git.baikalelectronics.ru Git - kernel.git/commit

author	Andy Lutomirski <luto@kernel.org>
	Mon, 9 May 2016 22:48:51 +0000 (15:48 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Tue, 10 May 2016 00:57:12 +0000 (17:57 -0700)
commit	5865892db7919f33d166d57a75b1e339f7645a40
tree	6e7ffbfc92345548730fb7b33f8168760f99fa28	tree \| snapshot
parent	714f6108c79957fcce2cbec31d30b8946401ba23	commit \| diff

perf/core: Change the default paranoia level to 2

Allowing unprivileged kernel profiling lets any user dump follow kernel
control flow and dump kernel registers. This most likely allows trivial
kASLR bypassing, and it may allow other mischief as well. (Off the top
of my head, the PERF_SAMPLE_REGS_INTR output during /dev/urandom reads
could be quite interesting.)

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Documentation/sysctl/kernel.txt		diff \| blob \| history
kernel/events/core.c		diff \| blob \| history