Re: [PATCH v5 1/3] Provide in-kernel headers to make extending kernel easier

[Greg Kroah-Hartman]

On Tue, Apr 16, 2019 at 08:33:06AM -0400, Steven Rostedt wrote:
> On Mon, 15 Apr 2019 22:50:10 -0500
> Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> 
> > On Mon, Apr 15, 2019 at 9:41 AM Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> > > I agree with this assessment. We shouldn't use config.gz as precedence
> > > for this solution. config.gz should have been in debugfs to begin with,
> > > but I don't believe debugfs was around when config.gz was introduced.
> > > (Don't have time to look into the history of the two).  
> > 
> > I don't agree with this: /proc/config.gz is used by a lot of tools
> > that do sanity-check of running systems. This isn't _debugging_...
> > it's verifying correct kernel builds. It's a fancy version of checking
> > /proc/version.
> > 
> 
> Then we should perhaps make a new file system call tarballs ;-)
> 
>  /sys/kernel/tarballs/
> 
> and place everything there. That way it removes it from /proc (which is
> the worse place for that) and also makes it something other than debug.
> That's what I did for tracefs.

As horrible as that suggestion is, it does kind of make sense :)

We can't put this in debugfs as that's only for debugging and systems
should never have that mounted for normal operations (users want to
build ebpf programs), and /proc really should be for processes but that
horse is long left the barn.

But, I'm willing to consider putting this either in a system-fs-like
filesystem, or just in sysfs itself, we do have /sys/kernel/ to play
around in if the main objection is that we should not be cluttering up
/proc with stuff like this.

thanks,

greg k-h