To facilitate informed decision making by system administrators [1] to permit and manage access to Perf Events (PE) / Perf tool (Perf) [2],[3] performance monitoring for multiple users perf-security.rst document suggested by Thomas Gleixner is introduced [4] that: a) states PE/Perf access security concerns for multi user environment b) refers to base Linux access control and management principles c) extends documentation of possible perf_event_paranoid knob settings The file serves as single knowledge source for PE/Perf security and access control related matter according to decisions, discussion and PoC prototype previously made here [5],[6]. The file can later be extended with information describing: a) PE/Perf usage models and its security implications b) PE/Perf user interface, its changes and related security implications c) security related implications of monitoring by a specific PE PMU [2] --- Alexey Budankov (2): Documentation/admin-guide: introduce perf-security.rst file Documentation/admin-guide: update admin-guide index.rst Documentation/admin-guide/index.rst | 1 + Documentation/admin-guide/perf-security.rst | 76 +++++++++++++++++++++ 2 files changed, 77 insertions(+) create mode 100644 Documentation/admin-guide/perf-security.rst --- Changes in v2: - reverted patches order in the set to avoid CI issue - replaced old PCL referencing by PE (Perf Events) - skipped >=3 setting documentation at the moment --- [1] https://marc.info/?l=linux-kernel&m=153815883923913&w=2 [2] http://man7.org/linux/man-pages/man2/perf_event_open.2.html [3] https://perf.wiki.kernel.org/index.php/Main_Page [4] https://marc.info/?l=linux-kernel&m=153837512226838&w=2 [5] https://marc.info/?l=linux-kernel&m=153736008310781&w=2 [6] https://lkml.org/lkml/2018/5/21/156
