On Thu, Jun 16, 2016 at 03:27:55PM -0700, Kees Cook wrote: > Hi guys, > > This patch wasn't originally CCed to you (I'm fixing that now). Would > you consider taking this into the perf tree? No. > It's been in active use > in both Debian and Android for a while now. Very nice of you all to finally inform us I suppose :/ > >>> When kernel.perf_event_open is set to 3 (or greater), disallow all > >>> access to performance events by users without CAP_SYS_ADMIN. > >>> Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that > >>> makes this value the default. > >>> > >>> This is based on a similar feature in grsecurity > >>> (CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making > >>> the variable read-only. It also allows enabling further restriction > >>> at run-time regardless of whether the default is changed. This Changelog is completely devoid of information. _WHY_ are you doing this? Also, hate the CONFIG. -- To unsubscribe from this list: send the line "unsubscribe linux-doc" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
