lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Fri, 22 Feb 2019 08:16:16 +0100
From:   Greg KH <gregkh@...uxfoundation.org>
To:     Laurent Pinchart <laurent.pinchart@...asonboard.com>
Cc:     Bjorn Andersson <bjorn.andersson@...aro.org>,
        Vaishali Thakkar <vaishali.thakkar@...aro.org>,
        andy.gross@...aro.org, david.brown@...aro.org,
        linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org,
        rafael@...nel.org, vkoul@...nel.org
Subject: Re: [PATCH v2 3/5] soc: qcom: socinfo: Expose custom attributes

On Fri, Feb 22, 2019 at 12:13:59AM +0200, Laurent Pinchart wrote:
> Hi Bjorn,
> 
> On Thu, Feb 21, 2019 at 07:57:42AM -0800, Bjorn Andersson wrote:
> > On Thu 21 Feb 04:18 PST 2019, Laurent Pinchart wrote:
> > 
> > > Hi Vaishali,
> > > 
> > > Thank you for the patch.
> > > 
> > > On Wed, Feb 20, 2019 at 10:28:29AM +0530, Vaishali Thakkar wrote:
> > > > The Qualcomm socinfo provides a number of additional attributes,
> > > > add these to the socinfo driver and expose them via debugfs
> > > > functionality.
> > > 
> > > What is the use case for these attributes ? I fear they will be used in
> > > production systems, and that would require debugfs in production, which
> > > isn't a good idea. If you need to expose those attributes for anything
> > > else than debugging then we need a proper API, likely sysfs-based.
> > 
> > The use case of these attributes, beyond development/debugging, are
> > unfortunately somewhat unknown and is the reason why they where moved to
> > debugfs from the earlier attempts to upstream this.
> > 
> > I think the production requirements at hand prohibits debugfs to be
> > present, so attributes that are required beyond development/debugging
> > purposes would have to be migrated out to sysfs - but the idea here is
> > that such migration would have come with the missing motivation to add
> > them there today.
> 
> If the use case is just debug/development, would it be enough to print
> this information in the kernel log at boot time ? I may be a bit
> paranoid, but I always worry about API abuse :-(

Putting stuff in debugfs should be fine.  No system should ever rely on
debugfs for a properly running system as it is being disabled on almost
all "sane" systems (Android included).  If a vendor relies on this
information for a properly working system, then it does not belong in
debugfs.

thanks,

greg k-h

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