From: Steven Rostedt <rostedt@goodmis.org>
To: Henrique de Moraes Holschuh <hmh@hmh.eng.br>
Cc: Dan Carpenter <error27@gmail.com>, Greg KH <gregkh@suse.de>,
Kees Cook <kees.cook@canonical.com>,
linux-kernel@vger.kernel.org, Eugene Teo <eugeneteo@kernel.sg>,
Ralph Campbell <infinipath@qlogic.com>,
Roland Dreier <roland@kernel.org>,
Sean Hefty <sean.hefty@intel.com>,
Hal Rosenstock <hal.rosenstock@gmail.com>,
Jeremy Fitzhardinge <jeremy.fitzhardinge@citrix.com>,
Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>,
Alexander Viro <viro@zeniv.linux.org.uk>,
Miklos Szeredi <miklos@szeredi.hu>,
"J. Bruce Fields" <bfields@fieldses.org>,
Neil Brown <neilb@suse.de>, Matthew Wilcox <matthew@wil.cx>,
James Morris <jmorris@namei.org>,
Stephen Smalley <sds@tycho.nsa.gov>,
Eric Paris <eparis@parisplace.org>,
Nick Piggin <npiggin@kernel.dk>, Arnd Bergmann <arnd@arndb.de>,
Ian Campbell <ian.campbell@citrix.com>,
Jarkko Sakkinen <ext-jarkko.2.sakkinen@nokia.com>,
Tejun Heo <tj@kernel.org>,
Casey Schaufler <casey@schaufler-ca.com>
Subject: Re: [PATCH 2/2] debugfs: only allow root access to debugging interfaces
Date: Thu, 24 Feb 2011 11:38:44 -0500 [thread overview]
Message-ID: <20110224163844.GC888@home.goodmis.org> (raw)
In-Reply-To: <20110222205847.GA1867@khazad-dum.debian.net>
On Tue, Feb 22, 2011 at 05:58:47PM -0300, Henrique de Moraes Holschuh wrote:
>
> I do wish this went in. debugfs is a hazard, both security-wise and
> kernel-quality wise. Anything that has to end up enabled in a distro
> kernel really does not belong in debugfs. In fact, if you would object
> to a kernel taint if a feature is used, IMO it certainly don't belong on
> debugfs.
>
As I am one of the culprits of adding tool interfaces into debugfs, I'll
give my opinion too.
When I first started using debugfs, it was because it was so much easier
to add files to than /sys, and I remember /proc is something we do not
want to add more functionality to.
It was also because we had no idea how ftrace was going to be used and
what the final ABI was going to be. I was hoping that we can experiment
with the interface and after some time we could move it out of debugfs
with a stable ABI. But this, for various reasons, never materialized.
Currently things are still in a large flux, and I do not know how this
will play out. Although the changes in /debugfs/tracing has toned down a
lot, there's also the work going in on how to merge perf and ftrace.
This may start changes as well, and perhaps deprecate interfaces. I
don't know.
Having debugfs as the main interface was not the goal of all this, but
we seemed to have just gotten stuck with it.
-- Steve
next prev parent reply other threads:[~2011-02-24 16:38 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-02-22 18:09 [PATCH 1/2] fs: pass root inode mode to simple_fill_super Kees Cook
2011-02-22 18:09 ` [PATCH 2/2] debugfs: only allow root access to debugging interfaces Kees Cook
2011-02-22 18:16 ` Kees Cook
2011-02-22 18:32 ` David Daney
2011-02-22 18:47 ` Kees Cook
2011-02-22 19:14 ` Greg KH
2011-02-22 19:25 ` Kees Cook
2011-02-22 19:34 ` Alan Cox
2011-02-22 19:50 ` Kees Cook
2011-02-22 19:53 ` David Daney
2011-02-22 20:16 ` Greg KH
2011-02-22 20:28 ` Kees Cook
2011-02-22 20:37 ` Greg KH
2011-02-22 20:54 ` Kees Cook
2011-02-25 0:22 ` Kees Cook
2011-02-25 0:35 ` Greg KH
2011-02-25 1:12 ` Kees Cook
2011-02-25 3:31 ` Greg KH
2011-02-25 3:39 ` Al Viro
2011-02-22 19:54 ` Kees Cook
2011-02-22 19:43 ` Greg KH
2011-02-22 19:13 ` Greg KH
2011-02-22 19:22 ` Kees Cook
2011-02-22 19:33 ` Greg KH
2011-02-22 20:29 ` Dan Carpenter
2011-02-22 20:33 ` Kees Cook
2011-02-22 20:58 ` Henrique de Moraes Holschuh
2011-02-24 16:38 ` Steven Rostedt [this message]
2011-02-24 17:34 ` Henrique de Moraes Holschuh
2011-02-26 11:50 ` Arnd Bergmann
2011-02-25 19:56 ` Greg KH
2011-02-25 20:40 ` Hugh Dickins
2011-02-25 20:57 ` Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110224163844.GC888@home.goodmis.org \
--to=rostedt@goodmis.org \
--cc=arnd@arndb.de \
--cc=bfields@fieldses.org \
--cc=casey@schaufler-ca.com \
--cc=eparis@parisplace.org \
--cc=error27@gmail.com \
--cc=eugeneteo@kernel.sg \
--cc=ext-jarkko.2.sakkinen@nokia.com \
--cc=gregkh@suse.de \
--cc=hal.rosenstock@gmail.com \
--cc=hmh@hmh.eng.br \
--cc=ian.campbell@citrix.com \
--cc=infinipath@qlogic.com \
--cc=jeremy.fitzhardinge@citrix.com \
--cc=jmorris@namei.org \
--cc=kees.cook@canonical.com \
--cc=konrad.wilk@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=matthew@wil.cx \
--cc=miklos@szeredi.hu \
--cc=neilb@suse.de \
--cc=npiggin@kernel.dk \
--cc=roland@kernel.org \
--cc=sds@tycho.nsa.gov \
--cc=sean.hefty@intel.com \
--cc=tj@kernel.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox