perf_counter: sysctl for system wide perf counters Impact: add sysctl for paranoid/relaxed perfcounters policy Allow the use of system wide perf counters to everybody, but provide a sysctl to disable it for the paranoid security minded. Signed-off-by: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Paul Mackerras <paulus@samba.org> Cc: Corey Ashford <cjashfor@linux.vnet.ibm.com> LKML-Reference: <20090409085524.514046352@chello.nl> Signed-off-by: Ingo Molnar <mingo@elte.hu>

commit: 1ccd15497869f3ed83b5225d410df53a96e52757 [log] [tgz]
author: Peter Zijlstra <a.p.zijlstra@chello.nl> Thu Apr 09 10:53:45 2009 +0200
committer: Ingo Molnar <mingo@elte.hu> Thu Apr 09 11:50:52 2009 +0200
tree: 67c475136503f53c2b2d9d9ada1c281aef0a162b
parent: 9ee318a7825929bc3734110b83ae8e20e53d9de3 [diff] [blame]
diff --git a/kernel/perf_counter.c b/kernel/perf_counter.c
index 76376ec..7efb7eb 100644
--- a/kernel/perf_counter.c
+++ b/kernel/perf_counter.c

@@ -42,6 +42,8 @@
 static atomic_t nr_munmap_tracking __read_mostly;
 static atomic_t nr_comm_tracking __read_mostly;
 
+int sysctl_perf_counter_priv __read_mostly; /* do we need to be privileged */
+
 /*
  * Mutex for (sysadmin-configurable) counter reservations:
  */
@@ -1132,7 +1134,7 @@
 	 */
 	if (cpu != -1) {
 		/* Must be root to operate on a CPU counter: */
-		if (!capable(CAP_SYS_ADMIN))
+		if (sysctl_perf_counter_priv && !capable(CAP_SYS_ADMIN))
 			return ERR_PTR(-EACCES);
 
 		if (cpu < 0 || cpu > num_possible_cpus())
commit	1ccd15497869f3ed83b5225d410df53a96e52757	[log] [tgz]
author	Peter Zijlstra <a.p.zijlstra@chello.nl>	Thu Apr 09 10:53:45 2009 +0200
committer	Ingo Molnar <mingo@elte.hu>	Thu Apr 09 11:50:52 2009 +0200
tree	67c475136503f53c2b2d9d9ada1c281aef0a162b
parent	9ee318a7825929bc3734110b83ae8e20e53d9de3 [diff] [blame]