android_kernel_oneplus_msm8998/security
Jeff Vander Stoep 9d5f5d9346 FROMLIST: security,perf: Allow further restriction of perf_event_open
When kernel.perf_event_open is set to 3 (or greater), disallow all
access to performance events by users without CAP_SYS_ADMIN.
Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that
makes this value the default.

This is based on a similar feature in grsecurity
(CONFIG_GRKERNSEC_PERF_HARDEN).  This version doesn't include making
the variable read-only.  It also allows enabling further restriction
at run-time regardless of whether the default is changed.

https://lkml.org/lkml/2016/1/11/587

Signed-off-by: Ben Hutchings <ben@decadent.org.uk>

Bug: 29054680
Change-Id: Iff5bff4fc1042e85866df9faa01bce8d04335ab8
2016-05-31 22:22:16 -07:00
..
apparmor apparmor: clarify CRYPTO dependency 2015-10-22 11:11:28 +11:00
integrity mm, page_alloc: rename __GFP_WAIT to __GFP_RECLAIM 2015-11-06 17:50:42 -08:00
keys UPSTREAM: KEYS: Fix keyring ref leak in join_session_keyring() 2016-02-16 13:54:23 -08:00
selinux quick selinux support for tracefs 2016-04-28 14:06:30 +08:00
smack Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net 2015-11-10 18:11:41 -08:00
tomoyo LSM: Switch to lists of hooks 2015-05-12 15:00:41 +10:00
yama Adding YAMA hooks also when YAMA is not stacked. 2015-08-04 01:36:18 +10:00
commoncap.c security: Add proper checks for Android specific capability checks 2016-02-16 13:53:55 -08:00
device_cgroup.c security/device_cgroup: Fix RCU_LOCKDEP_WARN() condition 2015-09-03 18:13:10 -07:00
inode.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-07-04 19:36:06 -07:00
Kconfig FROMLIST: security,perf: Allow further restriction of perf_event_open 2016-05-31 22:22:16 -07:00
lsm_audit.c Merge branch 'next' of git://git.infradead.org/users/pcmoore/selinux into next 2015-08-15 13:29:57 +10:00
Makefile LSM: Switch to lists of hooks 2015-05-12 15:00:41 +10:00
min_addr.c mmap_min_addr check CAP_SYS_RAWIO only for write 2010-04-23 08:56:31 +10:00
security.c Merge branch 'next' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security 2015-09-08 12:41:25 -07:00