Re: [PATCH v7 0/5] Add Intel IOMMU debugfs support

[Gary R Hook]

On 03/29/2018 03:48 AM, Joerg Roedel wrote:
> [ Adding Gary from AMD to Cc ]
>
> On Mon, Mar 19, 2018 at 09:37:14AM -0700, Jacob Pan wrote:
> > On Thu, 15 Mar 2018 14:18:54 +0100
> > Joerg Roedel <joro@xxxxxxxxxx> wrote:
> >
> > > On Thu, Feb 15, 2018 at 08:38:11AM -0800, Jacob Pan wrote:
> > > > Just wondering if your concern is on the implementation or the
> > > > debugfs idea in general. Perhaps have some common IOMMU debugfs?
> > >
> > > My concern mainly is that we add interfaces which reveal
> > > potentially security relevant information
> > I don;t think security is any worse than existing kernel page table in
> > debugfs. i.e. /sys/kernel/debug/page_tables
> > This is a debug feature.
>
> Okay, so here is the way to go: Please introduce a basic debugfs
> facility to the core iommu code. It should basically only create a
> 'iommu/' directory in debugfs where drivers can create their own
> sub-directories. This must be enabled by a new kconfig option
> (CONFIG_IOMMU_DEBUGFS) and the kernel should print a big fat warning at
> boot when it is enabled. This hopefully prevents anyone from enabling it
> for production kernels.

I'm halfway through this. Where would you like to place the invocation 
of the initialization function?

There's an iommu_init() in iommu.c, But it's a core_initcall, which 
doesn't seem like a good spot. Not knowing enough about bring-up here, 
Would adding another __init function be suitable?

Gary