Merge "FROMLIST: security,perf: Allow further restriction of perf_event_open"

author: Linux Build Service Account <lnxbuild@localhost> 2016-09-19 23:27:58 -0700
committer: Gerrit - the friendly Code Review server <code-review@localhost> 2016-09-19 23:27:58 -0700
commit: b7d007f82edfd91d2fe1ad43985e18a72742ddb3 (patch)
tree: 145a0b16c0198520c20f3ec7996b531a1f01d170 /security
parent: f6ee052d8011b249e34d782e018bfa222b78a8e3 (diff)
parent: 1a565f59cb3b227e0c7c1c5b58951aed5a27b5d6 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/security/Kconfig b/security/Kconfig
index 18568c21e564..c4f83485bc1f 100644
--- a/security/Kconfig
+++ b/security/Kconfig
@@ -23,6 +23,15 @@ config SECURITY_DMESG_RESTRICT
 
 	  If you are unsure how to answer this question, answer N.
 
+config SECURITY_PERF_EVENTS_RESTRICT
+	bool "Restrict unprivileged use of performance events"
+	depends on PERF_EVENTS
+	help
+	  If you say Y here, the kernel.perf_event_paranoid sysctl
+	  will be set to 3 by default, and no unprivileged use of the
+	  perf_event_open syscall will be permitted unless it is
+	  changed.
+
 config SECURITY
 	bool "Enable different security models"
 	depends on SYSFS
author	Linux Build Service Account <lnxbuild@localhost>	2016-09-19 23:27:58 -0700
committer	Gerrit - the friendly Code Review server <code-review@localhost>	2016-09-19 23:27:58 -0700
commit	b7d007f82edfd91d2fe1ad43985e18a72742ddb3 (patch)
tree	145a0b16c0198520c20f3ec7996b531a1f01d170 /security
parent	f6ee052d8011b249e34d782e018bfa222b78a8e3 (diff)
parent	1a565f59cb3b227e0c7c1c5b58951aed5a27b5d6 (diff)