ANDROID: kernel/configs: base: restrict access to perf events

Add: CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y to android-base.cfg The kernel.perf_event_paranoid sysctl is set to 3 by default. No unprivileged use of the perf_event_open syscall will be permitted unless it is changed. Bug: 29054680 Change-Id: Ie7512259150e146d8e382dc64d40e8faaa438917 Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
2026-06-07 19:30:30 +09:00 · 2016-06-01 13:44:47 -07:00
parent c88356f9db
commit 270ef0c00a
1 changed files with 1 additions and 0 deletions
--- a/kernel/configs/android-base.config
+++ b/kernel/configs/android-base.config
@@ -139,6 +139,7 @@ CONFIG_RT_GROUP_SCHED=y
 CONFIG_SECCOMP=y
 CONFIG_SECURITY=y
 CONFIG_SECURITY_NETWORK=y
+CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
 CONFIG_SECURITY_SELINUX=y
 CONFIG_SETEND_EMULATION=y
 CONFIG_STAGING=y