[PATCH] tracefs: Do not allocate and free proxy_ops for lockdown
torvalds at linux-foundation.org
Fri Oct 11 21:00:50 UTC 2019
On Fri, Oct 11, 2019 at 1:55 PM Steven Rostedt <rostedt at goodmis.org> wrote:
> I guess I can keep it this way. Thoughts?
That looks fine to me. I'm still not sure you actually need to do all
this, but it doesn't look _wrong_.
That said, I still do think that if things are locked down from the
very get-go, tracefs_create_file() shouldn't even create the files.
That's mostly an independent thing from the "what about if they exists
and things got locked down afterwards", though.
I do wonder about the whole "well, if you started tracing before
locking things down, don't you want to see the end results"?
More information about the Linux-security-module-archive