Jiri Kosina <jikos@xxxxxxxxxx> wrote: > > The idea is to prevent cryptographic data for filesystems and other things > > from being read out of the kernel memory as well as to prevent unauthorised > > modification of kernel memory. > > Then it would make sense to actually lock down dumping of registers / > function arguments (kprobes can currently do that, ftrace eventually could > as well I guess), but disabling the whole ftrace altogether seems like a > totally unnecessary overkill. That would be fine by me. I have a patch that locks down kprobes in this series. Steven says that ftrace might acquire the ability to dump registers in the future. David -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
