[PATCH 2/2] arm64: drop kernel segment resources from /proc/iomem

Ard Biesheuvel ard.biesheuvel at linaro.org
Thu Jun 16 10:28:59 PDT 2016


On 16 June 2016 at 19:21, Kees Cook <keescook at chromium.org> wrote:
> On Thu, Jun 16, 2016 at 5:32 AM, Ard Biesheuvel
> <ard.biesheuvel at linaro.org> wrote:
>> (+ James)
>>
>> On 16 June 2016 at 14:28, Ard Biesheuvel <ard.biesheuvel at linaro.org> wrote:
>>> By the same reasoning as commit c4004b02f8e5 ("x86: remove the kernel
>>> code/data/bss resources from /proc/iomem"), the kernel code and kernel
>>> data entries in /proc/iomem probably do more harm than good on arm64 as
>>> well. So remove them.
>>>
>>> Signed-off-by: Ard Biesheuvel <ard.biesheuvel at linaro.org>
>>
>>
>> Actually, Linus's patch above has been reverted again, so we have to
>> consider whether the kexec case exists for us as well before we
>> consider this
>>
>> Apologies for failing to spot that before sending
>
> Please leave this as it was originally. The security exposure has been
> minimized and it would make arm64 differ from all other architectures.
> If we remove this, it needs to be coordinated across all
> architectures.
>

OK, fair enough



More information about the linux-arm-kernel mailing list