projects / firefly-linux-kernel-4.4.55.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 934f498)
ANDROID: restrict access to perf events
authorJeff Vander Stoep <jeffv@google.com>
Wed, 1 Jun 2016 20:44:47 +0000 (13:44 -0700)
committerAmit Pundir <amit.pundir@linaro.org>
Thu, 16 Jun 2016 08:14:10 +0000 (13:44 +0530)
Add:
CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y

to android-base.cfg

The kernel.perf_event_paranoid sysctl is set to 3 by default.
No unprivileged use of the perf_event_open syscall will be
permitted unless it is changed.

Bug: 29054680
Change-Id: Ie7512259150e146d8e382dc64d40e8faaa438917

android/configs/android-base.cfg patch | blob | history

diff --git a/android/configs/android-base.cfg b/android/configs/android-base.cfg
index 304f1d4fd7c49ceade5f14d9036d38c63ba45a5b..6db5542a51f4c024efa8c56bf1f7677f01d05070 100644 (file)
--- a/android/configs/android-base.cfg
+++ b/android/configs/android-base.cfg
@@ -145,6 +145,7 @@ CONFIG_RTC_CLASS=y
 CONFIG_RT_GROUP_SCHED=y
 CONFIG_SECURITY=y
 CONFIG_SECURITY_NETWORK=y
+CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
 CONFIG_SECURITY_SELINUX=y
 CONFIG_SETEND_EMULATION=y
 CONFIG_STAGING=y
Unnamed repository; edit this file 'description' to name the repository.