From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH 10/11] Kernel: Disable function and stack tracers
Date: Wed, 23 Mar 2022 17:56:23 +0000
Message-ID: <48652A27-7A68-46AC-B08F-D3E25D4539E6@ipfire.org>
In-Reply-To: <6400eeaa-f3c2-e423-e0f1-c58431f89228@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4542160990409837128=="
List-Id: <development.lists.ipfire.org>

--===============4542160990409837128==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Could you please verify that powertop does not need any of these?

> On 19 Mar 2022, at 21:11, Peter M=C3=BCller <peter.mueller(a)ipfire.org> wr=
ote:
>=20
> grsecurity recommends to disable this on non-development systems for
> reducing attack surface. Since we never debug the kernel that deeply on
> a productive system, it makes sense to follow this recommendation.
>=20
> Signed-off-by: Peter M=C3=BCller <peter.mueller(a)ipfire.org>
> ---
> config/kernel/kernel.config.aarch64-ipfire | 13 ++-----------
> config/kernel/kernel.config.armv6l-ipfire  | 13 ++-----------
> config/kernel/kernel.config.riscv64-ipfire | 13 ++-----------
> config/kernel/kernel.config.x86_64-ipfire  | 17 ++---------------
> 4 files changed, 8 insertions(+), 48 deletions(-)
>=20
> diff --git a/config/kernel/kernel.config.aarch64-ipfire b/config/kernel/ker=
nel.config.aarch64-ipfire
> index 0fcbed4a2..5bd15cc48 100644
> --- a/config/kernel/kernel.config.aarch64-ipfire
> +++ b/config/kernel/kernel.config.aarch64-ipfire
> @@ -126,8 +126,6 @@ CONFIG_TREE_RCU=3Dy
> # CONFIG_RCU_EXPERT is not set
> CONFIG_SRCU=3Dy
> CONFIG_TREE_SRCU=3Dy
> -CONFIG_TASKS_RCU_GENERIC=3Dy
> -CONFIG_TASKS_RUDE_RCU=3Dy
> CONFIG_RCU_STALL_COMMON=3Dy
> CONFIG_RCU_NEED_SEGCBLIST=3Dy
> # end of RCU Subsystem
> @@ -7410,7 +7408,6 @@ CONFIG_PSTORE_DEFLATE_COMPRESS_DEFAULT=3Dy
> CONFIG_PSTORE_COMPRESS_DEFAULT=3D"deflate"
> # CONFIG_PSTORE_CONSOLE is not set
> # CONFIG_PSTORE_PMSG is not set
> -# CONFIG_PSTORE_FTRACE is not set
> # CONFIG_PSTORE_RAM is not set
> # CONFIG_PSTORE_BLK is not set
> # CONFIG_SYSV_FS is not set
> @@ -8166,12 +8163,8 @@ CONFIG_GENERIC_TRACER=3Dy
> CONFIG_TRACING_SUPPORT=3Dy
> CONFIG_FTRACE=3Dy
> # CONFIG_BOOTTIME_TRACING is not set
> -CONFIG_FUNCTION_TRACER=3Dy
> -CONFIG_FUNCTION_GRAPH_TRACER=3Dy
> -CONFIG_DYNAMIC_FTRACE=3Dy
> -CONFIG_DYNAMIC_FTRACE_WITH_REGS=3Dy
