On 11/10/13 at 06:21pm, H. Peter Anvin wrote: > On 11/10/2013 06:13 PM, Dave Young wrote: > > > > Huang Ying <ying.huang@xxxxxxxxx> created the debugfs file for boot_params. > > His first version patch tried sysfs, but sysfs is not designed for such > > binary blobs so finally it go to debugfs. > > > > That is a misunderstanding. Binary blobs can exist in sysfs as long as > the blob is something that is inherently a blob. This is admittedly a > corner case, but it is without any doubt a protocol-defined binary > structure. You are right. Greg objected that the whole structure being exported directly. > > The reason it was put in debugfs is that there was no non-debug user for > it at the time. Ok, I did not know this background. > > > Any idea for this is welcome, till now I have no better idea for such kind > > of data. We should have another *fs instead of using debugfs. > > The problem with debugfs is that things go into debugfs with largely no > auditing. As a result, mounting debugfs is very likely to mean that > your system is exploitable one way or another. Hmm, agree. Thanks for explaining about it. Thanks Dave -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
