On Thu, Sep 05, 2019 at 02:03:43PM +0200, Thomas Gleixner wrote: > Similar to creating timers on a process there is no restriction at all to > read the Posix CPU clocks of any process in the system. Per thread CPU > clock access is limited to threads in the same thread group. > > The per process CPU clocks can be used to observe activity of tasks and > reading them can affect the execution of the process to which they are > attached as reading can require to lock sighand lock and sum up the fine > grained accounting for all threads in the process. > > Restrict it by checking ptrace MODE_READ permissions of the reader on the > target process. > > Signed-off-by: Thomas Gleixner <[email protected]>
Reviewed-by: Frederic Weisbecker <[email protected]>
