[v4] Enable perf tracing for unprivileged users

[PATCH v4 0/3] Enable perf tracing for unprivileged users

Anubhav Shelat posted 3 patches 1 week, 2 days ago

Diff against v3
Download series mbox

fs/tracefs/inode.c              |  2 +-
kernel/events/core.c            | 28 +++++++++++++++++++++++++---
kernel/trace/trace_event_perf.c | 21 ++++++++++++++++++++-
kernel/trace/trace_events.c     | 16 ++++++++++++++--
tools/perf/util/evsel.c         | 14 +++++++++++++-
5 files changed, 73 insertions(+), 8 deletions(-)

Expand all Fold all

[PATCH v4 0/3] Enable perf tracing for unprivileged users

Posted by Anubhav Shelat 1 week, 2 days ago

Enable users to use perf-trace to trace their own processes, like strace
but without the overhead of ptrace(). Ensure that users cannot access
other users' or systemwide tracing data.

Changes in v4:
- Preserve security_perf_event_open(PERF_SECURITY_KERNEL) LSM hook in
  the tp_bypass path.
- Lift the PERF_SAMPLE_IP check out of the tp_bypass path above the
  PERF_SAMPLE_RAW branch so it applies to counting and sampling. This
  also allows us to ensure PERF_SAMPLE_IP is set for uprobes.
- Block counting path for TRACE_EVENT_FL_CAP_ANY for unprivileged users
  with sysctl_perf_event_paranoid > 1.

Changes in v3:
- Don't set PERF_SAMPLE_IP for unprivileged tracepoints. This allows us
  to exclude PERF_SAMPLE_IP from kaddr_leak without weakening KASLR.
- Mount tracefs as world-traversable so users can access eventfs
  directories.

Anubhav Shelat (3):
  perf evsel: don't set PERF_SAMPLE_IP for unprivileged tracepoints
  perf: enable unprivileged syscall tracing with perf trace
  tracefs: make root directory world-traversable

 fs/tracefs/inode.c              |  2 +-
 kernel/events/core.c            | 28 +++++++++++++++++++++++++---
 kernel/trace/trace_event_perf.c | 21 ++++++++++++++++++++-
 kernel/trace/trace_events.c     | 16 ++++++++++++++--
 tools/perf/util/evsel.c         | 14 +++++++++++++-
 5 files changed, 73 insertions(+), 8 deletions(-)

-- 
2.54.0