git.baikalelectronics.ru Git - kernel.git/commit

author	Andy Lutomirski <luto@kernel.org>
	Mon, 9 May 2016 22:48:51 +0000 (15:48 -0700)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Tue, 10 May 2016 00:57:12 +0000 (17:57 -0700)
commit	00adaf3dcf71ff01c27d0ab926bb7fabbe0aa467
tree	6e7ffbfc92345548730fb7b33f8168760f99fa28	tree \| snapshot
parent	28c7285a6d267a9d4cb079c25259f7d04e492b0f	commit \| diff

perf/core: Change the default paranoia level to 2

Allowing unprivileged kernel profiling lets any user dump follow kernel
control flow and dump kernel registers. This most likely allows trivial
kASLR bypassing, and it may allow other mischief as well. (Off the top
of my head, the PERF_SAMPLE_REGS_INTR output during /dev/urandom reads
could be quite interesting.)

Signed-off-by: Andy Lutomirski <luto@kernel.org>
Acked-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

Documentation/sysctl/kernel.txt		diff \| blob \| history
kernel/events/core.c		diff \| blob \| history