On Sat, Nov 19, 2022 at 01:20:09AM -0500, Nayna wrote: > > On 11/17/22 16:27, Greg Kroah-Hartman wrote: > > On Mon, Nov 14, 2022 at 06:03:43PM -0500, Nayna wrote: > > > On 11/10/22 04:58, Greg Kroah-Hartman wrote: > > > > On Wed, Nov 09, 2022 at 03:10:37PM -0500, Nayna wrote: > > > > > On 11/9/22 08:46, Greg Kroah-Hartman wrote: > > > > > > On Sun, Nov 06, 2022 at 04:07:42PM -0500, Nayna Jain wrote: > > > > > > > securityfs is meant for Linux security subsystems to expose policies/logs > > > > > > > or any other information. However, there are various firmware security > > > > > > > features which expose their variables for user management via the kernel. > > > > > > > There is currently no single place to expose these variables. Different > > > > > > > platforms use sysfs/platform specific filesystem(efivarfs)/securityfs > > > > > > > interface as they find it appropriate. Thus, there is a gap in kernel > > > > > > > interfaces to expose variables for security features. > > > > > > > > > > > > > > Define a firmware security filesystem (fwsecurityfs) to be used by > > > > > > > security features enabled by the firmware. These variables are platform > > > > > > > specific. This filesystem provides platforms a way to implement their > > > > > > > own underlying semantics by defining own inode and file operations. > > > > > > > > > > > > > > Similar to securityfs, the firmware security filesystem is recommended > > > > > > > to be exposed on a well known mount point /sys/firmware/security. > > > > > > > Platforms can define their own directory or file structure under this path. > > > > > > > > > > > > > > Example: > > > > > > > > > > > > > > # mount -t fwsecurityfs fwsecurityfs /sys/firmware/security > > > > > > Why not juset use securityfs in /sys/security/firmware/ instead? Then > > > > > > you don't have to create a new filesystem and convince userspace to > > > > > > mount it in a specific location? > > > > > From man 5 sysfs page: > > > > > > > > > > /sys/firmware: This subdirectory contains interfaces for viewing and > > > > > manipulating firmware-specific objects and attributes. > > > > > > > > > > /sys/kernel: This subdirectory contains various files and subdirectories > > > > > that provide information about the running kernel. > > > > > > > > > > The security variables which are being exposed via fwsecurityfs are managed > > > > > by firmware, stored in firmware managed space and also often consumed by > > > > > firmware for enabling various security features. > > > > Ok, then just use the normal sysfs interface for /sys/firmware, why do > > > > you need a whole new filesystem type? > > > > > > > > > From git commit b67dbf9d4c1987c370fd18fdc4cf9d8aaea604c2, the purpose of > > > > > securityfs(/sys/kernel/security) is to provide a common place for all kernel > > > > > LSMs. The idea of > > > > > fwsecurityfs(/sys/firmware/security) is to similarly provide a common place > > > > > for all firmware security objects. > > > > > > > > > > /sys/firmware already exists. The patch now defines a new /security > > > > > directory in it for firmware security features. Using /sys/kernel/security > > > > > would mean scattering firmware objects in multiple places and confusing the > > > > > purpose of /sys/kernel and /sys/firmware. > > > > sysfs is confusing already, no problem with making it more confusing :) > > > > > > > > Just document where you add things and all should be fine. > > > > > > > > > Even though fwsecurityfs code is based on securityfs, since the two > > > > > filesystems expose different types of objects and have different > > > > > requirements, there are distinctions: > > > > > > > > > > 1. fwsecurityfs lets users create files in userspace, securityfs only allows > > > > > kernel subsystems to create files. > > > > Wait, why would a user ever create a file in this filesystem? If you > > > > need that, why not use configfs? That's what that is for, right? > > > The purpose of fwsecurityfs is not to expose configuration items but rather > > > security objects used for firmware security features. I think these are more > > > comparable to EFI variables, which are exposed via an EFI-specific > > > filesystem, efivarfs, rather than configfs. > > > > > > > > 2. firmware and kernel objects may have different requirements. For example, > > > > > consideration of namespacing. As per my understanding, namespacing is > > > > > applied to kernel resources and not firmware resources. That's why it makes > > > > > sense to add support for namespacing in securityfs, but we concluded that > > > > > fwsecurityfs currently doesn't need it. Another but similar example of it > > > > > is: TPM space, which is exposed from hardware. For containers, the TPM would > > > > > be made as virtual/software TPM. Similarly for firmware space for > > > > > containers, it would have to be something virtualized/software version of > > > > > it. > > > > I do not understand, sorry. What does namespaces have to do with this? > > > > sysfs can already handle namespaces just fine, why not use that? > > > Firmware objects are not namespaced. I mentioned it here as an example of > > > the difference between firmware and kernel objects. It is also in response > > > to the feedback from James Bottomley in RFC v2 [https://lore.kernel.org/linuxppc-dev/41ca51e8db9907d9060cc38adb59a66dcae4c59b.camel@xxxxxxxxxxxxxxxxxxxxx/]. > > I do not understand, sorry. Do you want to use a namespace for these or > > not? The code does not seem to be using namespaces. You can use sysfs > > with, or without, a namespace so I don't understand the issue here. > > > > With your code, there is no namespace. > > You are correct. There's no namespace for these. So again, I do not understand. Do you want to use filesystem namespaces, or do you not? How again can you not use sysfs or securityfs due to namespaces? What is missing? confused, greg k-h
