Re: [PATCH] perf test: Skip for paranoid 3
From: Peter Zijlstra
Date: Fri Jul 01 2022 - 04:56:09 EST
On Thu, Jun 30, 2022 at 01:59:54PM -0700, Ian Rogers wrote:
> On Thu, Jun 30, 2022 at 2:11 AM Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
> >
> > On Tue, Jun 28, 2022 at 08:40:07PM -0700, Ian Rogers wrote:
> > > Add skip tests for paranoid level being 3.
> > > Rather than skipping lines starting "Failed", skip lines containing
> > > "failed" - making the behavior consistent with the previous python
> > > version.
> >
> > paranoid 3 is an out of tree patch.
>
> Thanks, what is the right way to resolve this? My desktop appears to
> be carrying the patch and I'd like the tests to be as green as
> possible.
Then you desktop is probably running a Debian or derivative distro
kernel. You can run your own kernel, or ask the Debian team to ditch
their hack and use the LSM hooks to further limit perf usage if they
feel this is required.
The big advantage of the LSM hooks is that they can explicitly
white-list the perf binary while dis-allowing random users access to the
syscall. That way perf will still work but the possible exploit
potential is much reduced.