[Intel-gfx] [PATCH v3 4/7] drm/i915/perf: open access for CAP_SYS_PERFMON privileged process
alexey.budankov at linux.intel.com
Tue Dec 17 11:38:56 UTC 2019
On 17.12.2019 12:45, Lionel Landwerlin wrote:
> On 16/12/2019 22:03, Alexey Budankov wrote:
>> Open access to i915_perf monitoring for CAP_SYS_PERFMON privileged processes.
>> For backward compatibility reasons access to i915_perf subsystem remains open
>> for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for secure
>> i915_perf monitoring is discouraged with respect to CAP_SYS_PERFMON capability.
>> Signed-off-by: Alexey Budankov <alexey.budankov at linux.intel.com>
> Assuming people are fine with this new cap, I like this idea of a lighter privilege for i915-perf.
Lionel, thanks for your meaningful input!
Appreciate your collaboration.
More information about the Linux-security-module-archive