Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp1310549imm; Fri, 27 Jul 2018 15:06:52 -0700 (PDT) X-Google-Smtp-Source: AAOMgpchyQ5gWseUtJjX+wn+Gw1kc5NElQ/0xCvZ4aUlUXIbExsZV7laSya+Gf3fzhKOkPRrhcpZ X-Received: by 2002:a63:d04f:: with SMTP id s15-v6mr7856324pgi.42.1532729212333; Fri, 27 Jul 2018 15:06:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1532729212; cv=none; d=google.com; s=arc-20160816; b=HiMgLRV2xYG6xSsPZaUDix6q3rFYdbbIto2z7O+ydLYM9CRu5FjqsCeQanxQ1d+PUF h3UodSRv2fbuvUhd+R9yMycHygHxcAlkQobdvP2Shn5AeVxJPBGYQ8KGnHme2r83Kw8j 53WFfVoFEGu16iDpdNr9xkIlRSgK567HO9mtaHci5VwF47PJIJk5rcRkhDqZ3HYixTuf I0bF9slgCKqGgE9rmCGL0snbunLelxgEb9EYqbjGBRPB108KClR+E5/1xyIDBrxPa+L9 N4WgZizOfHuXtfSkZqD/BszcIday4/jA5kcFBQ/xZhukXTXhRHRD+z8BoPdyzKUvITFv xSKQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:to :from:date:dkim-signature:arc-authentication-results; bh=A/sYL9Eg+X3Op7B7NPq9m4gWQhnM/AksD0oBmnrxtkc=; b=ZXq8Vq34h13fHcHwB+nUNXKfwCOW8fnSXuTIL4Llg/CZLvSdvlXnw8F0ZPuh7Yr9kp qnJ5E/AxZ6InWi+7RCpRDLauJCQ9JKCz6gqgxswSx5hB7utQAKIG/GX0nbTsJqAsP3+3 PCzsOdf0IKEP49Txlww7PilHy4NnCgOqQrCpKcwcVKJ7/E61gGo3lMwP7T9eJAwI1ACt km5UHxg/3noIs2hCzeq/vHIuiTflg1TfQysbVag0bU7VPSN5W/hx7vP+ve/NmRU0j4+a Dh+rSY02bgnOd3hs5c2jkoShoT2WN+/HHejNSW2DDmZsIqhfE2bnDG2crMMMbhiN70DY b67Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=IQM3EKEf; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n64-v6si4951191pgn.247.2018.07.27.15.06.36; Fri, 27 Jul 2018 15:06:52 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=IQM3EKEf; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2389112AbeG0X3j (ORCPT + 99 others); Fri, 27 Jul 2018 19:29:39 -0400 Received: from mail-pg1-f193.google.com ([209.85.215.193]:35381 "EHLO mail-pg1-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2389000AbeG0X3i (ORCPT ); Fri, 27 Jul 2018 19:29:38 -0400 Received: by mail-pg1-f193.google.com with SMTP id e6-v6so3964718pgv.2 for ; Fri, 27 Jul 2018 15:05:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=A/sYL9Eg+X3Op7B7NPq9m4gWQhnM/AksD0oBmnrxtkc=; b=IQM3EKEfHJP3tXAJtMn55y91XkvS/xE4Hx6DYV3OaOw4OlXbEgx5XXi9iM0QcdQ3Cu AYQ3PjNW/QR2qZXVW9wXpCnlmKd62WeNfEo3W6sTrk8333SiNQpou71c7BfdF4WmE7bh 4oKxiko2Hkl19EyXgJIZuIt3R4V2MkNCpwTCnhihZTodJ6GuUUfxh/cMS9HxgiTniliK hZJ6jwJcxiYbIPyvN078S//DdWMLu7DKNvVQSQdeKIKnIbyGAXUfuDFStXNLMh1/Le+G 9Y2tgsZplidYJgDOgQ936/RNaNkysk63OicEgxZjO8Qe0DC9fCEyRupB2oyQ9BfkX3pJ qnaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=A/sYL9Eg+X3Op7B7NPq9m4gWQhnM/AksD0oBmnrxtkc=; b=Jwl8gQ7+EvbsqKYplZx70OP2VjV+/Qp+GKt9YLVINoFLKzzOZluaTrZYiO/odWmqGR HzqYyoenwJfQ8X7rfsKCOh6KPq0BfkTFeKXA1+T4FfGc1kmvNi1QRZdQwk/4W7ivzC0S l2LYT/BhDRE9rEgxMhEOsuzHoMarlVDDzPdu0zIB/Gl+queb2D20PUtUgRCJcbuDd4nX i6l6pZ3bKkZZMaiV5NOZCj3QyuBpZNTqHCUchn4nFpf3W7n/gxqEnpmbggzBz6qXt12t