shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-04-03 03:33:01 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
79ef30f702fecf080fb09235560aac2358e2d404
linux/kernel
History
Jeff Vander Stoep 8e5e42d5ae ANDROID: security,perf: Allow further restriction of perf_event_open 
When kernel.perf_event_open is set to 3 (or greater), disallow all
access to performance events by users without CAP_SYS_ADMIN.
Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that
makes this value the default.

This is based on a similar feature in grsecurity
(CONFIG_GRKERNSEC_PERF_HARDEN).  This version doesn't include making
the variable read-only.  It also allows enabling further restriction
at run-time regardless of whether the default is changed.

https://lkml.org/lkml/2016/1/11/587

Bug: 29054680
Bug: 120445712
Change-Id: Iff5bff4fc1042e85866df9faa01bce8d04335ab8
[jeffv: Upstream doesn't want it https://lkml.org/lkml/2016/6/17/101]
Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
2018-12-05 09:48:13 -08:00
..
bpf
bpf: fix bpf_prog_get_info_by_fd to return 0 func_lens for unpriv
2018-11-27 16:13:03 +01:00
cgroup
CHROMIUM: cgroups: relax permissions on moving tasks between cgroups
2018-12-05 09:48:12 -08:00
configs
kconfig: tinyconfig: remove stale stack protector fixups
2018-06-15 07:15:28 +09:00
debug
kdb: print real address of pointers instead of hashed addresses
2018-11-21 09:19:23 +01:00
dma
dma-mapping: fix panic caused by passing empty cma command line argument
2018-11-13 11:08:17 -08:00
events
ANDROID: security,perf: Allow further restriction of perf_event_open
2018-12-05 09:48:13 -08:00
gcov
gcov: remove CONFIG_GCOV_FORMAT_AUTODETECT
2018-06-08 18:56:02 +09:00
irq
genirq: Fix race on spurious interrupt detection
2018-11-13 11:08:48 -08:00
livepatch
Merge branch 'for-4.19/upstream' into for-linus
2018-08-20 18:33:50 +02:00
locking
locking/lockdep: Fix debug_locks off performance problem
2018-11-13 11:08:20 -08:00
power
ANDROID: power: wakeup_reason: add an API to log wakeup reasons
2018-12-05 09:48:13 -08:00
printk
printk: Fix panic caused by passing log_buf_len to command line
2018-11-13 11:08:48 -08:00
rcu
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-08-13 11:25:07 -07:00
sched
ANDROID: trace: sched: add sched blocked tracepoint which dumps out context of sleep.
2018-12-05 09:48:12 -08:00
time
clocksource: Revert "Remove kthread"
2018-09-06 23:38:35 +02:00
trace
tracing/kprobes: Check the probe on unloaded module correctly
2018-11-21 09:19:09 +01:00
.gitignore
acct.c
kernel/acct.c: fix the acct->needcheck check in check_free_space()
2018-01-04 16:45:09 -08:00
async.c
kernel/async.c: revert "async: simplify lowest_in_progress()"
2018-02-06 18:32:44 -08:00
audit_fsnotify.c
fsnotify: add fsnotify_add_inode_mark() wrappers
2018-05-18 14:58:22 +02:00
audit_tree.c
Merge tag 'fsnotify_for_v4.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2018-08-17 09:41:28 -07:00
audit_watch.c
audit: fix use-after-free in audit_add_watch
2018-07-18 11:43:36 -04:00
audit.c
audit: use ktime_get_coarse_real_ts64() for timestamps
2018-07-17 14:45:08 -04:00
audit.h
audit: track the owner of the command mutex ourselves
2018-02-23 11:22:22 -05:00
auditfilter.c
audit: rename FILTER_TYPE to FILTER_EXCLUDE
2018-06-19 10:39:54 -04:00
auditsc.c
Merge tag 'audit-pr-20180814' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2018-08-15 10:46:54 -07:00
backtracetest.c
bounds.c
kbuild: fix kernel/bounds.c 'W=1' warning
2018-11-13 11:08:47 -08:00
capability.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
compat.c
time: Enable get/put_compat_itimerspec64 always
2018-06-24 14:39:47 +02:00
configs.c
Replace <asm/uaccess.h> with <linux/uaccess.h> globally
2016-12-24 11:46:01 -08:00
context_tracking.c
cpu_pm.c
PM / CPU: replace raw_notifier with atomic_notifier
2017-07-31 13:09:49 +02:00
cpu.c
ANDROID: cpu: send KOBJ_ONLINE event when enabling cpus
