On Tue, 26 Jan 2021 10:59:12 -0600 Timur Tabi <timur@xxxxxxxxxx> wrote: > The only drawback to this idea is: what happens if distros start > enabling CONFIG_PRINTK_NEVER_HASH by default, just because it makes > debugging easier? I do believe distros should be more concerned about security than using this for making debugging easier. Perhaps we should add the same banner print if that config is set as trace_printk() has if it is detected in the kernel or a module: ********************************************************** ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** ** ** ** trace_printk() being used. Allocating extra memory. ** ** ** ** This means that this is a DEBUG kernel and it is ** ** unsafe for production use. ** ** ** ** If you see this message and you are not debugging ** ** the kernel, report this immediately to your vendor! ** ** ** ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** ********************************************************** But have: ********************************************************** ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** ** ** ** CONFIG_PRINTK_NEVER_HASH enabled ** ** ** ** This means that this is a DEBUG kernel and it is ** ** unsafe for production use. ** ** ** ** If you see this message and you are not debugging ** ** the kernel, report this immediately to your vendor! ** ** ** ** NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE NOTICE ** ********************************************************** The above appears to keep people from using trace_printk(), I don't see why it wouldn't work for this config ;-) -- Steve
