Received: by 2002:a25:e74b:0:0:0:0:0 with SMTP id e72csp922607ybh; Wed, 15 Jul 2020 20:31:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJywBKRf0r7oTK+5gFToUFITZ5WjbkBBQ0PKBhIdETzHkL7verRqTx5bkKqE5m8UVzvJYPih X-Received: by 2002:a17:906:35cd:: with SMTP id p13mr1918320ejb.172.1594870278625; Wed, 15 Jul 2020 20:31:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1594870278; cv=none; d=google.com; s=arc-20160816; b=cySZlT3A3SgxUudYwwV+E+IejdN5KOFKBfuBWREQnS2krlmEMa/2v+uK/d8LoYGwAm 7oeLjaOLYUdC9HEUiqwrYuOv8dHuXtAvATIQVN7hqU1o8wCnaUTNDlW5ShcJtTXcTaNG Sqm7amSyN1sB/vv8yXCwPPzcu0p0LC4fv9ia5To5bcS6ijTuCO7fN+BNwVYuVfEUlAIP R9N1MC2ovZKn0VJ16ispGuQwlb2/NyL673jRAYU0bZo+4SX4r0fKszvvI+0T0ExMLyMj k49HEtYw6O6MAe69pTdmNtD8odOxB6zO+TMw2b0UcfiHo+s4UPO76OLhvoJOnus2L3Ai 3B8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:to:subject:dkim-signature; bh=aD++24wBmVuc2EotWw1YQ1q68FR+577+Zt1OtHbnPF0=; b=D0mn0bOWbSbCEbbpajpmwMRGjZiosqBRoufTp/kUG0id3TPKHezdCleGe+YoNj/ayN R2Cnojhk1K/nDDbxjs/roLrUWkaKgqyQApg2SrJZxeER5i4LIOdYrraGW0aOWzqwM+Co OBnFZE62KsM3TOV+drohujNs1DP0fP4CVi/QGBUd68DJe7NPh0xuvtxp51zwU6qRTGCp MhLMg85ttK2iupYFX92hMcN8waTDVs4+59G40EuqI96KZWNIBGHY+mjFeIOrswYxu52f fOF0P607cdrWZtyHrbanAOZFH/OkYdyZ2wzRxHJlhkqukLnij/l+36zYgmuntNpBjsiS ICYw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=merlin.20170209 header.b=cXE2TeIt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v20si2311310ejx.754.2020.07.15.20.30.52; Wed, 15 Jul 2020 20:31:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=merlin.20170209 header.b=cXE2TeIt; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727105AbgGPDag (ORCPT + 99 others); Wed, 15 Jul 2020 23:30:36 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:58788 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726989AbgGPDaf (ORCPT ); Wed, 15 Jul 2020 23:30:35 -0400 Received: from merlin.infradead.org (merlin.infradead.org [IPv6:2001:8b0:10b:1231::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 59F00C061755; Wed, 15 Jul 2020 20:30:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=merlin.20170209; h=Content-Transfer-Encoding:Content-Type: In-Reply-To:MIME-Version:Date:Message-ID:From:References:To:Subject:Sender: Reply-To:Cc:Content-ID:Content-Description; bh=aD++24wBmVuc2EotWw1YQ1q68FR+577+Zt1OtHbnPF0=; b=cXE2TeItmlXQARqBs2DUWaNIp0 6wBQCYB1RKIOFrBosBUFM6IN0gZ186A3iZhorlNLxt+W7L+3eBrpU/a7O6NS9qLtWs9slSYRlVbdI tNcYeXyu4sTxRNBUQJBNlbHUdvzqGPEM09/a3BQKydA/cqssMETV/+6w5wS1rZK+Si3QnoRjruhXK jXyQQjRiqYBJNr9W9gzX/5+BF9OpDOSDbWHYIo/6B7nBMycQIbPoQmBTbhtzHPIa5rPks+DTKfMeI l+K2Boh2B0QJ21W22w30ffc0ZwPs06qY3z/lMpgJhXrSKCaMunlZuQ1rDBQQ0aheDguwOg8iZuVIk mNnC6qDQ==; Received: from [2601:1c0:6280:3f0::19c2] by merlin.infradead.org with esmtpsa (Exim 4.92.3 #3 (Red Hat Linux)) id 1jvubN-0008De-Vq; Thu, 16 Jul 2020 03:30:30 +0000 Subject: Re: [PATCH 2/2] debugfs: Add access restriction option To: Peter Enderborg , Greg Kroah-Hartman , linux-kernel@vger.kernel.org, "Rafael J . Wysocki" , Andrew Morton , Jonathan Corbet , linux-doc@vger.kernel.org, Steven Rostedt , Ingo Molnar References: <20200617133738.6631-1-peter.enderborg@sony.com> <20200715152529.11223-1-peter.enderborg@sony.com> <20200715152529.11223-3-peter.enderborg@sony.com> From: Randy Dunlap Message-ID: Date: Wed, 15 Jul 2020 20:30:24 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.9.0 MIME-Version: 1.0 In-Reply-To: <20200715152529.11223-3-peter.enderborg@sony.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On 7/15/20 8:25 AM, Peter Enderborg wrote: > diff --git a/lib/Kconfig.debug b/lib/Kconfig.debug > index 9ad9210d70a1..aec81f38bfce 100644 > --- a/lib/Kconfig.debug > +++ b/lib/Kconfig.debug > @@ -476,6 +476,38 @@ config DEBUG_FS > > If unsure, say N. > > +choice > + prompt "Debugfs default access" > + depends on DEBUG_FS > + default DEBUG_FS_ALLOW_ALL > + help > + This select the default access restricions for debugfs. selects restrictions > + It can be overridden with kernel command line option > + debugfs=[on,no-mount,off] The restrictions apply for API access ,off]. The > + and filesystem registration. . > + > +config DEBUG_FS_ALLOW_ALL > + bool "Access normal" > + help > + No restrictions applies. Both API and filesystem registration apply. > + is on. This is the normal default operation. > + > +config DEBUG_FS_DISALLOW_MOUNT > + bool "Do not register debugfs as filesystem" > + help > + The API is open but filesystem not loaded. Client can still do > + their work and readed with debug tools that does not need and read that do not need > + debugfs filesystem. > + > +config DEBUG_FS_ALLOW_NONE > + bool "No access" > + help > + Access is off. Clients get EPERM when trying to create nodes in -EPERM > + debugfs tree and debugfs is not registred as an filesystem. registered as a filesystem. > + Client can then back-off or continue without debugfs access. > + > +endchoice Also, in many places in this Kconfig file, the indentation needs to be fixed. Some lines use spaces instead of one tab for indentation. Help text (under "help") should be indented with one tab + 2 spaces. -- ~Randy