[PATCH v8 00/12] Introduce CAP_PERFMON to secure system performance monitoring and observability
Arnaldo Carvalho de Melo
arnaldo.melo at gmail.com
Tue Apr 7 14:35:51 UTC 2020
Em Tue, Apr 07, 2020 at 11:30:14AM -0300, Arnaldo Carvalho de Melo escreveu:
> [perf at five ~]$ type perf
> perf is hashed (/home/perf/bin/perf)
> [perf at five ~]$ getcap /home/perf/bin/perf
> /home/perf/bin/perf = cap_sys_ptrace,cap_syslog,38+ep
> [perf at five ~]$ groups
> perf perf_users
> [perf at five ~]$ id
> uid=1002(perf) gid=1002(perf) groups=1002(perf),1003(perf_users) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
> [perf at five ~]$ perf top --stdio
> Error:
> Failed to mmap with 1 (Operation not permitted)
> [perf at five ~]$ perf record -a
> ^C[ perf record: Woken up 1 times to write data ]
> [ perf record: Captured and wrote 1.177 MB perf.data (1552 samples) ]
>
> [perf at five ~]$ perf evlist
> cycles:u
> [perf at five ~]$
Humm, perf record falls back to cycles:u after initially trying cycles
(i.e. kernel and userspace), lemme see trying 'perf top -e cycles:u',
lemme test, humm not really:
[perf at five ~]$ perf top --stdio -e cycles:u
Error:
Failed to mmap with 1 (Operation not permitted)
[perf at five ~]$ perf record -e cycles:u -a sleep 1
[ perf record: Woken up 1 times to write data ]
[ perf record: Captured and wrote 1.123 MB perf.data (132 samples) ]
[perf at five ~]$
Back to debugging this.
- Arnaldo
More information about the Linux-security-module-archive
mailing list