Commit 599bbba5 authored Apr 13, 2026 by Linus Torvalds

proc: make PROC_MEM_FORCE_PTRACE the Kconfig default



This kconfig option was introduced 18 months ago, with the historical
default of always allowing forcing memory permission overrides in order
to not change any existing behavior.

But it was documented as "for now", and this is a gentle nudge to people
that you probably _should_ be using PROC_MEM_FORCE_PTRACE.  I've had
that in my local kernel config since the option was introduced.

Anybody who just does "make oldconfig" will pick up their old
configuration with no change, so this is still meant to not change any
existing system behavior, but at least gently prod people into trying
it.

I'd love to get rid of FOLL_FORCE entirely (see commit 8ee74a91
"proc: try to remove use of FOLL_FORCE entirely" from roughly a decade
ago), but sadly that is likely not a realistic option (see commit
f511c0b1 "Yes, people use FOLL_FORCE ;)" three weeks later).

But at least let's make it more obvious that you have the choice to
limit it and force people to at least be a bit more conscious about
their use of FOLL_FORCE, since judging from a recent discussion people
weren't even aware of this one.

Reminded-by: Vova Tokarev <vladimirelitokarev@gmail.com>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

parent fdcbb1bc

security/Kconfig

+2 −4

Original line number	Diff line number	Diff line
		@@ -21,16 +21,14 @@ config SECURITY_DMESG_RESTRICT

		choice
		prompt "Allow /proc/pid/mem access override"
		default PROC_MEM_ALWAYS_FORCE
		default PROC_MEM_FORCE_PTRACE
		help
		Traditionally /proc/pid/mem allows users to override memory
		permissions for users like ptrace, assuming they have ptrace
		capability.

		This allows people to limit that - either never override, or
		require actual active ptrace attachment.

		Defaults to the traditional behavior (for now)
		require actual active ptrace attachment (default).

		config PROC_MEM_ALWAYS_FORCE
		bool "Traditional /proc/pid/mem behavior"