Commit 0ac94b48 authored Jun 01, 2016 by Jeff Vander Stoep

ANDROID: restrict access to perf events

Add:
CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y

to android-base.cfg

The kernel.perf_event_paranoid sysctl is set to 3 by default.
No unprivileged use of the perf_event_open syscall will be
permitted unless it is changed.

Bug: 29054680
Change-Id: Ie7512259150e146d8e382dc64d40e8faaa438917

parent 9d5f5d93

android/configs/android-base.cfg

+1 −0

Original line number	Diff line number	Diff line
		@@ -145,6 +145,7 @@ CONFIG_RTC_CLASS=y
		CONFIG_RT_GROUP_SCHED=y
		CONFIG_SECURITY=y
		CONFIG_SECURITY_NETWORK=y
		CONFIG_SECURITY_PERF_EVENTS_RESTRICT=y
		CONFIG_SECURITY_SELINUX=y
		CONFIG_SETEND_EMULATION=y
		CONFIG_STAGING=y