Hi Namhyung, On 04.04.2020 5:18, Namhyung Kim wrote: > Hello, > > On Thu, Apr 2, 2020 at 5:47 PM Alexey Budankov > <alexey.budankov@xxxxxxxxxxxxxxx> wrote: >> >> >> Extend error messages to mention CAP_PERFMON capability as an option >> to substitute CAP_SYS_ADMIN capability for secure system performance >> monitoring and observability operations. Make perf_event_paranoid_check() >> and __cmd_ftrace() to be aware of CAP_PERFMON capability. >> >> CAP_PERFMON implements the principal of least privilege for performance >> monitoring and observability operations (POSIX IEEE 1003.1e 2.2.2.39 >> principle of least privilege: A security design principle that states >> that a process or program be granted only those privileges (e.g., >> capabilities) necessary to accomplish its legitimate function, and only >> for the time that such privileges are actually required) >> >> For backward compatibility reasons access to perf_events subsystem remains >> open for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for >> secure perf_events monitoring is discouraged with respect to CAP_PERFMON >> capability. >> >> Signed-off-by: Alexey Budankov <alexey.budankov@xxxxxxxxxxxxxxx> >> Reviewed-by: James Morris <jamorris@xxxxxxxxxxxxxxxxxxx> > > Acked-by: Namhyung Kim <namhyung@xxxxxxxxxx> Thanks! I appreciate you involvement and effort. ~Alexey > > Thanks > Namhyung >
