perf/core: Change the default paranoia level to 2

Allowing unprivileged kernel profiling lets any user dump follow kernel control flow and dump kernel registers. This most likely allows trivial kASLR bypassing, and it may allow other mischief as well. (Off the top of my head, the PERF_SAMPLE_REGS_INTR output during /dev/urandom reads could be quite interesting.) Signed-off-by: Andy Lutomirski <luto@kernel.org> Acked-by: Kees Cook <keescook@chromium.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
author: Andy Lutomirski <luto@kernel.org> 2016-05-09 22:48:51 (GMT)
committer: Linus Torvalds <torvalds@linux-foundation.org> 2016-05-10 00:57:12 (GMT)
commit: 0161028b7c8aebef64194d3d73e43bc3b53b5c66 (patch)
tree: 6e7ffbfc92345548730fb7b33f8168760f99fa28 /kernel/events/core.c
parent: 5c56b563b4486281bff80658194f0d1da6feba67 (diff)
download: linux-0161028b7c8aebef64194d3d73e43bc3b53b5c66.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/events/core.c b/kernel/events/core.c
index 4e2ebf6..c0ded24 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -351,7 +351,7 @@ static struct srcu_struct pmus_srcu;
  *   1 - disallow cpu events for unpriv
  *   2 - disallow kernel profiling for unpriv
  */
-int sysctl_perf_event_paranoid __read_mostly = 1;
+int sysctl_perf_event_paranoid __read_mostly = 2;
 
 /* Minimum for 512 kiB + 1 user control page */
 int sysctl_perf_event_mlock __read_mostly = 512 + (PAGE_SIZE / 1024); /* 'free' kiB per user */
author	Andy Lutomirski <luto@kernel.org>	2016-05-09 22:48:51 (GMT)
committer	Linus Torvalds <torvalds@linux-foundation.org>	2016-05-10 00:57:12 (GMT)
commit	0161028b7c8aebef64194d3d73e43bc3b53b5c66 (patch)
tree	6e7ffbfc92345548730fb7b33f8168760f99fa28 /kernel/events/core.c
parent	5c56b563b4486281bff80658194f0d1da6feba67 (diff)
download	linux-0161028b7c8aebef64194d3d73e43bc3b53b5c66.tar.xz