From: "Steven Rostedt (Google)" <rostedt@xxxxxxxxxxx> Having an agent connection listening on a network is not the safest thing to do. This would allow anyone from anywhere to contol and read tracing of the host. Instead, force the -N to at least take an IP hostname/address to only connect to. This way the agent will only connect to a single machine. Any task on that machine can control the agent, so the machine must be fully trusted. Also noticed that trace-cmd agent is missing a man page. Add that too with this change included in it. Depends on: https://patchwork.kernel.org/project/linux-trace-devel/cover/20220417184538.1044417-1-rostedt@xxxxxxxxxxx/ https://lore.kernel.org/r/20220417184538.1044417-1-rostedt@xxxxxxxxxxx Steven Rostedt (Google) (2): trace-cmd agent: Have -N take a host name trace-cmd agent: Add documentation Documentation/trace-cmd/trace-cmd-agent.1.txt | 60 +++++++++++++++++++ tracecmd/include/trace-local.h | 7 ++- tracecmd/trace-agent.c | 34 ++++++++--- tracecmd/trace-listen.c | 55 +++++++++++++++++ tracecmd/trace-record.c | 13 +++- tracecmd/trace-usage.c | 1 + 6 files changed, 158 insertions(+), 12 deletions(-) create mode 100644 Documentation/trace-cmd/trace-cmd-agent.1.txt -- 2.35.1
|