diff options
Diffstat (limited to 'sys-kernel/cairn-sources/files/5.10.10/hardened-patches/0067-enable-SECURITY_PERF_EVENTS_RESTRICT-by-default.patch')
| -rw-r--r-- | sys-kernel/cairn-sources/files/5.10.10/hardened-patches/0067-enable-SECURITY_PERF_EVENTS_RESTRICT-by-default.patch | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/sys-kernel/cairn-sources/files/5.10.10/hardened-patches/0067-enable-SECURITY_PERF_EVENTS_RESTRICT-by-default.patch b/sys-kernel/cairn-sources/files/5.10.10/hardened-patches/0067-enable-SECURITY_PERF_EVENTS_RESTRICT-by-default.patch new file mode 100644 index 000000000000..b986bc0a607e --- /dev/null +++ b/sys-kernel/cairn-sources/files/5.10.10/hardened-patches/0067-enable-SECURITY_PERF_EVENTS_RESTRICT-by-default.patch @@ -0,0 +1,25 @@ +From 749b43ce650a48c6c057cb39c00ddcdbb5fb455c Mon Sep 17 00:00:00 2001 +From: Daniel Micay <danielmicay@gmail.com> +Date: Thu, 4 May 2017 14:45:59 -0400 +Subject: [PATCH 067/113] enable SECURITY_PERF_EVENTS_RESTRICT by default + +Signed-off-by: Daniel Micay <danielmicay@gmail.com> +--- + security/Kconfig | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/security/Kconfig b/security/Kconfig +index c797326308f1..2348ff7d4e1d 100644 +--- a/security/Kconfig ++++ b/security/Kconfig +@@ -22,6 +22,7 @@ config SECURITY_DMESG_RESTRICT + config SECURITY_PERF_EVENTS_RESTRICT + bool "Restrict unprivileged use of performance events" + depends on PERF_EVENTS ++ default y + help + If you say Y here, the kernel.perf_event_paranoid sysctl + will be set to 3 by default, and no unprivileged use of the +-- +2.30.0 + |