| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 26 Jan 2015 19:30:49 +0000 From: Al Viro <viro@...IV.linux.org.uk> To: Steven Rostedt <rostedt@...dmis.org> Cc: linux-kernel@...r.kernel.org, Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Ingo Molnar <mingo@...nel.org>, Andrew Morton <akpm@...ux-foundation.org> Subject: Re: [PATCH 00/16 v3] tracing: Add new file system tracefs On Mon, Jan 26, 2015 at 10:09:13AM -0500, Steven Rostedt wrote: > There has been complaints that tracing is tied too much to debugfs, > as there are systems that would like to perform tracing, but do > not mount debugfs for security reasons. That is because any subsystem > may use debugfs for debugging, and these interfaces are not always > tested for security. > > Creating a new tracefs that the tracing directory will now be attached > to allows system admins the ability to access the tracing directory > without the need to mount debugfs. > > Another advantage is that debugfs does not support the system calls > for mkdir and rmdir. Tracing uses these system calls to create new > instances for sub buffers. This was done by a hack that hijacked the > dentry ops from the "instances" debugfs dentry, and replacing it with > one that could work. > > Instead of using this hack, tracefs can provide a proper interface to > allow the tracing system to have a mkdir and rmdir feature. > > To maintain backward compatibility with older tools that expect that > the tracing directory is mounted with debugfs, the tracing directory > is still created under debugfs and tracefs is automatically mounted > there. > > Finally, a new directory is created when tracefs is enabled called > /sys/kernel/tracing. This will be the new location that system admins > may mount tracefs if they are not using debugfs. You are still fighting an inconvenient API, but now it's not debugfs one - it's your copy thereof. Why not give your instances/ an inode_operations of its own? One with ->mkdir() and ->rmdir(), leaving all other directories as-is. That way you don't need the secondary methods at all. And sure, debugfs_create_dir() grabs ->i_mutex on parent, making you drop that in your ->mkdir() if you want to call it. But now you are not talking to it - just to your own code, where you are free to change the calling conventions, making it caller's responsibility to get that ->i_mutex. The same goes for the rmdir side... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists