On Sat, 28 May 2022 13:41:41 +0200 Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote: > In what order does available_filter_functions print the symbols? > > The pending FGKASLR patches randomize kallsyms order and anything that > prints symbols in address order will be a security leak. Yes it is sorted, but tracefs is by default root accessible only. An admin can change the owner of it via normal chmod/chown permissions, but they get to keep the security pieces if they do. There's other things in tracefs that can pose security issues if unprivileged users are allowed to read, which is why the default permissions of files is rw-r----. Thus, I'm not worried about it. And why the security paranoid can always lockdown tracing, which will completely disable tracefs and access to all its files. -- Steve
