Re: Patch 1/6 introduce sysctl

[Ingo Molnar]

* Pavel Machek <pavel@xxxxxx> wrote:

> Hi!
> 
> > This first patch of the series introduces a sysctl (default off) that
> > enables/disables the randomisation feature globally. Since randomisation may
> > make it harder to debug really tricky situations (reproducability goes
> > down), the sysadmin needs a way to disable it globally.
> 
> Well, for distribution vendors, seeing "these reports from users are
> same error" will becoe harder, too, and sysctl can not help there :-(.

this is true to a limited degree, but it's only part of the picture. 
When we first introduced address-space randomisation in Fedora 1 (almost
2 years ago) we were worried about this effect too, very much in fact. 

What happened is that the _debugging infrastructure_ improved. Fedora
introduced debug-info packages, so that we dont get any raw dumps of
bugs anymore - what we get are nice symbolic backtraces which are easy
to match up against each other.

also, we already have this effect in the mainline kernel - on P4's the
stack is already randomized. Also, prelink (even the non-randomized
variant) already creates a per-machine VM layout of libraries.

so, i'm glad to report, it's a non-issue. Sometimes developers want to
disable randomisation during development (quick'n'easy hacks get quicker
and easier - e.g. if you watch an address within gdb), so having the
capability for unprivileged users to disable randomisation on the fly is
useful and Fedora certainly offers that, but from a support and
bug-reporting POV it's not a problem.

	Ingo
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/