[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 10 Nov 2013 18:21:09 -0800
From: "H. Peter Anvin" <hpa@...or.com>
To: Dave Young <dyoung@...hat.com>
CC: Matt Fleming <matt@...sole-pimps.org>,
linux-kernel@...r.kernel.org, linux-efi@...r.kernel.org,
x86@...nel.org, mjg59@...f.ucam.org,
James.Bottomley@...senPartnership.com, vgoyal@...hat.com,
ebiederm@...ssion.com, horms@...ge.net.au,
kexec@...ts.infradead.org, bp@...en8.de, Greg KH <greg@...ah.com>
Subject: Re: [patch 0/7 v2] kexec kernel efi runtime support
On 11/10/2013 06:13 PM, Dave Young wrote:
>
> Huang Ying <ying.huang@...el.com> created the debugfs file for boot_params.
> His first version patch tried sysfs, but sysfs is not designed for such
> binary blobs so finally it go to debugfs.
>
That is a misunderstanding. Binary blobs can exist in sysfs as long as
the blob is something that is inherently a blob. This is admittedly a
corner case, but it is without any doubt a protocol-defined binary
structure.
The reason it was put in debugfs is that there was no non-debug user for
it at the time.
> Any idea for this is welcome, till now I have no better idea for such kind
> of data. We should have another *fs instead of using debugfs.
The problem with debugfs is that things go into debugfs with largely no
auditing. As a result, mounting debugfs is very likely to mean that
your system is exploitable one way or another.
-hpa
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists