| /linux/tools/perf/util/ |
| H A D | cap.h | 12 #ifndef CAP_PERFMON
13 #define CAP_PERFMON 38
33 #define CAP_PERFMON global() macro
|
| H A D | util.c | 333 if (!used_root && perf_cap__capable(CAP_PERFMON, &used_root))
|
| /linux/tools/testing/selftests/bpf/ |
| H A D | cap_helpers.h | 8 #ifndef CAP_PERFMON
9 #define CAP_PERFMON 38 macro
|
| H A D | test_loader.c | 732 1ULL << CAP_PERFMON | 1ULL << CAP_BPF); in process_subtest()
|
| H A D | test_verifier.c | 74 1ULL << CAP_PERFMON | \
|
| /linux/Documentation/admin-guide/ |
| H A D | perf-security.rst | 69 Unprivileged processes with enabled CAP_PERFMON capability are treated
72 checks in the kernel. CAP_PERFMON implements the principle of least
80 use cases is discouraged with respect to the CAP_PERFMON capability.
82 API contain denial records of acquiring both CAP_PERFMON and CAP_SYS_ADMIN
83 capabilities then providing the process with CAP_PERFMON capability singly
92 CAP_SYS_PTRACE capability is not required and CAP_PERFMON is enough to
150 Using a libcap without support for CAP_PERFMON will make cap_get_flag(caps, 38,
158 To get kernel and user samples with a perf binary with just CAP_PERFMON.
169 inherent processes with CAP_PERFMON and other required capabilities so that
175 1. Create shell script that uses capsh utility [16]_ to assign CAP_PERFMON
[all …]
|
| /linux/include/uapi/linux/ |
| H A D | capability.h | 381 #define CAP_PERFMON 38 macro
|
| /linux/include/linux/ |
| H A D | capability.h | 197 return capable(CAP_PERFMON) || capable(CAP_SYS_ADMIN); in perfmon_capable()
|
| /linux/Documentation/trace/ |
| H A D | user_events.rst | 20 requires CAP_PERFMON due to the event persisting, otherwise -EPERM is returned.
92 process closes or unregisters the event. Requires CAP_PERFMON otherwise
180 event that persists requires CAP_PERFMON, otherwise -EPERM is returned. When
|
| /linux/tools/perf/Documentation/ |
| H A D | security.txt | 131 can be limited for superuser or CAP_PERFMON or CAP_SYS_ADMIN privileged
144 without CAP_PERFMON or CAP_SYS_ADMIN Linux capability.
|
| H A D | perf-amd-ibs.txt | 37 CAP_SYS_ADMIN or CAP_PERFMON privilege.
|
| H A D | perf-intel-pt.txt | 788 which in turn requires CAP_PERFMON or CAP_SYS_ADMIN.
|
| /linux/drivers/media/rc/ |
| H A D | bpf-lirc.c | 113 if (bpf_token_capable(prog->aux->token, CAP_PERFMON)) in lirc_mode2_func_proto()
|
| /linux/tools/perf/ |
| H A D | builtin-ftrace.c | 70 if (perf_cap__capable(CAP_PERFMON, &used_root)) in __write_tracing_file()
78 : "users with the CAP_PERFMON or CAP_SYS_ADMIN capability" in __write_tracing_file()
|
| H A D | design.txt | 264 all events on CPU-x. Per CPU counters need CAP_PERFMON or CAP_SYS_ADMIN
|
| /linux/tools/testing/selftests/bpf/prog_tests/ |
| H A D | tc_bpf.c | 408 ret = cap_disable_effective(1ULL << CAP_SYS_ADMIN | 1ULL << CAP_PERFMON, NULL); in tc_bpf_non_root()
|
| H A D | token.c | 60 (1ULL << CAP_PERFMON) | in drop_priv_caps()
642 /* bpf_get_current_task() requires CAP_PERFMON */ in userns_prog_load()
660 * and bpf_get_current_task() (CAP_PERFMON) helpers validates we have in userns_prog_load()
|
| /linux/Documentation/admin-guide/sysctl/ |
| H A D | kernel.rst | 933 users (without CAP_PERFMON). The default value is 2.
939 with respect to CAP_PERFMON use cases.
948 ``CAP_PERFMON``.
950 Disallow raw tracepoint access by users without ``CAP_PERFMON``.
952 >=1 Disallow CPU event access by users without ``CAP_PERFMON``.
954 >=2 Disallow kernel profiling by users without ``CAP_PERFMON``.
|
| /linux/tools/bpf/bpftool/ |
| H A D | feature.c | 1052 capability(CAP_PERFMON), in handle_perms()
|
| /linux/kernel/bpf/ |
| H A D | helpers.c | 2005 if (!bpf_token_capable(prog->aux->token, CAP_PERFMON)) in bpf_base_func_proto()
|
| H A D | syscall.c | 2706 if (is_perfmon_prog_type(type) && !bpf_token_capable(token, CAP_PERFMON)) in bpf_prog_load()
5889 return !bpf_token_capable(prog->aux->token, CAP_PERFMON) in kern_sys_bpf()
|
| /linux/net/core/ |
| H A D | filter.c | 11906 if (!bpf_token_capable(prog->aux->token, CAP_PERFMON)) in bpf_dynptr_from_skb()
|