mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-12-30 01:46:30 -05:00
36 lines
991 B
Diff
36 lines
991 B
Diff
From 15c897f31ba18f67559d6b7f1a6afa855baa756c Mon Sep 17 00:00:00 2001
|
|
From: Jeff Vander Stoep <jeffv@google.com>
|
|
Date: Wed, 1 Jun 2016 13:44:47 -0700
|
|
Subject: ANDROID: restrict access to perf events
|
|
|
|
Add:
|
|
CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
|
|
|
|
to android-base.cfg
|
|
|
|
The kernel.perf_event_paranoid sysctl is set to 3 by default.
|
|
No unprivileged use of the perf_event_open syscall will be
|
|
permitted unless it is changed.
|
|
|
|
Bug: 29054680
|
|
Change-Id: Ie7512259150e146d8e382dc64d40e8faaa438917
|
|
---
|
|
android/configs/android-base.cfg | 1 +
|
|
1 file changed, 1 insertion(+)
|
|
|
|
diff --git a/android/configs/android-base.cfg b/android/configs/android-base.cfg
|
|
index 85e4a93..f820d56 100644
|
|
--- a/android/configs/android-base.cfg
|
|
+++ b/android/configs/android-base.cfg
|
|
@@ -143,6 +143,7 @@ CONFIG_RTC_CLASS=y
|
|
CONFIG_RT_GROUP_SCHED=y
|
|
CONFIG_SECURITY=y
|
|
CONFIG_SECURITY_NETWORK=y
|
|
+CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
|
|
CONFIG_SECURITY_SELINUX=y
|
|
CONFIG_SETEND_EMULATION=y
|
|
CONFIG_STAGING=y
|
|
--
|
|
cgit v1.1
|
|
|