wtLOyHAa6OzXlv73cf/I/+nC7Jgje4ZVO05sh772i2MzqfC1uVC1l1ai9kAZ0AufabIL pQhg== X-Gm-Message-State: AOUpUlFv0zjXI6P5J3yFLxryEAh1qG2zpyvRrMGlUPULn41RSubRiKPy XqS/ptrG+a6cPByT6GNuqraW8g== X-Received: by 2002:a62:8d84:: with SMTP id p4-v6mr8428075pfk.251.1532729145334; Fri, 27 Jul 2018 15:05:45 -0700 (PDT) Received: from localhost ([2620:0:1000:1600:6e29:33f4:7c9a:4918]) by smtp.gmail.com with ESMTPSA id o27-v6sm10831167pfj.35.2018.07.27.15.05.44 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 27 Jul 2018 15:05:44 -0700 (PDT) Date: Fri, 27 Jul 2018 15:05:43 -0700 From: Sandeep Patil To: "Theodore Y. Ts'o" , Steven Rostedt , Jann Horn , salyzyn@google.com, Nick Desaulniers , Golden_Miller83@protonmail.ch, Greg KH , Kees Cook , salyzyn@android.com, kernel list , Ingo Molnar , kernel-team@android.com, stable@vger.kernel.org, Kernel Hardening , Jeffrey Vander Stoep Subject: Re: [PATCH] tracing: do not leak kernel addresses Message-ID: <20180727220543.GT190909@sspatil-desktop.mtv.corp.google.com> References: <20180727094730.3a448629@gandalf.local.home> <20180727143141.4b53d554@gandalf.local.home> <20180727195416.GF13922@thunk.org> <20180727161103.797f12b7@gandalf.local.home> <20180727202114.GH13922@thunk.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180727202114.GH13922@thunk.org> User-Agent: Mutt/1.9.2 (2017-12-15) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jul 27, 2018 at 04:21:14PM -0400, Theodore Y. Ts'o wrote: > On Fri, Jul 27, 2018 at 04:11:03PM -0400, Steven Rostedt wrote: > > That said, I would assume that > > other Android utilities are using other debugfs files for system > > status and such. As of today, I think a lot of information in 'bugreports' is read out of debugfs (including things like binder stats). We do have a plan to change that. > > Yeah, I know we probably have lost the "debugfs is only for debugging > and has no place in a production system" battle, and we should just > move on and assume we need to completely harden all of debugfs. But > it's worth at least *asking* whether or not the use of debugfs for > Android can be avoided.... Indeed, I think it can. However, the problem is the last time I tried to remove this a whole bunch of things just broke. So, it wasn't about losing a functionality here and there. Agree, we need to clean up platform to not use debugfs first. Then we can expect Apps or other native processes to not rely on debugfs at all. The work is in progress..[1] - ssp 1] https://source.android.com/devices/architecture/kernel/modular-kernels#debugfs > > - Ted > > -- > You received this message because you are subscribed to the Google Groups "kernel-team" group. > To unsubscribe from this group and stop receiving emails from it, send an email to kernel-team+unsubscribe@android.com. >