From: Alexander Popov Date: Thu, 16 Feb 2023 16:11:38 +0000 (+0300) Subject: Add more info about perf_event_paranoid X-Git-Tag: v0.6.6~246 X-Git-Url: https://jxself.org/git/?a=commitdiff_plain;h=ef6fc4c03f26665b3db95935ed0316dcae603e53;p=kconfig-hardened-check.git Add more info about perf_event_paranoid Thanks to @izh1979 --- diff --git a/kconfig_hardened_check/__init__.py b/kconfig_hardened_check/__init__.py index 48df2fc..83ab1eb 100644 --- a/kconfig_hardened_check/__init__.py +++ b/kconfig_hardened_check/__init__.py @@ -13,7 +13,7 @@ # N.B. Hardening sysctls: # kernel.kptr_restrict=2 (or 1?) # kernel.dmesg_restrict=1 (also see the kconfig option) -# kernel.perf_event_paranoid=3 +# kernel.perf_event_paranoid=2 (or 3 with a custom patch, see https://lwn.net/Articles/696216/) # kernel.kexec_load_disabled=1 # kernel.yama.ptrace_scope=3 # user.max_user_namespaces=0