On Wed, 22 Jan 2020 15:12:25 +0100, Martin Pieuchot wrote: > dt(4) is a debugging interface that allows userland to read kernel > addresses. So its access should be restricted by default, just like > mem(4). > > Diff prevent opening the pseudo-device unless `allowkmem' is set.
Does it really make sense to reuse `allowkmem' for this? This will mean that in order to use dt(4) you also have to open up mem(4). I don't think that is desirable. If you want to disable dt(4) by default I think you are better off using a new sysctl knob. - todd
