On Thu, 2021-09-02 at 14:57 +0200, Greg KH wrote: [...] > Wait, why are you using securityfs for this? > > securityfs is for LSMs to use. No it isn't ... at least not exclusively; we use it for non LSM security purposes as well, like for the TPM BIOS log and for IMA. What makes you think we should start restricting securityfs to LSMs only? That's not been the policy up to now. > If you want your own filesystem to play around with stuff like this, > great, write your own, it's only 200 lines or less these days. We > used to do it all the time until people realized they should just use > sysfs for driver stuff. This is a security purpose (injected key retrieval), so securityfs seems to be the best choice. It's certainly possible to create a new filesystem, but I really think things with a security purpose should use securityfs so people know where to look for them. James > But this isn't a driver, so sure, add your own virtual filesystem, > mount it somewhere and away you go, no messing around with > securityfs, right? > > thanks, > > greg k-h
