Comment by loeg
With the caveat that my only familiarity with the interface is reading the manual page, it seems like only some modes of perf_event_open are privileged.
With the caveat that my only familiarity with the interface is reading the manual page, it seems like only some modes of perf_event_open are privileged.
these days most distros lock down perf_event pretty tightly by default, making it fairly useless unless you have admin access to your machine
this is due to timing attacks you can do with detailed perf info, but also due to the constant stream of bugs found by the perf_fuzzer that took years to fix and it was easier to just lock down by default
The exploit provided in the article requires PMUs, i.e. hardware events, which are privileged. The PMU itself, at least the Intel one, is full of bugs and can be used to at least DoS the machine, at most take control of it. Letting anyone access the PMU is already a high-trust event, and I take a skeptical read on exploits that require the attacker to own the machine to start.