Removal of the kernel code/data/bss resources does break kexec/kdump
ed at abdsec.com
Fri Apr 15 08:46:47 PDT 2016
On 2016-04-15 00:41, Kees Cook wrote:
> On Thu, Apr 14, 2016 at 6:02 PM, Linus Torvalds
> <torvalds at linux-foundation.org> wrote:
>> On Thu, Apr 14, 2016 at 1:27 PM, Emrah Demir <ed at abdsec.com> wrote:
>>> On 2016-04-14 13:40, Linus Torvalds wrote:
>> I've pushed out my attempt at fixing things properly. Please check
>> that kexec works - and if kexec ends up reading that file as non-root,
>> I don't know what to say/do.
>> Here's the three relevant cases:
>> cat /proc/iomem
>> sudo cat /proc/iomem
>> sudo cat < /proc/iomem
>> and two of them will now show the resource ranges as just plain
>> zeroes. But yes, it needed extra infrastructure to be able to get this
> Yup, that's why I was saying I was going to try to cook something up
> for -next. It isn't a trivial change. :) Thanks for fixing it up!
file_ns_capable bring some problems. I used capable and now there is no
problem as far as I tested.
Note: I couldn't write "Noted-by:, Reported-by:" Could you write them
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1918 bytes
Desc: not available
More information about the kexec