> -CONFIG_FUNCTION_PROFILER=3Dy
> -CONFIG_STACK_TRACER=3Dy
> +# CONFIG_FUNCTION_TRACER is not set
> +# CONFIG_STACK_TRACER is not set
> # CONFIG_IRQSOFF_TRACER is not set
> CONFIG_SCHED_TRACER=3Dy
> # CONFIG_HWLAT_TRACER is not set
> @@ -8186,7 +8179,6 @@ CONFIG_BRANCH_PROFILE_NONE=3Dy
> CONFIG_UPROBE_EVENTS=3Dy
> CONFIG_DYNAMIC_EVENTS=3Dy
> CONFIG_PROBE_EVENTS=3Dy
> -CONFIG_FTRACE_MCOUNT_RECORD=3Dy
> CONFIG_FTRACE_MCOUNT_USE_PATCHABLE_FUNCTION_ENTRY=3Dy
> # CONFIG_SYNTH_EVENTS is not set
> # CONFIG_HIST_TRIGGERS is not set
> @@ -8194,7 +8186,6 @@ CONFIG_FTRACE_MCOUNT_USE_PATCHABLE_FUNCTION_ENTRY=3Dy
> # CONFIG_TRACEPOINT_BENCHMARK is not set
> CONFIG_RING_BUFFER_BENCHMARK=3Dm
> # CONFIG_TRACE_EVAL_MAP_FILE is not set
> -# CONFIG_FTRACE_RECORD_RECURSION is not set
> # CONFIG_FTRACE_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS is not set
> diff --git a/config/kernel/kernel.config.armv6l-ipfire b/config/kernel/kern=
el.config.armv6l-ipfire
> index 468c74112..06010f893 100644
> --- a/config/kernel/kernel.config.armv6l-ipfire
> +++ b/config/kernel/kernel.config.armv6l-ipfire
> @@ -133,8 +133,6 @@ CONFIG_TREE_RCU=3Dy
> # CONFIG_RCU_EXPERT is not set
> CONFIG_SRCU=3Dy
> CONFIG_TREE_SRCU=3Dy
> -CONFIG_TASKS_RCU_GENERIC=3Dy
> -CONFIG_TASKS_RUDE_RCU=3Dy
> CONFIG_RCU_STALL_COMMON=3Dy
> CONFIG_RCU_NEED_SEGCBLIST=3Dy
> # end of RCU Subsystem
> @@ -7414,7 +7412,6 @@ CONFIG_PSTORE_DEFLATE_COMPRESS_DEFAULT=3Dy
> CONFIG_PSTORE_COMPRESS_DEFAULT=3D"deflate"
> # CONFIG_PSTORE_CONSOLE is not set
> # CONFIG_PSTORE_PMSG is not set
> -# CONFIG_PSTORE_FTRACE is not set
> # CONFIG_PSTORE_RAM is not set
> # CONFIG_PSTORE_BLK is not set
> # CONFIG_SYSV_FS is not set
> @@ -8132,12 +8129,8 @@ CONFIG_GENERIC_TRACER=3Dy
> CONFIG_TRACING_SUPPORT=3Dy
> CONFIG_FTRACE=3Dy
> # CONFIG_BOOTTIME_TRACING is not set
> -CONFIG_FUNCTION_TRACER=3Dy
> -CONFIG_FUNCTION_GRAPH_TRACER=3Dy
> -CONFIG_DYNAMIC_FTRACE=3Dy
> -CONFIG_DYNAMIC_FTRACE_WITH_REGS=3Dy
> -CONFIG_FUNCTION_PROFILER=3Dy
> -CONFIG_STACK_TRACER=3Dy
> +# CONFIG_FUNCTION_TRACER is not set
> +# CONFIG_STACK_TRACER is not set
> # CONFIG_IRQSOFF_TRACER is not set
> CONFIG_SCHED_TRACER=3Dy
> # CONFIG_HWLAT_TRACER is not set
> @@ -8153,7 +8146,6 @@ CONFIG_BRANCH_PROFILE_NONE=3Dy
> CONFIG_UPROBE_EVENTS=3Dy
> CONFIG_DYNAMIC_EVENTS=3Dy
> CONFIG_PROBE_EVENTS=3Dy
> -CONFIG_FTRACE_MCOUNT_RECORD=3Dy
