From: Sudeep Holla <sudeep.holla@arm.com>
To: Mark Brown <broonie@kernel.org>
Cc: Mauro Carvalho Chehab <mchehab+samsung@kernel.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
ksummit <Ksummit-discuss@lists.linuxfoundation.org>
Subject: Re: [Ksummit-discuss] [MAINTAINERS SUMMIT] Moving debugfs file systems into sysfs
Date: Wed, 3 Oct 2018 15:52:55 +0100 [thread overview]
Message-ID: <20181003145255.GC12570@e107155-lin> (raw)
In-Reply-To: <20181003131353.GB7132@sirena.org.uk>
On Wed, Oct 03, 2018 at 02:13:53PM +0100, Mark Brown wrote:
> On Wed, Oct 03, 2018 at 11:06:33AM +0100, Sudeep Holla wrote:
> > On Tue, Oct 02, 2018 at 06:37:43PM -0300, Mauro Carvalho Chehab wrote:
>
> > > Even if it won't be possible to crash the Kernel or escalate
> > > privileges, I suspect that several stuff in debugfs should never
> > > be enabled on production systems, as they may reveal things like
> > > memory addresses and other stuff that could be used to help someone
> > > to crack a system.
>
> > I completely agree with that. Recently I reviewed patches to support
> > power management on some ARM platforms which had complete system clock
> > control in debugfs. It even had access to many system controls that it
> > can send to remote system control processor which we really don't want
> > in production systems.
>
> This is why I've always strongly resisted making it possible to write to
> the regmap or regulator debugfs files; there is code for writing to the
> regmap ones but you need to patch the kernel to enable it.
Ah, that's better. Next time I see anything around debugfs where
restricting write is a must, I will suggest something on similar lines
so that they need that extra tiny patch to get it enabled. Thanks for
the pointers.
--
Regards,
Sudeep
next prev parent reply other threads:[~2018-10-03 14:52 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-01 18:04 [Ksummit-discuss] [MAINTAINERS SUMMIT] Moving debugfs file systems into sysfs Steven Rostedt
2018-10-02 1:18 ` Greg KH
2018-10-02 1:26 ` Greg KH
2018-10-02 13:07 ` Steven Rostedt
2018-10-02 14:59 ` Olof Johansson
2018-10-02 16:00 ` Shuah Khan
2018-10-02 16:17 ` Greg Kroah-Hartman
2018-10-02 16:30 ` Greg Kroah-Hartman
2018-10-02 21:37 ` Mauro Carvalho Chehab
2018-10-02 21:57 ` Shuah Khan
2018-10-02 22:22 ` Greg Kroah-Hartman
2018-10-03 12:59 ` Jan Kara
2018-10-03 13:40 ` Greg Kroah-Hartman
2018-10-03 13:44 ` Jiri Kosina
2018-10-03 14:32 ` Greg Kroah-Hartman
2018-10-03 14:33 ` Greg Kroah-Hartman
2018-10-04 11:50 ` Jiri Kosina
2018-10-03 14:53 ` Jan Kara
2018-10-04 16:11 ` Takashi Iwai
2018-10-03 14:11 ` Shuah Khan
2018-10-03 10:06 ` Sudeep Holla
2018-10-03 13:13 ` Mark Brown
2018-10-03 14:52 ` Sudeep Holla [this message]
2018-10-02 8:40 ` Jani Nikula
2018-10-02 13:11 ` Steven Rostedt
2018-10-02 21:32 ` Mauro Carvalho Chehab
2018-10-03 6:23 ` Jani Nikula
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181003145255.GC12570@e107155-lin \
--to=sudeep.holla@arm.com \
--cc=Ksummit-discuss@lists.linuxfoundation.org \
--cc=broonie@kernel.org \
--cc=gregkh@linuxfoundation.org \
--cc=mchehab+samsung@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.