>> Should this not also have a capability check. Assuming file permissions >> are sufficient for grabbing a chunk of system memory holding error >> info doesn't seem too scary but it's at odds with a lot of other cases ? > > At least one of those other cases (pstore) added a capability check and now > regret > it. There's a thread on reverting it. Look for: > > Revert "pstore: Honor dmesg_restrict sysctl on dmesg dumps"
Here's at least part of that thread: https://marc.info/?l=linux-kernel&m=150301241114262&w=2 Kees: you were OK with removing the capability check from pstore, right? I'm now adding another place to access a blob of memory containing crash information from the previous kernel (pointed at by the ACPI BERT record). -Tony