> CONFIG_FTRACE_MCOUNT_USE_RECORDMCOUNT=3Dy
> # CONFIG_SYNTH_EVENTS is not set
> # CONFIG_HIST_TRIGGERS is not set
> @@ -8161,7 +8153,6 @@ CONFIG_FTRACE_MCOUNT_USE_RECORDMCOUNT=3Dy
> # CONFIG_TRACEPOINT_BENCHMARK is not set
> CONFIG_RING_BUFFER_BENCHMARK=3Dm
> # CONFIG_TRACE_EVAL_MAP_FILE is not set
> -# CONFIG_FTRACE_RECORD_RECURSION is not set
> # CONFIG_FTRACE_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS is not set
> diff --git a/config/kernel/kernel.config.riscv64-ipfire b/config/kernel/ker=
nel.config.riscv64-ipfire
> index de975e3f0..6b0aa466f 100644
> --- a/config/kernel/kernel.config.riscv64-ipfire
> +++ b/config/kernel/kernel.config.riscv64-ipfire
> @@ -119,8 +119,6 @@ CONFIG_TREE_RCU=3Dy
> # CONFIG_RCU_EXPERT is not set
> CONFIG_SRCU=3Dy
> CONFIG_TREE_SRCU=3Dy
> -CONFIG_TASKS_RCU_GENERIC=3Dy
> -CONFIG_TASKS_RUDE_RCU=3Dy
> CONFIG_RCU_STALL_COMMON=3Dy
> CONFIG_RCU_NEED_SEGCBLIST=3Dy
> # end of RCU Subsystem
> @@ -6047,7 +6045,6 @@ CONFIG_PSTORE_DEFLATE_COMPRESS_DEFAULT=3Dy
> CONFIG_PSTORE_COMPRESS_DEFAULT=3D"deflate"
> # CONFIG_PSTORE_CONSOLE is not set
> # CONFIG_PSTORE_PMSG is not set
> -# CONFIG_PSTORE_FTRACE is not set
> # CONFIG_PSTORE_RAM is not set
> # CONFIG_PSTORE_BLK is not set
> # CONFIG_SYSV_FS is not set
> @@ -6754,12 +6751,8 @@ CONFIG_GENERIC_TRACER=3Dy
> CONFIG_TRACING_SUPPORT=3Dy
> CONFIG_FTRACE=3Dy
> # CONFIG_BOOTTIME_TRACING is not set
> -CONFIG_FUNCTION_TRACER=3Dy
> -CONFIG_FUNCTION_GRAPH_TRACER=3Dy
> -CONFIG_DYNAMIC_FTRACE=3Dy
> -CONFIG_DYNAMIC_FTRACE_WITH_REGS=3Dy
> -CONFIG_FUNCTION_PROFILER=3Dy
> -CONFIG_STACK_TRACER=3Dy
> +# CONFIG_FUNCTION_TRACER is not set
> +# CONFIG_STACK_TRACER is not set
> # CONFIG_IRQSOFF_TRACER is not set
> CONFIG_SCHED_TRACER=3Dy
> # CONFIG_HWLAT_TRACER is not set
> @@ -6774,14 +6767,12 @@ CONFIG_BRANCH_PROFILE_NONE=3Dy
> CONFIG_UPROBE_EVENTS=3Dy
> CONFIG_DYNAMIC_EVENTS=3Dy
> CONFIG_PROBE_EVENTS=3Dy
> -CONFIG_FTRACE_MCOUNT_RECORD=3Dy
> CONFIG_FTRACE_MCOUNT_USE_RECORDMCOUNT=3Dy
> # CONFIG_SYNTH_EVENTS is not set
> # CONFIG_TRACE_EVENT_INJECT is not set
> # CONFIG_TRACEPOINT_BENCHMARK is not set
> CONFIG_RING_BUFFER_BENCHMARK=3Dm
> # CONFIG_TRACE_EVAL_MAP_FILE is not set
> -# CONFIG_FTRACE_RECORD_RECURSION is not set
> # CONFIG_FTRACE_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS is not set
