Removal of the kernel code/data/bss resources does break kexec/kdump

Linus Torvalds torvalds at
Thu Apr 14 10:40:45 PDT 2016

On Thu, Apr 14, 2016 at 4:07 AM, Emrah Demir <ed at> wrote:
> Kees Cook proposed to write a %pK formatted patch. This would solve most of
> the problems.

Actually, %pK is horrible in /proc and /sys files, and does the wrong thing.

It uses the current creds for deciding what to do, which is exactly
the wrong thing (for all the usual reasons) for a file access from a
security standpoint. Sadly, almost every use of %pK gets this wrong.
Thankfully, it's much less of a problem for reads than for writes, but
it's still wrong.

A file access should use "file->f_cred", but the seq_file interface
sadly doesn't expose any way to do that.

I'll take a look, but it's non-trivial to get right. %pK turns out to
have been seriously mis-designed, and is basically almost always a


More information about the kexec mailing list