Removal of the kernel code/data/bss resources does break kexec/kdump

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2016-04-14 13:40, Linus Torvalds wrote:
> 
> Actually, %pK is horrible in /proc and /sys files, and does the wrong 
> thing.
> 

I agree with that, but for now there is no way to make things right in 
/proc or /sys.


> 
> A file access should use "file->f_cred", but the seq_file interface
> sadly doesn't expose any way to do that.
> 
> I'll take a look, but it's non-trivial to get right. %pK turns out to
> have been seriously mis-designed, and is basically almost always a
> bug.
> 
>           Linus

In another way, maybe it's good to remove code dependencies on /proc 
sensitive files like /proc/iomem.

Kees Coook: "it looks like at least Ubuntu's kernel security test suite
expects to find these entries (when it verifies that STRICT_DEVMEM
hasn't regressed)"

Freeman Zhang: "Removal of these information causes 'kexec/kdump' to 
fail in the newer
kernel"

Removing such dependencies would make things better and code/bss/data 
sections could be removed.





[Index of Archives]     [LM Sensors]     [Linux Sound]     [ALSA Users]     [ALSA Devel]     [Linux Audio Users]     [Linux Media]     [Kernel]     [Gimp]     [Yosemite News]     [Linux Media]

  Powered by Linux