Re: [PATCH 25/27] debugfs: Restrict debugfs when the kernel is locked down

From: Greg Kroah-Hartman
Date: Mon Mar 25 2019 - 20:44:52 EST

Next message: Andrey Ignatov: "[PATCH v2 bpf-next 01/21] bpf: Add base proto function for cgroup-bpf programs"
Previous message: Andrey Ignatov: "[PATCH v2 bpf-next 00/21] bpf: Sysctl hook"
In reply to: Matthew Garrett: "Re: [PATCH 25/27] debugfs: Restrict debugfs when the kernel is locked down"
Next in thread: Matthew Garrett: "[PATCH 22/27] Lock down kprobes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Mar 25, 2019 at 05:38:09PM -0700, Matthew Garrett wrote:
> On Mon, Mar 25, 2019 at 5:35 PM Greg Kroah-Hartman
> <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
> > On Mon, Mar 25, 2019 at 03:09:52PM -0700, Matthew Garrett wrote:
> > > Normal device interaction should be done through configfs, sysfs or a
> > > miscdev, not debugfs.
> >
> > Then why not just not allow debugfs at all if it is such a "big
> > problem"?
>
> Previous attempts to do so have resulted in strong pushback from
> various maintainers. If you're happy just having any complaints
> reassigned to you then I'm more than happy to turn it off entirely.

Sure, send them my way :)

Next message: Andrey Ignatov: "[PATCH v2 bpf-next 01/21] bpf: Add base proto function for cgroup-bpf programs"
Previous message: Andrey Ignatov: "[PATCH v2 bpf-next 00/21] bpf: Sysctl hook"
In reply to: Matthew Garrett: "Re: [PATCH 25/27] debugfs: Restrict debugfs when the kernel is locked down"
Next in thread: Matthew Garrett: "[PATCH 22/27] Lock down kprobes"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]