Re: [PATCH] RAS/CEC: Move non-debug attributes out of debugfs
From: Borislav Petkov
Date: Thu Mar 23 2023 - 20:49:31 EST
On Thu, Mar 23, 2023 at 03:22:01PM -0500, kyle-meyer wrote:
> From: Kyle Meyer <kyle.meyer@xxxxxxx>
>
> When kernel lockdown is in effect, use of debugfs is not permitted. Move
> decay_interval and action_threshold out of debugfs, from debugfs/ras/cec
> to sysfs/system/devices/machinecheck/cec.
All those knobs are in debugfs because we wanted to discuss the proper
interface design first and only then cast them in stone. I guess that
has not happened yet.
What you're doing is certainly not what we had in mind so just because
some lockdown policy says so, is not good enough.
> diff --git a/arch/x86/kernel/cpu/mce/core.c b/arch/x86/kernel/cpu/mce/core.c
> index 2eec60f50057..1a3eaa501ae4 100644
> --- a/arch/x86/kernel/cpu/mce/core.c
> +++ b/arch/x86/kernel/cpu/mce/core.c
> @@ -2376,10 +2376,11 @@ static void mce_enable_ce(void *all)
> __mcheck_cpu_init_timer();
> }
>
> -static struct bus_type mce_subsys = {
> +struct bus_type mce_subsys = {
> .name = "machinecheck",
> .dev_name = "machinecheck",
> };
> +EXPORT_SYMBOL_GPL(mce_subsys);
Nope, this is not going to happen.
Besides, that error collector is used on x86 but it is generic enough so
that it can be used by other arches. So if anything, it should not be
exposed in the x86's "machinecheck" hierarchy but somewhere generic.
And until that proper interface has been hammered out, you can just as
well disable it in your lockdown configs.
Thx.
--
Regards/Gruss,
Boris.
https://people.kernel.org/tglx/notes-about-netiquette