FROMLIST: security,perf: Allow further restriction of perf_event_open When kernel.perf_event_open is set to 3 (or greater), disallow all access to performance events by users without CAP_SYS_ADMIN. Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that makes this value the default. This is based on a similar feature in grsecurity (CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making the variable read-only. It also allows enabling further restriction at run-time regardless of whether the default is changed. https://lkml.org/lkml/2016/1/11/587 Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Bug: 29054680 Change-Id: Iff5bff4fc1042e85866df9faa01bce8d04335ab8

commit: b8f839272da7a666384e9c705937b970acfd5206 [log] [tgz]
author: Jeff Vander Stoep <jeffv@google.com> Sun May 29 14:22:32 2016 -0700
committer: Christian Hoffmann <chrmhoffmann@gmail.com> Sat Aug 26 07:40:33 2017 +0000
tree: c57613517d9507000799802e840b8d0da8fc78b4
parent: 76f9c372f605be5500376be945826abb6337fd58 [diff] [blame]
diff --git a/security/Kconfig b/security/Kconfig
index ccc61f8..f9e267c 100644
--- a/security/Kconfig
+++ b/security/Kconfig

@@ -84,6 +84,15 @@
 
 	  If you are unsure how to answer this question, answer N.
 
+config SECURITY_PERF_EVENTS_RESTRICT
+	bool "Restrict unprivileged use of performance events"
+	depends on PERF_EVENTS
+	help
+	  If you say Y here, the kernel.perf_event_paranoid sysctl
+	  will be set to 3 by default, and no unprivileged use of the
+	  perf_event_open syscall will be permitted unless it is
+	  changed.
+
 config SECURITY
 	bool "Enable different security models"
 	depends on SYSFS
commit	b8f839272da7a666384e9c705937b970acfd5206	[log] [tgz]
author	Jeff Vander Stoep <jeffv@google.com>	Sun May 29 14:22:32 2016 -0700
committer	Christian Hoffmann <chrmhoffmann@gmail.com>	Sat Aug 26 07:40:33 2017 +0000
tree	c57613517d9507000799802e840b8d0da8fc78b4
parent	76f9c372f605be5500376be945826abb6337fd58 [diff] [blame]