[PATCH 00/17] Add OA functionality to Xe

Tue May 21 16:43:12 UTC 2024

On Tue, 21 May 2024 09:29:51 -0700, Souza, Jose wrote:
>
> On Tue, 2024-05-21 at 09:10 -0700, Dixit, Ashutosh wrote:
> > On Tue, 21 May 2024 07:47:58 -0700, Souza, Jose wrote:
> >
> > Hi Jose,
> >
> > > > Other ask, can you remove this 'Failed to remove unknown OA config'
> > > > debug message from xe_oa_remove_config_ioctl()?
> > >
> > > Missed 'Insufficient privileges to remove xe OA config', that need to be
> > > removed too from xe_oa_remove_config_ioctl().
> > >
> > > > Mesa will be using DRM_XE_PERF_OP_REMOVE_CONFIG with config id set to
> > > > UINT64_MAX to detect if Xe KMD supports OA counters and if application
> > > > has enough permissions to use it.  So it causes dmesg to be flooded
> > > > with 'xe 0000:00:02.0: [drm:xe_oa_remove_config_ioctl [xe]] Failed to
> > > > remove unknown OA config' messages when running tests suites.
> > > >
> > > > Or do you have other suggestion of uAPI that I can use.
> >
> > OK, so you are relying on ENODEV and EACCES errno's from
> > DRM_XE_PERF_OP_REMOVE_CONFIG to find out (a) if OA is present and (b) if
> > you need to be root (actually CAP_PERFMON or CAP_SYS_ADMIN).
>
> yep
>
> >
> > This logic in Xe should be close to what we have in i915? What does Mesa do
> > for i915, or what doesn't work in Xe?
> >
> > Here are some pointers:
> >
> > * You can execute DRM_XE_DEVICE_QUERY_OA_UNITS to see if OA is present
> >
> > * Add/remove OA configs and using the global OAG buffer (time based
> >   sampling or DRM_XE_OA_PROPERTY_SAMPLE_OA set) are priviliged operations
> >   (need root). Operations which only need OAR/OAC (OA queries, without
> >   DRM_XE_OA_PROPERTY_SAMPLE_OA) can be executed by non-root.
> >
> > * If "/proc/sys/dev/xe/perf_stream_paranoid" is 0, all operations can be
> >   executed by non-root users. Otherwise, as I described in the previous
> >   point.
>
> It is possible that process not started by root has CAP_PERFMON:

Yes, correct.

Above I am using "root" loosely as "CAP_PERFMON or CAP_SYS_ADMIN".

So if root sets 'perf_stream_paranoid' to 0, normal users can do OA
priviliged operations (as described above).

If root sets 'perf_stream_paranoid' to 1, only CAP_PERFMON or CAP_SYS_ADMIN
users can do OA priviliged operations.

> "Unprivileged processes with enabled CAP_PERFMON capability are treated
> as privileged processes with respect to perf_events performance
> monitoring and observability operations,..."
>
> And from what I understood only root can write to perf_stream_paranoid,
> so I don't see a point in having this file...

So I don't know how this statement follows?

root or superuser is the one which gives the permission to non-CAP_PERFMON
and non-CAP_SYS_ADMIN users to be able to do priviliged OA operations.

> > So basically I think you just need to check for the perf_stream_paranoid
> > file above. It will tell you both (a) if OA is present (because we are
> > going to merge the code which creates this file together with OA) and (b)
> > if you need to be root for particular operations.
> >
> > Thanks.
> > --
> > Ashutosh
>