[PATCH] tracefs: Do not allocate and free proxy_ops for lockdown

Linus Torvalds torvalds at linux-foundation.org
Fri Oct 11 21:00:50 UTC 2019

On Fri, Oct 11, 2019 at 1:55 PM Steven Rostedt <rostedt at goodmis.org> wrote:
> I guess I can keep it this way. Thoughts?

That looks fine to me. I'm still not sure you actually need to do all
this, but it doesn't look _wrong_.

That said, I still do think that if things are locked down from the
very get-go, tracefs_create_file() shouldn't even create the files.

That's mostly an independent thing from the "what about if they exists
and things got locked down afterwards", though.

I do wonder about the whole "well, if you started tracing before
locking things down, don't you want to see the end results"?


More information about the Linux-security-module-archive mailing list