projects / openwrt / staging / blogic.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a044560)
perf_counter: Require CAP_SYS_ADMIN for raw tracepoint data
authorPeter Zijlstra <[email protected]>
Mon, 10 Aug 2009 09:20:12 +0000 (11:20 +0200)
committerIngo Molnar <[email protected]>
Mon, 10 Aug 2009 09:33:09 +0000 (11:33 +0200)
Raw tracepoint data contains various kernel internals and
data from other users, so restrict this to CAP_SYS_ADMIN.

Signed-off-by: Peter Zijlstra <[email protected]>
Acked-by: Frederic Weisbecker <[email protected]>
Cc: Arnaldo Carvalho de Melo <[email protected]>
Cc: Mike Galbraith <[email protected]>
Cc: Paul Mackerras <[email protected]>
LKML-Reference: <1249896452.17467.75.camel@twins>
Signed-off-by: Ingo Molnar <[email protected]>
kernel/perf_counter.c patch | blob | history

diff --git a/kernel/perf_counter.c b/kernel/perf_counter.c
index 5229d1666fa5d2fdac21a2b2acb733a935b01f82..b0b20a07f3942422f614a4d0f429a23d19db396e 100644 (file)
--- a/kernel/perf_counter.c
+++ b/kernel/perf_counter.c
@@ -3787,6 +3787,14 @@ static void tp_perf_counter_destroy(struct perf_counter *counter)
 
 static const struct pmu *tp_perf_counter_init(struct perf_counter *counter)
 {
+       /*
+        * Raw tracepoint data is a severe data leak, only allow root to
+        * have these.
+        */
+       if ((counter->attr.sample_type & PERF_SAMPLE_RAW) &&
+                       !capable(CAP_SYS_ADMIN))
+               return ERR_PTR(-EPERM);
+
        if (ftrace_profile_enable(counter->attr.config))
                return NULL;
 
John Crispins staging tree