Hi Krzysztof, > Introduce a CAP_PERFMON check when accessing sysfs entries related to > local memory information. Also introduce a intel_memory_info_paranoid > sysctl parameter, which allows the administrator to control whether the > check is enforced. If we decide that this patch is neede, I think we should squash it with the first one to introduce a mechanism that can already be secured.
[...] > > +static u32 intel_memory_info_paranoid = 1; Maybe change that to "intel_memory_info_restrictive"? "Paranoid" relates to extreme fearfulness/paranoia/anxiety, which might seem a bit over the top :) Best Regards, Krzysztof
