On Fri, 2019-10-11 at 14:36 -0400, Steven Rostedt wrote: > On Fri, 11 Oct 2019 11:20:30 -0700 > Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > > > Willing to do that instead? > > Honestly, what you described was my preferred solution ;-) > > I just didn't want to upset the lockdown crowd if a new tracefs file > was opened without doing this. > > Once locked down is set, can it ever be undone without rebooting? [...] Earlier versions of the lockdown patch set added a magic SysRq command to turn it off. That's not currently present upstream but there may be plans to add it. Ben. -- Ben Hutchings It is easier to change the specification to fit the program than vice versa.
Attachment:
signature.asc
Description: This is a digitally signed message part
