/linux/tools/perf/util/ |
H A D | cap.h | 12 #ifndef CAP_PERFMON 13 #define CAP_PERFMON 38 33 #define CAP_PERFMON global() macro
|
H A D | util.c | 333 if (!used_root && perf_cap__capable(CAP_PERFMON, &used_root))
|
/linux/tools/testing/selftests/bpf/ |
H A D | cap_helpers.h | 8 #ifndef CAP_PERFMON 9 #define CAP_PERFMON 38 macro
|
H A D | test_loader.c | 732 1ULL << CAP_PERFMON | 1ULL << CAP_BPF); in process_subtest()
|
H A D | test_verifier.c | 74 1ULL << CAP_PERFMON | \
|
/linux/Documentation/admin-guide/ |
H A D | perf-security.rst | 69 Unprivileged processes with enabled CAP_PERFMON capability are treated 72 checks in the kernel. CAP_PERFMON implements the principle of least 80 use cases is discouraged with respect to the CAP_PERFMON capability. 82 API contain denial records of acquiring both CAP_PERFMON and CAP_SYS_ADMIN 83 capabilities then providing the process with CAP_PERFMON capability singly 92 CAP_SYS_PTRACE capability is not required and CAP_PERFMON is enough to 150 Using a libcap without support for CAP_PERFMON will make cap_get_flag(caps, 38, 158 To get kernel and user samples with a perf binary with just CAP_PERFMON. 169 inherent processes with CAP_PERFMON and other required capabilities so that 175 1. Create shell script that uses capsh utility [16]_ to assign CAP_PERFMON [all …]
|
/linux/include/uapi/linux/ |
H A D | capability.h | 381 #define CAP_PERFMON 38 macro
|
/linux/include/linux/ |
H A D | capability.h | 197 return capable(CAP_PERFMON) || capable(CAP_SYS_ADMIN); in perfmon_capable()
|
/linux/Documentation/trace/ |
H A D | user_events.rst | 20 requires CAP_PERFMON due to the event persisting, otherwise -EPERM is returned. 92 process closes or unregisters the event. Requires CAP_PERFMON otherwise 180 event that persists requires CAP_PERFMON, otherwise -EPERM is returned. When
|
/linux/tools/perf/Documentation/ |
H A D | security.txt | 131 can be limited for superuser or CAP_PERFMON or CAP_SYS_ADMIN privileged 144 without CAP_PERFMON or CAP_SYS_ADMIN Linux capability.
|
H A D | perf-amd-ibs.txt | 37 CAP_SYS_ADMIN or CAP_PERFMON privilege.
|
H A D | perf-intel-pt.txt | 788 which in turn requires CAP_PERFMON or CAP_SYS_ADMIN.
|
/linux/drivers/media/rc/ |
H A D | bpf-lirc.c | 113 if (bpf_token_capable(prog->aux->token, CAP_PERFMON)) in lirc_mode2_func_proto()
|
/linux/tools/perf/ |
H A D | builtin-ftrace.c | 70 if (perf_cap__capable(CAP_PERFMON, &used_root)) in __write_tracing_file() 78 : "users with the CAP_PERFMON or CAP_SYS_ADMIN capability" in __write_tracing_file()
|
H A D | design.txt | 264 all events on CPU-x. Per CPU counters need CAP_PERFMON or CAP_SYS_ADMIN
|
/linux/tools/testing/selftests/bpf/prog_tests/ |
H A D | tc_bpf.c | 408 ret = cap_disable_effective(1ULL << CAP_SYS_ADMIN | 1ULL << CAP_PERFMON, NULL); in tc_bpf_non_root()
|
H A D | token.c | 60 (1ULL << CAP_PERFMON) | in drop_priv_caps() 642 /* bpf_get_current_task() requires CAP_PERFMON */ in userns_prog_load() 660 * and bpf_get_current_task() (CAP_PERFMON) helpers validates we have in userns_prog_load()
|
/linux/Documentation/admin-guide/sysctl/ |
H A D | kernel.rst | 933 users (without CAP_PERFMON). The default value is 2. 939 with respect to CAP_PERFMON use cases. 948 ``CAP_PERFMON``. 950 Disallow raw tracepoint access by users without ``CAP_PERFMON``. 952 >=1 Disallow CPU event access by users without ``CAP_PERFMON``. 954 >=2 Disallow kernel profiling by users without ``CAP_PERFMON``.
|
/linux/tools/bpf/bpftool/ |
H A D | feature.c | 1052 capability(CAP_PERFMON), in handle_perms()
|
/linux/kernel/bpf/ |
H A D | helpers.c | 2005 if (!bpf_token_capable(prog->aux->token, CAP_PERFMON)) in bpf_base_func_proto()
|
H A D | syscall.c | 2706 if (is_perfmon_prog_type(type) && !bpf_token_capable(token, CAP_PERFMON)) in bpf_prog_load() 5889 return !bpf_token_capable(prog->aux->token, CAP_PERFMON) in kern_sys_bpf()
|
/linux/net/core/ |
H A D | filter.c | 11906 if (!bpf_token_capable(prog->aux->token, CAP_PERFMON)) in bpf_dynptr_from_skb()
|