aboutsummaryrefslogtreecommitdiff
path: root/fs/affs
diff options
context:
space:
mode:
authorPeter Enderborg2020-07-16 09:15:11 +0200
committerGreg Kroah-Hartman2020-07-23 17:10:25 +0200
commita24c6f7bc923d5e2f3139855eb09b0d480d6b410 (patch)
treef96b6939d66e6cb438690706dcb76b7e2a948f73 /fs/affs
parent072e133d554bb74929f902582c8cf66d9fd12771 (diff)
debugfs: Add access restriction option
Since debugfs include sensitive information it need to be treated carefully. But it also has many very useful debug functions for userspace. With this option we can have same configuration for system with need of debugfs and a way to turn it off. This gives a extra protection for exposure on systems where user-space services with system access are attacked. It is controlled by a configurable default value that can be override with a kernel command line parameter. (debugfs=) It can be on or off, but also internally on but not seen from user-space. This no-mount mode do not register a debugfs as filesystem, but client can register their parts in the internal structures. This data can be readed with a debugger or saved with a crashkernel. When it is off clients get EPERM error when accessing the functions for registering their components. Signed-off-by: Peter Enderborg <peter.enderborg@sony.com> Link: https://lore.kernel.org/r/20200716071511.26864-3-peter.enderborg@sony.com Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs/affs')
0 files changed, 0 insertions, 0 deletions