Date: Thu, 12 May 2011 17:08:45 -0400 (EDT)
Message-Id: <20110512.170845.1074260586094306244.davem@davemloft.net>
To: mingo@elte.hu
Cc: torvalds@linux-foundation.org, eranian@google.com, acme@redhat.com,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH] vsprintf: Turn kptr_restrict off by default
From: David Miller <davem@davemloft.net>
In-Reply-To: <20110512210028.GA16600@elte.hu>
References: <BANLkTi==OatTqfDbnAmHQA0t2DmokEd-CA@mail.gmail.com>
	<20110512.164319.1770509419224900253.davem@davemloft.net>
	<20110512210028.GA16600@elte.hu>
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 1048
Lines: 28

From: Ingo Molnar <mingo@elte.hu>
Date: Thu, 12 May 2011 23:00:28 +0200

> Subject: vsprintf: Turn kptr_restrict off by default
> 
> kptr_restrict has been triggering bugs in apps such as perf, and it also makes 
> the system less useful by default, so turn it off by default.
> 
> This is how we generally handle security features that remove functionality, 
> such as firewall code or SELinux - they have to be configured and activated 
> from user-space.
> 
> Distributions can turn kptr_restrict on again via this line in 
> /etc/sysctrl.conf:
> 
> kernel.kptr_restrict = 1
> 
> ( Also mark the variable __read_mostly while at it, as it's typically modified 
>   only once per bootup, or not at all. )
> 
> Signed-off-by: Ingo Molnar <mingo@elte.hu>

Acked-by: David S. Miller <davem@davemloft.net>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/