On Wed, Mar 27, 2019 at 8:57 AM Steven Rostedt <rostedt@xxxxxxxxxxx> wrote: > > On Tue, 26 Mar 2019 11:27:35 -0700 > Matthew Garrett <matthewgarrett@xxxxxxxxxx> wrote: > > > From: David Howells <dhowells@xxxxxxxxxx> > > > > The testmmiotrace module shouldn't be permitted when the kernel is locked > > down as it can be used to arbitrarily read and write MMIO space. This is > > a runtime check rather than buildtime in order to allow configurations > > where the same kernel may be run in both locked down or permissive modes > > depending on local policy. > > > > Acked-by: Steven Rostedt (VMware) <rostedt@xxxxxxxxxxx> > > I'm curious. Should there be a mode to lockdown the tracefs directory > too? As that can expose addresses. That sounds like a reasonable thing to do in the confidentiality mode, I don't think it'd be necessary in the integrity mode.