2018-12-05 09:48:12 -08:00
crash_core.c
kernel/crash_core.c: print timestamp using time64_t
2018-08-22 10:52:47 -07:00
crash_dump.c
cred.c
doc: ReSTify credentials.txt
2017-05-18 10:30:19 -06:00
delayacct.c
delayacct: Use raw_spinlocks
2018-04-27 14:34:51 +02:00
dma.c
proc: introduce proc_create_single{,_data}
2018-05-16 07:23:35 +02:00
elfcore.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
exec_domain.c
proc: introduce proc_create_single{,_data}
2018-05-16 07:23:35 +02:00
exit.c
signal: Pass pid type into group_send_sig_info
2018-07-21 12:57:35 -05:00
extable.c
extable: Make init_kernel_text() global
2018-02-21 16:54:06 +01:00
fail_function.c
bpf/error-inject/kprobes: Clear current_kprobe and enable preempt in kprobe
2018-06-21 12:33:19 +02:00
fork.c
mm: respect arch_dup_mmap() return value
2018-09-04 16:45:02 -07:00
freezer.c
PM / reboot: Eliminate race between reboot and suspend
2018-08-06 12:35:20 +02:00
futex_compat.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
futex.c
futex: Mark expected switch fall-throughs
2018-08-20 18:23:00 +02:00
groups.c
kernel: make groups_sort calling a responsibility group_info allocators
2017-12-14 16:00:49 -08:00
hung_task.c
kernel/hung_task.c: allow to set checking interval separately from timeout
2018-08-22 10:52:47 -07:00
iomem.c
memremap: split devm_memremap_pages() and memremap() infrastructure
2018-05-15 23:08:33 -07:00
irq_work.c
irq/work: Improve the flag definitions
2018-01-08 19:43:15 +01:00
jump_label.c
jump_label: Fix typo in warning message
2018-09-10 10:15:48 +02:00
kallsyms.c
kallsyms, x86: Export addresses of PTI entry trampolines
2018-08-14 19:12:29 -03:00
kcmp.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
Kconfig.freezer
Kconfig.hz
Kconfig.locks
locking/mutex: Allow MUTEX_SPIN_ON_OWNER when DEBUG_MUTEXES
2016-10-25 11:31:51 +02:00
Kconfig.preempt
kconfig: include kernel/Kconfig.preempt from init/Kconfig
2018-08-02 08:06:54 +09:00
kcov.c
sched/core / kcov: avoid kcov_area during task switch
2018-06-15 07:55:24 +09:00
kexec_core.c
kexec: yield to scheduler when loading kimage segments
2018-06-15 07:55:24 +09:00
kexec_file.c
treewide: Use array_size() in vzalloc()
2018-06-12 16:19:22 -07:00
kexec_internal.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
kexec.c
kexec: add call to LSM hook in original kexec_load syscall
2018-07-16 12:31:57 -07:00
kmod.c
kmod: move #ifdef CONFIG_MODULES wrapper to Makefile
2017-09-08 18:26:51 -07:00
kprobes.c
kprobes: Return error if we fail to reuse kprobe instead of BUG_ON()
2018-11-13 11:08:28 -08:00
ksysfs.c
kexec: move vmcoreinfo out of the kernel's .bss section
2017-07-12 16:25:59 -07:00
kthread.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-08-13 11:25:07 -07:00
latencytop.c
sched/headers: Prepare to move sched_info_on() and force_schedstat_enabled() from <linux/sched.h> to <linux/sched/stat.h>
2017-03-02 08:42:39 +01:00
Makefile
kbuild: move bin2c back to scripts/ from scripts/basic/
2018-07-18 01:18:05 +09:00
memremap.c
Merge tag 'libnvdimm-for-4.19_dax-memory-failure' of gitolite.kernel.org:pub/scm/linux/kernel/git/nvdimm/nvdimm
2018-08-25 18:43:59 -07:00
module_signing.c
modsign: log module name in the event of an error
2018-07-02 11:36:17 +02:00
module-internal.h
modsign: log module name in the event of an error
2018-07-02 11:36:17 +02:00
module.c
module: use relative references for __ksymtab entries
2018-08-22 10:52:47 -07:00
notifier.c
kernel/notifier.c: simplify expression
2017-02-24 17:46:56 -08:00
nsproxy.c
perf: Add PERF_RECORD_NAMESPACES to include namespaces related info
2017-03-13 15:57:41 -03:00
padata.c
padata: add SPDX identifier
2018-01-05 18:43:00 +11:00
panic.c
Kbuild: rename CC_STACKPROTECTOR[_STRONG] config variables
2018-06-14 12:21:18 +09:00
params.c
kernel/params.c: downgrade warning for unsafe parameters
2018-04-11 10:28:37 -07:00
pid_namespace.c
Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace
2018-04-03 19:15:32 -07:00
pid.c
fork: report pid exhaustion correctly
2018-09-20 22:01:11 +02:00
profile.c
sched/headers: Prepare to move sched_info_on() and force_schedstat_enabled() from <linux/sched.h> to <linux/sched/stat.h>
2017-03-02 08:42:39 +01:00
ptrace.c
pids: introduce find_get_task_by_vpid() helper
2018-02-06 18:32:46 -08:00
range.c
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
reboot.c
PM / reboot: Eliminate race between reboot and suspend
2018-08-06 12:35:20 +02:00
relay.c
kernel/relay.c: change return type to vm_fault_t
2018-06-15 07:55:24 +09:00
resource.c
Merge tag 'libnvdimm-for-4.18' of git://git.kernel.org/pub/scm/linux/kernel/git/nvdimm/nvdimm
2018-06-08 17:21:52 -07:00
rseq.c
rseq: uapi: Declare rseq_cs field as union, update includes
2018-07-10 22:18:52 +02:00
seccomp.c
Merge tag 'audit-pr-20180605' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/audit
2018-06-06 16:34:00 -07:00
signal.c
signal: Guard against negative signal numbers in copy_siginfo_from_user32
2018-11-13 11:08:45 -08:00
smp.c
cpu/hotplug: Fix SMT supported evaluation
2018-08-07 12:25:30 +02:00
smpboot.c
smpboot: Remove cpumask from the API
2018-07-03 09:20:44 +02:00
smpboot.h
License cleanup: add SPDX GPL-2.0 license identifier to files with no license
2017-11-02 11:10:55 +01:00
softirq.c
nohz: Fix missing tick reprogram when interrupting an inline softirq
2018-08-03 15:52:10 +02:00
stacktrace.c
stacktrace/x86: add function for detecting reliable stack traces
2017-03-08 09:18:02 +01:00
stop_machine.c
Merge branch 'sched-core-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-08-13 11:25:07 -07:00
sys_ni.c
Merge branch 'core-rseq-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2018-06-10 10:17:09 -07:00
sys.c
ANDROID: mm: add a field to store names for private anonymous memory
2018-12-05 09:48:11 -08:00
sysctl_binary.c
staging: irda: remove remaining remants of irda code removal
2018-04-16 11:26:49 +02:00
sysctl.c
ANDROID: add extra free kbytes tunable
2018-12-05 09:48:12 -08:00
task_work.c
locking/barriers: Convert users of lockless_dereference() to READ_ONCE()
2017-12-17 13:57:15 +01:00
taskstats.c
pids: introduce find_get_task_by_vpid() helper
2018-02-06 18:32:46 -08:00
test_kprobes.c
kprobes: Remove jprobe API implementation
2018-06-21 12:33:05 +02:00
torture.c
torture: Keep old-school dmesg format
2018-06-25 11:30:10 -07:00
tracepoint.c
tracepoint: Fix tracepoint array element size mismatch
2018-10-17 15:35:29 -04:00
tsacct.c
sched/headers: Prepare to move cputime functionality from <linux/sched.h> into <linux/sched/cputime.h>
2017-03-02 08:42:39 +01:00
ucount.c
headers: untangle kmemleak.h from mm.h
2018-04-05 21:36:27 -07:00
uid16.c
fs: add do_fchownat(), ksys_fchown() helpers and ksys_{,l}chown() wrappers
2018-04-02 20:15:59 +02:00
uid16.h
kernel: provide ksys_*() wrappers for syscalls called by kernel/uid16.c
2018-04-02 20:15:30 +02:00
umh.c
umh: fix race condition
2018-06-07 16:56:28 -04:00
up.c
smp: Avoid using two cache lines for struct call_single_data
2017-08-29 15:14:38 +02:00
user_namespace.c
userns: also map extents in the reverse map to kernel IDs
2018-11-13 11:09:00 -08:00
user-return-notifier.c
user.c
userns: use irqsave variant of refcount_dec_and_lock()
2018-08-22 10:52:47 -07:00
utsname_sysctl.c
sys: don't hold uts_sem while accessing userspace memory
2018-08-11 02:05:53 -05:00
utsname.c
uts: create "struct uts_namespace" from kmem_cache
2018-04-11 10:28:35 -07:00
watchdog_hld.c
watchdog: Mark watchdog touch functions as notrace
2018-08-30 12:56:40 +02:00
watchdog.c
watchdog: Mark watchdog touch functions as notrace
2018-08-30 12:56:40 +02:00
workqueue_internal.h
workqueue: Set worker->desc to workqueue name by default
2018-05-18 08:47:13 -07:00
workqueue.c
watchdog: Mark watchdog touch functions as notrace
2018-08-30 12:56:40 +02:00