From Linus Torvalds <> Date Wed, 4 Oct 2017 09:29:16 -0700 Subject Re: [kernel-hardening] [RFC V2 0/6] add more kernel pointer filter options On Wed, Oct 4, 2017 at 9:22 AM, Boris Lukashev

<blukashev@sempervictus.com> wrote:

>

> When adding modules from outside the mainline tree (zfs, aufs, scst,

> etc), we would not be able to audit the source, and risk leaking

> sensitive pointers from those components if we dont filter them out

> this way or in a similar programmatic manner.



I call *COMPLETE* bullshit on that argument.



Non-mainlined source code is insecure, and printing some random

address is the *least* of the problems in it.



And the way to make it secure has absolutely nothing to do with printk strings.



Ask somebody about Android camera drivers some day.



Go away. Don't use this specious idiotic argument, all it does is to

make all your other arguments look stupid.



That said, they didn't need much help: ttalking about FDA and medical

equipment as an argument for some particular default value is another

sign that your arguments are UTTER SHIT.



If this is seriously the quality of excuses for this patch-series, I

never ever want to see those patches again.



Linus



