Thanks Aneesh and Mpe for reviewing this patch.
Michael Ellerman <mpe(a)ellerman.id.au> writes:
"Aneesh Kumar K.V" <aneesh.kumar(a)linux.ibm.com>
>> + /* Allow access only to perfmon capable users */
>> + if (!perfmon_capable())
>> + return -EACCES;
> An access check is usually done in open(). This is the read callback IIUC.
Yes. Otherwise an unprivileged user can open the file, and then trick a
suid program into reading from it.
Agree, but since the 'open()' for this sysfs attribute is handled
by kern-fs, AFAIK dont see any direct way to enforce this policy.
Only other way it seems to me is to convert the 'perf_stats' DEVICE_ATTR_RO