From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: "Tobin C. Harding" <me@tobin.cc>,
Matt Fleming <matt@codeblueprint.co.uk>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
LKML <linux-kernel@vger.kernel.org>,
"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>
Subject: Re: [GIT PULL] hash addresses printed with %p
Date: Fri, 1 Dec 2017 09:47:54 +0000 [thread overview]
Message-ID: <20171201094754.GD9353@kroah.com> (raw)
In-Reply-To: <CA+55aFwvbR+6e7YrZ3Q+sYzJsRikJEAi1YsA49CQjWgsa7KTWQ@mail.gmail.com>
On Thu, Nov 30, 2017 at 06:17:47PM -0500, Linus Torvalds wrote:
> On Thu, Nov 30, 2017 at 12:10 PM, Greg Kroah-Hartman
> <gregkh@linuxfoundation.org> wrote:
> >
> > So changing it to use __ATTR() should fix this remaning leakage up.
> > That is if we even really need to export these values at all. What does
> > userspace do with them? Shouldn't they just be in debugfs instead?
>
> So what I find distasteful here is how sysfs has these "helper" macros
> that are clearly designed to over-share.
That is by design :)
> The __ATTR macro is a lot more complicated to use than the
> __ATTR_RO/WO/RW macros, but those macros end up giving everybody read
> access (ok, not the WO one)
>
> So honestly, I think the "helper" functions should be deprecated
> simply because they basically encourage people to make everything
> world-readable.
Almost all information in sysfs is designed to be world-readable. I
would argue that almost nothing there should be "root only", as sysfs is
not the place for trying to display "private" information at all. It is
designed to show a representation of the kernel's internal state of
things (device structure, driver options, firmware objects, etc.) All
of that information should be freely available to everyone (within the
namespace rules.)
To put root-only information in sysfs is not a good idea, which is why
those macros are there, to make it easy to do it right, and hard to
restrict information. If you need restrictions, you shouldn't be using
sysfs, as it's almost always something for debugging, and that's what
debugfs is for.
thanks,
greg k-h
prev parent reply other threads:[~2017-12-01 9:47 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20171129045927.GA6217@eros>
[not found] ` <CA+55aFzVy-SE9w1puPjgE1BxGje8oR3Ks9BDU7GXmvBYJfkCxw@mail.gmail.com>
[not found] ` <20171129210848.GF6217@eros>
[not found] ` <CA+55aFwjhjGZC9U68mo4hnnJXLWYxG3UYoz-=SwNfO-3N-Untg@mail.gmail.com>
2017-11-29 21:36 ` [GIT PULL] hash addresses printed with %p Linus Torvalds
[not found] ` <CA+55aFwPXV0sXb+edcQc4epz0pWustZgJsoq95=a3OEDxynq7g-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-11-30 16:32 ` Greg Kroah-Hartman
[not found] ` <20171130163235.GA27849-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2017-11-30 17:10 ` Greg Kroah-Hartman
[not found] ` <20171130171036.GB31817-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2017-11-30 17:18 ` Ard Biesheuvel
2017-12-01 9:48 ` Greg Kroah-Hartman
2017-12-01 9:54 ` Ard Biesheuvel
[not found] ` <CAKv+Gu-YyuE-Hs4MVPWfS8Exx0S6qo5sgV2VdO0MP5wEXSrM1Q-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-12-01 15:34 ` Greg Kroah-Hartman
[not found] ` <20171201153444.GA17867-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2017-12-01 16:33 ` Kees Cook
2017-12-02 8:51 ` Ard Biesheuvel
2017-12-02 22:22 ` Matt Fleming
[not found] ` <20171202222244.GA3799-mF/unelCI9GS6iBeEJttW/XRex20P6io@public.gmane.org>
2017-12-03 1:15 ` Dave Young
2017-12-04 2:02 ` Dave Young
2017-12-04 2:33 ` Joe Perches
[not found] ` <1512354837.6321.41.camel-6d6DIl74uiNBDgjK7y7TUQ@public.gmane.org>
2017-12-04 2:39 ` Dave Young
[not found] ` <20171204020216.GA2436-0VdLhd/A9Pl+NNSt+8eSiB/sF2h8X+2i0E9HWUfgJXw@public.gmane.org>
2017-12-04 7:36 ` Greg Kroah-Hartman
2017-12-04 9:29 ` Dave Young
[not found] ` <20171204092928.GA4421-0VdLhd/A9Pl+NNSt+8eSiB/sF2h8X+2i0E9HWUfgJXw@public.gmane.org>
2017-12-04 9:34 ` Greg Kroah-Hartman
2017-12-04 9:48 ` Ard Biesheuvel
[not found] ` <CAKv+Gu8iOF1BCpZEVRwT=_6FbXsK0ve7fiWKA5R0D5x2P5MavA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-12-04 9:59 ` Greg Kroah-Hartman
[not found] ` <20171204095936.GA10547-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2017-12-04 10:03 ` Ard Biesheuvel
2017-12-04 10:11 ` Greg Kroah-Hartman
2017-12-04 12:51 ` David Laight
[not found] ` <d455baafa3d44669a774c7d555c01416-1XygrNkDbNvwg4NCKwmqgw@public.gmane.org>
2017-12-04 14:00 ` Greg Kroah-Hartman
[not found] ` <20171204140012.GA8744-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2017-12-05 5:14 ` Dave Young
2017-12-05 8:09 ` Greg Kroah-Hartman
[not found] ` <20171205080957.GA18268-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2017-12-05 8:45 ` Dave Young
2017-12-05 8:52 ` Greg Kroah-Hartman
[not found] ` <20171205085219.GA16055-U8xfFu+wG4EAvxtiuMwx3w@public.gmane.org>
2017-12-05 9:25 ` Ard Biesheuvel
[not found] ` <CAKv+Gu9=4Rrgb3UgmP37LpTjd_xzZ2aVqA2KMAkek9Wxr8fSTA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-12-05 10:15 ` Greg Kroah-Hartman
2017-12-05 9:32 ` Dave Young
[not found] ` <20171205084537.GA5974-0VdLhd/A9Pl+NNSt+8eSiB/sF2h8X+2i0E9HWUfgJXw@public.gmane.org>
2017-12-05 9:24 ` Dave Young
[not found] ` <20171205092410.GA16190-0VdLhd/A9Pl+NNSt+8eSiB/sF2h8X+2i0E9HWUfgJXw@public.gmane.org>
2017-12-05 10:14 ` Greg Kroah-Hartman
2017-11-30 23:17 ` Linus Torvalds
2017-12-01 9:47 ` Greg Kroah-Hartman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171201094754.GD9353@kroah.com \
--to=gregkh@linuxfoundation.org \
--cc=ard.biesheuvel@linaro.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=matt@codeblueprint.co.uk \
--cc=me@tobin.cc \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).