perf_counter: sysctl for system wide perf counters
authorPeter Zijlstra <a.p.zijlstra@chello.nl>
Thu, 9 Apr 2009 08:53:45 +0000 (10:53 +0200)
committerIngo Molnar <mingo@elte.hu>
Thu, 9 Apr 2009 09:50:52 +0000 (11:50 +0200)
Impact: add sysctl for paranoid/relaxed perfcounters policy

Allow the use of system wide perf counters to everybody, but provide
a sysctl to disable it for the paranoid security minded.

Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Paul Mackerras <paulus@samba.org>
Cc: Corey Ashford <cjashfor@linux.vnet.ibm.com>
LKML-Reference: <20090409085524.514046352@chello.nl>
Signed-off-by: Ingo Molnar <mingo@elte.hu>
include/linux/perf_counter.h
kernel/perf_counter.c
kernel/sysctl.c

index c22363a4f7466e4ad54e1f1689eca32958da5fb4..981432885301de920788633e785323d7c11a8b41 100644 (file)
@@ -568,6 +568,8 @@ struct perf_callchain_entry {
 
 extern struct perf_callchain_entry *perf_callchain(struct pt_regs *regs);
 
+extern int sysctl_perf_counter_priv;
+
 #else
 static inline void
 perf_counter_task_sched_in(struct task_struct *task, int cpu)          { }
index 76376ecb23b5ebe9a45eff99ba84d6006291373d..7efb7ebaaae041d155008d52a3b5d508329e9d40 100644 (file)
@@ -42,6 +42,8 @@ static atomic_t nr_mmap_tracking __read_mostly;
 static atomic_t nr_munmap_tracking __read_mostly;
 static atomic_t nr_comm_tracking __read_mostly;
 
+int sysctl_perf_counter_priv __read_mostly; /* do we need to be privileged */
+
 /*
  * Mutex for (sysadmin-configurable) counter reservations:
  */
@@ -1132,7 +1134,7 @@ static struct perf_counter_context *find_get_context(pid_t pid, int cpu)
         */
        if (cpu != -1) {
                /* Must be root to operate on a CPU counter: */
-               if (!capable(CAP_SYS_ADMIN))
+               if (sysctl_perf_counter_priv && !capable(CAP_SYS_ADMIN))
                        return ERR_PTR(-EACCES);
 
                if (cpu < 0 || cpu > num_possible_cpus())
index 4286b62b34a0a2d0f9a00f96ae2e8822647238bf..8ba457838d951e294f0cd14ee0c82640a1961e1b 100644 (file)
@@ -49,6 +49,7 @@
 #include <linux/reboot.h>
 #include <linux/ftrace.h>
 #include <linux/slow-work.h>
+#include <linux/perf_counter.h>
 
 #include <asm/uaccess.h>
 #include <asm/processor.h>
@@ -920,6 +921,16 @@ static struct ctl_table kern_table[] = {
                .child          = slow_work_sysctls,
        },
 #endif
+#ifdef CONFIG_PERF_COUNTERS
+       {
+               .ctl_name       = CTL_UNNUMBERED,
+               .procname       = "perf_counter_privileged",
+               .data           = &sysctl_perf_counter_priv,
+               .maxlen         = sizeof(sysctl_perf_counter_priv),
+               .mode           = 0644,
+               .proc_handler   = &proc_dointvec,
+       },
+#endif
 /*
  * NOTE: do not add new entries to this table unless you have read
  * Documentation/sysctl/ctl_unnumbered.txt