Jeff Vander Stoep 6301d0d07c FROMLIST: security,perf: Allow further restriction of perf_event_open ... When kernel.perf_event_open is set to 3 (or greater), disallow all access to performance events by users without CAP_SYS_ADMIN. Add a Kconfig symbol CONFIG_SECURITY_PERF_EVENTS_RESTRICT that makes this value the default. This is based on a similar feature in grsecurity (CONFIG_GRKERNSEC_PERF_HARDEN). This version doesn't include making the variable read-only. It also allows enabling further restriction at run-time regardless of whether the default is changed. https://lkml.org/lkml/2016/1/11/587 Signed-off-by: Ben Hutchings <ben@decadent.org.uk> Bug: 29054680 Change-Id: Iff5bff4fc1042e85866df9faa01bce8d04335ab8		2016-06-20 19:00:29 +00:00
..
apparmor	nick kvfree() from apparmor	2014-11-18 15:13:23 -08:00
integrity	security: fix ima kconfig warning	2012-02-28 11:01:15 +11:00
keys	usermodehelper: kill umh_wait, renumber UMH_* constants	2012-03-23 16:58:41 -07:00
selinux	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00
smack	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00
tomoyo	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00
yama	Yama: add PR_SET_PTRACER_ANY	2012-02-16 10:25:18 +11:00
capability.c	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00
commoncap.c	Add PR_{GET,SET}_NO_NEW_PRIVS to prevent execve from granting privs	2014-10-31 19:46:07 -07:00
device_cgroup.c	cgroup: remove cgroup_subsys argument from callbacks	2012-02-02 09:20:22 -08:00
inode.c	securityfs: fix object creation races	2012-01-10 10:20:35 -05:00
Kconfig	FROMLIST: security,perf: Allow further restriction of perf_event_open	2016-06-20 19:00:29 +00:00
lsm_audit.c	security: lsm_audit: add ioctl specific auditing	2015-04-20 09:42:31 -07:00
Makefile	security: Yama LSM	2012-02-10 09:18:52 +11:00
min_addr.c	mmap_min_addr check CAP_SYS_RAWIO only for write	2010-04-23 08:56:31 +10:00
security.c	consitify do_mount() arguments	2015-07-13 11:17:52 -07:00