Removal of the kernel code/data/bss resources does break kexec/kdump
Emrah Demir
ed at abdsec.com
Fri Apr 15 08:46:47 PDT 2016
On 2016-04-15 00:41, Kees Cook wrote:
> On Thu, Apr 14, 2016 at 6:02 PM, Linus Torvalds
> <torvalds at linux-foundation.org> wrote:
>> On Thu, Apr 14, 2016 at 1:27 PM, Emrah Demir <ed at abdsec.com> wrote:
>>> On 2016-04-14 13:40, Linus Torvalds wrote:
>> I've pushed out my attempt at fixing things properly. Please check
>> that kexec works - and if kexec ends up reading that file as non-root,
>> I don't know what to say/do.
>>
>> Here's the three relevant cases:
>>
>> cat /proc/iomem
>> sudo cat /proc/iomem
>> sudo cat < /proc/iomem
>>
>> and two of them will now show the resource ranges as just plain
>> zeroes. But yes, it needed extra infrastructure to be able to get this
>> right.
>>
>
> Yup, that's why I was saying I was going to try to cook something up
> for -next. It isn't a trivial change. :) Thanks for fixing it up!
>
file_ns_capable bring some problems. I used capable and now there is no
problem as far as I tested.
It'is attached.
Note: I couldn't write "Noted-by:, Reported-by:" Could you write them
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-proc-iomem-only-expose-physical-resource-addresses-t.patch
Type: text/x-diff
Size: 1918 bytes
Desc: not available
URL: <http://lists.infradead.org/pipermail/kexec/attachments/20160415/6793cdb9/attachment.bin>
More information about the kexec
mailing list