From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <asheplyakov@basealt.ru>
X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on
 sa.local.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.3 required=5.0 tests=ALL_TRUSTED,BAYES_00,
 RP_MATCHES_RCVD autolearn=unavailable autolearn_force=no version=3.4.1
Date: Sun, 5 Jun 2022 11:48:06 +0400
From: Alexey Sheplyakov <asheplyakov@basealt.ru>
To: ALT Linux kernel packages development <devel-kernel@lists.altlinux.org>
Message-ID: <YpxfNbs1bVTn/5dV@asheplyakov-vostro-3500>
References: <20220602003100.524482-1-vt@altlinux.org>
 <YpjTyDetPLPNJCmf@asheplyakov-rocket>
 <20220602163914.GB11775@altlinux.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20220602163914.GB11775@altlinux.org>
Subject: Re: [d-kernel] [PATCH] UBUNTU: SAUCE: security,
 perf: Allow further restriction of perf_event_open
X-BeenThere: devel-kernel@lists.altlinux.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: ALT Linux kernel packages development
 <devel-kernel@lists.altlinux.org>
List-Id: ALT Linux kernel packages development
 <devel-kernel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/options/devel-kernel>,
 <mailto:devel-kernel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel-kernel>
List-Post: <mailto:devel-kernel@lists.altlinux.org>
List-Help: <mailto:devel-kernel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel-kernel>,
 <mailto:devel-kernel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Jun 2022 07:48:10 -0000
Archived-At: <http://lore.altlinux.org/devel-kernel/YpxfNbs1bVTn%2F5dV@asheplyakov-vostro-3500/>
List-Archive: <http://lore.altlinux.org/devel-kernel/>
List-Post: <mailto:devel-kernel@altlinux.org>

Hello,

On Thu, Jun 02, 2022 at 07:39:14PM +0300, Dmitry V. Levin wrote:
> > No, thanks. Profiling on Linux is already more diffucult than it should be
> > Making things even more complicated is not appreciated at all.
> 
> Since the kernel we are talking about is an universal kernel, it has to
> suit needs of both those who care about basic security and those who do
> profiling.

Breaking a basic system functionality (such as debugging and profiling)
has nothing to do with security.

> Thus, a patch that makes this control runtime configurable is a long awaited one.

This statement is wrong. No people I know of need a knob to make their
system broken.

> The only aspect worth discussing is the default behaviour.

By default an ordinary user should be able to debug and profile his processes
(things used to work that way for several decades). Those who want a broken
system can break it without the newly added knob, i.e. by removing gdb and perf
(and mounting all user-writable filesystems with noexec option).

P.S.

People who actually need security 

1) don't use out-of-order CPUs (to avoid Meltdown, Spectre, etc)
2) don't use Linux (so the kernel can be actually audited)
3) don't exist