From: Steven Rostedt <rostedt@goodmis.org>
To: Peter Zijlstra <peterz@infradead.org>
Cc: LKML <linux-kernel@vger.kernel.org>,
Ingo Molnar <mingo@kernel.org>,
Andrii Nakryiko <andrii.nakryiko@gmail.com>,
Masami Hiramatsu <mhiramat@kernel.org>,
Jiri Olsa <jolsa@kernel.org>, Alexei Starovoitov <ast@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Networking <netdev@vger.kernel.org>, bpf <bpf@vger.kernel.org>,
Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
Yonghong Song <yhs@fb.com>,
John Fastabend <john.fastabend@gmail.com>,
KP Singh <kpsingh@chromium.org>,
x86@kernel.org
Subject: Re: [PATCH v4] ftrace: Add FTRACE_MCOUNT_MAX_OFFSET to avoid adding weak function
Date: Sat, 28 May 2022 08:52:40 -0400 [thread overview]
Message-ID: <20220528085240.6f9238f2@gandalf.local.home> (raw)
In-Reply-To: <YpIKdfPYrztMLOep@hirez.programming.kicks-ass.net>
On Sat, 28 May 2022 13:41:41 +0200
Peter Zijlstra <peterz@infradead.org> wrote:
> In what order does available_filter_functions print the symbols?
>
> The pending FGKASLR patches randomize kallsyms order and anything that
> prints symbols in address order will be a security leak.
Yes it is sorted, but tracefs is by default root accessible only.
An admin can change the owner of it via normal chmod/chown permissions, but
they get to keep the security pieces if they do.
There's other things in tracefs that can pose security issues if
unprivileged users are allowed to read, which is why the default permissions
of files is rw-r----.
Thus, I'm not worried about it. And why the security paranoid can always
lockdown tracing, which will completely disable tracefs and access to all
its files.
-- Steve
next prev parent reply other threads:[~2022-05-28 12:52 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-26 18:19 [PATCH v4] ftrace: Add FTRACE_MCOUNT_MAX_OFFSET to avoid adding weak function Steven Rostedt
2022-05-27 12:30 ` Steven Rostedt
2022-05-28 11:41 ` Peter Zijlstra
2022-05-28 12:52 ` Steven Rostedt [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-05-26 15:57 Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220528085240.6f9238f2@gandalf.local.home \
--to=rostedt@goodmis.org \
--cc=andrii.nakryiko@gmail.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=john.fastabend@gmail.com \
--cc=jolsa@kernel.org \
--cc=kafai@fb.com \
--cc=kpsingh@chromium.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mhiramat@kernel.org \
--cc=mingo@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=peterz@infradead.org \
--cc=songliubraving@fb.com \
--cc=x86@kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).