Re: [PATCH] tracefs: Do not allocate and free proxy_ops for lockdown

From: Ben Hutchings
Date: Fri Oct 11 2019 - 15:51:48 EST

On Fri, 2019-10-11 at 14:36 -0400, Steven Rostedt wrote:
> On Fri, 11 Oct 2019 11:20:30 -0700
> Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
> > Willing to do that instead?
> Honestly, what you described was my preferred solution ;-)
> I just didn't want to upset the lockdown crowd if a new tracefs file
> was opened without doing this.
> Once locked down is set, can it ever be undone without rebooting?

Earlier versions of the lockdown patch set added a magic SysRq command
to turn it off. That's not currently present upstream but there may be
plans to add it.


Ben Hutchings
It is easier to change the specification to fit the program
than vice versa.

Attachment: signature.asc
Description: This is a digitally signed message part