[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230821104550.57d60a75@gandalf.local.home>
Date: Mon, 21 Aug 2023 10:45:50 -0400
From: Steven Rostedt <rostedt@...dmis.org>
To: "Masami Hiramatsu (Google)" <mhiramat@...nel.org>
Cc: Song Liu <song@...nel.org>,
Francis Laniel <flaniel@...ux.microsoft.com>,
linux-kernel@...r.kernel.org, linux-trace-kernel@...r.kernel.org,
Kees Cook <keescook@...omium.org>
Subject: Re: [RFC PATCH v1 1/1] tracing/kprobe: Add multi-probe support for
'perf_kprobe' PMU
On Mon, 21 Aug 2023 19:01:52 +0900
Masami Hiramatsu (Google) <mhiramat@...nel.org> wrote:
> > kprobe BPF program has access to pt_regs, so it can read ip of the
> > attached function. Can we do the same with regular kprobe (no bpf)?
>
> Yes, it can. So I think it is OK to expand CAP_PERFMON to access kallsyms.
> But this means CAP_PERMON itself is not safe in some case.
What are the privileges that CAP_PERFMON gives. I can see why Kees told me
to avoid capabilities when looking at what has access to tracefs. Because
it becomes very difficult to know what the privileges you are giving when
you give out a capability. I just stick to normal ACL (file permissions)
and everything is much easier and simpler to know what has access to what.
-- Steve
Powered by blists - more mailing lists