[Intel-gfx] [PATCH v3 4/7] drm/i915/perf: open access for CAP_SYS_PERFMON privileged process
Alexey Budankov
alexey.budankov at linux.intel.com
Tue Dec 17 11:38:56 UTC 2019
On 17.12.2019 12:45, Lionel Landwerlin wrote:
> On 16/12/2019 22:03, Alexey Budankov wrote:
>> Open access to i915_perf monitoring for CAP_SYS_PERFMON privileged processes.
>> For backward compatibility reasons access to i915_perf subsystem remains open
>> for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for secure
>> i915_perf monitoring is discouraged with respect to CAP_SYS_PERFMON capability.
>>
>> Signed-off-by: Alexey Budankov <alexey.budankov at linux.intel.com>
>
>
> Assuming people are fine with this new cap, I like this idea of a lighter privilege for i915-perf.
Lionel, thanks for your meaningful input!
Appreciate your collaboration.
Regards,
Alexey
>
>
> -Lionel
>
>
>
More information about the Linux-security-module-archive
mailing list