Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1250676imm;
        Fri, 27 Jul 2018 13:54:16 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpfyStZg+e6G8HVbD1soG7uVG4FuaTQsfJsRUP346u/YZUW1tkjSHo89lIb/EHoaOqZ4lMfi
X-Received: by 2002:a65:660a:: with SMTP id w10-v6mr7295111pgv.366.1532724856682;
        Fri, 27 Jul 2018 13:54:16 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1532724856; cv=none;
        d=google.com; s=arc-20160816;
        b=az+MWSxlaIxSueR+0Xdo5N/sh2C/v4x0zcbM4j+CdKgMX5DLIUx8J6bPIy06hUb/gl
         CHyqvQB1ThTc8s31MihXnx7K0mSzjaX7Wkej9E48rvnGzKGkZUmVkkSqcRDzJkX9yYPo
         FMJm4oBmNayH1sHgBVk3wFh9SEEadpzfSEZlyWTp2fbMC5xY9uimYT/nA5AzvYNQzaiK
         7ft7hBGYVHngBiy74YcxMgf8xXBaeyzZGiPkW57EqbLZdqtRVmvGj7MnVH0RzfcLK4jX
         8j06uPyRIZYi5iCuMZwkbSmRlgbuqdIsbBOjnl/2Kmw5/cJth8Iho9qoUDlX09AoK4oj
         hbpg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :references:in-reply-to:message-id:subject:cc:to:from:date
         :arc-authentication-results;
        bh=Pkh6fZObI93of5Le183Obi2TkynkFuazM81ujV60NTY=;
        b=twaoBJGpVoIket+UmwT2n9RnlOo+bbyieczDTYdqVCH2zl5FP5aO6eohPh88UuE2+M
         GLWPDGFx/ACu0gWO973lscuVCbMXvhpIT2ssZ9GeXBL5vYBamcFD53XVH2hMrnBVoOWF
         eBdvojhzDFqMfosdaTnVV+WM5VyNf9GnMBj0hsLz3pEeH8PLgyyL3WY9T/4krT5/NiR9
         GHVV9VhAlNyNsbfaVgQ4O51Ty/H1XJg1YwRtx+lwb9LNG8DuMyayadSU29E2BS+0D4BB
         pj8R1gV032KxJ0rFTdriqK9jjgpaH7WLbYsqgka/Sce5yW2km5eeW1LNm6tToVkwC/6R
         0FGw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c126-v6si4883396pfa.130.2018.07.27.13.54.01;
        Fri, 27 Jul 2018 13:54:16 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S2389523AbeG0WQv (ORCPT <rfc822;yxhlfx@gmail.com> + 99 others);
        Fri, 27 Jul 2018 18:16:51 -0400
Received: from mail.kernel.org ([198.145.29.99]:59048 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S2389266AbeG0WQv (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Fri, 27 Jul 2018 18:16:51 -0400
Received: from gandalf.local.home (cpe-66-24-56-78.stny.res.rr.com [66.24.56.78])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id 024B720647;
        Fri, 27 Jul 2018 20:53:12 +0000 (UTC)
Date:   Fri, 27 Jul 2018 16:53:11 -0400
From:   Steven Rostedt <rostedt@goodmis.org>
To:     "Theodore Y. Ts'o" <tytso@mit.edu>
Cc:     Jann Horn <jannh@google.com>, salyzyn@google.com,
        Nick Desaulniers <ndesaulniers@google.com>,
        Golden_Miller83@protonmail.ch, Greg KH <greg@kroah.com>,
        Kees Cook <keescook@google.com>, salyzyn@android.com,
        kernel list <linux-kernel@vger.kernel.org>,
        Ingo Molnar <mingo@redhat.com>, kernel-team@android.com,
        stable@vger.kernel.org,
        Kernel Hardening <kernel-hardening@lists.openwall.com>,
        Jeffrey Vander Stoep <jeffv@google.com>
Subject: Re: [PATCH] tracing: do not leak kernel addresses
Message-ID: <20180727165311.48b33a3f@gandalf.local.home>
In-Reply-To: <20180727202114.GH13922@thunk.org>
References: <753E9YR1QhdsPhsFoYuXCwfUzfyntDrc_A93hMUkktMi7lbh3KUZMcbfqKVWUfi15zYhuiDFant-ROa4QNV5shx74ff4hGngq2BOJDv-hq4=@protonmail.ch>
        <CAG48ez1U=5nTOrnOqwMuXhdER-7XxJUYLcyYNuczwasQLQ0gXA@mail.gmail.com>
        <20180727094730.3a448629@gandalf.local.home>
        <CAKwvOdmg4DSSwy9YBccYWzc+6ZU2yKSSFmfnj72wqbYDJU0gzw@mail.gmail.com>
        <20180727143141.4b53d554@gandalf.local.home>
        <CAMx4XWv3OazvURuN1XU2+5C5tNDzPuTniMn_T=XTA4P8_uwS_A@mail.gmail.com>
        <CAG48ez25zgjTQRux_rk1fn2DUVthtK31dRU9cxE+55pBGmYjXQ@mail.gmail.com>
        <CAG48ez1MdupASE1DMt0OWXv+rqZO-2GAbfDthEQcvNXrc2pTsQ@mail.gmail.com>
        <20180727195416.GF13922@thunk.org>
        <20180727161103.797f12b7@gandalf.local.home>
        <20180727202114.GH13922@thunk.org>
X-Mailer: Claws Mail 3.16.0 (GTK+ 2.24.32; x86_64-pc-linux-gnu)
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, 27 Jul 2018 16:21:14 -0400
"Theodore Y. Ts'o" <tytso@mit.edu> wrote:

> On Fri, Jul 27, 2018 at 04:11:03PM -0400, Steven Rostedt wrote:
> > That said, I would assume that
> > other Android utilities are using other debugfs files for system
> > status and such.  
> 
> Yeah, I know we probably have lost the "debugfs is only for debugging
> and has no place in a production system" battle, and we should just
> move on and assume we need to completely harden all of debugfs.  But
> it's worth at least *asking* whether or not the use of debugfs for
> Android can be avoided....

Perhaps we should have a way to disable directories in debugfs at boot?
That way, people can only have what is needed. The reason I created
tracefs, is because I was asked to so that tracing utilities could be
enabled without bringing in all of debugfs itself. But now it appears
there's more there that makes it have to be mounted.

-- Steve