On Sun, Aug 30, 2020 at 07:31:39AM -0500, Eric W. Biederman wrote: > peterz@xxxxxxxxxxxxx writes: > > Could we check privs twice instead? > > > > Something like the completely untested below.. > > That might work. > > I am thinking that for cases where we want to do significant work it > might be better to ask the process to pause at someplace safe (probably > get_signal) and then do all of the work when we know nothing is changing > in the process. > > I don't really like the idea of checking and then checking again. We > might have to do it but it feels like the model is wrong somewhere. Another possible aproach might be to grab a copy of the cred pointer and have the final install check that. It means we need to allow perf_install_in_context() to fail though. That might be a little more work. > I had not realized before this how much setting up tracing in > perf_even_open looks like attaching a debugger in ptrace_attach. Same problem; once you've attached a perf event you can observe much of what the task does.
