[RFC][PATCH] Lock down ftrace
David Howells
dhowells at redhat.com
Thu Nov 9 21:54:19 UTC 2017
Steven Rostedt <rostedt at goodmis.org> wrote:
> Actually, I see it being enabled with DYNAMIC_FTRACE not set. Calling
> into sysctl and enabling ftrace_enable, will allow the
> ftrace_trace_function to be set to something other than ftrace_stub
> again, allowing for static function tracing to run too.
Hmmm... Okay, I'm not sure what the sysctl achieves in non-dynamic mode.
Some of the functions used by ftrace_enable_sysctl() are stubbed out in that
case. I was thinking that was stubbed out also, but apparently not.
Anyway, ftrace_enable_sysctl() is also prohibited in lockdown mode.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list