On Wed, Oct 03, 2018 at 11:06:33AM +0100, Sudeep Holla wrote:
> On Tue, Oct 02, 2018 at 06:37:43PM -0300, Mauro Carvalho Chehab wrote:

> > Even if it won't be possible to crash the Kernel or escalate
> > privileges, I suspect that several stuff in debugfs should never
> > be enabled on production systems, as they may reveal things like
> > memory addresses and other stuff that could be used to help someone
> > to crack a system.

> I completely agree with that. Recently I reviewed patches to support
> power management on some ARM platforms which had complete system clock
> control in debugfs. It even had access to many system controls that it
> can send to remote system control processor which we really don't want
> in production systems.

This is why I've always strongly resisted making it possible to write to
the regmap or regulator debugfs files; there is code for writing to the
regmap ones but you need to patch the kernel to enable it.