -------------
> - The lazy line matching is similar to glob matching but ignoring spaces in both of pattern and target. So this accepts wildcards('*', '?') and character classes(e.g. [a-z], [!A-Z]).
> +The lazy line matching is similar to glob matching but ignoring spaces in both of pattern and target. So this accepts wildcards('*', '?') and character classes(e.g. [a-z], [!A-Z]).
>
> e.g.
> 'a=*' can matches 'a=b', 'a = b', 'a == b' and so on.
> @@ -235,8 +235,8 @@ This provides some sort of flexibility and robustness to probe point definitions
>
> FILTER PATTERN
> --------------
> - The filter pattern is a glob matching pattern(s) to filter variables.
> - In addition, you can use "!" for specifying filter-out rule. You also can give several rules combined with "&" or "|", and fold those rules as one rule by using "(" ")".
> +The filter pattern is a glob matching pattern(s) to filter variables.
> +In addition, you can use "!" for specifying filter-out rule. You also can give several rules combined with "&" or "|", and fold those rules as one rule by using "(" ")".
>
> e.g.
> With --filter "foo* | bar*", perf probe -V shows variables which start with "foo" or "bar".
> @@ -295,6 +295,19 @@ Add a probe in a source file using special characters by backslash escape
> ./perf probe -x /opt/test/a.out 'foo\+bar.c:4'
>
>
> +PERMISSIONS AND SYSCTL
> +----------------------
> +Since perf probe depends on ftrace (tracefs) and kallsyms (/proc/kallsyms), you have to care about the permission and some sysctl knobs.
> +
> + - Since tracefs and kallsyms requires root or privileged user to access it, the following perf probe commands also require it; --add, --del, --list (except for --cache option)
> +
> + - The system admin can remount the tracefs with 755 (`sudo mount -o remount,mode=755 /sys/kernel/tracing/`) to allow unprivileged user to run the perf probe --list command.
> +
> + - /proc/sys/kernel/kptr_restrict = 2 (restrict all users) also prevents perf probe to retrieve the important information from kallsyms. You also need to set to 1 (restrict non CAP_SYSLOG users) for the above commands. Since the user-space probe doesn't need to access kallsyms, this is only for probing the kernel function (kprobes).
> +
> + - Since the perf probe commands read the vmlinux (for kernel) and/or the debuginfo file (including user-space application), you need to ensure that you can read those files.
> +
> +
> SEE ALSO
> --------
> linkperf:perf-trace[1], linkperf:perf-record[1], linkperf:perf-buildid-cache[1]
>
--
- Arnaldo
Powered by blists - more mailing lists