From 4103700aa6f86462569763a31ccb0ac128e2e3ac Mon Sep 17 00:00:00 2001 From: Andrey Skobtsov Date: Tue, 19 May 2020 01:17:19 +0300 Subject: [PATCH] Changed comments --- src/Common/ThreadProfileEvents.cpp | 6 ++++++ src/Common/ThreadProfileEvents.h | 13 ------------- 2 files changed, 6 insertions(+), 13 deletions(-) diff --git a/src/Common/ThreadProfileEvents.cpp b/src/Common/ThreadProfileEvents.cpp index c835876ff33..6392607ce6d 100644 --- a/src/Common/ThreadProfileEvents.cpp +++ b/src/Common/ThreadProfileEvents.cpp @@ -182,6 +182,12 @@ static int openPerfEvent(perf_event_attr *hw_event, pid_t pid, int cpu, int grou return static_cast(syscall(SYS_perf_event_open, hw_event, pid, cpu, group_fd, flags)); } +// cat /proc/sys/kernel/perf_event_paranoid +// -1: Allow use of (almost) all events by all users +// >=0: Disallow raw tracepoint access by users without CAP_IOC_LOCK +// >=1: Disallow CPU event access by users without CAP_SYS_ADMIN +// >=2: Disallow kernel profiling by users without CAP_SYS_ADMIN +// >=3: Disallow all event access by users without CAP_SYS_ADMIN static bool getPerfEventParanoid(Int32 & result) { // the longest possible variant: "-1\0" diff --git a/src/Common/ThreadProfileEvents.h b/src/Common/ThreadProfileEvents.h index c84ffabb1fb..48333632188 100644 --- a/src/Common/ThreadProfileEvents.h +++ b/src/Common/ThreadProfileEvents.h @@ -185,19 +185,6 @@ struct PerfEventsCounters // must be unsigned to not cause undefined behaviour on increment typedef UInt64 Id; - // cat /proc/sys/kernel/perf_event_paranoid - if perf_event_paranoid is set to 3, all calls to `perf_event_open` are rejected (even for the current process) - // https://lwn.net/Articles/696234/ - // -1: Allow use of (almost) all events by all users - // >=0: Disallow raw tracepoint access by users without CAP_IOC_LOCK - // >=1: Disallow CPU event access by users without CAP_SYS_ADMIN - // >=2: Disallow kernel profiling by users without CAP_SYS_ADMIN - // >=3: Disallow all event access by users without CAP_SYS_ADMIN - - // https://lwn.net/Articles/696216/ - // It adds a another value that can be set for the sysctl parameter (i.e. kernel.perf_event_paranoid=3) - // that restricts perf_event_open() to processes with the CAP_SYS_ADMIN capability - // todo: check whether perf_event_open() is available with CAP_SYS_ADMIN - static constexpr size_t NUMBER_OF_RAW_EVENTS = 18; static const PerfEventInfo raw_events_info[PerfEventsCounters::NUMBER_OF_RAW_EVENTS];