> diff --git a/config/kernel/kernel.config.x86_64-ipfire b/config/kernel/kern=
el.config.x86_64-ipfire
> index 42275d26f..eee5e4a55 100644
> --- a/config/kernel/kernel.config.x86_64-ipfire
> +++ b/config/kernel/kernel.config.x86_64-ipfire
> @@ -146,8 +146,6 @@ CONFIG_TREE_RCU=3Dy
> # CONFIG_RCU_EXPERT is not set
> CONFIG_SRCU=3Dy
> CONFIG_TREE_SRCU=3Dy
> -CONFIG_TASKS_RCU_GENERIC=3Dy
> -CONFIG_TASKS_RUDE_RCU=3Dy
> CONFIG_RCU_STALL_COMMON=3Dy
> CONFIG_RCU_NEED_SEGCBLIST=3Dy
> # end of RCU Subsystem
> @@ -476,7 +474,6 @@ CONFIG_LEGACY_VSYSCALL_NONE=3Dy
> # CONFIG_CMDLINE_BOOL is not set
> # CONFIG_MODIFY_LDT_SYSCALL is not set
> CONFIG_HAVE_LIVEPATCH=3Dy
> -# CONFIG_LIVEPATCH is not set
> # end of Processor type and features
>=20
> CONFIG_ARCH_HAS_ADD_PAGES=3Dy
> @@ -6823,7 +6820,6 @@ CONFIG_PSTORE_DEFLATE_COMPRESS_DEFAULT=3Dy
> CONFIG_PSTORE_COMPRESS_DEFAULT=3D"deflate"
> # CONFIG_PSTORE_CONSOLE is not set
> # CONFIG_PSTORE_PMSG is not set
> -# CONFIG_PSTORE_FTRACE is not set
> # CONFIG_PSTORE_RAM is not set
> # CONFIG_PSTORE_BLK is not set
> # CONFIG_SYSV_FS is not set
> @@ -7604,14 +7600,8 @@ CONFIG_GENERIC_TRACER=3Dy
> CONFIG_TRACING_SUPPORT=3Dy
> CONFIG_FTRACE=3Dy
> # CONFIG_BOOTTIME_TRACING is not set
> -CONFIG_FUNCTION_TRACER=3Dy
> -CONFIG_FUNCTION_GRAPH_TRACER=3Dy
> -CONFIG_DYNAMIC_FTRACE=3Dy
> -CONFIG_DYNAMIC_FTRACE_WITH_REGS=3Dy
> -CONFIG_DYNAMIC_FTRACE_WITH_DIRECT_CALLS=3Dy
> -CONFIG_DYNAMIC_FTRACE_WITH_ARGS=3Dy
> -CONFIG_FUNCTION_PROFILER=3Dy
> -CONFIG_STACK_TRACER=3Dy
> +# CONFIG_FUNCTION_TRACER is not set
> +# CONFIG_STACK_TRACER is not set
> # CONFIG_IRQSOFF_TRACER is not set
> CONFIG_SCHED_TRACER=3Dy
> # CONFIG_HWLAT_TRACER is not set
> @@ -7627,15 +7617,12 @@ CONFIG_BRANCH_PROFILE_NONE=3Dy
> CONFIG_UPROBE_EVENTS=3Dy
> CONFIG_DYNAMIC_EVENTS=3Dy
> CONFIG_PROBE_EVENTS=3Dy
> -CONFIG_FTRACE_MCOUNT_RECORD=3Dy
> -CONFIG_FTRACE_MCOUNT_USE_CC=3Dy
> # CONFIG_SYNTH_EVENTS is not set
> # CONFIG_HIST_TRIGGERS is not set
> # CONFIG_TRACE_EVENT_INJECT is not set
> # CONFIG_TRACEPOINT_BENCHMARK is not set
> CONFIG_RING_BUFFER_BENCHMARK=3Dm
> # CONFIG_TRACE_EVAL_MAP_FILE is not set
> -# CONFIG_FTRACE_RECORD_RECURSION is not set
> # CONFIG_FTRACE_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_STARTUP_TEST is not set
> # CONFIG_RING_BUFFER_VALIDATE_TIME_DELTAS is not set
> --=20
> 2.34.1


--===============4542160990409837128==--